Re: [OE-core] [PATCH] rdfind: add version 1.6.0
How about using --ignore-duplicates? https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/copy-firmware.sh?id=4124f8f928d51a1437e2fd2636b20d540edc2836 Adding a new recipe means someone has to keep it working and updated (which means adding a maintainers.inc entry), and in this case it's easily avoidable. Alex On Tue, 28 Nov 2023 at 08:36, A. Sverdlin via lists.openembedded.org wrote: > > From: Alexander Sverdlin > > Add 1.6.0 recipe from meta-oe as of commit 39dfcaceba36 > ("rdfind: upgrade 1.5.0 -> 1.6.0"). It's required by linux-firmware > installer script starting from 20230919. > > Signed-off-by: Alexander Sverdlin > --- > Shall probably come before patch "linux-firmware: require rdfind-native". > Link: > https://patchwork.yoctoproject.org/project/oe-core/patch/20231127203230.2704211-1-alexander.sverd...@siemens.com/ > > meta/recipes-support/rdfind/rdfind_1.6.0.bb | 13 + > 1 file changed, 13 insertions(+) > create mode 100644 meta/recipes-support/rdfind/rdfind_1.6.0.bb > > diff --git a/meta/recipes-support/rdfind/rdfind_1.6.0.bb > b/meta/recipes-support/rdfind/rdfind_1.6.0.bb > new file mode 100644 > index 000..3a15fe6c9a2 > --- /dev/null > +++ b/meta/recipes-support/rdfind/rdfind_1.6.0.bb > @@ -0,0 +1,13 @@ > +SUMMARY = "Rdfind is a program that finds duplicate files" > +HOMEPAGE = "https://rdfind.pauldreik.se/; > +LICENSE = "GPL-2.0-only" > +LIC_FILES_CHKSUM = "file://COPYING;md5=fa22e16ebbe6638b2bd253338fbded9f" > + > +DEPENDS = "nettle autoconf-archive" > + > +SRC_URI = "https://rdfind.pauldreik.se/${BP}.tar.gz; > +SRC_URI[sha256sum] = > "7a406e8ef1886a5869655604618dd98f672f12c6a6be4926d053be65070f3279" > + > +inherit autotools > + > +BBCLASSEXTEND = "native" > -- > 2.43.0 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191340): https://lists.openembedded.org/g/openembedded-core/message/191340 Mute This Topic: https://lists.openembedded.org/mt/102846891/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/2] gettext: Upgrade 0.22 -> 0.22.3
Signed-off-by: Robert Yang --- ...-minimal-native_0.22.bb => gettext-minimal-native_0.22.3.bb} | 0 meta/recipes-core/gettext/gettext-sources.inc | 2 +- .../recipes-core/gettext/{gettext_0.22.bb => gettext_0.22.3.bb} | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-core/gettext/{gettext-minimal-native_0.22.bb => gettext-minimal-native_0.22.3.bb} (100%) rename meta/recipes-core/gettext/{gettext_0.22.bb => gettext_0.22.3.bb} (100%) diff --git a/meta/recipes-core/gettext/gettext-minimal-native_0.22.bb b/meta/recipes-core/gettext/gettext-minimal-native_0.22.3.bb similarity index 100% rename from meta/recipes-core/gettext/gettext-minimal-native_0.22.bb rename to meta/recipes-core/gettext/gettext-minimal-native_0.22.3.bb diff --git a/meta/recipes-core/gettext/gettext-sources.inc b/meta/recipes-core/gettext/gettext-sources.inc index b4fb647916..31dabfc543 100644 --- a/meta/recipes-core/gettext/gettext-sources.inc +++ b/meta/recipes-core/gettext/gettext-sources.inc @@ -1,4 +1,4 @@ HOMEPAGE = "http://www.gnu.org/software/gettext/gettext.html; SRC_URI = "${GNU_MIRROR}/gettext/gettext-${PV}.tar.gz \ " -SRC_URI[sha256sum] = "49f089be11b490170bbf09ed2f51e5f5177f55be4cc66504a5861820e0fb06ab" +SRC_URI[sha256sum] = "839a260b2314ba66274dae7d245ec19fce190a3aa67869bf31354cb558df42c7" diff --git a/meta/recipes-core/gettext/gettext_0.22.bb b/meta/recipes-core/gettext/gettext_0.22.3.bb similarity index 100% rename from meta/recipes-core/gettext/gettext_0.22.bb rename to meta/recipes-core/gettext/gettext_0.22.3.bb -- 2.42.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191339): https://lists.openembedded.org/g/openembedded-core/message/191339 Mute This Topic: https://lists.openembedded.org/mt/102847000/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 0/2] Upgrade gnu-config and gettext
The following changes since commit 212affe748e2f628ecf11f26485b07dd303fe6e3: Revert "binutils: Fix CVE-2022-47007" (2023-11-23 14:58:06 +) are available in the Git repository at: https://github.com/robertlinux/yocto rbt/upgrade https://github.com/robertlinux/yocto/tree/rbt/upgrade Robert Yang (2): gnu-config: Update to latest revision gettext: Upgrade 0.22 -> 0.22.3 ...inimal-native_0.22.bb => gettext-minimal-native_0.22.3.bb} | 0 meta/recipes-core/gettext/gettext-sources.inc | 2 +- .../gettext/{gettext_0.22.bb => gettext_0.22.3.bb}| 0 meta/recipes-devtools/gnu-config/gnu-config_git.bb| 4 ++-- 4 files changed, 3 insertions(+), 3 deletions(-) rename meta/recipes-core/gettext/{gettext-minimal-native_0.22.bb => gettext-minimal-native_0.22.3.bb} (100%) rename meta/recipes-core/gettext/{gettext_0.22.bb => gettext_0.22.3.bb} (100%) -- 2.42.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191337): https://lists.openembedded.org/g/openembedded-core/message/191337 Mute This Topic: https://lists.openembedded.org/mt/102846998/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/2] gnu-config: Update to latest revision
Signed-off-by: Robert Yang --- meta/recipes-devtools/gnu-config/gnu-config_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/gnu-config/gnu-config_git.bb b/meta/recipes-devtools/gnu-config/gnu-config_git.bb index 2a0e6f8e41..718f798a00 100644 --- a/meta/recipes-devtools/gnu-config/gnu-config_git.bb +++ b/meta/recipes-devtools/gnu-config/gnu-config_git.bb @@ -9,8 +9,8 @@ DEPENDS:class-native = "hostperl-runtime-native" INHIBIT_DEFAULT_DEPS = "1" -SRCREV = "63acb96f92473ceb5e21d873d7c0aee266b3d6d3" -PV = "20230216+git" +SRCREV = "28ea239c53a2d5d8800c472bc2452eaa16e37af2" +PV = "20231127+git" SRC_URI = "git://git.savannah.gnu.org/git/config.git;protocol=https;branch=master \ file://gnu-configize.in" -- 2.42.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191338): https://lists.openembedded.org/g/openembedded-core/message/191338 Mute This Topic: https://lists.openembedded.org/mt/102846999/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [meta-oe][PATCH] rdfind: remove (move to oe-core)
From: Alexander Sverdlin Newer linux-firmware (oe-core) requires rdfind-native, move the new dependency to oe-core as well. Signed-off-by: Alexander Sverdlin --- meta-oe/recipes-support/rdfind/rdfind_1.6.0.bb | 13 - 1 file changed, 13 deletions(-) delete mode 100644 meta-oe/recipes-support/rdfind/rdfind_1.6.0.bb diff --git a/meta-oe/recipes-support/rdfind/rdfind_1.6.0.bb b/meta-oe/recipes-support/rdfind/rdfind_1.6.0.bb deleted file mode 100644 index 3a15fe6c9..0 --- a/meta-oe/recipes-support/rdfind/rdfind_1.6.0.bb +++ /dev/null @@ -1,13 +0,0 @@ -SUMMARY = "Rdfind is a program that finds duplicate files" -HOMEPAGE = "https://rdfind.pauldreik.se/; -LICENSE = "GPL-2.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=fa22e16ebbe6638b2bd253338fbded9f" - -DEPENDS = "nettle autoconf-archive" - -SRC_URI = "https://rdfind.pauldreik.se/${BP}.tar.gz; -SRC_URI[sha256sum] = "7a406e8ef1886a5869655604618dd98f672f12c6a6be4926d053be65070f3279" - -inherit autotools - -BBCLASSEXTEND = "native" -- 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191336): https://lists.openembedded.org/g/openembedded-core/message/191336 Mute This Topic: https://lists.openembedded.org/mt/102846946/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] rdfind: add version 1.6.0
From: Alexander Sverdlin Add 1.6.0 recipe from meta-oe as of commit 39dfcaceba36 ("rdfind: upgrade 1.5.0 -> 1.6.0"). It's required by linux-firmware installer script starting from 20230919. Signed-off-by: Alexander Sverdlin --- Shall probably come before patch "linux-firmware: require rdfind-native". Link: https://patchwork.yoctoproject.org/project/oe-core/patch/20231127203230.2704211-1-alexander.sverd...@siemens.com/ meta/recipes-support/rdfind/rdfind_1.6.0.bb | 13 + 1 file changed, 13 insertions(+) create mode 100644 meta/recipes-support/rdfind/rdfind_1.6.0.bb diff --git a/meta/recipes-support/rdfind/rdfind_1.6.0.bb b/meta/recipes-support/rdfind/rdfind_1.6.0.bb new file mode 100644 index 000..3a15fe6c9a2 --- /dev/null +++ b/meta/recipes-support/rdfind/rdfind_1.6.0.bb @@ -0,0 +1,13 @@ +SUMMARY = "Rdfind is a program that finds duplicate files" +HOMEPAGE = "https://rdfind.pauldreik.se/; +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=fa22e16ebbe6638b2bd253338fbded9f" + +DEPENDS = "nettle autoconf-archive" + +SRC_URI = "https://rdfind.pauldreik.se/${BP}.tar.gz; +SRC_URI[sha256sum] = "7a406e8ef1886a5869655604618dd98f672f12c6a6be4926d053be65070f3279" + +inherit autotools + +BBCLASSEXTEND = "native" -- 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191335): https://lists.openembedded.org/g/openembedded-core/message/191335 Mute This Topic: https://lists.openembedded.org/mt/102846891/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [[dunfell][PATCH] grub: fix CVE-2023-4692 & CVE-2023-4693
Upstream-Status: Backport from https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea && https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=0ed2458cc4eff6d9a9199527e2a0b6d445802f94 Signed-off-by: Hitendra Prajapati --- .../grub/files/CVE-2023-4692.patch| 97 +++ .../grub/files/CVE-2023-4693.patch| 62 meta/recipes-bsp/grub/grub2.inc | 2 + 3 files changed, 161 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2023-4692.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2023-4693.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2023-4692.patch b/meta/recipes-bsp/grub/files/CVE-2023-4692.patch new file mode 100644 index 00..0e74870ebf --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2023-4692.patch @@ -0,0 +1,97 @@ +From 43651027d24e62a7a463254165e1e46e42aecdea Mon Sep 17 00:00:00 2001 +From: Maxim Suhanov +Date: Mon, 28 Aug 2023 16:31:57 +0300 +Subject: [PATCH] fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST + attribute for the $MFT file + +When parsing an extremely fragmented $MFT file, i.e., the file described +using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer +containing bytes read from the underlying drive to store sector numbers, +which are consumed later to read data from these sectors into another buffer. + +These sectors numbers, two 32-bit integers, are always stored at predefined +offsets, 0x10 and 0x14, relative to first byte of the selected entry within +the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem. + +However, when parsing a specially-crafted file system image, this may cause +the NTFS code to write these integers beyond the buffer boundary, likely +causing the GRUB memory allocator to misbehave or fail. These integers contain +values which are controlled by on-disk structures of the NTFS file system. + +Such modification and resulting misbehavior may touch a memory range not +assigned to the GRUB and owned by firmware or another EFI application/driver. + +This fix introduces checks to ensure that these sector numbers are never +written beyond the boundary. + +Fixes: CVE-2023-4692 + +Reported-by: Maxim Suhanov +Signed-off-by: Maxim Suhanov +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea] +CVE: CVE-2023-4692 +Signed-off-by: Hitendra Prajapati +--- + grub-core/fs/ntfs.c | 18 +- + 1 file changed, 17 insertions(+), 1 deletion(-) + +diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c +index 2f34f76..c8d3683 100644 +--- a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c +@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + } + if (at->attr_end) + { +- grub_uint8_t *pa; ++ grub_uint8_t *pa, *pa_end; + + at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR); + if (at->emft_buf == NULL) +@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + } + at->attr_nxt = at->edat_buf; + at->attr_end = at->edat_buf + u32at (pa, 0x30); ++pa_end = at->edat_buf + n; + } + else + { + at->attr_nxt = at->attr_end + u16at (pa, 0x14); + at->attr_end = at->attr_end + u32at (pa, 4); ++pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR); + } + at->flags |= GRUB_NTFS_AF_ALST; + while (at->attr_nxt < at->attr_end) +@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + at->flags |= GRUB_NTFS_AF_GPOS; + at->attr_cur = at->attr_nxt; + pa = at->attr_cur; ++ ++if ((pa >= pa_end) || (pa_end - pa < 0x18)) ++ { ++grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list"); ++return NULL; ++ } ++ + grub_set_unaligned32 ((char *) pa + 0x10, + grub_cpu_to_le32 (at->mft->data->mft_start)); + grub_set_unaligned32 ((char *) pa + 0x14, +@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + { + if (*pa != attr) + break; ++ ++ if ((pa >= pa_end) || (pa_end - pa < 0x18)) ++{ ++grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list"); ++return NULL; ++ } ++ + if (read_attr + (at, pa + 0x10, + u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR), +-- +2.25.1 + diff --git a/meta/recipes-bsp/grub/files/CVE-2023-4693.patch b/meta/recipes-bsp/grub/files/CVE-2023-4693.patch new file mode 100644 index 00..1e6b6efdec --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2023-4693.patch @@ -0,0 +1,62 @@ +From 0ed2458cc4eff6d9a9199527e2a0b6d445802f94 Mon
Re: [PATCH V2] [OE-core] tzdata: Reduced time zone configuration
On Fri, 24 Nov 2023 16:50:04 +, Alex Kiernan wrote: > > > tzdata.bb by default pulls in all possible timezone data packages which > > > increases size of the final root filesystem considerably. > > > The customer would like to have extra timezones configurable so that only > > > tzdata-core is chosen by default and rest of the zones are optional. > > > This change would make the fs size a lot smaller. > > > > > > Comparison of customized package volume before and after: > > > When TZ_PACKAGES contains all tzdata packets, the image size of tzdata is > > > 7.4MB. > > > The difference in mirror size between the two is 7MB. > > > > > > When TZ_PACKAGES only retains one tzdata-core, the image size generated by > > > tzdata is 320KB. > > > > > > Signed-off-by: Lizhi Xu > > > > I get what you're trying to do, but this looks horrid. How about > > splitting into multiple packages based on top level directory (plus > > the few which sit in the top level directory) using a new > > PACKAGESPLITFUNCS so you don't have to hardcode the list of packages? > > > > Foolishly, I didn't actually look at what was in the tzdata recipe > first and it already splits things... I'm lost, can't you just remove > things from TZ_PACKAGES to get what you're after? To achieve a final reduction in the size of the tzdata package, simply configuring TZ_PACKAGES is not enough. It is also necessary to delete the corresponding zoneinfo when generating the final package, this requires performing the corresponding deletion operation in the do_install() task simultaneously, which is too complex for users. Therefore, this patch is provided to simplify the step of reducing package size. After applying this patch, users only need to modify the OP_TZ in tzd.inc to determine which time zones are needed in the final generated package, in order to facilitate customization of the final size of the tzdata package. Thanks, Lizhi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191333): https://lists.openembedded.org/g/openembedded-core/message/191333 Mute This Topic: https://lists.openembedded.org/mt/102777104/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH V2] cairo: upgrade 1.16.0 -> 1.18.0
Hi, Alex Okay, I will do my best to do it. Best Regards, Qiu Tingting > -Original Message- > From: Alexander Kanavin > Sent: Monday, November 27, 2023 6:10 PM > To: Qiu, Tingting/仇 婷婷 > Cc: openembedded-core@lists.openembedded.org; FNST fnstml-fujitsuten > > Subject: Re: [OE-core] [PATCH V2] cairo: upgrade 1.16.0 -> 1.18.0 > > Thank you, the patch is fine now. The next step is that if there are > integration > issues on the autobuilder, you will get links to them and the expectation is > that > they are resolved by you, and the adjusted patch is resubmitted. > > Alex > > On Mon, 27 Nov 2023 at 05:02, qi...@fujitsu.com wrote: > > > > From: qiutt > > > > Changelog for 1.18.0 [1]: > > The cairo-sphinx tool has been removed > > Cairo now implements Type 3 color fonts for PDF > > The XML surface has been removed > > The Tee surface is now automatically enabled > > The Quartz surface is improved > > Cairo now hides all private symbols by default on every platform > > Fixed multiple issues > > > > As a part of 1.18.0, the following patches should be dropped. > > CVE-2018-19876.patch : > https://gitlab.freedesktop.org/cairo/cairo/-/commit/90e85c2493fdfa3551f202 > ff10282463f1e36645 > > CVE-2019-6461.patch : > https://gitlab.freedesktop.org/cairo/cairo/-/commit/09643ee1abdd5daacebfc > b564448f29be9a79bac > > CVE-2019-6462.patch : > https://gitlab.freedesktop.org/cairo/cairo/-/commit/bbeaf08190d3006a80b80 > a77724801cd477a37b8 > > CVE-2020-35492.patch : > > https://gitlab.freedesktop.org/cairo/cairo/-/commit/c986a7310bb06582b7 > > d8a566d5f007ba4e5e75bf > > > > These options are all gone [2]: directfb, valgrind, egl, glesv2, > > opengl, trace > > > > Build tool is changed : autotools -> meson > > > > [1] https://www.cairographics.org/news/cairo-1.18.0/ > > [2] > > https://gitlab.freedesktop.org/cairo/cairo/-/blob/master/meson_options > > .txt > > > > Signed-off-by: qiutt > > --- > > .../cairo/cairo/CVE-2018-19876.patch | 34 -- > > .../cairo/cairo/CVE-2019-6461.patch | 20 -- > > .../cairo/cairo/CVE-2019-6462.patch | 40 > > .../cairo/cairo/CVE-2020-35492.patch | 60 -- > > .../{cairo_1.16.0.bb => cairo_1.18.0.bb} | 63 +-- > > 5 files changed, 16 insertions(+), 201 deletions(-) delete mode > > 100644 meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > > delete mode 100644 > > meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > > delete mode 100644 > > meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch > > delete mode 100644 > > meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch > > rename meta/recipes-graphics/cairo/{cairo_1.16.0.bb => > > cairo_1.18.0.bb} (51%) > > > > diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > > b/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > > deleted file mode 100644 > > index 4252a5663b..00 > > --- a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > > +++ /dev/null > > @@ -1,34 +0,0 @@ > > -CVE: CVE-2018-19876 > > -Upstream-Status: Backport > > -Signed-off-by: Ross Burton > > - > > -From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 > > 2001 > > -From: Carlos Garcia Campos > > -Date: Mon, 19 Nov 2018 12:33:07 +0100 > > -Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when > > available in > > - cairo_ft_apply_variations > > - > > -Fixes a crash when using freetype >= 2.9 > > > > - src/cairo-ft-font.c | 4 > > - 1 file changed, 4 insertions(+) > > - > > -diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c -index > > 325dd61b4..981973f78 100644 > > a/src/cairo-ft-font.c > > -+++ b/src/cairo-ft-font.c > > -@@ -2393,7 +2393,11 @@ skip: > > - done: > > - free (coords); > > - free (current_coords); > > -+#if HAVE_FT_DONE_MM_VAR > > -+FT_Done_MM_Var (face->glyph->library, ft_mm_var); #else > > - free (ft_mm_var); > > -+#endif > > - } > > - } > > - > > --- > > -2.11.0 > > - > > diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > > b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > > deleted file mode 100644 > > index a2dba6cb20..00 > > --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > > +++ /dev/null > > @@ -1,20 +0,0 @@ > > -There is an assertion in function _cairo_arc_in_direction(). > > - > > -CVE: CVE-2019-6461 > > -Upstream-Status: Pending > > -Signed-off-by: Ross Burton > > - > > -diff --git a/src/cairo-arc.c b/src/cairo-arc.c -index > > 390397bae..1bde774a4 100644 > > a/src/cairo-arc.c > > -+++ b/src/cairo-arc.c > > -@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t *cr, > > - if (cairo_status (cr)) > > - return; > > - > > --assert (angle_max >= angle_min); > > -+if (angle_max < angle_min) > > -+ return; > > - > > - if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) { > > - angle_max = fmod (angle_max -
Re: [OE-core] [PATCH v10 3/3] vte: Separate out gtk4 pieces of vte into individual packages
On Sat, Nov 25, 2023 at 6:04 AM Ross Burton wrote: > > Does this allow installing the gtk4 libraries without gtk3? Looks like the > GIR files will mean pulling in both. I have sent a v11 where Vte-3.91.gir is packaged into ${PN}-gtk4-dev, that should solve this concern. > > Ross > > From: Khem Raj > Sent: Saturday, November 25, 2023 7:38:21 AM > To: openembedded-core@lists.openembedded.org > > Cc: Khem Raj ; Ross Burton > Subject: [PATCH v10 3/3] vte: Separate out gtk4 pieces of vte into individual > packages > > This avoids adding gtk4 dependencies when image may only desire the gtk3 > pieces of vte. > > Signed-off-by: Khem Raj > Cc: Ross Burton > --- > v10: Added new > > meta/recipes-support/vte/vte_0.74.1.bb | 10 +- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/meta/recipes-support/vte/vte_0.74.1.bb > b/meta/recipes-support/vte/vte_0.74.1.bb > index 8a7054a13cd..91c331d44cc 100644 > --- a/meta/recipes-support/vte/vte_0.74.1.bb > +++ b/meta/recipes-support/vte/vte_0.74.1.bb > @@ -36,7 +36,15 @@ PACKAGECONFIG[gtk4] = "-Dgtk4=true,-Dgtk4=false,gtk4" > PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" > PACKAGECONFIG[systemd] = "-D_systemd=true,-D_systemd=false,systemd" > > -PACKAGES =+ "libvte ${PN}-prompt" > +PACKAGES =+ "libvte-gtk4 ${PN}-gtk4 ${PN}-gtk4-dev libvte ${PN}-prompt" > +FILES:libvte-gtk4 = "${libdir}/lib*gtk4.so.* > ${libdir}/girepository-1.0/Vte-3.91.typelib" > +FILES:${PN}-gtk4 ="${bindir}/vte-2.91-gtk4" > +FILES:${PN}-gtk4-dev = "${libdir}/lib*gtk4.so \ > +${libdir}/pkgconfig/vte-2.91-gtk4.pc \ > +${datadir}/vala/vapi/vte-2.91-gtk4.deps \ > +${datadir}/vala/vapi/vte-2.91-gtk4.vapi \ > +${includedir}/vte-2.91-gtk4 \ > +" > FILES:${PN} +="${systemd_user_unitdir}" > FILES:libvte = "${libdir}/*.so.* ${libdir}/girepository-1.0/*" > FILES:${PN}-prompt = " \ > -- > 2.43.0 > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191331): https://lists.openembedded.org/g/openembedded-core/message/191331 Mute This Topic: https://lists.openembedded.org/mt/102793454/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v11] vte: Separate out gtk4 pieces of vte into individual packages
This avoids adding gtk4 dependencies when image may only desire the gtk3 pieces of vte. Signed-off-by: Khem Raj Cc: Ross Burton --- v11: Package Vte-3.91.gir into ${PN}-gtk4-dev meta/recipes-support/vte/vte_0.74.1.bb | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/meta/recipes-support/vte/vte_0.74.1.bb b/meta/recipes-support/vte/vte_0.74.1.bb index 8a7054a13cd..071f6684644 100644 --- a/meta/recipes-support/vte/vte_0.74.1.bb +++ b/meta/recipes-support/vte/vte_0.74.1.bb @@ -36,7 +36,16 @@ PACKAGECONFIG[gtk4] = "-Dgtk4=true,-Dgtk4=false,gtk4" PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" PACKAGECONFIG[systemd] = "-D_systemd=true,-D_systemd=false,systemd" -PACKAGES =+ "libvte ${PN}-prompt" +PACKAGES =+ "libvte-gtk4 ${PN}-gtk4 ${PN}-gtk4-dev libvte ${PN}-prompt" +FILES:libvte-gtk4 = "${libdir}/lib*gtk4.so.* ${libdir}/girepository-1.0/Vte-3.91.typelib" +FILES:${PN}-gtk4 ="${bindir}/vte-2.91-gtk4" +FILES:${PN}-gtk4-dev = "${libdir}/lib*gtk4.so \ +${libdir}/pkgconfig/vte-2.91-gtk4.pc \ +${datadir}/gir-1.0/Vte-3.91.gir \ +${datadir}/vala/vapi/vte-2.91-gtk4.deps \ +${datadir}/vala/vapi/vte-2.91-gtk4.vapi \ +${includedir}/vte-2.91-gtk4 \ +" FILES:${PN} +="${systemd_user_unitdir}" FILES:libvte = "${libdir}/*.so.* ${libdir}/girepository-1.0/*" FILES:${PN}-prompt = " \ -- 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191330): https://lists.openembedded.org/g/openembedded-core/message/191330 Mute This Topic: https://lists.openembedded.org/mt/102841833/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] systemd-boot: Extend recipe to compile native
