summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--bitbake/lib/bb/__init__.py2
-rw-r--r--bitbake/lib/bb/cooker.py10
-rw-r--r--bitbake/lib/bb/runqueue.py7
-rw-r--r--documentation/conf.py2
-rw-r--r--documentation/poky.yaml8
-rw-r--r--documentation/releases.rst6
-rw-r--r--documentation/sphinx-static/switchers.js4
-rw-r--r--meta-poky/conf/distro/poky.conf2
-rw-r--r--meta-poky/conf/local.conf.sample.extended23
-rw-r--r--meta-selftest/recipes-test/aspell/aspell_0.0.0.1.bb1
-rw-r--r--meta-skeleton/recipes-baremetal/baremetal-examples/baremetal-helloworld_git.bb1
-rw-r--r--meta-skeleton/recipes-kernel/hello-mod/hello-mod_0.1.bb1
-rw-r--r--meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb2
-rw-r--r--meta-skeleton/recipes-multilib/images/core-image-multilib-example.bb3
-rw-r--r--meta-skeleton/recipes-skeleton/service/service_0.1.bb1
-rw-r--r--meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend8
-rw-r--r--meta/classes/buildhistory.bbclass3
-rw-r--r--meta/classes/cmake.bbclass3
-rw-r--r--meta/classes/devshell.bbclass1
-rw-r--r--meta/classes/externalsrc.bbclass16
-rw-r--r--meta/classes/image.bbclass4
-rw-r--r--meta/classes/insane.bbclass22
-rw-r--r--meta/classes/linux-dummy.bbclass26
-rw-r--r--meta/classes/package.bbclass2
-rw-r--r--meta/classes/package_rpm.bbclass1
-rw-r--r--meta/classes/populate_sdk_base.bbclass9
-rw-r--r--meta/classes/populate_sdk_ext.bbclass7
-rw-r--r--meta/classes/report-error.bbclass4
-rw-r--r--meta/classes/reproducible_build.bbclass15
-rw-r--r--meta/conf/abi_version.conf2
-rw-r--r--meta/conf/bitbake.conf7
-rw-r--r--meta/conf/distro/include/maintainers.inc46
-rw-r--r--meta/conf/distro/include/ptest-packagelists.inc1
-rw-r--r--meta/conf/distro/include/yocto-uninative.inc10
-rw-r--r--meta/lib/bblayers/create.py2
-rw-r--r--meta/lib/oe/copy_buildsystem.py6
-rw-r--r--meta/lib/oe/cve_check.py7
-rw-r--r--meta/lib/oe/reproducible.py8
-rw-r--r--meta/lib/oeqa/runtime/cases/pam.py3
-rw-r--r--meta/lib/oeqa/selftest/cases/cve_check.py8
-rw-r--r--meta/lib/oeqa/selftest/cases/reproducible.py18
-rw-r--r--meta/lib/oeqa/selftest/cases/wic.py18
-rw-r--r--meta/recipes-bsp/efivar/efivar/determinism.patch18
-rw-r--r--meta/recipes-bsp/efivar/efivar_37.bb1
-rw-r--r--meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb1
-rw-r--r--meta/recipes-bsp/opensbi/opensbi_0.6.bb1
-rw-r--r--meta/recipes-bsp/v86d/v86d_0.1.10.bb1
-rw-r--r--meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch17
-rw-r--r--meta/recipes-connectivity/bind/bind_9.11.22.bb2
-rw-r--r--meta/recipes-connectivity/connman/connman/CVE-2021-26675.patch62
-rw-r--r--meta/recipes-connectivity/connman/connman/CVE-2021-26676-0001.patch231
-rw-r--r--meta/recipes-connectivity/connman/connman/CVE-2021-26676-0002.patch33
-rw-r--r--meta/recipes-connectivity/connman/connman_1.37.bb3
-rw-r--r--meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb1
-rw-r--r--meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb1
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.1.1k.bb (renamed from meta/recipes-connectivity/openssl/openssl_1.1.1i.bb)2
-rw-r--r--meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb1
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch45
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch58
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb3
-rw-r--r--meta/recipes-core/base-passwd/base-passwd_3.5.29.bb1
-rw-r--r--meta/recipes-core/dbus-wait/dbus-wait_git.bb1
-rw-r--r--meta/recipes-core/dropbear/dropbear.inc1
-rw-r--r--meta/recipes-core/ell/ell_0.33.bb1
-rw-r--r--meta/recipes-core/fts/fts_1.2.7.bb1
-rw-r--r--meta/recipes-core/glibc/glibc-version.inc2
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2019-25013.patch135
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2020-29562.patch156
-rw-r--r--meta/recipes-core/glibc/glibc_2.31.bb6
-rw-r--r--meta/recipes-core/ifupdown/ifupdown_0.8.35.bb1
-rw-r--r--meta/recipes-core/images/build-appliance-image_15.0.0.bb10
-rw-r--r--meta/recipes-core/initrdscripts/files/init-install-efi.sh5
-rw-r--r--meta/recipes-core/kbd/kbd_2.2.0.bb1
-rw-r--r--meta/recipes-core/meta/cve-update-db-native.bb7
-rw-r--r--meta/recipes-core/systemd/systemd-conf/wired.network1
-rw-r--r--meta/recipes-core/systemd/systemd-conf_244.3.bb3
-rw-r--r--meta/recipes-core/udev/eudev_3.2.9.bb1
-rw-r--r--meta/recipes-devtools/apt/apt.inc1
-rw-r--r--meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb1
-rw-r--r--meta/recipes-devtools/dejagnu/dejagnu_1.6.2.bb1
-rw-r--r--meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.24.bb3
-rw-r--r--meta/recipes-devtools/devel-config/distcc-config.bb1
-rw-r--r--meta/recipes-devtools/distcc/distcc_3.3.3.bb1
-rw-r--r--meta/recipes-devtools/dmidecode/dmidecode_3.2.bb1
-rw-r--r--meta/recipes-devtools/dnf/dnf_4.2.2.bb1
-rw-r--r--meta/recipes-devtools/dpkg/dpkg.inc2
-rw-r--r--meta/recipes-devtools/dwarfsrcfiles/dwarfsrcfiles.bb1
-rw-r--r--meta/recipes-devtools/elfutils/elfutils_0.178.bb1
-rw-r--r--meta/recipes-devtools/fdisk/gptfdisk_1.0.4.bb1
-rw-r--r--meta/recipes-devtools/gcc/gcc-common.inc1
-rw-r--r--meta/recipes-devtools/gdb/gdb-common.inc1
-rw-r--r--meta/recipes-devtools/git/files/CVE-2021-21300.patch305
-rw-r--r--meta/recipes-devtools/git/git.inc5
-rw-r--r--meta/recipes-devtools/glide/glide_0.13.3.bb3
-rw-r--r--meta/recipes-devtools/gnu-config/gnu-config_git.bb1
-rw-r--r--meta/recipes-devtools/help2man/help2man-native_1.47.11.bb3
-rw-r--r--meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb1
-rw-r--r--meta/recipes-devtools/icecc-toolchain/nativesdk-icecc-toolchain_0.1.bb1
-rw-r--r--meta/recipes-devtools/intltool/intltool_0.51.0.bb2
-rw-r--r--meta/recipes-devtools/jquery/jquery_3.5.0.bb1
-rw-r--r--meta/recipes-devtools/libcomps/libcomps_0.1.15.bb2
-rw-r--r--meta/recipes-devtools/libdnf/libdnf_0.28.1.bb2
-rw-r--r--meta/recipes-devtools/libmodulemd/libmodulemd-v1_git.bb2
-rw-r--r--meta/recipes-devtools/librepo/librepo/CVE-2020-14352.patch55
-rw-r--r--meta/recipes-devtools/librepo/librepo_1.11.2.bb3
-rw-r--r--meta/recipes-devtools/libtool/libtool-2.4.6.inc1
-rw-r--r--meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch35
-rw-r--r--meta/recipes-devtools/makedevs/makedevs_1.0.1.bb1
-rw-r--r--meta/recipes-devtools/mmc/mmc-utils_git.bb1
-rw-r--r--meta/recipes-devtools/mtd/mtd-utils_git.bb1
-rw-r--r--meta/recipes-devtools/nasm/nasm_2.15.03.bb2
-rw-r--r--meta/recipes-devtools/ninja/ninja_1.10.0.bb1
-rw-r--r--meta/recipes-devtools/opkg/opkg_0.4.2.bb1
-rw-r--r--meta/recipes-devtools/orc/orc_0.4.31.bb1
-rw-r--r--meta/recipes-devtools/patchelf/patchelf_0.10.bb9
-rw-r--r--meta/recipes-devtools/perl/perl_5.30.1.bb1
-rw-r--r--meta/recipes-devtools/pseudo/pseudo.inc1
-rw-r--r--meta/recipes-devtools/python-numpy/python-numpy.inc2
-rw-r--r--meta/recipes-devtools/python/python3-jinja2_2.11.2.bb3
-rw-r--r--meta/recipes-devtools/python/python3-pygobject_3.34.0.bb2
-rw-r--r--meta/recipes-devtools/python/python3-scons_3.1.2.bb1
-rw-r--r--meta/recipes-devtools/python/python3/CVE-2021-3177.patch191
-rw-r--r--meta/recipes-devtools/python/python3_3.8.2.bb2
-rw-r--r--meta/recipes-devtools/qemu/qemu.inc1
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-20203.patch74
-rw-r--r--meta/recipes-devtools/rsync/rsync_3.1.3.bb1
-rwxr-xr-xmeta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts10
-rw-r--r--meta/recipes-devtools/run-postinsts/run-postinsts_1.0.bb1
-rw-r--r--meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb2
-rw-r--r--meta/recipes-devtools/strace/strace_5.5.bb1
-rw-r--r--meta/recipes-devtools/subversion/subversion_1.13.0.bb1
-rw-r--r--meta/recipes-devtools/swig/swig/determinism.patch19
-rw-r--r--meta/recipes-devtools/swig/swig_3.0.12.bb1
-rw-r--r--meta/recipes-devtools/syslinux/syslinux/determinism.patch22
-rw-r--r--meta/recipes-devtools/syslinux/syslinux_6.04-pre2.bb6
-rw-r--r--meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb6
-rw-r--r--meta/recipes-devtools/tcf-agent/tcf-agent_git.bb1
-rw-r--r--meta/recipes-devtools/tcltk/tcl_8.6.10.bb1
-rw-r--r--meta/recipes-devtools/unfs3/unfs3_git.bb1
-rw-r--r--meta/recipes-devtools/unifdef/unifdef_2.12.bb1
-rw-r--r--meta/recipes-devtools/vala/vala.inc2
-rw-r--r--meta/recipes-devtools/valgrind/valgrind/0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch9
-rw-r--r--meta/recipes-devtools/valgrind/valgrind_3.15.0.bb1
-rw-r--r--meta/recipes-devtools/xmlto/xmlto_0.0.28.bb3
-rw-r--r--meta/recipes-extended/asciidoc/asciidoc_8.6.9.bb2
-rw-r--r--meta/recipes-extended/bash/bash.inc1
-rw-r--r--meta/recipes-extended/bc/bc_1.07.1.bb1
-rw-r--r--meta/recipes-extended/cracklib/cracklib_2.9.5.bb3
-rw-r--r--meta/recipes-extended/cups/cups.inc3
-rw-r--r--meta/recipes-extended/cwautomacros/cwautomacros_20110201.bb1
-rw-r--r--meta/recipes-extended/ed/ed_1.15.bb1
-rw-r--r--meta/recipes-extended/grep/grep_3.4.bb1
-rw-r--r--meta/recipes-extended/groff/groff_1.22.4.bb1
-rw-r--r--meta/recipes-extended/iputils/iputils/0001-arping-revert-partially-fix-sent-vs-received-package.patch39
-rw-r--r--meta/recipes-extended/iputils/iputils/0002-arping-fix-f-quit-on-first-reply-regression.patch39
-rw-r--r--meta/recipes-extended/iputils/iputils/0003-arping-Fix-comparison-of-different-signedness-warnin.patch37
-rw-r--r--meta/recipes-extended/iputils/iputils/0004-arping-return-success-when-unsolicited-ARP-mode-dest.patch45
-rw-r--r--meta/recipes-extended/iputils/iputils/0005-arping-use-additional-timerfd-to-control-when-timeou.patch94
-rw-r--r--meta/recipes-extended/iputils/iputils_s20190709.bb5
-rw-r--r--meta/recipes-extended/libsolv/libsolv_0.7.10.bb1
-rw-r--r--meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb1
-rw-r--r--meta/recipes-extended/logrotate/logrotate_3.15.1.bb3
-rw-r--r--meta/recipes-extended/lzip/lzip_1.21.bb1
-rw-r--r--meta/recipes-extended/man-db/man-db_2.9.0.bb1
-rw-r--r--meta/recipes-extended/mc/mc_4.8.23.bb1
-rw-r--r--meta/recipes-extended/mdadm/mdadm_4.1.bb1
-rw-r--r--meta/recipes-extended/mingetty/mingetty_1.08.bb1
-rw-r--r--meta/recipes-extended/parted/parted_3.3.bb1
-rw-r--r--meta/recipes-extended/perl/libconvert-asn1-perl_0.27.bb2
-rw-r--r--meta/recipes-extended/perl/libtimedate-perl_2.30.bb1
-rw-r--r--meta/recipes-extended/quota/quota_4.05.bb1
-rw-r--r--meta/recipes-extended/screen/screen/CVE-2021-26937.patch68
-rw-r--r--meta/recipes-extended/screen/screen_4.8.0.bb1
-rw-r--r--meta/recipes-extended/sed/sed_4.8.bb1
-rw-r--r--meta/recipes-extended/shadow/shadow.inc1
-rw-r--r--meta/recipes-extended/shadow/shadow_4.8.1.bb5
-rw-r--r--meta/recipes-extended/sudo/sudo.inc2
-rw-r--r--meta/recipes-extended/texinfo-dummy-native/texinfo-dummy-native.bb1
-rw-r--r--meta/recipes-extended/unzip/unzip_6.0.bb1
-rw-r--r--meta/recipes-extended/watchdog/watchdog_5.15.bb1
-rw-r--r--meta/recipes-extended/xinetd/xinetd_2.3.15.bb1
-rw-r--r--meta/recipes-extended/xz/xz_5.2.4.bb1
-rw-r--r--meta/recipes-extended/zip/zip_3.0.bb1
-rw-r--r--meta/recipes-gnome/epiphany/epiphany_3.34.4.bb3
-rw-r--r--meta/recipes-gnome/gnome/adwaita-icon-theme_3.34.3.bb2
-rw-r--r--meta/recipes-gnome/libnotify/libnotify_0.7.8.bb4
-rw-r--r--meta/recipes-gnome/libsecret/libsecret_0.20.1.bb1
-rw-r--r--meta/recipes-graphics/clutter/clutter-gst-3.0.inc4
-rw-r--r--meta/recipes-graphics/clutter/clutter-gtk-1.0.inc5
-rw-r--r--meta/recipes-graphics/kmscube/kmscube_git.bb6
-rw-r--r--meta/recipes-graphics/libsdl2/libsdl2/CVE-2020-14409-14410.patch79
-rw-r--r--meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb1
-rw-r--r--meta/recipes-graphics/mini-x-session/mini-x-session_0.1.bb1
-rw-r--r--meta/recipes-graphics/mx/mx.inc6
-rw-r--r--meta/recipes-graphics/piglit/piglit_git.bb2
-rw-r--r--meta/recipes-graphics/startup-notification/startup-notification_0.12.bb5
-rw-r--r--meta/recipes-graphics/ttf-fonts/ttf-bitstream-vera_1.10.bb1
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-headers_1.1.126.0.bb4
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-tools_1.1.126.0.bb1
-rw-r--r--meta/recipes-graphics/waffle/waffle_1.6.0.bb8
-rw-r--r--meta/recipes-graphics/xinput-calibrator/pointercal-xinput_0.0.bb3
-rw-r--r--meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb2
-rw-r--r--meta/recipes-kernel/blktrace/blktrace_git.bb5
-rw-r--r--meta/recipes-kernel/cryptodev/cryptodev-module_1.10.bb2
-rw-r--r--meta/recipes-kernel/cryptodev/cryptodev.inc5
-rw-r--r--meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-Linux-5.8-rc1.patch49
-rw-r--r--meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-Linux-5.9-rc1.patch42
-rw-r--r--meta/recipes-kernel/dtc/dtc/0001-fdtdump-Fix-gcc11-warning.patch35
-rw-r--r--meta/recipes-kernel/dtc/dtc_1.6.0.bb2
-rw-r--r--meta/recipes-kernel/kern-tools/kern-tools-native_git.bb4
-rw-r--r--meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb (renamed from meta/recipes-kernel/linux-firmware/linux-firmware_20201218.bb)49
-rw-r--r--meta/recipes-kernel/linux-libc-headers/linux-libc-headers.inc2
-rw-r--r--meta/recipes-kernel/linux/linux-dummy.bb2
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb6
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb8
-rw-r--r--meta/recipes-kernel/linux/linux-yocto.inc1
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_5.4.bb22
-rw-r--r--meta/recipes-kernel/lttng/lttng-modules_2.11.6.bb1
-rw-r--r--meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb1
-rw-r--r--meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb1
-rw-r--r--meta/recipes-kernel/systemtap/systemtap-uprobes_git.bb2
-rw-r--r--meta/recipes-kernel/systemtap/systemtap_git.bb3
-rw-r--r--meta/recipes-multimedia/alsa/alsa-lib_1.2.1.2.bb2
-rw-r--r--meta/recipes-multimedia/alsa/alsa-plugins_1.2.1.bb3
-rw-r--r--meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb3
-rw-r--r--meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.1.bb3
-rw-r--r--meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.1.2.bb3
-rw-r--r--meta/recipes-multimedia/alsa/alsa-utils_1.2.1.bb2
-rw-r--r--meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb3
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.16.3.bb2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.16.3.bb1
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.16.3.bb4
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.16.3.bb3
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb4
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.16.3.bb4
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.16.3.bb2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.16.3.bb1
-rw-r--r--meta/recipes-multimedia/lame/lame_3.100.bb3
-rw-r--r--meta/recipes-multimedia/liba52/liba52_0.7.4.bb3
-rw-r--r--meta/recipes-multimedia/libid3tag/libid3tag/cflags_filter.patch21
-rw-r--r--meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb1
-rw-r--r--meta/recipes-multimedia/libpng/libpng_1.6.37.bb3
-rw-r--r--meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb1
-rw-r--r--meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb3
-rw-r--r--meta/recipes-multimedia/libtiff/tiff_4.1.0.bb4
-rw-r--r--meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb6
-rw-r--r--meta/recipes-multimedia/pulseaudio/pulseaudio.inc2
-rw-r--r--meta/recipes-rt/rt-tests/rt-tests_1.1.bb3
-rw-r--r--meta/recipes-sato/images/core-image-sato-dev.bb1
-rw-r--r--meta/recipes-sato/images/core-image-sato-ptest-fast.bb1
-rw-r--r--meta/recipes-sato/images/core-image-sato-sdk-ptest.bb1
-rw-r--r--meta/recipes-sato/images/core-image-sato-sdk.bb1
-rw-r--r--meta/recipes-sato/images/core-image-sato.bb1
-rw-r--r--meta/recipes-sato/l3afpad/l3afpad_git.bb4
-rw-r--r--meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb1
-rw-r--r--meta/recipes-sato/matchbox-keyboard/matchbox-keyboard_0.1.1.bb1
-rw-r--r--meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb2
-rw-r--r--meta/recipes-sato/packagegroups/packagegroup-core-x11-sato.bb2
-rw-r--r--meta/recipes-sato/pcmanfm/pcmanfm_1.3.1.bb1
-rw-r--r--meta/recipes-sato/puzzles/puzzles_git.bb1
-rw-r--r--meta/recipes-sato/rxvt-unicode/rxvt-unicode.inc1
-rw-r--r--meta/recipes-sato/rxvt-unicode/rxvt-unicode/0001-libev-remove-deprecated-throw-specification.patch30
-rw-r--r--meta/recipes-sato/rxvt-unicode/rxvt-unicode_9.22.bb4
-rw-r--r--meta/recipes-support/apr/apr_1.7.0.bb8
-rw-r--r--meta/recipes-support/argp-standalone/argp-standalone_1.3.bb1
-rw-r--r--meta/recipes-support/aspell/aspell_0.60.8.bb13
-rw-r--r--meta/recipes-support/atk/at-spi2-atk_2.34.1.bb2
-rw-r--r--meta/recipes-support/atk/at-spi2-core_2.34.0.bb6
-rw-r--r--meta/recipes-support/atk/atk_2.34.1.bb1
-rw-r--r--meta/recipes-support/attr/acl_2.2.53.bb5
-rw-r--r--meta/recipes-support/attr/attr.inc6
-rw-r--r--meta/recipes-support/bash-completion/bash-completion_2.10.bb7
-rw-r--r--meta/recipes-support/boost/boost.inc4
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch10
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch21
-rw-r--r--meta/recipes-support/consolekit/consolekit_0.4.6.bb2
-rw-r--r--meta/recipes-support/curl/curl_7.69.1.bb4
-rw-r--r--meta/recipes-support/db/db_5.3.28.bb1
-rw-r--r--meta/recipes-support/debianutils/debianutils_4.9.1.bb5
-rw-r--r--meta/recipes-support/diffoscope/diffoscope_136.bb5
-rw-r--r--meta/recipes-support/enchant/enchant2_2.2.8.bb3
-rw-r--r--meta/recipes-support/fribidi/fribidi_1.0.9.bb6
-rw-r--r--meta/recipes-support/gdbm/gdbm_1.18.1.bb3
-rw-r--r--meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb4
-rw-r--r--meta/recipes-support/gnupg/gnupg_2.2.20.bb5
-rw-r--r--meta/recipes-support/gnutls/gnutls_3.6.14.bb4
-rw-r--r--meta/recipes-support/gnutls/libtasn1_4.16.0.bb2
-rw-r--r--meta/recipes-support/iso-codes/iso-codes_4.4.bb5
-rw-r--r--meta/recipes-support/itstool/itstool_2.0.6.bb4
-rw-r--r--meta/recipes-support/libassuan/libassuan_2.5.3.bb3
-rw-r--r--meta/recipes-support/libatomic-ops/libatomic-ops_7.6.10.bb1
-rw-r--r--meta/recipes-support/libcap/libcap_2.32.bb4
-rw-r--r--meta/recipes-support/libcheck/libcheck_0.14.0.bb5
-rw-r--r--meta/recipes-support/libcroco/libcroco_0.6.13.bb3
-rw-r--r--meta/recipes-support/libdaemon/libdaemon_0.14.bb4
-rw-r--r--meta/recipes-support/libevdev/libevdev/determinism.patch3
-rw-r--r--meta/recipes-support/libevdev/libevdev_1.8.0.bb3
-rw-r--r--meta/recipes-support/libevent/libevent_2.1.11.bb5
-rw-r--r--meta/recipes-support/libexif/libexif_0.6.22.bb3
-rw-r--r--meta/recipes-support/libfm/libfm-extra_1.3.1.bb1
-rw-r--r--meta/recipes-support/libfm/libfm_1.3.1.bb2
-rw-r--r--meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb3
-rw-r--r--meta/recipes-support/libgpg-error/libgpg-error_1.37.bb1
-rw-r--r--meta/recipes-support/libical/libical_3.0.7.bb4
-rw-r--r--meta/recipes-support/libksba/libksba_1.3.5.bb5
-rw-r--r--meta/recipes-support/libnl/libnl_3.5.0.bb5
-rw-r--r--meta/recipes-support/libpcre/libpcre/fix-pcre-name-collision.patch41
-rw-r--r--meta/recipes-support/libpcre/libpcre_8.44.bb1
-rw-r--r--meta/recipes-support/libproxy/libproxy_0.4.15.bb4
-rw-r--r--meta/recipes-support/libpsl/libpsl_0.21.0.bb6
-rw-r--r--meta/recipes-support/libsoup/libsoup-2.4_2.68.4.bb2
-rw-r--r--meta/recipes-support/liburcu/liburcu_0.11.1.bb3
-rw-r--r--meta/recipes-support/libusb/libusb1_1.0.22.bb2
-rw-r--r--meta/recipes-support/libxslt/libxslt_1.1.34.bb5
-rw-r--r--meta/recipes-support/lz4/lz4_1.9.2.bb1
-rw-r--r--meta/recipes-support/lzo/lzo_2.10.bb2
-rw-r--r--meta/recipes-support/lzop/lzop_1.04.bb1
-rw-r--r--meta/recipes-support/mpfr/mpfr_4.0.2.bb1
-rw-r--r--meta/recipes-support/nettle/nettle_3.5.1.bb1
-rw-r--r--meta/recipes-support/npth/npth_1.6.bb1
-rw-r--r--meta/recipes-support/p11-kit/p11-kit_0.23.22.bb2
-rw-r--r--meta/recipes-support/popt/popt_1.16.bb1
-rw-r--r--meta/recipes-support/re2c/re2c_1.0.1.bb4
-rw-r--r--meta/recipes-support/serf/serf_1.3.9.bb5
-rw-r--r--meta/recipes-support/shared-mime-info/shared-mime-info_git.bb1
-rw-r--r--meta/recipes-support/sqlite/sqlite3.inc1
-rw-r--r--meta/recipes-support/taglib/taglib_1.11.1.bb1
-rw-r--r--meta/recipes-support/vim/vim.inc4
-rw-r--r--meta/recipes-support/vte/vte_0.58.3.bb2
-rwxr-xr-xscripts/bitbake-whatchanged2
-rwxr-xr-xscripts/contrib/documentation-audit.sh2
-rw-r--r--scripts/lib/devtool/standard.py7
-rw-r--r--scripts/lib/wic/canned-wks/common.wks.inc2
-rw-r--r--scripts/lib/wic/canned-wks/directdisk-gpt.wks2
-rw-r--r--scripts/lib/wic/canned-wks/mkefidisk.wks2
-rw-r--r--scripts/lib/wic/misc.py1
-rw-r--r--scripts/lib/wic/partition.py38
-rwxr-xr-xscripts/runqemu2
-rwxr-xr-xscripts/verify-bashisms2
339 files changed, 2626 insertions, 579 deletions
diff --git a/bitbake/lib/bb/__init__.py b/bitbake/lib/bb/__init__.py
index b96466e..c98e23c 100644
--- a/bitbake/lib/bb/__init__.py
+++ b/bitbake/lib/bb/__init__.py
@@ -47,7 +47,7 @@ class BBLogger(Logger):
47 if not bb.event.worker_pid: 47 if not bb.event.worker_pid:
48 if self.name in bb.msg.loggerDefaultDomains and loglevel > (bb.msg.loggerDefaultDomains[self.name]): 48 if self.name in bb.msg.loggerDefaultDomains and loglevel > (bb.msg.loggerDefaultDomains[self.name]):
49 return 49 return
50 if loglevel > bb.msg.loggerDefaultLogLevel: 50 if loglevel < bb.msg.loggerDefaultLogLevel:
51 return 51 return
52 return self.log(loglevel, msg, *args, **kwargs) 52 return self.log(loglevel, msg, *args, **kwargs)
53 53
diff --git a/bitbake/lib/bb/cooker.py b/bitbake/lib/bb/cooker.py
index d90bd39..11cc2b9 100644
--- a/bitbake/lib/bb/cooker.py
+++ b/bitbake/lib/bb/cooker.py
@@ -2126,18 +2126,18 @@ class CookerParser(object):
2126 except bb.BBHandledException as exc: 2126 except bb.BBHandledException as exc:
2127 self.error += 1 2127 self.error += 1
2128 logger.error('Failed to parse recipe: %s' % exc.recipe) 2128 logger.error('Failed to parse recipe: %s' % exc.recipe)
2129 self.shutdown(clean=False) 2129 self.shutdown(clean=False, force=True)
2130 return False 2130 return False
2131 except ParsingFailure as exc: 2131 except ParsingFailure as exc:
2132 self.error += 1 2132 self.error += 1
2133 logger.error('Unable to parse %s: %s' % 2133 logger.error('Unable to parse %s: %s' %
2134 (exc.recipe, bb.exceptions.to_string(exc.realexception))) 2134 (exc.recipe, bb.exceptions.to_string(exc.realexception)))
2135 self.shutdown(clean=False) 2135 self.shutdown(clean=False, force=True)
2136 return False 2136 return False
2137 except bb.parse.ParseError as exc: 2137 except bb.parse.ParseError as exc:
2138 self.error += 1 2138 self.error += 1
2139 logger.error(str(exc)) 2139 logger.error(str(exc))
2140 self.shutdown(clean=False) 2140 self.shutdown(clean=False, force=True)
2141 return False 2141 return False
2142 except bb.data_smart.ExpansionError as exc: 2142 except bb.data_smart.ExpansionError as exc:
2143 self.error += 1 2143 self.error += 1
@@ -2146,7 +2146,7 @@ class CookerParser(object):
2146 tb = list(itertools.dropwhile(lambda e: e.filename.startswith(bbdir), exc.traceback)) 2146 tb = list(itertools.dropwhile(lambda e: e.filename.startswith(bbdir), exc.traceback))
2147 logger.error('ExpansionError during parsing %s', value.recipe, 2147 logger.error('ExpansionError during parsing %s', value.recipe,
2148 exc_info=(etype, value, tb)) 2148 exc_info=(etype, value, tb))
2149 self.shutdown(clean=False) 2149 self.shutdown(clean=False, force=True)
2150 return False 2150 return False
2151 except Exception as exc: 2151 except Exception as exc:
2152 self.error += 1 2152 self.error += 1
@@ -2158,7 +2158,7 @@ class CookerParser(object):
2158 # Most likely, an exception occurred during raising an exception 2158 # Most likely, an exception occurred during raising an exception
2159 import traceback 2159 import traceback
2160 logger.error('Exception during parse: %s' % traceback.format_exc()) 2160 logger.error('Exception during parse: %s' % traceback.format_exc())
2161 self.shutdown(clean=False) 2161 self.shutdown(clean=False, force=True)
2162 return False 2162 return False
2163 2163
2164 self.current += 1 2164 self.current += 1
diff --git a/bitbake/lib/bb/runqueue.py b/bitbake/lib/bb/runqueue.py
index 30cab53..2bb97b6 100644
--- a/bitbake/lib/bb/runqueue.py
+++ b/bitbake/lib/bb/runqueue.py
@@ -1934,6 +1934,10 @@ class RunQueueExecute:
1934 logger.error("Scenequeue had holdoff tasks: %s" % pprint.pformat(self.holdoff_tasks)) 1934 logger.error("Scenequeue had holdoff tasks: %s" % pprint.pformat(self.holdoff_tasks))
1935 err = True 1935 err = True
1936 1936
1937 for tid in self.scenequeue_covered.intersection(self.scenequeue_notcovered):
1938 # No task should end up in both covered and uncovered, that is a bug.
