Re: [OE-core] [PATCH] cve-check: use SAFELIST
On 9/11/20 3:20 PM, akuster wrote:
>
>
> On 9/11/20 12:37 AM, Lee Chee Yang wrote:
>> From: Lee Chee Yang
>>
>> use safelist instead of whitelist.
> Thanks for sending the patch. There is some unfinished conclusions for
> renaming various variables to be more inclusive. I am personally fine
> with this word choice.
>
> Is this what other open source projects are rename to ?
>
> So would "blacklist" become "unsafelist"
I think, BLOCKLIST/ALLOWLIST would be better here.
>
> Do you have an idea if other layers would be affected by this change?
>
> -armin
>
>
>> Replace CVE_CHECK_PN_WHITELIST with CVE_CHECK_PN_SAFELIST.
>> Replace CVE_CHECK_WHITELIST with CVE_CHECK_SAFELIST.
>>
>> Signed-off-by: Lee Chee Yang
>> ---
>> meta/classes/cve-check.bbclass| 47 ++-
>> .../openssl/openssl_1.1.1g.bb | 2 +-
>> meta/recipes-core/glibc/glibc_2.32.bb | 2 +-
>> meta/recipes-devtools/cmake/cmake.inc | 2 +-
>> meta/recipes-devtools/python/python3_3.8.5.bb | 2 +-
>> meta/recipes-devtools/rsync/rsync_3.2.3.bb| 2 +-
>> .../iputils/iputils_s20200821.bb | 2 +-
>> meta/recipes-extended/procps/procps_3.3.16.bb | 2 +-
>> .../libpng/libpng_1.6.37.bb | 2 +-
>> .../libsndfile/libsndfile1_1.0.28.bb | 2 +-
>> meta/recipes-support/lz4/lz4_1.9.2.bb | 2 +-
>> meta/recipes-support/sqlite/sqlite3_3.33.0.bb | 2 +-
>> 12 files changed, 35 insertions(+), 34 deletions(-)
>>
>> diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
>> index 17f64a8a9c..82b2b40da0 100644
>> --- a/meta/classes/cve-check.bbclass
>> +++ b/meta/classes/cve-check.bbclass
>> @@ -40,15 +40,15 @@ CVE_CHECK_MANIFEST ?=
>> "${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve
>> CVE_CHECK_COPY_FILES ??= "1"
>> CVE_CHECK_CREATE_MANIFEST ??= "1"
>>
>> -# Whitelist for packages (PN)
>> -CVE_CHECK_PN_WHITELIST ?= ""
>> +# Safelist for packages (PN)
>> +CVE_CHECK_PN_SAFELIST ?= ""
>>
>> -# Whitelist for CVE. If a CVE is found, then it is considered patched.
>> +# Safelist for CVE. If a CVE is found, then it is considered patched.
>> # The value is a string containing space separated CVE values:
>> -#
>> -# CVE_CHECK_WHITELIST = 'CVE-2014-2524 CVE-2018-1234'
>> -#
>> -CVE_CHECK_WHITELIST ?= ""
>> +#
>> +# CVE_CHECK_SAFELIST = 'CVE-2014-2524 CVE-2018-1234'
>> +#
>> +CVE_CHECK_SAFELIST ?= ""
>>
>> python cve_save_summary_handler () {
>> import shutil
>> @@ -87,10 +87,10 @@ python do_cve_check () {
>> patched_cves = get_patches_cves(d)
>> except FileNotFoundError:
>> bb.fatal("Failure in searching patches")
>> -whitelisted, patched, unpatched = check_cves(d, patched_cves)
>> +safelisted, patched, unpatched = check_cves(d, patched_cves)
>> if patched or unpatched:
>> cve_data = get_cve_info(d, patched + unpatched)
>> -cve_write_data(d, patched, unpatched, whitelisted, cve_data)
>> +cve_write_data(d, patched, unpatched, safelisted, cve_data)
>> else:
>> bb.note("No CVE database found, skipping CVE check")
>>
>> @@ -213,15 +213,16 @@ def check_cves(d, patched_cves):
>> return ([], [], [])
>> pv = d.getVar("CVE_VERSION").split("+git")[0]
>>
>> -# If the recipe has been whitlisted we return empty lists
>> -if d.getVar("PN") in d.getVar("CVE_CHECK_PN_WHITELIST").split():
>> -bb.note("Recipe has been whitelisted, skipping check")
>> +if d.getVar("CVE_CHECK_PN_WHITELIST"):
>> +bb.warn("CVE_CHECK_PN_WHITELIST is deprecated, please use
>> CVE_CHECK_PN_SAFELIST.")
>> +# If the recipe has been safelisted we return empty lists
>> +if d.getVar("PN") in d.getVar("CVE_CHECK_PN_SAFELIST").split():
>> +bb.note("Recipe has been safelisted, skipping check")
>> return ([], [], [])
>>
>> -old_cve_whitelist = d.getVar("CVE_CHECK_CVE_WHITELIST")
>> -if old_cve_whitelist:
>> -bb.warn("CVE_CHECK_CVE_WHITELIST is deprecated, please use
>> CVE_CHECK_WHITELIST.")
>> -cve_whitelist = d.getVar("CVE_CHECK_WHITELIST").split()
>> +if d.getVar("CVE_CHECK_CVE_WHITELIST") or
>> d.getVar("CVE_CHECK_WHITELIST"):
>> +bb.warn("CVE_CHECK_CVE_WHITELIST and CVE_CHECK_WHITELIST is
>> deprecated, please use CVE_CHECK_SAFELIST.")
>> +cve_safelist = d.getVar("CVE_CHECK_SAFELIST").split()
>>
>> import sqlite3
>> db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
>> @@ -238,9 +239,9 @@ def check_cves(d, patched_cves):
>> for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE
>> PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)):
>> cve = cverow[0]
>>
>> -if cve in cve_whitelist:
>> -bb.note("%s-%s has been whitelisted for %s" % (product, pv,
>> cve))
>> -# TODO: this should be in the report as 'whitelisted'
>> +if cve in
Re: [OE-core] [PATCH v2] squashfs-tools: Allow COMP_DEFAULT to be changed easily at build time
On 9/11/20 10:33 AM, Andre McCurdy wrote:
> On Fri, Sep 11, 2020 at 10:21 AM Peter Morrow
> wrote:
>>
>> The default compression algorithm is gzip, this patch allows the default
>> to be changed via a bbappend file by setting SQUASHFS_TOOLS_COMP_DEFAULT
>> to a valid compression algorithm.
>>
>> Signed-off-by: Peter Morrow
>> ---
>> ...ols-Allow-COMP_DEFAULT-to-be-overridden-v.patch | 34
>> ++
>> .../squashfs-tools/squashfs-tools_git.bb | 4 +++
>> 2 files changed, 38 insertions(+)
>> create mode 100644
>> meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
>>
>> diff --git
>> a/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
>>
>> b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
>> new file mode 100644
>> index 000..5f12c42
>> --- /dev/null
>> +++
>> b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
>> @@ -0,0 +1,34 @@
>> +From d2d9b517696f5950597f5b60ae8fdade5b7c14a9 Mon Sep 17 00:00:00 2001
>> +From: Peter Morrow
>> +Date: Fri, 4 Sep 2020 15:43:15 +0100
>> +Subject: [PATCH] squashfs-tools: Allow COMP_DEFAULT to be overridden via
>> make
>> + cmdline
>> +
>> +Currently the only way to modify the default compression algorithm is to
>> +modify the Makefile. It is useful to be able to set the default compression
>> +algorithm via the make command line since otherwise a build time search
>> +replace operation needs to be performed on the Makefile.
