Re: [OE-core] [yocto] QA notification for completed autobuilder build (yocto-5.0.1.rc2)
Hi all, Intel and WR YP QA is planning for QA execution for YP build yocto-5.0.1.rc2. We are planning to execute following tests for this cycle: OEQA-manual tests for following module: 1. OE-Core 2. BSP-hw Runtime auto test for following platforms: 1. MinnowBoard Turbot - 32bit 2. Alder Lake-S (12th Generation Intel(r) Core(tm) Processors) 3. Raptor Lake-P (13th Generation Intel(r) Core(tm) Processors) 4. Meteor Lake-P (14th Generation Intel(r) Core(tm) Processors) 5. Beaglebone ETA for completion Thursday, 16 May 2024. Best regards, Jing Hui > -Original Message- > From: yo...@lists.yoctoproject.org On Behalf > Of Pokybuild User > Sent: Friday, May 10, 2024 1:45 PM > To: yo...@lists.yoctoproject.org > Cc: qa-build-notificat...@lists.yoctoproject.org > Subject: [yocto] QA notification for completed autobuilder build (yocto- > 5.0.1.rc2) > > > A build flagged for QA (yocto-5.0.1.rc2) was completed on the autobuilder > and is available at: > > > https://autobuilder.yocto.io/pub/releases/yocto-5.0.1.rc2 > > > Build URL: > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6892 > > Build hash information: > > bitbake: 8f90d10f9efc9a32e13f6bd031992aece79fe7cc > meta-agl: 73b088ccfa385f91b8aa56c1d2fbf78d97447dfa > meta-arm: 6d6fa14744b4e453eedb2c37891259b7dcbf > meta-aws: 3265343c2f2b22bd0a2a9a688fd20e6540d0d746 > meta-clang: e7dceb1c92caf7f21ef1d7b49c85328c30cffd90 > meta-intel: 52f5037453e797eca8784a410f7a2a55f40aef57 > meta-mingw: acbba477893ef87388effc4679b7f40ee49fc852 > meta-openembedded: 5778e32eae201072c5dc37c9db67dc1848ffb9de > meta-virtualization: e9bb0a338fdf637f7929e19b21857d4c1d532ce6 > oecore: 294a7dbe44f6b7c8d3a1de8c2cc182af37c4f916 > poky: 4b07a5316ed4b858863dfdb7cab63859d46d1810 > > > > This is an automated message from the Yocto Project Autobuilder > Git: git://git.yoctoproject.org/yocto-autobuilder2 > Email: richard.pur...@linuxfoundation.org > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199223): https://lists.openembedded.org/g/openembedded-core/message/199223 Mute This Topic: https://lists.openembedded.org/mt/106066021/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [kirkstone][PATCH] ipk/rootfs: run sanity test of multilib in parallel
From: "seungkyun.kim" For multilib type packages, there is an additional temporary installation before the actual installation. It makes almost doubles the do_rootfs time if having many multilib type packages. To avoid this overhead, run sanity test in parallel. Installing package groups through opkg takes much more time than copying directory. Signed-off-by: seungkyun.kim --- meta/lib/oe/package_manager/ipk/rootfs.py | 21 + 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/meta/lib/oe/package_manager/ipk/rootfs.py b/meta/lib/oe/package_manager/ipk/rootfs.py index 10a831994e..88108bb312 100644 --- a/meta/lib/oe/package_manager/ipk/rootfs.py +++ b/meta/lib/oe/package_manager/ipk/rootfs.py @@ -4,6 +4,7 @@ import re import filecmp +import multiprocessing import shutil from oe.rootfs import Rootfs from oe.manifest import Manifest @@ -196,10 +197,16 @@ class PkgRootfs(DpkgOpkgRootfs): def _multilib_test_install(self, pkgs): ml_temp = self.d.getVar("MULTILIB_TEMP_ROOTFS") +rootfs_temp = os.path.join(ml_temp, "rootfs") bb.utils.mkdirhier(ml_temp) -dirs = [self.image_rootfs] +bb.utils.remove(rootfs_temp, True) +shutil.copytree(self.image_rootfs, rootfs_temp) +dirs = [rootfs_temp] +return multiprocessing.Process(target=self._multilib_test_pkg_install, \ + args=(pkgs, ml_temp, dirs, False)) +def _multilib_test_pkg_install(self, pkgs, ml_temp, dirs): for variant in self.d.getVar("MULTILIB_VARIANTS").split(): ml_target_rootfs = os.path.join(ml_temp, variant) @@ -216,6 +223,8 @@ class PkgRootfs(DpkgOpkgRootfs): dirs.append(ml_target_rootfs) self._multilib_sanity_test(dirs) +rootfs_temp = os.path.join(ml_temp, "rootfs") +bb.utils.remove(rootfs_temp) ''' While ipk incremental image generation is enabled, it will remove the @@ -298,14 +307,18 @@ class PkgRootfs(DpkgOpkgRootfs): for pkg_type in self.install_order: if pkg_type in pkgs_to_install: +sanity_test = None # For multilib, we perform a sanity test before final install # If sanity test fails, it will automatically do a bb.fatal() # and the installation will stop if pkg_type == Manifest.PKG_TYPE_MULTILIB: -self._multilib_test_install(pkgs_to_install[pkg_type]) +sanity_test= self._multilib_test_install(pkgs_to_install[pkg_type]) +sanity_test.start() -self.pm.install(pkgs_to_install[pkg_type], -[False, True][pkg_type == Manifest.PKG_TYPE_ATTEMPT_ONLY]) +self.pm.install(pkgs_to_install[pkg_type], [False, True][pkg_type == Manifest.PKG_TYPE_ATTEMPT_ONLY]) + +if sanity_test is not None: +sanity_test.join() if self.progress_reporter: self.progress_reporter.next_stage() -- 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199222): https://lists.openembedded.org/g/openembedded-core/message/199222 Mute This Topic: https://lists.openembedded.org/mt/106065500/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][PATCH v4][PATCH] libbsd: Fix conflict error when enable multilib.
Hi, Alex > It's in abelloni/master-next on poky-contrib. Please read Richard's status > email and try to pay attention to them going forward: I got it. Thank you for your reply. Best regards Lei > -Original Message- > From: Alexander Kanavin > Sent: Friday, May 10, 2024 4:43 PM > To: Lei, Maohui > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core][PATCH v4][PATCH] libbsd: Fix conflict error when > enable multilib. > > It's in abelloni/master-next on poky-contrib. Please read Richard's status > email and try to pay attention to them going forward: > > https://lists.openembedded.org/g/openembedded-architecture/message/20 > 03 > > Alex > > On Fri, 10 May 2024 at 03:19, leimaohui via lists.openembedded.org > wrote: > > > > Ping > > > > > > > > > > > -Original Message- > > > From: openembedded-core@lists.openembedded.org > > > On Behalf Of leimaohui > > > via lists.openembedded.org > > > Sent: Tuesday, April 30, 2024 4:27 PM > > > To: openembedded-core@lists.openembedded.org > > > Cc: Lei, Maohui > > > Subject: [OE-core][PATCH v4][PATCH] libbsd: Fix conflict error when > > > enable multilib. > > > > > > From: Lei Maohui > > > > > > - Fix the conflict error by oe_multilib_header. The conflict error > > > is as the > > > following: > > > Error: Transaction test error: > > > file /usr/include/bsd/sys/cdefs.h conflicts between attempted > > > installs of > > > libbsd-dev-0.12.1-r0.core2_64 and > > > lib32-libbsd-dev-0.12.1-r0.core2_32 > > > > > > The difference of bsd/sys/cdefs.h between libbsd-dev and > > > lib32-libbsd-dev is as following: > > > > > > /* Define the ABI for the current system. */ -#define > > > LIBBSD_SYS_TIME_BITS 64 +#define LIBBSD_SYS_TIME_BITS 32 #define > > > LIBBSD_SYS_HAS_TIME64 1 > > > > > > - After oe_multilib_header on cdefs.h, the path of cdefs-64.h and > > > cdefs-32.h in cdefs.h need to be corrected for overlay-mode. Please > > > reference to > > > https://man.archlinux.org/man/libbsd.7 for details. > > > @@ -12,19 +12,19 @@ > > > #ifdef _MIPS_SIM > > > > > > #if _MIPS_SIM == _ABIO32 > > > -#include > > > +#include > > > #elif _MIPS_SIM == _ABIN32 > > > -#include > > > +#include > > > #else > > > #error "Unknown _MIPS_SIM" > > > #endif > > > > > > #else /* _MIPS_SIM is not defined */ -#include > > > +#include > > > #endif > > > > > > #elif __WORDSIZE == 64 > > > -#include > > > +#include > > > #else > > > #error "Unknown __WORDSIZE detected" > > > #endif /* matches #if __WORDSIZE == 32 */ > > > > > > Signed-off-by: Lei Maohui > > > --- > > > meta/recipes-support/libbsd/libbsd_0.12.2.bb | 10 +- > > > 1 file changed, 9 insertions(+), 1 deletion(-) > > > > > > diff --git a/meta/recipes-support/libbsd/libbsd_0.12.2.bb > > > b/meta/recipes-support/libbsd/libbsd_0.12.2.bb > > > index 7d5e88f293..1791d97dfd 100644 > > > --- a/meta/recipes-support/libbsd/libbsd_0.12.2.bb > > > +++ b/meta/recipes-support/libbsd/libbsd_0.12.2.bb > > > @@ -40,8 +40,16 @@ SRC_URI = > > > "https://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz; > > > > > > SRC_URI[sha256sum] = > > > > "b88cc9163d0c652aaf39a1d974ddba1c3a9711db8f1b5838af2a147310 > > > 14" > > > > > > -inherit autotools pkgconfig > > > +inherit autotools pkgconfig multilib_header > > > > > > DEPENDS += "libmd" > > > > > > +do_install:append () { > > > + oe_multilib_header bsd/sys/cdefs.h > > > + # It hasn't been tested when libbsd is used in 'namespaced headers' > > > mode according to > > > + # https://man.archlinux.org/man/libbsd.7. > > > + sed -i 's:#include > > +${D}${includedir}/bsd/sys/cdefs.h } > > > + > > > + > > > BBCLASSEXTEND = "native nativesdk" > > > -- > > > 2.34.1 > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199221): https://lists.openembedded.org/g/openembedded-core/message/199221 Mute This Topic: https://lists.openembedded.org/mt/105817273/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v2] valgrind: Upgrade to 3.23.0
On Sun, May 12, 2024 at 11:51 AM Alexander Kanavin wrote: > On Sat, 11 May 2024 at 18:22, Khem Raj via lists.openembedded.org > wrote: > > +From b17b6d7d3a65c14f91f090f3f4f9898d6fa3a9e4 Mon Sep 17 00:00:00 2001 > > +From: Khem Raj > > +Date: Fri, 10 May 2024 16:27:34 -0700 > > +Subject: [PATCH] configure: Drop setting mcpu=cortex-a8 on arm > > + > > +The -march settings from environment expresses the flags > > +appropriately, moreover, this conflicts when using armhf > > +without neon [1] > > + > > +[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928224 > > + > > +Upstream-Status: Pending > > Please no pending patches. Submit here: > https://bugs.kde.org/enter_bug.cgi?product=valgrind > I am aware of it and it’s working in parallel, I guess it’s better to submit it to Debian or arch first and get it tested there than openembedded perhaps. > Alex > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199220): https://lists.openembedded.org/g/openembedded-core/message/199220 Mute This Topic: https://lists.openembedded.org/mt/106041850/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v2] valgrind: Upgrade to 3.23.0
On Sat, 11 May 2024 at 18:22, Khem Raj via lists.openembedded.org wrote: > +From b17b6d7d3a65c14f91f090f3f4f9898d6fa3a9e4 Mon Sep 17 00:00:00 2001 > +From: Khem Raj > +Date: Fri, 10 May 2024 16:27:34 -0700 > +Subject: [PATCH] configure: Drop setting mcpu=cortex-a8 on arm > + > +The -march settings from environment expresses the flags > +appropriately, moreover, this conflicts when using armhf > +without neon [1] > + > +[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928224 > + > +Upstream-Status: Pending Please no pending patches. Submit here: https://bugs.kde.org/enter_bug.cgi?product=valgrind Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199219): https://lists.openembedded.org/g/openembedded-core/message/199219 Mute This Topic: https://lists.openembedded.org/mt/106041850/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for nanbield on Sun 12 May 2024 04:00:01 AM HST
Branch: nanbield New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 175 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * CVE-2023-39928 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39928 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-42753 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42753 * CVE-2023-42754 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42754 * CVE-2023-42756 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42756 * CVE-2023-4623 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4623 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-46838 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46838 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-4921 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4921 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-50431 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50431 * CVE-2023-5088 (CVSS3: 7.0 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5088 * CVE-2023-51384 (CVSS3: 5.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51384 * CVE-2023-51385 (CVSS3: 6.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51385 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-5178 (CVSS3: 9.8 CRITICAL): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5178 * CVE-2023-51780 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51780 * CVE-2023-51781 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51781 * CVE-2023-51782 (CVSS3: 7.0 HIGH):
[OE-core] OE-core CVE metrics for kirkstone on Sun 12 May 2024 03:00:01 AM HST
Branch: kirkstone New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 33 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22860 * CVE-2024-22861 (CVSS3: 7.5 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22861 * CVE-2024-22862 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22862 * Summary of CVE counts by recipe: ffmpeg: 5 go: 5 qemu:qemu-native:qemu-system-native: 4 rpm:rpm-native: 3 tiff: 3 webkitgtk: 3 gnupg:gnupg-native: 2 grub:grub-efi:grub-native: 2 cpio: 1 expat:expat-native: 1 pixman:pixman-native: 1 python3:python3-native: 1 xserver-xorg: 1 xwayland: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199217): https://lists.openembedded.org/g/openembedded-core/message/199217 Mute This Topic: https://lists.openembedded.org/mt/106054534/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for dunfell on Sun 12 May 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 105 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 * CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
[OE-core] OE-core CVE metrics for master on Sun 12 May 2024 01:00:01 AM HST
Branch: master New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 33 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-21803 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 * CVE-2024-23848 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23848 * CVE-2024-24857 (CVSS3: 6.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24857 * CVE-2024-24858 (CVSS3: 5.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24858 * CVE-2024-24859 (CVSS3: 4.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24859 * CVE-2024-24864 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24864 * CVE-2024-25739 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25739 * CVE-2024-25740 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25740 * CVE-2024-26596 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26596 * CVE-2024-26900 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26900 * CVE-2024-26913 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26913 * Summary of CVE counts by recipe: linux-yocto: 24 busybox: 4 cpio: 1 gnupg:gnupg-native: 1 nasm:nasm-native: 1 openssh: 1 qemu:qemu-native:qemu-system-native: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199215): https://lists.openembedded.org/g/openembedded-core/message/199215 Mute This Topic: https://lists.openembedded.org/mt/106053309/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] python3-pycparser: cleanup RDEPENDS
Please let me know if you have problems applying this patch (whitespace corruption for example). I tested it locally before pushing this and it worked fine on my end. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199214): https://lists.openembedded.org/g/openembedded-core/message/199214 Mute This Topic: https://lists.openembedded.org/mt/106052698/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v8 3/3] classes: add a systemd-sysext image class
systemd-sysext can load a raw-image containing usr/ and opt/ folders to mount them as RO overlay over the rootfs, to "extend" the systems. This class provides the necessary changes/additions to the enclosed file-system so that systemd-sysext accepts the extension for "merge" into the rootfs. With such an created image, placed into the correct folder (see [1]), `systemd-sysext list` should be able to list the "extension" and `systemd-sysext merge` should enable the overlay. On both commands a preceding "SYSTEMD_LOG_LEVEL=debug" can aide in figuring out what is amiss. The strict name checking systemd-sysext does against the name of extension-release.NAME file, is disabled, as there is only one such in the resulting image. This is done to allow a user to freely rename the resulting image file. Note that for e.g. squashfs, the kernel needs CONFIG_SQUASHFS_XATTR=y Link: https://www.freedesktop.org/software/systemd/man/latest/systemd-sysext.html Link: https://0pointer.net/blog/testing-my-system-code-in-usr-without-modifying-usr.html Signed-off-by: Johannes Schneider --- meta/classes-recipe/image-sysext.bbclass | 43 1 file changed, 43 insertions(+) create mode 100644 meta/classes-recipe/image-sysext.bbclass diff --git a/meta/classes-recipe/image-sysext.bbclass b/meta/classes-recipe/image-sysext.bbclass new file mode 100644 index 00..bc3e4d52b5 --- /dev/null +++ b/meta/classes-recipe/image-sysext.bbclass @@ -0,0 +1,43 @@ +# SPDX-License-Identifier: MIT +# +# Copyright Leica Geosystems AG +# + +# systemd-sysext [1] has a simple mechanism for version compatibility: +# the extension to be loaded has to contain a +# /usr/lib/extension-release.d/extension-release.NAME +# with "NAME" *exactly* matching the filename of the extensions +# raw-device filename/ +# +# from the extension-release file the "ID" and "VERSION_ID" fields are +# matched against the etc/os-release and the extension is only "merged" +# if no mismatches between NAME, ID, and VERSION_ID. +# +# Link: https://www.freedesktop.org/software/systemd/man/latest/systemd-sysext.html + +inherit image + +IMAGE_NAME_SUFFIX = ".sysext" +EXTENSION_NAME = "${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${IMAGE_FSTYPES}" +IMAGE_LINK_NAME:append = ".sysext" + +DEPENDS += " os-release" + +sysext_image_mangle_rootfs() { +R=${IMAGE_ROOTFS} + +# pull a copy of the rootfs version information, which systemd-sysext matches against +cp -av ${RECIPE_SYSROOT}/${nonarch_libdir}/os-release ${WORKDIR}/extension-release.base + +echo 'EXTENSION_RELOAD_MANAGER=1' >> ${WORKDIR}/extension-release.base + +install -d $R${nonarch_libdir}/extension-release.d +install -m 0644 ${WORKDIR}/extension-release.base \ + $R${nonarch_libdir}/extension-release.d/extension-release.${EXTENSION_NAME} + +# disable systemd-sysext's strict name checking, so that the image file can be renamed, while still being 'merge'-able +setfattr -n user.extension-release.strict -v false \ + $R${nonarch_libdir}/extension-release.d/extension-release.${EXTENSION_NAME} +} + +ROOTFS_POSTPROCESS_COMMAND += " sysext_image_mangle_rootfs; " -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199211): https://lists.openembedded.org/g/openembedded-core/message/199211 Mute This Topic: https://lists.openembedded.org/mt/106051547/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v8 0/3] pkg-database and systemd-sysext image
systemd-sysext allows to overlay another image (or multiple) ontop of a "base-image" = the current rootfs, via the use of overlayfs; to add tools and features meant for development purposes. To quote the documentation on systemd-sysext: " ...addition in order to make debugging/development easier). System extension images should not be misunderstood as a generic software packaging framework, ..." To build a lean image, that only holds packages that are not already part of the base-image, a snapshot of the package-database is taken after the installation of the base-rootfs is done, and picked up again when collecting the rootfs of such a extension image. with all this in place an example usage could look like this: some-core-image.bb inherit core-image IMAGE_GEN_PKGDBFS = "1" extending-image.bb inherit image-sysext IMAGE_FSTYPES = "squashfs" IMAGE_BASE_PKGDB = "some-core-image" # the above pointing at a package-db similar to: # build/deploy/images/$MACHINE/some-core-image-$MACHINE-20240210172305-pkgdb.rootfs.tar.gz then on the device, running some-core-image, with the extension image placed at FN: $> ln -s "$FN" /run/extensions/$(basename $FN).raw $> systemd-sysext list $> SYSTEMD_LOG_LEVEL=debug systemd-sysext merge As long as the VERSION_ID of the extension image matches the os-release in the base image, the above commands return sucessfully; for details on the compativility check see the docs for systemd-sysext. = changes with v2: rebase from 'kirkstone' onto 'master' changes with v3: incorporate review suggestions for simplification add task dependency handling add oe-selftest for the pkgdb handling add variable documentation and some more comments, and examples in the commit-msg changes with v4: rebase onto 'master' => no functional changes fixed patchtest findings changes with v5: rebase onto 'master' add '.sysext' to the deployed symlink name sidenote on the tests and autobuilder failure: run locally they succeed, e.g.: #> oe-selftest --verbose -r imagefeatures.ImageFeatures.test_image_gen_pkgdbfs changes with v6: tests: restructure to call 'bitbake' only once in the testcase itself (in hopes of solving the autobuilder problem; local test runs succeed) changes with v7: tests: undo the restructuring of done in v6, in favour of explicitly forcing steps: '-c rootfs -f'. since concurrency of the autobuilder, and reusing artifacts/sstate-caching is probably the issue? changes with v8: tests: fixed missing feature=PACKAGE_CLASSES during 'test_image_gen_pkgdbfs' which is now split into three, one for each of the three available packagemanager: ipk, deb, rpm -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199209): https://lists.openembedded.org/g/openembedded-core/message/199209 Mute This Topic: https://lists.openembedded.org/mt/106051545/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v8 1/3] image.bbclass/rootfs: archive and deploy package database
archive the package database after the rootfs has been put together as *rootfs-pkdbfs.tar.gz, and put it into the deploy folder. This creates a snapshot of the package mangers state at the point in time when all dependencies have been resolved and installed; which could be used by "extension images" to built upon. Signed-off-by: Johannes Schneider --- meta/classes-recipe/image.bbclass | 44 - meta/classes-recipe/image_types.bbclass | 1 + meta/conf/documentation.conf | 1 + meta/lib/oe/package_manager/deb/rootfs.py | 1 + meta/lib/oe/package_manager/ipk/rootfs.py | 1 + meta/lib/oe/package_manager/rpm/rootfs.py | 1 + meta/lib/oe/rootfs.py | 20 +++ meta/lib/oeqa/selftest/cases/imagefeatures.py | 150 ++ 8 files changed, 218 insertions(+), 1 deletion(-) diff --git a/meta/classes-recipe/image.bbclass b/meta/classes-recipe/image.bbclass index 28be6c6362..3ccaaa17b8 100644 --- a/meta/classes-recipe/image.bbclass +++ b/meta/classes-recipe/image.bbclass @@ -42,6 +42,9 @@ IMAGE_FEATURES ?= "" IMAGE_FEATURES[type] = "list" IMAGE_FEATURES[validitems] += "debug-tweaks read-only-rootfs read-only-rootfs-delayed-postinsts stateless-rootfs empty-root-password allow-empty-password allow-root-login serial-autologin-root post-install-logging overlayfs-etc" +# Generate snapshot of the package database? +IMAGE_GEN_PKGDBFS ?= "0" + # Generate companion debugfs? IMAGE_GEN_DEBUGFS ?= "0" @@ -131,7 +134,8 @@ def rootfs_variables(d): 'IMAGE_ROOTFS_MAXSIZE','IMAGE_NAME','IMAGE_LINK_NAME','IMAGE_MANIFEST','DEPLOY_DIR_IMAGE','IMAGE_FSTYPES','IMAGE_INSTALL_COMPLEMENTARY','IMAGE_LINGUAS', 'IMAGE_LINGUAS_COMPLEMENTARY', 'IMAGE_LOCALES_ARCHIVE', 'MULTILIBRE_ALLOW_REP','MULTILIB_TEMP_ROOTFS','MULTILIB_VARIANTS','MULTILIBS','ALL_MULTILIB_PACKAGE_ARCHS','MULTILIB_GLOBAL_VARIANTS','BAD_RECOMMENDATIONS','NO_RECOMMENDATIONS', 'PACKAGE_ARCHS','PACKAGE_CLASSES','TARGET_VENDOR','TARGET_ARCH','TARGET_OS','OVERRIDES','BBEXTENDVARIANT','FEED_DEPLOYDIR_BASE_URI','INTERCEPT_DIR','USE_DEVFS', - 'CONVERSIONTYPES', 'IMAGE_GEN_DEBUGFS', 'ROOTFS_RO_UNNEEDED', 'IMGDEPLOYDIR', 'PACKAGE_EXCLUDE_COMPLEMENTARY', 'REPRODUCIBLE_TIMESTAMP_ROOTFS', 'IMAGE_INSTALL_DEBUGFS'] + 'CONVERSIONTYPES', 'IMAGE_GEN_PKGDBFS', 'IMAGE_GEN_DEBUGFS', 'ROOTFS_RO_UNNEEDED', 'IMGDEPLOYDIR', 'PACKAGE_EXCLUDE_COMPLEMENTARY', 'REPRODUCIBLE_TIMESTAMP_ROOTFS', + 'IMAGE_INSTALL_DEBUGFS'] variables.extend(rootfs_command_variables(d)) variables.extend(variable_depends(d)) return " ".join(variables) @@ -337,6 +341,17 @@ python do_image_qa_setscene () { } addtask do_image_qa_setscene +def setup_pkgdbfs_variables(d): +d.appendVar('IMAGE_ROOTFS', '-pkgdb') +if d.getVar('IMAGE_LINK_NAME'): +d.appendVar('IMAGE_LINK_NAME', '-pkgdb') +d.appendVar('IMAGE_NAME','-pkgdb') +d.setVar('IMAGE_FSTYPES', 'tar.gz') + +python setup_pkgdbfs () { +setup_pkgdbfs_variables(d) +} + def setup_debugfs_variables(d): d.appendVar('IMAGE_ROOTFS', '-dbg') if d.getVar('IMAGE_LINK_NAME'): @@ -381,6 +396,11 @@ python () { alltypes = d.getVar('IMAGE_FSTYPES').split() typedeps = {} +if d.getVar('IMAGE_GEN_PKGDBFS') == "1": +pkgdbfs_fstypes = ['tar.gz'] +for t in pkgdbfs_fstypes: +alltypes.append("pkgdbfs_" + t) + if d.getVar('IMAGE_GEN_DEBUGFS') == "1": debugfs_fstypes = d.getVar('IMAGE_FSTYPES_DEBUGFS').split() for t in debugfs_fstypes: @@ -393,6 +413,10 @@ python () { basetypes[baset]= [] if t not in basetypes[baset]: basetypes[baset].append(t) +pkgdb = "" +if t.startswith("pkgdbfs_"): +t = t[8:] +pkgdb = "pkgdbfs_" debug = "" if t.startswith("debugfs_"): t = t[8:] @@ -401,6 +425,13 @@ python () { vardeps.add('IMAGE_TYPEDEP:' + t) if baset not in typedeps: typedeps[baset] = set() +deps = [pkgdb + dep for dep in deps] +for dep in deps: +if dep not in alltypes: +alltypes.append(dep) +_add_type(dep) +basedep = _image_base_type(dep) +typedeps[baset].add(basedep) deps = [debug + dep for dep in deps] for dep in deps: if dep not in alltypes: @@ -419,6 +450,7 @@ python () { maskedtypes = (d.getVar('IMAGE_TYPES_MASKED') or "").split() maskedtypes = [dbg + t for t in maskedtypes for dbg in ("", "debugfs_")] +maskedtypes = [pkgdb + t for t in maskedtypes for pkgdb in ("", "pkgdbfs_")] for t in basetypes: vardeps = set() @@ -430,6 +462,11 @@ python () { continue localdata = bb.data.createCopy(d) +pkgdb = "" +if t.startswith("pkgdbfs_"): +
[OE-core] [PATCH v8 2/3] image.bbclass/rootfs: set and unpack package-database
set the package-database of a "lower image" to unpack and build upon when installing packages for the current image. This way a lean image will be created, which only holds the packages that are not already present in the lower image. An image build such could then be used with overlayfs or systemd- sysext to extend the "lower image" on demand; for development purposes on a device running the "lower image" in RO mode for example. A configuration could look as follows: some-core-image.bb inherit image IMAGE_GEN_PKGDBFS = "1" extending-image.bb inherit image IMAGE_BASE_PKGDB = "some-core-image" Signed-off-by: Johannes Schneider --- meta/classes-recipe/image.bbclass | 23 ++-- meta/conf/documentation.conf | 3 +- meta/lib/oe/package_manager/deb/rootfs.py | 2 + meta/lib/oe/package_manager/ipk/rootfs.py | 6 ++- meta/lib/oe/package_manager/rpm/rootfs.py | 7 ++- meta/lib/oe/rootfs.py | 18 +++ meta/lib/oeqa/selftest/cases/imagefeatures.py | 52 ++- 7 files changed, 102 insertions(+), 9 deletions(-) diff --git a/meta/classes-recipe/image.bbclass b/meta/classes-recipe/image.bbclass index 3ccaaa17b8..c573c37cd8 100644 --- a/meta/classes-recipe/image.bbclass +++ b/meta/classes-recipe/image.bbclass @@ -42,8 +42,16 @@ IMAGE_FEATURES ?= "" IMAGE_FEATURES[type] = "list" IMAGE_FEATURES[validitems] += "debug-tweaks read-only-rootfs read-only-rootfs-delayed-postinsts stateless-rootfs empty-root-password allow-empty-password allow-root-login serial-autologin-root post-install-logging overlayfs-etc" -# Generate snapshot of the package database? +# Image layering: +# a "base image" would create a snapshot of the package-database after the +# installation of all packages into the rootfs is done. The next/other image +# "layered on-top" of the former would then import that database and install +# further packages; without reinstalling packages/dependencies that are already +# installed in the layer below. +# Set to '1' in a "base image" recipe, to preserve a snapshot of the package database. IMAGE_GEN_PKGDBFS ?= "0" +# "PN" of a "base image", upon which the current image is to be built upon. +IMAGE_BASE_PKGDB ?= "" # Generate companion debugfs? IMAGE_GEN_DEBUGFS ?= "0" @@ -118,6 +126,15 @@ do_rootfs[depends] += " \ " do_rootfs[recrdeptask] += "do_packagedata" +python () { +# make sure that the 'base image' has been queued in before this +# image wants to unpack and build upon the formers pgkdb +base_image = d.getVar('IMAGE_BASE_PKGDB') +pn = d.getVar('PN') +if base_image and base_image != pn: +d.appendVarFlag("do_rootfs", 'depends', ' '+ base_image + ':do_image_complete') +} + def rootfs_command_variables(d): return ['ROOTFS_POSTPROCESS_COMMAND','ROOTFS_PREPROCESS_COMMAND','ROOTFS_POSTINSTALL_COMMAND','ROOTFS_POSTUNINSTALL_COMMAND','OPKG_PREPROCESS_COMMANDS','OPKG_POSTPROCESS_COMMANDS','IMAGE_POSTPROCESS_COMMAND', 'IMAGE_PREPROCESS_COMMAND','RPM_PREPROCESS_COMMANDS','RPM_POSTPROCESS_COMMANDS','DEB_PREPROCESS_COMMANDS','DEB_POSTPROCESS_COMMANDS'] @@ -134,8 +151,8 @@ def rootfs_variables(d): 'IMAGE_ROOTFS_MAXSIZE','IMAGE_NAME','IMAGE_LINK_NAME','IMAGE_MANIFEST','DEPLOY_DIR_IMAGE','IMAGE_FSTYPES','IMAGE_INSTALL_COMPLEMENTARY','IMAGE_LINGUAS', 'IMAGE_LINGUAS_COMPLEMENTARY', 'IMAGE_LOCALES_ARCHIVE', 'MULTILIBRE_ALLOW_REP','MULTILIB_TEMP_ROOTFS','MULTILIB_VARIANTS','MULTILIBS','ALL_MULTILIB_PACKAGE_ARCHS','MULTILIB_GLOBAL_VARIANTS','BAD_RECOMMENDATIONS','NO_RECOMMENDATIONS', 'PACKAGE_ARCHS','PACKAGE_CLASSES','TARGET_VENDOR','TARGET_ARCH','TARGET_OS','OVERRIDES','BBEXTENDVARIANT','FEED_DEPLOYDIR_BASE_URI','INTERCEPT_DIR','USE_DEVFS', - 'CONVERSIONTYPES', 'IMAGE_GEN_PKGDBFS', 'IMAGE_GEN_DEBUGFS', 'ROOTFS_RO_UNNEEDED', 'IMGDEPLOYDIR', 'PACKAGE_EXCLUDE_COMPLEMENTARY', 'REPRODUCIBLE_TIMESTAMP_ROOTFS', - 'IMAGE_INSTALL_DEBUGFS'] + 'CONVERSIONTYPES', 'IMAGE_GEN_PKGDBFS', 'IMAGE_BASE_PKGDB', 'IMAGE_GEN_DEBUGFS', 'ROOTFS_RO_UNNEEDED', 'IMGDEPLOYDIR', 'PACKAGE_EXCLUDE_COMPLEMENTARY', + 'REPRODUCIBLE_TIMESTAMP_ROOTFS', 'IMAGE_INSTALL_DEBUGFS'] variables.extend(rootfs_command_variables(d)) variables.extend(variable_depends(d)) return " ".join(variables) diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf index 36aebb59ab..9f493cfe96 100644 --- a/meta/conf/documentation.conf +++ b/meta/conf/documentation.conf @@ -208,6 +208,7 @@ ICECC_PATH[doc] = "The location of the icecc binary." ICECC_CLASS_DISABLE[doc] = "Identifies user classes that you do not want the Icecream distributed compile support to consider." ICECC_RECIPE_DISABLE[doc] = "Identifies user recipes that you do not want the Icecream distributed compile support to consider." ICECC_RECIPE_ENABLE[doc] = "Identifies user recipes that use