Re: [OE-core] [PATCH v2] create-spdx: add support for SDKs
On Thursday, 27 January 2022 07:16:48 NZDT Andres Beltran wrote: > Currently, SPDX SBOMs are only created for images. Add support for > SDKs. Fix json indent when outputting SBOMs for better readability. Hey folks, gentle ping on this patch - any comments? Thanks Paul -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161634): https://lists.openembedded.org/g/openembedded-core/message/161634 Mute This Topic: https://lists.openembedded.org/mt/88703214/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [poky][master][PATCHv2] buildhistory.bbclass: Enable exporting more recipe and package data
On Thursday, 10 February 2022 04:34:16 NZDT Richard Purdie wrote: > On Wed, 2022-02-09 at 14:27 +, mikko.rap...@bmw.de wrote: > > On Wed, Feb 09, 2022 at 01:40:22PM +, Richard Purdie wrote: > > > On Wed, 2022-02-09 at 13:27 +, mikko.rap...@bmw.de wrote: > > > > Hi, > > > > > > > > On Wed, Feb 09, 2022 at 12:23:39PM +, Richard Purdie wrote: > > > > > People have requested changes like this before and I rejected it as > > > > > I'm worried that allowing people to customise this code will just > > > > > fork the project into many different directions. > > > > > > > > It's the other way round. There are a lot of needs to extract metadata > > > > from > > > > build system into something where reports can be generated. > > > > > > I don't doubt that however buildhistory was written for a specific > > > purpose and if we start adding the ability to customise it heavily we > > > lose the ability for comparisions to be made, or sstate reuse and so > > > on. > > > > > > I'm partly channelling the original author's views on this since they > > > had some very specific thoughts on this change. I do sometimes wonder > > > if I should continue doing that though :/. > > > > Then how should yocto users export CVE_NAME, LICENSE, PN, PV, SRC_URI etc > > from the build system to generate SW bill of materials (BOM) for their > > product and track progress? > > > > Yes, SPDX can be the other answer but I don't find that human readable or > > working out of the box atm. > > buildhistory was not intended for SBOM generation, that is what create-spdx > is being developed for. They have two quite different intentions and trying > to turn one into the other is why I have concerns about this patch. > > For example, of we did go this way, next, we may need to either write a > converter of buildhistory to SPDX format, or change buildhistory to use SPDX > format so that it has a standard SBOM output form. This is not the > direction we want/need to go. FWIW I'll just chime in here as the original author[1] and say I agree with Richard. If folks are needing an alternative SBOM generation mechanism to SPDX, or have other use cases for extracting build information, then I'd prefer we take a step back and design such a thing properly. The original idea was (1) to expose changes in the output that might not readily apparent otherwise, and (2) expose selected "input" values that would (or could) materially influence the output, so you hopefully have a ready explanation for why an image / package increased in size or dependencies got added etc. I will accept that over time buildhistory has added things here and there that further the idea of using it for SBOM, folks no doubt have been using these for such purposes, and I'm not 100% opposed to making small additions where they make sense. However, even with this proposed extension, buildhistory is still not capable of recording sufficient information that (I believe) is expected in a modern SBOM - for example, the list of patches applied / CVEs resolved as a result - and I don't think it would be wise to extend it to do so. We certainly don't want to give folks the idea that buildhistory is good enough to resolve their SBOM requirements when we haven't designed it to do so, particularly as for many folks there are legal and regulatory concerns involved. Cheers Paul [1] based upon the earlier testlab and packagehistory classes that were written by others -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161633): https://lists.openembedded.org/g/openembedded-core/message/161633 Mute This Topic: https://lists.openembedded.org/mt/89018266/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2] ed: upgrade 1.17 -> 1.18
License-Update:
year updated to 2022.
license changed from GPLv3+ to GPLv2.
(In version 1.5 the maintainer mistakenly changed the copyright holder from
Andrew Moore to the FSF. In versions 1.18 he restored the original COPYING.)
Changelog:
=
* main_loop.c (get_shell_command): Flush stdout after printing cmd.
* signal.c (sighup_handler): Fix a memory leak just before exiting.
* carg_parser.c (ap_init): Likewise.
* io.c (read_file, write_file): Check ptr returned by strip_escapes.
* main_loop.c (get_shell_command, exec_command): Likewise.
* main_loop.c (get_shell_command): Remove backslash from escaped '%'.
* main_loop.c, regex.c: Implement case-insensitive REs.
* regex.c (compile_regex): Don't overwrite previous regex if error.
* main.c: New option '--strip-trailing-cr'.
* buffer.c (push_undo_atom): Fail if stack grows larger than INT_MAX.
(too_many_lines): Fail if buffer grows larger than INT_MAX lines.
* global.c (set_active_node): Fail if list grows larger than INT_MAX.
* signal.c (resize_buffer): Fail if a line grows longer than INT_MAX.
* io.c (read_file): Return -2 for fatal errors.
* main_loop.c (main_loop): Set error status if fatal error from main.
* main.c [restricted_]: New message "Directory access restricted".
* ed.texi: New chapter "The 's' Command".
* COPYING: Restored.
Signed-off-by: Wang Mingyu
---
meta/recipes-extended/ed/{ed_1.17.bb => ed_1.18.bb} | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
rename meta/recipes-extended/ed/{ed_1.17.bb => ed_1.18.bb} (73%)
diff --git a/meta/recipes-extended/ed/ed_1.17.bb
b/meta/recipes-extended/ed/ed_1.18.bb
similarity index 73%
rename from meta/recipes-extended/ed/ed_1.17.bb
rename to meta/recipes-extended/ed/ed_1.18.bb
index addf652d52..c1ab1f5ecb 100644
--- a/meta/recipes-extended/ed/ed_1.17.bb
+++ b/meta/recipes-extended/ed/ed_1.18.bb
@@ -2,10 +2,10 @@ SUMMARY = "Line-oriented text editor"
HOMEPAGE = "http://www.gnu.org/software/ed/;
DESCRIPTION = "GNU ed is a line-oriented text editor. It is used to create,
display, modify and otherwise manipulate text files, both interactively and via
shell scripts. A restricted version of ed, red, can only edit files in the
current directory and cannot execute shell commands."
-LICENSE = "GPLv3+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7 \
-
file://ed.h;endline=20;md5=b72aa5eaafef318c6bfc37f858469113 \
-
file://main.c;endline=17;md5=2c93e24f4db3528a00a24c7df5618e41 \
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=76d6e300ffd8fb9d18bd9b136a9bba13 \
+
file://ed.h;endline=20;md5=6e6a818b0593f937fc63ba08d5e314bf \
+
file://main.c;endline=17;md5=8419a08bb12936f32384a0d1c0f9e74c \
"
SECTION = "base"
@@ -19,7 +19,7 @@ bindir = "${base_bindir}"
SRC_URI = "${GNU_MIRROR}/ed/${BP}.tar.lz"
UPSTREAM_CHECK_URI = "${GNU_MIRROR}/ed/"
-SRC_URI[sha256sum] =
"71de39883c25b6fab44add80635382a10c9bf154515b94729f4a6529ddcc5e54"
+SRC_URI[sha256sum] =
"aca8efad9800c587724a20b97aa8fc47e6b5a47df81606feaba831b074462b4f"
EXTRA_OEMAKE = "-e MAKEFLAGS="
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161632):
https://lists.openembedded.org/g/openembedded-core/message/161632
Mute This Topic: https://lists.openembedded.org/mt/89061701/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] ed: upgrade 1.17 -> 1.18
License-Update:
year updated to 2022.
license changed from GPLv3+ to GPLv2.
