Re: [OE-core] [PATCH 11/27] meson: update 1.0.1 ->1.1.0

[Khem Raj]

On 5/9/23 10:23 AM, Alexander Kanavin wrote:

Rebase two patches.

Signed-off-by: Alexander Kanavin 
---
  ...for-clang-before-guessing-gcc-or-lcc.patch | 14 +++---
  ...-not-manipulate-the-environment-when.patch | 48 +--
  .../meson/{meson_1.0.1.bb => meson_1.1.0.bb}  |  2 +-
  3 files changed, 31 insertions(+), 33 deletions(-)
  rename meta/recipes-devtools/meson/{meson_1.0.1.bb => meson_1.1.0.bb} (98%)

diff --git 
a/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
 
b/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
index 58fa1194398..c449bf8cda4 100644
--- 
a/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
+++ 
b/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
@@ -1,4 +1,4 @@
-From 8739e1c3bef653415ad4b9b9c318ccfa76c43da6 Mon Sep 17 00:00:00 2001
+From e3d1297c408b9b4d5d6a962aad5501e869287c98 Mon Sep 17 00:00:00 2001
  From: Khem Raj 
  Date: Thu, 31 Mar 2022 15:00:24 -0700
  Subject: [PATCH] Check for clang before guessing gcc or lcc
@@ -21,19 +21,20 @@ this check anyway.
  
  Upstream-Status: Submitted [https://github.com/mesonbuild/meson/pull/10218]


This is merged upstreamed with a slightly different fix see
https://github.com/mesonbuild/meson/commit/24ea1d3f1968bff52ccaaf33fcdd59e810459aa9

If we have this fix already in 1.1.0 which seems to be the case. then 
the full patch here can be dropped.




  Signed-off-by: Khem Raj 
+
  ---
   mesonbuild/compilers/detect.py | 15 ---
   1 file changed, 8 insertions(+), 7 deletions(-)
  
  diff --git a/mesonbuild/compilers/detect.py b/mesonbuild/compilers/detect.py

-index 53948b01a..ba335cf39 100644
+index 6eca155..2df241a 100644
  --- a/mesonbuild/compilers/detect.py
  +++ b/mesonbuild/compilers/detect.py
-@@ -427,13 +427,14 @@ def _detect_c_or_cpp_compiler(env: 'Environment', lang: 
str, for_machine: Machin
+@@ -334,13 +334,14 @@ def _detect_c_or_cpp_compiler(env: 'Environment', lang: 
str, for_machine: Machin
   version = search_version(out)
   
   guess_gcc_or_lcc: T.Optional[str] = None

--if 'Free Software Foundation' in out or 'xt-' in out:
+-if 'Free Software Foundation' in out or out.startswith('xt-'):
  -guess_gcc_or_lcc = 'gcc'
  -if 'e2k' in out and 'lcc' in out:
  -guess_gcc_or_lcc = 'lcc'
@@ -41,7 +42,7 @@ index 53948b01a..ba335cf39 100644
  -# this output has "Free Software Foundation" in its version
  -guess_gcc_or_lcc = None
  +if not 'clang' in compiler_name:
-+if 'Free Software Foundation' in out or 'xt-' in out:
++if 'Free Software Foundation' in out or out.startswith('xt-'):
  +guess_gcc_or_lcc = 'gcc'
  +if 'e2k' in out and 'lcc' in out:
  +guess_gcc_or_lcc = 'lcc'
@@ -51,6 +52,3 @@ index 53948b01a..ba335cf39 100644
   
   if guess_gcc_or_lcc:

   defines = _get_gnu_compiler_defines(compiler)
---
-2.35.1
-
diff --git 
a/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
 
b/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
index f01a6678181..19502fa9cd8 100644
--- 
a/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
+++ 
b/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
@@ -1,4 +1,4 @@
-From 2e9582167bf9d3273004edb2637310531f0155ab Mon Sep 17 00:00:00 2001
+From a97dba12cff6c4c9181909141a1a9f38d7c900bf Mon Sep 17 00:00:00 2001
  From: Alexander Kanavin 
  Date: Mon, 19 Nov 2018 14:24:26 +0100
  Subject: [PATCH] python module: do not manipulate the environment when calling
@@ -8,30 +8,30 @@ Upstream-Status: Inappropriate [oe-core specific]
  Signed-off-by: Alexander Kanavin 
  
  ---

- mesonbuild/modules/python.py | 6 +-
+ mesonbuild/dependencies/python.py | 6 +-
   1 file changed, 1 insertion(+), 5 deletions(-)
  
-diff --git a/mesonbuild/modules/python.py b/mesonbuild/modules/python.py

-index 3bbccd1..fda7a25 100644
 a/mesonbuild/modules/python.py
-+++ b/mesonbuild/modules/python.py
-@@ -277,9 +277,6 @@ def python_factory(env: 'Environment', for_machine: 
'MachineChoice',
- # there is no LIBPC, so we can't search in it
- return NotFoundDependency('python', env)
+diff --git a/mesonbuild/dependencies/python.py 
b/mesonbuild/dependencies/python.py
+index 14386f9..118a15f 100644
+--- a/mesonbuild/dependencies/python.py
 b/mesonbuild/dependencies/python.py
+@@ -354,9 +354,6 @@ def python_factory(env: 'Environment', for_machine: 
'MachineChoice',
+ empty.name = 'python'
+ return empty
   
--old_pkg_libdir = os.environ.pop('PKG_CONFIG_LIBDIR', None)

--old_pkg_path = 

[OE-core][kirkstone 15/15] update-alternatives.bbclass: fix old override syntax

[Steve Sakoman]

From: Peter Bergin 

Function 'gen_updatealternativesvardeps' still used old override
syntax when fetching variable flags. Update to use ':' instead to match
recipe meta data. This was found by review and no real issue encountered
but it is a bug that affects variable dependencies and can affect rebuilds
as task hashes might not be accurate.

Signed-off-by: Peter Bergin 
Signed-off-by: Peter Bergin 
Signed-off-by: Richard Purdie 
(cherry picked from commit 5691f554b2cd50f256a8cbb1d96781e9eb6b930e)
Signed-off-by: Steve Sakoman 
---
 meta/classes/update-alternatives.bbclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/classes/update-alternatives.bbclass 
b/meta/classes/update-alternatives.bbclass
index 7581a70439..2804299fc4 100644
--- a/meta/classes/update-alternatives.bbclass
+++ b/meta/classes/update-alternatives.bbclass
@@ -80,10 +80,10 @@ def gen_updatealternativesvardeps(d):
 
 for p in pkgs:
 for v in vars:
-for flag in sorted((d.getVarFlags("%s_%s" % (v,p)) or {}).keys()):
+for flag in sorted((d.getVarFlags("%s:%s" % (v,p)) or {}).keys()):
 if flag == "doc" or flag == "vardeps" or flag == "vardepsexp":
 continue
-d.appendVar('%s_VARDEPS_%s' % (v,p), ' %s:%s' % (flag, 
d.getVarFlag('%s_%s' % (v,p), flag, False)))
+d.appendVar('%s_VARDEPS_%s' % (v,p), ' %s:%s' % (flag, 
d.getVarFlag('%s:%s' % (v,p), flag, False)))
 
 def ua_extend_depends(d):
 if not 'virtual/update-alternatives' in d.getVar('PROVIDES'):
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181100): 
https://lists.openembedded.org/g/openembedded-core/message/181100
Mute This Topic: https://lists.openembedded.org/mt/98795106/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 14/15] kernel: improve initramfs bundle processing time

[Steve Sakoman]

From: Bruce Ashfield 

This is a partial fix for bugzilla 15059 
[https://bugzilla.yoctoproject.org/show_bug.cgi?id=15059]

It has been noted by several people that when an initramfs is bundled:

  - a lot of the kernel is rebuilt
  - it takes a really long time

When looking at the logs, the second kernel compilation (that performs
the bundle) is not using the parallel make settings, and builds with
-j1.

We are already explicitly passing PARALLEL_MAKE when building kernel
modules, and by extending that explicit use to the main kernel
compilation, we ensure that we always get a parallel build.

Build times chnaged from more than 30 minutes for the bundle, to
3 minutes in local testing.

The question of whether or not too much is rebuilding during the
bundle step is still an open question, but with this tweak, at least
the build time is back in the realm of acceptable.

Signed-off-by: Bruce Ashfield 
Signed-off-by: Luca Ceresoli 
(cherry picked from commit 88fd394ecf0f2174b792075d409d87046896426b)
Signed-off-by: Steve Sakoman 
---
 meta/classes/kernel.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index b315737fd2..d45fa25c32 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -377,7 +377,7 @@ kernel_do_compile() {

use_alternate_initrd=CONFIG_INITRAMFS_SOURCE=${B}/usr/${INITRAMFS_IMAGE_NAME}.cpio
fi
for typeformake in ${KERNEL_IMAGETYPE_FOR_MAKE} ; do
-   oe_runmake ${typeformake} ${KERNEL_EXTRA_ARGS} 
$use_alternate_initrd
+   oe_runmake ${PARALLEL_MAKE} ${typeformake} ${KERNEL_EXTRA_ARGS} 
$use_alternate_initrd
done
 }
 
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181099): 
https://lists.openembedded.org/g/openembedded-core/message/181099
Mute This Topic: https://lists.openembedded.org/mt/98795105/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 13/15] oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set

[Steve Sakoman]

From: Thomas Roos 

This will use default values when no distribution is set.

[YOCTO #15086]

Signed-off-by: Thomas Roos 
Signed-off-by: Luca Ceresoli 
(cherry picked from commit 888fe63b46efceeff08dbe8c4f66fec33d06cb7a)
Signed-off-by: Steve Sakoman 
---
 meta/lib/oeqa/utils/metadata.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/lib/oeqa/utils/metadata.py b/meta/lib/oeqa/utils/metadata.py
index 8013aa684d..15ec190c4a 100644
--- a/meta/lib/oeqa/utils/metadata.py
+++ b/meta/lib/oeqa/utils/metadata.py
@@ -27,9 +27,9 @@ def metadata_from_bb():
 data_dict = get_bb_vars()
 
 # Distro information
-info_dict['distro'] = {'id': data_dict['DISTRO'],
-   'version_id': data_dict['DISTRO_VERSION'],
-   'pretty_name': '%s %s' % (data_dict['DISTRO'], 
data_dict['DISTRO_VERSION'])}
+info_dict['distro'] = {'id': data_dict.get('DISTRO', 'NODISTRO'),
+'version_id': data_dict.get('DISTRO_VERSION', 
'NO_DISTRO_VERSION'),
+'pretty_name': '%s %s' % 
(data_dict.get('DISTRO', 'NODISTRO'), data_dict.get('DISTRO_VERSION', 
'NO_DISTRO_VERSION'))}
 
 # Host distro information
 os_release = get_os_release()
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181098): 
https://lists.openembedded.org/g/openembedded-core/message/181098
Mute This Topic: https://lists.openembedded.org/mt/98795104/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 12/15] libpam: Fix the xtests/tst-pam_motd[1|3] failures

[Steve Sakoman]

From: Zhixiong Chi 

Reproducer:
1.Enable the ptest of libpam and build the image.
2.Boot the rootfs with nfs, then run the following tests as root:
 cd /usr/share/Linux-PAM/xtests
 /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd1
 /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd3

After applying this patch, the ptest doesn't be failed.

Signed-off-by: Zhixiong Chi 
Signed-off-by: Luca Ceresoli 
(cherry picked from commit 549e54ad6a175359b0a57987ccdab8989df9d3a9)
Signed-off-by: Steve Sakoman 
---
 ...rely-on-all-filesystems-providing-a-.patch | 108 ++
 meta/recipes-extended/pam/libpam_1.5.2.bb |   1 +
 2 files changed, 109 insertions(+)
 create mode 100644 
meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch

diff --git 
a/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
 
b/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
new file mode 100644
index 00..94dcb04f0a
--- /dev/null
+++ 
b/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
@@ -0,0 +1,108 @@
+From 42404548721c653317c911c83d885e2fc7fbca70 Mon Sep 17 00:00:00 2001
+From: Per Jessen 
+Date: Fri, 22 Apr 2022 18:15:36 +0200
+Subject: [PATCH] pam_motd: do not rely on all filesystems providing a filetype
+
+When using scandir() to look for MOTD files to display, we wrongly
+relied on all filesystems providing a filetype.  This is a fix to divert
+to lstat() when we have no filetype.  To maintain MT safety, it isn't
+possible to use lstat() in the scandir() filter function, so all of the
+filtering has been moved to an additional loop after scanning all the
+motd dirs.
+Also, remove superfluous alphasort from scandir(), we are doing
+a qsort() later.
+
+Resolves: https://github.com/linux-pam/linux-pam/issues/455
+
+Upstream-Status: Backport 
[https://github.com/linux-pam/linux-pam/commit/42404548721c653317c911c83d885e2fc7fbca70]
+
+Signed-off-by: Per Jessen 
+Signed-off-by: Zhixiong Chi 
+---
+ modules/pam_motd/pam_motd.c | 49 ++---
+ 1 file changed, 40 insertions(+), 9 deletions(-)
+
+diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c
+index 6ac8cba2..5ca486e4 100644
+--- a/modules/pam_motd/pam_motd.c
 b/modules/pam_motd/pam_motd.c
+@@ -166,11 +166,6 @@ static int compare_strings(const void *a, const void *b)
+ }
+ }
+ 
+-static int filter_dirents(const struct dirent *d)
+-{
+-return (d->d_type == DT_REG || d->d_type == DT_LNK);
+-}
+-
+ static void try_to_display_directories_with_overrides(pam_handle_t *pamh,
+   char **motd_dir_path_split, unsigned int num_motd_dirs, int 
report_missing)
+ {
+@@ -199,8 +194,7 @@ static void 
try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ 
+ for (i = 0; i < num_motd_dirs; i++) {
+   int rv;
+-  rv = scandir(motd_dir_path_split[i], &(dirscans[i]),
+-  filter_dirents, alphasort);
++  rv = scandir(motd_dir_path_split[i], &(dirscans[i]), NULL, NULL);
+   if (rv < 0) {
+   if (errno != ENOENT || report_missing) {
+   pam_syslog(pamh, LOG_ERR, "error scanning directory %s: %m",
+@@ -215,6 +209,41 @@ static void 
try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ if (dirscans_size_total == 0)
+ goto out;
+ 
++/* filter out unwanted names, directories, and complement data with 
lstat() */
++for (i = 0; i < num_motd_dirs; i++) {
++  struct dirent **d = dirscans[i];
++  for (unsigned int j = 0; j < dirscans_sizes[i]; j++) {
++  int rc;
++  char *fullpath;
++  struct stat s;
++
++  switch(d[j]->d_type) {/* the filetype determines how to proceed 
*/
++  case DT_REG:  /* regular files and */
++  case DT_LNK:  /* symlinks  */
++  continue; /* are good. */
++  case DT_UNKNOWN:   /* for file systems that do not provide */
++ /* a filetype, we use lstat()   */
++  if (join_dir_strings(, motd_dir_path_split[i],
++   d[j]->d_name) <= 0)
++  break;
++  rc = lstat(fullpath, );
++  _pam_drop(fullpath);  /* free the memory alloc'ed by 
join_dir_strings */
++  if (rc != 0)  /* if the lstat() somehow failed */
++  break;
++
++  if (S_ISREG(s.st_mode) ||  /* regular files and  */
++  S_ISLNK(s.st_mode)) continue;  /* symlinks are good  */
++  break;
++  case DT_DIR:  /* We don't want directories */
++  default:  /* nor anything else */
++  break;
++  }
++  _pam_drop(d[j]);  /* free memory   */
++  

[OE-core][kirkstone 08/15] linux-firmware: upgrade 20230210 -> 20230404

[Steve Sakoman]

From: Dmitry Baryshkov 

The LICENCE.qat_firmware license file was updated to reflect Intel
licensing (it removed a term regarding patent licenses).

License-Update: additional files

Signed-off-by: Dmitry Baryshkov 
Signed-off-by: Luca Ceresoli 
(cherry picked from commit fd43b59ab32e2115fcda7ad63d3a5ccc2683c7d5)
Signed-off-by: Steve Sakoman 
---
 ...inux-firmware_20230210.bb => linux-firmware_20230404.bb} | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230210.bb => 
linux-firmware_20230404.bb} (99%)

diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20230210.bb 
b/meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb
similarity index 99%
rename from meta/recipes-kernel/linux-firmware/linux-firmware_20230210.bb
rename to meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb
index bf5d4f54e6..7412c022ba 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20230210.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb
@@ -108,7 +108,7 @@ LIC_FILES_CHKSUM = 
"file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
 file://LICENCE.OLPC;md5=5b917f9d8c061991be4f6f5f108719cd \
 
file://LICENCE.open-ath9k-htc-firmware;md5=1b33c9f4d17bc4d457bdb23727046837 \
 file://LICENCE.phanfw;md5=954dcec0e051f9409812b561ea743bfa 
\
-
file://LICENCE.qat_firmware;md5=9e7d8bea77612d7cc7d9e9b54b623062 \
+
file://LICENCE.qat_firmware;md5=72de83dfd9b87be7685ed099a39fbea4 \
 file://LICENSE.qcom;md5=164e3362a538eb11d3ac51e8e134294b \
 
file://LICENSE.qcom_yamato;md5=d0de0eeccaf1843a850bf7a6777eec5c \
 
file://LICENCE.qla1280;md5=d6895732e622d950609093223a2c4f5d \
@@ -134,7 +134,7 @@ LIC_FILES_CHKSUM = 
"file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
 "
 # WHENCE checksum is defined separately to ease overriding it if
 # class-devupstream is selected.
-WHENCE_CHKSUM  = "aadb3cccbde1e53fc244a409e9bd5a22"
+WHENCE_CHKSUM  = "0782deea054d4b1b7f10c92c3a245da4"
 
 # These are not common licenses, set NO_GENERIC_LICENSE for them
 # so that the license files will be copied from fetched source
@@ -212,7 +212,7 @@ SRC_URI:class-devupstream = 
"git://git.kernel.org/pub/scm/linux/kernel/git/firmw
 # Pin this to the 20220509 release, override this in local.conf
 SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae"
 
-SRC_URI[sha256sum] = 
"6e3d9e8d52cffc4ec0dbe8533a8445328e0524a20f159a5b61c2706f983ce38a"
+SRC_URI[sha256sum] = 
"c3f9ad2bb5311cce2490f37a8052f836703d6936aabd840246b6576f1f71f607"
 
 inherit allarch
 
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181093): 
https://lists.openembedded.org/g/openembedded-core/message/181093
Mute This Topic: https://lists.openembedded.org/mt/98795098/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 11/15] populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override

[Steve Sakoman]

From: Martin Jansa 

* otherwise it ends '' inside esdk, because of parsing order:
  # $METADATA_REVISION [3 operations]
  #   set /OE/build/test-D/conf/local.conf:43
  # "f2da54ef432eac89b0f18eaad68e602b6990b5de"
  #   immediate /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:9
  # "${@oe.buildcfg.detect_revision(d)}"
  #   set /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:10
  # [vardepvalue] "${METADATA_REVISION}"
  # pre-expansion value:
  #   ""
  METADATA_REVISION=""

* This causes base-files.do_install and following tasks to have different
  signatures between esdk and the build directory where this esdk was created:

  bitbake-diffsigs 
{test-D,poky/build-uninative-disabled}/tmp/stamps/qemux86_64-poky-linux/base-files/*do_install*sigdata*
  NOTE: Starting bitbake server...
  basehash changed from 
5b6981cf58bfd57d416b0e31611b73a26baae635dd1ac31c08d46f95064c3ffc to 
dbdce042da4d7813d632b6d1cc87a16f728ad20e55fecbc392830e6acf72babd
  Variable METADATA_REVISION value changed from '' to 
'f2da54ef432eac89b0f18eaad68e602b6990b5de'

  and an warning from "python3 /OE/build/test-D/ext-sdk-prepare.py" when eSDK 
is being prepared for use:
  WARNING: The base-files:do_install sig is computed to be 
83b9c9a6ef1145baac5a1e0d08814b9156af239c58fc42df95c25a9cd8a7f201,
but the sig is locked to 
3dc22233059075978e5503691e98e79e7cc60db94259dfcd886bca2291c0add7 in 
SIGGEN_LOCKEDSIGS_t-qemux86-64

[RP: Add commit about why we need the override for future reference]
Signed-off-by: Martin Jansa 
Signed-off-by: Luca Ceresoli 
(cherry picked from commit 675ea7281c17f77bf5dea17cfd4d9da0928382a0)
Signed-off-by: Steve Sakoman 
---
 meta/classes/populate_sdk_ext.bbclass | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/classes/populate_sdk_ext.bbclass 
b/meta/classes/populate_sdk_ext.bbclass
index a673af7e7b..ca1b7753cb 100644
--- a/meta/classes/populate_sdk_ext.bbclass
+++ b/meta/classes/populate_sdk_ext.bbclass
@@ -363,7 +363,8 @@ python copy_buildsystem () {
 f.write('BUILDCFG_HEADER = ""\n\n')
 
 # Write METADATA_REVISION
-f.write('METADATA_REVISION = "%s"\n\n' % 
d.getVar('METADATA_REVISION'))
+# Needs distro override so it can override the value set in the 
bbclass code (later than local.conf)
+f.write('METADATA_REVISION:%s = "%s"\n\n' % (d.getVar('DISTRO'), 
d.getVar('METADATA_REVISION')))
 
 f.write('# Provide a flag to indicate we are in the EXT_SDK 
Context\n')
 f.write('WITHIN_EXT_SDK = "1"\n\n')
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181096): 
https://lists.openembedded.org/g/openembedded-core/message/181096
Mute This Topic: https://lists.openembedded.org/mt/98795101/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 10/15] libarchive: Enable acls, xattr for native as well as target

[Steve Sakoman]

From: Piotr Łobacz 

Libarchive is being used by OPKG package manager as default
API for extracting tar files. This fix allows us to extract
ipks packages with preserved ACLs and xattrs.

Partially addresses [YOCTO #15091]

[RP: Merge into main PACKAGECONFIG and tweak commit message]
Signed-off-by: Piotr Łobacz 
Signed-off-by: Alexandre Belloni 
Signed-off-by: Richard Purdie 
(cherry picked from commit 913aad1ac013368aef8f6af332588ef24bba46bd)
Signed-off-by: Steve Sakoman 
---
 meta/recipes-extended/libarchive/libarchive_3.6.2.bb | 6 +-
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/meta/recipes-extended/libarchive/libarchive_3.6.2.bb 
b/meta/recipes-extended/libarchive/libarchive_3.6.2.bb
index acc84de9da..ffcc103112 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.6.2.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.6.2.bb
@@ -7,11 +7,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=d499814247adaee08d88080841cb5665"
 
 DEPENDS = "e2fsprogs-native"
 
-PACKAGECONFIG ?= "zlib bz2 xz lzo zstd"
-
-PACKAGECONFIG:append:class-target = "\
-   ${@bb.utils.filter('DISTRO_FEATURES', 'acl xattr', d)} \
-"
+PACKAGECONFIG ?= "zlib bz2 xz lzo zstd ${@bb.utils.filter('DISTRO_FEATURES', 
'acl xattr', d)}"
 
 DEPENDS_BZIP2 = "bzip2-replacement-native"
 DEPENDS_BZIP2:class-target = "bzip2"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181095): 
https://lists.openembedded.org/g/openembedded-core/message/181095
Mute This Topic: https://lists.openembedded.org/mt/98795100/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 09/15] kernel-devsrc: depend on python3-core instead of python3

[Steve Sakoman]

From: "bkyleruss...@gmail.com" 

Avoids pulling in potential GPLv3 packages through python3-misc catch-all.

python3-core is the intended minimal RDEPENDS for packages requiring python3
support.  Other python3 module dependencies should be listed explicitly.

Signed-off-by: Kyle Russell 
Signed-off-by: Luca Ceresoli 
(cherry picked from commit 231f93becad619f6afa383f9b1132f1d4b02fa64)
Signed-off-by: Steve Sakoman 
---
 meta/recipes-kernel/linux/kernel-devsrc.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-kernel/linux/kernel-devsrc.bb 
b/meta/recipes-kernel/linux/kernel-devsrc.bb
index f8f717199c..ed9746f837 100644
--- a/meta/recipes-kernel/linux/kernel-devsrc.bb
+++ b/meta/recipes-kernel/linux/kernel-devsrc.bb
@@ -334,7 +334,7 @@ do_install[lockfiles] = "${TMPDIR}/kernel-scripts.lock"
 FILES:${PN} = "${KERNEL_BUILD_ROOT} ${KERNEL_SRC_PATH}"
 FILES:${PN}-dbg += "${KERNEL_BUILD_ROOT}*/build/scripts/*/.debug/*"
 
-RDEPENDS:${PN} = "bc python3 flex bison ${TCLIBC}-utils"
+RDEPENDS:${PN} = "bc python3-core flex bison ${TCLIBC}-utils"
 # 4.15+ needs these next two RDEPENDS
 RDEPENDS:${PN} += "openssl-dev util-linux"
 # and x86 needs a bit more for 4.15+
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181094): 
https://lists.openembedded.org/g/openembedded-core/message/181094
Mute This Topic: https://lists.openembedded.org/mt/98795099/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 07/15] xserver-xorg: upgrade 21.1.7 -> 21.1.8

[Steve Sakoman]

From: Wang Mingyu 

This release contains the fix for CVE-2023-1393 in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-March/003374.html

Benno Schulenberg (1):
   xkbUtils: use existing symbol names instead of deleted deprecated ones

Olivier Fourdan (2):
   composite: Fix use-after-free of the COW
   xserver 21.1.8

git tag: xorg-server-21.1.8

Signed-off-by: Wang Mingyu 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit 7b08dff8f46bcaa05f7fbffbe27d524579af4faf)
Signed-off-by: Steve Sakoman 
---
 .../{xserver-xorg_21.1.7.bb => xserver-xorg_21.1.8.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.7.bb => 
xserver-xorg_21.1.8.bb} (92%)

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb 
b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb
similarity index 92%
rename from meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb
rename to meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb
index 212c7d39c2..19db7ea434 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb
@@ -3,7 +3,7 @@ require xserver-xorg.inc
 SRC_URI += 
"file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \
file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \
"
-SRC_URI[sha256sum] = 
"d9c60b2dd0ec52326ca6ab20db0e490b1ff4f566f59ca742d6532e92795877bb"
+SRC_URI[sha256sum] = 
"38aadb735650c8024ee25211c190bf8aad844c5f59632761ab1ef4c4d5aeb152"
 
 # These extensions are now integrated into the server, so declare the migration
 # path for in-place upgrades.
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181092): 
https://lists.openembedded.org/g/openembedded-core/message/181092
Mute This Topic: https://lists.openembedded.org/mt/98795097/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 06/15] Revert "xserver-xorg: backport fix for CVE-2023-1393"

[Steve Sakoman]

This reverts commit dc2c777cab0230fc54e078d20d872aaa9287a8b9.

Fixed in subsequent version bump

Signed-off-by: Steve Sakoman 
---
 ...posite-Fix-use-after-free-of-the-COW.patch | 46 ---
 .../xorg-xserver/xserver-xorg_21.1.7.bb   |  3 +-
 2 files changed, 1 insertion(+), 48 deletions(-)
 delete mode 100644 
meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch

diff --git 
a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
 
b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
deleted file mode 100644
index fc426daba5..00
--- 
a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001
-From: Olivier Fourdan 
-Date: Mon, 13 Mar 2023 11:08:47 +0100
-Subject: [PATCH] composite: Fix use-after-free of the COW
-
-ZDI-CAN-19866/CVE-2023-1393
-
-If a client explicitly destroys the compositor overlay window (aka COW),
-we would leave a dangling pointer to that window in the CompScreen
-structure, which will trigger a use-after-free later.
-
-Make sure to clear the CompScreen pointer to the COW when the latter gets
-destroyed explicitly by the client.
-
-This vulnerability was discovered by:
-Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
-
-Signed-off-by: Olivier Fourdan 
-Reviewed-by: Adam Jackson 
-
-CVE: CVE-2023-1393
-Upstream-Status: Backport
-Signed-off-by: Ross Burton 

- composite/compwindow.c | 5 +
- 1 file changed, 5 insertions(+)
-
-diff --git a/composite/compwindow.c b/composite/compwindow.c
-index 4e2494b86..b30da589e 100644
 a/composite/compwindow.c
-+++ b/composite/compwindow.c
-@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin)
- ret = (*pScreen->DestroyWindow) (pWin);
- cs->DestroyWindow = pScreen->DestroyWindow;
- pScreen->DestroyWindow = compDestroyWindow;
-+
-+/* Did we just destroy the overlay window? */
-+if (pWin == cs->pOverlayWin)
-+cs->pOverlayWin = NULL;
-+
- /*compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/
- return ret;
- }
--- 
-2.34.1
-
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb 
b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb
index f0771cc86e..212c7d39c2 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb
@@ -1,8 +1,7 @@
 require xserver-xorg.inc
 
 SRC_URI += 
"file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \
-file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \
-file://0001-composite-Fix-use-after-free-of-the-COW.patch \
+   file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \
"
 SRC_URI[sha256sum] = 
"d9c60b2dd0ec52326ca6ab20db0e490b1ff4f566f59ca742d6532e92795877bb"
 
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181091): 
https://lists.openembedded.org/g/openembedded-core/message/181091
Mute This Topic: https://lists.openembedded.org/mt/98795096/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 05/15] wpebackend-fdo: upgrade 1.14.0 -> 1.14.2

[Steve Sakoman]

From: Wang Mingyu 

Changelog:
==
- Reverted a change introduced in 1.14.1 which introduced crashes both
  with WebKitGTK and WPE running under Wayland in some configurations.
- Fix a crash caused by wrong assertion, which was typically triggered in
  debug builds when using the NVidia drivers.
- Fix WebKit no longer repainting after provisional navigation with
  PSON enabled.
- Fix graphics buffer leaks by always freeing them in buffer destroy
  listener callbacks.

Signed-off-by: Wang Mingyu 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit aa37e18a51714af3281b4127dceb40b38aa8ac3c)
Signed-off-by: Steve Sakoman 
---
 .../{wpebackend-fdo_1.14.0.bb => wpebackend-fdo_1.14.2.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-sato/webkit/{wpebackend-fdo_1.14.0.bb => 
wpebackend-fdo_1.14.2.bb} (90%)

diff --git a/meta/recipes-sato/webkit/wpebackend-fdo_1.14.0.bb 
b/meta/recipes-sato/webkit/wpebackend-fdo_1.14.2.bb
similarity index 90%
rename from meta/recipes-sato/webkit/wpebackend-fdo_1.14.0.bb
rename to meta/recipes-sato/webkit/wpebackend-fdo_1.14.2.bb
index 708201043b..b3d7b229c8 100644
--- a/meta/recipes-sato/webkit/wpebackend-fdo_1.14.0.bb
+++ b/meta/recipes-sato/webkit/wpebackend-fdo_1.14.2.bb
@@ -13,7 +13,7 @@ inherit meson features_check pkgconfig
 REQUIRED_DISTRO_FEATURES = "opengl"
 
 SRC_URI = "https://wpewebkit.org/releases/${BPN}-${PV}.tar.xz;
-SRC_URI[sha256sum] = 
"e75b0cb2c7145448416e8696013d8883f675c66c11ed750e06865efec5809155"
+SRC_URI[sha256sum] = 
"93c9766ae9864eeaeaee2b0a74f22cbca08df42c1a1bdb55b086f2528e380d38"
 
 # Especially helps compiling with clang which enable this as error when
 # using c++11
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181090): 
https://lists.openembedded.org/g/openembedded-core/message/181090
Mute This Topic: https://lists.openembedded.org/mt/98795093/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 04/15] linux-yocto: Exclude 121 CVEs already fixed upstream

[Steve Sakoman]

From: Yoann Congal 

Exclude CVEs that are fixed in both current linux-yocto version
v5.10.175 and v5.15.108.

To get the commit fixing a CVE, I used the Debian kernel-sec repo [1].

