[OE-core] [PATCH] oe-timeout-dd-test.sh: make script executable

[Sakib Sajal]

Signed-off-by: Sakib Sajal 
---
 scripts/oe-timeout-dd-test.sh | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 scripts/oe-timeout-dd-test.sh

diff --git a/scripts/oe-timeout-dd-test.sh b/scripts/oe-timeout-dd-test.sh
old mode 100644
new mode 100755
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149142): 
https://lists.openembedded.org/g/openembedded-core/message/149142
Mute This Topic: https://lists.openembedded.org/mt/81196160/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] buildstats.bbclass: improve timeout handling

[Sakib Sajal]

The subprocess that runs the commands periodically
times out prematurely even when there is sufficient
time available within the given interval for the
commands to run.

This change improves timeout handling and give all the
commands equal time to run.

Signed-off-by: Sakib Sajal 
---
 meta/classes/buildstats.bbclass | 42 +++--
 1 file changed, 35 insertions(+), 7 deletions(-)

diff --git a/meta/classes/buildstats.bbclass b/meta/classes/buildstats.bbclass
index a8ee6e69a6..8e03039aeb 100644
--- a/meta/classes/buildstats.bbclass
+++ b/meta/classes/buildstats.bbclass
@@ -106,26 +106,54 @@ def write_task_data(status, logfile, e, d):
 
 def write_host_data(logfile, e, d):
 import subprocess, os, datetime
+# minimum time allowed for each command to run, in seconds
+time_threshold = 0.5
+# the total number of commands
+num_cmds = 0
+# interval at which data will be logged
+interval = int(d.getVar("BB_HEARTBEAT_EVENT", False))
+# the commands to be run at each interval
 cmds = d.getVar('BB_LOG_HOST_STAT_CMDS')
+# if no commands are passed, issue a warning and return
 if cmds is None:
 d.setVar("BB_LOG_HOST_STAT_ON_INTERVAL", "0")
 d.setVar("BB_LOG_HOST_STAT_ON_FAILURE", "0")
-bb.warn("buildstats: Collecting host data failed. Set 
BB_LOG_HOST_STAT_CMDS=\"command1 ; command2 ; ... \" in conf\/local.conf\n")
+bb.warn("buildstats: Collecting host data failed. Set 
BB_LOG_HOST_STAT_CMDS=\"command1 ; command2 ; ... \" in conf/local.conf\n")
 return
+# find the total commands
+c_san = []
+for cmd in cmds.split(";"):
+if len(cmd) == 0:
+continue
+num_cmds += 1
+c_san.append(cmd)
+if num_cmds <= 0:
+d.setVar("BB_LOG_HOST_STAT_ON_INTERVAL", "0")
+d.setVar("BB_LOG_HOST_STAT_ON_FAILURE", "0")
+return
+
+# return if the interval is not enough to run all commands within the 
specified BB_HEARTBEAT_EVENT interval
+limit = interval / num_cmds
+if limit <= time_threshold:
+d.setVar("BB_LOG_HOST_STAT_ON_INTERVAL", "0")
+d.setVar("BB_LOG_HOST_STAT_ON_FAILURE", "0")
+bb.warn("buildstats: Collecting host data failed. BB_HEARTBEAT_EVENT 
interval not enough to run the specified commands. HINT: Increase value of 
BB_HEARTBEAT_EVENT in conf/local.conf\n")
+return
+
+# set the environment variables 
 path = d.getVar("PATH")
 opath = d.getVar("BB_ORIGENV", False).getVar("PATH")
 ospath = os.environ['PATH']
 os.environ['PATH'] = path + ":" + opath + ":" + ospath
 with open(logfile, "a") as f:
 f.write("Event Time: %f\nDate: %s\n" % (e.time, 
datetime.datetime.now()))
-for cmd in cmds.split(";"):
-if len(cmd) == 0:
-continue
+for c in c_san:
 try:
-output = subprocess.check_output(cmd.split(), 
stderr=subprocess.STDOUT, timeout=1).decode('utf-8')
+output = subprocess.check_output(c.split(), 
stderr=subprocess.STDOUT, timeout=limit).decode('utf-8')
 except (subprocess.CalledProcessError, subprocess.TimeoutExpired, 
FileNotFoundError) as err:
-output = "Error running command: %s\n%s\n" % (cmd, err)
-f.write("%s\n%s\n" % (cmd, output))
+output = "Error running command: %s\n%s\n" % (c, err)
+f.write("%s\n%s\n" % (c, output))
+# reset the environment
 os.environ['PATH'] = ospath
 
 python run_buildstats () {
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149141): 
https://lists.openembedded.org/g/openembedded-core/message/149141
Mute This Topic: https://lists.openembedded.org/mt/81196152/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] webkitgtk: Link libatomic on RISCV

[Khem Raj]

upstream is informed about this via
https://bugs.webkit.org/show_bug.cgi?id=222959

On Mon, Mar 8, 2021 at 7:58 PM Alexander Kanavin  wrote:
>
> Please send the patches upstream first, I wouldn’t normally ask for it 
> explicitly, but there’s a history of webkit patches that are forever pending 
> and cause pain on version updates.
>
> Alex
>
> On Tue 9. Mar 2021 at 4.54, Khem Raj  wrote:
>>
>> This fixes linking failures
>> Source/WTF/wtf/text/StringImpl.h:1115: undefined reference to 
>> `__atomic_compare_exchange_1'
>>
>> Signed-off-by: Khem Raj 
>> ---
>>  .../webkitgtk/webdriver-libatomic.patch   | 23 +++
>>  meta/recipes-sato/webkit/webkitgtk_2.30.5.bb  |  3 +++
>>  2 files changed, 26 insertions(+)
>>  create mode 100644 
>> meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
>>
>> diff --git a/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch 
>> b/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
>> new file mode 100644
>> index 00..bd9ac9d1f5
>> --- /dev/null
>> +++ b/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
>> @@ -0,0 +1,23 @@
>> +link with libatomic
>> +
>> +This fixes build with C11
>> +
>> +lib/../Source/WTF/wtf/CMakeFiles/WTF.dir/Assertions.cpp.o:/usr/include/c++/11.0.1/bits/atomic_base.h:520:
>>  more undefined references to `__atomic_compare_exchange_1' follow
>> +| collect2: error: ld returned 1 exit status
>> +
>> +Upstream-Status: Pending
>> +Signed-off-by: Khem Raj 
>> +
>> +--- a/Source/WTF/wtf/CMakeLists.txt
>>  b/Source/WTF/wtf/CMakeLists.txt
>> +@@ -529,6 +529,10 @@ list(APPEND WTF_LIBRARIES
>> + ICU::uc
>> + )
>> +
>> ++list(APPEND WTF_LIBRARIES
>> ++ -Wl,--as-needed -Wl,-latomic -Wl,--no-as-needed
>> ++)
>> ++
>> + set(WTF_INTERFACE_LIBRARIES WTF)
>> + set(WTF_INTERFACE_INCLUDE_DIRECTORIES ${WTF_FRAMEWORK_HEADERS_DIR})
>> + set(WTF_INTERFACE_DEPENDENCIES WTF_CopyHeaders)
>> diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb 
>> b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
>> index a1dd76ce81..3daf31f7d3 100644
>> --- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
>> +++ b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
>> @@ -20,6 +20,9 @@ SRC_URI = 
>> "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
>> file://include_xutil.patch \
>> file://reduce-memory-overheads.patch \
>> "
>> +SRC_URI_append_riscv64 = " file://webdriver-libatomic.patch"
>> +SRC_URI_append_riscv32 = " file://webdriver-libatomic.patch"
>> +
>>  SRC_URI[sha256sum] = 
>> "7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f"
>>
>>  inherit cmake pkgconfig gobject-introspection perlnative features_check 
>> upstream-version-is-even gtk-doc
>> --
>> 2.30.1
>>
>>
>> 
>>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149140): 
https://lists.openembedded.org/g/openembedded-core/message/149140
Mute This Topic: https://lists.openembedded.org/mt/81193908/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] webkitgtk: Use linker options to reduce memory overhead during linking

[Khem Raj]

On Mon, Mar 8, 2021 at 7:50 PM Alexander Kanavin  wrote:
>
> Can you please explain the context for this? Why would we want to support 
> building webkit on such constrained machines? 8g of ram means they can’t run 
> more than 4-6 gcc processes, so webkit builds will be unbearably slow anyway.
>

this helps to avoid unwanted build breaks since gcc crashes when
memory pressure is too high,
when doing parallel builds this can happen very often since there are
other tasks running in parallel, so these situations can arise often
we have seen this happen on machines with 16GB RAM
therefore saving some of the memory during linking helps reduce these
breakages. they can still happen if say machine was doing more than 1
builds in parallel but at least tools have done what they could.

> Alex
>
> On Tue 9. Mar 2021 at 1.00, Khem Raj  wrote:
>>
>> Helps builds on machines with less RAM ( 8G )
>>
>> Signed-off-by: Khem Raj 
>> ---
>>  .../webkitgtk/reduce-memory-overheads.patch   | 22 +++
>>  meta/recipes-sato/webkit/webkitgtk_2.30.5.bb  |  1 +
>>  2 files changed, 23 insertions(+)
>>  create mode 100644 
>> meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
>>
>> diff --git 
>> a/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch 
>> b/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
>> new file mode 100644
>> index 00..0493150a91
>> --- /dev/null
>> +++ b/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
>> @@ -0,0 +1,22 @@
>> +From: Alberto Garcia 
>> +Subject: Reduce memory usage when not using the Gold linker
>> +Bug-Debian: https://bugs.debian.org/949621
>> +Forwarded: no
>> +
>> +Upstream-Status: Pending
>> +Signed-off-by: Khem Raj 
>> +--- a/Source/cmake/OptionsCommon.cmake
>>  b/Source/cmake/OptionsCommon.cmake
>> +@@ -95,6 +95,12 @@ option(GCC_OFFLINEASM_SOURCE_MAP
>> +   "Produce debug line information for offlineasm-generated code"
>> +   ${GCC_OFFLINEASM_SOURCE_MAP_DEFAULT})
>> +
>> ++# Pass --reduce-memory-overheads to the bfd linker in order to save memory
>> ++if (NOT USE_LD_GOLD)
>> ++set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} 
>> -Wl,--reduce-memory-overheads")
>> ++set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} 
>> -Wl,--reduce-memory-overheads")
>> ++endif ()
>> ++
>> + # Enable the usage of OpenMP.
>> + #  - At this moment, OpenMP is only used as an alternative implementation
>> + #to native threads for the parallelization of the SVG filters.
>> diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb 
>> b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
>> index 2928b8e55b..a1dd76ce81 100644
>> --- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
>> +++ b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
>> @@ -18,6 +18,7 @@ SRC_URI = 
>> "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
>> file://0001-Fix-build-with-musl.patch \
>> file://include_array.patch \
>> file://include_xutil.patch \
>> +   file://reduce-memory-overheads.patch \
>> "
>>  SRC_URI[sha256sum] = 
>> "7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f"
>>
>> --
>> 2.30.1
>>
>>
>> 
>>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149139): 
https://lists.openembedded.org/g/openembedded-core/message/149139
Mute This Topic: https://lists.openembedded.org/mt/81189464/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] webkitgtk: Link libatomic on RISCV

[Alexander Kanavin]

Please send the patches upstream first, I wouldn’t normally ask for it
explicitly, but there’s a history of webkit patches that are forever
pending and cause pain on version updates.

Alex

On Tue 9. Mar 2021 at 4.54, Khem Raj  wrote:

> This fixes linking failures
> Source/WTF/wtf/text/StringImpl.h:1115: undefined reference to
> `__atomic_compare_exchange_1'
>
> Signed-off-by: Khem Raj 
> ---
>  .../webkitgtk/webdriver-libatomic.patch   | 23 +++
>  meta/recipes-sato/webkit/webkitgtk_2.30.5.bb  |  3 +++
>  2 files changed, 26 insertions(+)
>  create mode 100644
> meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
>
> diff --git a/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
> b/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
> new file mode 100644
> index 00..bd9ac9d1f5
> --- /dev/null
> +++ b/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
> @@ -0,0 +1,23 @@
> +link with libatomic
> +
> +This fixes build with C11
> +
> +lib/../Source/WTF/wtf/CMakeFiles/WTF.dir/Assertions.cpp.o:/usr/include/c++/11.0.1/bits/atomic_base.h:520:
> more undefined references to `__atomic_compare_exchange_1' follow
> +| collect2: error: ld returned 1 exit status
> +
> +Upstream-Status: Pending
> +Signed-off-by: Khem Raj 
> +
> +--- a/Source/WTF/wtf/CMakeLists.txt
>  b/Source/WTF/wtf/CMakeLists.txt
> +@@ -529,6 +529,10 @@ list(APPEND WTF_LIBRARIES
> + ICU::uc
> + )
> +
> ++list(APPEND WTF_LIBRARIES
> ++ -Wl,--as-needed -Wl,-latomic -Wl,--no-as-needed
> ++)
> ++
> + set(WTF_INTERFACE_LIBRARIES WTF)
> + set(WTF_INTERFACE_INCLUDE_DIRECTORIES ${WTF_FRAMEWORK_HEADERS_DIR})
> + set(WTF_INTERFACE_DEPENDENCIES WTF_CopyHeaders)
> diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> index a1dd76ce81..3daf31f7d3 100644
> --- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> +++ b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> @@ -20,6 +20,9 @@ SRC_URI = "
> https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
> file://include_xutil.patch \
> file://reduce-memory-overheads.patch \
> "
> +SRC_URI_append_riscv64 = " file://webdriver-libatomic.patch"
> +SRC_URI_append_riscv32 = " file://webdriver-libatomic.patch"
> +
>  SRC_URI[sha256sum] =
> "7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f"
>
>  inherit cmake pkgconfig gobject-introspection perlnative features_check
> upstream-version-is-even gtk-doc
> --
> 2.30.1
>
>
> 
>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149138): 
https://lists.openembedded.org/g/openembedded-core/message/149138
Mute This Topic: https://lists.openembedded.org/mt/81193908/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] webkitgtk: Link libatomic on RISCV

[Khem Raj]

This fixes linking failures
Source/WTF/wtf/text/StringImpl.h:1115: undefined reference to 
`__atomic_compare_exchange_1'

Signed-off-by: Khem Raj 
---
 .../webkitgtk/webdriver-libatomic.patch   | 23 +++
 meta/recipes-sato/webkit/webkitgtk_2.30.5.bb  |  3 +++
 2 files changed, 26 insertions(+)
 create mode 100644 meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch

diff --git a/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch 
b/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
new file mode 100644
index 00..bd9ac9d1f5
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/webdriver-libatomic.patch
@@ -0,0 +1,23 @@
+link with libatomic
+
+This fixes build with C11
+
+lib/../Source/WTF/wtf/CMakeFiles/WTF.dir/Assertions.cpp.o:/usr/include/c++/11.0.1/bits/atomic_base.h:520:
 more undefined references to `__atomic_compare_exchange_1' follow
+| collect2: error: ld returned 1 exit status
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj 
+
+--- a/Source/WTF/wtf/CMakeLists.txt
 b/Source/WTF/wtf/CMakeLists.txt
+@@ -529,6 +529,10 @@ list(APPEND WTF_LIBRARIES
+ ICU::uc
+ )
+ 
++list(APPEND WTF_LIBRARIES
++ -Wl,--as-needed -Wl,-latomic -Wl,--no-as-needed
++)
++
+ set(WTF_INTERFACE_LIBRARIES WTF)
+ set(WTF_INTERFACE_INCLUDE_DIRECTORIES ${WTF_FRAMEWORK_HEADERS_DIR})
+ set(WTF_INTERFACE_DEPENDENCIES WTF_CopyHeaders)
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb 
b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
index a1dd76ce81..3daf31f7d3 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
@@ -20,6 +20,9 @@ SRC_URI = 
"https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
file://include_xutil.patch \
file://reduce-memory-overheads.patch \
"
+SRC_URI_append_riscv64 = " file://webdriver-libatomic.patch"
+SRC_URI_append_riscv32 = " file://webdriver-libatomic.patch"
+
 SRC_URI[sha256sum] = 
"7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f"
 
 inherit cmake pkgconfig gobject-introspection perlnative features_check 
upstream-version-is-even gtk-doc
-- 
2.30.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149137): 
https://lists.openembedded.org/g/openembedded-core/message/149137
Mute This Topic: https://lists.openembedded.org/mt/81193908/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] webkitgtk: Use linker options to reduce memory overhead during linking

[Alexander Kanavin]

Can you please explain the context for this? Why would we want to support
building webkit on such constrained machines? 8g of ram means they can’t
run more than 4-6 gcc processes, so webkit builds will be unbearably slow
anyway.

