[OE-core] [PATCH 3/4] tclibc-newlib: update security cflags override
It appears that it is no longer necessary to disable security cflags for
newlib targets, with the exception of RISCV architectures where the linker
does not support PIE
Signed-off-by: Alejandro Enedino Hernandez Samaniego
---
meta/conf/distro/include/tclibc-newlib.inc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/conf/distro/include/tclibc-newlib.inc
b/meta/conf/distro/include/tclibc-newlib.inc
index 238b430e49..34318b2454 100644
--- a/meta/conf/distro/include/tclibc-newlib.inc
+++ b/meta/conf/distro/include/tclibc-newlib.inc
@@ -42,6 +42,6 @@ TOOLCHAIN_HOST_TASK ?=
"packagegroup-cross-canadian-${MACHINE} nativesdk-qemu na
TOOLCHAIN_TARGET_TASK ?= "${LIBC_DEPENDENCIES}"
TOOLCHAIN_NEED_CONFIGSITE_CACHE:remove = "zlib ncurses"
-# disable pie security flags by default
-SECURITY_CFLAGS:libc-newlib = "${SECURITY_NOPIE_CFLAGS}"
-SECURITY_LDFLAGS:libc-newlib = ""
+# disable pie security flags by default since RISCV linker doesnt support them
+SECURITY_CFLAGS:libc-newlib:qemuriscv32 = "${SECURITY_NOPIE_CFLAGS}"
+SECURITY_CFLAGS:libc-newlib:qemuriscv64 = "${SECURITY_NOPIE_CFLAGS}"
--
2.45.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199546):
https://lists.openembedded.org/g/openembedded-core/message/199546
Mute This Topic: https://lists.openembedded.org/mt/106182791/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 4/4] tclibc-picolibc: Adds a new TCLIBC variant to build with picolibc as C library
Enables usage of TCLIBC=picolibc extending OE functionality to build and use
picolibc based toolchains to build baremetal applications.
Picolibc is a set of standard C libraries, both libc and libm, designed for
smaller embedded systems with limited ROM and RAM. Picolibc includes code
from Newlib and AVR Libc, but adresses some of newlibs concerns, it retains
newlibs directory structure, math, string and locale implementations, but
removed the GPL bits used to build the library, swiches old C style code for
C18 and replaces autotools with meson.
This patch adds a picolibc recipe for the C library, a picolibc-helloworld
recipe that contains an example application and a testcase that builds it.
Picolibc can be built for ARM and RISCV architectures, its been tested both
for 32 and 64 bits, the provided example recipe produces the following output:
hello, world
Runqemu does not automatically show any output since it hides QEMU stderr which
is where the QEMU monitors output is directed to when using semihosting, but,
manually running the same QEMU command does work properly.
Signed-off-by: Alejandro Enedino Hernandez Samaniego
---
meta/classes-recipe/baremetal-image.bbclass | 4 +-
meta/classes-recipe/cross-canadian.bbclass| 2 +-
meta/conf/distro/include/maintainers.inc | 2 +
meta/conf/distro/include/tclibc-picolibc.inc | 40 ++
meta/conf/documentation.conf | 2 +-
.../conf/machine/include/riscv/arch-riscv.inc | 1 +
meta/lib/oeqa/selftest/cases/picolibc.py | 13 ++
.../picolibc/picolibc-helloworld_git.bb | 40 ++
meta/recipes-core/picolibc/picolibc.inc | 21
.../avoid_polluting_cross_directories.patch | 119 ++
meta/recipes-core/picolibc/picolibc_git.bb| 36 ++
meta/recipes-devtools/gcc/gcc-cross.inc | 1 +
meta/recipes-devtools/gcc/gcc-runtime.inc | 3 +
meta/recipes-devtools/gcc/libgcc-common.inc | 5 +
14 files changed, 285 insertions(+), 4 deletions(-)
create mode 100644 meta/conf/distro/include/tclibc-picolibc.inc
create mode 100644 meta/lib/oeqa/selftest/cases/picolibc.py
create mode 100644 meta/recipes-core/picolibc/picolibc-helloworld_git.bb
create mode 100644 meta/recipes-core/picolibc/picolibc.inc
create mode 100644
meta/recipes-core/picolibc/picolibc/avoid_polluting_cross_directories.patch
create mode 100644 meta/recipes-core/picolibc/picolibc_git.bb
diff --git a/meta/classes-recipe/baremetal-image.bbclass
b/meta/classes-recipe/baremetal-image.bbclass
index 4e7d413626..27f2d2d10a 100644
--- a/meta/classes-recipe/baremetal-image.bbclass
+++ b/meta/classes-recipe/baremetal-image.bbclass
@@ -16,8 +16,8 @@
# See meta-skeleton for a working example.
-# Toolchain should be baremetal or newlib based.
-# TCLIBC="baremetal" or TCLIBC="newlib"
+# Toolchain should be baremetal or newlib/picolibc based.
+# TCLIBC="baremetal" or TCLIBC="newlib" or TCLIBC="picolibc"
COMPATIBLE_HOST:libc-musl:class-target = "null"
COMPATIBLE_HOST:libc-glibc:class-target = "null"
diff --git a/meta/classes-recipe/cross-canadian.bbclass
b/meta/classes-recipe/cross-canadian.bbclass
index 1670217d69..059d9aa95f 100644
--- a/meta/classes-recipe/cross-canadian.bbclass
+++ b/meta/classes-recipe/cross-canadian.bbclass
@@ -36,7 +36,7 @@ python () {
if d.getVar("MODIFYTOS") != "1":
return
-if d.getVar("TCLIBC") in [ 'baremetal', 'newlib' ]:
+if d.getVar("TCLIBC") in [ 'baremetal', 'newlib', 'picolibc' ]:
return
tos = d.getVar("TARGET_OS")
diff --git a/meta/conf/distro/include/maintainers.inc
b/meta/conf/distro/include/maintainers.inc
index 014cf32e40..bb75d147fe 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -579,6 +579,8 @@ RECIPE_MAINTAINER:pn-pcmanfm = "Alexander Kanavin
"
RECIPE_MAINTAINER:pn-perf = "Bruce Ashfield "
RECIPE_MAINTAINER:pn-perl = "Alexander Kanavin "
RECIPE_MAINTAINER:pn-perlcross = "Alexander Kanavin "
+RECIPE_MAINTAINER:pn-picolibc = "Alejandro Hernandez "
+RECIPE_MAINTAINER:pn-picolibc-helloworld = "Alejandro Hernandez
"
RECIPE_MAINTAINER:pn-piglit = "Ross Burton "
RECIPE_MAINTAINER:pn-pigz = "Hongxu Jia "
RECIPE_MAINTAINER:pn-pinentry = "Unassigned "
diff --git a/meta/conf/distro/include/tclibc-picolibc.inc
b/meta/conf/distro/include/tclibc-picolibc.inc
new file mode 100644
index 00..203765dfcb
--- /dev/null
+++ b/meta/conf/distro/include/tclibc-picolibc.inc
@@ -0,0 +1,40 @@
+#
+# Picolibc configuration
+#
+
+LIBCEXTENSION = "-picolibc"
+LIBCOVERRIDE = ":libc-picolibc"
+
+PREFERRED_PROVIDER_virtual/libc ?= "picolibc"
+PREFERRED_PROVIDER_virtual/libiconv ?= "picolibc"
+PREFERRED_PROVIDER_virtual/libintl ?= "picolibc"
+PREFERRED_PROVIDER_virtual/nativesdk-libintl ?= "nativesdk-glibc"
+PREFERRED_PROVIDER_virtual/nativesdk-libiconv ?= "nativesdk-glibc"
+
+DISTRO_FEATURES_BACKFILL_CONSIDERED += "ldconfig"
+
+IMAGE_LINGUAS = ""
+
+LIBC_DEPENDENCIES = " \
+
[OE-core] [PATCH 2/4] meson: Allow exe_wrapper to be overriden
When the meson build configuration file is generated the exe_wrapper value
was being hardcoded, however, there may be applications which require for us
to use a different value.
To allow for this value to be manually set; create a variable EXEWRAPPER_EXE
that defaults to ${WORKDIR}/meson-qemuwrapper, allowing us to easily change
its when required without modifying its default functionality.