(In version 1.5 the maintainer mistakenly changed the copyright holder from
Andrew Moore to the FSF. In versions 1.18 he restored the original COPYING.)
Changelog:
=
* main_loop.c (get_shell_command): Flush stdout after printing cmd.
* signal.c (sighup_handler): Fix a memory leak just before exiting.
* carg_parser.c (ap_init): Likewise.
* io.c (read_file, write_file): Check ptr returned by strip_escapes.
* main_loop.c (get_shell_command, exec_command): Likewise.
* main_loop.c (get_shell_command): Remove backslash from escaped '%'.
* main_loop.c, regex.c: Implement case-insensitive REs.
* regex.c (compile_regex): Don't overwrite previous regex if error.
* main.c: New option '--strip-trailing-cr'.
* buffer.c (push_undo_atom): Fail if stack grows larger than INT_MAX.
(too_many_lines): Fail if buffer grows larger than INT_MAX lines.
* global.c (set_active_node): Fail if list grows larger than INT_MAX.
* signal.c (resize_buffer): Fail if a line grows longer than INT_MAX.
* io.c (read_file): Return -2 for fatal errors.
* main_loop.c (main_loop): Set error status if fatal error from main.
* main.c [restricted_]: New message "Directory access restricted".
* ed.texi: New chapter "The 's' Command".
* COPYING: Restored.
Signed-off-by: Wang Mingyu
---
meta/recipes-extended/ed/{ed_1.17.bb => ed_1.18.bb} | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
rename meta/recipes-extended/ed/{ed_1.17.bb => ed_1.18.bb} (73%)
diff --git a/meta/recipes-extended/ed/ed_1.17.bb
b/meta/recipes-extended/ed/ed_1.18.bb
similarity index 73%
rename from meta/recipes-extended/ed/ed_1.17.bb
rename to meta/recipes-extended/ed/ed_1.18.bb
index addf652d52..c1ab1f5ecb 100644
--- a/meta/recipes-extended/ed/ed_1.17.bb
+++ b/meta/recipes-extended/ed/ed_1.18.bb
@@ -2,10 +2,10 @@ SUMMARY = "Line-oriented text editor"
HOMEPAGE = "http://www.gnu.org/software/ed/;
DESCRIPTION = "GNU ed is a line-oriented text editor. It is used to create,
display, modify and otherwise manipulate text files, both interactively and via
shell scripts. A restricted version of ed, red, can only edit files in the
current directory and cannot execute shell commands."
-LICENSE = "GPLv3+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7 \
-
file://ed.h;endline=20;md5=b72aa5eaafef318c6bfc37f858469113 \
-
file://main.c;endline=17;md5=2c93e24f4db3528a00a24c7df5618e41 \
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=76d6e300ffd8fb9d18bd9b136a9bba13 \
+
file://ed.h;endline=20;md5=6e6a818b0593f937fc63ba08d5e314bf \
+
file://main.c;endline=17;md5=8419a08bb12936f32384a0d1c0f9e74c \
"
SECTION = "base"
@@ -19,7 +19,7 @@ bindir = "${base_bindir}"
SRC_URI = "${GNU_MIRROR}/ed/${BP}.tar.lz"
UPSTREAM_CHECK_URI = "${GNU_MIRROR}/ed/"
-SRC_URI[sha256sum] =
"71de39883c25b6fab44add80635382a10c9bf154515b94729f4a6529ddcc5e54"
+SRC_URI[sha256sum] =
"aca8efad9800c587724a20b97aa8fc47e6b5a47df81606feaba831b074462b4f"
EXTRA_OEMAKE = "-e MAKEFLAGS="
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161631):
https://lists.openembedded.org/g/openembedded-core/message/161631
Mute This Topic: https://lists.openembedded.org/mt/88992428/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] kernel-fitimage: Add missing dependency for UBOOT_ENV
On 1/29/22 01:57, Marek Vasut wrote:
For $UBOOT_ENV file to appear in sysroot, virtual/bootloader
must populate sysroot first. Add the missing dependency.
Signed-off-by: Marek Vasut
Cc: Richard Purdie
---
meta/classes/kernel-fitimage.bbclass | 4
1 file changed, 4 insertions(+)
diff --git a/meta/classes/kernel-fitimage.bbclass
b/meta/classes/kernel-fitimage.bbclass
index 1e3bc21f1f..507e0a2213 100644
--- a/meta/classes/kernel-fitimage.bbclass
+++ b/meta/classes/kernel-fitimage.bbclass
@@ -36,6 +36,10 @@ python __anonymous () {
if image:
d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', '
${INITRAMFS_IMAGE}:do_image_complete')
+ubootenv = d.getVar('UBOOT_ENV')
+if ubootenv:
+d.appendVarFlag('do_assemble_fitimage', 'depends', '
virtual/bootloader:do_populate_sysroot')
+
#check if there are any dtb providers
providerdtb = d.getVar("PREFERRED_PROVIDER_virtual/dtb")
if providerdtb:
I think "bump" is in order by now.
Can you please pick this one ?
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161630):
https://lists.openembedded.org/g/openembedded-core/message/161630
Mute This Topic: https://lists.openembedded.org/mt/88758951/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] libpcap: Disable DPDK explicitly
libpcap looks for DPDK in the same way it looks for DAG. This can poison
the build even if it doesn't find anything. Explicitly disable dpdk.
Signed-off-by: Sean Anderson
---
meta/recipes-connectivity/libpcap/libpcap_1.10.1.bb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.1.bb
b/meta/recipes-connectivity/libpcap/libpcap_1.10.1.bb
index 9a8c46e0ef..dbe2fd8157 100644
--- a/meta/recipes-connectivity/libpcap/libpcap_1.10.1.bb
+++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.1.bb
@@ -19,10 +19,11 @@ BINCONFIG = "${bindir}/pcap-config"
# Explicitly disable dag support. We don't have recipe for it and if enabled
here,
# configure script poisons the include dirs with /usr/local/include even when
the
-# support hasn't been detected.
+# support hasn't been detected. Do the same thing for DPDK.
EXTRA_OECONF = " \
--with-pcap=linux \
--without-dag \
+ --without-dpdk \
"
EXTRA_AUTORECONF += "--exclude=aclocal"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161629):
https://lists.openembedded.org/g/openembedded-core/message/161629
Mute This Topic: https://lists.openembedded.org/mt/89055414/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] initramfs-framework: unmount automounts before switch_root
If mounts are left lingering, then after we switch_root, attempts to
modify the block devices will result in an EBUSY with no way to unmount
them. As we're about to switch_root anyways, there isn't much use to
keep anything mounted unless it has the new rootfs.
Signed-off-by: Justin Bronder
---
.../initrdscripts/initramfs-framework/finish | 12
1 file changed, 12 insertions(+)
diff --git a/meta/recipes-core/initrdscripts/initramfs-framework/finish
b/meta/recipes-core/initrdscripts/initramfs-framework/finish
index 717383ebac8..f08a9208675 100755
--- a/meta/recipes-core/initrdscripts/initramfs-framework/finish
+++ b/meta/recipes-core/initrdscripts/initramfs-framework/finish
@@ -12,6 +12,18 @@ finish_run() {
fatal "ERROR: There's no '/dev' on rootfs."
fi
+ # Unmount anything that was automounted by busybox via
mdev-mount.sh.
