2023. 07. 31. 19:11 keltezéssel, Alexandre Belloni írta:
Hello,
On 31/07/2023 10:21:38+0200, Zoltan Boszormenyi wrote:
Feed platform settings to installplatform externally. Based on the patch
submitted under https://github.com/rpm-software-management/rpm/pull/2585
Patch against INSTALL was
9pfs: prevent opening special files
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-2861
Upstream patches:
https://github.com/qemu/qemu/commit/10fad73a2bf1c76c8aa9d6322755e5f877d83ce5
Signed-off-by: Archana Polampalli
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
VNC: infinite loop in inflate_buffer() leads to denial of service
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-3255
Upstream patches:
https://gitlab.com/qemu-project/qemu/-/commit/d921fea338c1059a27ce7b75309d7a2e485f710b
Signed-off-by: Archana Polampalli
---
qemu: hotplug/hotunplug mlx vdpa device to the occupied addr port,
then qemu core dump occurs after shutdown guest
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-3301
Upstream patches:
https://gitlab.com/qemu-project/qemu/-/commit/a0d7215e339b61c7d7a7b3fcf754954d80d93eb8
Signed-off-by:
Its removed and is implicit default in 2.38+ [1]
[1] https://mail.gnu.org/archive/html/info-gnu/2023-07/msg00010.html
Signed-off-by: Khem Raj
---
meta/recipes-core/glibc/glibc_2.38.bb | 1 -
1 file changed, 1 deletion(-)
diff --git a/meta/recipes-core/glibc/glibc_2.38.bb
Signed-off-by: Khem Raj
---
meta/recipes-core/glibc/glibc_2.38.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-core/glibc/glibc_2.38.bb
b/meta/recipes-core/glibc/glibc_2.38.bb
index 4290f3e6e4f..2021991eb4a 100644
--- a/meta/recipes-core/glibc/glibc_2.38.bb
+++
Announcement - https://mail.gnu.org/archive/html/info-gnu/2023-07/msg00010.html
Signed-off-by: Khem Raj
---
meta/conf/distro/include/tcmode-default.inc | 2 +-
...2.37.bb => cross-localedef-native_2.38.bb} | 0
meta/recipes-core/glibc/glibc-common.inc | 3 +-
...bc-locale_2.37.bb =>
From: Chen Qi
The gcc_multilib_setup function is a function that is run at the
do_configure step, so it's counted into the signature computation.
The MULTILIB_VARIANTS this function uses is also extracted to be
taken into consideration. After the change of setting MULTILIB_VARIANTS
explictly
From: Chen Qi
This patch is to ensure recipes get rebuilt correctly and avoid
incorrect sstate cache reuse when toggling multilib.
The following steps show one example of such incorrect sstate cache reuse.
1. enable multilib && bitbake -c populate_sdk
2. disable multilib && bitbake -c
On Mon, Jul 31, 2023 at 10:48 AM Sundeep KOKKONDA via
lists.openembedded.org
wrote:
>
> Hello Khem,
>
> There are 393 New Test Cases added with this update (Refer the attachment).
> Out of those,
> 88 Failed cases: Mostly from gcc.c-torture, gcc.dg, gcc.target, c-c++-common
> modules
> 13
Since the packagefeed build logic does not use sstate,
the deploy directories will not be cleaned by a do_clean
or similar commands. This change adds a function to wipe
all feed deploy directories for the given feed when a
clean command is run. That is, regardless of the value
of PACKAGE_CLASSES,
Add a new bbclass that allows building a feed using the
new oe.package_manager class. Additionally, there are
packagefeed_ bbclasses to define package type
specific configurations.
The do_packagefeed task currently does no use SSTATE
data and is set to always run via [nostamp] = "1".
The
Add a generate_feed_dirs method that will call the
create_packages_dir method for each package class
currently supported in the build environment. The
value of the PACKAGE_CLASSES determines which feed
types are built.
This handles knowing which tasks to look for, which
deploy directory to pull
To make the logic from create_feed_dir reusable, this
change splits the logic used to traverse the package
dependencies into a helper function.
Additionally, the logic used to find the initial
task was updated.
