Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=5.2_M2 2025-01-21T23:09:33+00:00 2025-01-21T23:09:33+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2025-01-10T14:45:57+00:00 urn:sha1:90e0a0f7f4536e1aeb311ab2b061be71b4129e4e The idea of the base class dependency is to say "yes, I need a C cross compiler" and this was never meant to be gcc specific. Looking at the codebase, whilst we code triplets into this, it does overcomplicate things as there are only ever limited, "target", "sdk" and the class extended versions like mutlilib. After much thought, we can simplify this to virtual/cross-cc and virtual/nativesdk-cross-cc. This lets us remove the "gcc" specific element as well as removing the over complicated triplet usage. At the same time, change the much less widely used "g++" variant to "c++" for similar reasons and remove the triplet from virtual/XXX-binutils too. Backwards compatibility mappings could be left but are just going to confuse things in future so we'll just require users to update. This simplification, whilst disruptive for any toolchain focused layers, will make improved toolchain selection in the future much easier. Since we no longer have overlapping variables, some code for that can just be removed. The class extension code does need to start remapping some variables but not the crosssdk target recipe names. This patch is in two pieces, this one handles the renaming with the functional changes separate in a second for easier review even if this breaks bisection. (From OE-Core rev: 4ccc3bc8266c327bcc18c9a3faf7536210dfb9f0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-20T13:38:59+00:00 Joshua Watt jpewhacker@gmail.com 2025-01-16T16:07:33+00:00 urn:sha1:d1947c5364102080b8b3cb92ea833c744d53ba0b The 3.0.1 release of SPDX has been officially released with a few minor modifications. Regenerate the bindings to use this version. (From OE-Core rev: 54233a7d6fe414d22449fb02fac26b66a820b17a) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-12T13:15:29+00:00 hongxu hongxu.jia@eng.windriver.com 2025-01-08T15:47:16+00:00 urn:sha1:2abb0028ba91291e13fe7c218d87dd7e6f379ace Due to commit [cve-check: Rework patch parsing] applied, it missed to update patched_cves dictionary if cve_id not in patched_cves (From OE-Core rev: 08796a8153666d93bb622c6a7497a85cef4def42) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-08T13:25:11+00:00 Colin McAllister colinmca242@gmail.com 2024-12-30T19:22:24+00:00 urn:sha1:35f4253a10eb9e77f10236134892d7d347e52540 The cve_check functionality to parse CVE IDs from the patch filename and patch contents have been reworked to improve parsing and also utilize tests. This ensures that the parsing works as intended. Additionally, the new patched_cves dict has a few issues I tried to fix as well. If multiple patch files exist for a single CVE ID, only the last one will show up with the "resource" key. The value for the "resource" key has been updated to hold a list and return all patch files associated with a given CVE ID. Also, at the end of get_patch_cves, CVE_STATUS can overwrite an existing entry in the dict. This could cause an issue, for example, if a CVE has been addressed via a patch, but a CVE_STATUS line also exists that ignores the given CVE ID. A warning has been added if this ever happens. (From OE-Core rev: 87c6da681609b4f8e048eca2a27ae8e068c724e1) Signed-off-by: Colin McAllister <colinmca242@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-08T13:25:11+00:00 Colin McAllister colinmca242@gmail.com 2024-12-30T19:22:23+00:00 urn:sha1:db2146dbe6a701e8eb225607aa6b8196273bc552 Two warning lines in cve_check.py reference a variable that doesn't exist. These would cause a runtime error if the conditions they are hidden in were to be entered. The log lines have been updated to no longer reference an undefined variable. (From OE-Core rev: c9d059e8a362b3c9d604f7ebe8fd1dd994f0af6b) Signed-off-by: Colin McAllister <colinmca242@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-08T12:50:14+00:00 Hongxu Jia hongxu.jia@windriver.com 2024-12-26T05:43:21+00:00 urn:sha1:ac546d219636b4808e6ef1905fcb0ed647210ea6 when using SPDX_INCLUDE_SOURCES, it calls scan_declared_licenses to scan licenses from source file, set alias for the newly added license and and license alias to hasDeclaredLicense relationship $ echo 'MACHINE = "qemux86-64"' >> conf/local.conf $ echo 'SPDX_INCLUDE_SOURCES = "1"' >> conf/local.conf $ bitbake shadow $ vim tmp/deploy/spdx/3.0.1/corei7-64/recipes/recipe-shadow.spdx.json Before this commit ... { "type": "Relationship", ... "from": "http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/d0cdb0d02e54d55e52fccf8631f8290b161ad43fe31fffe09e8e25041d2280cf/sourcefile/11048", "relationshipType": "hasDeclaredLicense", "to": [ "http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/d0cdb0d02e54d55e52fccf8631f8290b161ad43fe31fffe09e8e25041d2280cf/license/3_24_0/BSD-3-Clause", ] }, ... After this commit ... { "type": "Relationship", ... "from": "http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/d0cdb0d02e54d55e52fccf8631f8290b161ad43fe31fffe09e8e25041d2280cf/sourcefile/11048", "relationshipType": "hasDeclaredLicense", "to": [ "http://spdxdocs.org/openembedded-alias/by-doc-hash/cc72db638e3f8e283e722af0ecc77d19f93cc6736700ee76477e3773b6b07b05/shadow/UNIHASH/license/3_24_0/BSD-3-Clause" ] }, ... (From OE-Core rev: 1f109e22dd22e6071685a8e55bdfe3069bc8fadb) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-08T12:50:14+00:00 Hongxu Jia hongxu.jia@windriver.com 2024-12-26T05:43:20+00:00 urn:sha1:4d8103bfedc6865c3f7b9969a67480a093e62730 Set license alias other than spdxId to hasConcludedLicense relationship $ echo 'MACHINE = "qemux86-64"' >> conf/local.conf $ bitbake shadow $ In tmp/deploy/spdx/3.0.1/corei7-64/recipes/recipe-shadow.spdx.json Before this commit ... { "type": "Relationship", ... "from": "http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/c34a0920c2f689375e786a80ab3176b844997d543b73dd5f99e6ffa8fcc72fee/source/8", "relationshipType": "hasConcludedLicense", "to": [ "http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/c34a0920c2f689375e786a80ab3176b844997d543b73dd5f99e6ffa8fcc72fee/license/3_24_0/BSD-3-Clause" ] }, ... After this commit ... { "type": "Relationship", ... "from": "http://spdx.org/spdxdocs/shadow-10e66933-65cf-5a2d-9a1d-99b12a405441/c34a0920c2f689375e786a80ab3176b844997d543b73dd5f99e6ffa8fcc72fee/source/8", "relationshipType": "hasConcludedLicense", "to": [ "http://spdxdocs.org/openembedded-alias/by-doc-hash/cc72db638e3f8e283e722af0ecc77d19f93cc6736700ee76477e3773b6b07b05/shadow/UNIHASH/license/3_24_0/BSD-3-Clause" ] }, ... (From OE-Core rev: 0530b45a5f27adff55251ce909ad4f077c1076d6) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-08T12:49:00+00:00 hongxu hongxu.jia@eng.windriver.com 2024-12-25T02:48:26+00:00 urn:sha1:0fee98b8e8245a829f2c524c987711b896553508 After commit [spdx 3.0: Rework how SPDX aliases are linked] applied, it set license_text_map with SPDX alias other than actual ID The property of simplelicensing_customIdToUri is ListProp(ObjectProp(DictionaryEntry))), and class DictionaryEntry has key and value, the property of value is StringProp other than ObjectProp in which could not support to decode/extract SPDX alias with actual ID in image jsonld file ----------- "simplelicensing_customIdToUri": [ { "type": "DictionaryEntry", "key": "LicenseRef-PD", "value": "http://spdxdocs.org/openembedded-alias/by-doc-hash/d53e90e23b12c4ad640809a74a810e86f31c76cdbdf36487712d22a33d53362a/sqlite3-native/UNIHASH/license-text/PD" } ], ----------- Add special code in the linking to manually go through all of the simplelicensing_customIdToUri DictionaryEntry items and resolve any aliases to actual objects ----------- "simplelicensing_customIdToUri": [ { "type": "DictionaryEntry", "key": "LicenseRef-PD", "value": "http://spdx.org/spdxdocs/sqlite3-native-e5cc0672-d8dd-57e8-a2df-fe4615831fda/162c62b5b011cd3f82f413b3dae4d6d1542201552c964d5ce69fe170e0720b85/license-text/PD" } ] ----------- Suggested-by: Joshua Watt <jpewhacker@gmail.com> (From OE-Core rev: f16c2eae5a7e1a483e1d537d8711d83fede75691) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-01-08T12:49:00+00:00 hongxu hongxu.jia@eng.windriver.com 2024-12-25T02:48:25+00:00 urn:sha1:446e74ccee9bb868fcb10c4cb7de84b3d453c019 After commit [spdx 3.0: Rework how SPDX aliases are linked] applied, it added extra "/" to namespace, which causing the replacement of UNIHASH missing a "/" http://spdxdocs.org/openembedded-alias/by-doc-hash/0b308e4b9ad979f642d8787c61f76c31bdcad04837eeaaf8bc383f33f99bbeb8/flex-nativeUNIHASH/build/recipe After applying this commit to remove "/" from namespace. http://spdxdocs.org/openembedded-alias/by-doc-hash/0b308e4b9ad979f642d8787c61f76c31bdcad04837eeaaf8bc383f33f99bbeb8/flex-native/UNIHASH/build/recipe (From OE-Core rev: 708cbf00d46169ca05660b1f9f3e0653b499e9ef) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-12-12T13:22:08+00:00 Alexander Kanavin alex@linutronix.de 2024-12-04T06:49:20+00:00 urn:sha1:2d22ef81952b90167bb70f6e3a20097a75aecbab rpm2cpio has been deprecated upstream, so this prepares for its eventual removal. rpm2archive produces a tar archive which can be uncompressed with tar executable from the host. (From OE-Core rev: ed824d3fb23f0c89d8dfdacb2c4ef0b7c21a5144) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>