summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* images/*-sdk: remove debug-tweaks from IMAGE_FEATURESRoss Burton37 hours3-3/+3
| | | | | | | | | | There's no need for the SDK images to explicitly list debug-tweaks, this is typically added via EXTRA_IMAGE_FEATURES when needed. (From OE-Core rev: f23eae893837f91dd9dfe027a2209c34c6845bbf) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest/container: fix IMAGE_FEATURES assignmentRoss Burton37 hours1-3/+0
| | | | | | | | | | | | | | | | | | | | Assigning IMAGE_FEATURES="" in local.conf doesn't actually do anything useful, as bitbake.conf has IMAGE_FEATURES += EXTRA_IMAGE_FEATURES after the include of local.conf. In this test case, this results in IMAGE_FEATURES still using EXTRA_IMAGE_FEATURES, so the image contains the files installed by the post-install-logging feature. As the intention here is that container-test-image is as minimal as possible, move the IMAGE_FEATURES assignment into the image itself so it actually works, and update the expected file list to remove the post-install-logging files. (From OE-Core rev: c65349e1238ddc6634dfa4759c57e6168a355200) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pyyaml: rearrange recipeRoss Burton37 hours1-14/+15
| | | | | | | | | | Sort the recipe into a more traditional order, and remove a duplicated DEPENDS on libyaml. (From OE-Core rev: 11739d4419b790c798ba9f2d2ef0086a8c39271d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: 2.7.1 -> 2.8.1Robert Yang37 hours3-84/+3
| | | | | | | | | | | | | * Remove patches already merged by upstream: 0001-support-include-junction.h-Define-macros-for-musl.patch 0001-support-junction-path.c-Fix-build-for-musl.patch * Add PACKAGECONFIG[nfsdctl] (From OE-Core rev: 2dda60516bc6be173d299c44aab92f096fd960c3) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xwayland: upgrade 24.1.3 -> 24.1.4Vijay Anusuri37 hours1-1/+1
| | | | | | | | | | | Includes security fix CVE-2024-9632 Ref: https://lists.x.org/archives/xorg/2024-October/061766.html (From OE-Core rev: 3fdc716d1260b4a92a46cfd2059ce044447f9172) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: Fix sporadic issues when determining compiler internalsPhilip Lorenz37 hours2-1/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | When `-pipe` is enabled, GCC passes data between its different executables using pipes instead of temporary files. This leads to issues when cmake attempts to infer compiler internals via the `-v` parameter as each executable will print to `stderr` in parallel. In turn this may lead to compilation issues down the line as for example the system include directories could not be determined properly which may then propagate to issues such as: recipe-sysroot/usr/include/c++/11.3.0/cstdlib:75:15: fatal error: stdlib.h: No such file or directory | 75 | #include_next <stdlib.h> | | ^~~~~~~~~~ | compilation terminated. | ninja: build stopped: subcommand failed. | WARNING: exit code 1 from a shell command. Fix this stripping `-pipe` from the command line used to determine compiler internals. (From OE-Core rev: 34fa8230163e5ed1c6668bf800c45a173c6490ca) Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest/reproducibility: restart bitbake for each buildYoann Congal2 days1-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since [0], the reproducibility test tries to save logs of failed builds. Using the memory persistent bitbake prevent this by concatenating logs in the single persistent instance (See [YOCTO #15641]). So, force a BitBake server restart for each build to ensure a new log file is created. This fixes this error (seen on AB [1]): 2024-11-02 08:16:00,816 - oe-selftest - ERROR - reproducibleA build failed. Trying to compute built packages differences but the test will fail. 2024-11-02 08:16:00,819 - oe-selftest - INFO - ... ERROR 2024-11-02 08:16:00,819 - oe-selftest - INFO - Traceback (most recent call last): File "/srv/pokybuild/yocto-worker/reproducible-meta-oe/build/meta/lib/oeqa/selftest/cases/reproducible.py", line 321, in test_reproducible_builds self.copy_file(variables["BB_CONSOLELOG"], os.path.join(save_dir, "bitbake-%s.log" % name)) File "/srv/pokybuild/yocto-worker/reproducible-meta-oe/build/meta/lib/oeqa/selftest/cases/reproducible.py", line 216, in copy_file shutil.copyfile(source, dest) File "/usr/lib/python3.11/shutil.py", line 256, in copyfile with open(src, 'rb') as fsrc: ^^^^^^^^^^^^^^^ FileNotFoundError: [Errno 2] No such file or directory: '/srv/pokybuild/yocto-worker/reproducible-meta-oe/build/build/build-st-meta-python/build-st/tmp/log/cooker/qemux86-64/20241102071141.log' [0]: https://git.openembedded.org/openembedded-core/commit/?id=c78cc753843d4199443052e8deb0c9c3b7e4b580 [1]: https://valkyrie.yoctoproject.org/#/builders/87/builds/17/steps/40/logs/stdio (From OE-Core rev: e89bbc00ba16574d719b199c01ffbf37646f4f54) Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade 5.78 -> 5.79Guðni Már Gilbert3 days7-266/+38
| | | | | | | | | | | | | | | | Dropped two patches which are now merged upstream. Added one new patch to resolve a build error when using musl. Changelog * Fix issue with handling address type while pairing. * Add support for allowing to set A2DP transport delay. * Add support for persistent userspace HID operation. * Add support for handling syncing to multiple BISes. (From OE-Core rev: 52d4168f66dd3c4d68e63c8ee17d186b4bdd0e55) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xserver-xorg: upgrade 21.1.13 -> 21.1.14Vijay Anusuri3 days1-1/+1
| | | | | | | | | | | Includes security fix CVE-2024-9632 Ref: https://lists.x.org/archives/xorg/2024-October/061765.html (From OE-Core rev: 957ba32bc6fdffd3a796a04ba222fae6cd673f7e) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-2.0: fix glib-2.0 ptest failure when upgrading tzdata2024bJinfeng Wang3 days4-0/+203
| | | | | | | | | | | | | Backport 3 patches [1][2][3] for gdatetime test to fix the ptest failure. [1] https://github.com/GNOME/glib/commit/c0619f08e6c608fd6464d2f0c6970ef0bbfb9ecf [2] https://github.com/GNOME/glib/commit/30e9cfa5733003cd1079e0e9e8a4bff1a191171a [3] https://github.com/GNOME/glib/commit/fe2699369f79981dcf913af4cfd98b342b84a9c1 (From OE-Core rev: 0c8f87d5d4ec9f286b1e85d114cb9a728c1ff64b) Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata/tzcode-native: upgrade 2024a -> 2024bJinfeng Wang3 days1-3/+3
| | | | | | | (From OE-Core rev: b84b29b1827624270cc1698feda2ee87d55c01e4) Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-libarchive-c: Avoid using find_library python APIKhem Raj3 days2-0/+38
| | | | | | | | | | | | | | | find_library API depends on platform to provide ldconfig, ld, gcc, objdump etc, so either we add these dependencies or avoid them by computing the libarchive library name during build, which we can be done. This ensures that ffi module works with musl as well as glibc equally as musl does not provide ldconfig like glibc does (From OE-Core rev: db350fa7c3c33956fb652eef8aefebaf18ead841) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* weston: backport patch to allow neatvnc < v0.9.0Hiago De Franco3 days2-0/+28
| | | | | | | | | | | | | | | | | Currently weston 13.0.3 with neatvnc 0.8.1 does not compile when using VNC: | Dependency neatvnc found: NO found 0.8.1 but need: '< 0.8.0' ; matched: '>= 0.7.0' However weston upstream already increased the allowed version to 0.9.0, since neatvnc 0.8.0 does not introduce any changes that breaks API used by the VNC backend. Therefore, backport this patch. (From OE-Core rev: 8516496018a3ee9e81a67d4682bf9784d0eab2bd) Signed-off-by: Hiago De Franco <hiago.franco@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: RPROVIDE qcs6490 firmware packages by qcm6490 onesDmitry Baryshkov3 days2-4/+39
| | | | | | | | | | | | | Qualcomm QCS6490 is a modemless variant of the QCM6490 platform. These two platforms share most of the firmware binaries (except the IPA one). Rather than providing complete packages, include compat symlinks into qcom-qcm6490 firmware packages and add RPROVIDES to let other layers / configurations use qcs6490 names to install qcm6490 packages. (From OE-Core rev: 7f02df4eeab69d3254bd7cfd3e2ced7ff0375091) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: package IPA firmware for Qualcomm QCM6490 platformsDmitry Baryshkov3 days1-1/+5