+ # We're about to switch_root, and leaving anything mounted will
prevent
+ # the next rootfs from modifying the block device. Ignore
ROOT_DISK,
+ # if it was set by setup-live, because it'll be mounted over
loopback
+ # to ROOTFS_DIR.
+ local dev
+ for dev in /run/media/*; do
+ if mountpoint -q "${dev}" && [ "${dev##*/}" !=
"${ROOT_DISK}" ]; then
+ umount -f "${dev}" || debug "Failed to unmount
${dev}"
+ fi
+ done
+
info "Switching root to '$ROOTFS_DIR'..."
debug "Moving /dev, /proc and /sys onto rootfs..."
--
2.35.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161628):
https://lists.openembedded.org/g/openembedded-core/message/161628
Mute This Topic: https://lists.openembedded.org/mt/89054790/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/2] buildtools: Allow testsdk to access the network
Some of the buildtools tests test network access so allow this.
Signed-off-by: Richard Purdie
---
meta/recipes-core/meta/buildtools-tarball.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-core/meta/buildtools-tarball.bb
b/meta/recipes-core/meta/buildtools-tarball.bb
index fb28930656b..166671316ac 100644
--- a/meta/recipes-core/meta/buildtools-tarball.bb
+++ b/meta/recipes-core/meta/buildtools-tarball.bb
@@ -110,4 +110,5 @@ python do_testsdk() {
}
addtask testsdk
do_testsdk[nostamp] = "1"
+do_testsdk[network] = "1"
do_testsdk[depends] += "xz-native:do_populate_sysroot"
--
2.32.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161623):
https://lists.openembedded.org/g/openembedded-core/message/161623
Mute This Topic: https://lists.openembedded.org/mt/89051452/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/2] selftest/bbtests: Add tests for git floating tag resolution
This test ensures that where a floating tag is used for a git url, there
aren't a number of different bugs such as inconsistent source revisions
for the tag within a given build and that the recipe is reparsed at each
run to ensure the tag is checked.
A test is also added to ensure that the build fails if SRCPV (get_srcrev())
isn't used yet there is a floating tag.
Signed-off-by: Richard Purdie
---
.../gitunpackoffline/gitunpackoffline-fail.bb | 11 +++
.../recipes-test/gitunpackoffline/gitunpackoffline.bb | 6 ++
meta/lib/oeqa/selftest/cases/bbtests.py | 8
3 files changed, 25 insertions(+)
create mode 100644
meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline-fail.bb
create mode 100644
meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline.bb
diff --git
a/meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline-fail.bb
b/meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline-fail.bb
new file mode 100644
index 000..dbf1ef35a57
--- /dev/null
+++ b/meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline-fail.bb
@@ -0,0 +1,11 @@
+SUMMARY = "Test recipe for fetching git submodules"
+HOMEPAGE = "https://git.yoctoproject.org/git/matchbox-panel-2;
+LICENSE = "GPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+# Deliberately have a tag which has to be resolved but ensure do_unpack
doesn't access the network again.
+SRC_URI =
"git://git.yoctoproject.org/git/matchbox-panel-2;branch=master;protocol=https;tag=2.10"
+
+S = "${WORKDIR}/git"
\ No newline at end of file
diff --git a/meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline.bb
b/meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline.bb
new file mode 100644
index 000..73bc2181591
--- /dev/null
+++ b/meta-selftest/recipes-test/gitunpackoffline/gitunpackoffline.bb
@@ -0,0 +1,6 @@
+require gitunpackoffline-fail.bb
+
+# Deliberately have a tag which has to be resolved but ensure do_unpack
doesn't access the network again.
+SRC_URI =
"git://git.yoctoproject.org/git/matchbox-panel-2;branch=master;protocol=https;tag=2.11"
+
+PV = "0.0+git${SRCPV}"
diff --git a/meta/lib/oeqa/selftest/cases/bbtests.py
b/meta/lib/oeqa/selftest/cases/bbtests.py
index 246cb032bfb..8dd069b2977 100644
--- a/meta/lib/oeqa/selftest/cases/bbtests.py
+++ b/meta/lib/oeqa/selftest/cases/bbtests.py
@@ -312,3 +312,11 @@ INHERIT:remove = \"report-error\"
self.assertFalse(fatal, "Failed to patch using PATCHTOOL=\"git\"")
self.delete_recipeinc(test_recipe)
bitbake('-cclean man-db')
+
+def test_git_unpack_nonetwork(self):
+bitbake('gitunpackoffline -c fetch')
+bitbake('gitunpackoffline -c patch')
+
+def test_git_unpack_nonetwork_fail(self):
+result = bitbake('gitunpackoffline-fail -c fetch', ignore_status=True)
+self.assertTrue("Recipe uses a floating tag/branch without a fixed
SRCREV" in result.output, msg = "Recipe without PV set to SRCPV should have
failed: %s" % result.output)
--
2.32.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161624):
https://lists.openembedded.org/g/openembedded-core/message/161624
Mute This Topic: https://lists.openembedded.org/mt/89051453/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] cve-check: add json format
On Thu, 10 Feb 2022 at 16:28, Marta Rybczynska wrote: >> This isn't part of the standard Python library, you'll have to >> replicate the logic. > > Do you mean copying part of the class or reimplementing it? Reimplement, unless it's so complicated that we need to embed a copy. As this is just dictionary merging, I suspect its easier to just handcode it. Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161622): https://lists.openembedded.org/g/openembedded-core/message/161622 Mute This Topic: https://lists.openembedded.org/mt/88668523/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] cve-check: add json format
On Thu, Feb 10, 2022 at 3:36 PM Ross Burton wrote: > > > +from jsonmerge import Merger > > This isn't part of the standard Python library, you'll have to > replicate the logic. > > Do you mean copying part of the class or reimplementing it? > One suggestion would be to move more of the logic into > lib/oe/cve_check.py so the class doesn't get too big. > > This is possible. Kind regards, Marta -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161621): https://lists.openembedded.org/g/openembedded-core/message/161621 Mute This Topic: https://lists.openembedded.org/mt/88668523/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 3/4] selftest: wic: Remove requirement of syslinux from test_rawcopy_plugin
From: Stefan Herbrechtsmeier
Remove bootimg-pcbios from wks to eliminate requirement of syslinux from
test_rawcopy_plugin to avoid the following error.
