relocate_sdk.py was developed for little-endian architures and when tries
to install SDK for big-endian machines errors like below will be shown.
The changes made in the script to support big-endian architecture.
Signed-off-by: Sundeep KOKKONDA
---
scripts/relocate_sdk.py | 45
The following changes since commit bcef80623f015c006778edee5cf40dad063e51db:
wic: Use custom kernel path if provided (2022-03-15 23:00:09 +0800)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib stable/hardknott-next
Alexander Kanavin (1):
Fix heap overflow when appending prepare writes
The code shall check if the prepare writes would append more the
allowed maximum attribute length.
Upstream-Status: Backport
[https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0]
CVE: CVE-2022-0204
Signed-off-by: Ralph
Note: this also includes the patches from my previous pull request on Tuesday
The following changes since commit 71015408c60ddf2e9af00cc8574815971e1b689d:
oeqa/selftest/tinfoil: Improve tinfoil event test debugging (2022-03-21
04:17:02 -1000)
are available in the Git repository at:
meson would fail to detect compiler type in some rare care where
specific substring '-xt' is detected in compiler --version output and
it so happens that this string can be generated by clang --version if
clang is installed into a directory containing 'xt-' in its name. with
recipe specific
This ensure that when depmod-native runs we can find the correct
exclude.conf information, in this case adding .debug to ignore
the .debug kernell modules. The kmod utilities like depmod can use
either /etc/depmod.d or /lib/depmod.d. The kmod recipe is installing
the existing search.conf to
This adds a new configuration directive to depmod that causes
depmod to exclude a give path entry like .debug.
kernel-dbg provides the modules .debug/.ko files and
when installed either directly or when dbg-pkgs are selected
this can cause depmod to fail.
Signed-off-by: Saul Wold
---
v2:
As with the kmod version of depmod, exclude .debug from being
searched. Since busybox does not use the depmod.d and any
configuration file option is ignored we just hardcode it.
Signed-off-by: Saul Wold
---
...001-depmod-Ignore-.debug-directories.patch | 32 +++
Signed-off-by: Oleksandr Kravchuk
---
.../python/{python3_3.10.3.bb => python3_3.10.4.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3_3.10.3.bb => python3_3.10.4.bb}
(99%)
diff --git
On Thu, Mar 31, 2022 at 10:32 AM Ralph Siemsen wrote:
>
> Yep, I must have fumbled it before sending it out.
> Please ignore this one, I'll do a v2 later.
>
> Any comments on the usefulness/format of the "Status in other
> branches" would be appreciated.
I approve of the location and format.
Yep, I must have fumbled it before sending it out.
Please ignore this one, I'll do a v2 later.
Any comments on the usefulness/format of the "Status in other
branches" would be appreciated.
Ralph
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online
On Thu, Mar 31, 2022 at 12:38 PM Ralph Siemsen wrote:
>
> Fix heap overflow when appending prepare writes
>
> The code shall check if the prepare writes would append more the
> allowed maximum attribute length.
>
> Upstream-Status: Backport
>
Fix heap overflow when appending prepare writes
The code shall check if the prepare writes would append more the
allowed maximum attribute length.
Upstream-Status: Backport
[https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0]
CVE: CVE-2022-0204
Signed-off-by: Ralph
The origin of the patch needs to be better explained, right now it
seems like a random thing off the internet. Upstream-Status is
certainly not inappropriate, as it is a security fix.
Alex
On Thu, 31 Mar 2022 at 20:42, Joe Slater wrote:
>
> Avoid a null pointer dereference.
>
> Signed-off-by:
Avoid a null pointer dereference.
Signed-off-by: Joe Slater
---
.../unzip/unzip/CVE-2021-4217.patch | 65 +++
meta/recipes-extended/unzip/unzip_6.0.bb | 1 +
2 files changed, 66 insertions(+)
create mode 100644
Generalise this test so that it works on more than qemux86-64:
- Don't edit a file in arch/x86 to cause a rebuild, instead use init/
- Look for the edits in the build tree, as the deployed kernel could be
of any type (zImage/bzImage/etc) and edits may be in the compressed
part.