| | | | | | | | | | Add the ${PN}-qcom-qcm6490-ipa firmware package, containing the ipa_fws.mbn, the firmware for the onboard IPA core. (From OE-Core rev: d29ddafab782d8a8a8383ea0124b44fee7277062) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: make ${PN}-qcom-adreno-a663 depend on -a660Dmitry Baryshkov3 days1-1/+1
| | | | | | | | | | | | | | | | Adreno A663 requires two files to function: one is a663_gmu.bin, provided by the ${PN}-qcom-adreno-a663 package, another one is a660_sqe.fw, provided by the ${PN}-qcom-adreno-a660 package. Make the ${PN}-qcom-adreno-a663 depend on -a660, so that the platforms requiring A663 firmware don't have to care about the details and can simply require the A663 firmware package. Fixes: 02dec6af254c ("linux-firmware: Add qcom-adreno-a663 package") (From OE-Core rev: 26db3e9d3627d45097371e39ef5b43e479e34119) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: split sa8775p ZAP shader to separate packageDmitry Baryshkov3 days1-1/+5
| | | | | | | | | | | | Adreno zap.mbn files are platform-specific. As such they shouldn't be a part of the generic ${PN}-qcom-adreno-aNNN packages. Move it to the ${PN}-qcom-sa8775p-adreno package. Fixes: 02dec6af254c ("linux-firmware: Add qcom-adreno-a663 package") (From OE-Core rev: 5280c01f93a7c8cf2ca7996965377fc10d24027e) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: split qcm6490 ZAP shader to separate packageDmitry Baryshkov3 days1-1/+5
| | | | | | | | | | | | Adreno zap.mbn files are platform-specific. As such they shouldn't be a part of the generic ${PN}-qcom-adreno-aNNN packages. Move it to the ${PN}-qcom-qcm6490-adreno package. Fixes: 6026fdda9021 ("linux-firmware: add new fw file to ${PN}-qcom-adreno-a660") (From OE-Core rev: af95f7e3d9db9b8a1b2f503f6c6ff14bebaeb583) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: add battmgr.jsn to ${PN}-qcom-qcm6490-audioDmitry Baryshkov3 days1-1/+1
| | | | | | | | | | | | | The battmgr.jsn file describes one of the services provided by the audio DSP. Add it to the ${PN}-qcom-qcom6490-audio package (for the reference, see the ${PN}-qcom-sc8280xp-lenovo-x13s-audio package, which also incorporates corresponding battmgr.jsn file. Fixes: 1d421fa263bc ("linux-firmware: Add qcom-qcm6490-{audio,compute} firmware packages") (From OE-Core rev: 57da7cbf63acff744beb2b01e5847b62a9fc350d) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Add pam and openssl via packageconfigKhem Raj6 days1-3/+5
| | | | | | | | | | | | | | | | | | | | | | Explicitly enable pam support, otherwise it goes into detection mode and ends up poking at build host Turn openssl into packageconfig as well cc1: warning: include location "/usr/include" is unsafe for cross-compilation [-Wpoison-system-directories] conftest.c: In function 'main': conftest.c:68:1: warning: argument 1 null where non-null expected [-Wnonnull] 68 | pam_authenticate(NULL, 0); | ^~~~~~~~~~~~~~~~ In file included from conftest.c:63: /usr/include/security/pam_appl.h:38:1: note: in a call to function 'pam_authenticate' declared 'nonnull' 38 | pam_authenticate(pam_handle_t *pamh, int flags); | ^~~~~~~~~~~~~~~~ (From OE-Core rev: 9b0c69a0bac18627cc6190f64bf9cabc518e4777) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xf86-input-evdev: update 2.10.6 -> 2.11.0Alexander Kanavin6 days1-2/+2
| | | | | | | (From OE-Core rev: 01cf0498e0cf10c0d1545e75ca873c2f3157f13d) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xf86-input-libinput: update 1.4.0 -> 1.5.0Alexander Kanavin6 days1-1/+1
| | | | | | | (From OE-Core rev: da088a6517fe3434b9f75af9685fed0bd57561c6) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/runCmd: print stderr when that is a separate streamAlexander Kanavin6 days1-0/+2
| | | | | | | | | | | | | runCmd by default merges stderr into stdout, and only needs to print stdout when errors occur. When stderr is requested as a separate stream, and an error occurs, stderr is discarded, obscuring useful error messages. This changes the output to include both streams. (From OE-Core rev: 72c747b37ccdd486ddae06e3d0a99fb2b93643ba) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kexec-tools: update COMPATIBLE_HOST because of makedumpfileKai Kang6 days2-0/+4