[1]: 
https://salsa.debian.org/kernel-team/kernel-sec/-/commit/86d5040aee9275f9555458fcaf9cb43710dff398

Signed-off-by: Yoann Congal 
Signed-off-by: Steve Sakoman 
---
 meta/recipes-kernel/linux/cve-exclusion.inc | 875 
 meta/recipes-kernel/linux/linux-yocto.inc   |   3 +
 2 files changed, 878 insertions(+)
 create mode 100644 meta/recipes-kernel/linux/cve-exclusion.inc

diff --git a/meta/recipes-kernel/linux/cve-exclusion.inc 
b/meta/recipes-kernel/linux/cve-exclusion.inc
new file mode 100644
index 00..7fd362881a
--- /dev/null
+++ b/meta/recipes-kernel/linux/cve-exclusion.inc
@@ -0,0 +1,875 @@
+# Kernel CVE exclusion file
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-3759
+# Patched in kernel since v5.15 18319498fdd4cdf8c1c2c48cd432863b1f915d6f
+# Backported in version v5.4.224 bad83d55134e647a739ebef2082541963f2cbc92
+# Backported in version v5.10.154 836686e1a01d7e2fda6a5a18252243ff30a6e196
+CVE_CHECK_IGNORE += "CVE-2021-3759"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-4135
+# Patched in kernel since v5.16 481221775d53d6215a6e5e9ce1cce6d2b4ab9a46
+# Backported in version v5.4.168 699e794c12a3cd79045ff135bc87a53b97024e43
+# Backported in version v5.10.88 1a34fb9e2bf3029f7c0882069d67ff69cbd645d8
+# Backported in version v5.15.11 27358aa81a7d60e6bd36f0bb1db65cd084c2cad0
+CVE_CHECK_IGNORE += "CVE-2021-4135"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-4155
+# Patched in kernel since v5.16 983d8e60f50806f90534cc5373d0ce867e5aaf79
+# Backported in version v5.4.171 102af6edfd3a372db6e229177762a91f552e5f5e
+# Backported in version v5.10.91 16d8568378f9ee2d1e69216d39961aa72710209f
+# Backported in version v5.15.14 b0e72ba9e520b95346e68800afff0db65e766ca8
+CVE_CHECK_IGNORE += "CVE-2021-4155"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-0168
+# Patched in kernel since v5.18 b92e358757b91c2827af112cae9af513f26a3f34
+# Backported in version v5.10.110 9963ccea6087268e1275b992dca5d0dd4b938765
+# Backported in version v5.15.33 f143f8334fb9eb2f6c7c15b9da1472d9c965fd84
+CVE_CHECK_IGNORE += "CVE-2022-0168"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-0171
+# Patched in kernel since v5.18 683412ccf61294d727ead4a73d97397396e69a6b
+# Backported in version v5.10.146 a60babeb60ff276963d4756c7fd2e7bf242bb777
+# Backported in version v5.15.70 39b0235284c7aa33a64e07b825add7a2c108094a
+CVE_CHECK_IGNORE += "CVE-2022-0171"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1016
+# Patched in kernel since v5.18 4c905f6740a365464e91467aa50916555b28213d
+# Backported in version v5.4.188 06f0ff82c70241a766a811ae1acf07d6e2734dcb
+# Backported in version v5.10.109 2c74374c2e88c7b7992bf808d9f9391f7452f9d9
+# Backported in version v5.15.32 fafb904156fbb8f1dd34970cd5223e00b47c33be
+CVE_CHECK_IGNORE += "CVE-2022-1016"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1184
+# Patched in kernel since v6.1 61a1d87a324ad5e3ed27c6699dfc93218fcf3201
+# Backported in version v5.10.150 483831ad0440f62c10d1707c97ce824bd82d98ae
+# Backported in version v5.15.75 dd366295d1eca557e7a9000407ec3952f691d27b
+# Backported in version v5.19.17 edb71f055684f9023fd97e2f85c6f31380d163c1
+CVE_CHECK_IGNORE += "CVE-2022-1184"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1198
+# Patched in kernel since v5.17 efe4186e6a1b54bf38b9e05450d43b0da1fd7739
+# Backported in version v5.4.189 28c8fd84bea13cbf238d7b19d392de2fcc31331c
+# Backported in version v5.10.110 f67a1400788f550d201c71aeaf56706afe57f0da
+# Backported in version v5.15.33 3eb18f8a1d02a9462a0e4903efc674ca3d0406d1
+CVE_CHECK_IGNORE += "CVE-2022-1198"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1199
+# Patched in kernel since v5.17 71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac
+# Backported in version v5.4.185 0a64aea5fe023cf1e4973676b11f49038b1f045b
+# Backported in version v5.10.106 e2201ef32f933944ee02e59205adb566bafcdf91
+# Backported in version v5.15.29 46ad629e58ce3a88c924ff3c5a7e9129b0df5659
+CVE_CHECK_IGNORE += "CVE-2022-1199"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1462
+# Patched in kernel since v5.19 a501ab75e7624d133a5a3c7ec010687c8b961d23
+# Backported in version v5.4.208 f7785092cb7f022f59ebdaa181651f7c877df132
+# Backported in version v5.10.134 08afa87f58d83dfe040572ed591b47e8cb9e225c
+# Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29
+CVE_CHECK_IGNORE += "CVE-2022-1462"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1734
+# Patched in kernel since v5.18 d270453a0d9ec10bb8a802a142fb1b3601a83098
+# Backported in version v5.4.193 33d3e76fc7a7037f402246c824d750542e2eb37f
+# Backported in version v5.10.115 1961c5a688edb53fe3bc25cbda57f47adf12563c
+# Backported in version v5.15.39 b8f2b836e7d0a553b886654e8b3925a85862d2eb
+CVE_CHECK_IGNORE += "CVE-2022-1734"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1852
+# Patched in kernel since v5.19 

[OE-core][kirkstone 03/15] libxml2: patch CVE-2023-28484 and CVE-2023-29469

[Steve Sakoman]

From: Peter Marko 

Backports from:
* 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/e4f85f1bd2eb34d9b49da9154a4cc3a1bc284f68
* 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/547edbf1cbdccd46b2e8ff322a456eaa5931c5df

Signed-off-by: Peter Marko 
Signed-off-by: Steve Sakoman 
---
 .../libxml/libxml2/CVE-2023-28484.patch   | 79 +++
 .../libxml/libxml2/CVE-2023-29469.patch   | 42 ++
 meta/recipes-core/libxml/libxml2_2.9.14.bb|  2 +
 3 files changed, 123 insertions(+)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-28484.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-29469.patch

diff --git a/meta/recipes-core/libxml/libxml2/CVE-2023-28484.patch 
b/meta/recipes-core/libxml/libxml2/CVE-2023-28484.patch
new file mode 100644
index 00..907f2c4d47
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2023-28484.patch
@@ -0,0 +1,79 @@
+From e4f85f1bd2eb34d9b49da9154a4cc3a1bc284f68 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer 
+Date: Fri, 7 Apr 2023 11:46:35 +0200
+Subject: [PATCH] [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType
+
+Fix a null pointer dereference when parsing (invalid) XML schemas.
+
+Thanks to Robby Simpson for the report!
+
+Fixes #491.
+
+CVE: CVE-2023-28484
+Upstream-Status: Backport 
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/e4f85f1bd2eb34d9b49da9154a4cc3a1bc284f68]
+
+Signed-off-by: Peter Marko 
+---
+ result/schemas/issue491_0_0.err |  1 +
+ test/schemas/issue491_0.xml |  1 +
+ test/schemas/issue491_0.xsd | 18 ++
+ xmlschemas.c|  2 +-
+ 4 files changed, 21 insertions(+), 1 deletion(-)
+ create mode 100644 result/schemas/issue491_0_0.err
+ create mode 100644 test/schemas/issue491_0.xml
+ create mode 100644 test/schemas/issue491_0.xsd
+
+diff --git a/result/schemas/issue491_0_0.err b/result/schemas/issue491_0_0.err
+new file mode 100644
+index ..9b2bb969
+--- /dev/null
 b/result/schemas/issue491_0_0.err
+@@ -0,0 +1 @@
++./test/schemas/issue491_0.xsd:8: element complexType: Schemas parser error : 
complex type 'ChildType': The content type of both, the type and its base type, 
must either 'mixed' or 'element-only'.
+diff --git a/test/schemas/issue491_0.xml b/test/schemas/issue491_0.xml
+new file mode 100644
+index ..e2b2fc2e
+--- /dev/null
 b/test/schemas/issue491_0.xml
+@@ -0,0 +1 @@
++http://www.test.com;>5
+diff --git a/test/schemas/issue491_0.xsd b/test/schemas/issue491_0.xsd
+new file mode 100644
+index ..81702649
+--- /dev/null
 b/test/schemas/issue491_0.xsd
+@@ -0,0 +1,18 @@
++
++http://www.w3.org/2001/XMLSchema; 
xmlns="http://www.test.com; targetNamespace="http://www.test.com; 
elementFormDefault="qualified" attributeFormDefault="unqualified">
++  
++
++  
++
++  
++  
++
++  
++
++  
++
++  
++
++  
++  
++
+diff --git a/xmlschemas.c b/xmlschemas.c
+index 6a353858..a4eaf591 100644
+--- a/xmlschemas.c
 b/xmlschemas.c
+@@ -18632,7 +18632,7 @@ xmlSchemaFixupComplexType(xmlSchemaParserCtxtPtr pctxt,
+   "allowed to appear inside other model groups",
+   NULL, NULL);
+ 
+-  } else if (! dummySequence) {
++  } else if ((!dummySequence) && (baseType->subtypes != NULL)) {
+   xmlSchemaTreeItemPtr effectiveContent =
+   (xmlSchemaTreeItemPtr) type->subtypes;
+   /*
+-- 
+GitLab
+
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2023-29469.patch 
b/meta/recipes-core/libxml/libxml2/CVE-2023-29469.patch
new file mode 100644
index 00..f60d160c49
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2023-29469.patch
@@ -0,0 +1,42 @@
+From 547edbf1cbdccd46b2e8ff322a456eaa5931c5df Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer 
+Date: Fri, 7 Apr 2023 11:49:27 +0200
+Subject: [PATCH] [CVE-2023-29469] Hashing of empty dict strings isn't
+ deterministic
+
+When hashing empty strings which aren't null-terminated,
+xmlDictComputeFastKey could produce inconsistent results. This could
+lead to various logic or memory errors, including double frees.
+
+For consistency the seed is also taken into account, but this shouldn't
+have an impact on security.
+
+Found by OSS-Fuzz.
+
+Fixes #510.
+
+CVE: CVE-2023-29469
+Upstream-Status: Backport 
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/547edbf1cbdccd46b2e8ff322a456eaa5931c5df]
+
+Signed-off-by: Peter Marko 
+---
+ dict.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/dict.c b/dict.c
+index 86c3f6d7..d7fd1a06 100644
+--- a/dict.c
 b/dict.c
+@@ -433,7 +433,8 @@ static unsigned long
+ xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) {
+ unsigned long value = seed;
+ 
+-if (name == NULL) return(0);
++if ((name == NULL) || (namelen <= 0))
++return(value);
+ value += *name;
+ value <<= 5;
+ if (namelen > 10) {
+-- 
+GitLab

[OE-core][kirkstone 02/15] git: fix CVE-2023-25652

[Steve Sakoman]

From: Archana Polampalli 

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7,
2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding
specially crafted input to `git apply --reject`, a path outside the working
tree can be overwritten with partially controlled contents (corresponding to
the rejected hunk(s) from the given patch). A fix is available in versions
2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3,
and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when 
applying
patches from an untrusted source. Use `git apply --stat` to inspect a patch 
before
applying; avoid applying one that create a conflict where a link corresponding 
to
the `*.rej` file exists.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-25652

Upstream patches:
https://github.com/git/git/commit/9db05711c98efc14f414d4c87135a34c13586e0b

Signed-off-by: Archana Polampalli 
Signed-off-by: Steve Sakoman 
---
 .../git/git/CVE-2023-25652.patch  | 94 +++
 meta/recipes-devtools/git/git_2.35.7.bb   |  1 +
 2 files changed, 95 insertions(+)
 create mode 100644 meta/recipes-devtools/git/git/CVE-2023-25652.patch

diff --git a/meta/recipes-devtools/git/git/CVE-2023-25652.patch 
b/meta/recipes-devtools/git/git/CVE-2023-25652.patch
new file mode 100644
index 00..825701eaff
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2023-25652.patch
@@ -0,0 +1,94 @@
+From 9db05711c98efc14f414d4c87135a34c13586e0b Mon Sep 17 00:00:00 2001
+From: Johannes Schindelin 
+Date: Thu Mar 9 16:02:54 2023 +0100
+Subject: [PATCH] apply --reject: overwrite existing `.rej` symlink if it
+ exists
+
+   The `git apply --reject` is expected to write out `.rej` files in case
+   one or more hunks fail to apply cleanly. Historically, the command
+   overwrites any existing `.rej` files. The idea being that
+   apply/reject/edit cycles are relatively common, and the generated `.rej`
+   files are not considered precious.
+
+But the command does not overwrite existing `.rej` symbolic links, and
+instead follows them. This is unsafe because the same patch could
+potentially create such a symbolic link and point at arbitrary paths
+outside the current worktree, and `git apply` would write the contents
+of the `.rej` file into that location.
+
+Therefore, let's make sure that any existing `.rej` file or symbolic
+link is removed before writing it.
+
+Reported-by: RyotaK 
+Helped-by: Taylor Blau 
+Helped-by: Junio C Hamano 
+Helped-by: Linus Torvalds 
+Signed-off-by: Johannes Schindelin 
+
+CVE: CVE-2023-25652
+Upstream-Status: Backport 
[https://github.com/git/git/commit/9db05711c98efc14f414d4c87135a34c13586e0b]
+
+Signed-off-by: Archana Polampalli 
+---
+ apply.c  | 14 --
+ t/t4115-apply-symlink.sh | 15 +++
+ 2 files changed, 27 insertions(+), 2 deletions(-)
+
+diff --git a/apply.c b/apply.c
+index fc6f484..47f2686 100644
+--- a/apply.c
 b/apply.c
+@@ -4584,7 +4584,7 @@ static int write_out_one_reject(struct apply_state 
*state, struct patch *patch)
+   FILE *rej;
+   char namebuf[PATH_MAX];
+   struct fragment *frag;
+-  int cnt = 0;
++  int fd, cnt = 0;
+   struct strbuf sb = STRBUF_INIT;
+
+   for (cnt = 0, frag = patch->fragments; frag; frag = frag->next) {
+@@ -4624,7 +4624,17 @@ static int write_out_one_reject(struct apply_state 
*state, struct patch *patch)
+   memcpy(namebuf, patch->new_name, cnt);
+   memcpy(namebuf + cnt, ".rej", 5);
+
+-  rej = fopen(namebuf, "w");
++  fd = open(namebuf, O_CREAT | O_EXCL | O_WRONLY, 0666);
++  if (fd < 0) {
++  if (errno != EEXIST)
++  return error_errno(_("cannot open %s"), namebuf);
++  if (unlink(namebuf))
++  return error_errno(_("cannot unlink '%s'"), namebuf);
++  fd = open(namebuf, O_CREAT | O_EXCL | O_WRONLY, 0666);
++  if (fd < 0)
++  return error_errno(_("cannot open %s"), namebuf);
++  }
++  rej = fdopen(fd, "w");
+   if (!rej)
+   return error_errno(_("cannot open %s"), namebuf);
+
+diff --git a/t/t4115-apply-symlink.sh b/t/t4115-apply-symlink.sh
+index 65ac7df..e95e6d4 100755
+--- a/t/t4115-apply-symlink.sh
 b/t/t4115-apply-symlink.sh
+@@ -126,4 +126,19 @@ test_expect_success SYMLINKS 'symlink escape when 
deleting file' '
+   test_path_is_file .git/delete-me
+ '
+
++test_expect_success SYMLINKS '--reject removes .rej symlink if it exists' '
++  test_when_finished "git reset --hard && git clean -dfx" &&
++
++  test_commit file &&
++  echo modified >file.t &&
++  git diff -- file.t >patch &&
++  echo modified-again >file.t &&
++
++  ln -s foo file.t.rej &&
++  test_must_fail git apply patch --reject 2>err &&
++  test_i18ngrep "Rejected hunk" err &&
++  test_path_is_missing 

[OE-core][kirkstone 01/15] git: fix CVE-2023-29007

[Steve Sakoman]

From: Archana Polampalli 

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 
2.33.8,
2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted
`.gitmodules` file with submodule URLs that are longer than 1024 characters can 
used
to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. 
This bug
can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` 
when
attempting to remove the configuration section associated with that submodule. 
When the
attacker injects configuration values which specify executables to run (such as
`core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote 
code
execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 
2.34.8,
2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid 
running
`git submodule deinit` on untrusted repositories or without prior inspection of 
any
submodule sections in `$GIT_DIR/config`.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29007

Upstream patches:
https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4
https://github.com/git/git/commit/29198213c9163c1d552ee2bdbf78d2b09ccc98b8
https://github.com/git/git/commit/a5bb10fd5e74101e7c07da93e7c32bbe60f6173a
https://github.com/git/git/commit/e91cfe6085c4a61372d1f800b473b73b8d225d0d
https://github.com/git/git/commit/3bb3d6bac5f2b496dfa2862dc1a84cbfa9b4449a

Signed-off-by: Archana Polampalli 
Signed-off-by: Steve Sakoman 
---
 .../git/git/CVE-2023-29007.patch  | 162 ++
 meta/recipes-devtools/git/git_2.35.7.bb   |   1 +
 2 files changed, 163 insertions(+)
 create mode 100644 meta/recipes-devtools/git/git/CVE-2023-29007.patch

diff --git a/meta/recipes-devtools/git/git/CVE-2023-29007.patch 
b/meta/recipes-devtools/git/git/CVE-2023-29007.patch
new file mode 100644
index 00..472f4022b2
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2023-29007.patch
@@ -0,0 +1,162 @@
+From 057c07a7b1fae22fdeef26c243f4cfbe3afc90ce Mon Sep 17 00:00:00 2001
+From: Taylor Blau 
+Date: Fri, 14 Apr 2023 11:46:59 -0400
+Subject: [PATCH] Merge branch 'tb/config-copy-or-rename-in-file-injection'
+
+Avoids issues with renaming or deleting sections with long lines, where
+configuration values may be interpreted as sections, leading to
+configuration injection. Addresses CVE-2023-29007.
+
+* tb/config-copy-or-rename-in-file-injection:
+  config.c: disallow overly-long lines in `copy_or_rename_section_in_file()`
+  config.c: avoid integer truncation in `copy_or_rename_section_in_file()`
+  config: avoid fixed-sized buffer when renaming/deleting a section
+  t1300: demonstrate failure when renaming sections with long lines
+
+Signed-off-by: Taylor Blau 
+
+Upstream-Status: Backport
+CVE: CVE-2023-29007
+
+Reference to upstream patch:
+https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4
+
+Signed-off-by: Archana Polampalli 
+---
+ config.c  | 36 +---
+ t/t1300-config.sh | 30 ++
+ 2 files changed, 55 insertions(+), 11 deletions(-)
+
+diff --git a/config.c b/config.c
+index 2bffa8d..6a01938 100644
+--- a/config.c
 b/config.c
+@@ -3192,9 +3192,10 @@ void git_config_set_multivar(const char *key, const 
char *value,
+   flags);
+ }
+
+-static int section_name_match (const char *buf, const char *name)
++static size_t section_name_match (const char *buf, const char *name)
+ {
+-  int i = 0, j = 0, dot = 0;
++  size_t i = 0, j = 0;
++  int dot = 0;
+   if (buf[i] != '[')
+   return 0;
+   for (i = 1; buf[i] && buf[i] != ']'; i++) {
+@@ -3247,6 +3248,8 @@ static int section_name_is_ok(const char *name)
+   return 1;
+ }
+
++#define GIT_CONFIG_MAX_LINE_LEN (512 * 1024)
++
+ /* if new_name == NULL, the section is removed instead */
+ static int git_config_copy_or_rename_section_in_file(const char 
*config_filename,
+ const char *old_name,
+@@ -3256,11 +3259,12 @@ static int 
git_config_copy_or_rename_section_in_file(const char *config_filename
+   char *filename_buf = NULL;
+   struct lock_file lock = LOCK_INIT;
+   int out_fd;
+-  char buf[1024];
++  struct strbuf buf = STRBUF_INIT;
+   FILE *config_file = NULL;
+   struct stat st;
+   struct strbuf copystr = STRBUF_INIT;
+   struct config_store_data store;
++  uint32_t line_nr = 0;
+
+   memset(, 0, sizeof(store));
+
+@@ -3297,16 +3301,25 @@ static int 
git_config_copy_or_rename_section_in_file(const char *config_filename
+   goto out;
+   }
+
+-  while (fgets(buf, sizeof(buf), config_file)) {
+-  unsigned i;
+-  int length;
++  while (!strbuf_getwholeline(, config_file, '\n')) {
++  size_t i, length;
+   int is_section = 0;
+-  char *output = buf;
+-   

[OE-core][kirkstone 00/15] Patch review

[Steve Sakoman]

Please review this set of patches for kirkstone and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5285

The following changes since commit 5fca673d8fe0ee97dc37ed2c9941696842cd667a:

  run-postinsts: Set dependency for ldconfig to avoid boot issues (2023-05-08 
04:15:11 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Archana Polampalli (2):
  git: fix CVE-2023-29007
  git: fix CVE-2023-25652

Bruce Ashfield (1):
  kernel: improve initramfs bundle processing time

Dmitry Baryshkov (1):
  linux-firmware: upgrade 20230210 -> 20230404

Martin Jansa (1):
  populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO
override

Peter Bergin (1):
  update-alternatives.bbclass: fix old override syntax

Peter Marko (1):
  libxml2: patch CVE-2023-28484 and CVE-2023-29469

Piotr Łobacz (1):
  libarchive: Enable acls, xattr for native as well as target

Steve Sakoman (1):
  Revert "xserver-xorg: backport fix for CVE-2023-1393"

Thomas Roos (1):
  oeqa/utils/metadata.py: Fix running oe-selftest running with no distro
set

Wang Mingyu (2):
  wpebackend-fdo: upgrade 1.14.0 -> 1.14.2
  xserver-xorg: upgrade 21.1.7 -> 21.1.8

Yoann Congal (1):
  linux-yocto: Exclude 121 CVEs already fixed upstream

Zhixiong Chi (1):
  libpam: Fix the xtests/tst-pam_motd[1|3] failures

bkyleruss...@gmail.com (1):
  kernel-devsrc: depend on python3-core instead of python3

 meta/classes/kernel.bbclass   |   2 +-
 meta/classes/populate_sdk_ext.bbclass |   3 +-
 meta/classes/update-alternatives.bbclass  |   4 +-
 meta/lib/oeqa/utils/metadata.py   |   6 +-
 .../libxml/libxml2/CVE-2023-28484.patch   |  79 ++
 .../libxml/libxml2/CVE-2023-29469.patch   |  42 +
 meta/recipes-core/libxml/libxml2_2.9.14.bb|   2 +
 .../git/git/CVE-2023-25652.patch  |  94 ++
 .../git/git/CVE-2023-29007.patch  | 162 
 meta/recipes-devtools/git/git_2.35.7.bb   |   2 +
 .../libarchive/libarchive_3.6.2.bb|   6 +-
 ...rely-on-all-filesystems-providing-a-.patch | 108 +++
 meta/recipes-extended/pam/libpam_1.5.2.bb |   1 +
 ...posite-Fix-use-after-free-of-the-COW.patch |  46 -
 ...-xorg_21.1.7.bb => xserver-xorg_21.1.8.bb} |   5 +-
 ...20230210.bb => linux-firmware_20230404.bb} |   6 +-
 meta/recipes-kernel/linux/cve-exclusion.inc   | 875 ++
 meta/recipes-kernel/linux/kernel-devsrc.bb|   2 +-
 meta/recipes-kernel/linux/linux-yocto.inc |   3 +
 ...fdo_1.14.0.bb => wpebackend-fdo_1.14.2.bb} |   2 +-
 20 files changed, 1384 insertions(+), 66 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-28484.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-29469.patch
 create mode 100644 meta/recipes-devtools/git/git/CVE-2023-25652.patch
 create mode 100644 meta/recipes-devtools/git/git/CVE-2023-29007.patch
 create mode 100644 
meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
 delete mode 100644 
meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.7.bb => 
xserver-xorg_21.1.8.bb} (80%)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230210.bb => 
linux-firmware_20230404.bb} (99%)
 create mode 100644 meta/recipes-kernel/linux/cve-exclusion.inc
 rename meta/recipes-sato/webkit/{wpebackend-fdo_1.14.0.bb => 
wpebackend-fdo_1.14.2.bb} (90%)

-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181085): 
https://lists.openembedded.org/g/openembedded-core/message/181085
Mute This Topic: https://lists.openembedded.org/mt/98795088/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

[Douglas Royds via lists.openembedded.org]

On 9/05/23 9:32 pm, Mikko Rapeli wrote:

On Tue, May 09, 2023 at 09:02:59AM +, Ross Burton wrote:

On 8 May 2023, at 09:57, Adrian Freihofer via 
lists.openembedded.org  
wrote:
Is there any defined language that we can simply adopt?

Since a lot of people talk about SPDX solving these issues would be nice
to know how that is going to work. I can't parse
https://spdx.github.io/spdx-spec/v2.3/how-to-use/#k17-linking-to-a-code-fix-for-a-security-issue
and figure out how to mark a CVE issue which has been ignored after
analysis.



Perhaps this?

https://spdx.github.io/spdx-spec/v2.3/how-to-use/#k16-linking-to-a-vulnerability-disclosure-document

   To communicate that a package is not vulnerable to a specific
   vulnerability it is recommended to reference a web page indicating
   why given vulnerabilities are not applicable.

   |"externalRefs" : [ { "referenceCategory" : "SECURITY",
   "referenceLocator" :
   "https://example.com/product-x/security-info.html;, "referenceType"
   : "advisory" } ] |

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181084): 
https://lists.openembedded.org/g/openembedded-core/message/181084
Mute This Topic: https://lists.openembedded.org/mt/98703185/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell][PATCH] connman: Fix CVE-2023-28488 DoS in client.c

[Ashish Sharma]

Avoid overwriting the read packet length after the initial test. Thus
move all the length checks which depends on the total length first
and do not use the total lenght from the IP packet afterwards.

Fixes CVE-2023-28488

Reported by Polina Smirnova 

Signed-off-by: Ashish Sharma 
---
 .../connman/connman/CVE-2023-28488.patch  | 54 +++
 .../connman/connman_1.37.bb   |  1 +
 2 files changed, 55 insertions(+)
 create mode 100644 
meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch

diff --git a/meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch 
b/meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch
new file mode 100644
index 00..ea1601cc04
--- /dev/null
+++ b/meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch
@@ -0,0 +1,54 @@
+From 99e2c16ea1cced34a5dc450d76287a1c3e762138 Mon Sep 17 00:00:00 2001
+From: Daniel Wagner 
+Date: Tue, 11 Apr 2023 08:12:56 +0200
+Subject: gdhcp: Verify and sanitize packet length first
+
+Upstream-Status: Backport 
[https://git.kernel.org/pub/scm/network/connman/connman.git/patch/?id=99e2c16ea1cced34a5dc450d76287a1c3e762138]
+CVE: CVE-2023-28488
+Signed-off-by: Ashish Sharma 
+
+ gdhcp/client.c | 16 +---
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/gdhcp/client.c b/gdhcp/client.c
+index 7efa7e45..82017692 100644
+--- a/gdhcp/client.c
 b/gdhcp/client.c
+@@ -1319,9 +1319,9 @@ static bool sanity_check(struct ip_udp_dhcp_packet 
*packet, int bytes)
+ static int dhcp_recv_l2_packet(struct dhcp_packet *dhcp_pkt, int fd,
+   struct sockaddr_in *dst_addr)
+ {
+-  int bytes;
+   struct ip_udp_dhcp_packet packet;
+   uint16_t check;
++  int bytes, tot_len;
+ 
+   memset(, 0, sizeof(packet));
+ 
+@@ -1329,15 +1329,17 @@ static int dhcp_recv_l2_packet(struct dhcp_packet 
*dhcp_pkt, int fd,
+   if (bytes < 0)
+   return -1;
+ 
+-  if (bytes < (int) (sizeof(packet.ip) + sizeof(packet.udp)))
+-  return -1;
+-
+-  if (bytes < ntohs(packet.ip.tot_len))
++  tot_len = ntohs(packet.ip.tot_len);
++  if (bytes > tot_len) {
++  /* ignore any extra garbage bytes */
++  bytes = tot_len;
++  } else if (bytes < tot_len) {
+   /* packet is bigger than sizeof(packet), we did partial read */
+   return -1;
++  }
+ 
+-  /* ignore any extra garbage bytes */
+-  bytes = ntohs(packet.ip.tot_len);
++  if (bytes < (int) (sizeof(packet.ip) + sizeof(packet.udp)))
++  return -1;
+ 
+   if (!sanity_check(, bytes))
+   return -1;
+-- 
+cgit 
+
diff --git a/meta/recipes-connectivity/connman/connman_1.37.bb 
b/meta/recipes-connectivity/connman/connman_1.37.bb
index 73d7f7527e..8062a094d3 100644
--- a/meta/recipes-connectivity/connman/connman_1.37.bb
+++ b/meta/recipes-connectivity/connman/connman_1.37.bb
@@ -14,6 +14,7 @@ SRC_URI  = 
"${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
 file://CVE-2022-23098.patch \
 file://CVE-2022-32292.patch \
 file://CVE-2022-32293.patch \
+file://CVE-2023-28488.patch \
 "
 
 SRC_URI_append_libc-musl = " 
file://0002-resolve-musl-does-not-implement-res_ninit.patch"
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181083): 
https://lists.openembedded.org/g/openembedded-core/message/181083
Mute This Topic: https://lists.openembedded.org/mt/98790280/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 27/27] gcr: consider all versions, not only x.even.y

[Alexander Kanavin]

For example 4.1 is stable:
https://gitlab.gnome.org/GNOME/gcr/-/tags

Signed-off-by: Alexander Kanavin 
---
 meta/recipes-gnome/gcr/gcr_4.1.0.bb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/recipes-gnome/gcr/gcr_4.1.0.bb 
b/meta/recipes-gnome/gcr/gcr_4.1.0.bb
index 0cc466b6146..239d9806cce 100644
--- a/meta/recipes-gnome/gcr/gcr_4.1.0.bb
+++ b/meta/recipes-gnome/gcr/gcr_4.1.0.bb
@@ -17,8 +17,7 @@ CFLAGS += "-D_GNU_SOURCE"
 
 GNOMEBASEBUILDCLASS = "meson"
 GTKDOC_MESON_OPTION = "gtk_doc"
-inherit gnomebase gtk-icon-cache gi-docgen features_check 
upstream-version-is-even vala gobject-introspection gettext mime mime-xdg
-UPSTREAM_CHECK_REGEX = "gcr-(?P\d+\.(\d*[02468])+(\.\d+)+)\.tar.xz"
+inherit gnomebase gtk-icon-cache gi-docgen features_check vala 
gobject-introspection gettext mime mime-xdg
 
 REQUIRED_DISTRO_FEATURES = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 
'opengl', '', d)}"
 
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181081): 
https://lists.openembedded.org/g/openembedded-core/message/181081
Mute This Topic: https://lists.openembedded.org/mt/98788942/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 21/27] libatomic-ops: update 7.6.14 -> 7.8.0

[Alexander Kanavin]

License-update: file relocated, formatting.

