[OE-core] [dunfell][PATCH] go: fix CVE-2023-29402 & CVE-2023-29404

2023-06-28 Thread Hitendra Prajapati 
Backport fixes for:
* CVE-2023-29402 - Upstream-Status: Backport from 
https://github.com/golang/go/commit/c160b49b6d328c86bd76ca2fff9009a71347333f
* CVE-2023-29404 - Upstream-Status: Backport from 
https://github.com/golang/go/commit/bf3c8ce03e175e870763901a3850bca01381a828

Signed-off-by: Hitendra Prajapati 
---
 meta/recipes-devtools/go/go-1.14.inc  |   2 +
 .../go/go-1.14/CVE-2023-29402.patch   | 201 ++
 .../go/go-1.14/CVE-2023-29404.patch   |  84 
 3 files changed, 287 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29404.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc 
b/meta/recipes-devtools/go/go-1.14.inc
index ed505c01b3..ea7b9ea80f 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -65,6 +65,8 @@ SRC_URI += "\
 file://CVE-2023-24540.patch \
 file://CVE-2023-29405-1.patch \
 file://CVE-2023-29405-2.patch \
+file://CVE-2023-29402.patch \
+file://CVE-2023-29404.patch \
 "
 
 SRC_URI_append_libc-musl = " 
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch 
b/meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
new file mode 100644
index 00..01eed9fe1b
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
@@ -0,0 +1,201 @@
+rom c160b49b6d328c86bd76ca2fff9009a71347333f Mon Sep 17 00:00:00 2001
+From: "Bryan C. Mills" 
+Date: Fri, 12 May 2023 14:15:16 -0400
+Subject: [PATCH] [release-branch.go1.19] cmd/go: disallow package directories
+ containing newlines
+
+Directory or file paths containing newlines may cause tools (such as
+cmd/cgo) that emit "//line" or "#line" -directives to write part of
+the path into non-comment lines in generated source code. If those
+lines contain valid Go code, it may be injected into the resulting
+binary.
+
+(Note that Go import paths and file paths within module zip files
+already could not contain newlines.)
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Updates #60167.
+Fixes #60515.
+Fixes CVE-2023-29402.
+
+Change-Id: If55d0400c02beb7a5da5eceac60f1abeac99f064
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1882606
+Reviewed-by: Roland Shoemaker 
+Run-TryBot: Roland Shoemaker 
+Reviewed-by: Russ Cox 
+Reviewed-by: Damien Neil 
+(cherry picked from commit 41f9046495564fc728d6f98384ab7276450ac7e2)
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1902229
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1904343
+Reviewed-by: Michael Knyszek 
+Reviewed-by: Bryan Mills 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501218
+Run-TryBot: David Chase 
+Auto-Submit: Michael Knyszek 
+TryBot-Result: Gopher Robot 
+
+Upstream-Status: Backport 
[https://github.com/golang/go/commit/c160b49b6d328c86bd76ca2fff9009a71347333f]
+CVE: CVE-2023-29402
+Signed-off-by: Hitendra Prajapati 
+---
+ src/cmd/go/internal/load/pkg.go   |   4 +
+ src/cmd/go/internal/work/exec.go  |   6 ++
+ src/cmd/go/script_test.go |   1 +
+ .../go/testdata/script/build_cwd_newline.txt  | 100 ++
+ 4 files changed, 111 insertions(+)
+ create mode 100644 src/cmd/go/testdata/script/build_cwd_newline.txt
+
+diff --git a/src/cmd/go/internal/load/pkg.go b/src/cmd/go/internal/load/pkg.go
+index 369a79b..d2b63b0 100644
+--- a/src/cmd/go/internal/load/pkg.go
 b/src/cmd/go/internal/load/pkg.go
+@@ -1697,6 +1697,10 @@ func (p *Package) load(stk *ImportStack, bp 
*build.Package, err error) {
+   setError(ImportErrorf(p.ImportPath, "invalid import path %q", 
p.ImportPath))
+   return
+   }
++  if strings.ContainsAny(p.Dir, "\r\n") {
++  setError(fmt.Errorf("invalid package directory %q", p.Dir))
++  return
++  }
+ 
+   // Build list of imported packages and full dependency list.
+   imports := make([]*Package, 0, len(p.Imports))
+diff --git a/src/cmd/go/internal/work/exec.go 
b/src/cmd/go/internal/work/exec.go
+index 9a9650b..050b785 100644
+--- a/src/cmd/go/internal/work/exec.go
 b/src/cmd/go/internal/work/exec.go
+@@ -458,6 +458,12 @@ func (b *Builder) build(a *Action) (err error) {
+   b.Print(a.Package.ImportPath + "\n")
+   }
+ 
++  if p.Error != nil {
++  // Don't try to build anything for packages with errors. There 
may be a
++  // problem with the inputs that makes the package unsafe to 
build.
++  return p.Error
++  }
++
+   if a.Package.BinaryOnly {
+   p.Stale = true
+   p.StaleReason = "binary-only packages are no longer supported"
+diff --git a/src/cmd/go/script_test.go b/src/cmd/go/script_test.go
+index ec498bb..a1398ad 100644
+---

Re: [OE-core] [mickledore][PATCH] tiff: backport a fix for CVE-2023-26965

2023-06-28 Thread Siddharth 
CVE-fix for CVE-2023-25434 and CVE-2023-26965 for 4.5.0 was submitted for 
master which could directly be backported to mickledore too as it has the same 
version -> https://lists.openembedded.org/g/openembedded-core/message/183408

However, it increases Steve's task to patch if we submit single CVE's. So, 
better to club and send them.

Regards,
Siddharth

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183607): 
https://lists.openembedded.org/g/openembedded-core/message/183607
Mute This Topic: https://lists.openembedded.org/mt/99835604/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][mickledore][PATCH] tiff: Security fix for CVE-2023-25434 and CVE-2023-26965

2023-06-28 Thread Siddharth 
Upstream-Status: Backport from 
[https://gitlab.com/libtiff/libtiff/-/commit/69818e2f2d246e6631ac2a2da692c3706b849c38,
 
https://gitlab.com/libtiff/libtiff/-/commit/ec8ef90c1f573c9eb1f17d6a056aa0015f184acf]
Signed-off-by: Siddharth Doshi 
---
 .../libtiff/files/CVE-2023-25434.patch| 159 ++
 .../libtiff/files/CVE-2023-26965.patch|  99 +++
 meta/recipes-multimedia/libtiff/tiff_4.5.0.bb |   2 +
 3 files changed, 260 insertions(+)
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch

diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch 
b/meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch
new file mode 100644
index 00..a78c9709f9
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch
@@ -0,0 +1,159 @@
+From 69818e2f2d246e6631ac2a2da692c3706b849c38 Mon Sep 17 00:00:00 2001
+From: Su_Laus 
+Date: Sun, 29 Jan 2023 11:09:26 +0100
+Subject: [PATCH] tiffcrop: Amend rotateImage() not to toggle the input (main)
+ image width and length parameters when only cropped image sections are
+ rotated. Remove buffptr from region structure because never used.
+
+Closes #492 #493 #494 #495 #499 #518 #519
+
+Upstream-Status: Backport from 
[https://gitlab.com/libtiff/libtiff/-/commit/69818e2f2d246e6631ac2a2da692c3706b849c38]
+CVE: CVE-2023-25434
+
+Signed-off-by: Siddharth Doshi 
+---
+ tools/tiffcrop.c | 51 
+ 1 file changed, 30 insertions(+), 21 deletions(-)
+
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index fc5b34b..6e1acc4 100644
+--- a/tools/tiffcrop.c
 b/tools/tiffcrop.c
+@@ -296,7 +296,6 @@ struct region
+ uint32_t width;/* width in pixels */
+ uint32_t length;   /* length in pixels */
+ uint32_t buffsize; /* size of buffer needed to hold the cropped region */
+-unsigned char *buffptr; /* address of start of the region */
+ };
+ 
+ /* Cropping parameters from command line and image data
+@@ -577,7 +576,7 @@ static int rotateContigSamples24bits(uint16_t, uint16_t, 
uint16_t, uint32_t,
+ static int rotateContigSamples32bits(uint16_t, uint16_t, uint16_t, uint32_t,
+  uint32_t, uint32_t, uint8_t *, uint8_t 
*);
+ static int rotateImage(uint16_t, struct image_data *, uint32_t *, uint32_t *,
+-   unsigned char **);
++   unsigned char **, int);
+ static int mirrorImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t,
+unsigned char *);
+ static int invertImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t,
+@@ -5779,7 +5778,6 @@ static void initCropMasks(struct crop_mask *cps)
+ cps->regionlist[i].width = 0;
+ cps->regionlist[i].length = 0;
+ cps->regionlist[i].buffsize = 0;
+-cps->regionlist[i].buffptr = NULL;
+ cps->zonelist[i].position = 0;
+ cps->zonelist[i].total = 0;
+ }
+@@ -7221,8 +7219,13 @@ static int correct_orientation(struct image_data *image,
+ return (-1);
+ }
+ 
+-if (rotateImage(rotation, image, >width, >length,
+-work_buff_ptr))
++/* Dummy variable in order not to switch two times the
++ * image->width,->length within rotateImage(),
++ * but switch xres, yres there. */
++uint32_t width = image->width;
++uint32_t length = image->length;
++if (rotateImage(rotation, image, , , work_buff_ptr,
++TRUE))
+ {
+ TIFFError("correct_orientation", "Unable to rotate image");
+ return (-1);
+@@ -7291,7 +7294,6 @@ static int extractCompositeRegions(struct image_data 
*image,
+ /* These should not be needed for composite images */
+ crop->regionlist[i].width = crop_width;
+ crop->regionlist[i].length = crop_length;
+-crop->regionlist[i].buffptr = crop_buff;
+ 
+ src_rowsize = ((img_width * bps * spp) + 7) / 8;
+ dst_rowsize = (((crop_width * bps * count) + 7) / 8);
+@@ -7552,7 +7554,6 @@ static int extractSeparateRegion(struct image_data 
*image,
+ 
+ crop->regionlist[region].width = crop_width;
+ crop->regionlist[region].length = crop_length;
+-crop->regionlist[region].buffptr = crop_buff;
+ 
+ src = read_buff;
+ dst = crop_buff;
+@@ -8543,7 +8544,7 @@ static int processCropSelections(struct image_data 
*image,
+   reallocate the buffer */
+ {
+ if (rotateImage(crop->rotation, image, >combined_width,
+->combined_length, _buff))
++>combined_length, _buff, FALSE))
+ {
+ TIFFError("processCropSelections",
+   "Failed to rotate composite regions by %" PRIu32
+@@ -8668,7 +8669,7 @@ static int

[OE-core] [mickledore][PATCH] python3-numpy: remove NPY_INLINE, use inline instead

2023-06-28 Thread Yu, Mingli 
From: Mingli Yu 

The build fails when DEBUG_BUILD is enabled with GCC-13 as [1] and [2].

Fixes:
   | numpy/core/src/umath/simd.inc.src:977:20: note: called from here
   | 977 | @vtype@ zeros = _mm512_setzero_@vsuffix@();
  |^~~
   | numpy/core/src/umath/simd.inc.src:596:1: error: inlining failed in call to 
‘always_inline’ ‘avx512_get_full_load_mask_ps’: target specific option mismatch
  596 | avx512_get_full_load_mask_ps(void)
  | ^~~~
   | numpy/core/src/umath/simd.inc.src:976:27: note: called from here
  976 | @mask@ load_mask = avx512_get_full_load_mask_@vsuffix@();
  |   ^~
   | /usr/lib/gcc/x86_64-redhat-linux/13/include/avx512fintrin.h:6499:1: error: 
inlining failed in call to ‘always_inline’ ‘_mm512_loadu_si512’: target 
specific option mismatch

Reference: 
https://github.com/numpy/numpy/pull/22674/commits/3947b1a023a07a55522de65b4d302339bac2bad7

[1] 
https://git.openembedded.org/openembedded-core/commit/?id=8596678667797971559aed962b1c204266032186
[2] http://errors.yoctoproject.org/Errors/Details/689841/

Signed-off-by: Mingli Yu 
---
 inc.src-Change-NPY_INLINE-to-inline.patch | 135 ++
 .../python/python3-numpy_1.24.2.bb|   1 +
 2 files changed, 136 insertions(+)
 create mode 100644 
meta/recipes-devtools/python/python3-numpy/0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch

diff --git 
a/meta/recipes-devtools/python/python3-numpy/0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch
 
b/meta/recipes-devtools/python/python3-numpy/0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch
new file mode 100644
index 00..d733dda333
--- /dev/null
+++ 
b/meta/recipes-devtools/python/python3-numpy/0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch
@@ -0,0 +1,135 @@
+From f2a722aa30a29709bb9b5f60fc6d20a10fe6b4f5 Mon Sep 17 00:00:00 2001
+From: Mingli Yu 
+Date: Wed, 28 Jun 2023 17:58:52 +0800
+Subject: [PATCH] simd.inc.src: Change NPY_INLINE to inline
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes:
+  | numpy/core/src/umath/simd.inc.src:977:20: note: called from here
+  | 977 | @vtype@ zeros = _mm512_setzero_@vsuffix@();
+  |^~~
+  | numpy/core/src/umath/simd.inc.src:596:1: error: inlining failed in call to 
‘always_inline’ ‘avx512_get_full_load_mask_ps’: target specific option mismatch
+  596 | avx512_get_full_load_mask_ps(void)
+  | ^~~~
+  | numpy/core/src/umath/simd.inc.src:976:27: note: called from here
+  976 | @mask@ load_mask = avx512_get_full_load_mask_@vsuffix@();
+  |   ^~
+  | /usr/lib/gcc/x86_64-redhat-linux/13/include/avx512fintrin.h:6499:1: error: 
inlining failed in call to ‘always_inline’ ‘_mm512_loadu_si512’: target 
specific option mismatch
+
+Upstream-Status: Inappropriate [The file simd.inc.src have been removed in new 
version as
+
https://github.com/numpy/numpy/commit/640e85017aa8eac3e9be68b475acf27d623b16b7]
+
+Signed-off-by: Mingli Yu 
+---
+ numpy/core/src/umath/simd.inc.src | 24 
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/numpy/core/src/umath/simd.inc.src 
b/numpy/core/src/umath/simd.inc.src
+index d6c9a7e..39aec9a 100644
+--- a/numpy/core/src/umath/simd.inc.src
 b/numpy/core/src/umath/simd.inc.src
+@@ -61,11 +61,11 @@
+  */
+ 
+ #if defined HAVE_ATTRIBUTE_TARGET_AVX512F_WITH_INTRINSICS && defined 
NPY_HAVE_SSE2_INTRINSICS
+-static NPY_INLINE NPY_GCC_TARGET_AVX512F void
++static inline NPY_GCC_TARGET_AVX512F void
+ AVX512F_@func@_@TYPE@(@type@*, @type@*, const npy_intp n, const npy_intp 
stride);
+ #endif
+ 
+-static NPY_INLINE int
++static inline int
+ run_unary_avx512f_@func@_@TYPE@(char **args, const npy_intp *dimensions, 
const npy_intp *steps)
+ {
+ #if defined HAVE_ATTRIBUTE_TARGET_AVX512F_WITH_INTRINSICS && defined 
NPY_HAVE_SSE2_INTRINSICS
+@@ -99,11 +99,11 @@ run_unary_avx512f_@func@_@TYPE@(char **args, const 
npy_intp *dimensions, const n
+  */
+ 
+ #if defined HAVE_ATTRIBUTE_TARGET_AVX512_SKX_WITH_INTRINSICS && defined 
NPY_HAVE_SSE2_INTRINSICS && @EXISTS@
+-static NPY_INLINE NPY_GCC_TARGET_AVX512_SKX void
++static inline NPY_GCC_TARGET_AVX512_SKX void
+ AVX512_SKX_@func@_@TYPE@(npy_bool*, @type@*, const npy_intp n, const npy_intp 
stride);
+ #endif
+ 
+-static NPY_INLINE int
++static inline int
+ run_@func@_avx512_skx_@TYPE@(char **args, npy_intp const *dimensions, 
npy_intp const *steps)
+ {
+ #if defined HAVE_ATTRIBUTE_TARGET_AVX512_SKX_WITH_INTRINSICS && defined 
NPY_HAVE_SSE2_INTRINSICS && @EXISTS@
+@@ -144,7 +144,7 @@ sse2_@func@_@TYPE@(@type@ *, @type@ *, const npy_intp n);
+ 
+ #endif
+ 
+-static NPY_INLINE int
++static inline int
+ run_@name@_simd_@func@_@TYPE@(char **args, npy_intp const *dimensions, 
npy_intp const

Re: [OE-core] [PATCH] qemu: Install the default qemu emulation rpm

2023-06-28 Thread Yu, Mingli 
Please ignore this patch and use the patch "qemu: Add qemu-common 
package" instead.


And the patch "qemu: Add qemu-common package" fix the backward 
compatibility as 
https://patchwork.yoctoproject.org/project/oe-core/patch/20230627105627.2583973-1-mingli...@eng.windriver.com/.


Thanks,

On 6/15/23 16:17, Yu, Mingli wrote:

From: Mingli Yu 

The qemu rpm can be split or not via customize PACKAGESPLITFUNCS and
there is no specific qemu emulation rpm installed when we choose split
the qemu rpms now.

To gurantee the basic usage, install the qemu emulation rpm which
corresponding to the target arch by default when split the qemu rpm.

Signed-off-by: Mingli Yu 
---
  meta/recipes-devtools/qemu/qemu.inc | 3 +++
  1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index 7d39f0a25d..c9df43a5a2 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -248,6 +248,9 @@ python split_qemu_packages () {
  mipspackage = d.getVar('PN') + "-user-mips"
  if mipspackage in ' '.join(userpackages):
  d.appendVar('RDEPENDS:' + mipspackage, ' ' + d.getVar("MLPREFIX") + 
'bash')
+
+targetarch = "${@'i386' if d.getVar('TARGET_ARCH') in ['x86', 'i486', 'i586', 
'i686'] else d.getVar('TARGET_ARCH').replace('_', '-')}"
+d.appendVar('RRECOMMENDS:' + d.getVar('PN'), ' ' + d.getVar('PN') + 
'-user-' + targetarch + ' ' + d.getVar('PN') + '-system-' + targetarch)
  }
  
  # Put the guest agent in a separate package







-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183604): 
https://lists.openembedded.org/g/openembedded-core/message/183604
Mute This Topic: https://lists.openembedded.org/mt/99544571/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 5/5] init-manager-systemd: add modulesloaddir and modprobedir

2023-06-28 Thread Richard Purdie 
On Tue, 2023-06-27 at 10:16 +, Jose Quaresma wrote:
> Signed-off-by: Jose Quaresma 
> ---
> 
> v5: introduced in v5
> 
>  meta/conf/distro/include/init-manager-systemd.inc | 4 
>  1 file changed, 4 insertions(+)
> 
> diff --git a/meta/conf/distro/include/init-manager-systemd.inc 
> b/meta/conf/distro/include/init-manager-systemd.inc
> index 7867d90028..4989b93502 100644
> --- a/meta/conf/distro/include/init-manager-systemd.inc
> +++ b/meta/conf/distro/include/init-manager-systemd.inc
> @@ -5,3 +5,7 @@ VIRTUAL-RUNTIME_init_manager ??= "systemd"
>  VIRTUAL-RUNTIME_initscripts ??= "systemd-compat-units"
>  VIRTUAL-RUNTIME_login_manager ??= "shadow-base"
>  VIRTUAL-RUNTIME_dev_manager ??= "systemd"
> +
> +# Use modules-load and modprobe config path distribution specific
> +modulesloaddir ?= "${libdir}/modules-load.d"
> +modprobedir ?= "${nonarch_base_libdir}/modprobe.d"

Not everyone uses INIT_MANAGER and we don't really want these set in
every recipe. I think this should be in the bbclass based upon some
conditional, not here...

Cheers,

Richard

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183603): 
https://lists.openembedded.org/g/openembedded-core/message/183603
Mute This Topic: https://lists.openembedded.org/mt/99806550/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] linux-yocto/5.4: cfg: fix DECNET configuration warning

2023-06-28 Thread Bruce Ashfield 
From: Bruce Ashfield 

Dropping CONFIG_DECNET as it has been removed from -stable
and we now get a configuration warning.

Signed-off-by: Bruce Ashfield 
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb 
b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 541d169379..d775a60e9f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "8d8179549a233e7517523ac12887016451da2e20"
-SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
+SRCREV_meta ?= "465d61ba36f5c7e32d1fddef078d5d2068fcc2cc"
 
 SRC_URI = 
"git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \

git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb 
b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 171ff8493c..5e2b2ab6cf 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "ca5368c73bab4eb276a8e721df28c02ceb8f3eeb"
 SRCREV_machine ?= "abb579170926348d1518bc1a2de8cb1cdf403808"
-SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
+SRCREV_meta ?= "465d61ba36f5c7e32d1fddef078d5d2068fcc2cc"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb 
b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 527728d9d0..336e72eede 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= 
"d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
 SRCREV_machine_qemux86-64 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
 SRCREV_machine_qemumips64 ?= "66cac7d41a43594760f6ac48e848d73315cc5dd3"
 SRCREV_machine ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
-SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
+SRCREV_meta ?= "465d61ba36f5c7e32d1fddef078d5d2068fcc2cc"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183602): 
https://lists.openembedded.org/g/openembedded-core/message/183602
Mute This Topic: https://lists.openembedded.org/mt/99840136/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] ptest-runner: Pull in sync fix to improve log warnings

2023-06-28 Thread Richard Purdie 
On Wed, 2023-06-28 at 16:24 +0200, Alexander Kanavin wrote:
> This appears to have regressed glib-2.0 ptest, particularly:
> Failed ptests:
> {'glib-2.0': ['glib/codegen.py.test']}
> https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/5273/steps/12/logs/stdio
> 
> I didn't yet got to the root cause, just wanted to register where it
> happened. Note that the ptest passes when run directly and fails only
> under ptest-runner, and it somehow is specific to qemux86_64 as well.
> Bizarre, yes.

It happens on qemuarm64 too:

https://autobuilder.yoctoproject.org/typhoon/#/builders/82/builds/5091/steps/12/logs/stdio

Cheers,

Richard

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183601): 
https://lists.openembedded.org/g/openembedded-core/message/183601
Mute This Topic: https://lists.openembedded.org/mt/99601743/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] musl: Guard fallocate64 with _LARGEFILE64_SOURCE

2023-06-28 Thread Khem Raj 
Gets this fix

* 718f363b move fallocate64 declaration under _LARGEFILE64_SOURCE feature test

Signed-off-by: Khem Raj 
---
 meta/recipes-core/musl/musl_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/musl/musl_git.bb 
b/meta/recipes-core/musl/musl_git.bb
index 7c8434f23f1..b4c2b1f8980 100644
--- a/meta/recipes-core/musl/musl_git.bb
+++ b/meta/recipes-core/musl/musl_git.bb
@@ -4,7 +4,7 @@
 require musl.inc
 inherit linuxloader
 
-SRCREV = "f5f55d6589940fd2c2188d76686efe3a530e64e0"
+SRCREV = "718f363bc2067b6487900eddc9180c84e7739f80"
 
 BASEVER = "1.2.4"
 
-- 
2.41.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183600): 
https://lists.openembedded.org/g/openembedded-core/message/183600
Mute This Topic: https://lists.openembedded.org/mt/99839226/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v2] strace: Update patches/tests with upstream fixes

2023-06-28 Thread Richard Purdie 
Replace the sockopt disable patch with a fix from upstream. Also add a
patch to handle accept/accept4 differences when using glibc optimisations
for platforms where socketcall is used instead of an accept syscall such
as 32 bit x86.

Signed-off-by: Richard Purdie 
---

v2: Add missing patch to allow sockopt tests to pass

 ...e1392f5bd289239b755458dcdeeed69af1da.patch | 303 ++
 ...b541b258baec9eba674b5d8dc30007a61542.patch |  50 +++
 ...2f4494779e5c5f170ad10539bfc2dfafe967.patch |  50 +++
 .../strace/strace/skip-sockopt-test.patch |  37 ---
 meta/recipes-devtools/strace/strace_6.3.bb|   4 +-
 5 files changed, 406 insertions(+), 38 deletions(-)
 create mode 100644 
meta/recipes-devtools/strace/strace/00ace1392f5bd289239b755458dcdeeed69af1da.patch
 create mode 100644 
meta/recipes-devtools/strace/strace/3bbfb541b258baec9eba674b5d8dc30007a61542.patch
 create mode 100644 
meta/recipes-devtools/strace/strace/f31c2f4494779e5c5f170ad10539bfc2dfafe967.patch
 delete mode 100644 meta/recipes-devtools/strace/strace/skip-sockopt-test.patch

diff --git 
a/meta/recipes-devtools/strace/strace/00ace1392f5bd289239b755458dcdeeed69af1da.patch
 
b/meta/recipes-devtools/strace/strace/00ace1392f5bd289239b755458dcdeeed69af1da.patch
new file mode 100644
index 000..bdf815e55e3
--- /dev/null
+++ 
b/meta/recipes-devtools/strace/strace/00ace1392f5bd289239b755458dcdeeed69af1da.patch
@@ -0,0 +1,303 @@
+From 00ace1392f5bd289239b755458dcdeeed69af1da Mon Sep 17 00:00:00 2001
+From: "Dmitry V. Levin" 
+Date: Mon, 26 Jun 2023 10:00:00 +
+Subject: [PATCH] tests: avoid accept() libc function when tracing accept()
+ syscall
+
+The libc function is allowed to implement accept() using accept4()
+syscall, so migrate to accept4() those tests that trace accept() syscall
+but do not test accept() specifically, and change the test of accept()
+syscall to invoke either __NR_accept or __NR_socketcall(SYS_ACCEPT)
+directly.
+
+* tests/accept_compat.h: Remove.
+* tests/Makefile.am (EXTRA_DIST): Remove accept_compat.h.
+* tests/accept.c [TEST_SYSCALL_NAME]: Do not invoke accept(),
+call __NR_accept or __NR_socketcall if available, or skip the test.
+* tests/net-y-unix.c: Do not include "accept_compat.h".
+(main): Invoke accept4() instead of accept().
+* tests/net-yy-inet.c: Likewise.
+* tests/net-yy-unix.c: Likewise.
+
+Resolves: https://github.com/strace/strace/issues/260
+
+Upstream-Status: Backport
+---
+ tests/Makefile.am |  1 -
+ tests/accept.c| 36 
+ tests/accept_compat.h | 32 
+ tests/net-y-unix.c| 16 
+ tests/net-yy-inet.c   | 12 ++--
+ tests/net-yy-unix.c   | 16 
+ 6 files changed, 42 insertions(+), 71 deletions(-)
+ delete mode 100644 tests/accept_compat.h
+
+Index: strace-6.3/tests/Makefile.am
+===
+--- strace-6.3.orig/tests/Makefile.am
 strace-6.3/tests/Makefile.am
+@@ -776,7 +776,6 @@ check_DATA = \
+   # end of check_DATA
+ 
+ EXTRA_DIST = \
+-  accept_compat.h \
+   attach-p-cmd.h \
+   clock_adjtime-common.c \
+   clock_xettime-common.c \
+Index: strace-6.3/tests/accept.c
+===
+--- strace-6.3.orig/tests/accept.c
 strace-6.3/tests/accept.c
+@@ -9,38 +9,36 @@
+  */
+ 
+ #include "tests.h"
+-
++#include "scno.h"
+ #include 
+ 
+-#include "scno.h"
++#ifndef TEST_SYSCALL_NAME
+ 
+-#if defined __NR_accept
++# if defined __NR_accept || defined __NR_socketcall
+ 
+-# ifndef TEST_SYSCALL_NAME
+ #  define TEST_SYSCALL_NAME do_accept
+-
+-#  ifndef TEST_SYSCALL_STR
+-#   define TEST_SYSCALL_STR "accept"
+-#  endif
++#  define TEST_SYSCALL_STR "accept"
+ 
+ static int
+ do_accept(int sockfd, void *addr, void *addrlen)
+ {
++#  ifdef __NR_accept
+   return syscall(__NR_accept, sockfd, addr, addrlen);
++#  else /* __NR_socketcall */
++  const long args[] = { sockfd, (long) addr, (long) addrlen };
++  return syscall(__NR_socketcall, 5, args);
++#  endif
+ }
+-# endif /* !TEST_SYSCALL_NAME */
+ 
+-#else /* !__NR_accept */
++# endif /* __NR_accept || __NR_socketcall */
+ 
+-# ifndef TEST_SYSCALL_NAME
+-#  define TEST_SYSCALL_NAME accept
+-# endif
++#endif /* !TEST_SYSCALL_NAME */
+ 
+-#endif /* __NR_accept */
++#ifdef TEST_SYSCALL_NAME
+ 
+-#define TEST_SYSCALL_PREPARE connect_un()
++# define TEST_SYSCALL_PREPARE connect_un()
+ static void connect_un(void);
+-#include "sockname.c"
++# include "sockname.c"
+ 
+ static void
+ connect_un(void)
+@@ -90,3 +88,9 @@ main(void)
+   puts("+++ exited with 0 +++");
+   return 0;
+ }
++
++#else
++
++SKIP_MAIN_UNDEFINED("__NR_accept || __NR_socketcall")
++
++#endif
+Index: strace-6.3/tests/accept_compat.h
+===
+--- strace-6.3.orig/tests/accept_compat.h
 /dev/null
+@@ -1,32 +0,0 @@
+-/*
+- * Copyright (c) 2018-2019 The

Re: [OE-core] [PATCH] oeqa/selftest/devtool: add unit test for "devtool add -b"

2023-06-28 Thread Richard Purdie 
On Wed, 2023-06-28 at 09:09 +0200, Yoann Congal wrote:
> From: Fawzi KHABER 
> 
> Fix [Yocto #15085]
> 
> Signed-off-by: Fawzi KHABER 
> Signed-off-by: Yoann Congal 
> ---
>  meta/lib/oeqa/selftest/cases/devtool.py | 23 +++
>  1 file changed, 23 insertions(+)
> 
> diff --git a/meta/lib/oeqa/selftest/cases/devtool.py 
> b/meta/lib/oeqa/selftest/cases/devtool.py
> index 4c8e375d00..c5ed8f5720 100644
> --- a/meta/lib/oeqa/selftest/cases/devtool.py
> +++ b/meta/lib/oeqa/selftest/cases/devtool.py
> @@ -366,6 +366,29 @@ class DevtoolAddTests(DevtoolBase):
>  bindir = bindir[1:]
>  self.assertTrue(os.path.isfile(os.path.join(installdir, bindir, 
> 'pv')), 'pv binary not found in D')
>  
> +def test_devtool_add_binary(self):
> +# Test "devtool add -b" with an arbitrary binary package from Yocto 
> mirrors
> +pn = 'pvr-bin-cdv-devel'
> +pv = '1.0.3-1.1'
> +url = 
> 'http://downloads.yoctoproject.org/mirror/sources/pvr-bin-cdv-devel-1.0.3-1.1.i586.rpm'
> +
> +self.track_for_cleanup(self.workspacedir)
> +self.add_command_to_tearDown('bitbake -c cleansstate %s' % pn)
> +self.add_command_to_tearDown('bitbake-layers remove-layer 
> */workspace')
> +
> +# Test devtool add -b
> +result = runCmd('devtool add  -b %s %s' % (pn, url))
> +self.assertExists(os.path.join(self.workspacedir, 'conf', 
> 'layer.conf'), 'Workspace directory not created')
> +
> +# Test devtool build
> +result = runCmd('devtool build %s' % pn)
> +bb_vars = get_bb_vars(['D', 'bindir'], pn)
> +installdir = bb_vars['D']
> +self.assertTrue(installdir, 'Could not query installdir variable')
> +
> +# Check that a known file from the binary package has indeed been 
> installed
> +self.assertTrue(os.path.isfile(os.path.join(installdir, 'usr', 
> 'include', 'EGL', 'egl.h')), 'egl.h not found in D')
> +
>  def test_devtool_add_git_local(self):
>  # We need dbus built so that DEPENDS recognition works
>  bitbake('dbus')


https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/5437/steps/14/logs/stdio

There are systems where rpm doesn't exist so the test can fail?