Alex

On Tue 9. Mar 2021 at 1.00, Khem Raj  wrote:

> Helps builds on machines with less RAM ( 8G )
>
> Signed-off-by: Khem Raj 
> ---
>  .../webkitgtk/reduce-memory-overheads.patch   | 22 +++
>  meta/recipes-sato/webkit/webkitgtk_2.30.5.bb  |  1 +
>  2 files changed, 23 insertions(+)
>  create mode 100644
> meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
>
> diff --git
> a/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
> b/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
> new file mode 100644
> index 00..0493150a91
> --- /dev/null
> +++ b/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
> @@ -0,0 +1,22 @@
> +From: Alberto Garcia 
> +Subject: Reduce memory usage when not using the Gold linker
> +Bug-Debian: https://bugs.debian.org/949621
> +Forwarded: no
> +
> +Upstream-Status: Pending
> +Signed-off-by: Khem Raj 
> +--- a/Source/cmake/OptionsCommon.cmake
>  b/Source/cmake/OptionsCommon.cmake
> +@@ -95,6 +95,12 @@ option(GCC_OFFLINEASM_SOURCE_MAP
> +   "Produce debug line information for offlineasm-generated code"
> +   ${GCC_OFFLINEASM_SOURCE_MAP_DEFAULT})
> +
> ++# Pass --reduce-memory-overheads to the bfd linker in order to save
> memory
> ++if (NOT USE_LD_GOLD)
> ++set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS}
> -Wl,--reduce-memory-overheads")
> ++set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS}
> -Wl,--reduce-memory-overheads")
> ++endif ()
> ++
> + # Enable the usage of OpenMP.
> + #  - At this moment, OpenMP is only used as an alternative implementation
> + #to native threads for the parallelization of the SVG filters.
> diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> index 2928b8e55b..a1dd76ce81 100644
> --- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> +++ b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
> @@ -18,6 +18,7 @@ SRC_URI = "
> https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
> file://0001-Fix-build-with-musl.patch \
> file://include_array.patch \
> file://include_xutil.patch \
> +   file://reduce-memory-overheads.patch \
> "
>  SRC_URI[sha256sum] =
> "7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f"
>
> --
> 2.30.1
>
>
> 
>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149136): 
https://lists.openembedded.org/g/openembedded-core/message/149136
Mute This Topic: https://lists.openembedded.org/mt/81189464/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 00/52] pull request (cover letter only)

[Anuj Mittal]

Please merge these changes in gatesgarth.

Thanks,

Anuj

The following changes since commit 0e5605af9ebbfceffd510e42013d4eaa76c4e820:

  acpica: Fix reproducibility issues (2021-02-22 23:53:37 +0800)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib stable/gatesgarth-next

Andrei Gherzan (1):
  oe/recipeutils: Fix copying patches when BBLAYERS entries are not
normalised

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.96
  linux-yocto/5.4: update to v5.4.98

Florian Bezdeka (1):
  wic: Warn if an ext filesystem affected by the Y2038 problem is used

Jan-Simon Möller (1):
  package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm
class

Khem Raj (2):
  go: Update to 1.15.8
  oeqa/pam: Need shadow installed for the tests

Lee Chee Yang (2):
  python3: fix CVE-2021-23336
  libsdl2: fix CVE-2020-14409 CVE-2020-14410

Martin Jansa (1):
  sstatesig.py: show an error instead of warning when sstate manifest
isn't found

Michael Halstead (2):
  yocto-uninative.inc: version 2.11 updates glibc to 2.33
  yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround

Mike Crowe (1):
  externalsrc: Pass through npmsw URIs in SRC_URI

Milan Shah (1):
  report-error.bbclass: Add layer and bitbake version info to error
report

Mingli Yu (1):
  python3: Fix python interpreter line length for nativesdk

Minjae Kim (1):
  bind: fix CVE-2020-8625

Peter Kjellerstedt (1):
  asciidoc: Switch to using the main branch

Richard Purdie (19):
  xorg-fonts-minimal: Fix reproducibility
  xorg-minimal-fonts: Really fix determinism
  git: Fix determinism issue
  groff: Fix determinism issue
  oeqa/commands: Fix compatibility with python 3.9
  linux-firmware: upgrade 20201218 -> 20210208
  rsync: Fix a file sorting determinism issue
  rsync: Fix group name determinism issue
  libevdev: Update patch status to backport
  babeltrace2: Fix reproducibility
  cups: Fix reproducibility issues
  gcr: Fix reproducibility issue
  epiphany: Fix reproducibility issue
  epiphany: Fix distributor contamination from /etc/os-release
  image: Add directories to PSEUDO_IGNORE_PATHS
  populate_sdk: Add directories to PSEUDO_IGNORE_PATHS
  bitbake.conf/image: Move image specific PSEUDO_IGNORE_PATHS to image
class
  bitbake.conf: Split PSEUDO_IGNORE_PATHS to be more readable
  parted: Fix reproducibility issue

Ross Burton (1):
  rootfs_deb: handle aarch64 SDK_ARCH

Scott Murray (1):
  screen: fix CVE-2021-26937

Stefan Ghinea (2):
  wpa-supplicant: fix CVE-2021-0326
  cups: fix CVE-2020-10001

Thomas Viehweger (1):
  mtd-utils: Remove duplicate assignments to alternative link names

Tomasz Dziendzielski (1):
  bitbake.conf: Introduce FAKEROOTLOGS variable used by bitbake to print
pseudo.log

Vivien Didelot (2):
  local.conf.sample.extended: prefer INIT_MANAGER
  systemd: Fix importd requirements comment

Wang Mingyu (1):
  openssl: upgrade 1.1.1i -> 1.1.1j

Wes Lindauer (1):
  df.py: Add feature check for read-only-rootfs

Yi Fan Yu (2):
  valgrind: Disable ptest nlcontrolc for x86-64
  valgrind: Increase timeout duration 30 -> 90 s

Yoann Congal (1):
  npm.bbclass: avoid building target nodejs for native npm recipes

Zbigniew Bodek (1):
  wpebackend-fdo: Fix missing .so symlink when using dev package

akuster (2):
  cve-check.bbclass: add layer to cve log
  cve-check: add include/exclude layers

 meta/classes/cve-check.bbclass|   21 +
 meta/classes/externalsrc.bbclass  |1 +
 meta/classes/image.bbclass|2 +
 meta/classes/npm.bbclass  |2 +-
 meta/classes/package_rpm.bbclass  |1 +
 meta/classes/populate_sdk_base.bbclass|2 +-
 meta/classes/report-error.bbclass |4 +
 meta/classes/rootfs_deb.bbclass   |4 +
 meta/conf/bitbake.conf|6 +-
 meta/conf/distro/include/yocto-uninative.inc  |   10 +-
 meta/conf/local.conf.sample.extended  |   21 +-
 meta/lib/oe/recipeutils.py|2 +-
 meta/lib/oe/sstatesig.py  |2 +-
 meta/lib/oeqa/runtime/cases/df.py |2 +
 meta/lib/oeqa/runtime/cases/pam.py|3 +
 meta/lib/oeqa/utils/commands.py   |4 +-
 .../bind/bind-9.16.7/CVE-2020-8625.patch  |   29 +
 meta/recipes-connectivity/bind/bind_9.16.7.bb |1 +
 .../{openssl_1.1.1i.bb => openssl_1.1.1j.bb}  |2 +-
 .../wpa-supplicant/CVE-2021-0326.patch|   45 +
 .../wpa-supplicant/wpa-supplicant_2.9.bb  |1 +
 meta/recipes-core/systemd/systemd_246.9.bb|2 +-
 meta/recipes-devtools/git/git.inc |3 +-
 meta/recipes-devtools/git/git/fixsort.patch   |   31 +
 meta/recipes-devtools/go/go-1.15.inc  |4 +-
 ...e_1.15.6.bb => go-binary-native_1.15.8.bb} |4 +-
 meta/recipes-devtools/mtd/mtd-utils_git.bb|2 -
 .../python/python3/CVE-2021-23336.patch   |  548 +
 met

Re: [OE-core] [PATCH 1/1] extrausers: Add ability to force password change on first login

[Chen Qi]

Hi Mark,

Is it something similar to 'passwd-expire' in this extrausers.bbclass?

Best Regards,
Chen Qi

On 03/09/2021 02:08 AM, Mark Hatle wrote:

As documented in shadow(5), the third parameter is the last login time.  A
special value of '0' is defined which causes the password system to force
a password change on next login.

Adding the variable "EXTRA_FORCE_PASSWORD_CHANGE", a space separated list of
user names, we can use this to adjust the shadow file's third value for the
listed users.

Note: This does have the same dependencies as other usages of extrausers,
specifically base-passwd and shadow.

Signed-off-by: Mark Hatle 
Signed-off-by: Mark Hatle 
---
  meta/classes/extrausers.bbclass | 29 +++--
  meta/conf/documentation.conf|  1 +
  2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/meta/classes/extrausers.bbclass b/meta/classes/extrausers.bbclass
index 90811bfe2a..e9d9358bef 100644
--- a/meta/classes/extrausers.bbclass
+++ b/meta/classes/extrausers.bbclass
@@ -14,10 +14,10 @@
  
  inherit useradd_base
  
-PACKAGE_INSTALL_append = " ${@['', 'base-passwd shadow'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"

+PACKAGE_INSTALL_append = " ${@['', 'base-passwd 
shadow'][bool(d.getVar('EXTRA_USERS_PARAMS')) or 
bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
  
  # Image level user / group settings

-ROOTFS_POSTPROCESS_COMMAND_append = " set_user_group;"
+ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
set_user_group;'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"
  
  # Image level user / group settings

  set_user_group () {
@@ -66,6 +66,31 @@ set_user_group () {
done
  }
  
+# Image level force a specific user/users to reset their password on first login

+# Note: this requires shadow passwords and login programs that respect the 
shadow
+# expiration field.
+ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
force_password_change;'][bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
+
+# Works by setting 'date of last password change' to 0, which has a special
+# meaning of 'user should change her password the next time she will log in the
+# system' See: shadow (5)
+force_password_change () {
+   if [ ! -e ${IMAGE_ROOTFS}/etc/shadow ]; then
+   bberror "/etc/shadow does not exist in the image, unable to set 
password change on login."
+   return
+   fi
+   passwd_change_users="${EXTRA_FORCE_PASSWORD_CHANGE}"
+   export PSEUDO="${FAKEROOTENV} ${STAGING_DIR_NATIVE}${bindir}/pseudo"
+   for name in $passwd_change_users; do
+   if ! grep -q '^'$name':' ${IMAGE_ROOTFS}/etc/shadow ; then
+   bberror "Unable to find user $name in /etc/shadow, unable to 
set password change on login."
+   fi
+   bbnote "Set user $name to need a password change on first 
login."
+   cmd="sed -i ${IMAGE_ROOTFS}/etc/shadow -e 
's,^'$name':\\([^:]*\\):[^:]*:,'$name':\\1:0:,'"
+   eval flock -x ${IMAGE_ROOTFS}${sysconfdir} -c \"$PSEUDO $cmd\" 
|| true
+   done
+}
+
  USERADDEXTENSION ?= ""
  
  inherit ${USERADDEXTENSION}

diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf
index c5a38b0764..d1c5b8b1a3 100644
--- a/meta/conf/documentation.conf
+++ b/meta/conf/documentation.conf
@@ -169,6 +169,7 @@ EXTRA_OESCONS[doc] = "When a recipe inherits the scons 
class, this variable spec
  EXTRA_QMAKEVARS_POST[doc] = "Configuration variables or options you want to pass 
to qmake when the arguments need to be after the .pro file list on the command line."
  EXTRA_QMAKEVARS_PRE[doc] = "Configuration variables or options you want to pass to 
qmake when the arguments need to be before the .pro file list on the command line."
  EXTRA_USERS_PARAMS[doc] = "When a recipe inherits the extrausers class, this 
variable provides image level user and group operations."
+EXTRA_FORCE_PASSWORD_CHANGE[doc] = "When a recipe inherits the extrausers class, 
this variable causes the specified users to require a password change on first 
login."
  
  #F
  








-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149134): 
https://lists.openembedded.org/g/openembedded-core/message/149134
Mute This Topic: https://lists.openembedded.org/mt/81180920/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] webkitgtk: Use linker options to reduce memory overhead during linking

[Khem Raj]

Helps builds on machines with less RAM ( 8G )

Signed-off-by: Khem Raj 
---
 .../webkitgtk/reduce-memory-overheads.patch   | 22 +++
 meta/recipes-sato/webkit/webkitgtk_2.30.5.bb  |  1 +
 2 files changed, 23 insertions(+)
 create mode 100644 
meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch

diff --git a/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch 
b/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
new file mode 100644
index 00..0493150a91
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/reduce-memory-overheads.patch
@@ -0,0 +1,22 @@
+From: Alberto Garcia 
+Subject: Reduce memory usage when not using the Gold linker
+Bug-Debian: https://bugs.debian.org/949621
+Forwarded: no
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj 
+--- a/Source/cmake/OptionsCommon.cmake
 b/Source/cmake/OptionsCommon.cmake
+@@ -95,6 +95,12 @@ option(GCC_OFFLINEASM_SOURCE_MAP
+   "Produce debug line information for offlineasm-generated code"
+   ${GCC_OFFLINEASM_SOURCE_MAP_DEFAULT})
+ 
++# Pass --reduce-memory-overheads to the bfd linker in order to save memory
++if (NOT USE_LD_GOLD)
++set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} 
-Wl,--reduce-memory-overheads")
++set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} 
-Wl,--reduce-memory-overheads")
++endif ()
++
+ # Enable the usage of OpenMP.
+ #  - At this moment, OpenMP is only used as an alternative implementation
+ #to native threads for the parallelization of the SVG filters.
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb 
b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
index 2928b8e55b..a1dd76ce81 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
@@ -18,6 +18,7 @@ SRC_URI = 
"https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
file://0001-Fix-build-with-musl.patch \
file://include_array.patch \
file://include_xutil.patch \
+   file://reduce-memory-overheads.patch \
"
 SRC_URI[sha256sum] = 
"7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f"
 
-- 
2.30.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149133): 
https://lists.openembedded.org/g/openembedded-core/message/149133
Mute This Topic: https://lists.openembedded.org/mt/81189464/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] resolvconf: add missing dependencies to RDEPENDS

[Khem Raj]

On 3/8/21 2:25 PM, Andre McCurdy wrote:

On Mon, Mar 8, 2021 at 2:15 PM Khem Raj  wrote:


On 3/8/21 2:11 PM, Andre McCurdy wrote:

On Mon, Mar 8, 2021 at 11:30 AM Khem Raj  wrote:


From: Frans Meulenbroeks 

resolvconf uses flock and readlink.
So explicitly added dependencies on util-linux (for flock) and coreutils
(for readlink).
Note that the options used with flock and readlink are not part of the
busybox implementations so full-fledged implementations are needed.

Signed-off-by: Khem Raj 
---
   meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb | 2 +-
   1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb 
b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
index 6df96b699c..6da8cd6023 100644
--- a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
+++ b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
@@ -9,7 +9,7 @@ LICENSE = "GPLv2+"
   LIC_FILES_CHKSUM = "file://COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
   AUTHOR = "Thomas Hood"
   HOMEPAGE = "http://packages.debian.org/resolvconf";
-RDEPENDS_${PN} = "bash"
+RDEPENDS_${PN} = "bash coreutils util-linux"


util-linux-flock has its own package.


yeah and busybox also provides flock too. Lets drop it


Busybox provides flock, but it doesn't support the -w option (wait
with timeout). Either the util-linux flock is required or resolvconf
needs to be patched to drop the -w option.



right, its to explore possibilities to avoid the deps.


Patching resolvconf to use readlink -f (instead of readlink -m) should
be sufficient to allow it to work with busybox readlink.


