[OE-core][dunfell][PATCH] ghostscript: fix CVE-2023-36664

[Vijay Anusuri via lists.openembedded.org]

From: Vijay Anusuri 

Artifex Ghostscript through 10.01.2 mishandles permission validation for
pipe devices (with the %pipe% prefix or the | pipe character prefix).

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-36664

Upstream commits:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4ceaf92815302863a8c86fcfcf2347e0118dd3a5
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5e65eeae225c7d02d447de5abaf4a8e6d234fcea
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=fb342fdb60391073a69147cb71af1ac416a81099

Signed-off-by: Vijay Anusuri 
---
 .../ghostscript/CVE-2023-36664-1.patch| 145 ++
 .../ghostscript/CVE-2023-36664-2.patch|  60 
 .../ghostscript/CVE-2023-36664-pre1.patch |  62 
 .../ghostscript/ghostscript_9.52.bb   |   3 +
 4 files changed, 270 insertions(+)
 create mode 100644 
meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-1.patch
 create mode 100644 
meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-2.patch
 create mode 100644 
meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-pre1.patch

diff --git 
a/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-1.patch 
b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-1.patch
new file mode 100644
index 00..a3bbe958eb
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-1.patch
@@ -0,0 +1,145 @@
+From 5e65eeae225c7d02d447de5abaf4a8e6d234fcea Mon Sep 17 00:00:00 2001
+From: Chris Liddell 
+Date: Wed, 7 Jun 2023 10:23:06 +0100
+Subject: [PATCH] Bug 706761: Don't "reduce" %pipe% file names for permission 
validation
+
+For regular file names, we try to simplfy relative paths before we use them.
+
+Because the %pipe% device can, effectively, accept command line calls, we
+shouldn't be simplifying that string, because the command line syntax can end
+up confusing the path simplifying code. That can result in permitting a pipe
+command which does not match what was originally permitted.
+
+Special case "%pipe" in the validation code so we always deal with the entire
+string.
+
+Upstream-Status: Backport 
[https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=505eab7782b429017eb434b2b95120855f2b0e3c]
+CVE: CVE-2023-36664
+Signed-off-by: Vijay Anusuri 
+---
+ base/gpmisc.c   | 31 +++
+ base/gslibctx.c | 56 -
+ 2 files changed, 64 insertions(+), 23 deletions(-)
+
+diff --git a/base/gpmisc.c b/base/gpmisc.c
+index c4fffae..09ac6b3 100644
+--- a/base/gpmisc.c
 b/base/gpmisc.c
+@@ -1046,16 +1046,29 @@ gp_validate_path_len(const gs_memory_t *mem,
+  && !memcmp(path + cdirstrl, dirsepstr, dirsepstrl)) {
+   prefix_len = 0;
+ }
+-rlen = len+1;
+-bufferfull = (char *)gs_alloc_bytes(mem->thread_safe_memory, rlen + 
prefix_len, "gp_validate_path");
+-if (bufferfull == NULL)
+-return gs_error_VMerror;
+-
+-buffer = bufferfull + prefix_len;
+-if (gp_file_name_reduce(path, (uint)len, buffer, ) != 
gp_combine_success)
+-return gs_error_invalidfileaccess;
+-buffer[rlen] = 0;
+ 
++/* "%pipe%" do not follow the normal rules for path definitions, so we
++   don't "reduce" them to avoid unexpected results
++ */
++if (len > 5 && memcmp(path, "%pipe", 5) != 0) {
++  bufferfull = buffer = (char *)gs_alloc_bytes(mem->thread_safe_memory, 
len + 1, "gp_validate_path");
++  if (buffer == NULL)
++  return gs_error_VMerror;
++  memcpy(buffer, path, len);
++  buffer[len] = 0;
++  rlen = len;
++}
++else {
++  rlen = len+1;
++  bufferfull = (char *)gs_alloc_bytes(mem->thread_safe_memory, rlen + 
prefix_len, "gp_validate_path");
++  if (bufferfull == NULL)
++  return gs_error_VMerror;
++
++  buffer = bufferfull + prefix_len;
++  if (gp_file_name_reduce(path, (uint)len, buffer, ) != 
gp_combine_success)
++  return gs_error_invalidfileaccess;
++  buffer[rlen] = 0;
++}
+ while (1) {
+ switch (mode[0])
+ {
+diff --git a/base/gslibctx.c b/base/gslibctx.c
+index 20c5eee..355c0e3 100644
+--- a/base/gslibctx.c
 b/base/gslibctx.c
+@@ -719,14 +719,28 @@ gs_add_control_path_len(const gs_memory_t *mem, 
gs_path_control_t type, const ch
+ return gs_error_rangecheck;
+ }
+ 
+-rlen = len+1;
+-buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gp_validate_path");
+-if (buffer == NULL)
+-return gs_error_VMerror;
++/* "%pipe%" do not follow the normal rules for path definitions, so we
++   don't "reduce" them to avoid unexpected results
++ */
++if (len > 5 && memcmp(path, "%pipe", 5) != 0) {
++  buffer = (char *)gs_alloc_bytes(core->memory, len + 1, 
"gs_add_control_path_len");
++  if (buffer == NULL)
++  return gs_error_VMerror;
++  memcpy(buffer, path, len);
++  buffer[len] = 0;
++  rlen = len;

[OE-core][dunfell][PATCH] go: Fix CVE-2023-39318 and CVE-2023-39319

[Siddharth via lists.openembedded.org]

From: Siddharth Doshi 

Upstream-Status: Backport from 
[https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c]
CVE: CVE-2023-39318
Upstream-Status: Backport from 
[https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5]
CVE: CVE-2023-39319
Signed-off-by: Siddharth Doshi 
---
 meta/recipes-devtools/go/go-1.14.inc  |   2 +
 .../go/go-1.14/CVE-2023-39318.patch   | 238 ++
 .../go/go-1.14/CVE-2023-39319.patch   | 230 +
 3 files changed, 470 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-39318.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-39319.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc 
b/meta/recipes-devtools/go/go-1.14.inc
index 20377e095b..9fc5eb130f 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -70,6 +70,8 @@ SRC_URI += "\
 file://CVE-2023-29400.patch \
 file://CVE-2023-29406.patch \
 file://CVE-2023-29409.patch \
+file://CVE-2023-39318.patch \
+file://CVE-2023-39319.patch \
 "
 
 SRC_URI_append_libc-musl = " 
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-39318.patch 
b/meta/recipes-devtools/go/go-1.14/CVE-2023-39318.patch
new file mode 100644
index 00..20e70c0485
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-39318.patch
@@ -0,0 +1,238 @@
+From 023b542edf38e2a1f87fcefb9f75ff2f99401b4c Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker 
+Date: Thu, 3 Aug 2023 12:24:13 -0700
+Subject: [PATCH] [release-branch.go1.20] html/template: support HTML-like
+ comments in script contexts
+
+Per Appendix B.1.1 of the ECMAScript specification, support HTML-like
+comments in script contexts. Also per section 12.5, support hashbang
+comments. This brings our parsing in-line with how browsers treat these
+comment types.
+
+Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for
+reporting this issue.
+
+Fixes #62196
+Fixes #62395
+Fixes CVE-2023-39318
+
+Change-Id: Id512702c5de3ae46cf648e268cb10e1eb392a181
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1976593
+Run-TryBot: Roland Shoemaker 
+Reviewed-by: Tatiana Bradley 
+Reviewed-by: Damien Neil 
+Reviewed-by: Dmitri Shuralyov 
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/2014620
+Reviewed-on: https://go-review.googlesource.com/c/go/+/526098
+Run-TryBot: Cherry Mui 
+TryBot-Result: Gopher Robot 
+
+Upstream-Status: Backport from 
[https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c]
+CVE: CVE-2023-39318
+Signed-off-by: Siddharth Doshi 
+---
+ src/html/template/context.go  |  6 ++-
+ src/html/template/escape.go   |  5 +-
+ src/html/template/escape_test.go  | 10 
+ src/html/template/state_string.go |  4 +-
+ src/html/template/transition.go   | 80 ---
+ 5 files changed, 72 insertions(+), 33 deletions(-)
+
+diff --git a/src/html/template/context.go b/src/html/template/context.go
+index 0b65313..4eb7891 100644
+--- a/src/html/template/context.go
 b/src/html/template/context.go
+@@ -124,6 +124,10 @@ const (
+   stateJSBlockCmt
+   // stateJSLineCmt occurs inside a JavaScript // line comment.
+   stateJSLineCmt
++  // stateJSHTMLOpenCmt occurs inside a JavaScript  HTML-like comment.
++  stateJSHTMLCloseCmt
+   // stateCSS occurs inside a 

[OE-core] [PATCH] llvm: Upgrade to 17.0.2

[Khem Raj]

* 481358974fb0 [GVN] Also remove phi nodes from VN table (PR65447)
* 9f77e96186be [GVN] Invalidate MDA when deduplicating phi nodes
* a13a89402f53 Bump version to 17.0.2
* 2c04bdb24677 [SVE] Ensure SVE call operands passed via memory are correctly 
initialised. (#66070)
* 701620d58cdf [SVE] Precommit test to show missing initialisation of call 
operand.

Signed-off-by: Khem Raj 
---
 meta/recipes-devtools/llvm/llvm_git.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-devtools/llvm/llvm_git.bb 
b/meta/recipes-devtools/llvm/llvm_git.bb
index 611aacba147..934f842b908 100644
--- a/meta/recipes-devtools/llvm/llvm_git.bb
+++ b/meta/recipes-devtools/llvm/llvm_git.bb
@@ -14,14 +14,14 @@ RDEPENDS:${PN}:append:class-target = " ncurses-terminfo"
 
 inherit cmake pkgconfig
 
-PV = "17.0.1"
+PV = "17.0.2"
 
 MAJOR_VERSION = "${@oe.utils.trim_version("${PV}", 1)}"
 
 LLVM_RELEASE = "${PV}"
 
 BRANCH = "release/${MAJOR_VERSION}.x"
-SRCREV = "e19b7dc36bc047b9eb72078d034596be766da350"
+SRCREV = "481358974fb0f732e33d503c224492a543f4d7bd"
 SRC_URI = 
"git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=https \
file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \

file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2
 \
-- 
2.42.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188214): 
https://lists.openembedded.org/g/openembedded-core/message/188214
Mute This Topic: https://lists.openembedded.org/mt/101589051/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH V5] tar: add ptest support

[qi...@fujitsu.com]

Hi，Alex

> 
> In this case, there's a fix, so please add the link to this patch:
> https://git.savannah.gnu.org/cgit/tar.git/commit/?id=39849e9d91f477d3fb839f93cd0815d0cb3273e9
> 

The bug: There is no exclude17.at or exclude18.at file in src dir, so testsuite 
can not be compiled.

| /bin/bash 
'/Yocto/oe-core-test/build/tmp-glibc/work/core2-64-oe-linux/tar/1.35/tar-1.35/build-aux/missing'
 autom4te --language=autotest -I ../../tar-1.35/tests testsuite.at -o 
../../tar-1.35/tests/testsuite.tmp | m4:../../tar-1.35/tests/testsuite.at:315: 
cannot open `exclude17.at': No such file or directory | 
m4:../../tar-1.35/tests/testsuite.at:316: cannot open `exclude18.at': No such 
file or directory | autom4te: error: m4 failed with exit status: 1
Up patch only added exclude17.at and exclude18.at into Makefile, but could not 
fix none file problem.
So, I think it is not the fix patch.

The key is that used tarball(*1) does not contain exclude17.at(*3) and 
exclude18.at(*4).
But another tarball(*2) contains the two files.
I am not sure why the same version has diffrenent tarballs.
For *1, testsuite is exist in src without compiling, so there is no problem. Of 
course there is not any ticket or fix patch.
In oe ptest, for adding --am-fmt, recompiling testsuite is neccessary, so the 
problem appeared.

*1: https://ftp.gnu.org/gnu/tar/tar-1.35.tar.bz2
*2: https://git.savannah.gnu.org/cgit/tar.git/snapshot/tar-1.35.tar.gz
*3: The following patch add exclude17.at.
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=0f0722df45ec520d0dac7c9ad7e69165e9140931
*4: The following patch add exclude18.at. ( src/names.c is changed)
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=4f814e0e4c673f86dc65a557f7e55f6b5efd1529

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188213): 
https://lists.openembedded.org/g/openembedded-core/message/188213
Mute This Topic: https://lists.openembedded.org/mt/101569333/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [oe-core][PATCHv7] vte: upgrade 2.72.2 -> 2.74.0

[Alexandre Belloni via lists.openembedded.org]

Hello,

It was not clear to me but I'm fairly sure this is what causes this
failure:

https://autobuilder.yoctoproject.org/typhoon/#/builders/57/builds/7719/steps/12/logs/stdio

On 22/09/2023 12:39:51+0200, Markus Volk wrote:
> Rework recipe
> 
> - remove legacy of the autotools buildsystem
> - remove BBCLASSEXTEND
> - build   vapi dependent on gi-data
> - docs require gir, add   a EXTRA_OEMESON:append to avoid fail in
>   a combination   where docs=true and gir=false
> - gtk+3 and gtk4 are requested by default-> add gtk4 depending
>   on DISTRO_FEATURE
> - install systemd support files   depending on DISTRO_FEATURE
> - update 0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch
> 
> Signed-off-by: Markus Volk 
> ---
>  ...EXITCODE-macro-for-non-glibc-systems.patch | 35 ---
>  .../vte/{vte_0.72.2.bb => vte_0.74.0.bb}  | 29 ++-
>  2 files changed, 25 insertions(+), 39 deletions(-)
>  rename meta/recipes-support/vte/{vte_0.72.2.bb => vte_0.74.0.bb} (67%)
> 
> diff --git 
> a/meta/recipes-support/vte/vte/0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch
>  
> b/meta/recipes-support/vte/vte/0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch
> index b4100fc381..8934d5f80a 100644
> --- 
> a/meta/recipes-support/vte/vte/0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch
> +++ 
> b/meta/recipes-support/vte/vte/0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch
> @@ -11,32 +11,25 @@ Upstream-Status: Submitted [1]
>  Signed-off-by: Andreas Müller 
>  
>  [1] https://gitlab.gnome.org/GNOME/vte/issues/72
> -
>  ---
> - src/missing.hh | 4 
> - src/widget.cc  | 1 +
> - 2 files changed, 5 insertions(+)
> + src/widget.cc  | 4 +++
> + 1 files changed, 4 insertions(+)
>  
>  a/src/missing.hh
> -+++ b/src/missing.hh
> -@@ -24,6 +24,10 @@
> - #define NSIG (8 * sizeof(sigset_t))
> - #endif
> +diff --git a/src/widget.cc b/src/widget.cc
> +index 07f7cabf..31a77f68 100644
> +--- a/src/widget.cc
>  b/src/widget.cc
> +@@ -16,6 +16,10 @@
> +  * along with this library.  If not, see .
> +  */
>   
>  +#ifndef W_EXITCODE
>  +#define W_EXITCODE(ret, sig) ((ret) << 8 | (sig))
>  +#endif
>  +
> - #ifndef HAVE_FDWALK
> - int fdwalk(int (*cb)(void* data, int fd),
> -void* data);
>  a/src/widget.cc
> -+++ b/src/widget.cc
> -@@ -21,6 +21,7 @@
> - #include "widget.hh"
> - 
> - #include  // for W_EXITCODE
> -+#include "missing.hh" // for W_EXITCODE on non-glibc systems
> + #include "config.h"
>   
> - #include 
> - #include 
> + #include "widget.hh"
> +-- 
> +2.42.0
> +
> diff --git a/meta/recipes-support/vte/vte_0.72.2.bb 
> b/meta/recipes-support/vte/vte_0.74.0.bb
> similarity index 67%
> rename from meta/recipes-support/vte/vte_0.72.2.bb
> rename to meta/recipes-support/vte/vte_0.74.0.bb
> index 4249b75ac0..aeaf088598 100644
> --- a/meta/recipes-support/vte/vte_0.72.2.bb
> +++ b/meta/recipes-support/vte/vte_0.74.0.bb
> @@ -17,32 +17,27 @@ GNOMEBASEBUILDCLASS = "meson"
>  GIR_MESON_OPTION = 'gir'
>  GIDOCGEN_MESON_OPTION = "docs"
>  
> -inherit gnomebase gi-docgen features_check upstream-version-is-even 
> gobject-introspection
> +inherit gnomebase gi-docgen features_check upstream-version-is-even 
> gobject-introspection vala
>  
> -# vapigen.m4 is required when vala is not present (but the one from vala 
> should be used normally)
>  SRC_URI += "file://0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch"
> -SRC_URI[archive.sha256sum] = 
> "f7966fd185a6981f53964162b71cfef7e606495155d6f5827b72aa0dd6741c9e"
> +SRC_URI[archive.sha256sum] = 
> "9ae08f777952ba793221152d360550451580f42d3b570e3341ebb6841984c76b"
>  
>  ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
>  
> -# Help g-ir-scanner find the .so for linking
> -do_compile:prepend() {
> -export GIR_EXTRA_LIBS_PATH="${B}/src/.libs"
> -}
> +EXTRA_OEMESON += "${@bb.utils.contains('GI_DATA_ENABLED', 'True', 
> '-Dvapi=true', '-Dvapi=false', d)}"
> +EXTRA_OEMESON:append = " ${@bb.utils.contains('GI_DATA_ENABLED', 'False', 
> '-Ddocs=false', '', d)}"
>  
> -# Package additional files
> -FILES:${PN}-dev += "${datadir}/vala/vapi/*"
> -
> -PACKAGECONFIG ??= "gnutls"
> -PACKAGECONFIG[vala] = "-Dvapi=true,-Dvapi=false,vala-native vala"
> +PACKAGECONFIG ??= " \
> + gnutls \
> + ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
> + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gtk4', '', d)} \
> +"
> +PACKAGECONFIG[gtk4] = "-Dgtk4=true,-Dgtk4=false,gtk4"
>  PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls"
>  PACKAGECONFIG[systemd] = "-D_systemd=true,-D_systemd=false,systemd"
> -# vala requires gir
> -PACKAGECONFIG:remove:class-native = "vala"
> -
> -CFLAGS += "-D_GNU_SOURCE"
>  
>  PACKAGES =+ "libvte ${PN}-prompt"
> +FILES:${PN} +="${systemd_user_unitdir}"
>  FILES:libvte = "${libdir}/*.so.* ${libdir}/girepository-1.0/*"
>  FILES:${PN}-prompt = " \
>  ${sysconfdir}/profile.d \
> @@ -50,5 +45,3 @@ FILES:${PN}-prompt = " \
>  "
>  
>  

Re: [OE-core] beaglebone-yocto testimage ping timeout issue

[Richard Purdie]

On Mon, 2023-09-25 at 11:17 -0700, Khem Raj wrote:
> core-image-minimal does not have ssh server in image so maybe start
> with core-image-base or something or add
> IMAGE_FEATURES += "ssh-server-openssh package-management hwcodecs" to 
> local.conf

Whilst in general that is good advice to make minimal more testable,
you don't need an ssh server for ping to work so it won't be that for
the ping issue.