ERROR: Couldn't find correct bootimg_dir, exiting
Signed-off-by: Stefan Herbrechtsmeier
---
meta/lib/oeqa/selftest/cases/wic.py | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/wic.py
b/meta/lib/oeqa/selftest/cases/wic.py
index 5fc8e65142..96b3e1b6a5 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -1070,10 +1070,8 @@ class Wic2(WicTestCase):
img = 'core-image-minimal'
machine = get_bb_var('MACHINE', img)
with NamedTemporaryFile("w", suffix=".wks") as wks:
-wks.writelines(['part /boot --active --source bootimg-pcbios\n',
-'part / --source rawcopy
--sourceparams="file=%s-%s.ext4" --use-uuid\n'\
- % (img, machine),
-'bootloader --timeout=0
--append="console=ttyS0,115200n8"\n'])
+wks.write('part / --source rawcopy
--sourceparams="file=%s-%s.ext4"\n'\
+ % (img, machine))
wks.flush()
cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
runCmd(cmd)
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161619):
https://lists.openembedded.org/g/openembedded-core/message/161619
Mute This Topic: https://lists.openembedded.org/mt/89049088/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 4/4] selftest: wic: Add rawcopy plugin unpack test
From: Stefan Herbrechtsmeier
Signed-off-by: Stefan Herbrechtsmeier
---
meta/lib/oeqa/selftest/cases/wic.py | 18 +++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/wic.py
b/meta/lib/oeqa/selftest/cases/wic.py
index 96b3e1b6a5..a021f8d84b 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -1065,13 +1065,14 @@ class Wic2(WicTestCase):
self.assertEqual(1, status, 'Failed to run command "%s": %s' %
(cmd, output))
self.assertEqual(output, '2')
-def test_rawcopy_plugin(self):
+def _rawcopy_plugin(self, fstype):
"""Test rawcopy plugin"""
img = 'core-image-minimal'
machine = get_bb_var('MACHINE', img)
+params = ',unpack' if fstype.endswith('.gz') else ''
with NamedTemporaryFile("w", suffix=".wks") as wks:
-wks.write('part / --source rawcopy
--sourceparams="file=%s-%s.ext4"\n'\
- % (img, machine))
+wks.write('part / --source rawcopy
--sourceparams="file=%s-%s.%s%s"\n'\
+ % (img, machine, fstype, params))
wks.flush()
cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
runCmd(cmd)
@@ -1079,6 +1080,17 @@ class Wic2(WicTestCase):
out = glob(self.resultdir + "%s-*direct" % wksname)
self.assertEqual(1, len(out))
+def test_rawcopy_plugin(self):
+self._rawcopy_plugin('ext4')
+
+def test_rawcopy_plugin_unpack(self):
+fstype = 'ext4.gz'
+config = 'IMAGE_FSTYPES = "%s"\n' % fstype
+self.append_config(config)
+self.assertEqual(0, bitbake('core-image-minimal').status)
+self.remove_config(config)
+self._rawcopy_plugin(fstype)
+
def test_empty_plugin(self):
"""Test empty plugin"""
config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_empty_plugin.wks"\n'
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161620):
https://lists.openembedded.org/g/openembedded-core/message/161620
Mute This Topic: https://lists.openembedded.org/mt/89049089/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/4] wic: rawcopy: Add support for packed images
From: Stefan Herbrechtsmeier
Add support for packed images to wic rawcopy handler do minimize disk
usage in deploy directory and reuse of packed images between wic and
swupdate. Add `unpack` to sourceparams to unpack an bz2, gz and xz
archives.
Example:
part / --source rawcopy
--sourceparams="file=core-image-minimal-qemu.ext4.gz,unpack"
Signed-off-by: Stefan Herbrechtsmeier
---
scripts/lib/wic/plugins/source/rawcopy.py | 28 ++-
1 file changed, 27 insertions(+), 1 deletion(-)
diff --git a/scripts/lib/wic/plugins/source/rawcopy.py
b/scripts/lib/wic/plugins/source/rawcopy.py
index fa7b1eb8ac..7816e00e49 100644
--- a/scripts/lib/wic/plugins/source/rawcopy.py
+++ b/scripts/lib/wic/plugins/source/rawcopy.py
@@ -4,6 +4,8 @@
import logging
import os
+import signal
+import subprocess
from wic import WicError
from wic.pluginbase import SourcePlugin
@@ -38,6 +40,24 @@ class RawCopyPlugin(SourcePlugin):
exec_cmd(cmd)
+@staticmethod
+def do_image_uncompression(src, dst, workdir):
+def subprocess_setup():
+# Python installs a SIGPIPE handler by default. This is usually
not what
+# non-Python subprocesses expect.
+# SIGPIPE errors are known issues with gzip/bash
+signal.signal(signal.SIGPIPE, signal.SIG_DFL)
+
+decompressor = {
+".bz2": "bzip2",
+".gz": "gzip",
+".xz": "xz"
+}.get(os.path.splitext(src)[1])
+if not decompressor:
+raise WicError("Compression not support")
+cmd = "%s -dc %s > %s" % (decompressor, src, dst)
+subprocess.call(cmd, preexec_fn=subprocess_setup, shell=True,
cwd=workdir)
+
@classmethod
def do_prepare_partition(cls, part, source_params, cr, cr_workdir,
oe_builddir, bootimg_dir, kernel_dir,
@@ -56,7 +76,13 @@ class RawCopyPlugin(SourcePlugin):
if 'file' not in source_params:
raise WicError("No file specified")
-src = os.path.join(kernel_dir, source_params['file'])
+if 'unpack' in source_params:
+img = os.path.join(kernel_dir, source_params['file'])
+src = os.path.join(cr_workdir,
os.path.splitext(source_params['file'])[0])
+RawCopyPlugin.do_image_uncompression(img, src, cr_workdir)
+else:
+src = os.path.join(kernel_dir, source_params['file'])
+
dst = os.path.join(cr_workdir, "%s.%s" %
(os.path.basename(source_params['file']), part.lineno))
if not os.path.exists(os.path.dirname(dst)):
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161618):
https://lists.openembedded.org/g/openembedded-core/message/161618
Mute This Topic: https://lists.openembedded.org/mt/89049086/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/4] wic: partition: Support valueless keys in sourceparams
From: Stefan Herbrechtsmeier
Accept valueless keys in sourceparams without equals sign (=) to match
the comment and support Boolean entries.
Signed-off-by: Stefan Herbrechtsmeier
---
scripts/lib/wic/partition.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index a25834048e..09e491dd49 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -171,7 +171,7 @@ class Partition():
# Split sourceparams string of the form key1=val1[,key2=val2,...]
# into a dict. Also accepts valueless keys i.e. without =
splitted = self.sourceparams.split(',')
-srcparams_dict = dict(par.split('=', 1) for par in splitted if par)
+srcparams_dict = dict((par.split('=', 1) + [None])[:2] for par in
splitted if par)
plugin = PluginMgr.get_plugins('source')[self.source]
plugin.do_configure_partition(self, srcparams_dict, creator,
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161617):
https://lists.openembedded.org/g/openembedded-core/message/161617
Mute This Topic: https://lists.openembedded.org/mt/89049084/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/2] gcc-target: fix glob to remove gcc- binary
From: Stefan Herbrechtsmeier
The glob to remove the gcc- binary expects a single-digit major
version which is no longer true.
Signed-off-by: Stefan Herbrechtsmeier
---
meta/recipes-devtools/gcc/gcc-target.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/gcc/gcc-target.inc
b/meta/recipes-devtools/gcc/gcc-target.inc
index bf55e692e6..bcea75b2fa 100644
--- a/meta/recipes-devtools/gcc/gcc-target.inc
+++ b/meta/recipes-devtools/gcc/gcc-target.inc
@@ -193,7 +193,7 @@ do_install () {
rm -f *c++*
# We don't care about the gcc- ones for this
- rm -f *gcc-?.?*
+ rm -f *gcc-?*.?*
# Not sure why we end up with these but we don't want them...
rm -f ${TARGET_PREFIX}${TARGET_PREFIX}*
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161615):
https://lists.openembedded.org/g/openembedded-core/message/161615
Mute This Topic: https://lists.openembedded.org/mt/89048989/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/2] gcc-target: move cc1plus to g++ package
From: Stefan Herbrechtsmeier
Move cc1plus from gcc to g++ package. Therefor, remove the duplicate
FILES entry from gcc package and keep the entry in g++ package.