> -Original Message- > From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Dmitry Baryshkov > Sent: den 27 november 2023 22:05 > To: Ross Burton > Cc: quic_vkral...@quicinc.com; OE Core mailing list c...@lists.openembedded.org> > Subject: Re: [OE-core] [PATCH] systemd-boot: Extend recipe to compile > native > > On Mon, 27 Nov 2023 at 18:49, Ross Burton wrote: > > > > On 27 Nov 2023, at 14:56, Viswanath Kraleti via lists.openembedded.org > wrote: > > > > > > systemd has ukify, a native tool, which will combine the > > > kernel/initrd/stub > > > components to build the UKI (unified kernel images). systemd-boot recipe > > > isn't providing this tool. > > > > > > In order to use ukify, one need systemd-boot native recipe that can be > > > added as a dependency to get the tool under recipe-sysroot-native. > > > > Feels like it might be neater to just have a new recipe that builds that > one binary, instead of a mess of overrides in an other wise simple recipe. > > This was one of the concerns during patch development. I suggested > patching the existing .bb on the premises of having the same version > for native and target recipes. > > -- > With best wishes > Dmitry That should be taken care of by requiring the systemd.inc file. //Peter -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191329): https://lists.openembedded.org/g/openembedded-core/message/191329 Mute This Topic: https://lists.openembedded.org/mt/102830176/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe-core][PATCHv2] default-providers.inc: add PREFERRED_PROVIDER variables for llvm
> -Original Message- > From: openembedded-core@lists.openembedded.org > On Behalf Of Markus Volk > Sent: den 27 november 2023 11:25 > To: openembedded-core@lists.openembedded.org > Subject: [oe-core][PATCHv2] default-providers.inc: add PREFERRED_PROVIDER > variables for llvm > > gallium-llvm needs to be built with clang if you, for example > want to have support for opencl or want to build the intel-clc compiler. > meta-clang recommends to set > > PREFERRED_PROVIDER_llvm = "clang" > PREFERRED_PROVIDER_llvm-native = "clang-native" > > The current problem is that this is not taken into account in mesa and > therefore > both llvm and clang are included. This leads to files that are provided by > both > packages and would also unnecessarily increase the build time. > > Add PREFERRED_PROVIDER_llvm and PREFERRED_PROVIDER_llvm-native and make > sure that the mesa recipe takes these variables into account. > > Signed-off-by: Markus Volk > --- > meta/conf/distro/include/default-providers.inc | 2 ++ > meta/recipes-graphics/mesa/mesa.inc| 2 +- > 2 files changed, 3 insertions(+), 1 deletion(-) > > diff --git a/meta/conf/distro/include/default-providers.inc > b/meta/conf/distro/include/default-providers.inc > index d18173c744..819d71628b 100644 > --- a/meta/conf/distro/include/default-providers.inc > +++ b/meta/conf/distro/include/default-providers.inc > @@ -37,6 +37,8 @@ PREFERRED_PROVIDER_dbus-glib ?= "dbus-glib" > PREFERRED_PROVIDER_dbus-glib-native ?= "dbus-glib-native" > PREFERRED_PROVIDER_gdk-pixbuf ?= "gdk-pixbuf" > PREFERRED_PROVIDER_libgcc ?= "libgcc" > +PREFERRED_PROVIDER_llvm ?= "llvm" > +PREFERRED_PROVIDER_llvm-native ?= "llvm-native" Don't insert them between PREFERRED_PROVIDER_libgcc and PREFERRED_PROVIDER_nativesdk-libgcc. They belong together. > PREFERRED_PROVIDER_nativesdk-libgcc ?= "nativesdk-libgcc" > PREFERRED_PROVIDER_linux-libc-headers ?= "linux-libc-headers" > PREFERRED_PROVIDER_nativesdk-linux-libc-headers ?= > "nativesdk-linux-libc-headers" > diff --git a/meta/recipes-graphics/mesa/mesa.inc > b/meta/recipes-graphics/mesa/mesa.inc > index e5c405a972..1a971242c9 100644 > --- a/meta/recipes-graphics/mesa/mesa.inc > +++ b/meta/recipes-graphics/mesa/mesa.inc > @@ -183,7 +183,7 @@ GALLIUMDRIVERS:append = > "${@bb.utils.contains('PACKAGECONFIG', 'r600', ',r600', > GALLIUMDRIVERS:append = "${@bb.utils.contains('PACKAGECONFIG', 'virgl', > ',virgl', '', d)}" > > PACKAGECONFIG[gallium] = > "-Dgallium-drivers=${@strip_comma('${GALLIUMDRIVERS}')}, > -Dgallium-drivers='', libdrm" > -PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, > -Dllvm=disabled, llvm llvm-native elfutils" > +PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, > -Dllvm=disabled, ${PREFERRED_PROVIDER_llvm} ${PREFERRED_PROVIDER_llvm-native} > elfutils" This should not be needed. When PREFERRED_PROVIDER_llvm and PREFERRED_PROVIDER_llvm-native are set, bitbake should automatically take care of depending on the correct recipes. > PACKAGECONFIG[xa] = "-Dgallium-xa=enabled, -Dgallium-xa=disabled" > PACKAGECONFIG[va] = > "-Dgallium-va=enabled,-Dgallium-va=disabled,libva-initial" > PACKAGECONFIG[vdpau] = > "-Dgallium-vdpau=enabled,-Dgallium-vdpau=disabled,libvdpau" > -- > 2.42.1 //Peter -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191328): https://lists.openembedded.org/g/openembedded-core/message/191328 Mute This Topic: https://lists.openembedded.org/mt/102826427/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] systemd-boot: Extend recipe to compile native
On Mon, 27 Nov 2023 at 18:49, Ross Burton wrote: > > On 27 Nov 2023, at 14:56, Viswanath Kraleti via lists.openembedded.org > wrote: > > > > systemd has ukify, a native tool, which will combine the kernel/initrd/stub > > components to build the UKI (unified kernel images). systemd-boot recipe > > isn't providing this tool. > > > > In order to use ukify, one need systemd-boot native recipe that can be > > added as a dependency to get the tool under recipe-sysroot-native. > > Feels like it might be neater to just have a new recipe that builds that one > binary, instead of a mess of overrides in an other wise simple recipe. This was one of the concerns during patch development. I suggested patching the existing .bb on the premises of having the same version for native and target recipes. -- With best wishes Dmitry -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191327): https://lists.openembedded.org/g/openembedded-core/message/191327 Mute This Topic: https://lists.openembedded.org/mt/102830176/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] linux-firmware: require rdfind-native
From: Alexander Sverdlin Since commit 3e79f6b83bd0 ("Create symlinks for all firmware that is duplicate using rdfind") linux-firmware' copy-firmware.sh uses rdfind, add it to package's DEPENDS. Fixes: 7c725d1f2ed9 ("linux-firmware: upgrade 20230804 -> 20231030") Signed-off-by: Alexander Sverdlin --- meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb index c0394b9b3b9..f7da5de6074 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb @@ -1529,3 +1529,7 @@ INSANE_SKIP:${PN} = "already-stripped" # No need to put firmware into the sysroot SYSROOT_DIRS_IGNORE += "${nonarch_base_libdir}/firmware" + +# Since commit 3e79f6b83bd0 ("Create symlinks for all firmware that is duplicate using rdfind") +# linux-firmware' copy-firmware.sh uses rdfind +DEPENDS += "rdfind-native" -- 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191326): https://lists.openembedded.org/g/openembedded-core/message/191326 Mute This Topic: https://lists.openembedded.org/mt/102837613/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe-core][PATCHv2] default-providers.inc: add PREFERRED_PROVIDER variables for llvm
On Mon, Nov 27 2023 at 08:44:01 PM +01:00:00, Alexandre Belloni wrote: Please always include a changelog here, especially when sending multiple versions in rapid succession. Technically there is nothing that needs to be included in the changelog. Its just that I was just to dumb to understand what make -e does at first and v2 just was wrong, although it worked. But I didn't want to highlight that ;) -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191325): https://lists.openembedded.org/g/openembedded-core/message/191325 Mute This Topic: https://lists.openembedded.org/mt/102826427/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][PATCH v2 2/2] cve-update-nvd2-native: make number of fetch attemtps configurable
From: Peter Marko Sometimes NVD servers are unstable and return too many errors. Last time we increased number of attempts from 3 to 5, but further increasing is not reasonable as in normal case too many retries is just abusive. Keep retries low as default and allow to increase as needed. Signed-off-by: Peter Marko --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 64a96a46f0..dab0b69edc 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -26,6 +26,9 @@ NVDCVE_API_KEY ?= "" # Use a negative value to skip the update CVE_DB_UPDATE_INTERVAL ?= "86400" +# Number of attmepts for each http query to nvd server before giving up +CVE_DB_UPDATE_ATTEMPTS ?= "5" + CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" @@ -111,7 +114,7 @@ def cleanup_db_download(db_file, db_tmp_file): if os.path.exists(db_tmp_file): os.remove(db_tmp_file) -def nvd_request_next(url, api_key, args): +def nvd_request_next(url, attempts, api_key, args): """ Request next part of the NVD dabase """ @@ -127,7 +130,7 @@ def nvd_request_next(url, api_key, args): request.add_header("apiKey", api_key) bb.note("Requesting %s" % request.full_url) -for attempt in range(5): +for attempt in range(attempts): try: r = urllib.request.urlopen(request) @@ -183,10 +186,11 @@ def update_db_file(db_tmp_file, d, database_time): index = 0 url = d.getVar("NVDCVE_URL") api_key = d.getVar("NVDCVE_API_KEY") or None +attempts = int(d.getVar("CVE_DB_UPDATE_ATTEMPTS")) while True: req_args['startIndex'] = index -raw_data = nvd_request_next(url, api_key, req_args) +raw_data = nvd_request_next(url, attempts, api_key, req_args) if raw_data is None: # We haven't managed to download data return False -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191324): https://lists.openembedded.org/g/openembedded-core/message/191324 Mute This Topic: https://lists.openembedded.org/mt/102836849/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][PATCH v2 1/2] cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT
From: Peter Marko This variable is not referenced in oe-core anymore. Signed-off-by: Peter Marko --- v2: typo in commit message meta/recipes-core/meta/cve-update-nvd2-native.bb | 3 --- 1 file changed, 3 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 67d76f75dd..64a96a46f0 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -26,9 +26,6 @@ NVDCVE_API_KEY ?= "" # Use a negative value to skip the update CVE_DB_UPDATE_INTERVAL ?= "86400" -# Timeout for blocking socket operations, such as the connection attempt. -CVE_SOCKET_TIMEOUT ?= "60" - CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191323): https://lists.openembedded.org/g/openembedded-core/message/191323 Mute This Topic: https://lists.openembedded.org/mt/102836847/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] glibc: stable 2.38 branch updates
Please follow https://docs.yoctoproject.org/dev/contributor-guide/submit-changes.html#fixing-your-from-identity On 26/11/2023 20:00:46-0800, Sundeep KOKKONDA via lists.openembedded.org wrote: > Below commits on glibc-2.38 stable branch are updated. > 1e04dcec49 Revert "elf: Move l_init_called_next to old place of l_text_end in > link map" > 719866ab2f Revert "elf: Always call destructors in reverse constructor order > (bug 30785)" > e0b6c9706c Revert "elf: Remove unused l_text_end field from struct link_map" > > Signed-off-by: Sundeep KOKKONDA > --- > meta/recipes-core/glibc/glibc-version.inc | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-core/glibc/glibc-version.inc > b/meta/recipes-core/glibc/glibc-version.inc > index 19b98bc11a..ccf9d505c5 100644 > --- a/meta/recipes-core/glibc/glibc-version.inc > +++ b/meta/recipes-core/glibc/glibc-version.inc > @@ -1,6 +1,6 @@ > SRCBRANCH ?= "release/2.38/master" > PV = "2.38+git" > -SRCREV_glibc ?= "750a45a783906a19591fb8ff6b7841470f1f5701" > +SRCREV_glibc ?= "1e04dcec491bd8f48b5b74ce3e8414132578a645" > SRCREV_localedef ?= "e0eca29583b9e0f62645c4316ced93cf4e4e26e1" > > GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" > -- > 2.42.0 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191322): https://lists.openembedded.org/g/openembedded-core/message/191322 Mute This Topic: https://lists.openembedded.org/mt/102823529/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe-core][PATCHv2] default-providers.inc: add PREFERRED_PROVIDER variables for llvm
On 27/11/2023 11:24:49+0100, Markus Volk wrote: > gallium-llvm needs to be built with clang if you, for example > want to have support for opencl or want to build the intel-clc compiler. > meta-clang recommends to set > > PREFERRED_PROVIDER_llvm = "clang" > PREFERRED_PROVIDER_llvm-native = "clang-native" > > The current problem is that this is not taken into account in mesa and > therefore > both llvm and clang are included. This leads to files that are provided by > both > packages and would also unnecessarily increase the build time. > > Add PREFERRED_PROVIDER_llvm and PREFERRED_PROVIDER_llvm-native and make sure > that the mesa recipe takes these variables into account. > > Signed-off-by: Markus Volk > --- Please always include a changelog here, especially when sending multiple versions in rapid succession. > meta/conf/distro/include/default-providers.inc | 2 ++ > meta/recipes-graphics/mesa/mesa.inc| 2 +- > 2 files changed, 3 insertions(+), 1 deletion(-) > > diff --git a/meta/conf/distro/include/default-providers.inc > b/meta/conf/distro/include/default-providers.inc > index d18173c744..819d71628b 100644 > --- a/meta/conf/distro/include/default-providers.inc > +++ b/meta/conf/distro/include/default-providers.inc > @@ -37,6 +37,8 @@ PREFERRED_PROVIDER_dbus-glib ?= "dbus-glib" > PREFERRED_PROVIDER_dbus-glib-native ?= "dbus-glib-native" > PREFERRED_PROVIDER_gdk-pixbuf ?= "gdk-pixbuf" > PREFERRED_PROVIDER_libgcc ?= "libgcc" > +PREFERRED_PROVIDER_llvm ?= "llvm" > +PREFERRED_PROVIDER_llvm-native ?= "llvm-native" > PREFERRED_PROVIDER_nativesdk-libgcc ?= "nativesdk-libgcc" > PREFERRED_PROVIDER_linux-libc-headers ?= "linux-libc-headers" > PREFERRED_PROVIDER_nativesdk-linux-libc-headers ?= > "nativesdk-linux-libc-headers" > diff --git a/meta/recipes-graphics/mesa/mesa.inc > b/meta/recipes-graphics/mesa/mesa.inc > index e5c405a972..1a971242c9 100644 > --- a/meta/recipes-graphics/mesa/mesa.inc > +++ b/meta/recipes-graphics/mesa/mesa.inc > @@ -183,7 +183,7 @@ GALLIUMDRIVERS:append = > "${@bb.utils.contains('PACKAGECONFIG', 'r600', ',r600', > GALLIUMDRIVERS:append = "${@bb.utils.contains('PACKAGECONFIG', 'virgl', > ',virgl', '', d)}" > > PACKAGECONFIG[gallium] = > "-Dgallium-drivers=${@strip_comma('${GALLIUMDRIVERS}')}, > -Dgallium-drivers='', libdrm" > -PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, > -Dllvm=disabled, llvm llvm-native elfutils" > +PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, > -Dllvm=disabled, ${PREFERRED_PROVIDER_llvm} ${PREFERRED_PROVIDER_llvm-native} > elfutils" > PACKAGECONFIG[xa] = "-Dgallium-xa=enabled, -Dgallium-xa=disabled" > PACKAGECONFIG[va] = > "-Dgallium-va=enabled,-Dgallium-va=disabled,libva-initial" > PACKAGECONFIG[vdpau] = > "-Dgallium-vdpau=enabled,-Dgallium-vdpau=disabled,libvdpau" > -- > 2.42.1 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191321): https://lists.openembedded.org/g/openembedded-core/message/191321 Mute This Topic: https://lists.openembedded.org/mt/102826427/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][PATCH 1/2] cve-update-nvd2-native: remove unused variable CVE_DB_UPDATE_RETRIES
Peter Marko via lists.openembedded.org escreveu no dia segunda, 27/11/2023 à(s) 19:38: > From: Peter Marko > > This variable is not referenced in oe-core anymore. > > Signed-off-by: Peter Marko > --- > meta/recipes-core/meta/cve-update-nvd2-native.bb | 3 --- > 1 file changed, 3 deletions(-) > > diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb > b/meta/recipes-core/meta/cve-update-nvd2-native.bb > index 67d76f75dd..64a96a46f0 100644 > --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb > +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb > @@ -26,9 +26,6 @@ NVDCVE_API_KEY ?= "" > # Use a negative value to skip the update > CVE_DB_UPDATE_INTERVAL ?= "86400" > > -# Timeout for blocking socket operations, such as the connection attempt. > -CVE_SOCKET_TIMEOUT ?= "60" > The commit says CVE_DB_UPDATE_RETRIES Jose > - > CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" > > CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" > -- > 2.30.2 > > > > > -- Best regards, José Quaresma -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191320): https://lists.openembedded.org/g/openembedded-core/message/191320 Mute This Topic: https://lists.openembedded.org/mt/102836497/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][PATCH 2/2] cve-update-nvd2-native: make number of fetch attemtps configurable
From: Peter Marko Sometimes NVD servers are unstable and return too many errors. Last time we increased number of attempts from 3 to 5, but further increasing is not reasonable as in normal case too many retries is just abusive. Keep retries low as default and allow to increase as needed. Signed-off-by: Peter Marko --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 64a96a46f0..dab0b69edc 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -26,6 +26,9 @@ NVDCVE_API_KEY ?= "" # Use a negative value to skip the update CVE_DB_UPDATE_INTERVAL ?= "86400" +# Number of attmepts for each http query to nvd server before giving up +CVE_DB_UPDATE_ATTEMPTS ?= "5" + CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" @@ -111,7 +114,7 @@ def cleanup_db_download(db_file, db_tmp_file): if os.path.exists(db_tmp_file): os.remove(db_tmp_file) -def nvd_request_next(url, api_key, args): +def nvd_request_next(url, attempts, api_key, args): """ Request next part of the NVD dabase """ @@ -127,7 +130,7 @@ def nvd_request_next(url, api_key, args): request.add_header("apiKey", api_key) bb.note("Requesting %s" % request.full_url) -for attempt in range(5): +for attempt in range(attempts): try: r = urllib.request.urlopen(request) @@ -183,10 +186,11 @@ def update_db_file(db_tmp_file, d, database_time): index = 0 url = d.getVar("NVDCVE_URL") api_key = d.getVar("NVDCVE_API_KEY") or None +attempts = int(d.getVar("CVE_DB_UPDATE_ATTEMPTS")) while True: req_args['startIndex'] = index -raw_data = nvd_request_next(url, api_key, req_args) +raw_data = nvd_request_next(url, attempts, api_key, req_args) if raw_data is None: # We haven't managed to download data return False -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191319): https://lists.openembedded.org/g/openembedded-core/message/191319 Mute This Topic: https://lists.openembedded.org/mt/102836501/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][PATCH 1/2] cve-update-nvd2-native: remove unused variable CVE_DB_UPDATE_RETRIES
From: Peter Marko This variable is not referenced in oe-core anymore. Signed-off-by: Peter Marko --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 3 --- 1 file changed, 3 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 67d76f75dd..64a96a46f0 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -26,9 +26,6 @@ NVDCVE_API_KEY ?= "" # Use a negative value to skip the update CVE_DB_UPDATE_INTERVAL ?= "86400" -# Timeout for blocking socket operations, such as the connection attempt. -CVE_SOCKET_TIMEOUT ?= "60" - CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191318): https://lists.openembedded.org/g/openembedded-core/message/191318 Mute This Topic: https://lists.openembedded.org/mt/102836497/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for kirkstone on Mon 27 Nov 2023 08:49:33 AM HST
Branch: kirkstone New this week: 7 CVEs CVE-2023-48231 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48231 * CVE-2023-48232 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48232 * CVE-2023-48233 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48233 * CVE-2023-48234 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48234 * CVE-2023-48235 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48235 * CVE-2023-48236 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48236 * CVE-2023-48237 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48237 * Removed this week: 0 CVEs Full list: Found 55 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2022-3964 (CVSS3: 8.1 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 * CVE-2022-3965 (CVSS3: 8.1 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 * CVE-2022-47007 (CVSS3: 5.5 MEDIUM): binutils:binutils-cross-testsuite:binutils-cross-x86_64 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-47007 * CVE-2022-48064 (CVSS3: 5.5 MEDIUM): binutils:binutils-cross-testsuite:binutils-cross-x86_64 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48064 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-1544 (CVSS3: 6.3 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1544 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-38469 (CVSS3: 5.5 MEDIUM): avahi https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38469 * CVE-2023-38470 (CVSS3: 5.5 MEDIUM): avahi https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38470 * CVE-2023-38471 (CVSS3: 5.5 MEDIUM): avahi https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38471 * CVE-2023-38472 (CVSS3: 5.5 MEDIUM): avahi https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38472 * CVE-2023-38473 (CVSS3: 5.5 MEDIUM): avahi https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38473 * CVE-2023-38560 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38560 * CVE-2023-39323 (CVSS3: 9.8 CRITICAL): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-40360 (CVSS3: 5.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40360 * CVE-2023-4039 (CVSS3: 4.8 MEDIUM): gcc:gcc-cross-x86_64:gcc-runtime:gcc-sanitizers:libgcc:libgcc-initial https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4039 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-41175 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-41175 * CVE-2023-4135 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
[OE-core] [PATCH] bitbake.conf: Add gsutil as hosttool for gcp fetcher.
The gcp fetcher uses gsutil to check if the file exists before fetching. This change ensures the tool is included as a nonfatal hosttool so that it's included in the build environment when available. Signed-off-by: Charlie Johnston --- meta/conf/bitbake.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf index 983987cf7e..e7826e7af9 100644 --- a/meta/conf/bitbake.conf +++ b/meta/conf/bitbake.conf @@ -543,6 +543,9 @@ HOSTTOOLS_NONFATAL += "scp" # Used by Mercurial fetcher HOSTTOOLS_NONFATAL += "hg" +# Used by gcp fetcher +HOSTTOOLS_NONFATAL += "gsutil" + # Link to git-lfs if present HOSTTOOLS_NONFATAL += "git-lfs" -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191316): https://lists.openembedded.org/g/openembedded-core/message/191316 Mute This Topic: https://lists.openembedded.org/mt/102834845/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for dunfell on Mon 27 Nov 2023 07:32:23 AM HST
Branch: dunfell New this week: 7 CVEs CVE-2023-48231 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48231 * CVE-2023-48232 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48232 * CVE-2023-48233 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48233 * CVE-2023-48234 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48234 * CVE-2023-48235 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48235 * CVE-2023-48236 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48236 * CVE-2023-48237 (CVSS3: 4.3 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48237 * Removed this week: 1 CVEs CVE-2021-3947 (CVSS3: 5.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3947 * Full list: Found 136 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-20295 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20295 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-3782 (CVSS3: 6.6 MEDIUM): wayland:wayland-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3782 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 *
[OE-core] [PATCH] vim: upgrade 9.0.2068 -> 9.0.2130
https://github.com/vim/vim/compare/v9.0.2068...v9.0.2130 CVE: CVE-2023-48231 CVE: CVE-2023-48232 CVE: CVE-2023-48233 CVE: CVE-2023-48234 CVE: CVE-2023-48235 CVE: CVE-2023-48236 CVE: CVE-2023-48237 Signed-off-by: Tim Orling --- Tested vim and vim.tiny on core-image-minimal on qemux86-64 vim.tiny complains about defaults.vim, but that is not new meta/recipes-support/vim/vim.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index a37310afd84..6b440d89472 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -19,8 +19,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://no-path-adjust.patch \ " -PV .= ".2068" -SRCREV = "9198c1f2b1ddecde22af918541e0de2a32f0f45a" +PV .= ".2130" +SRCREV = "075ad7047457debfeef13442c01e74088b461092" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191314): https://lists.openembedded.org/g/openembedded-core/message/191314 Mute This Topic: https://lists.openembedded.org/mt/102833550/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [RFC][PATCH 0/1] recipetool: add plugin to create recipe for rust based application
Hi all, This is an RFC to add support of rust recipes in recipetool. This first version is able to create a minimal working recipe for crates HAVING a Cargo.lock file (needed for reproducibility issues, see [1]) and using the following commands (using simple_genetic as example): - devtool add https://github.com/ValpsZ/simple_genetic - bitbake -c update_crates simple-genetic - devtool finish simple-genetic Limitations: - maybe we should factorise the code inside update_crates to avoid calling it after devtool add - for now the created recipe contains "include ${BPN}-crate.inc" instead of "require ${BPN}-crate.inc" because when the recipe is created, devtool tries to build the recipe itself and with "require" the parsing fails and the recipe is discarded. Maybe first point can help here. Another solution may be to write an empty ${BPN}-crate.inc next to the created recipe BUT right now I don't think it is possible because the process callback does not know neither the output dir nor ${BPN}. Maybe adding an optionnal post_process callback can help here? Unfortunately, most of the crates I tried, do NOT version the Cargo.lock file, so we need a solution for that. Maybe the "update_crates" function should do that? If no Cargo.lock file is found, just create one, and create a patch for it. When a recipe is updated, the user upgrading SRCREV (or the version) must be resposible to also run bitbake -c update_crates to update the Cargo.lock and the ${BP}-crate.inc files. I think that should be ok for reproducible builds? What do you think? What's next: - add support for "devtool add https://crates.io/crates/simple_genetic/0.1.1; - add oeqa selftest - handle the no Cargo.lock case... NOTE: created recipes are built tested but not tested at runtime for now. Dev branch on poky-contrib: [2] [1]: https://git.yoctoproject.org/poky/tree/meta/classes-recipe/cargo.bbclass#n45 [2]: https://git.yoctoproject.org/poky-contrib/log/?h=jstephan/devtool-add-rust-support Julien Stephan (1): recipetool: create: add support for crates scripts/lib/recipetool/create_cargo.py | 122 + 1 file changed, 122 insertions(+) create mode 100644 scripts/lib/recipetool/create_cargo.py -- 2.42.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191313): https://lists.openembedded.org/g/openembedded-core/message/191313 Mute This Topic: https://lists.openembedded.org/mt/102833494/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] recipetool: create: add support for crates
This commit adds a new plugin for creating recipes for crates (rust based applications). TODO: add more description here on final version of the patch Signed-off-by: Julien Stephan --- scripts/lib/recipetool/create_cargo.py | 125 + 1 file changed, 125 insertions(+) create mode 100644 scripts/lib/recipetool/create_cargo.py diff --git a/scripts/lib/recipetool/create_cargo.py b/scripts/lib/recipetool/create_cargo.py new file mode 100644 index 000..d24ce63509c --- /dev/null +++ b/scripts/lib/recipetool/create_cargo.py @@ -0,0 +1,125 @@ +# Recipe creation tool - cargo support plugin +# +# Copyright (c) 2023 BayLibre, SAS +# Author: Julien Stephan +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import logging +import os +from recipetool.create import RecipeHandler + +logger = logging.getLogger("recipetool") + +tinfoil = None + + +def tinfoil_init(instance): +global tinfoil +tinfoil = instance + + +class CargoRecipeHandler(RecipeHandler): +""" +Base class to support rust crate +""" + +# The supported metadata list +# Exaustive list available here: https://doc.rust-lang.org/cargo/reference/manifest.html#the-manifest-format +manifest_package_table = [ +"name", +"version", +"homepage", +"description", +"license", +"license-file", +"dependencies", +] + +bbvar_map = { +"name": "PN", +"version": "PV", +"homepage": "HOMEPAGE", +"description": "SUMMARY", +"license": "LICENSE", +} + +def __init__(self): +pass + +def process( +self, srctree, classes, lines_before, lines_after, handled, extravalues +): +if "buildsystem" in handled: +return False + +# Check for non-zero size Cargo.toml file +manifestfiles = RecipeHandler.checkfiles(srctree, ["Cargo.toml"]) +for fn in manifestfiles: +if os.path.getsize(fn): +break +else: +return False + +manifest = os.path.join(srctree, "Cargo.toml") + +lockfile = RecipeHandler.checkfiles(srctree, ["Cargo.lock"]) +if lockfile == []: +logger.error( +"No cargo lock found, this is not yet supported, falling back to another method" +) +return False + +try: +import tomllib +except ImportError: +try: +import tomli as tomllib +except ImportError: +logger.exception( +"Neither 'tomllib' nor 'tomli' could be imported. Please use python3.11 or above or install tomli module" +) +return False +except Exception: +logger.exception("Failed to parse pyproject.toml") +return False + +try: +with open(manifest, "rb") as f: +config = tomllib.load(f) + +metadata = config["package"] + +if metadata: +for field, value in metadata.items(): +if field in self.manifest_package_table: +if field == "license": +# license field is an SPDX 2.1 license expression +# https://doc.rust-lang.org/cargo/reference/manifest.html#the-license-and-license-file-fields +value = value.replace("AND", "&") +value = value.replace("OR", "|") +# even if deprecated we can still find some old crate using "/" to separate mulitple licenses +value = value.replace("/", " & ") +elif field == "license-file": +# TODO: handle this properly +continue + +extravalues[self.bbvar_map[field]] = value + +if "dependencies" in extravalues: +lines_after.append("include ${BPN}-crates.inc") +extravalues.pop("dependencies") +classes.append("cargo") +classes.append("cargo-update-recipe-crates") +handled.append("buildsystem") +except Exception: +logger.exception( +"Failed to correctly handle Cargo.toml, falling back to another method" +) +return False + + +def register_recipe_handlers(handlers): +# We need to make sure these are ahead of the makefile fallback handler +handlers.append((CargoRecipeHandler(), 80)) -- 2.42.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191312): https://lists.openembedded.org/g/openembedded-core/message/191312 Mute This Topic: https://lists.openembedded.org/mt/102833493/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
Patchtest results for [OE-core][dunfell][PATCH] mdadm: Backport fix CVE-2023-28938
Thank you for your submission. Patchtest identified one or more issues with the patch. Please see the log below for more information: --- Testing patch /home/patchtest/share/mboxes/dunfell-mdadm-Backport-fix-CVE-2023-28938.patch FAIL: test commit message presence: Please include a commit message on your patch explaining the change (test_mbox.TestMbox.test_commit_message_presence) PASS: test CVE tag format (test_patch.TestPatch.test_cve_tag_format) PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence) PASS: test Signed-off-by presence (test_patch.TestPatch.test_signed_off_by_presence) PASS: test Upstream-Status presence (test_patch.TestPatch.test_upstream_status_presence_format) PASS: test author valid (test_mbox.TestMbox.test_author_valid) PASS: test mbox format (test_mbox.TestMbox.test_mbox_format) PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade) PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format) PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length) SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format) SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint) SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head) SKIP: test target mailing list: Series merged, no reason to check other mailing lists (test_mbox.TestMbox.test_target_mailing_list) --- Please address the issues identified and submit a new revision of the patch, or alternatively, reply to this email with an explanation of why the patch should be accepted. If you believe these results are due to an error in patchtest, please submit a bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category under 'Yocto Project Subprojects'). For more information on specific failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank you! -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191311): https://lists.openembedded.org/g/openembedded-core/message/191311 Mute This Topic: https://lists.openembedded.org/mt/102833464/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell][PATCH] mdadm: Backport fix CVE-2023-28938
Signed-off-by: Ashish Sharma --- .../mdadm/files/CVE-2023-28938.patch | 80 +++ meta/recipes-extended/mdadm/mdadm_4.1.bb | 1 + 2 files changed, 81 insertions(+) create mode 100644 meta/recipes-extended/mdadm/files/CVE-2023-28938.patch diff --git a/meta/recipes-extended/mdadm/files/CVE-2023-28938.patch b/meta/recipes-extended/mdadm/files/CVE-2023-28938.patch new file mode 100644 index 000..1e2990d79af --- /dev/null +++ b/meta/recipes-extended/mdadm/files/CVE-2023-28938.patch @@ -0,0 +1,80 @@ +From 7d374a1869d3a84971d027a7f4233878c8f25a62 Mon Sep 17 00:00:00 2001 +From: Mateusz Grzonka +Date: Tue, 27 Jul 2021 10:25:18 +0200 +Subject: Fix memory leak after "mdadm --detail" + +Signed-off-by: Mateusz Grzonka +Signed-off-by: Jes Sorensen +--- +Upstream-Status: Backport from [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/patch/?id=7d374a1869d3a84971d027a7f4233878c8f25a62] +CVE: CVE-2023-28938 +Signed-off-by: Ashish Sharma + + Detail.c | 20 +--- + 1 file changed, 9 insertions(+), 11 deletions(-) + +diff --git a/Detail.c b/Detail.c +index ad56344f..d3af0ab5 100644 +--- a/Detail.c b/Detail.c +@@ -66,11 +66,11 @@ int Detail(char *dev, struct context *c) + int spares = 0; + struct stat stb; + int failed = 0; +- struct supertype *st; ++ struct supertype *st = NULL; + char *subarray = NULL; + int max_disks = MD_SB_DISKS; /* just a default */ + struct mdinfo *info = NULL; +- struct mdinfo *sra; ++ struct mdinfo *sra = NULL; + struct mdinfo *subdev; + char *member = NULL; + char *container = NULL; +@@ -93,8 +93,7 @@ int Detail(char *dev, struct context *c) + if (!sra) { + if (md_get_array_info(fd, )) { + pr_err("%s does not appear to be an md device\n", dev); +- close(fd); +- return rv; ++ goto out; + } + } + external = (sra != NULL && sra->array.major_version == -1 && +@@ -108,16 +107,13 @@ int Detail(char *dev, struct context *c) + sra->devs == NULL) { + pr_err("Array associated with md device %s does not exist.\n", + dev); +- close(fd); +- sysfs_free(sra); +- return rv; ++ goto out; + } + array = sra->array; + } else { + pr_err("cannot get array detail for %s: %s\n", + dev, strerror(errno)); +- close(fd); +- return rv; ++ goto out; + } + } + +@@ -827,10 +823,12 @@ out: + close(fd); + free(subarray); + free(avail); +- for (d = 0; d < n_devices; d++) +- free(devices[d]); ++ if (devices) ++ for (d = 0; d < n_devices; d++) ++ free(devices[d]); + free(devices); + sysfs_free(sra); ++ free(st); + return rv; + } + +-- +cgit + diff --git a/meta/recipes-extended/mdadm/mdadm_4.1.bb b/meta/recipes-extended/mdadm/mdadm_4.1.bb index 5238a41df20..ca326fd1cb1 100644 --- a/meta/recipes-extended/mdadm/mdadm_4.1.bb +++ b/meta/recipes-extended/mdadm/mdadm_4.1.bb @@ -25,6 +25,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/raid/mdadm/${BPN}-${PV}.tar.xz \ file://include_sysmacros.patch \ file://0001-mdadm-skip-test-11spare-migration.patch \ file://CVE-2023-28736.patch \ + file://CVE-2023-28938.patch \ " SRC_URI[md5sum] = "51bf3651bd73a06c413a2f964f299598" -- 2.24.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191310): https://lists.openembedded.org/g/openembedded-core/message/191310 Mute This Topic: https://lists.openembedded.org/mt/102833196/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] systemd-boot: Extend recipe to compile native
On 27 Nov 2023, at 14:56, Viswanath Kraleti via lists.openembedded.org wrote: > > systemd has ukify, a native tool, which will combine the kernel/initrd/stub > components to build the UKI (unified kernel images). systemd-boot recipe > isn't providing this tool. > > In order to use ukify, one need systemd-boot native recipe that can be > added as a dependency to get the tool under recipe-sysroot-native. Feels like it might be neater to just have a new recipe that builds that one binary, instead of a mess of overrides in an other wise simple recipe. Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191309): https://lists.openembedded.org/g/openembedded-core/message/191309 Mute This Topic: https://lists.openembedded.org/mt/102830176/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 02/19] useradd.bbclass: list all needed items for package_setscene task
On Mon, 2023-11-27 at 12:06 +0100, Alexander Kanavin wrote: > On Mon, 27 Nov 2023 at 11:59, Richard Purdie > wrote: > > > FWIW I'm still leaning towards static linking for this. The setscence > > dependencies are playing with fire and we *really* don't want to do > > this :( > > Was there some half-done branch with that approach? I could pick that > up once I get somewhere with the failing printdiff selftest. https://git.yoctoproject.org/poky-contrib/commit/?h=rpurdie/t222=a3ad82f026adbe9c58f6927a4b97d2eb09c08439 (I'd just take the patch, not the branch) Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191308): https://lists.openembedded.org/g/openembedded-core/message/191308 Mute This Topic: https://lists.openembedded.org/mt/102826368/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] systemd-boot: Extend recipe to compile native
systemd has ukify, a native tool, which will combine the kernel/initrd/stub components to build the UKI (unified kernel images). systemd-boot recipe isn't providing this tool. In order to use ukify, one need systemd-boot native recipe that can be added as a dependency to get the tool under recipe-sysroot-native. Signed-off-by: Viswanath Kraleti --- .../systemd/systemd-boot_254.4.bb | 19 ++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/meta/recipes-core/systemd/systemd-boot_254.4.bb b/meta/recipes-core/systemd/systemd-boot_254.4.bb index 4ee25ee72f..aa8b53e4dd 100644 --- a/meta/recipes-core/systemd/systemd-boot_254.4.bb +++ b/meta/recipes-core/systemd/systemd-boot_254.4.bb @@ -4,6 +4,7 @@ FILESEXTRAPATHS =. "${FILE_DIRNAME}/systemd:" require conf/image-uefi.conf DEPENDS = "intltool-native libcap util-linux gperf-native python3-jinja2-native python3-pyelftools-native" +DEPENDS:class-native = "" inherit meson pkgconfig gettext inherit deploy @@ -46,18 +47,33 @@ python __anonymous () { FILES:${PN} = "${EFI_FILES_PATH}/${SYSTEMD_BOOT_IMAGE}" RDEPENDS:${PN} += "virtual-systemd-bootconf" +RDEPENDS:${PN}:class-native = "python3-pefile-native" CFLAGS:append:libc-musl = " -D__DEFINED_wchar_t" COMPATIBLE_HOST = "(aarch64.*|arm.*|x86_64.*|i.86.*)-linux" COMPATIBLE_HOST:x86-x32 = "null" -do_install() { +do_configure:class-native () { + mkdir -p ${B}/meson-logs/ + touch ${B}/meson-logs/meson-log.txt +} + +do_compile:class-native () { +} + +do_install:class-native () { + install -d ${D}${bindir} + install -m 0755 ${S}/src/ukify/ukify.py ${D}${bindir}/ukify +} +do_install:class-target () { install -d ${D}${EFI_FILES_PATH} install ${B}/src/boot/efi/systemd-boot*.efi ${D}${EFI_FILES_PATH}/${SYSTEMD_BOOT_IMAGE} } do_deploy () { +} +do_deploy:class-target () { install ${B}/src/boot/efi/systemd-boot*.efi ${DEPLOYDIR} install ${B}/src/boot/efi/linux*.efi.stub ${DEPLOYDIR} install ${B}/src/boot/efi/addon*.efi.stub ${DEPLOYDIR} @@ -65,3 +81,4 @@ do_deploy () { addtask deploy before do_build after do_compile +BBCLASSEXTEND = "native" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191307): https://lists.openembedded.org/g/openembedded-core/message/191307 Mute This Topic: https://lists.openembedded.org/mt/102830176/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [yocto-security] OE-core CVE metrics for nanbield on Sun 26 Nov 2023 05:00:01 AM HST
Yes, nvd servers are in really bad state currently. I need up to 12 retries on http calls to get trough... I will contribute to make the retry count value (currently hardcoded to 5) configurable via variable. I'm planning to run it at low default and increase temporarily when quality decreases. Peter -Original Message- From: yocto-secur...@lists.yoctoproject.org On Behalf Of Steve Sakoman via lists.yoctoproject.org Sent: Monday, November 27, 2023 15:33 To: openembedded-core@lists.openembedded.org; yocto-secur...@lists.yoctoproject.org Subject: Re: [yocto-security] OE-core CVE metrics for nanbield on Sun 26 Nov 2023 05:00:01 AM HST > You may have noticed that these reports weren't sent on the normal schedule. > > This is due to repeated failures in updating the database: > > WARNING: cve-update-nvd2-native-1.0-r0 do_fetch: CVE database update failed > > I tried many times yesterday, but was largely unsuccessful. I was able to get > nanbield and master to complete, but in both cases it took longer than two > hours for the database to update! Every other attempt also had extremely slow > updates and then would fail an hour or so into the process. > > Is anyone else experiencing this issue? > > Steve -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191306): https://lists.openembedded.org/g/openembedded-core/message/191306 Mute This Topic: https://lists.openembedded.org/mt/102829796/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [RFC 1/2] usergrouptests: Add initial useradd testing
On Thu, 2023-11-23 at 13:49 +, Eilís 'pidge' Ní Fhlannagáin wrote: > This commit tests for > https://bugzilla.yoctoproject.org/show_bug.cgi?id=13419 > https://bugzilla.yoctoproject.org/show_bug.cgi?id=14961 > > Fixes for these are in following commits. > > Signed-off-by: Eilís 'pidge' Ní Fhlannagáin > --- > .../selftest-users/creategroup1.bb| 32 +++ > .../selftest-users/creategroup2.bb| 32 +++ > .../selftest-users/useraddbadtask.bb | 20 > .../lib/oeqa/selftest/cases/usergrouptests.py | 32 +++ > 4 files changed, 116 insertions(+) > create mode 100644 meta-selftest/recipes-test/selftest-users/creategroup1.bb > create mode 100644 meta-selftest/recipes-test/selftest-users/creategroup2.bb > create mode 100644 > meta-selftest/recipes-test/selftest-users/useraddbadtask.bb > create mode 100644 meta/lib/oeqa/selftest/cases/usergrouptests.py > > diff --git a/meta-selftest/recipes-test/selftest-users/creategroup1.bb > b/meta-selftest/recipes-test/selftest-users/creategroup1.bb > new file mode 100644 > index 000..2b0c443858c > --- /dev/null > +++ b/meta-selftest/recipes-test/selftest-users/creategroup1.bb > @@ -0,0 +1,32 @@ > +SUMMARY = "creategroup pt 1" > +LIC_FILES_CHKSUM = > "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" > + > +LICENSE = "MIT" > + > +DEPENDS:append = "coreutils-native" > + > +S = "${WORKDIR}" > + > +inherit useradd allarch > + > +USERADD_PACKAGES = "${PN}" > +USERADD_PARAM:${PN} = "-u --gid grouptest gt1" > +GROUPADD_PARAM:${PN} = "-r grouptest" > + > +TESTDIR = "${D}${sysconfdir}/creategroup" > + > +do_install() { > + install -d ${TESTDIR} > + install -d ${TESTDIR}/dir > + touch${TESTDIR}/file > + ln -s ./file ${TESTDIR}/symlink > + install -d ${TESTDIR}/fifotest > + mkfifo ${TESTDIR}/fifotest/fifo > +which chown > + chowngt1:grouptest ${TESTDIR}/file > + chown -R gt1:grouptest ${TESTDIR}/dir > + chown -h gt1:grouptest ${TESTDIR}/symlink > + chown -R gt1:grouptest ${TESTDIR}/fifotest > +} > + > +FILES:${PN} = "${sysconfdir}/creategroup/*" > diff --git a/meta-selftest/recipes-test/selftest-users/creategroup2.bb > b/meta-selftest/recipes-test/selftest-users/creategroup2.bb > new file mode 100644 > index 000..6f25592c09f > --- /dev/null > +++ b/meta-selftest/recipes-test/selftest-users/creategroup2.bb > @@ -0,0 +1,32 @@ > +SUMMARY = "creategroup pt 2" > +LIC_FILES_CHKSUM = > "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" > + > +LICENSE = "MIT" > + > +DEPENDS:append = "coreutils-native creategroup1" > + > +S = "${WORKDIR}" > + > +inherit useradd allarch > + > +USERADD_PACKAGES = "${PN}" > +USERADD_PARAM:${PN} = "-u 5556 --gid grouptest gt2" > + > +TESTDIR = "${D}${sysconfdir}/creategroup" > + > +do_install() { > + install -d ${TESTDIR} > + install -d ${TESTDIR}/dir > + touch${TESTDIR}/file > + ln -s ./file ${TESTDIR}/symlink > + install -d ${TESTDIR}/fifotest > + mkfifo ${TESTDIR}/fifotest/fifo > + > + chowngt2:grouptest ${TESTDIR}/file > + chown -R gt2:grouptest ${TESTDIR}/dir > + chown -h gt2:grouptest ${TESTDIR}/symlink > + chown -R gt2:grouptest ${TESTDIR}/fifotest > +} > + > +FILES:${PN} = "${sysconfdir}/creategroup/*" > + > diff --git a/meta-selftest/recipes-test/selftest-users/useraddbadtask.bb > b/meta-selftest/recipes-test/selftest-users/useraddbadtask.bb > new file mode 100644 > index 000..99e04a80b34 > --- /dev/null > +++ b/meta-selftest/recipes-test/selftest-users/useraddbadtask.bb > @@ -0,0 +1,20 @@ > +SUMMARY = "UserAddBadTask" > +LIC_FILES_CHKSUM = > "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" > + > +LICENSE = "MIT" > + > +DEPENDS:append = "coreutils-native" > + > +S = "${WORKDIR}" > + > +inherit useradd allarch > + > +USERADD_PACKAGES = "${PN}" > +USERADD_PARAM:${PN} = "-u --gid groupaddtask useraddtask" > +GROUPADD_PARAM:${PN} = "-r groupaddtask" > + > +do_badthingshappen() { > + echo "foo" > +} > + > +addtask badthingshappen after do_populate_sysroot before do_package > diff --git a/meta/lib/oeqa/selftest/cases/usergrouptests.py > b/meta/lib/oeqa/selftest/cases/usergrouptests.py > new file mode 100644 > index 000..14f7a0beab0 > --- /dev/null > +++ b/meta/lib/oeqa/selftest/cases/usergrouptests.py > @@ -0,0 +1,32 @@ > +# > +# Copyright OpenEmbedded Contributors > +# > +# SPDX-License-Identifier: MIT > +# > + > +from oeqa.selftest.case import OESelftestTestCase > +from oeqa.utils.commands import bitbake, get_bb_var > +import bb.utils > +import os > + > +class UserGroupTests(OESelftestTestCase): > +def test_group_from_dep_package(self): > +self.logger.info("Building creategroup2") > +self.logger.info("Cleaning sstate for creategroup1 and creategroup2") > +bitbake(' creategroup1 creategroup2 -f
Re: [OE-core] OE-core CVE metrics for nanbield on Sun 26 Nov 2023 05:00:01 AM HST
You may have noticed that these reports weren't sent on the normal schedule. This is due to repeated failures in updating the database: WARNING: cve-update-nvd2-native-1.0-r0 do_fetch: CVE database update failed I tried many times yesterday, but was largely unsuccessful. I was able to get nanbield and master to complete, but in both cases it took longer than two hours for the database to update! Every other attempt also had extremely slow updates and then would fail an hour or so into the process. Is anyone else experiencing this issue? Steve On Sun, Nov 26, 2023 at 7:01 AM wrote: > > Branch: nanbield > > New this week: 8 CVEs > CVE-2023-48231 (CVSS3: 4.3 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48231 * > CVE-2023-48232 (CVSS3: 4.3 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48232 * > CVE-2023-48233 (CVSS3: 4.3 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48233 * > CVE-2023-48234 (CVSS3: 4.3 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48234 * > CVE-2023-48235 (CVSS3: 4.3 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48235 * > CVE-2023-48236 (CVSS3: 4.3 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48236 * > CVE-2023-48237 (CVSS3: 4.3 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48237 * > CVE-2023-6176 (CVSS3: 7.8 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6176 * > > Removed this week: 3 CVEs > CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 * > CVE-2023-46246 (CVSS3: 5.5 MEDIUM): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46246 * > CVE-2023-5363 (CVSS3: 7.5 HIGH): openssl:openssl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5363 * > > Full list: Found 63 unpatched CVEs > CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * > CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * > CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * > CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * > CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * > CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * > CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * > CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * > CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * > CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * > CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 * > CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * > CVE-2023-25584 (CVSS3: 7.1 HIGH): > binutils:binutils-cross-testsuite:binutils-cross-x86_64:binutils-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25584 * > CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * > CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * > CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * > CVE-2023-38469 (CVSS3: 5.5 MEDIUM): avahi > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38469 * > CVE-2023-38470 (CVSS3: 5.5 MEDIUM): avahi > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38470 * > CVE-2023-38471 (CVSS3: 5.5 MEDIUM): avahi > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38471 * > CVE-2023-38472 (CVSS3: 5.5 MEDIUM): avahi > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38472 * > CVE-2023-38473 (CVSS3: 5.5 MEDIUM): avahi > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38473 * > CVE-2023-38559 (CVSS3: 5.5 MEDIUM): ghostscript > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38559 * > CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * > CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * > CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * > CVE-2023-39928
[OE-core] [PATCH] lib/oe/patch: handle creating patches for CRLF sources
Using devtool to patch CRLF based sources creates patch files which have mixed end of lines : LF for headers and CRLF for source context and modified lines. Python open(..., newline=None) (default for newline arg)does detect end-of-line in this mixed file but only outputs LF EOL data. This result in patch files that does not apply on the original sources. Switching to open(..., newline='') allows to detect end-of-line but keep the original end-of-line intact. This generate correct patches for CRLF based sources. Fixes [YOCTO #15285] Signed-off-by: Yoann Congal --- meta/lib/oe/patch.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py index ff9afc9df9..7bf660978e 100644 --- a/meta/lib/oe/patch.py +++ b/meta/lib/oe/patch.py @@ -477,7 +477,7 @@ class GitApplyTree(PatchTree): patchlines = [] outfile = None try: -with open(srcfile, 'r', encoding=encoding) as f: +with open(srcfile, 'r', encoding=encoding, newline='') as f: for line in f: if line.startswith(GitApplyTree.patch_line_prefix): outfile = line.split()[-1].strip() -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191303): https://lists.openembedded.org/g/openembedded-core/message/191303 Mute This Topic: https://lists.openembedded.org/mt/102828787/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v2 0/2] patch: reduce changes during patch refresh
On Wed, 2023-11-22 at 15:08 +0100, Lukas Funke wrote: > From: Lukas Funke > > The patch series aims to reduce the noise in patches created by devtools. Some > diffs are just introduced due to an update in the hash or in the diffstats. > These changes are not important to a reviewer. > > Stefan Herbrechtsmeier (2): > patch: extract patches without diffstats > patch: extract patches with all-zero hash > > meta/lib/oe/patch.py | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) I'm fairly sure but haven't conclusively proven this causes these failures: https://autobuilder.yoctoproject.org/typhoon/#/builders/86/builds/6095/steps/14/logs/stdio 2023-11-23 23:31:16,216 - oe-selftest - INFO - RESULTS - devtool.DevtoolUpdateTests.test_devtool_update_recipe_local_patch_gz: FAILED (65.60s) 2023-11-23 23:31:16,216 - oe-selftest - INFO - RESULTS - devtool.DevtoolUpdateTests.test_devtool_update_recipe_long_filename: FAILED (53.35s) 2023-11-23 23:31:16,216 - oe-selftest - INFO - RESULTS - devtool.DevtoolUpdateTests.test_devtool_update_recipe_with_gitignore: FAILED (44.11s) Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191302): https://lists.openembedded.org/g/openembedded-core/message/191302 Mute This Topic: https://lists.openembedded.org/mt/102748808/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] Patchtest results for [PATCH v2] systemd-boot: fix build issues on armv7a-linux
Thank you for your submission. Patchtest identified one or more issues with the patch. Please see the log below for more information: --- Tests failed for the patch, but the results log could not be processed due to excessive result line length. --- Please address the issues identified and submit a new revision of the patch, or alternatively, reply to this email with an explanation of why the patch should be accepted. If you believe these results are due to an error in patchtest, please submit a bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category under 'Yocto Project Subprojects'). For more information on specific failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank you! -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191301): https://lists.openembedded.org/g/openembedded-core/message/191301 Mute This Topic: https://lists.openembedded.org/mt/102828551/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2] systemd-boot: fix build issues on armv7a-linux
From: Viswanath Kraleti Backport a fix to address the build failure on armv7a introduced in systemd v254-rc1. see https://github.com/systemd/systemd/issues/29381 Signed-off-by: Viswanath Kraleti --- meta/recipes-core/systemd/systemd.inc | 4 ++- ...n-Pass-all-static-pie-args-to-linker.patch | 35 +++ 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc index ccc3236457..f9caba2066 100644 --- a/meta/recipes-core/systemd/systemd.inc +++ b/meta/recipes-core/systemd/systemd.inc @@ -17,6 +17,8 @@ LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ SRCREV = "2e7504449a51fb38db9cd2da391c6434f82def51" SRCBRANCH = "v254-stable" -SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}" +SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH} \ + file://0001-meson-Pass-all-static-pie-args-to-linker.patch \ + " S = "${WORKDIR}/git" diff --git a/meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch b/meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch new file mode 100644 index 00..efea95b6ac --- /dev/null +++ b/meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch @@ -0,0 +1,35 @@ +From f85a387a67900b02c69abccb88c2ef7191c67277 Mon Sep 17 00:00:00 2001 +From: Jan Janssen +Date: Sun, 1 Oct 2023 09:55:48 +0200 +Subject: [PATCH] meson: Pass all -static-pie args to linker + +Fixes: #29381 + +Upstream-Status: Backport [https://github.com/systemd/systemd/commit/cecbb162a3134b43d2ca160e13198c73ff34c3ef] + +--- + src/boot/efi/meson.build | 11 --- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build +index 2773eaf286..9a60a57329 100644 +--- a/src/boot/efi/meson.build b/src/boot/efi/meson.build +@@ -161,9 +161,14 @@ efi_c_ld_args = [ + '-Wl,--entry=efi_main', + '-Wl,--fatal-warnings', + +-# These flags should be passed by -static-pie, but seem to be missing sometimes. +-'-Wl,--no-dynamic-linker', +-'-z', 'text', ++# These flags should be passed by -static-pie, but for whatever reason the flag translation ++# is not enabled on all architectures. Not passing `-static` would just allow the linker to ++# use dynamic libraries, (which we can't/don't use anyway). But if `-pie` is missing and the ++# gcc build does not default to `-pie` we get a regular (no-pie) binary that will be ++# rightfully rejected by elf2efi. Note that meson also passes `-pie` to the linker driver, ++# but it is overridden by our `-static-pie`. We also need to pass these directly to the ++# linker as `-static`+`-pie` seem to get translated differently. ++'-Wl,-static,-pie,--no-dynamic-linker,-z,text', + + # EFI has 4KiB pages. + '-z', 'common-page-size=4096', -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191300): https://lists.openembedded.org/g/openembedded-core/message/191300 Mute This Topic: https://lists.openembedded.org/mt/102828347/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 0/1] Backport armv7 compilation failure fix.
systemd v254-rc1 developed a bug that is causing build failures on armv7. https://github.com/systemd/systemd/issues/29381 Upstream fixed this but OE-Core recipe is yet to catch up. For now, backporting the fix to unblock. Viswanath Kraleti (1): systemd-boot: fix build issues on armv7a-linux meta/recipes-core/systemd/systemd.inc | 4 ++- ...n-Pass-all-static-pie-args-to-linker.patch | 35 +++ 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191299): https://lists.openembedded.org/g/openembedded-core/message/191299 Mute This Topic: https://lists.openembedded.org/mt/102828345/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] bitbake-server does not exit after build ends
I can confirm the same on gentoo with python-3.12. On Mon, Nov 27, 2023 at 12:29 PM Zoltan Boszormenyi wrote: > 2023. 11. 27. 11:52 keltezéssel, Richard Purdie írta: > > Is there anything interesting in the bitbake-cookerdaemon.log file? > > Actually, yes. > > This is obviously the most suspicious: > > /usr/lib64/python3.12/multiprocessing/popen_fork.py:66: > DeprecationWarning: This process > (pid=1605202) is multi-threaded, use of fork() may lead to deadlocks in > the child. >self.pid = os.fork() > /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-worker:210: > DeprecationWarning: This process > (pid=1605590) is multi-threaded, use of fork() may lead to deadlocks in > the child. >pid = os.fork() > /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-worker:210: > DeprecationWarning: This process > (pid=1607833) is multi-threaded, use of fork() may lead to deadlocks in > the child. >pid = os.fork() > > There are a few other deprecation warnings, too, > which are not relevant to this particular problem > but may be interesting for the future, nevertheless: > > /home/zozo/test-yocto-4.3/bitbake/lib/bb/codeparser.py:260: > DeprecationWarning: ast.Str is > deprecated and will be removed in Python 3.14; use ast.Constant instead >if name in self.containsfuncs and isinstance(node.args[1], ast.Str): > /home/zozo/test-yocto-4.3/bitbake/lib/bb/codeparser.py:263: > DeprecationWarning: Attribute > s is deprecated and will be removed in Python 3.14; use value instead >self.contains[varname].add(node.args[1].s) > > ruby.bbclass has a lot of these at different line numbers: > > /home/zozo/test-yocto-4.3/conf/../layers/meta-cloud-services/classes/ruby.bbclass:28: > > SyntaxWarning: invalid escape sequence '\.' >r = re.compile("ruby ([0-9]+\.[0-9]+\.[0-9]+)*") > > These lines occur at the end (probably normal): > > 1605202 10:39:58.854287 Parse cache valid > 1605202 10:40:13.098694 Registering idle function BBCooker.buildTargets..buildTargetsIdle at 0x7fa3e22e79c0> > 1605202 10:40:13.098736 Removing idle function Command.runAsyncCommand of > > > 1605202 12:17:02.357378 Running command ['stateShutdown'] > 1605202 12:17:02.357622 Sending reply (None, None) > 1605202 12:17:02.357819 Command Completed (socket: True) > > And the remaining child processes: > > $ ps auxw | grep bitb | grep -v grep > zozo 1605202 2.3 3.5 184 1151808 ? Sl 10:39 2:29 > /usr/bin/python3 > /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-server decafbad 3 5 > /home/zozo/test-yocto-4.3/bitbake-cookerdaemon.log > /home/zozo/test-yocto-4.3/bitbake.lock > /home/zozo/test-yocto-4.3/bitbake.sock 0 0 None 0 > zozo 1605208 0.0 1.4 559372 466260 ? S10:39 0:00 > /usr/bin/python3 > /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-server decafbad 3 5 > /home/zozo/test-yocto-4.3/bitbake-cookerdaemon.log > /home/zozo/test-yocto-4.3/bitbake.lock > /home/zozo/test-yocto-4.3/bitbake.sock 0 0 None 0 > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191298): https://lists.openembedded.org/g/openembedded-core/message/191298 Mute This Topic: https://lists.openembedded.org/mt/102826186/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2] libpam: split /etc/environment into pam-plugin-env package
Since systemd-v255, pam-plugin-umask is pulled in by by the logind package config for systemd. This causes /etc/environment to be installed as part of libpam-runtime. In our case, this broke do_rootfs for our image, because /etc/environment is already provided by another (custom) recipe. Fix this by making the /etc/environment file part of the pam-plugin-env package, which isn't automatically pulled in by systemd-logind. It also happens to be the where it should be, as the file is installed as part of the pam_env plugin. Signed-off-by: Martin Hundebøll --- Changes in v2: * fixed typos in commit message * replaced changes to FILES:${PN}-runtime with prepend=True in do_split_packages() meta/recipes-extended/pam/libpam_1.5.3.bb | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb index 1aa307af4d..3183bb018f 100644 --- a/meta/recipes-extended/pam/libpam_1.5.3.bb +++ b/meta/recipes-extended/pam/libpam_1.5.3.bb @@ -54,6 +54,11 @@ FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libd FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}" FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests" +# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is +# packaged with the pam-plugin-env package to avoid breaking installations which +# install that file via other packages +FILES:pam-plugin-env = "${sysconfdir}/environment" + PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*" def get_multilib_bit(d): @@ -110,7 +115,7 @@ python populate_packages:prepend () { pam_pkgname = mlprefix + 'pam-plugin%s' do_split_packages(d, pam_libdir, r'^pam(.*)\.so$', pam_pkgname, - 'PAM plugin for %s', hook=pam_plugin_hook, extra_depends='') + 'PAM plugin for %s', hook=pam_plugin_hook, extra_depends='', prepend=True) do_split_packages(d, pam_filterdir, r'^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='') } -- 2.42.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191297): https://lists.openembedded.org/g/openembedded-core/message/191297 Mute This Topic: https://lists.openembedded.org/mt/102827883/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/1] systemd-boot: fix build issues on armv7a-linux
On Sat, 25 Nov 2023 at 13:50, Viswanath Kraleti wrote: > > From: Viswanath Kraleti > > backport a fix to address build failures on armv7a [bug id #29381] Start with the capital letter, please. Also I don't see this bug in the Yocto bugzilla. If you want to point to the Systemd issue, please use the full URL. For example, you can use Link trailer. > introduced in systemd v254-rc1. > > Signed-off-by: Viswanath Kraleti > --- > meta/recipes-core/systemd/systemd.inc | 4 ++- > ...n-Pass-all-static-pie-args-to-linker.patch | 35 +++ > 2 files changed, 38 insertions(+), 1 deletion(-) > create mode 100644 > meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch > > diff --git a/meta/recipes-core/systemd/systemd.inc > b/meta/recipes-core/systemd/systemd.inc > index ccc3236457..f9caba2066 100644 > --- a/meta/recipes-core/systemd/systemd.inc > +++ b/meta/recipes-core/systemd/systemd.inc > @@ -17,6 +17,8 @@ LIC_FILES_CHKSUM = > "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ > > SRCREV = "2e7504449a51fb38db9cd2da391c6434f82def51" > SRCBRANCH = "v254-stable" > -SRC_URI = > "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}" > +SRC_URI = > "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH} > \ > + file://0001-meson-Pass-all-static-pie-args-to-linker.patch \ > + " > > S = "${WORKDIR}/git" > diff --git > a/meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch > > b/meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch > new file mode 100644 > index 00..efea95b6ac > --- /dev/null > +++ > b/meta/recipes-core/systemd/systemd/0001-meson-Pass-all-static-pie-args-to-linker.patch > @@ -0,0 +1,35 @@ > +From f85a387a67900b02c69abccb88c2ef7191c67277 Mon Sep 17 00:00:00 2001 > +From: Jan Janssen > +Date: Sun, 1 Oct 2023 09:55:48 +0200 > +Subject: [PATCH] meson: Pass all -static-pie args to linker > + > +Fixes: #29381 > + > +Upstream-Status: Backport > [https://github.com/systemd/systemd/commit/cecbb162a3134b43d2ca160e13198c73ff34c3ef] > + > +--- > + src/boot/efi/meson.build | 11 --- > + 1 file changed, 8 insertions(+), 3 deletions(-) > + > +diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build > +index 2773eaf286..9a60a57329 100644 > +--- a/src/boot/efi/meson.build > b/src/boot/efi/meson.build > +@@ -161,9 +161,14 @@ efi_c_ld_args = [ > + '-Wl,--entry=efi_main', > + '-Wl,--fatal-warnings', > + > +-# These flags should be passed by -static-pie, but seem to be > missing sometimes. > +-'-Wl,--no-dynamic-linker', > +-'-z', 'text', > ++# These flags should be passed by -static-pie, but for whatever > reason the flag translation > ++# is not enabled on all architectures. Not passing `-static` would > just allow the linker to > ++# use dynamic libraries, (which we can't/don't use anyway). But if > `-pie` is missing and the > ++# gcc build does not default to `-pie` we get a regular (no-pie) > binary that will be > ++# rightfully rejected by elf2efi. Note that meson also passes > `-pie` to the linker driver, > ++# but it is overridden by our `-static-pie`. We also need to pass > these directly to the > ++# linker as `-static`+`-pie` seem to get translated differently. > ++'-Wl,-static,-pie,--no-dynamic-linker,-z,text', > + > + # EFI has 4KiB pages. > + '-z', 'common-page-size=4096', > -- > 2.25.1 > > > > -- With best wishes Dmitry -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191296): https://lists.openembedded.org/g/openembedded-core/message/191296 Mute This Topic: https://lists.openembedded.org/mt/102794924/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] core-image-minimal-initramfs: don't install a kernel into the initramfs
From: Ross Burton There's obviously no point in installing a kernel into an initramfs, but if we install kernel modules then they'll recommend the relevant kernel. Set PACKAGE_EXCLUDE to ensure the initramfs for a kernel doesn't contain the kernel. Signed-off-by: Ross Burton --- meta/recipes-core/images/core-image-minimal-initramfs.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-core/images/core-image-minimal-initramfs.bb b/meta/recipes-core/images/core-image-minimal-initramfs.bb index 1c08c7fec62..7bb0b2738c7 100644 --- a/meta/recipes-core/images/core-image-minimal-initramfs.bb +++ b/meta/recipes-core/images/core-image-minimal-initramfs.bb @@ -17,6 +17,9 @@ PACKAGE_INSTALL = "${INITRAMFS_SCRIPTS} ${VIRTUAL-RUNTIME_base-utils} udev base- # Do not pollute the initrd image with rootfs features IMAGE_FEATURES = "" +# Don't allow the initramfs to contain a kernel +PACKAGE_EXCLUDE = "kernel-image-*" + export IMAGE_BASENAME = "${MLPREFIX}core-image-minimal-initramfs" IMAGE_NAME_SUFFIX ?= "" IMAGE_LINGUAS = "" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191295): https://lists.openembedded.org/g/openembedded-core/message/191295 Mute This Topic: https://lists.openembedded.org/mt/102827167/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] bitbake-server does not exit after build ends
2023. 11. 27. 11:52 keltezéssel, Richard Purdie írta: Is there anything interesting in the bitbake-cookerdaemon.log file? Actually, yes. This is obviously the most suspicious: /usr/lib64/python3.12/multiprocessing/popen_fork.py:66: DeprecationWarning: This process (pid=1605202) is multi-threaded, use of fork() may lead to deadlocks in the child. self.pid = os.fork() /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-worker:210: DeprecationWarning: This process (pid=1605590) is multi-threaded, use of fork() may lead to deadlocks in the child. pid = os.fork() /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-worker:210: DeprecationWarning: This process (pid=1607833) is multi-threaded, use of fork() may lead to deadlocks in the child. pid = os.fork() There are a few other deprecation warnings, too, which are not relevant to this particular problem but may be interesting for the future, nevertheless: /home/zozo/test-yocto-4.3/bitbake/lib/bb/codeparser.py:260: DeprecationWarning: ast.Str is deprecated and will be removed in Python 3.14; use ast.Constant instead if name in self.containsfuncs and isinstance(node.args[1], ast.Str): /home/zozo/test-yocto-4.3/bitbake/lib/bb/codeparser.py:263: DeprecationWarning: Attribute s is deprecated and will be removed in Python 3.14; use value instead self.contains[varname].add(node.args[1].s) ruby.bbclass has a lot of these at different line numbers: /home/zozo/test-yocto-4.3/conf/../layers/meta-cloud-services/classes/ruby.bbclass:28: SyntaxWarning: invalid escape sequence '\.' r = re.compile("ruby ([0-9]+\.[0-9]+\.[0-9]+)*") These lines occur at the end (probably normal): 1605202 10:39:58.854287 Parse cache valid 1605202 10:40:13.098694 Registering idle function BBCooker.buildTargets..buildTargetsIdle at 0x7fa3e22e79c0> 1605202 10:40:13.098736 Removing idle function > 1605202 12:17:02.357378 Running command ['stateShutdown'] 1605202 12:17:02.357622 Sending reply (None, None) 1605202 12:17:02.357819 Command Completed (socket: True) And the remaining child processes: $ ps auxw | grep bitb | grep -v grep zozo 1605202 2.3 3.5 184 1151808 ? Sl 10:39 2:29 /usr/bin/python3 /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-server decafbad 3 5 /home/zozo/test-yocto-4.3/bitbake-cookerdaemon.log /home/zozo/test-yocto-4.3/bitbake.lock /home/zozo/test-yocto-4.3/bitbake.sock 0 0 None 0 zozo 1605208 0.0 1.4 559372 466260 ? S 10:39 0:00 /usr/bin/python3 /home/zozo/test-yocto-4.3/bitbake/bin/bitbake-server decafbad 3 5 /home/zozo/test-yocto-4.3/bitbake-cookerdaemon.log /home/zozo/test-yocto-4.3/bitbake.lock /home/zozo/test-yocto-4.3/bitbake.sock 0 0 None 0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191294): https://lists.openembedded.org/g/openembedded-core/message/191294 Mute This Topic: https://lists.openembedded.org/mt/102826186/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 02/19] useradd.bbclass: list all needed items for package_setscene task
On Mon, 27 Nov 2023 at 11:59, Richard Purdie wrote: > FWIW I'm still leaning towards static linking for this. The setscence > dependencies are playing with fire and we *really* don't want to do > this :( Was there some half-done branch with that approach? I could pick that up once I get somewhere with the failing printdiff selftest. Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191293): https://lists.openembedded.org/g/openembedded-core/message/191293 Mute This Topic: https://lists.openembedded.org/mt/102826368/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 02/19] useradd.bbclass: list all needed items for package_setscene task
On Mon, 2023-11-27 at 11:17 +0100, Alexander Kanavin wrote: > Latest shadow-native links with additional libraries; > I was unable to find a way to resolve those in setscene context > where tasks do not contain such dependencies. > > Signed-off-by: Alexander Kanavin > --- > meta/classes/useradd.bbclass | 8 +++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/meta/classes/useradd.bbclass b/meta/classes/useradd.bbclass > index 4d3bd9a5f56..a35785c9c23 100644 > --- a/meta/classes/useradd.bbclass > +++ b/meta/classes/useradd.bbclass > @@ -179,7 +179,13 @@ SSTATEPREINSTFUNCS:append:class-target = " > useradd_sysroot_sstate" > > do_package_setscene[depends] += "${USERADDSETSCENEDEPS}" > do_populate_sysroot_setscene[depends] += "${USERADDSETSCENEDEPS}" > -USERADDSETSCENEDEPS:class-target = > "${MLPREFIX}base-passwd:do_populate_sysroot_setscene > pseudo-native:do_populate_sysroot_setscene > shadow-native:do_populate_sysroot_setscene > ${MLPREFIX}shadow-sysroot:do_populate_sysroot_setscene" > +USERADDSETSCENEDEPS:class-target = > "${MLPREFIX}base-passwd:do_populate_sysroot_setscene \ > + > pseudo-native:do_populate_sysroot_setscene \ > + > shadow-native:do_populate_sysroot_setscene \ > +attr-native:do_populate_sysroot_setscene > \ > + > libbsd-native:do_populate_sysroot_setscene \ > + > libmd-native:do_populate_sysroot_setscene \ > + > ${MLPREFIX}shadow-sysroot:do_populate_sysroot_setscene" > USERADDSETSCENEDEPS = "" > > # Recipe parse-time sanity checks FWIW I'm still leaning towards static linking for this. The setscence dependencies are playing with fire and we *really* don't want to do this :( Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191292): https://lists.openembedded.org/g/openembedded-core/message/191292 Mute This Topic: https://lists.openembedded.org/mt/102826368/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] bitbake-server does not exit after build ends
On Mon, 2023-11-27 at 10:52 +0100, Zoltan Boszormenyi wrote: > Hi, > > I am not sure what's the actual problem here. > > FWIW, I have recently upgraded my laptop to Fedora 39 > where I test recipe changes first. > > Now, whenever a build ends (no matter if successfully or > if there was a recipe build failure) two bitbake-server > processes stay running. > > As a result, the next bitbake run spits out messages about > the previous instance holding bitbake.lock and retries. > > Fedora 39 has Python 3.12 but maybe an outdated python > module is the issue. > > I am happy to try any ideas. Is there anything interesting in the bitbake-cookerdaemon.log file? Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191291): https://lists.openembedded.org/g/openembedded-core/message/191291 Mute This Topic: https://lists.openembedded.org/mt/102826186/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] bitbake-server does not exit after build ends
Fedora 39 isn't yet supported or tested, so it's almost certainly you've hit a python 3.12 compatibility issue. If you can look into, that would be very appreciated. Alex On Mon, 27 Nov 2023 at 10:52, Zoltan Boszormenyi wrote: > > Hi, > > I am not sure what's the actual problem here. > > FWIW, I have recently upgraded my laptop to Fedora 39 > where I test recipe changes first. > > Now, whenever a build ends (no matter if successfully or > if there was a recipe build failure) two bitbake-server > processes stay running. > > As a result, the next bitbake run spits out messages about > the previous instance holding bitbake.lock and retries. > > Fedora 39 has Python 3.12 but maybe an outdated python > module is the issue. > > I am happy to try any ideas. > > Thanks in advance, > Zoltán > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191290): https://lists.openembedded.org/g/openembedded-core/message/191290 Mute This Topic: https://lists.openembedded.org/mt/102826186/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe-core][PATCHv2] default-providers.inc: add PREFERRED_PROVIDER variables for llvm
gallium-llvm needs to be built with clang if you, for example want to have support for opencl or want to build the intel-clc compiler. meta-clang recommends to set PREFERRED_PROVIDER_llvm = "clang" PREFERRED_PROVIDER_llvm-native = "clang-native" The current problem is that this is not taken into account in mesa and therefore both llvm and clang are included. This leads to files that are provided by both packages and would also unnecessarily increase the build time. Add PREFERRED_PROVIDER_llvm and PREFERRED_PROVIDER_llvm-native and make sure that the mesa recipe takes these variables into account. Signed-off-by: Markus Volk --- meta/conf/distro/include/default-providers.inc | 2 ++ meta/recipes-graphics/mesa/mesa.inc| 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/meta/conf/distro/include/default-providers.inc b/meta/conf/distro/include/default-providers.inc index d18173c744..819d71628b 100644 --- a/meta/conf/distro/include/default-providers.inc +++ b/meta/conf/distro/include/default-providers.inc @@ -37,6 +37,8 @@ PREFERRED_PROVIDER_dbus-glib ?= "dbus-glib" PREFERRED_PROVIDER_dbus-glib-native ?= "dbus-glib-native" PREFERRED_PROVIDER_gdk-pixbuf ?= "gdk-pixbuf" PREFERRED_PROVIDER_libgcc ?= "libgcc" +PREFERRED_PROVIDER_llvm ?= "llvm" +PREFERRED_PROVIDER_llvm-native ?= "llvm-native" PREFERRED_PROVIDER_nativesdk-libgcc ?= "nativesdk-libgcc" PREFERRED_PROVIDER_linux-libc-headers ?= "linux-libc-headers" PREFERRED_PROVIDER_nativesdk-linux-libc-headers ?= "nativesdk-linux-libc-headers" diff --git a/meta/recipes-graphics/mesa/mesa.inc b/meta/recipes-graphics/mesa/mesa.inc index e5c405a972..1a971242c9 100644 --- a/meta/recipes-graphics/mesa/mesa.inc +++ b/meta/recipes-graphics/mesa/mesa.inc @@ -183,7 +183,7 @@ GALLIUMDRIVERS:append = "${@bb.utils.contains('PACKAGECONFIG', 'r600', ',r600', GALLIUMDRIVERS:append = "${@bb.utils.contains('PACKAGECONFIG', 'virgl', ',virgl', '', d)}" PACKAGECONFIG[gallium] = "-Dgallium-drivers=${@strip_comma('${GALLIUMDRIVERS}')}, -Dgallium-drivers='', libdrm" -PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, -Dllvm=disabled, llvm llvm-native elfutils" +PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, -Dllvm=disabled, ${PREFERRED_PROVIDER_llvm} ${PREFERRED_PROVIDER_llvm-native} elfutils" PACKAGECONFIG[xa] = "-Dgallium-xa=enabled, -Dgallium-xa=disabled" PACKAGECONFIG[va] = "-Dgallium-va=enabled,-Dgallium-va=disabled,libva-initial" PACKAGECONFIG[vdpau] = "-Dgallium-vdpau=enabled,-Dgallium-vdpau=disabled,libvdpau" -- 2.42.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191289): https://lists.openembedded.org/g/openembedded-core/message/191289 Mute This Topic: https://lists.openembedded.org/mt/102826427/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: Patchtest results for [oe-core][PATCH] add PREFERRED_PROVIDER variables for llvm
Better shortlog: default-providers.inc: add PREFERRED_PROVIDER variables for llvm Alex On Mon, 27 Nov 2023 at 11:20, Patchtest wrote: > > Thank you for your submission. Patchtest identified one > or more issues with the patch. Please see the log below for > more information: > > --- > Testing patch > /home/patchtest/share/mboxes/add-PREFERRED_PROVIDER-variables-for-llvm.patch > > FAIL: test shortlog format: Commit shortlog (first line of commit message) > should follow the format ": " > (test_mbox.TestMbox.test_shortlog_format) > > PASS: test Signed-off-by presence > (test_mbox.TestMbox.test_signed_off_by_presence) > PASS: test author valid (test_mbox.TestMbox.test_author_valid) > PASS: test commit message presence > (test_mbox.TestMbox.test_commit_message_presence) > PASS: test max line length (test_metadata.TestMetadata.test_max_line_length) > PASS: test mbox format (test_mbox.TestMbox.test_mbox_format) > PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade) > PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length) > > SKIP: pretest pylint: No python related patches, skipping test > (test_python_pylint.PyLint.pretest_pylint) > SKIP: pretest src uri left files: No modified recipes, skipping pretest > (test_metadata.TestMetadata.pretest_src_uri_left_files) > SKIP: test CVE tag format: No new CVE patches introduced > (test_patch.TestPatch.test_cve_tag_format) > SKIP: test Signed-off-by presence: No new CVE patches introduced > (test_patch.TestPatch.test_signed_off_by_presence) > SKIP: test Upstream-Status presence: No new CVE patches introduced > (test_patch.TestPatch.test_upstream_status_presence_format) > SKIP: test bugzilla entry format: No bug ID found > (test_mbox.TestMbox.test_bugzilla_entry_format) > SKIP: test lic files chksum modified not mentioned: No modified recipes, > skipping test > (test_metadata.TestMetadata.test_lic_files_chksum_modified_not_mentioned) > SKIP: test lic files chksum presence: No added recipes, skipping test > (test_metadata.TestMetadata.test_lic_files_chksum_presence) > SKIP: test license presence: No added recipes, skipping test > (test_metadata.TestMetadata.test_license_presence) > SKIP: test pylint: No python related patches, skipping test > (test_python_pylint.PyLint.test_pylint) > SKIP: test series merge on head: Merge test is disabled for now > (test_mbox.TestMbox.test_series_merge_on_head) > SKIP: test src uri left files: No modified recipes, skipping pretest > (test_metadata.TestMetadata.test_src_uri_left_files) > SKIP: test summary presence: No added recipes, skipping test > (test_metadata.TestMetadata.test_summary_presence) > SKIP: test target mailing list: Series merged, no reason to check other > mailing lists (test_mbox.TestMbox.test_target_mailing_list) > > --- > > Please address the issues identified and > submit a new revision of the patch, or alternatively, reply to this > email with an explanation of why the patch should be accepted. If you > believe these results are due to an error in patchtest, please submit a > bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category > under 'Yocto Project Subprojects'). For more information on specific > failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank > you! > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191288): https://lists.openembedded.org/g/openembedded-core/message/191288 Mute This Topic: https://lists.openembedded.org/mt/102826394/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Patchtest results for [oe-core][PATCH] add PREFERRED_PROVIDER variables for llvm
Thank you for your submission. Patchtest identified one or more issues with the patch. Please see the log below for more information: --- Testing patch /home/patchtest/share/mboxes/add-PREFERRED_PROVIDER-variables-for-llvm.patch FAIL: test shortlog format: Commit shortlog (first line of commit message) should follow the format ": " (test_mbox.TestMbox.test_shortlog_format) PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence) PASS: test author valid (test_mbox.TestMbox.test_author_valid) PASS: test commit message presence (test_mbox.TestMbox.test_commit_message_presence) PASS: test max line length (test_metadata.TestMetadata.test_max_line_length) PASS: test mbox format (test_mbox.TestMbox.test_mbox_format) PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade) PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length) SKIP: pretest pylint: No python related patches, skipping test (test_python_pylint.PyLint.pretest_pylint) SKIP: pretest src uri left files: No modified recipes, skipping pretest (test_metadata.TestMetadata.pretest_src_uri_left_files) SKIP: test CVE tag format: No new CVE patches introduced (test_patch.TestPatch.test_cve_tag_format) SKIP: test Signed-off-by presence: No new CVE patches introduced (test_patch.TestPatch.test_signed_off_by_presence) SKIP: test Upstream-Status presence: No new CVE patches introduced (test_patch.TestPatch.test_upstream_status_presence_format) SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format) SKIP: test lic files chksum modified not mentioned: No modified recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_modified_not_mentioned) SKIP: test lic files chksum presence: No added recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_presence) SKIP: test license presence: No added recipes, skipping test (test_metadata.TestMetadata.test_license_presence) SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint) SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head) SKIP: test src uri left files: No modified recipes, skipping pretest (test_metadata.TestMetadata.test_src_uri_left_files) SKIP: test summary presence: No added recipes, skipping test (test_metadata.TestMetadata.test_summary_presence) SKIP: test target mailing list: Series merged, no reason to check other mailing lists (test_mbox.TestMbox.test_target_mailing_list) --- Please address the issues identified and submit a new revision of the patch, or alternatively, reply to this email with an explanation of why the patch should be accepted. If you believe these results are due to an error in patchtest, please submit a bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category under 'Yocto Project Subprojects'). For more information on specific failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank you! -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191287): https://lists.openembedded.org/g/openembedded-core/message/191287 Mute This Topic: https://lists.openembedded.org/mt/102826394/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 18/19] repo: update 2.37 -> 2.39
Signed-off-by: Alexander Kanavin --- meta/recipes-devtools/repo/repo/0001-python3-shebang.patch | 2 +- meta/recipes-devtools/repo/{repo_2.37.bb => repo_2.39.bb} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-devtools/repo/{repo_2.37.bb => repo_2.39.bb} (95%) diff --git a/meta/recipes-devtools/repo/repo/0001-python3-shebang.patch b/meta/recipes-devtools/repo/repo/0001-python3-shebang.patch index d3888c8bb2a..fba89a32d82 100644 --- a/meta/recipes-devtools/repo/repo/0001-python3-shebang.patch +++ b/meta/recipes-devtools/repo/repo/0001-python3-shebang.patch @@ -19,8 +19,8 @@ index b13e34c..205e0e5 100755 @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 - # -*- coding:utf-8 -*- # # Copyright (C) 2008 The Android Open Source Project + # -- 2.33.0 diff --git a/meta/recipes-devtools/repo/repo_2.37.bb b/meta/recipes-devtools/repo/repo_2.39.bb similarity index 95% rename from meta/recipes-devtools/repo/repo_2.37.bb rename to meta/recipes-devtools/repo/repo_2.39.bb index d6d3d03a623..a0633a5cbbc 100644 --- a/meta/recipes-devtools/repo/repo_2.37.bb +++ b/meta/recipes-devtools/repo/repo_2.39.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SRC_URI = "git://gerrit.googlesource.com/git-repo.git;protocol=https;branch=main \ file://0001-python3-shebang.patch \ " -SRCREV = "83c66ec661e39e47795086a5d26d0f3782ac1d49" +SRCREV = "b99272c601bc5f466c3cfc782bb852c2c967ad27" MIRRORS += "git://gerrit.googlesource.com/git-repo.git git://github.com/GerritCodeReview/git-repo.git" -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191285): https://lists.openembedded.org/g/openembedded-core/message/191285 Mute This Topic: https://lists.openembedded.org/mt/102826385/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 19/19] rt-tests: update 2.5 -> 2.6
Signed-off-by: Alexander Kanavin --- ...0001-Makefile-Allow-for-CC-and-AR-to-be-overridden.patch | 6 +++--- meta/recipes-rt/rt-tests/rt-tests.inc | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/meta/recipes-rt/rt-tests/files/0001-Makefile-Allow-for-CC-and-AR-to-be-overridden.patch b/meta/recipes-rt/rt-tests/files/0001-Makefile-Allow-for-CC-and-AR-to-be-overridden.patch index e9967767a0f..a1fc9e26a03 100644 --- a/meta/recipes-rt/rt-tests/files/0001-Makefile-Allow-for-CC-and-AR-to-be-overridden.patch +++ b/meta/recipes-rt/rt-tests/files/0001-Makefile-Allow-for-CC-and-AR-to-be-overridden.patch @@ -1,4 +1,4 @@ -From 174fd202f2c85e43261139d71ad18908cc29b586 Mon Sep 17 00:00:00 2001 +From 7cf4cf097895bd4c3f3d3a6f783c766b3173cf1a Mon Sep 17 00:00:00 2001 From: Randy Witt Date: Fri, 16 Oct 2020 16:54:30 -0700 Subject: [PATCH] Makefile: Allow for CC and AR to be overridden @@ -15,11 +15,11 @@ Upstream-Status: Inappropriate [other] 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile -index 4df61ec..a229986 100644 +index 223a839..a735584 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ - VERSION = 2.5 + VERSION = 2.6 -CC = $(CROSS_COMPILE)gcc -AR = $(CROSS_COMPILE)ar +CC ?= $(CROSS_COMPILE)gcc diff --git a/meta/recipes-rt/rt-tests/rt-tests.inc b/meta/recipes-rt/rt-tests/rt-tests.inc index 527e14ad546..70315c46941 100644 --- a/meta/recipes-rt/rt-tests/rt-tests.inc +++ b/meta/recipes-rt/rt-tests/rt-tests.inc @@ -1,5 +1,5 @@ -SRCREV = "4579b9a6d85ae528f76e92421eb5e7b33cd26b17" -PV = "2.5" +SRCREV = "217cd8518c5fd490892aa9c765a6b2782cb5" +PV = "2.6" PE = "1" SRC_URI = "git://git.kernel.org/pub/scm/utils/rt-tests/rt-tests.git;branch=main;protocol=https" -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191286): https://lists.openembedded.org/g/openembedded-core/message/191286 Mute This Topic: https://lists.openembedded.org/mt/102826386/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 17/19] meson: update 1.2.2 -> 1.3.0
Signed-off-by: Alexander Kanavin --- meta/recipes-devtools/meson/{meson_1.2.2.bb => meson_1.3.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/meson/{meson_1.2.2.bb => meson_1.3.0.bb} (98%) diff --git a/meta/recipes-devtools/meson/meson_1.2.2.bb b/meta/recipes-devtools/meson/meson_1.3.0.bb similarity index 98% rename from meta/recipes-devtools/meson/meson_1.2.2.bb rename to meta/recipes-devtools/meson/meson_1.3.0.bb index c38d88fe61f..e794bb28a52 100644 --- a/meta/recipes-devtools/meson/meson_1.2.2.bb +++ b/meta/recipes-devtools/meson/meson_1.3.0.bb @@ -15,7 +15,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/meson-${PV}.tar.gz \ file://0001-Make-CPU-family-warnings-fatal.patch \ file://0002-Support-building-allarch-recipes-again.patch \ " -SRC_URI[sha256sum] = "4a0f04de331fbc7af3b802a844fc8838f4ccd1ded1e792ba4f8f2faf8c5fe4d6" +SRC_URI[sha256sum] = "4ba253ef60e454e23234696119cbafa082a0aead0bd3bbf6991295054795f5dc" inherit python_setuptools_build_meta github-releases -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191284): https://lists.openembedded.org/g/openembedded-core/message/191284 Mute This Topic: https://lists.openembedded.org/mt/102826384/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 07/19] desktop-file-utils: upgrade 0.26 -> 0.27
Convert to meson. Signed-off-by: Alexander Kanavin --- ...ktop-file-utils_0.26.bb => desktop-file-utils_0.27.bb} | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) rename meta/recipes-devtools/desktop-file-utils/{desktop-file-utils_0.26.bb => desktop-file-utils_0.27.bb} (76%) diff --git a/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.26.bb b/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.27.bb similarity index 76% rename from meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.26.bb rename to meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.27.bb index f6d1146e892..55c88afcc9c 100644 --- a/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.26.bb +++ b/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.27.bb @@ -8,18 +8,14 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://src/validator.c;beginline=4;endline=27;md5=281e1114ee6c486a1a0a4295986b9416" SRC_URI = "http://freedesktop.org/software/${BPN}/releases/${BP}.tar.xz; -SRC_URI[md5sum] = "29739e005f5887cf41639b8450f3c23f" -SRC_URI[sha256sum] = "b26dbde79ea72c8c84fb7f9d870ffd857381d049a86d25e0038c4cef4c747309" +SRC_URI[sha256sum] = "a0817df39ce385b6621880407c56f1f298168c040c2032cedf88d5b76affe836" DEPENDS = "glib-2.0" -inherit autotools pkgconfig - -EXTRA_OECONF += "ac_cv_prog_EMACS=no" +inherit meson pkgconfig BBCLASSEXTEND = "native nativesdk" do_install:append() { rm -rf ${D}${datadir}/emacs } - -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191274): https://lists.openembedded.org/g/openembedded-core/message/191274 Mute This Topic: https://lists.openembedded.org/mt/102826374/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 13/19] mpg123: upgrade 1.31.3 -> 1.32.3
--disable-lfs-alias removed upstream. Signed-off-by: Alexander Kanavin --- .../mpg123/{mpg123_1.31.3.bb => mpg123_1.32.3.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta/recipes-multimedia/mpg123/{mpg123_1.31.3.bb => mpg123_1.32.3.bb} (95%) diff --git a/meta/recipes-multimedia/mpg123/mpg123_1.31.3.bb b/meta/recipes-multimedia/mpg123/mpg123_1.32.3.bb similarity index 95% rename from meta/recipes-multimedia/mpg123/mpg123_1.31.3.bb rename to meta/recipes-multimedia/mpg123/mpg123_1.32.3.bb index b03ee9f71a9..3ea68b12a8c 100644 --- a/meta/recipes-multimedia/mpg123/mpg123_1.31.3.bb +++ b/meta/recipes-multimedia/mpg123/mpg123_1.32.3.bb @@ -10,7 +10,7 @@ LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=e7b9c15fcfb986abb4cc5e8400a24169" SRC_URI = "https://www.mpg123.de/download/${BP}.tar.bz2; -SRC_URI[sha256sum] = "1ca77d3a69a5ff845b7a0536f783fee554e1041139a6b978f6afe14f5814ad1a" +SRC_URI[sha256sum] = "2d9913a57d4ee8f497a182c6e82582602409782a4fb481e989feebf4435867b4" UPSTREAM_CHECK_REGEX = "mpg123-(?P\d+(\.\d+)+)\.tar" @@ -40,7 +40,6 @@ CACHED_CONFIGUREVARS:libc-musl = "ac_cv_sys_file_offset_bits=no" EXTRA_OECONF = " \ --enable-shared \ --enable-largefile \ ---disable-lfs-alias \ --with-audio='${AUDIOMODS}' \ ${@bb.utils.contains('TUNE_FEATURES', 'neon', '--with-cpu=neon', '', d)} \ ${@bb.utils.contains('TUNE_FEATURES', 'altivec', '--with-cpu=altivec', '', d)} \ -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191280): https://lists.openembedded.org/g/openembedded-core/message/191280 Mute This Topic: https://lists.openembedded.org/mt/102826380/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 15/19] p11-kit: upgrade 0.25.0 -> 0.25.2
Switch to gitsm:// to fetch https://github.com/p11-glue/pkcs11-json.git as a submodule (otherwise meson will try to do that in do_configure). Signed-off-by: Alexander Kanavin --- .../p11-kit/files/strerror-1.patch| 76 --- .../p11-kit/files/strerror-2.patch| 30 .../{p11-kit_0.25.0.bb => p11-kit_0.25.2.bb} | 6 +- 3 files changed, 2 insertions(+), 110 deletions(-) delete mode 100644 meta/recipes-support/p11-kit/files/strerror-1.patch delete mode 100644 meta/recipes-support/p11-kit/files/strerror-2.patch rename meta/recipes-support/p11-kit/{p11-kit_0.25.0.bb => p11-kit_0.25.2.bb} (85%) diff --git a/meta/recipes-support/p11-kit/files/strerror-1.patch b/meta/recipes-support/p11-kit/files/strerror-1.patch deleted file mode 100644 index 6af4fee7249..000 --- a/meta/recipes-support/p11-kit/files/strerror-1.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 3ba2c55dfdc8ff20de369f07f6c57d08718d3add Mon Sep 17 00:00:00 2001 -From: Adam Sampson -Date: Sun, 2 Jul 2023 15:22:49 +0100 -Subject: [PATCH] Check for GNU strerror_r using the compiler only - -The new test that was added to distinguish GNU/XSI strerror_r ran a -compiled program, which doesn't work when cross-compiling. The only -difference at compile time is that the GNU version returns char * and -the XSI version returns int, so detect it by compiling a program that -dereferences the return value. - -Signed-off-by: Adam Sampson - -Upstream-Status: Backport -Signed-off-by: Ross Burton - configure.ac | 19 +++ - meson.build | 10 +- - 2 files changed, 12 insertions(+), 17 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 40f5a583..29890622 100644 a/configure.ac -+++ b/configure.ac -@@ -146,19 +146,14 @@ if test "$os_unix" = "yes"; then - - AC_CHECK_FUNC( - [strerror_r], -- [AC_RUN_IFELSE( -- [AC_LANG_SOURCE([[ -- #include -- #include -- -- int main (void) -- { -- char buf[32]; -- return strerror_r (EINVAL, buf, 32); -- } -- ]])], --[AC_DEFINE([HAVE_XSI_STRERROR_R], 1, [Whether XSI-compliant strerror_r() is available])], -+ [AC_COMPILE_IFELSE( -+ [AC_LANG_PROGRAM([[#include -+ #include ]], -+ [[/* GNU strerror_r returns char *, XSI returns int */ -+ char buf[32]; -+ return *strerror_r (EINVAL, buf, 32);]])], - [AC_DEFINE([HAVE_GNU_STRERROR_R], 1, [Whether GNU-specific strerror_r() is available])], -+[AC_DEFINE([HAVE_XSI_STRERROR_R], 1, [Whether XSI-compliant strerror_r() is available])], - [])], - []) - -diff --git a/meson.build b/meson.build -index 0f8c8da0..4cc3f89a 100644 a/meson.build -+++ b/meson.build -@@ -306,15 +306,15 @@ if cc.has_function('strerror_r', prefix: '#include ') - - int main (void) - { -+/* GNU strerror_r returns char *, XSI returns int */ - char buf[32]; --return strerror_r (EINVAL, buf, 32); -+return *strerror_r (EINVAL, buf, 32); - } - ''' -- strerror_r_check = cc.run(strerror_r_code, name : 'strerror_r check') -- if strerror_r_check.returncode() == 0 --conf.set('HAVE_XSI_STRERROR_R', 1) -- else -+ if cc.compiles(strerror_r_code, name : 'GNU strerror_r check') - conf.set('HAVE_GNU_STRERROR_R', 1) -+ else -+conf.set('HAVE_XSI_STRERROR_R', 1) - endif - endif - diff --git a/meta/recipes-support/p11-kit/files/strerror-2.patch b/meta/recipes-support/p11-kit/files/strerror-2.patch deleted file mode 100644 index 1a9180b508c..000 --- a/meta/recipes-support/p11-kit/files/strerror-2.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 7aa6251bf4ce36d027d53c9c96bb05f90ef7eb5b Mon Sep 17 00:00:00 2001 -From: Adam Sampson -Date: Sun, 2 Jul 2023 15:44:06 +0100 -Subject: [PATCH] Define _GNU_SOURCE when testing for strerror_r - -The Meson check for GNU/XSI strerror_r didn't inherit the project -options that include _GNU_SOURCE (unlike the autoconf version), so the -result didn't match how the code that uses it will be compiled. Add -_GNU_SOURCE explicitly as with the following checks. - -Signed-off-by: Adam Sampson - -Upstream-Status: Backport -Signed-off-by: Ross Burton - meson.build | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/meson.build b/meson.build -index 4cc3f89a..9a72e148 100644 a/meson.build -+++ b/meson.build -@@ -301,6 +301,7 @@ endforeach - - if cc.has_function('strerror_r', prefix: '#include ') - strerror_r_code = ''' -+#define _GNU_SOURCE - #include - #include - diff
[OE-core] [PATCH 16/19] glib-2.0: install gio-querymodules into bindir as well as libexecdir for native
Latest meson expects it there and fails if it can't find it; meanwhile we patch glib to put it into libexecdir for reasons of avoiding incorrect debian package renaming in multilib scenarios. Signed-off-by: Alexander Kanavin --- meta/recipes-core/glib-2.0/glib.inc | 5 + 1 file changed, 5 insertions(+) diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc index cec06b2f88e..fbf3a39b15f 100644 --- a/meta/recipes-core/glib-2.0/glib.inc +++ b/meta/recipes-core/glib-2.0/glib.inc @@ -113,6 +113,11 @@ do_install:append () { mkdir -p ${D}${libdir}/gio/modules } +do_install:append:class-native () { + # Link gio-querymodules into ${bindir} as otherwise tools like meson won't find it +ln -rs ${D}${libexecdir}/gio-querymodules ${D}${bindir} +} + do_install:append:class-target () { # Tests are only installed on targets, not native builds. Separating this out # keeps glib-2.0-native from depending on DISTRO_FEATURES -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191283): https://lists.openembedded.org/g/openembedded-core/message/191283 Mute This Topic: https://lists.openembedded.org/mt/102826383/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 14/19] icu: upgrade 73-2 -> 74-1
License-Update: formatting https://github.com/unicode-org/icu/commit/248b1c2a13fc7fc346e9e9419c4794df8a590ad9 Signed-off-by: Alexander Kanavin --- meta/recipes-support/icu/{icu_73-2.bb => icu_74-1.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta/recipes-support/icu/{icu_73-2.bb => icu_74-1.bb} (95%) diff --git a/meta/recipes-support/icu/icu_73-2.bb b/meta/recipes-support/icu/icu_74-1.bb similarity index 95% rename from meta/recipes-support/icu/icu_73-2.bb rename to meta/recipes-support/icu/icu_74-1.bb index 7c59f8bb896..88ded166b52 100644 --- a/meta/recipes-support/icu/icu_73-2.bb +++ b/meta/recipes-support/icu/icu_74-1.bb @@ -78,7 +78,7 @@ FILES:libicuio = "${libdir}/libicuio.so.*" BBCLASSEXTEND = "native nativesdk" -LIC_FILES_CHKSUM = "file://../LICENSE;md5=80c2cf39ad8ae12b9b9482a1737c6650" +LIC_FILES_CHKSUM = "file://../LICENSE;md5=08dc3852df8fffa807301902ad899ff8" def icu_download_version(d): pvsplit = d.getVar('PV').split('-') @@ -111,8 +111,8 @@ SRC_URI = "${BASE_SRC_URI};name=code \ SRC_URI:append:class-target = "\ file://0001-Disable-LDFLAGSICUDT-for-Linux.patch \ " -SRC_URI[code.sha256sum] = "818a80712ed3caacd9b652305e01afc7fa167e6f2e94996da44b90c2ab604ce1" -SRC_URI[data.sha256sum] = "ca1ee076163b438461e484421a7679fc33a64cd0a54f9d4b401893fa1eb42701" +SRC_URI[code.sha256sum] = "86ce8e60681972e60e4dcb2490c697463fcec60dd400a5f9bffba26d0b52b8d0" +SRC_URI[data.sha256sum] = "67d5ab39c5187e1dd0fed60a3fe52794dce9784b4c045cb85e19f5d317fd783f" UPSTREAM_CHECK_REGEX = "releases/tag/release-(?P(?!.+rc).+)" GITHUB_BASE_URI = "https://github.com/unicode-org/icu/releases; -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191281): https://lists.openembedded.org/g/openembedded-core/message/191281 Mute This Topic: https://lists.openembedded.org/mt/102826381/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 12/19] libxkbcommon: upgrade 1.5.0 -> 1.6.0
Add bash-completion support for xkbcli. Signed-off-by: Alexander Kanavin --- .../xorg-lib/{libxkbcommon_1.5.0.bb => libxkbcommon_1.6.0.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-graphics/xorg-lib/{libxkbcommon_1.5.0.bb => libxkbcommon_1.6.0.bb} (92%) diff --git a/meta/recipes-graphics/xorg-lib/libxkbcommon_1.5.0.bb b/meta/recipes-graphics/xorg-lib/libxkbcommon_1.6.0.bb similarity index 92% rename from meta/recipes-graphics/xorg-lib/libxkbcommon_1.5.0.bb rename to meta/recipes-graphics/xorg-lib/libxkbcommon_1.6.0.bb index 62e9b158e43..02045cc2122 100644 --- a/meta/recipes-graphics/xorg-lib/libxkbcommon_1.5.0.bb +++ b/meta/recipes-graphics/xorg-lib/libxkbcommon_1.6.0.bb @@ -9,11 +9,11 @@ DEPENDS = "flex-native bison-native" SRC_URI = "http://xkbcommon.org/download/${BPN}-${PV}.tar.xz; -SRC_URI[sha256sum] = "560f11c4bbbca10f495f3ef7d3a6aa4ca62b4f8fb0b52e7d459d18a26e46e017" +SRC_URI[sha256sum] = "0edc14eccdd391514458bc5f5a4b99863ed2d651e4dd761a90abf4f46ef99c2b" UPSTREAM_CHECK_URI = "http://xkbcommon.org/; -inherit meson pkgconfig +inherit meson pkgconfig bash-completion PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'x11 wayland', d)} xkbregistry" -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191279): https://lists.openembedded.org/g/openembedded-core/message/191279 Mute This Topic: https://lists.openembedded.org/mt/102826379/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 11/19] virglrenderer: upgrade 0.10.4 -> 1.0.0
venus (virtual vulkan support) is no longer experimental. Signed-off-by: Alexander Kanavin --- ...1-meson.build-use-python3-directly-for-python.patch | 10 +- ...{virglrenderer_0.10.4.bb => virglrenderer_1.0.0.bb} | 8 2 files changed, 9 insertions(+), 9 deletions(-) rename meta/recipes-graphics/virglrenderer/{virglrenderer_0.10.4.bb => virglrenderer_1.0.0.bb} (84%) diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/0001-meson.build-use-python3-directly-for-python.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/0001-meson.build-use-python3-directly-for-python.patch index 8230ba588b5..06379ee7166 100644 --- a/meta/recipes-graphics/virglrenderer/virglrenderer/0001-meson.build-use-python3-directly-for-python.patch +++ b/meta/recipes-graphics/virglrenderer/virglrenderer/0001-meson.build-use-python3-directly-for-python.patch @@ -1,4 +1,4 @@ -From c853c9e5c44f1b23a15a7ba629ee02f7d8ec23a0 Mon Sep 17 00:00:00 2001 +From 2afe24fc95dbb89e99df29ccbe73afa835f58202 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Mon, 6 Jan 2020 12:44:42 +0100 Subject: [PATCH] meson.build: use 'python3' directly for python @@ -14,15 +14,15 @@ Signed-off-by: Alexander Kanavin 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meson.build b/meson.build -index 13d95bb..b241eb2 100644 +index de6d16b5..79cedbf6 100644 --- a/meson.build +++ b/meson.build -@@ -64,7 +64,7 @@ flags = [ +@@ -68,7 +68,7 @@ flags = [ add_project_arguments(cc.get_supported_arguments(flags), language : 'c') -prog_python = import('python').find_installation('python3') +prog_python = 'python3' - libdrm_dep = dependency('libdrm', version : '>=2.4.50') - thread_dep = dependency('threads') + not_found = dependency('', required: false) + libdrm_dep = dependency('libdrm', version : '>=2.4.50', required: get_option('drm').enabled() or get_option('venus')) diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer_0.10.4.bb b/meta/recipes-graphics/virglrenderer/virglrenderer_1.0.0.bb similarity index 84% rename from meta/recipes-graphics/virglrenderer/virglrenderer_0.10.4.bb rename to meta/recipes-graphics/virglrenderer/virglrenderer_1.0.0.bb index f76e7cb1b94..ffe30a9c525 100644 --- a/meta/recipes-graphics/virglrenderer/virglrenderer_0.10.4.bb +++ b/meta/recipes-graphics/virglrenderer/virglrenderer_1.0.0.bb @@ -9,8 +9,8 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=c81c08eeefd9418fca8f88309a76db10" DEPENDS = "libdrm libepoxy virtual/egl virtual/libgbm" -SRCREV = "88b9fe3bfc64b23a701e4875006dbc0e769f14f6" -SRC_URI = "git://gitlab.freedesktop.org/virgl/virglrenderer.git;branch=master;protocol=https \ +SRCREV = "9c9d55ecbe502e0d71ee99529709efcca69aac42" +SRC_URI = "git://gitlab.freedesktop.org/virgl/virglrenderer.git;branch=main;protocol=https \ file://0001-meson.build-use-python3-directly-for-python.patch \ " @@ -18,9 +18,9 @@ S = "${WORKDIR}/git" inherit meson pkgconfig features_check -PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'vulkan', 'venus-experimental', '', d)}" +PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'vulkan', 'venus', '', d)}" -PACKAGECONFIG[venus-experimental] = "-Dvenus-experimental=true,-Dvenus-experimental=false,vulkan-loader vulkan-headers" +PACKAGECONFIG[venus] = "-Dvenus=true,-Dvenus=false,vulkan-loader vulkan-headers" PACKAGECONFIG[va] = "-Dvideo=true,-Dvideo=false,libva" PACKAGECONFIG[render-server] = "-Drender-server=true,-Drender-server=false" PACKAGECONFIG[drm-msm-experimental] = "-Ddrm-msm-experimental=true,-Ddrm-msm-experimental=false" -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191278): https://lists.openembedded.org/g/openembedded-core/message/191278 Mute This Topic: https://lists.openembedded.org/mt/102826378/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 10/19] epiphany: upgrade 44.6 -> 45.1
Signed-off-by: Alexander Kanavin --- .../epiphany/{epiphany_44.6.bb => epiphany_45.1.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-gnome/epiphany/{epiphany_44.6.bb => epiphany_45.1.bb} (94%) diff --git a/meta/recipes-gnome/epiphany/epiphany_44.6.bb b/meta/recipes-gnome/epiphany/epiphany_45.1.bb similarity index 94% rename from meta/recipes-gnome/epiphany/epiphany_44.6.bb rename to meta/recipes-gnome/epiphany/epiphany_45.1.bb index 577eb43a80e..c8631e05e97 100644 --- a/meta/recipes-gnome/epiphany/epiphany_44.6.bb +++ b/meta/recipes-gnome/epiphany/epiphany_45.1.bb @@ -31,7 +31,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@oe.utils.trim_version("${PV}", 1)}/${GN file://migrator.patch \ file://distributor.patch \ " -SRC_URI[archive.sha256sum] = "5335dd573581db61e126d854dc16ae519657a5b8790789a47d25e43e17cd3a43" +SRC_URI[archive.sha256sum] = "7c994ef34ecd60e915de331ee123c08938f9623cefada6d50b99e3c9c5ad8135" # Developer mode enables debugging PACKAGECONFIG[developer-mode] = "-Ddeveloper_mode=true,-Ddeveloper_mode=false" -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191277): https://lists.openembedded.org/g/openembedded-core/message/191277 Mute This Topic: https://lists.openembedded.org/mt/102826377/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 09/19] webkitgtk: update 2.40.5 -> 2.42.2
Drop check-GST_GL_HAVE_PLATFORM_GLX.patch as upstream removed the code. Signed-off-by: Alexander Kanavin --- ...44e17d258106617b0e6d783d073b188a2548.patch | 15 + .../check-GST_GL_HAVE_PLATFORM_GLX.patch | 33 --- ...ebkitgtk_2.40.5.bb => webkitgtk_2.42.2.bb} | 4 +-- 3 files changed, 10 insertions(+), 42 deletions(-) delete mode 100644 meta/recipes-sato/webkit/webkitgtk/check-GST_GL_HAVE_PLATFORM_GLX.patch rename meta/recipes-sato/webkit/{webkitgtk_2.40.5.bb => webkitgtk_2.42.2.bb} (98%) diff --git a/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch b/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch index 34e0ff9af38..e5ece82ed31 100644 --- a/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch +++ b/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch @@ -1,4 +1,4 @@ -From 647c93de99a0f71f478d76a4cc7714eba7ba1447 Mon Sep 17 00:00:00 2001 +From 95398982f4a120147a98a27e176facf6d95b2bf7 Mon Sep 17 00:00:00 2001 From: Adrian Perez de Castro Date: Thu, 2 Jun 2022 11:19:06 +0300 Subject: [PATCH] FELightningNEON.cpp fails to build, NEON fast path seems @@ -33,6 +33,7 @@ left for a follow-up fix. Upstream-Status: Submitted [https://github.com/WebKit/WebKit/pull/1233] Signed-off-by: Khem Raj + --- .../cpu/arm/filters/FELightingNEON.cpp| 4 +- .../graphics/cpu/arm/filters/FELightingNEON.h | 52 +-- @@ -203,7 +204,7 @@ index b17c603d..e4629cda 100644 - -#endif // FELightingNEON_h diff --git a/Source/WebCore/platform/graphics/filters/DistantLightSource.h b/Source/WebCore/platform/graphics/filters/DistantLightSource.h -index 70c6512f..b032c82e 100644 +index 70f583b3..7d5d27e5 100644 --- a/Source/WebCore/platform/graphics/filters/DistantLightSource.h +++ b/Source/WebCore/platform/graphics/filters/DistantLightSource.h @@ -26,6 +26,10 @@ @@ -218,7 +219,7 @@ index 70c6512f..b032c82e 100644 class DistantLightSource : public LightSource { diff --git a/Source/WebCore/platform/graphics/filters/FELighting.h b/Source/WebCore/platform/graphics/filters/FELighting.h -index 53beb596..e78a9354 100644 +index 179edf6d..694d712d 100644 --- a/Source/WebCore/platform/graphics/filters/FELighting.h +++ b/Source/WebCore/platform/graphics/filters/FELighting.h @@ -35,8 +35,6 @@ @@ -229,8 +230,8 @@ index 53beb596..e78a9354 100644 - class FELighting : public FilterEffect { public: - const Color& lightingColor() const { return m_lightingColor; } -@@ -64,11 +62,6 @@ protected: + bool operator==(const FELighting&) const; +@@ -68,11 +66,6 @@ protected: std::unique_ptr createSoftwareApplier() const override; @@ -243,7 +244,7 @@ index 53beb596..e78a9354 100644 float m_surfaceScale; float m_diffuseConstant; diff --git a/Source/WebCore/platform/graphics/filters/PointLightSource.h b/Source/WebCore/platform/graphics/filters/PointLightSource.h -index 3a5723f0..675d63f5 100644 +index a8cfdab8..34f867bb 100644 --- a/Source/WebCore/platform/graphics/filters/PointLightSource.h +++ b/Source/WebCore/platform/graphics/filters/PointLightSource.h @@ -26,6 +26,10 @@ @@ -258,7 +259,7 @@ index 3a5723f0..675d63f5 100644 class PointLightSource : public LightSource { diff --git a/Source/WebCore/platform/graphics/filters/SpotLightSource.h b/Source/WebCore/platform/graphics/filters/SpotLightSource.h -index 684626f7..dea58389 100644 +index 6404467a..5cac38f2 100644 --- a/Source/WebCore/platform/graphics/filters/SpotLightSource.h +++ b/Source/WebCore/platform/graphics/filters/SpotLightSource.h @@ -26,6 +26,10 @@ diff --git a/meta/recipes-sato/webkit/webkitgtk/check-GST_GL_HAVE_PLATFORM_GLX.patch b/meta/recipes-sato/webkit/webkitgtk/check-GST_GL_HAVE_PLATFORM_GLX.patch deleted file mode 100644 index ae99810cedb..000 --- a/meta/recipes-sato/webkit/webkitgtk/check-GST_GL_HAVE_PLATFORM_GLX.patch +++ /dev/null @@ -1,33 +0,0 @@ -Add additional check on GST_GL_HAVE_PLATFORM_GLX before using gst_gl_display_x11_new_with_display - -This ensures that there is a compile time check for glx support in gstreamer as -runtime check is not enough because gst_gl_display_x11_new_with_display() API comes from -gst/gl/x11/gstgldisplay_x11.h which is only included when GST_GL_HAVE_PLATFORM_GLX is defined -therefore make this check consistent to fix build with some platforms which use pvr gl drivers -where this problem appear at compile time. - - -/mnt/b/yoe/master/build/tmp/work/riscv64-yoe-linux/webkitgtk/2.40.2-r0/webkitgtk-2.40.2/Source/WebCore/platform/graphics/gstreamer/PlatformDisplayGStreamer.cpp:68:31: error: use of undeclared identifier 'gst_gl_display_x11_new_with_display'; did you mean 'gst_gl_display_egl_new_with_egl_display'? - 68 | return GST_GL_DISPLAY(gst_gl_display_x11_new_with_display(downcast(sharedDisplay).native())); - |
[OE-core] [PATCH 06/19] cmake: upgrade 3.27.5 -> 3.27.7
Signed-off-by: Alexander Kanavin --- .../cmake/{cmake-native_3.27.5.bb => cmake-native_3.27.7.bb}| 0 meta/recipes-devtools/cmake/cmake.inc | 2 +- .../recipes-devtools/cmake/{cmake_3.27.5.bb => cmake_3.27.7.bb} | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/cmake/{cmake-native_3.27.5.bb => cmake-native_3.27.7.bb} (100%) rename meta/recipes-devtools/cmake/{cmake_3.27.5.bb => cmake_3.27.7.bb} (100%) diff --git a/meta/recipes-devtools/cmake/cmake-native_3.27.5.bb b/meta/recipes-devtools/cmake/cmake-native_3.27.7.bb similarity index 100% rename from meta/recipes-devtools/cmake/cmake-native_3.27.5.bb rename to meta/recipes-devtools/cmake/cmake-native_3.27.7.bb diff --git a/meta/recipes-devtools/cmake/cmake.inc b/meta/recipes-devtools/cmake/cmake.inc index ef4eec5ab1b..ecb0e487df2 100644 --- a/meta/recipes-devtools/cmake/cmake.inc +++ b/meta/recipes-devtools/cmake/cmake.inc @@ -19,7 +19,7 @@ CMAKE_MAJOR_VERSION = "${@'.'.join(d.getVar('PV').split('.')[0:2])}" SRC_URI = "https://cmake.org/files/v${CMAKE_MAJOR_VERSION}/cmake-${PV}.tar.gz \ " -SRC_URI[sha256sum] = "5175e8fe1ca9b1dd09090130db7201968bcce1595971ff9e9998c2f0765004c9" +SRC_URI[sha256sum] = "08f71a106036bf051f692760ef9558c0577c42ac39e96ba097e7662bd4158d8e" UPSTREAM_CHECK_REGEX = "cmake-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/cmake/cmake_3.27.5.bb b/meta/recipes-devtools/cmake/cmake_3.27.7.bb similarity index 100% rename from meta/recipes-devtools/cmake/cmake_3.27.5.bb rename to meta/recipes-devtools/cmake/cmake_3.27.7.bb -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191273): https://lists.openembedded.org/g/openembedded-core/message/191273 Mute This Topic: https://lists.openembedded.org/mt/102826373/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 08/19] erofs-utils: upgrade 1.6 -> 1.7.1
Signed-off-by: Alexander Kanavin --- ...rofs-utils_1.6.bb => erofs-utils_1.7.1.bb} | 10 +- ...-don-t-allocate-read-too-large-exten.patch | 126 -- ...-block-insane-long-paths-when-extrac.patch | 80 --- 3 files changed, 4 insertions(+), 212 deletions(-) rename meta/recipes-devtools/erofs-utils/{erofs-utils_1.6.bb => erofs-utils_1.7.1.bb} (70%) delete mode 100644 meta/recipes-devtools/erofs-utils/files/0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch delete mode 100644 meta/recipes-devtools/erofs-utils/files/0002-erofs-utils-fsck-block-insane-long-paths-when-extrac.patch diff --git a/meta/recipes-devtools/erofs-utils/erofs-utils_1.6.bb b/meta/recipes-devtools/erofs-utils/erofs-utils_1.7.1.bb similarity index 70% rename from meta/recipes-devtools/erofs-utils/erofs-utils_1.6.bb rename to meta/recipes-devtools/erofs-utils/erofs-utils_1.7.1.bb index 5a89e4b8ee6..a23cb330ea2 100644 --- a/meta/recipes-devtools/erofs-utils/erofs-utils_1.6.bb +++ b/meta/recipes-devtools/erofs-utils/erofs-utils_1.7.1.bb @@ -5,11 +5,8 @@ SECTION = "base" LIC_FILES_CHKSUM = "file://COPYING;md5=73001d804ea1e3d84365f652242cca20" HOMEPAGE = "https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/tree/README; -SRCREV = "21710612d35cd952490959bfa6ea9fe87aaa52dd" -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git;branch=master;protocol=https \ - file://0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch \ - file://0002-erofs-utils-fsck-block-insane-long-paths-when-extrac.patch \ -" +SRCREV = "83d94dc619075e71ca4d0f42941cfc18d269a2af" +SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git;branch=master;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P(\d+(\.\d+)+))" @@ -19,8 +16,9 @@ DEPENDS = "util-linux-libuuid" inherit pkgconfig autotools -PACKAGECONFIG ??= "lz4" +PACKAGECONFIG ??= "lz4 zlib" PACKAGECONFIG[lz4] = "--enable-lz4,--disable-lz4,lz4" +PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib" EXTRA_OECONF = "${PACKAGECONFIG_CONFARGS} --disable-fuse" diff --git a/meta/recipes-devtools/erofs-utils/files/0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch b/meta/recipes-devtools/erofs-utils/files/0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch deleted file mode 100644 index 52f475dc424..000 --- a/meta/recipes-devtools/erofs-utils/files/0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch +++ /dev/null @@ -1,126 +0,0 @@ -From c769805c79d5acede65d96e5786aa5ebb46c01e0 Mon Sep 17 00:00:00 2001 -From: Gao Xiang -Date: Fri, 2 Jun 2023 11:05:19 +0800 -Subject: [PATCH 1/2] erofs-utils: fsck: don't allocate/read too large extents - -Since some crafted EROFS filesystem images could have insane large -extents, which causes unexpected bahaviors when extracting data. - -Fix it by extracting large extents with a buffer of a reasonable -maximum size limit and reading multiple times instead. - -Note that only `--extract` option is impacted. - -CVE: CVE-2023-33552 -Closes: https://nvd.nist.gov/vuln/detail/CVE-2023-33552 -Reported-by: Chaoming Yang -Fixes: 412c8f908132 ("erofs-utils: fsck: add --extract=X support to extract to path X") -Signed-off-by: Gao Xiang -Link: https://lore.kernel.org/r/20230602030519.117071-1-hsiang...@linux.alibaba.com - -Upstream-Status: Backport -Signed-off-by: Ross Burton - fsck/main.c | 63 + - 1 file changed, 49 insertions(+), 14 deletions(-) - -diff --git a/fsck/main.c b/fsck/main.c -index 6b42252..6689ad8 100644 a/fsck/main.c -+++ b/fsck/main.c -@@ -392,6 +392,8 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd) - } - - while (pos < inode->i_size) { -+ unsigned int alloc_rawsize; -+ - map.m_la = pos; - if (compressed) - ret = z_erofs_map_blocks_iter(inode, , -@@ -420,10 +422,28 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd) - if (!(map.m_flags & EROFS_MAP_MAPPED) || !fsckcfg.check_decomp) - continue; - -- if (map.m_plen > raw_size) { -- raw_size = map.m_plen; -- raw = realloc(raw, raw_size); -- BUG_ON(!raw); -+ if (map.m_plen > Z_EROFS_PCLUSTER_MAX_SIZE) { -+ if (compressed) { -+ erofs_err("invalid pcluster size %" PRIu64 " @ offset %" PRIu64 " of nid %" PRIu64, -+map.m_plen, map.m_la, -+inode->nid | 0ULL); -+ ret = -EFSCORRUPTED; -+ goto out; -+ } -+ alloc_rawsize = Z_EROFS_PCLUSTER_MAX_SIZE; -+ } else { -+
[OE-core] [PATCH 05/19] usbutils: upgrade 015 -> 017
Drop CFLAGS (containing host paths) from installed pkg-config file. Signed-off-by: Alexander Kanavin --- .../usbutils/{usbutils_015.bb => usbutils_017.bb} | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) rename meta/recipes-bsp/usbutils/{usbutils_015.bb => usbutils_017.bb} (86%) diff --git a/meta/recipes-bsp/usbutils/usbutils_015.bb b/meta/recipes-bsp/usbutils/usbutils_017.bb similarity index 86% rename from meta/recipes-bsp/usbutils/usbutils_015.bb rename to meta/recipes-bsp/usbutils/usbutils_017.bb index a30037b6938..c62c6256fc8 100644 --- a/meta/recipes-bsp/usbutils/usbutils_015.bb +++ b/meta/recipes-bsp/usbutils/usbutils_017.bb @@ -13,7 +13,7 @@ DEPENDS = "libusb1 virtual/libiconv udev" SRC_URI = "${KERNELORG_MIRROR}/linux/utils/usb/usbutils/usbutils-${PV}.tar.gz \ " -SRC_URI[sha256sum] = "2b8140664578f39c3f6f0166a1b950f8655304e63e3d7f89899acb99bc5cb8e7" +SRC_URI[sha256sum] = "f704c4cb78a060db88b43aac6ebfd3d93c2c5cf1d6dd0e42936faaf00814ab00" inherit autotools pkgconfig update-alternatives @@ -30,3 +30,7 @@ RRECOMMENDS:${PN} = "udev-hwdb" PACKAGE_BEFORE_PN =+ "${PN}-python" FILES:${PN}-python += "${bindir}/lsusb.py" RDEPENDS:${PN}-python = "python3-core" + +do_install:append() { +sed -i -e "s,${WORKDIR},,g" ${D}/${libdir}/pkgconfig/*.pc +} -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191272): https://lists.openembedded.org/g/openembedded-core/message/191272 Mute This Topic: https://lists.openembedded.org/mt/102826372/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 04/19] python3-pyproject-hooks: fix upstream version check
Signed-off-by: Alexander Kanavin --- meta/recipes-devtools/python/python3-pyproject-hooks_1.0.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/python/python3-pyproject-hooks_1.0.0.bb b/meta/recipes-devtools/python/python3-pyproject-hooks_1.0.0.bb index c3f1fb75ed1..9d08e7acc41 100644 --- a/meta/recipes-devtools/python/python3-pyproject-hooks_1.0.0.bb +++ b/meta/recipes-devtools/python/python3-pyproject-hooks_1.0.0.bb @@ -22,3 +22,5 @@ RDEPENDS:${PN} += " \ do_compile:class-native () { python_flit_core_do_manual_build } + +UPSTREAM_CHECK_PYPI_PACKAGE = "${PYPI_PACKAGE}" -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191271): https://lists.openembedded.org/g/openembedded-core/message/191271 Mute This Topic: https://lists.openembedded.org/mt/102826370/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 03/19] shadow: update 4.13 -> 4.14.2
License-Update: formatting, spdx conversion Drop: 0001-Disable-use-of-syslog-for-sysroot.patch (issue fixed upstream) 0001-Fix-can-not-print-full-login.patch 0001-Overhaul-valid_field.patch CVE-2023-29383.patch (backports) libbsd is a new native dependency, as otherwise glibc >= 2.38 is needed. A similar fix is added to musl in order to define non-standard __BEGIN_DECLS/__END_DECLS. Signed-off-by: Alexander Kanavin --- ...01-Disable-use-of-syslog-for-sysroot.patch | 52 --- .../0001-Fix-can-not-print-full-login.patch | 41 .../files/0001-Overhaul-valid_field.patch | 65 --- .../shadow/files/CVE-2023-29383.patch | 53 --- ...nexpected-open-failure-in-chroot-env.patch | 16 +++-- meta/recipes-extended/shadow/shadow.inc | 19 ++ .../{shadow_4.13.bb => shadow_4.14.2.bb} | 0 7 files changed, 16 insertions(+), 230 deletions(-) delete mode 100644 meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch delete mode 100644 meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch delete mode 100644 meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch delete mode 100644 meta/recipes-extended/shadow/files/CVE-2023-29383.patch rename meta/recipes-extended/shadow/{shadow_4.13.bb => shadow_4.14.2.bb} (100%) diff --git a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch deleted file mode 100644 index fa1532c8317..000 --- a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 85d0444229ee3d14fefcf10d093f49c862826f82 Mon Sep 17 00:00:00 2001 -From: Richard Purdie -Date: Thu, 14 Apr 2022 23:11:53 + -Subject: [PATCH] Disable use of syslog for shadow-native tools - -Disable use of syslog to prevent sysroot user and group additions from -writing entries to the host's syslog. This patch should only be used -with the shadow-native recipe. - -Upstream-Status: Inappropriate [OE specific configuration] -Signed-off-by: Richard Purdie -Signed-off-by: Peter Kjellerstedt - - configure.ac | 2 +- - src/login_nopam.c | 3 ++- - 2 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 924254a..603af81 100644 a/configure.ac -+++ b/configure.ac -@@ -191,7 +191,7 @@ AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd", - [Path to passwd program.]) - - dnl XXX - quick hack, should disappear before anyone notices :). --AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().]) -+#AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().]) - if test "$ac_cv_func_ruserok" = "yes"; then - AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.]) - AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).]) -diff --git a/src/login_nopam.c b/src/login_nopam.c -index df6ba88..fc24e13 100644 a/src/login_nopam.c -+++ b/src/login_nopam.c -@@ -29,7 +29,6 @@ - #ifndef USE_PAM - #ident "$Id$" - --#include "prototypes.h" - /* - * This module implements a simple but effective form of login access - * control based on login names and on host (or domain) names, internet -@@ -57,6 +56,8 @@ - #include - #include /* for inet_ntoa() */ - -+#include "prototypes.h" -+ - #if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64) - #undef MAXHOSTNAMELEN - #define MAXHOSTNAMELEN 256 diff --git a/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch b/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch deleted file mode 100644 index 89f9c05c8d3..000 --- a/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch +++ /dev/null @@ -1,41 +0,0 @@ -commit 670cae834827a8f794e6f7464fa57790d911b63c -Author: SoumyaWind <121475834+soumyaw...@users.noreply.github.com> -Date: Tue Dec 27 17:40:17 2022 +0530 - -shadow: Fix can not print full login timeout message - -Login timed out message prints only first few bytes when write is immediately followed by exit. -Calling exit from new handler provides enough time to display full message. - -Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/670cae834827a8f794e6f7464fa57790d911b63c] - -diff --git a/src/login.c b/src/login.c -index 116e2cb3..c55f4de0 100644 a/src/login.c -+++ b/src/login.c -@@ -120,6 +120,7 @@ static void get_pam_user (char **ptr_pam_user); - - static void init_env (void); - static void alarm_handler (int); -+static void exit_handler (int); - - /* - * usage - print login command usage and exit -@@ -391,11 +392,16 @@ static void init_env (void) - #endif/* !USE_PAM */ - } - -+static void exit_handler (unused int sig) -+{ -+ _exit (0); -+} - - static void alarm_handler
[OE-core] [PATCH 01/19] sstate.bbclass: setscene_depvalid(): do not exclude shadow-native from task dependency resolution
This results in executables from shadow-native, such as useradd, falling through to host libraries instead of using native ones that they were linked with, because the native libraries would not be installed because of this dependency exclusion. Until now that could be coincidentally fulfilled with host libattr (which is present on all hosts), but latest useradd also wants libbsd and libmd, and those are not typically installed. The original reason to add this exclusion was: https://git.yoctoproject.org/poky/commit/?id=0d2a301bca4eb9d43243f1a03c1cd1ab3f27f30a While I can't be sure the reason no longer applies, sstate and sysroot handling has changed massively since early 2013, testing on a-full revealed no issues, and avoiding incorrect fall-through to host libraries is better than pulling unneeded dependencies. Signed-off-by: Alexander Kanavin --- meta/classes-global/sstate.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes-global/sstate.bbclass b/meta/classes-global/sstate.bbclass index 5b27a1f0f98..4f49d8f9f8c 100644 --- a/meta/classes-global/sstate.bbclass +++ b/meta/classes-global/sstate.bbclass @@ -1119,7 +1119,7 @@ def setscene_depvalid(task, taskdependees, notneeded, d, log=None): # This is due to the [depends] in useradd.bbclass complicating matters # The logic *is* reversed here due to the way hard setscene dependencies are injected -if (taskdependees[task][1] == 'do_package' or taskdependees[task][1] == 'do_populate_sysroot') and taskdependees[dep][0].endswith(('shadow-native', 'shadow-sysroot', 'base-passwd', 'pseudo-native')) and taskdependees[dep][1] == 'do_populate_sysroot': +if (taskdependees[task][1] == 'do_package' or taskdependees[task][1] == 'do_populate_sysroot') and taskdependees[dep][0].endswith(('shadow-sysroot', 'base-passwd', 'pseudo-native')) and taskdependees[dep][1] == 'do_populate_sysroot': continue # Consider sysroot depending on sysroot tasks -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191268): https://lists.openembedded.org/g/openembedded-core/message/191268 Mute This Topic: https://lists.openembedded.org/mt/102826367/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 02/19] useradd.bbclass: list all needed items for package_setscene task
Latest shadow-native links with additional libraries; I was unable to find a way to resolve those in setscene context where tasks do not contain such dependencies. Signed-off-by: Alexander Kanavin --- meta/classes/useradd.bbclass | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/meta/classes/useradd.bbclass b/meta/classes/useradd.bbclass index 4d3bd9a5f56..a35785c9c23 100644 --- a/meta/classes/useradd.bbclass +++ b/meta/classes/useradd.bbclass @@ -179,7 +179,13 @@ SSTATEPREINSTFUNCS:append:class-target = " useradd_sysroot_sstate" do_package_setscene[depends] += "${USERADDSETSCENEDEPS}" do_populate_sysroot_setscene[depends] += "${USERADDSETSCENEDEPS}" -USERADDSETSCENEDEPS:class-target = "${MLPREFIX}base-passwd:do_populate_sysroot_setscene pseudo-native:do_populate_sysroot_setscene shadow-native:do_populate_sysroot_setscene ${MLPREFIX}shadow-sysroot:do_populate_sysroot_setscene" +USERADDSETSCENEDEPS:class-target = "${MLPREFIX}base-passwd:do_populate_sysroot_setscene \ +pseudo-native:do_populate_sysroot_setscene \ +shadow-native:do_populate_sysroot_setscene \ +attr-native:do_populate_sysroot_setscene \ +libbsd-native:do_populate_sysroot_setscene \ +libmd-native:do_populate_sysroot_setscene \ + ${MLPREFIX}shadow-sysroot:do_populate_sysroot_setscene" USERADDSETSCENEDEPS = "" # Recipe parse-time sanity checks -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191269): https://lists.openembedded.org/g/openembedded-core/message/191269 Mute This Topic: https://lists.openembedded.org/mt/102826368/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH V2] cairo: upgrade 1.16.0 -> 1.18.0
Thank you, the patch is fine now. The next step is that if there are integration issues on the autobuilder, you will get links to them and the expectation is that they are resolved by you, and the adjusted patch is resubmitted. Alex On Mon, 27 Nov 2023 at 05:02, qi...@fujitsu.com wrote: > > From: qiutt > > Changelog for 1.18.0 [1]: > The cairo-sphinx tool has been removed > Cairo now implements Type 3 color fonts for PDF > The XML surface has been removed > The Tee surface is now automatically enabled > The Quartz surface is improved > Cairo now hides all private symbols by default on every platform > Fixed multiple issues > > As a part of 1.18.0, the following patches should be dropped. > CVE-2018-19876.patch : > https://gitlab.freedesktop.org/cairo/cairo/-/commit/90e85c2493fdfa3551f202ff10282463f1e36645 > CVE-2019-6461.patch : > https://gitlab.freedesktop.org/cairo/cairo/-/commit/09643ee1abdd5daacebfcb564448f29be9a79bac > CVE-2019-6462.patch : > https://gitlab.freedesktop.org/cairo/cairo/-/commit/bbeaf08190d3006a80b80a77724801cd477a37b8 > CVE-2020-35492.patch : > https://gitlab.freedesktop.org/cairo/cairo/-/commit/c986a7310bb06582b7d8a566d5f007ba4e5e75bf > > These options are all gone [2]: directfb, valgrind, egl, glesv2, opengl, trace > > Build tool is changed : autotools -> meson > > [1] https://www.cairographics.org/news/cairo-1.18.0/ > [2] https://gitlab.freedesktop.org/cairo/cairo/-/blob/master/meson_options.txt > > Signed-off-by: qiutt > --- > .../cairo/cairo/CVE-2018-19876.patch | 34 -- > .../cairo/cairo/CVE-2019-6461.patch | 20 -- > .../cairo/cairo/CVE-2019-6462.patch | 40 > .../cairo/cairo/CVE-2020-35492.patch | 60 -- > .../{cairo_1.16.0.bb => cairo_1.18.0.bb} | 63 +-- > 5 files changed, 16 insertions(+), 201 deletions(-) > delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch > delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch > rename meta/recipes-graphics/cairo/{cairo_1.16.0.bb => cairo_1.18.0.bb} (51%) > > diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > b/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > deleted file mode 100644 > index 4252a5663b..00 > --- a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch > +++ /dev/null > @@ -1,34 +0,0 @@ > -CVE: CVE-2018-19876 > -Upstream-Status: Backport > -Signed-off-by: Ross Burton > - > -From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001 > -From: Carlos Garcia Campos > -Date: Mon, 19 Nov 2018 12:33:07 +0100 > -Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in > - cairo_ft_apply_variations > - > -Fixes a crash when using freetype >= 2.9 > > - src/cairo-ft-font.c | 4 > - 1 file changed, 4 insertions(+) > - > -diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c > -index 325dd61b4..981973f78 100644 > a/src/cairo-ft-font.c > -+++ b/src/cairo-ft-font.c > -@@ -2393,7 +2393,11 @@ skip: > - done: > - free (coords); > - free (current_coords); > -+#if HAVE_FT_DONE_MM_VAR > -+FT_Done_MM_Var (face->glyph->library, ft_mm_var); > -+#else > - free (ft_mm_var); > -+#endif > - } > - } > - > --- > -2.11.0 > - > diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > deleted file mode 100644 > index a2dba6cb20..00 > --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch > +++ /dev/null > @@ -1,20 +0,0 @@ > -There is an assertion in function _cairo_arc_in_direction(). > - > -CVE: CVE-2019-6461 > -Upstream-Status: Pending > -Signed-off-by: Ross Burton > - > -diff --git a/src/cairo-arc.c b/src/cairo-arc.c > -index 390397bae..1bde774a4 100644 > a/src/cairo-arc.c > -+++ b/src/cairo-arc.c > -@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t *cr, > - if (cairo_status (cr)) > - return; > - > --assert (angle_max >= angle_min); > -+if (angle_max < angle_min) > -+ return; > - > - if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) { > - angle_max = fmod (angle_max - angle_min, 2 * M_PI); > diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch > b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch > deleted file mode 100644 > index 7c3209291b..00 > --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch > +++ /dev/null > @@ -1,40 +0,0 @@ > -CVE: CVE-2019-6462 > -Upstream-Status: Backport > -Signed-off-by: Quentin Schulz > - > -From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001 > -From: Heiko Lewin > -Date: Sun, 1 Aug 2021 11:16:03 + > -Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop > - >
[OE-core][nanbield][PATCH] avahi: backport Debian patches to fix multiple CVE's
From: Vijay Anusuri import patches from ubuntu to fix CVE-2023-1981 CVE-2023-38469 CVE-2023-38470 CVE-2023-38471 CVE-2023-38472 CVE-2023-38473 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches?h=ubuntu/jammy-security Upstream commit https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f & https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf & https://github.com/lathiat/avahi/commit/c6cab87df290448a63323c8ca759baa516166237 & https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c & https://github.com/lathiat/avahi/commit/20dec84b2480821704258bc908e7b2bd2e883b24 & https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09 & https://github.com/lathiat/avahi/commit/b675f70739f404342f7f78635d6e2dcd85a13460 & https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40 & https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797] Signed-off-by: Vijay Anusuri --- meta/recipes-connectivity/avahi/avahi_0.8.bb | 8 ++ .../avahi/files/CVE-2023-1981.patch | 58 ++ .../avahi/files/CVE-2023-38469-1.patch| 48 .../avahi/files/CVE-2023-38469-2.patch| 65 +++ .../avahi/files/CVE-2023-38470-1.patch| 57 + .../avahi/files/CVE-2023-38470-2.patch| 52 + .../avahi/files/CVE-2023-38471-1.patch| 73 .../avahi/files/CVE-2023-38471-2.patch| 52 + .../avahi/files/CVE-2023-38472.patch | 45 .../avahi/files/CVE-2023-38473.patch | 109 ++ 10 files changed, 567 insertions(+) create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb index 4c830cc058..aa395beaf9 100644 --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -26,6 +26,14 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \ file://handle-hup.patch \ file://local-ping.patch \ file://invalid-service.patch \ + file://CVE-2023-1981.patch \ + file://CVE-2023-38469-1.patch \ + file://CVE-2023-38469-2.patch \ + file://CVE-2023-38470-1.patch \ + file://CVE-2023-38470-2.patch \ + file://CVE-2023-38471-1.patch \ + file://CVE-2023-38471-2.patch \ + file://CVE-2023-38472.patch \ " GITHUB_BASE_URI = "https://github.com/lathiat/avahi/releases/; diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch new file mode 100644 index 00..4d7924d13a --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch @@ -0,0 +1,58 @@ +From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Thu, 17 Nov 2022 01:51:53 +0100 +Subject: [PATCH] Emit error if requested service is not found + +It currently just crashes instead of replying with error. Check return +value and emit error instead of passing NULL pointer to reply. + +Fixes #375 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-1981.patch?h=ubuntu/jammy-security +Upstream commit https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f] +CVE: CVE-2023-1981 +Signed-off-by: Vijay Anusuri +--- + avahi-daemon/dbus-protocol.c | 20 ++-- + 1 file changed, 14 insertions(+), 6 deletions(-) + +diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c +index 70d7687bc..406d0b441 100644 +--- a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c +@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM + } + + t = avahi_alternative_host_name(n); +-avahi_dbus_respond_string(c, m, t); +-avahi_free(t); ++if (t) { ++avahi_dbus_respond_string(c, m, t); ++avahi_free(t); + +-return DBUS_HANDLER_RESULT_HANDLED; ++return
[oe-core][PATCH] add PREFERRED_PROVIDER variables for llvm
gallium-llvm needs to be built with clang if you, for example want to have support for opencl or want to build the intel-clc compiler. meta-clang recommends to set PREFERRED_PROVIDER_llvm = "clang" PREFERRED_PROVIDER_llvm-native = "clang-native" The current problem is that this is not taken into account in mesa and therefore both llvm and clang are included. This leads to files that are provided by both packages and would also unnecessarily increase the build time. Add PREFERRED_PROVIDER_llvm and PREFERRED_PROVIDER_llvm-native and make sure that the mesa recipe takes these variables into account. Signed-off-by: Markus Volk --- meta/conf/distro/include/default-providers.inc | 2 ++ meta/recipes-graphics/mesa/mesa.inc| 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/meta/conf/distro/include/default-providers.inc b/meta/conf/distro/include/default-providers.inc index d18173c744..819d71628b 100644 --- a/meta/conf/distro/include/default-providers.inc +++ b/meta/conf/distro/include/default-providers.inc @@ -37,6 +37,8 @@ PREFERRED_PROVIDER_dbus-glib ?= "dbus-glib" PREFERRED_PROVIDER_dbus-glib-native ?= "dbus-glib-native" PREFERRED_PROVIDER_gdk-pixbuf ?= "gdk-pixbuf" PREFERRED_PROVIDER_libgcc ?= "libgcc" +PREFERRED_PROVIDER_llvm ?= "llvm" +PREFERRED_PROVIDER_llvm-native ?= "llvm-native" PREFERRED_PROVIDER_nativesdk-libgcc ?= "nativesdk-libgcc" PREFERRED_PROVIDER_linux-libc-headers ?= "linux-libc-headers" PREFERRED_PROVIDER_nativesdk-linux-libc-headers ?= "nativesdk-linux-libc-headers" diff --git a/meta/recipes-graphics/mesa/mesa.inc b/meta/recipes-graphics/mesa/mesa.inc index e5c405a972..1a971242c9 100644 --- a/meta/recipes-graphics/mesa/mesa.inc +++ b/meta/recipes-graphics/mesa/mesa.inc @@ -183,7 +183,7 @@ GALLIUMDRIVERS:append = "${@bb.utils.contains('PACKAGECONFIG', 'r600', ',r600', GALLIUMDRIVERS:append = "${@bb.utils.contains('PACKAGECONFIG', 'virgl', ',virgl', '', d)}" PACKAGECONFIG[gallium] = "-Dgallium-drivers=${@strip_comma('${GALLIUMDRIVERS}')}, -Dgallium-drivers='', libdrm" -PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, -Dllvm=disabled, llvm llvm-native elfutils" +PACKAGECONFIG[gallium-llvm] = "-Dllvm=enabled -Dshared-llvm=enabled, -Dllvm=disabled, ${PREFERRED_PROVIDER_llvm} ${PREFERRED_PROVIDER_llvm-native} elfutils" PACKAGECONFIG[xa] = "-Dgallium-xa=enabled, -Dgallium-xa=disabled" PACKAGECONFIG[va] = "-Dgallium-va=enabled,-Dgallium-va=disabled,libva-initial" PACKAGECONFIG[vdpau] = "-Dgallium-vdpau=enabled,-Dgallium-vdpau=disabled,libvdpau" -- 2.42.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191265): https://lists.openembedded.org/g/openembedded-core/message/191265 Mute This Topic: https://lists.openembedded.org/mt/102826231/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] bitbake-server does not exit after build ends
2023. 11. 27. 10:52 keltezéssel, Zoltan Boszormenyi via lists.openembedded.org írta: Hi, I am not sure what's the actual problem here. FWIW, I have recently upgraded my laptop to Fedora 39 where I test recipe changes first. Now, whenever a build ends (no matter if successfully or if there was a recipe build failure) two bitbake-server processes stay running. Builds for mickledore and nanbield both show the same issue. As a result, the next bitbake run spits out messages about the previous instance holding bitbake.lock and retries. Fedora 39 has Python 3.12 but maybe an outdated python module is the issue. I am happy to try any ideas. Thanks in advance, Zoltán -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191264): https://lists.openembedded.org/g/openembedded-core/message/191264 Mute This Topic: https://lists.openembedded.org/mt/102826186/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] bitbake-server does not exit after build ends
Hi, I am not sure what's the actual problem here. FWIW, I have recently upgraded my laptop to Fedora 39 where I test recipe changes first. Now, whenever a build ends (no matter if successfully or if there was a recipe build failure) two bitbake-server processes stay running. As a result, the next bitbake run spits out messages about the previous instance holding bitbake.lock and retries. Fedora 39 has Python 3.12 but maybe an outdated python module is the issue. I am happy to try any ideas. Thanks in advance, Zoltán -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191263): https://lists.openembedded.org/g/openembedded-core/message/191263 Mute This Topic: https://lists.openembedded.org/mt/102826186/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-