>
> That's not how Makefiles normally work. Options set via the command
> line over-ride variables set with = in the Makefile.
>
> Does setting your chosen value for COMP_DEFAULT on the make command
> line really not work?
that works if make is invoked with -e option, We do not use make -e with
bare makefile based recipes.
>
>> +Upstream-Status: Submitted
>> [https://github.com/plougher/squashfs-tools/pull/93 ]
>> +
>> +Signed-off-by: Peter Morrow
>> +---
>> + squashfs-tools/Makefile | 2 +-
>> + 1 file changed, 1 insertion(+), 1 deletion(-)
>> +
>> +diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile
>> +index aee4b96..7425605 100644
>> +--- a/squashfs-tools/Makefile
>> b/squashfs-tools/Makefile
>> +@@ -85,7 +85,7 @@ GZIP_SUPPORT = 1
>> + # in Mksquashfs. Obviously the compression algorithm must have been
>> + # selected to be built
>> + #
>> +-COMP_DEFAULT = gzip
>> ++COMP_DEFAULT ?= gzip
>> +
>> +
>> + ###
>> +--
>> +2.20.1
>> +
>> diff --git a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
>> b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
>> index b06951d..df025d4 100644
>> --- a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
>> +++ b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
>> @@ -9,6 +9,7 @@ PV = "4.4"
>> SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67"
>> SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \
>>
>> file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2
>> \
>> +
>> file://0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch;striplevel=2
>> \
>> "
>>
>> S = "${WORKDIR}/git/squashfs-tools"
>> @@ -25,6 +26,9 @@ PACKAGECONFIG[xattr] =
>> "XATTR_SUPPORT=1,XATTR_SUPPORT=0,attr"
>> PACKAGECONFIG[zstd] = "ZSTD_SUPPORT=1,ZSTD_SUPPORT=0,zstd"
>> PACKAGECONFIG[reproducible] =
>> "REPRODUCIBLE_DEFAULT=1,REPRODUCIBLE_DEFAULT=0,"
>>
>> +SQUASHFS_TOOLS_COMP_DEFAULT ?= "gzip"
>> +EXTRA_OEMAKE += "COMP_DEFAULT=${SQUASHFS_TOOLS_COMP_DEFAULT}"
>
> Note that this will force the recipe's default value even if upstream
> squashfs-tools changes. Not a problem now as the two are the same, but
> something which will need to be checked each time squashfs-tools is
> updated.
>
>> do_compile() {
>> oe_runmake all
>> }
>> --
>> 1.8.3.1
>>
>>
>>
>>
pEpkey.asc
Description: application/pgp-keys
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142450):
https://lists.openembedded.org/g/openembedded-core/message/142450
Mute This Topic: https://lists.openembedded.org/mt/76784587/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] systemd-serialgetty: Replace sed quoting using ' with " to allow var expansion
From: Geoff Parker
A recent commit added single quotes around the sed regex's. This prevented the
expansion of $default_baudrate in do_install(), and ended up with systemd's'
serial-getty@.service file having a literal $default_baudrate.
This broke the serial console getty service.
serial-getty@.service was getting a line which looked like this:
ExecStart=-/sbin/agetty -8 -L %I $default_baudrate $TERM
Rather than:
ExecStart=-/sbin/agetty -8 -L %I 115200 $TERM
Fixed by repacing the single quotes with double quotes in the sed expressions.
---
meta/recipes-core/systemd/systemd-serialgetty.bb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb
b/meta/recipes-core/systemd/systemd-serialgetty.bb
index 059fccc2b6..0cc0dc8c79 100644
--- a/meta/recipes-core/systemd/systemd-serialgetty.bb
+++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
@@ -21,7 +21,7 @@ do_install() {
install -d ${D}${systemd_unitdir}/system/
install -d ${D}${sysconfdir}/systemd/system/getty.target.wants/
install -m 0644 ${WORKDIR}/serial-getty@.service
${D}${systemd_unitdir}/system/
- sed -i -e 's/\@BAUDRATE\@/$default_baudrate/g'
${D}${systemd_unitdir}/system/serial-getty@.service
+ sed -i -e "s/\@BAUDRATE\@/$default_baudrate/g"
${D}${systemd_unitdir}/system/serial-getty@.service
tmp="${SERIAL_CONSOLES}"
for entry in $tmp ; do
@@ -34,7 +34,7 @@ do_install() {
else
# install custom service file for the
non-default baudrate
install -m 0644
${WORKDIR}/serial-getty@.service
${D}${systemd_unitdir}/system/serial-getty$baudrate@.service
- sed -i -e s/\@BAUDRATE\@/$baudrate/g
${D}${systemd_unitdir}/system/serial-getty$baudrate@.service
+ sed -i -e "s/\@BAUDRATE\@/$baudrate/g"
${D}${systemd_unitdir}/system/serial-getty$baudrate@.service
# enable the service
ln -sf
${systemd_unitdir}/system/serial-getty$baudrate@.service \
${D}${sysconfdir}/systemd/system/getty.target.wants/serial-getty$baudrate@$ttydev.service
--
2.20.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142449):
https://lists.openembedded.org/g/openembedded-core/message/142449
Mute This Topic: https://lists.openembedded.org/mt/76794431/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] Revert "systemd-serialgetty: Fix sed expression quoting"
instead of revert can you try double quotes?
e.g.
sed -i -e "s/\@BAUDRATE\@/$default_baudrate/g"
On 9/11/20 5:17 PM, Geoff Parker wrote:
> From: Geoff Parker
>
> This reverts commit 12d0fdd9c990bdc67bf6c8fd2d269cb766069ea5.
>
> Adding quotes around sed string treats $default_baudrate as a literal
> rather than a variable substitution in the do_install function.
> Breaks the systemd serial-getty@.service file and
> serial console getty.
>
> serial-getty@.service was getting a line which looked like this:
>
> ExecStart=-/sbin/agetty -8 -L %I $default_baudrate $TERM
>
> Rather than:
>
> ExecStart=-/sbin/agetty -8 -L %I 115200 $TERM
>
> Signed-off-by: Geoff Parker
> ---
> meta/recipes-core/systemd/systemd-serialgetty.bb | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb
> b/meta/recipes-core/systemd/systemd-serialgetty.bb
> index 059fccc2b6..044c6c5b67 100644
> --- a/meta/recipes-core/systemd/systemd-serialgetty.bb
> +++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
> @@ -21,7 +21,7 @@ do_install() {
> install -d ${D}${systemd_unitdir}/system/
> install -d ${D}${sysconfdir}/systemd/system/getty.target.wants/
> install -m 0644 ${WORKDIR}/serial-getty@.service
> ${D}${systemd_unitdir}/system/
> - sed -i -e 's/\@BAUDRATE\@/$default_baudrate/g'
> ${D}${systemd_unitdir}/system/serial-getty@.service
> + sed -i -e s/\@BAUDRATE\@/$default_baudrate/g
> ${D}${systemd_unitdir}/system/serial-getty@.service
>
> tmp="${SERIAL_CONSOLES}"
> for entry in $tmp ; do
>
>
>
>
pEpkey.asc
Description: application/pgp-keys
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142448):
https://lists.openembedded.org/g/openembedded-core/message/142448
Mute This Topic: https://lists.openembedded.org/mt/76792280/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] Revert "systemd-serialgetty: Fix sed expression quoting"
instead of revert can you try double quotes?
e.g.
sed -e "s/\@BAUDRATE\@/$default_baudrate/g"
On 9/11/20 5:17 PM, Geoff Parker wrote:
> From: Geoff Parker
>
> This reverts commit 12d0fdd9c990bdc67bf6c8fd2d269cb766069ea5.