Signed-off-by: Stefan Herbrechtsmeier
---
meta/recipes-devtools/gcc/gcc-target.inc | 1 -
1 file changed, 1 deletion(-)
diff --git a/meta/recipes-devtools/gcc/gcc-target.inc
b/meta/recipes-devtools/gcc/gcc-target.inc
index bcea75b2fa..66f737c9dc 100644
--- a/meta/recipes-devtools/gcc/gcc-target.inc
+++ b/meta/recipes-devtools/gcc/gcc-target.inc
@@ -44,7 +44,6 @@ FILES:${PN} = "\
${bindir}/${TARGET_PREFIX}gcc* \
${bindir}/${TARGET_PREFIX}lto* \
${libexecdir}/gcc/${TARGET_SYS}/${BINV}/collect2* \
-${libexecdir}/gcc/${TARGET_SYS}/${BINV}/cc1plus \
${libexecdir}/gcc/${TARGET_SYS}/${BINV}/g++-mapper-server \
${libexecdir}/gcc/${TARGET_SYS}/${BINV}/lto* \
${libexecdir}/gcc/${TARGET_SYS}/${BINV}/lib*${SOLIBS} \
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161616):
https://lists.openembedded.org/g/openembedded-core/message/161616
Mute This Topic: https://lists.openembedded.org/mt/89048993/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] cve-check: add json format
On Tue, 25 Jan 2022 at 09:59, Marta Rybczynska wrote: > Add an option to output the CVE check in a JSON-based format. > This format is easier to parse in software than the original > text-based one and allows post-processing by other tools. Nice, thanks. > +from jsonmerge import Merger This isn't part of the standard Python library, you'll have to replicate the logic. One suggestion would be to move more of the logic into lib/oe/cve_check.py so the class doesn't get too big. Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161614): https://lists.openembedded.org/g/openembedded-core/message/161614 Mute This Topic: https://lists.openembedded.org/mt/88668523/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] kernel: make kernel-base recommend kernel-image, not depend
On Thu, Feb 10, 2022 at 6:52 AM Ross Burton wrote:
>
> As kernel modules depend on the base kernel package, and the base kernel
> recipe depends on the kernel image, it's impossible to build file system
> images which contain kernel modules but not the kernel itself, such as
> an initramfs.
>
> Change the RDEPENDS to RRECOMMENDS so that the disk images can set
> PACKAGE_EXCLUDE = "kernel-image-*" to remove the kernel.
>
Looks good to me.
Acked-by: Bruce Ashfield
> Signed-off-by: Ross Burton
> ---
> meta/classes/kernel.bbclass | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
> index 880ee614064..4f304eb9c7a 100644
> --- a/meta/classes/kernel.bbclass
> +++ b/meta/classes/kernel.bbclass
> @@ -655,7 +655,7 @@ FILES:${KERNEL_PACKAGE_NAME}-modules = ""
> RDEPENDS:${KERNEL_PACKAGE_NAME} = "${KERNEL_PACKAGE_NAME}-base (=
> ${EXTENDPKGV})"
> # Allow machines to override this dependency if kernel image files are
> # not wanted in images as standard
> -RDEPENDS:${KERNEL_PACKAGE_NAME}-base ?= "${KERNEL_PACKAGE_NAME}-image (=
> ${EXTENDPKGV})"
> +RRECOMMENDS:${KERNEL_PACKAGE_NAME}-base ?= "${KERNEL_PACKAGE_NAME}-image (=
> ${EXTENDPKGV})"
> PKG:${KERNEL_PACKAGE_NAME}-image =
> "${KERNEL_PACKAGE_NAME}-image-${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}"
> RDEPENDS:${KERNEL_PACKAGE_NAME}-image +=
> "${@oe.utils.conditional('KERNEL_IMAGETYPE', 'vmlinux',
> '${KERNEL_PACKAGE_NAME}-vmlinux (= ${EXTENDPKGV})', '', d)}"
> PKG:${KERNEL_PACKAGE_NAME}-base =
> "${KERNEL_PACKAGE_NAME}-${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}"
> --
> 2.25.1
>
>
>
>
--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161613):
https://lists.openembedded.org/g/openembedded-core/message/161613
Mute This Topic: https://lists.openembedded.org/mt/89043865/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] Missing python.h when building ntpsec
For anyone stumbling on this issue the solution is to adjust the
recipe to contain
CFLAGS_append = " -I${STAGING_INCDIR}/${PYTHON_DIR}${PYTHON_ABI}/"
instead of
CFLAGS_append = " -I${PYTHON_INCLUDE_DIR}"
Den tors 10 feb. 2022 kl 12:40 skrev Mans Zigher via
lists.openembedded.org :
>
> Hi,
>
> So Python.h does actually exist. It was just me that was looking for
> the wrong file python.h but the issue is that ntpsec is not able to
> find the h-file
>
> ['arm-oe-linux-gnueabi-gcc', '-march=armv7-a', '-mfpu=neon',
> '-mfloat-abi=hard', '-fstack-protector-strong', '-pie', '-fPIE',
> '-D_FORTIFY_SOURCE=2', '-Wa,--noexecstack', '-Wformat',
> '-Wformat-security', '-Werror=format-security',
> '--sysroot=/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/recipe-sysroot',
> '-DUNITY_EXCLUDE_FLOAT_PRINT', '-fstack-protector-all', '-Wshadow',
> '-Wpacked', '-Wcast-qual', '-Wmissing-declarations',
> '-Wdisabled-optimization', '-Wimplicit-function-declaration',
> '-Winvalid-pch', '-Wpointer-arith', '-Wwrite-strings', '-Winit-self',
> '-Wfloat-equal', '-Wformat', '-Wformat-signedness',
> '-Wformat-security', '-Wsuggest-attribute=noreturn', '-fPIC', '-O1',
> '-Wall', '-Wextra', '-Wmissing-prototypes', '-Wstrict-prototypes',
> '-Wundef', '-Wunused', '-g', '-O2', '-Wa,--noexecstack',
> '-fexpensive-optimizations', '-frename-registers', '-ftree-vectorize',
> '-finline-functions', '-finline-limit=64',
> '-Wno-error=maybe-uninitialized', '-Wno-error=unused-result',
> '-fno-omit-frame-pointer', '-DTARGET_ION_ABI_VERSION=2',
> '-I${PYTHON_INCLUDE_DIR}', '-fPIC', '../../test.c', '-c',
> '-o/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/build/.conf_check_d3b505aa7ab58576b6d76a2fc3091b1f/testbuild/main/test.c.1.o']
> err: ../../test.c:2:10: fatal error: Python.h: No such file or directory
> #include
> ^~
> compilation terminated.
>
> from
> /home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/pylib:
> Test does not build: Traceback (most recent call last):
> File
> "/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/.waf-2.0.20-36f5354d605298f6a89c09e0c7ef6c1d/waflib/Configure.py",
> line 335, in run_build
> bld.compile()
> File
> "/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/.waf-2.0.20-36f5354d605298f6a89c09e0c7ef6c1d/waflib/Build.py",
> line 176, in compile
> raise Errors.BuildError(self.producer.error)
> BuildError: Build failed
> -> task in 'testprog' failed with exit status 1 (run with -v to
> display more information)
>
> Could not build python extensions
> from
> /home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/pylib
>
> So something is not correct with the include path. But thanks for your help
>
> Thanks,
>
>
> Den ons 9 feb. 2022 kl 18:51 skrev Khem Raj :
> >
> > On Wed, Feb 9, 2022 at 5:50 AM Mans Zigher wrote:
> > >
> > > Hi,
> > >
> > > I am trying to backport ntpsec from master to Thud but I have
> > > encountered an issue where python.h is missing in the sysroot for the
> > > ntpsec so the configuration task is failing. The ntpsec recipe has
> > >
> > > DEPENDS += "bison-native \
> > > openssl \
> > > python3"
> > >
> > > So should that not result in python.h being included to the sysroot
> > > for the ntpsec? Any hints on what to look for?