| | | | | | | | | | | | makedumpfile is not compatible with mipsarcho32 and riscv32, so set for kexec-tools accordingly. And update packagegroup-core-tools-testapps too. (From OE-Core rev: 9107d9c09c7dab385c6034778cefadca3613be9c) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest: wic: wic_sector_size add wic-tools pathVince Chang6 days1-44/+48
| | | | | | | | | | Add wic-tools to the PATH to avoid failures when running the wic_sector_size test case on a build host that doesn’t have parted. (From OE-Core rev: 013dcdf75669421bc38d699263cb1e8d5b95d398) Signed-off-by: Vince Chang <vince_chang@aspeedtech.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest: wic: remove 2>/dev/null to help fail diagnosticVince Chang6 days1-21/+23
| | | | | | | | | | | | | | The wic test case previously used '2>/dev/null' to suppress error messages. This commit updates the code to use 'stderr=subprocess.PIPE' when calling runCmd(). Refer: https://lists.openembedded.org/g/openembedded-core/topic/109308684 (From OE-Core rev: bd26d999a0ba1107ee5629a8e238f4fe945e9be5) Signed-off-by: Vince Chang <vince_chang@aspeedtech.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patchtest: add "Inactive-Upstream"Katariina Lounento7 days1-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The list of valid statuses (`upstream_status_literal_valid_status`) was missing "Inactive-Upstream", which caused patchtest to fail the test test_patch.TestPatch.test_upstream_status_presence_format for patches containing lines like: +Upstream-Status: Inactive-Upstream [lastrelease: 2013 lastcommit: 2013] with the error: FAIL: test Upstream-Status presence: Upstream-Status is in incorrect format (test_patch.TestPatch.test_upstream_status_presence_format) "Inactive-Upstream" is documented in the Yocto Project and OpenEmbedded Contributor Guide [1]: Inactive-Upstream [lastcommit: when (and/or) lastrelease: when] The upstream is no longer available. This typically means a defunct project where no activity has happened for a long time — measured in years. To make that judgement, it is recommended to look at not only when the last release happened, but also when the last commit happened, and whether newly made bug reports and merge requests since that time receive no reaction. It is also recommended to add to the patch description any relevant links where the inactivity can be clearly seen. `upstream_status_nonliteral_valid_status` only seems to be used in logging and the value was copied verbatim from the aforementioned documentation. After this change all upstream status options documented in [1] are covered. [1] https://docs.yoctoproject.org/5.0.3/contributor-guide/recipe-style-guide.html#patch-upstream-status (From OE-Core rev: a39e6e6854b60fd10f21c6c3f1e7d676e12ba9ee) Signed-off-by: Katariina Lounento <katariina.lounento@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perf: add PACKAGECONFIG for zstdAlexander Hirsch7 days1-0/+1
| | | | | | | | | | perf record can use zstd when available to provide on the fly compression. (From OE-Core rev: 1db5bc41e6c672a0c2ac104ee52dfdfe66ac67cd) Signed-off-by: Alexander Hirsch <alexander.hirsch@gin.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: fix malformed cve status description with : charactersPeter Marko7 days1-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When CPE is not provided and character ":" is in cve status description, current code takes only last part of split function. This works only if there is no ":" in description, otherwise it drops the other split parts. Do a new split of the original string to take the whole description unchanged. This fixes following entries from world build of poky+meta-oe+meta-python: tiff-4.6.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2015-7313 CVE_STATUS: fixed-version: Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue description: //security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue corrected: Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue gnupg-2.5.