Signed-off-by: Alexander Kanavin 
---
 .../{libatomic-ops_7.6.14.bb => libatomic-ops_7.8.0.bb}   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-support/libatomic-ops/{libatomic-ops_7.6.14.bb => 
libatomic-ops_7.8.0.bb} (80%)

diff --git a/meta/recipes-support/libatomic-ops/libatomic-ops_7.6.14.bb 
b/meta/recipes-support/libatomic-ops/libatomic-ops_7.8.0.bb
similarity index 80%
rename from meta/recipes-support/libatomic-ops/libatomic-ops_7.6.14.bb
rename to meta/recipes-support/libatomic-ops/libatomic-ops_7.8.0.bb
index fbfbdacbdd6..d4b77f62447 100644
--- a/meta/recipes-support/libatomic-ops/libatomic-ops_7.6.14.bb
+++ b/meta/recipes-support/libatomic-ops/libatomic-ops_7.8.0.bb
@@ -5,13 +5,13 @@ SECTION = "optional"
 PROVIDES += "libatomics-ops"
 LICENSE = "GPL-2.0-only & MIT"
 LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
-
file://doc/LICENSING.txt;md5=dfc50c7cea7b66935844587a0f7389e7 \
+file://LICENSE;md5=5700d28353dfa2f191ca9b1bd707865e \
 "
 
 SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/libatomic_ops-${PV}.tar.gz"
 GITHUB_BASE_URI = "https://github.com/ivmai/libatomic_ops/releases;
 
-SRC_URI[sha256sum] = 
"390f244d424714735b7050d056567615b3b8f29008a663c262fb548f1802d292"
+SRC_URI[sha256sum] = 
"15676e7674e11bda5a7e50a73f4d9e7d60452271b8acf6fd39a71fefdf89fa31"
 
 S = "${WORKDIR}/libatomic_ops-${PV}"
 
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181076): 
https://lists.openembedded.org/g/openembedded-core/message/181076
Mute This Topic: https://lists.openembedded.org/mt/98788936/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 26/27] createrepo-c: update 0.20.1 -> 0.21.1

[Alexander Kanavin]

Signed-off-by: Alexander Kanavin 
---
 .../0001-include-rpm-rpmstring.h.patch|  9 +++--
 ...arser.c-add-a-missing-parameter-name.patch | 39 +++
 ...epo-c_0.20.1.bb => createrepo-c_0.21.1.bb} |  3 +-
 3 files changed, 47 insertions(+), 4 deletions(-)
 create mode 100644 
meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
 rename meta/recipes-devtools/createrepo-c/{createrepo-c_0.20.1.bb => 
createrepo-c_0.21.1.bb} (92%)

diff --git 
a/meta/recipes-devtools/createrepo-c/createrepo-c/0001-include-rpm-rpmstring.h.patch
 
b/meta/recipes-devtools/createrepo-c/createrepo-c/0001-include-rpm-rpmstring.h.patch
index a249eaf5a19..b7e5710b391 100644
--- 
a/meta/recipes-devtools/createrepo-c/createrepo-c/0001-include-rpm-rpmstring.h.patch
+++ 
b/meta/recipes-devtools/createrepo-c/createrepo-c/0001-include-rpm-rpmstring.h.patch
@@ -1,7 +1,7 @@
-From 8defe6aaf91613c3fcb540df65a94cd56d377367 Mon Sep 17 00:00:00 2001
+From eb66326c3fc6e942282d01ddd56659c78ed7400b Mon Sep 17 00:00:00 2001
 From: Khem Raj 
 Date: Fri, 13 Jan 2023 13:21:51 -0800
-Subject: [PATCH 1/2] include rpm/rpmstring.h
+Subject: [PATCH] include rpm/rpmstring.h
 
 Its needed for rasprintf declaration
 
@@ -11,10 +11,13 @@ on 'rasprintf'; ISO C99 and later do not support implicit 
function declarations
 
 Upstream-Status: Submitted 
[https://github.com/rpm-software-management/createrepo_c/pull/340]
 Signed-off-by: Khem Raj 
+
 ---
  src/xml_file.c | 1 +
  1 file changed, 1 insertion(+)
 
+diff --git a/src/xml_file.c b/src/xml_file.c
+index d2400b8..871109c 100644
 --- a/src/xml_file.c
 +++ b/src/xml_file.c
 @@ -19,6 +19,7 @@
@@ -23,5 +26,5 @@ Signed-off-by: Khem Raj 
  #include 
 +#include 
  #include 
+ #include 
  #include "xml_file.h"
- #include 
diff --git 
a/meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
 
b/meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
new file mode 100644
index 000..0d1c6b08fbc
--- /dev/null
+++ 
b/meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
@@ -0,0 +1,39 @@
+From 970b901e1999f415da8bac205f526c808ddad0ba Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin 
+Date: Mon, 8 May 2023 10:40:43 +0200
+Subject: [PATCH] src/cmd_parser.c: add a missing parameter name
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This resolves the following error with older versions of gcc:
+| 
/srv/storage/alex/yocto/build-32/tmp/work/x86_64-linux/createrepo-c-native/0.21.1-r0/git/src/cmd_parser.c:
 In function ‘duplicated_nevra_option_parser’:
+| 
/srv/storage/alex/yocto/build-32/tmp/work/x86_64-linux/createrepo-c-native/0.21.1-r0/git/src/cmd_parser.c:76:32:
 error: parameter name omitted
+|76 | duplicated_nevra_option_parser(const gchar *,
+|   |^
+| 
/srv/storage/alex/yocto/build-32/tmp/work/x86_64-linux/createrepo-c-native/0.21.1-r0/git/src/cmd_parser.c:78:32:
 error: parameter name omitted
+|78 |gpointer,
+|   |^~~~
+
+Upstream-Status: Submitted 
[https://github.com/rpm-software-management/createrepo_c/pull/366]
+Signed-off-by: Alexander Kanavin 
+---
+ src/cmd_parser.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/cmd_parser.c b/src/cmd_parser.c
+index 97c9ea7..63af7ea 100644
+--- a/src/cmd_parser.c
 b/src/cmd_parser.c
+@@ -73,9 +73,9 @@ struct CmdOptions _cmd_options = {
+ 
+ 
+ gboolean
+-duplicated_nevra_option_parser(const gchar *,
++duplicated_nevra_option_parser(const gchar *option_name,
+const gchar *value,
+-   gpointer,
++   gpointer data,
+GError **error)
+ {
+ if (!g_strcmp0(value, "keep"))
diff --git a/meta/recipes-devtools/createrepo-c/createrepo-c_0.20.1.bb 
b/meta/recipes-devtools/createrepo-c/createrepo-c_0.21.1.bb
similarity index 92%
rename from meta/recipes-devtools/createrepo-c/createrepo-c_0.20.1.bb
rename to meta/recipes-devtools/createrepo-c/createrepo-c_0.21.1.bb
index 1c4cdd5e3c0..5080131dc1e 100644
--- a/meta/recipes-devtools/createrepo-c/createrepo-c_0.20.1.bb
+++ b/meta/recipes-devtools/createrepo-c/createrepo-c_0.21.1.bb
@@ -7,9 +7,10 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
 SRC_URI = 
"git://github.com/rpm-software-management/createrepo_c;branch=master;protocol=https
 \
file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \
file://0001-include-rpm-rpmstring.h.patch \
+   file://0001-src-cmd_parser.c-add-a-missing-parameter-name.patch \
"
 
-SRCREV = "af14e164a3e4ab9dfaef1212e852b9ecebc326a2"
+SRCREV = 

[OE-core] [PATCH 23/27] libgpg-error: update 1.46 -> 1.47

[Alexander Kanavin]

License-Update: copyright years

Signed-off-by: Alexander Kanavin 
---
 .../libgpg-error/libgpg-error/pkgconfig.patch | 59 ++-
 ...gpg-error_1.46.bb => libgpg-error_1.47.bb} |  4 +-
 2 files changed, 45 insertions(+), 18 deletions(-)
 rename meta/recipes-support/libgpg-error/{libgpg-error_1.46.bb => 
libgpg-error_1.47.bb} (92%)

diff --git a/meta/recipes-support/libgpg-error/libgpg-error/pkgconfig.patch 
b/meta/recipes-support/libgpg-error/libgpg-error/pkgconfig.patch
index 75c1febc10f..3d886bcaa40 100644
--- a/meta/recipes-support/libgpg-error/libgpg-error/pkgconfig.patch
+++ b/meta/recipes-support/libgpg-error/libgpg-error/pkgconfig.patch
@@ -1,4 +1,4 @@
-From e10f93167c76c477a7b97286cfac603795bf28d8 Mon Sep 17 00:00:00 2001
+From b0df1cb468264a9bb9113524f0e1318c456b2348 Mon Sep 17 00:00:00 2001
 From: Hongxu Jia 
 Date: Thu, 29 Mar 2018 15:12:17 +0800
 Subject: [PATCH] support pkgconfig
@@ -14,17 +14,19 @@ Signed-off-by: Armin Kuster 
 Signed-off-by: Zheng Ruoqin 
 
 ---
- src/gpg-error.m4 | 165 +--
- 1 file changed, 3 insertions(+), 162 deletions(-)
+ src/gpg-error.m4 | 192 ++-
+ 1 file changed, 5 insertions(+), 187 deletions(-)
 
 diff --git a/src/gpg-error.m4 b/src/gpg-error.m4
-index a975e53..af4bf2f 100644
+index 7fa52b1..15a0859 100644
 --- a/src/gpg-error.m4
 +++ b/src/gpg-error.m4
-@@ -27,162 +27,12 @@ dnl is added to the gpg_config_script_warn variable.
+@@ -15,187 +15,14 @@
  dnl
- AC_DEFUN([AM_PATH_GPG_ERROR],
- [ AC_REQUIRE([AC_CANONICAL_HOST])
+ dnl Find gpg-error-config, for backward compatibility
+ dnl
+-dnl _AM_PATH_POSSIBLE_GPG_ERROR_CONFIG
+-AC_DEFUN([_AM_PATH_POSSIBLE_GPG_ERROR_CONFIG],[dnl
 -  gpg_error_config_prefix=""
 -  dnl --with-libgpg-error-prefix=PFX is the preferred name for this option,
 -  dnl since that is consistent with how our three siblings use the directory/
@@ -60,9 +62,14 @@ index a975e53..af4bf2f 100644
 -  fi
 -
 -  AC_PATH_PROG(GPG_ERROR_CONFIG, gpg-error-config, no)
--  min_gpg_error_version=ifelse([$1], ,1.33,$1)
--  ok=no
+-])
 -
+-dnl
+-dnl Find gpgrt-config, which uses .pc file
+-dnl (minimum pkg-config functionality, supporting cross build)
+-dnl
+-dnl _AM_PATH_GPGRT_CONFIG
+-AC_DEFUN([_AM_PATH_GPGRT_CONFIG],[dnl
 -  AC_PATH_PROG(GPGRT_CONFIG, gpgrt-config, no, [$prefix/bin:$PATH])
 -  if test "$GPGRT_CONFIG" != "no"; then
 -# Determine gpgrt_libdir
@@ -118,12 +125,9 @@ index a975e53..af4bf2f 100644
 -fi
 -if test -n "$gpgrt_libdir"; then break; fi
 -  done
--  if test -z "$libdir_candidates"; then
--# No valid pkgconfig dir in any of the system directories, fallback
--gpgrt_libdir=${possible_libdir1}
--  fi
--else
--  # When we cannot determine system libdir-format, use this:
+-fi
+-if test -z "$gpgrt_libdir"; then
+-  # No valid pkgconfig dir in any of the system directories, fallback
 -  gpgrt_libdir=${possible_libdir1}
 -fi
 -  else
@@ -137,12 +141,33 @@ index a975e53..af4bf2f 100644
 -  AC_MSG_NOTICE([Use gpgrt-config with $gpgrt_libdir as gpg-error-config])
 -  gpg_error_config_version=`$GPG_ERROR_CONFIG --modversion`
 -else
+-  gpg_error_config_version=`$GPG_ERROR_CONFIG --version`
 -  unset GPGRT_CONFIG
 -fi
 -  elif test "$GPG_ERROR_CONFIG" != "no"; then
 -gpg_error_config_version=`$GPG_ERROR_CONFIG --version`
 -unset GPGRT_CONFIG
 -  fi
+-])
+-
+-dnl AM_PATH_GPG_ERROR([MINIMUM-VERSION,
+-dnl   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+-dnl
+-dnl Test for libgpg-error and define GPG_ERROR_CFLAGS, GPG_ERROR_LIBS,
+-dnl GPG_ERROR_MT_CFLAGS, and GPG_ERROR_MT_LIBS.  The _MT_ variants are
+-dnl used for programs requireing real multi thread support.
+-dnl
+-dnl If a prefix option is not used, the config script is first
+-dnl searched in $SYSROOT/bin and then along $PATH.  If the used
+-dnl config script does not match the host specification the script
+-dnl is added to the gpg_config_script_warn variable.
+-dnl
+-AC_DEFUN([AM_PATH_GPG_ERROR],[dnl
+-AC_REQUIRE([AC_CANONICAL_HOST])dnl
+-AC_REQUIRE([_AM_PATH_POSSIBLE_GPG_ERROR_CONFIG])dnl
+-AC_REQUIRE([_AM_PATH_GPGRT_CONFIG])dnl
+-  min_gpg_error_version=ifelse([$1], ,1.33,$1)
+-  ok=no
 -  if test "$GPG_ERROR_CONFIG" != "no"; then
 -req_major=`echo $min_gpg_error_version | \
 -   sed 's/\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
@@ -163,6 +188,8 @@ index a975e53..af4bf2f 100644
 -fi
 -  fi
 -  AC_MSG_CHECKING(for GPG Error - version >= $min_gpg_error_version)
++AC_DEFUN([AM_PATH_GPG_ERROR],
++[ AC_REQUIRE([AC_CANONICAL_HOST])
 +  min_gpg_error_version=ifelse([$1], ,0.0,$1)
 +  PKG_CHECK_MODULES(GPG_ERROR, [gpg-error >= $min_gpg_error_version], 
[ok=yes], [ok=no])
if test $ok = yes; then
@@ -187,7 +214,7 @@ index a975e53..af4bf2f 100644
  fi
  if test x"$gpg_error_config_host" != xnone ; then
if test x"$gpg_error_config_host" != x"$host" ; then

[OE-core] [PATCH 25/27] gdb: enable python PACKAGECONFIG

[Alexander Kanavin]

This is required by latest valgrind ptests.

Signed-off-by: Alexander Kanavin 
---
 meta/recipes-devtools/gdb/gdb-common.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/gdb/gdb-common.inc 
b/meta/recipes-devtools/gdb/gdb-common.inc
index 9db61b785f3..5a41cd17dc6 100644
--- a/meta/recipes-devtools/gdb/gdb-common.inc
+++ b/meta/recipes-devtools/gdb/gdb-common.inc
@@ -30,7 +30,7 @@ EXTRA_OECONF = "--disable-gdbtk --disable-x --disable-werror \
 --with-libgmp-prefix=${STAGING_EXECPREFIXDIR} \
 "
 
-PACKAGECONFIG ??= "readline ${@bb.utils.filter('DISTRO_FEATURES', 
'debuginfod', d)}"
+PACKAGECONFIG ??= "readline ${@bb.utils.filter('DISTRO_FEATURES', 
'debuginfod', d)} python"
 # Use --without-system-readline to compile with readline 5.
 PACKAGECONFIG[readline] = 
"--with-system-readline,--without-system-readline,readline"
 PACKAGECONFIG[python] = 
"--with-python=${WORKDIR}/python,--without-python,python3,python3 
python3-codecs"
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181080): 
https://lists.openembedded.org/g/openembedded-core/message/181080
Mute This Topic: https://lists.openembedded.org/mt/98788941/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 24/27] Remove usage of /var/volatile/tmp

[Alexander Kanavin]

From: Markus Volk 

Glib-2.0 uses ptest to ensure that /tmp is not a symlink.

This commit tries to align tmpdir usage. The symlinks for /tmp and /var/tmp are
replaced by directories and by default a tmpfs is mounted in /tmp.
/var/volatile/tmp is removed.

(From OE-Core rev: 3563f05df246f9fd24d7b20a65ce77787ed508b6)

Signed-off-by: Markus Volk 
Signed-off-by: Alexandre Belloni 
Signed-off-by: Richard Purdie 
---
 meta/conf/bitbake.conf|  4 ---
 meta/files/fs-perms-persistent-log.txt|  2 --
 meta/files/fs-perms.txt   |  2 --
 .../lib/oeqa/files/buildhistory_filelist1.txt |  1 -
 .../lib/oeqa/files/buildhistory_filelist2.txt |  1 -
 meta/recipes-core/base-files/base-files/fstab |  1 +
 .../base-files/base-files_3.0.14.bb   |  4 +--
 .../initscripts-1.0/populate-volatile.sh  |  2 +-
 .../initscripts/initscripts-1.0/volatiles |  5 ++-
 .../initscripts/initscripts_1.0.bb|  3 --
 .../systemd/systemd/00-create-volatile.conf   |  4 +--
 meta/recipes-core/systemd/systemd_253.3.bb|  7 
 meta/recipes-core/udev/eudev/init |  4 ---
 .../e2fsprogs/e2fsprogs/run-ptest |  2 +-
 ...eak_cmsg.stderr.exp-adjust-tmp-paths.patch | 34 ---
 .../valgrind/valgrind_3.21.0.bb   |  1 -
 16 files changed, 8 insertions(+), 69 deletions(-)
 delete mode 100644 
meta/recipes-devtools/valgrind/valgrind/0001-none-tests-fdleak_cmsg.stderr.exp-adjust-tmp-paths.patch

diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 2db84a46eed..d94ffe1df99 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -90,10 +90,6 @@ ROOT_HOME ??= "/home/root"
 # If set to boolean false ('no', 'n', 'false', 'f', '0'), /var/log is on 
persistent storage.
 VOLATILE_LOG_DIR ?= "yes"
 
-# if set to 'yes': /tmp links to /var/tmp which links to /var/volatile/tmp
-# otherwise:   /tmp is on persistent storage
-VOLATILE_TMP_DIR ?= "yes"
-
 BB_RENAMED_VARIABLES[PNBLACKLIST] = "SKIP_RECIPE"
 BB_RENAMED_VARIABLES[CVE_CHECK_PN_WHITELIST] = "CVE_CHECK_SKIP_RECIPE"
 BB_RENAMED_VARIABLES[CVE_CHECK_WHITELIST] = "CVE_CHECK_IGNORE"
diff --git a/meta/files/fs-perms-persistent-log.txt 
b/meta/files/fs-perms-persistent-log.txt
index 518c1be3c93..326c0ed0924 100644
--- a/meta/files/fs-perms-persistent-log.txt
+++ b/meta/files/fs-perms-persistent-log.txt
@@ -47,7 +47,6 @@ ${oldincludedir}  0755rootroottrue0644
rootroot
 # Links
 ${localstatedir}/run   link/run
 ${localstatedir}/lock  link/run/lock
-${localstatedir}/tmp   linkvolatile/tmp
 
 /home  0755rootrootfalse - - -
 /srv   0755rootrootfalse - - -
@@ -57,7 +56,6 @@ ${localstatedir}/local0755rootroot
false - - -
 # Special permissions from base-files
 # Set 1777
 /tmp   01777   rootrootfalse - - -
-${localstatedir}/volatile/tmp  01777   rootrootfalse - - -
 
 # Set 0700
 ${ROOT_HOME}   0700rootrootfalse - - -
diff --git a/meta/files/fs-perms.txt b/meta/files/fs-perms.txt
index daa4aed840f..ed59311035d 100644
--- a/meta/files/fs-perms.txt
+++ b/meta/files/fs-perms.txt
@@ -48,7 +48,6 @@ ${oldincludedir}  0755rootroottrue0644
rootroot
 ${localstatedir}/run   link/run
 ${localstatedir}/log   linkvolatile/log
 ${localstatedir}/lock  link/run/lock
-${localstatedir}/tmp   linkvolatile/tmp
 
 /home  0755rootrootfalse - - -
 /srv   0755rootrootfalse - - -
@@ -58,7 +57,6 @@ ${localstatedir}/local0755rootroot
false - - -
 # Special permissions from base-files
 # Set 1777
 /tmp   01777   rootrootfalse - - -
-${localstatedir}/volatile/tmp  01777   rootrootfalse - - -
 
 # Set 0700
 ${ROOT_HOME}   0700rootrootfalse - - -
diff --git a/meta/lib/oeqa/files/buildhistory_filelist1.txt 
b/meta/lib/oeqa/files/buildhistory_filelist1.txt
index 8d882895ad5..ec500173838 100644
--- a/meta/lib/oeqa/files/buildhistory_filelist1.txt
+++ b/meta/lib/oeqa/files/buildhistory_filelist1.txt
@@ -9210,5 +9210,4 @@ lrwxrwxrwx root   root   12 ./var/log -> 
volatile/log
 lrwxrwxrwx root   root6 ./var/run -> ../run
 drwxr-xr-x root   root 4096 ./var/spool
 drwxrwxr-x root   mail 4096 ./var/spool/mail
-lrwxrwxrwx root   root   12 ./var/tmp -> volatile/tmp
 drwxr-xr-x root   root 4096 ./var/volatile
diff --git a/meta/lib/oeqa/files/buildhistory_filelist2.txt 
b/meta/lib/oeqa/files/buildhistory_filelist2.txt
index ac6307060df..cedec51c382 100644
--- a/meta/lib/oeqa/files/buildhistory_filelist2.txt
+++ b/meta/lib/oeqa/files/buildhistory_filelist2.txt
@@ -9213,5 +9213,4 @@ lrwxrwxrwx root   root 

[OE-core] [PATCH 20/27] gpgme: update 1.18.0 -> 1.20.0

[Alexander Kanavin]

Rebase patches.

Signed-off-by: Alexander Kanavin 
---
 ...e-gpgme.m4-use-gpgrt-config-with-.pc.patch | 40 +++--
 .../gpgme/gpgme/0001-pkgconfig.patch  | 81 ++-
 ...n-gpg-error-config-should-not-be-use.patch | 34 +++-
 .../0008-do-not-auto-check-var-PYTHON.patch   | 13 +--
 .../{gpgme_1.18.0.bb => gpgme_1.20.0.bb}  |  2 +-
 5 files changed, 71 insertions(+), 99 deletions(-)
 rename meta/recipes-support/gpgme/{gpgme_1.18.0.bb => gpgme_1.20.0.bb} (97%)

diff --git 
a/meta/recipes-support/gpgme/gpgme/0001-Revert-build-Make-gpgme.m4-use-gpgrt-config-with-.pc.patch
 
b/meta/recipes-support/gpgme/gpgme/0001-Revert-build-Make-gpgme.m4-use-gpgrt-config-with-.pc.patch
index 0c15cc7c38f..8ed39280cac 100644
--- 
a/meta/recipes-support/gpgme/gpgme/0001-Revert-build-Make-gpgme.m4-use-gpgrt-config-with-.pc.patch
+++ 
b/meta/recipes-support/gpgme/gpgme/0001-Revert-build-Make-gpgme.m4-use-gpgrt-config-with-.pc.patch
@@ -1,4 +1,4 @@
-From a001b3c23bf80fd752044615b9bba6b926ff9666 Mon Sep 17 00:00:00 2001
+From ee1421f7a7a9f31400ba992a5be52b88d20170c9 Mon Sep 17 00:00:00 2001
 From: Hongxu Jia 
 Date: Fri, 10 May 2019 14:18:04 +0800
 Subject: [PATCH] Revert "build: Make gpgme.m4 use gpgrt-config with *.pc."
@@ -10,36 +10,21 @@ The oe-core does not support gpgrt-config, so revert it
 Upstream-Status: Inappropriate [oe-core specific]
 
 Signed-off-by: Hongxu Jia 
+
 ---
- src/gpgme.m4 | 58 +---
- 1 file changed, 10 insertions(+), 48 deletions(-)
+ src/gpgme.m4 | 54 
+ 1 file changed, 8 insertions(+), 46 deletions(-)
 
 diff --git a/src/gpgme.m4 b/src/gpgme.m4
-index c749a5d..8579146 100644
+index f2906c1..8cc2898 100644
 --- a/src/gpgme.m4
 +++ b/src/gpgme.m4
-@@ -1,5 +1,5 @@
- # gpgme.m4 - autoconf macro to detect GPGME.
--# Copyright (C) 2002, 2003, 2004, 2014, 2018 g10 Code GmbH
-+# Copyright (C) 2002, 2003, 2004, 2014 g10 Code GmbH
- #
- # This file is free software; as a special exception the author gives
- # unlimited permission to copy and/or distribute it, with or without
-@@ -9,7 +9,7 @@
- # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
- # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
- #
--# Last-changed: 2020-11-20
-+# Last-changed: 2014-10-02
- 
- 
- AC_DEFUN([_AM_PATH_GPGME_CONFIG],
-@@ -36,24 +36,10 @@ AC_DEFUN([_AM_PATH_GPGME_CONFIG],
+@@ -125,24 +125,10 @@ AC_REQUIRE([_AM_PATH_GPGRT_CONFIG])dnl
   fi
fi
  
 -  use_gpgrt_config=""
--  if test x"${GPGME_CONFIG}" = x -a x"$GPGRT_CONFIG" != x -a "$GPGRT_CONFIG" 
!= "no"; then
+-  if test x"$GPGRT_CONFIG" != x -a "$GPGRT_CONFIG" != "no"; then
 -if $GPGRT_CONFIG gpgme --exists; then
 -  GPGME_CONFIG="$GPGRT_CONFIG gpgme"
 -  AC_MSG_NOTICE([Use gpgrt-config as gpgme-config])
@@ -61,7 +46,7 @@ index c749a5d..8579146 100644
fi
gpgme_version_major=`echo $gpgme_version | \
 sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
-@@ -66,16 +52,12 @@ AC_DEFUN([_AM_PATH_GPGME_CONFIG],
+@@ -155,16 +141,12 @@ AC_REQUIRE([_AM_PATH_GPGRT_CONFIG])dnl
  
  AC_DEFUN([_AM_PATH_GPGME_CONFIG_HOST_CHECK],
  [
@@ -80,7 +65,7 @@ index c749a5d..8579146 100644
  *** built for $gpgme_config_host and thus may not match the
  *** used host $host.
  *** You may want to use the configure option --with-gpgme-prefix
-@@ -136,11 +118,7 @@ AC_DEFUN([AM_PATH_GPGME],
+@@ -225,11 +207,7 @@ AC_DEFUN([AM_PATH_GPGME],
   # If we have a recent GPGME, we should also check that the
   # API is compatible.
   if test "$req_gpgme_api" -gt 0 ; then
@@ -93,7 +78,7 @@ index c749a5d..8579146 100644
  if test "$tmp" -gt 0 ; then
 if test "$req_gpgme_api" -ne "$tmp" ; then
   ok=no
-@@ -280,11 +258,7 @@ AC_DEFUN([AM_PATH_GPGME_GLIB],
+@@ -372,11 +350,7 @@ AC_DEFUN([AM_PATH_GPGME_GLIB],
   # If we have a recent GPGME, we should also check that the
   # API is compatible.
   if test "$req_gpgme_api" -gt 0 ; then
@@ -106,7 +91,7 @@ index c749a5d..8579146 100644
  if test "$tmp" -gt 0 ; then
 if test "$req_gpgme_api" -ne "$tmp" ; then
   ok=no
-@@ -293,20 +267,8 @@ AC_DEFUN([AM_PATH_GPGME_GLIB],
+@@ -385,20 +359,8 @@ AC_DEFUN([AM_PATH_GPGME_GLIB],
   fi
fi
if test $ok = yes; then
@@ -129,6 +114,3 @@ index c749a5d..8579146 100644
  AC_MSG_RESULT(yes)
  ifelse([$2], , :, [$2])
  _AM_PATH_GPGME_CONFIG_HOST_CHECK
--- 
-2.25.1
-
diff --git a/meta/recipes-support/gpgme/gpgme/0001-pkgconfig.patch 
b/meta/recipes-support/gpgme/gpgme/0001-pkgconfig.patch
index 3b2f59c2fcf..738b23cd584 100644
--- a/meta/recipes-support/gpgme/gpgme/0001-pkgconfig.patch
+++ b/meta/recipes-support/gpgme/gpgme/0001-pkgconfig.patch
@@ -1,4 +1,4 @@
-From 0d7ec5b98dc6cbd35f56deaecec5ecfdaa944aee Mon Sep 17 00:00:00 2001
+From f8221238d51066b7a1a5f2917cce2791876ea8b0 Mon Sep 17 00:00:00 2001
 From: Richard Purdie 

[OE-core] [PATCH 22/27] libgcrypt: update 1.10.1 -> 1.10.2

[Alexander Kanavin]

Signed-off-by: Alexander Kanavin 
---
 .../files/0001-libgcrypt-fix-m4-file-for-oe-core.patch |  6 +++---
 ...pt-fix-building-error-with-O2-in-sysroot-path.patch | 10 +-
 .../{libgcrypt_1.10.1.bb => libgcrypt_1.10.2.bb}   |  2 +-
 3 files changed, 9 insertions(+), 9 deletions(-)
 rename meta/recipes-support/libgcrypt/{libgcrypt_1.10.1.bb => 
libgcrypt_1.10.2.bb} (96%)

diff --git 
a/meta/recipes-support/libgcrypt/files/0001-libgcrypt-fix-m4-file-for-oe-core.patch
 
b/meta/recipes-support/libgcrypt/files/0001-libgcrypt-fix-m4-file-for-oe-core.patch
index c873e24ed5f..cbfa30f0ada 100644
--- 
a/meta/recipes-support/libgcrypt/files/0001-libgcrypt-fix-m4-file-for-oe-core.patch
+++ 
b/meta/recipes-support/libgcrypt/files/0001-libgcrypt-fix-m4-file-for-oe-core.patch
@@ -1,4 +1,4 @@
-From 839f38e5ecc22b7f1b837284bbbffac8cb32ab1e Mon Sep 17 00:00:00 2001
+From bcfd89abdb5110b93314297120412d4c7f2da313 Mon Sep 17 00:00:00 2001
 From: Trevor Gamblin 
 Date: Tue, 29 Oct 2019 14:08:32 -0400
 Subject: [PATCH] libgcrypt: fix m4 file for oe-core
@@ -17,7 +17,7 @@ Signed-off-by: Trevor Gamblin 
  1 file changed, 4 insertions(+), 86 deletions(-)
 
 diff --git a/src/libgcrypt.m4 b/src/libgcrypt.m4
-index 19d514f..21125c7 100644
+index cd4249e..e53a36f 100644
 --- a/src/libgcrypt.m4
 +++ b/src/libgcrypt.m4
 @@ -29,41 +29,6 @@ dnl is added to the gpg_config_script_warn variable.
@@ -35,7 +35,7 @@ index 19d514f..21125c7 100644
 -  fi
 -
 -  use_gpgrt_config=""
--  if test x"${LIBGCRYPT_CONFIG}" = x -a x"$GPGRT_CONFIG" != x -a 
"$GPGRT_CONFIG" != "no"; then
+-  if test x"$GPGRT_CONFIG" != x -a "$GPGRT_CONFIG" != "no"; then
 -if $GPGRT_CONFIG libgcrypt --exists; then
 -  LIBGCRYPT_CONFIG="$GPGRT_CONFIG libgcrypt"
 -  AC_MSG_NOTICE([Use gpgrt-config as libgcrypt-config])
diff --git 
a/meta/recipes-support/libgcrypt/files/0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch
 
b/meta/recipes-support/libgcrypt/files/0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch
index f9c362431c5..cf9ebfb3e61 100644
--- 
a/meta/recipes-support/libgcrypt/files/0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch
+++ 
b/meta/recipes-support/libgcrypt/files/0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch
@@ -1,4 +1,4 @@
-From 3c6c10eae0993c8ca60879494c6650f7b8f54ebe Mon Sep 17 00:00:00 2001
+From 0f66e796a8522e1043dda03b88d5f6feae839d16 Mon Sep 17 00:00:00 2001
 From: Chen Qi 
 Date: Wed, 16 Aug 2017 10:44:41 +0800
 Subject: [PATCH] libgcrypt: fix building error with '-O2' in sysroot path
@@ -25,15 +25,15 @@ Signed-off-by: Hongxu Jia 
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/cipher/Makefile.am b/cipher/Makefile.am
-index d644005..1cf5072 100644
+index c3d642b..88c883a 100644
 --- a/cipher/Makefile.am
 +++ b/cipher/Makefile.am
-@@ -147,7 +147,7 @@ gost-s-box: gost-s-box.c
+@@ -153,7 +153,7 @@ gost-s-box: gost-s-box.c
  
  
  if ENABLE_O_FLAG_MUNGING
--o_flag_munging = sed -e 's/-O\([2-9sg][2-9sg]*\)/-O1/' -e 's/-Ofast/-O1/g'
-+o_flag_munging = sed -e 's/ -O\([2-9sg][2-9sg]*\) / -O1 /' -e 's/ -Ofast / 
-O1 /g'
+-o_flag_munging = sed -e 's/-O\([2-9sgz][2-9sgz]*\)/-O1/' -e 's/-Ofast/-O1/g'
++o_flag_munging = sed -e 's/ -O\([2-9sgz][2-9sgz]*\) / -O1 /' -e 's/ -Ofast / 
-O1 /g'
  else
  o_flag_munging = cat
  endif
diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.10.1.bb 
b/meta/recipes-support/libgcrypt/libgcrypt_1.10.2.bb
similarity index 96%
rename from meta/recipes-support/libgcrypt/libgcrypt_1.10.1.bb
rename to meta/recipes-support/libgcrypt/libgcrypt_1.10.2.bb
index bf9d7cbd102..58f07a116d2 100644
--- a/meta/recipes-support/libgcrypt/libgcrypt_1.10.1.bb
+++ b/meta/recipes-support/libgcrypt/libgcrypt_1.10.2.bb
@@ -27,7 +27,7 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
file://no-bench-slope.patch \
file://run-ptest \
"
-SRC_URI[sha256sum] = 
"ef14ae546b0084cd84259f61a55e07a38c3b53afc0f546bffcef2f01baffe9de"
+SRC_URI[sha256sum] = 
"3b9c02a004b68c256add99701de00b383af37177e0d6c58289664cce0c03"
 
 # Below whitelisted CVEs are disputed and not affecting crypto libraries for 
any distro.
 CVE_CHECK_IGNORE += "CVE-2018-12433 CVE-2018-12438"
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181077): 
https://lists.openembedded.org/g/openembedded-core/message/181077
Mute This Topic: https://lists.openembedded.org/mt/98788937/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 19/27] cryptodev: remove unneeded patch

[Alexander Kanavin]

With 1.13 version the needed rules are available directly
upstream. This wasn't noticed in 1.12->1.13 patch rebase.

I verified that installed files are exactly same with and
without the patch.