>
> Adding quotes around sed string treats $default_baudrate as a literal
> rather than a variable substitution in the do_install function.
> Breaks the systemd serial-getty@.service file and
> serial console getty.
>
> serial-getty@.service was getting a line which looked like this:
>
> ExecStart=-/sbin/agetty -8 -L %I $default_baudrate $TERM
>
> Rather than:
>
> ExecStart=-/sbin/agetty -8 -L %I 115200 $TERM
>
> Signed-off-by: Geoff Parker
> ---
> meta/recipes-core/systemd/systemd-serialgetty.bb | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb
> b/meta/recipes-core/systemd/systemd-serialgetty.bb
> index 059fccc2b6..044c6c5b67 100644
> --- a/meta/recipes-core/systemd/systemd-serialgetty.bb
> +++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
> @@ -21,7 +21,7 @@ do_install() {
> install -d ${D}${systemd_unitdir}/system/
> install -d ${D}${sysconfdir}/systemd/system/getty.target.wants/
> install -m 0644 ${WORKDIR}/serial-getty@.service
> ${D}${systemd_unitdir}/system/
> - sed -i -e 's/\@BAUDRATE\@/$default_baudrate/g'
> ${D}${systemd_unitdir}/system/serial-getty@.service
> + sed -i -e s/\@BAUDRATE\@/$default_baudrate/g
> ${D}${systemd_unitdir}/system/serial-getty@.service
>
> tmp="${SERIAL_CONSOLES}"
> for entry in $tmp ; do
>
>
>
>
pEpkey.asc
Description: application/pgp-keys
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142447):
https://lists.openembedded.org/g/openembedded-core/message/142447
Mute This Topic: https://lists.openembedded.org/mt/76792280/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][dunfell 23/25] kernel.bbclass: run do_symlink_kernsrc before do_patch
Hi,
This patch makes STAGING_KERNEL_DIR symlink broken if externalsrc is used.
I filed a bug for this.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=14044
Best Regards,
Chanho Park
On Mon, Aug 31, 2020 at 3:19 AM Steve Sakoman wrote:
>
> From: Rasmus Villemoes
>
> There's a race between do_symlink_kernsrc and do_populate_lic, since
> the latter is ordered "after do_patch"; so the two may run in
> parallel. In some cases, that actually causes do_populate_lic to fail
> if it happens to look for a license file somewhere under ${S} in the
> short window after shutil.move and before the symlink has been
> created.
>
> Fix that by simply ordering symlink_kernsrc before do_patch. Any task
> that pokes around in ${S} looking for files should be ordered after
> do_patch, so this should also fix similar latent races with other ad
> hoc tasks.
>
> Signed-off-by: Rasmus Villemoes
> Signed-off-by: Richard Purdie
> (cherry picked from commit c5dfc2586b4135cc86e91bb04fed837daf505676)
> Signed-off-by: Steve Sakoman
> ---
> meta/classes/kernel.bbclass | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
> index 9e3c34ad48..9eb9bd2844 100644
> --- a/meta/classes/kernel.bbclass
> +++ b/meta/classes/kernel.bbclass
> @@ -152,7 +152,7 @@ python do_symlink_kernsrc () {
> shutil.move(s, kernsrc)
> os.symlink(kernsrc, s)
> }
> -addtask symlink_kernsrc before do_configure after do_unpack
> +addtask symlink_kernsrc before do_patch after do_unpack
>
> inherit kernel-arch deploy
>
> --
> 2.17.1
>
>
--
Best Regards,
Chanho Park
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142446):
https://lists.openembedded.org/g/openembedded-core/message/142446
Mute This Topic: https://lists.openembedded.org/mt/76518932/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] Revert "systemd-serialgetty: Fix sed expression quoting"
From: Geoff Parker
This reverts commit 12d0fdd9c990bdc67bf6c8fd2d269cb766069ea5.
Adding quotes around sed string treats $default_baudrate as a literal
rather than a variable substitution in the do_install function.
Breaks the systemd serial-getty@.service file and
serial console getty.
serial-getty@.service was getting a line which looked like this:
ExecStart=-/sbin/agetty -8 -L %I $default_baudrate $TERM
Rather than:
ExecStart=-/sbin/agetty -8 -L %I 115200 $TERM
Signed-off-by: Geoff Parker
---
meta/recipes-core/systemd/systemd-serialgetty.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb
b/meta/recipes-core/systemd/systemd-serialgetty.bb
index 059fccc2b6..044c6c5b67 100644
--- a/meta/recipes-core/systemd/systemd-serialgetty.bb
+++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
@@ -21,7 +21,7 @@ do_install() {
install -d ${D}${systemd_unitdir}/system/
install -d ${D}${sysconfdir}/systemd/system/getty.target.wants/
install -m 0644 ${WORKDIR}/serial-getty@.service
${D}${systemd_unitdir}/system/
- sed -i -e 's/\@BAUDRATE\@/$default_baudrate/g'
${D}${systemd_unitdir}/system/serial-getty@.service
+ sed -i -e s/\@BAUDRATE\@/$default_baudrate/g
${D}${systemd_unitdir}/system/serial-getty@.service
tmp="${SERIAL_CONSOLES}"
for entry in $tmp ; do
--
2.20.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142445):
https://lists.openembedded.org/g/openembedded-core/message/142445
Mute This Topic: https://lists.openembedded.org/mt/76792280/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] cve-check: use SAFELIST
On 9/11/20 12:37 AM, Lee Chee Yang wrote:
> From: Lee Chee Yang
>
> use safelist instead of whitelist.
Thanks for sending the patch. There is some unfinished conclusions for
renaming various variables to be more inclusive. I am personally fine
with this word choice.
Is this what other open source projects are rename to ?
So would "blacklist" become "unsafelist"
Do you have an idea if other layers would be affected by this change?
-armin
> Replace CVE_CHECK_PN_WHITELIST with CVE_CHECK_PN_SAFELIST.
> Replace CVE_CHECK_WHITELIST with CVE_CHECK_SAFELIST.
>
> Signed-off-by: Lee Chee Yang
> ---
> meta/classes/cve-check.bbclass| 47 ++-
> .../openssl/openssl_1.1.1g.bb | 2 +-
> meta/recipes-core/glibc/glibc_2.32.bb | 2 +-
> meta/recipes-devtools/cmake/cmake.inc | 2 +-
> meta/recipes-devtools/python/python3_3.8.5.bb | 2 +-
> meta/recipes-devtools/rsync/rsync_3.2.3.bb| 2 +-
> .../iputils/iputils_s20200821.bb | 2 +-
> meta/recipes-extended/procps/procps_3.3.16.bb | 2 +-
> .../libpng/libpng_1.6.37.bb | 2 +-
> .../libsndfile/libsndfile1_1.0.28.bb | 2 +-
> meta/recipes-support/lz4/lz4_1.9.2.bb | 2 +-
> meta/recipes-support/sqlite/sqlite3_3.33.0.bb | 2 +-
> 12 files changed, 35 insertions(+), 34 deletions(-)
>
> diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
> index 17f64a8a9c..82b2b40da0 100644
> --- a/meta/classes/cve-check.bbclass
> +++ b/meta/classes/cve-check.bbclass
> @@ -40,15 +40,15 @@ CVE_CHECK_MANIFEST ?=
> "${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve
> CVE_CHECK_COPY_FILES ??= "1"
> CVE_CHECK_CREATE_MANIFEST ??= "1"
>
> -# Whitelist for packages (PN)
> -CVE_CHECK_PN_WHITELIST ?= ""
> +# Safelist for packages (PN)
> +CVE_CHECK_PN_SAFELIST ?= ""
>
> -# Whitelist for CVE. If a CVE is found, then it is considered patched.