   SRC_URI = 
"git://salsa.debian.org/debian/resolvconf.git;protocol=https;branch=unstable \
  file://fix-path-for-busybox.patch \
--
2.30.1





-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149132): 
https://lists.openembedded.org/g/openembedded-core/message/149132
Mute This Topic: https://lists.openembedded.org/mt/81183177/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 18/24] procps: update 3.3.16 -> 3.3.17

[Richard Purdie]

On Sun, 2021-02-28 at 11:10 -0800, Khem Raj wrote:
> 
> On 2/28/21 7:36 AM, Alexander Kanavin wrote:
> > Signed-off-by: Alexander Kanavin 
> > ---
> >   .../procps/0001-w.c-correct-musl-builds.patch | 44 +++
> >   ...02-proc-escape.c-add-missing-include.patch | 23 ++
> >   .../{procps_3.3.16.bb => procps_3.3.17.bb}|  4 +-
> >   3 files changed, 70 insertions(+), 1 deletion(-)
> >   create mode 100644 
> > meta/recipes-extended/procps/procps/0001-w.c-correct-musl-builds.patch
> >   create mode 100644 
> > meta/recipes-extended/procps/procps/0002-proc-escape.c-add-missing-include.patch
> >   rename meta/recipes-extended/procps/{procps_3.3.16.bb => 
> > procps_3.3.17.bb} (94%)
> > 
> > diff --git 
> > a/meta/recipes-extended/procps/procps/0001-w.c-correct-musl-builds.patch 
> > b/meta/recipes-extended/procps/procps/0001-w.c-correct-musl-builds.patch
> > new file mode 100644
> > index 00..c92ad28e4f
> > --- /dev/null
> > +++ b/meta/recipes-extended/procps/procps/0001-w.c-correct-musl-builds.patch
> > @@ -0,0 +1,44 @@
> > +From 22f8d25567b8d64bdbab0fb0b4915b4362561d9b Mon Sep 17 00:00:00 2001
> > +From: Alexander Kanavin 
> > +Date: Wed, 24 Feb 2021 21:14:31 +
> > +Subject: [PATCH] w.c: correct musl builds
> > +
> > +No need to redefine UT_ stuff to something that does not exist.
> > +
> > +UT_ is already provided in musl but via utmp.h header, so include
> > +it always.
> > +
> > +Upstream-Status: Submitted 
> > [https://gitlab.com/procps-ng/procps/-/merge_requests/126]
> > +Signed-off-by: Alexander Kanavin 
> > +---
> > + w.c | 9 +
> > + 1 file changed, 1 insertion(+), 8 deletions(-)
> > +
> > +diff --git a/w.c b/w.c
> > +index 9d07ac9..d10639b 100644
> > +--- a/w.c
> >  b/w.c
> > +@@ -57,9 +57,8 @@
> > + #include 
> > + #ifdef HAVE_UTMPX_H
> > + # include 
> > +-#else
> > +-# include 
> > + #endif
> > ++#include 
> 
> this would mean when utmpx.h is provided ( e.g. ) it will now include 
> both, which is a change perhaps to look more into, it might want them to 
> be exclusive.

This one is worrying me a bit as it does seem to change behaviour on glibc.
Was anyone able to look into it further?

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149131): 
https://lists.openembedded.org/g/openembedded-core/message/149131
Mute This Topic: https://lists.openembedded.org/mt/80974312/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 08/24] libdnf: update 0.55.2 -> 0.58.0

[Richard Purdie]

On Mon, 2021-03-01 at 12:53 +0100, Alexander Kanavin wrote:
> On Sun, 28 Feb 2021 at 20:30, Khem Raj  wrote:
> > > Can you send a patch upstream for this please? I have filed a ticket 
> > > which you can reference:
> > > https://github.com/rpm-software-management/libdnf/issues/1146 
> > > 
> > 
> > This is a review so please fix it as suggested in OE atleast since you 
> > will have test setups I do not have rpm/dnf setups
> > 
> 
> Any fix we do needs to be upstreamable, so can you please write a comment to 
> the upstream ticket?
> They're too telling me I need to send them a patch, and I don't want to send 
> something I don't really
> understand.
> https://github.com/rpm-software-management/libdnf/issues/1146
> 
> Testing is easy: build libdnf with TCLIBC=musl.

I've been holding this in -next since I'd really like to try and match what
happens upstream if we can. Since upstream seem receptive, could we get 
them a pull request open for the replacement for __WORDSIZE and update 
the OE patch too to track things?

Cheers,

Richard



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149130): 
https://lists.openembedded.org/g/openembedded-core/message/149130
Mute This Topic: https://lists.openembedded.org/mt/80974301/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] resolvconf: add missing dependencies to RDEPENDS

[Andre McCurdy]

On Mon, Mar 8, 2021 at 2:15 PM Khem Raj  wrote:
>
> On 3/8/21 2:11 PM, Andre McCurdy wrote:
> > On Mon, Mar 8, 2021 at 11:30 AM Khem Raj  wrote:
> >>
> >> From: Frans Meulenbroeks 
> >>
> >> resolvconf uses flock and readlink.
> >> So explicitly added dependencies on util-linux (for flock) and coreutils
> >> (for readlink).
> >> Note that the options used with flock and readlink are not part of the
> >> busybox implementations so full-fledged implementations are needed.
> >>
> >> Signed-off-by: Khem Raj 
> >> ---
> >>   meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb | 2 +-
> >>   1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb 
> >> b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
> >> index 6df96b699c..6da8cd6023 100644
> >> --- a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
> >> +++ b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
> >> @@ -9,7 +9,7 @@ LICENSE = "GPLv2+"
> >>   LIC_FILES_CHKSUM = "file://COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
> >>   AUTHOR = "Thomas Hood"
> >>   HOMEPAGE = "http://packages.debian.org/resolvconf";
> >> -RDEPENDS_${PN} = "bash"
> >> +RDEPENDS_${PN} = "bash coreutils util-linux"
> >
> > util-linux-flock has its own package.
>
> yeah and busybox also provides flock too. Lets drop it

Busybox provides flock, but it doesn't support the -w option (wait
with timeout). Either the util-linux flock is required or resolvconf
needs to be patched to drop the -w option.

> > Patching resolvconf to use readlink -f (instead of readlink -m) should
> > be sufficient to allow it to work with busybox readlink.
> >
> >>   SRC_URI = 
> >> "git://salsa.debian.org/debian/resolvconf.git;protocol=https;branch=unstable
> >>  \
> >>  file://fix-path-for-busybox.patch \
> >> --
> >> 2.30.1
> >>
> >>
> >> 
> >>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149129): 
https://lists.openembedded.org/g/openembedded-core/message/149129
Mute This Topic: https://lists.openembedded.org/mt/81183177/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] resolvconf: add missing dependencies to RDEPENDS

[Khem Raj]

On 3/8/21 2:11 PM, Andre McCurdy wrote:

On Mon, Mar 8, 2021 at 11:30 AM Khem Raj  wrote:


From: Frans Meulenbroeks 

resolvconf uses flock and readlink.
So explicitly added dependencies on util-linux (for flock) and coreutils
(for readlink).
Note that the options used with flock and readlink are not part of the
busybox implementations so full-fledged implementations are needed.

Signed-off-by: Khem Raj 
---
  meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb 
b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
index 6df96b699c..6da8cd6023 100644
--- a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
+++ b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
@@ -9,7 +9,7 @@ LICENSE = "GPLv2+"
  LIC_FILES_CHKSUM = "file://COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
  AUTHOR = "Thomas Hood"
  HOMEPAGE = "http://packages.debian.org/resolvconf";
-RDEPENDS_${PN} = "bash"
+RDEPENDS_${PN} = "bash coreutils util-linux"


util-linux-flock has its own package.


yeah and busybox also provides flock too. Lets drop it



Patching resolvconf to use readlink -f (instead of readlink -m) should
be sufficient to allow it to work with busybox readlink.


  SRC_URI = 
"git://salsa.debian.org/debian/resolvconf.git;protocol=https;branch=unstable \
 file://fix-path-for-busybox.patch \
--
2.30.1





-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149128): 
https://lists.openembedded.org/g/openembedded-core/message/149128
Mute This Topic: https://lists.openembedded.org/mt/81183177/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] scripts/oe-timeout-dd-test.sh: add script

[Richard Purdie]

Hi Sakib,

On Mon, 2021-03-08 at 15:46 -0500, Sakib Sajal wrote:
> Randy and I could directly use autobuilders and make the necessary 
> changes to run the tests/experiments, if you prefer to do it yourself, 
> read on for more details.

I'm happy to have the help. I'm thinking that rather than instrument 
one build or a specific test case, we should add something to 
yocto-autobuilder-helper on a test branch, that way we can run an 
"a-full" or "a-quick" target on the autobuilder under the test and see
if we can get any interesting data.

The autobuilders have a shared output directory we could use to collate
the information, it is exported to the environment as 
OEQA_DEBUGGING_SAVED_OUTPUT in config.json in -helper.

I think we therefore need:

a) poky-contrib branch with this change in
b) yocto-autobuilder-helper branch with the config enabled in config.json
c) a further patch to collect up any interesting data and save it to
OEQA_DEBUGGING_SAVED_OUTPUT as a post build event handler for further
analysis. We may be able to patch the existing results collection script
to do this in helper? Obviously the naming of the files on 
OEQA_DEBUGGING_SAVED_OUTPUT needs to be multi build safe.

Does that sound like a reasonable approach?

Cheers,

Richard





-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149127): 
https://lists.openembedded.org/g/openembedded-core/message/149127
Mute This Topic: https://lists.openembedded.org/mt/81158947/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] resolvconf: add missing dependencies to RDEPENDS

[Andre McCurdy]

On Mon, Mar 8, 2021 at 11:30 AM Khem Raj  wrote:
>
> From: Frans Meulenbroeks 
>
> resolvconf uses flock and readlink.
> So explicitly added dependencies on util-linux (for flock) and coreutils
> (for readlink).
> Note that the options used with flock and readlink are not part of the
> busybox implementations so full-fledged implementations are needed.
>
> Signed-off-by: Khem Raj 
> ---
>  meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb 
> b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
> index 6df96b699c..6da8cd6023 100644
> --- a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
> +++ b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
> @@ -9,7 +9,7 @@ LICENSE = "GPLv2+"
>  LIC_FILES_CHKSUM = "file://COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
>  AUTHOR = "Thomas Hood"
>  HOMEPAGE = "http://packages.debian.org/resolvconf";
> -RDEPENDS_${PN} = "bash"
> +RDEPENDS_${PN} = "bash coreutils util-linux"

util-linux-flock has its own package.

Patching resolvconf to use readlink -f (instead of readlink -m) should
be sufficient to allow it to work with busybox readlink.

>  SRC_URI = 
> "git://salsa.debian.org/debian/resolvconf.git;protocol=https;branch=unstable \
> file://fix-path-for-busybox.patch \
> --
> 2.30.1
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149126): 
https://lists.openembedded.org/g/openembedded-core/message/149126
Mute This Topic: https://lists.openembedded.org/mt/81183177/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][PATCH] valgrind: Fix nlcontrolc.vgtest

[Yi Fan Yu]

Backport a recent upstream patch
that redesigned the test.

It's now enabled for both x86-64 and arm.

[YOCTO #14223]

Signed-off-by: Yi Fan Yu 
---
 ...gtest-hanging-on-newer-glibc-and-or-.patch | 200 ++
 ...Disable-nlcontrolc.vgtest-for-x86-64.patch |  36 
 .../valgrind/valgrind_3.16.1.bb   |   2 +-
 3 files changed, 201 insertions(+), 37 deletions(-)
 create mode 100644 
meta/recipes-devtools/valgrind/valgrind/0001-Fix-nlcontrolc.vgtest-hanging-on-newer-glibc-and-or-.patch
 delete mode 100644 
meta/recipes-devtools/valgrind/valgrind/0001-gdbserver_tests-Disable-nlcontrolc.vgtest-for-x86-64.patch

diff --git 
a/meta/recipes-devtools/valgrind/valgrind/0001-Fix-nlcontrolc.vgtest-hanging-on-newer-glibc-and-or-.patch
 
b/meta/recipes-devtools/valgrind/valgrind/0001-Fix-nlcontrolc.vgtest-hanging-on-newer-glibc-and-or-.patch
new file mode 100644
index 00..98cbcd132c
--- /dev/null
+++ 
b/meta/recipes-devtools/valgrind/valgrind/0001-Fix-nlcontrolc.vgtest-hanging-on-newer-glibc-and-or-.patch
@@ -0,0 +1,200 @@
+From 83c24e31df6932a6d4fced179050c6d8d8c6f3b5 Mon Sep 17 00:00:00 2001
+From: Philippe Waroquiers 
+Date: Sun, 7 Mar 2021 22:29:27 +0100
+Subject: [PATCH] Fix nlcontrolc.vgtest hanging on newer glibc and/or arm64
+
+This test verifies that GDB can interrupt a process with all threads
+blocked in a long select syscall.
+The test used to terminate by having GDB modifying the select argument.
+However, modifying the select argument works only for specific arch
+and/or specific versions of glibc.
+The test then blocks on other architectures/glibc versions.
+
+The previous version of the test was:
+  * first launching sleepers so as to have all threads blocked in long select
+  * interrupting these threads
+  * changing the select time arg so that the threads burn cpu
+  * and then change variables to have the program exit.
+
+The new version does:
+  * first launches sleepers so that all threads are burning cpu.
+  * interrupting these threads
+  * change the local variables of sleepers so that the threads will
+block in a long select syscall
+  * interrupt these threads
+  * kill the program.
+
+With this new version, we still check the behaviour of gdb+vgdbserver
+for both burning and sleep threads, but without having the termination
+depending on modifying select syscall argument.
+
+Tested on debian amd64 and on ubuntu arm64 (to check the test does not hang
+on an arm64 platform).
+
+Upstream-Status: Backport
+
+From commit on master:
+c79180a3afcf65902e578646c3b716cc749db406
+
+Signed-off-by: Yi Fan Yu 
+---
+ gdbserver_tests/nlcontrolc.stderr.exp  |  4 +-
+ gdbserver_tests/nlcontrolc.stdinB.gdb  | 57 +++---
+ gdbserver_tests/nlcontrolc.stdoutB.exp | 25 ++-
+ gdbserver_tests/nlcontrolc.vgtest  | 12 +++---
+ 4 files changed, 56 insertions(+), 42 deletions(-)
+
+diff --git a/gdbserver_tests/nlcontrolc.stderr.exp 
b/gdbserver_tests/nlcontrolc.stderr.exp
+index ac75bb3da..b63a9a988 100644
+--- a/gdbserver_tests/nlcontrolc.stderr.exp
 b/gdbserver_tests/nlcontrolc.stderr.exp
+@@ -3,9 +3,9 @@ Nulgrind, the minimal Valgrind tool
+ (action at startup) vgdb me ... 
+ 
+ 
+-loops/sleep_ms/burn/threads_spec/affinity:  10 10 10 
BSBSBSBS 1
++loops/sleep_ms/burn/threads_spec/affinity:  10 0 10 BSBSBSBS 1
+ Brussels ready to sleep and/or burn
+ London ready to sleep and/or burn
+ Petaouchnok ready to sleep and/or burn
+ main ready to sleep and/or burn
+-
++Gdb request to kill this process
+diff --git a/gdbserver_tests/nlcontrolc.stdinB.gdb 
b/gdbserver_tests/nlcontrolc.stdinB.gdb
+index 667ece18d..ea4fcd530 100644
+--- a/gdbserver_tests/nlcontrolc.stdinB.gdb
 b/gdbserver_tests/nlcontrolc.stdinB.gdb
+@@ -9,32 +9,43 @@ shell ./simulate_control_c 
--vgdb-prefix=./vgdb-prefix-nlcontrolc 1 grep main nl
+ #
+ continue
+ #
+-# Here, all tasks should be blocked in a lg select, all in WaitSys
+-info threads
+-# We will unblock them by changing their timeout argument
+-# To avoid going into the frame where the timeval arg is,
+-# it has been defined as global variables, as the nr
+-# of calls on the stack differs between 32bits and 64bits,
+-# and/or between OS.
+-# ensure select finishes in a few milliseconds max:
+-p t[0].tv_sec = 0
+-p t[1].tv_sec = 0
+-p t[2].tv_sec = 0
+-p t[3].tv_sec = 0
+-#
+-# We will change the burning parameters in a few  seconds
++# Threads are burning cpu now
++# We would like to fully test info threads here, but which thread are Runnable
++# or Yielding is unpredictable. With a recent enough gdb, check the nr of
++# threads by state using pipe commands and grep/wc.
++init-if-undefined $_gdb_major = 0
++init-if-undefined $_gdb_minor = 0
++if $_gdb_major >= 9
++  | info threads | grep VgTs_Runnable | wc -l
++  | info threads | grep VgTs_Yielding | wc -l
++else
++  echo 1\n
++  echo 3\n
++end
++# We change the variables so that all the threads are blocked in a syscall
++p burn =

[OE-core] [PATCH] mingw: Remove 'nativesdk-glibc-utils' for windows sdk

[Anmolbir Mann]

From: amann 

Certain recipes require the "glibc-utils" recipe to include Glibc utility tools.
However, the native version is incompatible with the Windows host, and thus 
these
recipes will cause the Windows SDK to fail to build, particularly the kernel
development recipes.