1939 logger.error("Setscene task %s in both covered and notcovered." % tid)
1940
1937 for tid in self.rqdata.runq_setscene_tids: 1941 for tid in self.rqdata.runq_setscene_tids:
1938 if tid not in self.scenequeue_covered and tid not in self.scenequeue_notcovered: 1942 if tid not in self.scenequeue_covered and tid not in self.scenequeue_notcovered:
1939 err = True 1943 err = True
@@ -2421,6 +2425,9 @@ class RunQueueExecute:
2421 2425
2422 for dep in sorted(self.sqdata.sq_deps[task]): 2426 for dep in sorted(self.sqdata.sq_deps[task]):
2423 if fail and task in self.sqdata.sq_harddeps and dep in self.sqdata.sq_harddeps[task]: 2427 if fail and task in self.sqdata.sq_harddeps and dep in self.sqdata.sq_harddeps[task]:
2428 if dep in self.scenequeue_covered or dep in self.scenequeue_notcovered:
2429 # dependency could be already processed, e.g. noexec setscene task
2430 continue
2424 logger.debug(2, "%s was unavailable and is a hard dependency of %s so skipping" % (task, dep)) 2431 logger.debug(2, "%s was unavailable and is a hard dependency of %s so skipping" % (task, dep))
2425 self.sq_task_failoutright(dep) 2432 self.sq_task_failoutright(dep)
2426 continue 2433 continue
diff --git a/documentation/conf.py b/documentation/conf.py
index c2e9801..4d31850 100644
--- a/documentation/conf.py
+++ b/documentation/conf.py
@@ -16,7 +16,7 @@ import os
16import sys 16import sys
17import datetime 17import datetime
18 18
19current_version = "3.1.6" 19current_version = "3.1.7"
20 20
21# String used in sidebar 21# String used in sidebar
22version = 'Version: ' + current_version 22version = 'Version: ' + current_version
diff --git a/documentation/poky.yaml b/documentation/poky.yaml
index ee9b2ac..d72e68c 100644
--- a/documentation/poky.yaml
+++ b/documentation/poky.yaml
@@ -1,11 +1,11 @@
1DISTRO : "3.1.6" 1DISTRO : "3.1.7"
2DISTRO_NAME_NO_CAP : "dunfell" 2DISTRO_NAME_NO_CAP : "dunfell"
3DISTRO_NAME : "Dunfell" 3DISTRO_NAME : "Dunfell"
4DISTRO_NAME_NO_CAP_MINUS_ONE : "zeus" 4DISTRO_NAME_NO_CAP_MINUS_ONE : "zeus"
5YOCTO_DOC_VERSION : "3.1.6" 5YOCTO_DOC_VERSION : "3.1.7"
6YOCTO_DOC_VERSION_MINUS_ONE : "3.0.2" 6YOCTO_DOC_VERSION_MINUS_ONE : "3.0.2"
7DISTRO_REL_TAG : "yocto-3.1.6" 7DISTRO_REL_TAG : "yocto-3.1.7"
8POKYVERSION : "23.0.6" 8POKYVERSION : "23.0.7"
9YOCTO_POKY : "poky-&DISTRO_NAME_NO_CAP;-&POKYVERSION;" 9YOCTO_POKY : "poky-&DISTRO_NAME_NO_CAP;-&POKYVERSION;"
10YOCTO_DL_URL : "https://downloads.yoctoproject.org" 10YOCTO_DL_URL : "https://downloads.yoctoproject.org"
11YOCTO_AB_URL : "https://autobuilder.yoctoproject.org" 11YOCTO_AB_URL : "https://autobuilder.yoctoproject.org"
diff --git a/documentation/releases.rst b/documentation/releases.rst
index 536c3a6..2311fa8 100644
--- a/documentation/releases.rst
+++ b/documentation/releases.rst
@@ -11,6 +11,11 @@
11- :yocto_docs:`3.1 Documentation </3.1>` 11- :yocto_docs:`3.1 Documentation </3.1>`
12- :yocto_docs:`3.1.1 Documentation </3.1.1>` 12- :yocto_docs:`3.1.1 Documentation </3.1.1>`
13- :yocto_docs:`3.1.2 Documentation </3.1.2>` 13- :yocto_docs:`3.1.2 Documentation </3.1.2>`
14- :yocto_docs:`3.1.3 Documentation </3.1.3>`
15- :yocto_docs:`3.1.4 Documentation </3.1.4>`
16- :yocto_docs:`3.1.5 Documentation </3.1.5>`
17- :yocto_docs:`3.1.6 Documentation </3.1.6>`
18- :yocto_docs:`3.1.7 Documentation </3.1.7>`
14 19
15========================== 20==========================
16 Previous Release Manuals 21 Previous Release Manuals
@@ -24,6 +29,7 @@
24- :yocto_docs:`3.0.1 Documentation </3.0.1>` 29- :yocto_docs:`3.0.1 Documentation </3.0.1>`
25- :yocto_docs:`3.0.2 Documentation </3.0.2>` 30- :yocto_docs:`3.0.2 Documentation </3.0.2>`
26- :yocto_docs:`3.0.3 Documentation </3.0.3>` 31- :yocto_docs:`3.0.3 Documentation </3.0.3>`
32- :yocto_docs:`3.0.4 Documentation </3.0.4>`
27 33
28**************************** 34****************************
292.7 'warrior' Release Series 352.7 'warrior' Release Series
diff --git a/documentation/sphinx-static/switchers.js b/documentation/sphinx-static/switchers.js
index b28d91c..cfbc5d5 100644
--- a/documentation/sphinx-static/switchers.js
+++ b/documentation/sphinx-static/switchers.js
@@ -2,8 +2,8 @@
2 'use strict'; 2 'use strict';
3 3
4 var all_versions = { 4 var all_versions = {
5 'dev': 'dev (3.2)', 5 'dev': 'dev (3.3)',
6 '3.1.3': '3.1.3', 6 '3.1.7': '3.1.7',
7 '3.0.4': '3.0.4', 7 '3.0.4': '3.0.4',
8 '2.7.4': '2.7.4', 8 '2.7.4': '2.7.4',
9 }; 9 };
diff --git a/meta-poky/conf/distro/poky.conf b/meta-poky/conf/distro/poky.conf
index 521109b..d4faecb 100644
--- a/meta-poky/conf/distro/poky.conf
+++ b/meta-poky/conf/distro/poky.conf
@@ -1,6 +1,6 @@
1DISTRO = "poky" 1DISTRO = "poky"
2DISTRO_NAME = "Poky (Yocto Project Reference Distro)" 2DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
3DISTRO_VERSION = "3.1.6" 3DISTRO_VERSION = "3.1.7"
4DISTRO_CODENAME = "dunfell" 4DISTRO_CODENAME = "dunfell"
5SDK_VENDOR = "-pokysdk" 5SDK_VENDOR = "-pokysdk"
6SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${DATE}', 'snapshot')}" 6SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${DATE}', 'snapshot')}"
diff --git a/meta-poky/conf/local.conf.sample.extended b/meta-poky/conf/local.conf.sample.extended
index dc92a16..9e85736 100644
--- a/meta-poky/conf/local.conf.sample.extended
+++ b/meta-poky/conf/local.conf.sample.extended
@@ -328,7 +328,7 @@ DISTRO_FEATURES_remove = "x11"
328# The INITRAMFS_IMAGE image variable will cause an additional recipe to 328# The INITRAMFS_IMAGE image variable will cause an additional recipe to
329# be built as a dependency to the what ever rootfs recipe you might be 329# be built as a dependency to the what ever rootfs recipe you might be
330# using such as core-image-sato. The initramfs might be needed for 330# using such as core-image-sato. The initramfs might be needed for
331# the initial boot of of the target system such as to load kernel 331# the initial boot of the target system such as to load kernel
332# modules prior to mounting the root file system. 332# modules prior to mounting the root file system.
333# 333#
334# INITRAMFS_IMAGE_BUNDLE variable controls if the image recipe 334# INITRAMFS_IMAGE_BUNDLE variable controls if the image recipe
@@ -368,20 +368,9 @@ DISTRO_FEATURES_remove = "x11"
368# 368#
369 369
370# 370#
371# Use busybox/mdev for system initialization 371# System initialization
372# 372#
373#VIRTUAL-RUNTIME_dev_manager = "busybox-mdev" 373#INIT_MANAGER = "none"
374#VIRTUAL-RUNTIME_login_manager = "busybox" 374#INIT_MANAGER = "sysvinit"
375#VIRTUAL-RUNTIME_init_manager = "busybox" 375#INIT_MANAGER = "systemd"
376#VIRTUAL-RUNTIME_initscripts = "initscripts" 376#INIT_MANAGER = "mdev-busybox"
377#VIRTUAL-RUNTIME_keymaps = "keymaps"
378#DISTRO_FEATURES_BACKFILL_CONSIDERED += "sysvinit"
379
380#
381# Use systemd for system initialization
382#
383#DISTRO_FEATURES_append = " systemd"
384#DISTRO_FEATURES_BACKFILL_CONSIDERED += "sysvinit"
385#VIRTUAL-RUNTIME_login_manager = "shadow-base"
386#VIRTUAL-RUNTIME_init_manager = "systemd"
387#VIRTUAL-RUNTIME_initscripts = "systemd-compat-units"
diff --git a/meta-selftest/recipes-test/aspell/aspell_0.0.0.1.bb b/meta-selftest/recipes-test/aspell/aspell_0.0.0.1.bb
index 9f905a5..dcf6c8b 100644
--- a/meta-selftest/recipes-test/aspell/aspell_0.0.0.1.bb
+++ b/meta-selftest/recipes-test/aspell/aspell_0.0.0.1.bb
@@ -4,6 +4,7 @@
4 4
5SUMMARY = "GNU Aspell spell-checker" 5SUMMARY = "GNU Aspell spell-checker"
6SECTION = "console/utils" 6SECTION = "console/utils"
7HOMEPAGE = "https://ftp.gnu.org/gnu/aspell/"
7 8
8LICENSE = "LGPLv2 | LGPLv2.1" 9LICENSE = "LGPLv2 | LGPLv2.1"
9LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34" 10LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34"
diff --git a/meta-skeleton/recipes-baremetal/baremetal-examples/baremetal-helloworld_git.bb b/meta-skeleton/recipes-baremetal/baremetal-examples/baremetal-helloworld_git.bb
index d863370..8db57f2 100644
--- a/meta-skeleton/recipes-baremetal/baremetal-examples/baremetal-helloworld_git.bb
+++ b/meta-skeleton/recipes-baremetal/baremetal-examples/baremetal-helloworld_git.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Baremetal examples to work with the several QEMU architectures supported on OpenEmbedded" 1SUMMARY = "Baremetal examples to work with the several QEMU architectures supported on OpenEmbedded"
2HOMEPAGE = "https://github.com/aehs29/baremetal-helloqemu" 2HOMEPAGE = "https://github.com/aehs29/baremetal-helloqemu"
3DESCRIPTION = "These are introductory examples to showcase the use of QEMU to run baremetal applications."
3LICENSE = "MIT" 4LICENSE = "MIT"
4LIC_FILES_CHKSUM = "file://LICENSE;md5=39346640a23c701e4f459e05f56f4449" 5LIC_FILES_CHKSUM = "file://LICENSE;md5=39346640a23c701e4f459e05f56f4449"
5 6
diff --git a/meta-skeleton/recipes-kernel/hello-mod/hello-mod_0.1.bb b/meta-skeleton/recipes-kernel/hello-mod/hello-mod_0.1.bb
index 3d33446..bc9accc 100644
--- a/meta-skeleton/recipes-kernel/hello-mod/hello-mod_0.1.bb
+++ b/meta-skeleton/recipes-kernel/hello-mod/hello-mod_0.1.bb
@@ -1,4 +1,5 @@
1SUMMARY = "Example of how to build an external Linux kernel module" 1SUMMARY = "Example of how to build an external Linux kernel module"
2DESCRIPTION = "${SUMMARY}"
2LICENSE = "GPLv2" 3LICENSE = "GPLv2"
3LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" 4LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e"
4 5
diff --git a/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb b/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb
index 6194d4f..d53f9c7 100644
--- a/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb
+++ b/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb
@@ -1,6 +1,6 @@
1SUMMARY = "An example kernel recipe that uses the linux-yocto and oe-core"
1# linux-yocto-custom.bb: 2# linux-yocto-custom.bb:
2# 3#
3# An example kernel recipe that uses the linux-yocto and oe-core
4# kernel classes to apply a subset of yocto kernel management to git 4# kernel classes to apply a subset of yocto kernel management to git
5# managed kernel repositories. 5# managed kernel repositories.
6# 6#
diff --git a/meta-skeleton/recipes-multilib/images/core-image-multilib-example.bb b/meta-skeleton/recipes-multilib/images/core-image-multilib-example.bb
index f13186f..e7d50ae 100644
--- a/meta-skeleton/recipes-multilib/images/core-image-multilib-example.bb
+++ b/meta-skeleton/recipes-multilib/images/core-image-multilib-example.bb
@@ -1,5 +1,4 @@
1# 1SUMMARY = "An example of a multilib image"
2# An example of a multilib image
3# 2#
4# This example includes a lib32 version of bash into an otherwise standard 3# This example includes a lib32 version of bash into an otherwise standard
5# sato image. It assumes a "lib32" multilib has been enabled in the user's 4# sato image. It assumes a "lib32" multilib has been enabled in the user's
diff --git a/meta-skeleton/recipes-skeleton/service/service_0.1.bb b/meta-skeleton/recipes-skeleton/service/service_0.1.bb
index 6416618..669d173 100644
--- a/meta-skeleton/recipes-skeleton/service/service_0.1.bb
+++ b/meta-skeleton/recipes-skeleton/service/service_0.1.bb
@@ -1,5 +1,6 @@
1SUMMARY = "The canonical example of init scripts" 1SUMMARY = "The canonical example of init scripts"
2SECTION = "base" 2SECTION = "base"
3DESCRIPTION = "This recipe is a canonical example of init scripts"
3LICENSE = "GPLv2" 4LICENSE = "GPLv2"
4LIC_FILES_CHKSUM = "file://${WORKDIR}/COPYRIGHT;md5=349c872e0066155e1818b786938876a4" 5LIC_FILES_CHKSUM = "file://${WORKDIR}/COPYRIGHT;md5=349c872e0066155e1818b786938876a4"
5 6
diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
index 9c37f91..35147d2 100644
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
@@ -7,8 +7,8 @@ KMACHINE_genericx86 ?= "common-pc"
7KMACHINE_genericx86-64 ?= "common-pc-64" 7KMACHINE_genericx86-64 ?= "common-pc-64"
8KMACHINE_beaglebone-yocto ?= "beaglebone" 8KMACHINE_beaglebone-yocto ?= "beaglebone"
9 9
10SRCREV_machine_genericx86 ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd" 10SRCREV_machine_genericx86 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
11SRCREV_machine_genericx86-64 ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd" 11SRCREV_machine_genericx86-64 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
12SRCREV_machine_edgerouter ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd" 12SRCREV_machine_edgerouter ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd"
13SRCREV_machine_beaglebone-yocto ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd" 13SRCREV_machine_beaglebone-yocto ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd"
14 14
@@ -17,7 +17,7 @@ COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
17COMPATIBLE_MACHINE_edgerouter = "edgerouter" 17COMPATIBLE_MACHINE_edgerouter = "edgerouter"
18COMPATIBLE_MACHINE_beaglebone-yocto = "beaglebone-yocto" 18COMPATIBLE_MACHINE_beaglebone-yocto = "beaglebone-yocto"
19 19
20LINUX_VERSION_genericx86 = "5.4.58" 20LINUX_VERSION_genericx86 = "5.4.94"
21LINUX_VERSION_genericx86-64 = "5.4.58" 21LINUX_VERSION_genericx86-64 = "5.4.94"
22LINUX_VERSION_edgerouter = "5.4.58" 22LINUX_VERSION_edgerouter = "5.4.58"
23LINUX_VERSION_beaglebone-yocto = "5.4.58" 23LINUX_VERSION_beaglebone-yocto = "5.4.58"
diff --git a/meta/classes/buildhistory.bbclass b/meta/classes/buildhistory.bbclass
index 8a1359a..44a66df 100644
--- a/meta/classes/buildhistory.bbclass
+++ b/meta/classes/buildhistory.bbclass
@@ -671,13 +671,16 @@ IMAGE_POSTPROCESS_COMMAND[vardepsexclude] += "buildhistory_get_imageinfo"
671POPULATE_SDK_POST_TARGET_COMMAND_append = " buildhistory_list_installed_sdk_target;" 671POPULATE_SDK_POST_TARGET_COMMAND_append = " buildhistory_list_installed_sdk_target;"
672POPULATE_SDK_POST_TARGET_COMMAND_append = " buildhistory_get_sdk_installed_target;" 672POPULATE_SDK_POST_TARGET_COMMAND_append = " buildhistory_get_sdk_installed_target;"
673POPULATE_SDK_POST_TARGET_COMMAND[vardepvalueexclude] .= "| buildhistory_list_installed_sdk_target;| buildhistory_get_sdk_installed_target;" 673POPULATE_SDK_POST_TARGET_COMMAND[vardepvalueexclude] .= "| buildhistory_list_installed_sdk_target;| buildhistory_get_sdk_installed_target;"
674POPULATE_SDK_POST_TARGET_COMMAND[vardepsexclude] += "buildhistory_list_installed_sdk_target buildhistory_get_sdk_installed_target"
674 675
675POPULATE_SDK_POST_HOST_COMMAND_append = " buildhistory_list_installed_sdk_host;" 676POPULATE_SDK_POST_HOST_COMMAND_append = " buildhistory_list_installed_sdk_host;"
676POPULATE_SDK_POST_HOST_COMMAND_append = " buildhistory_get_sdk_installed_host;" 677POPULATE_SDK_POST_HOST_COMMAND_append = " buildhistory_get_sdk_installed_host;"
677POPULATE_SDK_POST_HOST_COMMAND[vardepvalueexclude] .= "| buildhistory_list_installed_sdk_host;| buildhistory_get_sdk_installed_host;" 678POPULATE_SDK_POST_HOST_COMMAND[vardepvalueexclude] .= "| buildhistory_list_installed_sdk_host;| buildhistory_get_sdk_installed_host;"
679POPULATE_SDK_POST_HOST_COMMAND[vardepsexclude] += "buildhistory_list_installed_sdk_host buildhistory_get_sdk_installed_host"
678 680
679SDK_POSTPROCESS_COMMAND_append = " buildhistory_get_sdkinfo ; buildhistory_get_extra_sdkinfo; " 681SDK_POSTPROCESS_COMMAND_append = " buildhistory_get_sdkinfo ; buildhistory_get_extra_sdkinfo; "
680SDK_POSTPROCESS_COMMAND[vardepvalueexclude] .= "| buildhistory_get_sdkinfo ; buildhistory_get_extra_sdkinfo; " 682SDK_POSTPROCESS_COMMAND[vardepvalueexclude] .= "| buildhistory_get_sdkinfo ; buildhistory_get_extra_sdkinfo; "
683SDK_POSTPROCESS_COMMAND[vardepsexclude] += "buildhistory_get_sdkinfo buildhistory_get_extra_sdkinfo"
681 684
682python buildhistory_write_sigs() { 685python buildhistory_write_sigs() {
683 if not "task" in (d.getVar('BUILDHISTORY_FEATURES') or "").split(): 686 if not "task" in (d.getVar('BUILDHISTORY_FEATURES') or "").split():
diff --git a/meta/classes/cmake.bbclass b/meta/classes/cmake.bbclass
index 8243f7c..af6a8c4 100644
--- a/meta/classes/cmake.bbclass
+++ b/meta/classes/cmake.bbclass
@@ -102,7 +102,8 @@ set( CMAKE_CXX_COMPILER ${OECMAKE_CXX_COMPILER} )
102set( CMAKE_C_COMPILER_LAUNCHER ${OECMAKE_C_COMPILER_LAUNCHER} ) 102set( CMAKE_C_COMPILER_LAUNCHER ${OECMAKE_C_COMPILER_LAUNCHER} )
103set( CMAKE_CXX_COMPILER_LAUNCHER ${OECMAKE_CXX_COMPILER_LAUNCHER} ) 103set( CMAKE_CXX_COMPILER_LAUNCHER ${OECMAKE_CXX_COMPILER_LAUNCHER} )
104set( CMAKE_ASM_COMPILER ${OECMAKE_C_COMPILER} ) 104set( CMAKE_ASM_COMPILER ${OECMAKE_C_COMPILER} )
105set( CMAKE_AR ${OECMAKE_AR} CACHE FILEPATH "Archiver" ) 105find_program( CMAKE_AR ${OECMAKE_AR} DOC "Archiver" REQUIRED )
106
106set( CMAKE_C_FLAGS "${OECMAKE_C_FLAGS}" CACHE STRING "CFLAGS" ) 107set( CMAKE_C_FLAGS "${OECMAKE_C_FLAGS}" CACHE STRING "CFLAGS" )
107set( CMAKE_CXX_FLAGS "${OECMAKE_CXX_FLAGS}" CACHE STRING "CXXFLAGS" ) 108set( CMAKE_CXX_FLAGS "${OECMAKE_CXX_FLAGS}" CACHE STRING "CXXFLAGS" )
108set( CMAKE_ASM_FLAGS "${OECMAKE_C_FLAGS}" CACHE STRING "ASM FLAGS" ) 109set( CMAKE_ASM_FLAGS "${OECMAKE_C_FLAGS}" CACHE STRING "ASM FLAGS" )
diff --git a/meta/classes/devshell.bbclass b/meta/classes/devshell.bbclass
index fdf7dc1..76dd0b4 100644
--- a/meta/classes/devshell.bbclass
+++ b/meta/classes/devshell.bbclass
@@ -128,6 +128,7 @@ def devpyshell(d):
128 more = i.runsource(source, "<pyshell>") 128 more = i.runsource(source, "<pyshell>")
129 if not more: 129 if not more:
130 buf = [] 130 buf = []
131 sys.stderr.flush()
131 prompt(more) 132 prompt(more)
132 except KeyboardInterrupt: 133 except KeyboardInterrupt:
133 i.write("\nKeyboardInterrupt\n") 134 i.write("\nKeyboardInterrupt\n")
diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index 1d7300d..d1ca113 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -216,14 +216,16 @@ def srctree_hash_files(d, srcdir=None):
216 env['GIT_INDEX_FILE'] = tmp_index.name 216 env['GIT_INDEX_FILE'] = tmp_index.name
217 subprocess.check_output(['git', 'add', '-A', '.'], cwd=s_dir, env=env) 217 subprocess.check_output(['git', 'add', '-A', '.'], cwd=s_dir, env=env)
218 git_sha1 = subprocess.check_output(['git', 'write-tree'], cwd=s_dir, env=env).decode("utf-8") 218 git_sha1 = subprocess.check_output(['git', 'write-tree'], cwd=s_dir, env=env).decode("utf-8")
219 submodule_helper = subprocess.check_output(['git', 'submodule--helper', 'list'], cwd=s_dir, env=env).decode("utf-8") 219 submodule_helper = subprocess.check_output(['git', 'submodule', 'status'], cwd=s_dir, env=env).decode("utf-8")
220 for line in submodule_helper.splitlines(): 220 for line in submodule_helper.splitlines():
221 module_dir = os.path.join(s_dir, line.rsplit(maxsplit=1)[1]) 221 module_relpath = line.split()[1]
222 proc = subprocess.Popen(['git', 'add', '-A', '.'], cwd=module_dir, env=env, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) 222 if not module_relpath.split('/')[0] == '..':
223 proc.communicate() 223 module_dir = os.path.join(s_dir, module_relpath)
224 proc = subprocess.Popen(['git', 'write-tree'], cwd=module_dir, env=env, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL) 224 proc = subprocess.Popen(['git', 'add', '-A', '.'], cwd=module_dir, env=env, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
225 stdout, _ = proc.communicate() 225 proc.communicate()
226 git_sha1 += stdout.decode("utf-8") 226 proc = subprocess.Popen(['git', 'write-tree'], cwd=module_dir, env=env, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
227 stdout, _ = proc.communicate()
228 git_sha1 += stdout.decode("utf-8")
227 sha1 = hashlib.sha1(git_sha1.encode("utf-8")).hexdigest() 229 sha1 = hashlib.sha1(git_sha1.encode("utf-8")).hexdigest()
228 with open(oe_hash_file, 'w') as fobj: 230 with open(oe_hash_file, 'w') as fobj:
229 fobj.write(sha1) 231 fobj.write(sha1)
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 459d872..79c487e 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -115,7 +115,7 @@ def rootfs_command_variables(d):
115 'IMAGE_PREPROCESS_COMMAND','RPM_PREPROCESS_COMMANDS','RPM_POSTPROCESS_COMMANDS','DEB_PREPROCESS_COMMANDS','DEB_POSTPROCESS_COMMANDS'] 115 'IMAGE_PREPROCESS_COMMAND','RPM_PREPROCESS_COMMANDS','RPM_POSTPROCESS_COMMANDS','DEB_PREPROCESS_COMMANDS','DEB_POSTPROCESS_COMMANDS']
116 116
117python () { 117python () {
118 variables = rootfs_command_variables(d) + sdk_command_variables(d) 118 variables = rootfs_command_variables(d)
119 for var in variables: 119 for var in variables:
120 if d.getVar(var, False): 120 if d.getVar(var, False):
121 d.setVarFlag(var, 'func', '1') 121 d.setVarFlag(var, 'func', '1')
@@ -180,6 +180,8 @@ LINGUAS_INSTALL ?= "${@" ".join(map(lambda s: "locale-base-%s" % s, d.getVar('IM
180# aren't yet available. 180# aren't yet available.