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183598): 
https://lists.openembedded.org/g/openembedded-core/message/183598
Mute This Topic: https://lists.openembedded.org/mt/99825616/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][mickledore][PATCH] tiff: backport a fix for CVE-2023-26965

2023-06-28 Thread Nat Bailey via lists.openembedded.org 
Fixes a bug where a buffer was used after a potential reallocation.

Signed-off-by: Natasha Bailey 
---
 .../libtiff/files/CVE-2023-26965.patch| 100 ++
 meta/recipes-multimedia/libtiff/tiff_4.5.0.bb |   1 +
 2 files changed, 101 insertions(+)
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch

diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch 
b/meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch
new file mode 100644
index 00..987ee5178f
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch
@@ -0,0 +1,100 @@
+From ec8ef90c1f573c9eb1f17d6a056aa0015f184acf Mon Sep 17 00:00:00 2001
+From: Su_Laus 
+Date: Tue, 14 Feb 2023 20:43:43 +0100
+Subject: [mickledore][PATCH] tiffcrop: Do not reuse input buffer for
+ subsequent images. Fix issue 527
+
+Reuse of read_buff within loadImage() from previous image is quite unsafe, 
because other functions (like rotateImage() etc.) reallocate that buffer with 
different size without updating the local prev_readsize value.
+
+Closes #527
+
+CVE: CVE-2023-26965
+Upstream-Status: Backport 
[https://gitlab.com/libtiff/libtiff/-/commit/ec8ef90c1f573c9eb1f17d6a056aa0015f184acf?merge_request_iid=472]
+Signed-off-by: Natasha Bailey 
+
+---
+ tools/tiffcrop.c | 47 +--
+ 1 file changed, 13 insertions(+), 34 deletions(-)
+
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index d7ad5ca8..d3e11ba2 100644
+--- a/tools/tiffcrop.c
 b/tools/tiffcrop.c
+@@ -6771,9 +6771,7 @@ static int loadImage(TIFF *in, struct image_data *image, 
struct dump_opts *dump,
+ uint32_t tw = 0, tl = 0; /* Tile width and length */
+ tmsize_t tile_rowsize = 0;
+ unsigned char *read_buff = NULL;
+-unsigned char *new_buff = NULL;
+ int readunit = 0;
+-static tmsize_t prev_readsize = 0;
+ 
+ TIFFGetFieldDefaulted(in, TIFFTAG_BITSPERSAMPLE, );
+ TIFFGetFieldDefaulted(in, TIFFTAG_SAMPLESPERPIXEL, );
+@@ -7097,43 +7095,25 @@ static int loadImage(TIFF *in, struct image_data 
*image, struct dump_opts *dump,
+ }
+ 
+ read_buff = *read_ptr;
+-/* +3 : add a few guard bytes since reverseSamples16bits() can read a bit 
*/
+-/* outside buffer */
+-if (!read_buff)
++/* +3 : add a few guard bytes since reverseSamples16bits() can read a bit
++ * outside buffer */
++/* Reuse of read_buff from previous image is quite unsafe, because other
++ * functions (like rotateImage() etc.) reallocate that buffer with 
different
++ * size without updating the local prev_readsize value. */
++if (read_buff)
+ {
+-if (buffsize > 0xU - 3)
+-{
+-TIFFError("loadImage", "Unable to allocate/reallocate read 
buffer");
+-return (-1);
+-}
+-read_buff =
+-(unsigned char *)limitMalloc(buffsize + NUM_BUFF_OVERSIZE_BYTES);
++_TIFFfree(read_buff);
+ }
+-else
++if (buffsize > 0xU - 3)
+ {
+-if (prev_readsize < buffsize)
+-{
+-if (buffsize > 0xU - 3)
+-{
+-TIFFError("loadImage",
+-  "Unable to allocate/reallocate read buffer");
+-return (-1);
+-}
+-new_buff =
+-_TIFFrealloc(read_buff, buffsize + NUM_BUFF_OVERSIZE_BYTES);
+-if (!new_buff)
+-{
+-free(read_buff);
+-read_buff = (unsigned char *)limitMalloc(
+-buffsize + NUM_BUFF_OVERSIZE_BYTES);
+-}
+-else
+-read_buff = new_buff;
+-}
++TIFFError("loadImage", "Required read buffer size too large");
++return (-1);
+ }
++read_buff =
++(unsigned char *)limitMalloc(buffsize + NUM_BUFF_OVERSIZE_BYTES);
+ if (!read_buff)
+ {
+-TIFFError("loadImage", "Unable to allocate/reallocate read buffer");
++TIFFError("loadImage", "Unable to allocate read buffer");
+ return (-1);
+ }
+ 
+@@ -7141,7 +7121,6 @@ static int loadImage(TIFF *in, struct image_data *image, 
struct dump_opts *dump,
+ read_buff[buffsize + 1] = 0;
+ read_buff[buffsize + 2] = 0;
+ 
+-prev_readsize = buffsize;
+ *read_ptr = read_buff;
+ 
+ /* N.B. The read functions used copy separate plane data into a buffer as
+-- 
+2.39.0
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb 
b/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
index ca4a3eff91..2bde8fe9d6 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
@@ -11,6 +11,7 @@ CVE_PRODUCT = "libtiff"
 SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2022-48281.patch \
file://CVE-2023-2731.patch \
+   file://CVE-2023-26965.patch \
 "
 
 SRC_URI[sha256sum] =

Re: [OE-core][dunfell 3/3] linux-yocto/5.4: update to v5.4.248

2023-06-28 Thread Steve Sakoman 
Sign, same issue here in dunfell :-(

WARNING: linux-yocto-5.4.248+gitAUTOINC+b6e41788ae_d18af0e8ac-r0
do_kernel_configcheck: [kernel config]: This BSP sets config options
that are not offered anywhere within this kernel:

CONFIG_DECNET

Steve

On Thu, Jun 22, 2023 at 1:22 PM  wrote:
>
> From: Bruce Ashfield 
>
> Updating  to the latest korg -stable release that comprises
> the following commits:
>
> f2b499c27a95 Linux 5.4.248
> 1cdc48aaff18 mmc: block: ensure error propagation for non-blk
> de517032ee39 drm/nouveau/kms: Fix NULL pointer dereference in 
> nouveau_connector_detect_depth
> d3f7f557d8a2 neighbour: delete neigh_lookup_nodev as not used
> a433b85d1750 net: Remove unused inline function dst_hold_and_use()
> fbc0209ae3a7 neighbour: Remove unused inline function neigh_key_eq16()
> bc1ea55bf1cf afs: Fix vlserver probe RTT handling
> 98acd5f0ce10 selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
> 1140f8bc29c2 net: tipc: resize nlattr array to correct size
> b83f86ba414c net: lapbether: only support ethernet devices
> ec694ad393cc net/sched: cls_api: Fix lockup on flushing explicitly 
> created chain
> 0456f470fa02 drm/nouveau: add nv_encoder pointer check for NULL
> b1d76d16af2a drm/nouveau/kms: Don't change EDID when it hasn't actually 
> changed
> f654b8a1325f drm/nouveau/dp: check for NULL nv_connector->native_mode
> 2ac7be7718a1 igb: fix nvm.ops.read() error handling
> 44008337f80e sctp: fix an error code in sctp_sf_eat_auth()
> edd3d3dc4849 ipvlan: fix bound dev checking for IPv6 l3s mode
> 6718478c18a4 IB/isert: Fix incorrect release of isert connection
> f8a91a024ab9 IB/isert: Fix possible list corruption in CMA handler
> 8a867ab71302 IB/isert: Fix dead lock in ib_isert
> 22125be516ef IB/uverbs: Fix to consider event queue closing also upon 
> non-blocking mode
> ea4cf04d3f19 iavf: remove mask from iavf_irq_enable_queues()
> 19a500f530c2 RDMA/rxe: Fix the use-before-initialization error of 
> resp_pkts
> 42ab73534583 RDMA/rxe: Removed unused name from rxe_task struct
> f99b6de58b5e RDMA/rxe: Remove the unused variable obj
> 46305daf8064 net/sched: cls_u32: Fix reference counter leak leading to 
> overflow
> 88d6c1958bc0 ping6: Fix send to link-local addresses with VRF.
> 474e0adf29cf netfilter: nfnetlink: skip error delivery on batch in case 
> of ENOMEM
> 67cafcd3e661 spi: fsl-dspi: avoid SCK glitches with continuous transfers
> 8231594e21d1 spi: spi-fsl-dspi: Remove unused chip->void_write_data
> 9d8b388a24c6 usb: dwc3: gadget: Reset num TRBs before giving back the 
> request
> 94e52fac1519 serial: lantiq: add missing interrupt ack
> b577b74f8f83 USB: serial: option: add Quectel EM061KGL series
> 6b1203ae83c3 Remove DECnet support from kernel
> aad6addc17ae ALSA: hda/realtek: Add a quirk for Compaq N14JP6
> def7e17c98f7 net: usb: qmi_wwan: add support for Compal RXM-G1
> 74bd53737372 RDMA/uverbs: Restrict usage of privileged QKEYs
> a8997ffad359 nouveau: fix client work fence deletion race
> 01fd784b0762 powerpc/purgatory: remove PGO flags
> b16bf76b3828 kexec: support purgatories with .text.hot sections
> b27a5fbe3c87 nilfs2: fix possible out-of-bounds segment allocation in 
> resize ioctl
> 0dd2d8331eb4 nilfs2: fix incomplete buffer cleanup in 
> nilfs_btnode_abort_change_key()
> e1fb47f13970 nios2: dts: Fix tse_mac "max-frame-size" property
> 5e531f448e5a ocfs2: check new file size on fallocate call
> f6878da39f47 ocfs2: fix use-after-free when unmounting read-only 
> filesystem
> 82173fde61c7 drm:amd:amdgpu: Fix missing buffer object unlock in failure 
> path
> 63afd766211b xen/blkfront: Only check REQ_FUA for writes
> 27447dada0b5 mips: Move initrd_start check after initrd address 
> sanitisation.
> a365600bba27 MIPS: Alchemy: fix dbdma2
> 6b39b06b8d5b parisc: Flush gatt writes and adjust gatt mask in 
> parisc_agp_mask_memory()
> de873bce06a8 parisc: Improve cache flushing for PCXL in 
> arch_sync_dma_for_cpu()
> 28850d25a62c btrfs: handle memory allocation failure in btrfs_csum_one_bio
> b31586747bae power: supply: Fix logic checking if system is running from 
> battery
> dd8804117d4b irqchip/meson-gpio: Mark OF related data as maybe unused
> 30ade27dbe66 regulator: Fix error checking for debugfs_create_dir
> a12155f0b1b6 platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 
> 0xC0
> d26edc403c0a power: supply: Ratelimit no data debug output
> af44b2ddfc08 ARM: dts: vexpress: add missing cache properties
> bd725832eb50 power: supply: bq27xxx: Use mod_delayed_work() instead of 
> cancel() + schedule()
> 82bfd14f1359 power: supply: sc27xx: Fix external_power_changed race
> 66d5882dcc9f power: supply: ab8500: Fix external_power_changed race
> a8f286bfbc71 s390/dasd: Use correct lock while counting channel queue 
> length
>

[OE-core] [PATCH] sstatesig: Fix pn and taskname derivation in find_siginfo

2023-06-28 Thread Yang Xu via lists.openembedded.org 
From: Yang Xu 

The `bb.siggen.compare_sigfiles` method transforms the key format from
`[mc:mc_name:][virtual:][native:]:` to
`/:[:virtual][:native][:mc:mc_name]`
in `clean_basepaths`. However, `find_siginfo` uses the original format
to get the package name (pn) and task name. This commit corrects the
method for deriving the pn and task name in `find_siginfo`.

Signed-off-by: Yang Xu 
---
 meta/lib/oe/sstatesig.py | 11 +++
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py
index f943df181e..a52dacd1a0 100644
--- a/meta/lib/oe/sstatesig.py
+++ b/meta/lib/oe/sstatesig.py
@@ -321,10 +321,13 @@ def find_siginfo(pn, taskname, taskhashlist, d):
 if not taskname:
 # We have to derive pn and taskname
 key = pn
-splitit = key.split('.bb:')
-taskname = splitit[1]
-pn = os.path.basename(splitit[0]).split('_')[0]
-if key.startswith('virtual:native:'):
+if key.count(":") >= 2:
+splitit,taskname,affix = key.split(":", 2)
+else:
+splitit,taskname = key.split(":", 1)
+affix = ""
+pn = os.path.splitext(os.path.basename(splitit))[0].split('_')[0]
+if affix.startswith('virtual:native'):
 pn = pn + '-native'
 
 hashfiles = {}
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183595): 
https://lists.openembedded.org/g/openembedded-core/message/183595
Mute This Topic: https://lists.openembedded.org/mt/99833800/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] bonnie++: New recipe for version 2.0

2023-06-28 Thread Alexander Kanavin 
I think this is actually for meta-oe?

Alex

On Wed 28. Jun 2023 at 17.16, Alexandre Belloni via lists.openembedded.org
 wrote:

> Hello,
>
> On 26/06/2023 14:00:32+0200, Jörg Sommer via lists.openembedded.org wrote:
> > Newer versions of bonnie get published on
> > . Unfortunately, the new
> version
> > doesn't compile with g++ 11 which requires *fix-csv2html-data.patch* and
> > configure fails due to cross compilation which gets fixed
> > with *fix-configure-lfs.patch*
> >
> > Signed-off-by: Jörg Sommer 
> > ---
> >  .../bonnie/bonnie++/fix-configure-lfs.patch   |  37 
> >  .../bonnie/bonnie++/fix-csv2html-data.patch   | 181 ++
> >  .../bonnie/bonnie++_2.00a.bb  |  33 
> >  3 files changed, 251 insertions(+)
> >  create mode 100644
> meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch
> >  create mode 100644
> meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch
> >  create mode 100644 meta-oe/recipes-benchmark/bonnie/bonnie++_2.00a.bb
>
> You certainly need to add a maintainers.inc entry for this new recipes,
> else oe-selftest is going to complain.
>
> >
> > diff --git
> a/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch
> b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch
> > new file mode 100644
> > index 00..d28e28658c
> > --- /dev/null
> > +++ b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch
> > @@ -0,0 +1,37 @@
> > +diff --git i/configure.in w/configure.in
> > +index 080e40c..f2a2bbe 100644
> > +--- i/configure.in
> >  w/configure.in
> > +@@ -82,8 +82,15 @@ void * thread_func(void * param) { return NULL; }
> > +   , thread_ldflags="-lpthread"
> > +   , thread_ldflags="-pthread")
> > +
> > +-AC_SUBST(large_file)
> > +-AC_TRY_RUN([#ifndef _LARGEFILE64_SOURCE
> > ++AC_ARG_ENABLE(lfs,
> > ++  [  --disable-lfs  disable large file support],
> > ++  LFS_CHOICE=$enableval, LFS_CHOICE=check)
> > ++
> > ++if test "$LFS_CHOICE" = yes; then
> > ++   bonniepp_cv_large_file=yes
> > ++elif test "$LFS_CHOICE" = check; then
> > ++   AC_CACHE_CHECK([whether to enable -D_LARGEFILE64_SOURCE],
> bonniepp_cv_large_file,
> > ++  AC_TRY_RUN([#ifndef _LARGEFILE64_SOURCE
> > + #define _LARGEFILE64_SOURCE
> > + #endif
> > + #include 
> > +@@ -118,8 +125,12 @@ int main () {
> > +   }
> > +   close(fd);
> > +   return 0;
> > +-}], large_file="yes")
> > +-if [[ -n "$large_file" ]]; then
> > ++}], bonniepp_cv_large_file="yes"))
> > ++fi
> > ++
> > ++AC_SUBST(large_file)
> > ++
> > ++if [[ -n "$bonniepp_cv_large_file" ]]; then
> > +large_file="#define _LARGEFILE64_SOURCE"
> > + fi
> > +
> > diff --git
> a/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch
> b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch
> > new file mode 100644
> > index 00..78ac347aa8
> > --- /dev/null
> > +++ b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch
> > @@ -0,0 +1,181 @@
> > +commit 7e9433a56f22426b11cbc9bd80e0debca67c893b
> > +Author: Jörg Sommer 
> > +Date:   Mon Jun 26 12:38:30 2023 +0200
> > +
> > +csv2html: Explicitly reference data in top level
> > +
> > +With g++ 11 *data* became ambiguous with [std::data][1]. Therefore
> it's
> > +needed to explicitly address the variable from the top level scope.
> > +
> > +[1] https://en.cppreference.com/w/cpp/iterator/data
> > +
> > +diff --git a/bon_csv2html.cpp b/bon_csv2html.cpp
> > +index e9d9c50..652e330 100644
> > +--- a/bon_csv2html.cpp
> >  b/bon_csv2html.cpp
> > +@@ -87,8 +87,8 @@ int main(int argc, char **argv)
> > + read_in(buf);
> > +   }
> > +
> > +-  props = new PPCCHAR[data.size()];
> > +-  for(i = 0; i < data.size(); i++)
> > ++  props = new PPCCHAR[::data.size()];
> > ++  for(i = 0; i < ::data.size(); i++)
> > +   {
> > + props[i] = new PCCHAR[MAX_ITEMS];
> > + props[i][0] = NULL;
> > +@@ -109,7 +109,7 @@ int main(int argc, char **argv)
> > +   }
> > +   calc_vals();
> > +   int mid_width = header();
> > +-  for(i = 0; i < data.size(); i++)
> > ++  for(i = 0; i < ::data.size(); i++)
> > +   {
> > + // First print the average speed line
> > + printf("");
> > +@@ -171,23 +171,23 @@ int compar(const void *a, const void *b)
> > +
> > + void calc_vals()
> > + {
> > +-  ITEM *arr = new ITEM[data.size()];
> > ++  ITEM *arr = new ITEM[::data.size()];
> > +   for(unsigned int column_ind = 0; column_ind < MAX_ITEMS;
> column_ind++)
> > +   {
> > + switch(vals[column_ind])
> > + {
> > + case eNoCols:
> > + {
> > +-  for(unsigned int row_ind = 0; row_ind < data.size(); row_ind++)
> > ++  for(unsigned int row_ind = 0; row_ind < ::data.size(); row_ind++)
> > +   {
> > + if(column_ind == COL_CONCURRENCY)
> > + {
> > +-  if(data[row_ind][column_ind] && strcmp("1",
> data[row_ind][column_ind]))
> > ++  if(::data[row_ind][column_ind] && strcmp("1",
>

Re: [OE-core][dunfell][PATCH] go: Fix CVE-2023-29400

2023-06-28 Thread Steve Sakoman 
Hi Ashish,

Unfortunately I'm getting fuzz warnings with your patch:

WARNING: go-native-1.14.15-r0 do_patch: Fuzz detected:

Applying patch CVE-2023-29400.patch
patching file src/html/template/escape.go
Hunk #1 succeeded at 360 (offset -22 lines).
patching file src/html/template/escape_test.go
patching file src/html/template/html.go
Hunk #1 succeeded at 14 with fuzz 2.

Please correct and send a v2.

Thanks!

Steve

On Tue, Jun 27, 2023 at 1:23 AM Ashish Sharma  wrote:
>
> emit filterFailsafe for empty unquoted attr
> value
>
> Signed-off-by: Ashish Sharma 
> ---
>  meta/recipes-devtools/go/go-1.14.inc  |  1 +
>  .../go/go-1.14/CVE-2023-29400.patch   | 93 +++
>  2 files changed, 94 insertions(+)
>  create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29400.patch
>
> diff --git a/meta/recipes-devtools/go/go-1.14.inc 
> b/meta/recipes-devtools/go/go-1.14.inc
> index c544b00b22d..1e0c3fab6fa 100644
> --- a/meta/recipes-devtools/go/go-1.14.inc
> +++ b/meta/recipes-devtools/go/go-1.14.inc
> @@ -66,6 +66,7 @@ SRC_URI += "\
>  file://CVE-2023-24538-3.patch \
>  file://CVE-2023-24539.patch \
>  file://CVE-2023-24540.patch \
> +file://CVE-2023-29400.patch \
>  "
>
>  SRC_URI_append_libc-musl = " 
> file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
> diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-29400.patch 
> b/meta/recipes-devtools/go/go-1.14/CVE-2023-29400.patch
> new file mode 100644
> index 000..cb0419a920e
> --- /dev/null
> +++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-29400.patch
> @@ -0,0 +1,93 @@
> +From 0d347544cbca0f42b160424f6bc2458ebcc7b3fc Mon Sep 17 00:00:00 2001
> +From: Roland Shoemaker 
> +Date: Thu, 13 Apr 2023 14:01:50 -0700
> +Subject: [PATCH] html/template: emit filterFailsafe for empty unquoted attr
> + value
> +
> +An unquoted action used as an attribute value can result in unsafe
> +behavior if it is empty, as HTML normalization will result in unexpected
> +attributes, and may allow attribute injection. If executing a template
> +results in a empty unquoted attribute value, emit filterFailsafe
> +instead.
> +
> +Thanks to Juho Nurminen of Mattermost for reporting this issue.
> +
> +Fixes #59722
> +Fixes CVE-2023-29400
> +
> +Change-Id: Ia38d1b536ae2b4af5323a6c6d861e3c057c2570a
> +Reviewed-on: 
> https://team-review.git.corp.google.com/c/golang/go-private/+/1826631
> +Reviewed-by: Julie Qiu 
> +Run-TryBot: Roland Shoemaker 
> +Reviewed-by: Damien Neil 
> +Reviewed-on: https://go-review.googlesource.com/c/go/+/491617
> +Run-TryBot: Carlos Amedee 
> +Reviewed-by: Dmitri Shuralyov 
> +Reviewed-by: Dmitri Shuralyov 
> +TryBot-Result: Gopher Robot 
> +
> +Upstream-Status: Backport from 
> [https://github.com/golang/go/commit/0d347544cbca0f42b160424f6bc2458ebcc7b3fc]
> +CVE: CVE-2023-29400
> +Signed-off-by: Ashish Sharma 
> +---
> + src/html/template/escape.go  |  5 ++---
> + src/html/template/escape_test.go | 15 +++
> + src/html/template/html.go|  3 +++
> + 3 files changed, 20 insertions(+), 3 deletions(-)
> +
> +diff --git a/src/html/template/escape.go b/src/html/template/escape.go
> +index 4ba1d6b31897e..a62ef159f0dcd 100644
> +--- a/src/html/template/escape.go
>  b/src/html/template/escape.go
> +@@ -382,9 +382,8 @@ func normalizeEscFn(e string) string {
> + // for all x.
> + var redundantFuncs = map[string]map[string]bool{
> +   "_html_template_commentescaper": {
> +-  "_html_template_attrescaper":true,
> +-  "_html_template_nospaceescaper": true,
> +-  "_html_template_htmlescaper":true,
> ++  "_html_template_attrescaper": true,
> ++  "_html_template_htmlescaper": true,
> +   },
> +   "_html_template_cssescaper": {
> +   "_html_template_attrescaper": true,
> +diff --git a/src/html/template/escape_test.go 
> b/src/html/template/escape_test.go
> +index 3dd212bac9406..f8b2b448f2dfa 100644
> +--- a/src/html/template/escape_test.go
>  b/src/html/template/escape_test.go
> +@@ -678,6 +678,21 @@ func TestEscape(t *testing.T) {
> +   ` srcset={{""}}>`,
> +   ` srcset=>`,
> +   },
> ++  {
> ++  "unquoted empty attribute value (plaintext)",
> ++  "",
> ++  "",
> ++  },
> ++  {
> ++  "unquoted empty attribute value (url)",
> ++  "",
> ++  "",
> ++  },
> ++  {
> ++  "quoted empty attribute value",
> ++  "",
> ++  "",
> ++  },
> +   }
> +
> +   for _, test := range tests {
> +diff --git a/src/html/template/html.go b/src/html/template/html.go
> +index bcca0b51a0ef9..a181699a5bda8 100644
> +---

Re: [OE-core] [PATCH] bonnie++: New recipe for version 2.0

2023-06-28 Thread Alexandre Belloni via lists.openembedded.org 
Hello,

On 26/06/2023 14:00:32+0200, Jörg Sommer via lists.openembedded.org wrote:
> Newer versions of bonnie get published on
> . Unfortunately, the new version
> doesn't compile with g++ 11 which requires *fix-csv2html-data.patch* and
> configure fails due to cross compilation which gets fixed
> with *fix-configure-lfs.patch*
> 
> Signed-off-by: Jörg Sommer 
> ---
>  .../bonnie/bonnie++/fix-configure-lfs.patch   |  37 
>  .../bonnie/bonnie++/fix-csv2html-data.patch   | 181 ++
>  .../bonnie/bonnie++_2.00a.bb  |  33 
>  3 files changed, 251 insertions(+)
>  create mode 100644 
> meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch
>  create mode 100644 
> meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch
>  create mode 100644 meta-oe/recipes-benchmark/bonnie/bonnie++_2.00a.bb

You certainly need to add a maintainers.inc entry for this new recipes,
else oe-selftest is going to complain.