Also remove
When a test case starts, self.td is populated with all the variables in
the data store. Typically this can be used instead of get_bb_var(),
which saves a bitbake call per variable lookup.
The only catch is that in parallel runs the build directory is moved
after td is populated, so paths in the
Use os.path.join to construct paths, and invoke bitbake once instead of
three times.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 12
1 file changed, 4 insertions(+), 8 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/wic.py
Split the tests into further classes: one which exercises the CLI and
doesn't need to build images at all, and another which is just the
tests that manipulate existing images.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 154 ++--
1 file changed,
Instead of using string concatenation, use os.path.join.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 92 ++---
1 file changed, 46 insertions(+), 46 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/wic.py
OEScriptTests currently skips if cairo isn't present, and does a build
of core-image-minimal. This is only required for the
OEPybootchartguyTests tests, so move that logic there so that the
OEListPackageconfigTests run even if cairo isn't available.
This leaves OEScriptTests as a simple class
has_feature() should be splitting the feature string into substrings and
then looking for membership instead of looking for simple substrings.
has_machine() should be using equality instead of substrings.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/core/decorator/data.py | 6 +++---
1 file
Signed-off-by: Ross Burton
---
meta/lib/oeqa/core/decorator/data.py | 44 ---
meta/lib/oeqa/runtime/cases/boot.py | 2 +-
.../oeqa/runtime/cases/ethernet_ip_connman.py | 3 +-
meta/lib/oeqa/runtime/cases/ltp_stress.py | 3 +-
There may be environments or machines which don't have working runqemu,
so tag all of the tests which use runqemu() so that they can be skipped.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/devtool.py | 3 ++-
meta/lib/oeqa/selftest/cases/gcc.py | 7 +++
This file dates back to 2016. Half of the functions have never been used,
the rest are used in one place and have now been replaced.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/core/utils/misc.py | 47
1 file changed, 47 deletions(-)
delete mode 100644
updateTestData() is just a simple loop that is only used here, so just
inline it.
Signed-off-by: Ross Burton
---
meta/classes/testimage.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/classes/testimage.bbclass b/meta/classes/testimage.bbclass
index
---
meta/lib/oeqa/selftest/cases/_sstatetests_noauto.py | 2 +-
meta/lib/oeqa/selftest/cases/binutils.py| 5 +
meta/lib/oeqa/selftest/cases/buildoptions.py| 2 +-
meta/lib/oeqa/selftest/cases/distrodata.py | 3 ---
meta/lib/oeqa/selftest/cases/eSDK.py
There's no need to use a series of over-generalised functions to just
wrap a string in a tuple.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/runtime/decorator/package.py | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/meta/lib/oeqa/runtime/decorator/package.py
There's no need to wrap *tags in a potential list, as *tags will always
be a tuple.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/core/decorator/__init__.py | 11 +++
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/meta/lib/oeqa/core/decorator/__init__.py
test_arch_work_dir_and_export_source uses the archiver to generate SRPMS,
so explicitly set PACKAGE_CLASSES to ensure that package_rpm is used.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/buildoptions.py | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git
Don't assume bzImage, resepct KERNEL_IMAGETYPE.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/wic.py
b/meta/lib/oeqa/selftest/cases/wic.py
index
Some tests which are marked as x86-specific will actually work on
aarch64 (e.g. use EFI), whilst some other tests really are x86-specific
(e.g. use syslinux).
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
BitBake can optionally 'import yaml' if BB_LOGCONFIG specifies a yaml
file. This is a 3rd party module, so that this works out of the box
when buildtools is used -- either explicitly via buildtools-tarball or
implicitly via eSDK -- we can add pyyaml to the buildtools.
Signed-off-by: Ross Burton
By default bitbake() will raise an assertion if it fails, so there's no
need to wrap it in a further assert.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 24
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git
bb.utils.rename() only exists to handle moves across filesystems. As
these moves are within the same directory we can just use os.rename().