Signed-off-by: Alexander Kanavin 
---
 .../cryptodev/cryptodev-tests_1.13.bb |  7 +-
 ...and-install-rules-for-cryptodev-test.patch | 66 ---
 2 files changed, 3 insertions(+), 70 deletions(-)
 delete mode 100644 
meta/recipes-kernel/cryptodev/files/0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch

diff --git a/meta/recipes-kernel/cryptodev/cryptodev-tests_1.13.bb 
b/meta/recipes-kernel/cryptodev/cryptodev-tests_1.13.bb
index c5414787966..458ad8ecf2a 100644
--- a/meta/recipes-kernel/cryptodev/cryptodev-tests_1.13.bb
+++ b/meta/recipes-kernel/cryptodev/cryptodev-tests_1.13.bb
@@ -5,14 +5,13 @@ SUMMARY = "A test suite for /dev/crypto device driver"
 DEPENDS += "openssl"
 
 SRC_URI += " \
-file://0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch \
-file://0001-tests-Makefile-do-not-use-Werror.patch \
-"
+   file://0001-tests-Makefile-do-not-use-Werror.patch \
+   "
 
 EXTRA_OEMAKE='KERNEL_DIR="${STAGING_EXECPREFIXDIR}" PREFIX="${D}"'
 
 do_compile() {
-   oe_runmake testprogs
+   oe_runmake tests
 }
 
 do_install() {
diff --git 
a/meta/recipes-kernel/cryptodev/files/0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch
 
b/meta/recipes-kernel/cryptodev/files/0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch
deleted file mode 100644
index 8c40e623890..000
--- 
a/meta/recipes-kernel/cryptodev/files/0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From 3ba8ba9410464d0986bc6cc5ddb1819745af1eb2 Mon Sep 17 00:00:00 2001
-From: Yu Zongchun 
-Date: Sun, 28 Apr 2013 14:39:22 +0800
-Subject: [PATCH] Add the compile and install rules for cryptodev tests folder
-
-This is required to install the cryptodev tests folder to rootfs
-
-Signed-off-by: Yu Zongchun 
-
-Upstream-Status: Pending
-

- Makefile   | 6 ++
- tests/Makefile | 8 
- 2 files changed, 14 insertions(+)
-
-diff --git a/Makefile b/Makefile
-index d83aee6..3a750a1 100644
 a/Makefile
-+++ b/Makefile
-@@ -41,6 +41,9 @@ modules_install:
- install_tests: tests
-   $(MAKE) -C tests install DESTDIR=$(PREFIX)
- 
-+install_tests:
-+  make -C tests install DESTDIR=$(PREFIX)
-+
- clean:
-   $(MAKE) $(KERNEL_MAKE_OPTS) clean
-   CFLAGS=$(CRYPTODEV_CFLAGS) KERNEL_DIR=$(KERNEL_DIR) $(MAKE) -C tests 
clean
-@@ -54,6 +57,9 @@ tests:
- 
- .PHONY: install modules_install tests install_tests
- 
-+testprogs:
-+  KERNEL_DIR=$(KERNEL_DIR) make -C tests testprogs
-+
- CPOPTS =
- ifneq ($(SHOW_TYPES),)
- CPOPTS += --show-types
-diff --git a/tests/Makefile b/tests/Makefile
-index 2502f32..2fb7a9a 100644
 a/tests/Makefile
-+++ b/tests/Makefile
-@@ -23,6 +23,12 @@ bindir = $(execprefix)/bin
- 
- all: $(hostprogs)
- 
-+install:
-+  install -d  $(DESTDIR)/usr/bin/tests_cryptodev
-+  for bin in $(hostprogs); do \
-+  install -m 755 $${bin} $(DESTDIR)/usr/bin/tests_cryptodev/; \
-+  done
-+
- check: $(hostprogs)
-   ./cipher
-   ./hmac
-@@ -38,6 +44,8 @@ install:
-   install -m 755 $$prog $(DESTDIR)/$(bindir); \
-   done
- 
-+testprogs: $(hostprogs)
-+
- clean:
-   rm -f *.o *~ $(hostprogs)
- 
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181074): 
https://lists.openembedded.org/g/openembedded-core/message/181074
Mute This Topic: https://lists.openembedded.org/mt/98788934/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 17/27] librsvf: update 2.54.5 -> 2.56.0

[Alexander Kanavin]

Upstream no longer includes all the crates into tarballs, so
use cargo_update_recipe_crates class to make a list for the crate://
fetcher.

Signed-off-by: Alexander Kanavin 
---
 meta/recipes-gnome/librsvg/librsvg-crates.inc | 594 ++
 ...lib.rs-do-not-probe-into-harcoded-li.patch |  17 +-
 .../{librsvg_2.54.5.bb => librsvg_2.56.0.bb}  |   9 +-
 3 files changed, 603 insertions(+), 17 deletions(-)
 create mode 100644 meta/recipes-gnome/librsvg/librsvg-crates.inc
 rename meta/recipes-gnome/librsvg/{librsvg_2.54.5.bb => librsvg_2.56.0.bb} 
(90%)

diff --git a/meta/recipes-gnome/librsvg/librsvg-crates.inc 
b/meta/recipes-gnome/librsvg/librsvg-crates.inc
new file mode 100644
index 000..d73d1ae6932
--- /dev/null
+++ b/meta/recipes-gnome/librsvg/librsvg-crates.inc
@@ -0,0 +1,594 @@
+# Autogenerated with 'bitbake -c update_crates librsvg'
+
+# from Cargo.lock
+SRC_URI += " \
+crate://crates.io/adler/1.0.2 \
+crate://crates.io/aho-corasick/0.7.20 \
+crate://crates.io/android_system_properties/0.1.5 \
+crate://crates.io/anes/0.1.6 \
+crate://crates.io/anstyle/0.3.4 \
+crate://crates.io/anyhow/1.0.69 \
+crate://crates.io/approx/0.5.1 \
+crate://crates.io/assert_cmd/2.0.10 \
+crate://crates.io/atty/0.2.14 \
+crate://crates.io/autocfg/1.1.0 \
+crate://crates.io/base-x/0.2.11 \
+crate://crates.io/bit-set/0.5.3 \
+crate://crates.io/bit-vec/0.6.3 \
+crate://crates.io/bitflags/1.3.2 \
+crate://crates.io/block/0.1.6 \
+crate://crates.io/bstr/1.3.0 \
+crate://crates.io/bumpalo/3.12.0 \
+crate://crates.io/bytemuck/1.13.1 \
+crate://crates.io/byteorder/1.4.3 \
+crate://crates.io/cairo-rs/0.17.0 \
+crate://crates.io/cairo-sys-rs/0.17.0 \
+crate://crates.io/cast/0.3.0 \
+crate://crates.io/cc/1.0.79 \
+crate://crates.io/cfg-expr/0.11.0 \
+crate://crates.io/cfg-if/1.0.0 \
+crate://crates.io/chrono/0.4.24 \
+crate://crates.io/ciborium/0.2.0 \
+crate://crates.io/ciborium-io/0.2.0 \
+crate://crates.io/ciborium-ll/0.2.0 \
+crate://crates.io/clap/3.2.23 \
+crate://crates.io/clap/4.1.9 \
+crate://crates.io/clap_complete/4.1.5 \
+crate://crates.io/clap_derive/4.1.9 \
+crate://crates.io/clap_lex/0.2.4 \
+crate://crates.io/clap_lex/0.3.3 \
+crate://crates.io/codespan-reporting/0.11.1 \
+crate://crates.io/const-cstr/0.3.0 \
+crate://crates.io/const_fn/0.4.9 \
+crate://crates.io/convert_case/0.4.0 \
+crate://crates.io/core-foundation-sys/0.8.3 \
+crate://crates.io/crc32fast/1.3.2 \
+crate://crates.io/criterion/0.4.0 \
+crate://crates.io/criterion-plot/0.5.0 \
+crate://crates.io/crossbeam-channel/0.5.7 \
+crate://crates.io/crossbeam-deque/0.8.3 \
+crate://crates.io/crossbeam-epoch/0.9.14 \
+crate://crates.io/crossbeam-utils/0.8.15 \
+crate://crates.io/cssparser/0.29.6 \
+crate://crates.io/cssparser-macros/0.6.0 \
+crate://crates.io/cxx/1.0.92 \
+crate://crates.io/cxx-build/1.0.92 \
+crate://crates.io/cxxbridge-flags/1.0.92 \
+crate://crates.io/cxxbridge-macro/1.0.92 \
+crate://crates.io/data-url/0.2.0 \
+crate://crates.io/derive_more/0.99.17 \
+crate://crates.io/difflib/0.4.0 \
+crate://crates.io/discard/1.0.4 \
+crate://crates.io/dlib/0.5.0 \
+crate://crates.io/doc-comment/0.3.3 \
+crate://crates.io/dtoa/0.4.8 \
+crate://crates.io/dtoa-short/0.3.3 \
+crate://crates.io/either/1.8.1 \
+crate://crates.io/encoding/0.2.33 \
+crate://crates.io/encoding-index-japanese/1.20141219.5 \
+crate://crates.io/encoding-index-korean/1.20141219.5 \
+crate://crates.io/encoding-index-simpchinese/1.20141219.5 \
+crate://crates.io/encoding-index-singlebyte/1.20141219.5 \
+crate://crates.io/encoding-index-tradchinese/1.20141219.5 \
+crate://crates.io/encoding_index_tests/0.1.4 \
+crate://crates.io/errno/0.2.8 \
+crate://crates.io/errno-dragonfly/0.1.2 \
+crate://crates.io/fastrand/1.9.0 \
+crate://crates.io/flate2/1.0.25 \
+crate://crates.io/float-cmp/0.9.0 \
+crate://crates.io/fnv/1.0.7 \
+crate://crates.io/form_urlencoded/1.1.0 \
+crate://crates.io/futf/0.1.5 \
+crate://crates.io/futures-channel/0.3.27 \
+crate://crates.io/futures-core/0.3.27 \
+crate://crates.io/futures-executor/0.3.27 \
+crate://crates.io/futures-io/0.3.27 \
+crate://crates.io/futures-macro/0.3.27 \
+crate://crates.io/futures-task/0.3.27 \
+crate://crates.io/futures-util/0.3.27 \
+crate://crates.io/fxhash/0.2.1 \
+crate://crates.io/gdk-pixbuf/0.17.0 \
+crate://crates.io/gdk-pixbuf-sys/0.17.0 \
+crate://crates.io/getrandom/0.1.16 \
+crate://crates.io/getrandom/0.2.8 \
+crate://crates.io/gio/0.17.4 \
+crate://crates.io/gio-sys/0.17.4 \
+crate://crates.io/glib/0.17.5 \
+crate://crates.io/glib-macros/0.17.5 \
+crate://crates.io/glib-sys/0.17.4 \
+crate://crates.io/gobject-sys/0.17.4 \
+

[OE-core] [PATCH 18/27] libva: update 2.16 -> 2.18

[Alexander Kanavin]

Signed-off-by: Alexander Kanavin 
---
 .../{libva-initial_2.16.0.bb => libva-initial_2.18.0.bb}  | 0
 .../libva/{libva-utils_2.17.1.bb => libva-utils_2.18.2.bb}| 4 ++--
 meta/recipes-graphics/libva/libva.inc | 2 +-
 .../libva/{libva_2.16.0.bb => libva_2.18.0.bb}| 0
 4 files changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-graphics/libva/{libva-initial_2.16.0.bb => 
libva-initial_2.18.0.bb} (100%)
 rename meta/recipes-graphics/libva/{libva-utils_2.17.1.bb => 
libva-utils_2.18.2.bb} (90%)
 rename meta/recipes-graphics/libva/{libva_2.16.0.bb => libva_2.18.0.bb} (100%)

diff --git a/meta/recipes-graphics/libva/libva-initial_2.16.0.bb 
b/meta/recipes-graphics/libva/libva-initial_2.18.0.bb
similarity index 100%
rename from meta/recipes-graphics/libva/libva-initial_2.16.0.bb
rename to meta/recipes-graphics/libva/libva-initial_2.18.0.bb
diff --git a/meta/recipes-graphics/libva/libva-utils_2.17.1.bb 
b/meta/recipes-graphics/libva/libva-utils_2.18.2.bb
similarity index 90%
rename from meta/recipes-graphics/libva/libva-utils_2.17.1.bb
rename to meta/recipes-graphics/libva/libva-utils_2.18.2.bb
index 1e475e804b8..c7bf36023d1 100644
--- a/meta/recipes-graphics/libva/libva-utils_2.17.1.bb
+++ b/meta/recipes-graphics/libva/libva-utils_2.18.2.bb
@@ -14,8 +14,8 @@ SECTION = "x11"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://COPYING;md5=b148fc8adf19dc9aec17cf9cd29a9a5e"
 
-SRC_URI = 
"git://github.com/intel/libva-utils.git;branch=v2.17-branch;protocol=https"
-SRCREV = "3a291be22cfe70e41bad8a376fa278efa651fdff"
+SRC_URI = 
"git://github.com/intel/libva-utils.git;branch=v2.18-branch;protocol=https"
+SRCREV = "76993ae8d0fbd17e5bfff80ed495c71e727f0d06"
 S = "${WORKDIR}/git"
 
 UPSTREAM_CHECK_GITTAGREGEX = "(?P(\d+(\.\d+)+))$"
diff --git a/meta/recipes-graphics/libva/libva.inc 
b/meta/recipes-graphics/libva/libva.inc
index 0f16dacc98f..7ed0c9ed890 100644
--- a/meta/recipes-graphics/libva/libva.inc
+++ b/meta/recipes-graphics/libva/libva.inc
@@ -18,7 +18,7 @@ LICENSE = "MIT"
 
 SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/libva-${PV}.tar.bz2"
 LIC_FILES_CHKSUM = "file://COPYING;md5=2e48940f94acb0af582e5ef03537800f"
-SRC_URI[sha256sum] = 
"115faca0db2c417a37da49830870e260450fa13066f5e24e252a20c36d920a1c"
+SRC_URI[sha256sum] = 
"a3577eeba0c23924686c7e2f2030073736c8282a80f27b5473e33ea94ccd4982"
 
 S = "${WORKDIR}/libva-${PV}"
 
diff --git a/meta/recipes-graphics/libva/libva_2.16.0.bb 
b/meta/recipes-graphics/libva/libva_2.18.0.bb
similarity index 100%
rename from meta/recipes-graphics/libva/libva_2.16.0.bb
rename to meta/recipes-graphics/libva/libva_2.18.0.bb
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181073): 
https://lists.openembedded.org/g/openembedded-core/message/181073
Mute This Topic: https://lists.openembedded.org/mt/98788932/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 16/27] less: update 608 -> 633

[Alexander Kanavin]

Drop backport.

License-update: copyright years.

Signed-off-by: Alexander Kanavin 
---
 .../less/files/CVE-2022-46663.patch   | 28 ---
 .../less/{less_608.bb => less_633.bb} |  8 ++
 2 files changed, 3 insertions(+), 33 deletions(-)
 delete mode 100644 meta/recipes-extended/less/files/CVE-2022-46663.patch
 rename meta/recipes-extended/less/{less_608.bb => less_633.bb} (84%)

diff --git a/meta/recipes-extended/less/files/CVE-2022-46663.patch 
b/meta/recipes-extended/less/files/CVE-2022-46663.patch
deleted file mode 100644
index 20f9d89ed86..000
--- a/meta/recipes-extended/less/files/CVE-2022-46663.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-CVE: CVE-2022-46663
-Upstream-Status: Backport
-Signed-off-by: Ross Burton 
-
-From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001
-From: Mark Nudelman 
-Date: Fri, 7 Oct 2022 19:25:46 -0700
-Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence.
-

- line.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/line.c b/line.c
-index 236c49ae..cba7bdd1 100644
 a/line.c
-+++ b/line.c
-@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
-   /* Hyperlink ends with \7 or ESC-backslash. */
-   if (ch == '\7')
-   return ANSI_END;
--  if (pansi->prev_esc && ch == '\\')
--  return ANSI_END;
-+  if (pansi->prev_esc)
-+return (ch == '\\') ? ANSI_END : ANSI_ERR;
-   pansi->prev_esc = (ch == ESC);
-   return ANSI_MID;
-   }
diff --git a/meta/recipes-extended/less/less_608.bb 
b/meta/recipes-extended/less/less_633.bb
similarity index 84%
rename from meta/recipes-extended/less/less_608.bb
rename to meta/recipes-extended/less/less_633.bb
index f907a8159cc..2defb5ccb7a 100644
--- a/meta/recipes-extended/less/less_608.bb
+++ b/meta/recipes-extended/less/less_633.bb
@@ -21,15 +21,13 @@ SECTION = "console/utils"
 
 LICENSE = "GPL-3.0-or-later | BSD-2-Clause"
 LIC_FILES_CHKSUM = "file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464 \
-file://LICENSE;md5=38fc26d78ca8d284a2a5a4bbc263d29b \
+file://LICENSE;md5=1b2446f5c8632bf63a97d7a49750e1c6 \
 "
 DEPENDS = "ncurses"
 
-SRC_URI = "http://www.greenwoodsoftware.com/${BPN}/${BPN}-${PV}.tar.gz \
-   file://CVE-2022-46663.patch \
- "
+SRC_URI = "http://www.greenwoodsoftware.com/${BPN}/${BPN}-${PV}.tar.gz;
 
-SRC_URI[sha256sum] = 
"a69abe2e0a126777e021d3b73aa3222e1b261f10e64624d41ec079685a6ac209"
+SRC_URI[sha256sum] = 
"2f201d64b828b88af36dfe6cfdba3e0819ece2e446ebe6224813209aaefed04f"
 
 UPSTREAM_CHECK_URI = "http://www.greenwoodsoftware.com/less/download.html;
 
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181071): 
https://lists.openembedded.org/g/openembedded-core/message/181071
Mute This Topic: https://lists.openembedded.org/mt/98788930/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 15/27] valgrind: update 3.20.0 -> 3.21.0

[Alexander Kanavin]

Drop patches merged upstream.

Signed-off-by: Alexander Kanavin 
---
 ...01-drd-tests-Include-missing-cstdint.patch | 34 --
 ...efine-__THROW-if-not-already-defined.patch | 32 -
 ...inux-seg_override.c-add-missing-incl.patch | 30 
 ...ck-x86-Define-__THROW-if-not-defined.patch | 32 -
 ...de-Replace-__modify_ldt-with-syscall.patch | 68 ---
 ...est-wrapper-to-support-PTEST-formats.patch | 52 +++---
 .../valgrind/valgrind/fixed-perl-path.patch   | 38 ++-
 ...{valgrind_3.20.0.bb => valgrind_3.21.0.bb} | 14 +---
 8 files changed, 65 insertions(+), 235 deletions(-)
 delete mode 100644 
meta/recipes-devtools/valgrind/valgrind/0001-drd-tests-Include-missing-cstdint.patch
 delete mode 100644 
meta/recipes-devtools/valgrind/valgrind/0001-memcheck-arm64-Define-__THROW-if-not-already-defined.patch
 create mode 100644 
meta/recipes-devtools/valgrind/valgrind/0001-none-tests-x86-linux-seg_override.c-add-missing-incl.patch
 delete mode 100644 
meta/recipes-devtools/valgrind/valgrind/0002-memcheck-x86-Define-__THROW-if-not-defined.patch
 delete mode 100644 
meta/recipes-devtools/valgrind/valgrind/0003-tests-seg_override-Replace-__modify_ldt-with-syscall.patch
 rename meta/recipes-devtools/valgrind/{valgrind_3.20.0.bb => 
valgrind_3.21.0.bb} (92%)

diff --git 
a/meta/recipes-devtools/valgrind/valgrind/0001-drd-tests-Include-missing-cstdint.patch
 
b/meta/recipes-devtools/valgrind/valgrind/0001-drd-tests-Include-missing-cstdint.patch
deleted file mode 100644
index fbee24a5389..000
--- 
a/meta/recipes-devtools/valgrind/valgrind/0001-drd-tests-Include-missing-cstdint.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 687d9fb9e3de832379680e9d5268331011c92afa Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Thu, 26 Jan 2023 08:53:26 -0800
-Subject: [PATCH] drd/tests: Include missing 
-
-gcc 13 moved some includes around and as a result  is no longer
-transitively included [1]. Explicitly include it for uint{32,64}_t.
-
-Fixes
-tsan_thread_wrappers_pthread.h:91:9: error: 'int64_t' does not name a type
-
-[1] https://gcc.gnu.org/gcc-13/porting_to.html#header-dep-changes
-
-Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=464859]
-Signed-off-by: Khem Raj 

- drd/tests/tsan_thread_wrappers_pthread.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/drd/tests/tsan_thread_wrappers_pthread.h 
b/drd/tests/tsan_thread_wrappers_pthread.h
-index f15e6ad..4cc8062 100644
 a/drd/tests/tsan_thread_wrappers_pthread.h
-+++ b/drd/tests/tsan_thread_wrappers_pthread.h
-@@ -55,6 +55,7 @@
- #define NO_TLS
- #endif
- 
-+#include 
- #include 
- using namespace std;
- 
--- 
-2.39.1
-
diff --git 
a/meta/recipes-devtools/valgrind/valgrind/0001-memcheck-arm64-Define-__THROW-if-not-already-defined.patch
 
b/meta/recipes-devtools/valgrind/valgrind/0001-memcheck-arm64-Define-__THROW-if-not-already-defined.patch
deleted file mode 100644
index a48d7db070f..000
--- 
a/meta/recipes-devtools/valgrind/valgrind/0001-memcheck-arm64-Define-__THROW-if-not-already-defined.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 3409dc35c15bb14c8a525239806322648e079ab1 Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Wed, 5 Jul 2017 17:12:43 -0700
-Subject: [PATCH 1/3] memcheck/arm64: Define __THROW if not already defined
-
-Helps compiling with musl where __THROW is not available
-
-Signed-off-by: Khem Raj 

-Upstream-Status: Submitted
-
- memcheck/tests/arm64-linux/scalar.h | 4 
- 1 file changed, 4 insertions(+)
-
-diff --git a/memcheck/tests/arm64-linux/scalar.h 
b/memcheck/tests/arm64-linux/scalar.h
-index 9008816..8ef050f 100644
 a/memcheck/tests/arm64-linux/scalar.h
-+++ b/memcheck/tests/arm64-linux/scalar.h
-@@ -12,6 +12,10 @@
- #include 
- #include 
- 
-+#ifndef __THROW
-+#define __THROW
-+#endif
-+
- // Since we use vki_unistd.h, we can't include .  So we have to
- // declare this ourselves.
- extern long int syscall (long int __sysno, ...) __THROW;
--- 
-2.13.2
-
diff --git 
a/meta/recipes-devtools/valgrind/valgrind/0001-none-tests-x86-linux-seg_override.c-add-missing-incl.patch
 
b/meta/recipes-devtools/valgrind/valgrind/0001-none-tests-x86-linux-seg_override.c-add-missing-incl.patch
new file mode 100644
index 000..5e36c28523e
--- /dev/null
+++ 
b/meta/recipes-devtools/valgrind/valgrind/0001-none-tests-x86-linux-seg_override.c-add-missing-incl.patch
@@ -0,0 +1,30 @@
+From 978d9ed7f857f2cdcd2a8632f3c2feb56b99c825 Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin 
+Date: Mon, 8 May 2023 11:56:35 +0200
+Subject: [PATCH] none/tests/x86-linux/seg_override.c: add missing include for
+ musl builds
+
+Otherwise SYS_modify_ldt is undefined.
+
+Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=382034]
+Signed-off-by: Alexander Kanavin 
+
+---
+ none/tests/x86-linux/seg_override.c | 4 
+ 1 file changed, 4 insertions(+)
+
+diff --git a/none/tests/x86-linux/seg_override.c 
b/none/tests/x86-linux/seg_override.c
+index ca8fbfe..4ef4394 100644
+--- 

[OE-core] [PATCH 14/27] rpm: update 4.18.0 -> 4.18.1

[Alexander Kanavin]

Drop:
0001-docs-do-not-build-manpages-requires-pandoc.patch
(pandoc is now detected from $PATH)
fifofix.patch
(upstream fixed the issue)

Signed-off-by: Alexander Kanavin 
---
 ...olor-setting-for-mips64_n32-binaries.patch | 26 ++---
 ...lib-rpm-as-the-installation-path-for.patch | 30 +++---
 ...o-not-build-manpages-requires-pandoc.patch | 23 ---
 meta/recipes-devtools/rpm/files/fifofix.patch | 22 ---
 .../rpm/files/fix-declaration.patch   | 39 +++
 .../rpm/{rpm_4.18.0.bb => rpm_4.18.1.bb}  |  7 ++--
 6 files changed, 70 insertions(+), 77 deletions(-)
 delete mode 100644 
meta/recipes-devtools/rpm/files/0001-docs-do-not-build-manpages-requires-pandoc.patch
 delete mode 100644 meta/recipes-devtools/rpm/files/fifofix.patch
 create mode 100644 meta/recipes-devtools/rpm/files/fix-declaration.patch
 rename meta/recipes-devtools/rpm/{rpm_4.18.0.bb => rpm_4.18.1.bb} (97%)

diff --git 
a/meta/recipes-devtools/rpm/files/0001-Add-a-color-setting-for-mips64_n32-binaries.patch
 
b/meta/recipes-devtools/rpm/files/0001-Add-a-color-setting-for-mips64_n32-binaries.patch
index 9f5dde07205..9fa486dfd3c 100644
--- 
a/meta/recipes-devtools/rpm/files/0001-Add-a-color-setting-for-mips64_n32-binaries.patch
+++ 
b/meta/recipes-devtools/rpm/files/0001-Add-a-color-setting-for-mips64_n32-binaries.patch
@@ -1,4 +1,4 @@
-From 5492ac3c716020a27a25253bbffe810db43202bf Mon Sep 17 00:00:00 2001
+From 93f219df68f3741ff63a294a16bcbe8deba1112f Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin 
 Date: Thu, 9 Mar 2017 18:54:02 +0200
 Subject: [PATCH] Add a color setting for mips64_n32 binaries
@@ -11,11 +11,11 @@ Signed-off-by: Alexander Kanavin 
  rpmrc.in  | 2 ++
  2 files changed, 6 insertions(+)
 
-Index: git/build/rpmfc.c
-===
 git.orig/build/rpmfc.c
-+++ git/build/rpmfc.c
-@@ -645,6 +645,7 @@ exit:
+diff --git a/build/rpmfc.c b/build/rpmfc.c
+index 26606378f..a16e3f4e9 100644
+--- a/build/rpmfc.c
 b/build/rpmfc.c
+@@ -646,6 +646,7 @@ exit:
  static const struct rpmfcTokens_s rpmfcTokens[] = {
{ "directory",  RPMFC_INCLUDE },
  
@@ -23,20 +23,20 @@ Index: git/build/rpmfc.c
{ "ELF 32-bit", RPMFC_ELF32|RPMFC_INCLUDE },
{ "ELF 64-bit", RPMFC_ELF64|RPMFC_INCLUDE },
  
-@@ -1150,6 +1151,9 @@ static uint32_t getElfColor(const char *
+@@ -1151,6 +1152,9 @@ static uint32_t getElfColor(const char *fn)
color = RPMFC_ELF32;
break;
}
 +if (ehdr.e_machine == EM_MIPS || ehdr.e_machine == EM_MIPS_RS3_LE)
 +if (ehdr.e_flags & EF_MIPS_ABI2)
 +color = RPMFC_ELFMIPSN32;
-   elf_end(elf);
}
-   close(fd);
-Index: git/rpmrc.in
-===
 git.orig/rpmrc.in
-+++ git/rpmrc.in
+   if (elf)
+   elf_end(elf);
+diff --git a/rpmrc.in b/rpmrc.in
+index 2975a3a0e..c7232b48b 100644
+--- a/rpmrc.in
 b/rpmrc.in
 @@ -139,6 +139,8 @@ archcolor: mipsr6el 1
  archcolor: mips64r6 2
  archcolor: mips64r6el 2
diff --git 
a/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch
 
b/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch
index 6f613d0a7d8..8fdc5edb10b 100644
--- 
a/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch
+++ 
b/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch
@@ -1,4 +1,4 @@
-From 4ab6a4c5bbad65c3401016bb26b87214cdd0c59b Mon Sep 17 00:00:00 2001
+From 5fc560aaf1184d35d161f7d50dbb6323c90cc02d Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin 
 Date: Mon, 27 Feb 2017 09:43:30 +0200
 Subject: [PATCH] Do not hardcode "lib/rpm" as the installation path for
@@ -13,10 +13,10 @@ Signed-off-by: Alexander Kanavin 
  rpm.am   | 4 ++--
  3 files changed, 4 insertions(+), 4 deletions(-)
 
-Index: git/configure.ac
-===
 git.orig/configure.ac
-+++ git/configure.ac
+diff --git a/configure.ac b/configure.ac
+index e6676c581..ec28db9b6 100644
+--- a/configure.ac
 b/configure.ac
 @@ -942,7 +942,7 @@ else
  usrprefix=$prefix
  fi
@@ -26,11 +26,11 @@ Index: git/configure.ac
  AC_SUBST(RPMCONFIGDIR)
  
  AC_SUBST(OBJDUMP)
-Index: git/macros.in
-===
 git.orig/macros.in
-+++ git/macros.in
-@@ -911,7 +911,7 @@ package or when debugging this package.\
+diff --git a/macros.in b/macros.in
+index a2411d784..735b74d99 100644
+--- a/macros.in
 b/macros.in
+@@ -930,7 +930,7 @@ package or when debugging this package.\
  %_sharedstatedir  %{_prefix}/com
  %_localstatedir   %{_prefix}/var
  %_lib lib
@@ -39,10 +39,10 @@ Index: git/macros.in
  %_includedir  

[OE-core] [PATCH 13/27] perl: update 5.36.0 -> 5.36.1

[Alexander Kanavin]

Drop gcc 12 patch, as upstream rejected it, and then (presumably) fixed gcc 12 
issues differently.

Signed-off-by: Alexander Kanavin 
---
 .../files/0001-Fix-build-with-gcc-12.patch| 143 --
 .../perl/files/perl-configpm-switch.patch |   2 +-
 .../perl/{perl_5.36.0.bb => perl_5.36.1.bb}   |   3 +-
 3 files changed, 2 insertions(+), 146 deletions(-)
 delete mode 100644 
meta/recipes-devtools/perl/files/0001-Fix-build-with-gcc-12.patch
 rename meta/recipes-devtools/perl/{perl_5.36.0.bb => perl_5.36.1.bb} (99%)

diff --git a/meta/recipes-devtools/perl/files/0001-Fix-build-with-gcc-12.patch 
b/meta/recipes-devtools/perl/files/0001-Fix-build-with-gcc-12.patch
deleted file mode 100644
index 1d98e1389b5..000
--- a/meta/recipes-devtools/perl/files/0001-Fix-build-with-gcc-12.patch
+++ /dev/null
@@ -1,143 +0,0 @@
-From ee957eb9e4ec29a462cdbb2f3bbe29d4270534ef Mon Sep 17 00:00:00 2001
-From: Mingli Yu 
-Date: Thu, 2 Jun 2022 13:01:37 +0800
-Subject: [PATCH] proto.h: Fix build with gcc-12
-
-Fixes:
-  In function 'dynprep',
-inlined from 'S_sortsv_flags_impl' at pp_sort.c:358:20,
-inlined from 'sortsv_amagic_i_ncmp' at pp_sort.c:572:5:
-pp_sort.c:1232:1: error: inlining failed in call to 'always_inline' 
'S_amagic_i_ncmp': function not considered for inlining
-  1232 | S_amagic_i_ncmp(pTHX_ SV *const a, SV *const b)
-
-Upstream-Status: Submitted [https://github.com/Perl/perl5/pull/19808]
-
-Signed-off-by: Mingli Yu 

- proto.h | 42 ++
- 1 file changed, 14 insertions(+), 28 deletions(-)
-
-diff --git a/proto.h b/proto.h
-index faca6d1..3a76c04 100644
 a/proto.h
-+++ b/proto.h
-@@ -5606,50 +5606,43 @@ STATIC SSize_t S_unpack_rec(pTHX_ struct tempsym* 
symptr, const char *s, const c
- #endif
- #if defined(PERL_IN_PP_SORT_C)
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_amagic_cmp(pTHX_ SV *const str1, SV *const 
str2)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_amagic_cmp(pTHX_ SV *const str1, SV *const 
str2);
- #define PERL_ARGS_ASSERT_AMAGIC_CMP   \
-   assert(str1); assert(str2)
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_amagic_cmp_desc(pTHX_ SV *const str1, SV 
*const str2)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_amagic_cmp_desc(pTHX_ SV *const str1, SV 
*const str2);
- #define PERL_ARGS_ASSERT_AMAGIC_CMP_DESC  \
-   assert(str1); assert(str2)
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_amagic_i_ncmp(pTHX_ SV *const a, SV *const b)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_amagic_i_ncmp(pTHX_ SV *const a, SV *const b);
- #define PERL_ARGS_ASSERT_AMAGIC_I_NCMP\
-   assert(a); assert(b)
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_amagic_i_ncmp_desc(pTHX_ SV *const a, SV 
*const b)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_amagic_i_ncmp_desc(pTHX_ SV *const a, SV 
*const b);
- #define PERL_ARGS_ASSERT_AMAGIC_I_NCMP_DESC   \
-   assert(a); assert(b)
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_amagic_ncmp(pTHX_ SV *const a, SV *const b)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_amagic_ncmp(pTHX_ SV *const a, SV *const b);
- #define PERL_ARGS_ASSERT_AMAGIC_NCMP  \
-   assert(a); assert(b)
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_amagic_ncmp_desc(pTHX_ SV *const a, SV *const 
b)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_amagic_ncmp_desc(pTHX_ SV *const a, SV *const 
b);
- #define PERL_ARGS_ASSERT_AMAGIC_NCMP_DESC \
-   assert(a); assert(b)
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_cmp_desc(pTHX_ SV *const str1, SV *const str2)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_cmp_desc(pTHX_ SV *const str1, SV *const 
str2);
- #define PERL_ARGS_ASSERT_CMP_DESC \
-   assert(str1); assert(str2)
- #endif
-@@ -5671,51 +5664,44 @@ PERL_STATIC_FORCE_INLINE void  
S_sortsv_flags_impl(pTHX_ SV** array, size_t num_e
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_sv_i_ncmp(pTHX_ SV *const a, SV *const b)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_sv_i_ncmp(pTHX_ SV *const a, SV *const b);
- #define PERL_ARGS_ASSERT_SV_I_NCMP\
-   assert(a); assert(b)
- #endif
- 
- #ifndef PERL_NO_INLINE_FUNCTIONS
--PERL_STATIC_FORCE_INLINE I32  S_sv_i_ncmp_desc(pTHX_ SV *const a, SV *const b)
--  __attribute__always_inline__;
-+PERL_STATIC_FORCE_INLINE I32  S_sv_i_ncmp_desc(pTHX_ SV *const a, SV *const 
b);
- #define PERL_ARGS_ASSERT_SV_I_NCMP_DESC  

[OE-core] [PATCH 12/27] perlcross: update 1.4 -> 1.4.1

[Alexander Kanavin]