> 
> diff --git 
> a/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch 
> b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch
> new file mode 100644
> index 00..d28e28658c
> --- /dev/null
> +++ b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-configure-lfs.patch
> @@ -0,0 +1,37 @@
> +diff --git i/configure.in w/configure.in
> +index 080e40c..f2a2bbe 100644
> +--- i/configure.in
>  w/configure.in
> +@@ -82,8 +82,15 @@ void * thread_func(void * param) { return NULL; }
> +   , thread_ldflags="-lpthread"
> +   , thread_ldflags="-pthread")
> + 
> +-AC_SUBST(large_file)
> +-AC_TRY_RUN([#ifndef _LARGEFILE64_SOURCE
> ++AC_ARG_ENABLE(lfs,
> ++  [  --disable-lfs  disable large file support],
> ++  LFS_CHOICE=$enableval, LFS_CHOICE=check)
> ++
> ++if test "$LFS_CHOICE" = yes; then
> ++   bonniepp_cv_large_file=yes
> ++elif test "$LFS_CHOICE" = check; then
> ++   AC_CACHE_CHECK([whether to enable -D_LARGEFILE64_SOURCE], 
> bonniepp_cv_large_file,
> ++  AC_TRY_RUN([#ifndef _LARGEFILE64_SOURCE
> + #define _LARGEFILE64_SOURCE
> + #endif
> + #include 
> +@@ -118,8 +125,12 @@ int main () {
> +   }
> +   close(fd);
> +   return 0;
> +-}], large_file="yes")
> +-if [[ -n "$large_file" ]]; then
> ++}], bonniepp_cv_large_file="yes"))
> ++fi
> ++
> ++AC_SUBST(large_file)
> ++
> ++if [[ -n "$bonniepp_cv_large_file" ]]; then
> +large_file="#define _LARGEFILE64_SOURCE"
> + fi
> + 
> diff --git 
> a/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch 
> b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch
> new file mode 100644
> index 00..78ac347aa8
> --- /dev/null
> +++ b/meta-oe/recipes-benchmark/bonnie/bonnie++/fix-csv2html-data.patch
> @@ -0,0 +1,181 @@
> +commit 7e9433a56f22426b11cbc9bd80e0debca67c893b
> +Author: Jörg Sommer 
> +Date:   Mon Jun 26 12:38:30 2023 +0200
> +
> +csv2html: Explicitly reference data in top level
> +
> +With g++ 11 *data* became ambiguous with [std::data][1]. Therefore it's
> +needed to explicitly address the variable from the top level scope.
> +
> +[1] https://en.cppreference.com/w/cpp/iterator/data
> +
> +diff --git a/bon_csv2html.cpp b/bon_csv2html.cpp
> +index e9d9c50..652e330 100644
> +--- a/bon_csv2html.cpp
>  b/bon_csv2html.cpp
> +@@ -87,8 +87,8 @@ int main(int argc, char **argv)
> + read_in(buf);
> +   }
> + 
> +-  props = new PPCCHAR[data.size()];
> +-  for(i = 0; i < data.size(); i++)
> ++  props = new PPCCHAR[::data.size()];
> ++  for(i = 0; i < ::data.size(); i++)
> +   {
> + props[i] = new PCCHAR[MAX_ITEMS];
> + props[i][0] = NULL;
> +@@ -109,7 +109,7 @@ int main(int argc, char **argv)
> +   }
> +   calc_vals();
> +   int mid_width = header();
> +-  for(i = 0; i < data.size(); i++)
> ++  for(i = 0; i < ::data.size(); i++)
> +   {
> + // First print the average speed line
> + printf("");
> +@@ -171,23 +171,23 @@ int compar(const void *a, const void *b)
> + 
> + void calc_vals()
> + {
> +-  ITEM *arr = new ITEM[data.size()];
> ++  ITEM *arr = new ITEM[::data.size()];
> +   for(unsigned int column_ind = 0; column_ind < MAX_ITEMS; column_ind++)
> +   {
> + switch(vals[column_ind])
> + {
> + case eNoCols:
> + {
> +-  for(unsigned int row_ind = 0; row_ind < data.size(); row_ind++)
> ++  for(unsigned int row_ind = 0; row_ind < ::data.size(); row_ind++)
> +   {
> + if(column_ind == COL_CONCURRENCY)
> + {
> +-  if(data[row_ind][column_ind] && strcmp("1", 
> data[row_ind][column_ind]))
> ++  if(::data[row_ind][column_ind] && strcmp("1", 
> ::data[row_ind][column_ind]))
> + col_used[column_ind] = true;
> + }
> + else
> + {
> +-  if(data[row_ind][column_ind] && strlen(data[row_ind][column_ind]))
> ++  if(::data[row_ind][column_ind] && 
> strlen(::data[row_ind][column_ind]))
> + col_used[column_ind] = true;
> + }
> +   }
> +@@ -195,22

[OE-core] [PATCH 4/4] time64.inc: annotate and clean up recipe-specific Y2038 exceptions

2023-06-28 Thread Alexander Kanavin 
Additionally:
- drop pseudo from INSANE_SKIP for 32bit time API check
(pseudo passes the check; it's not clear where the issue may have been)

- move rust exceptions to the cargo class, as the problem
is common across the ecosystem, and needs to be fixed in the
libc crate.

Signed-off-by: Alexander Kanavin 
---
 meta/classes-recipe/cargo_common.bbclass | 12 
 meta/conf/distro/include/time64.inc  | 19 +++
 2 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/meta/classes-recipe/cargo_common.bbclass 
b/meta/classes-recipe/cargo_common.bbclass
index 1ca0be471ce..db54826ddb6 100644
--- a/meta/classes-recipe/cargo_common.bbclass
+++ b/meta/classes-recipe/cargo_common.bbclass
@@ -174,3 +174,15 @@ oe_cargo_fix_env () {
 EXTRA_OECARGO_PATHS ??= ""
 
 EXPORT_FUNCTIONS do_configure
+
+# The culprit for this setting is the libc crate,
+# which as of Jun 2023 calls directly into 32 bit time functions in glibc,
+# bypassing all of glibc provisions to choose the right Y2038-safe functions. 
As
+# rust components statically link with that crate, pretty much everything
+# is affected, and so there's no point trying to have recipe-specific
+# INSANE_SKIP entries.
+#
+# Upstream ticket and PR:
+# https://github.com/rust-lang/libc/issues/3223
+# https://github.com/rust-lang/libc/pull/3175
+INSANE_SKIP:append = " 32bit-time"
diff --git a/meta/conf/distro/include/time64.inc 
b/meta/conf/distro/include/time64.inc
index a0cee4fad67..bc0c72226ba 100644
--- a/meta/conf/distro/include/time64.inc
+++ b/meta/conf/distro/include/time64.inc
@@ -27,22 +27,25 @@ GLIBC_64BIT_TIME_FLAGS:pn-glibc-testsuite = ""
 GLIBC_64BIT_TIME_FLAGS:pn-pipewire = ""
 # Pulseaudio override certain LFS64 functions e.g. open64 and intentionally
 # undefines _FILE_OFFSET_BITS, which wont work when _TIME_BITS=64 is set
+# See https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/issues/3770
 GLIBC_64BIT_TIME_FLAGS:pn-pulseaudio = ""
+# Undefines _FILE_OFFSET_BITS on purpose in
+# libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cpp
 GLIBC_64BIT_TIME_FLAGS:pn-gcc-sanitizers = ""
 # https://github.com/strace/strace/issues/250
 GLIBC_64BIT_TIME_FLAGS:pn-strace = ""
 
-INSANE_SKIP:append:pn-cargo = " 32bit-time"
+# Caused by the flags exceptions above
 INSANE_SKIP:append:pn-gcc-sanitizers = " 32bit-time"
 INSANE_SKIP:append:pn-glibc = " 32bit-time"
 INSANE_SKIP:append:pn-glibc-tests = " 32bit-time"
-INSANE_SKIP:append:pn-librsvg = " 32bit-time"
-INSANE_SKIP:append:pn-libstd-rs = " 32bit-time"
-INSANE_SKIP:append:pn-pseudo = " 32bit-time"
 INSANE_SKIP:append:pn-pulseaudio = " 32bit-time"
-INSANE_SKIP:append:pn-python3-bcrypt = " 32bit-time"
-INSANE_SKIP:append:pn-python3-cryptography = " 32bit-time"
-INSANE_SKIP:append:pn-rust = " 32bit-time"
-INSANE_SKIP:append:pn-rust-hello-world = " 32bit-time"
+
+# Strace has tests that call 32 bit API directly, which is fair enough, e.g.
+# /usr/lib/strace/ptest/tests/ioctl_termios uses 32-bit api 'ioctl'
 INSANE_SKIP:append:pn-strace = " 32bit-time"
 
+# Additionally cargo_common class (i.e. everything written in rust)
+# has the same INSANE_SKIP setting.
+# Please check the comment in meta/classes-recipe/cargo_common.bbclass
+# for information about why, and the overall Y2038 situation in rust.
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183591): 
https://lists.openembedded.org/g/openembedded-core/message/183591
Mute This Topic: https://lists.openembedded.org/mt/99832334/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 2/4] webkitgtk: update 2.38.5 -> 2.40.2

2023-06-28 Thread Alexander Kanavin 
Drop backports.

Add extra options that require additional dependencies, and fail without them.

Disable the recipe on ancient x86 without SSE support; SSE is now
required.

Signed-off-by: Alexander Kanavin 
---
 meta/recipes-gnome/epiphany/epiphany_43.1.bb  |  3 ++
 ...tCore-CMakeLists.txt-ensure-reproduc.patch | 28 +
 ...44e17d258106617b0e6d783d073b188a2548.patch | 42 ---
 ...290ab4ab35258a6da9b13795c9b0f7894bf4.patch | 41 ++
 ...0b55f52ff8b883296f4845269e2ed746acb3.patch | 37 
 ...bb461f040b90453bc4e100dcf967243ecd98.patch | 30 -
 ...ebkitgtk_2.38.5.bb => webkitgtk_2.40.2.bb} | 16 ---
 7 files changed, 111 insertions(+), 86 deletions(-)
 create mode 100644 
meta/recipes-sato/webkit/webkitgtk/0001-Source-JavaScriptCore-CMakeLists.txt-ensure-reproduc.patch
 create mode 100644 
meta/recipes-sato/webkit/webkitgtk/4977290ab4ab35258a6da9b13795c9b0f7894bf4.patch
 delete mode 100644 
meta/recipes-sato/webkit/webkitgtk/93920b55f52ff8b883296f4845269e2ed746acb3.patch
 delete mode 100644 
meta/recipes-sato/webkit/webkitgtk/d318bb461f040b90453bc4e100dcf967243ecd98.patch
 rename meta/recipes-sato/webkit/{webkitgtk_2.38.5.bb => webkitgtk_2.40.2.bb} 
(90%)

diff --git a/meta/recipes-gnome/epiphany/epiphany_43.1.bb 
b/meta/recipes-gnome/epiphany/epiphany_43.1.bb
index ea22723a97a..c97ede459da 100644
--- a/meta/recipes-gnome/epiphany/epiphany_43.1.bb
+++ b/meta/recipes-gnome/epiphany/epiphany_43.1.bb
@@ -38,3 +38,6 @@ PACKAGECONFIG[developer-mode] = 
"-Ddeveloper_mode=true,-Ddeveloper_mode=false"
 
 FILES:${PN} += "${datadir}/dbus-1 ${datadir}/gnome-shell/search-providers 
${datadir}/metainfo"
 RDEPENDS:${PN} = "iso-codes adwaita-icon-theme gsettings-desktop-schemas"
+
+# ANGLE requires SSE support as of webkit 2.40.x on 32 bit x86
+COMPATIBLE_HOST:x86 = "${@bb.utils.contains_any('TUNE_FEATURES', 'core2 
corei7', '.*', 'null', d)}"
diff --git 
a/meta/recipes-sato/webkit/webkitgtk/0001-Source-JavaScriptCore-CMakeLists.txt-ensure-reproduc.patch
 
b/meta/recipes-sato/webkit/webkitgtk/0001-Source-JavaScriptCore-CMakeLists.txt-ensure-reproduc.patch
new file mode 100644
index 000..bbe265059d5
--- /dev/null
+++ 
b/meta/recipes-sato/webkit/webkitgtk/0001-Source-JavaScriptCore-CMakeLists.txt-ensure-reproduc.patch
@@ -0,0 +1,28 @@
+From cd65e3d9256a4f6eb7906a9f10678c29a4ffef2f Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin 
+Date: Mon, 26 Jun 2023 14:30:02 +0200
+Subject: [PATCH] Source/JavaScriptCore/CMakeLists.txt: ensure reproducibility
+ of __TIMESTAMP__
+
+__TIMESTAMP__ refers to mtime of the file that contains it, which is unstable
+and breaks binary reproducibility when the file is generated at build time. To 
ensure
+this does not happen, mtime should be set from the original file.
+
+Upstream-Status: Submitted [https://github.com/WebKit/WebKit/pull/15293]
+Signed-off-by: Alexander Kanavin 
+---
+ Source/JavaScriptCore/CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/Source/JavaScriptCore/CMakeLists.txt 
b/Source/JavaScriptCore/CMakeLists.txt
+index 43dc22ff..c2e3b1cd 100644
+--- a/Source/JavaScriptCore/CMakeLists.txt
 b/Source/JavaScriptCore/CMakeLists.txt
+@@ -159,6 +159,7 @@ add_custom_command(
+ OUTPUT ${JavaScriptCore_DERIVED_SOURCES_DIR}/JSCBytecodeCacheVersion.cpp
+ MAIN_DEPENDENCY 
${JAVASCRIPTCORE_DIR}/runtime/JSCBytecodeCacheVersion.cpp.in
+ COMMAND ${PERL_EXECUTABLE} -pe s/CACHED_TYPES_CKSUM/__TIMESTAMP__/ 
${JAVASCRIPTCORE_DIR}/runtime/JSCBytecodeCacheVersion.cpp.in > 
${JavaScriptCore_DERIVED_SOURCES_DIR}/JSCBytecodeCacheVersion.cpp
++COMMAND touch -r 
${JAVASCRIPTCORE_DIR}/runtime/JSCBytecodeCacheVersion.cpp.in 
${JavaScriptCore_DERIVED_SOURCES_DIR}/JSCBytecodeCacheVersion.cpp
+ VERBATIM
+ )
+ 
diff --git 
a/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch
 
b/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch
index 32f92f7ff5f..34e0ff9af38 100644
--- 
a/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch
+++ 
b/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch
@@ -1,8 +1,8 @@
-From 0d3344e17d258106617b0e6d783d073b188a2548 Mon Sep 17 00:00:00 2001
+From 647c93de99a0f71f478d76a4cc7714eba7ba1447 Mon Sep 17 00:00:00 2001
 From: Adrian Perez de Castro 
 Date: Thu, 2 Jun 2022 11:19:06 +0300
-Subject: [PATCH] [ARM][NEON] FELightningNEON.cpp fails to build, NEON fast
- path seems unused https://bugs.webkit.org/show_bug.cgi?id=241182
+Subject: [PATCH] FELightningNEON.cpp fails to build, NEON fast path seems
+ unused https://bugs.webkit.org/show_bug.cgi?id=241182
 
 Reviewed by NOBODY (OOPS!).
 
@@ -30,19 +30,21 @@ left for a follow-up fix.
 * Source/WebCore/platform/graphics/filters/PointLightSource.h:
 * Source/WebCore/platform/graphics/filters/SpotLightSource.h:
 * 
Source/WebCore/platform/graphics/filters/software/FELightingSoftwareApplier.h:

+

[OE-core] [PATCH 3/4] python3-cryptography: update a patch to upstream's better followup fix

2023-06-28 Thread Alexander Kanavin 
Signed-off-by: Alexander Kanavin 
---
 ...-directory-when-cross-compiling-9129.patch | 52 +++
 ...i-substitute-include-path-from-targe.patch | 29 ---
 .../python/python3-cryptography_41.0.1.bb |  2 +-
 3 files changed, 53 insertions(+), 30 deletions(-)
 create mode 100644 
meta/recipes-devtools/python/python3-cryptography/0001-Fix-include-directory-when-cross-compiling-9129.patch
 delete mode 100644 
meta/recipes-devtools/python/python3-cryptography/0001-cryptography-cffi-substitute-include-path-from-targe.patch

diff --git 
a/meta/recipes-devtools/python/python3-cryptography/0001-Fix-include-directory-when-cross-compiling-9129.patch
 
b/meta/recipes-devtools/python/python3-cryptography/0001-Fix-include-directory-when-cross-compiling-9129.patch
new file mode 100644
index 000..d720359ded7
--- /dev/null
+++ 
b/meta/recipes-devtools/python/python3-cryptography/0001-Fix-include-directory-when-cross-compiling-9129.patch
@@ -0,0 +1,52 @@
+From 2f9cd402d3293f6efe0f3ac06f17c6c14edbed86 Mon Sep 17 00:00:00 2001
+From: James Hilliard 
+Date: Sun, 25 Jun 2023 17:39:19 -0600
+Subject: [PATCH] Fix include directory when cross compiling (#9129)
+
+Upstream-Status: Backport [https://github.com/pyca/cryptography/pull/9129]
+Signed-off-by: Alexander Kanavin 
+---
+ src/rust/cryptography-cffi/build.rs | 14 +++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/src/rust/cryptography-cffi/build.rs 
b/src/rust/cryptography-cffi/build.rs
+index 07590ad2e..384af1ddb 100644
+--- a/src/rust/cryptography-cffi/build.rs
 b/src/rust/cryptography-cffi/build.rs
+@@ -47,9 +47,14 @@ fn main() {
+ )
+ .unwrap();
+ println!("cargo:rustc-cfg=python_implementation=\"{}\"", python_impl);
+-let python_include = run_python_script(
++let python_includes = run_python_script(
+ ,
+-"import sysconfig; print(sysconfig.get_path('include'), end='')",
++"import os; \
++ import setuptools.dist; \
++ import setuptools.command.build_ext; \
++ b = 
setuptools.command.build_ext.build_ext(setuptools.dist.Distribution()); \
++ b.finalize_options(); \
++ print(os.pathsep.join(b.include_dirs), end='')",
+ )
+ .unwrap();
+ let openssl_include =
+@@ -59,12 +64,15 @@ fn main() {
+ let mut build = cc::Build::new();
+ build
+ .file(openssl_c)
+-.include(python_include)
+ .include(openssl_include)
+ .flag_if_supported("-Wconversion")
+ .flag_if_supported("-Wno-error=sign-conversion")
+ .flag_if_supported("-Wno-unused-parameter");
+ 
++for python_include in env::split_paths(_includes) {
++build.include(python_include);
++}
++
+ // Enable abi3 mode if we're not using PyPy.
+ if python_impl != "PyPy" {
+ // cp37 (Python 3.7 to help our grep when we some day drop 3.7 
support)
+-- 
+2.30.2
+
diff --git 
a/meta/recipes-devtools/python/python3-cryptography/0001-cryptography-cffi-substitute-include-path-from-targe.patch
 
b/meta/recipes-devtools/python/python3-cryptography/0001-cryptography-cffi-substitute-include-path-from-targe.patch
deleted file mode 100644
index 1a60abada79..000
--- 
a/meta/recipes-devtools/python/python3-cryptography/0001-cryptography-cffi-substitute-include-path-from-targe.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 04aac6c88152088778c6551dfa86b2fc446dc61c Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin 
-Date: Mon, 19 Jun 2023 13:27:28 +0200
-Subject: [PATCH] cryptography-cffi: substitute include path from target
- sysroot
-
-Upstream-Status: Accepted [https://github.com/pyca/cryptography/pull/9105]
-
-Signed-off-by: Alexander Kanavin 

- src/rust/cryptography-cffi/build.rs | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/rust/cryptography-cffi/build.rs 
b/src/rust/cryptography-cffi/build.rs
-index 4a40990..08abb95 100644
 a/src/rust/cryptography-cffi/build.rs
-+++ b/src/rust/cryptography-cffi/build.rs
-@@ -48,7 +48,7 @@ fn main() {
- println!("cargo:rustc-cfg=python_implementation=\"{}\"", python_impl);
- let python_include = run_python_script(
- ,
--"import sysconfig; print(sysconfig.get_path('include'), end='')",
-+"import sysconfig; print(sysconfig.get_config_var('INCLUDEPY'), 
end='')",
- )
- .unwrap();
- let openssl_include =
--- 
-2.30.2
-
diff --git a/meta/recipes-devtools/python/python3-cryptography_41.0.1.bb 
b/meta/recipes-devtools/python/python3-cryptography_41.0.1.bb
index fc4f70246be..494ca233f00 100644
--- a/meta/recipes-devtools/python/python3-cryptography_41.0.1.bb
+++ b/meta/recipes-devtools/python/python3-cryptography_41.0.1.bb
@@ -11,7 +11,7 @@ LDSHARED += "-pthread"
 SRC_URI[sha256sum] = 
"d34579085401d3f49762d2f7d6634d6b6c2ae1242202e860f4d26b046e3a1006"
 
 SRC_URI += "file://0001-pyproject.toml-remove-benchmark-disable-option.patch \
-

[OE-core] [PATCH 1/4] gstreamer1.0-plugins-base: enable glx/opengl support

2023-06-28 Thread Alexander Kanavin 
This is required by latest webkit when built with x11 support.

Signed-off-by: Alexander Kanavin 
---
 .../gstreamer/gstreamer1.0-plugins-base_1.22.4.bb   | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git 
a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.4.bb 
b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.4.bb
index 7b78c7d5c90..3c0cb7dc6cf 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.4.bb
@@ -21,7 +21,8 @@ inherit gobject-introspection
 
 # opengl packageconfig factored out to make it easy for distros
 # and BSP layers to choose OpenGL APIs/platforms/window systems
-PACKAGECONFIG_GL ?= "${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gles2 
egl', '', d)}"
+PACKAGECONFIG_X11 = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'opengl 
glx', '', d)}"
+PACKAGECONFIG_GL ?= "${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gles2 
egl ${PACKAGECONFIG_X11}', '', d)}"
 
 PACKAGECONFIG ??= " \
 ${GSTREAMER_ORC} \
@@ -32,7 +33,7 @@ PACKAGECONFIG ??= " \
 "
 
 OPENGL_APIS = 'opengl gles2'
-OPENGL_PLATFORMS = 'egl'
+OPENGL_PLATFORMS = 'egl glx'
 
 X11DEPENDS = "virtual/libx11 libsm libxrender libxv"
 X11ENABLEOPTS = "-Dx11=enabled -Dxvideo=enabled -Dxshm=enabled"
@@ -61,6 +62,7 @@ PACKAGECONFIG[gles2]= ",,virtual/libgles2"
 
 # OpenGL platform packageconfigs
 PACKAGECONFIG[egl]  = ",,virtual/egl"
+PACKAGECONFIG[glx]  = ",,virtual/libgl"
 
 # OpenGL window systems (except for X11)
 PACKAGECONFIG[gbm]  = ",,virtual/libgbm libgudev libdrm"
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183588): 
https://lists.openembedded.org/g/openembedded-core/message/183588
Mute This Topic: https://lists.openembedded.org/mt/99832331/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] ptest-runner: Pull in sync fix to improve log warnings

2023-06-28 Thread Alexander Kanavin 
There's an open issue for it as well:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=15154

Alex

On Wed, 28 Jun 2023 at 16:24, Alexander Kanavin via
lists.openembedded.org 
wrote:
>
> This appears to have regressed glib-2.0 ptest, particularly:
> Failed ptests:
> {'glib-2.0': ['glib/codegen.py.test']}
> https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/5273/steps/12/logs/stdio
>
> I didn't yet got to the root cause, just wanted to register where it
> happened. Note that the ptest passes when run directly and fails only
> under ptest-runner, and it somehow is specific to qemux86_64 as well.
> Bizarre, yes.
>
> Alex
>
> On Sun, 18 Jun 2023 at 11:09, Richard Purdie
>  wrote:
> >
> > Pulls in:
> >
> > utils: Ensure buffers are flushed after child exits
> >
> > We currently wait for the child to exit but we don't flush the buffers.
> > This can mean the output ends up out of sync and the END: line isn't at
> > the end of the logs.
> >
> > We've recently seen a lot of issues related to this on the autobuilder.
> > Add in a flush call for all fds to ensure buffers are in sync. This
> > does appear to improve warnings on the autobuilder now we started 
> > detecting
> > the issue.
> >
> > Signed-off-by: Richard Purdie 
> > ---
> >  meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb 
> > b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
> > index ff5629c6f9b..67dd887c240 100644
> > --- a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
> > +++ b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
> > @@ -7,7 +7,7 @@ HOMEPAGE = 
> > "http://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/about/;
> >  LICENSE = "GPL-2.0-or-later"
> >  LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe"
> >
> > -SRCREV = "bcb82804daa8f725b6add259dcef2067e61a75aa"
> > +SRCREV = "ea2a9cc159ad5f64ee75781d55101d7c340e0303"
> >  PV .= "+git${SRCPV}"
> >
> >  SRC_URI = 
> > "git://git.yoctoproject.org/ptest-runner2;branch=master;protocol=https \
> > --
> > 2.39.2
> >
> >
> >
> >
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183587): 
https://lists.openembedded.org/g/openembedded-core/message/183587
Mute This Topic: https://lists.openembedded.org/mt/99601743/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [mickledore][PATCH 1/2] erofs-utils: update 1.5 -> 1.6

2023-06-28 Thread Steve Sakoman 
Sorry, I can only take bug/security fix version bumps .  This update
includes new features:

erofs-utils 1.6
* This release includes the following updates:
- support fragments by using `-Efragments` (Yue Hu);
- support compressed data deduplication by using `-Ededupe` (Ziyang Zhang);
- (erofsfuse) support extended attributes (Huang Jianan);
- (mkfs.erofs) support multiple algorithms in a single image (Gao Xiang);
- (mkfs.erofs) support chunk-based sparse files (Gao Xiang);
- (mkfs.erofs) add volume-label setting support (Naoto Yamaguchi);
- (mkfs.erofs) add uid/gid offsetting support (Naoto Yamaguchi);
- (mkfs.erofs) pack files entirely by using `-Eall-fragments` (Gao Xiang);
- various bugfixes and cleanups;

I assume this also means that I can't take the second patch in the
series (the CVE backports)  If this isn't the case, please submit a v2
of the CVE patch.

Thanks!