[YOCTO #14286]

Signed-off-by: amann 
Signed-off-by: dreyna 
---
 conf/machine-sdk/include/mingw32-common.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/conf/machine-sdk/include/mingw32-common.inc 
b/conf/machine-sdk/include/mingw32-common.inc
index bc6c91e..0109e75 100644
--- a/conf/machine-sdk/include/mingw32-common.inc
+++ b/conf/machine-sdk/include/mingw32-common.inc
@@ -24,6 +24,7 @@ SDK_PACKAGING_FUNC = "do_compile"
 SDKUSE_NLS = "no"
 SDKIMAGE_LINGUAS = ""
 SDK_DEPENDS_remove = "nativesdk-glibc-locale"
+SDK_DEPENDS_remove = "nativesdk-glibc-utils"
 
 SDKPKGSUFFIX = "nativesdk-mingw32"
 
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149124): 
https://lists.openembedded.org/g/openembedded-core/message/149124
Mute This Topic: https://lists.openembedded.org/mt/81186404/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v2][RFC] distrodata.py: Test to track recipes without HOMEPAGE or DESCRIPTION

[Dorinda]

From: Dorinda Bassey 

This test is to keep track of recipes that do not have a HOMEPAGE or 
DESCRIPTION,
with exceptions to recipes whose SRC_URI are not linked to external sources.

[YOCTO #13471]

Signed-off-by: Dorinda Bassey 
---
v2:
-Changed PN to BPN
-Used set() instead of lists
-Changed condition for checking recipes with missing DESCRIPTION

 meta/lib/oeqa/selftest/cases/distrodata.py | 36 ++
 1 file changed, 36 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/distrodata.py 
b/meta/lib/oeqa/selftest/cases/distrodata.py
index e1cfc3b621..633bf25dc7 100644
--- a/meta/lib/oeqa/selftest/cases/distrodata.py
+++ b/meta/lib/oeqa/selftest/cases/distrodata.py
@@ -40,6 +40,42 @@ but their recipes claim otherwise by setting 
UPSTREAM_VERSION_UNKNOWN. Please re
 """ + "\n".join(regressed_successes)
 self.assertTrue(len(regressed_failures) == 0 and 
len(regressed_successes) == 0, msg)
 
+def test_missing_homepg(self):
+"""
+Summary: Test for oe-core recipes that don't have a HOMEPAGE or 
DESCRIPTION
+Expected:All oe-core recipes should have a DESCRIPTION entry
+Expected:All oe-core recipes should have a HOMEPAGE entry except 
for recipes that are not fetched from external sources.
+Product: oe-core
+"""
+with bb.tinfoil.Tinfoil() as tinfoil:
+tinfoil.prepare(config_only=False)
+no_description = set()
+no_homepage = set()
+for fn in tinfoil.all_recipe_files(variants=False):
+if not '/meta/recipes-' in fn:
+# We are only interested in OE-Core
+continue
+rd = tinfoil.parse_recipe_file(fn, appends=False)
+pn = rd.getVar('BPN')
+srcfile = rd.getVar('SRC_URI').split()
+#Since DESCRIPTION defaults to SUMMARY if not set, we are only 
interested in recipes without DESCRIPTION or SUMMARY
+if not (rd.getVar('SUMMARY') or rd.getVar('DESCRIPTION')):
+no_description.add((pn, fn))
+if not rd.getVar('HOMEPAGE'):
+if srcfile and srcfile[0].startswith('file') or not 
rd.getVar('SRC_URI'):
+# We are only interested in recipes SRC_URI fetched 
from external sources
+continue
+no_homepage.add((pn, fn))
+if no_homepage:
+self.fail("""
+The following recipes do not have a HOMEPAGE. Please add an entry for HOMEPAGE 
in the recipe.
+""" + "\n".join(['%s (%s)' % i for i in no_homepage]))
+
+if no_description:
+self.fail("""
+The following recipes do not have a DESCRIPTION. Please add an entry for 
DESCRIPTION in the recipe.
+""" + "\n".join(['%s (%s)' % i for i in no_description]))
+
 def test_maintainers(self):
 """
 Summary: Test that oe-core recipes have a maintainer and entries 
in maintainers list have a recipe
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149123): 
https://lists.openembedded.org/g/openembedded-core/message/149123
Mute This Topic: https://lists.openembedded.org/mt/81185617/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] scripts/oe-timeout-dd-test.sh: add script

[Sakib Sajal]

On 2021-03-08 12:33 p.m., Richard Purdie wrote:

[Please note: This e-mail is from an EXTERNAL e-mail address]

On Mon, 2021-03-08 at 09:50 -0500, Randy MacLeod wrote:

On 2021-03-07 3:58 p.m., Sakib Sajal wrote:

+timeout $1 dd if=/dev/zero of=/tmp/foo bs=1024 count=$2 >/dev/null 2>&1
+
+if [ $? -ne 0 ]
+then
+top -b -n 1
+else
+echo "success"

Do we need this else part? It'll just fill up the logs?


+fi
+

What values have you tried and how did that work out?
On Friday, a build with 100KB and was it .5 seconds and didn't
see any event exceed the timeout, right? We also ran several builds
out of a shared local sstate-cache and didn't see any event exceed the
timeout, iirc.

It would really help me to have an idea of what we're proposing we configure
on the autobuilder and how to capture the result...

Cheers,

Richard


Hi Richard,

Randy and I could directly use autobuilders and make the necessary 
changes to run the tests/experiments, if you prefer to do it yourself, 
read on for more details.


We have been working on a way to collect more data to deal with the 
various intermittent failures that we've been having. We put together a 
simple script that tries to write a specified amount of data to the 
filesystem within a specified time. This script can be used to determine 
if there is io stress on the file-system, if so it captures the output 
of top to see which processes are running.



To use the script to monitor the filesystem during a build, add this to 
local.conf:


BB_HEARTBEAT_EVENT = ""
BB_LOG_HOST_STAT_ON_INTERVAL = "1"
BB_LOG_HOST_STAT_CMDS = "oe-timeout-dd-test.sh  kilobytes to write>"


The logs are stored in tmp-glibc/buildstats/*/host_stats file.

Sample log output:

Event Time: 1615158368.577454
Date: 2021-03-07 23:06:08.586541
oe-timeout-dd-test.sh 0.1 1000
success

Event Time: 1615158392.393126
Date: 2021-03-07 23:06:32.480006
oe-timeout-dd-test.sh 0.1 1000
success

Event Time: 161515.497806
Date: 2021-03-07 23:33:19.508317
oe-timeout-dd-test.sh 0.1 1000
top - 15:33:20 up 136 days,  8:11, 16 users,  load average: 641.54, 
792.91, 704.




The builds that exceeded the timeout can be found by:

grep "top " tmp-glibc/buildstats/*/host_stats

For example:

build$ grep -r  "top " data_collect*/tmp-glibc/buildstats/
data_collect1/tmp-glibc/buildstats/20210307205832/host_stats:top - 
16:22:44 up 136 days,  9:01, 16 users,  load average: 1653.48, 774.33, 548
data_collect2/tmp-glibc/buildstats/20210307205836/host_stats:top - 
15:33:20 up 136 days,  8:11, 16 users,  load average: 641.54, 792.91, 704.
data_collect2/tmp-glibc/buildstats/20210307205836/host_stats:top - 
16:21:50 up 136 days,  9:00, 16 users,  load average: 859.48, 535.06, 464.
data_collect2/tmp-glibc/buildstats/20210307205836/host_stats:top - 
16:23:50 up 136 days,  9:02, 16 users,  load average: 1300.73, 863.23, 596
data_collect3/tmp-glibc/buildstats/20210307205840/host_stats:top - 
14:57:51 up 136 days,  7:36, 16 users,  load average: 343.42, 281.75, 243.
data_collect4/tmp-glibc/buildstats/20210307205840/host_stats:top - 
15:07:42 up 136 days,  7:46, 16 users,  load average: 607.03, 447.76, 324.
data_collect5/tmp-glibc/buildstats/20210307205840/host_stats:top - 
14:57:35 up 136 days,  7:35, 16 users,  load average: 304.50, 270.72, 239.
data_collect5/tmp-glibc/buildstats/20210307205840/host_stats:top - 
15:04:53 up 136 days,  7:43, 16 users,  load average: 491.61, 307.05, 262.
data_collect5/tmp-glibc/buildstats/20210307205840/host_stats:top - 
16:27:34 up 136 days,  9:05, 16 users,  load average: 457.19, 639.73, 563.



I ran 5 builds simultaneously using a shared sstate-cache with 0.5s 
timeout and 100kb write, which did not trigger the script for io lag for 
any build.
I reran the test without shared sstate-cache and all 5 builds 
encountered io lag at least once, some 3 or 4 times, as shown in the 
grep output above.


Looking at the logs, it looked like the machine was swapping.

The  and the  variables may need to be adjusted for each 
machine.


We found a bug with the data collection mechanism, where if the scripts 
hasn't returned within a second, it times out and is killed. This bug 
should not hamper with you carrying out tests, I will send a fix.


The bug looks like following:

Error running command: oe-timeout-dd-test.sh 0.1 1000
Command '['oe-timeout-dd-test.sh', '0.1', '1000']' timed out after 1 seconds


Sincerely,

Sakib


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149122): 
https://lists.openembedded.org/g/openembedded-core/message/149122
Mute This Topic: https://lists.openembedded.org/mt/81158947/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] resolvconf: add missing dependencies to RDEPENDS

[Khem Raj]

From: Frans Meulenbroeks 

resolvconf uses flock and readlink.
So explicitly added dependencies on util-linux (for flock) and coreutils
(for readlink).
Note that the options used with flock and readlink are not part of the
busybox implementations so full-fledged implementations are needed.

Signed-off-by: Khem Raj 
---
 meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb 
b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
index 6df96b699c..6da8cd6023 100644
--- a/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
+++ b/meta/recipes-connectivity/resolvconf/resolvconf_1.87.bb
@@ -9,7 +9,7 @@ LICENSE = "GPLv2+"
 LIC_FILES_CHKSUM = "file://COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
 AUTHOR = "Thomas Hood"
 HOMEPAGE = "http://packages.debian.org/resolvconf";
-RDEPENDS_${PN} = "bash"
+RDEPENDS_${PN} = "bash coreutils util-linux"
 
 SRC_URI = 
"git://salsa.debian.org/debian/resolvconf.git;protocol=https;branch=unstable \
file://fix-path-for-busybox.patch \
-- 
2.30.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149121): 
https://lists.openembedded.org/g/openembedded-core/message/149121
Mute This Topic: https://lists.openembedded.org/mt/81183177/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH v7] util-linux: split uuid in separate recipe to allow bootstrapping

[Richard Purdie]

On Fri, 2021-03-05 at 11:02 +, luca.bocca...@gmail.com wrote:
> From: Luca Boccassi 
> 
> Recently util-linux gained an (optional) build dependency on libcryptsetup.
> But libcryptsetup build-depends on util-linux for blkid (optional, can be 
> disabled)
> and uuid (mandatory).
> Split out util-linux-uuid in a different recipe to break the cycle.
> 
> https://github.com/karelzak/util-linux/pull/898
> 
> Signed-off-by: Luca Boccassi 
> ---
> v1: util-linux 2.35 is not out yet, but I'd like to get the preparatory work
> underway as I'm not sure if this is the best approach or if there are
> alternatives. Suggestions and comments very welcome. Thanks!
> v2: changed packages names to reflect old ones (eg: libuuid1 -> 
> util-linux-libuuid)
> and leave uuid build enable in main recipe to allow for uuidgen build to 
> happen,
> as it does not have its own autoconf switch. Delete the library manualy 
> from
> the main recipe after build instead, and add dependency.
> Might help to break loop python3 -> util-linux -> libselinux -> python3, 
> as it's
> only libuuid that is needed, see 
> https://lists.yoctoproject.org/g/yocto/message/47570
> v3: rebased and refactored to have a common util-linux.inc file
> v4: added RDEPENDS on util-linux-libuuid on various packages to fix QA 
> warnings
> v5: remove RDEPENDS and instead have util-linux RDEPEND on util-linux-uuid.
> Removed PACKAGES_remove and instead filter out libuuid via the package 
> generation
> regex.
> Rebased on util-linux 2.36.2.
> v6: install libuuid.a in libuuid-dev
> change rdepends on uuid to use binary package rather than source
> add rdepends on uuid-dev to libuuid-dev
> remove rprovides of libuuid-dev from uuid-dev
> v7: do not use '_append' for RDEPENDS, as it is not supported by 
> BBCLASSEXTEND, use
> simply '+='

This is looking closer but not there yet I'm afraid. Testing showed:

https://autobuilder.yoctoproject.org/typhoon/#/builders/57/builds/3152
https://autobuilder.yoctoproject.org/typhoon/#/builders/47/builds/3188

so far.

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149120): 
https://lists.openembedded.org/g/openembedded-core/message/149120
Mute This Topic: https://lists.openembedded.org/mt/81100068/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 1/1] extrausers: Add ability to force password change on first login

[Mark Hatle]

On 3/8/21 12:50 PM, Khem Raj wrote:
> 
> 
> On 3/8/21 10:08 AM, Mark Hatle wrote:
>> From: Mark Hatle 
>>
>> As documented in shadow(5), the third parameter is the last login time.  A
>> special value of '0' is defined which causes the password system to force
>> a password change on next login.
>>
>> Adding the variable "EXTRA_FORCE_PASSWORD_CHANGE", a space separated list of
>> user names, we can use this to adjust the shadow file's third value for the
>> listed users.
>>
>> Note: This does have the same dependencies as other usages of extrausers,
>> specifically base-passwd and shadow.
>>
> 
> I think it should check for r/w rootfs feature perhaps. unrelated to 

Is there a standard way to check for a r/w roots?  If there is, easy to add.

> this change but it seems it adds a dep on shadow disregarding DISTRO 
> policies where user might have chosen a different login managager, it 
> should perhaps warn about it.

The dep on shadow is the same as any extrauser call.  The dependency sets the
minimum login manager, but any login manager that supports proper shadow
password handling will work.  If it doesn't support shadow password handling
then nothing breaks -- it just won't do anything.  (Really nothing here that can
be enforced in this code block.)

util-linux login + pam for instance used to work.  (I've not tested it though in
a few years.)

--Mark

>> Signed-off-by: Mark Hatle 
>> Signed-off-by: Mark Hatle 
>> ---
>>   meta/classes/extrausers.bbclass | 29 +++--
>>   meta/conf/documentation.conf|  1 +
>>   2 files changed, 28 insertions(+), 2 deletions(-)
>>
>> diff --git a/meta/classes/extrausers.bbclass 
>> b/meta/classes/extrausers.bbclass
>> index 90811bfe2a..e9d9358bef 100644
>> --- a/meta/classes/extrausers.bbclass
>> +++ b/meta/classes/extrausers.bbclass
>> @@ -14,10 +14,10 @@
>>   
>>   inherit useradd_base
>>   
>> -PACKAGE_INSTALL_append = " ${@['', 'base-passwd 
>> shadow'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"
>> +PACKAGE_INSTALL_append = " ${@['', 'base-passwd 
>> shadow'][bool(d.getVar('EXTRA_USERS_PARAMS')) or 
>> bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
>>   
>>   # Image level user / group settings
>> -ROOTFS_POSTPROCESS_COMMAND_append = " set_user_group;"
>> +ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
>> set_user_group;'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"
>>   
>>   # Image level user / group settings
>>   set_user_group () {
>> @@ -66,6 +66,31 @@ set_user_group () {
>>  done
>>   }
>>   
>> +# Image level force a specific user/users to reset their password on first 
>> login
>> +# Note: this requires shadow passwords and login programs that respect the 
>> shadow
>> +# expiration field.
>> +ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
>> force_password_change;'][bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
>> +
>> +# Works by setting 'date of last password change' to 0, which has a special
>> +# meaning of 'user should change her password the next time she will log in 
>> the
>> +# system' See: shadow (5)
>> +force_password_change () {
>> +if [ ! -e ${IMAGE_ROOTFS}/etc/shadow ]; then
>> +bberror "/etc/shadow does not exist in the image, unable to set 
>> password change on login."
>> +return
>> +fi
>> +passwd_change_users="${EXTRA_FORCE_PASSWORD_CHANGE}"
>> +export PSEUDO="${FAKEROOTENV} ${STAGING_DIR_NATIVE}${bindir}/pseudo"
>> +for name in $passwd_change_users; do
>> +if ! grep -q '^'$name':' ${IMAGE_ROOTFS}/etc/shadow ; then
>> +bberror "Unable to find user $name in /etc/shadow, 
>> unable to set password change on login."
>> +fi
>> +bbnote "Set user $name to need a password change on first 
>> login."
>> +cmd="sed -i ${IMAGE_ROOTFS}/etc/shadow -e 
>> 's,^'$name':\\([^:]*\\):[^:]*:,'$name':\\1:0:,'"
>> +eval flock -x ${IMAGE_ROOTFS}${sysconfdir} -c \"$PSEUDO $cmd\" 
>> || true
>> +done
>> +}
>> +
>>   USERADDEXTENSION ?= ""
>>   
>>   inherit ${USERADDEXTENSION}
>> diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf
>> index c5a38b0764..d1c5b8b1a3 100644
>> --- a/meta/conf/documentation.conf
>> +++ b/meta/conf/documentation.conf
>> @@ -169,6 +169,7 @@ EXTRA_OESCONS[doc] = "When a recipe inherits the scons 
>> class, this variable spec
>>   EXTRA_QMAKEVARS_POST[doc] = "Configuration variables or options you want 
>> to pass to qmake when the arguments need to be after the .pro file list on 
>> the command line."
>>   EXTRA_QMAKEVARS_PRE[doc] = "Configuration variables or options you want to 
>> pass to qmake when the arguments need to be before the .pro file list on the 
>> command line."
>>   EXTRA_USERS_PARAMS[doc] = "When a recipe inherits the extrausers class, 
>> this variable provides image level user and group operations."
>> +EXTRA_FORCE_PASSWORD_CHANGE[doc] = "When a recipe inherits the extrausers 
>> class, this variable causes the specified users to require a pa

Re: [OE-core] [PATCH 1/1] extrausers: Add ability to force password change on first login

[Khem Raj]

On 3/8/21 10:08 AM, Mark Hatle wrote:

From: Mark Hatle 

As documented in shadow(5), the third parameter is the last login time.  A
special value of '0' is defined which causes the password system to force
a password change on next login.