Signed-off-by: Alexander Kanavin 
---
 ...h-Add-_GNU_SOURCE-define-and-functio.patch | 485 --
 .../{perlcross_1.4.bb => perlcross_1.4.1.bb}  |   3 +-
 2 files changed, 1 insertion(+), 487 deletions(-)
 delete mode 100644 
meta/recipes-devtools/perl-cross/files/0001-configure_func.sh-Add-_GNU_SOURCE-define-and-functio.patch
 rename meta/recipes-devtools/perl-cross/{perlcross_1.4.bb => 
perlcross_1.4.1.bb} (86%)

diff --git 
a/meta/recipes-devtools/perl-cross/files/0001-configure_func.sh-Add-_GNU_SOURCE-define-and-functio.patch
 
b/meta/recipes-devtools/perl-cross/files/0001-configure_func.sh-Add-_GNU_SOURCE-define-and-functio.patch
deleted file mode 100644
index 893b55e5acd..000
--- 
a/meta/recipes-devtools/perl-cross/files/0001-configure_func.sh-Add-_GNU_SOURCE-define-and-functio.patch
+++ /dev/null
@@ -1,485 +0,0 @@
-From 65db86f0161c393fd5b082c10837b278adadbff2 Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Sun, 7 Aug 2022 23:57:20 -0700
-Subject: [PATCH] configure_func.sh: Add _GNU_SOURCE define and function
- signatures
-
-Modern compilers are getting stricter about include paths and function
-signature being known duting compilation e.g. clang-15 now errors out if
-a function signature is not found
-
-try.c:1:18: error: call to undeclared function 'getspnam'; ISO C99 and later 
do not support implicit function declarations [-Wimplicit-function-declaration]
-
-This causes the test of function to fail even though the function is
-available in libc. Therefore try to add proper include headers which
-define these functions and also define _GNU_SOURCE in every test
-since some of GNU/Linux funtions e.g. accept4 are guarged by this define
-
-Upstream-Status: Submitted [https://github.com/arsv/perl-cross/pull/137]
-Signed-off-by: Khem Raj 

- cnf/configure_func.sh | 41 +
- 1 file changed, 21 insertions(+), 20 deletions(-)
-
 a/cnf/configure_func.sh
-+++ b/cnf/configure_func.sh
-@@ -5,6 +5,7 @@ checkfunc() {
-   mstart "Checking for $2"
-   if not hinted $1 'found' 'missing'; then
-   try_start
-+try_add '#define _GNU_SOURCE'
-   funcincludes "$3" "$4" "$includes"
-   try_add "int main(void) { $2($3); return 0; }"
-   try_link -O0 -fno-builtin
-@@ -42,115 +43,115 @@ checkfunc d_chroot 'chroot' "NULL" 'unis
- checkfunc d_chsize 'chsize' "0,0"
- checkfunc d_class 'class'
- checkfunc d_clearenv 'clearenv' "" 'stdlib.h'
--checkfunc d_closedir 'closedir' "NULL"
--checkfunc d_crypt 'crypt'
-+checkfunc d_closedir 'closedir' "NULL" 'dirent.h sys/types.h'
-+checkfunc d_crypt 'crypt' "NULL,NULL" 'crypt.h'
- checkfunc d_ctermid 'ctermid'
- checkfunc d_ctime64 'ctime64'
- checkfunc d_cuserid 'cuserid'
--checkfunc d_difftime 'difftime' "0,0"
-+checkfunc d_difftime 'difftime' "0,0" 'time.h'
- checkfunc d_difftime64 'difftime64'
--checkfunc d_dirfd 'dirfd'
-+checkfunc d_dirfd 'dirfd' "NULL" 'dirent.h sys/types.h'
- checkfunc d_dladdr 'dladdr' 'NULL, NULL' 'dlfcn.h'
--checkfunc d_dlerror 'dlerror'
--checkfunc d_dlopen 'dlopen'
--checkfunc d_drand48 'drand48'
-+checkfunc d_dlerror 'dlerror' "" 'dlfcn.h'
-+checkfunc d_dlopen 'dlopen' "NULL,0" "dlfcn.h"
-+checkfunc d_drand48 'drand48' "" 'stdlib.h'
- checkfunc d_dup2 'dup2' "0,0" 'unistd.h'
- checkfunc d_dup3 'dup3' "0,0,0" 'fcntl.h unistd.h'
- checkfunc d_duplocale 'duplocale' '0' 'locale.h'
--checkfunc d_eaccess 'eaccess'
--checkfunc d_endgrent 'endgrent'
--checkfunc d_endhent 'endhostent'
--checkfunc d_endnent 'endnetent'
--checkfunc d_endpent 'endprotoent'
--checkfunc d_endpwent 'endpwent'
--checkfunc d_endservent 'endservent'
-+checkfunc d_eaccess 'eaccess' "NULL,0" 'unistd.h'
-+checkfunc d_endgrent 'endgrent' '' 'grp.h sys/types.h'
-+checkfunc d_endhent 'endhostent' "" 'netdb.h'
-+checkfunc d_endnent 'endnetent' "" 'netdb.h'
-+checkfunc d_endpent 'endprotoent' "" 'netdb.h'
-+checkfunc d_endpwent 'endpwent' "" 'sys/types.h pwd.h'
-+checkfunc d_endservent 'endservent' "" 'netdb.h'
- checkfunc d_fchdir 'fchdir' "0" 'unistd.h'
--checkfunc d_fchmod 'fchmod' "0,0" 'unistd.h'
--checkfunc d_fchmodat 'fchmodat' "0,NULL,0,0" 'unistd.h'
-+checkfunc d_fchmod 'fchmod' "0,0" 'unistd.h sys/stat.h'
-+checkfunc d_fchmodat 'fchmodat' "0,NULL,0,0" 'unistd.h sys/stat.h'
- checkfunc d_fchown 'fchown' "0,0,0" 'unistd.h'
- checkfunc d_fcntl 'fcntl' "0,0" 'unistd.h fcntl.h'
- checkfunc d_fdclose 'fdclose'
--checkfunc d_ffs 'ffs' 'strings.h'
--checkfunc d_ffsl 'ffsl' 'strings.h'
-+checkfunc d_ffs 'ffs' "0" 'strings.h'
-+checkfunc d_ffsl 'ffsl' "0" 'strings.h'
- checkfunc d_fgetpos 'fgetpos' "NULL, 0" 'stdio.h'
--checkfunc d_flock 'flock' "0,0" 'unistd.h'
-+checkfunc d_flock 'flock' "0,0" 'sys/file.h'
- checkfunc d_fork 'fork' "" 'unistd.h'
- checkfunc d_fp_class 'fp_class'
- checkfunc d_fpathconf 'fpathconf' "0,0" 'unistd.h'
--checkfunc d_freelocale 'freelocale' '0' 'locale.h'
--checkfunc d_fseeko 'fseeko' 'NULL,0,0'
--checkfunc d_fsetpos 'fsetpos' 'NULL,0'

[OE-core] [PATCH 11/27] meson: update 1.0.1 ->1.1.0

[Alexander Kanavin]

Rebase two patches.

Signed-off-by: Alexander Kanavin 
---
 ...for-clang-before-guessing-gcc-or-lcc.patch | 14 +++---
 ...-not-manipulate-the-environment-when.patch | 48 +--
 .../meson/{meson_1.0.1.bb => meson_1.1.0.bb}  |  2 +-
 3 files changed, 31 insertions(+), 33 deletions(-)
 rename meta/recipes-devtools/meson/{meson_1.0.1.bb => meson_1.1.0.bb} (98%)

diff --git 
a/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
 
b/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
index 58fa1194398..c449bf8cda4 100644
--- 
a/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
+++ 
b/meta/recipes-devtools/meson/meson/0001-Check-for-clang-before-guessing-gcc-or-lcc.patch
@@ -1,4 +1,4 @@
-From 8739e1c3bef653415ad4b9b9c318ccfa76c43da6 Mon Sep 17 00:00:00 2001
+From e3d1297c408b9b4d5d6a962aad5501e869287c98 Mon Sep 17 00:00:00 2001
 From: Khem Raj 
 Date: Thu, 31 Mar 2022 15:00:24 -0700
 Subject: [PATCH] Check for clang before guessing gcc or lcc
@@ -21,19 +21,20 @@ this check anyway.
 
 Upstream-Status: Submitted [https://github.com/mesonbuild/meson/pull/10218]
 Signed-off-by: Khem Raj 
+
 ---
  mesonbuild/compilers/detect.py | 15 ---
  1 file changed, 8 insertions(+), 7 deletions(-)
 
 diff --git a/mesonbuild/compilers/detect.py b/mesonbuild/compilers/detect.py
-index 53948b01a..ba335cf39 100644
+index 6eca155..2df241a 100644
 --- a/mesonbuild/compilers/detect.py
 +++ b/mesonbuild/compilers/detect.py
-@@ -427,13 +427,14 @@ def _detect_c_or_cpp_compiler(env: 'Environment', lang: 
str, for_machine: Machin
+@@ -334,13 +334,14 @@ def _detect_c_or_cpp_compiler(env: 'Environment', lang: 
str, for_machine: Machin
  version = search_version(out)
  
  guess_gcc_or_lcc: T.Optional[str] = None
--if 'Free Software Foundation' in out or 'xt-' in out:
+-if 'Free Software Foundation' in out or out.startswith('xt-'):
 -guess_gcc_or_lcc = 'gcc'
 -if 'e2k' in out and 'lcc' in out:
 -guess_gcc_or_lcc = 'lcc'
@@ -41,7 +42,7 @@ index 53948b01a..ba335cf39 100644
 -# this output has "Free Software Foundation" in its version
 -guess_gcc_or_lcc = None
 +if not 'clang' in compiler_name:
-+if 'Free Software Foundation' in out or 'xt-' in out:
++if 'Free Software Foundation' in out or out.startswith('xt-'):
 +guess_gcc_or_lcc = 'gcc'
 +if 'e2k' in out and 'lcc' in out:
 +guess_gcc_or_lcc = 'lcc'
@@ -51,6 +52,3 @@ index 53948b01a..ba335cf39 100644
  
  if guess_gcc_or_lcc:
  defines = _get_gnu_compiler_defines(compiler)
--- 
-2.35.1
-
diff --git 
a/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
 
b/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
index f01a6678181..19502fa9cd8 100644
--- 
a/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
+++ 
b/meta/recipes-devtools/meson/meson/0001-python-module-do-not-manipulate-the-environment-when.patch
@@ -1,4 +1,4 @@
-From 2e9582167bf9d3273004edb2637310531f0155ab Mon Sep 17 00:00:00 2001
+From a97dba12cff6c4c9181909141a1a9f38d7c900bf Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin 
 Date: Mon, 19 Nov 2018 14:24:26 +0100
 Subject: [PATCH] python module: do not manipulate the environment when calling
@@ -8,30 +8,30 @@ Upstream-Status: Inappropriate [oe-core specific]
 Signed-off-by: Alexander Kanavin 
 
 ---
- mesonbuild/modules/python.py | 6 +-
+ mesonbuild/dependencies/python.py | 6 +-
  1 file changed, 1 insertion(+), 5 deletions(-)
 
-diff --git a/mesonbuild/modules/python.py b/mesonbuild/modules/python.py
-index 3bbccd1..fda7a25 100644
 a/mesonbuild/modules/python.py
-+++ b/mesonbuild/modules/python.py
-@@ -277,9 +277,6 @@ def python_factory(env: 'Environment', for_machine: 
'MachineChoice',
- # there is no LIBPC, so we can't search in it
- return NotFoundDependency('python', env)
+diff --git a/mesonbuild/dependencies/python.py 
b/mesonbuild/dependencies/python.py
+index 14386f9..118a15f 100644
+--- a/mesonbuild/dependencies/python.py
 b/mesonbuild/dependencies/python.py
+@@ -354,9 +354,6 @@ def python_factory(env: 'Environment', for_machine: 
'MachineChoice',
+ empty.name = 'python'
+ return empty
  
--old_pkg_libdir = os.environ.pop('PKG_CONFIG_LIBDIR', None)
--old_pkg_path = os.environ.pop('PKG_CONFIG_PATH', None)
--os.environ['PKG_CONFIG_LIBDIR'] = pkg_libdir
- try:
- return PythonPkgConfigDependency(name, env, kwargs, 
installation, True)
- finally:
-@@ -288,8 +285,7 @@ def python_factory(env: 'Environment', for_machine: 
'MachineChoice',
- 

[OE-core] [PATCH 10/27] llvm: update 15.0.7 -> 16.0.3

[Alexander Kanavin]

Signed-off-by: Alexander Kanavin 
---
 meta/conf/distro/include/tcmode-default.inc   |  2 +-
 ...e-64bit-off_t-on-32bit-glibc-systems.patch | 79 ---
 meta/recipes-devtools/llvm/llvm_git.bb|  5 +-
 3 files changed, 3 insertions(+), 83 deletions(-)
 delete mode 100644 
meta/recipes-devtools/llvm/llvm/0035-cmake-Enable-64bit-off_t-on-32bit-glibc-systems.patch

diff --git a/meta/conf/distro/include/tcmode-default.inc 
b/meta/conf/distro/include/tcmode-default.inc
index 9d0b319739c..853a20bfe26 100644
--- a/meta/conf/distro/include/tcmode-default.inc
+++ b/meta/conf/distro/include/tcmode-default.inc
@@ -24,7 +24,7 @@ GLIBCVERSION ?= "2.37"
 LINUXLIBCVERSION ?= "6.1%"
 QEMUVERSION ?= "8.0%"
 GOVERSION ?= "1.20%"
-LLVMVERSION ?= "15.%"
+LLVMVERSION ?= "16.%"
 RUSTVERSION ?= "1.69%"
 
 PREFERRED_VERSION_gcc ?= "${GCCVERSION}"
diff --git 
a/meta/recipes-devtools/llvm/llvm/0035-cmake-Enable-64bit-off_t-on-32bit-glibc-systems.patch
 
b/meta/recipes-devtools/llvm/llvm/0035-cmake-Enable-64bit-off_t-on-32bit-glibc-systems.patch
deleted file mode 100644
index fe98e3e4c05..000
--- 
a/meta/recipes-devtools/llvm/llvm/0035-cmake-Enable-64bit-off_t-on-32bit-glibc-systems.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From cd2fa12d715929642513fc441287c402f4560096 Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Sun, 25 Dec 2022 15:13:41 -0800
-Subject: [PATCH] build: Enable 64bit off_t on 32bit glibc systems
-
-Pass -D_FILE_OFFSET_BITS=64 to compiler flags on 32bit glibc based
-systems. This will make sure that 64bit versions of LFS functions are
-used e.g. lseek will behave same as lseek64. Also revert [1] partially
-because this added a cmake test to detect lseek64 but then forgot to
-pass the needed macro during actual compile, this test was incomplete too
-since libc implementations like musl has 64-bit off_t by default on 32-bit
-systems and does not bundle -D_LARGEFILE64_SOURCE [2] under -D_GNU_SOURCE
-like glibc, which means the compile now fails on musl because the cmake
-check passes but we do not have _LARGEFILE64_SOURCE defined. Moreover,
-Using the *64 function was transitional anyways so use
--D_FILE_OFFSET_BITS=64 instead
-
-[1] 
https://github.com/llvm/llvm-project/commit/8db7e5e4eed4c4e697dc3164f2c9351d8c3e942b
-[2] 
https://git.musl-libc.org/cgit/musl/commit/?id=25e6fee27f4a293728dd15b659170e7b9c7db9bc
-
-Upstream-Status: Submitted [https://reviews.llvm.org/D139752]
-Signed-off-by: Khem Raj 

- llvm/cmake/config-ix.cmake| 8 +---
- llvm/include/llvm/Config/config.h.cmake   | 3 ---
- llvm/lib/Support/raw_ostream.cpp  | 2 --
- llvm/utils/gn/secondary/llvm/include/llvm/Config/BUILD.gn | 2 --
- utils/bazel/llvm-project-overlay/llvm/config.bzl  | 1 -
- .../llvm/include/llvm/Config/config.h | 3 ---
- utils/bazel/llvm_configs/config.h.cmake   | 3 ---
- 7 files changed, 5 insertions(+), 17 deletions(-)
-
 a/llvm/cmake/config-ix.cmake
-+++ b/llvm/cmake/config-ix.cmake
-@@ -284,9 +284,6 @@ check_symbol_exists(futimes sys/time.h H
- if( HAVE_SIGNAL_H AND NOT LLVM_USE_SANITIZER MATCHES ".*Address.*" AND NOT 
APPLE )
-   check_symbol_exists(sigaltstack signal.h HAVE_SIGALTSTACK)
- endif()
--set(CMAKE_REQUIRED_DEFINITIONS "-D_LARGEFILE64_SOURCE")
--check_symbol_exists(lseek64 "sys/types.h;unistd.h" HAVE_LSEEK64)
--set(CMAKE_REQUIRED_DEFINITIONS "")
- check_symbol_exists(mallctl malloc_np.h HAVE_MALLCTL)
- check_symbol_exists(mallinfo malloc.h HAVE_MALLINFO)
- check_symbol_exists(mallinfo2 malloc.h HAVE_MALLINFO2)
-@@ -350,6 +347,11 @@ check_symbol_exists(__GLIBC__ stdio.h LL
- if( LLVM_USING_GLIBC )
-   add_definitions( -D_GNU_SOURCE )
-   list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D_GNU_SOURCE")
-+# enable 64bit off_t on 32bit systems using glibc
-+  if (CMAKE_SIZEOF_VOID_P EQUAL 4)
-+add_compile_definitions(_FILE_OFFSET_BITS=64)
-+list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D_FILE_OFFSET_BITS=64")
-+  endif()
- endif()
- # This check requires _GNU_SOURCE
- if (NOT PURE_WINDOWS)
 a/llvm/include/llvm/Config/config.h.cmake
-+++ b/llvm/include/llvm/Config/config.h.cmake
-@@ -128,9 +128,6 @@
- /* Define to 1 if you have the  header file. */
- #cmakedefine HAVE_LINK_H ${HAVE_LINK_H}
- 
--/* Define to 1 if you have the `lseek64' function. */
--#cmakedefine HAVE_LSEEK64 ${HAVE_LSEEK64}
--
- /* Define to 1 if you have the  header file. */
- #cmakedefine HAVE_MACH_MACH_H ${HAVE_MACH_MACH_H}
- 
 a/llvm/lib/Support/raw_ostream.cpp
-+++ b/llvm/lib/Support/raw_ostream.cpp
-@@ -804,8 +804,6 @@ uint64_t raw_fd_ostream::seek(uint64_t o
-   flush();
- #ifdef _WIN32
-   pos = ::_lseeki64(FD, off, SEEK_SET);
--#elif defined(HAVE_LSEEK64)
--  pos = ::lseek64(FD, off, SEEK_SET);
- #else
-   pos = ::lseek(FD, off, SEEK_SET);
- #endif
diff --git a/meta/recipes-devtools/llvm/llvm_git.bb 
b/meta/recipes-devtools/llvm/llvm_git.bb
index acf7f4c3d77..eb918383e6f 100644
--- 

[OE-core] [PATCH 08/27] elfutils: update 0.188 -> 0.189

[Alexander Kanavin]

Drop backports, rebase musl patches.

Signed-off-by: Alexander Kanavin 
---
 .../{elfutils_0.188.bb => elfutils_0.189.bb}  |  5 +-
 ...od-Fix-usage-of-deprecated-CURLINFO_.patch | 49 ---
 ...t-Use-CURLOPT_PROTOCOLS_STR-for-libc.patch | 34 ---
 .../elfutils/files/0003-musl-utils.patch  | 14 +--
 .../0015-config-eu.am-do-not-use-Werror.patch | 10 +--
 .../handle_DW_TAG_unspecified_type.patch  | 88 ---
 6 files changed, 13 insertions(+), 187 deletions(-)
 rename meta/recipes-devtools/elfutils/{elfutils_0.188.bb => elfutils_0.189.bb} 
(96%)
 delete mode 100644 
meta/recipes-devtools/elfutils/files/0001-PR29926-debuginfod-Fix-usage-of-deprecated-CURLINFO_.patch
 delete mode 100644 
meta/recipes-devtools/elfutils/files/0002-debuginfod-client-Use-CURLOPT_PROTOCOLS_STR-for-libc.patch
 delete mode 100644 
meta/recipes-devtools/elfutils/files/handle_DW_TAG_unspecified_type.patch

diff --git a/meta/recipes-devtools/elfutils/elfutils_0.188.bb 
b/meta/recipes-devtools/elfutils/elfutils_0.189.bb
similarity index 96%
rename from meta/recipes-devtools/elfutils/elfutils_0.188.bb
rename to meta/recipes-devtools/elfutils/elfutils_0.189.bb
index 74271b2411e..236f8cef92d 100644
--- a/meta/recipes-devtools/elfutils/elfutils_0.188.bb
+++ b/meta/recipes-devtools/elfutils/elfutils_0.189.bb
@@ -21,15 +21,12 @@ SRC_URI = 
"https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \
file://0001-skip-the-test-when-gcc-not-deployed.patch \
file://ptest.patch \

file://0001-tests-Makefile.am-compile-test_nlist-with-standard-C.patch \
-   
file://0001-PR29926-debuginfod-Fix-usage-of-deprecated-CURLINFO_.patch \
-   
file://0002-debuginfod-client-Use-CURLOPT_PROTOCOLS_STR-for-libc.patch \
-   file://handle_DW_TAG_unspecified_type.patch \
"
 SRC_URI:append:libc-musl = " \
file://0003-musl-utils.patch \
file://0015-config-eu.am-do-not-use-Werror.patch \
"
-SRC_URI[sha256sum] = 
"fb8b0e8d0802005b9a309c60c1d8de32dd2951b56f0c3a3cb56d21ce01595dff"
+SRC_URI[sha256sum] = 
"39bd8f1a338e2b7cd4abc3ff11a0eddc6e690f69578a57478d8179b4148708c8"
 
 inherit autotools gettext ptest pkgconfig
 
diff --git 
a/meta/recipes-devtools/elfutils/files/0001-PR29926-debuginfod-Fix-usage-of-deprecated-CURLINFO_.patch
 
b/meta/recipes-devtools/elfutils/files/0001-PR29926-debuginfod-Fix-usage-of-deprecated-CURLINFO_.patch
deleted file mode 100644
index ee192e35816..000
--- 
a/meta/recipes-devtools/elfutils/files/0001-PR29926-debuginfod-Fix-usage-of-deprecated-CURLINFO_.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From d2bf497b12fbd49b4996ccf0744303ffd67735b1 Mon Sep 17 00:00:00 2001
-From: Andrew Paprocki 
-Date: Wed, 21 Dec 2022 11:15:00 -0500
-Subject: [PATCH] PR29926: debuginfod: Fix usage of deprecated CURLINFO_*
-
-The `CURLINFO_SIZE_DOWNLOAD_T` and `CURLINFO_CONTENT_LENGTH_DOWNLOAD_T`
-identifiers are `enum`s, not pre-processor definitions, so the current
-`#ifdef` logic is not selecting the newer API.  This results in the
-older identifiers being used and they now generate errors when compiled
-against Curl 7.87, which has silently deprecated them, causing GCC to
-emit `-Werror=deprecated-declarations`.
-
-Instead, the newer identifiers were added in Curl 7.55, so explicitly
-check for `CURL_AT_LEAST_VERSION(7, 55, 0)` instead of the current
-logic.  This eliminates the error when compiling against Curl 7.87.
-
-Ref: https://github.com/curl/curl/pull/1511
-
-Upstream-Status: Backport 
[https://sourceware.org/git/?p=elfutils.git;a=commit;h=d2bf497b12fbd49b4996ccf0744303ffd67735b1]
-Signed-off-by: Andrew Paprocki 

- debuginfod/debuginfod-client.c | 4 ++--
- 2 files changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
-index 8873fcc8..692aecce 100644
 a/debuginfod/debuginfod-client.c
-+++ b/debuginfod/debuginfod-client.c
-@@ -1456,7 +1456,7 @@ debuginfod_query_server (debuginfod_client *c,
-  deflate-compressing proxies, this number is likely to be
-  unavailable, so -1 may show. */
-   CURLcode curl_res;
--#ifdef CURLINFO_CONTENT_LENGTH_DOWNLOAD_T
-+#if CURL_AT_LEAST_VERSION(7, 55, 0)
-   curl_off_t cl;
-   curl_res = curl_easy_getinfo(target_handle,
-CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
-@@ -1491,7 +1491,7 @@ debuginfod_query_server (debuginfod_client *c,
-   if (target_handle) /* we've committed to a server; report its 
download progress */
- {
-   CURLcode curl_res;
--#ifdef CURLINFO_SIZE_DOWNLOAD_T
-+#if CURL_AT_LEAST_VERSION(7, 55, 0)
-   curl_off_t dl;
-   curl_res = curl_easy_getinfo(target_handle,
-CURLINFO_SIZE_DOWNLOAD_T,
--- 
-2.39.1
-
diff --git 
a/meta/recipes-devtools/elfutils/files/0002-debuginfod-client-Use-CURLOPT_PROTOCOLS_STR-for-libc.patch
 

[OE-core] [PATCH 09/27] erofs-utils: update 1.5 -> 1.6

[Alexander Kanavin]

Drop patches merged upstream.

--enable-largefile is no longer necessary, as compiler options are being passed 
in explicitly.

Signed-off-by: Alexander Kanavin 
---
 .../0001-configure-use-AC_SYS_LARGEFILE.patch |  43 ---
 ...eplace-l-stat64-by-equivalent-l-stat.patch | 109 --
 ...-Make-LFS-mandatory-for-all-usecases.patch |  41 ---
 ...{erofs-utils_1.5.bb => erofs-utils_1.6.bb} |  10 +-
 4 files changed, 3 insertions(+), 200 deletions(-)
 delete mode 100644 
meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
 delete mode 100644 
meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
 delete mode 100644 
meta/recipes-devtools/erofs-utils/erofs-utils/0003-internal.h-Make-LFS-mandatory-for-all-usecases.patch
 rename meta/recipes-devtools/erofs-utils/{erofs-utils_1.5.bb => 
erofs-utils_1.6.bb} (62%)

diff --git 
a/meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
 
b/meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
deleted file mode 100644
index 75c91f51a79..000
--- 
a/meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From fef3b16dba2c5f6ad88951b80cdfbedd423e80a0 Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Wed, 7 Dec 2022 20:16:52 -0800
-Subject: [PATCH v3 1/3] configure: use AC_SYS_LARGEFILE
-
-The autoconf macro AC_SYS_LARGEFILE defines _FILE_OFFSET_BITS=64
-where necessary to ensure that off_t and all interfaces using off_t
-are 64bit, even on 32bit systems.
-
-Pass -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=66 via CFLAGS
-
-Upstream-Status: Submitted 
[https://lore.kernel.org/linux-erofs/20221215064758.93821-1-raj.k...@gmail.com/T/#t]
-Signed-off-by: Khem Raj 

- configure.ac | 5 +
- 1 file changed, 5 insertions(+)
-
-diff --git a/configure.ac b/configure.ac
-index a736ff0..e8bb003 100644
 a/configure.ac
-+++ b/configure.ac
-@@ -13,6 +13,8 @@ AC_CONFIG_MACRO_DIR([m4])
- AC_CONFIG_AUX_DIR(config)
- AM_INIT_AUTOMAKE([foreign -Wall])
- 
-+AC_SYS_LARGEFILE
-+
- # Checks for programs.
- AM_PROG_AR
- AC_PROG_CC
-@@ -319,6 +321,9 @@ if test "x$enable_lzma" = "xyes"; then
-   CPPFLAGS="${saved_CPPFLAGS}"
- fi
- 
-+# Enable 64-bit off_t
-+CFLAGS+=" -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
-+
- # Set up needed symbols, conditionals and compiler/linker flags
- AM_CONDITIONAL([ENABLE_LZ4], [test "x${have_lz4}" = "xyes"])
- AM_CONDITIONAL([ENABLE_LZ4HC], [test "x${have_lz4hc}" = "xyes"])
--- 
-2.39.0
-
diff --git 
a/meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
 
b/meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
deleted file mode 100644
index d12bebbf870..000
--- 
a/meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-From 856189c324834b838f0e9cfc0d2e05f12518f264 Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Wed, 7 Dec 2022 22:17:35 -0800
-Subject: [PATCH v3 2/3] erofs: replace [l]stat64 by equivalent [l]stat
-
-Upstream-Status: Submitted 
[https://lore.kernel.org/linux-erofs/20221215064758.93821-2-raj.k...@gmail.com/T/#u]
-Signed-off-by: Khem Raj 

- lib/inode.c | 10 +-
- lib/xattr.c |  4 ++--
- mkfs/main.c |  4 ++--
- 3 files changed, 9 insertions(+), 9 deletions(-)
-
-diff --git a/lib/inode.c b/lib/inode.c
-index f192510..38003fc 100644
 a/lib/inode.c
-+++ b/lib/inode.c
-@@ -773,7 +773,7 @@ static u32 erofs_new_encode_dev(dev_t dev)
- 
- #ifdef WITH_ANDROID
- int erofs_droid_inode_fsconfig(struct erofs_inode *inode,
-- struct stat64 *st,
-+ struct stat *st,
-  const char *path)
- {
-   /* filesystem_config does not preserve file type bits */
-@@ -818,7 +818,7 @@ int erofs_droid_inode_fsconfig(struct erofs_inode *inode,
- }
- #else
- static int erofs_droid_inode_fsconfig(struct erofs_inode *inode,
--struct stat64 *st,
-+struct stat *st,
- const char *path)
- {
-   return 0;
-@@ -826,7 +826,7 @@ static int erofs_droid_inode_fsconfig(struct erofs_inode 
*inode,
- #endif
- 
- static int erofs_fill_inode(struct erofs_inode *inode,
--  struct stat64 *st,
-+  struct stat *st,
-   const char *path)
- {
-   int err = erofs_droid_inode_fsconfig(inode, st, path);
-@@ -910,7 +910,7 @@ static struct erofs_inode *erofs_new_inode(void)
- /* get the inode from the (source) path */
- static struct erofs_inode *erofs_iget_from_path(const char *path, bool is_src)
- {
--  struct stat64 st;
-+  struct stat st;
-   struct erofs_inode *inode;
-   int ret;
- 
-@@ 

[OE-core] [PATCH 02/27] insane.bbclass: add a RECIPE_MAINTAINER check (oe-core recipes only)

[Alexander Kanavin]

Absent maintainer entries are as well a frequent source of friction, as they 
are checked
only in selftest, and so aren't revealed until autobuilder runs.

The selftest is retained as it also checks for obsolete entries in 
maintainers.inc
(not possible to do in insane class).