> +# Safelist for CVE. If a CVE is found, then it is considered patched.
> # The value is a string containing space separated CVE values:
> -#
> -# CVE_CHECK_WHITELIST = 'CVE-2014-2524 CVE-2018-1234'
> -#
> -CVE_CHECK_WHITELIST ?= ""
> +#
> +# CVE_CHECK_SAFELIST = 'CVE-2014-2524 CVE-2018-1234'
> +#
> +CVE_CHECK_SAFELIST ?= ""
>
> python cve_save_summary_handler () {
> import shutil
> @@ -87,10 +87,10 @@ python do_cve_check () {
> patched_cves = get_patches_cves(d)
> except FileNotFoundError:
> bb.fatal("Failure in searching patches")
> -whitelisted, patched, unpatched = check_cves(d, patched_cves)
> +safelisted, patched, unpatched = check_cves(d, patched_cves)
> if patched or unpatched:
> cve_data = get_cve_info(d, patched + unpatched)
> -cve_write_data(d, patched, unpatched, whitelisted, cve_data)
> +cve_write_data(d, patched, unpatched, safelisted, cve_data)
> else:
> bb.note("No CVE database found, skipping CVE check")
>
> @@ -213,15 +213,16 @@ def check_cves(d, patched_cves):
> return ([], [], [])
> pv = d.getVar("CVE_VERSION").split("+git")[0]
>
> -# If the recipe has been whitlisted we return empty lists
> -if d.getVar("PN") in d.getVar("CVE_CHECK_PN_WHITELIST").split():
> -bb.note("Recipe has been whitelisted, skipping check")
> +if d.getVar("CVE_CHECK_PN_WHITELIST"):
> +bb.warn("CVE_CHECK_PN_WHITELIST is deprecated, please use
> CVE_CHECK_PN_SAFELIST.")
> +# If the recipe has been safelisted we return empty lists
> +if d.getVar("PN") in d.getVar("CVE_CHECK_PN_SAFELIST").split():
> +bb.note("Recipe has been safelisted, skipping check")
> return ([], [], [])
>
> -old_cve_whitelist = d.getVar("CVE_CHECK_CVE_WHITELIST")
> -if old_cve_whitelist:
> -bb.warn("CVE_CHECK_CVE_WHITELIST is deprecated, please use
> CVE_CHECK_WHITELIST.")
> -cve_whitelist = d.getVar("CVE_CHECK_WHITELIST").split()
> +if d.getVar("CVE_CHECK_CVE_WHITELIST") or
> d.getVar("CVE_CHECK_WHITELIST"):
> +bb.warn("CVE_CHECK_CVE_WHITELIST and CVE_CHECK_WHITELIST is
> deprecated, please use CVE_CHECK_SAFELIST.")
> +cve_safelist = d.getVar("CVE_CHECK_SAFELIST").split()
>
> import sqlite3
> db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
> @@ -238,9 +239,9 @@ def check_cves(d, patched_cves):
> for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE
> PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)):
> cve = cverow[0]
>
> -if cve in cve_whitelist:
> -bb.note("%s-%s has been whitelisted for %s" % (product, pv,
> cve))
> -# TODO: this should be in the report as 'whitelisted'
> +if cve in cve_safelist:
> +bb.note("%s-%s has been safelisted for %s" % (product, pv,
> cve))
> +# TODO: this should be in the report as 'safelisted'
> patched_cves.add(cve)
>
Re: [OE-core] [PATCH v2] squashfs-tools: Allow COMP_DEFAULT to be changed easily at build time
On Fri, Sep 11, 2020 at 10:21 AM Peter Morrow
wrote:
>
> The default compression algorithm is gzip, this patch allows the default
> to be changed via a bbappend file by setting SQUASHFS_TOOLS_COMP_DEFAULT
> to a valid compression algorithm.
>
> Signed-off-by: Peter Morrow
> ---
> ...ols-Allow-COMP_DEFAULT-to-be-overridden-v.patch | 34
> ++
> .../squashfs-tools/squashfs-tools_git.bb | 4 +++
> 2 files changed, 38 insertions(+)
> create mode 100644
> meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
>
> diff --git
> a/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
>
> b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
> new file mode 100644
> index 000..5f12c42
> --- /dev/null
> +++
> b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
> @@ -0,0 +1,34 @@
> +From d2d9b517696f5950597f5b60ae8fdade5b7c14a9 Mon Sep 17 00:00:00 2001
> +From: Peter Morrow
> +Date: Fri, 4 Sep 2020 15:43:15 +0100
> +Subject: [PATCH] squashfs-tools: Allow COMP_DEFAULT to be overridden via make
> + cmdline
> +
> +Currently the only way to modify the default compression algorithm is to
> +modify the Makefile. It is useful to be able to set the default compression
> +algorithm via the make command line since otherwise a build time search
> +replace operation needs to be performed on the Makefile.
That's not how Makefiles normally work. Options set via the command
line over-ride variables set with = in the Makefile.
Does setting your chosen value for COMP_DEFAULT on the make command
line really not work?
> +Upstream-Status: Submitted
> [https://github.com/plougher/squashfs-tools/pull/93 ]
> +
> +Signed-off-by: Peter Morrow
> +---
> + squashfs-tools/Makefile | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile
> +index aee4b96..7425605 100644
> +--- a/squashfs-tools/Makefile
> b/squashfs-tools/Makefile
> +@@ -85,7 +85,7 @@ GZIP_SUPPORT = 1
> + # in Mksquashfs. Obviously the compression algorithm must have been
> + # selected to be built
> + #
> +-COMP_DEFAULT = gzip
> ++COMP_DEFAULT ?= gzip
> +
> +
> + ###
> +--
> +2.20.1
> +
> diff --git a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
> b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
> index b06951d..df025d4 100644
> --- a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
> +++ b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
> @@ -9,6 +9,7 @@ PV = "4.4"
> SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67"
> SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \
>
> file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2
> \
> +
> file://0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch;striplevel=2
> \
> "
>
> S = "${WORKDIR}/git/squashfs-tools"
> @@ -25,6 +26,9 @@ PACKAGECONFIG[xattr] =
> "XATTR_SUPPORT=1,XATTR_SUPPORT=0,attr"
> PACKAGECONFIG[zstd] = "ZSTD_SUPPORT=1,ZSTD_SUPPORT=0,zstd"
> PACKAGECONFIG[reproducible] =
> "REPRODUCIBLE_DEFAULT=1,REPRODUCIBLE_DEFAULT=0,"
>
> +SQUASHFS_TOOLS_COMP_DEFAULT ?= "gzip"
> +EXTRA_OEMAKE += "COMP_DEFAULT=${SQUASHFS_TOOLS_COMP_DEFAULT}"
Note that this will force the recipe's default value even if upstream
squashfs-tools changes. Not a problem now as the two are the same, but
something which will need to be checked each time squashfs-tools is
updated.
> do_compile() {
> oe_runmake all
> }
> --
> 1.8.3.1
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142443):
https://lists.openembedded.org/g/openembedded-core/message/142443
Mute This Topic: https://lists.openembedded.org/mt/76784587/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2] squashfs-tools: Allow COMP_DEFAULT to be changed easily at build time
The default compression algorithm is gzip, this patch allows the default
to be changed via a bbappend file by setting SQUASHFS_TOOLS_COMP_DEFAULT
to a valid compression algorithm.