Signed-off-by: Charlie Johnston
---
meta/lib/oe/package_manager/__init__.py | 60
Currently, the generate_index_files function only handles
the creation of index files in the DEPLOY_DIR_
directories. This change adds an optional feedname input
that will instead point the index generation at a package
specific feed directory. If no feedname is specified,
the original behavior
Currently, the only way to build a feed natively in OE is to build all
the desired packages and then manually run bitbake package-index. This
approach has a few drawbacks:
- The index creation methods ONLY work on the package deploy directory.
If there are packages that are not meant to be in the
This change adds a new variable that defines where
feeds should be created when building a packagefeed.
A feed location for each package type is also added
to allow multiple package type feeds to be created
in parallel.
The location is ${DEPLOY_DIR}/feeds/
Signed-off-by: Charlie Johnston
---
> I'd guess you need to make the sstate archives of do_package store the
> acl and extended attribute data and when that is done, the millisecond
> timestamp data will probably be saved too? I'm not sure this is going
> to be a generally useful thing in the general case though and zeroing
> the
Big thx for quick response Richard.
I will look into it.
BR
Piotr
Od: Richard Purdie
Wysłane: Monday, July 31, 2023 11:19:39 PM
Do: Joshua Watt ; Piotr Łobacz
DW: Alexandre Belloni ;
openembedded-core@lists.openembedded.org
; Alex Stewart
Temat: Re:
On Mon, 2023-07-31 at 14:25 -0600, Joshua Watt wrote:
> On Mon, Jul 31, 2023 at 1:10 PM Piotr Łobacz wrote:
> >
> > I’m sorry for splitting this message but it has happend by accident…
> >
> > Returning to the topic my assumption is that for some reason in
> > reproducibleA, these miliseconds
* LDFLAGS += "-fuse-ld=bfd" in the recipe doesn't work and
it still fails to build with ld-is-gold in DISTRO_FEATURES
removal of this line sent to master in:
https://lists.openembedded.org/g/openembedded-core/message/185167
* the most important ones are the 1st which removes --add-needed
Patchelf has a nasty bug where calling --set-interpreter repeatedly
on the same program will eventually corrupt the program headers in a way
that causes a segmentation fault when the loader attempts to load the
program. In most cases, we don't reach this limit, but for recipes that
make multiple
On Mon, Jul 31, 2023 at 1:10 PM Piotr Łobacz wrote:
>
> I’m sorry for splitting this message but it has happend by accident…
>
> Returning to the topic my assumption is that for some reason in
> reproducibleA, these miliseconds are cutted and in case of reproducibleB they
> are not.
>
> This
* upstream doesn't use --add-needed since:
b23aba1 Remove deprecated --add-needed linker flag
https://github.com/rhboot/efivar/pull/218/commits/b23aba1469de8bb7a115751f9cd294ad3aaa6680
which is already included in the source since:
"efivar: Upgrade to tip of trunk"
Signed-off-by: Khem Raj
---
...ops-clip-constants-used-with-shift-i.patch | 77 +++
meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb | 1 +
2 files changed, 78 insertions(+)
create mode 100644
* uninative-3.10 and 4.0 doesn't work on e.g. ubuntu-18.04, because
patchelf-uninative
makes the binaries unusable and e.g. mkfs.ext4 segfaults in loader, see:
https://github.com/NixOS/patchelf/issues/492
* mke2fs.real, mkfs.ext2.real, mkfs.ext3.real, mkfs.ext4.real are indentical
binary
I’m sorry for splitting this message but it has happend by accident…
Returning to the topic my assumption is that for some reason in reproducibleA,
these miliseconds are cutted and in case of reproducibleB they are not.
This was obviously working for opkg-build in case of gnu format which is
OK, I have finally discovered the root cause. First of all there is another bug
in yocto, for all these 19 packages.
I have compared the full timestamps with 'ls —full-time’ command in both
directories (meaning reproducibleA and reproducibleB) of
packages-split/acpid-src and they differ even
I see that there is some discussion on the list about possible
regressions from this patch, so I will remove it from this patch set
until the issues are resolved.