Steve

On Mon, Jun 26, 2023 at 9:05 PM Changqing Li
 wrote:
>
> From: Alexander Kanavin 
>
> Drop patches merged upstream.
>
> --enable-largefile is no longer necessary, as compiler options are being 
> passed in explicitly.
>
> (From OE-Core rev: 39d38b278cba7b46fd9b367e6f8c989327899e6f)
>
> Signed-off-by: Alexander Kanavin 
> Signed-off-by: Alexandre Belloni 
> Signed-off-by: Richard Purdie 
> ---
>  .../0001-configure-use-AC_SYS_LARGEFILE.patch |  43 ---
>  ...eplace-l-stat64-by-equivalent-l-stat.patch | 109 --
>  ...-Make-LFS-mandatory-for-all-usecases.patch |  41 ---
>  ...{erofs-utils_1.5.bb => erofs-utils_1.6.bb} |  10 +-
>  4 files changed, 3 insertions(+), 200 deletions(-)
>  delete mode 100644 
> meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
>  delete mode 100644 
> meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
>  delete mode 100644 
> meta/recipes-devtools/erofs-utils/erofs-utils/0003-internal.h-Make-LFS-mandatory-for-all-usecases.patch
>  rename meta/recipes-devtools/erofs-utils/{erofs-utils_1.5.bb => 
> erofs-utils_1.6.bb} (62%)
>
> diff --git 
> a/meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
>  
> b/meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
> deleted file mode 100644
> index 75c91f51a7..00
> --- 
> a/meta/recipes-devtools/erofs-utils/erofs-utils/0001-configure-use-AC_SYS_LARGEFILE.patch
> +++ /dev/null
> @@ -1,43 +0,0 @@
> -From fef3b16dba2c5f6ad88951b80cdfbedd423e80a0 Mon Sep 17 00:00:00 2001
> -From: Khem Raj 
> -Date: Wed, 7 Dec 2022 20:16:52 -0800
> -Subject: [PATCH v3 1/3] configure: use AC_SYS_LARGEFILE
> -
> -The autoconf macro AC_SYS_LARGEFILE defines _FILE_OFFSET_BITS=64
> -where necessary to ensure that off_t and all interfaces using off_t
> -are 64bit, even on 32bit systems.
> -
> -Pass -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=66 via CFLAGS
> -
> -Upstream-Status: Submitted 
> [https://lore.kernel.org/linux-erofs/20221215064758.93821-1-raj.k...@gmail.com/T/#t]
> -Signed-off-by: Khem Raj 
> 
> - configure.ac | 5 +
> - 1 file changed, 5 insertions(+)
> -
> -diff --git a/configure.ac b/configure.ac
> -index a736ff0..e8bb003 100644
>  a/configure.ac
> -+++ b/configure.ac
> -@@ -13,6 +13,8 @@ AC_CONFIG_MACRO_DIR([m4])
> - AC_CONFIG_AUX_DIR(config)
> - AM_INIT_AUTOMAKE([foreign -Wall])
> -
> -+AC_SYS_LARGEFILE
> -+
> - # Checks for programs.
> - AM_PROG_AR
> - AC_PROG_CC
> -@@ -319,6 +321,9 @@ if test "x$enable_lzma" = "xyes"; then
> -   CPPFLAGS="${saved_CPPFLAGS}"
> - fi
> -
> -+# Enable 64-bit off_t
> -+CFLAGS+=" -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
> -+
> - # Set up needed symbols, conditionals and compiler/linker flags
> - AM_CONDITIONAL([ENABLE_LZ4], [test "x${have_lz4}" = "xyes"])
> - AM_CONDITIONAL([ENABLE_LZ4HC], [test "x${have_lz4hc}" = "xyes"])
> ---
> -2.39.0
> -
> diff --git 
> a/meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
>  
> b/meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
> deleted file mode 100644
> index d12bebbf87..00
> --- 
> a/meta/recipes-devtools/erofs-utils/erofs-utils/0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch
> +++ /dev/null
> @@ -1,109 +0,0 @@
> -From 856189c324834b838f0e9cfc0d2e05f12518f264 Mon Sep 17 00:00:00 2001
> -From: Khem Raj 
> -Date: Wed, 7 Dec 2022 22:17:35 -0800
> -Subject: [PATCH v3 2/3] erofs: replace [l]stat64 by equivalent [l]stat
> -
> -Upstream-Status: Submitted 
> [https://lore.kernel.org/linux-erofs/20221215064758.93821-2-raj.k...@gmail.com/T/#u]
> -Signed-off-by: Khem Raj 
> 
> - lib/inode.c | 10 +-
> - lib/xattr.c |  4 ++--
> - mkfs/main.c |  4 ++--
> - 3 files changed, 9 insertions(+), 9 deletions(-)
> -
> -diff --git a/lib/inode.c b/lib/inode.c
> -index f192510..38003fc 100644
>  a/lib/inode.c
> -+++ b/lib/inode.c
> -@@ -773,7 +773,7 @@ static u32 erofs_new_encode_dev(dev_t dev)
> -
> -

Re: [OE-core] [PATCH] ptest-runner: Pull in sync fix to improve log warnings

2023-06-28 Thread Alexander Kanavin 
This appears to have regressed glib-2.0 ptest, particularly:
Failed ptests:
{'glib-2.0': ['glib/codegen.py.test']}
https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/5273/steps/12/logs/stdio

I didn't yet got to the root cause, just wanted to register where it
happened. Note that the ptest passes when run directly and fails only
under ptest-runner, and it somehow is specific to qemux86_64 as well.
Bizarre, yes.

Alex

On Sun, 18 Jun 2023 at 11:09, Richard Purdie
 wrote:
>
> Pulls in:
>
> utils: Ensure buffers are flushed after child exits
>
> We currently wait for the child to exit but we don't flush the buffers.
> This can mean the output ends up out of sync and the END: line isn't at
> the end of the logs.
>
> We've recently seen a lot of issues related to this on the autobuilder.
> Add in a flush call for all fds to ensure buffers are in sync. This
> does appear to improve warnings on the autobuilder now we started 
> detecting
> the issue.
>
> Signed-off-by: Richard Purdie 
> ---
>  meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb 
> b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
> index ff5629c6f9b..67dd887c240 100644
> --- a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
> +++ b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
> @@ -7,7 +7,7 @@ HOMEPAGE = 
> "http://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/about/;
>  LICENSE = "GPL-2.0-or-later"
>  LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe"
>
> -SRCREV = "bcb82804daa8f725b6add259dcef2067e61a75aa"
> +SRCREV = "ea2a9cc159ad5f64ee75781d55101d7c340e0303"
>  PV .= "+git${SRCPV}"
>
>  SRC_URI = 
> "git://git.yoctoproject.org/ptest-runner2;branch=master;protocol=https \
> --
> 2.39.2
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183585): 
https://lists.openembedded.org/g/openembedded-core/message/183585
Mute This Topic: https://lists.openembedded.org/mt/99601743/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 29/29] blktrace: ask for python3 specifically

2023-06-28 Thread Steve Sakoman 
From: Sakib Sajal 

python2 has been deprecated, use python3 instead

Signed-off-by: Sakib Sajal 
Signed-off-by: Steve Sakoman 
---
 ...plot.py-Ask-for-python3-specifically.patch | 35 +++
 meta/recipes-kernel/blktrace/blktrace_git.bb  |  4 ++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch

diff --git 
a/meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch
 
b/meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch
new file mode 100644
index 00..e2305a
--- /dev/null
+++ 
b/meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch
@@ -0,0 +1,35 @@
+From 6f4769e6e2c5cdc1262891470995e6dead937c7a Mon Sep 17 00:00:00 2001
+From: Sakib Sajal 
+Date: Mon, 26 Jun 2023 17:57:36 -0400
+Subject: [PATCH] bno_plot.py, btt_plot.py: Ask for python3 specifically
+
+python2 is deprecated, use python3.
+
+Upstream-Status: Denied 
[https://www.spinics.net/lists/linux-btrace/msg01364.html]
+
+Signed-off-by: Sakib Sajal 
+---
+ btt/bno_plot.py | 2 +-
+ btt/btt_plot.py | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/btt/bno_plot.py b/btt/bno_plot.py
+index 3aa4e19..d7d7159 100644
+--- a/btt/bno_plot.py
 b/btt/bno_plot.py
+@@ -1,4 +1,4 @@
+-#! /usr/bin/env python
++#! /usr/bin/env python3
+ #
+ # btt blkno plotting interface
+ #
+diff --git a/btt/btt_plot.py b/btt/btt_plot.py
+index 40bc71f..8620d31 100755
+--- a/btt/btt_plot.py
 b/btt/btt_plot.py
+@@ -1,4 +1,4 @@
+-#! /usr/bin/env python
++#! /usr/bin/env python3
+ #
+ # btt_plot.py: Generate matplotlib plots for BTT generate data files
+ #
diff --git a/meta/recipes-kernel/blktrace/blktrace_git.bb 
b/meta/recipes-kernel/blktrace/blktrace_git.bb
index bba5e04504..1c0856be7b 100644
--- a/meta/recipes-kernel/blktrace/blktrace_git.bb
+++ b/meta/recipes-kernel/blktrace/blktrace_git.bb
@@ -14,7 +14,9 @@ SRCREV = "366d30b9cdb20345c5d064af850d686da79b89eb"
 
 PV = "1.3.0+git${SRCPV}"
 
-SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master"
+SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master \
+   
file://0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch \
+   "
 
 S = "${WORKDIR}/git"
 
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183584): 
https://lists.openembedded.org/g/openembedded-core/message/183584
Mute This Topic: https://lists.openembedded.org/mt/99831212/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 28/29] layer.conf: Add missing dependency exclusion

2023-06-28 Thread Steve Sakoman 
From: Richard Purdie 

Add a dependency which should have been in this list but wasn't, found
when debugging create-spdx hash issues.

Signed-off-by: Richard Purdie 
(cherry picked from commit 1075b9fc5d562dada45b3187cb737511ff8c7376)
Signed-off-by: Steve Sakoman 
---
 meta/conf/layer.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/conf/layer.conf b/meta/conf/layer.conf
index ea57123601..1f329c3efe 100644
--- a/meta/conf/layer.conf
+++ b/meta/conf/layer.conf
@@ -69,6 +69,7 @@ SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS += " \
   initramfs-module-install->grub \
   initramfs-module-install->parted \
   initramfs-module-install->util-linux \
+  initramfs-module-setup-live->udev-extraconf \
   grub-efi->grub-bootconf \
   liberation-fonts->fontconfig \
   cantarell-fonts->fontconfig \
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183583): 
https://lists.openembedded.org/g/openembedded-core/message/183583
Mute This Topic: https://lists.openembedded.org/mt/99831210/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 27/29] maintainers.inc: correct Carlos Rafael Giani's email address

2023-06-28 Thread Steve Sakoman 
From: Alexander Kanavin 

As confirmed via private email.

Signed-off-by: Alexander Kanavin 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit c7f934368d3fb3e9cf268f8237eae80b1c1665a5)
Signed-off-by: Steve Sakoman 
---
 meta/conf/distro/include/maintainers.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index 50746e2d7d..d7bf806b05 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -294,7 +294,7 @@ RECIPE_MAINTAINER:pn-kernel-devsrc = "Bruce Ashfield 
"
 RECIPE_MAINTAINER:pn-kexec-tools = "Unassigned "
 RECIPE_MAINTAINER:pn-keymaps = "Alexander Kanavin "
 RECIPE_MAINTAINER:pn-kmod = "Chen Qi "
-RECIPE_MAINTAINER:pn-kmscube = "Carlos Rafael Giani "
+RECIPE_MAINTAINER:pn-kmscube = "Carlos Rafael Giani "
 RECIPE_MAINTAINER:pn-l3afpad = "Anuj Mittal "
 RECIPE_MAINTAINER:pn-lame = "Michael Opdenacker 
"
 RECIPE_MAINTAINER:pn-ldconfig-native = "Khem Raj "
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183582): 
https://lists.openembedded.org/g/openembedded-core/message/183582
Mute This Topic: https://lists.openembedded.org/mt/99831209/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 26/29] selftest/license: Exclude from world

2023-06-28 Thread Steve Sakoman 
From: Richard Purdie 

These test recipes shouldn't be built as part of world builds. Some recent
changes are exposing issues from this so exclude them.

Signed-off-by: Richard Purdie 
(cherry picked from commit 80d3f5586cd060ae69fbc6dec2e8978d87da10ba)
Signed-off-by: Steve Sakoman 
---
 .../recipes-test/license/incompatible-license-alias.bb  | 2 ++
 meta-selftest/recipes-test/license/incompatible-license.bb  | 2 ++
 meta-selftest/recipes-test/license/incompatible-licenses.bb | 2 ++
 .../recipes-test/license/incompatible-nonspdx-license.bb| 2 ++
 4 files changed, 8 insertions(+)

diff --git a/meta-selftest/recipes-test/license/incompatible-license-alias.bb 
b/meta-selftest/recipes-test/license/incompatible-license-alias.bb
index e0b4e13c26..1af99e7809 100644
--- a/meta-selftest/recipes-test/license/incompatible-license-alias.bb
+++ b/meta-selftest/recipes-test/license/incompatible-license-alias.bb
@@ -1,3 +1,5 @@
 SUMMARY = "Recipe with an alias of an SPDX license"
 DESCRIPTION = "Is licensed with an alias of an SPDX license to be used for 
testing"
 LICENSE = "GPLv3"
+
+EXCLUDE_FROM_WORLD = "1"
diff --git a/meta-selftest/recipes-test/license/incompatible-license.bb 
b/meta-selftest/recipes-test/license/incompatible-license.bb
index 282f5c2875..6fdc58fd30 100644
--- a/meta-selftest/recipes-test/license/incompatible-license.bb
+++ b/meta-selftest/recipes-test/license/incompatible-license.bb
@@ -1,3 +1,5 @@
 SUMMARY = "Recipe with an SPDX license"
 DESCRIPTION = "Is licensed with an SPDX license to be used for testing"
 LICENSE = "GPL-3.0-only"
+
+EXCLUDE_FROM_WORLD = "1"
diff --git a/meta-selftest/recipes-test/license/incompatible-licenses.bb 
b/meta-selftest/recipes-test/license/incompatible-licenses.bb
index 9709892644..47bd8d7c00 100644
--- a/meta-selftest/recipes-test/license/incompatible-licenses.bb
+++ b/meta-selftest/recipes-test/license/incompatible-licenses.bb
@@ -1,3 +1,5 @@
 SUMMARY = "Recipe with multiple SPDX licenses"
 DESCRIPTION = "Is licensed with multiple SPDX licenses to be used for testing"
 LICENSE = "GPL-2.0-only & GPL-3.0-only & LGPL-3.0-only"
+
+EXCLUDE_FROM_WORLD = "1"
diff --git a/meta-selftest/recipes-test/license/incompatible-nonspdx-license.bb 
b/meta-selftest/recipes-test/license/incompatible-nonspdx-license.bb
index 35af0966ef..142d73158e 100644
--- a/meta-selftest/recipes-test/license/incompatible-nonspdx-license.bb
+++ b/meta-selftest/recipes-test/license/incompatible-nonspdx-license.bb
@@ -1,3 +1,5 @@
 SUMMARY = "Recipe with a non-SPDX license"
 DESCRIPTION = "Is licensed with a non-SPDX license to be used for testing"
 LICENSE = "FooLicense"
+
+EXCLUDE_FROM_WORLD = "1"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183581): 
https://lists.openembedded.org/g/openembedded-core/message/183581
Mute This Topic: https://lists.openembedded.org/mt/99831208/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 25/29] connman: fix warning by specifying runstatedir at configure time

2023-06-28 Thread Steve Sakoman 
From: Marc Ferland 

Without this patch, systemd complains on startup with messages similar
to:

systemd-tmpfiles[128]: /etc/tmpfiles.d/connman_resolvconf.conf:1: Line 
references path below legacy directory /var/run/, updating /var/run/connman → 
/run/connman; please update the tmpfiles.d/ drop-in file accordingly.
systemd-tmpfiles[172]: /etc/tmpfiles.d/connman_resolvconf.conf:1: Line 
references path below legacy directory /var/run/, updating /var/run/connman → 
/run/connman; please update the tmpfiles.d/ drop-in file accordingly.

By default, connman will use "/var/run/connman" for runstatedir
instead of the now recommended "/run/connman".

Signed-off-by: Marc Ferland 
Signed-off-by: Alexandre Belloni 
Signed-off-by: Richard Purdie 
(cherry picked from commit 8d17776765a99a4ae327797206ef2a8a735ce87b)
Signed-off-by: Steve Sakoman 
---
 meta/recipes-connectivity/connman/connman.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-connectivity/connman/connman.inc 
b/meta/recipes-connectivity/connman/connman.inc
index 5880ecd5d4..0c1dc7e5dd 100644
--- a/meta/recipes-connectivity/connman/connman.inc
+++ b/meta/recipes-connectivity/connman/connman.inc
@@ -27,6 +27,7 @@ EXTRA_OECONF += "\
 --enable-ethernet \
 --enable-tools \
 --disable-polkit \
+--runstatedir=/run \
 "
 
 PACKAGECONFIG ??= "wispr iptables client\
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183580): 
https://lists.openembedded.org/g/openembedded-core/message/183580
Mute This Topic: https://lists.openembedded.org/mt/99831207/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 24/29] maintainers.inc: correct unassigned entries

2023-06-28 Thread Steve Sakoman 
From: Alexander Kanavin 

Modify packages to unassigned where appropriate

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit ab37ddf53607111bf5c49c4f2388224999c4a5a9)
Signed-off-by: Steve Sakoman 
(cherry picked from commit 27f15bc3166fda5acd07e9e1c34842a641d24e37)
Signed-off-by: Steve Sakoman 
---
 meta/conf/distro/include/maintainers.inc | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index 36f1fc6073..50746e2d7d 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -42,7 +42,7 @@ RECIPE_MAINTAINER:pn-alsa-utils-scripts = "Michael Opdenacker 

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183579): 
https://lists.openembedded.org/g/openembedded-core/message/183579
Mute This Topic: https://lists.openembedded.org/mt/99831205/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 23/29] maintainers.inc: unassign Pascal Bach from cmake entry

2023-06-28 Thread Steve Sakoman 
From: Alexander Kanavin 

This was confirmed via private email.

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit c30e9f1972a3e1d4099f39fd6d0dfb37acb73ce1)
Signed-off-by: Steve Sakoman 
---
 meta/conf/distro/include/maintainers.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index 78f85a6c79..36f1fc6073 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -95,8 +95,8 @@ RECIPE_MAINTAINER:pn-cantarell-fonts = "Alexander Kanavin 

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183578): 
https://lists.openembedded.org/g/openembedded-core/message/183578
Mute This Topic: https://lists.openembedded.org/mt/99831204/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 22/29] maintainers.inc: unassign Andreas Müller from itstool entry

2023-06-28 Thread Steve Sakoman 
From: Alexander Kanavin 

This was confirmed via private email.

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit cc8bb0da24419424989548ced27b2e76030340d9)
Signed-off-by: Steve Sakoman 
---
 meta/conf/distro/include/maintainers.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index 5acc80f059..78f85a6c79 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -281,7 +281,7 @@ RECIPE_MAINTAINER:pn-iproute2 = "Changhyeok Bae 
"
 RECIPE_MAINTAINER:pn-iptables = "Changhyeok Bae "
 RECIPE_MAINTAINER:pn-iputils = "Changhyeok Bae "
 RECIPE_MAINTAINER:pn-iso-codes = "Wang Mingyu "
-RECIPE_MAINTAINER:pn-itstool = "Andreas Müller "
+RECIPE_MAINTAINER:pn-itstool = "Unassigned "
 RECIPE_MAINTAINER:pn-iw = "Changhyeok Bae "
 RECIPE_MAINTAINER:pn-libjpeg-turbo = "Anuj Mittal "
 RECIPE_MAINTAINER:pn-json-c = "Yi Zhao "
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183577): 
https://lists.openembedded.org/g/openembedded-core/message/183577
Mute This Topic: https://lists.openembedded.org/mt/99831203/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 20/29] pm-utils: fix multilib conflictions

2023-06-28 Thread Steve Sakoman 
From: Kai Kang 

It fails to instal pm-utils and lib32-pm-utils at same time:

Error: Transaction test error:
  file /usr/bin/pm-is-supported conflicts between attempted installs of 
lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
  file /usr/sbin/pm-hibernate conflicts between attempted installs of 
lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
  file /usr/sbin/pm-powersave conflicts between attempted installs of 
lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
  file /usr/sbin/pm-suspend conflicts between attempted installs of 
lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
  file /usr/sbin/pm-suspend-hybrid conflicts between attempted installs of 
lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64

All of the conflicted files either is script which source a file in
${libdir}, or a link file to some file in ${libdir}. Compare the content
of installed files in ${libdir} exclude binaries, only the paths of
${libdir} diff. So re-define libdir with ${nonarch_libdir} to fix the
conflicts.

Signed-off-by: Kai Kang 
Signed-off-by: Richard Purdie 
(cherry picked from commit f836541bcfdbf033a37537530b4e3b87b0a7f003)
Signed-off-by: Steve Sakoman 
---
 meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb 
b/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb
index c6a4bc4932..dcc09f279e 100644
--- a/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb
+++ b/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb
@@ -19,9 +19,12 @@ PACKAGECONFIG[manpages] = "--enable-doc, --disable-doc, 
libxslt-native xmlto-nat
 
 RDEPENDS:${PN} = "grep bash"
 
+EXTRA_OECONF = "--libdir=${nonarch_libdir}"
+
 do_configure:prepend () {
( cd ${S}; autoreconf -f -i -s )
 }
 
-FILES:${PN} += "${libdir}/${BPN}/*"
+FILES:${PN} += "${nonarch_libdir}/${BPN}/*"
 FILES:${PN}-dbg += "${datadir}/doc/pm-utils/README.debugging"
+FILES:${PN}-dev += "${nonarch_libdir}/pkgconfig/pm-utils.pc"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183575): 
https://lists.openembedded.org/g/openembedded-core/message/183575
Mute This Topic: https://lists.openembedded.org/mt/99831200/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 21/29] maintaines.inc: unassign Richard Weinberger from erofs-utils entry

2023-06-28 Thread Steve Sakoman 
From: Alexander Kanavin 

This was confirmed via private email.

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit 834519933fcd6e4ff54f24d0cf671ea9ce24398a)
Signed-off-by: Steve Sakoman 
---
 meta/conf/distro/include/maintainers.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/maintainers.inc 
b/meta/conf/distro/include/maintainers.inc
index 19bc29708c..5acc80f059 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -165,7 +165,7 @@ RECIPE_MAINTAINER:pn-ell = "Zang Ruochen 
"
 RECIPE_MAINTAINER:pn-enchant2 = "Anuj Mittal "
 RECIPE_MAINTAINER:pn-encodings = "Unassigned "
 RECIPE_MAINTAINER:pn-epiphany = "Alexander Kanavin "
-RECIPE_MAINTAINER:pn-erofs-utils = "Richard Weinberger "
+RECIPE_MAINTAINER:pn-erofs-utils = "Unassigned "
 RECIPE_MAINTAINER:pn-ethtool = "Changhyeok Bae "
 RECIPE_MAINTAINER:pn-eudev = "Anuj Mittal "
 RECIPE_MAINTAINER:pn-expat = "Yi Zhao "
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183576): 
https://lists.openembedded.org/g/openembedded-core/message/183576
Mute This Topic: https://lists.openembedded.org/mt/99831202/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 19/29] kmod: remove unused ptest.patch

2023-06-28 Thread Steve Sakoman 
From: Martin Jansa 

* it was removed from SRC_URI in 2015:
  
https://git.openembedded.org/openembedded-core/commit/?id=f80d136bdd578468035a88125fa1b84973fd912b

Signed-off-by: Martin Jansa 
Signed-off-by: Richard Purdie 
(cherry picked from commit cfc4586b4bf080a3a4aa419dffc76c5da2a95b74)
Signed-off-by: Steve Sakoman 
---
 meta/recipes-kernel/kmod/kmod/ptest.patch | 25 ---
 1 file changed, 25 deletions(-)
 delete mode 100644 meta/recipes-kernel/kmod/kmod/ptest.patch

diff --git a/meta/recipes-kernel/kmod/kmod/ptest.patch 
b/meta/recipes-kernel/kmod/kmod/ptest.patch
deleted file mode 100644
index 831dbcb909..00
--- a/meta/recipes-kernel/kmod/kmod/ptest.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-Add 'install-ptest' rule.
-
-Signed-off-by: Tudor Florea 
-Upstream-Status: Pending
-
-diff -ruN a/Makefile.am b/Makefile.am
 a/Makefile.am  2013-07-12 17:11:05.278331557 +0200
-+++ b/Makefile.am  2013-07-12 17:14:27.033788016 +0200
-@@ -204,6 +204,16 @@
- 
- distclean-local: $(DISTCLEAN_LOCAL_HOOKS)
- 
-+install-ptest:
-+  @$(MKDIR_P) $(DESTDIR)/testsuite
-+  @for file in $(TESTSUITE); do \
-+  install $$file $(DESTDIR)/testsuite; \
-+  done;
-+  @sed -e 's/^Makefile/_Makefile/' < Makefile > $(DESTDIR)/Makefile
-+  @$(MKDIR_P) $(DESTDIR)/tools
-+  @cp $(noinst_SCRIPTS) $(noinst_PROGRAMS) $(DESTDIR)/tools
-+  @cp -r testsuite/rootfs testsuite/.libs $(DESTDIR)/testsuite
-+
- # 
--
- # custom release helpers
- # 
--
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183574): 
https://lists.openembedded.org/g/openembedded-core/message/183574
Mute This Topic: https://lists.openembedded.org/mt/99831199/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 18/29] minicom: remove unused patch files

2023-06-28 Thread Steve Sakoman 
From: Martin Jansa 

* they were removed from SRC_URI in:
  
https://git.openembedded.org/openembedded-core/commit/?id=41f8760dd8a8ac388389bc17dbc5e0ae0f64bf57

Signed-off-by: Martin Jansa 
Signed-off-by: Richard Purdie 
(cherry picked from commit a0f28cd8d01f4faeedc1089e5d1e2dacc5b046f9)
Signed-off-by: Steve Sakoman 
(cherry picked from commit 4395c783e544de30f650459677055737148ea261)
Signed-off-by: Steve Sakoman 
---
 ...erfluous-global-variable-definitions.patch | 35 
 ...erfluous-global-variable-definitions.patch | 37 
 ...erfluous-global-variable-definitions.patch | 42 ---
 3 files changed, 114 deletions(-)
 delete mode 100644 
meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch
 delete mode 100644 
meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch
 delete mode 100644 
meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch

diff --git 
a/meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch
 
b/meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch
deleted file mode 100644
index 01b23898e7..00
--- 
a/meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From b65152ebc03832972115e6d98e50cb6190d01793 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= 
-Date: Mon, 3 Feb 2020 13:18:13 +0100
-Subject: [PATCH 1/3] Drop superfluous global variable definitions
-
-The file minicom.c, by including the minicom.h header, already defines
-the global variables 'dial_user' and 'dial_pass'. The object file
-minicom.o is always linked to dial.o. Thus the definitions in dial.c
-can be dropped.
-
-This fixes linking with gcc 10 which uses -fno-common by default,
-disallowing multiple global variable definitions.
-
-Upstream-Status: Backport 
[https://salsa.debian.org/minicom-team/minicom/-/commit/db269bba2a68fde03f5df45ac8372a8f1248ca96]
-Signed-off-by: Khem Raj 

- src/dial.c | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/src/dial.c b/src/dial.c
-index eada5ee..d9d481f 100644
 a/src/dial.c
-+++ b/src/dial.c
-@@ -146,8 +146,6 @@ static int newtype;
- /* Access to ".dialdir" denied? */
- static int dendd = 0;
- static char *tagged;
--char *dial_user;
--char *dial_pass;
- 
- /* Change the baud rate.  Treat all characters in the given array as if
-  * they were key presses within the comm parameters dialog (C-A P) and
--- 
-2.24.1
-
diff --git 
a/meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch
 
b/meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch
deleted file mode 100644
index e86b470b7e..00
--- 
a/meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 924bd2da3a00e030e29d82b74ef82900bd50b475 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= 
-Date: Mon, 3 Feb 2020 13:18:33 +0100
-Subject: [PATCH 2/3] Drop superfluous global variable definitions
-
-The only place where the EXTERN macro mechanism is used to define the
-global variables 'vt_outmap' and 'vt_inmap' is minicom.c (by defining
-an empty EXTERN macro and including the minicom.h header). The file
-vt100.c already defines these variables. The vt100.o object file is
-always linked to minicom.o. Thus it is safe not to define the
-variables in minicom.c and only declare them in the minicom.h header.
-
-This fixes linking with gcc 10 which uses -fno-common by default,
-disallowing multiple global variable definitions.
-
-Upstream-Status: Backport 
[https://salsa.debian.org/minicom-team/minicom/-/commit/c69cad5b5dda85d361a3a0c1fddc65e933f26d11]
-Signed-off-by: Khem Raj 

- src/minicom.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/minicom.h b/src/minicom.h
-index 061c013..0f9693b 100644
 a/src/minicom.h
-+++ b/src/minicom.h
-@@ -141,7 +141,7 @@ EXTERN int sbcolor; /* Status Bar Background Color */
- EXTERN int st_attr;   /* Status Bar attributes. */
- 
- /* jl 04.09.97 conversion tables */
--EXTERN unsigned char vt_outmap[256], vt_inmap[256];
-+extern unsigned char vt_outmap[256], vt_inmap[256];
- 
- /* MARK updated 02/17/95 - history buffer */
- EXTERN int num_hist_lines;  /* History buffer size */
--- 
-2.24.1
-
diff --git 
a/meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch
 
b/meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch
deleted file mode 100644
index 3225a0c32a..00
--- 
a/meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From a4fc603b3641d2efe31479116eb7ba66932901c7 Mon Sep 17 00:00:00 2001
-From:

[OE-core][kirkstone 17/29] psmisc: Set ALTERNATIVE for pstree to resolve conflict with busybox

2023-06-28 Thread Steve Sakoman 
From: Frieder Schrempf 

If pstree in busybox is enabled there is a conflict with pstree from
psmisc resulting in:

  do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If
  the intention is to defer them to first boot, then please place
  them into pkg_postinst_ontarget:${PN} ().
  Deferring to first boot via 'exit 1' is no longer supported.