Signed-off-by: Peter Morrow
---
...ols-Allow-COMP_DEFAULT-to-be-overridden-v.patch | 34 ++
.../squashfs-tools/squashfs-tools_git.bb | 4 +++
2 files changed, 38 insertions(+)
create mode 100644
meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
diff --git
a/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
new file mode 100644
index 000..5f12c42
--- /dev/null
+++
b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
@@ -0,0 +1,34 @@
+From d2d9b517696f5950597f5b60ae8fdade5b7c14a9 Mon Sep 17 00:00:00 2001
+From: Peter Morrow
+Date: Fri, 4 Sep 2020 15:43:15 +0100
+Subject: [PATCH] squashfs-tools: Allow COMP_DEFAULT to be overridden via make
+ cmdline
+
+Currently the only way to modify the default compression algorithm is to
+modify the Makefile. It is useful to be able to set the default compression
+algorithm via the make command line since otherwise a build time search
+replace operation needs to be performed on the Makefile.
+
+Upstream-Status: Submitted [https://github.com/plougher/squashfs-tools/pull/93
]
+
+Signed-off-by: Peter Morrow
+---
+ squashfs-tools/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile
+index aee4b96..7425605 100644
+--- a/squashfs-tools/Makefile
b/squashfs-tools/Makefile
+@@ -85,7 +85,7 @@ GZIP_SUPPORT = 1
+ # in Mksquashfs. Obviously the compression algorithm must have been
+ # selected to be built
+ #
+-COMP_DEFAULT = gzip
++COMP_DEFAULT ?= gzip
+
+
+ ###
+--
+2.20.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
index b06951d..df025d4 100644
--- a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
+++ b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
@@ -9,6 +9,7 @@ PV = "4.4"
SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67"
SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \
file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2 \
+
file://0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch;striplevel=2
\
"
S = "${WORKDIR}/git/squashfs-tools"
@@ -25,6 +26,9 @@ PACKAGECONFIG[xattr] = "XATTR_SUPPORT=1,XATTR_SUPPORT=0,attr"
PACKAGECONFIG[zstd] = "ZSTD_SUPPORT=1,ZSTD_SUPPORT=0,zstd"
PACKAGECONFIG[reproducible] = "REPRODUCIBLE_DEFAULT=1,REPRODUCIBLE_DEFAULT=0,"
+SQUASHFS_TOOLS_COMP_DEFAULT ?= "gzip"
+EXTRA_OEMAKE += "COMP_DEFAULT=${SQUASHFS_TOOLS_COMP_DEFAULT}"
+
do_compile() {
oe_runmake all
}
--
1.8.3.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142442):
https://lists.openembedded.org/g/openembedded-core/message/142442
Mute This Topic: https://lists.openembedded.org/mt/76784587/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] squashfs-tools: Allow COMP_DEFAULT to be changed easily at build time
On Fri, Sep 11, 2020 at 12:47:44PM +0100, Ross Burton wrote:
> > +python () {
> > +# Change the default compression algorithm if requested.
> > +comp_default = d.getVar('SQUASHFS_TOOLS_COMP_DEFAULT')
> > +if comp_default != None:
> > +d.appendVar('EXTRA_OEMAKE', ' COMP_DEFAULT=%s' % comp_default)
> > +}
> > +
>
> This is overcomplicated. Just do:
>
> SQUASHFS_TOOLS_COMP_DEFAULT ?= "gzip"
> EXTRA_OEMAKE += "COMP_DEFAULT=${SQUASHFS_TOOLS_COMP_DEFAULT}"
>
> This way the default is documented in the recipe, and we can change
> the default easily too.
ACK. V2 coming.
Thanks,
Peter.
>
> Ross
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142441):
https://lists.openembedded.org/g/openembedded-core/message/142441
Mute This Topic: https://lists.openembedded.org/mt/76776791/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] Application depending on gRPC not linking properly
Hi,
Am 09.09.20 um 14:56 schrieb Goran Broeckaert:
I have a simple application which depends on grpc. I'm using Yocto Zeus
for my project and I've written the following recipe:
[snip]
The linker tries to link with the -native version of gRPC instead of the
target one. Can be seen in the following line from the output:
recipe-sysroot-native/usr/lib/libgrpc++.so.1.24.1: error adding symbols:
file in wrong format
The grpc cmake config requires the binaries and Yocto doesn't install
cross compile binaries into the sysroot. Therefore the grcp recipe has a
bad hack and install the cmake files from the native package:
SYSROOT_DIRS_BLACKLIST_append_class-target = "${baselib}/cmake/grpc"
I have try to fix the root cause in grpc but the pull request was closed
by the developers because 'Yocto is not a platform we [grpc] officially
support':
https://github.com/grpc/grpc/pull/22498
Regards
Stefan
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142440):
https://lists.openembedded.org/g/openembedded-core/message/142440
Mute This Topic: https://lists.openembedded.org/mt/76731562/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] bison: uprev from 3.7.1 to 3.7.2
a0bc06b7 (tag: v3.7.2) version 3.7.2
5e33dfe5 build: disable syntax-check warning
2a4e9a35 gnulib: update
f7b642cf build: fix incorrect dependencies
3da17724 doc: updates
68e3e442 gnulib: update
e432619d tests: beware of sed portability issues
a1b7fef0 c: always use YYMALLOC/YYFREE
067e35a8 build: beware of POSIX mode
0522047c doc: history of api.prefix
3724b50e CI: intel moved the script for ICC
b801b7b6 fix: unterminated \-escape
b7aab2db fix: crash when redefining the EOF token
89e42ffb style: fix missing space before paren
6aae4a73 style: fix comments and more debug trace
7d4a4300 style: more uses of const
31d4ec28 bench: fix support for pure parser
0a5bfb4f portability: multiple typedefs
12d0b156 style: revert "avoid warnings with GCC 4.6"
cb7dcb01 maint: post-release administrivia
CVE: CVE-2020-24980 fixed by b801b7b6
CVE: CVE-2020-24979 fixed by b7aab2db
Signed-off-by: Stacy Gaikovaia
---
meta/recipes-devtools/bison/{bison_3.7.1.bb => bison_3.7.2.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/bison/{bison_3.7.1.bb => bison_3.7.2.bb} (94%)
diff --git a/meta/recipes-devtools/bison/bison_3.7.1.bb
b/meta/recipes-devtools/bison/bison_3.7.2.bb
similarity index 94%
rename from meta/recipes-devtools/bison/bison_3.7.1.bb
rename to meta/recipes-devtools/bison/bison_3.7.2.bb
index a765a2380d..f7bf70fff3 100644
--- a/meta/recipes-devtools/bison/bison_3.7.1.bb
+++ b/meta/recipes-devtools/bison/bison_3.7.2.bb
@@ -13,7 +13,7 @@ SRC_URI = "${GNU_MIRROR}/bison/bison-${PV}.tar.xz \
file://add-with-bisonlocaledir.patch \
file://0001-bison-fix-the-parallel-build.patch \
"
-SRC_URI[sha256sum] =
"55c215521a13982a9bee68cd42eed51a65713f96c530a739a57de4438ac1bb69"
+SRC_URI[sha256sum] =
"7948d193104d979c0fb0294a1854c73c89d72ae41acfc081826142578a78a91b"
# No point in hardcoding path to m4, just use PATH
EXTRA_OECONF += "M4=m4"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142439):
https://lists.openembedded.org/g/openembedded-core/message/142439
Mute This Topic: https://lists.openembedded.org/mt/76779422/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] tcmode-default: Drop gcc-cross-initial, gcc-crosssdk-initial references
Can you resend using git-send-email, as that patch has been corrupted.