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2022-3219 CVE_STATUS: upstream-wontfix: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993 description: //dev.gnupg.org/T5993 corrected: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993 libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35325 CVE_STATUS: upstream-wontfix: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303 description: //github.com/yaml/libyaml/issues/303 corrected: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303 libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35326 CVE_STATUS: upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 description: //github.com/yaml/libyaml/issues/302 corrected: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35328 CVE_STATUS: upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 description: //github.com/yaml/libyaml/issues/302 corrected: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 cpio-2.15-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2023-7216 CVE_STATUS: disputed: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html description: //lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html corrected: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html openssh-9.9p1-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2023-51767 CVE_STATUS: upstream-wontfix: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1. description: //bugzilla.mindrot.org/show_bug.cgi?id=3656#c1. corrected: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1. cups-2.4.10-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2021-25317 CVE_STATUS: not-applicable-config: This concerns /var/log/cups having lp ownership, our /var/log/cups is root:root, so this doesn't apply. description: root, so this doesn't apply. corrected: This concerns /var/log/cups having lp ownership, our /var/log/cups is root:root, so this doesn't apply. unzip-1_6.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2008-0888 CVE_STATUS: fixed-version: Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source description: //bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source corrected: Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source syslog-ng-4.7.0-r0 do_cve_check: CVE_STATUS with 6 parts for CVE-2022-38725 CVE_STATUS: cpe-incorrect: cve-check wrongly matches cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32 description: syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32 corrected: cve-check wrongly matches cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32 (From OE-Core rev: cc33dd9176726cb4b2d2f142ed1bc655da8e0a9f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: do not skip cve status description after :Peter Marko7 days1-1/+1
| | | | | | | | | | | | | | | | Correct maxsplit parameter from 5 to 4 to not drop text if description contains ":". Example: >>> "detail: cpe:vendor:product:description:cont".split(':', 5) ['detail', ' cpe', 'vendor', 'product', 'description', 'xxx'] >>> "detail: cpe:vendor:product:description:cont".split(':', 4) ['detail', ' cpe', 'vendor', 'product', 'description:xxx'] (From OE-Core rev: 3c4d8ca41ac0b429af92bf0ea84f1dfd0cda9e1f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* u-boot: Update Upstream-StatusFabio Estevam7 days1-1/+1
| | | | | | | | | | | | 0001-scripts-dtc-pylibfdt-libfdt.i_shipped-Use-SWIG_Appen.patch is now applied in U-Boot upstream. Update the Upstream-Status accordingly. (From OE-Core rev: 718f97d90b13c190e2b1852447764c31464ebdf1) Signed-off-by: Fabio Estevam <festevam@denx.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* u-boot: Add patch to use SWIG_AppendOutputMarkus Volk7 days2-0/+61