And more detailed in do_rootfs.log:

  update-alternatives: Error: not linking [...]/rootfs/usr/bin/pstree to 
/bin/busybox.nosuid since [...]/rootfs/usr/bin/pstree exists and is not a link

On order to fix this set ALTERNATIVE:pstree accordingly.

Signed-off-by: Frieder Schrempf 
Signed-off-by: Alexandre Belloni 
Signed-off-by: Richard Purdie 
(cherry picked from commit deb2176df76dcb16c0d90072ad63d308a0ab1158)
Signed-off-by: Steve Sakoman 
---
 meta/recipes-extended/psmisc/psmisc.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-extended/psmisc/psmisc.inc 
b/meta/recipes-extended/psmisc/psmisc.inc
index 12539dad53..44b82bd325 100644
--- a/meta/recipes-extended/psmisc/psmisc.inc
+++ b/meta/recipes-extended/psmisc/psmisc.inc
@@ -54,3 +54,5 @@ ALTERNATIVE_PRIORITY = "90"
 ALTERNATIVE:killall = "killall"
 
 ALTERNATIVE:fuser = "fuser"
+
+ALTERNATIVE:pstree = "pstree"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183572): 
https://lists.openembedded.org/g/openembedded-core/message/183572
Mute This Topic: https://lists.openembedded.org/mt/99831197/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 16/29] linux-yocto/5.10: cfg: fix DECNET configuration warning

2023-06-28 Thread Steve Sakoman 
From: Bruce Ashfield 

Dropping CONFIG_DECNET as it has been removed from -stable
and we now get a configuration warning.

Signed-off-by: Bruce Ashfield 
Signed-off-by: Steve Sakoman 
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb 
b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index 8e7b0b32a0..7976b96a61 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "46fb028ad9413cfa8d47a6dc8bf9a57d9d5edf8b"
-SRCREV_meta ?= "697cb5ef3aff49be3fa29bf604598ca36ceb5dfd"
+SRCREV_meta ?= "c1168e10ecf30b123a341ca500966eebf3fe2cc2"
 
 SRC_URI = 
"git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \

git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb 
b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index 5c4eb9e990..85dac1d874 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine:qemuarm ?= "6e0299be775387485e22edcd57ac6099c08f4356"
 SRCREV_machine ?= "772cf990473f73ebf34c1a1ef4f06eb3e297c4db"
-SRCREV_meta ?= "697cb5ef3aff49be3fa29bf604598ca36ceb5dfd"
+SRCREV_meta ?= "c1168e10ecf30b123a341ca500966eebf3fe2cc2"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb 
b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index 6e82782a38..2c7a3e2597 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -23,7 +23,7 @@ SRCREV_machine:qemux86 ?= 
"dafc025b033585311d1693255c80b60b690b0e54"
 SRCREV_machine:qemux86-64 ?= "dafc025b033585311d1693255c80b60b690b0e54"
 SRCREV_machine:qemumips64 ?= "ee18c4343db52d5846a0f332cd6df26a6f72dd45"
 SRCREV_machine ?= "dafc025b033585311d1693255c80b60b690b0e54"
-SRCREV_meta ?= "697cb5ef3aff49be3fa29bf604598ca36ceb5dfd"
+SRCREV_meta ?= "c1168e10ecf30b123a341ca500966eebf3fe2cc2"
 
 SRC_URI = 
"git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \

git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183571): 
https://lists.openembedded.org/g/openembedded-core/message/183571
Mute This Topic: https://lists.openembedded.org/mt/99831194/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 15/29] linux-yocto/5.10: update to v5.10.185

2023-06-28 Thread Steve Sakoman 
From: Bruce Ashfield 

Updating  to the latest korg -stable release that comprises
the following commits:

ef0d5feb32ab Linux 5.10.185
ed2bf5cee6c6 um: Fix build w/o CONFIG_PM_SLEEP
f73ec12dc718 drm/i915/gen11+: Only load DRAM information from pcode
27458487c8f4 drm/i915/dg1: Wait for pcode/uncore handshake at startup
2d1c19597d1e media: dvb-core: Fix use-after-free due to race at 
dvb_register_device()
5c61c3945adf media: dvbdev: fix error logic at dvb_register_device()
a1b26dac8bc6 media: dvbdev: Fix memleak in dvb_register_device
a13dee47fa2a nilfs2: reject devices with insufficient block count
c374552b54d6 mm/memory_hotplug: extend offline_and_remove_memory() to 
handle more than one memory block
e6dc6a9d0a76 mmc: block: ensure error propagation for non-blk
7ce0e8b28720 batman-adv: Switch to kstrtox.h for kstrtou64
e6104284c42f neighbour: delete neigh_lookup_nodev as not used
bf82668eb950 net: Remove DECnet leftovers from flow.h.
7d07fd03f50c net: Remove unused inline function dst_hold_and_use()
53076071fb92 neighbour: Remove unused inline function neigh_key_eq16()
7230a9e599d3 rcu/kvfree: Avoid freeing new kfree_rcu() memory after old 
grace period
a26158962176 cgroup: always put cset in cgroup_css_set_put_fork
4c1084386332 afs: Fix vlserver probe RTT handling
49b6607dedc2 selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
08899e8d5a99 net: tipc: resize nlattr array to correct size
5fd696b404fb net: lapbether: only support ethernet devices
6ee3728ae87e net/sched: cls_api: Fix lockup on flushing explicitly created 
chain
efed5b50f3b8 ext4: drop the call to ext4_error() from ext4_get_group_info()
6ab91d1adb5a drm/nouveau: add nv_encoder pointer check for NULL
5d43bb9b3e0c drm/nouveau/dp: check for NULL nv_connector->native_mode
edb970e03d65 drm/nouveau: don't detect DSM for non-NVIDIA device
8c3446ab5902 igb: fix nvm.ops.read() error handling
221281d60c46 sctp: fix an error code in sctp_sf_eat_auth()
5c47ed7f25d6 ipvlan: fix bound dev checking for IPv6 l3s mode
3c97f2c9ec29 IB/isert: Fix incorrect release of isert connection
da6ae4aab5a6 IB/isert: Fix possible list corruption in CMA handler
2b6f8817ca66 IB/isert: Fix dead lock in ib_isert
2f9d26345c6e IB/uverbs: Fix to consider event queue closing also upon 
non-blocking mode
6cccdbc9f09c RDMA/cma: Always set static rate to 0 for RoCE
f49abbb27416 RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
aa277d5cd4b2 octeontx2-af: fixed resource availability check
0fb48a2a6ad4 iavf: remove mask from iavf_irq_enable_queues()
079a9591ee18 RDMA/rxe: Fix the use-before-initialization error of resp_pkts
089a0e831f68 RDMA/rxe: Removed unused name from rxe_task struct
6205c0d9ff8b RDMA/rxe: Remove the unused variable obj
af6eaa57986e net/sched: cls_u32: Fix reference counter leak leading to 
overflow
5852d17aaa8b ping6: Fix send to link-local addresses with VRF.
9e666a77f008 net: enetc: correct the indexes of highest and 2nd highest TCs
1200af82cf0b netfilter: nfnetlink: skip error delivery on batch in case of 
ENOMEM
af42c4fd827c spi: fsl-dspi: avoid SCK glitches with continuous transfers
cb6ec51ddd00 RDMA/rtrs: Fix the last iu->buf leak in err path
26293251ab64 usb: dwc3: gadget: Reset num TRBs before giving back the 
request
f4bc41694289 serial: lantiq: add missing interrupt ack
0b6e65016c3c USB: serial: option: add Quectel EM061KGL series
1c004b379b03 Remove DECnet support from kernel
e9d384983fa9 ALSA: hda/realtek: Add a quirk for Compaq N14JP6
1148d4ca3029 net: usb: qmi_wwan: add support for Compal RXM-G1
d7acfd522560 RDMA/uverbs: Restrict usage of privileged QKEYs
96e14c91c530 nouveau: fix client work fence deletion race
f1f7117b2236 powerpc/purgatory: remove PGO flags
26c80741ceb6 x86/purgatory: remove PGO flags
f368aed4827b kexec: support purgatories with .text.hot sections
7e78b9142fdf nilfs2: fix possible out-of-bounds segment allocation in 
resize ioctl
902fcec05295 nilfs2: fix incomplete buffer cleanup in 
nilfs_btnode_abort_change_key()
d59293f082dc nios2: dts: Fix tse_mac "max-frame-size" property
2847d9eed48b ocfs2: check new file size on fallocate call
e73b135f540c ocfs2: fix use-after-free when unmounting read-only filesystem
370f5d98ffe5 epoll: ep_autoremove_wake_function should use 
list_del_init_careful
4716c73b1885 io_uring: hold uring mutex around poll removal
93a68acc497b irqchip/gic: Correctly validate OF quirk descriptors
2a2641a842ea drm:amd:amdgpu: Fix missing buffer object unlock in failure 
path
7c0b17679b43 xen/blkfront: Only check REQ_FUA for writes
8e45fb70f4b5 ASoC: dwc: move DMA init to snd_soc_dai_driver probe()
d47b5a6d2331 mips: Move initrd_start check after initrd address 
sanitisation.
619672bf2d04 MIPS: Alchemy: fix dbdma2

[OE-core][kirkstone 14/29] linux-yocto/5.10: update to v5.10.184

2023-06-28 Thread Steve Sakoman 
From: Bruce Ashfield 

Updating  to the latest korg -stable release that comprises
the following commits:

a1f0beb13d9b Linux 5.10.184
7f896130eff7 Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with 
PCI_DEVICE"
b60e862e133f btrfs: unset reloc control if transaction commit fails in 
prepare_to_relocate()
6f371623f315 btrfs: check return value of btrfs_commit_transaction in 
relocation
ea0d413094e0 drm/atomic: Don't pollute crtc_state->mode_blob with error 
pointers
1659268d1ab4 MIPS: locking/atomic: Fix atomic{_64,}_sub_if_positive
0e98a97f772f xfs: verify buffer contents when we skip log replay
58e8cf94de12 tcp: fix tcp_min_tso_segs sysctl
1b4b3350969e ext4: only check dquot_initialize_needed() when debugging
fd6cb5171903 Revert "ext4: don't clear SB_RDONLY when remounting r/w until 
quota is re-enabled"
cfa91c0573a5 vhost: support PACKED when setting-getting vring_base
461c88caa889 riscv: fix kprobe __user string arg print fault issue
c6b905087428 eeprom: at24: also select REGMAP
10e376a7c387 i2c: sprd: Delete i2c adapter in .remove's error path
c4aeef56022e ASoC: codecs: wsa881x: do not set can_multi_write flag
b6f309e9d24e staging: vc04_services: fix gcc-13 build warning
0d3c75a69344 usb: usbfs: Use consistent mmap functions
143f40572174 usb: usbfs: Enforce page requirements for mmap
bcd474d1838e pinctrl: meson-axg: add missing GPIOA_18 gpio group
1981d37b1d76 rbd: get snapshot context after exclusive lock is ensured to 
be held
76ae4a7bc999 rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
841d3b5a8446 tee: amdtee: Add return_origin to 'struct tee_cmd_load_ta'
a94024991d82 Bluetooth: hci_qca: fix debugfs registration
2270e32bd199 Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
76b40319a1ea s390/dasd: Use correct lock while counting channel queue length
e715c86e92fd ceph: fix use-after-free bug for inodes when flushing capsnaps
67148731582d can: j1939: avoid possible use-after-free when 
j1939_can_rx_register fails
cc834f4d9762 can: j1939: change j1939_netdev_lock type to mutex
026800507640 can: j1939: j1939_sk_send_loop_abort(): improved error queue 
handling in J1939 Socket
00380551353b drm/amdgpu: fix xclk freq on CHIP_STONEY
ef95f987bea8 ALSA: hda/realtek: Add Lenovo P3 Tower platform
95520b3fba92 ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
ca26d00828d3 Input: psmouse - fix OOB access in Elantech protocol
86efc409f29d Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
9ece26ff0815 batman-adv: Broken sync while rescheduling delayed work
3f6dfff5fe41 bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
deead0d8729f bnxt_en: Query default VLAN before VNIC setup on a VF
84dbd27ad5da bnxt_en: Don't issue AP reset during ethtool's reset operation
dedd47977ae5 lib: cpu_rmap: Fix potential use-after-free in 
irq_cpu_rmap_release()
27b8d6931f3f bpf: Add extra path pointer check to d_path helper
36d07046c2d9 net: sched: fix possible refcount leak in tc_chain_tmplt_add()
54acac57fe39 net: sched: move rtm_tca_policy declaration to include file
dad7417db765 rfs: annotate lockless accesses to RFS sock flow table
c62ca9d03777 rfs: annotate lockless accesses to sk->sk_rxhash
86e3981ff1bc ipv6: rpl: Fix Route of Death.
b4be099c5fb5 netfilter: ipset: Add schedule point in call_ad().
35c89cfcac05 netfilter: conntrack: fix NULL pointer dereference in 
nf_confirm_cthelper
c4ba90ae3578 qed/qede: Fix scheduling while atomic
0fee54fa330b Bluetooth: L2CAP: Add missing checks for invalid DCID
00665980128c Bluetooth: Fix l2cap_disconnect_req deadlock
83cfac5851c2 net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
8ab2bec9e165 net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK 
CONT
47ef881f1cbe net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
9fcc3c3d26a0 neighbour: fix unaligned access to pneigh_entry
99883d4a0be2 wifi: mt76: mt7615: fix possible race in mt7615_mac_sta_poll
2d3e4c5b3e05 afs: Fix setting of mtime when creating a file/dir/symlink
1ed651e234fd spi: qup: Request DMA before enabling clocks
e7c61c39d6d1 staging: vchiq_core: drop vchiq_status from vchiq_initialise
fa303270602d i40e: fix build warning in ice_fltr_add_mac_to_list()
15ca8d584c1a i40e: fix build warnings in i40e_alloc.h
f7e208d1c549 i40iw: fix build warning in i40iw_manage_apbvt()
318e2c18da7c block/blk-iocost (gcc13): keep large values in a new enum
b6d652f7fbdc blk-iocost: avoid 64-bit division in ioc_timer_fn
9214a5484e33 f2fs: fix iostat lock protection
d3b74c288d84 bonding (gcc13): synchronize bond_{a,t}lb_xmit() types
f122e5517401 remove the sx8 block driver
9236470a1dd4 sfc (gcc13): synchronize ef100_enqueue_skb()'s return type
02ce3cf22291 gcc-plugins: Reorganize gimple includes for

[OE-core][kirkstone 13/29] linux-yocto/5.10: update to v5.10.183

2023-06-28 Thread Steve Sakoman 
From: Bruce Ashfield 

Updating  to the latest korg -stable release that comprises
the following commits:

7356714b95aa Linux 5.10.183
842156dc0aad ARM: defconfig: drop CONFIG_DRM_RCAR_LVDS
2c0ea7a06db5 ext4: enable the lazy init thread when remounting read/write
92450a1eaa9e selftests: mptcp: join: skip if MPTCP is not supported
1a6db1f92724 selftests: mptcp: simult flows: skip if MPTCP is not supported
4f8356ab74dd selftests: mptcp: diag: skip if MPTCP is not supported
81df7153f011 crypto: ccp: Play nice with vmalloc'd memory for SEV command 
structs
1f988ce6e44f crypto: ccp: Reject SEV commands with mismatching command 
buffer
d21a20f4421d scsi: dpt_i2o: Do not process completions with invalid 
addresses
a2cd7599b558 scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
6d6612f7f976 drm/rcar: stop using 'imply' for dependencies
c759c9e4bf38 media: ti-vpe: cal: avoid FIELD_GET assertion
d21e955de918 tpm, tpm_tis: Request threaded interrupt handler
608c1f20830c regmap: Account for register length when chunking
cb1cbe430e67 KEYS: asymmetric: Copy sig and digest in 
public_key_verify_signature()
3295dc04af33 KVM: x86: Account fastpath-only VM-Exits in vCPU stats
21bb3cd2e1bc test_firmware: fix the memory leak of the allocated firmware 
buffer
510e015b9058 serial: 8250_tegra: Fix an error handling path in 
tegra_uart_probe()
b02ae50c7fd8 fbcon: Fix null-ptr-deref in soft_cursor
c94228a5aea4 ext4: add lockdep annotations for i_data_sem for ea_inode's
ef70012ab51c ext4: disallow ea_inodes with extended attributes
6f4fa43757bb ext4: set lockdep subclass for the ea_inode in 
ext4_xattr_inode_cache_find()
6d67d4966c1e ext4: add EA_INODE checking to ext4_iget()
6d0adaa90dbe selftests: mptcp: pm nl: skip if MPTCP is not supported
54dea0aa6bef selftests: mptcp: connect: skip if MPTCP is not supported
57eb824b8cbb tracing/probe: trace_probe_primary_from_call(): checked 
list_first_entry
122ba1d40bea selinux: don't use make's grouped targets feature yet
e0b8664c2fec btrfs: fix csum_tree_block page iteration to avoid tripping on 
-Werror=array-bounds
6c859764f44d tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break 
instead of UARTCTRL_SBK
6127e956c3a7 mmc: vub300: fix invalid response handling
99cb5ed15d3e eth: sun: cassini: remove dead code
1d8693376aaa gcc-12: disable '-Wdangling-pointer' warning for now
7c602f540bfd ath6kl: Use struct_group() to avoid size-mismatched casting
c92ea38a779f ACPI: thermal: drop an always true check
93e28b66c104 x86/boot: Wrap literal addresses in absolute_pointer()
3442be8f3095 ata: libata-scsi: Use correct device no in ata_find_dev()
ae0d7613e0e3 scsi: stex: Fix gcc 13 warnings
86b2d292c260 misc: fastrpc: reject new invocations during device removal
dacb7c103c2f misc: fastrpc: return -EPIPE to invocations on device removal
a4f88cb043c5 usb: gadget: f_fs: Add unbind event before functionfs_unbind
90f581eb745c net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
e18b0009ddfb iio: dac: build ad5758 driver when AD5758 is selected
a869ab6987f4 iio: adc: ad7192: Change "shorted" channels to differential
143dbb313aea iio: dac: mcp4725: Fix i2c_master_send() return value handling
81c70f4beaad iio: light: vcnl4035: fixed chip ID check
ff864a92d903 iio: imu: inv_icm42600: fix timestamp reset
954bd5a44b09 HID: wacom: avoid integer overflow in wacom_intuos_inout()
adac1c22f54b HID: google: add jewel USB id
55c507a34e7e iio: adc: mxs-lradc: fix the order of two cleanup operations
5a445c2bf651 mailbox: mailbox-test: fix a locking issue in 
mbox_test_message_write()
c05ac53bb0df atm: hide unused procfs functions
ab332304583d drm/msm: Be more shouty if per-process pgtables aren't working
93a61212db4b ALSA: oss: avoid missing-prototype warnings
4987bf04465e netfilter: conntrack: define variables exp_nat_nla_policy and 
any_addr with CONFIG_NF_NAT
1c2537291e9c wifi: b43: fix incorrect __packed annotation
ea478186ea29 scsi: core: Decrease scsi_device's iorequest_cnt if dispatch 
failed
05226a8f2288 arm64/mm: mark private VM_FAULT_X defines as vm_fault_t
32f86763c2a2 ARM: dts: stm32: add pin map for CAN controller on stm32f7
01c76cb5e512 wifi: rtl8xxxu: fix authentication timeout due to incorrect 
RCR value
046721280664 s390/pkey: zeroize key blobs
76169f749089 media: dvb-core: Fix use-after-free due to race condition at 
dvb_ca_en50221
ca2d171fd1f3 media: dvb-core: Fix kernel WARNING for blocking operation in 
wait_event*()
2ea7d26ed851 media: dvb-core: Fix use-after-free due on race condition at 
dvb_net
415651c8f468 media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr 
from ID table
eb37fef417a2 media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
1995e714725f media: dvb_ca_en50221: fix a size write bug

[OE-core][kirkstone 12/29] linux-yocto/5.10: update to v5.10.182

2023-06-28 Thread Steve Sakoman 
From: Bruce Ashfield 

Updating  to the latest korg -stable release that comprises
the following commits:

c7992b6c7f0e Linux 5.10.182
468bebc426ba netfilter: ctnetlink: Support offloaded conntrack entry 
deletion
18c14d3028c0 ipv{4,6}/raw: fix output xfrm lookup wrt protocol
2218752325a9 binder: fix UAF caused by faulty buffer cleanup
e4d2e6c3054b bluetooth: Add cmd validity checks at the start of 
hci_sock_ioctl()
6a0712d9fe46 net: phy: mscc: enable VSC8501/2 RGMII RX clock
b556990235c3 net/mlx5: Devcom, serialize devcom registration
57dc3c124e7b net/mlx5: devcom only supports 2 ports
860ad704e450 regulator: pca9450: Fix BUCK2 enable_mask
b3a9c4081db9 regulator: pca9450: Convert to use 
regulator_set_ramp_delay_regmap
12cb97ed85fb regulator: Add regmap helper for ramp-delay setting
b557220d3140 power: supply: bq24190: Call power_supply_changed() after 
updating input current
224f7bbf577b power: supply: core: Refactor 
power_supply_set_input_current_limit_from_supplier()
277b489ad0b7 power: supply: bq27xxx: After charger plug in/out wait 0.5s 
for things to stabilize
0949c572d42d power: supply: bq27xxx: Ensure power_supply_changed() is 
called on current sign changes
6ed541254f4b power: supply: bq27xxx: Move bq27xxx_battery_update() down
ed78797a264c power: supply: bq27xxx: expose battery data when CI=1
7ff807d68b5d power: supply: bq27xxx: Add cache parameter to 
bq27xxx_battery_current_and_status()
432f98c559f2 power: supply: bq27xxx: make status more robust
659094e4057a power: supply: bq27xxx: fix sign of current_now for newer ICs
14e1a958d988 power: supply: bq27xxx: fix polarity of current_now
18c9cf463337 x86/cpu: Drop spurious underscore from RAPTOR_LAKE #define
4a8980cb2a7c x86/cpu: Add Raptor Lake to Intel family
272d4b8a5b96 Linux 5.10.181
cf7ee4b15838 net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
98cedb991094 3c589_cs: Fix an error handling path in tc589_probe()
6f449e409b75 arm64: dts: imx8mn-var-som: fix PHY detection bug by adding 
deassert delay
d4d10a6df152 net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
8b9c561b9fc1 net/mlx5: Fix error message when failing to allocate device 
memory
c21862232f6c net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) 
CPUs
058fd18e7477 net/mlx5e: do as little as possible in napi poll when budget 
is 0
5afd5fb8a9a7 forcedeth: Fix an error handling path in nv_probe()
80a4b9ad4288 ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
c966b58c8515 x86/show_trace_log_lvl: Ensure stack pointer is aligned, again
0de80163dea6 xen/pvcalls-back: fix double frees with 
pvcalls_new_active_socket()
b663696c0652 coresight: Fix signedness bug in 
tmc_etr_buf_insert_barrier_packet()
a52d2019ec7c fs: fix undefined behavior in bit shift for SB_NOUSER
52967bbb93eb power: supply: sbs-charger: Fix INHIBITED bit for Status reg
e85757da9091 power: supply: bq27xxx: Fix poll_interval handling and races 
on remove
1da9a4b55a66 power: supply: bq27xxx: Fix I2C IRQ race on remove
ac1ab213946d power: supply: bq27xxx: Fix bq27xxx_battery_update() race 
condition
2de6eb7c40f9 power: supply: leds: Fix blink to LED on transition
e5f82688ae10 ipv6: Fix out-of-bounds access in ipv6_find_tlv()
a61d5c13c7d1 bpf: Fix mask generation for 32-bit narrow loads of 64-bit 
fields
72971f4071b4 octeontx2-pf: Fix TSOv6 offload
1c8a016822bb selftests: fib_tests: mute cleanup error message
a594382ec6d0 net: fix skb leak in __skb_tstamp_tx()
8a30dce9d7f7 media: radio-shark: Add endpoint checks
ccef03c51135 USB: sisusbvga: Add endpoint checks
4c260bbf356a USB: core: Add routines for endpoint checks in old drivers
5014b64e369b udplite: Fix NULL pointer dereference in 
__sk_mem_raise_allocated().
4bb955c4d283 net: fix stack overflow when LRO is disabled for virtual 
interfaces
58ecc165abda fbdev: udlfb: Fix endpoint check
fd673079749b debugobjects: Don't wake up kswapd from fill_pool()
a12ce786bef6 x86/topology: Fix erroneous smp_num_siblings on Intel Hybrid 
platforms
518c39fc1ed6 parisc: Fix flush_dcache_page() for usage from irq context
2d78438c3183 selftests/memfd: Fix unknown type name build failure
d4a5e6ae9967 x86/mm: Avoid incomplete Global INVLPG flushes
628d7e494134 dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
139f84c80d9f btrfs: use nofs when cleaning up aborted transactions
ea50ee0ef904 gpio: mockup: Fix mode of debugfs files
c570dbf279a8 parisc: Allow to reboot machine after system halt
de0d7dd5efd4 parisc: Handle kgdb breakpoints only in kernel context
89eba5586aa4 m68k: Move signal frame following exception on 68020/030
42b78c8cc774 net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
798c1c62cfa5 ALSA: hda/realtek: Enable headset onLenovo M70/M90
1f57a1b97949 ALSA: hda: Fix unhandled

[OE-core][kirkstone 11/29] dbus: upgrade 1.14.6 -> 1.14.8

2023-06-28 Thread Steve Sakoman 
From: Xiangyu Chen 

Update dbus to 1.14.8 to fix CVE-2023-34969 and serveral bugs

changes:
https://gitlab.freedesktop.org/dbus/dbus/-/blob/f90d4f16933ee5153fe02c405eb883c9cb8f0ad5/NEWS

commits:
55d11f57 doc/dbus-api-design: fix wrong closing tag
a96f417f CI: Run a detached pipeline for merge requests
9e0477fc CI: Only run for pushes to dbus
077f7e43 CI: Remove an obsolete workaround
07fe44f4 CI: Update Windows runners
ec708d55 CI: Avoid using a no-op download location that gives a 403 error
45e6e93e dbus_message_iter_get_signature: Fix two memory leaks on OOM
0bb1942e dbus-internals: use `_DBUS_FUNCTION_NAME` in `_dbus_verbose()`
8df1b8be dbus-sysdeps-win: do not log function name twice
5c3a4e81 dbus-spawn-win: use `_DBUS_FUNCTION_NAME` instead of `__FUNCTION__`
8e457296 Update NEWS
e1ffce17 Revert "CI: Remove an obsolete workaround"
40c0802f monitor test: Log the messages that we monitored
a70c8f2f bus: Assign a serial number for messages from the driver
39b5c617 monitor test: Reproduce #457
f99e5de1 Update NEWS
21414587 AUTHORS: Update
f90d4f16 Release v1.14.8