Ross
On Fri, 11 Sep 2020 at 01:19, Douglas via lists.openembedded.org
wrote:
>
> Further to 5b2fd1c724
>
> Also a few remaining references (DISTRO_PN_ALIAS, RECIPE_MAINTAINER).
>
> Signed-off-by: Douglas Royds
> ---
> meta/conf/distro/include/distro_alias.inc | 4
> meta/conf/distro/include/tcmode-default.inc | 2 --
> meta/conf/layer.conf | 2 +-
> 3 files changed, 1 insertion(+), 7 deletions(-)
>
> diff --git a/meta/conf/distro/include/distro_alias.inc
> b/meta/conf/distro/include/distro_alias.inc
> index 56055f7798..b4dfcfc5f5 100644
> --- a/meta/conf/distro/include/distro_alias.inc
> +++ b/meta/conf/distro/include/distro_alias.inc
> @@ -81,10 +81,6 @@ DISTRO_PN_ALIAS_pn-encodings =
> "Ubuntu=xfonts-encodings Mandriva=x11-font-encodi
> DISTRO_PN_ALIAS_pn-font-alias = "Fedora=xorg-x11-fonts-base
> Mandriva=x11-font-alias Meego=xorg-x11-fonts"
> DISTRO_PN_ALIAS_pn-font-util = "Meego=xorg-x11-font-utils
> Fedora=xorg-x11-font-utils Ubuntu=xfonts-utils Mandriva=x11-font-util
> Debian=xfonts-utils"
> DISTRO_PN_ALIAS_pn-formfactor = "OE-Core"
> -DISTRO_PN_ALIAS_pn-gcc-cross-initial = "OE-Core"
> -DISTRO_PN_ALIAS_pn-gcc-cross-initial-i586 = "OE-Core"
> -DISTRO_PN_ALIAS_pn-gcc-crosssdk-initial = "OE-Core"
> -DISTRO_PN_ALIAS_pn-gcc-crosssdk-initial-x86_64 = "OE-Core"
> DISTRO_PN_ALIAS_pn-gccmakedep = "Mandriva=gccmakedep Ubuntu=xutils-dev"
> DISTRO_PN_ALIAS_pn-gcc-runtime = "Ubuntu=gcc Fedora=gcc"
> DISTRO_PN_ALIAS_pn-gcc-sanitizers = "Ubuntu=gcc Fedora=gcc"
> diff --git a/meta/conf/distro/include/tcmode-default.inc
> b/meta/conf/distro/include/tcmode-default.inc
> index 1bc95ec675..50e8a20f35 100644
> --- a/meta/conf/distro/include/tcmode-default.inc
> +++ b/meta/conf/distro/include/tcmode-default.inc
> @@ -30,9 +30,7 @@ LLVMVERSION ?= "10.0.1"
> PREFERRED_VERSION_gcc ?= "${GCCVERSION}"
> PREFERRED_VERSION_gcc-cross-${TARGET_ARCH} ?= "${GCCVERSION}"
> -PREFERRED_VERSION_gcc-cross-initial-${TARGET_ARCH} ?= "${GCCVERSION}"
> PREFERRED_VERSION_gcc-crosssdk-${SDK_SYS} ?= "${SDKGCCVERSION}"
> -PREFERRED_VERSION_gcc-crosssdk-initial-${SDK_SYS} ?= "${SDKGCCVERSION}"
> PREFERRED_VERSION_gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} ?=
> "${GCCVERSION}"
> PREFERRED_VERSION_gcc-runtime ?= "${GCCVERSION}"
> PREFERRED_VERSION_gcc-sanitizers ?= "${GCCVERSION}"
> diff --git a/meta/conf/layer.conf b/meta/conf/layer.conf
> index 1a01d02fef..38df0f3aff 100644
> --- a/meta/conf/layer.conf
> +++ b/meta/conf/layer.conf
> @@ -91,7 +91,7 @@ SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS += " \
> # dependency incidentally. This improves determinism and avoids build
> # failures when people switch to external toolchains.
> SSTATE_EXCLUDEDEPS_SYSROOT += ".*->bison-native"
> -# Nothing needs to depend on libc-initial/gcc-cross-initial
> +# Nothing needs to depend on libc-initial
> # base-passwd/shadow-sysroot don't need their dependencies
> SSTATE_EXCLUDEDEPS_SYSROOT += "\
> .*->.*-initial.* \
>
> --
> 2.17.1
>
> --
> This Communication is Confidential. We only send and receive email on the
>
> basis of the terms set out at www.taitradio.com/email_disclaimer
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142438):
https://lists.openembedded.org/g/openembedded-core/message/142438
Mute This Topic: https://lists.openembedded.org/mt/76769797/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] squashfs-tools: Allow COMP_DEFAULT to be changed easily at build time
> +python () {
> +# Change the default compression algorithm if requested.
> +comp_default = d.getVar('SQUASHFS_TOOLS_COMP_DEFAULT')
> +if comp_default != None:
> +d.appendVar('EXTRA_OEMAKE', ' COMP_DEFAULT=%s' % comp_default)
> +}
> +
This is overcomplicated. Just do:
SQUASHFS_TOOLS_COMP_DEFAULT ?= "gzip"
EXTRA_OEMAKE += "COMP_DEFAULT=${SQUASHFS_TOOLS_COMP_DEFAULT}"
This way the default is documented in the recipe, and we can change
the default easily too.
Ross
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142437):
https://lists.openembedded.org/g/openembedded-core/message/142437
Mute This Topic: https://lists.openembedded.org/mt/76776791/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] ncurses: remove config.cache
On Fri, 11 Sep 2020 at 01:38, Mittal, Anuj wrote: > > On Thu, 2020-09-10 at 21:53 +0100, Ross Burton wrote: > > From: Ross Burton > > You forgot to update your email somewhere? :) It's a patch from some time ago, forgot to change the ownership. :( Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#142436): https://lists.openembedded.org/g/openembedded-core/message/142436 Mute This Topic: https://lists.openembedded.org/mt/76765782/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] license_image.bbclass: Fix symlink to the image license manifest dir creation
If IMAGE_LINK_NAME is empty don't try to create the symlink.
[YOCTO #14042]
Signed-off-by: Diego Sueiro
---
meta/classes/license_image.bbclass | 18 ++
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/meta/classes/license_image.bbclass
b/meta/classes/license_image.bbclass
index 682d462..702e9f9 100644
--- a/meta/classes/license_image.bbclass
+++ b/meta/classes/license_image.bbclass
@@ -200,14 +200,16 @@ def license_deployed_manifest(d):
image_license_manifest = os.path.join(lic_manifest_dir,
'image_license.manifest')
write_license_files(d, image_license_manifest, man_dic, rootfs=False)
-lic_manifest_symlink_dir = os.path.join(d.getVar('LICENSE_DIRECTORY'),
-d.getVar('IMAGE_LINK_NAME'))
-# remove old symlink
-if os.path.islink(lic_manifest_symlink_dir):
-os.unlink(lic_manifest_symlink_dir)
-
-# create the image dir symlink
-os.symlink(lic_manifest_dir, lic_manifest_symlink_dir)
+link_name = d.getVar('IMAGE_LINK_NAME')
+if link_name:
+lic_manifest_symlink_dir = os.path.join(d.getVar('LICENSE_DIRECTORY'),
+link_name)
+# remove old symlink
+if os.path.islink(lic_manifest_symlink_dir):
+os.unlink(lic_manifest_symlink_dir)
+
+# create the image dir symlink
+os.symlink(lic_manifest_dir, lic_manifest_symlink_dir)
def get_deployed_dependencies(d):
"""
--
2.7.4
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142435):
https://lists.openembedded.org/g/openembedded-core/message/142435
Mute This Topic: https://lists.openembedded.org/mt/76777225/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] squashfs-tools: Allow COMP_DEFAULT to be changed easily at build time
The default compression algorithm is gzip, this patch allows the default
to be changed via a bbappend file by setting SQUASHFS_TOOLS_COMP_DEFAULT
to a valid compression algorithm.