Signed-off-by: Alexander Kanavin 
---
 meta/classes-global/insane.bbclass | 12 
 1 file changed, 12 insertions(+)

diff --git a/meta/classes-global/insane.bbclass 
b/meta/classes-global/insane.bbclass
index 632f738c86d..50f60337cc4 100644
--- a/meta/classes-global/insane.bbclass
+++ b/meta/classes-global/insane.bbclass
@@ -1492,7 +1492,19 @@ python do_qa_fetch() {
 else:
 oe.qa.handle_error("missing-metadata", "Recipe {} in {} does 
not contain a HOMEPAGE. Please add an entry.".format(pn, fn), d)
 
+def test_missing_maintainer(d):
+fn = d.getVar("FILE")
+if not '/meta/recipes-' in fn:
+# We are only interested in OE-Core
+return
+pn = d.getVar("PN")
+if pn.endswith("-native") or pn.startswith("nativesdk-"):
+return
+if not d.getVar('RECIPE_MAINTAINER'):
+oe.qa.handle_error("missing-metadata", "Recipe {} in {} does not 
have an assigned maintainer. Please add an entry into 
meta/conf/distro/include/maintainers.inc.".format(pn, fn), d)
+
 test_missing_metadata(d)
+test_missing_maintainer(d)
 oe.qa.exit_if_errors(d)
 }
 
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181057): 
https://lists.openembedded.org/g/openembedded-core/message/181057
Mute This Topic: https://lists.openembedded.org/mt/98788910/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 06/27] ovmf: update 202211 -> 202302

[Alexander Kanavin]

Signed-off-by: Alexander Kanavin 
---
 .../ovmf/ovmf/0005-debug-prefix-map.patch | 44 +--
 meta/recipes-core/ovmf/ovmf_git.bb|  4 +-
 2 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/meta/recipes-core/ovmf/ovmf/0005-debug-prefix-map.patch 
b/meta/recipes-core/ovmf/ovmf/0005-debug-prefix-map.patch
index 1b6687cfafc..7adc45465c0 100644
--- a/meta/recipes-core/ovmf/ovmf/0005-debug-prefix-map.patch
+++ b/meta/recipes-core/ovmf/ovmf/0005-debug-prefix-map.patch
@@ -1,4 +1,4 @@
-From 9f28dd5f183f6e4d2b023cd555bb30446ae5f618 Mon Sep 17 00:00:00 2001
+From cf6361f27cd6318622fd58ab6c0a9407cc633b1e Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin 
 Date: Mon, 14 Jun 2021 19:56:28 +0200
 Subject: [PATCH] debug prefix map
@@ -22,7 +22,7 @@ Signed-off-by: Alexander Kanavin 
  1 file changed, 9 insertions(+), 9 deletions(-)
 
 diff --git a/BaseTools/Conf/tools_def.template 
b/BaseTools/Conf/tools_def.template
-index c4e4c7ded0..058205da72 100755
+index 471eb67c0c..a16fb5c9f1 100755
 --- a/BaseTools/Conf/tools_def.template
 +++ b/BaseTools/Conf/tools_def.template
 @@ -1849,7 +1849,7 @@ NOOPT_*_*_OBJCOPY_ADDDEBUGFLAG = 
--add-gnu-debuglink=$(DEBUG_DIR)/$(MODULE_N
@@ -31,10 +31,10 @@ index c4e4c7ded0..058205da72 100755
  
 -DEFINE GCC_ALL_CC_FLAGS= -g -Os -fshort-wchar -fno-builtin 
-fno-strict-aliasing -Wall -Werror -Wno-array-bounds -include AutoGen.h 
-fno-common
 +DEFINE GCC_ALL_CC_FLAGS= -g -Os -fshort-wchar -fno-builtin 
-fno-strict-aliasing -Wall -Werror -Wno-array-bounds -include AutoGen.h 
-fno-common ENV(GCC_PREFIX_MAP)
- DEFINE GCC_IA32_CC_FLAGS   = DEF(GCC_ALL_CC_FLAGS) -m32 
-malign-double -freorder-blocks -freorder-blocks-and-partition -O2 
-mno-stack-arg-probe
- DEFINE GCC_X64_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS) -mno-red-zone 
-Wno-address -mno-stack-arg-probe
- DEFINE GCC_ARM_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS) -mlittle-endian 
-mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections 
-fdata-sections -fomit-frame-pointer -Wno-address -mthumb -mfloat-abi=soft 
-fno-pic -fno-pie
-@@ -1871,8 +1871,8 @@ DEFINE GCC_ARM_ASLDLINK_FLAGS  = 
DEF(GCC_ARM_DLINK_FLAGS) -Wl,--entry,Refere
+ DEFINE GCC_ARM_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS) -mlittle-endian 
-mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections 
-fdata-sections -fomit-frame-pointer -Wno-address -mthumb -fno-pic -fno-pie
+ DEFINE GCC_LOONGARCH64_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS) -mabi=lp64d 
-fno-asynchronous-unwind-tables -fno-plt -Wno-address -fno-short-enums 
-fsigned-char -ffunction-sections -fdata-sections
+ DEFINE GCC_ARM_CC_XIPFLAGS = -mno-unaligned-access
+@@ -1869,8 +1869,8 @@ DEFINE GCC_ARM_ASLDLINK_FLAGS  = 
DEF(GCC_ARM_DLINK_FLAGS) -Wl,--entry,Refere
  DEFINE GCC_AARCH64_ASLDLINK_FLAGS  = DEF(GCC_AARCH64_DLINK_FLAGS) 
-Wl,--entry,ReferenceAcpiTable -u $(IMAGE_ENTRY_POINT) 
DEF(GCC_ARM_AARCH64_ASLDLINK_FLAGS)
  DEFINE GCC_LOONGARCH64_ASLDLINK_FLAGS = DEF(GCC_LOONGARCH64_DLINK_FLAGS) 
-Wl,--entry,ReferenceAcpiTable -u $(IMAGE_ENTRY_POINT)
  DEFINE GCC_IA32_X64_DLINK_FLAGS= DEF(GCC_IA32_X64_DLINK_COMMON) --entry 
_$(IMAGE_ENTRY_POINT) --file-alignment 0x20 --section-alignment 0x20 -Map 
$(DEST_DIR_DEBUG)/$(BASE_NAME).map
@@ -45,59 +45,59 @@ index c4e4c7ded0..058205da72 100755
  DEFINE GCC_VFRPP_FLAGS = -x c -E -P -DVFRCOMPILE --include 
$(MODULE_NAME)StrDefs.h
  DEFINE GCC_ASLPP_FLAGS = -x c -E -include AutoGen.h
  DEFINE GCC_ASLCC_FLAGS = -x c
-@@ -2026,7 +2026,7 @@ DEFINE GCC_PP_FLAGS= -E -x 
assembler-with-cpp -include A
+@@ -2022,7 +2022,7 @@ DEFINE GCC5_LOONGARCH64_PP_FLAGS   = -mabi=lp64d 
-march=loongarch64 DEF(
  *_GCC48_IA32_DLINK2_FLAGS = DEF(GCC48_IA32_DLINK2_FLAGS)
  *_GCC48_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS)
  *_GCC48_IA32_OBJCOPY_FLAGS=
 -*_GCC48_IA32_NASM_FLAGS   = -f elf32
 +*_GCC48_IA32_NASM_FLAGS   = -f elf32 ENV(NASM_PREFIX_MAP)
  
-   DEBUG_GCC48_IA32_CC_FLAGS   = DEF(GCC48_IA32_CC_FLAGS) -Os
- RELEASE_GCC48_IA32_CC_FLAGS   = DEF(GCC48_IA32_CC_FLAGS) -Os 
-Wno-unused-but-set-variable
-@@ -2054,7 +2054,7 @@ RELEASE_GCC48_IA32_CC_FLAGS   = 
DEF(GCC48_IA32_CC_FLAGS) -Os -Wno-unused-but
+   DEBUG_GCC48_IA32_CC_FLAGS   = DEF(GCC48_IA32_CC_FLAGS)
+ RELEASE_GCC48_IA32_CC_FLAGS   = DEF(GCC48_IA32_CC_FLAGS) 
-Wno-unused-but-set-variable
+@@ -2050,7 +2050,7 @@ RELEASE_GCC48_IA32_CC_FLAGS   = 
DEF(GCC48_IA32_CC_FLAGS) -Wno-unused-but-set
  *_GCC48_X64_DLINK2_FLAGS = DEF(GCC48_X64_DLINK2_FLAGS)
  *_GCC48_X64_RC_FLAGS = DEF(GCC_X64_RC_FLAGS)
  *_GCC48_X64_OBJCOPY_FLAGS=
 -*_GCC48_X64_NASM_FLAGS   = -f elf64
 +*_GCC48_X64_NASM_FLAGS   = -f elf64 ENV(NASM_PREFIX_MAP)
  
-   DEBUG_GCC48_X64_CC_FLAGS   = DEF(GCC48_X64_CC_FLAGS) -Os
- RELEASE_GCC48_X64_CC_FLAGS   = DEF(GCC48_X64_CC_FLAGS) -Os 

[OE-core] [PATCH 07/27] btrfs-tools: update 6.1.3 -> 6.3

[Alexander Kanavin]

Drop patch, as upstream fixed the issue separately.

Signed-off-by: Alexander Kanavin 
---
 ...-ftruncate-stat-instead-of-64bit-equ.patch | 903 --
 ...trfs-tools_6.1.3.bb => btrfs-tools_6.3.bb} |   3 +-
 2 files changed, 1 insertion(+), 905 deletions(-)
 delete mode 100644 
meta/recipes-devtools/btrfs-tools/btrfs-tools/0001-Use-pread-pwrite-ftruncate-stat-instead-of-64bit-equ.patch
 rename meta/recipes-devtools/btrfs-tools/{btrfs-tools_6.1.3.bb => 
btrfs-tools_6.3.bb} (95%)

diff --git 
a/meta/recipes-devtools/btrfs-tools/btrfs-tools/0001-Use-pread-pwrite-ftruncate-stat-instead-of-64bit-equ.patch
 
b/meta/recipes-devtools/btrfs-tools/btrfs-tools/0001-Use-pread-pwrite-ftruncate-stat-instead-of-64bit-equ.patch
deleted file mode 100644
index 2618687088f..000
--- 
a/meta/recipes-devtools/btrfs-tools/btrfs-tools/0001-Use-pread-pwrite-ftruncate-stat-instead-of-64bit-equ.patch
+++ /dev/null
@@ -1,903 +0,0 @@
-From 37425f422e46003ed623f8e6387bed1aa5778b96 Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Fri, 11 Nov 2022 11:26:05 -0800
-Subject: [PATCH] Use pread/pwrite/ftruncate/stat instead of 64bit equivalents
-
-64bit functions are aliases to original functions when largefile feature
-is enabled via autoconf or right macro is passed on compiler cmdline
-
--D_FILE_OFFSET_BITS=64
-
-Upstream-Status: Submitted 
[https://lore.kernel.org/linux-btrfs/20221215084046.122836-1-raj.k...@gmail.com/T/#u]
-Signed-off-by: Khem Raj 

- cmds/rescue-chunk-recover.c |   4 +-
- image/main.c|  14 +--
- kernel-shared/zoned.c   |   6 +-
- kernel-shared/zoned.h   |   4 +-
- mkfs/main.c |   4 +-
- mkfs/rootdir.c  |  10 +-
- tests/fsstress.c| 192 ++--
- tests/fssum.c   |   8 +-
- 8 files changed, 121 insertions(+), 121 deletions(-)
-
 a/cmds/rescue-chunk-recover.c
-+++ b/cmds/rescue-chunk-recover.c
-@@ -755,7 +755,7 @@ static int scan_one_device(void *dev_sca
-   if (is_super_block_address(bytenr))
-   bytenr += rc->sectorsize;
- 
--  if (pread64(fd, buf->data, rc->nodesize, bytenr) <
-+  if (pread(fd, buf->data, rc->nodesize, bytenr) <
-   rc->nodesize)
-   break;
- 
-@@ -1875,7 +1875,7 @@ static int check_one_csum(int fd, u64 st
-   data = malloc(len);
-   if (!data)
-   return -1;
--  ret = pread64(fd, data, len, start);
-+  ret = pread(fd, data, len, start);
-   if (ret < 0 || ret != len) {
-   ret = -1;
-   goto out;
 a/image/main.c
-+++ b/image/main.c
-@@ -691,7 +691,7 @@ static int flush_pending(struct metadump
-   if (start == BTRFS_SUPER_INFO_OFFSET) {
-   int fd = get_dev_fd(md->root);
- 
--  ret = pread64(fd, async->buffer, size, start);
-+  ret = pread(fd, async->buffer, size, start);
-   if (ret < size) {
-   free(async->buffer);
-   free(async);
-@@ -1366,7 +1366,7 @@ static void write_backup_supers(int fd,
-   break;
-   btrfs_set_super_bytenr(super, bytenr);
-   csum_block(buf, BTRFS_SUPER_INFO_SIZE);
--  ret = pwrite64(fd, buf, BTRFS_SUPER_INFO_SIZE, bytenr);
-+  ret = pwrite(fd, buf, BTRFS_SUPER_INFO_SIZE, bytenr);
-   if (ret < BTRFS_SUPER_INFO_SIZE) {
-   if (ret < 0)
-   error(
-@@ -1487,12 +1487,12 @@ static int restore_one_work(struct mdres
-   else
-   bytenr = logical;
- 
--  ret = pwrite64(outfd, buffer + offset, 
chunk_size, bytenr);
-+  ret = pwrite(outfd, buffer + offset, 
chunk_size, bytenr);
-   if (ret != chunk_size)
-   goto write_error;
- 
-   if (physical_dup)
--  ret = pwrite64(outfd, buffer + offset,
-+  ret = pwrite(outfd, buffer + offset,
-  chunk_size, 
physical_dup);
-   if (ret != chunk_size)
-   goto write_error;
-@@ -2454,7 +2454,7 @@ static int fixup_device_size(struct btrf
-   }
-   if (S_ISREG(buf.st_mode)) {
-   /* Don't forget to enlarge the real file */
--  ret = ftruncate64(out_fd, dev_size);
-+  ret = ftruncate(out_fd, dev_size);
-   if (ret < 0) {
-   error("failed to enlarge result image: %m");
-   return -errno;
-@@ -2913,7 +2913,7 @@ static int restore_metadump(const char *
-   goto out;
-   }
-   

[OE-core] [PATCH 03/27] apmd: remove recipe and apm MACHINE_FEATURE

[Alexander Kanavin]

APM has been obsolete for a very long time, and debian no longer
packages it or carries the source tarball.

Signed-off-by: Alexander Kanavin 
---
 .../conf/distro/include/default-providers.inc |   1 -
 meta/conf/distro/include/maintainers.inc  |   1 -
 meta/recipes-bsp/apmd/apmd/apmd.service   |   7 -
 meta/recipes-bsp/apmd/apmd/apmd_proxy |  91 
 meta/recipes-bsp/apmd/apmd/apmd_proxy.conf|  16 ---
 meta/recipes-bsp/apmd/apmd/default|   8 --
 meta/recipes-bsp/apmd/apmd/init   |  51 ---
 meta/recipes-bsp/apmd/apmd/legacy.patch   | 133 --
 meta/recipes-bsp/apmd/apmd/libtool.patch  |  41 --
 meta/recipes-bsp/apmd/apmd/linkage.patch  |  53 ---
 meta/recipes-bsp/apmd/apmd/unlinux.patch  |  25 
 meta/recipes-bsp/apmd/apmd/wexitcode.patch|  26 
 meta/recipes-bsp/apmd/apmd_3.2.2-15.bb|  85 ---
 .../packagegroups/packagegroup-base.bb|   7 -
 .../matchbox-panel-2/matchbox-panel-2_2.12.bb |   2 -
 .../matchbox-session-sato/session |   1 -
 .../matchbox-session-sato_0.1.bb  |   2 +-
 17 files changed, 1 insertion(+), 549 deletions(-)
 delete mode 100644 meta/recipes-bsp/apmd/apmd/apmd.service
 delete mode 100644 meta/recipes-bsp/apmd/apmd/apmd_proxy
 delete mode 100644 meta/recipes-bsp/apmd/apmd/apmd_proxy.conf
 delete mode 100644 meta/recipes-bsp/apmd/apmd/default
 delete mode 100755 meta/recipes-bsp/apmd/apmd/init
 delete mode 100644 meta/recipes-bsp/apmd/apmd/legacy.patch
 delete mode 100644 meta/recipes-bsp/apmd/apmd/libtool.patch
 delete mode 100644 meta/recipes-bsp/apmd/apmd/linkage.patch
 delete mode 100644 meta/recipes-bsp/apmd/apmd/unlinux.patch
 delete mode 100644 meta/recipes-bsp/apmd/apmd/wexitcode.patch
 delete mode 100644 meta/recipes-bsp/apmd/apmd_3.2.2-15.bb

diff --git a/meta/conf/distro/include/default-providers.inc 
b/meta/conf/distro/include/default-providers.inc
index 3a4e989c1f9..d18173c7449 100644
--- a/meta/conf/distro/include/default-providers.inc
+++ b/meta/conf/distro/include/default-providers.inc
@@ -24,7 +24,6 @@ PREFERRED_PROVIDER_virtual/make-native ?= "make-native"
 # Default virtual runtime providers
 #
 VIRTUAL-RUNTIME_update-alternatives ?= "update-alternatives-opkg"
-VIRTUAL-RUNTIME_apm ?= "apm"
 VIRTUAL-RUNTIME_alsa-state ?= "alsa-state"
 VIRTUAL-RUNTIME_getopt ?= "util-linux-getopt"
 VIRTUAL-RUNTIME_base-utils ?= "busybox"
diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index e24d8545ba7..3c0362b5ff6 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -38,7 +38,6 @@ RECIPE_MAINTAINER:pn-alsa-tools = "Michael Opdenacker 
/dev/null; then
-## Reject system suspends and standbys if we are on AC power
-#exit 1  # Reject (NOTE kernel support must be enabled)
-#fi
-
-if [ "${1}" = "suspend" -o "${1}" = "standby" ]; then
-run-parts -a "${1}" -a "${2}" /etc/apm/event.d
-if [ -d /etc/apm/suspend.d ]; then
-run-parts -a "${1}" -a "${2}" /etc/apm/suspend.d
-fi
-elif [ "${1}" = "resume" ]; then
-if [ -d /etc/apm/resume.d ]; then
-run-parts -a "${1}" -a "${2}" /etc/apm/resume.d
-fi
-run-parts -a "${1}" -a "${2}" /etc/apm/event.d
-else
-run-parts -a "${1}" -a "${2}" /etc/apm/event.d
-if [ -d /etc/apm/other.d ]; then
-run-parts -a "${1}" -a "${2}" /etc/apm/other.d
-fi
-fi
-
-exit 0
diff --git a/meta/recipes-bsp/apmd/apmd/apmd_proxy.conf 
b/meta/recipes-bsp/apmd/apmd/apmd_proxy.conf
deleted file mode 100644
index 751145c522c..000
--- a/meta/recipes-bsp/apmd/apmd/apmd_proxy.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-# /etc/apm/apmd_proxy.conf: configuration file for apmd.
-#
-# This file is managed by debconf when installing or reconfiguring the
-# package.  It is generated by merging the answers gathered by debconf
-# into the template file "/usr/share/apmd/apmd_proxy.conf".
-
-# The following doesn't yet work, because current kernels (up to at least
-# 2.4.20) do not support rejection of APM events.  Supporting this would
-# require substantial modifications to the APM driver.  We will re-enable
-# this feature if the driver is ever modified.   -- c...@debian.org
-#
-# Set the following to "false" if you want to reject system suspend or
-# system standby requests when the computer is running on AC power.
-# Otherwise set this to "true".  Such requests are never rejected when
-# the computer is running on battery power.
-#SUSPEND_ON_AC=true
diff --git a/meta/recipes-bsp/apmd/apmd/default 
b/meta/recipes-bsp/apmd/apmd/default
deleted file mode 100644
index 4b7965abf85..000
--- a/meta/recipes-bsp/apmd/apmd/default
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# Default for /etc/init.d/apmd
-#
-
-# As apmd can be called with arguments, we use the following variable
-# to store them, e.g., APMD="-w 5 -p 2".
-# See the manual page apmd(8) for details.
-APMD="--proxy-timeout 

[OE-core] [PATCH 05/27] ppp: upgrade 2.4.9 -> 2.5.0

[Alexander Kanavin]

Convert the build from handcrafted makefiles to autotools;
this makes all custom tweaks in the recipe unnecessary, and
allows removing all patches.

Signed-off-by: Alexander Kanavin 
---
 ...1-ppp-fix-build-against-5.15-headers.patch | 36 --
 .../ppp/ppp/CVE-2022-4603.patch   | 48 ---
 .../ppp/ppp/makefix.patch | 40 
 .../ppp/{ppp_2.4.9.bb => ppp_2.5.0.bb}| 31 ++--
 4 files changed, 3 insertions(+), 152 deletions(-)
 delete mode 100644 
meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch
 delete mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
 delete mode 100644 meta/recipes-connectivity/ppp/ppp/makefix.patch
 rename meta/recipes-connectivity/ppp/{ppp_2.4.9.bb => ppp_2.5.0.bb} (77%)

diff --git 
a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch
 
b/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch
deleted file mode 100644
index c91246dbf5c..000
--- 
a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From aba3273273e826c6dc90f197ca9a3e800e826891 Mon Sep 17 00:00:00 2001
-From: Bruce Ashfield 
-Date: Fri, 5 Nov 2021 12:41:35 -0400
-Subject: [PATCH] ppp: fix build against 5.15 headers
-
-The 5.15 kernel has removed ipx support, along with the userspace
-visible header.
-
-This support wasn't used previously (as it hasn't been very well
-maintained in the kernel for several years), so we can simply
-disable it in our build and wait for upstream to do a release that
-drops the support.
-
-Upstream-Status: Inappropriate [OE-specific configuration/headers]
-
-Signed-off-by: Bruce Ashfield 

- pppd/Makefile.linux | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
-index 22837c5..23b9b22 100644
 a/pppd/Makefile.linux
-+++ b/pppd/Makefile.linux
-@@ -91,7 +91,7 @@ MAXOCTETS=y
- 
- INCLUDE_DIRS= -I../include
- 
--COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe
-+COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP -pipe
- 
- CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
- 
--- 
-2.25.1
-
diff --git a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch 
b/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
deleted file mode 100644
index 4325b1d6b02..000
--- a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From a75fb7b198eed50d769c80c36629f38346882cbf Mon Sep 17 00:00:00 2001
-From: Paul Mackerras 
-Date: Thu, 4 Aug 2022 12:23:08 +1000
-Subject: [PATCH] pppdump: Avoid out-of-range access to packet buffer
-
-This fixes a potential vulnerability where data is written to spkt.buf
-and rpkt.buf without a check on the array index.  To fix this, we
-check the array index (pkt->cnt) before storing the byte or
-incrementing the count.  This also means we no longer have a potential
-signed integer overflow on the increment of pkt->cnt.
-
-Fortunately, pppdump is not used in the normal process of setting up a
-PPP connection, is not installed setuid-root, and is not invoked
-automatically in any scenario that I am aware of.
-
-Signed-off-by: Paul Mackerras 
-
-Upstream-Status: Backport
-Signed-off-by: Ross Burton 

- pppdump/pppdump.c | 7 ++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/pppdump/pppdump.c b/pppdump/pppdump.c
-index 2b815fc9..b85a8627 100644
 a/pppdump/pppdump.c
-+++ b/pppdump/pppdump.c
-@@ -297,6 +297,10 @@ dum(f)
-   printf("%s aborted packet:\n ", dir);
-   q = "";
-   }
-+  if (pkt->cnt >= sizeof(pkt->buf)) {
-+  printf("%s over-long packet truncated:\n ", 
dir);
-+  q = "";
-+  }
-   nb = pkt->cnt;
-   p = pkt->buf;
-   pkt->cnt = 0;
-@@ -400,7 +404,8 @@ dum(f)
-   c ^= 0x20;
-   pkt->esc = 0;
-   }
--  pkt->buf[pkt->cnt++] = c;
-+  if (pkt->cnt < sizeof(pkt->buf))
-+  pkt->buf[pkt->cnt++] = c;
-   break;
-   }
-   }
diff --git a/meta/recipes-connectivity/ppp/ppp/makefix.patch 
b/meta/recipes-connectivity/ppp/ppp/makefix.patch
deleted file mode 100644
index fce068cae02..000
--- a/meta/recipes-connectivity/ppp/ppp/makefix.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-We were seeing reproducibility issues where one host would use the internal 
-logwtmp wrapper, another would use the one in libutil. The issue was that in
-some cases the "\#include" was making it to CC, in others, "#include". The
-issue seems to be related to shell escaping.
-
-The root cause looks to be:

[OE-core] [PATCH 04/27] glib-2.0: upgrade 2.74.6 -> 2.76.2

[Alexander Kanavin]

Drop backports.

Refactor relocate-modules.patch; upstream has implemented the same
logic, but made it os x only - we can simply drop those ifdef guards:
https://gitlab.gnome.org/GNOME/glib/-/commit/af83c6571e47d06468b8162dd29ad57bcf4967a8

Signed-off-by: Alexander Kanavin 
---
 ...-info-don-t-assume-million-in-one-ev.patch | 50 
 ...build-do-not-use-can_run_host_binari.patch | 48 
 .../glib-2.0/glib-2.0/cpp-null.patch  | 77 ---
 .../glib-2.0/glib-2.0/cpp-null2.patch | 31 
 .../glib-2.0/glib-2.0/relocate-modules.patch  | 47 +--
 ...{glib-2.0_2.74.6.bb => glib-2.0_2.76.2.bb} |  6 +-
 6 files changed, 22 insertions(+), 237 deletions(-)
 delete mode 100644 
meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-g-file-info-don-t-assume-million-in-one-ev.patch
 delete mode 100644 
meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-meson.build-do-not-use-can_run_host_binari.patch
 delete mode 100644 meta/recipes-core/glib-2.0/glib-2.0/cpp-null.patch
 delete mode 100644 meta/recipes-core/glib-2.0/glib-2.0/cpp-null2.patch
 rename meta/recipes-core/glib-2.0/{glib-2.0_2.74.6.bb => glib-2.0_2.76.2.bb} 
(87%)

diff --git 
a/meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-g-file-info-don-t-assume-million-in-one-ev.patch
 
b/meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-g-file-info-don-t-assume-million-in-one-ev.patch
deleted file mode 100644
index 57ada66907e..000
--- 
a/meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-g-file-info-don-t-assume-million-in-one-ev.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 3c56ff21b9a5fe18f9cec9b97ae1788fdf5d563e Mon Sep 17 00:00:00 2001
-From: Ross Burton 
-Date: Tue, 6 Jul 2021 19:26:03 +0100
-Subject: [PATCH] gio/tests/g-file-info: don't assume million-in-one events
-
-Upstream-Status: Backport 
[https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2990]
-Signed-off-by: Ross Burton 
-
- don't happen
-
-The access and creation time tests create a file, gets the time in
-seconds, then gets the time in microseconds and assumes that the
-difference between the two has to be above 0.
-
-As rare as this may be, it can happen:
-
-$ stat g-file-info-test-50A450 -c %y
-2021-07-06 18:24:56.00767 +0100
-
-Change the test to simply assert that the difference not negative to
-handle this case.
-
-This is the same fix as 289f8b, but that was just modification time.
-

- gio/tests/g-file-info.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/gio/tests/g-file-info.c b/gio/tests/g-file-info.c
-index d9ad045..c9b12b0 100644
 a/gio/tests/g-file-info.c
-+++ b/gio/tests/g-file-info.c
-@@ -307,7 +307,7 @@ test_g_file_info_access_time (void)
-   g_assert_nonnull (dt_usecs);
- 
-   ts = g_date_time_difference (dt_usecs, dt);
--  g_assert_cmpint (ts, >, 0);
-+  g_assert_cmpint (ts, >=, 0);
-   g_assert_cmpint (ts, <, G_USEC_PER_SEC);
- 
-   /* Try again with nanosecond precision. */
-@@ -442,7 +442,7 @@ test_g_file_info_creation_time (void)
-   g_assert_nonnull (dt_usecs);
- 
-   ts = g_date_time_difference (dt_usecs, dt);
--  g_assert_cmpint (ts, >, 0);
-+  g_assert_cmpint (ts, >=, 0);
-   g_assert_cmpint (ts, <, G_USEC_PER_SEC);
- 
-   /* Try again with nanosecond precision. */
diff --git 
a/meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-meson.build-do-not-use-can_run_host_binari.patch
 
b/meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-meson.build-do-not-use-can_run_host_binari.patch
deleted file mode 100644
index db08b5af555..000
--- 
a/meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-meson.build-do-not-use-can_run_host_binari.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From fdbffaea2fa85c203cc6aacb5734acac65aeaa19 Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin 
-Date: Fri, 11 Nov 2022 13:12:42 +0100
-Subject: [PATCH] tests/meson.build: do not use can_run_host_binaries()
-
-can_run_host_binaries() returns true even when cross compiling,
-if there is an executable wrapper defined that can run
-cross-binaries under some kind of emulation.
-
-Unfortunately, custom_target() will not use the wrapper
-and will attempt to execute the command directly. Until
-this is addressed in meson upstream, we have to disable
-these targets in cross scenarios.
-
-Upstream-Status: Submitted 
[https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3067]
-Signed-off-by: Alexander Kanavin 
-

- gio/tests/meson.build  | 2 +-
- glib/tests/meson.build | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/gio/tests/meson.build b/gio/tests/meson.build
-index 49cfa25ce..ea59656f9 100644
 a/gio/tests/meson.build
-+++ b/gio/tests/meson.build
-@@ -652,7 +652,7 @@ if installed_tests_enabled
-   endforeach
- endif
- 
--if meson.can_run_host_binaries()
-+if not meson.is_cross_build()
- 
-   compiler_type = '--compiler=@0@'.format(cc.get_id())
- 
-diff --git a/glib/tests/meson.build b/glib/tests/meson.build
-index 69508178e..e4f75f302 100644
 a/glib/tests/meson.build
-+++ 

[OE-core] [PATCH 01/27] insane.bbclass: add a SUMMARY/HOMEPAGE check (oe-core recipes only)

[Alexander Kanavin]

This was done in a selftest, but that is too late and creates
friction in integration as errors are not seen until autobuilder fails.

Bonus fix: SUMMARY check wasn't even working, as in the absence
of one set in the recipe there is a default value set from bitbake.conf.

I left DESCRIPTION check out for now, as many recipes don't actually
have it, and it's set from SUMMARY (plus a dot) if absent.

Signed-off-by: Alexander Kanavin 
---
 meta/classes-global/insane.bbclass | 26 
 meta/lib/oeqa/selftest/cases/distrodata.py | 36 --
 2 files changed, 26 insertions(+), 36 deletions(-)

diff --git a/meta/classes-global/insane.bbclass 
b/meta/classes-global/insane.bbclass
index 8788f58fc5b..632f738c86d 100644
--- a/meta/classes-global/insane.bbclass
+++ b/meta/classes-global/insane.bbclass
@@ -34,6 +34,7 @@ WARN_QA ?= " libdir xorg-driver-abi buildpaths \
 missing-update-alternatives native-last missing-ptest \
 license-exists license-no-generic license-syntax license-format \
 license-incompatible license-file-missing obsolete-license \
+missing-metadata \
 "
 ERROR_QA ?= "dev-so debug-deps dev-deps debug-files arch pkgconfig la \
 perms dep-cmp pkgvarcheck perm-config perm-line perm-link \
@@ -1473,6 +1474,28 @@ python do_qa_unpack() {
 unpack_check_src_uri(d.getVar('PN'), d)
 }
 
+python do_qa_fetch() {
+def test_missing_metadata(d):
+fn = d.getVar("FILE")
+if not '/meta/recipes-' in fn:
+# We are only interested in OE-Core
+return
+pn = d.getVar('BPN')
+srcfile = d.getVar('SRC_URI').split()
+# Check that SUMMARY is not the same as the default from bitbake.conf
+if d.getVar('SUMMARY') == d.expand("${PN} version ${PV}-${PR}"):
+oe.qa.handle_error("missing-metadata", "Recipe {} in {} does not 
contain a SUMMARY. Please add an entry.".format(pn, fn), d)
+if not d.getVar('HOMEPAGE'):
+if srcfile and srcfile[0].startswith('file') or not 
d.getVar('SRC_URI'):
+# We are only interested in recipes SRC_URI fetched from 
external sources
+pass
+else:
+oe.qa.handle_error("missing-metadata", "Recipe {} in {} does 
not contain a HOMEPAGE. Please add an entry.".format(pn, fn), d)
+
+test_missing_metadata(d)
+oe.qa.exit_if_errors(d)
+}
+
 # Check for patch fuzz
 do_patch[postfuncs] += "do_qa_patch "
 
@@ -1484,6 +1507,9 @@ do_configure[postfuncs] += "do_qa_configure "
 # Check does S exist.
 do_unpack[postfuncs] += "do_qa_unpack"
 
+# Check basic recipe metadata (e.g. SUMMARY/HOMEPAGE/RECIPE_MAINTAINER)
+do_fetch[postfuncs] += "do_qa_fetch"
+
 python () {
 import re
 
diff --git a/meta/lib/oeqa/selftest/cases/distrodata.py 
b/meta/lib/oeqa/selftest/cases/distrodata.py
index c83a3a7bd67..fd262fe3c9e 100644
--- a/meta/lib/oeqa/selftest/cases/distrodata.py
+++ b/meta/lib/oeqa/selftest/cases/distrodata.py
@@ -39,42 +39,6 @@ but their recipes claim otherwise by setting 
UPSTREAM_VERSION_UNKNOWN. Please re
 """ + "\n".join(regressed_successes)
 self.assertTrue(len(regressed_failures) == 0 and 
len(regressed_successes) == 0, msg)
 
-def test_missing_homepg(self):
-"""
-Summary: Test for oe-core recipes that don't have a HOMEPAGE or 
DESCRIPTION
-Expected:All oe-core recipes should have a DESCRIPTION entry
-Expected:All oe-core recipes should have a HOMEPAGE entry except 
for recipes that are not fetched from external sources.
-Product: oe-core
-"""
-with bb.tinfoil.Tinfoil() as tinfoil:
-tinfoil.prepare(config_only=False)
-no_description = []
-no_homepage = []
-for fn in tinfoil.all_recipe_files(variants=False):
-if not '/meta/recipes-' in fn:
-# We are only interested in OE-Core
-continue
-rd = tinfoil.parse_recipe_file(fn, appends=False)
-pn = rd.getVar('BPN')
-srcfile = rd.getVar('SRC_URI').split()
-#Since DESCRIPTION defaults to SUMMARY if not set, we are only 
interested in recipes without DESCRIPTION or SUMMARY
-if not (rd.getVar('SUMMARY') or rd.getVar('DESCRIPTION')):
-no_description.append((pn, fn))
-if not rd.getVar('HOMEPAGE'):
-if srcfile and srcfile[0].startswith('file') or not 
rd.getVar('SRC_URI'):
-# We are only interested in recipes SRC_URI fetched 
from external sources
-continue
-no_homepage.append((pn, fn))
-if no_homepage:
-self.fail("""
-The following recipes do not have a HOMEPAGE. Please add an entry for HOMEPAGE 
in the recipe.
-""" + "\n".join(['%s (%s)' % i for i in no_homepage]))
-
-if 

Re: [OE-core][Patch v2 1/3] libtraceevent: import from meta-openembedded

[Jose Quaresma]

Hi Max,

This also needs an entry on meta/conf/distro/include/maintainers.inc

Jose

Max Krummenacher  escreveu no dia terça, 9/05/2023
à(s) 17:13:

> From: Max Krummenacher 
>
> Import from meta-openembedded at commit d250a0dc0 ("libtraceevent:
> upgrade 1.7.1 -> 1.7.2").
> Starting with kernel 6.4 libtraceevent is a dependency of perf. While
> one can still build perf without it by opting out one would loose its
> functionality compared with building perf from kernels before 6.4
>
> Signed-off-by: Max Krummenacher 
> ---
>  ...not-preserve-ownership-in-cp-command.patch | 40 +++
>  .../libtraceevent/libtraceevent_1.7.2.bb  | 25 
>  2 files changed, 65 insertions(+)
>  create mode 100644
> meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
>  create mode 100644 meta/recipes-kernel/libtraceevent/
> libtraceevent_1.7.2.bb
>
> diff --git
> a/meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
> b/meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
> new file mode 100644
> index 00..5e88048817
> --- /dev/null
> +++
> b/meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
> @@ -0,0 +1,40 @@
> +From ed0a31000305d937abe47c44d705b5b52bb36f79 Mon Sep 17 00:00:00 2001
> +From: Khem Raj 
> +Date: Thu, 22 Dec 2022 18:32:17 -0800
> +Subject: [PATCH] makefile: Do not preserve ownership in cp command
> +
> +Fixes
> +
> +ERROR: libtraceevent-1.7.0-r0 do_package_qa: QA Issue: libtraceevent:
> /usr/lib/libtraceevent.a is owned by uid 1000, which is the same as the
> user running bitbake. This may be due to host contamination
> [host-user-contaminated]
> +
> +Upstream-Status: Pending
> +Signed-off-by: Khem Raj 
> +---
> + Makefile | 4 ++--
> + 1 file changed, 2 insertions(+), 2 deletions(-)
> +
> +diff --git a/Makefile b/Makefile
> +index 965ff47..0e782cb 100644
> +--- a/Makefile
>  b/Makefile
> +@@ -287,7 +287,7 @@ $(BUILD_PREFIX): force
> +   $(Q)$(call build_prefix,$(prefix))
> +
> + define do_make_pkgconfig_file
> +-  cp -f ${PKG_CONFIG_SOURCE_FILE}.template ${PKG_CONFIG_FILE};\
> ++  install -m 0644 ${PKG_CONFIG_SOURCE_FILE}.template
> ${PKG_CONFIG_FILE};  \
> +   sed -i "s|INSTALL_PREFIX|${1}|g" ${PKG_CONFIG_FILE};\
> +   sed -i "s|LIB_VERSION|${EVENT_PARSE_VERSION}|g"
> ${PKG_CONFIG_FILE}; \
> +   sed -i "s|LIB_DIR|${libdir_relative}|g" ${PKG_CONFIG_FILE}; \
> +@@ -335,7 +335,7 @@ install: install_libs install_plugins
> +
> + install_libs: libs install_headers install_pkgconfig
> +   $(Q)$(call do_install,$(LIBTRACEEVENT_SHARED),$(libdir_SQ)); \
> +-  cp -fpR $(LIB_INSTALL) $(DESTDIR)$(libdir_SQ)
> ++  cp --no-preserve=ownership --recursive $(LIB_INSTALL)
> $(DESTDIR)$(libdir_SQ)
> +   $(Q)$(call install_ld_config)
> +
> + install_pkgconfig: $(PKG_CONFIG_FILE)
> +--
> +2.39.0
> +
> diff --git a/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb
> b/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb
> new file mode 100644
> index 00..089b6814c7
> --- /dev/null
> +++ b/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb
> @@ -0,0 +1,25 @@
> +# Copyright (C) 2022 Khem Raj 
> +# Released under the MIT license (see COPYING.MIT for the terms)
> +
> +SUMMARY = "API to access the kernel tracefs directory"
> +HOMEPAGE = "https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/;
> +LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later"
> +LIC_FILES_CHKSUM =
> "file://LICENSES/GPL-2.0;md5=e6a75371ba4d16749254a51215d13f97 \
> +
> file://LICENSES/LGPL-2.1;md5=b370887980db5dd40659b50909238dbd"
> +SECTION = "libs"
> +
> +SRCREV = "1c6f0f3b2bb47571fc455dc565dc343152517d98"
> +SRC_URI = "git://
> git.kernel.org/pub/scm/libs/libtrace/libtraceevent.git;branch=${BPN};protocol=https
> 
> \
> +
>  file://0001-makefile-Do-not-preserve-ownership-in-cp-command.patch"
> +
> +S = "${WORKDIR}/git"
> +
> +inherit pkgconfig
> +
> +do_install() {
> +oe_runmake install DESTDIR=${D} pkgconfig_dir=${libdir}/pkgconfig
> +}
> +
> +PACKAGES += "${PN}-plugins"
> +
> +FILES:${PN}-plugins += "${libdir}/traceevent/plugins"
> --
> 2.35.3
>
>
> 
>
>

-- 
Best regards,

José Quaresma

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181055): 
https://lists.openembedded.org/g/openembedded-core/message/181055
Mute This Topic: https://lists.openembedded.org/mt/98787450/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] python3-requests broken after urlib3 update

[Khem Raj]

Thanks, this was the reason why I was seeing regressions in
meta-python ptests for python3-requests-toolbelt, I have sent a patch
to upgrade python3-requests to 2.30 but that doesn't fix the problem
for
recipes which are not yet ported to use urllib 2.0 - see
https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html, I am
not sure if we are ready to use this yet. So perhaps sticking to 1.x
might be good
for a while.