Signed-off-by: Xiangyu Chen 
Signed-off-by: Steve Sakoman 
---
 meta/recipes-core/dbus/{dbus_1.14.6.bb => dbus_1.14.8.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-core/dbus/{dbus_1.14.6.bb => dbus_1.14.8.bb} (98%)

diff --git a/meta/recipes-core/dbus/dbus_1.14.6.bb 
b/meta/recipes-core/dbus/dbus_1.14.8.bb
similarity index 98%
rename from meta/recipes-core/dbus/dbus_1.14.6.bb
rename to meta/recipes-core/dbus/dbus_1.14.8.bb
index cc81047cef..2ba56bf782 100644
--- a/meta/recipes-core/dbus/dbus_1.14.6.bb
+++ b/meta/recipes-core/dbus/dbus_1.14.8.bb
@@ -16,7 +16,7 @@ SRC_URI = 
"https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.xz \
file://dbus-1.init \
"
 
-SRC_URI[sha256sum] = 
"fd2bdf1bb89dc365a46531bff631536f22b0d1c6d5ce2c5c5e59b55265b3d66b"
+SRC_URI[sha256sum] = 
"a6bd5bac5cf19f0c3c594bdae2565a095696980a683a0ef37cb6212e093bde35"
 
 EXTRA_OECONF = "--disable-xml-docs \
 --disable-doxygen-docs \
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183566): 
https://lists.openembedded.org/g/openembedded-core/message/183566
Mute This Topic: https://lists.openembedded.org/mt/99831186/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 10/29] mobile-broadband-provider-info: upgrade 20221107 -> 20230416

2023-06-28 Thread Steve Sakoman 
From: Wang Mingyu 

Signed-off-by: Wang Mingyu 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit 125f72393c9b6fea02757cdc3a22696945e0f490)
Signed-off-by: Steve Sakoman 
---
 .../mobile-broadband-provider-info_git.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
 
b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index e802bcee18..a4030b7b32 100644
--- 
a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ 
b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -5,8 +5,8 @@ SECTION = "network"
 LICENSE = "PD"
 LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
 
-SRCREV = "22a5de3ef637990ce03141f786fbdb327e9c5a3f"
-PV = "20221107"
+SRCREV = "aae7c68671d225e6d35224613d5b98192b9b2ffe"
+PV = "20230416"
 PE = "1"
 
 SRC_URI = 
"git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183565): 
https://lists.openembedded.org/g/openembedded-core/message/183565
Mute This Topic: https://lists.openembedded.org/mt/99831182/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 08/29] libxpm: upgrade 3.5.15 -> 3.5.16

2023-06-28 Thread Steve Sakoman 
From: Wang Mingyu 

Changelog:
===
test: skip compressed file tests when --disable-open-zfile is used
itlab CI: build with each of --enable-open-zfile & --disable-open-zfile
configure: correct error message to suggest --disable-open-zfile
Fix a memleak in ParsePixels error code path
Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
open-zfile: Make compress & uncompress commands optional
Require LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
test: Use PACKAGE_BUGREPORT instead of hard-coded URL's
test: Add simple test cases for functions in src/rgb.c
xpmReadRgbNames: constify filename argument
XpmCreateDataFromXpmImage: Fix misleading indentation
parse.c: Wrap FREE_CIDX definition in do { ... } while(0)
parse.c: remove unused function xstrlcpy()

Signed-off-by: Wang Mingyu 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit 4d9f0958eecdf683434d77a4f65611803cffd247)
Signed-off-by: Steve Sakoman 
---
 .../xorg-lib/{libxpm_3.5.15.bb => libxpm_3.5.16.bb}| 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
 rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.15.bb => libxpm_3.5.16.bb} 
(83%)

diff --git a/meta/recipes-graphics/xorg-lib/libxpm_3.5.15.bb 
b/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb
similarity index 83%
rename from meta/recipes-graphics/xorg-lib/libxpm_3.5.15.bb
rename to meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb
index 22e322a9eb..28a775c5f4 100644
--- a/meta/recipes-graphics/xorg-lib/libxpm_3.5.15.bb
+++ b/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb
@@ -23,7 +23,6 @@ PACKAGES =+ "sxpm cxpm"
 FILES:cxpm = "${bindir}/cxpm"
 FILES:sxpm = "${bindir}/sxpm"
 
-SRC_URI[md5sum] = "b3c58c94e284fd6940d3615e660a0007"
-SRC_URI[sha256sum] = 
"60bb906c5c317a6db863e39b69c4a83fdbd2ae2154fcf47640f8fefc9fdfd1c1"
+SRC_URI[sha256sum] = 
"e6bc5da7a69dbd9bcc67e87c93d4904fe2f5177a0711c56e71fa2f6eff649f51"
 
 BBCLASSEXTEND = "native"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183563): 
https://lists.openembedded.org/g/openembedded-core/message/183563
Mute This Topic: https://lists.openembedded.org/mt/99831175/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 09/29] xdpyinfo: upgrade 1.3.3 -> 1.3.4

2023-06-28 Thread Steve Sakoman 
From: Wang Mingyu 

Changelog:
=
configure: Make xf86misc support disabled by default
Variable scope reduction
Remove unnecessary downcast of double to float
Call memset() instead of hand-coding our own equivalent

Signed-off-by: Wang Mingyu 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit d87785189336a69ae998f75394ceaebf63decb16)
Signed-off-by: Steve Sakoman 
---
 .../xorg-app/{xdpyinfo_1.3.3.bb => xdpyinfo_1.3.4.bb}   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-graphics/xorg-app/{xdpyinfo_1.3.3.bb => xdpyinfo_1.3.4.bb} 
(88%)

diff --git a/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb 
b/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.4.bb
similarity index 88%
rename from meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb
rename to meta/recipes-graphics/xorg-app/xdpyinfo_1.3.4.bb
index e75a840b7d..aaa8aa8903 100644
--- a/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb
+++ b/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.4.bb
@@ -15,6 +15,6 @@ PE = "1"
 SRC_URI += "file://disable-xkb.patch"
 
 SRC_URI_EXT = "xz"
-SRC_URI[sha256sum] = 
"356d5fd62f3e98ee36d6becf1b32d4ab6112d618339fb4b592ccffbd9e0fc206"
+SRC_URI[sha256sum] = 
"a8ada581dbd7266440d7c3794fa89edf6b99b8857fc2e8c31042684f3af4822b"
 
 EXTRA_OECONF = "--disable-xkb"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183564): 
https://lists.openembedded.org/g/openembedded-core/message/183564
Mute This Topic: https://lists.openembedded.org/mt/99831180/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 07/29] fribidi: upgrade 1.0.12 -> 1.0.13

2023-06-28 Thread Steve Sakoman 
From: Wang Mingyu 

Changelog:
* Adding missing man pages to the tar release file.

Signed-off-by: Wang Mingyu 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit 0f6da8601fd4d992550e8afe7b09ba7c491250fd)
Signed-off-by: Steve Sakoman 
---
 .../fribidi/{fribidi_1.0.12.bb => fribidi_1.0.13.bb}| 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-support/fribidi/{fribidi_1.0.12.bb => fribidi_1.0.13.bb} 
(90%)

diff --git a/meta/recipes-support/fribidi/fribidi_1.0.12.bb 
b/meta/recipes-support/fribidi/fribidi_1.0.13.bb
similarity index 90%
rename from meta/recipes-support/fribidi/fribidi_1.0.12.bb
rename to meta/recipes-support/fribidi/fribidi_1.0.13.bb
index b29c47822f..cdcac9315b 100644
--- a/meta/recipes-support/fribidi/fribidi_1.0.12.bb
+++ b/meta/recipes-support/fribidi/fribidi_1.0.13.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=a916467b91076e631dd8edb7424769c7"
 
 SRC_URI = 
"https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.xz \
"
-SRC_URI[sha256sum] = 
"0cd233f97fc8c67bb3ac27ce8440def5d3ffacf516765b91c2cc654498293495"
+SRC_URI[sha256sum] = 
"7fa16c80c81bd622f7b198d31356da139cc318a63fc7761217af4130903f54a2"
 
 UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases;
 
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183562): 
https://lists.openembedded.org/g/openembedded-core/message/183562
Mute This Topic: https://lists.openembedded.org/mt/99831174/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 06/29] babeltrace2: upgrade 2.0.4 -> 2.0.5

2023-06-28 Thread Steve Sakoman 
From: Wang Mingyu 

Changelog:
==
 * bt2: honor build system compiler/linker preferences
 * Fix: clear_string_field(): set first character to 0
 * Fix: src.ctf.fs: Not resolving event common ctx
 * debug-info: fix -Wenum-int-mismatch problem in 
copy_field_class_content_internal
 * fix: pass exec-prefix to python bindings install
 * fix: document proper Bison version requirement
 * cli: use return value of g_string_free
 * babeltrace2-query(1): erroneous parameter used in example
 * Fix: tests: print real values in a fixed format
 * Fix: bt2: autodisc: remove thread error while inserting status in map
 * tests: src.ctf.fs: add test for metadata with invalid syntax
 * tests: shorten names of session-rotation trace
 * bt2: ignore -Wredundant-decls warning
 * ctf: fix -Wformat-overflow error in ctf-meta-resolve.cpp
 * ctf-writer: fix -Wformat-overflow errors in resolve.c
 * Fix: src.text.details: use write_uint_prop_value to handle unsigned values 
in write_int_range
 * Add `dev-requirements.txt` for pip
 * Fix: src.ctf.lttng-live: consider empty metadata packet as retry
 * Fix: ctf: wrongfully requiring CTF metadata signature for every section
 * Fix: src.ctf.lttng-live: session closed before any metadata is received
 * fix: obsolete warnings with autoconf >= 2.71
 * fix: explicitly disable '-Wsuggest-attribute=format'
 * fix: set stable branch in gitreview config
 * Fix: ctf-writer: list of reserved keywords
 * compiler warning cleanup: is_signed_type: compare -1 to 1
 * Update working version to Babeltrace 2.0.5

Signed-off-by: Wang Mingyu 
Signed-off-by: Alexandre Belloni 
(cherry picked from commit ae47b6c2a4bdee031d42687582049c15614faa6d)
Signed-off-by: Steve Sakoman 
---
 .../lttng/{babeltrace2_2.0.4.bb => babeltrace2_2.0.5.bb}| 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-kernel/lttng/{babeltrace2_2.0.4.bb => 
babeltrace2_2.0.5.bb} (98%)

diff --git a/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb 
b/meta/recipes-kernel/lttng/babeltrace2_2.0.5.bb
similarity index 98%
rename from meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb
rename to meta/recipes-kernel/lttng/babeltrace2_2.0.5.bb
index b48f07ea0d..146fe0b835 100644
--- a/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb
+++ b/meta/recipes-kernel/lttng/babeltrace2_2.0.5.bb
@@ -12,7 +12,7 @@ SRC_URI = 
"git://git.efficios.com/babeltrace.git;branch=stable-2.0 \
file://0001-tests-do-not-run-test-applications-from-.libs.patch \
file://0001-Make-manpages-multilib-identical.patch \
"
-SRCREV = "23e8cf4e6fdc1d0b230e964dafac08a57e6228e6"
+SRCREV = "66e76d1ea601705928899138f02730a3a2a3153d"
 UPSTREAM_CHECK_GITTAGREGEX = "v(?P2(\.\d+)+)$"
 
 S = "${WORKDIR}/git"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183561): 
https://lists.openembedded.org/g/openembedded-core/message/183561
Mute This Topic: https://lists.openembedded.org/mt/99831172/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 05/29] go: fix CVE-2023-29402

2023-06-28 Thread Steve Sakoman 
From: Archana Polampalli 

The go command may generate unexpected code at build time when using cgo.
This may result in unexpected behavior when running a go program which uses cgo.
This may occur when running an untrusted module which contains directories
with newline characters in their names. Modules which are retrieved using the go
command, i.e. via "go get", are not affected (modules retrieved using 
GOPATH-mode,
i.e. GO111MODULE=off, may be affected).

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29402

Upstream patches:
https://github.com/golang/go/commit/4dae3bbe0e6a5700037bb996ae84d6f457c4f58a

Signed-off-by: Archana Polampalli 
Signed-off-by: Steve Sakoman 
---
 meta/recipes-devtools/go/go-1.17.13.inc   |   1 +
 .../go/go-1.19/CVE-2023-29402.patch   | 194 ++
 2 files changed, 195 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-29402.patch

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc 
b/meta/recipes-devtools/go/go-1.17.13.inc
index 9af9eb2752..3365075fe5 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -34,6 +34,7 @@ SRC_URI += "\
 file://CVE-2023-24539.patch \
 file://CVE-2023-29404.patch \
 file://CVE-2023-29405.patch \
+file://CVE-2023-29402.patch \
 "
 SRC_URI[main.sha256sum] = 
"a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
 
diff --git a/meta/recipes-devtools/go/go-1.19/CVE-2023-29402.patch 
b/meta/recipes-devtools/go/go-1.19/CVE-2023-29402.patch
new file mode 100644
index 00..bf1fbbe0d6
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.19/CVE-2023-29402.patch
@@ -0,0 +1,194 @@
+From  4dae3bbe0e6a5700037bb996ae84d6f457c4f58a Mon Sep 17 00:00:00 2001
+From: Bryan C. Mills 
+Date: Fri, 12 May 2023 14:15:16 -0400
+Subject: [PATCH] cmd/go: disallow package directories containing newlines
+
+Directory or file paths containing newlines may cause tools (such as
+cmd/cgo) that emit "//line" or "#line" -directives to write part of
+the path into non-comment lines in generated source code. If those
+lines contain valid Go code, it may be injected into the resulting
+binary.
+
+(Note that Go import paths and file paths within module zip files
+already could not contain newlines.)
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Fixes #60167.
+Fixes CVE-2023-29402.
+
+Change-Id: I64572e9f454bce7b685d00e2e6a1c96cd33d53df
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1882606
+Reviewed-by: Roland Shoemaker 
+Run-TryBot: Roland Shoemaker 
+Reviewed-by: Russ Cox 
+Reviewed-by: Damien Neil 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501226
+Run-TryBot: David Chase 
+TryBot-Result: Gopher Robot 
+Reviewed-by: Michael Knyszek 
+
+Upstream-Status: Backport 
[https://github.com/golang/go/commit/4dae3bbe0e6a5700037bb996ae84d6f457c4f58a]
+CVE: CVE-2023-29402
+
+Signed-off-by: Archana Polampalli 
+---
+ src/cmd/go/internal/load/pkg.go   |   4 +
+ src/cmd/go/internal/work/exec.go  |   6 ++
+ src/cmd/go/script_test.go |   1 +
+ .../go/testdata/script/build_cwd_newline.txt  | 100 ++
+ 4 files changed, 111 insertions(+)
+ create mode 100644 src/cmd/go/testdata/script/build_cwd_newline.txt
+
+diff --git a/src/cmd/go/internal/load/pkg.go b/src/cmd/go/internal/load/pkg.go
+index a83cc9a..d4da86d 100644
+--- a/src/cmd/go/internal/load/pkg.go
 b/src/cmd/go/internal/load/pkg.go
+@@ -1897,6 +1897,10 @@ func (p *Package) load(ctx context.Context, opts 
PackageOpts, path string, stk *
+   setError(fmt.Errorf("invalid input directory name %q", name))
+   return
+   }
++  if strings.ContainsAny(p.Dir, "\r\n") {
++  setError(fmt.Errorf("invalid package directory %q", p.Dir))
++  return
++  }
+
+   // Build list of imported packages and full dependency list.
+   imports := make([]*Package, 0, len(p.Imports))
+diff --git a/src/cmd/go/internal/work/exec.go 
b/src/cmd/go/internal/work/exec.go
+index b35caa4..b1bf347 100644
+--- a/src/cmd/go/internal/work/exec.go
 b/src/cmd/go/internal/work/exec.go
+@@ -505,6 +505,12 @@ func (b *Builder) build(ctx context.Context, a *Action) 
(err error) {
+   b.Print(a.Package.ImportPath + "\n")
+   }
+
++  if p.Error != nil {
++  // Don't try to build anything for packages with errors. There 
may be a
++  // problem with the inputs that makes the package unsafe to 
build.
++  return p.Error
++  }
++
+   if a.Package.BinaryOnly {
+   p.Stale = true
+   p.StaleReason = "binary-only packages are no longer supported"
+diff --git a/src/cmd/go/script_test.go b/src/cmd/go/script_test.go
+index c0156d0..ce4ff37 100644
+--- a/src/cmd/go/script_test.go
 b/src/cmd/go/script_test.go
+@@ -182,6 +182,7 @@ func (ts *testScript) setup() {
+

[OE-core][kirkstone 04/29] ninja: ignore CVE-2021-4336, wrong ninja

2023-06-28 Thread Steve Sakoman 
From: Ross Burton 

(From OE-Core rev: c2dd2c13ff26c3f046e35a2f6b8afeb099ef422a)

Signed-off-by: Ross Burton 
Signed-off-by: Richard Purdie 
(cherry picked from commit 9a106486ad7900924a87c5869702903204a35b54)
Signed-off-by: virendra thakur 
Signed-off-by: Steve Sakoman 
---
 meta/recipes-devtools/ninja/ninja_1.10.2.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/ninja/ninja_1.10.2.bb 
b/meta/recipes-devtools/ninja/ninja_1.10.2.bb
index 7270321d6e..1509a54c9e 100644
--- a/meta/recipes-devtools/ninja/ninja_1.10.2.bb
+++ b/meta/recipes-devtools/ninja/ninja_1.10.2.bb
@@ -29,3 +29,6 @@ do_install() {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+# This is a different Ninja
+CVE_CHECK_IGNORE += "CVE-2021-4336"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183559): 
https://lists.openembedded.org/g/openembedded-core/message/183559
Mute This Topic: https://lists.openembedded.org/mt/99831169/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 03/29] libcap: CVE-2023-2602 Memory Leak on pthread_create() Error

2023-06-28 Thread Steve Sakoman 
From: Hitendra Prajapati 

Upstream-Status: Backport from 
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/patch/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb

Signed-off-by: Hitendra Prajapati 
Signed-off-by: Steve Sakoman 
---
 .../libcap/files/CVE-2023-2602.patch  | 45 +++
 meta/recipes-support/libcap/libcap_2.66.bb|  1 +
 2 files changed, 46 insertions(+)
 create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2602.patch

diff --git a/meta/recipes-support/libcap/files/CVE-2023-2602.patch 
b/meta/recipes-support/libcap/files/CVE-2023-2602.patch
new file mode 100644
index 00..1ad5aeb826
--- /dev/null
+++ b/meta/recipes-support/libcap/files/CVE-2023-2602.patch
@@ -0,0 +1,45 @@
+From bc6b36682f188020ee4770fae1d41bde5b2c97bb Mon Sep 17 00:00:00 2001
+From: "Andrew G. Morgan" 
+Date: Wed, 3 May 2023 19:18:36 -0700
+Subject: Correct the check of pthread_create()'s return value.
+
+This function returns a positive number (errno) on error, so the code
+wasn't previously freeing some memory in this situation.
+
+Discussion:
+
+  https://stackoverflow.com/a/3581020/14760867
+
+Credit for finding this bug in libpsx goes to David Gstir of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security
+audit of the libcap source code in April of 2023. The audit
+was sponsored by the Open Source Technology Improvement Fund
+(https://ostif.org/).
+
+Audit ref: LCAP-CR-23-01 (CVE-2023-2602)
+
+Signed-off-by: Andrew G. Morgan 
+
+Upstream-Status: Backport 
[https://git.kernel.org/pub/scm/libs/libcap/libcap.git/patch/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb]
+CVE: CVE-2023-2602
+Signed-off-by: Hitendra Prajapati 
+---
+ psx/psx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/psx/psx.c b/psx/psx.c
+index d9c0485..65eb2aa 100644
+--- a/psx/psx.c
 b/psx/psx.c
+@@ -516,7 +516,7 @@ int __wrap_pthread_create(pthread_t *thread, const 
pthread_attr_t *attr,
+ pthread_sigmask(SIG_BLOCK, , NULL);
+ 
+ int ret = __real_pthread_create(thread, attr, _psx_start_fn, starter);
+-if (ret == -1) {
++if (ret > 0) {
+   psx_new_state(_PSX_CREATE, _PSX_IDLE);
+   memset(starter, 0, sizeof(*starter));
+   free(starter);
+-- 
+2.25.1
+
diff --git a/meta/recipes-support/libcap/libcap_2.66.bb 
b/meta/recipes-support/libcap/libcap_2.66.bb
index c50e9d8cc7..d3189fb105 100644
--- a/meta/recipes-support/libcap/libcap_2.66.bb
+++ b/meta/recipes-support/libcap/libcap_2.66.bb
@@ -16,6 +16,7 @@ DEPENDS = "hostperl-runtime-native gperf-native"
 SRC_URI = 
"${KERNELORG_MIRROR}/linux/libs/security/linux-privs/${BPN}2/${BPN}-${PV}.tar.xz
 \

file://0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch \
file://0002-tests-do-not-run-target-executables.patch \
+   file://CVE-2023-2602.patch \
"
 SRC_URI:append:class-nativesdk = " \

file://0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch \
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183558): 
https://lists.openembedded.org/g/openembedded-core/message/183558
Mute This Topic: https://lists.openembedded.org/mt/99831168/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 02/29] go: fix CVE-2023-29405

2023-06-28 Thread Steve Sakoman 
From: Archana Polampalli 

The go command may execute arbitrary code at build time when using cgo.
This may occur when running "go get" on a malicious module, or when running
any other command which builds untrusted code. This is can by triggered by
linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing
embedded spaces are mishandled, allowing disallowed flags to be smuggled
through the LDFLAGS sanitization by including them in the argument of
another flag. This only affects usage of the gccgo compiler.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29405

Upstream patches:
https://github.com/golang/go/commit/6d8af00a630aa51134e54f0f321658621c6410f0

Signed-off-by: Archana Polampalli 
Signed-off-by: Steve Sakoman 
---
 meta/recipes-devtools/go/go-1.17.13.inc   |   1 +
 .../go/go-1.19/CVE-2023-29405.patch   | 109 ++
 2 files changed, 110 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-29405.patch

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc 
b/meta/recipes-devtools/go/go-1.17.13.inc
index 2c1febfe9c..9af9eb2752 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -33,6 +33,7 @@ SRC_URI += "\
 file://CVE-2023-24540.patch \
 file://CVE-2023-24539.patch \
 file://CVE-2023-29404.patch \
+file://CVE-2023-29405.patch \
 "
 SRC_URI[main.sha256sum] = 
"a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
 
diff --git a/meta/recipes-devtools/go/go-1.19/CVE-2023-29405.patch 
b/meta/recipes-devtools/go/go-1.19/CVE-2023-29405.patch
new file mode 100644
index 00..d806e1e67d
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.19/CVE-2023-29405.patch
@@ -0,0 +1,109 @@
+From 6d8af00a630aa51134e54f0f321658621c6410f0 Mon Sep 17 00:00:00 2001
+From: Ian Lance Taylor 
+Date: Thu, 4 May 2023 14:06:39 -0700
+Subject: [PATCH] cmd/go,cmd/cgo: in _cgo_flags use one line per flag
+
+The flags that we recorded in _cgo_flags did not use any quoting,
+so a flag containing embedded spaces was mishandled.
+Change the _cgo_flags format to put each flag on a separate line.
+That is a simple format that does not require any quoting.
+
+As far as I can tell only cmd/go uses _cgo_flags, and it is only
+used for gccgo. If this patch doesn't cause any trouble, then
+in the next release we can change to only using _cgo_flags for gccgo.
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Fixes #60306
+Fixes CVE-2023-29405
+
+Change-Id: I81fb5337db8a22e1f4daca22ceff4b79b96d0b4f
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1875094
+Reviewed-by: Damien Neil 
+Reviewed-by: Roland Shoemaker 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501224
+Reviewed-by: Ian Lance Taylor 
+Run-TryBot: David Chase 
+Reviewed-by: Michael Knyszek 
+Reviewed-by: Roland Shoemaker 
+TryBot-Result: Gopher Robot 
+
+Upstream-Status: Backport 
[https://github.com/golang/go/commit/6d8af00a630aa51134e54f0f321658621c6410f0]
+CVE: CVE-2023-29405
+
+Signed-off-by: Archana Polampalli 
+---
+ src/cmd/cgo/out.go|  4 +++-
+ src/cmd/go/internal/work/gccgo.go | 14 ++---
+ .../go/testdata/script/gccgo_link_ldflags.txt | 20 +++
+ 3 files changed, 29 insertions(+), 9 deletions(-)
+ create mode 100644 src/cmd/go/testdata/script/gccgo_link_ldflags.txt
+
+diff --git a/src/cmd/cgo/out.go b/src/cmd/cgo/out.go
+index 94152f4..62e6528 100644
+--- a/src/cmd/cgo/out.go
 b/src/cmd/cgo/out.go
+@@ -47,7 +47,9 @@ func (p *Package) writeDefs() {
+
+   fflg := creat(*objDir + "_cgo_flags")
+   for k, v := range p.CgoFlags {
+-  fmt.Fprintf(fflg, "_CGO_%s=%s\n", k, strings.Join(v, " "))
++  for _, arg := range v {
++  fmt.Fprintf(fflg, "_CGO_%s=%s\n", k, arg)
++  }
+   if k == "LDFLAGS" && !*gccgo {
+   for _, arg := range v {
+   fmt.Fprintf(fgo2, "//go:cgo_ldflag %q\n", arg)
+diff --git a/src/cmd/go/internal/work/gccgo.go 
b/src/cmd/go/internal/work/gccgo.go
+index 1499536..bb4be2f 100644
+--- a/src/cmd/go/internal/work/gccgo.go
 b/src/cmd/go/internal/work/gccgo.go
+@@ -283,14 +283,12 @@ func (tools gccgoToolchain) link(b *Builder, root 
*Action, out, importcfg string
+   const ldflagsPrefix = "_CGO_LDFLAGS="
+   for _, line := range strings.Split(string(flags), "\n") {
+   if strings.HasPrefix(line, ldflagsPrefix) {
+-  newFlags := 
strings.Fields(line[len(ldflagsPrefix):])
+-  for _, flag := range newFlags {
+-  // Every _cgo_flags file has -g and -O2 
in _CGO_LDFLAGS
+-  // but they don't mean anything to the 
linker so filter
+-  // them out.
+-

[OE-core][kirkstone 01/29] go: fix CVE-2023-29404

2023-06-28 Thread Steve Sakoman 
From: Archana Polampalli 

The go command may execute arbitrary code at build time when using cgo.
This may occur when running "go get" on a malicious module, or when running
any other command which builds untrusted code. This is can by triggered by
linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a
number of flags which are non-optional are incorrectly considered optional,
allowing disallowed flags to be smuggled through the LDFLAGS sanitization.
This affects usage of both the gc and gccgo compilers.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29404

Upstream patches:
https://github.com/golang/go/commit/bbeb55f5faf93659e1cfd6ab073ab3c9d126d195

Signed-off-by: Archana Polampalli 
Signed-off-by: Steve Sakoman 
---
 meta/recipes-devtools/go/go-1.17.13.inc   |  1 +
 .../go/go-1.19/CVE-2023-29404.patch   | 78 +++
 2 files changed, 79 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-29404.patch