181PSEUDO_PASSWD = "${IMAGE_ROOTFS}:${STAGING_DIR_NATIVE}" 181PSEUDO_PASSWD = "${IMAGE_ROOTFS}:${STAGING_DIR_NATIVE}"
182 182
183PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/intercept_scripts,${WORKDIR}/oe-rootfs-repo,${WORKDIR}/sstate-build-image_complete"
184
183PACKAGE_EXCLUDE ??= "" 185PACKAGE_EXCLUDE ??= ""
184PACKAGE_EXCLUDE[type] = "list" 186PACKAGE_EXCLUDE[type] = "list"
185 187
diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index b5c6b21..09e8fbd 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -1012,26 +1012,6 @@ python do_package_qa () {
1012 logdir = d.getVar('T') 1012 logdir = d.getVar('T')
1013 pn = d.getVar('PN') 1013 pn = d.getVar('PN')
1014 1014
1015 # Check the compile log for host contamination
1016 compilelog = os.path.join(logdir,"log.do_compile")
1017
1018 if os.path.exists(compilelog):
1019 statement = "grep -e 'CROSS COMPILE Badness:' -e 'is unsafe for cross-compilation' %s > /dev/null" % compilelog
1020 if subprocess.call(statement, shell=True) == 0:
1021 msg = "%s: The compile log indicates that host include and/or library paths were used.\n \
1022 Please check the log '%s' for more information." % (pn, compilelog)
1023 package_qa_handle_error("compile-host-path", msg, d)
1024
1025 # Check the install log for host contamination
1026 installlog = os.path.join(logdir,"log.do_install")
1027
1028 if os.path.exists(installlog):
1029 statement = "grep -e 'CROSS COMPILE Badness:' -e 'is unsafe for cross-compilation' %s > /dev/null" % installlog
1030 if subprocess.call(statement, shell=True) == 0:
1031 msg = "%s: The install log indicates that host include and/or library paths were used.\n \
1032 Please check the log '%s' for more information." % (pn, installlog)
1033 package_qa_handle_error("install-host-path", msg, d)
1034
1035 # Scan the packages... 1015 # Scan the packages...
1036 pkgdest = d.getVar('PKGDEST') 1016 pkgdest = d.getVar('PKGDEST')
1037 packages = set((d.getVar('PACKAGES') or '').split()) 1017 packages = set((d.getVar('PACKAGES') or '').split())
@@ -1210,7 +1190,7 @@ python do_qa_configure() {
1210 if bb.data.inherits_class('autotools', d) and not skip_configure_unsafe: 1190 if bb.data.inherits_class('autotools', d) and not skip_configure_unsafe:
1211 bb.note("Checking autotools environment for common misconfiguration") 1191 bb.note("Checking autotools environment for common misconfiguration")
1212 for root, dirs, files in os.walk(workdir): 1192 for root, dirs, files in os.walk(workdir):
1213 statement = "grep -q -F -e 'CROSS COMPILE Badness:' -e 'is unsafe for cross-compilation' %s" % \ 1193 statement = "grep -q -F -e 'is unsafe for cross-compilation' %s" % \
1214 os.path.join(root,"config.log") 1194 os.path.join(root,"config.log")
1215 if "config.log" in files: 1195 if "config.log" in files:
1216 if subprocess.call(statement, shell=True) == 0: 1196 if subprocess.call(statement, shell=True) == 0:
diff --git a/meta/classes/linux-dummy.bbclass b/meta/classes/linux-dummy.bbclass
new file mode 100644
index 0000000..cd87915
--- /dev/null
+++ b/meta/classes/linux-dummy.bbclass
@@ -0,0 +1,26 @@
1
2python __anonymous () {
3 if d.getVar('PREFERRED_PROVIDER_virtual/kernel') == 'linux-dummy':
4 # copy part codes from kernel.bbclass
5 kname = d.getVar('KERNEL_PACKAGE_NAME') or "kernel"
6
7 # set an empty package of kernel-devicetree
8 d.appendVar('PACKAGES', ' %s-devicetree' % kname)
9 d.setVar('ALLOW_EMPTY_%s-devicetree' % kname, '1')
10
11 # Merge KERNEL_IMAGETYPE and KERNEL_ALT_IMAGETYPE into KERNEL_IMAGETYPES
12 type = d.getVar('KERNEL_IMAGETYPE') or ""
13 alttype = d.getVar('KERNEL_ALT_IMAGETYPE') or ""
14 types = d.getVar('KERNEL_IMAGETYPES') or ""
15 if type not in types.split():
16 types = (type + ' ' + types).strip()
17 if alttype not in types.split():
18 types = (alttype + ' ' + types).strip()
19
20 # set empty packages of kernel-image-*
21 for type in types.split():
22 typelower = type.lower()
23 d.appendVar('PACKAGES', ' %s-image-%s' % (kname, typelower))
24 d.setVar('ALLOW_EMPTY_%s-image-%s' % (kname, typelower), '1')
25}
26
diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
index 15bff9c..3ff74c9 100644
--- a/meta/classes/package.bbclass
+++ b/meta/classes/package.bbclass
@@ -1620,7 +1620,7 @@ if [ x"$D" = "x" ]; then
1620fi 1620fi
1621} 1621}
1622 1622
1623RPMDEPS = "${STAGING_LIBDIR_NATIVE}/rpm/rpmdeps --alldeps" 1623RPMDEPS = "${STAGING_LIBDIR_NATIVE}/rpm/rpmdeps --alldeps --define '__font_provides %{nil}'"
1624 1624
1625# Collect perfile run-time dependency metadata 1625# Collect perfile run-time dependency metadata
1626# Output: 1626# Output:
diff --git a/meta/classes/package_rpm.bbclass b/meta/classes/package_rpm.bbclass
index 95731c7..7de4091 100644
--- a/meta/classes/package_rpm.bbclass
+++ b/meta/classes/package_rpm.bbclass
@@ -683,6 +683,7 @@ python do_package_rpm () {
683 cmd = cmd + " --define 'clamp_mtime_to_source_date_epoch 1'" 683 cmd = cmd + " --define 'clamp_mtime_to_source_date_epoch 1'"
684 cmd = cmd + " --define 'use_source_date_epoch_as_buildtime 1'" 684 cmd = cmd + " --define 'use_source_date_epoch_as_buildtime 1'"
685 cmd = cmd + " --define '_buildhost reproducible'" 685 cmd = cmd + " --define '_buildhost reproducible'"
686 cmd = cmd + " --define '__font_provides %{nil}'"
686 if perfiledeps: 687 if perfiledeps:
687 cmd = cmd + " --define '__find_requires " + outdepends + "'" 688 cmd = cmd + " --define '__find_requires " + outdepends + "'"
688 cmd = cmd + " --define '__find_provides " + outprovides + "'" 689 cmd = cmd + " --define '__find_provides " + outprovides + "'"
diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass
index dea272c..ca56d80 100644
--- a/meta/classes/populate_sdk_base.bbclass
+++ b/meta/classes/populate_sdk_base.bbclass
@@ -178,7 +178,7 @@ do_populate_sdk[sstate-inputdirs] = "${SDKDEPLOYDIR}"
178do_populate_sdk[sstate-outputdirs] = "${SDK_DEPLOY}" 178do_populate_sdk[sstate-outputdirs] = "${SDK_DEPLOY}"
179do_populate_sdk[stamp-extra-info] = "${MACHINE_ARCH}${SDKMACHINE}" 179do_populate_sdk[stamp-extra-info] = "${MACHINE_ARCH}${SDKMACHINE}"
180 180
181PSEUDO_IGNORE_PATHS .= ",${SDKDEPLOYDIR}" 181PSEUDO_IGNORE_PATHS .= ",${SDKDEPLOYDIR},${WORKDIR}/oe-sdk-repo,${WORKDIR}/sstate-build-populate_sdk"
182 182
183fakeroot create_sdk_files() { 183fakeroot create_sdk_files() {
184 cp ${COREBASE}/scripts/relocate_sdk.py ${SDK_OUTPUT}/${SDKPATH}/ 184 cp ${COREBASE}/scripts/relocate_sdk.py ${SDK_OUTPUT}/${SDKPATH}/
@@ -324,6 +324,13 @@ def sdk_variables(d):
324 324
325do_populate_sdk[vardeps] += "${@sdk_variables(d)}" 325do_populate_sdk[vardeps] += "${@sdk_variables(d)}"
326 326
327python () {
328 variables = sdk_command_variables(d)
329 for var in variables:
330 if d.getVar(var, False):
331 d.setVarFlag(var, 'func', '1')
332}
333
327do_populate_sdk[file-checksums] += "${TOOLCHAIN_SHAR_REL_TMPL}:True \ 334do_populate_sdk[file-checksums] += "${TOOLCHAIN_SHAR_REL_TMPL}:True \
328 ${TOOLCHAIN_SHAR_EXT_TMPL}:True" 335 ${TOOLCHAIN_SHAR_EXT_TMPL}:True"
329 336
diff --git a/meta/classes/populate_sdk_ext.bbclass b/meta/classes/populate_sdk_ext.bbclass
index 71686bc..aa00d53 100644
--- a/meta/classes/populate_sdk_ext.bbclass
+++ b/meta/classes/populate_sdk_ext.bbclass
@@ -247,7 +247,9 @@ python copy_buildsystem () {
247 247
248 # Create a layer for new recipes / appends 248 # Create a layer for new recipes / appends
249 bbpath = d.getVar('BBPATH') 249 bbpath = d.getVar('BBPATH')
250 bb.process.run(['devtool', '--bbpath', bbpath, '--basepath', baseoutpath, 'create-workspace', '--create-only', os.path.join(baseoutpath, 'workspace')]) 250 env = os.environ.copy()
251 env['PYTHONDONTWRITEBYTECODE'] = '1'
252 bb.process.run(['devtool', '--bbpath', bbpath, '--basepath', baseoutpath, 'create-workspace', '--create-only', os.path.join(baseoutpath, 'workspace')], env=env)
251 253
252 # Create bblayers.conf 254 # Create bblayers.conf
253 bb.utils.mkdirhier(baseoutpath + '/conf') 255 bb.utils.mkdirhier(baseoutpath + '/conf')
@@ -360,6 +362,9 @@ python copy_buildsystem () {
360 # Hide the config information from bitbake output (since it's fixed within the SDK) 362 # Hide the config information from bitbake output (since it's fixed within the SDK)
361 f.write('BUILDCFG_HEADER = ""\n\n') 363 f.write('BUILDCFG_HEADER = ""\n\n')
362 364
365 # Write METADATA_REVISION
366 f.write('METADATA_REVISION = "%s"\n\n' % d.getVar('METADATA_REVISION'))
367
363 f.write('# Provide a flag to indicate we are in the EXT_SDK Context\n') 368 f.write('# Provide a flag to indicate we are in the EXT_SDK Context\n')
364 f.write('WITHIN_EXT_SDK = "1"\n\n') 369 f.write('WITHIN_EXT_SDK = "1"\n\n')
365 370
diff --git a/meta/classes/report-error.bbclass b/meta/classes/report-error.bbclass
index 1a12db1..9cb6b0b 100644
--- a/meta/classes/report-error.bbclass
+++ b/meta/classes/report-error.bbclass
@@ -6,6 +6,8 @@
6# 6#
7# Licensed under the MIT license, see COPYING.MIT for details 7# Licensed under the MIT license, see COPYING.MIT for details
8 8
9inherit base
10
9ERR_REPORT_DIR ?= "${LOG_DIR}/error-report" 11ERR_REPORT_DIR ?= "${LOG_DIR}/error-report"
10 12
11def errorreport_getdata(e): 13def errorreport_getdata(e):
@@ -64,6 +66,8 @@ python errorreport_handler () {
64 data['failures'] = [] 66 data['failures'] = []
65 data['component'] = " ".join(e.getPkgs()) 67 data['component'] = " ".join(e.getPkgs())
66 data['branch_commit'] = str(base_detect_branch(e.data)) + ": " + str(base_detect_revision(e.data)) 68 data['branch_commit'] = str(base_detect_branch(e.data)) + ": " + str(base_detect_revision(e.data))
69 data['bitbake_version'] = e.data.getVar("BB_VERSION")
70 data['layer_version'] = get_layers_branch_rev(e.data)
67 data['local_conf'] = get_conf_data(e, 'local.conf') 71 data['local_conf'] = get_conf_data(e, 'local.conf')
68 data['auto_conf'] = get_conf_data(e, 'auto.conf') 72 data['auto_conf'] = get_conf_data(e, 'auto.conf')
69 lock = bb.utils.lockfile(datafile + '.lock') 73 lock = bb.utils.lockfile(datafile + '.lock')
diff --git a/meta/classes/reproducible_build.bbclass b/meta/classes/reproducible_build.bbclass
index 2f3bd90..f06e00d 100644
--- a/meta/classes/reproducible_build.bbclass
+++ b/meta/classes/reproducible_build.bbclass
@@ -37,10 +37,13 @@
37BUILD_REPRODUCIBLE_BINARIES ??= '1' 37BUILD_REPRODUCIBLE_BINARIES ??= '1'
38inherit ${@oe.utils.ifelse(d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1', 'reproducible_build_simple', '')} 38inherit ${@oe.utils.ifelse(d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1', 'reproducible_build_simple', '')}
39 39
40SDE_DIR ="${WORKDIR}/source-date-epoch" 40SDE_DIR = "${WORKDIR}/source-date-epoch"
41SDE_FILE = "${SDE_DIR}/__source_date_epoch.txt" 41SDE_FILE = "${SDE_DIR}/__source_date_epoch.txt"
42SDE_DEPLOYDIR = "${WORKDIR}/deploy-source-date-epoch" 42SDE_DEPLOYDIR = "${WORKDIR}/deploy-source-date-epoch"
43 43
44# A SOURCE_DATE_EPOCH of '0' might be misinterpreted as no SDE
45export SOURCE_DATE_EPOCH_FALLBACK ??= "1302044400"
46
44SSTATETASKS += "do_deploy_source_date_epoch" 47SSTATETASKS += "do_deploy_source_date_epoch"
45 48
46do_deploy_source_date_epoch () { 49do_deploy_source_date_epoch () {
@@ -93,15 +96,19 @@ def get_source_date_epoch_value(d):
93 return cached 96 return cached
94 97
95 epochfile = d.getVar('SDE_FILE') 98 epochfile = d.getVar('SDE_FILE')
96 source_date_epoch = 0 99 source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK'))
97 if os.path.isfile(epochfile): 100 if os.path.isfile(epochfile):
98 with open(epochfile, 'r') as f: 101 with open(epochfile, 'r') as f:
99 s = f.read() 102 s = f.read()
100 try: 103 try:
101 source_date_epoch = int(s) 104 source_date_epoch = int(s)
105 # workaround for old sstate with SDE_FILE content being 0 - use SOURCE_DATE_EPOCH_FALLBACK
106 if source_date_epoch == 0 :
107 source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK'))
108 bb.warn("SOURCE_DATE_EPOCH value from sstate '%s' is deprecated/invalid. Reverting to SOURCE_DATE_EPOCH_FALLBACK '%s'" % (s, source_date_epoch))
102 except ValueError: 109 except ValueError:
103 bb.warn("SOURCE_DATE_EPOCH value '%s' is invalid. Reverting to 0" % s) 110 bb.warn("SOURCE_DATE_EPOCH value '%s' is invalid. Reverting to SOURCE_DATE_EPOCH_FALLBACK" % s)
104 source_date_epoch = 0 111 source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK'))
105 bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch) 112 bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch)
106 else: 113 else:
107 bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch)) 114 bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch))
diff --git a/meta/conf/abi_version.conf b/meta/conf/abi_version.conf
index 251d43b..35faef9 100644
--- a/meta/conf/abi_version.conf
+++ b/meta/conf/abi_version.conf
@@ -12,4 +12,4 @@ OELAYOUT_ABI = "14"
12# a reset of the equivalence, for example when reproducibility issues break the 12# a reset of the equivalence, for example when reproducibility issues break the
13# existing match data. Distros can also append to this value for the same effect. 13# existing match data. Distros can also append to this value for the same effect.
14# 14#
15HASHEQUIV_HASH_VERSION = "4" 15HASHEQUIV_HASH_VERSION = "5"
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 6ada009..76942d9 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -480,7 +480,7 @@ export PATH
480# Build utility info. 480# Build utility info.
481################################################################## 481##################################################################
482 482
483# Directory where host tools are copied 483# Directory with symlinks to host tools used by build
484HOSTTOOLS_DIR = "${TMPDIR}/hosttools" 484HOSTTOOLS_DIR = "${TMPDIR}/hosttools"
485 485
486# Tools needed to run builds with OE-Core 486# Tools needed to run builds with OE-Core
@@ -687,7 +687,10 @@ SRC_URI = ""
687PSEUDO_LOCALSTATEDIR ?= "${WORKDIR}/pseudo/" 687PSEUDO_LOCALSTATEDIR ?= "${WORKDIR}/pseudo/"
688PSEUDO_PASSWD ?= "${STAGING_DIR_TARGET}:${PSEUDO_SYSROOT}" 688PSEUDO_PASSWD ?= "${STAGING_DIR_TARGET}:${PSEUDO_SYSROOT}"
689PSEUDO_SYSROOT = "${COMPONENTS_DIR}/${BUILD_ARCH}/pseudo-native" 689PSEUDO_SYSROOT = "${COMPONENTS_DIR}/${BUILD_ARCH}/pseudo-native"
690PSEUDO_IGNORE_PATHS = "/usr/,/etc/,/lib,/dev/,/run/,${T},${WORKDIR}/recipe-sysroot,${SSTATE_DIR},${STAMPS_DIR},${WORKDIR}/pkgdata-sysroot,${TMPDIR}/sstate-control,${DEPLOY_DIR},${WORKDIR}/deploy-,${TMPDIR}/buildstats,${WORKDIR}/sstate-build-package_,${WORKDIR}/sstate-install-package_,${WORKDIR}/sstate-build-image_complete,${TMPDIR}/sysroots-components,${BUILDHISTORY_DIR},${TMPDIR}/pkgdata,${TOPDIR}/cache,${COREBASE}/scripts,${CCACHE_DIR}" 690PSEUDO_IGNORE_PATHS = "/usr/,/etc/,/lib,/dev/,/run/,${T},${WORKDIR}/recipe-sysroot,${SSTATE_DIR},${STAMPS_DIR}"
691PSEUDO_IGNORE_PATHS .= ",${TMPDIR}/sstate-control,${TMPDIR}/buildstats,${TMPDIR}/sysroots-components,${TMPDIR}/pkgdata"
692PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/deploy-,${WORKDIR}/sstate-build-package_,${WORKDIR}/sstate-install-package_,${WORKDIR}/pkgdata-sysroot"
693PSEUDO_IGNORE_PATHS .= ",${DEPLOY_DIR},${BUILDHISTORY_DIR},${TOPDIR}/cache,${COREBASE}/scripts,${CCACHE_DIR}"
691 694
692export PSEUDO_DISABLED = "1" 695export PSEUDO_DISABLED = "1"
693#export PSEUDO_PREFIX = "${STAGING_DIR_NATIVE}${prefix_native}" 696#export PSEUDO_PREFIX = "${STAGING_DIR_NATIVE}${prefix_native}"
diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index ff962a3..ef1e7fe 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -88,8 +88,8 @@ RECIPE_MAINTAINER_pn-builder = "Richard Purdie <richard.purdie@linuxfoundation.o
88RECIPE_MAINTAINER_pn-buildtools-extended-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>" 88RECIPE_MAINTAINER_pn-buildtools-extended-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>"
89RECIPE_MAINTAINER_pn-buildtools-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>" 89RECIPE_MAINTAINER_pn-buildtools-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>"
90RECIPE_MAINTAINER_pn-busybox = "Andrej Valek <andrej.valek@siemens.com>" 90RECIPE_MAINTAINER_pn-busybox = "Andrej Valek <andrej.valek@siemens.com>"
91RECIPE_MAINTAINER_pn-busybox-inittab = "Denys Dmytriyenko <denys@ti.com>" 91RECIPE_MAINTAINER_pn-busybox-inittab = "Denys Dmytriyenko <denys@denix.org>"
92RECIPE_MAINTAINER_pn-bzip2 = "Denys Dmytriyenko <denys@ti.com>" 92RECIPE_MAINTAINER_pn-bzip2 = "Denys Dmytriyenko <denys@denix.org>"
93RECIPE_MAINTAINER_pn-ca-certificates = "Alexander Kanavin <alex.kanavin@gmail.com>" 93RECIPE_MAINTAINER_pn-ca-certificates = "Alexander Kanavin <alex.kanavin@gmail.com>"
94RECIPE_MAINTAINER_pn-cairo = "Anuj Mittal <anuj.mittal@intel.com>" 94RECIPE_MAINTAINER_pn-cairo = "Anuj Mittal <anuj.mittal@intel.com>"
95RECIPE_MAINTAINER_pn-cantarell-fonts = "Alexander Kanavin <alex.kanavin@gmail.com>" 95RECIPE_MAINTAINER_pn-cantarell-fonts = "Alexander Kanavin <alex.kanavin@gmail.com>"
@@ -125,7 +125,7 @@ RECIPE_MAINTAINER_pn-core-image-sato-dev = "Richard Purdie <richard.purdie@linux
125RECIPE_MAINTAINER_pn-core-image-sato-ptest-fast = "Richard Purdie <richard.purdie@linuxfoundation.org>" 125RECIPE_MAINTAINER_pn-core-image-sato-ptest-fast = "Richard Purdie <richard.purdie@linuxfoundation.org>"
126RECIPE_MAINTAINER_pn-core-image-sato-sdk-ptest = "Richard Purdie <richard.purdie@linuxfoundation.org>" 126RECIPE_MAINTAINER_pn-core-image-sato-sdk-ptest = "Richard Purdie <richard.purdie@linuxfoundation.org>"
127RECIPE_MAINTAINER_pn-coreutils = "Chen Qi <Qi.Chen@windriver.com>" 127RECIPE_MAINTAINER_pn-coreutils = "Chen Qi <Qi.Chen@windriver.com>"
128RECIPE_MAINTAINER_pn-cpio = "Denys Dmytriyenko <denys@ti.com>" 128RECIPE_MAINTAINER_pn-cpio = "Denys Dmytriyenko <denys@denix.org>"
129RECIPE_MAINTAINER_pn-cracklib = "Armin Kuster <akuster808@gmail.com>" 129RECIPE_MAINTAINER_pn-cracklib = "Armin Kuster <akuster808@gmail.com>"
130RECIPE_MAINTAINER_pn-createrepo-c = "Alexander Kanavin <alex.kanavin@gmail.com>" 130RECIPE_MAINTAINER_pn-createrepo-c = "Alexander Kanavin <alex.kanavin@gmail.com>"
131RECIPE_MAINTAINER_pn-cronie = "Anuj Mittal <anuj.mittal@intel.com>" 131RECIPE_MAINTAINER_pn-cronie = "Anuj Mittal <anuj.mittal@intel.com>"
@@ -233,7 +233,7 @@ RECIPE_MAINTAINER_pn-gobject-introspection = "Alexander Kanavin <alex.kanavin@gm
233RECIPE_MAINTAINER_pn-gperf = "Alexander Kanavin <alex.kanavin@gmail.com>" 233RECIPE_MAINTAINER_pn-gperf = "Alexander Kanavin <alex.kanavin@gmail.com>"
234RECIPE_MAINTAINER_pn-gpgme = "Hongxu Jia <hongxu.jia@windriver.com>" 234RECIPE_MAINTAINER_pn-gpgme = "Hongxu Jia <hongxu.jia@windriver.com>"
235RECIPE_MAINTAINER_pn-gptfdisk = "Alexander Kanavin <alex.kanavin@gmail.com>" 235RECIPE_MAINTAINER_pn-gptfdisk = "Alexander Kanavin <alex.kanavin@gmail.com>"
236RECIPE_MAINTAINER_pn-grep = "Denys Dmytriyenko <denys@ti.com>" 236RECIPE_MAINTAINER_pn-grep = "Denys Dmytriyenko <denys@denix.org>"
237RECIPE_MAINTAINER_pn-groff = "Hongxu Jia <hongxu.jia@windriver.com>" 237RECIPE_MAINTAINER_pn-groff = "Hongxu Jia <hongxu.jia@windriver.com>"
238RECIPE_MAINTAINER_pn-grub = "Anuj Mittal <anuj.mittal@intel.com>" 238RECIPE_MAINTAINER_pn-grub = "Anuj Mittal <anuj.mittal@intel.com>"
239RECIPE_MAINTAINER_pn-grub-bootconf = "Anuj Mittal <anuj.mittal@intel.com>" 239RECIPE_MAINTAINER_pn-grub-bootconf = "Anuj Mittal <anuj.mittal@intel.com>"
@@ -254,9 +254,9 @@ RECIPE_MAINTAINER_pn-gstreamer1.0-rtsp-server = "Anuj Mittal <anuj.mittal@intel.