Signed-off-by: Peter Morrow
---
...ols-Allow-COMP_DEFAULT-to-be-overridden-v.patch | 34 ++
.../squashfs-tools/squashfs-tools_git.bb | 8 +
2 files changed, 42 insertions(+)
create mode 100644
meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
diff --git
a/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
new file mode 100644
index 000..5f12c42
--- /dev/null
+++
b/meta/recipes-devtools/squashfs-tools/files/0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch
@@ -0,0 +1,34 @@
+From d2d9b517696f5950597f5b60ae8fdade5b7c14a9 Mon Sep 17 00:00:00 2001
+From: Peter Morrow
+Date: Fri, 4 Sep 2020 15:43:15 +0100
+Subject: [PATCH] squashfs-tools: Allow COMP_DEFAULT to be overridden via make
+ cmdline
+
+Currently the only way to modify the default compression algorithm is to
+modify the Makefile. It is useful to be able to set the default compression
+algorithm via the make command line since otherwise a build time search
+replace operation needs to be performed on the Makefile.
+
+Upstream-Status: Submitted [https://github.com/plougher/squashfs-tools/pull/93
]
+
+Signed-off-by: Peter Morrow
+---
+ squashfs-tools/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile
+index aee4b96..7425605 100644
+--- a/squashfs-tools/Makefile
b/squashfs-tools/Makefile
+@@ -85,7 +85,7 @@ GZIP_SUPPORT = 1
+ # in Mksquashfs. Obviously the compression algorithm must have been
+ # selected to be built
+ #
+-COMP_DEFAULT = gzip
++COMP_DEFAULT ?= gzip
+
+
+ ###
+--
+2.20.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
index b06951d..3c816cb 100644
--- a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
+++ b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
@@ -9,6 +9,7 @@ PV = "4.4"
SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67"
SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \
file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2 \
+
file://0001-squashfs-tools-Allow-COMP_DEFAULT-to-be-overridden-v.patch;striplevel=2
\
"
S = "${WORKDIR}/git/squashfs-tools"
@@ -25,6 +26,13 @@ PACKAGECONFIG[xattr] = "XATTR_SUPPORT=1,XATTR_SUPPORT=0,attr"
PACKAGECONFIG[zstd] = "ZSTD_SUPPORT=1,ZSTD_SUPPORT=0,zstd"
PACKAGECONFIG[reproducible] = "REPRODUCIBLE_DEFAULT=1,REPRODUCIBLE_DEFAULT=0,"
+python () {
+# Change the default compression algorithm if requested.
+comp_default = d.getVar('SQUASHFS_TOOLS_COMP_DEFAULT')
+if comp_default != None:
+d.appendVar('EXTRA_OEMAKE', ' COMP_DEFAULT=%s' % comp_default)
+}
+
do_compile() {
oe_runmake all
}
--
1.8.3.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142434):
https://lists.openembedded.org/g/openembedded-core/message/142434
Mute This Topic: https://lists.openembedded.org/mt/76776791/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] Application depending on gRPC not linking properly
I have been able to fix it by searching for the right grpc libraries in the
recipe-sysroot:
find_library(GRPC_LIBRARY grpc++
HINTS
${CMAKE_SOURCE_DIR}/recipe- sysroot)
if (GRPC_LIBRARY-NOTFOUND)
message(FATAL_ERROR "Could not find grpc++")
endif ()
find_path(GRPC_INCLUDE_DIR grpc++/grpc++.h
HINTS
${CMAKE_SOURCE_DIR}/recipe- sysroot)
add_library(gRPC::grpc++ UNKNOWN IMPORTED)
set_target_properties(gRPC:: grpc++
PROPERTIES INTERFACE_INCLUDE_DIRECTORIES
"${GRPC_INCLUDE_DIR}")
set_target_properties(gRPC:: grpc++
PROPERTIES IMPORTED_LOCATION
"${GRPC_LIBRARY}")
set(GRPC_LIBRARIES gRPC::grpc++)
and then at the end add to link the found grpc library to your application:
target_link_libraries(${ PROJECT_NAME}
PRIVATE protobuf::libprotobuf
PRIVATE ${GRPC_LIBRARIES}
)
I haven't changed anything to my recipe, just that I added an environment
setting which gets set as "YOCTO" to only execute this when it's being ran by
Yocto. Can do less hard coding (setting the hint as ${CMAKE_SOURCE_DIR}/recipe-
sysroot) by looking in CMAKE_SYSROOT.
This doesn't seem like an easy patch to add to gRPC. And since the issue, which
I linked in my first post, got already closed without providing a real
solution; it seems like the people at gRPC aren't really sure what is happening
either.
Kind regards,
Goran Broeckaert
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142433):
https://lists.openembedded.org/g/openembedded-core/message/142433
Mute This Topic: https://lists.openembedded.org/mt/76731562/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] cve-check: use SAFELIST
From: Lee Chee Yang
use safelist instead of whitelist.
Replace CVE_CHECK_PN_WHITELIST with CVE_CHECK_PN_SAFELIST.
Replace CVE_CHECK_WHITELIST with CVE_CHECK_SAFELIST.
Signed-off-by: Lee Chee Yang
---
meta/classes/cve-check.bbclass| 47 ++-
.../openssl/openssl_1.1.1g.bb | 2 +-
meta/recipes-core/glibc/glibc_2.32.bb | 2 +-
meta/recipes-devtools/cmake/cmake.inc | 2 +-
meta/recipes-devtools/python/python3_3.8.5.bb | 2 +-
meta/recipes-devtools/rsync/rsync_3.2.3.bb| 2 +-
.../iputils/iputils_s20200821.bb | 2 +-
meta/recipes-extended/procps/procps_3.3.16.bb | 2 +-
.../libpng/libpng_1.6.37.bb | 2 +-
.../libsndfile/libsndfile1_1.0.28.bb | 2 +-
meta/recipes-support/lz4/lz4_1.9.2.bb | 2 +-
meta/recipes-support/sqlite/sqlite3_3.33.0.bb | 2 +-
12 files changed, 35 insertions(+), 34 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 17f64a8a9c..82b2b40da0 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -40,15 +40,15 @@ CVE_CHECK_MANIFEST ?=
"${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve
CVE_CHECK_COPY_FILES ??= "1"
CVE_CHECK_CREATE_MANIFEST ??= "1"
-# Whitelist for packages (PN)
-CVE_CHECK_PN_WHITELIST ?= ""
+# Safelist for packages (PN)
+CVE_CHECK_PN_SAFELIST ?= ""
-# Whitelist for CVE. If a CVE is found, then it is considered patched.
+# Safelist for CVE. If a CVE is found, then it is considered patched.