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git
There's no need to pass a recipe name when determining the target
architecture, there's no need to cap the size of the lru_cache as it
will only have one entry, and __name__ is set by @wraps.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/wic.py | 14 +-
1 file changed,
These image types use syslinux which is only available on x86, so only
add them to IMAGE_TYPES on x86.
Signed-off-by: Ross Burton
---
meta/classes/image_types.bbclass | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/meta/classes/image_types.bbclass
The 'devtool upgrade' tests fail if Git doesn't know the user's name or
email, so verify this before the tests start and skip if it is not.
Signed-off-by: Ross Burton
---
meta/lib/oeqa/selftest/cases/devtool.py | 8
1 file changed, 8 insertions(+)
diff --git
On Thu, 2022-03-31 at 15:45 +, Peter Kjellerstedt wrote:
> > -Original Message-
> > From: Richard Purdie
> > Sent: den 31 mars 2022 16:16
> > To: Peter Kjellerstedt ; openembedded-
> > c...@lists.openembedded.org
> > Subject: Re: [OE-core] [PATCH RFC] mirrors: Switch glibc and
> -Original Message-
> From: Richard Purdie
> Sent: den 31 mars 2022 16:16
> To: Peter Kjellerstedt ; openembedded-
> c...@lists.openembedded.org
> Subject: Re: [OE-core] [PATCH RFC] mirrors: Switch glibc and binutils to
> use shallow mirror tarballs
>
> On Thu, 2022-03-31 at 14:09
Security Fixes
The rules for acceptance of records into the cache have been tightened
to prevent the possibility of poisoning if forwarders send records
outside the configured bailiwick. (CVE-2021-25220)
License-Update: copyright years
Signed-off-by: Ralph Siemsen
---
Oh, this might explain some weird errors I was having. See the
de-duplication patch last week or so for oeqa.
Ross
On Thu, 31 Mar 2022 at 12:01, Richard Purdie
wrote:
>
> We can re-trigger this code and there is little point in stacking a ton of
> duplicate
> paths which just waste time
Patch taken from
https://github.com/golang/go/commit/4548fcc8dfd933c237f29bba6f90040a85922564
from the following issue
https://github.com/golang/go/issues/48797
Original repo
https://go.googlesource.com/go/+/77f2750f4398990eed972186706f160631d7dae4
Signed-off-by: Davide Gardenal
---
V2 Update:
On Thu, 2022-03-31 at 14:09 +, Peter Kjellerstedt wrote:
> > -Original Message-
> > From: openembedded-core@lists.openembedded.org
> > On Behalf Of Richard Purdie
> > Sent: den 30 mars 2022 14:24
> > To: openembedded-core@lists.openembedded.org
> > Subject: [OE-core] [PATCH RFC]
> -Original Message-
> From: openembedded-core@lists.openembedded.org
> On Behalf Of Richard Purdie
> Sent: den 30 mars 2022 14:24
> To: openembedded-core@lists.openembedded.org
> Subject: [OE-core] [PATCH RFC] mirrors: Switch glibc and binutils to use
> shallow mirror tarballs
>
>
Signed-off-by: Anuj Mittal
---
.../lttng/{lttng-modules_2.12.7.bb => lttng-modules_2.12.8.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-kernel/lttng/{lttng-modules_2.12.7.bb =>
lttng-modules_2.12.8.bb} (94%)
diff --git
From: Ross Burton
Signed-off-by: Ross Burton
Signed-off-by: Anuj Mittal
---
.../zlib/zlib/CVE-2018-25032.patch| 347 ++
meta/recipes-core/zlib/zlib_1.2.11.bb | 1 +
2 files changed, 348 insertions(+)
create mode 100644
From: Mingli Yu
Backport patch [1] to fix CVE-2021-41496.