| | | | | | | | | | | | | Swig has changed language specific AppendOutput functions. The helper macro SWIG_AppendOutput remains unchanged. Use that instead of SWIG_Python_AppendOutput, which would require an extra parameter since swig 4.3.0. (From OE-Core rev: 4eae7888e91c7c864bf490dee38716267be6202e) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/package: remove PACKAGE_SNAP_LIB_SYMLINKSRoss Burton7 days2-21/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This was added to OpenEmbedded in 2011[1] for the micro distro[2] and subsequently ported to oe-core[3]. This feature aims to improve runtime link speed by removing intermediate symlinks, i.e. libstdc++.so.6 is not a symlink but the actual library. However, there are several issues here: - The meta-micro distribution has been unmaintained since 2012[4] - The original creator of this function has confirmed that it is not in use anymore because the renaming doesn't affect the -dev packages, so on-target development or use of SDKs isn't possible. Whilst the latter is possible to fix, the performance impact of removing a single symlink resolution is negliable at best and the packaging code is already very complex. So, remove this functionality as it is known to be broken, isn't tested, and removing it reduces complexity. [1] https://git.openembedded.org/openembedded/commit/?id=cf7114179ead8ddff8f66e84d630811920ac9add [2] https://git.openembedded.org/openembedded/tree/conf/distro/micro.conf [3] https://git.openembedded.org/openembedded-core/commit/?id=600dbb7cb384c2290af38b993a9bea3a4dfc4494 [4] https://git.openembedded.org/meta-micro/ (From OE-Core rev: 9bfdf4c9eff16804588942a13ac7484059197f99) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jsonschema: Fix annotation for validator_for's defaultKhem Raj7 days2-0/+46
| | | | | | | | | | Backport the fix, it helps some ptests on meta-python packages e.g. pydantic (From OE-Core rev: 3bf9241787574bad15e685d8f956f33719bac749) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-rdflib: upgrade 7.0.0 -> 7.1.1Wang Mingyu7 days1-2/+2
| | | | | | | | | | | | License-Update: Copyright year updated to 2024. Changelog: https://github.com/RDFLib/rdflib/blob/main/CHANGELOG.md#2024-10-17-rel (From OE-Core rev: 3789e5e55fb2d6eef7e1635016b749b9205194fc) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Add init.rb file to PTEST installation pathJiaying Song7 days1-1/+1
| | | | | | | | | | | | | | | | | This patch copies the init.rb file to the tool testing directory in the PTEST installation path during installation. This modification can address the following errors: BEGIN: /usr/lib64/ruby/ptest /usr/lib64/ruby/ptest/tool/test/runner.rb:4:in `require_relative': cannot load such file -- /usr/lib64/ruby/ptest/tool/test/init (LoadError) from /usr/lib64/ruby/ptest/tool/test/runner.rb:4:in `<top (required)>' from ./test/runner.rb:5:in `require_relative' from ./test/runner.rb:5:in `<main>' (From OE-Core rev: 4f9fd1255d5a75e3597e6c8ab3fc243b17fca583) Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: Fix build with glibc 2.41Khem Raj7 days2-0/+43
| | | | | | | (From OE-Core rev: 92646b4314054e14c2b57b045f4a5df859b55468) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest/sstatetests: run CDN mirror check only onceAlexander Kanavin7 days1-2/+0
| | | | | | | | | | | The first no-fail check was an attempt to work around the old CDN's instability (and it didn't really help); it should not be necessary with the new CDN, and only delays a-full completion. (From OE-Core rev: 7f75c42b7fcf60a9ca58d3ded9047df675d76dc2) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest: Add SPDX 3.0 include source case for work-shareHongxu Jia7 days1-0/+29
| | | | | | | | | | | | | | | | | | | | | | | | | Build gcc and check gcc-14.2.0/README in objset is available $ oe-selftest -r spdx.SPDX30Check.test_gcc_include_source ... 2024-10-26 01:24:57,063 - oe-selftest - INFO - test_gcc_include_source (spdx.SPDX30Check.test_gcc_include_source) 2024-10-26 01:28:24,204 - oe-selftest - INFO - The spdxId of gcc-14.2.0/README in gcc.spdx.json is http://spdx.org/spdxdocs/gcc-f2eaeb0d-b54b-53ba-899a-8c36c21139bf/88d5068ffd41e5ea6b4e0dd390b23bf499bb2b6674a41e09eaf2a887eced16c8/sourcefile/42 2024-10-26 01:28:26,369 - oe-selftest - INFO - ... ok 2024-10-26 01:28:33,315 - oe-selftest - INFO - ---------------------------------------------------------------------- 2024-10-26 01:28:33,316 - oe-selftest - INFO - Ran 1 test in 216.457s 2024-10-26 01:28:33,316 - oe-selftest - INFO - OK 2024-10-26 01:28:45,254 - oe-selftest - INFO - RESULTS: 2024-10-26 01:28:45,254 - oe-selftest - INFO - RESULTS - spdx.SPDX30Check.test_gcc_include_source: PASSED (209.31s) 2024-10-26 01:28:45,260 - oe-selftest - INFO - SUMMARY: 2024-10-26 01:28:45,260 - oe-selftest - INFO - oe-selftest () - Ran 1 test in 216.457s 2024-10-26 01:28:45,260 - oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=1, skipped=0, failures=0, errors=0) (From OE-Core rev: ccd6dde301dc8c45c8f901ebd4676b488d638b08) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* create-spdx-{2.2,3.0}: support SPDX include source for work-share directoryHongxu Jia7 days2-26/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Originally, while SPDX_INCLUDE_SOURCES = "1" [1], there is bug in scan for gcc, libgcc in which the sources locates in work-share directory. Copy source from ${WORKDIR} to ${SPDXWORK} did not satisfy the situation while ${S} was not included in ${WORKDIR} This commit aim to support SPDX include source for work-share directory 1. If is_work_shared_spdx, Copy source from ${S} to ${SPDXWORK}, normally the dest dir in ${SPDXWORK} has the same basename dir of ${S}; but for kernel source, rename basename dir 'kernel-source' to ${BP} (${BPN}-${PV}) 2. For SPDX source copy, do hard link copy to save copy time 3. Move do_patch to no work shared situation along with do_unpack 4. Tweak task do_create_spdx dependencies to assure the patched source in work share is ready for SPDX source copy 5. Remove bb.data.inherits_class('kernel', d) from is_work_shared_spdx, the kernel source locates in 'work-shared', test kernel.bbclass is not necessary [1] https://docs.yoctoproject.org/dev/ref-manual/variables.html#term-SPDX_INCLUDE_SOURCES (From OE-Core rev: 64454b1956a9b50d6c89a3f3d7c594c1272cb289) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* create-spdx-{2.2,3.0}: fix do_create_spdx dependency while spdx include sourcesHongxu Jia7 days4-16/+33
| | | | | | | | | | | | | | | | Call function ${@create_spdx_source_deps(d)} or ${create_spdx_source_deps(d)} along with addtask not working, use task do_create_spdx flag 'depends' to instead Move function create_spdx_source_deps to spdx-common.bbclass for both of create-spdx-2.2.bbclass and create-spdx-3.0.bbclass (From OE-Core rev: dda4b7ccd416ef370634babd150e944f2aa9116e) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/lib/oe/spdx30_tasks.py: improve debug log in add_package_filesHongxu Jia7 days1-2/+2
| | | | | | | | | | | | | | | | | | | | | | | While SPDX_INCLUDE_SOURCES = "1" [1], there are mess of `Adding file' in debug log ''' DEBUG: Adding file tmp/work/x86_64-linux/gettext-minimal-native/0.22.5/spdx/3.0.1/work/sources-unpack/COPYING to http://spdx.org/spdxdocs/gettext-minimal-native-1fa0d5cb-2bb8-5631-9fab-cd219801733f/e2c2366654a818397af8b8ddb45fda88c2c71aa2d71695861f82376a658d8e66/document/gettext-minimal-native DEBUG: Adding file tmp/work/x86_64-linux/gettext-minimal-native/0.22.5/spdx/3.0.1/work/gettext-0.22.5/.tarball-version to http://spdx.org/spdxdocs/gettext-minimal-native-1fa0d5cb-2bb8-5631-9fab-cd219801733f/e2c2366654a818397af8b8ddb45fda88c2c71aa2d71695861f82376a658d8e66/document/gettext-minimal-native ''' Summary the total number other than print for each file. ''' DEBUG: Added 7201 files to http://spdx.org/spdxdocs/gettext-minimal-native-1fa0d5cb-2bb8-5631-9fab-cd219801733f/f5e0e04913ac4c595be791fc001d545a77519ed6ee8c743deef721ca0898bc94/document/gettext-minimal-native ''' [1] https://docs.yoctoproject.org/dev/ref-manual/variables.html#term-SPDX_INCLUDE_SOURCES (From OE-Core rev: a2f1498f3db44f34599b86221b688e1abf08a3c7) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/lib/oe/sbom30.py: correct typoHongxu Jia7 days1-1/+1
| | | | | | | | | | | The isinstance expected 2 arguments (From OE-Core rev: 038dcdca760404a44e0bcef389b4b60903f14a1f) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/lib/oe/sbom30.py: correct python list comprehensionHongxu Jia7 days1-2/+2