On Tue, May 9, 2023 at 9:03 AM Konrad Weihmann  wrote:
>
> FYI:
> https://git.yoctoproject.org/poky/commit/meta/recipes-devtools/python?h=master-next=4641605c794db6648311b931fb3a36fe9e5dea56
> breaks building python3-requests (as of version 2.28.2 in master).
>
>  > recipe-sysroot-native/usr/bin/python3-native/python3', '-m', 'pip',
> '--disable-pip-version-check', 'wheel', '--no-deps', '-w',
> '/tmp/tmptsmcl2c1', '--quiet', 'urllib3<1.27,>=1.21.1' --> exit code 1
>
> Tried with native variants.
>
> An update to python3-requests 2.30.0 should fix the issue.
>
> But I'm not sure how that could have passed CI - so someone with more
> knowledge than me of the autobuilder might want to have a look.
>
> Regards
> Konrad
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181054): 
https://lists.openembedded.org/g/openembedded-core/message/181054
Mute This Topic: https://lists.openembedded.org/mt/98787186/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] python3-requests: Upgrade to 2.30.0

[Khem Raj]

Adds supports for urllib3 2.0 and might break urllib3 1.x [1]

[1] https://github.com/psf/requests/releases/tag/v2.30.0

Signed-off-by: Khem Raj 
---
 .../{python3-requests_2.28.2.bb => python3-requests_2.30.0.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/python/{python3-requests_2.28.2.bb => 
python3-requests_2.30.0.bb} (87%)

diff --git a/meta/recipes-devtools/python/python3-requests_2.28.2.bb 
b/meta/recipes-devtools/python/python3-requests_2.30.0.bb
similarity index 87%
rename from meta/recipes-devtools/python/python3-requests_2.28.2.bb
rename to meta/recipes-devtools/python/python3-requests_2.30.0.bb
index 8ab1ec0121..1286eba786 100644
--- a/meta/recipes-devtools/python/python3-requests_2.28.2.bb
+++ b/meta/recipes-devtools/python/python3-requests_2.30.0.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "http://python-requests.org;
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=34400b68072d710fecd0a2940a0d1658"
 
-SRC_URI[sha256sum] = 
"98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf"
+SRC_URI[sha256sum] = 
"239d7d4458afcb28a692cdd298d87542235f4ca8d36d03a15bfc128a6559a2f4"
 
 inherit pypi setuptools3
 
-- 
2.40.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181053): 
https://lists.openembedded.org/g/openembedded-core/message/181053
Mute This Topic: https://lists.openembedded.org/mt/98788452/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][Patch v2 3/3] perf: add libtraceevent packageconfig

[Max Krummenacher]

From: Max Krummenacher 

With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.

Older kernels did build libtraceevent as provided by the kernel sources.
(Unless LIBTRACEEVENT_DYNAMIC=1 was defined, then it tried to pickup
an external provided libtraceevent and printed a warning if not found.)

Add a libtraceevent packageconfig which adds the dependency on
libtraceevent if set, otherwise builds with NO_LIBTRACEEVENT=1.
For older kernels the old behaviour of building libtraceevent from
the kernel sources isn't changed.

Signed-off-by: Max Krummenacher 
---
 meta/recipes-kernel/perf/perf.bb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-kernel/perf/perf.bb b/meta/recipes-kernel/perf/perf.bb
index 80199a4515..19f8aadaa0 100644
--- a/meta/recipes-kernel/perf/perf.bb
+++ b/meta/recipes-kernel/perf/perf.bb
@@ -11,7 +11,7 @@ LICENSE = "GPL-2.0-only"
 
 PR = "r9"
 
-PACKAGECONFIG ??= "scripting tui libunwind"
+PACKAGECONFIG ??= "scripting tui libunwind libtraceevent"
 PACKAGECONFIG[dwarf] = ",NO_DWARF=1"
 PACKAGECONFIG[scripting] = ",NO_LIBPERL=1 NO_LIBPYTHON=1,perl python3 
python3-setuptools-native"
 # gui support was added with kernel 3.6.35
@@ -27,6 +27,7 @@ PACKAGECONFIG[jvmti] = ",NO_JVMTI=1"
 PACKAGECONFIG[audit] = ",NO_LIBAUDIT=1,audit"
 PACKAGECONFIG[manpages] = ",,xmlto-native asciidoc-native"
 PACKAGECONFIG[cap] = ",,libcap"
+PACKAGECONFIG[libtraceevent] = ",NO_LIBTRACEEVENT=1,libtraceevent"
 # Arm CoreSight
 PACKAGECONFIG[coresight] = "CORESIGHT=1,,opencsd"
 
-- 
2.35.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181052): 
https://lists.openembedded.org/g/openembedded-core/message/181052
Mute This Topic: https://lists.openembedded.org/mt/98787453/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][Patch v2 2/3] perf: make pkg-config available

[Max Krummenacher]

From: Max Krummenacher 

Fixup the to be called pkg-config as $(CROSS_COMPILE)pkg-config doesn't
exist.
With kernels < 6.4 pkg-config is only used for the gtk+-2.0 integration
which is disabled in the OE config. Thus the issue wasn't exposed so
far. With kernel 6.4 pkg-config is additionally used for libtraceevent
and libtracefs.

Signed-off-by: Max Krummenacher 
---
 meta/recipes-kernel/perf/perf.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-kernel/perf/perf.bb b/meta/recipes-kernel/perf/perf.bb
index 2f28d16fba..80199a4515 100644
--- a/meta/recipes-kernel/perf/perf.bb
+++ b/meta/recipes-kernel/perf/perf.bb
@@ -87,6 +87,7 @@ EXTRA_OEMAKE = '\
 perfexecdir=${libexecdir} \
 NO_GTK2=1 \
 ${PACKAGECONFIG_CONFARGS} \
+PKG_CONFIG=pkg-config \
 TMPDIR="${B}" \
 LIBUNWIND_DIR=${STAGING_EXECPREFIXDIR} \
 '
@@ -287,6 +288,7 @@ do_configure:prepend () {
 sed -i 's,CC = $(CROSS_COMPILE)gcc,#CC,' ${S}/tools/perf/Makefile.perf
 sed -i 's,AR = $(CROSS_COMPILE)ar,#AR,' ${S}/tools/perf/Makefile.perf
 sed -i 's,LD = $(CROSS_COMPILE)ld,#LD,' ${S}/tools/perf/Makefile.perf
+sed -i 's,PKG_CONFIG = $(CROSS_COMPILE)pkg-config,#PKG_CONFIG,' 
${S}/tools/perf/Makefile.perf
 fi
 if [ -e "${S}/tools/lib/api/Makefile" ]; then
 sed -i 's,CC = $(CROSS_COMPILE)gcc,#CC,' ${S}/tools/lib/api/Makefile
-- 
2.35.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181051): 
https://lists.openembedded.org/g/openembedded-core/message/181051
Mute This Topic: https://lists.openembedded.org/mt/98787451/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][Patch v2 1/3] libtraceevent: import from meta-openembedded

[Max Krummenacher]

From: Max Krummenacher 

Import from meta-openembedded at commit d250a0dc0 ("libtraceevent:
upgrade 1.7.1 -> 1.7.2").
Starting with kernel 6.4 libtraceevent is a dependency of perf. While
one can still build perf without it by opting out one would loose its
functionality compared with building perf from kernels before 6.4

Signed-off-by: Max Krummenacher 
---
 ...not-preserve-ownership-in-cp-command.patch | 40 +++
 .../libtraceevent/libtraceevent_1.7.2.bb  | 25 
 2 files changed, 65 insertions(+)
 create mode 100644 
meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
 create mode 100644 meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb

diff --git 
a/meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
 
b/meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
new file mode 100644
index 00..5e88048817
--- /dev/null
+++ 
b/meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
@@ -0,0 +1,40 @@
+From ed0a31000305d937abe47c44d705b5b52bb36f79 Mon Sep 17 00:00:00 2001
+From: Khem Raj 
+Date: Thu, 22 Dec 2022 18:32:17 -0800
+Subject: [PATCH] makefile: Do not preserve ownership in cp command
+
+Fixes
+
+ERROR: libtraceevent-1.7.0-r0 do_package_qa: QA Issue: libtraceevent: 
/usr/lib/libtraceevent.a is owned by uid 1000, which is the same as the user 
running bitbake. This may be due to host contamination [host-user-contaminated]
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj 
+---
+ Makefile | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 965ff47..0e782cb 100644
+--- a/Makefile
 b/Makefile
+@@ -287,7 +287,7 @@ $(BUILD_PREFIX): force
+   $(Q)$(call build_prefix,$(prefix))
+ 
+ define do_make_pkgconfig_file
+-  cp -f ${PKG_CONFIG_SOURCE_FILE}.template ${PKG_CONFIG_FILE};\
++  install -m 0644 ${PKG_CONFIG_SOURCE_FILE}.template ${PKG_CONFIG_FILE};  
\
+   sed -i "s|INSTALL_PREFIX|${1}|g" ${PKG_CONFIG_FILE};\
+   sed -i "s|LIB_VERSION|${EVENT_PARSE_VERSION}|g" ${PKG_CONFIG_FILE}; \
+   sed -i "s|LIB_DIR|${libdir_relative}|g" ${PKG_CONFIG_FILE}; \
+@@ -335,7 +335,7 @@ install: install_libs install_plugins
+ 
+ install_libs: libs install_headers install_pkgconfig
+   $(Q)$(call do_install,$(LIBTRACEEVENT_SHARED),$(libdir_SQ)); \
+-  cp -fpR $(LIB_INSTALL) $(DESTDIR)$(libdir_SQ)
++  cp --no-preserve=ownership --recursive $(LIB_INSTALL) 
$(DESTDIR)$(libdir_SQ)
+   $(Q)$(call install_ld_config)
+ 
+ install_pkgconfig: $(PKG_CONFIG_FILE)
+-- 
+2.39.0
+
diff --git a/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb 
b/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb
new file mode 100644
index 00..089b6814c7
--- /dev/null
+++ b/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb
@@ -0,0 +1,25 @@
+# Copyright (C) 2022 Khem Raj 
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+SUMMARY = "API to access the kernel tracefs directory"
+HOMEPAGE = "https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/;
+LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later"
+LIC_FILES_CHKSUM = 
"file://LICENSES/GPL-2.0;md5=e6a75371ba4d16749254a51215d13f97 \
+
file://LICENSES/LGPL-2.1;md5=b370887980db5dd40659b50909238dbd"
+SECTION = "libs"
+
+SRCREV = "1c6f0f3b2bb47571fc455dc565dc343152517d98"
+SRC_URI = 
"git://git.kernel.org/pub/scm/libs/libtrace/libtraceevent.git;branch=${BPN};protocol=https
 \
+   file://0001-makefile-Do-not-preserve-ownership-in-cp-command.patch"
+
+S = "${WORKDIR}/git"
+
+inherit pkgconfig
+
+do_install() {
+oe_runmake install DESTDIR=${D} pkgconfig_dir=${libdir}/pkgconfig
+}
+
+PACKAGES += "${PN}-plugins"
+
+FILES:${PN}-plugins += "${libdir}/traceevent/plugins"
-- 
2.35.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181050): 
https://lists.openembedded.org/g/openembedded-core/message/181050
Mute This Topic: https://lists.openembedded.org/mt/98787450/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][Patch v2 0/3] perf: add libtraceevent packageconfig

[Max Krummenacher]

From: Max Krummenacher 

With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.

Changes in V2
- add a patch importing libtraceevent from meta-openembedded
- move the pkg-config changes in a separate commit
- default to setting the packageconfig as we now have the dependecy in core

Max Krummenacher (3):
  libtraceevent: import from meta-openembedded
  perf: make pkg-config available
  perf: add libtraceevent packageconfig

 ...not-preserve-ownership-in-cp-command.patch | 40 +++
 .../libtraceevent/libtraceevent_1.7.2.bb  | 25 
 meta/recipes-kernel/perf/perf.bb  |  5 ++-
 3 files changed, 69 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-kernel/libtraceevent/libtraceevent/0001-makefile-Do-not-preserve-ownership-in-cp-command.patch
 create mode 100644 meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb

-- 
2.35.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181049): 
https://lists.openembedded.org/g/openembedded-core/message/181049
Mute This Topic: https://lists.openembedded.org/mt/98787449/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] python3-requests broken after urlib3 update

[Konrad Weihmann]

FYI: 
https://git.yoctoproject.org/poky/commit/meta/recipes-devtools/python?h=master-next=4641605c794db6648311b931fb3a36fe9e5dea56 
breaks building python3-requests (as of version 2.28.2 in master).


> recipe-sysroot-native/usr/bin/python3-native/python3', '-m', 'pip', 
'--disable-pip-version-check', 'wheel', '--no-deps', '-w', 
'/tmp/tmptsmcl2c1', '--quiet', 'urllib3<1.27,>=1.21.1' --> exit code 1


Tried with native variants.

An update to python3-requests 2.30.0 should fix the issue.

But I'm not sure how that could have passed CI - so someone with more 
knowledge than me of the autobuilder might want to have a look.


Regards
Konrad

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181048): 
https://lists.openembedded.org/g/openembedded-core/message/181048
Mute This Topic: https://lists.openembedded.org/mt/98787186/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v8] python3-calver: Add recipe

[Trevor Gamblin]

calver is "a setuptools extension for automatically defining your Python
package version as a calendar version." It is required for
python3-trove-classifiers (another new recipe), which in turn is
required for the upgrade of python3-hatchling from 1.13.0 to work.

Signed-off-by: Trevor Gamblin 

---
v8 moves the versioning info back to the right place :)
v7 removes the unnecessary sha256sum from the recipe.   


  
v6 addresses reproducibility by patching the source code, and fixes 


  
issues with that were missed from previous reviews. 


  
v5 moves these revision notes to the correct place. 


  
v4 adds the run-ptest script and adds maintainer info.  


  
v3 clarifies that the recipe now includes ptests, where v2 didn't make  


  
this clear and v1 didn't have them at all.

 meta/conf/distro/include/maintainers.inc  |  1 +
 .../distro/include/ptest-packagelists.inc |  1 +
 .../0001-setup.py-hard-code-version.patch | 32 +++
 .../python/python3-calver/run-ptest   |  3 ++
 .../python/python3-calver_2022.6.26.bb| 28 
 5 files changed, 65 insertions(+)
 create mode 100644 
meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
 create mode 100644 meta/recipes-devtools/python/python3-calver/run-ptest
 create mode 100644 meta/recipes-devtools/python/python3-calver_2022.6.26.bb

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index e24d8545ba..0ee465fe1f 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -607,6 +607,7 @@ RECIPE_MAINTAINER:pn-python3-attrs = "Tim Orling 
"
 RECIPE_MAINTAINER:pn-python3-babel = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-bcrypt = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-build = "Ross Burton "
+RECIPE_MAINTAINER:pn-python3-calver = "Trevor Gamblin "
 RECIPE_MAINTAINER:pn-python3-certifi = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-cffi = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-chardet = "Tim Orling "
diff --git a/meta/conf/distro/include/ptest-packagelists.inc 
b/meta/conf/distro/include/ptest-packagelists.inc
index 2f83132aeb..bd95a13ff6 100644
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -56,6 +56,7 @@ PTESTS_FAST = "\
 popt \
 python3-atomicwrites \
 python3-bcrypt \
+python3-calver \
 python3-hypothesis \
 python3-jinja2 \
 python3-jsonpointer \
diff --git 
a/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
 
b/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
new file mode 100644
index 00..43f8a78ef0
--- /dev/null
+++ 
b/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
@@ -0,0 +1,32 @@
+From 390a233ed969f82b2ef209b23bfb523e785603f9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin 
+Date: Tue, 9 May 2023 10:19:41 -0400
+Subject: [PATCH] setup.py: hard-code version
+
+setup.py is pulling the build version from the current date rather than
+a release tag or other predictable method, causing reproducibility 
+issues in builds. Patch this to make reproducible builds work while
+discussing this with upstream maintainer (or developing a patch that can
+make calver rely on a more standard pyproject.toml solution).
+
+Upstream-Status: Inappropriate (configuration)
+

[OE-core] [PATCH v7] python3-calver: Add recipe

[Trevor Gamblin]

calver is "a setuptools extension for automatically defining your Python
package version as a calendar version." It is required for
python3-trove-classifiers (another new recipe), which in turn is
required for the upgrade of python3-hatchling from 1.13.0 to work.

Signed-off-by: Trevor Gamblin 

v7 removes the unnecessary sha256sum from the recipe.
v6 addresses reproducibility by patching the source code, and fixes 


  
issues with that were missed from previous reviews. 


  
v5 moves these revision notes to the correct place. 


  
v4 adds the run-ptest script and adds maintainer info.  


  
v3 clarifies that the recipe now includes ptests, where v2 didn't make  


  
this clear and v1 didn't have them at all.  
---
 meta/conf/distro/include/maintainers.inc  |  1 +
 .../distro/include/ptest-packagelists.inc |  1 +
 .../0001-setup.py-hard-code-version.patch | 32 +++
 .../python/python3-calver/run-ptest   |  3 ++
 .../python/python3-calver_2022.6.26.bb| 28 
 5 files changed, 65 insertions(+)
 create mode 100644 
meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
 create mode 100644 meta/recipes-devtools/python/python3-calver/run-ptest
 create mode 100644 meta/recipes-devtools/python/python3-calver_2022.6.26.bb

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index e24d8545ba..0ee465fe1f 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -607,6 +607,7 @@ RECIPE_MAINTAINER:pn-python3-attrs = "Tim Orling 
"
 RECIPE_MAINTAINER:pn-python3-babel = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-bcrypt = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-build = "Ross Burton "
+RECIPE_MAINTAINER:pn-python3-calver = "Trevor Gamblin "
 RECIPE_MAINTAINER:pn-python3-certifi = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-cffi = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-chardet = "Tim Orling "
diff --git a/meta/conf/distro/include/ptest-packagelists.inc 
b/meta/conf/distro/include/ptest-packagelists.inc
index 2f83132aeb..bd95a13ff6 100644
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -56,6 +56,7 @@ PTESTS_FAST = "\
 popt \
 python3-atomicwrites \
 python3-bcrypt \
+python3-calver \
 python3-hypothesis \
 python3-jinja2 \
 python3-jsonpointer \
diff --git 
a/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
 
b/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
new file mode 100644
index 00..43f8a78ef0
--- /dev/null
+++ 
b/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
@@ -0,0 +1,32 @@
+From 390a233ed969f82b2ef209b23bfb523e785603f9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin 
+Date: Tue, 9 May 2023 10:19:41 -0400
+Subject: [PATCH] setup.py: hard-code version
+
+setup.py is pulling the build version from the current date rather than
+a release tag or other predictable method, causing reproducibility 
+issues in builds. Patch this to make reproducible builds work while
+discussing this with upstream maintainer (or developing a patch that can
+make calver rely on a more standard pyproject.toml solution).
+
+Upstream-Status: Inappropriate (configuration)
+
+Signed-off-by: Trevor Gamblin 
+---
+ setup.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index 73f6b10..2e27cf1 100644
+--- a/setup.py
 b/setup.py
+@@ -42,5 +42,5 @@ setup(
+ "use_calver = calver.integration:version",
+ ],
+ },
+-

[OE-core] [PATCH v6] python3-calver: Add recipe

[Trevor Gamblin]

calver is "a setuptools extension for automatically defining your Python
package version as a calendar version." It is required for
python3-trove-classifiers (another new recipe), which in turn is
required for the upgrade of python3-hatchling from 1.13.0 to work.

Signed-off-by: Trevor Gamblin 

v6 addresses reproducibility by patching the source code, and fixes 
issues with that were missed from previous reviews.
v5 moves these revision notes to the correct place.
v4 adds the run-ptest script and adds maintainer info.
v3 clarifies that the recipe now includes ptests, where v2 didn't make
this clear and v1 didn't have them at all.
---
 meta/conf/distro/include/maintainers.inc  |  1 +
 .../distro/include/ptest-packagelists.inc |  1 +
 .../0001-setup.py-hard-code-version.patch | 32 +++
 .../python/python3-calver/run-ptest   |  3 ++
 .../python/python3-calver_2022.6.26.bb| 29 +
 5 files changed, 66 insertions(+)
 create mode 100644 
meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
 create mode 100644 meta/recipes-devtools/python/python3-calver/run-ptest
 create mode 100644 meta/recipes-devtools/python/python3-calver_2022.6.26.bb

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index e24d8545ba..0ee465fe1f 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -607,6 +607,7 @@ RECIPE_MAINTAINER:pn-python3-attrs = "Tim Orling 
"
 RECIPE_MAINTAINER:pn-python3-babel = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-bcrypt = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-build = "Ross Burton "
+RECIPE_MAINTAINER:pn-python3-calver = "Trevor Gamblin "
 RECIPE_MAINTAINER:pn-python3-certifi = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-cffi = "Tim Orling "
 RECIPE_MAINTAINER:pn-python3-chardet = "Tim Orling "
diff --git a/meta/conf/distro/include/ptest-packagelists.inc 
b/meta/conf/distro/include/ptest-packagelists.inc
index 2f83132aeb..bd95a13ff6 100644
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -56,6 +56,7 @@ PTESTS_FAST = "\
 popt \
 python3-atomicwrites \
 python3-bcrypt \
+python3-calver \
 python3-hypothesis \
 python3-jinja2 \
 python3-jsonpointer \
diff --git 
a/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
 
b/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
new file mode 100644
index 00..43f8a78ef0
--- /dev/null
+++ 
b/meta/recipes-devtools/python/python3-calver/0001-setup.py-hard-code-version.patch
@@ -0,0 +1,32 @@
+From 390a233ed969f82b2ef209b23bfb523e785603f9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin 
+Date: Tue, 9 May 2023 10:19:41 -0400
+Subject: [PATCH] setup.py: hard-code version
+
+setup.py is pulling the build version from the current date rather than
+a release tag or other predictable method, causing reproducibility 
+issues in builds. Patch this to make reproducible builds work while
+discussing this with upstream maintainer (or developing a patch that can
+make calver rely on a more standard pyproject.toml solution).
+
+Upstream-Status: Inappropriate (configuration)
+
+Signed-off-by: Trevor Gamblin 
+---
+ setup.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index 73f6b10..2e27cf1 100644
+--- a/setup.py
 b/setup.py
+@@ -42,5 +42,5 @@ setup(
+ "use_calver = calver.integration:version",
+ ],
+ },
+-version=calver_version(True),
++version=calver_version("2022.6.26"),
+ )
+-- 
+2.40.0
+
diff --git a/meta/recipes-devtools/python/python3-calver/run-ptest 
b/meta/recipes-devtools/python/python3-calver/run-ptest
new file mode 100644
index 00..8d2017d39c
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-calver/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+pytest --automake
diff --git a/meta/recipes-devtools/python/python3-calver_2022.6.26.bb 
b/meta/recipes-devtools/python/python3-calver_2022.6.26.bb
new file mode 100644
index 00..e564515176
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-calver_2022.6.26.bb
@@ -0,0 +1,29 @@
+SUMMARY = "Setuptools extension for CalVer package versions"
+HOMEPAGE = "https://github.com/di/calver;
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+SRC_URI = " \
+git://github.com/di/calver;branch=master;protocol=https \
+file://run-ptest \
+file://0001-setup.py-hard-code-version.patch \
+"
+SRC_URI[sha256sum] = 
"e05493a3b17517ef1748fbe610da11f10485faa7c416b9d33fd4a52d74894f8b"
+SRCREV = "3268d8acf2c345f32a1c5f08ba25dc67f76cca81"
+
+inherit python_setuptools_build_meta ptest
+
+S = "${WORKDIR}/git"
+
+RDEPENDS:${PN}-ptest += " \
+${PYTHON_PN}-pretend \
+${PYTHON_PN}-pytest \
+${PYTHON_PN}-unittest-automake-output \
+"
+

Re: [OE-core] [PATCH] cve-update-nvd2-native: new CVE database fetcher

[Marta Rybczynska]

On Wed, Apr 5, 2023 at 8:44 PM Steve Sakoman  wrote:

> On Wed, Apr 5, 2023 at 8:43 AM Marta Rybczynska 
> wrote:
> >
> >
> >
> > On Wed, Apr 5, 2023 at 5:55 PM Steve Sakoman  wrote:
> >>
> >> Hi Marta,
> >>
> >> Is this safe to backport to the stable branches, or should I let it
> >> "age" in master for a while?
> >>
> >
> > Hi Steve,
> > I vote to let it age for a little moment. In the meantime I'm trying to
> figure out when exactly NVD will turn off the old database.
>
> OK, will do!
>

I have received a confirmation from the NVD that they are currently
planning to turn off teh old feed in *September 2023*.
We have time to stabilize then.

Kind regards,
Marta

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181044): 
https://lists.openembedded.org/g/openembedded-core/message/181044
Mute This Topic: https://lists.openembedded.org/mt/97925018/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Yocto Project Status 9 May 2023 (WW19)

[Stephen Jolley]

Current Dev Position: YP 4.3 M1

Next Deadline: 5th June 2023 YP 4.3 M1 build date

 

Next Team Meetings:

*   Bug Triage meeting Thursday May 11th 7:30 am PDT (

https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09)
*   Weekly Project Engineering Sync Tuesday May 9th at 8 am PDT (

https://zoom.us/j/990892712?pwd=cHU1MjhoM2x6ck81bkcrYjRrcmJsUT09
 )
*   Twitch -  See  
https://www.twitch.tv/theyoctojester

 

Key Status/Updates:

*   YP 4.2 has been released, thanks to everyone who has worked on it!
*   YP 4.1.4 is due to be released
*   YP 3.1.25 is in QA
*   The warnings issues on the autobuilder have mostly been resolved but
there are a number of lingering intermittent issues that we're still working
through.
*   Patches have been merging into master but there continues to be a
number of issues being found in testing which does slow down the process.
*   There are time64 patches being proposed to handle Y2038 issues on 32
bit architectures which likely need further discussion since the compiler
flag changes aren't without risk and potential side effects.
*   The minimum kernel version for OE-Core is now set at 5.15 as part of
the time64 work but also to aid performance.
*   We're aiming to improve documentation as we go along in this
release, please keep this in mind when sending patches!
*   There is a proposal on the bitbake mailing list which would allow
the possibility of layer overrides, which could be useful for some of the QA
checks recently discussed.

 

Ways to contribute:

*   As people are likely aware, the project has a number of components
which are either unmaintained, or have people with little to no time trying
to keep them alive. These components include: patchtest, layerindex,
devtool, toaster, wic, oeqa, autobuilder, CROPs containers, pseudo and more.
Many have open bugs. Help is welcome in trying to better look after these
components!
*   There are bugs identified as possible for newcomers to the project:

https://wiki.yoctoproject.org/wiki/Newcomers
*   There are bugs that are currently unassigned for YP 4.3. See:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Medium.2B_4.3_Unassigned_Enhan
cements.2FBugs
*   We'd welcome new maintainers for recipes in OE-Core. Please see the
list at:

http://git.yoctoproject.org/cgit.cgi/poky/tree/meta/conf/distro/include/main
tainers.inc and discuss with the existing maintainer, or ask on the OE-Core
mailing list. We will likely move a chunk of these to "Unassigned" soon to
help facilitate this.
*   Help is very much welcome in trying to resolve our autobuilder
intermittent issues. You can see the list of failures we're continuing to
see by searching for the "AB-INT" tag in bugzilla:

https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=AB-INT.
*   Help us resolve CVE issues:
 CVE metrics 
*   We have a growing number of bugs in bugzilla, any help with them is
appreciated.

 

YP 4.2 Milestone Dates:

*   YP 4.2 was released

 

YP 4.3 Milestone Dates:

*   YP 4.3 M1 build date  2023/06/05
*   YP 4.3 M1 Release date 2023/06/16
*   YP 4.3 M2 build date  2023/07/17
*   YP 4.3 M2 Release date 2023/07/28
*   YP 4.3 M3 build date  2023/08/28
*   YP 4.3 M3 Release date 2023/09/08
*   YP 4.3 M4 build date  2023/10/02
*   YP 4.3 M4 Release date 2023/10/27

 

Upcoming dot releases:

*   YP 4.1.4 is ready for release
*   YP 3.1.25 is in QA
*   YP 3.1.25 Release date 2023/05/19
*   YP 4.0.10 build date 2023/05/15
*   YP 4.0.10 Release date 2023/05/26
*   YP 4.2.1 build date 2023/05/22
*   YP 4.2.1 Release date 2023/06/02
*   YP 3.1.26 build date 2023/06/19
*   YP 3.1.26 Release date 2023/06/30
*   YP 4.0.11 build date 2023/06/26
*   YP 4.0.11 Release date 2023/07/07
*   YP 4.2.2 build date 2023/07/10
*   YP 4.2.2 Release date 2023/07/21 
*   YP 3.1.27 build date 2023/07/31
*   YP 3.1.27 Release date 2023/08/11
*   YP 4.0.12 build date 2023/08/07
*   YP 4.0.12 Release date 2023/08/18
*   YP 4.2.3 build date 2023/08/28
*   YP 4.2.3 Release date 2023/09/08
*   YP 3.1.28 build date 2023/09/18
*   YP 3.1.28 Release date 2023/09/29
*   YP 4.0.13 build date 2023/09/25
*   YP 4.0.13 Release date 2023/10/06
*   YP 3.1.29 build date 2023/10/30
*   YP 3.1.29 Release date 2023/11/10
*   YP 

Re: [OE-core][PATCH v4] devicetree.bbclass: Allow selection of dts files to build

[Michael Opdenacker via lists.openembedded.org]

On 05.05.23 at 13:10, Richard Purdie wrote:

On Fri, 2023-05-05 at 10:59 +, Petr Kubizňák - 2N wrote:

Thanks for accepting the patch.