> > >
> >
> > what happens if you change python3 to python in depends
> >
> > > Thanks,
> > >
> > >
> > >
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161612):
https://lists.openembedded.org/g/openembedded-core/message/161612
Mute This Topic: https://lists.openembedded.org/mt/89021393/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] kernel: make kernel-base recommend kernel-image, not depend
As kernel modules depend on the base kernel package, and the base kernel
recipe depends on the kernel image, it's impossible to build file system
images which contain kernel modules but not the kernel itself, such as
an initramfs.
Change the RDEPENDS to RRECOMMENDS so that the disk images can set
PACKAGE_EXCLUDE = "kernel-image-*" to remove the kernel.
Signed-off-by: Ross Burton
---
meta/classes/kernel.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index 880ee614064..4f304eb9c7a 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -655,7 +655,7 @@ FILES:${KERNEL_PACKAGE_NAME}-modules = ""
RDEPENDS:${KERNEL_PACKAGE_NAME} = "${KERNEL_PACKAGE_NAME}-base (=
${EXTENDPKGV})"
# Allow machines to override this dependency if kernel image files are
# not wanted in images as standard
-RDEPENDS:${KERNEL_PACKAGE_NAME}-base ?= "${KERNEL_PACKAGE_NAME}-image (=
${EXTENDPKGV})"
+RRECOMMENDS:${KERNEL_PACKAGE_NAME}-base ?= "${KERNEL_PACKAGE_NAME}-image (=
${EXTENDPKGV})"
PKG:${KERNEL_PACKAGE_NAME}-image =
"${KERNEL_PACKAGE_NAME}-image-${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}"
RDEPENDS:${KERNEL_PACKAGE_NAME}-image +=
"${@oe.utils.conditional('KERNEL_IMAGETYPE', 'vmlinux',
'${KERNEL_PACKAGE_NAME}-vmlinux (= ${EXTENDPKGV})', '', d)}"
PKG:${KERNEL_PACKAGE_NAME}-base =
"${KERNEL_PACKAGE_NAME}-${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161611):
https://lists.openembedded.org/g/openembedded-core/message/161611
Mute This Topic: https://lists.openembedded.org/mt/89043865/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 2/2] kernel-module-split: modules should recommend the kernel image
On Thu, 10 Feb 2022 at 10:54, Richard Purdie wrote: > > Obviously this won't work in the situations where you want a normal > > image with a kernel but also a initramfs with a kernel module in it, > > as that behaviour isn't machine specific but image specific. > > > > If this was a recommends then it could be removed via PACKAGE_EXCLUDE, > > but we'd need to be sure that nothing from the kernel ended up getting > > pulled in via a single module. > > I think making this a RRECOMMENDS and doing that may enable more workflows and > make things easier all around. Can you check and see if it does pull other > unwanted stuff in? I'm hoping it doesn't. Tested. Our initramfs pulls in a kernel module, and PACKAGE_EXCLUDE=kernel-image-* stops the image itself being pulled in. It does pull in the kernel-5.15-yocto-standard package, but that just contains a few module config files. Patch incoming! Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161610): https://lists.openembedded.org/g/openembedded-core/message/161610 Mute This Topic: https://lists.openembedded.org/mt/89026749/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [RFC] support for multi project toolchain-cmake
On Wed, 2022-02-09 at 12:02 +0100, yoctoproj...@neumann-web.eu wrote: > Hello Vyacheslav and Richard, > > thank you both for your feedback, > > On Mon, 2022-02-08 at 10:44, Vyacheslav Yurkov wrote: > > Any reason you set SDK to be read-only? Perhaps your use case can be covered > > by extensible SDK? I mean if you have some shared libraries between project, > > isn't that enough to extend your SDK to solve the original problem? > > While we indeed do have shared libraries between projects, they are not > necessary of the same version. In general we don't want to enforce > restrictions > on shared code between the projects (e.g. hinder different patch sets or > enforce specific versions), appart from the base distribution that is > generated > with OpenEmbedded. If libraries mature enough that they can be considered to > be > (mostly) stable, we have different processes to share it between projects. > > On Mon, 2022-02-08 at 14:22, Richard Purdie wrote: > > We definitely don't support that usage scenario since it would be highly > > build > > system specific and would work in some cases but not others. I do have a > > suggestion of a different approach though. > > After your first reply, I've expected this. The Bug report #14703 can then > also > be closed, however I can only set it to RESOLVED and not something like > REJECTED, hence I would asked somebody else to reject the report. I've marked it as "resolved WONTFIX" and added a comment summarising the discussion here. > > > Have you considered creating a sysroot per project with a copy of the > > sysroot > > files? > > > > This sounds like a crazy idea at first but with hardlinks for the files it > > is > > fast and efficient to create these sysroot file trees. This is exactly what > > OpenEmbedded does internally and how we handle this in our builds. > > That sounds like an interesting alternative solution. We haven't thought about > it yet, but it will be something we're going to look into. I think/hope it should solve your probably and give you a relatively powerful solution that isn't cmake specific. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161609): https://lists.openembedded.org/g/openembedded-core/message/161609 Mute This Topic: https://lists.openembedded.org/mt/88743247/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] Missing python.h when building ntpsec
Hi,
So Python.h does actually exist. It was just me that was looking for
the wrong file python.h but the issue is that ntpsec is not able to
find the h-file
['arm-oe-linux-gnueabi-gcc', '-march=armv7-a', '-mfpu=neon',
'-mfloat-abi=hard', '-fstack-protector-strong', '-pie', '-fPIE',
'-D_FORTIFY_SOURCE=2', '-Wa,--noexecstack', '-Wformat',
'-Wformat-security', '-Werror=format-security',
'--sysroot=/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/recipe-sysroot',
'-DUNITY_EXCLUDE_FLOAT_PRINT', '-fstack-protector-all', '-Wshadow',
'-Wpacked', '-Wcast-qual', '-Wmissing-declarations',
'-Wdisabled-optimization', '-Wimplicit-function-declaration',
'-Winvalid-pch', '-Wpointer-arith', '-Wwrite-strings', '-Winit-self',
'-Wfloat-equal', '-Wformat', '-Wformat-signedness',
'-Wformat-security', '-Wsuggest-attribute=noreturn', '-fPIC', '-O1',
'-Wall', '-Wextra', '-Wmissing-prototypes', '-Wstrict-prototypes',
'-Wundef', '-Wunused', '-g', '-O2', '-Wa,--noexecstack',
'-fexpensive-optimizations', '-frename-registers', '-ftree-vectorize',
'-finline-functions', '-finline-limit=64',
'-Wno-error=maybe-uninitialized', '-Wno-error=unused-result',
'-fno-omit-frame-pointer', '-DTARGET_ION_ABI_VERSION=2',
'-I${PYTHON_INCLUDE_DIR}', '-fPIC', '../../test.c', '-c',
'-o/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/build/.conf_check_d3b505aa7ab58576b6d76a2fc3091b1f/testbuild/main/test.c.1.o']
err: ../../test.c:2:10: fatal error: Python.h: No such file or directory
#include
^~
compilation terminated.