> you might need to prepare the target testing setup
> 
> especially TEST_TARGET_IP and TEST_SERVER_IP and TEST_TARGET
> see - 
> https://github.com/YoeDistro/yoe-distro/blob/master/conf/projects/visionfive2/config.conf#L18-L20

Can you share the full testimage log somewhere? The first thing to
check is whether anything booted or not. If it hasn't booted, it won't
ping. Start with that and work forward - are the network devices
configured in the kernel log?

That does raise the question - how are you provisioning the beaglebone
and the other hardware with the image/kernel? I'm not sure that is
setup to work under qemu?

Cheers,

Richard



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188211): 
https://lists.openembedded.org/g/openembedded-core/message/188211
Mute This Topic: https://lists.openembedded.org/mt/101578999/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] webkitgtk: reduce size of -dbg package

[Khem Raj]

On Mon, Sep 25, 2023 at 4:35 AM Ross Burton  wrote:
>
> From: Ross Burton 
>
> Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of
> the debug symbols (4.3GB to 700M at time of writing):
>
>   Level 1 produces minimal information, enough for making backtraces in
>   parts of the program that you don't plan to debug. This includes
>   descriptions of functions and external variables, and line number
>   tables, but no information about local variables.
>
> This makes the sstate objects a lot more manageable, and packaging
> faster.  On my machine:
>
>   PKG  TASK ABSDIFF  RELDIFF  WALLTIME1 -> WALLTIME2
>   webkitgtkdo_compile   -613.8s   -21.7%2823.3s -> 2209.5s
>   webkitgtkdo_package   -143.4s   -53.6% 267.7s -> 124.3s
>   webkitgtkdo_install-93.7s   -60.1% 156.0s -> 62.3s
>   webkitgtkdo_populate_sysroot   -51.6s   -86.4%  59.7s -> 8.1s
>
> Cumulative walltime:
>   -892.9s-26.5%56:06.3 (3366.3s) -> 41:13.4 (2473.4s)
>

Thanks, we have had it for qtwebengine for a while. Btw. we need
something similar for
./meta-oe/recipes-support/webkitgtk/webkitgtk3_2.42.0.bb

> Signed-off-by: Ross Burton 
> ---
>  meta/recipes-sato/webkit/webkitgtk_2.40.5.bb | 4 
>  1 file changed, 4 insertions(+)
>
> diff --git a/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb 
> b/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
> index a0c97aa593c..0c54f202ca5 100644
> --- a/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
> +++ b/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
> @@ -87,6 +87,10 @@ EXTRA_OECMAKE = " \
>   -DUSE_GTK4=ON \
>   "
>
> +# Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of the
> +# debug symbols (4.3GB to 700M at time of writing)
> +DEBUG_FLAGS:append = "${@oe.utils.vartrue('DEBUG_BUILD', '', ' -g1', d)}"
> +
>  # Javascript JIT is not supported on ARC
>  EXTRA_OECMAKE:append:arc = " -DENABLE_JIT=OFF "
>  # By default 25-bit "medium" calls are used on ARC
> --
> 2.34.1
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188210): 
https://lists.openembedded.org/g/openembedded-core/message/188210
Mute This Topic: https://lists.openembedded.org/mt/101571944/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] beaglebone-yocto testimage ping timeout issue

[Khem Raj]

core-image-minimal does not have ssh server in image so maybe start
with core-image-base or something or add
IMAGE_FEATURES += "ssh-server-openssh package-management hwcodecs" to local.conf

you might need to prepare the target testing setup

especially TEST_TARGET_IP and TEST_SERVER_IP and TEST_TARGET
see - 
https://github.com/YoeDistro/yoe-distro/blob/master/conf/projects/visionfive2/config.conf#L18-L20

On Mon, Sep 25, 2023 at 10:23 AM Sandeep Gundlupet Raju via
lists.openembedded.org
 wrote:
>
> Hi All,
>
> I'm running testimage for arm32(beaglebone-yocto, zynq-generic and
> microblaze targets) using master and I see ping timeout issue as shown
> below but I don't see this issue with ARM64 targets or qemuarm. Any help
> would be much appreciated.
>
> /scratch1/sandeepg/yocto/yp-master/build-ci-master  $ time
> MACHINE=beaglebone-yocto bitbake core-image-minimal -c testimage
> Loading cache: 100%
> |###|
> Time: 0:00:00
> Loaded 1812 entries from dependency cache.
> NOTE: Resolving any missing task queue dependencies
>
> Build Configuration:
> BB_VERSION   = "2.6.0"
> BUILD_SYS= "x86_64-linux"
> NATIVELSBSTRING  = "universal"
> TARGET_SYS   = "arm-poky-linux-gnueabi"
> MACHINE  = "beaglebone-yocto"
> DISTRO   = "poky"
> DISTRO_VERSION   =
> "4.2+snapshot-8815eefb0d6218661794a58008e1144a77d3394f"
> TUNE_FEATURES= "arm vfp cortexa8 neon callconvention-hard"
> TARGET_FPU   = "hard"
> meta
> meta-poky
> meta-yocto-bsp   = "master:8815eefb0d6218661794a58008e1144a77d3394f"
>
> Initialising tasks: 100%
> |##|
> Time: 0:00:00
> Sstate summary: Wanted 3 Local 0 Mirrors 0 Missed 3 Current 261 (0%
> match, 98% complete)
> NOTE: Executing Tasks
> QMP Available for connection at
> /scratch1/sandeepg/yocto/yp-master/build-ci-master/tmp/.pb069a_h
> QMP connected to QEMU at 09/25/23 11:06:10 and took 0.53 seconds
> QMP released QEMU at 09/25/23 11:06:10 and took 0.04 seconds from connect
> Test requires apt to be installed
> Traceback (most recent call last):
>File
> "/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/runtime/cases/ping.py",
> line 25, in test_ping
>  output += proc.communicate()[0].decode('utf-8')
>File "/usr/lib/python3.10/subprocess.py", line 1141, in communicate
>  stdout = self.stdout.read()
>File
> "/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/core/decorator/oetimeout.py",
> line 18, in _timeoutHandler
>  raise OEQATimeoutError("Timed out after %s "
> oeqa.core.exception.OEQATimeoutError: Timed out after 30 seconds of
> execution
>
> During handling of the above exception, another exception occurred:
>
> Traceback (most recent call last):
>File
> "/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/core/decorator/__init__.py",
> line 35, in wrapped_f
>  return func(*args, **kwargs)
>File
> "/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/runtime/cases/ping.py",
> line 32, in test_ping
>  self.fail("Ping timeout error for address %s, count %s, output: %s"
> % (self.target.ip, count, output))
> AssertionError: Ping timeout error for address 192.168.7.2, count 0,
> output: PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
>  From 192.168.7.1 icmp_seq=1 Destination Host Unreachable
>
> --- 192.168.7.2 ping statistics ---
> 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
>
> PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
>  From 192.168.7.1 icmp_seq=1 Destination Host Unreachable
>
> --- 192.168.7.2 ping statistics ---
> 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
>
> PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
>  From 192.168.7.1 icmp_seq=1 Destination Host Unreachable
>
> --- 192.168.7.2 ping statistics ---
> 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
>
> PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
>  From 192.168.7.1 icmp_seq=1 Destination Host Unreachable
>
> --- 192.168.7.2 ping statistics ---
> 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
>
> PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
>  From 192.168.7.1 icmp_seq=1 Destination Host Unreachable
>
> --- 192.168.7.2 ping statistics ---
> 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
>
> PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
>  From 192.168.7.1 icmp_seq=1 Destination Host Unreachable
>
> --- 192.168.7.2 ping statistics ---
> 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
>
> PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
>  

[OE-core] [PATCH v2 2/2] glib-2.0: Remove failing ptests on musl

[Khem Raj]

FAIL: glib/convert.test (Child process killed by signal 6)
FAIL: glib/collate.test (Child process killed by signal 6)
FAIL: glib/gdatetime.test (Child process killed by signal 6)
FAIL: glib/date.test (Child process killed by signal 6)
FAIL: glib/converter-stream.test (Child process killed by signal 6)
FAIL: glib/option-context.test (Child process killed by signal 6)

Signed-off-by: Khem Raj 
---
v2: Add detailed comment in recipe about skipping these tests

 meta/recipes-core/glib-2.0/glib.inc | 8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/glib-2.0/glib.inc 
b/meta/recipes-core/glib-2.0/glib.inc
index 5183f37a6ef..b946e798bba 100644
--- a/meta/recipes-core/glib-2.0/glib.inc
+++ b/meta/recipes-core/glib-2.0/glib.inc
@@ -134,7 +134,13 @@ do_install:append:class-target () {
 # https://gitlab.gnome.org/GNOME/glib/-/issues/2810
 rm -f ${D}${datadir}/installed-tests/glib/thread-pool-slow.test
 }
-
+do_install:append:class-target:libc-musl () {
+# Remove failing tests on musl libc systems, this helps set baseline 
for musl testing
+# they remain to be rootcaused and fixed but marked known failures 
here.
+for t in convert.test collate.test gdatetime.test date.test 
converter-stream.test option-context.test; do
+rm -rf ${D}${datadir}/installed-tests/glib/$t
+done
+}
 # As we do not build python3 for windows, makes no sense to ship the script 
that's using it
 do_install:append:mingw32() {
 rm -f ${D}${bindir}/gtester-report
-- 
2.42.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188208): 
https://lists.openembedded.org/g/openembedded-core/message/188208
Mute This Topic: https://lists.openembedded.org/mt/101579931/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v2 1/2] glib-2.0: Enable possible locales with musl for ptests

[Khem Raj]

Signed-off-by: Khem Raj 
---
v2: Rebased.

 meta/recipes-core/glib-2.0/glib.inc | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/meta/recipes-core/glib-2.0/glib.inc 
b/meta/recipes-core/glib-2.0/glib.inc
index c314594d493..5183f37a6ef 100644
--- a/meta/recipes-core/glib-2.0/glib.inc
+++ b/meta/recipes-core/glib-2.0/glib.inc
@@ -171,6 +171,12 @@ RDEPENDS:${PN}-ptest += "\
 python3-modules \
 ${@bb.utils.contains('GI_DATA_ENABLED', 'True', 
'python3-dbusmock', '', d)} \
 ${PN}-codegen \
+locale-base-de-de \
+locale-base-es-es \
+locale-base-en-gb \
+locale-base-en-us \
+locale-base-fr-fr \
+locale-base-ru-ru \
"
 
 RDEPENDS:${PN}-ptest:append:libc-glibc = "\
@@ -185,18 +191,12 @@ RDEPENDS:${PN}-ptest:append:libc-glibc = "\
 glibc-gconv-iso8859-15 \
 glibc-charmap-invariant \
 glibc-localedata-translit-cjk-variants \
-locale-base-tr-tr \
 locale-base-lt-lt \
 locale-base-ja-jp.euc-jp \
 locale-base-fa-ir \
-locale-base-ru-ru \
-locale-base-de-de \
 locale-base-hr-hr \
 locale-base-el-gr \
-locale-base-fr-fr \
-locale-base-es-es \
-locale-base-en-gb \
-locale-base-en-us \
 locale-base-pl-pl \
 locale-base-pl-pl.iso-8859-2 \
+locale-base-tr-tr \
"
-- 
2.42.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188207): 
https://lists.openembedded.org/g/openembedded-core/message/188207
Mute This Topic: https://lists.openembedded.org/mt/101579930/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 2/2] glib-2.0: Remove failing ptests on musl

[Alexander Kanavin]

On Mon, 25 Sept 2023 at 20:01, Khem Raj  wrote:
> > On Mon, 25 Sept 2023 at 19:21, Khem Raj  wrote:
> > > They are not triaged so no root cause reason is mentioned.
> > > The failures are listed in commit with some details that ptest shows.
> >
> > I still don't understand why the failing tests should be removed. Just
> > let them fail, or exclude glib ptest from musl CI altogether. No one
> > wants a fake green status.
>
> This helps in creating a baseline so it does not regress further,
> while the information
> is still maintained in the recipe if it needs to be triaged further.

This I can agree with. But can you write a better comment in the recipe itself?

Alex

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188206): 
https://lists.openembedded.org/g/openembedded-core/message/188206
Mute This Topic: https://lists.openembedded.org/mt/101546413/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 2/2] systemd: Refresh patches to avoid patch-fuzz

[Khem Raj]

Signed-off-by: Khem Raj 
---
 ...14-Use-uintmax_t-for-handling-rlim_t.patch | 23 ++---
 ...-not-disable-buffer-in-writing-files.patch | 89 +--
 .../0022-Handle-__cpu_mask-usage.patch|  9 +-
 3 files changed, 31 insertions(+), 90 deletions(-)

diff --git 
a/meta/recipes-core/systemd/systemd/0014-Use-uintmax_t-for-handling-rlim_t.patch
 
b/meta/recipes-core/systemd/systemd/0014-Use-uintmax_t-for-handling-rlim_t.patch
index 1d50faa363f..2071f4fb206 100644
--- 
a/meta/recipes-core/systemd/systemd/0014-Use-uintmax_t-for-handling-rlim_t.patch
+++ 
b/meta/recipes-core/systemd/systemd/0014-Use-uintmax_t-for-handling-rlim_t.patch
@@ -26,11 +26,9 @@ Signed-off-by: Chen Qi 
  src/core/execute.c  |  4 ++--
  3 files changed, 9 insertions(+), 15 deletions(-)
 
-diff --git a/src/basic/format-util.h b/src/basic/format-util.h
-index 8719df3e29..9becc96066 100644
 --- a/src/basic/format-util.h
 +++ b/src/basic/format-util.h
-@@ -34,13 +34,7 @@ assert_cc(sizeof(gid_t) == sizeof(uint32_t));
+@@ -34,13 +34,7 @@ assert_cc(sizeof(gid_t) == sizeof(uint32
  #  error Unknown timex member size
  #endif
  
@@ -45,11 +43,9 @@ index 8719df3e29..9becc96066 100644
  
  #if SIZEOF_DEV_T == 8
  #  define DEV_FMT "%" PRIu64
-diff --git a/src/basic/rlimit-util.c b/src/basic/rlimit-util.c
-index 33dfde9d6c..e018fd81fd 100644
 --- a/src/basic/rlimit-util.c
 +++ b/src/basic/rlimit-util.c
-@@ -44,7 +44,7 @@ int setrlimit_closest(int resource, const struct rlimit 
*rlim) {
+@@ -44,7 +44,7 @@ int setrlimit_closest(int resource, cons
  fixed.rlim_max == highest.rlim_max)
  return 0;
  
@@ -58,7 +54,7 @@ index 33dfde9d6c..e018fd81fd 100644
  
  return RET_NERRNO(setrlimit(resource, ));
  }
-@@ -307,13 +307,13 @@ int rlimit_format(const struct rlimit *rl, char **ret) {
+@@ -307,13 +307,13 @@ int rlimit_format(const struct rlimit *r
  if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY)
  r = free_and_strdup(, "infinity");
  else if (rl->rlim_cur >= RLIM_INFINITY)
@@ -76,20 +72,18 @@ index 33dfde9d6c..e018fd81fd 100644
  if (r < 0)
  return -ENOMEM;
  
-@@ -403,7 +403,7 @@ int rlimit_nofile_safe(void) {
- 
- rl.rlim_cur = FD_SETSIZE;
+@@ -407,7 +407,7 @@ int rlimit_nofile_safe(void) {
+ rl.rlim_max = MIN(rl.rlim_max, (rlim_t) read_nr_open());
+ rl.rlim_cur = MIN((rlim_t) FD_SETSIZE, rl.rlim_max);
  if (setrlimit(RLIMIT_NOFILE, ) < 0)
 -return log_debug_errno(errno, "Failed to lower 
RLIMIT_NOFILE's soft limit to " RLIM_FMT ": %m", rl.rlim_cur);
 +return log_debug_errno(errno, "Failed to lower 
RLIMIT_NOFILE's soft limit to " RLIM_FMT ": %m", (uintmax_t)rl.rlim_cur);
  
  return 1;
  }
-diff --git a/src/core/execute.c b/src/core/execute.c
-index 8ef76de9ab..ea1c203e43 100644
 --- a/src/core/execute.c
 +++ b/src/core/execute.c
-@@ -6667,9 +6667,9 @@ void exec_context_dump(const ExecContext *c, FILE* f, 
const char *prefix) {
+@@ -6707,9 +6707,9 @@ void exec_context_dump(const ExecContext
  for (unsigned i = 0; i < RLIM_NLIMITS; i++)
  if (c->rlimit[i]) {
  fprintf(f, "%sLimit%s: " RLIM_FMT "\n",
@@ -101,6 +95,3 @@ index 8ef76de9ab..ea1c203e43 100644
  }
  
  if (c->ioprio_set) {
--- 
-2.39.2
-
diff --git 
a/meta/recipes-core/systemd/systemd/0021-do-not-disable-buffer-in-writing-files.patch
 
b/meta/recipes-core/systemd/systemd/0021-do-not-disable-buffer-in-writing-files.patch
index ef6b5342ca1..c85087219c4 100644
--- 
a/meta/recipes-core/systemd/systemd/0021-do-not-disable-buffer-in-writing-files.patch
+++ 
b/meta/recipes-core/systemd/systemd/0021-do-not-disable-buffer-in-writing-files.patch
@@ -42,11 +42,9 @@ Signed-off-by: Scott Murray 
  src/vconsole/vconsole-setup.c|  2 +-
  20 files changed, 36 insertions(+), 37 deletions(-)
 
-diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
-index 11b4375ed5..7d81a6007f 100644
 --- a/src/basic/cgroup-util.c
 +++ b/src/basic/cgroup-util.c
-@@ -400,7 +400,7 @@ int cg_kill_kernel_sigkill(const char *controller, const 
char *path) {
+@@ -400,7 +400,7 @@ int cg_kill_kernel_sigkill(const char *c
  if (r < 0)
  return r;
  
@@ -55,7 +53,7 @@ index 11b4375ed5..7d81a6007f 100644
  if (r < 0)
  return r;
  
-@@ -806,7 +806,7 @@ int cg_install_release_agent(const char *controller, const 
char *agent) {
+@@ -806,7 +806,7 @@ int cg_install_release_agent(const char
  
  sc = strstrip(contents);
  if (isempty(sc)) {
@@ -64,7 +62,7 @@ index 11b4375ed5..7d81a6007f 100644
  if (r < 0)
  return r;
  } else if (!path_equal(sc, agent))
-@@ -824,7 +824,7 @@ int cg_install_release_agent(const char *controller, const 
char *agent) {
+@@ -824,7 +824,7 @@ int cg_install_release_agent(const char
  
  sc = strstrip(contents);

[OE-core] [PATCH 1/2] systemd: Drop two upstreamed musl patches

[Khem Raj]

Signed-off-by: Khem Raj 
---
 .../0025-include-sys-file.h-for-LOCK_EX.patch | 29 --
 ...-Include-sys-timex.h-for-struct-time.patch | 28 --
 ...clude-missing-sys-file.h-for-LOCK_EX.patch | 98 ---
 meta/recipes-core/systemd/systemd_254.4.bb|  3 -
 4 files changed, 158 deletions(-)
 delete mode 100644 
meta/recipes-core/systemd/systemd/0025-include-sys-file.h-for-LOCK_EX.patch
 delete mode 100644 
meta/recipes-core/systemd/systemd/0026-test-test-sizeof-Include-sys-timex.h-for-struct-time.patch
 delete mode 100644 
meta/recipes-core/systemd/systemd/0027-include-missing-sys-file.h-for-LOCK_EX.patch

diff --git 
a/meta/recipes-core/systemd/systemd/0025-include-sys-file.h-for-LOCK_EX.patch 
b/meta/recipes-core/systemd/systemd/0025-include-sys-file.h-for-LOCK_EX.patch
deleted file mode 100644
index 7827cc1403c..000
--- 
a/meta/recipes-core/systemd/systemd/0025-include-sys-file.h-for-LOCK_EX.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From  Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Wed, 2 Aug 2023 10:33:48 -0700
-Subject: [PATCH] include sys/file.h for LOCK_EX
-
-Fixes
-| ../git/src/basic/user-util.c:708:30: error: use of undeclared identifier 
'LOCK_EX'; did you mean 'LOCK_BSD'?
-|   708 | r = unposix_lock(fd, LOCK_EX);
-|   |  ^~~
-|   |  LOCK_BSD
-
-Upstream-Status: Backport [https://github.com/systemd/systemd/pull/28647]
-Signed-off-by: Khem Raj 

- src/basic/user-util.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/basic/user-util.c b/src/basic/user-util.c
-index fe61a09005..5c39847733 100644
 a/src/basic/user-util.c
-+++ b/src/basic/user-util.c
-@@ -6,6 +6,7 @@
- #include 
- #include 
- #include 
-+#include 
- #include 
- #include 
- #include 
diff --git 
a/meta/recipes-core/systemd/systemd/0026-test-test-sizeof-Include-sys-timex.h-for-struct-time.patch
 
b/meta/recipes-core/systemd/systemd/0026-test-test-sizeof-Include-sys-timex.h-for-struct-time.patch
deleted file mode 100644
index f2130c856f9..000
--- 
a/meta/recipes-core/systemd/systemd/0026-test-test-sizeof-Include-sys-timex.h-for-struct-time.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From  Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Wed, 2 Aug 2023 12:14:56 -0700
-Subject: [PATCH] test/test-sizeof: Include sys/timex.h for struct timex
-
-Fixes
-
-../git/src/test/test-sizeof.c:64:41: error: incomplete definition of type 
'struct timex'
-   64 | check(typeof(((struct timex *)0)->freq), SIZEOF_TIMEX_MEMBER);
-  |  ~~~^
-
-Upstream-Status: Backport [https://github.com/systemd/systemd/pull/28651]

- src/test/test-sizeof.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c
-index 9d969cf8f1..b65c0bd370 100644
 a/src/test/test-sizeof.c
-+++ b/src/test/test-sizeof.c
-@@ -4,6 +4,7 @@
- #include 
- #include 
- #include 
-+#include 
- #include 
- 
- #define __STDC_WANT_IEC_60559_TYPES_EXT__
diff --git 
a/meta/recipes-core/systemd/systemd/0027-include-missing-sys-file.h-for-LOCK_EX.patch
 
b/meta/recipes-core/systemd/systemd/0027-include-missing-sys-file.h-for-LOCK_EX.patch
deleted file mode 100644
index 19014802e47..000
--- 
a/meta/recipes-core/systemd/systemd/0027-include-missing-sys-file.h-for-LOCK_EX.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From  Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Wed, 2 Aug 2023 12:18:24 -0700
-Subject: [PATCH] include missing sys/file.h for LOCK_EX
-
-Upstream-Status: Backport [https://github.com/systemd/systemd/pull/28651]

- src/core/execute.c| 1 +
- src/shared/btrfs-util.c   | 1 +
- src/shared/copy.c | 1 +
- src/test/test-btrfs.c | 1 +
- src/test/test-fs-util.c   | 1 +
- src/test/test-lock-util.c | 1 +
- src/vconsole/vconsole-setup.c | 1 +
- 7 files changed, 7 insertions(+)
-
-diff --git a/src/core/execute.c b/src/core/execute.c
-index 5b2ae861ff..2ebf19ffaa 100644
 a/src/core/execute.c
-+++ b/src/core/execute.c
-@@ -4,6 +4,7 @@
- #include 
- #include 
- #include 
-+#include 
- #include 
- #include 
- #include 
-diff --git a/src/shared/btrfs-util.c b/src/shared/btrfs-util.c
-index 5128b308ab..3ded95ea82 100644
 a/src/shared/btrfs-util.c
-+++ b/src/shared/btrfs-util.c
-@@ -10,6 +10,7 @@
- #include 
- #include 
- #include 
-+#include 
- #include 
- #include 
- #include 
-diff --git a/src/shared/copy.c b/src/shared/copy.c
-index 241a2d112b..7e47dc002c 100644
 a/src/shared/copy.c
-+++ b/src/shared/copy.c
-@@ -6,6 +6,7 @@
- #include 
- #include 
- #include 
-+#include 
- #include 
- #include 
- #include 
-diff --git a/src/test/test-btrfs.c b/src/test/test-btrfs.c
-index 95b7ef25d8..ba09563058 100644
 a/src/test/test-btrfs.c
-+++ b/src/test/test-btrfs.c
-@@ -1,6 +1,7 @@
- /* SPDX-License-Identifier: 

[OE-core] [PATCH 0/2] Fix musl patches for 254.4

[Khem Raj]

Drop the backports
Fix patch-fuzz

Khem Raj (2):
  systemd: Drop two upstreamed musl patches
  systemd: Refresh patches to avoid patch-fuzz

 ...14-Use-uintmax_t-for-handling-rlim_t.patch | 23 ++---
 ...-not-disable-buffer-in-writing-files.patch | 89 +
 .../0022-Handle-__cpu_mask-usage.patch|  9 +-
 .../0025-include-sys-file.h-for-LOCK_EX.patch | 29 --
 ...-Include-sys-timex.h-for-struct-time.patch | 28 --
 ...clude-missing-sys-file.h-for-LOCK_EX.patch | 98 ---
 meta/recipes-core/systemd/systemd_254.4.bb|  3 -
 7 files changed, 31 insertions(+), 248 deletions(-)
 delete mode 100644 
meta/recipes-core/systemd/systemd/0025-include-sys-file.h-for-LOCK_EX.patch
 delete mode 100644 
meta/recipes-core/systemd/systemd/0026-test-test-sizeof-Include-sys-timex.h-for-struct-time.patch
 delete mode 100644 
meta/recipes-core/systemd/systemd/0027-include-missing-sys-file.h-for-LOCK_EX.patch

-- 
2.42.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188203): 
https://lists.openembedded.org/g/openembedded-core/message/188203
Mute This Topic: https://lists.openembedded.org/mt/101579780/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 2/2] glib-2.0: Remove failing ptests on musl

[Khem Raj]

On Mon, Sep 25, 2023 at 10:53 AM Alexander Kanavin
 wrote:
>
> On Mon, 25 Sept 2023 at 19:21, Khem Raj  wrote:
> > They are not triaged so no root cause reason is mentioned.
> > The failures are listed in commit with some details that ptest shows.
>
> I still don't understand why the failing tests should be removed. Just
> let them fail, or exclude glib ptest from musl CI altogether. No one
> wants a fake green status.

This helps in creating a baseline so it does not regress further,
while the information
is still maintained in the recipe if it needs to be triaged further.

>
> Alex

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188202): 
https://lists.openembedded.org/g/openembedded-core/message/188202
Mute This Topic: https://lists.openembedded.org/mt/101546413/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 2/2] glib-2.0: Remove failing ptests on musl

[Alexander Kanavin]

On Mon, 25 Sept 2023 at 19:21, Khem Raj  wrote:
> They are not triaged so no root cause reason is mentioned.
> The failures are listed in commit with some details that ptest shows.

I still don't understand why the failing tests should be removed. Just
let them fail, or exclude glib ptest from musl CI altogether. No one
wants a fake green status.

Alex

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188201): 
https://lists.openembedded.org/g/openembedded-core/message/188201
Mute This Topic: https://lists.openembedded.org/mt/101546413/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH v3 1/5] musl: Update to latest

[Khem Raj]

On Mon, Sep 25, 2023 at 9:04 AM Alexandre Belloni
 wrote:
>
> Hello,
>
> I had this with the series:
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/64/builds/7848/steps/12/logs/stdio
> https://autobuilder.yoctoproject.org/typhoon/#/builders/45/builds/7876/steps/12/logs/stdio
>
> make[2]: Entering directory '/home/root/buildtest/cpio-2.13/rmt'
>   CC   rmt.o
>   CCLD rmt
> /usr/lib/gcc/i686-poky-linux-musl/13.2.0/../../../../i686-poky-linux-musl/bin/ld:
>  rmt.o: in function `parse_opt':
> /home/root/buildtest/cpio-2.13/rmt/rmt.c:715:(.text+0x190): undefined 
> reference to `error'
> /usr/lib/gcc/i686-poky-linux-musl/13.2.0/../../../../i686-poky-linux-musl/bin/ld:
>  rmt.o: in function `main':
> /home/root/buildtest/cpio-2.13/rmt/rmt.c:780:(.text.startup+0x170): undefined 
> reference to `error'
> /usr/lib/gcc/i686-poky-linux-musl/13.2.0/../../../../i686-poky-linux-musl/bin/ld:
>  /home/root/buildtest/cpio-2.13/rmt/rmt.c:783:(.text.startup+0x7af): 
> undefined reference to `error'
> collect2: error: ld returned 1 exit status
> make[2]: Leaving directory '/home/root/buildtest/cpio-2.13/rmt'
> make[2]: *** [Makefile:1221: rmt] Error 1
> make[1]: *** [Makefile:1282: all-recursive] Error 1
> make[1]: Leaving directory '/home/root/buildtest/cpio-2.13'
> make: *** [Makefile:1222: all] Error 2
>
>


Please cherry-pick -
https://patchwork.yoctoproject.org/project/oe-core/patch/20230923073100.851867-1-raj.k...@gmail.com/
on top

>
> On 22/09/2023 14:05:04-0700, Khem Raj wrote:
> > Brings following bug fixes
> >
> > * 79bdacff glob: fix wrong return code when aborting before any matches
> > * 7291c6c6 statvfs: allocate spare for f_type
> > * 39e43f08 math: fix ld80 powl(x,huge) and powl(LDBL_MAX,small)
> > * 6d101027 math: fix ld80 acoshl(x) for x < 0
> >
> > Drop MIRRORS and switch to etalabs.net for git fetch URI
> > original repo is not working correcting with git Fetcher
> >
> > Signed-off-by: Khem Raj 
> > ---
> > v3: Update SRC_URI to fetchable location
> >
> >  meta/recipes-core/musl/musl_git.bb | 8 ++--
> >  1 file changed, 2 insertions(+), 6 deletions(-)
> >
> > diff --git a/meta/recipes-core/musl/musl_git.bb 
> > b/meta/recipes-core/musl/musl_git.bb
> > index 4a4fe978f93..7dd949ffafd 100644
> > --- a/meta/recipes-core/musl/musl_git.bb
> > +++ b/meta/recipes-core/musl/musl_git.bb
> > @@ -4,21 +4,17 @@
> >  require musl.inc
> >  inherit linuxloader
> >
> > -SRCREV = "83b858f83b658bd34eca5d8ad4d145f673ae7e5e"
> > +SRCREV = "79bdacff83a6bd5b70ff5ae5eb8b6de82c2f7c30"
> >
> >  BASEVER = "1.2.4"
> >
> >  PV = "${BASEVER}+git"
> >
> > -# mirror is at git://github.com/kraj/musl.git
> > -
> > -SRC_URI = 
> > "git://git.musl-libc.org/git/musl.git;branch=master;protocol=https \
> > +SRC_URI = "git://git.etalabs.net/git/musl;branch=master;protocol=https \
> > 
> > file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \
> > 
> > file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \
> >"
> >
> > -MIRRORS += "git://git.musl-libc.org/git/musl.git 
> > git://github.com/kraj/musl.git"
> > -
> >  S = "${WORKDIR}/git"
> >
> >  PROVIDES += "virtual/libc virtual/libiconv virtual/libintl virtual/crypt"
> > --
> > 2.42.0
> >
>
> >
> > 
> >
>
>
> --
> Alexandre Belloni, co-owner and COO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188200): 
https://lists.openembedded.org/g/openembedded-core/message/188200
Mute This Topic: https://lists.openembedded.org/mt/101529915/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] beaglebone-yocto testimage ping timeout issue

[Sandeep Gundlupet Raju via lists.openembedded.org]

Hi All,

I'm running testimage for arm32(beaglebone-yocto, zynq-generic and 
microblaze targets) using master and I see ping timeout issue as shown 
below but I don't see this issue with ARM64 targets or qemuarm. Any help 
would be much appreciated.


/scratch1/sandeepg/yocto/yp-master/build-ci-master  $ time 
MACHINE=beaglebone-yocto bitbake core-image-minimal -c testimage
Loading cache: 100% 
|###| 
Time: 0:00:00

Loaded 1812 entries from dependency cache.
NOTE: Resolving any missing task queue dependencies

Build Configuration:
BB_VERSION   = "2.6.0"
BUILD_SYS    = "x86_64-linux"
NATIVELSBSTRING  = "universal"
TARGET_SYS   = "arm-poky-linux-gnueabi"
MACHINE  = "beaglebone-yocto"
DISTRO   = "poky"
DISTRO_VERSION   = 
"4.2+snapshot-8815eefb0d6218661794a58008e1144a77d3394f"

TUNE_FEATURES    = "arm vfp cortexa8 neon callconvention-hard"
TARGET_FPU   = "hard"
meta
meta-poky
meta-yocto-bsp   = "master:8815eefb0d6218661794a58008e1144a77d3394f"

Initialising tasks: 100% 
|##| 
Time: 0:00:00
Sstate summary: Wanted 3 Local 0 Mirrors 0 Missed 3 Current 261 (0% 
match, 98% complete)

NOTE: Executing Tasks
QMP Available for connection at 
/scratch1/sandeepg/yocto/yp-master/build-ci-master/tmp/.pb069a_h

QMP connected to QEMU at 09/25/23 11:06:10 and took 0.53 seconds
QMP released QEMU at 09/25/23 11:06:10 and took 0.04 seconds from connect
Test requires apt to be installed
Traceback (most recent call last):
  File 
"/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/runtime/cases/ping.py", 
line 25, in test_ping

    output += proc.communicate()[0].decode('utf-8')
  File "/usr/lib/python3.10/subprocess.py", line 1141, in communicate
    stdout = self.stdout.read()
  File 
"/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/core/decorator/oetimeout.py", 
line 18, in _timeoutHandler

    raise OEQATimeoutError("Timed out after %s "
oeqa.core.exception.OEQATimeoutError: Timed out after 30 seconds of 
execution


During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File 
"/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/core/decorator/__init__.py", 
line 35, in wrapped_f

    return func(*args, **kwargs)
  File 
"/scratch1/sandeepg/yocto/yp-master/sources/poky/meta/lib/oeqa/runtime/cases/ping.py", 
line 32, in test_ping
    self.fail("Ping timeout error for address %s, count %s, output: %s" 
% (self.target.ip, count, output))
AssertionError: Ping timeout error for address 192.168.7.2, count 0, 
output: PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.

From 192.168.7.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.7.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
From 192.168.7.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.7.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
From 192.168.7.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.7.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
From 192.168.7.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.7.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
From 192.168.7.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.7.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
From 192.168.7.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.7.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

PING 192.168.7.2 (192.168.7.2) 56(84) bytes of data.
From 192.168.7.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.7.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

Test requires openssh-sshd, or dropbear to be installed
Test requires autoconf to be installed
Test requires gtk+3 to be installed
Test requires autoconf to be installed
Test requires connman to be installed
Test case connman.ConnmanTest.test_connmand_running depends on 
connman.ConnmanTest.test_connmand_help but it didn't pass/run.
Test case date.DateTest.test_date depends on ssh.SSHTest.test_ssh but it 
didn't pass/run.
Test case df.DfTest.test_df depends on ssh.SSHTest.test_ssh but it 
didn't pass/run.
Test 

Re: [OE-core] [PATCH 2/2] glib-2.0: Remove failing ptests on musl

[Khem Raj]

On Mon, Sep 25, 2023 at 12:42 AM Alexander Kanavin
 wrote:
>
> Wait, shouldn't the reason for the failures be at least mentioned, if
> not addressed? "Remove test because it fails" is never a valid change.
>
They are not triaged so no root cause reason is mentioned.
The failures are listed in commit with some details that ptest shows.