I can for sure send a doc patch, just want to make sure it is desired
since the glossary does not list any DT_* variable at the moment, and
the devicetree class section in this respect only refers to the class
sources. So I think both DT_FILES and DT_FILES_PATH variables should
be documented at least, right?

Ideally all the variables in use would be documented in the manual.
We're trying to fix and improve the docs so yes, adding docs for the
ones you added would be great, bonus marks if there are others you can
add at the same time!



I have the same challenge with 
https://git.yoctoproject.org/poky/tree/meta/classes-recipe/uboot-sign.bbclass


The number of variables which can be modified is overwhelming! I guess 
what matters in the documentation is to refer to the variables for which 
there is a legitimate reason for changing the default value, right?

Like UBOOT_FIT_ADDRESS_CELLS, which was introduced recently.

Cheers
Michael.

--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181042): 
https://lists.openembedded.org/g/openembedded-core/message/181042
Mute This Topic: https://lists.openembedded.org/mt/98510103/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][mickledore][PATCH 1/1] git: fix CVE-2023-29007

[Polampalli, Archana via lists.openembedded.org]

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 
2.33.8,
2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted
`.gitmodules` file with submodule URLs that are longer than 1024 characters can 
used
to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. 
This bug
can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` 
when
attempting to remove the configuration section associated with that submodule. 
When the
attacker injects configuration values which specify executables to run (such as
`core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote 
code
execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 
2.34.8,
2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid 
running
`git submodule deinit` on untrusted repositories or without prior inspection of 
any
submodule sections in `$GIT_DIR/config`.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29007

Upstream patches:
https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4
https://github.com/git/git/commit/29198213c9163c1d552ee2bdbf78d2b09ccc98b8
https://github.com/git/git/commit/a5bb10fd5e74101e7c07da93e7c32bbe60f6173a
https://github.com/git/git/commit/e91cfe6085c4a61372d1f800b473b73b8d225d0d
https://github.com/git/git/commit/3bb3d6bac5f2b496dfa2862dc1a84cbfa9b4449a

Signed-off-by: Archana Polampalli 
---
 .../git/git/CVE-2023-29007.patch  | 158 ++
 meta/recipes-devtools/git/git_2.39.2.bb   |   1 +
 2 files changed, 159 insertions(+)
 create mode 100644 meta/recipes-devtools/git/git/CVE-2023-29007.patch

diff --git a/meta/recipes-devtools/git/git/CVE-2023-29007.patch 
b/meta/recipes-devtools/git/git/CVE-2023-29007.patch
new file mode 100644
index 00..14b6933e96
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2023-29007.patch
@@ -0,0 +1,158 @@
+From 057c07a7b1fae22fdeef26c243f4cfbe3afc90ce Mon Sep 17 00:00:00 2001
+From: Taylor Blau 
+Date: Fri, 14 Apr 2023 11:46:59 -0400
+Subject: [PATCH] Merge branch 'tb/config-copy-or-rename-in-file-injection'
+
+Avoids issues with renaming or deleting sections with long lines, where
+configuration values may be interpreted as sections, leading to
+configuration injection. Addresses CVE-2023-29007.
+
+* tb/config-copy-or-rename-in-file-injection:
+  config.c: disallow overly-long lines in `copy_or_rename_section_in_file()`
+  config.c: avoid integer truncation in `copy_or_rename_section_in_file()`
+  config: avoid fixed-sized buffer when renaming/deleting a section
+  t1300: demonstrate failure when renaming sections with long lines
+
+Signed-off-by: Taylor Blau 
+
+CVE: CVE-2023-29007
+Upstream-Status: Backport 
[https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4]
+
+Signed-off-by: Archana Polampalli 
+---
+ config.c  | 34 +++---
+ t/t1300-config.sh | 31 +++
+ 2 files changed, 54 insertions(+), 11 deletions(-)
+
+diff --git a/config.c b/config.c
+index 27f3828..3c674a6 100644
+--- a/config.c
 b/config.c
+@@ -3487,9 +3487,10 @@ void git_config_set_multivar(const char *key, const 
char *value,
+   flags);
+ }
+
+-static int section_name_match (const char *buf, const char *name)
++static size_t section_name_match (const char *buf, const char *name)
+ {
+-  int i = 0, j = 0, dot = 0;
++  size_t i = 0, j = 0;
++  int dot = 0;
+   if (buf[i] != '[')
+   return 0;
+   for (i = 1; buf[i] && buf[i] != ']'; i++) {
+@@ -3542,6 +3543,7 @@ static int section_name_is_ok(const char *name)
+   return 1;
+ }
+
++#define GIT_CONFIG_MAX_LINE_LEN (512 * 1024)
+ /* if new_name == NULL, the section is removed instead */
+ static int git_config_copy_or_rename_section_in_file(const char 
*config_filename,
+ const char *old_name,
+@@ -3551,11 +3553,12 @@ static int 
git_config_copy_or_rename_section_in_file(const char *config_filename
+   char *filename_buf = NULL;
+   struct lock_file lock = LOCK_INIT;
+   int out_fd;
+-  char buf[1024];
++  struct strbuf buf = STRBUF_INIT;
+   FILE *config_file = NULL;
+   struct stat st;
+   struct strbuf copystr = STRBUF_INIT;
+   struct config_store_data store;
++  uint32_t line_nr = 0;
+
+   memset(, 0, sizeof(store));
+
+@@ -3592,16 +3595,24 @@ static int 
git_config_copy_or_rename_section_in_file(const char *config_filename
+   goto out;
+   }
+
+-  while (fgets(buf, sizeof(buf), config_file)) {
+-  unsigned i;
+-  int length;
++  while (!strbuf_getwholeline(, config_file, '\n')) {
++  size_t i, length;
+   int is_section = 0;
+-  char *output = buf;
+-  for (i = 0; buf[i] && isspace(buf[i]); i++)
++  char *output = 

[oe-core][mickledore][PATCH 1/1] git: fix CVE-2023-25652

[Polampalli, Archana via lists.openembedded.org]

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7,
2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding
specially crafted input to `git apply --reject`, a path outside the working
tree can be overwritten with partially controlled contents (corresponding to
the rejected hunk(s) from the given patch). A fix is available in versions
2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3,
and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when 
applying
patches from an untrusted source. Use `git apply --stat` to inspect a patch 
before
applying; avoid applying one that create a conflict where a link corresponding 
to
the `*.rej` file exists.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-25652

Upstream patches:
https://github.com/git/git/commit/9db05711c98efc14f414d4c87135a34c13586e0b

Signed-off-by: Archana Polampalli 
---
 .../git/git/CVE-2023-25652.patch  | 94 +++
 meta/recipes-devtools/git/git_2.39.2.bb   |  1 +
 2 files changed, 95 insertions(+)
 create mode 100644 meta/recipes-devtools/git/git/CVE-2023-25652.patch

diff --git a/meta/recipes-devtools/git/git/CVE-2023-25652.patch 
b/meta/recipes-devtools/git/git/CVE-2023-25652.patch
new file mode 100644
index 00..e8cedfcf27
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2023-25652.patch
@@ -0,0 +1,94 @@
+From 9db05711c98efc14f414d4c87135a34c13586e0b  Mon Sep 17 00:00:00 2001
+From: Johannes Schindelin 
+Date: Thu Mar 9 16:02:54 2023 +0100
+Subject: [PATCH] apply --reject: overwrite existing `.rej` symlink if it
+ exists
+
+The `git apply --reject` is expected to write out `.rej` files in case
+one or more hunks fail to apply cleanly. Historically, the command
+overwrites any existing `.rej` files. The idea being that
+apply/reject/edit cycles are relatively common, and the generated `.rej`
+files are not considered precious.
+
+But the command does not overwrite existing `.rej` symbolic links, and
+instead follows them. This is unsafe because the same patch could
+potentially create such a symbolic link and point at arbitrary paths
+outside the current worktree, and `git apply` would write the contents
+of the `.rej` file into that location.
+
+Therefore, let's make sure that any existing `.rej` file or symbolic
+link is removed before writing it.
+
+Reported-by: RyotaK 
+Helped-by: Taylor Blau 
+Helped-by: Junio C Hamano 
+Helped-by: Linus Torvalds 
+Signed-off-by: Johannes Schindelin 
+
+CVE: CVE-2023-25652
+Upstream-Status: Backport 
[https://github.com/git/git/commit/9db05711c98efc14f414d4c87135a34c13586e0b]
+
+Signed-off-by: Archana Polampalli 
+---
+ apply.c  | 14 --
+ t/t4115-apply-symlink.sh | 15 +++
+ 2 files changed, 27 insertions(+), 2 deletions(-)
+
+diff --git a/apply.c b/apply.c
+index eec2da2..442cf28 100644
+--- a/apply.c
 b/apply.c
+@@ -4576,7 +4576,7 @@ static int write_out_one_reject(struct apply_state 
*state, struct patch *patch)
+   FILE *rej;
+   char namebuf[PATH_MAX];
+   struct fragment *frag;
+-  int cnt = 0;
++  int fd, cnt = 0;
+   struct strbuf sb = STRBUF_INIT;
+
+   for (cnt = 0, frag = patch->fragments; frag; frag = frag->next) {
+@@ -4616,7 +4616,17 @@ static int write_out_one_reject(struct apply_state 
*state, struct patch *patch)
+   memcpy(namebuf, patch->new_name, cnt);
+   memcpy(namebuf + cnt, ".rej", 5);
+
+-  rej = fopen(namebuf, "w");
++  fd = open(namebuf, O_CREAT | O_EXCL | O_WRONLY, 0666);
++  if (fd < 0) {
++  if (errno != EEXIST)
++  return error_errno(_("cannot open %s"), namebuf);
++  if (unlink(namebuf))
++  return error_errno(_("cannot unlink '%s'"), namebuf);
++  fd = open(namebuf, O_CREAT | O_EXCL | O_WRONLY, 0666);
++  if (fd < 0)
++  return error_errno(_("cannot open %s"), namebuf);
++  }
++  rej = fdopen(fd, "w");
+   if (!rej)
+   return error_errno(_("cannot open %s"), namebuf);
+
+diff --git a/t/t4115-apply-symlink.sh b/t/t4115-apply-symlink.sh
+index 65ac7df..e95e6d4 100755
+--- a/t/t4115-apply-symlink.sh
 b/t/t4115-apply-symlink.sh
+@@ -126,4 +126,19 @@ test_expect_success SYMLINKS 'symlink escape when 
deleting file' '
+   test_path_is_file .git/delete-me
+ '
+
++test_expect_success SYMLINKS '--reject removes .rej symlink if it exists' '
++  test_when_finished "git reset --hard && git clean -dfx" &&
++
++  test_commit file &&
++  echo modified >file.t &&
++  git diff -- file.t >patch &&
++  echo modified-again >file.t &&
++
++  ln -s foo file.t.rej &&
++  test_must_fail git apply patch --reject 2>err &&
++  test_i18ngrep "Rejected hunk" err &&
++  test_path_is_missing foo &&
++  test_path_is_file file.t.rej
++'
++

Re: [OE-core] [PATCH v4 1/2] oeqa/utils/qemurunner: change the serial runner

[Louis Rannou]

On 05/05/2023 12:50, Richard Purdie wrote:

On Fri, 2023-05-05 at 10:32 +, Ross Burton wrote:

On 11 Apr 2023, at 16:05, Louis Rannou via lists.openembedded.org 
 wrote:

Create a new runner run_serial_socket which usage matches the traditional ssh
runner. Its return status is 0 when the command succeeded or 0 when it
failed. If an error is encountered, it raises an Exception.

The previous serial runner is maintained and marked as deprecated.


I absolutely love this because the existing run_serial has the most
confusing behaviour. However, we’re now duplicating a large chunk of
code: can the old function be implemented such that it calls the new
function and adapts the return values?


This has hovered in the patch queue for that reason. I also love the
idea of it, it just doesn't feel quite ready.

I've been hoping we could convert the existing users and be able to
drop the old function but I'm not managed to see how much work is left
for that.


My initial idea was indeed to change the former run_serial to use the 
new run_serial_socket. The problem is that run_serial_socket can raise 
exceptions which are not handled by run_serial. It's not possible to 
catch them except if we create a very specific exception to this subject.


About the second question: how much work is left. serial_runner remains in:
- selftest/cases/wic.py
- selftest/cases/imagefeatures.py
- selftest/cases/overlayfs.py
- selftest/cases/runtime_test.py
- utils/dump.py

It seemed to me that fixing those is nos as easy. Further investigation 
is possible, but it would be much more comfortable for me to see the 
first stage validated. I would say this is a pretty good checkpoint for 
saving this work while I try to fix what can be.


Thanks,
Louis

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181039): 
https://lists.openembedded.org/g/openembedded-core/message/181039
Mute This Topic: https://lists.openembedded.org/mt/98199478/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

[Mikko Rapeli]

Hi,

On Tue, May 09, 2023 at 09:02:59AM +, Ross Burton wrote:
> On 8 May 2023, at 09:57, Adrian Freihofer via lists.openembedded.org 
>  wrote:
> > The patch from Andrej tries to solves a real issue: The CVE checker
> > distinguishes between two types of patches. Ignored (= not applicable)
> > and patched. Patching is only supported by adding a real patch file to
> > the SRC_URI. However, there are other ways a patch can be implemented.
> > For example, a recipe that uses the git fetcher would update the git
> > hash to a commit that contains a fix instead of applying a patch file
> > to the recipe.
> > 
> > But I fully agree that the comment (originally suggested by me when
> > Andrej and I were discussing the solution) is bad. Maybe it should read
> > as follows:
> > 
> > Normally, a CVE is treated as patched when a patch with the name of the
> > CVE is applied. CVE_CHECK_PATCHED allows to extend the list of patched
> > CVEs without adding a patch file to SRC_URI.
> > 
> > Regarding the SBOM: It is important for customers that the CVEs of a
> > product with SBOM can be correctly identified as repaired or as
> > ignored. However, I'm not sure if the SBOM part is properly addressed
> > by the patch. The create-spdx.bbclass uses the function
> > oe.cve_check.get_patched_cves(d) which should probably handle the new
> > variable as well. We will check that and come up with a V2.
> 
> So I’d suggest we deprecate CVE_CHECK_IGNORE and add a new, more flexible, 
> variable instead.

Flexible but usefull and with clear definitions and checks which make
sure that only those definitions are used.

> How about a CVE_STATUS, which doesn’t have a direct value but has flags for 
> each CVE:
> 
> # We moved to a git SHA that incorporates the fix
> CVE_STATUS[CVE-1234–0001] = “Patched”
> 
> # We disabled frobnicate
> CVE_STATUS[CVE-1234-0002] = “Patched”
> 
> # This is Windows-specific
> CVE_STATUS[CVE-1234-0003” = “Not Applicable”
> 
> I’m not sure of the exact list of values the flags should accept beyond 
> “patched” and “not applicable”. There probably does need to be a “reviewed 
> and don’t consider this a problem” which feels like ‘ignored’ but I’m not a 
> fan of that precise word.

Sounds ok as long as the output reports as easy to read as now.

> Is there any defined language that we can simply adopt?

Since a lot of people talk about SPDX solving these issues would be nice
to know how that is going to work. I can't parse
https://spdx.github.io/spdx-spec/v2.3/how-to-use/#k17-linking-to-a-code-fix-for-a-security-issue
and figure out how to mark a CVE issue which has been ignored after
analysis.

Debian has a bit more complex state for each CVE (and also non-CVE
security issues) which relates to package and distro versions.
I did not find clear definition of the states but at least
https://security-tracker.debian.org/tracker/data/json has the raw data
available.

Ubuntu seems to follow Debian a bit but then also adds more complex
states in the (at least) public database at
https://ubuntu.com/security/cves?q=CVE-2023-26117

I think the data coming from CVE checker needs to serve the needs of the
distro maintainers so that their life is easier. SPDX and SBOM are
supposed to help but I'm afraid that they don't unless they actually
help with the maintenance and start to solve the problems there.

I'm used to the CVE checker ignore list (previously whitelist) and know
how to use it. Wether the data comes per CVE or as lists for each of the
state as variables is a small detail, as long as the generated report is
readable.

Cheers,

-Mikko

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181038): 
https://lists.openembedded.org/g/openembedded-core/message/181038
Mute This Topic: https://lists.openembedded.org/mt/98703185/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

[Richard Purdie]

On Tue, 2023-05-09 at 09:02 +, Ross Burton wrote:
> On 8 May 2023, at 09:57, Adrian Freihofer via lists.openembedded.org 
>  wrote:
> > The patch from Andrej tries to solves a real issue: The CVE checker
> > distinguishes between two types of patches. Ignored (= not applicable)
> > and patched. Patching is only supported by adding a real patch file to
> > the SRC_URI. However, there are other ways a patch can be implemented.
> > For example, a recipe that uses the git fetcher would update the git
> > hash to a commit that contains a fix instead of applying a patch file
> > to the recipe.
> > 
> > But I fully agree that the comment (originally suggested by me when
> > Andrej and I were discussing the solution) is bad. Maybe it should read
> > as follows:
> > 
> > Normally, a CVE is treated as patched when a patch with the name of the
> > CVE is applied. CVE_CHECK_PATCHED allows to extend the list of patched
> > CVEs without adding a patch file to SRC_URI.
> > 
> > Regarding the SBOM: It is important for customers that the CVEs of a
> > product with SBOM can be correctly identified as repaired or as
> > ignored. However, I'm not sure if the SBOM part is properly addressed
> > by the patch. The create-spdx.bbclass uses the function
> > oe.cve_check.get_patched_cves(d) which should probably handle the new
> > variable as well. We will check that and come up with a V2.
> 
> So I’d suggest we deprecate CVE_CHECK_IGNORE and add a new, more
> flexible, variable instead.
> 
> How about a CVE_STATUS, which doesn’t have a direct value but has
> flags for each CVE:
> 
> # We moved to a git SHA that incorporates the fix
> CVE_STATUS[CVE-1234–0001] = “Patched”
> 
> # We disabled frobnicate
> CVE_STATUS[CVE-1234-0002] = “Patched”
> 
> # This is Windows-specific
> CVE_STATUS[CVE-1234-0003” = “Not Applicable”
> 
> I’m not sure of the exact list of values the flags should accept
> beyond “patched” and “not applicable”. There probably does need to be
> a “reviewed and don’t consider this a problem” which feels like
> ‘ignored’ but I’m not a fan of that precise word.
> 
> Is there any defined language that we can simply adopt?

The question is probably what actions might someone want to take? We
might want to separate out "N/A - configuration disabled" from "N/A -
OS mismatch" and "CPE incorrect" for example?

The reason being that someone would then know to look at things more
closely if they were changing configuration, or building windows
binaries?

Given we already put fairly robust reasoning in comments already,
should we capture that in a variable too?

CVS_STATUS_REASONING[[CVE-1234-0003] = "issue only applies on windows"

Cheers,

Richard (thinking out loud)



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181037): 
https://lists.openembedded.org/g/openembedded-core/message/181037
Mute This Topic: https://lists.openembedded.org/mt/98703185/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

[Ross Burton]

On 8 May 2023, at 09:57, Adrian Freihofer via lists.openembedded.org 
 wrote:
> The patch from Andrej tries to solves a real issue: The CVE checker
> distinguishes between two types of patches. Ignored (= not applicable)
> and patched. Patching is only supported by adding a real patch file to
> the SRC_URI. However, there are other ways a patch can be implemented.
> For example, a recipe that uses the git fetcher would update the git
> hash to a commit that contains a fix instead of applying a patch file
> to the recipe.
> 
> But I fully agree that the comment (originally suggested by me when
> Andrej and I were discussing the solution) is bad. Maybe it should read
> as follows:
> 
> Normally, a CVE is treated as patched when a patch with the name of the
> CVE is applied. CVE_CHECK_PATCHED allows to extend the list of patched
> CVEs without adding a patch file to SRC_URI.
> 
> Regarding the SBOM: It is important for customers that the CVEs of a
> product with SBOM can be correctly identified as repaired or as
> ignored. However, I'm not sure if the SBOM part is properly addressed
> by the patch. The create-spdx.bbclass uses the function
> oe.cve_check.get_patched_cves(d) which should probably handle the new
> variable as well. We will check that and come up with a V2.

So I’d suggest we deprecate CVE_CHECK_IGNORE and add a new, more flexible, 
variable instead.

How about a CVE_STATUS, which doesn’t have a direct value but has flags for 
each CVE:

# We moved to a git SHA that incorporates the fix
CVE_STATUS[CVE-1234–0001] = “Patched”

# We disabled frobnicate
CVE_STATUS[CVE-1234-0002] = “Patched”

# This is Windows-specific
CVE_STATUS[CVE-1234-0003” = “Not Applicable”

I’m not sure of the exact list of values the flags should accept beyond 
“patched” and “not applicable”. There probably does need to be a “reviewed and 
don’t consider this a problem” which feels like ‘ignored’ but I’m not a fan of 
that precise word.

Is there any defined language that we can simply adopt?

Cheers,
Ross
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181036): 
https://lists.openembedded.org/g/openembedded-core/message/181036
Mute This Topic: https://lists.openembedded.org/mt/98703185/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

[Michael Opdenacker via lists.openembedded.org]

Hi Andrej,

On 05.05.23 at 13:18, Andrej Valek via lists.openembedded.org wrote:

CVE_CHECK_PATCHED - should contains an additional CVEs which have been
fixed and shouldn't be mark as vulnerable nor ignored.

Signed-off-by: Andrej Valek 
---
  meta/classes/cve-check.bbclass | 8 
  1 file changed, 8 insertions(+)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index bd9e7e7445c..957ea0130dc 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -78,6 +78,11 @@ CVE_CHECK_SKIP_RECIPE ?= ""
  #
  CVE_CHECK_IGNORE ?= ""
  
+# Usually a CVE gets treated as patched when a patch with the name of the CVE

+# gets applied. Basically this variable should not be used. But if there are
+# other reasons to mark a CVE as patched it can be added to this list.
+CVE_CHECK_PATCHED ?= ""
+
  # Layers to be excluded
  CVE_CHECK_LAYER_EXCLUDELIST ??= ""
  
@@ -284,6 +289,9 @@ def check_cves(d, patched_cves):
  
  cve_ignore = d.getVar("CVE_CHECK_IGNORE").split()
  
+# add additional patched CVEs into existing patched list

+patched_cves.update(d.getVar("CVE_CHECK_PATCHED").split())
+
  import sqlite3
  db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
  conn = sqlite3.connect(db_file, uri=True)



Thanks for the patch!
However, we'd need you to add one thing to your git configuration, so 
that your patches are given an "Author" field which matches your 
"Signed-off-by" information. See 
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded#Fixing_your_From_identity 
for details.


Don't hesitate to send a patch test directly to me, if you wish.
Thanks again,
Michael.

--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181035): 
https://lists.openembedded.org/g/openembedded-core/message/181035
Mute This Topic: https://lists.openembedded.org/mt/98703185/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][PATCH v5] python3-calver: Add recipe

[Richard Purdie]

On Fri, 2023-05-05 at 14:51 -0400, Trevor Gamblin wrote:
> calver is "a setuptools extension for automatically defining your Python
> package version as a calendar version." It is required for
> python3-trove-classifiers (another new recipe), which in turn is
> required for the upgrade of python3-hatchling from 1.13.0 to work.
> 
> Signed-off-by: Trevor Gamblin 
> ---
> v5 moves these revision notes to the correct place.
> v4 adds the run-ptest script and adds maintainer info.
> v3 clarifies that the recipe now includes ptests, where v2 didn't make
> this clear and v1 didn't have them at all.
> 
>  meta/conf/distro/include/maintainers.inc  |  1 +
>  .../distro/include/ptest-packagelists.inc |  1 +
>  .../python/python3-calver/run-ptest   |  3 ++
>  .../python/python3-calver_2022.6.26.bb| 28 +++
>  4 files changed, 33 insertions(+)
>  create mode 100644 meta/recipes-devtools/python/python3-calver/run-ptest
>  create mode 100644 meta/recipes-devtools/python/python3-calver_2022.6.26.bb
> 
> diff --git a/meta/conf/distro/include/maintainers.inc 
> b/meta/conf/distro/include/maintainers.inc
> index 682ec2cfdf..4853a905ef 100644
> --- a/meta/conf/distro/include/maintainers.inc
> +++ b/meta/conf/distro/include/maintainers.inc
> @@ -603,6 +603,7 @@ RECIPE_MAINTAINER:pn-python3-attrs = "Tim Orling 
> "
>  RECIPE_MAINTAINER:pn-python3-babel = "Tim Orling "
>  RECIPE_MAINTAINER:pn-python3-bcrypt = "Tim Orling "
>  RECIPE_MAINTAINER:pn-python3-build = "Ross Burton "
> +RECIPE_MAINTAINER:pn-python3-calver = "Trevor Gamblin 
> "
>  RECIPE_MAINTAINER:pn-python3-certifi = "Tim Orling "
>  RECIPE_MAINTAINER:pn-python3-cffi = "Tim Orling "
>  RECIPE_MAINTAINER:pn-python3-chardet = "Tim Orling "
> diff --git a/meta/conf/distro/include/ptest-packagelists.inc 
> b/meta/conf/distro/include/ptest-packagelists.inc
> index 2f83132aeb..bd95a13ff6 100644
> --- a/meta/conf/distro/include/ptest-packagelists.inc
> +++ b/meta/conf/distro/include/ptest-packagelists.inc
> @@ -56,6 +56,7 @@ PTESTS_FAST = "\
>  popt \
>  python3-atomicwrites \
>  python3-bcrypt \
> +python3-calver \
>  python3-hypothesis \
>  python3-jinja2 \
>  python3-jsonpointer \
> diff --git a/meta/recipes-devtools/python/python3-calver/run-ptest 
> b/meta/recipes-devtools/python/python3-calver/run-ptest
> new file mode 100644
> index 00..8d2017d39c
> --- /dev/null
> +++ b/meta/recipes-devtools/python/python3-calver/run-ptest
> @@ -0,0 +1,3 @@
> +#!/bin/sh
> +
> +pytest --automake
> diff --git a/meta/recipes-devtools/python/python3-calver_2022.6.26.bb 
> b/meta/recipes-devtools/python/python3-calver_2022.6.26.bb
> new file mode 100644
> index 00..32b6cfbd42
> --- /dev/null
> +++ b/meta/recipes-devtools/python/python3-calver_2022.6.26.bb
> @@ -0,0 +1,28 @@
> +SUMMARY = "Setuptools extension for CalVer package versions"
> +HOMEPAGE = "https://github.com/di/calver;
> +LICENSE = "Apache-2.0"
> +LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
> +
> +SRC_URI = " \
> +git://github.com/di/calver;branch=master;protocol=https \
> +file://run-ptest \
> +"
> +SRC_URI[sha256sum] = 
> "e05493a3b17517ef1748fbe610da11f10485faa7c416b9d33fd4a52d74894f8b"
> +SRCREV ?= "3268d8acf2c345f32a1c5f08ba25dc67f76cca81"
> +
> +inherit python_setuptools_build_meta ptest
> +
> +S = "${WORKDIR}/git"
> +
> +RDEPENDS:${PN}-ptest += " \
> +${PYTHON_PN}-pretend \
> +${PYTHON_PN}-pytest \
> +${PYTHON_PN}-unittest-automake-output \
> +"
> +
> +do_install_ptest() {
> +install -d ${D}${PTEST_PATH}/tests
> +cp -rf ${S}/tests ${D}${PTEST_PATH}/
> +}
> +
> +BBCLASSEXTEND = "native nativesdk"

Fails reproducibility testing I'm afraid:

https://autobuilder.yoctoproject.org/typhoon/#/builders/117/builds/2824

http://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20230508-ghttew89/packages/diff-html/

Looks like a date encoded into the dist-info directory name.

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181034): 
https://lists.openembedded.org/g/openembedded-core/message/181034
Mute This Topic: https://lists.openembedded.org/mt/98712276/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][mickledore][PATCH] libpam: Fix the xtests/tst-pam_motd[1|3] failures

[Zhixiong Chi via lists.openembedded.org]

Reproducer:
1.Enable the ptest of libpam and build the image.
2.Boot the rootfs with nfs, then run the following tests as root:
 cd /usr/share/Linux-PAM/xtests
 /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd1
 /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd3

After applying this patch, the ptest doesn't be failed.

Signed-off-by: Zhixiong Chi 
Signed-off-by: Luca Ceresoli 
(cherry picked from commit 549e54ad6a175359b0a57987ccdab8989df9d3a9)
---
 ...rely-on-all-filesystems-providing-a-.patch | 108 ++
 meta/recipes-extended/pam/libpam_1.5.2.bb |   1 +
 2 files changed, 109 insertions(+)
 create mode 100644 
meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch

diff --git 
a/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
 
b/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
new file mode 100644
index 00..94dcb04f0a
--- /dev/null
+++ 
b/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
@@ -0,0 +1,108 @@
+From 42404548721c653317c911c83d885e2fc7fbca70 Mon Sep 17 00:00:00 2001
+From: Per Jessen 
+Date: Fri, 22 Apr 2022 18:15:36 +0200
+Subject: [PATCH] pam_motd: do not rely on all filesystems providing a filetype
+
+When using scandir() to look for MOTD files to display, we wrongly
+relied on all filesystems providing a filetype.  This is a fix to divert
+to lstat() when we have no filetype.  To maintain MT safety, it isn't
+possible to use lstat() in the scandir() filter function, so all of the
+filtering has been moved to an additional loop after scanning all the
+motd dirs.
+Also, remove superfluous alphasort from scandir(), we are doing
+a qsort() later.
+
+Resolves: https://github.com/linux-pam/linux-pam/issues/455
+
+Upstream-Status: Backport 
[https://github.com/linux-pam/linux-pam/commit/42404548721c653317c911c83d885e2fc7fbca70]
+
+Signed-off-by: Per Jessen 
+Signed-off-by: Zhixiong Chi 
+---
+ modules/pam_motd/pam_motd.c | 49 ++---
+ 1 file changed, 40 insertions(+), 9 deletions(-)
+
+diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c
+index 6ac8cba2..5ca486e4 100644
+--- a/modules/pam_motd/pam_motd.c
 b/modules/pam_motd/pam_motd.c
+@@ -166,11 +166,6 @@ static int compare_strings(const void *a, const void *b)
+ }
+ }
+ 
+-static int filter_dirents(const struct dirent *d)
+-{
+-return (d->d_type == DT_REG || d->d_type == DT_LNK);
+-}
+-
+ static void try_to_display_directories_with_overrides(pam_handle_t *pamh,
+   char **motd_dir_path_split, unsigned int num_motd_dirs, int 
report_missing)
+ {
+@@ -199,8 +194,7 @@ static void 
try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ 
+ for (i = 0; i < num_motd_dirs; i++) {
+   int rv;
+-  rv = scandir(motd_dir_path_split[i], &(dirscans[i]),
+-  filter_dirents, alphasort);
++  rv = scandir(motd_dir_path_split[i], &(dirscans[i]), NULL, NULL);
+   if (rv < 0) {
+   if (errno != ENOENT || report_missing) {
+   pam_syslog(pamh, LOG_ERR, "error scanning directory %s: %m",
+@@ -215,6 +209,41 @@ static void 
try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ if (dirscans_size_total == 0)
+ goto out;
+ 
++/* filter out unwanted names, directories, and complement data with 
lstat() */
++for (i = 0; i < num_motd_dirs; i++) {
++  struct dirent **d = dirscans[i];
++  for (unsigned int j = 0; j < dirscans_sizes[i]; j++) {
++  int rc;
++  char *fullpath;
++  struct stat s;
++
++  switch(d[j]->d_type) {/* the filetype determines how to proceed 
*/
++  case DT_REG:  /* regular files and */
++  case DT_LNK:  /* symlinks  */
++  continue; /* are good. */
++  case DT_UNKNOWN:   /* for file systems that do not provide */
++ /* a filetype, we use lstat()   */
++  if (join_dir_strings(, motd_dir_path_split[i],
++   d[j]->d_name) <= 0)
++  break;
++  rc = lstat(fullpath, );
++  _pam_drop(fullpath);  /* free the memory alloc'ed by 
join_dir_strings */
++  if (rc != 0)  /* if the lstat() somehow failed */
++  break;
++
++  if (S_ISREG(s.st_mode) ||  /* regular files and  */
++  S_ISLNK(s.st_mode)) continue;  /* symlinks are good  */
++  break;
++  case DT_DIR:  /* We don't want directories */
++  default:  /* nor anything else */
++  break;
++  }
++  _pam_drop(d[j]);  /* free memory   */
++  d[j] = NULL;  /* indicate this one was dropped