from
/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/pylib:
Test does not build: Traceback (most recent call last):
File
"/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/.waf-2.0.20-36f5354d605298f6a89c09e0c7ef6c1d/waflib/Configure.py",
line 335, in run_build
bld.compile()
File
"/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/.waf-2.0.20-36f5354d605298f6a89c09e0c7ef6c1d/waflib/Build.py",
line 176, in compile
raise Errors.BuildError(self.producer.error)
BuildError: Build failed
-> task in 'testprog' failed with exit status 1 (run with -v to
display more information)
Could not build python extensions
from
/home/extmzigher/Workspace/2016platform/python_product/builds/python/tmp-glibc/work/armv7ahf-neon-oe-linux-gnueabi/ntpsec/1.2.1-r0/ntpsec-1.2.1/pylib
So something is not correct with the include path. But thanks for your help
Thanks,
Den ons 9 feb. 2022 kl 18:51 skrev Khem Raj :
>
> On Wed, Feb 9, 2022 at 5:50 AM Mans Zigher wrote:
> >
> > Hi,
> >
> > I am trying to backport ntpsec from master to Thud but I have
> > encountered an issue where python.h is missing in the sysroot for the
> > ntpsec so the configuration task is failing. The ntpsec recipe has
> >
> > DEPENDS += "bison-native \
> > openssl \
> > python3"
> >
> > So should that not result in python.h being included to the sysroot
> > for the ntpsec? Any hints on what to look for?
> >
>
> what happens if you change python3 to python in depends
>
> > Thanks,
> >
> >
> >
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161608):
https://lists.openembedded.org/g/openembedded-core/message/161608
Mute This Topic: https://lists.openembedded.org/mt/89021393/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] cmake: stop FetchContent from fetching content
On Thu, 10 Feb 2022 at 10:13, Eero Aaltonen wrote: > > what is cmake's default ? I think it could become a constant source > > of pain if it is not default. Since many cmake based packages might > > start to depend on it indirectly in future. > > CMake's default is to allow downloads. > > It's possible to write CMake projects so that they try find_package > first and then fall back to downloading. I think > FETCHCONTENT_FULLY_DISCONNECTED might be a helpful flag so that the > build can then simply report if a required dependency has the wrong > version or so. > > CMake projects that use _only_ FetchContent will likely need heavier > patching. The reasoning for this patch is that with the network isolation change the FetchContents will fail, but as in some environments the network isolation doesn't work (eg Docker containers) we can disable FetchContent explicitly too. Yes, projects which just use FetchContent are a pain. Lets guess why I wrote this patch. :) Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161607): https://lists.openembedded.org/g/openembedded-core/message/161607 Mute This Topic: https://lists.openembedded.org/mt/89020454/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 2/2] kernel-module-split: modules should recommend the kernel image
On Thu, 2022-02-10 at 10:52 +, Ross Burton wrote:
> On Wed, 9 Feb 2022 at 20:10, Bruce Ashfield wrote:
> > I've always just used this (from kernel.bbclass):
> >
> > # Allow machines to override this dependency if kernel image files are
> > # not wanted in images as standard
> > RDEPENDS:${KERNEL_PACKAGE_NAME}-base ?= "${KERNEL_PACKAGE_NAME}-image
> > (= ${EXTENDPKGV})"
> >
> > Maybe that's the one you are remembering ?
>
> Obviously this won't work in the situations where you want a normal
> image with a kernel but also a initramfs with a kernel module in it,
> as that behaviour isn't machine specific but image specific.
>
> If this was a recommends then it could be removed via PACKAGE_EXCLUDE,
> but we'd need to be sure that nothing from the kernel ended up getting
> pulled in via a single module.
I think making this a RRECOMMENDS and doing that may enable more workflows and
make things easier all around. Can you check and see if it does pull other
unwanted stuff in? I'm hoping it doesn't.
Cheers,
Richard
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161606):
https://lists.openembedded.org/g/openembedded-core/message/161606
Mute This Topic: https://lists.openembedded.org/mt/89026749/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 2/2] kernel-module-split: modules should recommend the kernel image
On Wed, 9 Feb 2022 at 20:10, Bruce Ashfield wrote:
> I've always just used this (from kernel.bbclass):
>
> # Allow machines to override this dependency if kernel image files are
> # not wanted in images as standard
> RDEPENDS:${KERNEL_PACKAGE_NAME}-base ?= "${KERNEL_PACKAGE_NAME}-image
> (= ${EXTENDPKGV})"
>
> Maybe that's the one you are remembering ?
Obviously this won't work in the situations where you want a normal
image with a kernel but also a initramfs with a kernel module in it,
as that behaviour isn't machine specific but image specific.
If this was a recommends then it could be removed via PACKAGE_EXCLUDE,
but we'd need to be sure that nothing from the kernel ended up getting
pulled in via a single module.
Ross
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161605):
https://lists.openembedded.org/g/openembedded-core/message/161605
Mute This Topic: https://lists.openembedded.org/mt/89026749/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] sdk: fix search for dynamic loader
if the package "nativesdk-glibc-dbg" is installed as part of the SDK, the existing search expression finds two files: $OECORE_NATIVE_SYSROOT/lib/.debug/ld-linux-x86-64.so.2 $OECORE_NATIVE_SYSROOT/lib/ld-linux-x86-64.so.2 The generated relocate_sdk.sh shell script contains then an extra newline and segfaults during SDK relocation. Limit the search depth to 1, to avoid finding the file in the .debug directory. Signed-off-by: Christian Eggers --- I ran into this problem at first on honister (as previous releases seem not to include nativesdk-glibc-dbg automatically, e.g. due to "dbg-pkgs" in SDKIMAGE_FEATURES). But I think that this patch may also be relevant hardknott and dunfell. meta/files/toolchain-shar-relocate.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/files/toolchain-shar-relocate.sh b/meta/files/toolchain-shar-relocate.sh index 3ece04db0a4a..cee9adbf399c 100644 --- a/meta/files/toolchain-shar-relocate.sh +++ b/meta/files/toolchain-shar-relocate.sh @@ -5,7 +5,7 @@ fi # fix dynamic loader paths in all ELF SDK binaries native_sysroot=$($SUDO_EXEC cat $env_setup_script |grep 'OECORE_NATIVE_SYSROOT='|cut -d'=' -f2|tr -d '"') -dl_path=$($SUDO_EXEC find $native_sysroot/lib -name "ld-linux*") +dl_path=$($SUDO_EXEC find $native_sysroot/lib -maxdepth 1 -name "ld-linux*") if [ "$dl_path" = "" ] ; then echo "SDK could not be set up. Relocate script unable to find ld-linux.so. Abort!" exit 1 -- Christian Eggers Embedded software developer Arnold & Richter Cine Technik GmbH & Co. Betriebs KG Sitz: Muenchen - Registergericht: Amtsgericht Muenchen - Handelsregisternummer: HRA 57918 Persoenlich haftender Gesellschafter: Arnold & Richter Cine Technik GmbH Sitz: Muenchen - Registergericht: Amtsgericht Muenchen - Handelsregisternummer: HRB 54477 Geschaeftsfuehrer: Dr. Michael Neuhaeuser; Stephan Schenk; Walter Trauninger; Markus Zeiler ___ Christian Eggers Software Engineer ARRI Arnold & Richter Cine Technik GmbH & Co. Betriebs KG Arriweg 17, 83071 Stephanskirchen www.arri.com +49 8036 3009-3118 cegg...