> Alex
>
>
> On Sat, 23 Sept 2023 at 22:45, Khem Raj  wrote:
> >
> > FAIL: glib/convert.test (Child process killed by signal 6)
> > FAIL: glib/collate.test (Child process killed by signal 6)
> > FAIL: glib/gdatetime.test (Child process killed by signal 6)
> > FAIL: glib/date.test (Child process killed by signal 6)
> > FAIL: glib/converter-stream.test (Child process killed by signal 6)
> > FAIL: glib/option-context.test (Child process killed by signal 6)
> >
> > Signed-off-by: Khem Raj 
> > ---
> >  meta/recipes-core/glib-2.0/glib.inc | 7 ++-
> >  1 file changed, 6 insertions(+), 1 deletion(-)
> >
> > diff --git a/meta/recipes-core/glib-2.0/glib.inc 
> > b/meta/recipes-core/glib-2.0/glib.inc
> > index 5183f37a6ef..c508990ee8c 100644
> > --- a/meta/recipes-core/glib-2.0/glib.inc
> > +++ b/meta/recipes-core/glib-2.0/glib.inc
> > @@ -134,7 +134,12 @@ do_install:append:class-target () {
> >  # https://gitlab.gnome.org/GNOME/glib/-/issues/2810
> >  rm -f ${D}${datadir}/installed-tests/glib/thread-pool-slow.test
> >  }
> > -
> > +do_install:append:class-target:libc-musl () {
> > +# Remove failing tests on musl libc systems
> > +for t in convert.test collate.test gdatetime.test date.test 
> > converter-stream.test option-context.test; do
> > +rm -rf ${D}${datadir}/installed-tests/glib/$t
> > +done
> > +}
> >  # As we do not build python3 for windows, makes no sense to ship the 
> > script that's using it
> >  do_install:append:mingw32() {
> >  rm -f ${D}${bindir}/gtester-report
> > --
> > 2.42.0
> >
> >
> > 
> >

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188198): 
https://lists.openembedded.org/g/openembedded-core/message/188198
Mute This Topic: https://lists.openembedded.org/mt/101546413/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 3/6] sstate: Stop allowing overlapping symlinks from sstate

[Martin Jansa]

In the cases I've seen in our internal recipes I can just PNBLACKLIST the
one we never use (libfm) to make sure it's never built with faultmanager
(as it was built only as part of world build anyway, nothing in our images
really depends on it). So it wasn't something which would happen in regular
builds, but I agree that ihe error is real and good that it will force us
to make this a bit more deterministic.

For some other internal cases I can also add SkipRecipe to make them
mutually exclusive (they are MACHINE_ARCH implementations of the same
thing, just not restricted with COMPATIBLE_MACHINE or such to make sure
that only the preferred provider is built for given MACHINE).

And for libslirp and libslirp-virt it looks like it was meant to be only
temporary and this error will force it to be resolved a bit sooner.

Regards,

On Mon, Sep 25, 2023 at 4:59 PM Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:

> On Sun, 2023-09-24 at 11:14 +0200, Martin Jansa wrote:
> > Just FYI I think this change is now causing few more recipes to be
> mutually exclusive, when they build the same library (even when it's
> packaged in differently named package), in world builds I'm seeing e.g.
> libslirp and libslirp-virt (from meta-virtualization) causing packagedata
> failure for one of them (depending which one was built second):
> >
> > DEBUG: Staging files from
> TOPDIR/BUILD/work/raspberrypi4_64-oe-linux/libslirp-virt/4.6.1+git/pkgdata-pdata-input
> to TOPDIR/BUILD/pkgdata/raspberrypi4-64
> > ERROR: Recipe libslirp-virt is trying to install files into a shared
> area when those files already exist. The files and the manifests listing
> them are:
> >   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp-dev
> > (matched in manifest-raspberrypi4_64-libslirp.packagedata)
> >   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp0
> > (matched in manifest-raspberrypi4_64-libslirp.packagedata)
> >   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp-dbg
> > (matched in manifest-raspberrypi4_64-libslirp.packagedata)
> >   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp-src
> > (matched in manifest-raspberrypi4_64-libslirp.packagedata)
> > Please adjust the recipes so only one recipe provides a given file.
> > DEBUG: Python function sstate_task_postfunc finished
> >
> > Bruce is 4.6.1 version in meta-virtualization still needed or can you
> update to libslirp 4.7.0 from oe-core?
> > From the git log
> https://git.yoctoproject.org/meta-virtualization/log/recipes-networking/slirp
> it looks like it was originally imported from meta-retro and later renamed
> from libslirp to libslirt-virt until the oe-core version is validated in
> runtime.
> >
> > And I'm seeing the same with some internal recipes (e.g. we have
> faultmanager recipe which provides libfm - completely different from libfm
> from oe-core, just library name coincidence).
>
> I did look into this and it *is* a real issue/bug. The output will be
> non-deterministic depending upon which is built first. The issue would
> "corrupt" anything which is reading data from pkgdata related to the
> recipes in question.
>
> The error is therefore correct and we need to do something about this.
>
> Cheers,
>
> Richard
>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188197): 
https://lists.openembedded.org/g/openembedded-core/message/188197
Mute This Topic: https://lists.openembedded.org/mt/101475773/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 11/40] createrepo-c: upgrade 0.21.1 -> 1.0.0

[Khem Raj]

This fails with clang - https://errors.yoctoproject.org/Errors/Details/738194/
GCC perhaps reports it as warning only

On Fri, Sep 22, 2023 at 12:25 AM Alexander Kanavin
 wrote:
>
> Enable zstd in libsolv, as new createrepo_c is using that instead of
> zlib for repo metadata compression.
>
> Signed-off-by: Alexander Kanavin 
> ---
>  ...arser.c-add-a-missing-parameter-name.patch | 39 ---
>  ...repo-c_0.21.1.bb => createrepo-c_1.0.0.bb} |  3 +-
>  .../libsolv/libsolv_0.7.24.bb |  4 +-
>  3 files changed, 3 insertions(+), 43 deletions(-)
>  delete mode 100644 
> meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
>  rename meta/recipes-devtools/createrepo-c/{createrepo-c_0.21.1.bb => 
> createrepo-c_1.0.0.bb} (92%)
>
> diff --git 
> a/meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
>  
> b/meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
> deleted file mode 100644
> index 0d1c6b08fbc..000
> --- 
> a/meta/recipes-devtools/createrepo-c/createrepo-c/0001-src-cmd_parser.c-add-a-missing-parameter-name.patch
> +++ /dev/null
> @@ -1,39 +0,0 @@
> -From 970b901e1999f415da8bac205f526c808ddad0ba Mon Sep 17 00:00:00 2001
> -From: Alexander Kanavin 
> -Date: Mon, 8 May 2023 10:40:43 +0200
> -Subject: [PATCH] src/cmd_parser.c: add a missing parameter name
> -MIME-Version: 1.0
> -Content-Type: text/plain; charset=UTF-8
> -Content-Transfer-Encoding: 8bit
> -
> -This resolves the following error with older versions of gcc:
> -| 
> /srv/storage/alex/yocto/build-32/tmp/work/x86_64-linux/createrepo-c-native/0.21.1-r0/git/src/cmd_parser.c:
>  In function ‘duplicated_nevra_option_parser’:
> -| 
> /srv/storage/alex/yocto/build-32/tmp/work/x86_64-linux/createrepo-c-native/0.21.1-r0/git/src/cmd_parser.c:76:32:
>  error: parameter name omitted
> -|76 | duplicated_nevra_option_parser(const gchar *,
> -|   |^
> -| 
> /srv/storage/alex/yocto/build-32/tmp/work/x86_64-linux/createrepo-c-native/0.21.1-r0/git/src/cmd_parser.c:78:32:
>  error: parameter name omitted
> -|78 |gpointer,
> -|   |^~~~
> -
> -Upstream-Status: Submitted 
> [https://github.com/rpm-software-management/createrepo_c/pull/366]
> -Signed-off-by: Alexander Kanavin 
> 
> - src/cmd_parser.c | 4 ++--
> - 1 file changed, 2 insertions(+), 2 deletions(-)
> -
> -diff --git a/src/cmd_parser.c b/src/cmd_parser.c
> -index 97c9ea7..63af7ea 100644
>  a/src/cmd_parser.c
> -+++ b/src/cmd_parser.c
> -@@ -73,9 +73,9 @@ struct CmdOptions _cmd_options = {
> -
> -
> - gboolean
> --duplicated_nevra_option_parser(const gchar *,
> -+duplicated_nevra_option_parser(const gchar *option_name,
> -const gchar *value,
> --   gpointer,
> -+   gpointer data,
> -GError **error)
> - {
> - if (!g_strcmp0(value, "keep"))
> diff --git a/meta/recipes-devtools/createrepo-c/createrepo-c_0.21.1.bb 
> b/meta/recipes-devtools/createrepo-c/createrepo-c_1.0.0.bb
> similarity index 92%
> rename from meta/recipes-devtools/createrepo-c/createrepo-c_0.21.1.bb
> rename to meta/recipes-devtools/createrepo-c/createrepo-c_1.0.0.bb
> index 57f23b8dfdb..9b109327c8f 100644
> --- a/meta/recipes-devtools/createrepo-c/createrepo-c_0.21.1.bb
> +++ b/meta/recipes-devtools/createrepo-c/createrepo-c_1.0.0.bb
> @@ -7,11 +7,10 @@ LIC_FILES_CHKSUM = 
> "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
>  SRC_URI = 
> "git://github.com/rpm-software-management/createrepo_c;branch=master;protocol=https
>  \
> file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch 
> \
> file://0001-include-rpm-rpmstring.h.patch \
> -   file://0001-src-cmd_parser.c-add-a-missing-parameter-name.patch \
> file://time64fix.patch \
> "
>
> -SRCREV = "0652d7303ce236e596c83c29ccc9bee7868fce6e"
> +SRCREV = "0cc13920991b2fb8f87fb9d352bd3394c2983289"
>
>  S = "${WORKDIR}/git"
>
> diff --git a/meta/recipes-extended/libsolv/libsolv_0.7.24.bb 
> b/meta/recipes-extended/libsolv/libsolv_0.7.24.bb
> index 7c8f1fd372d..11825270147 100644
> --- a/meta/recipes-extended/libsolv/libsolv_0.7.24.bb
> +++ b/meta/recipes-extended/libsolv/libsolv_0.7.24.bb
> @@ -6,7 +6,7 @@ SECTION = "devel"
>  LICENSE = "BSD-3-Clause"
>  LIC_FILES_CHKSUM = "file://LICENSE.BSD;md5=62272bd11c97396d4aaf1c41bc11f7d8"
>
> -DEPENDS = "expat zlib"
> +DEPENDS = "expat zlib zstd"
>
>  SRC_URI = 
> "git://github.com/openSUSE/libsolv.git;branch=master;protocol=https \
> file://0001-utils-Conside-musl-when-wrapping-qsort_r.patch \
> @@ -23,7 +23,7 @@ inherit cmake
>  PACKAGECONFIG ??= 
> "${@bb.utils.contains('PACKAGE_CLASSES','package_rpm','rpm','',d)}"
>  

Re: [OE-core] [PATCH 25/40] meson: upgrade 1.1.1 -> 1.2.1

[Khem Raj]

gnupg failure seems related to this -
https://errors.yoctoproject.org/Errors/Details/738191/

On Fri, Sep 22, 2023 at 12:25 AM Alexander Kanavin
 wrote:
>
> Signed-off-by: Alexander Kanavin 
> ---
>  .../0001-Make-CPU-family-warnings-fatal.patch | 32 +--
>  .../meson/{meson_1.1.1.bb => meson_1.2.1.bb}  |  2 +-
>  2 files changed, 17 insertions(+), 17 deletions(-)
>  rename meta/recipes-devtools/meson/{meson_1.1.1.bb => meson_1.2.1.bb} (98%)
>
> diff --git 
> a/meta/recipes-devtools/meson/meson/0001-Make-CPU-family-warnings-fatal.patch 
> b/meta/recipes-devtools/meson/meson/0001-Make-CPU-family-warnings-fatal.patch
> index 848dccfbe72..8fbcb5a0a23 100644
> --- 
> a/meta/recipes-devtools/meson/meson/0001-Make-CPU-family-warnings-fatal.patch
> +++ 
> b/meta/recipes-devtools/meson/meson/0001-Make-CPU-family-warnings-fatal.patch
> @@ -1,4 +1,4 @@
> -From 6c4eef1d92e9e42fdbc888365cab3c95fb33c605 Mon Sep 17 00:00:00 2001
> +From fcd3260c03f313676720e6219c5953d412fb0a2c Mon Sep 17 00:00:00 2001
>  From: Ross Burton 
>  Date: Tue, 3 Jul 2018 13:59:09 +0100
>  Subject: [PATCH] Make CPU family warnings fatal
> @@ -7,15 +7,15 @@ Upstream-Status: Inappropriate [OE specific]
>  Signed-off-by: Ross Burton 
>
>  ---
> - mesonbuild/envconfig.py   | 2 +-
> - mesonbuild/environment.py | 4 +---
> - 2 files changed, 2 insertions(+), 4 deletions(-)
> + mesonbuild/envconfig.py   | 4 ++--
> + mesonbuild/environment.py | 6 ++
> + 2 files changed, 4 insertions(+), 6 deletions(-)
>
> -Index: meson-0.60.2/mesonbuild/envconfig.py
> -===
>  meson-0.60.2.orig/mesonbuild/envconfig.py
> -+++ meson-0.60.2/mesonbuild/envconfig.py
> -@@ -266,8 +266,8 @@ class MachineInfo(HoldableObject):
> +diff --git a/mesonbuild/envconfig.py b/mesonbuild/envconfig.py
> +index 7e0c567..a180065 100644
> +--- a/mesonbuild/envconfig.py
>  b/mesonbuild/envconfig.py
> +@@ -284,8 +284,8 @@ class MachineInfo(HoldableObject):
>   'but is missing {}.'.format(minimum_literal - set(literal)))
>
>   cpu_family = literal['cpu_family']
> @@ -26,13 +26,13 @@ Index: meson-0.60.2/mesonbuild/envconfig.py
>
>   endian = literal['endian']
>   if endian not in ('little', 'big'):
> -Index: meson-0.60.2/mesonbuild/environment.py
> -===
>  meson-0.60.2.orig/mesonbuild/environment.py
> -+++ meson-0.60.2/mesonbuild/environment.py
> -@@ -354,10 +354,8 @@ def detect_cpu_family(compilers: Compile
> - if any_compiler_has_define(compilers, '__64BIT__'):
> - trial = 'ppc64'
> +diff --git a/mesonbuild/environment.py b/mesonbuild/environment.py
> +index e212c7a..9d2bff3 100644
> +--- a/mesonbuild/environment.py
>  b/mesonbuild/environment.py
> +@@ -345,10 +345,8 @@ def detect_cpu_family(compilers: CompilersDict) -> str:
> + if compilers and not any_compiler_has_define(compilers, '__mips64'):
> + trial = 'mips'
>
>  -if trial not in known_cpu_families:
>  -mlog.warning(f'Unknown CPU family {trial!r}, please report this at '
> diff --git a/meta/recipes-devtools/meson/meson_1.1.1.bb 
> b/meta/recipes-devtools/meson/meson_1.2.1.bb
> similarity index 98%
> rename from meta/recipes-devtools/meson/meson_1.1.1.bb
> rename to meta/recipes-devtools/meson/meson_1.2.1.bb
> index dd97f93aef6..fe452662029 100644
> --- a/meta/recipes-devtools/meson/meson_1.1.1.bb
> +++ b/meta/recipes-devtools/meson/meson_1.2.1.bb
> @@ -15,7 +15,7 @@ SRC_URI = 
> "${GITHUB_BASE_URI}/download/${PV}/meson-${PV}.tar.gz \
> file://0001-Make-CPU-family-warnings-fatal.patch \
> file://0002-Support-building-allarch-recipes-again.patch \
> "
> -SRC_URI[sha256sum] = 
> "d04b541f97ca439fb82fab7d0d480988be4bd4e62563a5ca35fadb5400727b1c"
> +SRC_URI[sha256sum] = 
> "b1db3a153087549497ee52b1c938d2134e0338214fe14f7efd16fecd57b639f5"
>
>  inherit python_setuptools_build_meta github-releases
>
> --
> 2.30.2
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188195): 
https://lists.openembedded.org/g/openembedded-core/message/188195
Mute This Topic: https://lists.openembedded.org/mt/101516872/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [qa-build-notification] QA notification for completed autobuilder build (yocto-4.0.13.rc2)

[Jing Hui Tham]

Hi all,
 
Intel and WR YP QA is planning for QA execution for YP build yocto-4.0.13.rc2. 
We are planning to execute following tests for this cycle:
 
OEQA-manual tests for following module:
1. OE-Core
2. BSP-hw
 
Runtime auto test for following platforms:
1. MinnowBoard Turbot - 32bit
2. Kaby Lake (7th Generation Intel(r) Core(tm) Processors)
3. Tiger Lake (11th Generation Intel(r) Core(tm) Processors)
4. Alder Lake-S (12th Generation Intel(r) Core(tm) Processors)
5. Raptor Lake-P (13th Generation Intel(r) Core(tm) Processors)
6. Edgerouter
7. Beaglebone

 
ETA for completion 28/09/2023.
 