[1]
https://github.com/numpy/numpy/commit/271010f1037150e95017f803f4214b8861e528f2
Signed-off-by: Mingli Yu
Signed-off-by: Anuj Mittal
---
.../python-numpy/files/CVE-2021-41496.patch | 64 +++
From: Mingli Yu
Backport patch [1] to fix below CVEs:
- CVE-2021-45085
- CVE-2021-45086
- CVE-2021-45087
- CVE-2021-45088
[1]
https://sources.debian.org/data/main/e/epiphany-browser/3.38.2-1+deb11u2/debian/patches/encode-untrusted-data.patch
Signed-off-by: Mingli Yu
Signed-off-by: Anuj
From: Li Wang
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is
a possible out of bounds write due to a missing bounds check. This
could lead to local information disclosure with no additional
execution privileges needed. User interaction is not needed for
exploitation.Product:
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/.:
b56db30a7c5 cfg/debug: add scc for syzkaller fuzzing
c4494ad7f23 features/tun: add configs for Universal TUN/TAP device driver
support
148948c3829 features/bluetooth: add configs for Bluetooth Virtual HCI
From: Bruce Ashfield
Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:
4c8814277b5d Linux 5.10.107
7a0d13ef67a1 arm64: kvm: Fix copy-and-paste error in bhb templates for
v5.10 stable
dc1163203ae6 io_uring: return back safer resurrect
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto-rt/5.10:
48b12b48c110 Linux 5.10.90-rt61
2367f287812f aio: Fix incorrect usage of eventfd_signal_allowed()
640f56f85c08 stop_machine: Remove this_cpu_ptr() from print_stop_info().
38c47ed56da8 eventfd: Make
Final set of changes before 3.3.6 is built. Please review.
No issues seen while testing on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3452
Thanks,
Anuj
The following changes since commit bcef80623f015c006778edee5cf40dad063e51db:
wic: Use custom kernel
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/.:
6ca1d510a03 features/tpm: split into tpm-1.2, tpm-2.0, tpm-2.0-crb and vtpm
feature
Signed-off-by: Stefan Herbrechtsmeier
Signed-off-by: Bruce Ashfield
Signed-off-by: Alexandre Belloni
(cherry picked from commit
From: Changhyeok Bae
Signed-off-by: Changhyeok Bae
Signed-off-by: Richard Purdie
(cherry picked from commit ed02ee8f20094f598448d58875cb7be8a24a019f)
Signed-off-by: Anuj Mittal
---
.../mobile-broadband-provider-info_git.bb | 7 ---
1 file changed, 4 insertions(+), 3
From: Joe Slater
The first patch is the fix in version 2.9.13. The second
patch was added later and fixes a regression introduced
by the first.
Signed-off-by: Joe Slater
Signed-off-by: Anuj Mittal
---
.../CVE-2022-23308-fix-regression.patch | 99 +
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
81bdce5b5876 tick/nohz: WARN_ON --> WARN_ON_ONCE to prevent console
saturation
97c963889222 sched/isolation: really align nohz_full with rcu_nocbs
Signed-off-by: Bruce Ashfield
Signed-off-by: Alexandre
From: Chee Yang Lee
go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax
package, as well as bug fixes to the compiler, runtime, the go command, and to
the net package. See the Go 1.16.15 milestone on our issue tracker for detai
ls.
Signed-off-by: Chee Yang Lee
From: wangmy
License-Update:
year updated to 2022
Version of some driver files updated
Added files for some drivers
Signed-off-by: Wang Mingyu
Signed-off-by: Richard Purdie
(cherry picked from commit be1b1d204c89035c54a626db46c5054e553b82c2)
Signed-off-by: Anuj Mittal
---
From: Alexander Kanavin
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
(cherry picked from commit 93a335993ce592a8ee34fc9a490e327f2775e03f)
Signed-off-by: Anuj Mittal
---
.../mobile-broadband-provider-info_git.bb | 4 ++--
1 file changed, 2 insertions(+),
From: Minjae Kim
The git repo for gnu-config was changed, so update the
SRC_URI accordingly with the new link.
Signed-off-by:Minjae Kim
Signed-off-by: Anuj Mittal
---
meta/recipes-devtools/gnu-config/gnu-config_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
From: Joe Slater
Avoid generating non-PIC code.
The patches are taken from master 58b16da805... but we cannot
cherry-pick because zip_3.0.bb context is different.
Signed-off-by: Joe Slater
Signed-off-by: Anuj Mittal
---
.../0001-configure-use-correct-CPP.patch | 47 +++
From: Chee Yang Lee
Signed-off-by: Chee Yang Lee
Signed-off-by: Anuj Mittal
---
.../webkit/{webkitgtk_2.30.5.bb => webkitgtk_2.30.6.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-sato/webkit/{webkitgtk_2.30.5.bb => webkitgtk_2.30.6.bb}
(98%)
diff
From: Minjae Kim
The git repo for virglrenderer was changed, so update the
SRC_URI accordingly with the new link.
Signed-off-by:Minjae Kim
Signed-off-by: Anuj Mittal
---
meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
From: Ovidiu Panait
Upgrade openssl 1.1.1l -> 1.1.1n to fix CVE-2022-0778:
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
This also fixes an evp_extra_test ptest failure introduced by
+1 on this. Much happier looking code.
Ross
On Thu, 31 Mar 2022 at 12:51, Richard Purdie
wrote:
>
> The file was originally added to OE here:
> https://git.openembedded.org/openembedded/commit/modutils/files/modutils.sh?id=3b3989442075d0a4c6c32cb187de17d87bf65fbd
>
> and the license added here
The license is clear, add an SPDX license identification header to the script
and drop the weird patch, we don't need it.
Signed-off-by: Richard Purdie
---
meta/recipes-bsp/keymaps/files/GPLv2.patch | 347 -
meta/recipes-bsp/keymaps/files/keymap.sh | 3 +
The license is clear, add an SPDX license identification headers to the scripts
and drop the weird patch, we don't need it.
Signed-off-by: Richard Purdie
---
.../initscripts/initscripts-1.0/GPLv2.patch | 347 --
.../initscripts/initscripts-1.0/alignment.sh | 4 +
The file was originally added to OE here:
https://git.openembedded.org/openembedded/commit/modutils/files/modutils.sh?id=3b3989442075d0a4c6c32cb187de17d87bf65fbd
and the license added here as "PD":
This code was for old versions of bitbake which we're now long past. Drop it
and simplify the code.
Signed-off-by: Richard Purdie
---
meta/classes/base.bbclass | 11 ++-
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
We can re-trigger this code and there is little point in stacking a ton of
duplicate
paths which just waste time during searches for modules. This could in theory
alter
layer module search order but that seems unlikely in common use.
Signed-off-by: Richard Purdie
---
meta/classes/base.bbclass
But the autobuilder does have a 21.10 worker, and the problem isn't
happening there, or is it?
Alex
On Thu, 31 Mar 2022 at 10:52, Carlos Rafael Giani wrote:
>
> I can only report my own host setup, which is Ubuntu 21.10 x86-64.
> libsdl2-native fails to build 100% of the time on this host.
>
>
I can only report my own host setup, which is Ubuntu 21.10 x86-64.
libsdl2-native fails to build 100% of the time on this host.
On 29.03.22 22:35, Alexander Kanavin wrote:
Is this specific to some particular host setup? If so, it needs to be
said in the commit message, so we know when it is
Hi Saul,
Saul Wold escreveu no dia quarta, 30/03/2022 à(s)
23:12:
> This adds a new configuration directive to depmod that causes
> depmod to exclude a give path entry like .debug.
>
> kernel-dbg provides the modules .debug/.ko files and
> when installed either directly or when dbg-pkgs are
Am 30.03.2022 um 19:32 schrieb Khem Raj:
On Wed, Mar 30, 2022 at 1:16 AM Stefan Herbrechtsmeier
wrote:
From: Stefan Herbrechtsmeier
Add a base package version (BPV) variable and use it as default for the
package version (PV) variable. The BPV variable contains the base
package version of
76 matches
Mail list logo