@arri.de Get all the latest information from www.arri.com, Facebook, Twitter, Instagram and YouTube. Arnold & Richter Cine Technik GmbH & Co. Betriebs KG Sitz: München - Registergericht: Amtsgericht München - Handelsregisternummer: HRA 57918 Persönlich haftender Gesellschafter: Arnold & Richter Cine Technik GmbH Sitz: München - Registergericht: Amtsgericht München - Handelsregisternummer: HRB 54477 Geschäftsführer: Dr. Michael Neuhäuser; Stephan Schenk; Walter Trauninger; Markus Zeiler -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161604): https://lists.openembedded.org/g/openembedded-core/message/161604 Mute This Topic: https://lists.openembedded.org/mt/89042978/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] cmake: stop FetchContent from fetching content
On Wed, 2022-02-09 at 09:45 -0800, Khem Raj via lists.openembedded.org wrote: > On 2/9/22 4:53 AM, Ross Burton wrote: > > CMake includes a FetchContent module, which will download further > > source code at configure time. With the network isolation this > > will now fail, but as not all environments support network > > isolation we can tell cmake to not download either for extra > > safety. > > what is cmake's default ? I think it could become a constant source > of pain if it is not default. Since many cmake based packages might > start to depend on it indirectly in future. CMake's default is to allow downloads. It's possible to write CMake projects so that they try find_package first and then fall back to downloading. I think FETCHCONTENT_FULLY_DISCONNECTED might be a helpful flag so that the build can then simply report if a required dependency has the wrong version or so. CMake projects that use _only_ FetchContent will likely need heavier patching. Eero -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161603): https://lists.openembedded.org/g/openembedded-core/message/161603 Mute This Topic: https://lists.openembedded.org/mt/89020454/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] ed: upgrade 1.17 -> 1.18
Thanks for the research. Yes, please do add this to commit and resend. Alex On Thu, 10 Feb 2022 at 02:07, wan...@fujitsu.com wrote: > > As you can see the ChangeLog shown below, in version 1.5 the maintainer > mistakenly changed the copyright holder from Andrew Moore to the FSF. In > versions 1.6 and 1.11 he tried to fix the mistake, but he forgot to restore > the original COPYING, which he have done now in 1.18. > > Therefore, in addition to changing the LICENSE field from GPLv3 + to GPLv2 , > should I add relevant information in the commit? > > 2010-08-30 Antonio Diaz Diaz > * Version 1.5 released. > * Change copyright holder from Andrew, Antonio to the FSF. > (This change was later discovered to be wrong. See 1.6 and 1.11). > > 2012-01-01 Antonio Diaz Diaz > > * Version 1.6 released. > * Restore copyright notices of Andrew L. Moore. It seems Andrew > granted some permissions but never assigned copyright to the FSF. > > 2015-03-30 Antonio Diaz Diaz > > * Version 1.11 released. > * Restore original copyright and license notices in the code. I > assigned to the FSF the copyright on changes made to the part of ed > already copyrighted by the FSF, which seems to be just the manual. > > 2022-02-04 Antonio Diaz Diaz > * Version 1.18 released. > * COPYING: Restored. (I forgot to do it in 1.11). > > > -Original Message- > > From: Alexander Kanavin > > Sent: Tuesday, February 8, 2022 6:25 PM > > To: Wang, Mingyu/王 鸣瑜 > > Cc: OE-core > > Subject: Re: [OE-core] [PATCH] ed: upgrade 1.17 -> 1.18 > > > > On Tue, 8 Feb 2022 at 09:26, wangmy wrote: > > > > > License-Update: > > > year updated to 2022. > > > license changed from GNU3 to GNU2. > > > LICENSE = "GPLv3+" > > > -LIC_FILES_CHKSUM = > > "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7 \ > > > - > > file://ed.h;endline=20;md5=b72aa5eaafef318c6bfc37f858469113 \ > > > - > > file://main.c;endline=17;md5=2c93e24f4db3528a00a24c7df5618e41 \ > > > +LIC_FILES_CHKSUM = > > "file://COPYING;md5=76d6e300ffd8fb9d18bd9b136a9bba13 \ > > > + > > file://ed.h;endline=20;md5=6e6a818b0593f937fc63ba08d5e314bf \ > > > + > > > +file://main.c;endline=17;md5=8419a08bb12936f32384a0d1c0f9e74c \ > > > > > > If the license changed, you need to update the LICENSE field. Also a bit > > more research would be appreciated: can you find and link the commit > > where the change occurred? > > > > Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161602): https://lists.openembedded.org/g/openembedded-core/message/161602 Mute This Topic: https://lists.openembedded.org/mt/88992428/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [hardknott][PATCH 00/12] Pull request (cover letter only)
The following changes since commit d54d7e7b43da621be8e6fcca34feb7b3d49b8160: lighttpd: backport a fix for CVE-2022-22707 (2022-01-26 11:40:00 +0800) are available in the Git repository at: git://push.openembedded.org/openembedded-core-contrib stable/hardknott-next Alexander Kanavin (1): libusb1: correct SRC_URI Bruce Ashfield (2): linux-yocto/5.10: update to v5.10.92 linux-yocto/5.10: update to v5.10.93 Peter Kjellerstedt (1): sstate: A third fix for for touching files inside pseudo Ross Burton (1): yocto-check-layer: add debug output for the layers that were found Rudolf J Streif (1): linux-firmware: Add CLM blob to linux-firmware-bcm4373 package Sakib Sajal (4): qemu: fix CVE-2021-3713 qemu: fix CVE-2021-3748 qemu: fix CVE-2021-3930 qemu: fix CVE-2021-20196 Steve Sakoman (2): expat: fix CVE-2022-23852 expat: add missing Upstream-status, CVE tag and sign-off to CVE-2021-46143.patch meta/classes/sstate.bbclass | 14 +- .../expat/expat/CVE-2021-46143.patch | 6 + .../expat/expat/CVE-2022-23852.patch | 33 + meta/recipes-core/expat/expat_2.2.10.bb | 1 + meta/recipes-devtools/qemu/qemu.inc | 5 + .../qemu/qemu/CVE-2021-20196_1.patch | 54 .../qemu/qemu/CVE-2021-20196_2.patch | 67 + .../qemu/qemu/CVE-2021-3713.patch | 68 ++ .../qemu/qemu/CVE-2021-3748.patch | 127 ++ .../qemu/qemu/CVE-2021-3930.patch | 53 .../linux-firmware/linux-firmware_20211216.bb | 1 + .../linux/linux-yocto-rt_5.10.bb | 6 +- .../linux/linux-yocto-tiny_5.10.bb| 8 +- meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 ++-- meta/recipes-support/libusb/libusb1_1.0.24.bb | 6 +- scripts/yocto-check-layer | 13 ++ 16 files changed, 460 insertions(+), 26 deletions(-) create mode 100644 meta/recipes-core/expat/expat/CVE-2022-23852.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161601): https://lists.openembedded.org/g/openembedded-core/message/161601 Mute This Topic: https://lists.openembedded.org/mt/89041674/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