Best regards,
Jing Hui

> -Original Message-
> From: qa-build-notificat...@lists.yoctoproject.org  notificat...@lists.yoctoproject.org> On Behalf Of Pokybuild User
> Sent: Monday, September 25, 2023 2:49 PM
> To: yo...@lists.yoctoproject.org
> Cc: qa-build-notificat...@lists.yoctoproject.org
> Subject: [qa-build-notification] QA notification for completed autobuilder
> build (yocto-4.0.13.rc2)
> 
> 
> A build flagged for QA (yocto-4.0.13.rc2) was completed on the autobuilder
> and is available at:
> 
> 
> https://autobuilder.yocto.io/pub/releases/yocto-4.0.13.rc2
> 
> 
> Build hash information:
> 
> bitbake: 41b6684489d0261753344956042be2cc4adb0159
> meta-agl: 666f141563fd7fc12b7638479d5c0cd38dae5006
> meta-arm: b187fb9232ca0a6b5f8f90b4715958546fc41d73
> meta-aws: 60891e535ce219b3c473a89d8ae89cdba1d396f4
> meta-gplv2: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
> meta-intel: 1342bcdc5bfc6620737e7d195e7d9bd744348577
> meta-mingw: a90614a6498c3345704e9611f2842eb933dc51c1
> meta-openembedded: a88cb922f91fda95e8a584cee3092083d5ad3e98
> meta-virtualization: 2d8b3cba8ff27c9ec2187a52b6a551fe1dcfaa07
> oecore: d90e4d5e3cca9cffe8f60841afc63667a9ac39fa
> poky: e51bf557f596c4da38789a948a3228ba11455e3c
> 
> 
> 
> This is an automated message from the Yocto Project Autobuilder
> Git: git://git.yoctoproject.org/yocto-autobuilder2
> Email: richard.pur...@linuxfoundation.org
> 
> 
> 
> 
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188194): 
https://lists.openembedded.org/g/openembedded-core/message/188194
Mute This Topic: https://lists.openembedded.org/mt/101577692/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH v3 1/5] musl: Update to latest

[Alexandre Belloni via lists.openembedded.org]

Hello,

I had this with the series:

https://autobuilder.yoctoproject.org/typhoon/#/builders/64/builds/7848/steps/12/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/45/builds/7876/steps/12/logs/stdio

make[2]: Entering directory '/home/root/buildtest/cpio-2.13/rmt'
  CC   rmt.o
  CCLD rmt
/usr/lib/gcc/i686-poky-linux-musl/13.2.0/../../../../i686-poky-linux-musl/bin/ld:
 rmt.o: in function `parse_opt':
/home/root/buildtest/cpio-2.13/rmt/rmt.c:715:(.text+0x190): undefined reference 
to `error'
/usr/lib/gcc/i686-poky-linux-musl/13.2.0/../../../../i686-poky-linux-musl/bin/ld:
 rmt.o: in function `main':
/home/root/buildtest/cpio-2.13/rmt/rmt.c:780:(.text.startup+0x170): undefined 
reference to `error'
/usr/lib/gcc/i686-poky-linux-musl/13.2.0/../../../../i686-poky-linux-musl/bin/ld:
 /home/root/buildtest/cpio-2.13/rmt/rmt.c:783:(.text.startup+0x7af): undefined 
reference to `error'
collect2: error: ld returned 1 exit status
make[2]: Leaving directory '/home/root/buildtest/cpio-2.13/rmt'
make[2]: *** [Makefile:1221: rmt] Error 1
make[1]: *** [Makefile:1282: all-recursive] Error 1
make[1]: Leaving directory '/home/root/buildtest/cpio-2.13'
make: *** [Makefile:1222: all] Error 2



On 22/09/2023 14:05:04-0700, Khem Raj wrote:
> Brings following bug fixes
> 
> * 79bdacff glob: fix wrong return code when aborting before any matches
> * 7291c6c6 statvfs: allocate spare for f_type
> * 39e43f08 math: fix ld80 powl(x,huge) and powl(LDBL_MAX,small)
> * 6d101027 math: fix ld80 acoshl(x) for x < 0
> 
> Drop MIRRORS and switch to etalabs.net for git fetch URI
> original repo is not working correcting with git Fetcher
> 
> Signed-off-by: Khem Raj 
> ---
> v3: Update SRC_URI to fetchable location
> 
>  meta/recipes-core/musl/musl_git.bb | 8 ++--
>  1 file changed, 2 insertions(+), 6 deletions(-)
> 
> diff --git a/meta/recipes-core/musl/musl_git.bb 
> b/meta/recipes-core/musl/musl_git.bb
> index 4a4fe978f93..7dd949ffafd 100644
> --- a/meta/recipes-core/musl/musl_git.bb
> +++ b/meta/recipes-core/musl/musl_git.bb
> @@ -4,21 +4,17 @@
>  require musl.inc
>  inherit linuxloader
>  
> -SRCREV = "83b858f83b658bd34eca5d8ad4d145f673ae7e5e"
> +SRCREV = "79bdacff83a6bd5b70ff5ae5eb8b6de82c2f7c30"
>  
>  BASEVER = "1.2.4"
>  
>  PV = "${BASEVER}+git"
>  
> -# mirror is at git://github.com/kraj/musl.git
> -
> -SRC_URI = "git://git.musl-libc.org/git/musl.git;branch=master;protocol=https 
> \
> +SRC_URI = "git://git.etalabs.net/git/musl;branch=master;protocol=https \
> file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \
> 
> file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \
>"
>  
> -MIRRORS += "git://git.musl-libc.org/git/musl.git 
> git://github.com/kraj/musl.git"
> -
>  S = "${WORKDIR}/git"
>  
>  PROVIDES += "virtual/libc virtual/libiconv virtual/libintl virtual/crypt"
> -- 
> 2.42.0
> 

> 
> 
> 


-- 
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188193): 
https://lists.openembedded.org/g/openembedded-core/message/188193
Mute This Topic: https://lists.openembedded.org/mt/101529915/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 3/6] sstate: Stop allowing overlapping symlinks from sstate

[Richard Purdie]

On Sun, 2023-09-24 at 11:14 +0200, Martin Jansa wrote:
> Just FYI I think this change is now causing few more recipes to be mutually 
> exclusive, when they build the same library (even when it's packaged in 
> differently named package), in world builds I'm seeing e.g. libslirp and 
> libslirp-virt (from meta-virtualization) causing packagedata failure for one 
> of them (depending which one was built second):
> 
> DEBUG: Staging files from 
> TOPDIR/BUILD/work/raspberrypi4_64-oe-linux/libslirp-virt/4.6.1+git/pkgdata-pdata-input
>  to TOPDIR/BUILD/pkgdata/raspberrypi4-64
> ERROR: Recipe libslirp-virt is trying to install files into a shared area 
> when those files already exist. The files and the manifests listing them are:
>   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp-dev
>     (matched in manifest-raspberrypi4_64-libslirp.packagedata)
>   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp0
>     (matched in manifest-raspberrypi4_64-libslirp.packagedata)
>   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp-dbg
>     (matched in manifest-raspberrypi4_64-libslirp.packagedata)
>   TOPDIR/BUILD/pkgdata/raspberrypi4-64/runtime-reverse/libslirp-src
>     (matched in manifest-raspberrypi4_64-libslirp.packagedata)
> Please adjust the recipes so only one recipe provides a given file. 
> DEBUG: Python function sstate_task_postfunc finished
> 
> Bruce is 4.6.1 version in meta-virtualization still needed or can you update 
> to libslirp 4.7.0 from oe-core?
> From the git log 
> https://git.yoctoproject.org/meta-virtualization/log/recipes-networking/slirp 
> it looks like it was originally imported from meta-retro and later renamed 
> from libslirp to libslirt-virt until the oe-core version is validated in 
> runtime.
> 
> And I'm seeing the same with some internal recipes (e.g. we have faultmanager 
> recipe which provides libfm - completely different from libfm from oe-core, 
> just library name coincidence).

I did look into this and it *is* a real issue/bug. The output will be
non-deterministic depending upon which is built first. The issue would
"corrupt" anything which is reading data from pkgdata related to the
recipes in question.

The error is therefore correct and we need to do something about this.

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188192): 
https://lists.openembedded.org/g/openembedded-core/message/188192
Mute This Topic: https://lists.openembedded.org/mt/101475773/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [dunfell][PATCH v2] flac: fix CVE-2020-22219

[Michael Opdenacker via lists.openembedded.org]

From: Michael Opdenacker 

Buffer Overflow vulnerability in function bitwriter_grow_ in flac before
1.4.0 allows remote attackers to run arbitrary code via crafted input to
the encoder.

Signed-off-by: Meenali Gupta 
Signed-off-by: Michael Opdenacker 
Tested-by: Michael Opdenacker 

---
Changes in V2:
- include the patch this time!
---
 .../flac/files/CVE-2020-22219.patch   | 197 ++
 meta/recipes-multimedia/flac/flac_1.3.3.bb|   1 +
 2 files changed, 198 insertions(+)
 create mode 100644 meta/recipes-multimedia/flac/files/CVE-2020-22219.patch

diff --git a/meta/recipes-multimedia/flac/files/CVE-2020-22219.patch 
b/meta/recipes-multimedia/flac/files/CVE-2020-22219.patch
new file mode 100644
index 00..e042872dc0
--- /dev/null
+++ b/meta/recipes-multimedia/flac/files/CVE-2020-22219.patch
@@ -0,0 +1,197 @@
+From 579ff6922089cbbbd179619e40e622e279bd719f Mon Sep 17 00:00:00 2001
+From: Martijn van Beurden 
+Date: Wed, 3 Aug 2022 13:52:19 +0200
+Subject: [PATCH] flac: Add and use _nofree variants of safe_realloc functions
+
+Parts of the code use realloc like
+
+x = safe_realloc(x, somesize);
+
+when this is the case, the safe_realloc variant used must free the
+old memory block in case it fails, otherwise it will leak. However,
+there are also instances in the code where handling is different:
+
+if (0 == (x = safe_realloc(y, somesize)))
+return false
+
+in this case, y should not be freed, as y is not set to NULL we
+could encounter double frees. Here the safe_realloc_nofree
+functions are used.
+
+Upstream-Status: Backport 
[https://github.com/xiph/flac/commit/21fe95ee828b0b9b944f6aa0bb02d24fbb981815]
+CVE: CVE-2020-22219
+
+Signed-off-by: Meenali Gupta 
+---
+ include/share/alloc.h | 41 +++
+ src/flac/encode.c |  4 ++--
+ src/flac/foreign_metadata.c   |  2 +-
+ src/libFLAC/bitwriter.c   |  2 +-
+ src/libFLAC/metadata_object.c |  2 +-
+ src/plugin_common/tags.c  |  2 +-
+ src/share/utf8/iconvert.c |  2 +-
+ 7 files changed, 44 insertions(+), 11 deletions(-)
+
+diff --git a/include/share/alloc.h b/include/share/alloc.h
+index 914de9b..55bdd1d 100644
+--- a/include/share/alloc.h
 b/include/share/alloc.h
+@@ -161,17 +161,30 @@ static inline void *safe_realloc_(void *ptr, size_t size)
+   free(oldptr);
+   return newptr;
+ }
+-static inline void *safe_realloc_add_2op_(void *ptr, size_t size1, size_t 
size2)
++static inline void *safe_realloc_nofree_add_2op_(void *ptr, size_t size1, 
size_t size2)
++{
++  size2 += size1;
++  if(size2 < size1)
++  return 0;
++  return realloc(ptr, size2);
++}
++
++static inline void *safe_realloc_add_3op_(void *ptr, size_t size1, size_t 
size2, size_t size3)
+ {
+   size2 += size1;
+   if(size2 < size1) {
+   free(ptr);
+   return 0;
+   }
+-  return realloc(ptr, size2);
++  size3 += size2;
++  if(size3 < size2) {
++  free(ptr);
++  return 0;
++  }
++  return safe_realloc_(ptr, size3);
+ }
+
+-static inline void *safe_realloc_add_3op_(void *ptr, size_t size1, size_t 
size2, size_t size3)
++static inline void *safe_realloc_nofree_add_3op_(void *ptr, size_t size1, 
size_t size2, size_t size3)
+ {
+   size2 += size1;
+   if(size2 < size1)
+@@ -182,7 +195,7 @@ static inline void *safe_realloc_add_3op_(void *ptr, 
size_t size1, size_t size2,
+   return realloc(ptr, size3);
+ }
+
+-static inline void *safe_realloc_add_4op_(void *ptr, size_t size1, size_t 
size2, size_t size3, size_t size4)
++static inline void *safe_realloc_nofree_add_4op_(void *ptr, size_t size1, 
size_t size2, size_t size3, size_t size4)
+ {
+   size2 += size1;
+   if(size2 < size1)
+@@ -205,6 +218,15 @@ static inline void *safe_realloc_mul_2op_(void *ptr, 
size_t size1, size_t size2)
+   return safe_realloc_(ptr, size1*size2);
+ }
+
++static inline void *safe_realloc_nofree_mul_2op_(void *ptr, size_t size1, 
size_t size2)
++{
++  if(!size1 || !size2)
++  return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) 
semantics */
++  if(size1 > SIZE_MAX / size2)
++  return 0;
++  return realloc(ptr, size1*size2);
++}
++
+ /* size1 * (size2 + size3) */
+ static inline void *safe_realloc_muladd2_(void *ptr, size_t size1, size_t 
size2, size_t size3)
+ {
+@@ -216,4 +238,15 @@ static inline void *safe_realloc_muladd2_(void *ptr, 
size_t size1, size_t size2,
+   return safe_realloc_mul_2op_(ptr, size1, size2);
+ }
+
++/* size1 * (size2 + size3) */
++static inline void *safe_realloc_nofree_muladd2_(void *ptr, size_t size1, 
size_t size2, size_t size3)
++{
++  if(!size1 || (!size2 && !size3))
++  return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) 
semantics */
++  size2 += size3;
++  if(size2 < size3)
++  return 0;
++  return safe_realloc_nofree_mul_2op_(ptr, size1, size2);
++}
++
+ #endif
+diff 

Re: [OE-core] [PATCH] create-spdx: Ensure it is clear where the message comes from

[Bruce Ashfield]

On Mon, Sep 25, 2023 at 9:29 AM Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:

> This message can appear in do_rootfs and the users tend to think this is
> some kind of packaging issue. Add SPDX to the message so users like me
> think in the right direction.
>

This user definitely did!

Although hard to trigger, I know this will save a poor soul some time if
they do manage to hit the condition.

Bruce



>
> Signed-off-by: Richard Purdie 
> ---
>  meta/classes/create-spdx-2.2.bbclass | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/classes/create-spdx-2.2.bbclass
> b/meta/classes/create-spdx-2.2.bbclass
> index 885f07a1f87..3ee1b7ee0d8 100644
> --- a/meta/classes/create-spdx-2.2.bbclass
> +++ b/meta/classes/create-spdx-2.2.bbclass
> @@ -1031,7 +1031,7 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir,
> rootfs_spdxid, packages, spdx
>
>  for name in sorted(packages.keys()):
>  if name not in providers:
> -bb.fatal("Unable to find provider for '%s'" % name)
> +bb.fatal("Unable to find SPDX provider for '%s'" % name)
>
>  pkg_name, pkg_hashfn = providers[name]
>
> --
> 2.39.2
>
>
> 
>
>

-- 
- Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end
- "Use the force Harry" - Gandalf, Star Trek II

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188190): 
https://lists.openembedded.org/g/openembedded-core/message/188190
Mute This Topic: https://lists.openembedded.org/mt/101573796/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] create-spdx: Ensure it is clear where the message comes from

[Richard Purdie]

This message can appear in do_rootfs and the users tend to think this is
some kind of packaging issue. Add SPDX to the message so users like me
think in the right direction.

Signed-off-by: Richard Purdie 
---
 meta/classes/create-spdx-2.2.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/create-spdx-2.2.bbclass 
b/meta/classes/create-spdx-2.2.bbclass
index 885f07a1f87..3ee1b7ee0d8 100644
--- a/meta/classes/create-spdx-2.2.bbclass
+++ b/meta/classes/create-spdx-2.2.bbclass
@@ -1031,7 +1031,7 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, 
rootfs_spdxid, packages, spdx
 
 for name in sorted(packages.keys()):
 if name not in providers:
-bb.fatal("Unable to find provider for '%s'" % name)
+bb.fatal("Unable to find SPDX provider for '%s'" % name)
 
 pkg_name, pkg_hashfn = providers[name]
 
-- 
2.39.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188189): 
https://lists.openembedded.org/g/openembedded-core/message/188189
Mute This Topic: https://lists.openembedded.org/mt/101573796/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][mickledore][PATCH 1/1] python3-git: upgrade 3.1.32 -> 3.1.37

[Narpat Mali via lists.openembedded.org]

From: Narpat Mali 

The delta between 3.1.32 & 3.1.37 contains the CVE-2023-40590 and
CVE-2023-41040 fixes and other bugfixes.

Changelog:
==
- WIP Quick doc by @LeoDaCoda in #1608
- Partial clean up wrt mypy and black by @bodograumann in #1617
- Disable merge_includes in config writers by @bodograumann in #1618
- feat: full typing for "progress" parameter in Repo class by @madebylydia in 
#1634
- Fix CVE-2023-40590 by @EliahKagan in #1636
- #1566 Creating a lock now uses python built-in "open()" method to work arou… 
by @HageMaster3108 in #1619
- util: close lockfile after opening successfully by @skshetry in #1639
- Bump actions/checkout from 3 to 4 by @dependabot in #1643
- Fix 'Tree' object has no attribute '_name' when submodule path is normal path 
by @CosmosAtlas in #1645
- Fix CVE-2023-41040 by @facutuesca in #1644
- Only make config more permissive in tests that need it by @EliahKagan in #1648
- Added test for PR #1645 submodule path by @CosmosAtlas in #1647
- Fix Windows environment variable upcasing bug by @EliahKagan in #1650
- Improve Python version and OS compatibility, fixing deprecations by 
@EliahKagan in #1654
- Better document env_case test/fixture and cwd by @EliahKagan in #1657
- Remove spurious executable permissions by @EliahKagan in #1658
- Fix up checks in Makefile and make them portable by @EliahKagan in #1661
- Fix URLs that were redirecting to another license by @EliahKagan in #1662
- Assorted small fixes/improvements to root dir docs by @EliahKagan in #1663
- Use venv instead of virtualenv in test_installation by @EliahKagan in #1664
- Omit py_modules in setup by @EliahKagan in #1665
- Don't track code coverage temporary files by @EliahKagan in #1666
- Configure tox by @EliahKagan in #1667
- Format tests with black and auto-exclude untracked paths by @EliahKagan in 
#1668
- Upgrade and broaden flake8, fixing style problems and bugs by @EliahKagan in 
#1673
- Fix rollback bug in SymbolicReference.set_reference by @EliahKagan in #1675
- Remove @NoEffect annotations by @EliahKagan in #1677
- Add more checks for the validity of refnames by @facutuesca in #1672

Note that the changes to the license file are just removal of excess whitespace
(the extra blank line at the end, and spaces appearing at the end of lines).