# The value is a string containing space separated CVE values:
-#
-# CVE_CHECK_WHITELIST = 'CVE-2014-2524 CVE-2018-1234'
-#
-CVE_CHECK_WHITELIST ?= ""
+#
+# CVE_CHECK_SAFELIST = 'CVE-2014-2524 CVE-2018-1234'
+#
+CVE_CHECK_SAFELIST ?= ""
python cve_save_summary_handler () {
import shutil
@@ -87,10 +87,10 @@ python do_cve_check () {
patched_cves = get_patches_cves(d)
except FileNotFoundError:
bb.fatal("Failure in searching patches")
-whitelisted, patched, unpatched = check_cves(d, patched_cves)
+safelisted, patched, unpatched = check_cves(d, patched_cves)
if patched or unpatched:
cve_data = get_cve_info(d, patched + unpatched)
-cve_write_data(d, patched, unpatched, whitelisted, cve_data)
+cve_write_data(d, patched, unpatched, safelisted, cve_data)
else:
bb.note("No CVE database found, skipping CVE check")
@@ -213,15 +213,16 @@ def check_cves(d, patched_cves):
return ([], [], [])
pv = d.getVar("CVE_VERSION").split("+git")[0]
-# If the recipe has been whitlisted we return empty lists
-if d.getVar("PN") in d.getVar("CVE_CHECK_PN_WHITELIST").split():
-bb.note("Recipe has been whitelisted, skipping check")
+if d.getVar("CVE_CHECK_PN_WHITELIST"):
+bb.warn("CVE_CHECK_PN_WHITELIST is deprecated, please use
CVE_CHECK_PN_SAFELIST.")
+# If the recipe has been safelisted we return empty lists
+if d.getVar("PN") in d.getVar("CVE_CHECK_PN_SAFELIST").split():
+bb.note("Recipe has been safelisted, skipping check")
return ([], [], [])
-old_cve_whitelist = d.getVar("CVE_CHECK_CVE_WHITELIST")
-if old_cve_whitelist:
-bb.warn("CVE_CHECK_CVE_WHITELIST is deprecated, please use
CVE_CHECK_WHITELIST.")
-cve_whitelist = d.getVar("CVE_CHECK_WHITELIST").split()
+if d.getVar("CVE_CHECK_CVE_WHITELIST") or d.getVar("CVE_CHECK_WHITELIST"):
+bb.warn("CVE_CHECK_CVE_WHITELIST and CVE_CHECK_WHITELIST is
deprecated, please use CVE_CHECK_SAFELIST.")
+cve_safelist = d.getVar("CVE_CHECK_SAFELIST").split()
import sqlite3
db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
@@ -238,9 +239,9 @@ def check_cves(d, patched_cves):
for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE
PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)):
cve = cverow[0]
-if cve in cve_whitelist:
-bb.note("%s-%s has been whitelisted for %s" % (product, pv,
cve))
-# TODO: this should be in the report as 'whitelisted'
+if cve in cve_safelist:
+bb.note("%s-%s has been safelisted for %s" % (product, pv,
cve))
+# TODO: this should be in the report as 'safelisted'
patched_cves.add(cve)
continue
elif cve in patched_cves:
@@ -294,7 +295,7 @@ def check_cves(d, patched_cves):
conn.close()
-return (list(cve_whitelist), list(patched_cves), cves_unpatched)
+return (list(cve_safelist), list(patched_cves), cves_unpatched)
def get_cve_info(d, cves):
"""
@@ -318,7 +319,7 @@ def get_cve_info(d, cves):
conn.close()
return cve_data
-def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
+def cve_write_data(d, patched, unpatched, safelisted, cve_data):
"""
Write CVE information in WORKDIR; and
[OE-core][zeus][PATCH] procps: fix the top command crash issue
Avoid a potential SEGV during program termination.
Backported the patch form:
https://gitlab.com/procps-ng/procps/-/commit/d37f85c269fbb6e905802ffdbce0ba4173ba21a9
Signed-off-by: Zhixiong Chi
---
...ntial-SEGV-during-program-terminatio.patch | 61 +++
meta/recipes-extended/procps/procps_3.3.15.bb | 1 +
2 files changed, 62 insertions(+)
create mode 100644
meta/recipes-extended/procps/procps/0001-top-avoid-a-potential-SEGV-during-program-terminatio.patch
diff --git
a/meta/recipes-extended/procps/procps/0001-top-avoid-a-potential-SEGV-during-program-terminatio.patch
b/meta/recipes-extended/procps/procps/0001-top-avoid-a-potential-SEGV-during-program-terminatio.patch
new file mode 100644
index 00..4f7a01e41b
--- /dev/null
+++
b/meta/recipes-extended/procps/procps/0001-top-avoid-a-potential-SEGV-during-program-terminatio.patch
@@ -0,0 +1,61 @@
+From d37f85c269fbb6e905802ffdbce0ba4173ba21a9 Mon Sep 17 00:00:00 2001
+From: Jim Warner
+Date: Tue, 6 Aug 2019 00:00:00 -0500
+Subject: [PATCH] top: avoid a potential SEGV during program termination
+
+The backtrace shown in the bug report referenced below
+illustrates a 'normal' program termination interrupted
+with some signal, ultimately then causing a top crash.
+
+So this commit just rearranges a little code such that
+all signals will be blocked during that rather lengthy
+end of program processing regardless of how initiated.
+
+[ in that report, ignore the assertion regarding the ]
+[ '-n' option. it obviously was not '1' since do_key ]
+[ had been called, which otherwise wouldn't be true. ]
+
+[ and when it is '1' the -d option would be ignored. ]
+
+Reference(s):
+https://bugzilla.redhat.com/show_bug.cgi?id=1737552
+
+Signed-off-by: Jim Warner
+Upstream-Status: Backport[https://gitlab.com/procps-ng/procps.git]
+Signed-off-by: Shaohua Zhan
+Signed-off-by: Zhixiong Chi
+---
+ top/top.c | 11 +--
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/top/top.c b/top/top.c
+index b01907a..73598e2 100644
+--- a/top/top.c
b/top/top.c
+@@ -404,6 +404,11 @@ static void at_eoj (void) {
+ * The real program end */
+ static void bye_bye (const char *str) NORETURN;
+ static void bye_bye (const char *str) {
++ sigset_t ss;
++
++// POSIX.1-2004 async-signal-safe: sigfillset, sigprocmask
++ sigfillset();
++ sigprocmask(SIG_BLOCK, , NULL);
+at_eoj(); // restore tty in preparation for exit
+ #ifdef ATEOJ_RPTSTD
+ { proc_t *p;
+@@ -595,12 +600,6 @@ static void sig_abexit (int sig) {
+ *SIGUSR1 and SIGUSR2 */
+ static void sig_endpgm (int dont_care_sig) NORETURN;
+ static void sig_endpgm (int dont_care_sig) {
+- sigset_t ss;
+-
+-// POSIX.1-2004 async-signal-safe: sigfillset, sigprocmask
+- sigfillset();
+- sigprocmask(SIG_BLOCK, , NULL);
+- Frames_signal = BREAK_sig;
+bye_bye(NULL);
+(void)dont_care_sig;
+ } // end: sig_endpgm
+--
+GitLab
diff --git a/meta/recipes-extended/procps/procps_3.3.15.bb
b/meta/recipes-extended/procps/procps_3.3.15.bb
index f240e54fd8..b299779253 100644
--- a/meta/recipes-extended/procps/procps_3.3.15.bb
+++ b/meta/recipes-extended/procps/procps_3.3.15.bb
@@ -15,6 +15,7 @@ inherit autotools gettext pkgconfig update-alternatives
SRC_URI =
"http://downloads.sourceforge.net/project/procps-ng/Production/procps-ng-${PV}.tar.xz
\
file://sysctl.conf \
file://0001-Fix-out-of-tree-builds.patch \
+
file://0001-top-avoid-a-potential-SEGV-during-program-terminatio.patch \
"
SRC_URI[md5sum] = "2b0717a7cb474b3d6dfdeedfbad2eccc"
--
2.17.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142431):
https://lists.openembedded.org/g/openembedded-core/message/142431
Mute This Topic: https://lists.openembedded.org/mt/76774594/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