Adding the variable "EXTRA_FORCE_PASSWORD_CHANGE", a space separated list of
user names, we can use this to adjust the shadow file's third value for the
listed users.

Note: This does have the same dependencies as other usages of extrausers,
specifically base-passwd and shadow.



I think it should check for r/w rootfs feature perhaps. unrelated to 
this change but it seems it adds a dep on shadow disregarding DISTRO 
policies where user might have chosen a different login managager, it 
should perhaps warn about it.



Signed-off-by: Mark Hatle 
Signed-off-by: Mark Hatle 
---
  meta/classes/extrausers.bbclass | 29 +++--
  meta/conf/documentation.conf|  1 +
  2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/meta/classes/extrausers.bbclass b/meta/classes/extrausers.bbclass
index 90811bfe2a..e9d9358bef 100644
--- a/meta/classes/extrausers.bbclass
+++ b/meta/classes/extrausers.bbclass
@@ -14,10 +14,10 @@
  
  inherit useradd_base
  
-PACKAGE_INSTALL_append = " ${@['', 'base-passwd shadow'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"

+PACKAGE_INSTALL_append = " ${@['', 'base-passwd 
shadow'][bool(d.getVar('EXTRA_USERS_PARAMS')) or 
bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
  
  # Image level user / group settings

-ROOTFS_POSTPROCESS_COMMAND_append = " set_user_group;"
+ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
set_user_group;'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"
  
  # Image level user / group settings

  set_user_group () {
@@ -66,6 +66,31 @@ set_user_group () {
done
  }
  
+# Image level force a specific user/users to reset their password on first login

+# Note: this requires shadow passwords and login programs that respect the 
shadow
+# expiration field.
+ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
force_password_change;'][bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
+
+# Works by setting 'date of last password change' to 0, which has a special
+# meaning of 'user should change her password the next time she will log in the
+# system' See: shadow (5)
+force_password_change () {
+   if [ ! -e ${IMAGE_ROOTFS}/etc/shadow ]; then
+   bberror "/etc/shadow does not exist in the image, unable to set 
password change on login."
+   return
+   fi
+   passwd_change_users="${EXTRA_FORCE_PASSWORD_CHANGE}"
+   export PSEUDO="${FAKEROOTENV} ${STAGING_DIR_NATIVE}${bindir}/pseudo"
+   for name in $passwd_change_users; do
+   if ! grep -q '^'$name':' ${IMAGE_ROOTFS}/etc/shadow ; then
+   bberror "Unable to find user $name in /etc/shadow, unable to 
set password change on login."
+   fi
+   bbnote "Set user $name to need a password change on first 
login."
+   cmd="sed -i ${IMAGE_ROOTFS}/etc/shadow -e 
's,^'$name':\\([^:]*\\):[^:]*:,'$name':\\1:0:,'"
+   eval flock -x ${IMAGE_ROOTFS}${sysconfdir} -c \"$PSEUDO $cmd\" 
|| true
+   done
+}
+
  USERADDEXTENSION ?= ""
  
  inherit ${USERADDEXTENSION}

diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf
index c5a38b0764..d1c5b8b1a3 100644
--- a/meta/conf/documentation.conf
+++ b/meta/conf/documentation.conf
@@ -169,6 +169,7 @@ EXTRA_OESCONS[doc] = "When a recipe inherits the scons 
class, this variable spec
  EXTRA_QMAKEVARS_POST[doc] = "Configuration variables or options you want to pass 
to qmake when the arguments need to be after the .pro file list on the command line."
  EXTRA_QMAKEVARS_PRE[doc] = "Configuration variables or options you want to pass to 
qmake when the arguments need to be before the .pro file list on the command line."
  EXTRA_USERS_PARAMS[doc] = "When a recipe inherits the extrausers class, this 
variable provides image level user and group operations."
+EXTRA_FORCE_PASSWORD_CHANGE[doc] = "When a recipe inherits the extrausers class, 
this variable causes the specified users to require a password change on first 
login."
  
  #F
  







-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149118): 
https://lists.openembedded.org/g/openembedded-core/message/149118
Mute This Topic: https://lists.openembedded.org/mt/81180920/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] any reason for "cmake_" prefix on cmake_runcmake_build()?

[Khem Raj]

On 3/8/21 3:22 AM, Robert P. J. Day wrote:


   collecting some examples of inheritance of class functions using
EXPORT_FUNCTIONS, and ran across this routine in cmake.bbclass:

   ... snip ...
   cmake_runcmake_build() {
bbnote ...
eval ...
   }

   cmake_do_compile()  {
 cmake_runcmake_build --target ${OECMAKE_TARGET_COMPILE}
   }
   ... snip ...

what puzzles me is that the routine cmake_runcmake_build(), despite
having a "cmake_" prefix, is not being exported with EXPORT_FUNCTIONS,
so while that's a perfectly respectable function, it's not clear why
it would have a "cmake_" prefix. is there some value to that prefix,
or is it just arbitrary?


it does not intend to provide a default function like do_compile 
do_install exporting it is not necessary




rday






-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149117): 
https://lists.openembedded.org/g/openembedded-core/message/149117
Mute This Topic: https://lists.openembedded.org/mt/81171462/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] ltp: Further extend reproducibility patch

[Richard Purdie]

Further issues were highlighted by autobuilder testing, extend the second patch
to cover them.

Signed-off-by: Richard Purdie 
---
 .../ltp/ltp/determinism2.patch| 267 ++
 meta/recipes-extended/ltp/ltp_20210121.bb |   4 +-
 2 files changed, 269 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-extended/ltp/ltp/determinism2.patch 
b/meta/recipes-extended/ltp/ltp/determinism2.patch
index ab08e8e5172..d786f4c2f9c 100644
--- a/meta/recipes-extended/ltp/ltp/determinism2.patch
+++ b/meta/recipes-extended/ltp/ltp/determinism2.patch
@@ -22,3 +22,270 @@ Index: git/testcases/kernel/io/disktest/Makefile
  
  disktest-$(VER):
mkdir -p "$@"
+Index: git/testcases/commands/ldd/datafiles/Makefile
+===
+--- git.orig/testcases/commands/ldd/datafiles/Makefile
 git/testcases/commands/ldd/datafiles/Makefile
+@@ -21,7 +21,7 @@ CPPFLAGS += -fpic
+ 
+ INSTALL_TARGETS   := ldd*.so lddfile.out
+ 
+-LDD_C_FILES   := $(wildcard $(abs_srcdir)/lddfile*.c)
++LDD_C_FILES   := $(sort $(wildcard $(abs_srcdir)/lddfile*.c))
+ LDD_SO_FILES  := $(patsubst $(abs_srcdir)/%.c,%.obj.so,$(LDD_C_FILES))
+ MAKE_TARGETS  := lddfile.out
+ CLEAN_TARGETS += *.obj $(LDD_SO_FILES)
+Index: git/testcases/kernel/hotplug/memory_hotplug/Makefile
+===
+--- git.orig/testcases/kernel/hotplug/memory_hotplug/Makefile
 git/testcases/kernel/hotplug/memory_hotplug/Makefile
+@@ -31,6 +31,7 @@ LDLIBS   := $(filter-out -lltp,$(LDLIBS))
+ 
+ MAKE_TARGETS  := memtoy
+ 
+-memtoy: $(patsubst $(abs_srcdir)/%.c,%.o,$(wildcard $(abs_srcdir)/*.c))
++memtoy: $(patsubst $(abs_srcdir)/%.c,%.o,$(sort $(wildcard 
$(abs_srcdir)/*.c)))
++
+ 
+ include $(top_srcdir)/include/mk/generic_leaf_target.mk
+Index: git/testcases/open_posix_testsuite/scripts/generate-makefiles.sh
+===
+--- git.orig/testcases/open_posix_testsuite/scripts/generate-makefiles.sh
 git/testcases/open_posix_testsuite/scripts/generate-makefiles.sh
+@@ -24,7 +24,7 @@ generate_locate_test_makefile() {
+ 
+   echo "Generating $maketype Makefiles"
+ 
+-  locate-test --$maketype | sed -e 's,^./,,g' | sort > make-gen.$maketype
++  locate-test --$maketype | sed -e 's,^./,,g' | LC_ALL=C sort > 
make-gen.$maketype
+ 
+   generate_makefiles make-gen.$maketype $*
+ 
+Index: git/testcases/kernel/syscalls/lchown/Makefile
+===
+--- git.orig/testcases/kernel/syscalls/lchown/Makefile
 git/testcases/kernel/syscalls/lchown/Makefile
+@@ -5,7 +5,7 @@ top_srcdir ?= ../../../..
+ 
+ include $(top_srcdir)/include/mk/testcases.mk
+ 
+-SRCS  := $(wildcard $(abs_srcdir)/lchown*.c)
++SRCS  := $(sort $(wildcard $(abs_srcdir)/lchown*.c))
+ 
+ include $(abs_srcdir)/../utils/compat_16.mk
+ 
+Index: git/testcases/kernel/syscalls/migrate_pages/Makefile
+===
+--- git.orig/testcases/kernel/syscalls/migrate_pages/Makefile
 git/testcases/kernel/syscalls/migrate_pages/Makefile
+@@ -5,7 +5,7 @@ top_srcdir ?= ../../../..
+ 
+ include $(top_srcdir)/include/mk/testcases.mk
+ 
+-MAKE_TARGETS  := $(patsubst $(abs_srcdir)/%.c,%,$(wildcard 
$(abs_srcdir)/*[0-9].c))
++MAKE_TARGETS  := $(patsubst $(abs_srcdir)/%.c,%,$(sort $(wildcard 
$(abs_srcdir)/*[0-9].c)))
+ $(MAKE_TARGETS): %: migrate_pages_common.o
+ 
+ CPPFLAGS  += -I$(abs_srcdir)/../utils/
+Index: git/testcases/kernel/syscalls/utils/compat_16.mk
+===
+--- git.orig/testcases/kernel/syscalls/utils/compat_16.mk
 git/testcases/kernel/syscalls/utils/compat_16.mk
+@@ -50,7 +50,7 @@
+ 
+ CPPFLAGS  += -I$(abs_srcdir) -I$(abs_srcdir)/../utils
+ 
+-SRCS  ?= $(wildcard $(abs_srcdir)/*.c)
++SRCS  ?= $(sort $(wildcard $(abs_srcdir)/*.c))
+ 
+ MAKE_TARGETS  := $(notdir $(patsubst %.c,%,$(SRCS)))
+ MAKE_TARGETS_OBJS_WO_COMPAT_16:= $(addsuffix .o,$(MAKE_TARGETS))
+Index: git/testcases/kernel/syscalls/utils/newer_64.mk
+===
+--- git.orig/testcases/kernel/syscalls/utils/newer_64.mk
 git/testcases/kernel/syscalls/utils/newer_64.mk
+@@ -25,7 +25,7 @@
+ 
+ CPPFLAGS  += -I$(abs_srcdir) -I$(abs_srcdir)/../utils
+ 
+-SRCS  ?= $(wildcard $(abs_srcdir)/*.c)
++SRCS  ?= $(sort $(wildcard $(abs_srcdir)/*.c))
+ 
+ MAKE_TARGETS  := $(notdir $(patsubst %.c,%,$(SRCS)))
+ 
+Index: git/include/mk/env_post.mk
+===
+--- git.orig/include/mk/env_post.mk
 git/include/mk/env_post.mk
+

[OE-core] [PATCH 0/1] Enable the ability to force a password change on boot

[Mark Hatle]

As noted in the commit message, the shadow(5) indicates that the third
parameter of the /etc/shadow file, when set to 0, can be used to force
a password change on login.  Note, a login program that supports this
behavior is required.

It was added to extrausers.bbclass as it has the same dependencies as
the other components of extrausers and should often be used in with
adding/creating new accounts.

This was verified by adding the following to the conf/local.conf:

INHERIT += "extrausers"

EXTRA_FORCE_PASSWORD_CHANGE_append = " root"

$ bitbake core-image-minimal
$ runqemu

Login as root, and it should prompt for a password change.

This was further verified by setting a default root password, as well
as adding a new user to the system.  In both cases it worked as expected.

Finally adding an invalid user to the list, and an appropriate error is
generated.


Mark Hatle (1):
  extrausers: Add ability to force password change on first login

 meta/classes/extrausers.bbclass | 29 +++--
 meta/conf/documentation.conf|  1 +
 2 files changed, 28 insertions(+), 2 deletions(-)

-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149114): 
https://lists.openembedded.org/g/openembedded-core/message/149114
Mute This Topic: https://lists.openembedded.org/mt/81180919/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 1/1] extrausers: Add ability to force password change on first login

[Mark Hatle]

From: Mark Hatle 

As documented in shadow(5), the third parameter is the last login time.  A
special value of '0' is defined which causes the password system to force
a password change on next login.

Adding the variable "EXTRA_FORCE_PASSWORD_CHANGE", a space separated list of
user names, we can use this to adjust the shadow file's third value for the
listed users.

Note: This does have the same dependencies as other usages of extrausers,
specifically base-passwd and shadow.

Signed-off-by: Mark Hatle 
Signed-off-by: Mark Hatle 
---
 meta/classes/extrausers.bbclass | 29 +++--
 meta/conf/documentation.conf|  1 +
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/meta/classes/extrausers.bbclass b/meta/classes/extrausers.bbclass
index 90811bfe2a..e9d9358bef 100644
--- a/meta/classes/extrausers.bbclass
+++ b/meta/classes/extrausers.bbclass
@@ -14,10 +14,10 @@
 
 inherit useradd_base
 
-PACKAGE_INSTALL_append = " ${@['', 'base-passwd 
shadow'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"
+PACKAGE_INSTALL_append = " ${@['', 'base-passwd 
shadow'][bool(d.getVar('EXTRA_USERS_PARAMS')) or 
bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
 
 # Image level user / group settings
-ROOTFS_POSTPROCESS_COMMAND_append = " set_user_group;"
+ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
set_user_group;'][bool(d.getVar('EXTRA_USERS_PARAMS'))]}"
 
 # Image level user / group settings
 set_user_group () {
@@ -66,6 +66,31 @@ set_user_group () {
done
 }
 
+# Image level force a specific user/users to reset their password on first 
login
+# Note: this requires shadow passwords and login programs that respect the 
shadow
+# expiration field.
+ROOTFS_POSTPROCESS_COMMAND_append = "${@['', ' 
force_password_change;'][bool(d.getVar('EXTRA_FORCE_PASSWORD_CHANGE'))]}"
+
+# Works by setting 'date of last password change' to 0, which has a special
+# meaning of 'user should change her password the next time she will log in the
+# system' See: shadow (5)
+force_password_change () {
+   if [ ! -e ${IMAGE_ROOTFS}/etc/shadow ]; then
+   bberror "/etc/shadow does not exist in the image, unable to set 
password change on login."
+   return
+   fi
+   passwd_change_users="${EXTRA_FORCE_PASSWORD_CHANGE}"
+   export PSEUDO="${FAKEROOTENV} ${STAGING_DIR_NATIVE}${bindir}/pseudo"
+   for name in $passwd_change_users; do
+   if ! grep -q '^'$name':' ${IMAGE_ROOTFS}/etc/shadow ; then
+   bberror "Unable to find user $name in /etc/shadow, 
unable to set password change on login."
+   fi
+   bbnote "Set user $name to need a password change on first 
login."
+   cmd="sed -i ${IMAGE_ROOTFS}/etc/shadow -e 
's,^'$name':\\([^:]*\\):[^:]*:,'$name':\\1:0:,'"
+   eval flock -x ${IMAGE_ROOTFS}${sysconfdir} -c \"$PSEUDO $cmd\" 
|| true
+   done
+}
+
 USERADDEXTENSION ?= ""
 
 inherit ${USERADDEXTENSION}
diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf
index c5a38b0764..d1c5b8b1a3 100644
--- a/meta/conf/documentation.conf
+++ b/meta/conf/documentation.conf
@@ -169,6 +169,7 @@ EXTRA_OESCONS[doc] = "When a recipe inherits the scons 
class, this variable spec
 EXTRA_QMAKEVARS_POST[doc] = "Configuration variables or options you want to 
pass to qmake when the arguments need to be after the .pro file list on the 
command line."
 EXTRA_QMAKEVARS_PRE[doc] = "Configuration variables or options you want to 
pass to qmake when the arguments need to be before the .pro file list on the 
command line."
 EXTRA_USERS_PARAMS[doc] = "When a recipe inherits the extrausers class, this 
variable provides image level user and group operations."
+EXTRA_FORCE_PASSWORD_CHANGE[doc] = "When a recipe inherits the extrausers 
class, this variable causes the specified users to require a password change on 
first login."
 
 #F
 
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149115): 
https://lists.openembedded.org/g/openembedded-core/message/149115
Mute This Topic: https://lists.openembedded.org/mt/81180920/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 1/4] insane: don't check for a warning string that is never output

[Ross Burton]

insane has checks that the compiler isn't printing "CROSS COMPILE
Badness" during configure/compile/install, but this message hasn't been
output by GCC since 2010 (23f522e7).

The current warning is "include location [...] is unsafe for cross-
compilation" and as that is a proper GCC warning, we can make it fatal
in follow-up patches.

Signed-off-by: Ross Burton 
---
 meta/classes/insane.bbclass | 22 +-
 1 file changed, 1 insertion(+), 21 deletions(-)

diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index 53230fc667..fa05fc055b 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -1014,26 +1014,6 @@ python do_package_qa () {
 logdir = d.getVar('T')
 pn = d.getVar('PN')
 
-# Check the compile log for host contamination
-compilelog = os.path.join(logdir,"log.do_compile")
-
-if os.path.exists(compilelog):
-statement = "grep -e 'CROSS COMPILE Badness:' -e 'is unsafe for 
cross-compilation' %s > /dev/null" % compilelog
-if subprocess.call(statement, shell=True) == 0:
-msg = "%s: The compile log indicates that host include and/or 
library paths were used.\n \
-Please check the log '%s' for more information." % (pn, compilelog)
-package_qa_handle_error("compile-host-path", msg, d)
-
-# Check the install log for host contamination
-installlog = os.path.join(logdir,"log.do_install")
-
-if os.path.exists(installlog):
-statement = "grep -e 'CROSS COMPILE Badness:' -e 'is unsafe for 
cross-compilation' %s > /dev/null" % installlog
-if subprocess.call(statement, shell=True) == 0:
-msg = "%s: The install log indicates that host include and/or 
library paths were used.\n \
-Please check the log '%s' for more information." % (pn, installlog)
-package_qa_handle_error("install-host-path", msg, d)
-
 # Scan the packages...
 pkgdest = d.getVar('PKGDEST')
 packages = set((d.getVar('PACKAGES') or '').split())
@@ -1212,7 +1192,7 @@ python do_qa_configure() {
 if bb.data.inherits_class('autotools', d) and not skip_configure_unsafe:
 bb.note("Checking autotools environment for common misconfiguration")
 for root, dirs, files in os.walk(workdir):
-statement = "grep -q -F -e 'CROSS COMPILE Badness:' -e 'is unsafe 
for cross-compilation' %s" % \
+statement = "grep -q -F -e 'is unsafe for cross-compilation' %s" % 
\
 os.path.join(root,"config.log")
 if "config.log" in files:
 if subprocess.call(statement, shell=True) == 0:
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149111): 
https://lists.openembedded.org/g/openembedded-core/message/149111
Mute This Topic: https://lists.openembedded.org/mt/81180738/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 4/4] oeqa/selftest: add test to verify that poisoned sysroots are detected

[Ross Burton]

Add a recipe that explicitly searches /usr/include, and use that in
oe-selftest to verify that host include paths are correctly causing
build failures.

Signed-off-by: Ross Burton 
---
 meta-selftest/recipes-test/poison/poison.bb  | 16 
 meta/lib/oeqa/selftest/cases/buildoptions.py |  6 ++
 2 files changed, 22 insertions(+)
 create mode 100644 meta-selftest/recipes-test/poison/poison.bb

diff --git a/meta-selftest/recipes-test/poison/poison.bb 
b/meta-selftest/recipes-test/poison/poison.bb
new file mode 100644
index 00..7ace901cc3
--- /dev/null
+++ b/meta-selftest/recipes-test/poison/poison.bb
@@ -0,0 +1,16 @@
+SUMMARY = "Sysroot poisoning test"
+LIC_FILES_CHKSUM = 
"file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+
+LICENSE = "MIT"
+
+inherit nopackages
+
+# This test confirms that compiling code that searches /usr/include for headers
+# will result in compiler errors.  This recipe should will fail to build and
+# oe-selftest has a test that verifies that.
+do_compile() {
+touch empty.c
+${CPP} ${CFLAGS} -I/usr/include empty.c
+}
+
+EXCLUDE_FROM_WORLD = "1"
diff --git a/meta/lib/oeqa/selftest/cases/buildoptions.py 
b/meta/lib/oeqa/selftest/cases/buildoptions.py
index 3495bee986..20fe8ed8f6 100644
--- a/meta/lib/oeqa/selftest/cases/buildoptions.py
+++ b/meta/lib/oeqa/selftest/cases/buildoptions.py
@@ -197,3 +197,9 @@ PREMIRRORS = "\\
 
 bitbake("world --runall fetch")
 
+
+class Poisoning(OESelftestTestCase):
+def test_poisoning(self):
+res = bitbake("poison", ignore_status=True)
+self.assertNotEqual(res.status, 0)
+self.assertTrue("is unsafe for cross-compilation" in res.output)
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149110): 
https://lists.openembedded.org/g/openembedded-core/message/149110
Mute This Topic: https://lists.openembedded.org/mt/81180736/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 2/4] gcc: add an option for --enable-poison-system-directories to be fatal

[Ross Burton]

Extend --enable-poison-system-directories so that it can be an error
instead of a warning by default.

Signed-off-by: Ross Burton 
---
 .../0002-gcc-poison-system-directories.patch  | 56 ++-
 1 file changed, 53 insertions(+), 3 deletions(-)

diff --git 
a/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch 
b/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch
index 30a8486016..333d543dd9 100644
--- a/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch
+++ b/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch
@@ -44,7 +44,7 @@ diff --git a/gcc/config.in b/gcc/config.in
 index 809e7b26823..5adeaeed36b 100644
 --- a/gcc/config.in
 +++ b/gcc/config.in
-@@ -224,6 +224,12 @@
+@@ -224,6 +224,16 @@
  #endif
  
  
@@ -52,6 +52,10 @@ index 809e7b26823..5adeaeed36b 100644
 +#ifndef USED_FOR_TARGET
 +#undef ENABLE_POISON_SYSTEM_DIRECTORIES
 +#endif
++/* Define to warn for use of native system header directories */
++#ifndef USED_FOR_TARGET
++#undef POISON_BY_DEFAULT
++#endif
 +
 +
  /* Define if you want all operations on RTL (the basic data structure of the
@@ -78,7 +82,7 @@ index cd3d9516fce..8de766a942c 100755
--enable-plugin enable plugin support
--enable-host-sharedbuild host code as shared libraries
--disable-libquadmath-support
-@@ -30235,6 +30238,19 @@ if test "${enable_version_specific_runtime_libs+set}" 
= set; then :
+@@ -30235,6 +30238,22 @@ if test "${enable_version_specific_runtime_libs+set}" 
= set; then :
  fi
  
  
@@ -89,9 +93,12 @@ index cd3d9516fce..8de766a942c 100755
 +  enable_poison_system_directories=no
 +fi
 +
-+if test "x${enable_poison_system_directories}" = "xyes"; then
++if test "x${enable_poison_system_directories}" != "xno"; then
 +
 +$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
++if test "$enable_poison_system_directories" = "error"; then
++$as_echo "#define POISON_BY_DEFAULT 1" >>confdefs.h
++fi
 +
 +fi
 +
@@ -198,3 +205,46 @@ index 8a2bda00f80..9098ab044ab 100644
  }
  
  /* Use given -I paths for #include "..." but not #include <...>, and
+diff --git a/gcc/configure.ac b/gcc/configure.ac
+index f42006e5476..de7e176ea53 100644
+--- a/gcc/configure.ac
 b/gcc/configure.ac
+@@ -6602,12 +6602,18 @@ AC_ARG_ENABLE(version-specific-runtime-libs,
+ 
+ AC_ARG_ENABLE([poison-system-directories],
+  AS_HELP_STRING([--enable-poison-system-directories],
+-[warn for use of native system header 
directories]),,
++[warn for use of native system header directories 
(no/yes/error)]),,
+  [enable_poison_system_directories=no])
++AC_MSG_NOTICE([poisoned directories $enable_poison_system_directories])
+-if test "x${enable_poison_system_directories}" = "xyes"; then
++if test "x${enable_poison_system_directories}" != "xno"; then
++  AC_MSG_NOTICE([poisoned directories enabled])
+   AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
+[1],
+[Define to warn for use of native system header directories])
++  if test $enable_poison_system_directories = "error"; then
++   AC_MSG_NOTICE([poisoned directories are fatal])
++   AC_DEFINE([POISON_BY_DEFAULT], [1], [Define to make poison warnings 
errors])
++  fi
+ fi
+ 
+ # Substitute configuration variables
+diff --git a/gcc/gcc.c b/gcc/gcc.c
+index b2200c5185a..fa7b6fc8ddb 100644
+--- a/gcc/gcc.c
 b/gcc/gcc.c
+@@ -1136,8 +1136,11 @@ static const char *cpp_unique_options =
+ static const char *cpp_options =
+ "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\
+  %{f*} %{g*:%{%:debug-level-gt(0):%{g*}\
+- %{!fno-working-directory:-fworking-directory}}} %{O*}\
+- %{undef} %{save-temps*:-fpch-preprocess}";
++ %{!fno-working-directory:-fworking-directory}}} %{O*}"
++#ifdef POISON_BY_DEFAULT
++ " -Werror=poison-system-directories"
++#endif
++ " %{undef} %{save-temps*:-fpch-preprocess}";
+ 
+ /* This contains cpp options which are not passed when the preprocessor
+output will be used by another program.  */
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149112): 
https://lists.openembedded.org/g/openembedded-core/message/149112
Mute This Topic: https://lists.openembedded.org/mt/81180739/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 3/4] gcc-cross: make use of the system include directories fatal

[Ross Burton]

When building the cross GCC, configure it so that including the host
system include directories is fatal, not just a warning.

Signed-off-by: Ross Burton 
---
 meta/recipes-devtools/gcc/gcc-cross.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/gcc/gcc-cross.inc 
b/meta/recipes-devtools/gcc/gcc-cross.inc
index 6fa8c274cd..e08807afad 100644
--- a/meta/recipes-devtools/gcc/gcc-cross.inc
+++ b/meta/recipes-devtools/gcc/gcc-cross.inc
@@ -21,7 +21,7 @@ require gcc-configure-common.inc
 # gnu) will hit a QA failure.
 LINKER_HASH_STYLE ?= "sysv"
 
-EXTRA_OECONF += "--enable-poison-system-directories"
+EXTRA_OECONF += "--enable-poison-system-directories=error"
 EXTRA_OECONF_append_sh4 = " \
 --with-multilib-list= \
 --enable-incomplete-targets \
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149113): 
https://lists.openembedded.org/g/openembedded-core/message/149113
Mute This Topic: https://lists.openembedded.org/mt/81180740/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] scripts/oe-timeout-dd-test.sh: add script

[Richard Purdie]

On Mon, 2021-03-08 at 09:50 -0500, Randy MacLeod wrote:
> On 2021-03-07 3:58 p.m., Sakib Sajal wrote:
> > +timeout $1 dd if=/dev/zero of=/tmp/foo bs=1024 count=$2 >/dev/null 2>&1
> > +
> > +if [ $? -ne 0 ]
> > +then
> > +top -b -n 1
> > +else
> > +echo "success"
> 
> Do we need this else part? It'll just fill up the logs?
> 
> > +fi
> > +
> 
> What values have you tried and how did that work out?
> On Friday, a build with 100KB and was it .5 seconds and didn't
> see any event exceed the timeout, right? We also ran several builds
> out of a shared local sstate-cache and didn't see any event exceed the 
> timeout, iirc.

It would really help me to have an idea of what we're proposing we configure
on the autobuilder and how to capture the result...

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149109): 
https://lists.openembedded.org/g/openembedded-core/message/149109
Mute This Topic: https://lists.openembedded.org/mt/81158947/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] build-appliance-image: Drop kernel module handling

[Richard Purdie]

kernel-devsrc is a dependency of the image so we no longer need the symlink
creation code or the module-base inherit/dependency as it is included in
that recipe. The KERNEL_VERSION usage was broken anyway as the module
usage would have needed a:

do_image[depends] += "build-appliance-image:do_configure"

which wasn't present so it was indeterminate if KERNEL_VERSION was set
correctly.

Signed-off-by: Richard Purdie 
---
 meta/recipes-core/images/build-appliance-image_15.0.0.bb | 8 +---
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb 
b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
index 705ff63cf7f..2bb8d6da560 100644
--- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -22,7 +22,7 @@ APPEND += "rootfstype=ext4 quiet"
 DEPENDS = "zip-native python3-pip-native"
 IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx"
 
-inherit core-image module-base setuptools3
+inherit core-image setuptools3
 
 SRCREV ?= "e56305dd709ae2af2da7a7599984b3ad18c4970f"
 SRC_URI = "git://git.yoctoproject.org/poky \
@@ -61,12 +61,6 @@ fakeroot do_populate_poky_src () {
# Place the README_VirtualBox_Toaster file in builders home folder.
cp ${WORKDIR}/README_VirtualBox_Toaster.txt 
${IMAGE_ROOTFS}/home/builder/
 
-   # Create a symlink, needed for out-of-tree kernel modules build
-   if [ ! -e ${IMAGE_ROOTFS}/lib/modules/${KERNEL_VERSION}/build ]; then
-   rm -f  ${IMAGE_ROOTFS}/lib/modules/${KERNEL_VERSION}/build
-   lnr ${IMAGE_ROOTFS}${KERNEL_SRC_PATH} 
${IMAGE_ROOTFS}/lib/modules/${KERNEL_VERSION}/build
-   fi
-
echo "INHERIT += \"rm_work\"" >> 
${IMAGE_ROOTFS}/home/builder/poky/build/conf/auto.conf
echo "export LC_ALL=en_US.utf8" >> ${IMAGE_ROOTFS}/home/builder/.bashrc
 
-- 
2.27.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149108): 
https://lists.openembedded.org/g/openembedded-core/message/149108
Mute This Topic: https://lists.openembedded.org/mt/81178647/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell 2/2] yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround

[Steve Sakoman]

From: Michael Halstead 

Signed-off-by: Michael Halstead 
Signed-off-by: Richard Purdie 
(cherry picked from commit 317f8bf320383e81085f5740e202a7edb12932c7)
Signed-off-by: Steve Sakoman 
---
 meta/conf/distro/include/yocto-uninative.inc | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/conf/distro/include/yocto-uninative.inc 
b/meta/conf/distro/include/yocto-uninative.inc
index bc47083978..a2a2dd18ec 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -8,7 +8,7 @@
 
 UNINATIVE_MAXGLIBCVERSION = "2.33"
 
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.11/";
-UNINATIVE_CHECKSUM[aarch64] ?= 
"fa703e25c26eaebb1afd895337b92a24cc5077818e093af74912e53846a117fe"
-UNINATIVE_CHECKSUM[i686] ?= 
"638901c990ffbe716a34400134a2ad49a1c3104e3b48cdafd6fcd28e9b133294"
-UNINATIVE_CHECKSUM[x86_64] ?= 
"047ddd78d6b5cabd2a102120e27755a9eaa1d5724c6a8f4007daa3f10ecb6871"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.0/";
+UNINATIVE_CHECKSUM[aarch64] ?= 
"1c668909098c5b56132067adc69a249cb771f4560428e5822de903a12d97bf33"
+UNINATIVE_CHECKSUM[i686] ?= 
"e6cc2fc056234cffa6a2ff084cce27d544ea3f487a62b5e253351cefd4421900"
+UNINATIVE_CHECKSUM[x86_64] ?= 
"5ec5a9276046e7eceeac749a18b175667384e1f445cd4526300a41404d985a5b"
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149107): 
https://lists.openembedded.org/g/openembedded-core/message/149107
Mute This Topic: https://lists.openembedded.org/mt/81178624/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell 1/2] yocto-uninative.inc: version 2.11 updates glibc to 2.33

[Steve Sakoman]

From: Michael Halstead 

Support glibc 2.33.

Signed-off-by: Michael Halstead 
Signed-off-by: Richard Purdie 
(cherry picked from commit 5c7f963d395aa4a94d78c37883488baac471ea43)
Signed-off-by: Steve Sakoman 
---
 meta/conf/distro/include/yocto-uninative.inc | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/meta/conf/distro/include/yocto-uninative.inc 
b/meta/conf/distro/include/yocto-uninative.inc
index 85336014b1..bc47083978 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,9 +6,9 @@
 # to the distro running on the build machine.
 #
 
-UNINATIVE_MAXGLIBCVERSION = "2.32"
+UNINATIVE_MAXGLIBCVERSION = "2.33"
 
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.10/";
-UNINATIVE_CHECKSUM[aarch64] ?= 
"645e5c50b2b48aabb8b10f783a9f94b4b7c5ddc7cfceb5386d43b86d30253202"
-UNINATIVE_CHECKSUM[i686] ?= 
"233e09b5ff30e15341232a0c16fa8448ff31dccb8f3f3e2ad3948cdac8c4a598"
-UNINATIVE_CHECKSUM[x86_64] ?= 
"04333677f81990ce2cf55c3bc256cd84a66085d18fc95ccddfab8581e4aec014"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.11/";
+UNINATIVE_CHECKSUM[aarch64] ?= 
"fa703e25c26eaebb1afd895337b92a24cc5077818e093af74912e53846a117fe"
+UNINATIVE_CHECKSUM[i686] ?= 
"638901c990ffbe716a34400134a2ad49a1c3104e3b48cdafd6fcd28e9b133294"
+UNINATIVE_CHECKSUM[x86_64] ?= 
"047ddd78d6b5cabd2a102120e27755a9eaa1d5724c6a8f4007daa3f10ecb6871"
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149106): 
https://lists.openembedded.org/g/openembedded-core/message/149106
Mute This Topic: https://lists.openembedded.org/mt/81178621/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell 0/2] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Wednesday.

Passed a-full and meta-oe on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1948
https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/1014

The following changes since commit cf22f3831488b346195e049ace92e153d18660db:

  meta/recipes-core: Add HOMEPAGE / DESCRIPTION (2021-03-05 04:40:01 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Michael Halstead (2):
  yocto-uninative.inc: version 2.11 updates glibc to 2.33
  yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround

 meta/conf/distro/include/yocto-uninative.inc | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149105): 
https://lists.openembedded.org/g/openembedded-core/message/149105
Mute This Topic: https://lists.openembedded.org/mt/81178616/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Yocto Project Newcomer & Unassigned Bugs - Help Needed

[Stephen Jolley]

All,

 

The triage team is starting to try and collect up and classify bugs which a
newcomer to the project would be able to work on in a way which means people
can find them. They're being listed on the triage page under the appropriate
heading:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs  Also please
review:
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded and
how to create a bugzilla account at:

https://bugzilla.yoctoproject.org/createaccount.cgi

The idea is these bugs should be straight forward for a person to help work
on who doesn't have deep experience with the project.  If anyone can help,
please take ownership of the bug and send patches!  If anyone needs
help/advice there are people on irc who can likely do so, or some of the
more experienced contributors will likely be happy to help too.

 

Also, the triage team meets weekly and does its best to handle the bugs
reported into the Bugzilla. The number of people attending that meeting has
fallen, as have the number of people available to help fix bugs. One of the
things we hear users report is they don't know how to help. We (the triage
team) are therefore going to start reporting out the currently 367
unassigned or newcomer bugs.

 

We're hoping people may be able to spare some time now and again to help out
with these.  Bugs are split into two types, "true bugs" where things don't
work as they should and "enhancements" which are features we'd want to add
to the system.  There are also roughly four different "priority" classes
right now, "3.2", "3.3, "3.99" and "Future", the more pressing/urgent issues
being in "3.2" and then "3.3".

 

Please review this link and if a bug is something you would be able to help
with either take ownership of the bug, or send me (sjolley.yp...@gmail.com
 ) an e-mail with the bug number you would
like and I will assign it to you (please make sure you have a Bugzilla
account).  The list is at:
https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer
_Bugs

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149104): 
https://lists.openembedded.org/g/openembedded-core/message/149104
Mute This Topic: https://lists.openembedded.org/mt/81177753/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][meta-oe][dunfell][PATCH] mdns: Whitelisted CVE-2007-0613 for mdns

[Khem Raj]

Hi Sana

Thanks for your contribution. this patch needs a bit of rework, please 
apply it to master branch of meta-openembedded repository, this recipe 
is from meta-networking layer therefore prefix your subject line with 
[meta-networking] and meta-openembedded repo patches are sent to 
oe-devel mailing list not oe-core


here are OE patch submission guideline whic h will be helpful

https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded
https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines


On 3/7/21 9:58 PM, Sana Kazi wrote:

CVE-2007-0613 is not applicable as it only affects Apple products
i.e. ichat,mdnsresponder, instant message framework and MacOS.
Also, https://www.exploit-db.com/exploits/3230 shows the part of code
affected by CVE-2007-0613 which is not preset in upstream source code.
Hence, CVE-2007-0613 does not affect other Yocto implementations and
is not reported for other distros can be marked whitelisted.
Links:
https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613
https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613
https://security-tracker.debian.org/tracker/CVE-2007-0613
https://ubuntu.com/security/CVE-2007-0613
https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613
---
  .../recipes-protocols/mdns/mdns_878.270.2.bb| 13 +
  1 file changed, 13 insertions(+)

diff --git a/meta-networking/recipes-protocols/mdns/mdns_878.270.2.bb 
b/meta-networking/recipes-protocols/mdns/mdns_878.270.2.bb
index 0f8dc92df3..ce31233264 100644
--- a/meta-networking/recipes-protocols/mdns/mdns_878.270.2.bb
+++ b/meta-networking/recipes-protocols/mdns/mdns_878.270.2.bb
@@ -26,6 +26,19 @@ SRC_URI = 
"https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-${P
  SRC_URI[md5sum] = "4e139a8e1133349006b0436291c9e29b"
  SRC_URI[sha256sum] = 
"2cef0ee9900504c5277fb81de0a28e6c0835fe482ebecf1067c6864f5c4eda74"

+# CVE-2007-0613 is not applicable as it only affects Apple products
+# i.e. ichat,mdnsresponder, instant message framework and MacOS.
+# Also, https://www.exploit-db.com/exploits/3230 shows the part of code
+# affected by CVE-2007-0613 which is not preset in upstream source code.
+# Hence, CVE-2007-0613 does not affect other Yocto implementations and
+# is not reported for other distros can be marked whitelisted.
+# Links:
+# https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613
+# https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613
+# https://security-tracker.debian.org/tracker/CVE-2007-0613
+# https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613
+CVE_CHECK_WHITELIST += "CVE-2007-0613"
+
  PARALLEL_MAKE = ""

  S = "${WORKDIR}/mDNSResponder-${PV}/mDNSPosix"
--
2.17.1

This message contains information that may be privileged or confidential and is 
the property of the KPIT Technologies Ltd. It is intended only for the person 
to whom it is addressed. If you are not the intended recipient, you are not 
authorized to read, print, retain copy, disseminate, distribute, or use this 
message or any part thereof. If you receive this message in error, please 
notify the sender immediately and delete all copies of this message. KPIT 
Technologies Ltd. does not accept any liability for virus infected mails.


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149103): 
https://lists.openembedded.org/g/openembedded-core/message/149103
Mute This Topic: https://lists.openembedded.org/mt/81168090/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] qemu: fix CVE-2021-20203

[Minjae Kim]

net: vmxnet3: validate configuration values during activate

Upstream-Status: Acepted 
[https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html]
CVE: CVE-2021-20203
Signed-off-by: Minjae Kim 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2021-20203.patch| 73 +++
 2 files changed, 74 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index a6dc941624..a625809597 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -30,6 +30,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://mmap2.patch \
file://determinism.patch \

file://0001-tests-meson.build-use-relative-path-to-refer-to-file.patch \
+  file://CVE-2021-20203.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch
new file mode 100644
index 00..269c6f1294
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch
@@ -0,0 +1,73 @@
+From: Prasad J Pandit 
+
+While activating device in vmxnet3_acticate_device(), it does not
+validate guest supplied configuration values against predefined
+minimum - maximum limits. This may lead to integer overflow or
+OOB access issues. Add checks to avoid it.
+
+Fixes: CVE-2021-20203
+Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
+Reported-by: Gaoning Pan 
+Signed-off-by: Prasad J Pandit 
+
+Upstream-Status: Acepted 
[https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html]
+CVE: CVE-2021-20203
+Signed-off-by: Minjae Kim 
+---
+ hw/net/vmxnet3.c | 13 +
+ 1 file changed, 13 insertions(+)
+
+diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
+index eff299f629..4a910ca971 100644
+--- a/hw/net/vmxnet3.c
 b/hw/net/vmxnet3.c
+@@ -1420,6 +1420,7 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ vmxnet3_setup_rx_filtering(s);
+ /* Cache fields from shared memory */
+ s->mtu = VMXNET3_READ_DRV_SHARED32(d, s->drv_shmem, devRead.misc.mtu);
++assert(VMXNET3_MIN_MTU <= s->mtu && s->mtu < VMXNET3_MAX_MTU);
+ VMW_CFPRN("MTU is %u", s->mtu);
+ 
+ s->max_rx_frags =
+@@ -1473,6 +1474,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* Read rings memory locations for TX queues */
+ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.txRingBasePA);
+ size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.txRingSize);
++if (size > VMXNET3_TX_RING_MAX_SIZE) {
++size = VMXNET3_TX_RING_MAX_SIZE;
++}
+ 
+ vmxnet3_ring_init(d, &s->txq_descr[i].tx_ring, pa, size,
+   sizeof(struct Vmxnet3_TxDesc), false);
+@@ -1483,6 +1487,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* TXC ring */
+ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.compRingBasePA);
+ size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.compRingSize);
++if (size > VMXNET3_TC_RING_MAX_SIZE) {
++size = VMXNET3_TC_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->txq_descr[i].comp_ring, pa, size,
+   sizeof(struct Vmxnet3_TxCompDesc), true);
+ VMXNET3_RING_DUMP(VMW_CFPRN, "TXC", i, &s->txq_descr[i].comp_ring);
+@@ -1524,6 +1531,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* RX rings */
+ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, 
conf.rxRingBasePA[j]);
+ size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, 
conf.rxRingSize[j]);
++if (size > VMXNET3_RX_RING_MAX_SIZE) {
++size = VMXNET3_RX_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->rxq_descr[i].rx_ring[j], pa, size,
+   sizeof(struct Vmxnet3_RxDesc), false);
+ VMW_CFPRN("RX queue %d:%d: Base: %" PRIx64 ", Size: %d",
+@@ -1533,6 +1543,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* RXC ring */
+ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, conf.compRingBasePA);
+ size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, conf.compRingSize);
++if (size > VMXNET3_RC_RING_MAX_SIZE) {
++size = VMXNET3_RC_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->rxq_descr[i].comp_ring, pa, size,
+   sizeof(struct Vmxnet3_RxCompDesc), true);
+ VMW_CFPRN("RXC queue %d: Base: %" PRIx64 ", Size: %d", i, pa, size);
+-- 
+2.29.2
-- 
2.24.3 (Apple Git-128)


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149102): 
https://lists.openembedded.org/g/openembedded-core/message/149102
Mute This Topic: https://lists.openembedded.org/mt/81175785/21656
Group Owner:

Re: [OE-core] [PATCH] scripts/oe-timeout-dd-test.sh: add script

[Randy MacLeod]

On 2021-03-07 3:58 p.m., Sakib Sajal wrote:

oe-timeout-dd-test tries to write  number of
kilobytes to the filesystem within a specified
. The purporse of this script is to find

s/purporse/purpose/

which part of the build system puts stress on the
filesystem io and log all the processes.




To use and monitor a build, add to local.conf:
BB_HEARTBEAT_EVENT = ""
BB_LOG_HOST_STAT_ON_INTERVAL = "1"
BB_LOG_HOST_STAT_CMDS = "oe-timeout-dd-test.sh  "

Log can be found at:
$TMPDIR/buildstats//host_stats file.

Signed-off-by: Sakib Sajal 
---
  scripts/oe-timeout-dd-test.sh | 26 ++
  1 file changed, 26 insertions(+)
  create mode 100644 scripts/oe-timeout-dd-test.sh

diff --git a/scripts/oe-timeout-dd-test.sh b/scripts/oe-timeout-dd-test.sh
new file mode 100644
index 00..40b3948c32
--- /dev/null
+++ b/scripts/oe-timeout-dd-test.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# oe-timeout-dd-test tries to write  number of
+# kilobytes to the filesystem within a specified time
+# constraint. The purporse of this script is to find

s/purporse/purpose/

+# which part of the build system puts stress on the
+# filesystem io and log all the processes.

s/./when that happens./

It's probably worth pointing out that  is a floating point
number and maybe provide typical values such as with a HB interval of
15 seconds, and 0.5s timeout and 100 KB IO, the result is
no triggers on an isolated system whereas say ?0.1?s and 100 KB IO
results in several triggers. The idea is to give people a starting
point.

+
+usage() {
+echo "Usage: $0  "
+}
+
+if [ $# -ne 2 ]; then
+usage
+exit 1
+fi
+
+timeout $1 dd if=/dev/zero of=/tmp/foo bs=1024 count=$2 >/dev/null 2>&1
+
+if [ $? -ne 0 ]
+then
+top -b -n 1
+else
+echo "success"


Do we need this else part? It'll just fill up the logs?


+fi
+


What values have you tried and how did that work out?
On Friday, a build with 100KB and was it .5 seconds and didn't
see any event exceed the timeout, right? We also ran several builds
out of a shared local sstate-cache and didn't see any event exceed the 
timeout, iirc.


../Randy











--
# Randy MacLeod
# Wind River Linux

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149101): 
https://lists.openembedded.org/g/openembedded-core/message/149101
Mute This Topic: https://lists.openembedded.org/mt/81158947/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH] qemu: fix CVE-2021-20203

[Minjae Kim]

net: vmxnet3: validate configuration values during activate

Upstream-Status: Acepted 
[https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html]
CVE: CVE-2021-20203
Signed-off-by: Minjae Kim 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2021-20203.patch| 74 +++
 2 files changed, 75 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index 97f110cde5..482ca3d6e5 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -39,6 +39,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2020-28916.patch \
   file://CVE-2020-35517.patch \
   file://CVE-2020-29443.patch \
+  file://CVE-2021-20203.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch
new file mode 100644
index 00..31440af0bd
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch
@@ -0,0 +1,74 @@
+From: Prasad J Pandit 
+
+While activating device in vmxnet3_acticate_device(), it does not
+validate guest supplied configuration values against predefined
+minimum - maximum limits. This may lead to integer overflow or
+OOB access issues. Add checks to avoid it.
+
+Fixes: CVE-2021-20203
+Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
+Reported-by: Gaoning Pan 
+Signed-off-by: Prasad J Pandit 
+
+Upstream-Status: Acepted 
[https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html]
+CVE: CVE-2021-20203
+Signed-off-by: Minjae Kim 
+---
+ hw/net/vmxnet3.c | 13 +
+ 1 file changed, 13 insertions(+)
+
+diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
+index eff299f629..4a910ca971 100644
+--- a/hw/net/vmxnet3.c
 b/hw/net/vmxnet3.c
+@@ -1420,6 +1420,7 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ vmxnet3_setup_rx_filtering(s);
+ /* Cache fields from shared memory */
+ s->mtu = VMXNET3_READ_DRV_SHARED32(d, s->drv_shmem, devRead.misc.mtu);
++assert(VMXNET3_MIN_MTU <= s->mtu && s->mtu < VMXNET3_MAX_MTU);
+ VMW_CFPRN("MTU is %u", s->mtu);
+ 
+ s->max_rx_frags =
+@@ -1473,6 +1474,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* Read rings memory locations for TX queues */
+ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.txRingBasePA);
+ size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.txRingSize);
++if (size > VMXNET3_TX_RING_MAX_SIZE) {
++size = VMXNET3_TX_RING_MAX_SIZE;
++}
+ 
+ vmxnet3_ring_init(d, &s->txq_descr[i].tx_ring, pa, size,
+   sizeof(struct Vmxnet3_TxDesc), false);
+@@ -1483,6 +1487,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* TXC ring */
+ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.compRingBasePA);
+ size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.compRingSize);
++if (size > VMXNET3_TC_RING_MAX_SIZE) {
++size = VMXNET3_TC_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->txq_descr[i].comp_ring, pa, size,
+   sizeof(struct Vmxnet3_TxCompDesc), true);
+ VMXNET3_RING_DUMP(VMW_CFPRN, "TXC", i, &s->txq_descr[i].comp_ring);
+@@ -1524,6 +1531,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* RX rings */
+ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, 
conf.rxRingBasePA[j]);
+ size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, 
conf.rxRingSize[j]);
++if (size > VMXNET3_RX_RING_MAX_SIZE) {
++size = VMXNET3_RX_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->rxq_descr[i].rx_ring[j], pa, size,
+   sizeof(struct Vmxnet3_RxDesc), false);
+ VMW_CFPRN("RX queue %d:%d: Base: %" PRIx64 ", Size: %d",
+@@ -1533,6 +1543,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* RXC ring */
+ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, conf.compRingBasePA);
+ size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, conf.compRingSize);
++if (size > VMXNET3_RC_RING_MAX_SIZE) {
++size = VMXNET3_RC_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->rxq_descr[i].comp_ring, pa, size,
+   sizeof(struct Vmxnet3_RxCompDesc), true);
+ VMW_CFPRN("RXC queue %d: Base: %" PRIx64 ", Size: %d", i, pa, size);
+-- 
+2.29.2
+
-- 
2.24.3 (Apple Git-128)


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149100): 
https://lists.openembedded.org/g/openembedded-core/message/149100
Mute This Topic: https://lists.openembedded.org/mt/81174364/21656
Group Owner: openembedded-core+ow...@lists.o

[OE-core] [dunfell][PATCH 2/2] qemu: fix CVE-2021-20203

[Minjae Kim]

net: vmxnet3: validate configuration values during activate

Upstream-Status: Acepted 
[https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html]
CVE: CVE-2021-20203
Signed-off-by: Minjae Kim 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2021-20203.patch| 74 +++
 2 files changed, 75 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index a1a418374f..5e8d3e09ff 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -53,6 +53,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
   file://CVE-2019-20175.patch \
   file://CVE-2020-24352.patch \
   file://CVE-2020-25723.patch \
+  file://CVE-2021-20203.patch \
   "
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch
new file mode 100644
index 00..31440af0bd
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch
@@ -0,0 +1,74 @@
+From: Prasad J Pandit 
+
+While activating device in vmxnet3_acticate_device(), it does not
+validate guest supplied configuration values against predefined
+minimum - maximum limits. This may lead to integer overflow or
+OOB access issues. Add checks to avoid it.
+
+Fixes: CVE-2021-20203
+Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
+Reported-by: Gaoning Pan 
+Signed-off-by: Prasad J Pandit 
+
+Upstream-Status: Acepted 
[https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html]
+CVE: CVE-2021-20203
+Signed-off-by: Minjae Kim 
+---
+ hw/net/vmxnet3.c | 13 +
+ 1 file changed, 13 insertions(+)
+
+diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
+index eff299f629..4a910ca971 100644
+--- a/hw/net/vmxnet3.c
 b/hw/net/vmxnet3.c
+@@ -1420,6 +1420,7 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ vmxnet3_setup_rx_filtering(s);
+ /* Cache fields from shared memory */
+ s->mtu = VMXNET3_READ_DRV_SHARED32(d, s->drv_shmem, devRead.misc.mtu);
++assert(VMXNET3_MIN_MTU <= s->mtu && s->mtu < VMXNET3_MAX_MTU);
+ VMW_CFPRN("MTU is %u", s->mtu);
+ 
+ s->max_rx_frags =
+@@ -1473,6 +1474,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* Read rings memory locations for TX queues */
+ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.txRingBasePA);
+ size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.txRingSize);
++if (size > VMXNET3_TX_RING_MAX_SIZE) {
++size = VMXNET3_TX_RING_MAX_SIZE;
++}
+ 
+ vmxnet3_ring_init(d, &s->txq_descr[i].tx_ring, pa, size,
+   sizeof(struct Vmxnet3_TxDesc), false);
+@@ -1483,6 +1487,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* TXC ring */
+ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.compRingBasePA);
+ size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.compRingSize);
++if (size > VMXNET3_TC_RING_MAX_SIZE) {
++size = VMXNET3_TC_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->txq_descr[i].comp_ring, pa, size,
+   sizeof(struct Vmxnet3_TxCompDesc), true);
+ VMXNET3_RING_DUMP(VMW_CFPRN, "TXC", i, &s->txq_descr[i].comp_ring);
+@@ -1524,6 +1531,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* RX rings */
+ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, 
conf.rxRingBasePA[j]);
+ size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, 
conf.rxRingSize[j]);
++if (size > VMXNET3_RX_RING_MAX_SIZE) {
++size = VMXNET3_RX_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->rxq_descr[i].rx_ring[j], pa, size,
+   sizeof(struct Vmxnet3_RxDesc), false);
+ VMW_CFPRN("RX queue %d:%d: Base: %" PRIx64 ", Size: %d",
+@@ -1533,6 +1543,9 @@ static void vmxnet3_activate_device(VMXNET3State *s)
+ /* RXC ring */
+ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, conf.compRingBasePA);
+ size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, conf.compRingSize);
++if (size > VMXNET3_RC_RING_MAX_SIZE) {
++size = VMXNET3_RC_RING_MAX_SIZE;
++}
+ vmxnet3_ring_init(d, &s->rxq_descr[i].comp_ring, pa, size,
+   sizeof(struct Vmxnet3_RxCompDesc), true);
+ VMW_CFPRN("RXC queue %d: Base: %" PRIx64 ", Size: %d", i, pa, size);
+-- 
+2.29.2
+
-- 
2.24.3 (Apple Git-128)


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149099): 
https://lists.openembedded.org/g/openembedded-core/message/149099
Mute This Topic: https://lists.openembedded.org/mt/81173662/21656
Group Owner: openembedded-core+ow...@lists.ope

[OE-core] [dunfell][PATCH 1/2] wpa-supplicant: fix CVE-2021-27803

[Minjae Kim]

A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant
before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests.
It could result in denial of service or other impact
(potentially execution of arbitrary code), for an attacker within radio range.

Upstream-Status: Acepted 
[https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32]
CVE: CVE-2021-27803
Signed-off-by: Minjae Kim 
---
 .../wpa-supplicant/CVE-2021-27803.patch   | 54 +++
 .../wpa-supplicant/wpa-supplicant_2.9.bb  |  1 +
 2 files changed, 55 insertions(+)
 create mode 100644 
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch

diff --git 
a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch
new file mode 100644
index 00..dc576d1a11
--- /dev/null
+++ 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch
@@ -0,0 +1,54 @@
+From 8460e3230988ef2ec13ce6b69b687e941f6cdb32 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen 
+Date: Tue, 8 Dec 2020 23:52:50 +0200
+Subject: [PATCH] P2P: Fix a corner case in peer addition based on PD Request
+
+p2p_add_device() may remove the oldest entry if there is no room in the
+peer table for a new peer. This would result in any pointer to that
+removed entry becoming stale. A corner case with an invalid PD Request
+frame could result in such a case ending up using (read+write) freed
+memory. This could only by triggered when the peer table has reached its
+maximum size and the PD Request frame is received from the P2P Device
+Address of the oldest remaining entry and the frame has incorrect P2P
+Device Address in the payload.
+
+Fix this by fetching the dev pointer again after having called
+p2p_add_device() so that the stale pointer cannot be used.
+
+Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery 
Request")
+Signed-off-by: Jouni Malinen 
+
+Upstream-Status: Acepted 
[https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32]
+CVE: CVE-2021-27803
+Signed-off-by: Minjae Kim 
+---
+ src/p2p/p2p_pd.c | 12 +---
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c
+index 3994ec03f86b..05fd593494ef 100644
+--- a/src/p2p/p2p_pd.c
 b/src/p2p/p2p_pd.c
+@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, 
const u8 *sa,
+   goto out;
+   }
+ 
++  dev = p2p_get_device(p2p, sa);
+   if (!dev) {
+-  dev = p2p_get_device(p2p, sa);
+-  if (!dev) {
+-  p2p_dbg(p2p,
+-  "Provision Discovery device not found "
+-  MACSTR, MAC2STR(sa));
+-  goto out;
+-  }
++  p2p_dbg(p2p,
++  "Provision Discovery device not found "
++  MACSTR, MAC2STR(sa));
++  goto out;
+   }
+   } else if (msg.wfd_subelems) {
+   wpabuf_free(dev->info.wfd_subelems);
+-- 
+2.25.1
+
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
index 7cc03fef7d..cfd1b7f140 100644
--- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
@@ -29,6 +29,7 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz  
\

file://0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \

file://0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \

file://0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
+   file://CVE-2021-27803.patch \
   "
 SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190"
 SRC_URI[sha256sum] = 
"fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17"
-- 
2.24.3 (Apple Git-128)


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149098): 
https://lists.openembedded.org/g/openembedded-core/message/149098
Mute This Topic: https://lists.openembedded.org/mt/81173661/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [meta-oe][master][dunfell][gatesgarth][PATCH] neon: use pkg-config instead of xml2-config to configure

[saloni]

From: Nisha Parrakat 

xml2-config is broken for neon.
if packageconfig libxml2, webdav, zlib is enabled for neon
we get the following configure error in the yocto build.

| configure: WebDAV support is enabled
| checking for xml2-config... xml2-config
| ERROR: /usr/bin/xml2-config should not be used, use an alternative such as 
pkg-config
| ERROR: /usr/bin/xml2-config should not be used, use an alternative such as 
pkg-config
| ERROR: /usr/bin/xml2-config should not be used, use an alternative such as 
pkg-config
| checking libxml/xmlversion.h usability... no
| checking libxml/xmlversion.h presence... no
| checking for libxml/xmlversion.h... no
| configure: error: could not find parser.h, libxml installation problem?
| WARNING: exit code 1 from a shell command.

The patch lets configure use pkg-config

Signed-off-by: Nisha Parrakat 
Signed-off-by: Saloni Jain 
---
 .../neon/fix-package-check-for-libxml2.patch  | 50 +++
 meta-oe/recipes-support/neon/neon_0.30.2.bb   |  1 +
 2 files changed, 51 insertions(+)
 create mode 100644 
meta-oe/recipes-support/neon/neon/fix-package-check-for-libxml2.patch

diff --git 
a/meta-oe/recipes-support/neon/neon/fix-package-check-for-libxml2.patch 
b/meta-oe/recipes-support/neon/neon/fix-package-check-for-libxml2.patch
new file mode 100644
index 0..9363c6d5e
--- /dev/null
+++ b/meta-oe/recipes-support/neon/neon/fix-package-check-for-libxml2.patch
@@ -0,0 +1,50 @@
+neon: Change the neon configure to use pkg-config instead of xml2-config
+
+xml2-config is broken for neon
+if packageconfig libxml2, webdav, zlib is enabled for neon
+we get the following configure error in the yocto build
+
+| configure: WebDAV support is enabled
+| checking for xml2-config... xml2-config
+| ERROR: /usr/bin/xml2-config should not be used, use an alternative such as 
pkg-config
+| ERROR: /usr/bin/xml2-config should not be used, use an alternative such as 
pkg-config
+| ERROR: /usr/bin/xml2-config should not be used, use an alternative such as 
pkg-config
+| checking libxml/xmlversion.h usability... no
+| checking libxml/xmlversion.h presence... no
+| checking for libxml/xmlversion.h... no
+| configure: error: could not find parser.h, libxml installation problem?
+| WARNING: exit code 1 from a shell command.
+
+The patch lets configure use pkg-config
+
+Upstream-Status: inappropriate
+(Upstream suggests to use latest 0.31 as per the discussion
+https://github.com/notroj/neon/discussions/47)
+
+Signed-off-by: Nisha Parrakat 
+--- a/macros/neon-xml-parser.m42008-07-19 23:52:35.0 +0200
 b/macros/neon-xml-parser.m42021-02-15 23:56:59.202751257 +0100
+@@ -44,17 +44,17 @@
+
+ dnl Find libxml2: run $1 if found, else $2
+ AC_DEFUN([NE_XML_LIBXML2], [
+-AC_CHECK_PROG(XML2_CONFIG, xml2-config, xml2-config)
++AC_CHECK_PROG(XML2_CONFIG, pkg-config, pkg-config)
+ if test -n "$XML2_CONFIG"; then
+-neon_xml_parser_message="libxml `$XML2_CONFIG --version`"
+ AC_DEFINE(HAVE_LIBXML, 1, [Define if you have libxml])
+-# xml2-config in some versions erroneously includes -I/include
+-# in the --cflags output.
+-CPPFLAGS="$CPPFLAGS `$XML2_CONFIG --cflags | sed 's| -I/include||g'`"
+-NEON_LIBS="$NEON_LIBS `$XML2_CONFIG --libs | sed 's|-L/usr/lib ||g'`"
++PKG_CHECK_MODULES(XML, libxml-2.0 >= 2.4)
++AC_MSG_NOTICE([libxmlfound CFlags : , ${XML_CFLAGS}])
++CPPFLAGS="$CPPFLAGS ${XML_CFLAGS}"
++NEON_LIBS="$NEON_LIBS ${XML_LIBS}"
+ AC_CHECK_HEADERS(libxml/xmlversion.h libxml/parser.h,,[
+   AC_MSG_ERROR([could not find parser.h, libxml installation problem?])])
+ neon_xml_parser=libxml2
++neon_xml_parser_message="libxml2"
+ else
+ $1
+ fi
diff --git a/meta-oe/recipes-support/neon/neon_0.30.2.bb 
b/meta-oe/recipes-support/neon/neon_0.30.2.bb
index 00b79f633..63676a98b 100644
--- a/meta-oe/recipes-support/neon/neon_0.30.2.bb
+++ b/meta-oe/recipes-support/neon/neon_0.30.2.bb
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = 
"file://src/COPYING.LIB;md5=f30a9716ef3762e3467a2f62bf790f0a

 SRC_URI = "${DEBIAN_MIRROR}/main/n/neon27/neon27_${PV}.orig.tar.gz \
file://pkgconfig.patch \
+   file://fix-package-check-for-libxml2.patch \
   "

 SRC_URI[md5sum] = "e28d77bf14032d7f5046b3930704ef41"
--
2.17.1

This message contains information that may be privileged or confidential and is 
the property of the KPIT Technologies Ltd. It is intended only for the person 
to whom it is addressed. If you are not the intended recipient, you are not 
authorized to read, print, retain copy, disseminate, distribute, or use this 
message or any part thereof. If you receive this message in error, please 
notify the sender immediately and delete all copies of this message. KPIT 
Technologies Ltd. does not accept any liability for virus infected mails.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149097): 
https://lists.openembedded.org/g/openembedded-core/message/149097
Mute This Top

[OE-core] any reason for "cmake_" prefix on cmake_runcmake_build()?

[Robert P. J. Day]

  collecting some examples of inheritance of class functions using
EXPORT_FUNCTIONS, and ran across this routine in cmake.bbclass:

  ... snip ...
  cmake_runcmake_build() {
bbnote ...
eval ...
  }

  cmake_do_compile()  {
cmake_runcmake_build --target ${OECMAKE_TARGET_COMPILE}
  }
  ... snip ...

what puzzles me is that the routine cmake_runcmake_build(), despite
having a "cmake_" prefix, is not being exported with EXPORT_FUNCTIONS,
so while that's a perfectly respectable function, it's not clear why
it would have a "cmake_" prefix. is there some value to that prefix,
or is it just arbitrary?

rday

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149096): 
https://lists.openembedded.org/g/openembedded-core/message/149096
Mute This Topic: https://lists.openembedded.org/mt/81171462/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] what means 'PROVIDES = ""'?

[Robert P. J. Day]

  another oddity in my travels, found a couple recipes that appear to
explicitly un-PROVIDE themselves, such as libxcrypt-compat_4.4.18.bb:

  PROVIDES = ""

i thought that every recipe always implicitly provided itself, and
that one could always extend that (with either = or +=), but this is
the first i've noticed this construct. is it really stripping the
PROVIDES value of the recipe? under what circumstances would you want
to do that?

rday

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#149095): 
https://lists.openembedded.org/g/openembedded-core/message/149095
Mute This Topic: https://lists.openembedded.org/mt/81169664/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-