References:
https://github.com/gitpython-developers/GitPython/releases
https://github.com/gitpython-developers/GitPython/blob/main/doc/source/changes.rst
https://github.com/gitpython-developers/GitPython/commit/e1af18377fd69f9c1007f8abf6ccb95b3c5a6558

Signed-off-by: Narpat Mali 
---
 .../python/{python3-git_3.1.32.bb => python3-git_3.1.37.bb}   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-devtools/python/{python3-git_3.1.32.bb => 
python3-git_3.1.37.bb} (86%)

diff --git a/meta/recipes-devtools/python/python3-git_3.1.32.bb 
b/meta/recipes-devtools/python/python3-git_3.1.37.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-git_3.1.32.bb
rename to meta/recipes-devtools/python/python3-git_3.1.37.bb
index f217577eb8..56a335a79e 100644
--- a/meta/recipes-devtools/python/python3-git_3.1.32.bb
+++ b/meta/recipes-devtools/python/python3-git_3.1.37.bb
@@ -6,13 +6,13 @@ access with big-files support."
 HOMEPAGE = "http://github.com/gitpython-developers/GitPython;
 SECTION = "devel/python"
 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=8b8d26c37c1d5a04f9b0186edbebc183"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=5279a7ab369ba336989dcf2a107e5c8e"
 
 PYPI_PACKAGE = "GitPython"
 
 inherit pypi python_setuptools_build_meta
 
-SRC_URI[sha256sum] = 
"8d9b8cb1e80b9735e8717c9362079d3ce4c6e5ddeebedd0361b228c3a67a62f6"
+SRC_URI[sha256sum] = 
"f9b9ddc0761c125d5780eab2d64be4873fc6817c2899cbcb34b02344bdc7bc54"
 
 DEPENDS += " ${PYTHON_PN}-gitdb"
 
-- 
2.40.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188188): 
https://lists.openembedded.org/g/openembedded-core/message/188188
Mute This Topic: https://lists.openembedded.org/mt/101573792/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone][PATCH 1/1] python3-git: upgrade 3.1.32 -> 3.1.37

[Narpat Mali via lists.openembedded.org]

From: Narpat Mali 

The delta between 3.1.32 & 3.1.37 contains the CVE-2023-40590 and
CVE-2023-41040 fixes and other bugfixes.

Changelog:
==
- WIP Quick doc by @LeoDaCoda in #1608
- Partial clean up wrt mypy and black by @bodograumann in #1617
- Disable merge_includes in config writers by @bodograumann in #1618
- feat: full typing for "progress" parameter in Repo class by @madebylydia in 
#1634
- Fix CVE-2023-40590 by @EliahKagan in #1636
- #1566 Creating a lock now uses python built-in "open()" method to work arou… 
by @HageMaster3108 in #1619
- util: close lockfile after opening successfully by @skshetry in #1639
- Bump actions/checkout from 3 to 4 by @dependabot in #1643
- Fix 'Tree' object has no attribute '_name' when submodule path is normal path 
by @CosmosAtlas in #1645
- Fix CVE-2023-41040 by @facutuesca in #1644
- Only make config more permissive in tests that need it by @EliahKagan in #1648
- Added test for PR #1645 submodule path by @CosmosAtlas in #1647
- Fix Windows environment variable upcasing bug by @EliahKagan in #1650
- Improve Python version and OS compatibility, fixing deprecations by 
@EliahKagan in #1654
- Better document env_case test/fixture and cwd by @EliahKagan in #1657
- Remove spurious executable permissions by @EliahKagan in #1658
- Fix up checks in Makefile and make them portable by @EliahKagan in #1661
- Fix URLs that were redirecting to another license by @EliahKagan in #1662
- Assorted small fixes/improvements to root dir docs by @EliahKagan in #1663
- Use venv instead of virtualenv in test_installation by @EliahKagan in #1664
- Omit py_modules in setup by @EliahKagan in #1665
- Don't track code coverage temporary files by @EliahKagan in #1666
- Configure tox by @EliahKagan in #1667
- Format tests with black and auto-exclude untracked paths by @EliahKagan in 
#1668
- Upgrade and broaden flake8, fixing style problems and bugs by @EliahKagan in 
#1673
- Fix rollback bug in SymbolicReference.set_reference by @EliahKagan in #1675
- Remove @NoEffect annotations by @EliahKagan in #1677
- Add more checks for the validity of refnames by @facutuesca in #1672

Note that the changes to the license file are just removal of excess whitespace
(the extra blank line at the end, and spaces appearing at the end of lines).

References:
https://github.com/gitpython-developers/GitPython/releases
https://github.com/gitpython-developers/GitPython/blob/main/doc/source/changes.rst
https://github.com/gitpython-developers/GitPython/commit/e1af18377fd69f9c1007f8abf6ccb95b3c5a6558

Signed-off-by: Narpat Mali 
---
 .../python/{python3-git_3.1.32.bb => python3-git_3.1.37.bb}   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-devtools/python/{python3-git_3.1.32.bb => 
python3-git_3.1.37.bb} (86%)

diff --git a/meta/recipes-devtools/python/python3-git_3.1.32.bb 
b/meta/recipes-devtools/python/python3-git_3.1.37.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-git_3.1.32.bb
rename to meta/recipes-devtools/python/python3-git_3.1.37.bb
index f217577eb8..56a335a79e 100644
--- a/meta/recipes-devtools/python/python3-git_3.1.32.bb
+++ b/meta/recipes-devtools/python/python3-git_3.1.37.bb
@@ -6,13 +6,13 @@ access with big-files support."
 HOMEPAGE = "http://github.com/gitpython-developers/GitPython;
 SECTION = "devel/python"
 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=8b8d26c37c1d5a04f9b0186edbebc183"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=5279a7ab369ba336989dcf2a107e5c8e"
 
 PYPI_PACKAGE = "GitPython"
 
 inherit pypi python_setuptools_build_meta
 
-SRC_URI[sha256sum] = 
"8d9b8cb1e80b9735e8717c9362079d3ce4c6e5ddeebedd0361b228c3a67a62f6"
+SRC_URI[sha256sum] = 
"f9b9ddc0761c125d5780eab2d64be4873fc6817c2899cbcb34b02344bdc7bc54"
 
 DEPENDS += " ${PYTHON_PN}-gitdb"
 
-- 
2.40.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188187): 
https://lists.openembedded.org/g/openembedded-core/message/188187
Mute This Topic: https://lists.openembedded.org/mt/101572154/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] webkitgtk: reduce size of -dbg package

[Alexander Kanavin]

Thanks! What's the next biggest offender?

Alex

On Mon, 25 Sept 2023 at 13:35, Ross Burton  wrote:
>
> From: Ross Burton 
>
> Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of
> the debug symbols (4.3GB to 700M at time of writing):
>
>   Level 1 produces minimal information, enough for making backtraces in
>   parts of the program that you don't plan to debug. This includes
>   descriptions of functions and external variables, and line number
>   tables, but no information about local variables.
>
> This makes the sstate objects a lot more manageable, and packaging
> faster.  On my machine:
>
>   PKG  TASK ABSDIFF  RELDIFF  WALLTIME1 -> WALLTIME2
>   webkitgtkdo_compile   -613.8s   -21.7%2823.3s -> 2209.5s
>   webkitgtkdo_package   -143.4s   -53.6% 267.7s -> 124.3s
>   webkitgtkdo_install-93.7s   -60.1% 156.0s -> 62.3s
>   webkitgtkdo_populate_sysroot   -51.6s   -86.4%  59.7s -> 8.1s
>
> Cumulative walltime:
>   -892.9s-26.5%56:06.3 (3366.3s) -> 41:13.4 (2473.4s)
>
> Signed-off-by: Ross Burton 
> ---
>  meta/recipes-sato/webkit/webkitgtk_2.40.5.bb | 4 
>  1 file changed, 4 insertions(+)
>
> diff --git a/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb 
> b/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
> index a0c97aa593c..0c54f202ca5 100644
> --- a/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
> +++ b/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
> @@ -87,6 +87,10 @@ EXTRA_OECMAKE = " \
>   -DUSE_GTK4=ON \
>   "
>
> +# Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of the
> +# debug symbols (4.3GB to 700M at time of writing)
> +DEBUG_FLAGS:append = "${@oe.utils.vartrue('DEBUG_BUILD', '', ' -g1', d)}"
> +
>  # Javascript JIT is not supported on ARC
>  EXTRA_OECMAKE:append:arc = " -DENABLE_JIT=OFF "
>  # By default 25-bit "medium" calls are used on ARC
> --
> 2.34.1
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188186): 
https://lists.openembedded.org/g/openembedded-core/message/188186
Mute This Topic: https://lists.openembedded.org/mt/101571944/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] webkitgtk: reduce size of -dbg package

[Ross Burton]

From: Ross Burton 

Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of
the debug symbols (4.3GB to 700M at time of writing):

  Level 1 produces minimal information, enough for making backtraces in
  parts of the program that you don't plan to debug. This includes
  descriptions of functions and external variables, and line number
  tables, but no information about local variables.

This makes the sstate objects a lot more manageable, and packaging
faster.  On my machine:

  PKG  TASK ABSDIFF  RELDIFF  WALLTIME1 -> WALLTIME2
  webkitgtkdo_compile   -613.8s   -21.7%2823.3s -> 2209.5s
  webkitgtkdo_package   -143.4s   -53.6% 267.7s -> 124.3s
  webkitgtkdo_install-93.7s   -60.1% 156.0s -> 62.3s
  webkitgtkdo_populate_sysroot   -51.6s   -86.4%  59.7s -> 8.1s

Cumulative walltime:
  -892.9s-26.5%56:06.3 (3366.3s) -> 41:13.4 (2473.4s)

Signed-off-by: Ross Burton 
---
 meta/recipes-sato/webkit/webkitgtk_2.40.5.bb | 4 
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb 
b/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
index a0c97aa593c..0c54f202ca5 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.40.5.bb
@@ -87,6 +87,10 @@ EXTRA_OECMAKE = " \
  -DUSE_GTK4=ON \
  "
 
+# Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of the
+# debug symbols (4.3GB to 700M at time of writing)
+DEBUG_FLAGS:append = "${@oe.utils.vartrue('DEBUG_BUILD', '', ' -g1', d)}"
+
 # Javascript JIT is not supported on ARC
 EXTRA_OECMAKE:append:arc = " -DENABLE_JIT=OFF "
 # By default 25-bit "medium" calls are used on ARC
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188185): 
https://lists.openembedded.org/g/openembedded-core/message/188185
Mute This Topic: https://lists.openembedded.org/mt/101571944/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] bind: update to 9.18.19

[Lee Chee Yang]

From: Lee Chee Yang 

release notes:
https://downloads.isc.org/isc/bind9/9.18.19/doc/arm/html/notes.html#notes-for-bind-9-18-19

Security Fixes

Previously, sending a specially crafted message over the control channel
could cause the packet-parsing code to run out of available stack
memory, causing named to terminate unexpectedly. This has been fixed.
(CVE-2023-3341)

ISC would like to thank Eric Sesterhenn from X41 D-Sec GmbH for bringing
this vulnerability to our attention. [GL #4152]

A flaw in the networking code handling DNS-over-TLS queries could cause
named to terminate unexpectedly due to an assertion failure under
significant DNS-over-TLS query load. This has been fixed.
(CVE-2023-4236)

ISC would like to thank Robert Story from USC/ISI Root Server Operations
for bringing this vulnerability to our attention. [GL #4242]

Removed Features

The dnssec-must-be-secure option has been deprecated and will be removed
in a future release. [GL #4263]

Feature Changes

If the server command is specified, nsupdate now honors the nsupdate -v
option for SOA queries by sending both the UPDATE request and the
initial query over TCP. [GL #1181]

Bug Fixes

The value of the If-Modified-Since header in the statistics channel was
not being correctly validated for its length, potentially allowing an
authorized user to trigger a buffer overflow. Ensuring the statistics
channel is configured correctly to grant access exclusively to
authorized users is essential (see the statistics-channels block
definition and usage section). [GL #4124]

This issue was reported independently by Eric Sesterhenn of X41 D-Sec
GmbH and Cameron Whitehead.

The Content-Length header in the statistics channel was lacking proper
bounds checking. A negative or excessively large value could potentially
trigger an integer overflow and result in an assertion failure. [GL

This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.

Several memory leaks caused by not clearing the OpenSSL error stack were
fixed. [GL #4159]

This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.

The introduction of krb5-subdomain-self-rhs and ms-subdomain-self-rhs
UPDATE policies accidentally caused named to return SERVFAIL responses
to deletion requests for non-existent PTR and SRV records. This has been
fixed. [GL #4280]

The stale-refresh-time feature was mistakenly disabled when the server
cache was flushed by rndc flush. This has been fixed. [GL #4278]

BIND’s memory consumption has been improved by implementing dedicated
jemalloc memory arenas for sending buffers. This optimization ensures
that memory usage is more efficient and better manages the return of
memory pages to the operating system. [GL #4038]

Previously, partial writes in the TLS DNS code were not accounted for
correctly, which could have led to DNS message corruption. This has been
fixed. [GL #4255]

Known Issues

There are no new known issues with this release. See above for a list of
all known issues affecting this BIND 9 branch.

Signed-off-by: Lee Chee Yang 
---
 .../bind/{bind_9.18.18.bb => bind_9.18.19.bb}   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/bind/{bind_9.18.18.bb => bind_9.18.19.bb} 
(97%)

diff --git a/meta/recipes-connectivity/bind/bind_9.18.18.bb 
b/meta/recipes-connectivity/bind/bind_9.18.19.bb
similarity index 97%
rename from meta/recipes-connectivity/bind/bind_9.18.18.bb
rename to meta/recipes-connectivity/bind/bind_9.18.19.bb
index e74e685fe8..8124c5c591 100644
--- a/meta/recipes-connectivity/bind/bind_9.18.18.bb
+++ b/meta/recipes-connectivity/bind/bind_9.18.19.bb
@@ -20,7 +20,7 @@ SRC_URI = 
"https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
file://0001-avoid-start-failure-with-bind-user.patch \
"
 
-SRC_URI[sha256sum] = 
"d735cdc127a6c5709bde475b5bf16fa2133f36fdba202f7c3c37d134e5192160"
+SRC_URI[sha256sum] = 
"115e09c05439bebade1d272eda08fa88eb3b60129edef690588c87a4d27612cc"
 
 UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/;
 # follow the ESV versions divisible by 2
-- 
2.37.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188184): 
https://lists.openembedded.org/g/openembedded-core/message/188184
Mute This Topic: https://lists.openembedded.org/mt/101571725/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [yocto] Security processes: YP needs

[Reyna, David via lists.openembedded.org]

Hi Marta,

* SRTool: We might decide to use it again. It allows one to do much but 
requires constant commitment.

There are many ways to use the SRTool. 
  (a)  The original design was to perform 100% triage of incoming CVEs. This 
was a business requirement of Wind River, and we have used the SRTool 
successfully for 4-5 year now.
  (b)  The main limitation with the SRTool for Yocto Project was the lack of 
integration with Bugzilla (Ross ran out of time)
 * This is the crucial other half of the workflow
 * There is the automatic creation of appropriate defect records for 
investigation
 * There is also the automatic tracking of the overall CVE status, both 
CVEs in progress and the CVEs completed
 * Wind River has an extension for full integration with Jira, and that 
saves weeks of work for the CVE management
  (c) The guiding rule was that CVE management was in the SRTool, but specific 
defect work was also done in Jira/Bugzilla, for a clean separate of domains
  (d)  The SRTool has a user model
 * Together with Bugzilla, it is easy to track single people and even 
multiple people working on CVEs
  (e) The SRTool also has the built-on ability to look up the CVE status from 
other distributions (Red Hat, Debian, ...) so that one can get a peek of 
existing triages and resolutions
  (f) The SRTool is build like Toaster on top of Django, so development and 
debugging skills for Toaster immediate apply
  (g) Also with the Django base, it is very simple to add any number of modular 
extensions to support for example CVE Scanner integration
  (h) The SRTool also has report generation (in text, CSV, and Excel) in 
addition to email notification support.
  (i) There is also a "private" model for CVEs under embargo, with strict 
access control lists.

PROPOSAL 1: If the full triage is too much to bite off to start with, perhaps 
using it to track and coordinate work will bring immediate benefit.

PROPOSAL 2: I am happy to give you a live demo of Wind River's fully 
operational SRTool, so you can see all of the bells and whistles in action. I 
am available pretty much anytime between 10:00 am Pacific to 2:00 am Pacific.

PROPOSAL 3: I will start refreshing the YP SRTool repository with my current 
implementation level from Wind River (with the Wind River specific modules left 
out of course :-)

David

BTW, I also support an extension to the SRTool that manages CVE scanning of 
build images, with hooks to a  number existing CVE scanners (e.g. Trivy) in 
addition to other vulnerability metrics. This is probably out of scope to YP at 
this time, but it is perhaps something to grow in to.

-Original Message-
From: yo...@lists.yoctoproject.org  On Behalf Of 
Marta Rybczynska via lists.yoctoproject.org
Sent: Wednesday, September 13, 2023 4:52 AM
To: yocto-secur...@lists.yoctoproject.org; OE-core 
; 
openembedded-architect...@lists.openembedded.org; yo...@lists.yoctoproject.org
Cc: Richard Purdie ; Steve Sakoman 
; Khem Raj ; 
mark.ha...@kernel.crashing.org; Ross Burton ; Joshua Watt 

Subject: [yocto] Security processes: YP needs

Hello,
I've been working recently on collecting what works and what doesn't
in YP security processes. The goal is to go forward and define an
actionable strategy!

Today, I'd like to share with you the summary of what I have heard as
needs from several people (those in Cc:).

I want the community to comment and tell us what you find important
and what you'd like to see added or changed from this list.

* CVEs: Visibility if YP is vulnerable or not

People want to be able to check/look up a specific CVE; it might be a
CVE unrelated to YP
(eg. package not included, Windows issue). The cve-checker result is a
part of the solution, but people also want to know which CVEs do not
apply.

* CVEs: synchronization of the work on fixes

Currently, there is no synchronization; multiple parties might be
working on the same fix while nobody is working on another. There
might be duplication of work.
Ross has https://wiki.yoctoproject.org/wiki/CVE_Status

* Triaging of security issues

Related to CVE fixes and includes issues reported directly to the YP.
Some issues are more likely to be serious for embedded products
(attack by network), so not all has the same priority.

* Private security communication

A way to send a notification of a non-public security issue. For
researchers, other projects etc.
The security alias exists, but only some people know about its existence.

* Visibility of the security work of the YP

There is much work on security in the YP, but it lacks visibility.

* Documentation

Related to visibility. We need easy-to-find documentation of subjects
like submitting a CVE fix,
reporting a private issue, and how our processes work... This
documentation should address people who are not regular contributors.

* Additional tooling

We could add additional tooling: a template on how to add cve-check to
the CI (possibly
a different one than the autobuilder), 

[OE-core] [PATCH] groff: fix another build race via backport

[Alexander Kanavin]

Signed-off-by: Alexander Kanavin 
---
 ...1-build-meintro_fr.ps-depends-on-tbl.patch | 31 +++
 meta/recipes-extended/groff/groff_1.23.0.bb   |  1 +
 2 files changed, 32 insertions(+)
 create mode 100644 
meta/recipes-extended/groff/files/0001-build-meintro_fr.ps-depends-on-tbl.patch

diff --git 
a/meta/recipes-extended/groff/files/0001-build-meintro_fr.ps-depends-on-tbl.patch
 
b/meta/recipes-extended/groff/files/0001-build-meintro_fr.ps-depends-on-tbl.patch
new file mode 100644
index 000..3e81b86ac8e
--- /dev/null
+++ 
b/meta/recipes-extended/groff/files/0001-build-meintro_fr.ps-depends-on-tbl.patch
@@ -0,0 +1,31 @@
+From f21e9f13beb57a1e0666edf9693d7c83f2189897 Mon Sep 17 00:00:00 2001
+From: "G. Branden Robinson" 
+Date: Fri, 22 Sep 2023 01:27:57 -0500
+Subject: [PATCH] [build]: meintro_fr.ps depends on tbl.
+
+* doc/doc.am (doc/meintro_fr.ps): Depend on tbl, resolving race in
+  sufficiently parallelized builds.  Overlooked in commit 92349ae223,
+  2022-05-30.
+
+Fixes .  Thanks to Alexander
+Kanavin for the report.
+
+Upstream-Status: Backport
+Signed-off-by: Alexander Kanavin 
+---
+ doc/doc.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/doc.am b/doc/doc.am
+index d3c9ab6b7..0f95c7774 100644
+--- a/doc/doc.am
 b/doc/doc.am
+@@ -334,7 +334,7 @@ SUFFIXES += .me.in .me
+ 
+ # Use '-K utf8', not '-k', in case 'configure' didn't find uchardet.
+ # The French translation uses tbl; its English counterpart does not.
+-doc/meintro_fr.ps: doc/meintro_fr.me preconv
++doc/meintro_fr.ps: doc/meintro_fr.me preconv tbl
+   $(GROFF_V)$(MKDIR_P) `dirname $@` \
+   && $(DOC_GROFF) -K utf8 -t -Tps -me -mfr $< >$@
+ 
diff --git a/meta/recipes-extended/groff/groff_1.23.0.bb 
b/meta/recipes-extended/groff/groff_1.23.0.bb
index 370817c9f27..0fc4f831d8f 100644
--- a/meta/recipes-extended/groff/groff_1.23.0.bb
+++ b/meta/recipes-extended/groff/groff_1.23.0.bb
@@ -11,6 +11,7 @@ SRC_URI = "${GNU_MIRROR}/groff/groff-${PV}.tar.gz \
file://groff-not-search-fonts-on-build-host.patch \
file://0001-Make-manpages-mulitlib-identical.patch \
file://0001-build-Fix-Savannah-64681-webpage.ps-deps.patch \
+   file://0001-build-meintro_fr.ps-depends-on-tbl.patch \
"
 
 SRC_URI[sha256sum] = 
"6b9757f592b7518b4902eb6af7e54570bdccba37a871fddb2d30ae3863511c13"
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188182): 
https://lists.openembedded.org/g/openembedded-core/message/188182
Mute This Topic: https://lists.openembedded.org/mt/101570612/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell][PATCH] go: Backport fix for CVE-2022-41725 and CVE-2023-24536

[Vijay Anusuri via lists.openembedded.org]

From: Vijay Anusuri 

Upstream-commit:
https://github.com/golang/go/commit/874b3132a84cf76da6a48978826c04c380a37a50
&
https://github.com/golang/go/commit/4e5a313524da62600eb59dbf98624cfe946456f8
&
https://github.com/golang/go/commit/5246fa5e75b129a7dbd9722aa4de0cbaf7ceae43
&
https://github.com/golang/go/commit/5c55ac9bf1e5f779220294c843526536605f42ab
&
https://github.com/golang/go/commit/ef41a4e2face45e580c5836eaebd51629fc23f15
&
https://github.com/golang/go/commit/7a359a651c7ebdb29e0a1c03102fce793e9f58f0
&
https://github.com/golang/go/commit/7917b5f31204528ea72e0629f0b7d52b35b27538

Signed-off-by: Vijay Anusuri 
---
 meta/recipes-devtools/go/go-1.14.inc  |   7 +
 .../go/go-1.14/CVE-2022-41725-pre1.patch  |  85 +++
 .../go/go-1.14/CVE-2022-41725-pre2.patch  |  97 +++
 .../go/go-1.14/CVE-2022-41725-pre3.patch  |  98 +++
 .../go/go-1.14/CVE-2022-41725.patch   | 660 ++
 .../go/go-1.14/CVE-2023-24536_1.patch | 134 
 .../go/go-1.14/CVE-2023-24536_2.patch | 184 +
 .../go/go-1.14/CVE-2023-24536_3.patch | 349 +
 8 files changed, 1614 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre2.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre3.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41725.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24536_1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24536_2.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24536_3.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc 
b/meta/recipes-devtools/go/go-1.14.inc
index 20377e095b..784b502f46 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -70,6 +70,13 @@ SRC_URI += "\
 file://CVE-2023-29400.patch \
 file://CVE-2023-29406.patch \
 file://CVE-2023-29409.patch \
+file://CVE-2022-41725-pre1.patch \
+file://CVE-2022-41725-pre2.patch \
+file://CVE-2022-41725-pre3.patch \
+file://CVE-2022-41725.patch \
+file://CVE-2023-24536_1.patch \
+file://CVE-2023-24536_2.patch \
+file://CVE-2023-24536_3.patch \
 "
 
 SRC_URI_append_libc-musl = " 
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch 
b/meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch
new file mode 100644
index 00..37ebc41947
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch
@@ -0,0 +1,85 @@
+From 874b3132a84cf76da6a48978826c04c380a37a50 Mon Sep 17 00:00:00 2001
+From: avivklas 
+Date: Fri, 7 Aug 2020 21:50:12 +0300
+Subject: [PATCH] mime/multipart: return overflow errors in Reader.ReadForm
+
+Updates Reader.ReadForm to check for overflow errors that may
+result from a leeway addition of 10MiB to the input argument
+maxMemory.
+
+Fixes #40430
+
+Change-Id: I510b8966c95c51d04695ba9d08fcfe005fd11a5d
+Reviewed-on: https://go-review.googlesource.com/c/go/+/247477
+Run-TryBot: Emmanuel Odeke 
+Trust: Cuong Manh Le 
+Trust: Emmanuel Odeke 
+TryBot-Result: Go Bot 
+Reviewed-by: Emmanuel Odeke 
+
+Upstream-Status: Backport 
[https://github.com/golang/go/commit/874b3132a84cf76da6a48978826c04c380a37a50]
+CVE: CVE-2022-41725 #Dependency Patch1
+Signed-off-by: Vijay Anusuri 
+---
+ src/mime/multipart/formdata.go  |  4 
+ src/mime/multipart/formdata_test.go | 18 ++
+ 2 files changed, 22 insertions(+)
+
+diff --git a/src/mime/multipart/formdata.go b/src/mime/multipart/formdata.go
+index 832d0ad693666..4eb31012941ac 100644
+--- a/src/mime/multipart/formdata.go
 b/src/mime/multipart/formdata.go
+@@ -7,6 +7,7 @@ package multipart
+ import (
+   "bytes"
+   "errors"
++  "fmt"
+   "io"
+   "io/ioutil"
+   "net/textproto"
+@@ -41,6 +42,9 @@ func (r *Reader) readForm(maxMemory int64) (_ *Form, err 
error) {
+ 
+   // Reserve an additional 10 MB for non-file parts.
+   maxValueBytes := maxMemory + int64(10<<20)
++  if maxValueBytes <= 0 {
++  return nil, fmt.Errorf("multipart: integer overflow from 
maxMemory(%d) + 10MiB for non-file parts", maxMemory)
++  }
+   for {
+   p, err := r.NextPart()
+   if err == io.EOF {
+diff --git a/src/mime/multipart/formdata_test.go 
b/src/mime/multipart/formdata_test.go
+index 7d756c8c244a0..7112e0d3727fe 100644
+--- a/src/mime/multipart/formdata_test.go
 b/src/mime/multipart/formdata_test.go
+@@ -7,6 +7,7 @@ package multipart
+ import (
+   "bytes"
+   "io"
++  "math"
+   "os"
+   "strings"
+   "testing"
+@@ -52,6 +53,23 @@ func TestReadFormWithNamelessFile(t *testing.T) {
+   }
+ }
+ 
++// Issue 40430: Ensure that we report integer overflows in additions of 
maxMemory,
++// instead of silently and subtly failing without 

[OE-core][kirkstone][PATCHv2] go: Fix CVE-2023-39318

[Siddharth via lists.openembedded.org]

From: Siddharth Doshi 

Upstream-Status: Backport from 
[https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c]
CVE: CVE-2023-39318
Signed-off-by: Siddharth Doshi 
---
 meta/recipes-devtools/go/go-1.17.13.inc   |   1 +
 .../go/go-1.21/CVE-2023-39318.patch   | 238 ++
 2 files changed, 239 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-39318.patch

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc 
b/meta/recipes-devtools/go/go-1.17.13.inc
index c753a26a7e..ed2645bc12 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -44,6 +44,7 @@ SRC_URI += "\
 file://CVE-2023-24531_2.patch \
 file://CVE-2023-29409.patch \
 file://CVE-2023-39319.patch \
+file://CVE-2023-39318.patch \
 "
 SRC_URI[main.sha256sum] = 
"a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
 
diff --git a/meta/recipes-devtools/go/go-1.21/CVE-2023-39318.patch 
b/meta/recipes-devtools/go/go-1.21/CVE-2023-39318.patch
new file mode 100644
index 00..85c6ec97c8
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.21/CVE-2023-39318.patch
@@ -0,0 +1,238 @@
+From 023b542edf38e2a1f87fcefb9f75ff2f99401b4c Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker 
+Date: Thu, 3 Aug 2023 12:24:13 -0700
+Subject: [PATCH] [release-branch.go1.20] html/template: support HTML-like
+ comments in script contexts
+
+Per Appendix B.1.1 of the ECMAScript specification, support HTML-like
+comments in script contexts. Also per section 12.5, support hashbang
+comments. This brings our parsing in-line with how browsers treat these
+comment types.
+
+Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for
+reporting this issue.
+
+Fixes #62196
+Fixes #62395
+Fixes CVE-2023-39318
+
+Change-Id: Id512702c5de3ae46cf648e268cb10e1eb392a181
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1976593
+Run-TryBot: Roland Shoemaker 
+Reviewed-by: Tatiana Bradley 
+Reviewed-by: Damien Neil 
+Reviewed-by: Dmitri Shuralyov 
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/2014620
+Reviewed-on: https://go-review.googlesource.com/c/go/+/526098
+Run-TryBot: Cherry Mui 
+TryBot-Result: Gopher Robot 
+
+Upstream-Status: Backport from 
[https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c]
+CVE: CVE-2023-39318
+Signed-off-by: Siddharth Doshi 
+---
+ src/html/template/context.go  |  6 ++-
+ src/html/template/escape.go   |  5 +-
+ src/html/template/escape_test.go  | 10 
+ src/html/template/state_string.go |  4 +-
+ src/html/template/transition.go   | 80 ---
+ 5 files changed, 72 insertions(+), 33 deletions(-)
+
+diff --git a/src/html/template/context.go b/src/html/template/context.go
+index f5f44a1..feb6517 100644
+--- a/src/html/template/context.go
 b/src/html/template/context.go
+@@ -124,6 +124,10 @@ const (
+   stateJSBlockCmt
+   // stateJSLineCmt occurs inside a JavaScript // line comment.
+   stateJSLineCmt
++  // stateJSHTMLOpenCmt occurs inside a JavaScript  HTML-like comment.
++  stateJSHTMLCloseCmt
+   // stateCSS occurs inside a 

[OE-core] [PATCH v5 2/5] bitbake: cooker: add a new function to retrieve task signatures

[Julien Stephan]

adding a new command in cooker to compute and get task signatures

this commit also add the associated command and event needed to get the
signatures using tinfoil

Signed-off-by: Julien Stephan 
---
 bitbake/lib/bb/command.py |  6 ++
 bitbake/lib/bb/cooker.py  | 31 +++
 bitbake/lib/bb/event.py   |  8 
 3 files changed, 45 insertions(+)

diff --git a/bitbake/lib/bb/command.py b/bitbake/lib/bb/command.py
index 8663eed9331..f2ee5871616 100644
--- a/bitbake/lib/bb/command.py
+++ b/bitbake/lib/bb/command.py
@@ -781,3 +781,9 @@ class CommandsAsync:
 bb.event.fire(bb.event.FindSigInfoResult(res), 
command.cooker.databuilder.mcdata[mc])
 command.finishAsyncCommand()
 findSigInfo.needcache = False
+
+def getTaskSignatures(self, command, params):
+res = command.cooker.getTaskSignatures(params[0], params[1])
+bb.event.fire(bb.event.GetTaskSignatureResult(res), 
command.cooker.data)
+command.finishAsyncCommand()
+getTaskSignatures.needcache = True
diff --git a/bitbake/lib/bb/cooker.py b/bitbake/lib/bb/cooker.py
index 87aa71bb657..599c7ddaa28 100644
--- a/bitbake/lib/bb/cooker.py
+++ b/bitbake/lib/bb/cooker.py
@@ -1442,6 +1442,37 @@ class BBCooker:
 
 self.idleCallBackRegister(buildFileIdle, rq)
 
+def getTaskSignatures(self, target, tasks):
+sig = []
+getAllTaskSignatures = False
+
+if not tasks:
+tasks = ["do_build"]
+getAllTaskSignatures = True
+
+for task in tasks:
+taskdata, runlist = self.buildTaskData(target, task, 
self.configuration.halt)
+rq = bb.runqueue.RunQueue(self, self.data, self.recipecaches, 
taskdata, runlist)
+rq.rqdata.prepare()
+
+for l in runlist:
+mc, pn, taskname, fn = l
+
+taskdep = rq.rqdata.dataCaches[mc].task_deps[fn]
+for t in taskdep['tasks']:
+if t in taskdep['nostamp'] or "setscene" in t:
+continue
+tid = bb.runqueue.build_tid(mc, fn, t)
+
+if t in task or getAllTaskSignatures:
+try:
+rq.rqdata.prepare_task_hash(tid)
+sig.append([pn, t, 
rq.rqdata.get_task_unihash(tid)])
+except KeyError:
+sig.append(self.getTaskSignatures(target, [t])[0])
+
+return sig
+
 def buildTargets(self, targets, task):
 """
 Attempt to build the targets specified
diff --git a/bitbake/lib/bb/event.py b/bitbake/lib/bb/event.py
index 0d0e0a68aac..f8acacd80d1 100644
--- a/bitbake/lib/bb/event.py
+++ b/bitbake/lib/bb/event.py
@@ -857,6 +857,14 @@ class FindSigInfoResult(Event):
 Event.__init__(self)
 self.result = result
 
+class GetTaskSignatureResult(Event):
+"""
+Event to return results from GetTaskSignatures command
+"""
+def __init__(self, sig):
+Event.__init__(self)
+self.sig = sig
+
 class ParseError(Event):
 """
 Event to indicate parse failed
-- 
2.41.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188176): 
https://lists.openembedded.org/g/openembedded-core/message/188176
Mute This Topic: https://lists.openembedded.org/mt/101570281/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v5 3/5] sstatesig: add a new info level for SIGGEN_LOCKEDSIGS_TASKSIG_CHECK

[Julien Stephan]

as of now, SIGGEN_LOCKEDSIGS_TASKSIG_CHECK can take 2 values: "warn" and
"error", displaying respectively a warning or a fatal error message
only when a task is locked and the task signature is different from
the locked one.

The "info" level is introduced to add a "note" message to remind the
user that a recipe is locked even if the signature is equivalent to the
locked one.

The "warn" and "error" level display the warn/error message for each
task having a mismatch of the signature. Doing this with the "info"
level would result in very verbose output if there are several tasks
locked, so the info level will only print once the list of recipes that
have locked signature.

Signed-off-by: Julien Stephan 
---
 meta/lib/oe/sstatesig.py | 18 +-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py
index 633a0fd4502..5bf1697e727 100644
--- a/meta/lib/oe/sstatesig.py
+++ b/meta/lib/oe/sstatesig.py
@@ -104,6 +104,8 @@ class SignatureGeneratorOEBasicHashMixIn(object):
 self.lockedhashfn = {}
 self.machine = data.getVar("MACHINE")
 self.mismatch_msgs = []
+self.mismatch_number = 0
+self.lockedsigs_msgs = ""
 self.unlockedrecipes = (data.getVar("SIGGEN_UNLOCKED_RECIPES") or
 "").split()
 self.unlockedrecipes = { k: "" for k in self.unlockedrecipes }
@@ -187,6 +189,7 @@ class SignatureGeneratorOEBasicHashMixIn(object):
 #bb.warn("Using %s %s %s" % (recipename, task, h))
 
 if h != h_locked and h_locked != unihash:
+self.mismatch_number += 1
 self.mismatch_msgs.append('The %s:%s sig is computed to be 
%s, but the sig is locked to %s in %s'
   % (recipename, task, h, h_locked, 
var))
 
@@ -267,6 +270,15 @@ class SignatureGeneratorOEBasicHashMixIn(object):
 warn_msgs = []
 error_msgs = []
 sstate_missing_msgs = []
+info_msgs = None
+
+if self.lockedsigs:
+if len(self.lockedsigs) > 10:
+self.lockedsigs_msgs = "There are %s recipes with locked tasks 
(%s task(s) have non matching signature)" % (len(self.lockedsigs), 
self.mismatch_number)
+else:
+self.lockedsigs_msgs = "The following recipes have locked 
tasks:"
+for pn in self.lockedsigs:
+self.lockedsigs_msgs += " %s" % (pn)
 
 for tid in sq_data['hash']:
 if tid not in found:
@@ -279,7 +291,9 @@ class SignatureGeneratorOEBasicHashMixIn(object):
% (pn, taskname, 
sq_data['hash'][tid]))
 
 checklevel = d.getVar("SIGGEN_LOCKEDSIGS_TASKSIG_CHECK")
-if checklevel == 'warn':
+if checklevel == 'info':
+info_msgs = self.lockedsigs_msgs
+if checklevel == 'warn' or checklevel == 'info':
 warn_msgs += self.mismatch_msgs
 elif checklevel == 'error':
 error_msgs += self.mismatch_msgs
@@ -290,6 +304,8 @@ class SignatureGeneratorOEBasicHashMixIn(object):
 elif checklevel == 'error':
 error_msgs += sstate_missing_msgs
 
+if info_msgs:
+bb.note(info_msgs)
 if warn_msgs:
 bb.warn("\n".join(warn_msgs))
 if error_msgs:
-- 
2.41.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188177): 
https://lists.openembedded.org/g/openembedded-core/message/188177
Mute This Topic: https://lists.openembedded.org/mt/101570282/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v5 1/5] bitbake.conf: include bblock.conf

[Julien Stephan]

include conf/bblock.conf. This file is generated by the bblock tool. It
locks some package tasks by fixing their signatures. See bblock -h for
more details

Signed-off-by: Julien Stephan 
---
 meta/conf/bitbake.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 67577c8fe7e..6a8deee4f72 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -829,6 +829,7 @@ include conf/documentation.conf
 include conf/licenses.conf
 require conf/sanity.conf
 require conf/cve-check-map.conf
+include conf/bblock.conf
 
 ##
 # Weak variables (usually to retain backwards compatibility)
-- 
2.41.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188175): 
https://lists.openembedded.org/g/openembedded-core/message/188175
Mute This Topic: https://lists.openembedded.org/mt/101570280/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v5 4/5] scripts/bblock: add a script to lock/unlock recipes

[Julien Stephan]

bblock script allows to lock/unlock recipes to latest task signatures.
The idea is to prevent some recipes to be rebuilt during development.
For example when working on rust recipe, one may not want rust-native to be
rebuilt.

This tool can be used, with proper environment set up, using the following
command:

bblock 

See help for more details

if a 's task signature change, this task will not be built again 
and
sstate cache will be used.

[YOCTO #13425]

Signed-off-by: Julien Stephan 
---
 scripts/bblock | 184 +
 1 file changed, 184 insertions(+)
 create mode 100755 scripts/bblock

diff --git a/scripts/bblock b/scripts/bblock
new file mode 100755
index 000..0082059af81
--- /dev/null
+++ b/scripts/bblock
@@ -0,0 +1,184 @@
+#!/usr/bin/env python3
+# bblock
+# lock/unlock task to latest signature
+#
+# Copyright (c) 2023 BayLibre, SAS
+# Author: Julien Stepahn 
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import os
+import sys
+import logging
+
+scripts_path = os.path.dirname(os.path.realpath(__file__))
+lib_path = scripts_path + "/lib"
+sys.path = sys.path + [lib_path]
+
+import scriptpath
+
+scriptpath.add_bitbake_lib_path()
+
+import bb.tinfoil
+import bb.msg
+
+import argparse_oe
+
+myname = os.path.basename(sys.argv[0])
+logger = bb.msg.logger_create(myname)
+
+
+def getTaskSignatures(tinfoil, pn, tasks):
+tinfoil.set_event_mask(
+[
+"bb.event.GetTaskSignatureResult",
+"logging.LogRecord",
+"bb.command.CommandCompleted",
+"bb.command.CommandFailed",
+]
+)
+ret = tinfoil.run_command("getTaskSignatures", pn, tasks)
+if ret:
+while True:
+event = tinfoil.wait_event(1)
+if event:
+if isinstance(event, bb.command.CommandCompleted):
+break
+elif isinstance(event, bb.command.CommandFailed):
+logger.error(str(event))
+sys.exit(2)
+elif isinstance(event, bb.event.GetTaskSignatureResult):
+sig = event.sig
+elif isinstance(event, logging.LogRecord):
+logger.handle(event)
+else:
+logger.error("No result returned from getTaskSignatures command")
+sys.exit(2)
+return sig
+
+
+def parseRecipe(tinfoil, recipe):
+try:
+tinfoil.parse_recipes()
+d = tinfoil.parse_recipe(recipe)
+except Exception:
+logger.error("Failed to get recipe info for: %s" % recipe)
+sys.exit(1)
+return d
+
+
+def bblockDump(lockfile):
+try:
+with open(lockfile, "r") as lockfile:
+for line in lockfile:
+print(line.strip())
+except IOError:
+return 1
+return 0
+
+
+def bblockReset(lockfile, pns, package_archs, tasks):
+if not pns:
+logger.info("Unlocking all recipes")
+try:
+os.remove(lockfile)
+except FileNotFoundError:
+pass
+else:
+logger.info("Unlocking {pns}".format(pns=pns))
+tmp_lockfile = lockfile + ".tmp"
+with open(lockfile, "r") as infile, open(tmp_lockfile, "w") as outfile:
+for line in infile:
+if not (
+any(element in line for element in pns)
+and any(element in line for element in 
package_archs.split())
+):
+outfile.write(line)
+else:
+if tasks and not any(element in line for element in tasks):
+outfile.write(line)
+os.remove(lockfile)
+os.rename(tmp_lockfile, lockfile)
+
+
+def main():
+parser = argparse_oe.ArgumentParser(description="Lock and unlock a recipe")
+parser.add_argument("pn", nargs="*", help="Space separated list of recipe 
to lock")
+parser.add_argument(
+"-t",
+"--tasks",
+help="Comma separated list of tasks",
+type=lambda s: [
+task if task.startswith("do_") else "do_" + task for task in 
s.split(",")
+],
+)
+parser.add_argument(
+"-r",
+"--reset",
+action="store_true",
+help="Unlock pn recipes, or all recipes if pn is empty",
+)
+parser.add_argument(
+"-d",
+"--dump",
+action="store_true",
+help="Dump generated bblock.conf file",
+)
+
+global_args, unparsed_args = parser.parse_known_args()
+
+with bb.tinfoil.Tinfoil() as tinfoil:
+tinfoil.prepare(config_only=True)
+
+package_archs = tinfoil.config_data.getVar("PACKAGE_ARCHS")
+builddir = tinfoil.config_data.getVar("TOPDIR")
+lockfile = "{builddir}/conf/bblock.conf".format(builddir=builddir)
+
+if global_args.dump:
+bblockDump(lockfile)
+return 0
+
+if global_args.reset:
+bblockReset(lockfile, global_args.pn, package_archs, 

[OE-core] [PATCH v5 5/5] oeqa/selftest/bblock: add self test for bblock tool

[Julien Stephan]

it implements various combination of locking single/multiple recipe(s)/task(s)

it also tests that locked sig are architecture dependant

Signed-off-by: Julien Stephan 
---
 meta/lib/oeqa/selftest/cases/bblock.py | 201 +
 1 file changed, 201 insertions(+)
 create mode 100644 meta/lib/oeqa/selftest/cases/bblock.py

diff --git a/meta/lib/oeqa/selftest/cases/bblock.py 
b/meta/lib/oeqa/selftest/cases/bblock.py
new file mode 100644
index 000..07143c59676
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/bblock.py
@@ -0,0 +1,201 @@
+#
+# Copyright (c) 2023 BayLibre, SAS
+# Author: Julien Stepahn 
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import os
+import re
+import bb.tinfoil
+
+import oeqa.utils.ftools as ftools
+from oeqa.utils.commands import runCmd, get_bb_var, get_bb_vars, bitbake
+
+from oeqa.selftest.case import OESelftestTestCase
+
+
+class BBLock(OESelftestTestCase):
+@classmethod
+def setUpClass(cls):
+super(BBLock, cls).setUpClass()
+cls.lockfile = cls.builddir + "/conf/bblock.conf"
+
+def unlock_recipes(self, recipes=None, tasks=None):
+cmd = "bblock -r "
+if recipes:
+cmd += " ".join(recipes)
+if tasks:
+cmd += " -t " + ",".join(tasks)
+result = runCmd(cmd)
+
+if recipes:
+# ensure all signatures are removed from lockfile
+contents = ftools.read_file(self.lockfile)
+for recipe in recipes:
+for task in tasks:
+find_in_contents = re.search(
+'SIGGEN_LOCKEDSIGS_.+\s\+=\s"%s:%s:.*"' % (recipe, 
task),
+contents,
+)
+self.assertFalse(
+find_in_contents,
+msg="%s:%s should not be present into bblock.conf 
anymore"
+% (recipe, task),
+)
+self.assertExists(self.lockfile)
+else:
+self.assertNotExists(self.lockfile)
+
+def lock_recipes(self, recipes, tasks=None):
+cmd = "bblock " + " ".join(recipes)
+if tasks:
+cmd += " -t " + ",".join(tasks)
+
+result = runCmd(cmd)
+
+self.assertExists(self.lockfile)
+
+# ensure all signatures are added to lockfile
+contents = ftools.read_file(self.lockfile)
+for recipe in recipes:
+if tasks:
+for task in tasks:
+find_in_contents = re.search(
+'SIGGEN_LOCKEDSIGS_.+\s\+=\s"%s:%s:.*"' % (recipe, 
task),
+contents,
+)
+self.assertTrue(
+find_in_contents,
+msg="%s:%s was not added into bblock.conf. bblock 
output: %s"
+% (recipe, task, result.output),
+)
+
+def modify_tasks(self, recipes, tasks):
+task_append = ""
+for recipe in recipes:
+bb_vars = get_bb_vars(["PV"], recipe)
+recipe_pv = bb_vars["PV"]
+recipe_append_file = recipe + "_" + recipe_pv + ".bbappend"
+
+os.mkdir(os.path.join(self.testlayer_path, "recipes-test", recipe))
+recipe_append_path = os.path.join(
+self.testlayer_path, "recipes-test", recipe, recipe_append_file
+)
+
+for task in tasks:
+task_append += "%s:append() {\n#modify task hash \n}\n" % task
+ftools.write_file(recipe_append_path, task_append)
+self.add_command_to_tearDown(
+"rm -rf %s" % os.path.join(self.testlayer_path, 
"recipes-test", recipe)
+)
+
+def test_lock_single_recipe_single_task(self):
+recipes = ["quilt"]
+tasks = ["do_compile"]
+self._run_test(recipes, tasks)
+
+def test_lock_single_recipe_multiple_tasks(self):
+recipes = ["quilt"]
+tasks = ["do_compile", "do_install"]
+self._run_test(recipes, tasks)
+
+def test_lock_single_recipe_all_tasks(self):
+recipes = ["quilt"]
+self._run_test(recipes, None)
+
+def test_lock_multiple_recipe_single_task(self):
+recipes = ["quilt", "bc"]
+tasks = ["do_compile"]
+self._run_test(recipes, tasks)
+
+def test_lock_architecture_specific(self):
+# unlock all recipes and ensure no bblock.conf file exist
+self.unlock_recipes()
+
+recipes = ["quilt"]
+tasks = ["do_compile"]
+
+# lock quilt's do_compile task for another machine
+if self.td["MACHINE"] == "qemux86-64":
+machine = "qemuarm"
+else:
+machine = "qemux86-64"
+
+self.write_config('MACHINE = "%s"\n' % machine)
+
+self.lock_recipes(recipes, tasks)
+
+self.write_config('MACHINE = "%s"\n' % self.td["MACHINE"])
+# modify quilt's do_compile task
+ 

[OE-core] [PATCH v5 0/5] Add bblock helper scripts

[Julien Stephan]

Hi all,

This is v5 for bblock script.

Improvement from v4:
* Fix self test error reported by autobuilder
* Allow to specify task with/without the "do_" prefix:
  example: bblock bc -t compile,do_install
* Fix test_lock_single_recipe_all_tasks
* Fix getTaskSignatures: now retrieve all tasks and filter out the
* setscene and nostamps ones

Limitations:
* Silently does nothing if given task doesn't exist
* Silently does nothing when resetting a recipe that doesn't exist

Improvement from v3:
* Add self test
* Add a new "info" level for SIGGEN_LOCKEDSIGS_TASKSIG_CHECK: this allows to
  display a Note when recipe contains locked task(s)

Improvement from v2:
* Add a function in bb.cooker to compute task signatures
* Replace the findSigInfo function by the new created one. This has the
  following advantages:
* findSigInfo needs the task to be already built to get the siginfo
  file, meaning we cannot lock a recipe on a fresh build
* we can now generate the signatures for all available task of a given
  recipe
* Check if a given task is already locked. If so, don't duplicate
  entry in bblock.conf

Limitations:
* Needs to taint tasks that are locked, to display a warning
* I may be still missing some checks on user input
* Silently does nothing if given task doesn't exist
* Silently does nothing when resetting a recipe that doesn't exist

I did some tests using qemux86-64 and qemuarm but I may be missing some
corner cases.

Improvement from V1:
* Signatures are now package architecture specific meaning that if you
  switch MACHINE, the lock sig will not be taken into account
* I added the -r option to unlock recipes
* I added a -d option to display the current bblock.conf
* Added an include directive for conf/bblock.conf inside bitbake.conf
* Added -t option to specify the tasks to lock/unlock

Limitations:
* I may be still missing some checks on user input
* I need to find a way to get the list of tasks ( by default still lock
  only the do_compile for now, unless -t is specified)
* Do not check if a particular recipe/task is already locked when trying
  to add lock. So entries may appear multiple times
* We still need the signature of the tasks to be already computed before
  locking. Need to find a way to generate it if missing

V3: https://lists.openembedded.org/g/openembedded-core/message/184932
V2: https://lists.openembedded.org/g/openembedded-core/message/184697
V1: https://lists.openembedded.org/g/openembedded-core/message/184584

My branch is available here [1]

Cheers
Julien

[1]: https://git.yoctoproject.org/poky-contrib/commit/?h=jstephan/bblock

Julien Stephan (5):
  bitbake.conf: include bblock.conf
  bitbake: cooker: add a new function to retrieve task signatures
  sstatesig: add a new info level for SIGGEN_LOCKEDSIGS_TASKSIG_CHECK
  scripts/bblock: add a script to lock/unlock recipes
  oeqa/selftest/bblock: add self test for bblock tool

 bitbake/lib/bb/command.py  |   6 +
 bitbake/lib/bb/cooker.py   |  31 
 bitbake/lib/bb/event.py|   8 +
 meta/conf/bitbake.conf |   1 +
 meta/lib/oe/sstatesig.py   |  18 ++-
 meta/lib/oeqa/selftest/cases/bblock.py | 201 +
 scripts/bblock | 184 ++
 7 files changed, 448 insertions(+), 1 deletion(-)
 create mode 100644 meta/lib/oeqa/selftest/cases/bblock.py
 create mode 100755 scripts/bblock

--
2.41.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188174): 
https://lists.openembedded.org/g/openembedded-core/message/188174
Mute This Topic: https://lists.openembedded.org/mt/101570279/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH V5] tar: add ptest support

[Alexander Kanavin]

On Mon, 25 Sept 2023 at 07:35, qi...@fujitsu.com  wrote:
> +tar: Fix bug of compiling testsuite
> +
> +Del exclude17.at and exclude18.at from testsuite.at,
> +because these files are not exist in tarball.
> +
> +Upstream-Status: Inappropriate [oe specific]

Thanks for persevering with this, we're nearly there.

When adding 'Inappropriate' patches, it is important to check if this
issue has been resolved in upstream git, or if there's a ticket for it
(and add a ticket if needed).
In this case, there's a fix, so please add the link to this patch:
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=39849e9d91f477d3fb839f93cd0815d0cb3273e9

Upstreams should be notified of the problems when we add
'Inappropriate' patches to work around them.

Alex

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188173): 
https://lists.openembedded.org/g/openembedded-core/message/188173
Mute This Topic: https://lists.openembedded.org/mt/101569333/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 2/2] glib-2.0: Remove failing ptests on musl

[Alexander Kanavin]

Wait, shouldn't the reason for the failures be at least mentioned, if
not addressed? "Remove test because it fails" is never a valid change.

Alex


On Sat, 23 Sept 2023 at 22:45, Khem Raj  wrote:
>
> FAIL: glib/convert.test (Child process killed by signal 6)
> FAIL: glib/collate.test (Child process killed by signal 6)
> FAIL: glib/gdatetime.test (Child process killed by signal 6)
> FAIL: glib/date.test (Child process killed by signal 6)
> FAIL: glib/converter-stream.test (Child process killed by signal 6)
> FAIL: glib/option-context.test (Child process killed by signal 6)
>
> Signed-off-by: Khem Raj 
> ---
>  meta/recipes-core/glib-2.0/glib.inc | 7 ++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/meta/recipes-core/glib-2.0/glib.inc 
> b/meta/recipes-core/glib-2.0/glib.inc
> index 5183f37a6ef..c508990ee8c 100644
> --- a/meta/recipes-core/glib-2.0/glib.inc
> +++ b/meta/recipes-core/glib-2.0/glib.inc
> @@ -134,7 +134,12 @@ do_install:append:class-target () {
>  # https://gitlab.gnome.org/GNOME/glib/-/issues/2810
>  rm -f ${D}${datadir}/installed-tests/glib/thread-pool-slow.test
>  }
> -
> +do_install:append:class-target:libc-musl () {
> +# Remove failing tests on musl libc systems
> +for t in convert.test collate.test gdatetime.test date.test 
> converter-stream.test option-context.test; do
> +rm -rf ${D}${datadir}/installed-tests/glib/$t
> +done
> +}
>  # As we do not build python3 for windows, makes no sense to ship the script 
> that's using it
>  do_install:append:mingw32() {
>  rm -f ${D}${bindir}/gtester-report
> --
> 2.42.0
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188172): 
https://lists.openembedded.org/g/openembedded-core/message/188172
Mute This Topic: https://lists.openembedded.org/mt/101546413/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-