| | | | | | | | | | | | | | | | | | | The python list comprehension is not right for list: >>> license_text_map = {'LicenseRef-FSF-Unlimited': 'http://spdx.org/spdxdocs/gettext-minimal-native-1fa0d5cb-2bb8-5631-9fab-cd219801733f/8d31e22acc4a8979f24dc24042692fb548fc8fc8d85d775ddac406abb122ceea/license-text/FSF-Unlimited'} >>> license_text = ((k, license_text_map[k]) for k in sorted(license_text_map.keys())) >>> print(license_text) <generator object <genexpr> at 0x7f8575173270> >>> [(k,v) for k, v in license_text] [] Change the () to [] to make it a list instead of a generator expression. (From OE-Core rev: e13c54645bf716ddfb19606fd212cc349b570ad4) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* usbutils: Update to version 018Fabio Estevam7 days3-81/+10
| | | | | | | | | | | | | | | | | | | | | | | | | Update to version 018, which has been converted to meson. Patch 0001-usbutils.pc.in-Fix-Cflags-entry.patch is no longer needed as usbutils now uses meson. Patch 0001-usb-devices-Fix-usb-devices-with-busybox.patch has been upstreamed. Add CC0-1.0, LGPL-2.1-or-later, and MIT to the LICENSES entry due to the following usbutils commits: https://github.com/gregkh/usbutils/commit/32154d0dbea27fc1de8ad07da9110c5ec5f141d8 https://github.com/gregkh/usbutils/commit/d04e63e5517f89d508b3a206c6611edafc82ac8f License-Update: Add CC0-1.0, LGPL-2.1-or-later, and MIT entries. (From OE-Core rev: d10843f712f9e14e744f60243b995dc1e65f891c) Signed-off-by: Fabio Estevam <festevam@denx.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: disable defconfig options from mount-via-label.cfgEnrico Jörns7 days2-14/+11
| | | | | | | | | | | | | | | Accidentally enabled in 6a6c6442 ("busybox: refresh the defconfig from 1.33.0"). With this, also CONFIG_FEATURE_VOLUMEID_EROFS was enabled accidentally. To not break possible existing use cases, we add it to the existing fragment manually. (From OE-Core rev: 166c255b9294edc878977d7b214929d6e83b4d67) Signed-off-by: Enrico Jörns <ejo@pengutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: disable long options in defconfigEnrico Jörns7 days1-4/+4
| | | | | | | | | | | | | | | | | These are activated by the longopts.cfg fragment, thus there should be no need to set them in the defconfig. The individual long options where enabled without mentioning a specific need, mostly while adding the corresponding command, thus it should be safe to disable them. Note that we cannot disable the general 'LONG_OPTS' feature in the defconfig since this is e.g. required by CONFIG_HWCLOCK (since v1.37). (From OE-Core rev: 8cf9c7bd40e58fd363bfbeaf448de399e2e16c71) Signed-off-by: Enrico Jörns <ejo@pengutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: disable defconfig options from getopts.cfg and move long optsEnrico Jörns7 days3-4/+3
| | | | | | | | | | | | | | | | | | | | This disables getopts.cfg fragment options in the defconfig which were accidentally enabled in 4335cd24 ("busybox: refresh the defconfig from 1.33.0"). Since there is longopts.cfg for long options, move CONFIG_FEATURE_GETOPT_LONG there. It was probably not placed there originally since it does not match the naming scheme of the other long options. Note that CONFIG_LONG_OPTS will just be dropped since it is enabled in defconfig anyway. (From OE-Core rev: 9022cff09c78fa1e0ac8e2b94c1992caa40074c4) Signed-off-by: Enrico Jörns <ejo@pengutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: disable defconfig options from unicode.cfgEnrico Jörns7 days1-6/+6
| | | | | | | | | | | Accidentally enabled in 4335cd24 ("busybox: refresh the defconfig from 1.33.0"). (From OE-Core rev: fc843212c23c04dd177039d8b0529d241e013326) Signed-off-by: Enrico Jörns <ejo@pengutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: disable defconfig options from login-utilities.cfgEnrico Jörns7 days2-14/+17
| | | | | | | | | | | | | | | Accidentally enabled in 4335cd24 ("busybox: refresh the defconfig from 1.33.0"). Since this would also enforce wrong ID ranges due to busbox kconfig's bad handling of 'inactive' options, manually add them to the login-utilities.cfg fragment. (From OE-Core rev: 4f58193b8ecad12945e8b06d270b04d89ecbf2cd) Signed-off-by: Enrico Jörns <ejo@pengutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>