Steve
On Sun, Jul 30, 2023 at 8:01 AM Steve Sakoman via
lists.openembedded.org
wrote:
>
> From: Sundeep KOKKONDA
>
> gcc stable
On Mon, 31 Jul 2023 at 18:37, Alexander Kanavin wrote:
>
> A better option: fix the libpam recipe to say:
>
> ANY_OF_DISTRO_FEATURES = "pam systemd"
> instead of current
> REQUIRED_DISTRO_FEATURES = "pam"
>
>
> This should avoid having to fix the tests.
Thanks for the suggestion, applied in v6.
From: Luca Boccassi
- Drop dependency on gnu-efi, add dependency on pyelftools for EFI builds
- Refresh patches
- Ship new files and directories
- Use meson target to build sd-boot instead of filenames
- Change libpam recipe to set ANY_OF_DISTRO_FEATURES = "pam systemd" to let
logind pull in
Hello Khem,
There are 393 New Test Cases added with this update (Refer the attachment). Out
of those,
88 Failed cases: Mostly from gcc.c-torture, gcc.dg, gcc.target, c-c++-common
modules
13 Unsupported cases: All from gcc.dg module
and other 292 Passed.
We are currently working on glibc
I think you need to better describe the benefits. What are the
improvements? Can we just stay with --offline?
There's lots of intricate code added around cargo.lock handling, with
special casing to revert to previous behavior via new variable, but
I'm struggling to understand: to what end?
Alex
A better option: fix the libpam recipe to say:
ANY_OF_DISTRO_FEATURES = "pam systemd"
instead of current
REQUIRED_DISTRO_FEATURES = "pam"
This should avoid having to fix the tests.
Alex
On Mon, 31 Jul 2023 at 19:33, Alexander Kanavin via
lists.openembedded.org
wrote:
>
> Please do not
Please do not rapid-send new patches before I get a chance to look
into what went wrong.
I suppose we have to add pam to REQUIRED_DISTRO_FEATURES in the
systemd recipe, then fix all the spots where systemd is enabled, but
pam is not. For example the above is from
On Mon, 31 Jul 2023 at 18:13, Alexandre Belloni
wrote:
>
> On 31/07/2023 17:56:05+0100, Luca Bocassi wrote:
> > On Mon, 31 Jul 2023 at 17:40, Alexandre Belloni
> > wrote:
> > >
> > > Hello,
> > >
> > > This causes the following failure:
> > >
> > >
From: Luca Boccassi
- Drop dependency on gnu-efi, add dependency on pyelftools for EFI builds
- Refresh patches
- Ship new files and directories
- Use meson target to build sd-boot instead of filenames
Signed-off-by: Luca Boccassi
---
Note that the musl patches have been rebased to solve merge
On 31/07/2023 17:56:05+0100, Luca Bocassi wrote:
> On Mon, 31 Jul 2023 at 17:40, Alexandre Belloni
> wrote:
> >
> > Hello,
> >
> > This causes the following failure:
> >
> > https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/5570/steps/14/logs/stdio
> >
> > 2023-07-30 21:25:44,944
Hello,
On 31/07/2023 10:21:38+0200, Zoltan Boszormenyi wrote:
> Feed platform settings to installplatform externally. Based on the patch
> submitted under https://github.com/rpm-software-management/rpm/pull/2585
>
> Patch against INSTALL was backported for rpm 4.18.1
>
> Signed-off-by: Zoltán
On Mon, 31 Jul 2023 at 17:40, Alexandre Belloni
wrote:
>
> Hello,
>
> This causes the following failure:
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/5570/steps/14/logs/stdio
>
> 2023-07-30 21:25:44,944 - oe-selftest - INFO -
> testtools.testresult.real._StringException:
On 31/07/2023 18:40:12+0200, Alexandre Belloni wrote:
> Hello,
>
> This causes the following failure:
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/5570/steps/14/logs/stdio
>
> 2023-07-30 21:25:44,944 - oe-selftest - INFO -
> testtools.testresult.real._StringException:
Hello,
This causes the following failure:
https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/5570/steps/14/logs/stdio
2023-07-30 21:25:44,944 - oe-selftest - INFO -
testtools.testresult.real._StringException: Traceback (most recent call last):
File
to allow bootloaders to select best machting configuration based
on compatible string.
Signed-off-by: Denis OSTERLAND-HEIM
---
meta/classes-recipe/kernel-fitimage.bbclass | 4
1 file changed, 4 insertions(+)
diff --git a/meta/classes-recipe/kernel-fitimage.bbclass
On Mon, 2023-07-31 at 16:14 +0200, Alexander Kanavin wrote:
> On Mon, 31 Jul 2023 at 14:42, Richard Purdie
> wrote:
> > > > Yes, getting the layer name means parsing but we can likely handle that
> > > > at this point as we're in python.
> > >
> > > You mean getting BBFILE_COLLECTIONS value out
On Mon, 31 Jul 2023 at 14:42, Richard Purdie
wrote:
> > > Yes, getting the layer name means parsing but we can likely handle that
> > > at this point as we're in python.
> >
> > You mean getting BBFILE_COLLECTIONS value out of conf/layer.conf? That
> > should be fairly easy with standard python,
On Mon, 2023-07-31 at 14:15 +0200, Alexander Kanavin wrote:
> On Mon, 31 Jul 2023 at 14:04, Richard Purdie
> wrote:
> > You could think about using the layer name in these contexts as layers
> > should be defining them at this point?
> >
> > Yes, getting the layer name means parsing but we can
On Mon, 2023-07-31 at 14:08 +0200, Peter Suti wrote:
> On Mon, Jul 31, 2023 at 1:06 PM Richard Purdie
> wrote:
> >
> > On Mon, 2023-07-31 at 12:43 +0200, Peter Suti wrote:
> > > On Mon, Jul 31, 2023 at 12:15 PM Richard Purdie
> > > wrote:
> > > >
> > > > On Mon, 2023-07-31 at 11:34 +0200,
On Mon, 31 Jul 2023 at 14:04, Richard Purdie
wrote:
> You could think about using the layer name in these contexts as layers
> should be defining them at this point?
>
> Yes, getting the layer name means parsing but we can likely handle that
> at this point as we're in python.
You mean getting
On Mon, Jul 31, 2023 at 1:06 PM Richard Purdie
wrote:
>
> On Mon, 2023-07-31 at 12:43 +0200, Peter Suti wrote:
> > On Mon, Jul 31, 2023 at 12:15 PM Richard Purdie
> > wrote:
> > >
> > > On Mon, 2023-07-31 at 11:34 +0200, Peter Suti wrote:
> > > > Fixes [YOCTO #15164]
> > > >
> > > > Instead of
On Mon, 2023-07-31 at 13:31 +0200, Alexander Kanavin wrote:
> On Mon, 31 Jul 2023 at 12:56, Richard Purdie wrote:
>
> > I've just been looking at this again and I'm still not convinced this
> > is right. In particular, the above output worries me a lot, partly as I
> > barely understand it and I
On Mon, 31 Jul 2023 at 12:56, Richard Purdie wrote:
> I've just been looking at this again and I'm still not convinced this
> is right. In particular, the above output worries me a lot, partly as I
> barely understand it and I suspect if I struggle, I won't be the only
> one.
>
> With this kind
From: Luca Boccassi
- Drop dependency on gnu-efi, add dependency on pyelftools for EFI builds
- Refresh patches
- Ship new files and directories
- Use meson target to build sd-boot instead of filenames
Signed-off-by: Luca Boccassi
---
Note that the musl patches have been rebased to solve merge
On Mon, 2023-07-31 at 12:43 +0200, Peter Suti wrote:
> On Mon, Jul 31, 2023 at 12:15 PM Richard Purdie
> wrote:
> >
> > On Mon, 2023-07-31 at 11:34 +0200, Peter Suti wrote:
> > > Fixes [YOCTO #15164]
> > >
> > > Instead of deleting setscene tasks, now SSTATE_SKIP_CREATION is set
> > > instead.
On Wed, 2023-05-10 at 11:57 +0200, Alexander Kanavin wrote:
> This is the last (I believe) piece of the puzzle in setting up builds from
> nothing
> without having to write custom scripts or use external tools.
>
> After layers have been fetched and placed into their respective locations by
>
On Mon, Jul 31, 2023 at 12:15 PM Richard Purdie
wrote:
>
> On Mon, 2023-07-31 at 11:34 +0200, Peter Suti wrote:
> > Fixes [YOCTO #15164]
> >
> > Instead of deleting setscene tasks, now SSTATE_SKIP_CREATION is set instead.
> >
> > This seems to fix the compile issues where the populate_sysroot
On Mon, 2023-07-31 at 11:34 +0200, Peter Suti wrote:
> Fixes [YOCTO #15164]
>
> Instead of deleting setscene tasks, now SSTATE_SKIP_CREATION is set instead.
>
> This seems to fix the compile issues where the populate_sysroot task was
> not run when an externalsrc recipe was built as a
From: Frederic Martinsons
And use that for rust-hello-world recipe that did not ship
a Cargo.lock file.
Signed-off-by: Frederic Martinsons
---
meta/classes-recipe/cargo.bbclass | 4 +++-
meta/classes-recipe/cargo_common.bbclass | 3 +++
From: Frederic Martinsons
Now we use --frozen, Cargo.lock cannot be modified by cargo build.
These patched git dependencies requires that the git url is removed
from Cargo.lock.
Fixes #15104
Signed-off-by: Frederic Martinsons
---
meta/classes-recipe/cargo_common.bbclass | 40
From: Frederic Martinsons
It supersed the --offline flag and guarantee that Cargo.lock
file will not be modified during the build.
Signed-off-by: Frederic Martinsons
---
meta/classes-recipe/cargo.bbclass | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git
From: Frederic Martinsons
This patch series force the usage of --frozen instead of --offline during cargo
build.
This has the advantage to be sure that Cargo.lock file will not be modified.
Moreover, raise a clear error when Cargo.lock is not present.
For this to work, we must modify ourself
Fixes [YOCTO #15164]
Instead of deleting setscene tasks, now SSTATE_SKIP_CREATION is set instead.
This seems to fix the compile issues where the populate_sysroot task was
not run when an externalsrc recipe was built as a dependency.
Signed-off-by: Peter Suti
---
Feed platform settings to installplatform externally. Based on the patch
submitted under https://github.com/rpm-software-management/rpm/pull/2585
Patch against INSTALL was backported for rpm 4.18.1
Signed-off-by: Zoltán Böszörményi
---
...atform-macro-settings-externally-258.patch | 118
I sent a revised patch that excludes the flaky test.
Alex
On Mon, 31 Jul 2023 at 09:36, Alexander Kanavin via
lists.openembedded.org
wrote:
>
> I looked into it. Yes it's a race in a badly written shell script:
> https://github.com/util-linux/util-linux/issues/2399
>
> I'll see if the test can
License-update: added bsd-2-clause
https://github.com/util-linux/util-linux/commit/faeb1b64b36ededd1a0b62555cad65f002d47ac6
Signed-off-by: Alexander Kanavin
---
...2.38.1.bb => util-linux-libuuid_2.39.1.bb} | 0
meta/recipes-core/util-linux/util-linux.inc | 10 ++--
I looked into it. Yes it's a race in a badly written shell script:
https://github.com/util-linux/util-linux/issues/2399
I'll see if the test can be easily skipped until upstream sorts it out.
Alex
On Mon, 31 Jul 2023 at 07:59, Alexander Kanavin via
lists.openembedded.org
wrote:
>
> On Sun, 30
From: Peter Marko
Rewrite of CVE_CHECK_IGNORE to CVE_STATUS contained copy+paste
problem changing CVE numbers.
CVE-2020-12352 -> CVE-2022-3563
CVE-2020-24490 -> CVE-2022-3637
CVE-2020-12352 is now for kernel only in NVD BD, so remove it.
CVE-2020-24490 is corrected in this commit.
From: Peter Marko
This will remove 6 CVEs which were already excluded before.
Signed-off-by: Peter Marko
---
meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
Rewrite of CVE_CHECK_IGNORE to CVE_STATUS contained copy+paste
problem changing CVE numbers.
CVE-2020-12352 -> CVE-2022-3563
CVE-2020-24490 -> CVE-2022-3637
CVE-2020-12352 is now for kernel only in NVD BD, so remove it.
CVE-2020-24490 is corrected in this commit.
Signed-off-by: Peter Marko
---
This will remove 6 CVEs which were already excluded before.
Signed-off-by: Peter Marko
---
meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
69 matches
Mail list logo