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc 
b/meta/recipes-devtools/go/go-1.17.13.inc
index d430e0669d..2c1febfe9c 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -32,6 +32,7 @@ SRC_URI += "\
 file://CVE-2023-24538.patch \
 file://CVE-2023-24540.patch \
 file://CVE-2023-24539.patch \
+file://CVE-2023-29404.patch \
 "
 SRC_URI[main.sha256sum] = 
"a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
 
diff --git a/meta/recipes-devtools/go/go-1.19/CVE-2023-29404.patch 
b/meta/recipes-devtools/go/go-1.19/CVE-2023-29404.patch
new file mode 100644
index 00..c6beced884
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.19/CVE-2023-29404.patch
@@ -0,0 +1,78 @@
+From bbeb55f5faf93659e1cfd6ab073ab3c9d126d195 Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker 
+Date: Fri, 5 May 2023 13:10:34 -0700
+Subject: [PATCH] cmd/go: enforce flags with non-optional arguments
+
+Enforce that linker flags which expect arguments get them, otherwise it
+may be possible to smuggle unexpected flags through as the linker can
+consume what looks like a flag as an argument to a preceding flag (i.e.
+"-Wl,-O -Wl,-R,-bad-flag" is interpreted as "-O=-R -bad-flag"). Also be
+somewhat more restrictive in the general format of some flags.
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Fixes #60305
+Fixes CVE-2023-29404
+
+Change-Id: I913df78a692cee390deefc3cd7d8f5b031524fc9
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1876275
+Reviewed-by: Ian Lance Taylor 
+Reviewed-by: Damien Neil 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501225
+Run-TryBot: David Chase 
+Reviewed-by: Michael Knyszek 
+TryBot-Result: Gopher Robot 
+
+Upstream-Status: Backport 
[https://github.com/golang/go/commit/bbeb55f5faf93659e1cfd6ab073ab3c9d126d195]
+CVE: CVE-2023-29404
+
+Signed-off-by: Archana Polampalli 
+---
+ src/cmd/go/internal/work/security.go  | 6 +++---
+ src/cmd/go/internal/work/security_test.go | 5 +
+ 2 files changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/src/cmd/go/internal/work/security.go 
b/src/cmd/go/internal/work/security.go
+index e9b9f6c..91e6e4c 100644
+--- a/src/cmd/go/internal/work/security.go
 b/src/cmd/go/internal/work/security.go
+@@ -179,10 +179,10 @@ var validLinkerFlags = []*lazyregexp.Regexp{
+   re(`-Wl,-berok`),
+   re(`-Wl,-Bstatic`),
+   re(`-Wl,-Bsymbolic-functions`),
+-  re(`-Wl,-O([^@,\-][^,]*)?`),
++  re(`-Wl,-O[0-9]+`),
+   re(`-Wl,-d[ny]`),
+   re(`-Wl,--disable-new-dtags`),
+-  re(`-Wl,-e[=,][a-zA-Z0-9]*`),
++  re(`-Wl,-e[=,][a-zA-Z0-9]+`),
+   re(`-Wl,--enable-new-dtags`),
+   re(`-Wl,--end-group`),
+   re(`-Wl,--(no-)?export-dynamic`),
+@@ -191,7 +191,7 @@ var validLinkerFlags = []*lazyregexp.Regexp{
+   re(`-Wl,--hash-style=(sysv|gnu|both)`),
+   re(`-Wl,-headerpad_max_install_names`),
+   re(`-Wl,--no-undefined`),
+-  re(`-Wl,-R([^@\-][^,@]*$)`),
++  re(`-Wl,-R,?([^@\-,][^,@]*$)`),
+   re(`-Wl,--just-symbols[=,]([^,@\-][^,@]+)`),
+   re(`-Wl,-rpath(-link)?[=,]([^,@\-][^,]+)`),
+   re(`-Wl,-s`),
+diff --git a/src/cmd/go/internal/work/security_test.go 
b/src/cmd/go/internal/work/security_test.go
+index 8d4be0a..3616548 100644
+--- a/src/cmd/go/internal/work/security_test.go
 b/src/cmd/go/internal/work/security_test.go
+@@ -227,6 +227,11 @@ var badLinkerFlags = [][]string{
+   {"-Wl,-R,@foo"},
+   {"-Wl,--just-symbols,@foo"},
+   {"../x.o"},
++  {"-Wl,-R,"},
++  {"-Wl,-O"},
++  {"-Wl,-e="},
++  {"-Wl,-e,"},
++  {"-Wl,-R,-flag"},
+ }
+
+ func TestCheckLinkerFlags(t *testing.T) {
+--
+2.40.0
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183556): 
https://lists.openembedded.org/g/openembedded-core/message/183556
Mute This Topic: https://lists.openembedded.org/mt/99831166/21656
Group Owner:

[OE-core][kirkstone 00/29] Patch review

2023-06-28 Thread Steve Sakoman 
Please review this set of changes for kirkstone and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5530

The following changes since commit 7949e786cf8e50f716ff1f1c4797136637205e0c:

  build-appliance-image: Update to kirkstone head revision (2023-06-23 04:17:20 
-1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alexander Kanavin (5):
  maintaines.inc: unassign Richard Weinberger from erofs-utils entry
  maintainers.inc: unassign Andreas Müller from itstool entry
  maintainers.inc: unassign Pascal Bach from cmake entry
  maintainers.inc: correct unassigned entries
  maintainers.inc: correct Carlos Rafael Giani's email address

Archana Polampalli (3):
  go: fix CVE-2023-29404
  go: fix CVE-2023-29405
  go: fix CVE-2023-29402

Bruce Ashfield (5):
  linux-yocto/5.10: update to v5.10.182
  linux-yocto/5.10: update to v5.10.183
  linux-yocto/5.10: update to v5.10.184
  linux-yocto/5.10: update to v5.10.185
  linux-yocto/5.10: cfg: fix DECNET configuration warning

Frieder Schrempf (1):
  psmisc: Set ALTERNATIVE for pstree to resolve conflict with busybox

Hitendra Prajapati (1):
  libcap: CVE-2023-2602 Memory Leak on pthread_create() Error

Kai Kang (1):
  pm-utils: fix multilib conflictions

Marc Ferland (1):
  connman: fix warning by specifying runstatedir at configure time

Martin Jansa (2):
  minicom: remove unused patch files
  kmod: remove unused ptest.patch

Richard Purdie (2):
  selftest/license: Exclude from world
  layer.conf: Add missing dependency exclusion

Ross Burton (1):
  ninja: ignore CVE-2021-4336, wrong ninja

Sakib Sajal (1):
  blktrace: ask for python3 specifically

Wang Mingyu (5):
  babeltrace2: upgrade 2.0.4 -> 2.0.5
  fribidi: upgrade 1.0.12 -> 1.0.13
  libxpm: upgrade 3.5.15 -> 3.5.16
  xdpyinfo: upgrade 1.3.3 -> 1.3.4
  mobile-broadband-provider-info: upgrade 20221107 -> 20230416

Xiangyu Chen (1):
  dbus: upgrade 1.14.6 -> 1.14.8

 .../license/incompatible-license-alias.bb |   2 +
 .../license/incompatible-license.bb   |   2 +
 .../license/incompatible-licenses.bb  |   2 +
 .../license/incompatible-nonspdx-license.bb   |   2 +
 meta/conf/distro/include/maintainers.inc  |  18 +-
 meta/conf/layer.conf  |   1 +
 meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb   |   5 +-
 meta/recipes-connectivity/connman/connman.inc |   1 +
 .../mobile-broadband-provider-info_git.bb |   4 +-
 .../dbus/{dbus_1.14.6.bb => dbus_1.14.8.bb}   |   2 +-
 meta/recipes-devtools/go/go-1.17.13.inc   |   3 +
 .../go/go-1.19/CVE-2023-29402.patch   | 194 ++
 .../go/go-1.19/CVE-2023-29404.patch   |  78 +++
 .../go/go-1.19/CVE-2023-29405.patch   | 109 ++
 meta/recipes-devtools/ninja/ninja_1.10.2.bb   |   3 +
 ...erfluous-global-variable-definitions.patch |  35 
 ...erfluous-global-variable-definitions.patch |  37 
 ...erfluous-global-variable-definitions.patch |  42 
 meta/recipes-extended/psmisc/psmisc.inc   |   2 +
 .../{xdpyinfo_1.3.3.bb => xdpyinfo_1.3.4.bb}  |   2 +-
 .../{libxpm_3.5.15.bb => libxpm_3.5.16.bb}|   3 +-
 ...plot.py-Ask-for-python3-specifically.patch |  35 
 meta/recipes-kernel/blktrace/blktrace_git.bb  |   4 +-
 meta/recipes-kernel/kmod/kmod/ptest.patch |  25 ---
 .../linux/linux-yocto-rt_5.10.bb  |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb|   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 +--
 ...eltrace2_2.0.4.bb => babeltrace2_2.0.5.bb} |   2 +-
 .../{fribidi_1.0.12.bb => fribidi_1.0.13.bb}  |   2 +-
 .../libcap/files/CVE-2023-2602.patch  |  45 
 meta/recipes-support/libcap/libcap_2.66.bb|   1 +
 31 files changed, 522 insertions(+), 177 deletions(-)
 rename meta/recipes-core/dbus/{dbus_1.14.6.bb => dbus_1.14.8.bb} (98%)
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-29402.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-29404.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-29405.patch
 delete mode 100644 
meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch
 delete mode 100644 
meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch
 delete mode 100644 
meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch
 rename meta/recipes-graphics/xorg-app/{xdpyinfo_1.3.3.bb => xdpyinfo_1.3.4.bb} 
(88%)
 rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.15.bb => libxpm_3.5.16.bb} 
(83%)
 create mode 100644 
meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch
 delete mode 100644 meta/recipes-kernel/kmod/kmod/ptest.patch
 rename

[OE-core] [PATCH] ifupdown: install missing directories

2023-06-28 Thread Yi Zhao 
There are four directories in which scripts can be placed which will
always be run for any interface during certain phases of ifup and ifdown
commands:
/etc/network/if-pre-up.d/
/etc/network/if-up.d/
/etc/network/if-down.d/
/etc/network/if-post-down.d/

Even if there are no scripts in these directories, ifup and ifdown
commands will also search these directories by using run-parts command.

Install these directories to fix the following runtime errors:
$ cat /etc/network/interfaces
auto lo
iface lo inet loopback
$ ifdown lo
ifdown: interface lo not configured
$ ifup lo
run-parts: failed to open directory /etc/network/if-up.d: No such file or 
directory
ifup: failed to bring up lo

Signed-off-by: Yi Zhao 
---
 meta/recipes-core/ifupdown/ifupdown_0.8.41.bb | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb 
b/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb
index 5dbd6193b8..16425ea9e4 100644
--- a/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb
+++ b/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb
@@ -42,6 +42,11 @@ do_install () {
install -m 0644 ifup.8 ${D}${mandir}/man8
install -m 0644 interfaces.5 ${D}${mandir}/man5
cd ${D}${mandir}/man8 && ln -s ifup.8 ifdown.8
+
+   install -d ${D}${sysconfdir}/network/if-pre-up.d
+   install -d ${D}${sysconfdir}/network/if-up.d
+   install -d ${D}${sysconfdir}/network/if-down.d
+   install -d ${D}${sysconfdir}/network/if-post-down.d
 }
 
 do_install_ptest () {
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183554): 
https://lists.openembedded.org/g/openembedded-core/message/183554
Mute This Topic: https://lists.openembedded.org/mt/99830538/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 02/21] libxml2: update 2.10.4 -> 2.11.4

2023-06-28 Thread Khem Raj 
I wonder if this is the cause of failure for raptor2 and pidgin-sipe
as seen here

https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/2856/steps/14/logs/stdio

On Sun, Jun 25, 2023 at 11:22 PM Alexander Kanavin
 wrote:
>
> Drop backports.
>
> Drop libxml-64bit.patch
> (no longer necessary).
>
> Signed-off-by: Alexander Kanavin 
> ---
>  .../libxml/libxml2/fix-tests.patch| 222 --
>  .../libxml/libxml2/install-tests.patch|  17 +-
>  .../libxml/libxml2/libxml-64bit.patch |  28 ---
>  .../libxml2/libxml-m4-use-pkgconfig.patch | 212 -
>  .../{libxml2_2.10.4.bb => libxml2_2.11.4.bb}  |   5 +-
>  5 files changed, 8 insertions(+), 476 deletions(-)
>  delete mode 100644 meta/recipes-core/libxml/libxml2/fix-tests.patch
>  delete mode 100644 meta/recipes-core/libxml/libxml2/libxml-64bit.patch
>  delete mode 100644 
> meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
>  rename meta/recipes-core/libxml/{libxml2_2.10.4.bb => libxml2_2.11.4.bb} 
> (95%)
>
> diff --git a/meta/recipes-core/libxml/libxml2/fix-tests.patch 
> b/meta/recipes-core/libxml/libxml2/fix-tests.patch
> deleted file mode 100644
> index 80678efcfee..000
> --- a/meta/recipes-core/libxml/libxml2/fix-tests.patch
> +++ /dev/null
> @@ -1,222 +0,0 @@
> -Backport the following patches to fix the reader2 and runsuite test cases:
> -
> -b92768cd tests: Enable "runsuite" test
> -0ac8c15e python/tests/reader2: use absolute paths everywhere
> -b9ba5e1d python/tests/reader2: always exit(1) if a test fails
> -
> -Upstream-Status: Backport
> -Signed-off-by: Ross Burton 
> -
> -diff --git a/python/tests/reader2.py b/python/tests/reader2.py
> -index 65cecd47..6e6353b4 100755
>  a/python/tests/reader2.py
> -+++ b/python/tests/reader2.py
> -@@ -6,7 +6,6 @@
> - import sys
> - import glob
> - import os
> --import string
> - import libxml2
> - try:
> - import StringIO
> -@@ -20,103 +19,104 @@ libxml2.debugMemory(1)
> -
> - err = ""
> - basedir = os.path.dirname(os.path.realpath(__file__))
> --dir_prefix = os.path.join(basedir, "../../test/valid/")
> -+dir_prefix = os.path.realpath(os.path.join(basedir, "..", "..", "test", 
> "valid"))
> -+
> - # This dictionary reflects the contents of the files
> - # ../../test/valid/*.xml.err that are not empty, except that
> - # the file paths in the messages start with ../../test/
> -
> - expect = {
> - '766956':
> --"""../../test/valid/dtds/766956.dtd:2: parser error : PEReference: 
> expecting ';'
> -+"""{0}/dtds/766956.dtd:2: parser error : PEReference: expecting ';'
> - %ä%ent;
> -^
> --../../test/valid/dtds/766956.dtd:2: parser error : Content error in the 
> external subset
> -+{0}/dtds/766956.dtd:2: parser error : Content error in the external subset
> - %ä%ent;
> - ^
> - Entity: line 1:
> - value
> - ^
> --""",
> -+""".format(dir_prefix),
> - '781333':
> --"""../../test/valid/781333.xml:4: element a: validity error : Element a 
> content does not follow the DTD, expecting ( ..., got
> -+"""{0}/781333.xml:4: element a: validity error : Element a content does not 
> follow the DTD, expecting ( ..., got
> - 
> - ^
> --../../test/valid/781333.xml:5: element a: validity error : Element a 
> content does not follow the DTD, Expecting more child
> -+{0}/781333.xml:5: element a: validity error : Element a content does not 
> follow the DTD, Expecting more child
> -
> - ^
> --""",
> -+""".format(dir_prefix),
> - 'cond_sect2':
> --"""../../test/valid/dtds/cond_sect2.dtd:15: parser error : All markup of 
> the conditional section is not in the same entity
> -+"""{0}/dtds/cond_sect2.dtd:15: parser error : All markup of the conditional 
> section is not in the same entity
> - %ent;
> -  ^
> - Entity: line 1:
> - ]]>
> - ^
> --../../test/valid/dtds/cond_sect2.dtd:17: parser error : Content error in 
> the external subset
> -+{0}/dtds/cond_sect2.dtd:17: parser error : Content error in the external 
> subset
> -
> - ^
> --""",
> -+""".format(dir_prefix),
> - 'rss':
> --"""../../test/valid/rss.xml:177: element rss: validity error : Element rss 
> does not carry attribute version
> -+"""{0}/rss.xml:177: element rss: validity error : Element rss does not 
> carry attribute version
> - 
> -   ^
> --""",
> -+""".format(dir_prefix),
> - 't8':
> --"""../../test/valid/t8.xml:6: parser error : internal error: 
> xmlParseInternalSubset: error detected in Markup declaration
> -+"""{0}/t8.xml:6: parser error : internal error: xmlParseInternalSubset: 
> error detected in Markup declaration
> -
> - %defroot; %defmiddle; %deftest;
> -  ^
> - Entity: line 1:
> - !ELEMENT root (middle) >
> - ^
> --../../test/valid/t8.xml:6: parser error : internal error: 
> xmlParseInternalSubset: error detected in Markup declaration
> -+{0}/t8.xml:6: parser error : internal error: xmlParseInternalSubset: error 
> detected in Markup declaration
> -
> - %defroot; %defmiddle; %deftest;
> -  ^
>

[OE-core][master][PATCHv4] Flac: upgrade 1.4.2 -> 1.4.3

2023-06-28 Thread Siddharth 
From: Siddharth Doshi 

License-Update: URL fix

Remove PowerPC related options no longer supported upstream.

Signed-off-by: Siddharth Doshi 
---
 .../flac/{flac_1.4.2.bb => flac_1.4.3.bb} | 11 ---
 1 file changed, 4 insertions(+), 7 deletions(-)
 rename meta/recipes-multimedia/flac/{flac_1.4.2.bb => flac_1.4.3.bb} (76%)

diff --git a/meta/recipes-multimedia/flac/flac_1.4.2.bb 
b/meta/recipes-multimedia/flac/flac_1.4.3.bb
similarity index 76%
rename from meta/recipes-multimedia/flac/flac_1.4.2.bb
rename to meta/recipes-multimedia/flac/flac_1.4.3.bb
index d3ece3f3cf..d4e463cda5 100644
--- a/meta/recipes-multimedia/flac/flac_1.4.2.bb
+++ b/meta/recipes-multimedia/flac/flac_1.4.3.bb
@@ -5,15 +5,15 @@ BUGTRACKER = "https://github.com/xiph/flac/issues;
 SECTION = "libs"
 LICENSE = "GFDL-1.2 & GPL-2.0-or-later & LGPL-2.1-or-later & BSD-3-Clause"
 LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \
-
file://src/Makefile.am;beginline=1;endline=17;md5=146d2c8c2fd287545cc1bd81f31e8758
 \
+
file://src/Makefile.am;beginline=1;endline=17;md5=b1dab2704be7f01bfbd9b7f6d5f000a9
 \
 file://COPYING.GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
-
file://src/flac/main.c;beginline=1;endline=18;md5=893456854ce6bf14a1a7ea77266eebab
 \
+
file://src/flac/main.c;beginline=1;endline=18;md5=23099119c034d894bd1bf7ef5bd22101
 \
 file://COPYING.LGPL;md5=fbc093901857fcd118f065f900982c24 \
-file://COPYING.Xiph;md5=3d6da238b5b57a0965d6730291119f65 \
+file://COPYING.Xiph;md5=0c90e41ab2fa7e69ca9391330d870221 \
 
file://include/FLAC/all.h;beginline=65;endline=70;md5=39aaf5e03c7364363884c8b8ddda8eea"
 
 SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz;
-SRC_URI[sha256sum] = 
"e322d58a1f48d23d9dd38f432672865f6f79e73a6f9cc5a5f57fcaa83eb5a8e4"
+SRC_URI[sha256sum] = 
"6c58e69cd22348f441b861092b825e591d0b822e106de6eb0ee4d05d27205b70"
 
 CVE_PRODUCT = "libflac flac"
 
@@ -25,11 +25,8 @@ EXTRA_OECONF = "--disable-oggtest \
 "
 
 PACKAGECONFIG ??= " \
-${@bb.utils.filter("TUNE_FEATURES", "altivec vsx", d)} \
 ogg \
 "
-PACKAGECONFIG[altivec] = "--enable-altivec,--disable-altivec"
-PACKAGECONFIG[vsx] = "--enable-vsx,--disable-vsx"
 PACKAGECONFIG[avx] = "--enable-avx,--disable-avx"
 PACKAGECONFIG[ogg] = "--enable-ogg --with-ogg-libraries=${STAGING_LIBDIR} 
--with-ogg-includes=${STAGING_INCDIR},--disable-ogg,libogg"
 
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183552): 
https://lists.openembedded.org/g/openembedded-core/message/183552
Mute This Topic: https://lists.openembedded.org/mt/99830046/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell][PATCH] go: Backport fix CVE-2023-29405

2023-06-28 Thread Ashish Sharma 
Upstream-Status: Backport
[https://github.com/golang/go/commit/fa60c381ed06c12f9c27a7b50ca44c5f84f7f0f4
&
https://github.com/golang/go/commit/1008486a9ff979dbd21c7466eeb6abf378f9c637]

Signed-off-by: Ashish Sharma 
---
 meta/recipes-devtools/go/go-1.14.inc  |   2 +
 .../go/go-1.14/CVE-2023-29405-1.patch | 112 ++
 .../go/go-1.14/CVE-2023-29405-2.patch |  38 ++
 3 files changed, 152 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-2.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc 
b/meta/recipes-devtools/go/go-1.14.inc
index 1e0c3fab6fa..a185e0ff66e 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -67,6 +67,8 @@ SRC_URI += "\
 file://CVE-2023-24539.patch \
 file://CVE-2023-24540.patch \
 file://CVE-2023-29400.patch \
+file://CVE-2023-29405-1.patch \
+file://CVE-2023-29405-2.patch \
 "
 
 SRC_URI_append_libc-musl = " 
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch 
b/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
new file mode 100644
index 000..70d50cc08a4
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
@@ -0,0 +1,112 @@
+From fa60c381ed06c12f9c27a7b50ca44c5f84f7f0f4 Mon Sep 17 00:00:00 2001
+From: Ian Lance Taylor 
+Date: Thu, 4 May 2023 14:06:39 -0700
+Subject: [PATCH] [release-branch.go1.20] cmd/go,cmd/cgo: in _cgo_flags use one
+ line per flag
+
+The flags that we recorded in _cgo_flags did not use any quoting,
+so a flag containing embedded spaces was mishandled.
+Change the _cgo_flags format to put each flag on a separate line.
+That is a simple format that does not require any quoting.
+
+As far as I can tell only cmd/go uses _cgo_flags, and it is only
+used for gccgo. If this patch doesn't cause any trouble, then
+in the next release we can change to only using _cgo_flags for gccgo.
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Updates #60306
+Fixes #60514
+Fixes CVE-2023-29405
+
+Change-Id: I36b6e188a44c80d7b9573efa577c386770bd2ba3
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1875094
+Reviewed-by: Damien Neil 
+Reviewed-by: Roland Shoemaker 
+(cherry picked from commit bcdfcadd5612212089d958bc352a6f6c90742dcc)
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1902228
+Run-TryBot: Roland Shoemaker 
+TryBot-Result: Security TryBots 

+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1904345
+Reviewed-by: Michael Knyszek 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501220
+TryBot-Result: Gopher Robot 
+Run-TryBot: David Chase 
+Auto-Submit: Michael Knyszek 
+---
+Upstream-Status: Backport 
[https://github.com/golang/go/commit/fa60c381ed06c12f9c27a7b50ca44c5f84f7f0f4]
+CVE: CVE-2023-29405
+Signed-off-by: Ashish Sharma 
+
+ src/cmd/cgo/out.go|  4 +++-
+ src/cmd/go/internal/work/gccgo.go | 14 ++---
+ .../go/testdata/script/gccgo_link_ldflags.txt | 20 +++
+ 3 files changed, 29 insertions(+), 9 deletions(-)
+ create mode 100644 src/cmd/go/testdata/script/gccgo_link_ldflags.txt
+
+diff --git a/src/cmd/cgo/out.go b/src/cmd/cgo/out.go
+index d26f9e76a374a..d0c6fe3d4c2c2 100644
+--- a/src/cmd/cgo/out.go
 b/src/cmd/cgo/out.go
+@@ -47,7 +47,9 @@ func (p *Package) writeDefs() {
+ 
+   fflg := creat(*objDir + "_cgo_flags")
+   for k, v := range p.CgoFlags {
+-  fmt.Fprintf(fflg, "_CGO_%s=%s\n", k, strings.Join(v, " "))
++  for _, arg := range v {
++  fmt.Fprintf(fflg, "_CGO_%s=%s\n", arg)
++  }
+   if k == "LDFLAGS" && !*gccgo {
+   for _, arg := range v {
+   fmt.Fprintf(fgo2, "//go:cgo_ldflag %q\n", arg)
+diff --git a/src/cmd/go/internal/work/gccgo.go 
b/src/cmd/go/internal/work/gccgo.go
+index 08a4c2d8166c7..a048b7f4eecef 100644
+--- a/src/cmd/go/internal/work/gccgo.go
 b/src/cmd/go/internal/work/gccgo.go
+@@ -280,14 +280,12 @@ func (tools gccgoToolchain) link(b *Builder, root 
*Action, out, importcfg string
+   const ldflagsPrefix = "_CGO_LDFLAGS="
+   for _, line := range strings.Split(string(flags), "\n") {
+   if strings.HasPrefix(line, ldflagsPrefix) {
+-  newFlags := 
strings.Fields(line[len(ldflagsPrefix):])
+-  for _, flag := range newFlags {
+-  // Every _cgo_flags file has -g and -O2 
in _CGO_LDFLAGS
+-  // but they don't mean anything to the 
linker so filter
+-  // them out.
+-  if flag != "-g" &&

Re: [OE-core][master][PATCHv3] Flac: upgrade 1.4.2 -> 1.4.3

2023-06-28 Thread Richard Purdie 
On Wed, 2023-06-28 at 13:26 +0530, Siddharth wrote:
> From: Siddharth Doshi 
> 
> License-Update: URL fix
> 
> Remove PowerPC related options no longer supported upstream.
> 
> Signed-off-by: Siddharth Doshi 
> ---
>  .../flac/{flac_1.4.2.bb => flac_1.4.3.bb}| 12 +---
>  1 file changed, 5 insertions(+), 7 deletions(-)
>  rename meta/recipes-multimedia/flac/{flac_1.4.2.bb => flac_1.4.3.bb} (76%)
> 
> diff --git a/meta/recipes-multimedia/flac/flac_1.4.2.bb 
> b/meta/recipes-multimedia/flac/flac_1.4.3.bb
> similarity index 76%
> rename from meta/recipes-multimedia/flac/flac_1.4.2.bb
> rename to meta/recipes-multimedia/flac/flac_1.4.3.bb
> index d3ece3f3cf..badb43db89 100644
> --- a/meta/recipes-multimedia/flac/flac_1.4.2.bb
> +++ b/meta/recipes-multimedia/flac/flac_1.4.3.bb
> @@ -5,15 +5,15 @@ BUGTRACKER = "https://github.com/xiph/flac/issues;
>  SECTION = "libs"
>  LICENSE = "GFDL-1.2 & GPL-2.0-or-later & LGPL-2.1-or-later & BSD-3-Clause"
>  LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \
> -
> file://src/Makefile.am;beginline=1;endline=17;md5=146d2c8c2fd287545cc1bd81f31e8758
>  \
> +
> file://src/Makefile.am;beginline=1;endline=17;md5=b1dab2704be7f01bfbd9b7f6d5f000a9
>  \
>  file://COPYING.GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
> -
> file://src/flac/main.c;beginline=1;endline=18;md5=893456854ce6bf14a1a7ea77266eebab
>  \
> +
> file://src/flac/main.c;beginline=1;endline=18;md5=23099119c034d894bd1bf7ef5bd22101
>  \
>  file://COPYING.LGPL;md5=fbc093901857fcd118f065f900982c24 
> \
> -file://COPYING.Xiph;md5=3d6da238b5b57a0965d6730291119f65 
> \
> +file://COPYING.Xiph;md5=0c90e41ab2fa7e69ca9391330d870221 
> \
>  
> file://include/FLAC/all.h;beginline=65;endline=70;md5=39aaf5e03c7364363884c8b8ddda8eea"
>  
>  SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz;
> -SRC_URI[sha256sum] = 
> "e322d58a1f48d23d9dd38f432672865f6f79e73a6f9cc5a5f57fcaa83eb5a8e4"
> +SRC_URI[sha256sum] = 
> "6c58e69cd22348f441b861092b825e591d0b822e106de6eb0ee4d05d27205b70"
>  
>  CVE_PRODUCT = "libflac flac"
>  
> @@ -25,11 +25,9 @@ EXTRA_OECONF = "--disable-oggtest \
>  "
>  
>  PACKAGECONFIG ??= " \
> -${@bb.utils.filter("TUNE_FEATURES", "altivec vsx", d)} \
> +${@bb.utils.filter("TUNE_FEATURES", " ", d)} \

If vsx and altivec are no longer needed, you should remove that line
entirely as it is pointless if it is empty.