254RECIPE_MAINTAINER_pn-gstreamer1.0-vaapi = "Anuj Mittal <anuj.mittal@intel.com>" 254RECIPE_MAINTAINER_pn-gstreamer1.0-vaapi = "Anuj Mittal <anuj.mittal@intel.com>"
255RECIPE_MAINTAINER_pn-gtk+3 = "Ross Burton <ross.burton@arm.com>" 255RECIPE_MAINTAINER_pn-gtk+3 = "Ross Burton <ross.burton@arm.com>"
256RECIPE_MAINTAINER_pn-gtk-doc = "Alexander Kanavin <alex.kanavin@gmail.com>" 256RECIPE_MAINTAINER_pn-gtk-doc = "Alexander Kanavin <alex.kanavin@gmail.com>"
257RECIPE_MAINTAINER_pn-gzip = "Denys Dmytriyenko <denys@ti.com>" 257RECIPE_MAINTAINER_pn-gzip = "Denys Dmytriyenko <denys@denix.org>"
258RECIPE_MAINTAINER_pn-harfbuzz = "Anuj Mittal <anuj.mittal@intel.com>" 258RECIPE_MAINTAINER_pn-harfbuzz = "Anuj Mittal <anuj.mittal@intel.com>"
259RECIPE_MAINTAINER_pn-hdparm = "Denys Dmytriyenko <denys@ti.com>" 259RECIPE_MAINTAINER_pn-hdparm = "Denys Dmytriyenko <denys@denix.org>"
260RECIPE_MAINTAINER_pn-help2man-native = "Hongxu Jia <hongxu.jia@windriver.com>" 260RECIPE_MAINTAINER_pn-help2man-native = "Hongxu Jia <hongxu.jia@windriver.com>"
261RECIPE_MAINTAINER_pn-hicolor-icon-theme = "Anuj Mittal <anuj.mittal@intel.com>" 261RECIPE_MAINTAINER_pn-hicolor-icon-theme = "Anuj Mittal <anuj.mittal@intel.com>"
262RECIPE_MAINTAINER_pn-hwlatdetect = "Alexander Kanavin <alex.kanavin@gmail.com>" 262RECIPE_MAINTAINER_pn-hwlatdetect = "Alexander Kanavin <alex.kanavin@gmail.com>"
@@ -454,10 +454,10 @@ RECIPE_MAINTAINER_pn-ltp = "Yi Zhao <yi.zhao@windriver.com>"
454RECIPE_MAINTAINER_pn-lttng-modules = "Richard Purdie <richard.purdie@linuxfoundation.org>" 454RECIPE_MAINTAINER_pn-lttng-modules = "Richard Purdie <richard.purdie@linuxfoundation.org>"
455RECIPE_MAINTAINER_pn-lttng-tools = "Richard Purdie <richard.purdie@linuxfoundation.org>" 455RECIPE_MAINTAINER_pn-lttng-tools = "Richard Purdie <richard.purdie@linuxfoundation.org>"
456RECIPE_MAINTAINER_pn-lttng-ust = "Richard Purdie <richard.purdie@linuxfoundation.org>" 456RECIPE_MAINTAINER_pn-lttng-ust = "Richard Purdie <richard.purdie@linuxfoundation.org>"
457RECIPE_MAINTAINER_pn-lz4 = "Denys Dmytriyenko <denys@ti.com>" 457RECIPE_MAINTAINER_pn-lz4 = "Denys Dmytriyenko <denys@denix.org>"
458RECIPE_MAINTAINER_pn-lzo = "Denys Dmytriyenko <denys@ti.com>" 458RECIPE_MAINTAINER_pn-lzo = "Denys Dmytriyenko <denys@denix.org>"
459RECIPE_MAINTAINER_pn-lzip = "Denys Dmytriyenko <denys@ti.com>" 459RECIPE_MAINTAINER_pn-lzip = "Denys Dmytriyenko <denys@denix.org>"
460RECIPE_MAINTAINER_pn-lzop = "Denys Dmytriyenko <denys@ti.com>" 460RECIPE_MAINTAINER_pn-lzop = "Denys Dmytriyenko <denys@denix.org>"
461RECIPE_MAINTAINER_pn-m4 = "Robert Yang <liezhi.yang@windriver.com>" 461RECIPE_MAINTAINER_pn-m4 = "Robert Yang <liezhi.yang@windriver.com>"
462RECIPE_MAINTAINER_pn-m4-native = "Robert Yang <liezhi.yang@windriver.com>" 462RECIPE_MAINTAINER_pn-m4-native = "Robert Yang <liezhi.yang@windriver.com>"
463RECIPE_MAINTAINER_pn-make = "Robert Yang <liezhi.yang@windriver.com>" 463RECIPE_MAINTAINER_pn-make = "Robert Yang <liezhi.yang@windriver.com>"
@@ -501,7 +501,7 @@ RECIPE_MAINTAINER_pn-mpeg2dec = "Alexander Kanavin <alex.kanavin@gmail.com>"
501RECIPE_MAINTAINER_pn-mpfr = "Khem Raj <raj.khem@gmail.com>" 501RECIPE_MAINTAINER_pn-mpfr = "Khem Raj <raj.khem@gmail.com>"
502RECIPE_MAINTAINER_pn-mpg123 = "Alexander Kanavin <alex.kanavin@gmail.com>" 502RECIPE_MAINTAINER_pn-mpg123 = "Alexander Kanavin <alex.kanavin@gmail.com>"
503RECIPE_MAINTAINER_pn-msmtp = "Alexander Kanavin <alex.kanavin@gmail.com>" 503RECIPE_MAINTAINER_pn-msmtp = "Alexander Kanavin <alex.kanavin@gmail.com>"
504RECIPE_MAINTAINER_pn-mtd-utils = "Denys Dmytriyenko <denys@ti.com>" 504RECIPE_MAINTAINER_pn-mtd-utils = "Denys Dmytriyenko <denys@denix.org>"
505RECIPE_MAINTAINER_pn-mtdev = "Anuj Mittal <anuj.mittal@intel.com>" 505RECIPE_MAINTAINER_pn-mtdev = "Anuj Mittal <anuj.mittal@intel.com>"
506RECIPE_MAINTAINER_pn-mtools = "Anuj Mittal <anuj.mittal@intel.com>" 506RECIPE_MAINTAINER_pn-mtools = "Anuj Mittal <anuj.mittal@intel.com>"
507RECIPE_MAINTAINER_pn-musl = "Khem Raj <raj.khem@gmail.com>" 507RECIPE_MAINTAINER_pn-musl = "Khem Raj <raj.khem@gmail.com>"
@@ -545,7 +545,7 @@ RECIPE_MAINTAINER_pn-pango = "Ross Burton <ross.burton@arm.com>"
545RECIPE_MAINTAINER_pn-parted = "Hongxu Jia <hongxu.jia@windriver.com>" 545RECIPE_MAINTAINER_pn-parted = "Hongxu Jia <hongxu.jia@windriver.com>"
546RECIPE_MAINTAINER_pn-patch = "Hongxu Jia <hongxu.jia@windriver.com>" 546RECIPE_MAINTAINER_pn-patch = "Hongxu Jia <hongxu.jia@windriver.com>"
547RECIPE_MAINTAINER_pn-patchelf = "Richard Purdie <richard.purdie@linuxfoundation.org>" 547RECIPE_MAINTAINER_pn-patchelf = "Richard Purdie <richard.purdie@linuxfoundation.org>"
548RECIPE_MAINTAINER_pn-pbzip2 = "Denys Dmytriyenko <denys@ti.com>" 548RECIPE_MAINTAINER_pn-pbzip2 = "Denys Dmytriyenko <denys@denix.org>"
549RECIPE_MAINTAINER_pn-pciutils = "Chen Qi <Qi.Chen@windriver.com>" 549RECIPE_MAINTAINER_pn-pciutils = "Chen Qi <Qi.Chen@windriver.com>"
550RECIPE_MAINTAINER_pn-pcmanfm = "Alexander Kanavin <alex.kanavin@gmail.com>" 550RECIPE_MAINTAINER_pn-pcmanfm = "Alexander Kanavin <alex.kanavin@gmail.com>"
551RECIPE_MAINTAINER_pn-perf = "Bruce Ashfield <bruce.ashfield@gmail.com>" 551RECIPE_MAINTAINER_pn-perf = "Bruce Ashfield <bruce.ashfield@gmail.com>"
@@ -661,9 +661,9 @@ RECIPE_MAINTAINER_pn-systemd-conf = "Chen Qi <Qi.Chen@windriver.com>"
661RECIPE_MAINTAINER_pn-systemd-compat-units = "Chen Qi <Qi.Chen@windriver.com>" 661RECIPE_MAINTAINER_pn-systemd-compat-units = "Chen Qi <Qi.Chen@windriver.com>"
662RECIPE_MAINTAINER_pn-systemd-serialgetty = "Chen Qi <Qi.Chen@windriver.com>" 662RECIPE_MAINTAINER_pn-systemd-serialgetty = "Chen Qi <Qi.Chen@windriver.com>"
663RECIPE_MAINTAINER_pn-systemd-systemctl-native = "Chen Qi <Qi.Chen@windriver.com>" 663RECIPE_MAINTAINER_pn-systemd-systemctl-native = "Chen Qi <Qi.Chen@windriver.com>"
664RECIPE_MAINTAINER_pn-systemtap = "Victor Kamensky <kamensky@cisco.com>" 664RECIPE_MAINTAINER_pn-systemtap = "Victor Kamensky <victor.kamensky7@gmail.com>"
665RECIPE_MAINTAINER_pn-systemtap-native = "Victor Kamensky <kamensky@cisco.com>" 665RECIPE_MAINTAINER_pn-systemtap-native = "Victor Kamensky <victor.kamensky7@gmail.com>"
666RECIPE_MAINTAINER_pn-systemtap-uprobes = "Victor Kamensky <kamensky@cisco.com>" 666RECIPE_MAINTAINER_pn-systemtap-uprobes = "Victor Kamensky <victor.kamensky7@gmail.com>"
667RECIPE_MAINTAINER_pn-sysvinit = "Ross Burton <ross.burton@arm.com>" 667RECIPE_MAINTAINER_pn-sysvinit = "Ross Burton <ross.burton@arm.com>"
668RECIPE_MAINTAINER_pn-sysvinit-inittab = "Ross Burton <ross.burton@arm.com>" 668RECIPE_MAINTAINER_pn-sysvinit-inittab = "Ross Burton <ross.burton@arm.com>"
669RECIPE_MAINTAINER_pn-taglib = "Anuj Mittal <anuj.mittal@intel.com>" 669RECIPE_MAINTAINER_pn-taglib = "Anuj Mittal <anuj.mittal@intel.com>"
@@ -685,7 +685,7 @@ RECIPE_MAINTAINER_pn-udev-extraconf = "Ross Burton <ross.burton@arm.com>"
685RECIPE_MAINTAINER_pn-unfs3 = "Ross Burton <ross.burton@arm.com>" 685RECIPE_MAINTAINER_pn-unfs3 = "Ross Burton <ross.burton@arm.com>"
686RECIPE_MAINTAINER_pn-unifdef = "Ross Burton <ross.burton@arm.com>" 686RECIPE_MAINTAINER_pn-unifdef = "Ross Burton <ross.burton@arm.com>"
687RECIPE_MAINTAINER_pn-uninative-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>" 687RECIPE_MAINTAINER_pn-uninative-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>"
688RECIPE_MAINTAINER_pn-unzip = "Denys Dmytriyenko <denys@ti.com>" 688RECIPE_MAINTAINER_pn-unzip = "Denys Dmytriyenko <denys@denix.org>"
689RECIPE_MAINTAINER_pn-update-rc.d = "Ross Burton <ross.burton@arm.com>" 689RECIPE_MAINTAINER_pn-update-rc.d = "Ross Burton <ross.burton@arm.com>"
690RECIPE_MAINTAINER_pn-usbinit = "Alexander Kanavin <alex.kanavin@gmail.com>" 690RECIPE_MAINTAINER_pn-usbinit = "Alexander Kanavin <alex.kanavin@gmail.com>"
691RECIPE_MAINTAINER_pn-usbutils = "Alexander Kanavin <alex.kanavin@gmail.com>" 691RECIPE_MAINTAINER_pn-usbutils = "Alexander Kanavin <alex.kanavin@gmail.com>"
@@ -706,11 +706,11 @@ RECIPE_MAINTAINER_pn-vulkan-tools = "Anuj Mittal <anuj.mittal@intel.com>"
706RECIPE_MAINTAINER_pn-waffle = "Ross Burton <ross.burton@arm.com>" 706RECIPE_MAINTAINER_pn-waffle = "Ross Burton <ross.burton@arm.com>"
707RECIPE_MAINTAINER_pn-watchdog = "Alexander Kanavin <alex.kanavin@gmail.com>" 707RECIPE_MAINTAINER_pn-watchdog = "Alexander Kanavin <alex.kanavin@gmail.com>"
708RECIPE_MAINTAINER_pn-watchdog-config = "Alexander Kanavin <alex.kanavin@gmail.com>" 708RECIPE_MAINTAINER_pn-watchdog-config = "Alexander Kanavin <alex.kanavin@gmail.com>"
709RECIPE_MAINTAINER_pn-wayland = "Denys Dmytriyenko <denys@ti.com>" 709RECIPE_MAINTAINER_pn-wayland = "Denys Dmytriyenko <denys@denix.org>"
710RECIPE_MAINTAINER_pn-wayland-protocols = "Denys Dmytriyenko <denys@ti.com>" 710RECIPE_MAINTAINER_pn-wayland-protocols = "Denys Dmytriyenko <denys@denix.org>"
711RECIPE_MAINTAINER_pn-webkitgtk = "Alexander Kanavin <alex.kanavin@gmail.com>" 711RECIPE_MAINTAINER_pn-webkitgtk = "Alexander Kanavin <alex.kanavin@gmail.com>"
712RECIPE_MAINTAINER_pn-weston = "Denys Dmytriyenko <denys@ti.com>" 712RECIPE_MAINTAINER_pn-weston = "Denys Dmytriyenko <denys@denix.org>"
713RECIPE_MAINTAINER_pn-weston-init = "Denys Dmytriyenko <denys@ti.com>" 713RECIPE_MAINTAINER_pn-weston-init = "Denys Dmytriyenko <denys@denix.org>"
714RECIPE_MAINTAINER_pn-wget = "Yi Zhao <yi.zhao@windriver.com>" 714RECIPE_MAINTAINER_pn-wget = "Yi Zhao <yi.zhao@windriver.com>"
715RECIPE_MAINTAINER_pn-which = "Anuj Mittal <anuj.mittal@intel.com>" 715RECIPE_MAINTAINER_pn-which = "Anuj Mittal <anuj.mittal@intel.com>"
716RECIPE_MAINTAINER_pn-wic-tools = "Anuj Mittal <anuj.mittal@intel.com>" 716RECIPE_MAINTAINER_pn-wic-tools = "Anuj Mittal <anuj.mittal@intel.com>"
@@ -764,6 +764,6 @@ RECIPE_MAINTAINER_pn-xtrans = "Armin Kuster <akuster808@gmail.com>"
764RECIPE_MAINTAINER_pn-xuser-account = "Armin Kuster <akuster808@gmail.com>" 764RECIPE_MAINTAINER_pn-xuser-account = "Armin Kuster <akuster808@gmail.com>"
765RECIPE_MAINTAINER_pn-xvinfo = "Armin Kuster <akuster808@gmail.com>" 765RECIPE_MAINTAINER_pn-xvinfo = "Armin Kuster <akuster808@gmail.com>"
766RECIPE_MAINTAINER_pn-xwininfo = "Armin Kuster <akuster808@gmail.com>" 766RECIPE_MAINTAINER_pn-xwininfo = "Armin Kuster <akuster808@gmail.com>"
767RECIPE_MAINTAINER_pn-xz = "Denys Dmytriyenko <denys@ti.com>" 767RECIPE_MAINTAINER_pn-xz = "Denys Dmytriyenko <denys@denix.org>"
768RECIPE_MAINTAINER_pn-zip = "Denys Dmytriyenko <denys@ti.com>" 768RECIPE_MAINTAINER_pn-zip = "Denys Dmytriyenko <denys@denix.org>"
769RECIPE_MAINTAINER_pn-zlib = "Denys Dmytriyenko <denys@ti.com>" 769RECIPE_MAINTAINER_pn-zlib = "Denys Dmytriyenko <denys@denix.org>"
diff --git a/meta/conf/distro/include/ptest-packagelists.inc b/meta/conf/distro/include/ptest-packagelists.inc
index c13ff72..badfd69 100644
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -60,6 +60,7 @@ PTESTS_FAST = "\
60# bash-ptest \ # Test outcomes are non-deterministic by design 60# bash-ptest \ # Test outcomes are non-deterministic by design
61# ifupdown-ptest \ # Tested separately in lib/oeqa/selftest/cases/imagefeatures.py 61# ifupdown-ptest \ # Tested separately in lib/oeqa/selftest/cases/imagefeatures.py
62# mdadm-ptest \ # Tests rely on non-deterministic sleep() amounts 62# mdadm-ptest \ # Tests rely on non-deterministic sleep() amounts
63# libinput-ptest \ # Tests need an unloaded system to be reliable
63#" 64#"
64 65
65PTESTS_SLOW = "\ 66PTESTS_SLOW = "\
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index 8533601..a2a2dd1 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,9 +6,9 @@
6# to the distro running on the build machine. 6# to the distro running on the build machine.
7# 7#
8 8
9UNINATIVE_MAXGLIBCVERSION = "2.32" 9UNINATIVE_MAXGLIBCVERSION = "2.33"
10 10
11UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.10/" 11UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.0/"
12UNINATIVE_CHECKSUM[aarch64] ?= "645e5c50b2b48aabb8b10f783a9f94b4b7c5ddc7cfceb5386d43b86d30253202" 12UNINATIVE_CHECKSUM[aarch64] ?= "1c668909098c5b56132067adc69a249cb771f4560428e5822de903a12d97bf33"
13UNINATIVE_CHECKSUM[i686] ?= "233e09b5ff30e15341232a0c16fa8448ff31dccb8f3f3e2ad3948cdac8c4a598" 13UNINATIVE_CHECKSUM[i686] ?= "e6cc2fc056234cffa6a2ff084cce27d544ea3f487a62b5e253351cefd4421900"
14UNINATIVE_CHECKSUM[x86_64] ?= "04333677f81990ce2cf55c3bc256cd84a66085d18fc95ccddfab8581e4aec014" 14UNINATIVE_CHECKSUM[x86_64] ?= "5ec5a9276046e7eceeac749a18b175667384e1f445cd4526300a41404d985a5b"
diff --git a/meta/lib/bblayers/create.py b/meta/lib/bblayers/create.py
index 542f31f..f49b48d 100644
--- a/meta/lib/bblayers/create.py
+++ b/meta/lib/bblayers/create.py
@@ -71,7 +71,7 @@ class CreatePlugin(LayerPlugin):
71 def register_commands(self, sp): 71 def register_commands(self, sp):
72 parser_create_layer = self.add_command(sp, 'create-layer', self.do_create_layer, parserecipes=False) 72 parser_create_layer = self.add_command(sp, 'create-layer', self.do_create_layer, parserecipes=False)
73 parser_create_layer.add_argument('layerdir', help='Layer directory to create') 73 parser_create_layer.add_argument('layerdir', help='Layer directory to create')
74 parser_create_layer.add_argument('--priority', '-p', default=6, help='Layer directory to create') 74 parser_create_layer.add_argument('--priority', '-p', default=6, help='Priority of recipes in layer')
75 parser_create_layer.add_argument('--example-recipe-name', '-e', dest='examplerecipe', default='example', help='Filename of the example recipe') 75 parser_create_layer.add_argument('--example-recipe-name', '-e', dest='examplerecipe', default='example', help='Filename of the example recipe')
76 parser_create_layer.add_argument('--example-recipe-version', '-v', dest='version', default='0.1', help='Version number for the example recipe') 76 parser_create_layer.add_argument('--example-recipe-version', '-v', dest='version', default='0.1', help='Version number for the example recipe')
77 77
diff --git a/meta/lib/oe/copy_buildsystem.py b/meta/lib/oe/copy_buildsystem.py
index 31a84f5..d97bf9d 100644
--- a/meta/lib/oe/copy_buildsystem.py
+++ b/meta/lib/oe/copy_buildsystem.py
@@ -20,7 +20,7 @@ def _smart_copy(src, dest):
20 mode = os.stat(src).st_mode 20 mode = os.stat(src).st_mode
21 if stat.S_ISDIR(mode): 21 if stat.S_ISDIR(mode):
22 bb.utils.mkdirhier(dest) 22 bb.utils.mkdirhier(dest)
23 cmd = "tar --exclude='.git' --xattrs --xattrs-include='*' -chf - -C %s -p . \ 23 cmd = "tar --exclude='.git' --exclude='__pycache__' --xattrs --xattrs-include='*' -chf - -C %s -p . \
24 | tar --xattrs --xattrs-include='*' -xf - -C %s" % (src, dest) 24 | tar --xattrs --xattrs-include='*' -xf - -C %s" % (src, dest)
25 subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT) 25 subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
26 else: 26 else:
@@ -259,7 +259,7 @@ def create_locked_sstate_cache(lockedsigs, input_sstate_cache, output_sstate_cac
259 bb.note('Generating sstate-cache...') 259 bb.note('Generating sstate-cache...')
260 260
261 nativelsbstring = d.getVar('NATIVELSBSTRING') 261 nativelsbstring = d.getVar('NATIVELSBSTRING')
262 bb.process.run("gen-lockedsig-cache %s %s %s %s %s" % (lockedsigs, input_sstate_cache, output_sstate_cache, nativelsbstring, filterfile or '')) 262 bb.process.run("PYTHONDONTWRITEBYTECODE=1 gen-lockedsig-cache %s %s %s %s %s" % (lockedsigs, input_sstate_cache, output_sstate_cache, nativelsbstring, filterfile or ''))
263 if fixedlsbstring and nativelsbstring != fixedlsbstring: 263 if fixedlsbstring and nativelsbstring != fixedlsbstring:
264 nativedir = output_sstate_cache + '/' + nativelsbstring 264 nativedir = output_sstate_cache + '/' + nativelsbstring
265 if os.path.isdir(nativedir): 265 if os.path.isdir(nativedir):
@@ -286,7 +286,7 @@ def check_sstate_task_list(d, targets, filteroutfile, cmdprefix='', cwd=None, lo
286 logparam = '-l %s' % logfile 286 logparam = '-l %s' % logfile
287 else: 287 else:
288 logparam = '' 288 logparam = ''
289 cmd = "%sBB_SETSCENE_ENFORCE=1 PSEUDO_DISABLED=1 oe-check-sstate %s -s -o %s %s" % (cmdprefix, targets, filteroutfile, logparam) 289 cmd = "%sPYTHONDONTWRITEBYTECODE=1 BB_SETSCENE_ENFORCE=1 PSEUDO_DISABLED=1 oe-check-sstate %s -s -o %s %s" % (cmdprefix, targets, filteroutfile, logparam)
290 env = dict(d.getVar('BB_ORIGENV', False)) 290 env = dict(d.getVar('BB_ORIGENV', False))
291 env.pop('BUILDDIR', '') 291 env.pop('BUILDDIR', '')
292 env.pop('BBPATH', '') 292 env.pop('BBPATH', '')
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index ce755f9..a1d7c29 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -11,8 +11,13 @@ _Version = collections.namedtuple(
11class Version(): 11class Version():
12 12
13 def __init__(self, version, suffix=None): 13 def __init__(self, version, suffix=None):
14
15 suffixes = ["alphabetical", "patch"]
16
14 if str(suffix) == "alphabetical": 17 if str(suffix) == "alphabetical":
15 version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(?P<patch_l>[a-z]))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?""" 18 version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(?P<patch_l>[a-z]))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
19 elif str(suffix) == "patch":
20 version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(p|patch)(?P<patch_l>[0-9]+))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
16 else: 21 else:
17 version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?""" 22 version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
18 regex = re.compile(r"^\s*" + version_pattern + r"\s*$", re.VERBOSE | re.IGNORECASE) 23 regex = re.compile(r"^\s*" + version_pattern + r"\s*$", re.VERBOSE | re.IGNORECASE)
@@ -23,7 +28,7 @@ class Version():
23 28
24 self._version = _Version( 29 self._version = _Version(
25 release=tuple(int(i) for i in match.group("release").replace("-",".").split(".")), 30 release=tuple(int(i) for i in match.group("release").replace("-",".").split(".")),
26 patch_l=match.group("patch_l") if str(suffix) == "alphabetical" and match.group("patch_l") else "", 31 patch_l=match.group("patch_l") if str(suffix) in suffixes and match.group("patch_l") else "",
27 pre_l=match.group("pre_l"), 32 pre_l=match.group("pre_l"),
28 pre_v=match.group("pre_v") 33 pre_v=match.group("pre_v")
29 ) 34 )
diff --git a/meta/lib/oe/reproducible.py b/meta/lib/oe/reproducible.py
index 0fb02cc..204b9bd 100644
--- a/meta/lib/oe/reproducible.py
+++ b/meta/lib/oe/reproducible.py
@@ -90,8 +90,12 @@ def get_source_date_epoch_from_youngest_file(d, sourcedir):
90 bb.debug(1, "Newest file found: %s" % newest_file) 90 bb.debug(1, "Newest file found: %s" % newest_file)
91 return source_date_epoch 91 return source_date_epoch
92 92
93def fixed_source_date_epoch(): 93def fixed_source_date_epoch(d):
94 bb.debug(1, "No tarball or git repo found to determine SOURCE_DATE_EPOCH") 94 bb.debug(1, "No tarball or git repo found to determine SOURCE_DATE_EPOCH")
95 source_date_epoch = d.getVar('SOURCE_DATE_EPOCH_FALLBACK')
96 if source_date_epoch:
97 bb.debug(1, "Using SOURCE_DATE_EPOCH_FALLBACK")
98 return int(source_date_epoch)
95 return 0 99 return 0
96 100
97def get_source_date_epoch(d, sourcedir): 101def get_source_date_epoch(d, sourcedir):
@@ -99,6 +103,6 @@ def get_source_date_epoch(d, sourcedir):
99 get_source_date_epoch_from_git(d, sourcedir) or 103 get_source_date_epoch_from_git(d, sourcedir) or
100 get_source_date_epoch_from_known_files(d, sourcedir) or 104 get_source_date_epoch_from_known_files(d, sourcedir) or
101 get_source_date_epoch_from_youngest_file(d, sourcedir) or 105 get_source_date_epoch_from_youngest_file(d, sourcedir) or
102 fixed_source_date_epoch() # Last resort 106 fixed_source_date_epoch(d) # Last resort
103 ) 107 )
104 108
diff --git a/meta/lib/oeqa/runtime/cases/pam.py b/meta/lib/oeqa/runtime/cases/pam.py
index 271a194..a482ded 100644
--- a/meta/lib/oeqa/runtime/cases/pam.py
+++ b/meta/lib/oeqa/runtime/cases/pam.py
@@ -8,11 +8,14 @@
8from oeqa.runtime.case import OERuntimeTestCase 8from oeqa.runtime.case import OERuntimeTestCase
9from oeqa.core.decorator.depends import OETestDepends 9from oeqa.core.decorator.depends import OETestDepends
10from oeqa.core.decorator.data import skipIfNotFeature 10from oeqa.core.decorator.data import skipIfNotFeature
11from oeqa.runtime.decorator.package import OEHasPackage
11 12
12class PamBasicTest(OERuntimeTestCase): 13class PamBasicTest(OERuntimeTestCase):
13 14
14 @skipIfNotFeature('pam', 'Test requires pam to be in DISTRO_FEATURES') 15 @skipIfNotFeature('pam', 'Test requires pam to be in DISTRO_FEATURES')
15 @OETestDepends(['ssh.SSHTest.test_ssh']) 16 @OETestDepends(['ssh.SSHTest.test_ssh'])
17 @OEHasPackage(['shadow'])
18 @OEHasPackage(['shadow-base'])
16 def test_pam(self): 19 def test_pam(self):
17 status, output = self.target.run('login --help') 20 status, output = self.target.run('login --help')
18 msg = ('login command does not work as expected. ' 21 msg = ('login command does not work as expected. '
diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py
index 3f343a2..d1947ba 100644
--- a/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -34,3 +34,11 @@ class CVECheck(OESelftestTestCase):
34 self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' < '1.0r'") 34 self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' < '1.0r'")
35 result = Version("1.0b","alphabetical") > Version("1.0","alphabetical") 35 result = Version("1.0b","alphabetical") > Version("1.0","alphabetical")
36 self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' > '1.0'") 36 self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' > '1.0'")
37
38 # consider the trailing "p" and "patch" as patched released when comparing
39 result = Version("1.0","patch") < Version("1.0p1","patch")
40 self.assertTrue( result ,msg="Failed to compare version with suffix '1.0' < '1.0p1'")
41 result = Version("1.0p2","patch") > Version("1.0p1","patch")
42 self.assertTrue( result ,msg="Failed to compare version with suffix '1.0p2' > '1.0p1'")
43 result = Version("1.0_patch2","patch") < Version("1.0_patch3","patch")
44 self.assertTrue( result ,msg="Failed to compare version with suffix '1.0_patch2' < '1.0_patch3'")
diff --git a/meta/lib/oeqa/selftest/cases/reproducible.py b/meta/lib/oeqa/selftest/cases/reproducible.py
index d480002..f570958 100644
--- a/meta/lib/oeqa/selftest/cases/reproducible.py
+++ b/meta/lib/oeqa/selftest/cases/reproducible.py
@@ -68,7 +68,7 @@ def compare_file(reference, test, diffutils_sysroot):
68 result.status = MISSING 68 result.status = MISSING
69 return result 69 return result
70 70
71 r = runCmd(['cmp', '--quiet', reference, test], native_sysroot=diffutils_sysroot, ignore_status=True) 71 r = runCmd(['cmp', '--quiet', reference, test], native_sysroot=diffutils_sysroot, ignore_status=True, sync=False)
72 72
73 if r.status: 73 if r.status:
74 result.status = DIFFERENT 74 result.status = DIFFERENT
@@ -78,8 +78,14 @@ def compare_file(reference, test, diffutils_sysroot):
78 return result 78 return result
79 79
80class ReproducibleTests(OESelftestTestCase): 80class ReproducibleTests(OESelftestTestCase):
81 # Test the reproducibility of whatever is built between sstate_targets and targets
82
81 package_classes = ['deb', 'ipk'] 83 package_classes = ['deb', 'ipk']
82 images = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline'] 84
85 # targets are the things we want to test the reproducibility of
86 targets = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline']
87 # sstate targets are things to pull from sstate to potentially cut build/debugging time
88 sstate_targets = []
83 save_results = False 89 save_results = False
84 if 'OEQA_DEBUGGING_SAVED_OUTPUT' in os.environ: 90 if 'OEQA_DEBUGGING_SAVED_OUTPUT' in os.environ:
85 save_results = os.environ['OEQA_DEBUGGING_SAVED_OUTPUT'] 91 save_results = os.environ['OEQA_DEBUGGING_SAVED_OUTPUT']
@@ -154,6 +160,11 @@ class ReproducibleTests(OESelftestTestCase):
154 tmpdir=tmpdir) 160 tmpdir=tmpdir)
155 161
156 if not use_sstate: 162 if not use_sstate:
163 if self.sstate_targets:
164 self.logger.info("Building prebuild for %s (sstate allowed)..." % (name))
165 self.write_config(config)
166 bitbake(' '.join(self.sstate_targets))
167
157 # This config fragment will disable using shared and the sstate 168 # This config fragment will disable using shared and the sstate
158 # mirror, forcing a complete build from scratch 169 # mirror, forcing a complete build from scratch
159 config += textwrap.dedent('''\ 170 config += textwrap.dedent('''\
@@ -164,7 +175,8 @@ class ReproducibleTests(OESelftestTestCase):
164 self.logger.info("Building %s (sstate%s allowed)..." % (name, '' if use_sstate else ' NOT')) 175 self.logger.info("Building %s (sstate%s allowed)..." % (name, '' if use_sstate else ' NOT'))
165 self.write_config(config) 176 self.write_config(config)
166 d = get_bb_vars(capture_vars) 177 d = get_bb_vars(capture_vars)
167 bitbake(' '.join(self.images)) 178 # targets used to be called images
179 bitbake(' '.join(getattr(self, 'images', self.targets)))
168 return d 180 return d
169 181
170 def test_reproducible_builds(self): 182 def test_reproducible_builds(self):
diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py
index 0435aa2..f7abdba 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -905,14 +905,18 @@ class Wic2(WicTestCase):
905 @only_for_arch(['i586', 'i686', 'x86_64']) 905 @only_for_arch(['i586', 'i686', 'x86_64'])
906 def test_rawcopy_plugin_qemu(self): 906 def test_rawcopy_plugin_qemu(self):
907 """Test rawcopy plugin in qemu""" 907 """Test rawcopy plugin in qemu"""
908 # build ext4 and wic images 908 # build ext4 and then use it for a wic image
909 for fstype in ("ext4", "wic"): 909 config = 'IMAGE_FSTYPES = "ext4"\n'
910 config = 'IMAGE_FSTYPES = "%s"\nWKS_FILE = "test_rawcopy_plugin.wks.in"\n' % fstype 910 self.append_config(config)
911 self.append_config(config) 911 self.assertEqual(0, bitbake('core-image-minimal').status)
912 self.assertEqual(0, bitbake('core-image-minimal').status) 912 self.remove_config(config)
913 self.remove_config(config)
914 913
915 with runqemu('core-image-minimal', ssh=False, image_fstype='wic') as qemu: 914 config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_rawcopy_plugin.wks.in"\n'
915 self.append_config(config)
916 self.assertEqual(0, bitbake('core-image-minimal-mtdutils').status)
917 self.remove_config(config)
918
919 with runqemu('core-image-minimal-mtdutils', ssh=False, image_fstype='wic') as qemu:
916 cmd = "grep sda. /proc/partitions |wc -l" 920 cmd = "grep sda. /proc/partitions |wc -l"
917 status, output = qemu.run_serial(cmd) 921 status, output = qemu.run_serial(cmd)
918 self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output)) 922 self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
diff --git a/meta/recipes-bsp/efivar/efivar/determinism.patch b/meta/recipes-bsp/efivar/efivar/determinism.patch
new file mode 100644
index 0000000..bdf6bfc
--- /dev/null
+++ b/meta/recipes-bsp/efivar/efivar/determinism.patch
@@ -0,0 +1,18 @@
1Fix reproducibility issue caused by unsorted wildcard expansion.
2
3Upstream-Status: Pending
4RP 2021/3/1
5
6Index: git/src/Makefile
7===================================================================
8--- git.orig/src/Makefile
9+++ git/src/Makefile
10@@ -15,7 +15,7 @@ TARGETS=$(LIBTARGETS) $(BINTARGETS) $(PC
11 STATICTARGETS=$(STATICLIBTARGETS) $(STATICBINTARGETS)
12
13 LIBEFIBOOT_SOURCES = crc32.c creator.c disk.c gpt.c loadopt.c path-helpers.c \
14- linux.c $(wildcard linux-*.c)
15+ linux.c $(sort $(wildcard linux-*.c))
16 LIBEFIBOOT_OBJECTS = $(patsubst %.c,%.o,$(LIBEFIBOOT_SOURCES))
17 LIBEFIVAR_SOURCES = dp.c dp-acpi.c dp-hw.c dp-media.c dp-message.c \
18 efivarfs.c error.c export.c guid.c guids.S guid-symbols.c \
diff --git a/meta/recipes-bsp/efivar/efivar_37.bb b/meta/recipes-bsp/efivar/efivar_37.bb
index 9b95721..5bf121f 100644
--- a/meta/recipes-bsp/efivar/efivar_37.bb
+++ b/meta/recipes-bsp/efivar/efivar_37.bb
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6626bb1e20189cfa95f2c508ba286393"
8COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" 8COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
9 9
10SRC_URI = "git://github.com/rhinstaller/efivar.git \ 10SRC_URI = "git://github.com/rhinstaller/efivar.git \
11 file://determinism.patch \
11 file://no-werror.patch" 12 file://no-werror.patch"
12SRCREV = "c1d6b10e1ed4ba2be07f385eae5bceb694478a10" 13SRCREV = "c1d6b10e1ed4ba2be07f385eae5bceb694478a10"
13 14
diff --git a/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb b/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb
index 9954d7f..191b0bc 100644
--- a/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb
+++ b/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Libraries for producing EFI binaries" 1SUMMARY = "Libraries for producing EFI binaries"
2HOMEPAGE = "http://sourceforge.net/projects/gnu-efi/" 2HOMEPAGE = "http://sourceforge.net/projects/gnu-efi/"
3DESCRIPTION = "GNU-EFI aims to Develop EFI applications for ARM-64, ARM-32, x86_64, IA-64 (IPF), IA-32 (x86), and MIPS platforms using the GNU toolchain and the EFI development environment."
3SECTION = "devel" 4SECTION = "devel"
4LICENSE = "GPLv2+ | BSD-2-Clause" 5LICENSE = "GPLv2+ | BSD-2-Clause"
5LIC_FILES_CHKSUM = "file://gnuefi/crt0-efi-arm.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \ 6LIC_FILES_CHKSUM = "file://gnuefi/crt0-efi-arm.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \
diff --git a/meta/recipes-bsp/opensbi/opensbi_0.6.bb b/meta/recipes-bsp/opensbi/opensbi_0.6.bb
index 56f2d4b..d8910c0 100644
--- a/meta/recipes-bsp/opensbi/opensbi_0.6.bb
+++ b/meta/recipes-bsp/opensbi/opensbi_0.6.bb
@@ -1,5 +1,6 @@
1SUMMARY = "RISC-V Open Source Supervisor Binary Interface (OpenSBI)" 1SUMMARY = "RISC-V Open Source Supervisor Binary Interface (OpenSBI)"
2DESCRIPTION = "OpenSBI aims to provide an open-source and extensible implementation of the RISC-V SBI specification for a platform specific firmware (M-mode) and a general purpose OS, hypervisor or bootloader (S-mode or HS-mode). OpenSBI implementation can be easily extended by RISC-V platform or System-on-Chip vendors to fit a particular hadware configuration." 2DESCRIPTION = "OpenSBI aims to provide an open-source and extensible implementation of the RISC-V SBI specification for a platform specific firmware (M-mode) and a general purpose OS, hypervisor or bootloader (S-mode or HS-mode). OpenSBI implementation can be easily extended by RISC-V platform or System-on-Chip vendors to fit a particular hadware configuration."
3HOMEPAGE = "https://github.com/riscv/opensbi"
3LICENSE = "BSD-2-Clause" 4LICENSE = "BSD-2-Clause"
4LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=42dd9555eb177f35150cf9aa240b61e5" 5LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=42dd9555eb177f35150cf9aa240b61e5"
5 6
diff --git a/meta/recipes-bsp/v86d/v86d_0.1.10.bb b/meta/recipes-bsp/v86d/v86d_0.1.10.bb
index a8df80f..e614de0 100644
--- a/meta/recipes-bsp/v86d/v86d_0.1.10.bb
+++ b/meta/recipes-bsp/v86d/v86d_0.1.10.bb
@@ -1,5 +1,6 @@
1SUMMARY = "User support binary for the uvesafb kernel module" 1SUMMARY = "User support binary for the uvesafb kernel module"
2HOMEPAGE = "https://tracker.debian.org/pkg/v86d" 2HOMEPAGE = "https://tracker.debian.org/pkg/v86d"
3DESCRIPTION = "v86d provides a backend for kernel drivers that need to execute x86 BIOS code. The code is executed in a controlled environment and the results are passed back to the kernel via the netlink interface."
3 4
4# the copyright info is at the bottom of README, expect break 5# the copyright info is at the bottom of README, expect break
5LICENSE = "GPLv2" 6LICENSE = "GPLv2"
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch
new file mode 100644
index 0000000..9078f24
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch
@@ -0,0 +1,17 @@
1Upstream-Status: Backporting [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch]
2CVE: CVE-2020-8625
3Signed-off-by: Minjae Kim <flowergom@gmail.com>
4
5diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
6index e61d1c600f2..753dc8049fa 100644
7--- a/lib/dns/spnego.c
8+++ b/lib/dns/spnego.c
9@@ -848,7 +848,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
10 return (ASN1_OVERRUN);
11 }
12
13- data->components = malloc(len * sizeof(*data->components));
14+ data->components = malloc((len + 1) * sizeof(*data->components));
15 if (data->components == NULL) {
16 return (ENOMEM);
17 }
diff --git a/meta/recipes-connectivity/bind/bind_9.11.22.bb b/meta/recipes-connectivity/bind/bind_9.11.22.bb
index 3b4a299..5598ba9 100644
--- a/meta/recipes-connectivity/bind/bind_9.11.22.bb
+++ b/meta/recipes-connectivity/bind/bind_9.11.22.bb
@@ -1,5 +1,6 @@
1SUMMARY = "ISC Internet Domain Name Server" 1SUMMARY = "ISC Internet Domain Name Server"
2HOMEPAGE = "https://www.isc.org/bind/" 2HOMEPAGE = "https://www.isc.org/bind/"
3DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system"
3SECTION = "console/network" 4SECTION = "console/network"
4 5
5LICENSE = "ISC & BSD" 6LICENSE = "ISC & BSD"
@@ -18,6 +19,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
18 file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \ 19 file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \
19 file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ 20 file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
20 file://0001-avoid-start-failure-with-bind-user.patch \ 21 file://0001-avoid-start-failure-with-bind-user.patch \
22 file://CVE-2020-8625.patch \
21 " 23 "
22 24
23SRC_URI[sha256sum] = "afc6d8015006f1cabf699ff19f517bb8fd9c1811e5231f26baf51c3550262ac9" 25SRC_URI[sha256sum] = "afc6d8015006f1cabf699ff19f517bb8fd9c1811e5231f26baf51c3550262ac9"
diff --git a/meta/recipes-connectivity/connman/connman/CVE-2021-26675.patch b/meta/recipes-connectivity/connman/connman/CVE-2021-26675.patch
new file mode 100644
index 0000000..2648a83
--- /dev/null
+++ b/meta/recipes-connectivity/connman/connman/CVE-2021-26675.patch
@@ -0,0 +1,62 @@
1From e4079a20f617a4b076af503f6e4e8b0304c9f2cb Mon Sep 17 00:00:00 2001
2From: Colin Wee <cwee@tesla.com>
3Date: Thu, 28 Jan 2021 19:41:53 +0100
4Subject: [PATCH] dnsproxy: Add length checks to prevent buffer overflow
5
6Fixes: CVE-2021-26675
7
8Upstream-Status: Backport
9CVE: CVE-2021-26675
10
11Reference to upstream patch:
12https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb
13
14Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
15---
16 src/dnsproxy.c | 14 +++++++++++---
17 1 file changed, 11 insertions(+), 3 deletions(-)
18
19diff --git a/src/dnsproxy.c b/src/dnsproxy.c
20index a7bf87a1..4f5c897f 100644
21--- a/src/dnsproxy.c
22+++ b/src/dnsproxy.c
23@@ -1767,6 +1767,7 @@ static char *uncompress(int16_t field_count, char *start, char *end,
24 char **uncompressed_ptr)
25 {
26 char *uptr = *uncompressed_ptr; /* position in result buffer */
27+ char * const uncomp_end = uncompressed + uncomp_len - 1;
28
29 debug("count %d ptr %p end %p uptr %p", field_count, ptr, end, uptr);
30
31@@ -1787,12 +1788,15 @@ static char *uncompress(int16_t field_count, char *start, char *end,
32 * tmp buffer.
33 */
34
35- ulen = strlen(name);
36- strncpy(uptr, name, uncomp_len - (uptr - uncompressed));
37-
38 debug("pos %d ulen %d left %d name %s", pos, ulen,
39 (int)(uncomp_len - (uptr - uncompressed)), uptr);
40
41+ ulen = strlen(name);
42+ if ((uptr + ulen + 1) > uncomp_end) {
43+ goto out;
44+ }
45+ strncpy(uptr, name, uncomp_len - (uptr - uncompressed));
46+
47 uptr += ulen;
48 *uptr++ = '\0';
49
50@@ -1802,6 +1806,10 @@ static char *uncompress(int16_t field_count, char *start, char *end,
51 * We copy also the fixed portion of the result (type, class,
52 * ttl, address length and the address)
53 */
54+ if ((uptr + NS_RRFIXEDSZ) > uncomp_end) {
55+ debug("uncompressed data too large for buffer");
56+ goto out;
57+ }
58 memcpy(uptr, ptr, NS_RRFIXEDSZ);
59
60 dns_type = uptr[0] << 8 | uptr[1];
61--
622.17.1
diff --git a/meta/recipes-connectivity/connman/connman/CVE-2021-26676-0001.patch b/meta/recipes-connectivity/connman/connman/CVE-2021-26676-0001.patch
new file mode 100644
index 0000000..4104e4b
--- /dev/null
+++ b/meta/recipes-connectivity/connman/connman/CVE-2021-26676-0001.patch
@@ -0,0 +1,231 @@
1From 58d397ba74873384aee449690a9070bacd5676fa Mon Sep 17 00:00:00 2001
2From: Colin Wee <cwee@tesla.com>
3Date: Thu, 28 Jan 2021 19:39:14 +0100
4Subject: [PATCH] gdhcp: Avoid reading invalid data in dhcp_get_option
5
6Upstream-Status: Backport
7CVE: CVE-2021-26676
8
9Reference to upstream patch:
10https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa
11
12Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
13---
14 gdhcp/client.c | 20 +++++++++++---------
15 gdhcp/common.c | 24 +++++++++++++++++++-----
16 gdhcp/common.h | 2 +-
17 gdhcp/server.c | 12 +++++++-----
18 4 files changed, 38 insertions(+), 20 deletions(-)
19
20diff --git a/gdhcp/client.c b/gdhcp/client.c
21index 09dfe5ec..6a5613e7 100644
22--- a/gdhcp/client.c
23+++ b/gdhcp/client.c
24@@ -1629,12 +1629,12 @@ static void start_request(GDHCPClient *dhcp_client)
25 NULL);
26 }
27
28-static uint32_t get_lease(struct dhcp_packet *packet)
29+static uint32_t get_lease(struct dhcp_packet *packet, uint16_t packet_len)
30 {
31 uint8_t *option;
32 uint32_t lease_seconds;
33
34- option = dhcp_get_option(packet, DHCP_LEASE_TIME);
35+ option = dhcp_get_option(packet, packet_len, DHCP_LEASE_TIME);
36 if (!option)
37 return 3600;
38
39@@ -2226,7 +2226,8 @@ static void get_dhcpv6_request(GDHCPClient *dhcp_client,
40 }
41 }
42
43-static void get_request(GDHCPClient *dhcp_client, struct dhcp_packet *packet)
44+static void get_request(GDHCPClient *dhcp_client, struct dhcp_packet *packet,
45+ uint16_t packet_len)
46 {
47 GDHCPOptionType type;
48 GList *list, *value_list;
49@@ -2237,7 +2238,7 @@ static void get_request(GDHCPClient *dhcp_client, struct dhcp_packet *packet)
50 for (list = dhcp_client->request_list; list; list = list->next) {
51 code = (uint8_t) GPOINTER_TO_INT(list->data);
52
53- option = dhcp_get_option(packet, code);
54+ option = dhcp_get_option(packet, packet_len, code);
55 if (!option) {
56 g_hash_table_remove(dhcp_client->code_value_hash,
57 GINT_TO_POINTER((int) code));
58@@ -2297,6 +2298,7 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
59 re = dhcp_recv_l2_packet(&packet,
60 dhcp_client->listener_sockfd,
61 &dst_addr);
62+ pkt_len = (uint16_t)(unsigned int)re;
63 xid = packet.xid;
64 } else if (dhcp_client->listen_mode == L3) {
65 if (dhcp_client->type == G_DHCP_IPV6) {
66@@ -2361,7 +2363,7 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
67 dhcp_client->status_code = status;
68 }
69 } else {
70- message_type = dhcp_get_option(&packet, DHCP_MESSAGE_TYPE);
71+ message_type = dhcp_get_option(&packet, pkt_len, DHCP_MESSAGE_TYPE);
72 if (!message_type)
73 return TRUE;
74 }
75@@ -2378,7 +2380,7 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
76 dhcp_client->timeout = 0;
77 dhcp_client->retry_times = 0;
78
79- option = dhcp_get_option(&packet, DHCP_SERVER_ID);
80+ option = dhcp_get_option(&packet, pkt_len, DHCP_SERVER_ID);
81 dhcp_client->server_ip = get_be32(option);
82 dhcp_client->requested_ip = ntohl(packet.yiaddr);
83
84@@ -2428,9 +2430,9 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
85
86 remove_timeouts(dhcp_client);
87
88- dhcp_client->lease_seconds = get_lease(&packet);
89+ dhcp_client->lease_seconds = get_lease(&packet, pkt_len);
90
91- get_request(dhcp_client, &packet);
92+ get_request(dhcp_client, &packet, pkt_len);
93
94 switch_listening_mode(dhcp_client, L_NONE);
95
96@@ -2438,7 +2440,7 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
97 dhcp_client->assigned_ip = get_ip(packet.yiaddr);
98
99 if (dhcp_client->state == REBOOTING) {
100- option = dhcp_get_option(&packet,
101+ option = dhcp_get_option(&packet, pkt_len,
102 DHCP_SERVER_ID);
103 dhcp_client->server_ip = get_be32(option);
104 }
105diff --git a/gdhcp/common.c b/gdhcp/common.c
106index 1d667d17..c8916aa8 100644
107--- a/gdhcp/common.c
108+++ b/gdhcp/common.c
109@@ -73,18 +73,21 @@ GDHCPOptionType dhcp_get_code_type(uint8_t code)
110 return OPTION_UNKNOWN;
111 }
112
113-uint8_t *dhcp_get_option(struct dhcp_packet *packet, int code)
114+uint8_t *dhcp_get_option(struct dhcp_packet *packet, uint16_t packet_len, int code)
115 {
116 int len, rem;
117- uint8_t *optionptr;
118+ uint8_t *optionptr, *options_end;
119+ size_t options_len;
120 uint8_t overload = 0;
121
122 /* option bytes: [code][len][data1][data2]..[dataLEN] */
123 optionptr = packet->options;
124 rem = sizeof(packet->options);
125+ options_len = packet_len - (sizeof(*packet) - sizeof(packet->options));
126+ options_end = optionptr + options_len - 1;
127
128 while (1) {
129- if (rem <= 0)
130+ if ((rem <= 0) && (optionptr + OPT_CODE > options_end))
131 /* Bad packet, malformed option field */
132 return NULL;
133
134@@ -115,14 +118,25 @@ uint8_t *dhcp_get_option(struct dhcp_packet *packet, int code)
135 break;
136 }
137
138+ if (optionptr + OPT_LEN > options_end) {
139+ /* bad packet, would read length field from OOB */
140+ return NULL;
141+ }
142+
143 len = 2 + optionptr[OPT_LEN];
144
145 rem -= len;
146 if (rem < 0)
147 continue; /* complain and return NULL */
148
149- if (optionptr[OPT_CODE] == code)
150- return optionptr + OPT_DATA;
151+ if (optionptr[OPT_CODE] == code) {
152+ if (optionptr + len > options_end) {
153+ /* bad packet, option length points OOB */
154+ return NULL;
155+ } else {
156+ return optionptr + OPT_DATA;
157+ }
158+ }
159
160 if (optionptr[OPT_CODE] == DHCP_OPTION_OVERLOAD)
161 overload |= optionptr[OPT_DATA];
162diff --git a/gdhcp/common.h b/gdhcp/common.h
163index 9660231c..8f63fd75 100644
164--- a/gdhcp/common.h
165+++ b/gdhcp/common.h
166@@ -179,7 +179,7 @@ struct in6_pktinfo {
167 };
168 #endif
169
170-uint8_t *dhcp_get_option(struct dhcp_packet *packet, int code);
171+uint8_t *dhcp_get_option(struct dhcp_packet *packet, uint16_t packet_len, int code);
172 uint8_t *dhcpv6_get_option(struct dhcpv6_packet *packet, uint16_t pkt_len,
173 int code, uint16_t *option_len, int *option_count);
174 uint8_t *dhcpv6_get_sub_option(unsigned char *option, uint16_t max_len,
175diff --git a/gdhcp/server.c b/gdhcp/server.c
176index 85405f19..52ea2a55 100644
177--- a/gdhcp/server.c
178+++ b/gdhcp/server.c
179@@ -413,7 +413,7 @@ error:
180 }
181
182
183-static uint8_t check_packet_type(struct dhcp_packet *packet)
184+static uint8_t check_packet_type(struct dhcp_packet *packet, uint16_t packet_len)
185 {
186 uint8_t *type;
187
188@@ -423,7 +423,7 @@ static uint8_t check_packet_type(struct dhcp_packet *packet)
189 if (packet->op != BOOTREQUEST)
190 return 0;
191
192- type = dhcp_get_option(packet, DHCP_MESSAGE_TYPE);
193+ type = dhcp_get_option(packet, packet_len, DHCP_MESSAGE_TYPE);
194
195 if (!type)
196 return 0;
197@@ -651,6 +651,7 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
198 struct dhcp_lease *lease;
199 uint32_t requested_nip = 0;
200 uint8_t type, *server_id_option, *request_ip_option;
201+ uint16_t packet_len;
202 int re;
203
204 if (condition & (G_IO_NVAL | G_IO_ERR | G_IO_HUP)) {
205@@ -661,12 +662,13 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
206 re = dhcp_recv_l3_packet(&packet, dhcp_server->listener_sockfd);
207 if (re < 0)
208 return TRUE;
209+ packet_len = (uint16_t)(unsigned int)re;
210
211- type = check_packet_type(&packet);
212+ type = check_packet_type(&packet, packet_len);
213 if (type == 0)
214 return TRUE;
215
216- server_id_option = dhcp_get_option(&packet, DHCP_SERVER_ID);
217+ server_id_option = dhcp_get_option(&packet, packet_len, DHCP_SERVER_ID);
218 if (server_id_option) {
219 uint32_t server_nid =
220 get_unaligned((const uint32_t *) server_id_option);
221@@ -675,7 +677,7 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
222 return TRUE;
223 }
224
225- request_ip_option = dhcp_get_option(&packet, DHCP_REQUESTED_IP);
226+ request_ip_option = dhcp_get_option(&packet, packet_len, DHCP_REQUESTED_IP);
227 if (request_ip_option)
228 requested_nip = get_be32(request_ip_option);
229
230--
2312.17.1
diff --git a/meta/recipes-connectivity/connman/connman/CVE-2021-26676-0002.patch b/meta/recipes-connectivity/connman/connman/CVE-2021-26676-0002.patch
new file mode 100644
index 0000000..ce909ec
--- /dev/null
+++ b/meta/recipes-connectivity/connman/connman/CVE-2021-26676-0002.patch
@@ -0,0 +1,33 @@
1From a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1 Mon Sep 17 00:00:00 2001
2From: Colin Wee <cwee@tesla.com>
3Date: Thu, 28 Jan 2021 19:41:09 +0100
4Subject: [PATCH] gdhcp: Avoid leaking stack data via unitiialized variable
5
6Fixes: CVE-2021-26676
7
8Upstream-Status: Backport
9CVE: CVE-2021-26676
10
11Reference to upstream patch:
12https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1
13
14Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
15---
16 gdhcp/client.c | 2 +-
17 1 file changed, 1 insertion(+), 1 deletion(-)
18
19diff --git a/gdhcp/client.c b/gdhcp/client.c
20index 6a5613e7..c7b85e58 100644
21--- a/gdhcp/client.c
22+++ b/gdhcp/client.c
23@@ -2270,7 +2270,7 @@ static gboolean listener_event(GIOChannel *channel, GIOCondition condition,
24 {
25 GDHCPClient *dhcp_client = user_data;
26 struct sockaddr_in dst_addr = { 0 };
27- struct dhcp_packet packet;
28+ struct dhcp_packet packet = { 0 };
29 struct dhcpv6_packet *packet6 = NULL;
30 uint8_t *message_type = NULL, *client_id = NULL, *option,
31 *server_id = NULL;
32--
332.17.1
diff --git a/meta/recipes-connectivity/connman/connman_1.37.bb b/meta/recipes-connectivity/connman/connman_1.37.bb
index 00852bf..bdab4c4 100644
--- a/meta/recipes-connectivity/connman/connman_1.37.bb
+++ b/meta/recipes-connectivity/connman/connman_1.37.bb
@@ -6,6 +6,9 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
6 file://0001-gweb-fix-segfault-with-musl-v1.1.21.patch \ 6 file://0001-gweb-fix-segfault-with-musl-v1.1.21.patch \
7 file://connman \ 7 file://connman \
8 file://no-version-scripts.patch \ 8 file://no-version-scripts.patch \
9 file://CVE-2021-26675.patch \
10 file://CVE-2021-26676-0001.patch \
11 file://CVE-2021-26676-0002.patch \
9" 12"
10 13
11SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch" 14SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch"
diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
index 5e44600..9a83898 100644
--- a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
+++ b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Name Service Switch module for Multicast DNS (zeroconf) name resolution" 1SUMMARY = "Name Service Switch module for Multicast DNS (zeroconf) name resolution"
2HOMEPAGE = "https://github.com/lathiat/nss-mdns" 2HOMEPAGE = "https://github.com/lathiat/nss-mdns"
3DESCRIPTION = "nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing host name resolution via Multicast DNS (aka Zeroconf, aka Apple Rendezvous, aka Apple Bonjour), effectively allowing name resolution by common Unix/Linux programs in the ad-hoc mDNS domain .local."
3SECTION = "libs" 4SECTION = "libs"
4 5
5LICENSE = "LGPLv2.1+" 6LICENSE = "LGPLv2.1+"
diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index 7dccc15..f170cf4 100644
--- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Mobile Broadband Service Provider Database" 1SUMMARY = "Mobile Broadband Service Provider Database"
2HOMEPAGE = "http://live.gnome.org/NetworkManager/MobileBroadband/ServiceProviders" 2HOMEPAGE = "http://live.gnome.org/NetworkManager/MobileBroadband/ServiceProviders"
3DESCRIPTION = "Mobile Broadband Service Provider Database stores service provider specific information. When this Database is available the information can be fetched there"
3SECTION = "network" 4SECTION = "network"
4LICENSE = "PD" 5LICENSE = "PD"
5LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" 6LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb
index 5d22c51..5f28119 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb
@@ -23,7 +23,7 @@ SRC_URI_append_class-nativesdk = " \
23 file://environment.d-openssl.sh \ 23 file://environment.d-openssl.sh \
24 " 24 "
25 25
26SRC_URI[sha256sum] = "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242" 26SRC_URI[sha256sum] = "892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5"
27 27
28inherit lib_package multilib_header multilib_script ptest 28inherit lib_package multilib_header multilib_script ptest
29MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" 29MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
diff --git a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb
index b5f6895..b0097aa 100644
--- a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb
+++ b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Enables PPP dial-in through a serial connection" 1SUMMARY = "Enables PPP dial-in through a serial connection"
2SECTION = "console/network" 2SECTION = "console/network"
3DESCRIPTION = "PPP dail-in provides a point to point protocol (PPP), so that other computers can dial up to it and access connected networks."
3DEPENDS = "ppp" 4DEPENDS = "ppp"
4RDEPENDS_${PN} = "ppp" 5RDEPENDS_${PN} = "ppp"
5PR = "r8" 6PR = "r8"
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch
new file mode 100644
index 0000000..8c90fa3
--- /dev/null
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch
@@ -0,0 +1,45 @@
1From 947272febe24a8f0ea828b5b2f35f13c3821901e Mon Sep 17 00:00:00 2001
2From: Jouni Malinen <jouni@codeaurora.org>
3Date: Mon, 9 Nov 2020 11:43:12 +0200
4Subject: [PATCH] P2P: Fix copying of secondary device types for P2P group
5 client
6
7Parsing and copying of WPS secondary device types list was verifying
8that the contents is not too long for the internal maximum in the case
9of WPS messages, but similar validation was missing from the case of P2P
10group information which encodes this information in a different
11attribute. This could result in writing beyond the memory area assigned
12for these entries and corrupting memory within an instance of struct
13p2p_device. This could result in invalid operations and unexpected
14behavior when trying to free pointers from that corrupted memory.
15
16Upstream-Status: Backport
17CVE: CVE-2021-0326
18
19Reference to upstream patch:
20[https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e]
21
22Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27269
23Fixes: e57ae6e19edf ("P2P: Keep track of secondary device types for peers")
24Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
25Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
26---
27 src/p2p/p2p.c | 2 ++
28 1 file changed, 2 insertions(+)
29
30diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
31index a08ba02..079270f 100644
32--- a/src/p2p/p2p.c
33+++ b/src/p2p/p2p.c
34@@ -453,6 +453,8 @@ static void p2p_copy_client_info(struct p2p_device *dev,
35 dev->info.config_methods = cli->config_methods;
36 os_memcpy(dev->info.pri_dev_type, cli->pri_dev_type, 8);
37 dev->info.wps_sec_dev_type_list_len = 8 * cli->num_sec_dev_types;
38+ if (dev->info.wps_sec_dev_type_list_len > WPS_SEC_DEV_TYPE_MAX_LEN)
39+ dev->info.wps_sec_dev_type_list_len = WPS_SEC_DEV_TYPE_MAX_LEN;
40 os_memcpy(dev->info.wps_sec_dev_type_list, cli->sec_dev_types,
41 dev->info.wps_sec_dev_type_list_len);
42 }
43--
442.17.1
45
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch
new file mode 100644
index 0000000..004b1db
--- /dev/null
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch
@@ -0,0 +1,58 @@
1From 8460e3230988ef2ec13ce6b69b687e941f6cdb32 Mon Sep 17 00:00:00 2001
2From: Jouni Malinen <jouni@codeaurora.org>
3Date: Tue, 8 Dec 2020 23:52:50 +0200
4Subject: [PATCH] P2P: Fix a corner case in peer addition based on PD Request
5
6p2p_add_device() may remove the oldest entry if there is no room in the
7peer table for a new peer. This would result in any pointer to that
8removed entry becoming stale. A corner case with an invalid PD Request
9frame could result in such a case ending up using (read+write) freed
10memory. This could only by triggered when the peer table has reached its
11maximum size and the PD Request frame is received from the P2P Device
12Address of the oldest remaining entry and the frame has incorrect P2P
13Device Address in the payload.
14
15Fix this by fetching the dev pointer again after having called
16p2p_add_device() so that the stale pointer cannot be used.
17
18Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request")
19Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
20
21Upstream-Status: Backport
22CVE: CVE-2021-27803
23
24Reference to upstream patch:
25[https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32]
26
27Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
28---
29 src/p2p/p2p_pd.c | 12 +++++-------
30 1 file changed, 5 insertions(+), 7 deletions(-)
31
32diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c
33index 3994ec0..05fd593 100644
34--- a/src/p2p/p2p_pd.c
35+++ b/src/p2p/p2p_pd.c
36@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa,
37 goto out;
38 }
39
40+ dev = p2p_get_device(p2p, sa);
41 if (!dev) {
42- dev = p2p_get_device(p2p, sa);
43- if (!dev) {
44- p2p_dbg(p2p,
45- "Provision Discovery device not found "
46- MACSTR, MAC2STR(sa));
47- goto out;
48- }
49+ p2p_dbg(p2p,
50+ "Provision Discovery device not found "
51+ MACSTR, MAC2STR(sa));
52+ goto out;
53 }
54 } else if (msg.wfd_subelems) {
55 wpabuf_free(dev->info.wfd_subelems);
56--
572.17.1
58
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
index 7cc03fe..357c286 100644
--- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Client for Wi-Fi Protected Access (WPA)" 1SUMMARY = "Client for Wi-Fi Protected Access (WPA)"
2HOMEPAGE = "http://w1.fi/wpa_supplicant/" 2HOMEPAGE = "http://w1.fi/wpa_supplicant/"
3DESCRIPTION = "wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver."
3BUGTRACKER = "http://w1.fi/security/" 4BUGTRACKER = "http://w1.fi/security/"
4SECTION = "network" 5SECTION = "network"
5LICENSE = "BSD-3-Clause" 6LICENSE = "BSD-3-Clause"
@@ -29,6 +30,8 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \
29 file://0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \ 30 file://0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
30 file://0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \ 31 file://0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
31 file://0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \ 32 file://0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
33 file://CVE-2021-0326.patch \
34 file://CVE-2021-27803.patch \
32 " 35 "
33SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190" 36SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190"
34SRC_URI[sha256sum] = "fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17" 37SRC_URI[sha256sum] = "fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17"
diff --git a/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb b/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
index d01cd7e..65b3cd7 100644
--- a/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
+++ b/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Base system master password/group files" 1SUMMARY = "Base system master password/group files"
2DESCRIPTION = "The master copies of the user database files (/etc/passwd and /etc/group). The update-passwd tool is also provided to keep the system databases synchronized with these master files." 2DESCRIPTION = "The master copies of the user database files (/etc/passwd and /etc/group). The update-passwd tool is also provided to keep the system databases synchronized with these master files."
3HOMEPAGE = "https://launchpad.net/base-passwd"
3SECTION = "base" 4SECTION = "base"
4LICENSE = "GPLv2" 5LICENSE = "GPLv2"
5LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a" 6LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a"
diff --git a/meta/recipes-core/dbus-wait/dbus-wait_git.bb b/meta/recipes-core/dbus-wait/dbus-wait_git.bb
index c24295b..677768d 100644
--- a/meta/recipes-core/dbus-wait/dbus-wait_git.bb
+++ b/meta/recipes-core/dbus-wait/dbus-wait_git.bb
@@ -1,5 +1,6 @@
1SUMMARY = "A simple tool to wait for a specific signal over DBus" 1SUMMARY = "A simple tool to wait for a specific signal over DBus"
2HOMEPAGE = "http://git.yoctoproject.org/cgit/cgit.cgi/dbus-wait" 2HOMEPAGE = "http://git.yoctoproject.org/cgit/cgit.cgi/dbus-wait"
3DESCRIPTION = "${SUMMARY}"
3SECTION = "base" 4SECTION = "base"
4LICENSE = "GPLv2" 5LICENSE = "GPLv2"
5LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" 6LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index 7269888..d41e8b3 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -1,5 +1,6 @@
1SUMMARY = "A lightweight SSH and SCP implementation" 1SUMMARY = "A lightweight SSH and SCP implementation"
2HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html" 2HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
3DESCRIPTION = "Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers."
3SECTION = "console/network" 4SECTION = "console/network"
4 5
5# some files are from other projects and have others license terms: 6# some files are from other projects and have others license terms:
diff --git a/meta/recipes-core/ell/ell_0.33.bb b/meta/recipes-core/ell/ell_0.33.bb
index 2fa0510..bef1e9a 100644
--- a/meta/recipes-core/ell/ell_0.33.bb
+++ b/meta/recipes-core/ell/ell_0.33.bb
@@ -1,4 +1,5 @@
1SUMMARY = "Embedded Linux Library" 1SUMMARY = "Embedded Linux Library"
2HOMEPAGE = "https://01.org/ell"
2DESCRIPTION = "The Embedded Linux Library (ELL) provides core, \ 3DESCRIPTION = "The Embedded Linux Library (ELL) provides core, \
3low-level functionality for system daemons. It typically has no \ 4low-level functionality for system daemons. It typically has no \
4dependencies other than the Linux kernel, C standard library, and \ 5dependencies other than the Linux kernel, C standard library, and \
diff --git a/meta/recipes-core/fts/fts_1.2.7.bb b/meta/recipes-core/fts/fts_1.2.7.bb
index 589ae0e..ea820cb 100644
--- a/meta/recipes-core/fts/fts_1.2.7.bb
+++ b/meta/recipes-core/fts/fts_1.2.7.bb
@@ -3,6 +3,7 @@
3 3
4SUMMARY = "Implementation of ftsfor musl libc packages" 4SUMMARY = "Implementation of ftsfor musl libc packages"
5HOMEPAGE = "https://github.com/pullmoll/musl-fts" 5HOMEPAGE = "https://github.com/pullmoll/musl-fts"
6DESCRIPTION = "The musl-fts package implements the fts(3) functions fts_open, fts_read, fts_children, fts_set and fts_close, which are missing in musl libc."
6LICENSE = "BSD-3-Clause" 7LICENSE = "BSD-3-Clause"
7LIC_FILES_CHKSUM = "file://COPYING;md5=5ffe358174aad383f1b69ce3b53da982" 8LIC_FILES_CHKSUM = "file://COPYING;md5=5ffe358174aad383f1b69ce3b53da982"
8SECTION = "libs" 9SECTION = "libs"
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 5f72653..7ae64a1 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
1SRCBRANCH ?= "release/2.31/master" 1SRCBRANCH ?= "release/2.31/master"
2PV = "2.31+git${SRCPV}" 2PV = "2.31+git${SRCPV}"
3SRCREV_glibc ?= "df31c7ca927242d5d4eee97f93a01e23ff47e332" 3SRCREV_glibc ?= "f84949f1c4bbf20e6a1d9a5859cf012cde060ede"
4SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655" 4SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655"
5 5
6GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" 6GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch b/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch
deleted file mode 100644
index 73df1da..0000000
--- a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch
+++ /dev/null
@@ -1,135 +0,0 @@
1From ee7a3144c9922808181009b7b3e50e852fb4999b Mon Sep 17 00:00:00 2001
2From: Andreas Schwab <schwab@suse.de>
3Date: Mon, 21 Dec 2020 08:56:43 +0530
4Subject: [PATCH] Fix buffer overrun in EUC-KR conversion module (bz #24973)
5
6The byte 0xfe as input to the EUC-KR conversion denotes a user-defined
7area and is not allowed. The from_euc_kr function used to skip two bytes
8when told to skip over the unknown designation, potentially running over
9the buffer end.
10
11Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=ee7a3144c9922808181009b7b3e50e852fb4999b]
12CVE: CVE-2019-25013
13Signed-off-by: Scott Murray <scott.murray@konsulko.com>
14[Refreshed for Dundell context; Makefile changes]
15Signed-off-by: Armin Kuster <akuster@mvista.com>
16
17---
18 iconvdata/Makefile | 3 ++-
19 iconvdata/bug-iconv13.c | 53 +++++++++++++++++++++++++++++++++++++++++
20 iconvdata/euc-kr.c | 6 +----
21 iconvdata/ksc5601.h | 6 ++---
22 4 files changed, 59 insertions(+), 9 deletions(-)
23 create mode 100644 iconvdata/bug-iconv13.c
24
25Index: git/iconvdata/Makefile
26===================================================================
27--- git.orig/iconvdata/Makefile
28+++ git/iconvdata/Makefile
29@@ -73,7 +73,7 @@ modules.so := $(addsuffix .so, $(modules
30 ifeq (yes,$(build-shared))
31 tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \
32 tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \
33- bug-iconv10 bug-iconv11 bug-iconv12
34+ bug-iconv10 bug-iconv11 bug-iconv12 bug-iconv13
35 ifeq ($(have-thread-library),yes)
36 tests += bug-iconv3
37 endif
38Index: git/iconvdata/bug-iconv13.c
39===================================================================
40--- /dev/null
41+++ git/iconvdata/bug-iconv13.c
42@@ -0,0 +1,53 @@
43+/* bug 24973: Test EUC-KR module
44+ Copyright (C) 2020 Free Software Foundation, Inc.
45+ This file is part of the GNU C Library.
46+
47+ The GNU C Library is free software; you can redistribute it and/or
48+ modify it under the terms of the GNU Lesser General Public
49+ License as published by the Free Software Foundation; either
50+ version 2.1 of the License, or (at your option) any later version.
51+
52+ The GNU C Library is distributed in the hope that it will be useful,
53+ but WITHOUT ANY WARRANTY; without even the implied warranty of
54+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
55+ Lesser General Public License for more details.
56+
57+ You should have received a copy of the GNU Lesser General Public
58+ License along with the GNU C Library; if not, see
59+ <https://www.gnu.org/licenses/>. */
60+
61+#include <errno.h>
62+#include <iconv.h>
63+#include <stdio.h>
64+#include <support/check.h>
65+
66+static int
67+do_test (void)
68+{
69+ iconv_t cd = iconv_open ("UTF-8//IGNORE", "EUC-KR");
70+ TEST_VERIFY_EXIT (cd != (iconv_t) -1);
71+
72+ /* 0xfe (->0x7e : row 94) and 0xc9 (->0x49 : row 41) are user-defined
73+ areas, which are not allowed and should be skipped over due to
74+ //IGNORE. The trailing 0xfe also is an incomplete sequence, which
75+ should be checked first. */
76+ char input[4] = { '\xc9', '\xa1', '\0', '\xfe' };
77+ char *inptr = input;
78+ size_t insize = sizeof (input);
79+ char output[4];
80+ char *outptr = output;
81+ size_t outsize = sizeof (output);
82+
83+ /* This used to crash due to buffer overrun. */
84+ TEST_VERIFY (iconv (cd, &inptr, &insize, &outptr, &outsize) == (size_t) -1);
85+ TEST_VERIFY (errno == EINVAL);
86+ /* The conversion should produce one character, the converted null
87+ character. */
88+ TEST_VERIFY (sizeof (output) - outsize == 1);
89+
90+ TEST_VERIFY_EXIT (iconv_close (cd) != -1);
91+
92+ return 0;
93+}
94+
95+#include <support/test-driver.c>
96Index: git/iconvdata/euc-kr.c
97===================================================================
98--- git.orig/iconvdata/euc-kr.c
99+++ git/iconvdata/euc-kr.c
100@@ -80,11 +80,7 @@ euckr_from_ucs4 (uint32_t ch, unsigned c
101 \
102 if (ch <= 0x9f) \
103 ++inptr; \
104- /* 0xfe(->0x7e : row 94) and 0xc9(->0x59 : row 41) are \
105- user-defined areas. */ \
106- else if (__builtin_expect (ch == 0xa0, 0) \
107- || __builtin_expect (ch > 0xfe, 0) \
108- || __builtin_expect (ch == 0xc9, 0)) \
109+ else if (__glibc_unlikely (ch == 0xa0)) \
110 { \
111 /* This is illegal. */ \
112 STANDARD_FROM_LOOP_ERR_HANDLER (1); \
113Index: git/iconvdata/ksc5601.h
114===================================================================
115--- git.orig/iconvdata/ksc5601.h
116+++ git/iconvdata/ksc5601.h
117@@ -50,15 +50,15 @@ ksc5601_to_ucs4 (const unsigned char **s
118 unsigned char ch2;
119 int idx;
120
121+ if (avail < 2)
122+ return 0;
123+
124 /* row 94(0x7e) and row 41(0x49) are user-defined area in KS C 5601 */
125
126 if (ch < offset || (ch - offset) <= 0x20 || (ch - offset) >= 0x7e
127 || (ch - offset) == 0x49)
128 return __UNKNOWN_10646_CHAR;
129
130- if (avail < 2)
131- return 0;
132-
133 ch2 = (*s)[1];
134 if (ch2 < offset || (ch2 - offset) <= 0x20 || (ch2 - offset) >= 0x7f)
135 return __UNKNOWN_10646_CHAR;
diff --git a/meta/recipes-core/glibc/glibc/CVE-2020-29562.patch b/meta/recipes-core/glibc/glibc/CVE-2020-29562.patch
deleted file mode 100644
index c51fb32..0000000
--- a/meta/recipes-core/glibc/glibc/CVE-2020-29562.patch
+++ /dev/null
@@ -1,156 +0,0 @@
1From 228edd356f03bf62dcf2b1335f25d43c602ee68d Mon Sep 17 00:00:00 2001
2From: Michael Colavita <mcolavita@fb.com>
3Date: Thu, 19 Nov 2020 11:44:40 -0500
4Subject: [PATCH] iconv: Fix incorrect UCS4 inner loop bounds (BZ#26923)
5
6Previously, in UCS4 conversion routines we limit the number of
7characters we examine to the minimum of the number of characters in the
8input and the number of characters in the output. This is not the
9correct behavior when __GCONV_IGNORE_ERRORS is set, as we do not consume
10an output character when we skip a code unit. Instead, track the input
11and output pointers and terminate the loop when either reaches its
12limit.
13
14This resolves assertion failures when resetting the input buffer in a step of
15iconv, which assumes that the input will be fully consumed given sufficient
16output space.
17
18Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=228edd356f03bf62dcf2b1335f25d43c602ee68d]
19CVE: CVE-2020-29562
20Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
21
22---
23 iconv/Makefile | 2 +-
24 iconv/gconv_simple.c | 16 ++++----------
25 iconv/tst-iconv8.c | 50 ++++++++++++++++++++++++++++++++++++++++++++
26 3 files changed, 55 insertions(+), 13 deletions(-)
27 create mode 100644 iconv/tst-iconv8.c
28
29diff --git a/iconv/Makefile b/iconv/Makefile
30index 30bf996d3a..f9b51e23ec 100644
31--- a/iconv/Makefile
32+++ b/iconv/Makefile
33@@ -44,7 +44,7 @@ CFLAGS-linereader.c += -DNO_TRANSLITERATION
34 CFLAGS-simple-hash.c += -I../locale
35
36 tests = tst-iconv1 tst-iconv2 tst-iconv3 tst-iconv4 tst-iconv5 tst-iconv6 \
37- tst-iconv7 tst-iconv-mt tst-iconv-opt
38+ tst-iconv7 tst-iconv8 tst-iconv-mt tst-iconv-opt
39
40 others = iconv_prog iconvconfig
41 install-others-programs = $(inst_bindir)/iconv
42diff --git a/iconv/gconv_simple.c b/iconv/gconv_simple.c
43index d4797fba17..963b29f246 100644
44--- a/iconv/gconv_simple.c
45+++ b/iconv/gconv_simple.c
46@@ -239,11 +239,9 @@ ucs4_internal_loop (struct __gconv_step *step,
47 int flags = step_data->__flags;
48 const unsigned char *inptr = *inptrp;
49 unsigned char *outptr = *outptrp;
50- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4;
51 int result;
52- size_t cnt;
53
54- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4)
55+ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4)
56 {
57 uint32_t inval;
58
59@@ -307,11 +305,9 @@ ucs4_internal_loop_unaligned (struct __gconv_step *step,
60 int flags = step_data->__flags;
61 const unsigned char *inptr = *inptrp;
62 unsigned char *outptr = *outptrp;
63- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4;
64 int result;
65- size_t cnt;
66
67- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4)
68+ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4)
69 {
70 if (__glibc_unlikely (inptr[0] > 0x80))
71 {
72@@ -613,11 +609,9 @@ ucs4le_internal_loop (struct __gconv_step *step,
73 int flags = step_data->__flags;
74 const unsigned char *inptr = *inptrp;
75 unsigned char *outptr = *outptrp;
76- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4;
77 int result;
78- size_t cnt;
79
80- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4)
81+ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4)
82 {
83 uint32_t inval;
84
85@@ -684,11 +678,9 @@ ucs4le_internal_loop_unaligned (struct __gconv_step *step,
86 int flags = step_data->__flags;
87 const unsigned char *inptr = *inptrp;
88 unsigned char *outptr = *outptrp;
89- size_t n_convert = MIN (inend - inptr, outend - outptr) / 4;
90 int result;
91- size_t cnt;
92
93- for (cnt = 0; cnt < n_convert; ++cnt, inptr += 4)
94+ for (; inptr + 4 <= inend && outptr + 4 <= outend; inptr += 4)
95 {
96 if (__glibc_unlikely (inptr[3] > 0x80))
97 {
98diff --git a/iconv/tst-iconv8.c b/iconv/tst-iconv8.c
99new file mode 100644
100index 0000000000..0b92b19f66
101--- /dev/null
102+++ b/iconv/tst-iconv8.c
103@@ -0,0 +1,50 @@
104+/* Test iconv behavior on UCS4 conversions with //IGNORE.
105+ Copyright (C) 2020 Free Software Foundation, Inc.
106+ This file is part of the GNU C Library.
107+
108+ The GNU C Library is free software; you can redistribute it and/or
109+ modify it under the terms of the GNU Lesser General Public
110+ License as published by the Free Software Foundation; either
111+ version 2.1 of the License, or (at your option) any later version.
112+
113+ The GNU C Library is distributed in the hope that it will be useful,
114+ but WITHOUT ANY WARRANTY; without even the implied warranty of
115+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
116+ Lesser General Public License for more details.
117+
118+ You should have received a copy of the GNU Lesser General Public
119+ License along with the GNU C Library; if not, see
120+ <http://www.gnu.org/licenses/>. */
121+
122+/* Derived from BZ #26923 */
123+#include <errno.h>
124+#include <iconv.h>
125+#include <stdio.h>
126+#include <support/check.h>
127+
128+static int
129+do_test (void)
130+{
131+ iconv_t cd = iconv_open ("UTF-8//IGNORE", "ISO-10646/UCS4/");
132+ TEST_VERIFY_EXIT (cd != (iconv_t) -1);
133+
134+ /*
135+ * Convert sequence beginning with an irreversible character into buffer that
136+ * is too small.
137+ */
138+ char input[12] = "\xe1\x80\xa1" "AAAAAAAAA";
139+ char *inptr = input;
140+ size_t insize = sizeof (input);
141+ char output[6];
142+ char *outptr = output;
143+ size_t outsize = sizeof (output);
144+
145+ TEST_VERIFY (iconv (cd, &inptr, &insize, &outptr, &outsize) == -1);
146+ TEST_VERIFY (errno == E2BIG);
147+
148+ TEST_VERIFY_EXIT (iconv_close (cd) != -1);
149+
150+ return 0;
151+}
152+
153+#include <support/test-driver.c>
154--
1552.27.0
156
diff --git a/meta/recipes-core/glibc/glibc_2.31.bb b/meta/recipes-core/glibc/glibc_2.31.bb
index b75bbb4..22858bc 100644
--- a/meta/recipes-core/glibc/glibc_2.31.bb
+++ b/meta/recipes-core/glibc/glibc_2.31.bb
@@ -1,7 +1,9 @@
1require glibc.inc 1require glibc.inc
2require glibc-version.inc 2require glibc-version.inc
3 3
4CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2020-6096 CVE-2016-10228 CVE-2020-1751 CVE-2020-1752" 4CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2020-6096 CVE-2016-10228 CVE-2020-1751 CVE-2020-1752 \
5 CVE-2021-27645 CVE-2021-3326 CVE-2020-27618 CVE-2020-29562 CVE-2019-25013 \
6"
5 7
6DEPENDS += "gperf-native bison-native make-native" 8DEPENDS += "gperf-native bison-native make-native"
7 9
@@ -41,9 +43,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
41 file://0027-intl-Emit-no-lines-in-bison-generated-files.patch \ 43 file://0027-intl-Emit-no-lines-in-bison-generated-files.patch \
42 file://0028-inject-file-assembly-directives.patch \ 44 file://0028-inject-file-assembly-directives.patch \
43 file://0029-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \ 45 file://0029-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \
44 file://CVE-2020-29562.patch \
45 file://CVE-2020-29573.patch \ 46 file://CVE-2020-29573.patch \
46 file://CVE-2019-25013.patch \
47 " 47 "
48S = "${WORKDIR}/git" 48S = "${WORKDIR}/git"
49B = "${WORKDIR}/build-${TARGET_SYS}" 49B = "${WORKDIR}/build-${TARGET_SYS}"
diff --git a/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb b/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb
index 53cb971..ae17584 100644
--- a/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb
+++ b/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb
@@ -1,4 +1,5 @@
1SUMMARY = "ifupdown: basic ifup and ifdown used by initscripts" 1SUMMARY = "ifupdown: basic ifup and ifdown used by initscripts"
2HOMEPAGE = "https://salsa.debian.org/debian/ifupdown"
2DESCRIPTION = "High level tools to configure network interfaces \ 3DESCRIPTION = "High level tools to configure network interfaces \
3This package provides the tools ifup and ifdown which may be used to \ 4This package provides the tools ifup and ifdown which may be used to \
4configure (or, respectively, deconfigure) network interfaces, based on \ 5configure (or, respectively, deconfigure) network interfaces, based on \
diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
index f5cc20f..8b94845 100644
--- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -22,9 +22,9 @@ APPEND += "rootfstype=ext4 quiet"
22DEPENDS = "zip-native python3-pip-native" 22DEPENDS = "zip-native python3-pip-native"
23IMAGE_FSTYPES = "wic.vmdk" 23IMAGE_FSTYPES = "wic.vmdk"
24 24
25inherit core-image module-base setuptools3 25inherit core-image setuptools3
26 26
27SRCREV ?= "fadf7d3343305337c38a5243797723c68e88276a" 27SRCREV ?= "5e2e41c3e7f2a091e80d63bbbec975a52f37d023"
28SRC_URI = "git://git.yoctoproject.org/poky;branch=dunfell \ 28SRC_URI = "git://git.yoctoproject.org/poky;branch=dunfell \
29 file://Yocto_Build_Appliance.vmx \ 29 file://Yocto_Build_Appliance.vmx \
30 file://Yocto_Build_Appliance.vmxf \ 30 file://Yocto_Build_Appliance.vmxf \
@@ -61,12 +61,6 @@ fakeroot do_populate_poky_src () {
61 # Place the README_VirtualBox_Toaster file in builders home folder. 61 # Place the README_VirtualBox_Toaster file in builders home folder.
62 cp ${WORKDIR}/README_VirtualBox_Toaster.txt ${IMAGE_ROOTFS}/home/builder/ 62 cp ${WORKDIR}/README_VirtualBox_Toaster.txt ${IMAGE_ROOTFS}/home/builder/
63 63
64 # Create a symlink, needed for out-of-tree kernel modules build
65 if [ ! -e ${IMAGE_ROOTFS}/lib/modules/${KERNEL_VERSION}/build ]; then
66 rm -f ${IMAGE_ROOTFS}/lib/modules/${KERNEL_VERSION}/build
67 lnr ${IMAGE_ROOTFS}${KERNEL_SRC_PATH} ${IMAGE_ROOTFS}/lib/modules/${KERNEL_VERSION}/build
68 fi
69
70 echo "INHERIT += \"rm_work\"" >> ${IMAGE_ROOTFS}/home/builder/poky/build/conf/auto.conf 64 echo "INHERIT += \"rm_work\"" >> ${IMAGE_ROOTFS}/home/builder/poky/build/conf/auto.conf
71 echo "export LC_ALL=en_US.utf8" >> ${IMAGE_ROOTFS}/home/builder/.bashrc 65 echo "export LC_ALL=en_US.utf8" >> ${IMAGE_ROOTFS}/home/builder/.bashrc
72 66
diff --git a/meta/recipes-core/initrdscripts/files/init-install-efi.sh b/meta/recipes-core/initrdscripts/files/init-install-efi.sh
index b6855b5..f667518 100644
--- a/meta/recipes-core/initrdscripts/files/init-install-efi.sh
+++ b/meta/recipes-core/initrdscripts/files/init-install-efi.sh
@@ -279,6 +279,11 @@ fi
279 279
280umount /tgt_root 280umount /tgt_root
281 281
282# copy any extra files needed for ESP
283if [ -d /run/media/$1/esp ]; then
284 cp -r /run/media/$1/esp/* /boot
285fi
286
282# Copy kernel artifacts. To add more artifacts just add to types 287# Copy kernel artifacts. To add more artifacts just add to types
283# For now just support kernel types already being used by something in OE-core 288# For now just support kernel types already being used by something in OE-core
284for types in bzImage zImage vmlinux vmlinuz fitImage; do 289for types in bzImage zImage vmlinux vmlinuz fitImage; do
diff --git a/meta/recipes-core/kbd/kbd_2.2.0.bb b/meta/recipes-core/kbd/kbd_2.2.0.bb
index e5700ff..d10c93d 100644
--- a/meta/recipes-core/kbd/kbd_2.2.0.bb
+++ b/meta/recipes-core/kbd/kbd_2.2.0.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Keytable files and keyboard utilities" 1SUMMARY = "Keytable files and keyboard utilities"
2HOMEPAGE = "http://www.kbd-project.org/" 2HOMEPAGE = "http://www.kbd-project.org/"
3DESCRIPTION = "The kbd project contains tools for managing Linux console (Linux console, virtual terminals, keyboard, etc.) – mainly, what they do is loading console fonts and keyboard maps."
3# everything minus console-fonts is GPLv2+ 4# everything minus console-fonts is GPLv2+
4LICENSE = "GPLv2+" 5LICENSE = "GPLv2+"
5LIC_FILES_CHKSUM = "file://COPYING;md5=892f569a555ba9c07a568a7c0c4fa63a" 6LIC_FILES_CHKSUM = "file://COPYING;md5=892f569a555ba9c07a568a7c0c4fa63a"
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 9e8e006..5d9fb59 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -137,9 +137,14 @@ def parse_node_and_insert(c, node, cveId):
137 product = cpe23[4] 137 product = cpe23[4]
138 version = cpe23[5] 138 version = cpe23[5]
139 139
140 if cpe23[6] == '*' or cpe23[6] == '-':
141 version_suffix = ""
142 else:
143 version_suffix = "_" + cpe23[6]
144
140 if version != '*' and version != '-': 145 if version != '*' and version != '-':
141 # Version is defined, this is a '=' match 146 # Version is defined, this is a '=' match
142 yield [cveId, vendor, product, version, '=', '', ''] 147 yield [cveId, vendor, product, version + version_suffix, '=', '', '']
143 elif version == '-': 148 elif version == '-':
144 # no version information is available 149 # no version information is available
145 yield [cveId, vendor, product, version, '', '', ''] 150 yield [cveId, vendor, product, version, '', '', '']
diff --git a/meta/recipes-core/systemd/systemd-conf/wired.network b/meta/recipes-core/systemd/systemd-conf/wired.network
index ff807ba..34c20fc 100644
--- a/meta/recipes-core/systemd/systemd-conf/wired.network
+++ b/meta/recipes-core/systemd/systemd-conf/wired.network
@@ -1,6 +1,7 @@
1[Match] 1[Match]
2Name=en* eth* 2Name=en* eth*
3KernelCommandLine=!nfsroot 3KernelCommandLine=!nfsroot
4KernelCommandLine=!ip
4 5
5[Network] 6[Network]
6DHCP=yes 7DHCP=yes
diff --git a/meta/recipes-core/systemd/systemd-conf_244.3.bb b/meta/recipes-core/systemd/systemd-conf_244.3.bb
index d9ec023..9b797a9 100644
--- a/meta/recipes-core/systemd/systemd-conf_244.3.bb
+++ b/meta/recipes-core/systemd/systemd-conf_244.3.bb
@@ -23,9 +23,6 @@ do_install() {
23# Based on change from YP bug 8141, OE commit 5196d7bacaef1076c361adaa2867be31759c1b52 23# Based on change from YP bug 8141, OE commit 5196d7bacaef1076c361adaa2867be31759c1b52
24do_install_append_qemuall() { 24do_install_append_qemuall() {
25 install -D -m0644 ${WORKDIR}/system.conf-qemuall ${D}${systemd_unitdir}/system.conf.d/01-${PN}.conf 25 install -D -m0644 ${WORKDIR}/system.conf-qemuall ${D}${systemd_unitdir}/system.conf.d/01-${PN}.conf
26
27 # Do not install wired.network for qemu bsps
28 rm -rf ${D}${systemd_unitdir}/network
29} 26}
30 27
31PACKAGE_ARCH = "${MACHINE_ARCH}" 28PACKAGE_ARCH = "${MACHINE_ARCH}"
diff --git a/meta/recipes-core/udev/eudev_3.2.9.bb b/meta/recipes-core/udev/eudev_3.2.9.bb
index f96f8cb..3ae91de 100644
--- a/meta/recipes-core/udev/eudev_3.2.9.bb
+++ b/meta/recipes-core/udev/eudev_3.2.9.bb
@@ -1,5 +1,6 @@
1SUMMARY = "eudev is a fork of systemd's udev" 1SUMMARY = "eudev is a fork of systemd's udev"
2HOMEPAGE = "https://wiki.gentoo.org/wiki/Eudev" 2HOMEPAGE = "https://wiki.gentoo.org/wiki/Eudev"
3DESCRIPTION = "eudev is Gentoo's fork of udev, systemd's device file manager for the Linux kernel. It manages device nodes in /dev and handles all user space actions when adding or removing devices."
3LICENSE = "GPLv2.0+ & LGPL-2.1+" 4LICENSE = "GPLv2.0+ & LGPL-2.1+"
4LICENSE_libudev = "LGPL-2.1+" 5LICENSE_libudev = "LGPL-2.1+"
5LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" 6LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
diff --git a/meta/recipes-devtools/apt/apt.inc b/meta/recipes-devtools/apt/apt.inc
index 13f5969..3c4fc6d 100644
--- a/meta/recipes-devtools/apt/apt.inc
+++ b/meta/recipes-devtools/apt/apt.inc
@@ -2,6 +2,7 @@ SUMMARY = "Advanced front-end for dpkg"
2DESCRIPTION = "Provides command-line tools for searching and managing as well \ 2DESCRIPTION = "Provides command-line tools for searching and managing as well \
3as querying information about packages as a low-level access to all features \ 3as querying information about packages as a low-level access to all features \
4of the libapt-pkg library." 4of the libapt-pkg library."
5HOMEPAGE = "https://packages.debian.org/jessie/apt"
5LICENSE = "GPLv2.0+" 6LICENSE = "GPLv2.0+"
6SECTION = "base" 7SECTION = "base"
7 8
diff --git a/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb b/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb
index c08da6c..cd2ca8d 100644
--- a/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb
+++ b/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb
@@ -3,6 +3,7 @@
3# Released under the MIT license (see packages/COPYING) 3# Released under the MIT license (see packages/COPYING)
4SUMMARY = "A set of tools for CD recording, including cdrecord" 4SUMMARY = "A set of tools for CD recording, including cdrecord"
5HOMEPAGE = "http://sourceforge.net/projects/cdrtools/" 5HOMEPAGE = "http://sourceforge.net/projects/cdrtools/"
6DESCRIPTION = "cdrecord tool is Highly portable CD/DVD/BluRay command line recording software."
6SECTION = "console/utils" 7SECTION = "console/utils"
7LICENSE = "GPLv2 & CDDL-1.0 & LGPLv2.1+" 8LICENSE = "GPLv2 & CDDL-1.0 & LGPLv2.1+"
8LIC_FILES_CHKSUM = "file://COPYING;md5=32f68170be424c2cd64804337726b312" 9LIC_FILES_CHKSUM = "file://COPYING;md5=32f68170be424c2cd64804337726b312"
diff --git a/meta/recipes-devtools/dejagnu/dejagnu_1.6.2.bb b/meta/recipes-devtools/dejagnu/dejagnu_1.6.2.bb
index 10220eb..0a007bb 100644
--- a/meta/recipes-devtools/dejagnu/dejagnu_1.6.2.bb
+++ b/meta/recipes-devtools/dejagnu/dejagnu_1.6.2.bb
@@ -1,6 +1,7 @@
1SUMMARY = "GNU unit testing framework, written in Expect and Tcl" 1SUMMARY = "GNU unit testing framework, written in Expect and Tcl"
2DESCRIPTION = "DejaGnu is a framework for testing other programs. Its purpose \ 2DESCRIPTION = "DejaGnu is a framework for testing other programs. Its purpose \
3is to provide a single front end for all tests." 3is to provide a single front end for all tests."
4HOMEPAGE = "https://www.gnu.org/software/dejagnu/"
4LICENSE = "GPLv2" 5LICENSE = "GPLv2"
5LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" 6LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
6SECTION = "devel" 7SECTION = "devel"
diff --git a/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.24.bb b/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.24.bb
index aecba07..0418ae0 100644
--- a/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.24.bb
+++ b/meta/recipes-devtools/desktop-file-utils/desktop-file-utils_0.24.bb
@@ -1,6 +1,7 @@
1SECTION = "console/utils"
2SUMMARY = "Command line utilities for working with *.desktop files" 1SUMMARY = "Command line utilities for working with *.desktop files"
2DESCRIPTION = "desktop-file-utils contains a few command line utilities for working with desktop entries"
3HOMEPAGE = "http://www.freedesktop.org/wiki/Software/desktop-file-utils" 3HOMEPAGE = "http://www.freedesktop.org/wiki/Software/desktop-file-utils"
4SECTION = "console/utils"
4LICENSE = "GPLv2+" 5LICENSE = "GPLv2+"
5 6
6LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ 7LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
diff --git a/meta/recipes-devtools/devel-config/distcc-config.bb b/meta/recipes-devtools/devel-config/distcc-config.bb
index 3cd661d..db9e8bb 100644
--- a/meta/recipes-devtools/devel-config/distcc-config.bb
+++ b/meta/recipes-devtools/devel-config/distcc-config.bb
@@ -1,4 +1,5 @@
1SUMMARY = "Sets up distcc for compilation on the target device" 1SUMMARY = "Sets up distcc for compilation on the target device"
2DESCRIPTION = "${SUMMARY}"
2 3
3LICENSE = "MIT" 4LICENSE = "MIT"
4LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" 5LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
diff --git a/meta/recipes-devtools/distcc/distcc_3.3.3.bb b/meta/recipes-devtools/distcc/distcc_3.3.3.bb
index c52f136..9a36cfe 100644
--- a/meta/recipes-devtools/distcc/distcc_3.3.3.bb
+++ b/meta/recipes-devtools/distcc/distcc_3.3.3.bb
@@ -1,6 +1,7 @@
1SUMMARY = "A parallel build system" 1SUMMARY = "A parallel build system"
2DESCRIPTION = "distcc is a parallel build system that distributes \ 2DESCRIPTION = "distcc is a parallel build system that distributes \
3compilation of C/C++/ObjC code across machines on a network." 3compilation of C/C++/ObjC code across machines on a network."
4HOMEPAGE = "https://github.com/distcc/distcc"
4SECTION = "devel" 5SECTION = "devel"
5LICENSE = "GPLv2" 6LICENSE = "GPLv2"
6LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" 7LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
diff --git a/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb b/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb
index 63f4061..8caffb5 100644
--- a/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb
+++ b/meta/recipes-devtools/dmidecode/dmidecode_3.2.bb
@@ -1,5 +1,6 @@
1SUMMARY = "DMI (Desktop Management Interface) table related utilities" 1SUMMARY = "DMI (Desktop Management Interface) table related utilities"
2HOMEPAGE = "http://www.nongnu.org/dmidecode/" 2HOMEPAGE = "http://www.nongnu.org/dmidecode/"
3DESCRIPTION = "Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard (see a sample output)."
3LICENSE = "GPLv2" 4LICENSE = "GPLv2"
4LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" 5LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263"
5 6
diff --git a/meta/recipes-devtools/dnf/dnf_4.2.2.bb b/meta/recipes-devtools/dnf/dnf_4.2.2.bb
index a046ffc..7831e1a 100644
--- a/meta/recipes-devtools/dnf/dnf_4.2.2.bb
+++ b/meta/recipes-devtools/dnf/dnf_4.2.2.bb
@@ -2,6 +2,7 @@ SUMMARY = "Package manager forked from Yum, using libsolv as a dependency resolv
2DESCRIPTION = "Software package manager that installs, updates, and removes \ 2DESCRIPTION = "Software package manager that installs, updates, and removes \
3packages on RPM-based Linux distributions. It automatically computes \ 3packages on RPM-based Linux distributions. It automatically computes \
4dependencies and determines the actions required to install packages." 4dependencies and determines the actions required to install packages."
5HOMEPAGE = "https://github.com/rpm-software-management/dnf"
5LICENSE = "GPLv2" 6LICENSE = "GPLv2"
6LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ 7LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
7 file://PACKAGE-LICENSING;md5=4a0548e303dbc77f067335b4d688e745 \ 8 file://PACKAGE-LICENSING;md5=4a0548e303dbc77f067335b4d688e745 \
diff --git a/meta/recipes-devtools/dpkg/dpkg.inc b/meta/recipes-devtools/dpkg/dpkg.inc
index 1c3c585..f008959 100644
--- a/meta/recipes-devtools/dpkg/dpkg.inc
+++ b/meta/recipes-devtools/dpkg/dpkg.inc
@@ -1,5 +1,7 @@
1SUMMARY = "Package maintenance system from Debian" 1SUMMARY = "Package maintenance system from Debian"
2LICENSE = "GPLv2.0+" 2LICENSE = "GPLv2.0+"
3HOMEPAGE = "https://salsa.debian.org/dpkg-team/dpkg"
4DESCRIPTION = "The primary interface for the dpkg suite is the dselect program. A more low-level and less user-friendly interface is available in the form of the dpkg command."
3SECTION = "base" 5SECTION = "base"
4 6
5DEPENDS = "zlib bzip2 perl ncurses" 7DEPENDS = "zlib bzip2 perl ncurses"
diff --git a/meta/recipes-devtools/dwarfsrcfiles/dwarfsrcfiles.bb b/meta/recipes-devtools/dwarfsrcfiles/dwarfsrcfiles.bb
index 2c843a9..56b52d6 100644
--- a/meta/recipes-devtools/dwarfsrcfiles/dwarfsrcfiles.bb
+++ b/meta/recipes-devtools/dwarfsrcfiles/dwarfsrcfiles.bb
@@ -1,4 +1,5 @@
1SUMMARY = "A small utility for printing debug source file locations embedded in binaries" 1SUMMARY = "A small utility for printing debug source file locations embedded in binaries"
2DESCRIPTION = "${SUMMARY}"
2LICENSE = "GPLv2+" 3LICENSE = "GPLv2+"
3LIC_FILES_CHKSUM = "file://../dwarfsrcfiles.c;md5=31483894e453a77acbb67847565f1b5c;beginline=1;endline=8" 4LIC_FILES_CHKSUM = "file://../dwarfsrcfiles.c;md5=31483894e453a77acbb67847565f1b5c;beginline=1;endline=8"
4 5
diff --git a/meta/recipes-devtools/elfutils/elfutils_0.178.bb b/meta/recipes-devtools/elfutils/elfutils_0.178.bb
index c500ae3..97d033e 100644
--- a/meta/recipes-devtools/elfutils/elfutils_0.178.bb
+++ b/meta/recipes-devtools/elfutils/elfutils_0.178.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Utilities and libraries for handling compiled object files" 1SUMMARY = "Utilities and libraries for handling compiled object files"
2HOMEPAGE = "https://sourceware.org/elfutils" 2HOMEPAGE = "https://sourceware.org/elfutils"
3DESCRIPTION = "elfutils is a collection of utilities and libraries to read, create and modify ELF binary files, find and handle DWARF debug data, symbols, thread state and stacktraces for processes and core files on GNU/Linux."
3SECTION = "base" 4SECTION = "base"
4LICENSE = "GPLv2 & LGPLv3+ & GPLv3+" 5LICENSE = "GPLv2 & LGPLv3+ & GPLv3+"
5LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" 6LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
diff --git a/meta/recipes-devtools/fdisk/gptfdisk_1.0.4.bb b/meta/recipes-devtools/fdisk/gptfdisk_1.0.4.bb
index b043c96..ef5d83e 100644
--- a/meta/recipes-devtools/fdisk/gptfdisk_1.0.4.bb
+++ b/meta/recipes-devtools/fdisk/gptfdisk_1.0.4.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Utility for modifying GPT disk partitioning" 1SUMMARY = "Utility for modifying GPT disk partitioning"
2DESCRIPTION = "GPT fdisk is a disk partitioning tool loosely modeled on Linux fdisk, but used for modifying GUID Partition Table (GPT) disks. The related FixParts utility fixes some common problems on Master Boot Record (MBR) disks." 2DESCRIPTION = "GPT fdisk is a disk partitioning tool loosely modeled on Linux fdisk, but used for modifying GUID Partition Table (GPT) disks. The related FixParts utility fixes some common problems on Master Boot Record (MBR) disks."
3HOMEPAGE = "https://sourceforge.net/projects/gptfdisk/"
3 4
4LICENSE = "GPLv2" 5LICENSE = "GPLv2"
5LIC_FILES_CHKSUM = "file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552" 6LIC_FILES_CHKSUM = "file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552"
diff --git a/meta/recipes-devtools/gcc/gcc-common.inc b/meta/recipes-devtools/gcc/gcc-common.inc
index 3dcfdf8..629fa26 100644
--- a/meta/recipes-devtools/gcc/gcc-common.inc
+++ b/meta/recipes-devtools/gcc/gcc-common.inc
@@ -1,5 +1,6 @@
1SUMMARY = "GNU cc and gcc C compilers" 1SUMMARY = "GNU cc and gcc C compilers"
2HOMEPAGE = "http://www.gnu.org/software/gcc/" 2HOMEPAGE = "http://www.gnu.org/software/gcc/"
3DESCRIPTION = "The GNU Compiler Collection includes front ends for C, C++, Objective-C, Fortran, Ada, Go, and D, as well as libraries for these languages (libstdc++,...). GCC was originally written as the compiler for the GNU operating system."
3SECTION = "devel" 4SECTION = "devel"
4LICENSE = "GPL" 5LICENSE = "GPL"
5 6
diff --git a/meta/recipes-devtools/gdb/gdb-common.inc b/meta/recipes-devtools/gdb/gdb-common.inc
index 08f615a..7a4793a 100644
--- a/meta/recipes-devtools/gdb/gdb-common.inc
+++ b/meta/recipes-devtools/gdb/gdb-common.inc
@@ -1,5 +1,6 @@
1SUMMARY = "GNU debugger" 1SUMMARY = "GNU debugger"
2HOMEPAGE = "http://www.gnu.org/software/gdb/" 2HOMEPAGE = "http://www.gnu.org/software/gdb/"
3DESCRIPTION = "GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed."
3SECTION = "devel" 4SECTION = "devel"
4DEPENDS = "expat zlib ncurses virtual/libiconv ${LTTNGUST} bison-native" 5DEPENDS = "expat zlib ncurses virtual/libiconv ${LTTNGUST} bison-native"
5 6
diff --git a/meta/recipes-devtools/git/files/CVE-2021-21300.patch b/meta/recipes-devtools/git/files/CVE-2021-21300.patch
new file mode 100644
index 0000000..9206f71
--- /dev/null
+++ b/meta/recipes-devtools/git/files/CVE-2021-21300.patch
@@ -0,0 +1,305 @@
1From 0e9cef2414f0df3fa5b9b56ff9072aa122bef29c Mon Sep 17 00:00:00 2001
2From: Minjae Kim <flowrgom@gmail.com>
3Date: Sat, 27 Mar 2021 15:18:46 +0900
4Subject: [PATCH] checkout: fix bug that makes checkout follow symlinks in
5 leading path
6
7Before checking out a file, we have to confirm that all of its leading
8components are real existing directories. And to reduce the number of
9lstat() calls in this process, we cache the last leading path known to
10contain only directories. However, when a path collision occurs (e.g.
11when checking out case-sensitive files in case-insensitive file
12systems), a cached path might have its file type changed on disk,
13leaving the cache on an invalid state. Normally, this doesn't bring
14any bad consequences as we usually check out files in index order, and
15therefore, by the time the cached path becomes outdated, we no longer
16need it anyway (because all files in that directory would have already
17been written).
18
19But, there are some users of the checkout machinery that do not always
20follow the index order. In particular: checkout-index writes the paths
21in the same order that they appear on the CLI (or stdin); and the
22delayed checkout feature -- used when a long-running filter process
23replies with "status=delayed" -- postpones the checkout of some entries,
24thus modifying the checkout order.
25
26When we have to check out an out-of-order entry and the lstat() cache is
27invalid (due to a previous path collision), checkout_entry() may end up
28using the invalid data and thrusting that the leading components are
29real directories when, in reality, they are not. In the best case
30scenario, where the directory was replaced by a regular file, the user
31will get an error: "fatal: unable to create file 'foo/bar': Not a
32directory". But if the directory was replaced by a symlink, checkout
33could actually end up following the symlink and writing the file at a
34wrong place, even outside the repository. Since delayed checkout is
35affected by this bug, it could be used by an attacker to write
36arbitrary files during the clone of a maliciously crafted repository.
37
38Some candidate solutions considered were to disable the lstat() cache
39during unordered checkouts or sort the entries before passing them to
40the checkout machinery. But both ideas include some performance penalty
41and they don't future-proof the code against new unordered use cases.
42
43Instead, we now manually reset the lstat cache whenever we successfully
44remove a directory. Note: We are not even checking whether the directory
45was the same as the lstat cache points to because we might face a
46scenario where the paths refer to the same location but differ due to
47case folding, precomposed UTF-8 issues, or the presence of `..`
48components in the path. Two regression tests, with case-collisions and
49utf8-collisions, are also added for both checkout-index and delayed
50checkout.
51
52Note: to make the previously mentioned clone attack unfeasible, it would
53be sufficient to reset the lstat cache only after the remove_subtree()
54call inside checkout_entry(). This is the place where we would remove a
55directory whose path collides with the path of another entry that we are
56currently trying to check out (possibly a symlink). However, in the
57interest of a thorough fix that does not leave Git open to
58similar-but-not-identical attack vectors, we decided to intercept
59all `rmdir()` calls in one fell swoop.
60
61This addresses CVE-2021-21300.
62
63Co-authored-by: Johannes Schindelin <johannes.schindelin@gmx.de>
64Signed-off-by: Matheus Tavares <matheus.bernardino@usp.br>
65
66Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592]
67CVE: CVE-2021-21300
68Signed-off-by: Minjae Kim <flowergom@gmail.com>
69---
70 cache.h | 1 +
71 compat/mingw.c | 2 ++
72 git-compat-util.h | 5 +++++
73 symlinks.c | 25 +++++++++++++++++++++
74 t/t0021-conversion.sh | 39 ++++++++++++++++++++++++++++++++
75 t/t0021/rot13-filter.pl | 21 ++++++++++++++---
76 t/t2006-checkout-index-basic.sh | 40 +++++++++++++++++++++++++++++++++
77 7 files changed, 130 insertions(+), 3 deletions(-)
78
79diff --git a/cache.h b/cache.h
80index 04cabaa..dda373f 100644
81--- a/cache.h
82+++ b/cache.h
83@@ -1675,6 +1675,7 @@ int has_symlink_leading_path(const char *name, int len);
84 int threaded_has_symlink_leading_path(struct cache_def *, const char *, int);
85 int check_leading_path(const char *name, int len);
86 int has_dirs_only_path(const char *name, int len, int prefix_len);
87+extern void invalidate_lstat_cache(void);
88 void schedule_dir_for_removal(const char *name, int len);
89 void remove_scheduled_dirs(void);
90
91diff --git a/compat/mingw.c b/compat/mingw.c
92index bd24d91..cea9c72 100644
93--- a/compat/mingw.c
94+++ b/compat/mingw.c
95@@ -340,6 +340,8 @@ int mingw_rmdir(const char *pathname)
96 ask_yes_no_if_possible("Deletion of directory '%s' failed. "
97 "Should I try again?", pathname))
98 ret = _wrmdir(wpathname);
99+ if (!ret)
100+ invalidate_lstat_cache();
101 return ret;
102 }
103
104diff --git a/git-compat-util.h b/git-compat-util.h
105index d0dd9c0..a1ecfd3 100644
106--- a/git-compat-util.h
107+++ b/git-compat-util.h
108@@ -365,6 +365,11 @@ static inline int noop_core_config(const char *var, const char *value, void *cb)
109 #define platform_core_config noop_core_config
110 #endif
111
112+int lstat_cache_aware_rmdir(const char *path);
113+#if !defined(__MINGW32__) && !defined(_MSC_VER)
114+#define rmdir lstat_cache_aware_rmdir
115+#endif
116+
117 #ifndef has_dos_drive_prefix
118 static inline int git_has_dos_drive_prefix(const char *path)
119 {
120diff --git a/symlinks.c b/symlinks.c
121index 69d458a..ae3c665 100644
122--- a/symlinks.c
123+++ b/symlinks.c
124@@ -267,6 +267,13 @@ int has_dirs_only_path(const char *name, int len, int prefix_len)
125 */
126 static int threaded_has_dirs_only_path(struct cache_def *cache, const char *name, int len, int prefix_len)
127 {
128+ /*
129+ * Note: this function is used by the checkout machinery, which also
130+ * takes care to properly reset the cache when it performs an operation
131+ * that would leave the cache outdated. If this function starts caching
132+ * anything else besides FL_DIR, remember to also invalidate the cache
133+ * when creating or deleting paths that might be in the cache.
134+ */
135 return lstat_cache(cache, name, len,
136 FL_DIR|FL_FULLPATH, prefix_len) &
137 FL_DIR;
138@@ -321,3 +328,21 @@ void remove_scheduled_dirs(void)
139 {
140 do_remove_scheduled_dirs(0);
141 }
142+
143+
144+void invalidate_lstat_cache(void)
145+{
146+ reset_lstat_cache(&default_cache);
147+}
148+
149+#undef rmdir
150+int lstat_cache_aware_rmdir(const char *path)
151+{
152+ /* Any change in this function must be made also in `mingw_rmdir()` */
153+ int ret = rmdir(path);
154+
155+ if (!ret)
156+ invalidate_lstat_cache();
157+
158+ return ret;
159+}
160diff --git a/t/t0021-conversion.sh b/t/t0021-conversion.sh
161index c954c70..6a1d5f6 100755
162--- a/t/t0021-conversion.sh
163+++ b/t/t0021-conversion.sh
164@@ -820,4 +820,43 @@ test_expect_success PERL 'invalid file in delayed checkout' '
165 grep "error: external filter .* signaled that .unfiltered. is now available although it has not been delayed earlier" git-stderr.log
166 '
167
168+for mode in 'case' 'utf-8'
169+do
170+ case "$mode" in
171+ case) dir='A' symlink='a' mode_prereq='CASE_INSENSITIVE_FS' ;;
172+ utf-8)
173+ dir=$(printf "\141\314\210") symlink=$(printf "\303\244")
174+ mode_prereq='UTF8_NFD_TO_NFC' ;;
175+ esac
176+
177+ test_expect_success PERL,SYMLINKS,$mode_prereq \
178+ "delayed checkout with $mode-collision don't write to the wrong place" '
179+ test_config_global filter.delay.process \
180+ "\"$TEST_ROOT/rot13-filter.pl\" --always-delay delayed.log clean smudge delay" &&
181+ test_config_global filter.delay.required true &&
182+ git init $mode-collision &&
183+ (
184+ cd $mode-collision &&
185+ mkdir target-dir &&
186+ empty_oid=$(printf "" | git hash-object -w --stdin) &&
187+ symlink_oid=$(printf "%s" "$PWD/target-dir" | git hash-object -w --stdin) &&
188+ attr_oid=$(echo "$dir/z filter=delay" | git hash-object -w --stdin) &&
189+ cat >objs <<-EOF &&
190+ 100644 blob $empty_oid $dir/x
191+ 100644 blob $empty_oid $dir/y
192+ 100644 blob $empty_oid $dir/z
193+ 120000 blob $symlink_oid $symlink
194+ 100644 blob $attr_oid .gitattributes
195+ EOF
196+ git update-index --index-info <objs &&
197+ git commit -m "test commit"
198+ ) &&
199+ git clone $mode-collision $mode-collision-cloned &&
200+ # Make sure z was really delayed
201+ grep "IN: smudge $dir/z .* \\[DELAYED\\]" $mode-collision-cloned/delayed.log &&
202+ # Should not create $dir/z at $symlink/z
203+ test_path_is_missing $mode-collision/target-dir/z
204+ '
205+done
206+
207 test_done
208diff --git a/t/t0021/rot13-filter.pl b/t/t0021/rot13-filter.pl
209index 4701072..007f2d7 100644
210--- a/t/t0021/rot13-filter.pl
211+++ b/t/t0021/rot13-filter.pl
212@@ -2,9 +2,15 @@
213 # Example implementation for the Git filter protocol version 2
214 # See Documentation/gitattributes.txt, section "Filter Protocol"
215 #
216-# The first argument defines a debug log file that the script write to.
217-# All remaining arguments define a list of supported protocol
218-# capabilities ("clean", "smudge", etc).
219+# Usage: rot13-filter.pl [--always-delay] <log path> <capabilities>
220+#
221+# Log path defines a debug log file that the script writes to. The
222+# subsequent arguments define a list of supported protocol capabilities
223+# ("clean", "smudge", etc).
224+#
225+# When --always-delay is given all pathnames with the "can-delay" flag
226+# that don't appear on the list bellow are delayed with a count of 1
227+# (see more below).
228 #
229 # This implementation supports special test cases:
230 # (1) If data with the pathname "clean-write-fail.r" is processed with
231@@ -53,6 +59,13 @@ sub gitperllib {
232 use Git::Packet;
233
234 my $MAX_PACKET_CONTENT_SIZE = 65516;
235+
236+my $always_delay = 0;
237+if ( $ARGV[0] eq '--always-delay' ) {
238+ $always_delay = 1;
239+ shift @ARGV;
240+}
241+
242 my $log_file = shift @ARGV;
243 my @capabilities = @ARGV;
244
245@@ -134,6 +147,8 @@ sub rot13 {
246 if ( $buffer eq "can-delay=1" ) {
247 if ( exists $DELAY{$pathname} and $DELAY{$pathname}{"requested"} == 0 ) {
248 $DELAY{$pathname}{"requested"} = 1;
249+ } elsif ( !exists $DELAY{$pathname} and $always_delay ) {
250+ $DELAY{$pathname} = { "requested" => 1, "count" => 1 };
251 }
252 } else {
253 die "Unknown message '$buffer'";
254diff --git a/t/t2006-checkout-index-basic.sh b/t/t2006-checkout-index-basic.sh
255index 57cbdfe..f223a02 100755
256--- a/t/t2006-checkout-index-basic.sh
257+++ b/t/t2006-checkout-index-basic.sh
258@@ -21,4 +21,44 @@ test_expect_success 'checkout-index -h in broken repository' '
259 test_i18ngrep "[Uu]sage" broken/usage
260 '
261
262+for mode in 'case' 'utf-8'
263+do
264+ case "$mode" in
265+ case) dir='A' symlink='a' mode_prereq='CASE_INSENSITIVE_FS' ;;
266+ utf-8)
267+ dir=$(printf "\141\314\210") symlink=$(printf "\303\244")
268+ mode_prereq='UTF8_NFD_TO_NFC' ;;
269+ esac
270+
271+ test_expect_success SYMLINKS,$mode_prereq \
272+ "checkout-index with $mode-collision don't write to the wrong place" '
273+ git init $mode-collision &&
274+ (
275+ cd $mode-collision &&
276+ mkdir target-dir &&
277+ empty_obj_hex=$(git hash-object -w --stdin </dev/null) &&
278+ symlink_hex=$(printf "%s" "$PWD/target-dir" | git hash-object -w --stdin) &&
279+ cat >objs <<-EOF &&
280+ 100644 blob ${empty_obj_hex} ${dir}/x
281+ 100644 blob ${empty_obj_hex} ${dir}/y
282+ 100644 blob ${empty_obj_hex} ${dir}/z
283+ 120000 blob ${symlink_hex} ${symlink}
284+ EOF
285+ git update-index --index-info <objs &&
286+ # Note: the order is important here to exercise the
287+ # case where the file at ${dir} has its type changed by
288+ # the time Git tries to check out ${dir}/z.
289+ #
290+ # Also, we use core.precomposeUnicode=false because we
291+ # want Git to treat the UTF-8 paths transparently on
292+ # Mac OS, matching what is in the index.
293+ #
294+ git -c core.precomposeUnicode=false checkout-index -f \
295+ ${dir}/x ${dir}/y ${symlink} ${dir}/z &&
296+ # Should not create ${dir}/z at ${symlink}/z
297+ test_path_is_missing target-dir/z
298+ )
299+ '
300+done
301+
302 test_done
303--
3042.17.1
305
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc
index 4131c98..738a429 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -1,5 +1,6 @@
1SUMMARY = "Distributed version control system" 1SUMMARY = "Distributed version control system"
2HOMEPAGE = "http://git-scm.com" 2HOMEPAGE = "http://git-scm.com"
3DESCRIPTION = "Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency."
3SECTION = "console/utils" 4SECTION = "console/utils"
4LICENSE = "GPLv2" 5LICENSE = "GPLv2"
5DEPENDS = "openssl curl zlib expat" 6DEPENDS = "openssl curl zlib expat"
@@ -7,7 +8,9 @@ DEPENDS = "openssl curl zlib expat"
7PROVIDES_append_class-native = " git-replacement-native" 8PROVIDES_append_class-native = " git-replacement-native"
8 9
9SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \ 10SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
10 ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages" 11 ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
12 file://CVE-2021-21300.patch \
13"
11 14
12S = "${WORKDIR}/git-${PV}" 15S = "${WORKDIR}/git-${PV}"
13 16
diff --git a/meta/recipes-devtools/glide/glide_0.13.3.bb b/meta/recipes-devtools/glide/glide_0.13.3.bb
index 31295ed..6eb87df 100644
--- a/meta/recipes-devtools/glide/glide_0.13.3.bb
+++ b/meta/recipes-devtools/glide/glide_0.13.3.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Vendor Package Management for Golang" 1SUMMARY = "Vendor Package Management for Golang"
2HOMEPAGE = "https://glide.sh" 2HOMEPAGE = "https://github.com/Masterminds/glide"
3DESCRIPTION = "Glide is a Vendor Package Management for Golang"
3LICENSE = "MIT" 4LICENSE = "MIT"
4LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=54905cf894f8cc416a92f4fc350c35b2" 5LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=54905cf894f8cc416a92f4fc350c35b2"
5 6
diff --git a/meta/recipes-devtools/gnu-config/gnu-config_git.bb b/meta/recipes-devtools/gnu-config/gnu-config_git.bb
index 48b7e6d..7299a1d 100644
--- a/meta/recipes-devtools/gnu-config/gnu-config_git.bb
+++ b/meta/recipes-devtools/gnu-config/gnu-config_git.bb
@@ -1,5 +1,6 @@
1SUMMARY = "gnu-configize" 1SUMMARY = "gnu-configize"
2DESCRIPTION = "Tool that installs the GNU config.guess / config.sub into a directory tree" 2DESCRIPTION = "Tool that installs the GNU config.guess / config.sub into a directory tree"
3HOMEPAGE = "https://git.savannah.gnu.org/cgit/config.git"
3SECTION = "devel" 4SECTION = "devel"
4LICENSE = "GPL-3.0-with-autoconf-exception" 5LICENSE = "GPL-3.0-with-autoconf-exception"
5LIC_FILES_CHKSUM = "file://config.guess;beginline=7;endline=27;md5=b75d42f59f706ea56d6a8e00216fca6a" 6LIC_FILES_CHKSUM = "file://config.guess;beginline=7;endline=27;md5=b75d42f59f706ea56d6a8e00216fca6a"
diff --git a/meta/recipes-devtools/help2man/help2man-native_1.47.11.bb b/meta/recipes-devtools/help2man/help2man-native_1.47.11.bb
index a60e851..8e5f940 100644
--- a/meta/recipes-devtools/help2man/help2man-native_1.47.11.bb
+++ b/meta/recipes-devtools/help2man/help2man-native_1.47.11.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Program for creating simple man pages" 1SUMMARY = "Program for creating simple man pages"
2SECTION = "devel" 2HOMEPAGE = "https://www.gnu.org/software/help2man/"
3DESCRIPTION = "help2man is a tool for automatically generating simple manual pages from program output."SECTION = "devel"
3LICENSE = "GPLv3" 4LICENSE = "GPLv3"
4LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" 5LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
5DEPENDS = "autoconf-native automake-native" 6DEPENDS = "autoconf-native automake-native"
diff --git a/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb b/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb
index c576117..fc17e8d 100644
--- a/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb
+++ b/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb
@@ -1,5 +1,6 @@
1SUMMARY = "Set of i2c tools for linux" 1SUMMARY = "Set of i2c tools for linux"
2HOMEPAGE = "https://i2c.wiki.kernel.org/index.php/I2C_Tools" 2HOMEPAGE = "https://i2c.wiki.kernel.org/index.php/I2C_Tools"
3DESCRIPTION = "The i2c-tools package contains a heterogeneous set of I2C tools for Linux: a bus probing tool, a chip dumper, register-level SMBus access helpers, EEPROM decoding scripts, EEPROM programming tools, and a python module for SMBus access. All versions of Linux are supported, as long as I2C support is included in the kernel."
3SECTION = "base" 4SECTION = "base"
4LICENSE = "GPLv2+" 5LICENSE = "GPLv2+"
5LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" 6LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
diff --git a/meta/recipes-devtools/icecc-toolchain/nativesdk-icecc-toolchain_0.1.bb b/meta/recipes-devtools/icecc-toolchain/nativesdk-icecc-toolchain_0.1.bb
index 304ad7f..ce4d73c 100644
--- a/meta/recipes-devtools/icecc-toolchain/nativesdk-icecc-toolchain_0.1.bb
+++ b/meta/recipes-devtools/icecc-toolchain/nativesdk-icecc-toolchain_0.1.bb
@@ -1,6 +1,7 @@
1# Copyright (c) 2018 Joshua Watt, Garmin International,Inc. 1# Copyright (c) 2018 Joshua Watt, Garmin International,Inc.
2# Released under the MIT license (see COPYING.MIT for the terms) 2# Released under the MIT license (see COPYING.MIT for the terms)
3SUMMARY = "Generates Icecream toolchain for SDK" 3SUMMARY = "Generates Icecream toolchain for SDK"
4DESCRIPTION = "${SUMMARY}"
4LICENSE = "MIT" 5LICENSE = "MIT"
5LIC_FILES_CHKSUM = "file://${WORKDIR}/icecc-env.sh;beginline=2;endline=20;md5=dd6b68c1efed8a9fb04e409b3b287d47" 6LIC_FILES_CHKSUM = "file://${WORKDIR}/icecc-env.sh;beginline=2;endline=20;md5=dd6b68c1efed8a9fb04e409b3b287d47"
6 7
diff --git a/meta/recipes-devtools/intltool/intltool_0.51.0.bb b/meta/recipes-devtools/intltool/intltool_0.51.0.bb
index ecff2fa..592dbb9 100644
--- a/meta/recipes-devtools/intltool/intltool_0.51.0.bb
+++ b/meta/recipes-devtools/intltool/intltool_0.51.0.bb
@@ -1,4 +1,6 @@
1SUMMARY = "Utility scripts for internationalizing XML" 1SUMMARY = "Utility scripts for internationalizing XML"
2HOMEPAGE = "https://launchpad.net/intltool"
3DESCRIPTION = "Utility scripts for internationalizing XML. This tool automatically extracts translatable strings from oaf, glade, bonobo ui, nautilus theme and other XML files into the po files."
2SECTION = "devel" 4SECTION = "devel"
3LICENSE = "GPLv2" 5LICENSE = "GPLv2"
4LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" 6LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
diff --git a/meta/recipes-devtools/jquery/jquery_3.5.0.bb b/meta/recipes-devtools/jquery/jquery_3.5.0.bb
index 5c6f9cd..35ce14e 100644
--- a/meta/recipes-devtools/jquery/jquery_3.5.0.bb
+++ b/meta/recipes-devtools/jquery/jquery_3.5.0.bb
@@ -1,5 +1,6 @@
1SUMMARY = "jQuery is a fast, small, and feature-rich JavaScript library" 1SUMMARY = "jQuery is a fast, small, and feature-rich JavaScript library"
2HOMEPAGE = "https://jquery.com/" 2HOMEPAGE = "https://jquery.com/"
3DESCRIPTION = "${SUMMARY}"
3LICENSE = "MIT" 4LICENSE = "MIT"
4SECTION = "devel" 5SECTION = "devel"
5LIC_FILES_CHKSUM = "file://${WORKDIR}/${BP}.js;startline=8;endline=10;md5=b1e67ece919e852643f1541a54492d65" 6LIC_FILES_CHKSUM = "file://${WORKDIR}/${BP}.js;startline=8;endline=10;md5=b1e67ece919e852643f1541a54492d65"
diff --git a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
index 98c55dc..58d2dee 100644
--- a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
+++ b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
@@ -1,4 +1,6 @@
1SUMMARY = "Libcomps is alternative for yum.comps library (which is for managing rpm package groups)." 1SUMMARY = "Libcomps is alternative for yum.comps library (which is for managing rpm package groups)."
2HOMEPAGE = "https://github.com/rpm-software-management/libcomps"
3DESCRIPTION = "Libcomps is alternative for yum.comps library. It's wr