Signed-off-by: Alejandro Enedino Hernandez Samaniego
---
meta/classes-recipe/meson.bbclass | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/meta/classes-recipe/meson.bbclass
b/meta/classes-recipe/meson.bbclass
index 03fa2c06eb..864135d78b 100644
--- a/meta/classes-recipe/meson.bbclass
+++ b/meta/classes-recipe/meson.bbclass
@@ -8,6 +8,7 @@ inherit python3native meson-routines qemu
DEPENDS:append = " meson-native ninja-native"
+EXEWRAPPER_EXE ?= "exe_wrapper = '${WORKDIR}/meson-qemuwrapper'"
EXEWRAPPER_ENABLED:class-native = "False"
EXEWRAPPER_ENABLED:class-nativesdk = "False"
EXEWRAPPER_ENABLED ?= "${@bb.utils.contains('MACHINE_FEATURES',
'qemu-usermode', 'True', 'False', d)}"
@@ -61,7 +62,7 @@ def rust_tool(d, target_var):
return "rust = %s" % repr(cmd)
addtask write_config before do_configure
-do_write_config[vardeps] += "CC CXX AR NM STRIP READELF OBJCOPY CFLAGS
CXXFLAGS LDFLAGS RUSTC RUSTFLAGS EXEWRAPPER_ENABLED"
+do_write_config[vardeps] += "CC CXX AR NM STRIP READELF OBJCOPY CFLAGS
CXXFLAGS LDFLAGS RUSTC RUSTFLAGS EXEWRAPPER_ENABLED EXEWRAPPER_EXE"
do_write_config() {
# This needs to be Py to split the args into single-element lists
cat >${WORKDIR}/meson.cross <
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199545):
https://lists.openembedded.org/g/openembedded-core/message/199545
Mute This Topic: https://lists.openembedded.org/mt/106182790/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/4] newlib: Use mcmodel=medany for RISCV64
It was previously discovered that mcmodel=medany should be used for RISCV64,
however this was only being set for the applications themselves, but not for
newlib, this meant that we ended up with C library that used a code model and
an application that used another one which is not something we want.
Pass mcmodel=medany when building newlib for RISCV64 as well.
Also, s/CFLAGS/TARGET_CFLAGS to standarize across recipes, the variable
expansion provides no functional difference at this point.
Signed-off-by: Alejandro Enedino Hernandez Samaniego
---
meta/classes-recipe/baremetal-image.bbclass | 2 +-
meta/recipes-core/newlib/newlib.inc | 8
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/meta/classes-recipe/baremetal-image.bbclass
b/meta/classes-recipe/baremetal-image.bbclass
index b9a584351a..4e7d413626 100644
--- a/meta/classes-recipe/baremetal-image.bbclass
+++ b/meta/classes-recipe/baremetal-image.bbclass
@@ -103,7 +103,7 @@ QB_OPT_APPEND:append:qemuriscv32 = " -bios none"
# since medlow can only access addresses below 0x8000 and RAM
# starts at 0x8000 on RISC-V 64
# Keep RISC-V 32 using -mcmodel=medlow (symbols lie between -2GB:2GB)
-CFLAGS:append:qemuriscv64 = " -mcmodel=medany"
+TARGET_CFLAGS:append:qemuriscv64 = " -mcmodel=medany"
## Emulate image.bbclass
diff --git a/meta/recipes-core/newlib/newlib.inc
b/meta/recipes-core/newlib/newlib.inc
index 6113f5e831..34b0f3f747 100644
--- a/meta/recipes-core/newlib/newlib.inc
+++ b/meta/recipes-core/newlib/newlib.inc
@@ -28,6 +28,14 @@ B = "${WORKDIR}/build"
## disable stdlib
TARGET_CC_ARCH:append = " -nostdlib"
+# Both the C library and the application should share the same mcmodel.
+# Use the medium-any code model for the RISC-V 64 bit implementation,
+# since medlow can only access addresses below 0x8000 and RAM
+# starts at 0x8000 on RISC-V 64
+# Keep RISC-V 32 using -mcmodel=medlow (symbols lie between -2GB:2GB)
+TARGET_CFLAGS:append:qemuriscv64 = " -mcmodel=medany"
+
+
EXTRA_OECONF = " \
--build=${BUILD_SYS} \
--target=${TARGET_SYS} \
--
2.45.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199544):
https://lists.openembedded.org/g/openembedded-core/message/199544
Mute This Topic: https://lists.openembedded.org/mt/106182788/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/4] rust: correctly link rust-snapshot into build/stage0
I can however resend with the text disabled so that existing patches can
stay in master-next.
Alex
On Sun 19. May 2024 at 2.27, Alexander Kanavin
wrote:
> This is intentional and known. The expectation is that fixes by
> maintainers of the test will come shortly.
>
> Alex
>
> On Sat 18. May 2024 at 23.55, Alexandre Belloni <
> alexandre.bell...@bootlin.com> wrote:
>
>> ello,
>>
>> The series broke the -tc builds as
>> rust.RustSelfTestSystemEmulated.test_rust is failing:
>>
>>
>>
>> https://autobuilder.yoctoproject.org/typhoon/#/builders/151/builds/1723/steps/12/logs/stdio
>>
>> https://autobuilder.yoctoproject.org/typhoon/#/builders/154/builds/1715/steps/12/logs/stdio
>>
>> https://autobuilder.yoctoproject.org/typhoon/#/builders/148/builds/1711/steps/12/logs/stdio
>>
>> https://autobuilder.yoctoproject.org/typhoon/#/builders/145/builds/1700/steps/12/logs/stdio
>>
>> On 16/05/2024 13:21:08+0200, Alexander Kanavin wrote:
>> > From: Alexander Kanavin
>> >
>> > This does not seem to be used in regular builds, but is beneficial
>> > in rust selftest, where it allows dropping a custom patch
>> > that is unsuitable for upstream (and was rejected by them).
>> >
>> > Also remove an obsolete comment that seems related to the code
>> > but describes something that was resolved long time ago.
>> >
>> > I have confirmed that the rust selftest continues to pass with just
>> > this one commit on top of master (as the following changes do break
>> > the selftest).
>> >
>> > Signed-off-by: Alexander Kanavin
>> > ---
>> > .../rust/files/cargo-path.patch | 37 ---
>> > meta/recipes-devtools/rust/rust-source.inc| 1 -
>> > meta/recipes-devtools/rust/rust_1.75.0.bb | 6 +--
>> > 3 files changed, 2 insertions(+), 42 deletions(-)
>> > delete mode 100644 meta/recipes-devtools/rust/files/cargo-path.patch
>> >
>> > diff --git a/meta/recipes-devtools/rust/files/cargo-path.patch
>> b/meta/recipes-devtools/rust/files/cargo-path.patch
>> > deleted file mode 100644
>> > index 9a50c402201..000
>> > --- a/meta/recipes-devtools/rust/files/cargo-path.patch
>> > +++ /dev/null
>> > @@ -1,37 +0,0 @@
>> > -Fix the cargo binary path error and ensure that it is fetched
>> > -during rustc bootstrap in rust oe-selftest.
>> > -
>> > -==
>> > -ERROR: test_cargoflags (bootstrap_test.BuildBootstrap)
>> > ---
>> > -Traceback (most recent call last):
>> > - File
>> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py",
>> line 157, in test_cargoflags
>> > -args, _ = self.build_args(env={"CARGOFLAGS": "--timings"})
>> > - File
>> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py",
>> line 154, in build_args
>> > -return build.build_bootstrap_cmd(env), env
>> > - File
>> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap.py",
>> line 960, in build_bootstrap_cmd
>> > -raise Exception("no cargo executable found at `{}`".format(
>> > -Exception: no cargo executable found at
>> `/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/build/x86_64-unknown-linux-gnu/stage0/bin/cargo`
>> > -
>> > -Upstream-Status: Submitted [
>> https://github.com/rust-lang/rust/pull/120125]
>> > -
>> > -Signed-off-by: Yash Shinde
>> >
>> > -diff --git a/src/bootstrap/bootstrap.py b/src/bootstrap/bootstrap.py
>> > a/src/bootstrap/bootstrap.py
>> > -+++ b/src/bootstrap/bootstrap.py
>> > -@@ -954,9 +954,11 @@
>> > - if "RUSTFLAGS_BOOTSTRAP" in env:
>> > - env["RUSTFLAGS"] += " " + env["RUSTFLAGS_BOOTSTRAP"]
>> > -
>> > --env["PATH"] = os.path.join(self.bin_root(), "bin") + \
>> > --os.pathsep + env["PATH"]
>> > --if not os.path.isfile(self.cargo()):
>> > -+cargo_bin_path = os.path.join(self.bin_root(), "bin", "cargo")
>> > -+if not os.path.isfile(cargo_bin_path):
>> > -+cargo_bin_path = os.getenv("RUST_TARGET_PATH") +
>> "rust-snapshot/bin/cargo"
>> > -+env["PATH"] = os.path.dirname(cargo_bin_path) +
>> os.pathsep + env["PATH"]
>> > -+else:
>> > - raise Exception("no cargo executable found at
>> `{}`".format(
>> > - self.cargo()))
>> > - args = [self.cargo(), "build", "--manifest-path",
>> > diff --git a/meta/recipes-devtools/rust/rust-source.inc
>> b/meta/recipes-devtools/rust/rust-source.inc
>> > index b14221b6cb8..c83c8ec3a39 100644
>> > --- a/meta/recipes-devtools/rust/rust-source.inc
>> > +++ b/meta/recipes-devtools/rust/rust-source.inc
>> > @@ -7,7 +7,6 @@ SRC_URI += "
>> https://static.rust-lang.org/dist/rustc-${RUST_VERSION}-src.tar.xz;n
>> > file://rv32-missing-syscalls.patch;patchdir=${RUSTSRC} \
>> >
Re: [OE-core] [PATCH 1/4] rust: correctly link rust-snapshot into build/stage0
This is intentional and known. The expectation is that fixes by maintainers
of the test will come shortly.
Alex
On Sat 18. May 2024 at 23.55, Alexandre Belloni <
alexandre.bell...@bootlin.com> wrote:
> ello,
>
> The series broke the -tc builds as
> rust.RustSelfTestSystemEmulated.test_rust is failing:
>
>
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/151/builds/1723/steps/12/logs/stdio
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/154/builds/1715/steps/12/logs/stdio
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/148/builds/1711/steps/12/logs/stdio
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/145/builds/1700/steps/12/logs/stdio
>
> On 16/05/2024 13:21:08+0200, Alexander Kanavin wrote:
> > From: Alexander Kanavin
> >
> > This does not seem to be used in regular builds, but is beneficial
> > in rust selftest, where it allows dropping a custom patch
> > that is unsuitable for upstream (and was rejected by them).
> >
> > Also remove an obsolete comment that seems related to the code
> > but describes something that was resolved long time ago.
> >
> > I have confirmed that the rust selftest continues to pass with just
> > this one commit on top of master (as the following changes do break
> > the selftest).
> >
> > Signed-off-by: Alexander Kanavin
> > ---
> > .../rust/files/cargo-path.patch | 37 ---
> > meta/recipes-devtools/rust/rust-source.inc| 1 -
> > meta/recipes-devtools/rust/rust_1.75.0.bb | 6 +--
> > 3 files changed, 2 insertions(+), 42 deletions(-)
> > delete mode 100644 meta/recipes-devtools/rust/files/cargo-path.patch
> >
> > diff --git a/meta/recipes-devtools/rust/files/cargo-path.patch
> b/meta/recipes-devtools/rust/files/cargo-path.patch
> > deleted file mode 100644
> > index 9a50c402201..000
> > --- a/meta/recipes-devtools/rust/files/cargo-path.patch
> > +++ /dev/null
> > @@ -1,37 +0,0 @@
> > -Fix the cargo binary path error and ensure that it is fetched
> > -during rustc bootstrap in rust oe-selftest.
> > -
> > -==
> > -ERROR: test_cargoflags (bootstrap_test.BuildBootstrap)
> > ---
> > -Traceback (most recent call last):
> > - File
> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py",
> line 157, in test_cargoflags
> > -args, _ = self.build_args(env={"CARGOFLAGS": "--timings"})
> > - File
> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py",
> line 154, in build_args
> > -return build.build_bootstrap_cmd(env), env
> > - File
> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap.py",
> line 960, in build_bootstrap_cmd
> > -raise Exception("no cargo executable found at `{}`".format(
> > -Exception: no cargo executable found at
> `/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/build/x86_64-unknown-linux-gnu/stage0/bin/cargo`
> > -
> > -Upstream-Status: Submitted [
> https://github.com/rust-lang/rust/pull/120125]
> > -
> > -Signed-off-by: Yash Shinde
> >
> > -diff --git a/src/bootstrap/bootstrap.py b/src/bootstrap/bootstrap.py
> > a/src/bootstrap/bootstrap.py
> > -+++ b/src/bootstrap/bootstrap.py
> > -@@ -954,9 +954,11 @@
> > - if "RUSTFLAGS_BOOTSTRAP" in env:
> > - env["RUSTFLAGS"] += " " + env["RUSTFLAGS_BOOTSTRAP"]
> > -
> > --env["PATH"] = os.path.join(self.bin_root(), "bin") + \
> > --os.pathsep + env["PATH"]
> > --if not os.path.isfile(self.cargo()):
> > -+cargo_bin_path = os.path.join(self.bin_root(), "bin", "cargo")
> > -+if not os.path.isfile(cargo_bin_path):
> > -+cargo_bin_path = os.getenv("RUST_TARGET_PATH") +
> "rust-snapshot/bin/cargo"
> > -+env["PATH"] = os.path.dirname(cargo_bin_path) + os.pathsep
> + env["PATH"]
> > -+else:
> > - raise Exception("no cargo executable found at `{}`".format(
> > - self.cargo()))
> > - args = [self.cargo(), "build", "--manifest-path",
> > diff --git a/meta/recipes-devtools/rust/rust-source.inc
> b/meta/recipes-devtools/rust/rust-source.inc
> > index b14221b6cb8..c83c8ec3a39 100644
> > --- a/meta/recipes-devtools/rust/rust-source.inc
> > +++ b/meta/recipes-devtools/rust/rust-source.inc
> > @@ -7,7 +7,6 @@ SRC_URI += "
> https://static.rust-lang.org/dist/rustc-${RUST_VERSION}-src.tar.xz;n
> > file://rv32-missing-syscalls.patch;patchdir=${RUSTSRC} \
> > file://rv32-rustix-libc-backend.patch;patchdir=${RUSTSRC} \
> >
> file://rv32-cargo-rustix-0.38.19-fix.patch;patchdir=${RUSTSRC} \
> > -file://cargo-path.patch;patchdir=${RUSTSRC} \
> > file://custom-target-cfg.patch;patchdir=${RUSTSRC} \
> >
Re: [OE-core] [PATCH 4/4] glib-networking: upgrade 2.78.1 -> 2.80.0
New ptest failures:
{'glib-networking': ['glib-networking/file-database-gnutls.test',
'glib-networking/connection-gnutls.test']}
https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/6619/steps/12/logs/stdio
https://autobuilder.yocto.io/pub/non-release/20240518-15/testresults/qemux86-64-ptest/glib-networking.log
(/usr/libexec/installed-tests/glib-networking/file-database-gnutls:395):
GLib-Net-WARNING **: 14:05:34.707: Failed to load TLS database: System trust
contains zero trusted certificates; please investigate your GnuTLS configuration
FAIL: glib-networking/file-database-gnutls.test (Child process killed by signal
5)
On 16/05/2024 18:51:29+0800, Anuj Mittal wrote:
> Signed-off-by: Anuj Mittal
> ---
> meta/recipes-core/glib-networking/glib-networking/eagain.patch | 2 +-
> .../{glib-networking_2.78.1.bb => glib-networking_2.80.0.bb}| 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
> rename meta/recipes-core/glib-networking/{glib-networking_2.78.1.bb =>
> glib-networking_2.80.0.bb} (95%)
>
> diff --git a/meta/recipes-core/glib-networking/glib-networking/eagain.patch
> b/meta/recipes-core/glib-networking/glib-networking/eagain.patch
> index 6c2e3c634b7..88ac15e7d7c 100644
> --- a/meta/recipes-core/glib-networking/glib-networking/eagain.patch
> +++ b/meta/recipes-core/glib-networking/glib-networking/eagain.patch
> @@ -1,4 +1,4 @@
> -From 5604707bed4b4a4bc4658c7158a18c1774775775 Mon Sep 17 00:00:00 2001
> +From 1bd273b207044a77fba6a6a57a743a1768b2676b Mon Sep 17 00:00:00 2001
> From: Richard Purdie
> Date: Sat, 6 May 2023 12:18:50 +0100
> Subject: [PATCH] In autobuilder testing we regularly see glib-networking
> ptest
> diff --git a/meta/recipes-core/glib-networking/glib-networking_2.78.1.bb
> b/meta/recipes-core/glib-networking/glib-networking_2.80.0.bb
> similarity index 95%
> rename from meta/recipes-core/glib-networking/glib-networking_2.78.1.bb
> rename to meta/recipes-core/glib-networking/glib-networking_2.80.0.bb
> index 5060d9fd7a1..c8a13555486 100644
> --- a/meta/recipes-core/glib-networking/glib-networking_2.78.1.bb
> +++ b/meta/recipes-core/glib-networking/glib-networking_2.80.0.bb
> @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM =
> "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
> SECTION = "libs"
> DEPENDS = "glib-2.0-native glib-2.0"
>
> -SRC_URI[archive.sha256sum] =
> "e48f2ddbb049832cbb09230529c5e45daca9f0df0eda325f832f7379859bf09f"
> +SRC_URI[archive.sha256sum] =
> "d8f4f1aab213179ae3351617b59dab5de6bcc9e785021eee178998ebd4bb3acf"
>
> # Upstream note that for the openssl backend, half the tests where this
> backend don't return
> # the expected error code or don't work as expected so default to gnutls
> --
> 2.45.0
>
>
>
>
--
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199541):
https://lists.openembedded.org/g/openembedded-core/message/199541
Mute This Topic: https://lists.openembedded.org/mt/106132074/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/4] rust: correctly link rust-snapshot into build/stage0
ello,
The series broke the -tc builds as
rust.RustSelfTestSystemEmulated.test_rust is failing:
https://autobuilder.yoctoproject.org/typhoon/#/builders/151/builds/1723/steps/12/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/154/builds/1715/steps/12/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/148/builds/1711/steps/12/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/145/builds/1700/steps/12/logs/stdio
On 16/05/2024 13:21:08+0200, Alexander Kanavin wrote:
> From: Alexander Kanavin
>
> This does not seem to be used in regular builds, but is beneficial
> in rust selftest, where it allows dropping a custom patch
> that is unsuitable for upstream (and was rejected by them).
>
> Also remove an obsolete comment that seems related to the code
> but describes something that was resolved long time ago.
>
> I have confirmed that the rust selftest continues to pass with just
> this one commit on top of master (as the following changes do break
> the selftest).
>
> Signed-off-by: Alexander Kanavin
> ---
> .../rust/files/cargo-path.patch | 37 ---
> meta/recipes-devtools/rust/rust-source.inc| 1 -
> meta/recipes-devtools/rust/rust_1.75.0.bb | 6 +--
> 3 files changed, 2 insertions(+), 42 deletions(-)
> delete mode 100644 meta/recipes-devtools/rust/files/cargo-path.patch
>
> diff --git a/meta/recipes-devtools/rust/files/cargo-path.patch
> b/meta/recipes-devtools/rust/files/cargo-path.patch
> deleted file mode 100644
> index 9a50c402201..000
> --- a/meta/recipes-devtools/rust/files/cargo-path.patch
> +++ /dev/null
> @@ -1,37 +0,0 @@
> -Fix the cargo binary path error and ensure that it is fetched
> -during rustc bootstrap in rust oe-selftest.
> -
> -==
> -ERROR: test_cargoflags (bootstrap_test.BuildBootstrap)
> ---
> -Traceback (most recent call last):
> - File
> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py",
> line 157, in test_cargoflags
> -args, _ = self.build_args(env={"CARGOFLAGS": "--timings"})
> - File
> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py",
> line 154, in build_args
> -return build.build_bootstrap_cmd(env), env
> - File
> "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap.py",
> line 960, in build_bootstrap_cmd
> -raise Exception("no cargo executable found at `{}`".format(
> -Exception: no cargo executable found at
> `/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/build/x86_64-unknown-linux-gnu/stage0/bin/cargo`
> -
> -Upstream-Status: Submitted [https://github.com/rust-lang/rust/pull/120125]
> -
> -Signed-off-by: Yash Shinde
>
> -diff --git a/src/bootstrap/bootstrap.py b/src/bootstrap/bootstrap.py
> a/src/bootstrap/bootstrap.py
> -+++ b/src/bootstrap/bootstrap.py
> -@@ -954,9 +954,11 @@
> - if "RUSTFLAGS_BOOTSTRAP" in env:
> - env["RUSTFLAGS"] += " " + env["RUSTFLAGS_BOOTSTRAP"]
> -
> --env["PATH"] = os.path.join(self.bin_root(), "bin") + \
> --os.pathsep + env["PATH"]
> --if not os.path.isfile(self.cargo()):
> -+cargo_bin_path = os.path.join(self.bin_root(), "bin", "cargo")
> -+if not os.path.isfile(cargo_bin_path):
> -+cargo_bin_path = os.getenv("RUST_TARGET_PATH") +
> "rust-snapshot/bin/cargo"
> -+env["PATH"] = os.path.dirname(cargo_bin_path) + os.pathsep +
> env["PATH"]
> -+else:
> - raise Exception("no cargo executable found at `{}`".format(
> - self.cargo()))
> - args = [self.cargo(), "build", "--manifest-path",
> diff --git a/meta/recipes-devtools/rust/rust-source.inc
> b/meta/recipes-devtools/rust/rust-source.inc
> index b14221b6cb8..c83c8ec3a39 100644
> --- a/meta/recipes-devtools/rust/rust-source.inc
> +++ b/meta/recipes-devtools/rust/rust-source.inc
> @@ -7,7 +7,6 @@ SRC_URI +=
> "https://static.rust-lang.org/dist/rustc-${RUST_VERSION}-src.tar.xz;n
> file://rv32-missing-syscalls.patch;patchdir=${RUSTSRC} \
> file://rv32-rustix-libc-backend.patch;patchdir=${RUSTSRC} \
> file://rv32-cargo-rustix-0.38.19-fix.patch;patchdir=${RUSTSRC} \
> -file://cargo-path.patch;patchdir=${RUSTSRC} \
> file://custom-target-cfg.patch;patchdir=${RUSTSRC} \
> file://rustc-bootstrap.patch;patchdir=${RUSTSRC} \
> file://target-build-value.patch;patchdir=${RUSTSRC} \
> diff --git a/meta/recipes-devtools/rust/rust_1.75.0.bb
> b/meta/recipes-devtools/rust/rust_1.75.0.bb
> index 76e1fe2d84a..8ef838ee90c 100644
> --- a/meta/recipes-devtools/rust/rust_1.75.0.bb
> +++ b/meta/recipes-devtools/rust/rust_1.75.0.bb
> @@ -35,8
[OE-core][PATCH 2/2] ncurses: Upgrade 6.4 -> 6.5
From: Peter Marko
Removed 4 backported patched included in this release.
Updated patches by devtool.
License-Update: copyright years refreshed
Signed-off-by: Peter Marko
---
.../files/0001-Fix-CVE-2023-29491.patch | 462
...eset-code-ncurses-6.4-patch-20231104.patch | 499 --
.../ncurses/files/0001-tic-hang.patch | 11 +-
.../files/0002-configure-reproducible.patch | 7 +-
...-Do-not-include-LDFLAGS-in-generated.patch | 5 +-
.../ncurses/files/CVE-2023-45918.patch| 180 ---
.../ncurses/files/CVE-2023-50495.patch| 301 ---
.../ncurses/files/exit_prototype.patch| 11 +-
meta/recipes-core/ncurses/ncurses.inc | 2 +-
.../{ncurses_6.4.bb => ncurses_6.5.bb}| 6 +-
10 files changed, 16 insertions(+), 1468 deletions(-)
delete mode 100644
meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch
delete mode 100644
meta/recipes-core/ncurses/files/0001-Updating-reset-code-ncurses-6.4-patch-20231104.patch
delete mode 100644 meta/recipes-core/ncurses/files/CVE-2023-45918.patch
delete mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch
rename meta/recipes-core/ncurses/{ncurses_6.4.bb => ncurses_6.5.bb} (68%)
diff --git a/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch
b/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch
deleted file mode 100644
index 1232c8c2a8..00
--- a/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch
+++ /dev/null
@@ -1,462 +0,0 @@
-From 3d54a41f12e9aa059f06e66e72d872f2283395b6 Mon Sep 17 00:00:00 2001
-From: Chen Qi
-Date: Sun, 30 Jul 2023 21:14:00 -0700
-Subject: [PATCH] Fix CVE-2023-29491
-
-CVE: CVE-2023-29491
-
-Upstream-Status: Backport
[http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56]
-
-Signed-off-by: Chen Qi
- ncurses/tinfo/lib_tgoto.c | 10 +++-
- ncurses/tinfo/lib_tparm.c | 116 -
- ncurses/tinfo/read_entry.c | 3 +
- progs/tic.c| 6 ++
- progs/tparm_type.c | 9 +++
- progs/tparm_type.h | 2 +
- progs/tput.c | 61 ---
- 7 files changed, 185 insertions(+), 22 deletions(-)
-
-diff --git a/ncurses/tinfo/lib_tgoto.c b/ncurses/tinfo/lib_tgoto.c
-index 9cf5e100..c50ed4df 100644
a/ncurses/tinfo/lib_tgoto.c
-+++ b/ncurses/tinfo/lib_tgoto.c
-@@ -207,6 +207,14 @@ tgoto(const char *string, int x, int y)
- result = tgoto_internal(string, x, y);
- else
- #endif
-- result = TIPARM_2(string, y, x);
-+if ((result = TIPARM_2(string, y, x)) == NULL) {
-+ /*
-+ * Because termcap did not provide a more general solution such as
-+ * tparm(), it was necessary to handle single-parameter capabilities
-+ * using tgoto(). The internal _nc_tiparm() function returns a NULL
-+ * for that case; retry for the single-parameter case.
-+ */
-+ result = TIPARM_1(string, y);
-+}
- returnPtr(result);
- }
-diff --git a/ncurses/tinfo/lib_tparm.c b/ncurses/tinfo/lib_tparm.c
-index d9bdfd8f..a10a3877 100644
a/ncurses/tinfo/lib_tparm.c
-+++ b/ncurses/tinfo/lib_tparm.c
-@@ -1086,6 +1086,64 @@ tparam_internal(TPARM_STATE *tps, const char *string,
TPARM_DATA *data)
- return (TPS(out_buff));
- }
-
-+#ifdef CUR
-+/*
-+ * Only a few standard capabilities accept string parameters. The others that
-+ * are parameterized accept only numeric parameters.
-+ */
-+static bool
-+check_string_caps(TPARM_DATA *data, const char *string)
-+{
-+bool result = FALSE;
-+
-+#define CHECK_CAP(name) (VALID_STRING(name) && !strcmp(name, string))
-+
-+/*
-+ * Disallow string parameters unless we can check them against a terminal
-+ * description.
-+ */
-+if (cur_term != NULL) {
-+ int want_type = 0;
-+
-+ if (CHECK_CAP(pkey_key))
-+ want_type = 2; /* function key #1, type string #2 */
-+ else if (CHECK_CAP(pkey_local))
-+ want_type = 2; /* function key #1, execute string #2 */
-+ else if (CHECK_CAP(pkey_xmit))
-+ want_type = 2; /* function key #1, transmit string #2 */
-+ else if (CHECK_CAP(plab_norm))
-+ want_type = 2; /* label #1, show string #2 */
-+ else if (CHECK_CAP(pkey_plab))
-+ want_type = 6; /* function key #1, type string #2, show string
#3 */
-+#if NCURSES_XNAMES
-+ else {
-+ char *check;
-+
-+ check = tigetstr("Cs");
-+ if (CHECK_CAP(check))
-+ want_type = 1; /* style #1 */
-+
-+ check = tigetstr("Ms");
-+ if (CHECK_CAP(check))
-+ want_type = 3; /* storage unit #1, content #2 */
-+ }
-+#endif
-+
-+ if (want_type == data->tparm_type) {
-+ result = TRUE;
-+ } else {
-+ T(("unexpected string-parameter"));
-+ }
-+}
-+return result;
-+}
-+
-+#define ValidCap()
[OE-core][PATCH 1/2] ncurses: switch to new mirror
From: Peter Marko
github.com/mirror/ncurses is not updated for over a year.
Switch to new mirror from Thomas Dickey (ncurses maintainer).
Sources are identical.
Updated upstream check regex by:
* changed dot to underscore as this repo is tagged like this
* added v prefix to not propose updates to some old tags
* removed third part to not propose updates to development snapshots
Signed-off-by: Peter Marko
---
meta/recipes-core/ncurses/ncurses.inc| 2 +-
meta/recipes-core/ncurses/ncurses_6.4.bb | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-core/ncurses/ncurses.inc
b/meta/recipes-core/ncurses/ncurses.inc
index 761b6a3d31..3b72f3efdd 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -13,7 +13,7 @@ BINCONFIG = "${bindir}/ncurses5-config
${bindir}/ncursesw5-config \
inherit autotools binconfig-disabled multilib_header pkgconfig
# Upstream has useful patches at times at ftp://invisible-island.net/ncurses/
-SRC_URI = "git://github.com/mirror/ncurses.git;protocol=https;branch=master"
+SRC_URI =
"git://github.com/ThomasDickey/ncurses-snapshots.git;protocol=https;branch=master"
EXTRA_AUTORECONF = "-I m4"
diff --git a/meta/recipes-core/ncurses/ncurses_6.4.bb
b/meta/recipes-core/ncurses/ncurses_6.4.bb
index 97130c06d6..61558ecfa8 100644
--- a/meta/recipes-core/ncurses/ncurses_6.4.bb
+++ b/meta/recipes-core/ncurses/ncurses_6.4.bb
@@ -10,10 +10,10 @@ SRC_URI += "file://0001-tic-hang.patch \
file://CVE-2023-45918.patch \
"
# commit id corresponds to the revision in package version
-SRCREV = "79b9071f2be20a24c7be031655a5638f6032f29f"
+SRCREV = "1003914e200fd622a27237abca155ce6bf2e6030"
S = "${WORKDIR}/git"
EXTRA_OECONF += "--with-abi-version=5"
-UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)$"
+UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+_\d+)$"
# This is needed when using patchlevel versions like 6.1+20181013
#CVE_VERSION =
"${@d.getVar("PV").split('+')[0]}.${@d.getVar("PV").split('+')[1]}"
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199538):
https://lists.openembedded.org/g/openembedded-core/message/199538
Mute This Topic: https://lists.openembedded.org/mt/106178307/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core][PATCH] openssl: patch CVE-2024-4603
From: Peter Marko
Advisory: https://github.com/advisories/GHSA-85xr-ghj6-6m46
Signed-off-by: Peter Marko
---
.../openssl/openssl/CVE-2024-4603.patch | 179 ++
.../openssl/openssl_3.3.0.bb | 1 +
2 files changed, 180 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
b/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
new file mode 100644
index 00..cdc3d0d503
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
@@ -0,0 +1,179 @@
+From 53ea06486d296b890d565fb971b2764fcd826e7e Mon Sep 17 00:00:00 2001
+From: Tomas Mraz
+Date: Wed, 8 May 2024 15:23:45 +0200
+Subject: [PATCH] Check DSA parameters for excessive sizes before validating
+
+This avoids overly long computation of various validation
+checks.
+
+Fixes CVE-2024-4603
+
+Reviewed-by: Paul Dale
+Reviewed-by: Matt Caswell
+Reviewed-by: Neil Horman
+Reviewed-by: Shane Lontis
+(Merged from https://github.com/openssl/openssl/pull/24346)
+
+(cherry picked from commit 85ccbab216da245cf9a6503dd327072f21950d9b)
+
+
+
+CVE: CVE-2024-4603
+Upstream-Status: Backport
[https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e]
+Signed-off-by: Peter Marko
+---
+ crypto/dsa/dsa_check.c| 44 --
+ .../invalid/p10240_q256_too_big.pem | 57 +++
+ 2 files changed, 97 insertions(+), 4 deletions(-)
+
+diff --git a/crypto/dsa/dsa_check.c b/crypto/dsa/dsa_check.c
+index 7b6d7df88f..e1375dfad9 100644
+--- a/crypto/dsa/dsa_check.c
b/crypto/dsa/dsa_check.c
+@@ -19,8 +19,34 @@
+ #include "dsa_local.h"
+ #include "crypto/dsa.h"
+
++static int dsa_precheck_params(const DSA *dsa, int *ret)
++{
++if (dsa->params.p == NULL || dsa->params.q == NULL) {
++ERR_raise(ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
++ERR_raise(ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++if (BN_num_bits(dsa->params.q) >= BN_num_bits(dsa->params.p)) {
++ERR_raise(ERR_LIB_DSA, DSA_R_BAD_Q_VALUE);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++return 1;
++}
++
+ int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
+ return ossl_ffc_params_simple_validate(dsa->libctx, >params,
+FFC_PARAM_TYPE_DSA, ret);
+@@ -39,6 +65,9 @@ int ossl_dsa_check_params(const DSA *dsa, int checktype, int
*ret)
+ */
+ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ return ossl_ffc_validate_public_key(>params, pub_key, ret)
+&& *ret == 0;
+ }
+@@ -50,6 +79,9 @@ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM
*pub_key, int *ret)
+ */
+ int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int
*ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ return ossl_ffc_validate_public_key_partial(>params, pub_key, ret)
+&& *ret == 0;
+ }
+@@ -58,8 +90,10 @@ int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM
*priv_key, int *ret)
+ {
+ *ret = 0;
+
+-return (dsa->params.q != NULL
+-&& ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret));
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
++return ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret);
+ }
+
+ /*
+@@ -72,8 +106,10 @@ int ossl_dsa_check_pairwise(const DSA *dsa)
+ BN_CTX *ctx = NULL;
+ BIGNUM *pub_key = NULL;
+
+-if (dsa->params.p == NULL
+-|| dsa->params.g == NULL
++if (!dsa_precheck_params(dsa, ))
++return 0;
++
++if (dsa->params.g == NULL
+ || dsa->priv_key == NULL
+ || dsa->pub_key == NULL)
+ return 0;
+diff --git
a/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
+new file mode 100644
+index 00..e85e2953b7
+--- /dev/null
b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
+@@ -0,0 +1,57 @@
++-BEGIN DSA PARAMETERS-
++MIIKLAKCBQEAym47LzPFZdbz16WvjczLKuzLtsP8yRk/exxL4bBthJhP1qOwctja
++p1586SF7gDxCMn7yWVEYdfRbFefGoq0gj1XOE917XqlbnkmZhMgxut2KbNJo/xil
++XNFUjGvKs3F413U9rAodC8f07cWHP1iTcWL+vPe6u2yilKWYYfnLWHQH+Z6aPrrF
++x/R08LI6DZ6nEsIo+hxaQnEtx+iqNTJC6Q1RIjWDqxQkFVTkJ0Y7miRDXmRdneWk
++oLrMZRpaXr5l5tSjEghh1pBgJcdyOv0lh4dlDy/alAiqE2Qlb667yHl6A9dDPlpW
[OE-core] [PATCH 2/2] libcap-ng-python: upgrade 0.8.4 -> 0.8.5
Changelog:
https://people.redhat.com/sgrubb/libcap-ng/ChangeLog
- Remove python global exception handler since it's deprecated
- Make the utilities link against just built libraries
- Remove unused macro in cap-ng.h
Signed-off-by: Yi Zhao
---
.../{libcap-ng-python_0.8.4.bb => libcap-ng-python_0.8.5.bb} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
rename meta/recipes-support/libcap-ng/{libcap-ng-python_0.8.4.bb =>
libcap-ng-python_0.8.5.bb} (100%)
diff --git a/meta/recipes-support/libcap-ng/libcap-ng-python_0.8.4.bb
b/meta/recipes-support/libcap-ng/libcap-ng-python_0.8.5.bb
similarity index 100%
rename from meta/recipes-support/libcap-ng/libcap-ng-python_0.8.4.bb
rename to meta/recipes-support/libcap-ng/libcap-ng-python_0.8.5.bb
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199536):
https://lists.openembedded.org/g/openembedded-core/message/199536
Mute This Topic: https://lists.openembedded.org/mt/106169198/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/2] libcap-ng: upgrade 0.8.4 -> 0.8.5
Changelog:
https://people.redhat.com/sgrubb/libcap-ng/ChangeLog
- Remove python global exception handler since it's deprecated
- Make the utilities link against just built libraries
- Remove unused macro in cap-ng.h
Drop backport patch fix-issues-with-swig-4-2.patch.
Backport a patch to fix build for libcap-ng-python.
Signed-off-by: Yi Zhao
---
...hon-path-when-invoking-py-compile-54.patch | 34 +++
.../files/fix-issues-with-swig-4-2.patch | 32 -
meta/recipes-support/libcap-ng/libcap-ng.inc | 4 +--
...{libcap-ng_0.8.4.bb => libcap-ng_0.8.5.bb} | 0
4 files changed, 36 insertions(+), 34 deletions(-)
create mode 100644
meta/recipes-support/libcap-ng/files/0001-Fix-python-path-when-invoking-py-compile-54.patch
delete mode 100644
meta/recipes-support/libcap-ng/files/fix-issues-with-swig-4-2.patch
rename meta/recipes-support/libcap-ng/{libcap-ng_0.8.4.bb =>
libcap-ng_0.8.5.bb} (100%)
diff --git
a/meta/recipes-support/libcap-ng/files/0001-Fix-python-path-when-invoking-py-compile-54.patch
b/meta/recipes-support/libcap-ng/files/0001-Fix-python-path-when-invoking-py-compile-54.patch
new file mode 100644
index 00..a0452ad53d
--- /dev/null
+++
b/meta/recipes-support/libcap-ng/files/0001-Fix-python-path-when-invoking-py-compile-54.patch
@@ -0,0 +1,34 @@
+From 1fe7c1cfeea00ba4eb903fbb39b74361594d4835 Mon Sep 17 00:00:00 2001
+From: Jan Palus
+Date: Wed, 10 Apr 2024 21:30:51 +0200
+Subject: [PATCH] Fix python path when invoking py-compile (#54)
+
+48eebb2 replaced custom PYTHON3 variable with PYTHON by using standard
+AM_PATH_PYTHON macro. Makefile however still referred to old one.
+There's no need to set PYTHON explicitly anymore so drop it.
+
+Fixes #53
+
+Upstream-Status: Backport
+[https://github.com/stevegrubb/libcap-ng/commit/1fe7c1cfeea00ba4eb903fbb39b74361594d4835]
+
+Signed-off-by: Yi Zhao
+---
+ bindings/python3/Makefile.am | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/bindings/python3/Makefile.am b/bindings/python3/Makefile.am
+index 70a1dd8..6072fc2 100644
+--- a/bindings/python3/Makefile.am
b/bindings/python3/Makefile.am
+@@ -27,7 +27,6 @@ AM_CPPFLAGS = -I. -I$(top_builddir) $(PYTHON3_INCLUDES)
+ LIBS = ${top_builddir}/src/libcap-ng.la
+ SWIG_FLAGS = -python
+ SWIG_INCLUDES = ${AM_CPPFLAGS}
+-PYTHON = $(PYTHON3)
+ pyexec_PYTHON = capng.py
+ pyexec_LTLIBRARIES = _capng.la
+ pyexec_SOLIBRARIES = _capng.so
+--
+2.25.1
+
diff --git
a/meta/recipes-support/libcap-ng/files/fix-issues-with-swig-4-2.patch
b/meta/recipes-support/libcap-ng/files/fix-issues-with-swig-4-2.patch
deleted file mode 100644
index fb424fe725..00
--- a/meta/recipes-support/libcap-ng/files/fix-issues-with-swig-4-2.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 355eada2d20886287cffc16e304087dd6f66ae37 Mon Sep 17 00:00:00 2001
-From: Steve Grubb
-Date: Thu, 4 Jan 2024 15:06:29 -0500
-Subject: [PATCH] Remove python global exception handler since its deprecated
-
-Upstream-Status: Backport
[https://github.com/stevegrubb/libcap-ng/commit/30453b6553948cd05c438f9f509013e3bb84f25b]
-Signed-off-by: Anuj Mittal
- bindings/src/capng_swig.i | 7 ---
- 1 file changed, 7 deletions(-)
-
-diff --git a/bindings/src/capng_swig.i b/bindings/src/capng_swig.i
-index fcdaf18..fa85e13 100644
a/bindings/src/capng_swig.i
-+++ b/bindings/src/capng_swig.i
-@@ -30,13 +30,6 @@
-
- %varargs(16, signed capability = 0) capng_updatev;
-
--%except(python) {
-- $action
-- if (result < 0) {
--PyErr_SetFromErrno(PyExc_OSError);
--return NULL;
-- }
--}
- #endif
-
- %define __signed__
---
-2.43.2
-
diff --git a/meta/recipes-support/libcap-ng/libcap-ng.inc
b/meta/recipes-support/libcap-ng/libcap-ng.inc
index 845b7c2f0a..12b4002d11 100644
--- a/meta/recipes-support/libcap-ng/libcap-ng.inc
+++ b/meta/recipes-support/libcap-ng/libcap-ng.inc
@@ -8,10 +8,10 @@ LIC_FILES_CHKSUM =
"file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06"
SRC_URI = "https://people.redhat.com/sgrubb/libcap-ng/libcap-ng-${PV}.tar.gz \
- file://fix-issues-with-swig-4-2.patch \
+ file://0001-Fix-python-path-when-invoking-py-compile-54.patch \
"
-SRC_URI[sha256sum] =
"68581d3b38e7553cb6f6ddf7813b1fc99e52856f21421f7b477ce5abd2605a8a"
+SRC_URI[sha256sum] =
"3ba5294d1cbdfa98afaacfbc00b6af9ed2b83e8a21817185dfd844cc8c7ac6ff"
EXTRA_OECONF:append:class-target = "
--with-capability_header=${STAGING_INCDIR}/linux/capability.h"
EXTRA_OECONF:append:class-nativesdk = "
--with-capability_header=${STAGING_INCDIR}/linux/capability.h"
diff --git a/meta/recipes-support/libcap-ng/libcap-ng_0.8.4.bb
b/meta/recipes-support/libcap-ng/libcap-ng_0.8.5.bb
similarity index 100%
rename from meta/recipes-support/libcap-ng/libcap-ng_0.8.4.bb
rename to meta/recipes-support/libcap-ng/libcap-ng_0.8.5.bb
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply
[OE-core][scarthgap][PATCH] openssl: patch CVE-2024-4603
From: Peter Marko
Advisory: https://github.com/advisories/GHSA-85xr-ghj6-6m46
Signed-off-by: Peter Marko
---
.../openssl/openssl/CVE-2024-4603.patch | 179 ++
.../openssl/openssl_3.2.1.bb | 1 +
2 files changed, 180 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
b/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
new file mode 100644
index 00..50fb969c03
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
@@ -0,0 +1,179 @@
+From da343d0605c826ef197aceedc67e8e04f065f740 Mon Sep 17 00:00:00 2001
+From: Tomas Mraz
+Date: Wed, 8 May 2024 15:23:45 +0200
+Subject: [PATCH] Check DSA parameters for excessive sizes before validating
+
+This avoids overly long computation of various validation
+checks.
+
+Fixes CVE-2024-4603
+
+Reviewed-by: Paul Dale
+Reviewed-by: Matt Caswell
+Reviewed-by: Neil Horman
+Reviewed-by: Shane Lontis
+(Merged from https://github.com/openssl/openssl/pull/24346)
+
+(cherry picked from commit 85ccbab216da245cf9a6503dd327072f21950d9b)
+
+
+
+CVE: CVE-2024-4603
+Upstream-Status: Backport
[https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740]
+Signed-off-by: Peter Marko
+---
+ crypto/dsa/dsa_check.c| 44 --
+ .../invalid/p10240_q256_too_big.pem | 57 +++
+ 2 files changed, 97 insertions(+), 4 deletions(-)
+
+diff --git a/crypto/dsa/dsa_check.c b/crypto/dsa/dsa_check.c
+index fb0e9129a2..122449a7bf 100644
+--- a/crypto/dsa/dsa_check.c
b/crypto/dsa/dsa_check.c
+@@ -19,8 +19,34 @@
+ #include "dsa_local.h"
+ #include "crypto/dsa.h"
+
++static int dsa_precheck_params(const DSA *dsa, int *ret)
++{
++if (dsa->params.p == NULL || dsa->params.q == NULL) {
++ERR_raise(ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
++ERR_raise(ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++if (BN_num_bits(dsa->params.q) >= BN_num_bits(dsa->params.p)) {
++ERR_raise(ERR_LIB_DSA, DSA_R_BAD_Q_VALUE);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++return 1;
++}
++
+ int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
+ return ossl_ffc_params_simple_validate(dsa->libctx, >params,
+FFC_PARAM_TYPE_DSA, ret);
+@@ -39,6 +65,9 @@ int ossl_dsa_check_params(const DSA *dsa, int checktype, int
*ret)
+ */
+ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ return ossl_ffc_validate_public_key(>params, pub_key, ret)
+&& *ret == 0;
+ }
+@@ -50,6 +79,9 @@ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM
*pub_key, int *ret)
+ */
+ int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int
*ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ return ossl_ffc_validate_public_key_partial(>params, pub_key, ret)
+&& *ret == 0;
+ }
+@@ -58,8 +90,10 @@ int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM
*priv_key, int *ret)
+ {
+ *ret = 0;
+
+-return (dsa->params.q != NULL
+-&& ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret));
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
++return ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret);
+ }
+
+ /*
+@@ -72,8 +106,10 @@ int ossl_dsa_check_pairwise(const DSA *dsa)
+ BN_CTX *ctx = NULL;
+ BIGNUM *pub_key = NULL;
+
+-if (dsa->params.p == NULL
+-|| dsa->params.g == NULL
++if (!dsa_precheck_params(dsa, ))
++return 0;
++
++if (dsa->params.g == NULL
+ || dsa->priv_key == NULL
+ || dsa->pub_key == NULL)
+ return 0;
+diff --git
a/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
+new file mode 100644
+index 00..e85e2953b7
+--- /dev/null
b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
+@@ -0,0 +1,57 @@
++-BEGIN DSA PARAMETERS-
++MIIKLAKCBQEAym47LzPFZdbz16WvjczLKuzLtsP8yRk/exxL4bBthJhP1qOwctja
++p1586SF7gDxCMn7yWVEYdfRbFefGoq0gj1XOE917XqlbnkmZhMgxut2KbNJo/xil
++XNFUjGvKs3F413U9rAodC8f07cWHP1iTcWL+vPe6u2yilKWYYfnLWHQH+Z6aPrrF
++x/R08LI6DZ6nEsIo+hxaQnEtx+iqNTJC6Q1RIjWDqxQkFVTkJ0Y7miRDXmRdneWk
++oLrMZRpaXr5l5tSjEghh1pBgJcdyOv0lh4dlDy/alAiqE2Qlb667yHl6A9dDPlpW
[OE-core][kirkstone][PATCH] openssl: patch CVE-2024-4603
From: Peter Marko
Advisory: https://github.com/advisories/GHSA-85xr-ghj6-6m46
Signed-off-by: Peter Marko
---
.../openssl/openssl/CVE-2024-4603.patch | 180 ++
.../openssl/openssl_3.0.13.bb | 1 +
2 files changed, 181 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
b/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
new file mode 100644
index 00..b8e0b9fb7d
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
@@ -0,0 +1,180 @@
+From 3559e868e58005d15c6013a0c1fd832e51c73397 Mon Sep 17 00:00:00 2001
+From: Tomas Mraz
+Date: Wed, 8 May 2024 15:23:45 +0200
+Subject: [PATCH] Check DSA parameters for excessive sizes before validating
+
+This avoids overly long computation of various validation
+checks.
+
+Fixes CVE-2024-4603
+
+Reviewed-by: Paul Dale
+Reviewed-by: Matt Caswell
+Reviewed-by: Neil Horman
+Reviewed-by: Shane Lontis
+(Merged from https://github.com/openssl/openssl/pull/24346)
+
+(cherry picked from commit 85ccbab216da245cf9a6503dd327072f21950d9b)
+
+
+
+CVE: CVE-2024-4603
+Upstream-Status: Backport
[https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397]
+Signed-off-by: Peter Marko
+---
+ crypto/dsa/dsa_check.c| 44 --
+ .../invalid/p10240_q256_too_big.pem | 57 +++
+ 2 files changed, 97 insertions(+), 4 deletions(-)
+ create mode 100644
test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
+
+diff --git a/crypto/dsa/dsa_check.c b/crypto/dsa/dsa_check.c
+index fb0e9129a2..122449a7bf 100644
+--- a/crypto/dsa/dsa_check.c
b/crypto/dsa/dsa_check.c
+@@ -19,8 +19,34 @@
+ #include "dsa_local.h"
+ #include "crypto/dsa.h"
+
++static int dsa_precheck_params(const DSA *dsa, int *ret)
++{
++if (dsa->params.p == NULL || dsa->params.q == NULL) {
++ERR_raise(ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
++ERR_raise(ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++if (BN_num_bits(dsa->params.q) >= BN_num_bits(dsa->params.p)) {
++ERR_raise(ERR_LIB_DSA, DSA_R_BAD_Q_VALUE);
++*ret = FFC_CHECK_INVALID_PQ;
++return 0;
++}
++
++return 1;
++}
++
+ int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
+ return ossl_ffc_params_simple_validate(dsa->libctx, >params,
+FFC_PARAM_TYPE_DSA, ret);
+@@ -39,6 +65,9 @@ int ossl_dsa_check_params(const DSA *dsa, int checktype, int
*ret)
+ */
+ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ return ossl_ffc_validate_public_key(>params, pub_key, ret)
+&& *ret == 0;
+ }
+@@ -50,6 +79,9 @@ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM
*pub_key, int *ret)
+ */
+ int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int
*ret)
+ {
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
+ return ossl_ffc_validate_public_key_partial(>params, pub_key, ret)
+&& *ret == 0;
+ }
+@@ -58,8 +90,10 @@ int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM
*priv_key, int *ret)
+ {
+ *ret = 0;
+
+-return (dsa->params.q != NULL
+-&& ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret));
++if (!dsa_precheck_params(dsa, ret))
++return 0;
++
++return ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret);
+ }
+
+ /*
+@@ -72,8 +106,10 @@ int ossl_dsa_check_pairwise(const DSA *dsa)
+ BN_CTX *ctx = NULL;
+ BIGNUM *pub_key = NULL;
+
+-if (dsa->params.p == NULL
+-|| dsa->params.g == NULL
++if (!dsa_precheck_params(dsa, ))
++return 0;
++
++if (dsa->params.g == NULL
+ || dsa->priv_key == NULL
+ || dsa->pub_key == NULL)
+ return 0;
+diff --git
a/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
+new file mode 100644
+index 00..e85e2953b7
+--- /dev/null
b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem
+@@ -0,0 +1,57 @@
++-BEGIN DSA PARAMETERS-
++MIIKLAKCBQEAym47LzPFZdbz16WvjczLKuzLtsP8yRk/exxL4bBthJhP1qOwctja
++p1586SF7gDxCMn7yWVEYdfRbFefGoq0gj1XOE917XqlbnkmZhMgxut2KbNJo/xil
++XNFUjGvKs3F413U9rAodC8f07cWHP1iTcWL+vPe6u2yilKWYYfnLWHQH+Z6aPrrF
++x/R08LI6DZ6nEsIo+hxaQnEtx+iqNTJC6Q1RIjWDqxQkFVTkJ0Y7miRDXmRdneWk
Re: [OE-core] [PATCH] python3-requests: cleanup RDEPENDS
To continue fixing https://lists.openembedded.org/g/openembedded-core/message/199250 I'm now using a personal email instead my work email (I'm not being paid for this anyway :) ). I suspect the problem is I was sending the patch as an attachment. That should be fixed now and the patch content should be inline, at least it appears that way in my own email inbox. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199532): https://lists.openembedded.org/g/openembedded-core/message/199532 Mute This Topic: https://lists.openembedded.org/mt/106168861/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] python3-requests: cleanup RDEPENDS
Drop the following dependencies from RDEPENDS:
- python3-ndg-httpsclient
- python3-pyasn1
- python3-pyopenssl
Add a missing dependency into RDEPENDS:
- python3-certifi
Additional fix HOMEPAGE, the old link doesn't work
Signed-off-by: Guðni Már Gilbert
---
meta/recipes-devtools/python/python3-requests_2.31.0.bb | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/meta/recipes-devtools/python/python3-requests_2.31.0.bb
b/meta/recipes-devtools/python/python3-requests_2.31.0.bb
index df48cd54c3..287b4f8eee 100644
--- a/meta/recipes-devtools/python/python3-requests_2.31.0.bb
+++ b/meta/recipes-devtools/python/python3-requests_2.31.0.bb
@@ -1,5 +1,5 @@
SUMMARY = "Python HTTP for Humans."
-HOMEPAGE = "http://python-requests.org;
+HOMEPAGE = "https://requests.readthedocs.io;
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=34400b68072d710fecd0a2940a0d1658"
@@ -8,12 +8,10 @@ SRC_URI[sha256sum] =
"942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd
inherit pypi setuptools3
RDEPENDS:${PN} += " \
+python3-certifi \
python3-email \
python3-json \
-python3-ndg-httpsclient \
python3-netserver \
-python3-pyasn1 \
-python3-pyopenssl \
python3-pysocks \
python3-urllib3 \
python3-chardet \
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199531):
https://lists.openembedded.org/g/openembedded-core/message/199531
Mute This Topic: https://lists.openembedded.org/mt/106168861/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 3/5] ninja: build modified version with GNU Make jobserver support
Hi Randy, On Mon, 2024-04-08 at 17:39 -0400, Randy MacLeod wrote: > On 2024-04-03 3:08 p.m., Martin Hundebøll wrote: > > On Wed, 2024-04-03 at 17:58 +0200, Alexander Kanavin wrote: > > > We can't carry this mass of patches. It has to land upstream > > > first. > > > > > Understandable. > > > > > > Are you able/willing to drive the upstream pull request to > > > completion? > > > > > No, I don't think so. I'm not familiar with the ninja codebase, and > > the > > pull requests has been lingering for too long. > > > > Another option might be to propose adding the fifo feature to the > > kitware fork of ninja: > > https://github.com/Kitware/ninja > > > > They have forked ninja to get the jobserver feature in, but haven't > > taken the fifo part so far. > > > > The kitware fork is also used by buildroot: > > https://gitlab.com/buildroot.org/buildroot/-/blob/master/package/ninja/ninja.mk > > > I see that v2 has switched to kitware, which is fine in the short > run. > > I'm just back from vacation. I plan to test this patchset out. > > I can spend some time convincing upstream ninja that a solution is > needed for our use-case and > that perhaps the jobsever approach and the kitware fork is a good > starting point. > > Of course, I can't promise to "drive it to completion" but I'll > hound the upstream devs for months or even years! > > Thanks for re-submitting the patchset Martin! > I got hit by a strike of motivation and submitted a new attempt on jobserver support to ninja: https://github.com/ninja-build/ninja/pull/2450 First review from the ninja maintainer seems positive. I'll resubmit the my patchset to OE once the ninja PR is (hopefully) merged. // Martin -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199530): https://lists.openembedded.org/g/openembedded-core/message/199530 Mute This Topic: https://lists.openembedded.org/mt/105304230/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v9 0/3] pkg-database and systemd-sysext image
Hoi Alexandre, is there a way to get more output out of the autobuilder? the logs only tell "that" the test failed, not "why" = which assertion was missed if i run the test locally with the differing variables set like this: #> SDKMACHINE=aarch64 MACHINE=qemuarm64 oe-selftest --verbose -r imagefeatures.ImageFeatures.test_image_gen_pkgdbfs_ipk it succeeds :-S ... ideas/thoughts? gruß Johannes From: Alexandre Belloni Sent: Friday, May 17, 2024 20:33 To: SCHNEIDER Johannes Cc: openembedded-core@lists.openembedded.org; richard.pur...@linuxfoundation.org; alex.kana...@gmail.com Subject: Re: [OE-core] [PATCH v9 0/3] pkg-database and systemd-sysext image This email is not from Hexagon’s Office 365 instance. Please be careful while clicking links, opening attachments, or replying to this email. Hello, deb and rpm seem successful but ipk still fails: https://autobuilder.yoctoproject.org/typhoon/#/builders/127/builds/3335/steps/14/logs/stdio On 16/05/2024 00:34:57+0200, Johannes Schneider via lists.openembedded.org wrote: > systemd-sysext allows to overlay another image (or multiple) ontop of > a "base-image" = the current rootfs, via the use of overlayfs; to add > tools and features meant for development purposes. > > To quote the documentation on systemd-sysext: > " ...addition in order to make debugging/development easier). System > extension images should not be misunderstood as a generic software > packaging framework, ..." > > To build a lean image, that only holds packages that are not already > part of the base-image, a snapshot of the package-database is taken > after the installation of the base-rootfs is done, and picked up again > when collecting the rootfs of such a extension image. > > with all this in place an example usage could look like this: > some-core-image.bb > inherit core-image > IMAGE_GEN_PKGDBFS = "1" > > extending-image.bb > inherit image-sysext > IMAGE_FSTYPES = "squashfs" > IMAGE_BASE_PKGDB = "some-core-image" > # the above pointing at a package-db similar to: > # > build/deploy/images/$MACHINE/some-core-image-$MACHINE-20240210172305-pkgdb.rootfs.tar.gz > > then on the device, running some-core-image, with the extension image placed > at FN: > $> ln -s "$FN" /run/extensions/$(basename $FN).raw > $> systemd-sysext list > $> SYSTEMD_LOG_LEVEL=debug systemd-sysext merge > > As long as the VERSION_ID of the extension image matches the os-release > in the base image, the above commands return sucessfully; > for details on the compativility check see the docs for systemd-sysext. > > = > > changes with v2: > rebase from 'kirkstone' onto 'master' > > changes with v3: > incorporate review suggestions for simplification > add task dependency handling > add oe-selftest for the pkgdb handling > add variable documentation and > some more comments, and examples in the commit-msg > > changes with v4: > rebase onto 'master' => no functional changes > fixed patchtest findings > > changes with v5: > rebase onto 'master' > add '.sysext' to the deployed symlink name > sidenote on the tests and autobuilder failure: run locally they > succeed, e.g.: > #> oe-selftest --verbose -r > imagefeatures.ImageFeatures.test_image_gen_pkgdbfs > > changes with v6: > tests: restructure to call 'bitbake' only once in the testcase itself > (in hopes of solving the autobuilder problem; local test runs succeed) > > changes with v7: > tests: undo the restructuring of done in v6, in favour of explicitly > forcing steps: > '-c rootfs -f'. since concurrency of the autobuilder, and reusing > artifacts/sstate-caching is probably the issue? > > changes with v8: > tests: fixed missing feature=PACKAGE_CLASSES during > 'test_image_gen_pkgdbfs' > which is now split into three, one for each of the three available > packagemanager: ipk, deb, rpm > > changes with v9: > tests: fix singular failure in 'oe-selftest-armhost' > which was due to the built image not containing a 'kernel-image...', > which the gen-pkgdb sanity > check expected, but 'packagegroup-core-boot' instead > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199529): https://lists.openembedded.org/g/openembedded-core/message/199529 Mute This Topic: https://lists.openembedded.org/mt/106124365/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