The reason you didn't see an issue in testing is that you probably
didn't try MACHINE=qemuppc which uses altivec.

Cheers,

Richard


>  ogg \
>  "
> -PACKAGECONFIG[altivec] = "--enable-altivec,--disable-altivec"
> -PACKAGECONFIG[vsx] = "--enable-vsx,--disable-vsx"
>  PACKAGECONFIG[avx] = "--enable-avx,--disable-avx"
>  PACKAGECONFIG[ogg] = "--enable-ogg --with-ogg-libraries=${STAGING_LIBDIR} 
> --with-ogg-includes=${STAGING_INCDIR},--disable-ogg,libogg"
>  
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183550): 
https://lists.openembedded.org/g/openembedded-core/message/183550
Mute This Topic: https://lists.openembedded.org/mt/99826072/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] efivar: Upgrade to tip of trunk

2023-06-28 Thread Alexander Kanavin 
On Mon, 12 Jun 2023 at 03:41, Khem Raj  wrote:
> +PV .= "+39+git${SRCPV}"

This broke upstream version check :(
"+39" isn't necessary here, "+git${SRCPV}" would have ensured
monotonic increase from 38.

Alex

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183549): 
https://lists.openembedded.org/g/openembedded-core/message/183549
Mute This Topic: https://lists.openembedded.org/mt/99474797/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [PATCH] [OE-core] [PATCH] gettext: upgrade 0.21.1 -> 0.22

2023-06-28 Thread wangmy 
Sorry, I didn't notice that the files in the minimal directory need to be 
updated based on the source code. 
Please ignore this patch and I will investigate before considering whether to 
resubmit it.

  --
Best Regards
---
Wang Mingyu
Development Dept.I
Nanjing Fujitsu Nanda Software Tech. Co., Ltd.(FNST) No. 6 Wenzhu Road, 
Nanjing, 210012, China
TEL: +86+25-86630566-8568
COINS: 79988548
FAX: +86+25-83317685
MAIL: wan...@fujitsu.com
http://www.fujitsu.com/cn/fnst/

> -Original Message-
> From: Richard Purdie 
> Sent: Tuesday, June 27, 2023 10:25 PM
> To: Wang, Mingyu/王 鸣瑜 ;
> openembedded-core@lists.openembedded.org
> Subject: Re: [PATCH] [OE-core] [PATCH] gettext: upgrade 0.21.1 -> 0.22
> 
> On Tue, 2023-06-27 at 15:17 +0800, wangmy wrote:
> > From: Wang Mingyu 
> >
> > Changelog:
> > ===
> > * PO file format:
> >   - When a #: line contains references to file names that contain spaces,
> > these file names are surrounded by Unicode characters U+2068 and
> U+2069.
> > This makes it possible to parse such references correctly.
> >
> > * Improvements for maintainers:
> >   - The AM_GNU_GETTEXT macro now defines two variables localedir_c and
> > localedir_c_make, that can be used in C code or in Makefiles,
> > respectively, for representing the value of the --localedir configure
> > option.
> >
> > * Programming languages support:
> >   - C, C++:
> > o xgettext now supports gettext-like functions that take wide strings
> >   (of type 'const wchar_t *', 'const char16_t *', or 'const char32_t *')
> >   as arguments.
> > o xgettext now recognizes numbers with digit separators, as defined by
> >   ISO C 23, as tokens.
> > o xgettext and msgfmt now recognize the format string directive %b
> >   (for binary integer output, as defined by ISO C 23) in format strings.
> > o xgettext and msgfmt now recognize the argument size specifiers
> >   w8, w16, w32, w64, wf8, wf16, wf32, wf64 (as defined by ISO C 23)
> >   in format strings.
> > o xgettext and msgfmt now recognize C++ format strings, as defined by
> >   ISO C++ 20.  They are marked as 'c++-format' in POT and PO files.
> >   A new example has been added, 'hello-c++20', that illustrates how
> >   to use these format strings with gettext.
> >   - Java:
> > o The build system and tools now also support Java versions newer than
> >   Java 11. This is known to work up to Java 20, at least. On the other
> >   hand, support for old versions of Java (Java 1.5 and GCJ) has been
> >   dropped.
> >   - Tcl: xgettext now supports the \x, \u, and \U escapes as defined in
> > Tcl 8.6.
> >
> > * Portability:
> >   - On systems with musl libc, the *gettext() functions in libc now work
> > with MO files generated from PO files with an encoding other than
> UTF-8.
> > To this effect, the msgfmt program now converts the messages to UTF-8
> > encoding before storing them in a MO file.  You can prevent this by
> > using the msgfmt --no-convert option.
> >   - On systems with musl libc, the *gettext() functions in libc now work
> > with MO files generated from PO files with ISO C 99  format
> > string directive macros.  To this effect, the msgfmt program
> pre-expands
> > strings with such macros.  You can prevent this by using the msgfmt
> > --no-redundancy option.
> >
> > * xgettext:
> >   - The xgettext option '--sorted-output' is now deprecated.
> >   - xgettext input files of type PO that are not all ASCII and not UTF-8
> > encoded are now handled correctly.
> >
> > * The base Unicode standard is now updated to 15.0.0.
> >
> > * Emacs PO mode:
> >   Fix an incompatibility with Emacs version 29 or newer.
> >
> >
> > Signed-off-by: Wang Mingyu 
> > ---
> >  .../0001-init-env.in-do-not-add-C-CXX-parameters.patch  | 0
> >  .../0001-tests-autopoint-3-unset-MAKEFLAGS.patch| 0
> >  .../gettext/{gettext-0.21.1 => gettext-0.22}/parallel.patch | 0
> >  .../gettext/{gettext-0.21.1 => gettext-0.22}/run-ptest  | 0
> >  .../{gettext-0.21.1 => gettext-0.22}/serial-tests-config.patch  | 0
> >  .../{gettext-0.21.1 => gettext-0.22}/use-pkgconfig.patch| 0
> >  .../{gettext-minimal-0.21.1 => gettext-minimal-0.22}/COPYING| 0
> >  .../Makefile.in.in  |
> 0
> >  .../aclocal/gettext.m4  |
> 0
> >  .../aclocal/host-cpu-c-abi.m4   | 0
> >  .../aclocal/iconv.m4|
> 0
> >  .../aclocal/intlmacosx.m4   |
> 0
> >  .../aclocal/lib-ld.m4   | 0
> >  .../aclocal/lib-link.m4 | 0
> >  .../aclocal/lib-prefix.m4   | 0
> >  .../aclocal/nls.m4

[OE-core][master][PATCHv3] Flac: upgrade 1.4.2 -> 1.4.3

2023-06-28 Thread Siddharth 
From: Siddharth Doshi 

License-Update: URL fix

Remove PowerPC related options no longer supported upstream.

Signed-off-by: Siddharth Doshi 
---
 .../flac/{flac_1.4.2.bb => flac_1.4.3.bb}| 12 +---
 1 file changed, 5 insertions(+), 7 deletions(-)
 rename meta/recipes-multimedia/flac/{flac_1.4.2.bb => flac_1.4.3.bb} (76%)

diff --git a/meta/recipes-multimedia/flac/flac_1.4.2.bb 
b/meta/recipes-multimedia/flac/flac_1.4.3.bb
similarity index 76%
rename from meta/recipes-multimedia/flac/flac_1.4.2.bb
rename to meta/recipes-multimedia/flac/flac_1.4.3.bb
index d3ece3f3cf..badb43db89 100644
--- a/meta/recipes-multimedia/flac/flac_1.4.2.bb
+++ b/meta/recipes-multimedia/flac/flac_1.4.3.bb
@@ -5,15 +5,15 @@ BUGTRACKER = "https://github.com/xiph/flac/issues;
 SECTION = "libs"
 LICENSE = "GFDL-1.2 & GPL-2.0-or-later & LGPL-2.1-or-later & BSD-3-Clause"
 LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \
-
file://src/Makefile.am;beginline=1;endline=17;md5=146d2c8c2fd287545cc1bd81f31e8758
 \
+
file://src/Makefile.am;beginline=1;endline=17;md5=b1dab2704be7f01bfbd9b7f6d5f000a9
 \
 file://COPYING.GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
-
file://src/flac/main.c;beginline=1;endline=18;md5=893456854ce6bf14a1a7ea77266eebab
 \
+
file://src/flac/main.c;beginline=1;endline=18;md5=23099119c034d894bd1bf7ef5bd22101
 \
 file://COPYING.LGPL;md5=fbc093901857fcd118f065f900982c24 \
-file://COPYING.Xiph;md5=3d6da238b5b57a0965d6730291119f65 \
+file://COPYING.Xiph;md5=0c90e41ab2fa7e69ca9391330d870221 \
 
file://include/FLAC/all.h;beginline=65;endline=70;md5=39aaf5e03c7364363884c8b8ddda8eea"
 
 SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz;
-SRC_URI[sha256sum] = 
"e322d58a1f48d23d9dd38f432672865f6f79e73a6f9cc5a5f57fcaa83eb5a8e4"
+SRC_URI[sha256sum] = 
"6c58e69cd22348f441b861092b825e591d0b822e106de6eb0ee4d05d27205b70"
 
 CVE_PRODUCT = "libflac flac"
 
@@ -25,11 +25,9 @@ EXTRA_OECONF = "--disable-oggtest \
 "
 
 PACKAGECONFIG ??= " \
-${@bb.utils.filter("TUNE_FEATURES", "altivec vsx", d)} \
+${@bb.utils.filter("TUNE_FEATURES", " ", d)} \
 ogg \
 "
-PACKAGECONFIG[altivec] = "--enable-altivec,--disable-altivec"
-PACKAGECONFIG[vsx] = "--enable-vsx,--disable-vsx"
 PACKAGECONFIG[avx] = "--enable-avx,--disable-avx"
 PACKAGECONFIG[ogg] = "--enable-ogg --with-ogg-libraries=${STAGING_LIBDIR} 
--with-ogg-includes=${STAGING_INCDIR},--disable-ogg,libogg"
 
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183547): 
https://lists.openembedded.org/g/openembedded-core/message/183547
Mute This Topic: https://lists.openembedded.org/mt/99826072/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [master][PATCHv2] Upgrade flac 1.4.2 -> 1.4.3

2023-06-28 Thread Siddharth 
That's quite strange as I didn't came across any warnings in my build 
environment.

However, i have removed from Packageconfig (which ideally i should have noticed 
while submitting the first version itself) in v3 and we should be all set to go.

Regards,
Siddharth

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183546): 
https://lists.openembedded.org/g/openembedded-core/message/183546
Mute This Topic: https://lists.openembedded.org/mt/99803775/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell][PATCH] libcap: backport Debian patches to fix CVE-2023-2602 and CVE-2023-2603

2023-06-28 Thread Vijay Anusuri 
From: Vijay Anusuri 

import patches from ubuntu to fix
 CVE-2023-2602
 CVE-2023-2603

Upstream-Status: Backport [import from ubuntu 
https://git.launchpad.net/ubuntu/+source/libcap2/tree/debian/patches?h=ubuntu/focal-security
Upstream commit
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb
&
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18]

Signed-off-by: Vijay Anusuri 
---
 .../libcap/files/CVE-2023-2602.patch  | 52 +
 .../libcap/files/CVE-2023-2603.patch  | 58 +++
 meta/recipes-support/libcap/libcap_2.32.bb|  2 +
 3 files changed, 112 insertions(+)
 create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2602.patch
 create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch

diff --git a/meta/recipes-support/libcap/files/CVE-2023-2602.patch 
b/meta/recipes-support/libcap/files/CVE-2023-2602.patch
new file mode 100644
index 00..ca04d7297a
--- /dev/null
+++ b/meta/recipes-support/libcap/files/CVE-2023-2602.patch
@@ -0,0 +1,52 @@
+Backport of:
+
+From bc6b36682f188020ee4770fae1d41bde5b2c97bb Mon Sep 17 00:00:00 2001
+From: "Andrew G. Morgan" 
+Date: Wed, 3 May 2023 19:18:36 -0700
+Subject: Correct the check of pthread_create()'s return value.
+
+This function returns a positive number (errno) on error, so the code
+wasn't previously freeing some memory in this situation.
+
+Discussion:
+
+  https://stackoverflow.com/a/3581020/14760867
+
+Credit for finding this bug in libpsx goes to David Gstir of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security
+audit of the libcap source code in April of 2023. The audit
+was sponsored by the Open Source Technology Improvement Fund
+(https://ostif.org/).
+
+Audit ref: LCAP-CR-23-01 (CVE-2023-2602)
+
+Signed-off-by: Andrew G. Morgan 
+
+Upstream-Status: Backport [import from ubuntu 
https://git.launchpad.net/ubuntu/+source/libcap2/tree/debian/patches/CVE-2023-2602.patch?h=ubuntu/focal-security
+Upstream commit 
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb]
+CVE: CVE-2023-2602
+Signed-off-by: Vijay Anusuri 
+---
+ psx/psx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libcap/psx.c
 b/libcap/psx.c
+@@ -272,7 +272,7 @@ int psx_pthread_create(pthread_t *thread
+ 
+ psx_wait_for_idle();
+ int ret = pthread_create(thread, attr, start_routine, arg);
+-if (ret != -1) {
++if (ret == 0) {
+   psx_do_registration(*thread);
+ }
+ psx_resume_idle();
+@@ -287,7 +287,7 @@ int __wrap_pthread_create(pthread_t *thr
+ void *(*start_routine) (void *), void *arg) {
+ psx_wait_for_idle();
+ int ret = __real_pthread_create(thread, attr, start_routine, arg);
+-if (ret != -1) {
++if (ret == 0) {
+   psx_do_registration(*thread);
+ }
+ psx_resume_idle();
diff --git a/meta/recipes-support/libcap/files/CVE-2023-2603.patch 
b/meta/recipes-support/libcap/files/CVE-2023-2603.patch
new file mode 100644
index 00..cf86ac2a46
--- /dev/null
+++ b/meta/recipes-support/libcap/files/CVE-2023-2603.patch
@@ -0,0 +1,58 @@
+Backport of:
+
+From 422bec25ae4a1ab03fd4d6f728695ed279173b18 Mon Sep 17 00:00:00 2001
+From: "Andrew G. Morgan" 
+Date: Wed, 3 May 2023 19:44:22 -0700
+Subject: Large strings can confuse libcap's internal strdup code.
+
+Avoid something subtle with really long strings: 1073741823 should
+be enough for anybody. This is an improved fix over something attempted
+in libcap-2.55 to address some static analysis findings.
+
+Reviewing the library, cap_proc_root() and cap_launcher_set_chroot()
+are the only two calls where the library is potentially exposed to a
+user controlled string input.
+
+Credit for finding this bug in libcap goes to Richard Weinberger of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security audit
+of the libcap source code in April of 2023. The audit was sponsored
+by the Open Source Technology Improvement Fund (https://ostif.org/).
+
+Audit ref: LCAP-CR-23-02 (CVE-2023-2603)
+
+Signed-off-by: Andrew G. Morgan 
+
+Upstream-Status: Backport [import from ubuntu 
https://git.launchpad.net/ubuntu/+source/libcap2/tree/debian/patches/CVE-2023-2603.patch?h=ubuntu/focal-security
+Upstream commit 
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18]
+CVE: CVE-2023-2603
+Signed-off-by: Vijay Anusuri 
+---
+ libcap/cap_alloc.c | 12 +++-
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+--- a/libcap/cap_alloc.c
 b/libcap/cap_alloc.c
+@@ -76,13 +76,22 @@ cap_t cap_init(void)
+ char *_libcap_strdup(const char *old)
+ {
+ __u32 *raw_data;
++size_t len;
+ 
+ if (old == NULL) {
+   errno = EINVAL;
+   return NULL;
+ }
+ 
+-raw_data = malloc( sizeof(__u32) + strlen(old) + 1 );
++len = strlen(old);
++if

[OE-core] [PATCH] recipetool: Fix inherit in created -native* recipes

2023-06-28 Thread Yoann Congal 
native and nativesdk classes are special and must be inherited last :
put them at the end of the gathered classes to inherit.

Signed-off-by: Yoann Congal 
---
 scripts/lib/recipetool/create.py | 4 
 1 file changed, 4 insertions(+)

diff --git a/scripts/lib/recipetool/create.py b/scripts/lib/recipetool/create.py
index 824ac6350d..e99e0714bf 100644
--- a/scripts/lib/recipetool/create.py
+++ b/scripts/lib/recipetool/create.py
@@ -745,6 +745,10 @@ def create_recipe(args):
 for handler in handlers:
 handler.process(srctree_use, classes, lines_before, lines_after, 
handled, extravalues)
 
+# native and nativesdk classes are special and must be inherited last
+# If present, put them at the end of the classes list
+classes.sort(key=lambda c: c in ("native", "nativesdk"))
+
 extrafiles = extravalues.pop('extrafiles', {})
 extra_pn = extravalues.pop('PN', None)
 extra_pv = extravalues.pop('PV', None)
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183544): 
https://lists.openembedded.org/g/openembedded-core/message/183544
Mute This Topic: https://lists.openembedded.org/mt/99825622/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] oeqa/selftest/devtool: add unit test for "devtool add -b"

2023-06-28 Thread Yoann Congal 
From: Fawzi KHABER 

Fix [Yocto #15085]

Signed-off-by: Fawzi KHABER 
Signed-off-by: Yoann Congal 
---
 meta/lib/oeqa/selftest/cases/devtool.py | 23 +++
 1 file changed, 23 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/devtool.py 
b/meta/lib/oeqa/selftest/cases/devtool.py
index 4c8e375d00..c5ed8f5720 100644
--- a/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/meta/lib/oeqa/selftest/cases/devtool.py
@@ -366,6 +366,29 @@ class DevtoolAddTests(DevtoolBase):
 bindir = bindir[1:]
 self.assertTrue(os.path.isfile(os.path.join(installdir, bindir, 
'pv')), 'pv binary not found in D')
 
+def test_devtool_add_binary(self):
+# Test "devtool add -b" with an arbitrary binary package from Yocto 
mirrors
+pn = 'pvr-bin-cdv-devel'
+pv = '1.0.3-1.1'
+url = 
'http://downloads.yoctoproject.org/mirror/sources/pvr-bin-cdv-devel-1.0.3-1.1.i586.rpm'
+
+self.track_for_cleanup(self.workspacedir)
+self.add_command_to_tearDown('bitbake -c cleansstate %s' % pn)
+self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+
+# Test devtool add -b
+result = runCmd('devtool add  -b %s %s' % (pn, url))
+self.assertExists(os.path.join(self.workspacedir, 'conf', 
'layer.conf'), 'Workspace directory not created')
+
+# Test devtool build
+result = runCmd('devtool build %s' % pn)
+bb_vars = get_bb_vars(['D', 'bindir'], pn)
+installdir = bb_vars['D']
+self.assertTrue(installdir, 'Could not query installdir variable')
+
+# Check that a known file from the binary package has indeed been 
installed
+self.assertTrue(os.path.isfile(os.path.join(installdir, 'usr', 
'include', 'EGL', 'egl.h')), 'egl.h not found in D')
+
 def test_devtool_add_git_local(self):
 # We need dbus built so that DEPENDS recognition works
 bitbake('dbus')
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183543): 
https://lists.openembedded.org/g/openembedded-core/message/183543
Mute This Topic: https://lists.openembedded.org/mt/99825616/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] uninative: call patchelf-uninative only when needed

2023-06-28 Thread Martin Jansa 
On Fri, Jun 23, 2023 at 12:18 PM Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:

> On Fri, 2023-06-23 at 11:33 +0200, Martin Jansa wrote:
> > mke2fs.real, mkfs.ext2.real, mkfs.ext3.real, mkfs.ext4.real are
> indentical
> > binary with multiple hardlinks and we end calling patchelf-uninative 4
> > times even when the interpreter is already set correctly from the build
> >
> > To avoid corrupted binaries created by patchelf-0.18.0 when
> set-interpreter
> > is called multiple times (on some systems like ubuntu-18.04 this leads to
> > segfaults elsewhere just ldd complains that the executable is no longer
> > dynamically linked, but doesn't fail when executed).
> >
> > The issue was reported upstream with mkfs.ext4.real as possible
> reproducer:
> > https://github.com/NixOS/patchelf/issues/492#issuecomment-1602862272
> > alternatively we can revert
> >
> https://github.com/NixOS/patchelf/commit/65cdee904431d16668f95d816a495bc35a05a192
> > and create new uninative release with update patchelf-uninative, but
> > better to wait a bit for upstream to have a look and possibly backport
> > proper fix later, until then this change fixes the mkfs.ext4 issues I was
> > seeing in kirkstone, mickledore, nanbield since uninative-3.9 upgrade, as
> > reported in:
> > https://lists.openembedded.org/g/openembedded-core/message/182862
> >
> > Signed-off-by: Martin Jansa 
> > ---
> >  meta/classes-global/uninative.bbclass | 11 ---
> >  1 file changed, 8 insertions(+), 3 deletions(-)
> >
> > diff --git a/meta/classes-global/uninative.bbclass
> b/meta/classes-global/uninative.bbclass
> > index 366f7ac793..b54acdd542 100644
> > --- a/meta/classes-global/uninative.bbclass
> > +++ b/meta/classes-global/uninative.bbclass
> > @@ -175,7 +175,12 @@ python uninative_changeinterp () {
> >  if not elf.isDynamic():
> >  continue
> >
> > -os.chmod(f, s[stat.ST_MODE] | stat.S_IWUSR)
> > -subprocess.check_output(("patchelf-uninative",
> "--set-interpreter", d.getVar("UNINATIVE_LOADER"), f),
> stderr=subprocess.STDOUT)
> > -os.chmod(f, s[stat.ST_MODE])
> > +current = subprocess.check_output(("patchelf-uninative",
> "--print-interpreter", f),
> stderr=subprocess.STDOUT).decode('utf-8').split('\n')[0]
> > +if current != d.getVar("UNINATIVE_LOADER"):
> > +bb.debug(2, "Changing interpreter from %s to %s with
> %s" % (current, d.getVar("UNINATIVE_LOADER"), ("patchelf-uninative",
> "--set-interpreter", d.getVar("UNINATIVE_LOADER"), f)))
> > +os.chmod(f, s[stat.ST_MODE] | stat.S_IWUSR)
> > +subprocess.check_output(("patchelf-uninative",
> "--set-interpreter", d.getVar("UNINATIVE_LOADER"), f),
> stderr=subprocess.STDOUT)
> > +os.chmod(f, s[stat.ST_MODE])
> > +else:
> > +bb.debug(2, "Interpreter was already set to %s in %s" %
> (d.getVar("UNINATIVE_LOADER"), f))
> >  }
>
> I know why you've done it this way but ideally we should make patchelf
> handle this internally? It would be nice to avoid fork calls if we can
> in the long run.
>

yes, but that would require new uninative tarball to be built and applied
in master, mickledore, kirkstone, dunfell, so I was waiting for feedback
from upstream first before changing patchelf and using this as work around
to be able to use uninative 3.9 and 4.0 until patchelf is fixed properly.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183542): 
https://lists.openembedded.org/g/openembedded-core/message/183542
Mute This Topic: https://lists.openembedded.org/mt/99715032/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone][PATCH] go: fix CVE-2023-29400 html/template improper handling of empty HTML attributes

2023-06-28 Thread vkumbhar 
Signed-off-by: Vivek Kumbhar 
---
 meta/recipes-devtools/go/go-1.17.13.inc   |  1 +
 .../go/go-1.18/CVE-2023-29400.patch   | 99 +++
 2 files changed, 100 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-29400.patch

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc 
b/meta/recipes-devtools/go/go-1.17.13.inc
index 3365075fe5..73921852fc 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -35,6 +35,7 @@ SRC_URI += "\
 file://CVE-2023-29404.patch \
 file://CVE-2023-29405.patch \
 file://CVE-2023-29402.patch \
+file://CVE-2023-29400.patch \
 "
 SRC_URI[main.sha256sum] = 
"a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
 
diff --git a/meta/recipes-devtools/go/go-1.18/CVE-2023-29400.patch 
b/meta/recipes-devtools/go/go-1.18/CVE-2023-29400.patch
new file mode 100644
index 00..04bd1f5fec
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.18/CVE-2023-29400.patch
@@ -0,0 +1,99 @@
+From 9db0e74f606b8afb28cc71d4b1c8b4ed24cabbf5 Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker 
+Date: Thu, 13 Apr 2023 14:01:50 -0700
+Subject: [PATCH] [release-branch.go1.19] html/template: emit filterFailsafe
+ for empty unquoted attr value
+
+An unquoted action used as an attribute value can result in unsafe
+behavior if it is empty, as HTML normalization will result in unexpected
+attributes, and may allow attribute injection. If executing a template
+results in a empty unquoted attribute value, emit filterFailsafe
+instead.
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+For #59722
+Fixes #59815
+Fixes CVE-2023-29400
+
+Change-Id: Ia38d1b536ae2b4af5323a6c6d861e3c057c2570a
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1826631
+Reviewed-by: Julie Qiu 
+Run-TryBot: Roland Shoemaker 
+Reviewed-by: Damien Neil 
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1851498
+Reviewed-by: Roland Shoemaker 
+Run-TryBot: Damien Neil 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/491357
+Run-TryBot: Carlos Amedee 
+TryBot-Result: Gopher Robot 
+Reviewed-by: Dmitri Shuralyov 
+
+Upstream-Status: Backport 
[https://github.com/golang/go/commit/9db0e74f606b8afb28cc71d4b1c8b4ed24cabbf5]
+CVE: CVE-2023-29400
+Signed-off-by: Vivek Kumbhar 
+---
+ src/html/template/escape.go  |  5 ++---
+ src/html/template/escape_test.go | 15 +++
+ src/html/template/html.go|  3 +++
+ 3 files changed, 20 insertions(+), 3 deletions(-)
+
+diff --git a/src/html/template/escape.go b/src/html/template/escape.go
+index ca078f4..bdccc65 100644
+--- a/src/html/template/escape.go
 b/src/html/template/escape.go
+@@ -362,9 +362,8 @@ func normalizeEscFn(e string) string {
+ // for all x.
+ var redundantFuncs = map[string]map[string]bool{
+   "_html_template_commentescaper": {
+-  "_html_template_attrescaper":true,
+-  "_html_template_nospaceescaper": true,
+-  "_html_template_htmlescaper":true,
++  "_html_template_attrescaper": true,
++  "_html_template_htmlescaper": true,
+   },
+   "_html_template_cssescaper": {
+   "_html_template_attrescaper": true,
+diff --git a/src/html/template/escape_test.go 
b/src/html/template/escape_test.go
+index fbc84a7..4f48afe 100644
+--- a/src/html/template/escape_test.go
 b/src/html/template/escape_test.go
+@@ -678,6 +678,21 @@ func TestEscape(t *testing.T) {
+   ``,
+   ``,
+   },
++  {
++  "unquoted empty attribute value (plaintext)",
++  "",
++  "",
++  },
++  {
++  "unquoted empty attribute value (url)",
++  "",
++  "",
++  },
++  {
++  "quoted empty attribute value",
++  "",
++  "",
++  },
+   }
+ 
+   for _, test := range tests {
+diff --git a/src/html/template/html.go b/src/html/template/html.go
+index 356b829..636bc21 100644
+--- a/src/html/template/html.go
 b/src/html/template/html.go
+@@ -14,6 +14,9 @@ import (
+ // htmlNospaceEscaper escapes for inclusion in unquoted attribute values.
+ func htmlNospaceEscaper(args ...interface{}) string {
+   s, t := stringify(args...)
++  if s == "" {
++  return filterFailsafe
++  }
+   if t == contentTypeHTML {
+   return htmlReplacer(stripTags(s), 
htmlNospaceNormReplacementTable, false)
+   }
+-- 
+2.25.1
+
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183541): 
https://lists.openembedded.org/g/openembedded-core/message/183541
Mute This Topic: https://lists.openembedded.org/mt/99825017/21656
Group Owner: