Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=styhead-5.1.4 2024-02-27T14:31:36+00:00 2024-02-27T14:31:36+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2024-02-26T22:34:50+00:00 urn:sha1:f7fa98cca8a5ac64dbe5fa8a01b6699d731fb2ce Konstantin Aladyshev <aladyshev22@gmail.com> reported that the kern-tools require git functionality that was introduced in git versions greater than the minimum project requirements. In particular: commit 923a9de418b3ca8592c3 [kgit-s2q: don't run verication hooks] uses the --no-verify flag to prevent local git hooks from running and breaking patching or introducing security issues from the host configuration. To ensure that we have a new enough git available for the tools, we update our DEPENDS to git-native-replacement, and the version available in oe-core will be built and used instead of the host provided version. (From OE-Core rev: 6c2ae2346db061a37506b3b5dca20914a7b29fca) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-11-09T16:57:26+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2023-11-08T14:16:25+00:00 urn:sha1:798d954e8d44d7bb9ea71aecf6ad450a220e60cc To be compliant with the recent security policy, bumping the SRCREV to pickup the SECUIRTY.md of the kern-tools repository. It's contents are repeated below: How to Report a Potential Vulnerability? ======================================== If you would like to report a public issue (for example, one with a released CVE number), please report it using the [https://bugzilla.yoctoproject.org/enter_bug.cgi?product=Security Security Bugzilla]. If you have a patch ready, submit it following the same procedure as any other patch as described in README.md. If you are dealing with a not-yet released or urgent issue, please send a message to security AT yoctoproject DOT org, including as many details as possible: the layer or software module affected, the recipe and its version, and any example code, if available. Branches maintained with security fixes --------------------------------------- See [https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS Stable release and LTS] for detailed info regarding the policies and maintenance of Stable branches. The [https://wiki.yoctoproject.org/wiki/Releases Release page] contains a list of all releases of the Yocto Project. Versions in grey are no longer actively maintained with security patches, but well-tested patches may still be accepted for them for significant issues. (From OE-Core rev: fbdfc28b290ea3ed2dc3dbbaf461adc2839eb8f2) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-11-09T16:57:26+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2023-11-08T14:16:24+00:00 urn:sha1:7a7eaac72792cde5b19dd4ef1af7567fa3a5ef28 Bumping the SRCREV to pickup a new option to the patch and merge queue handling scripts. The new option '--prev' allows us to change the behaviour of a subsequent runs to retry a failed patch, versus skipping it. (From OE-Core rev: 231256485ae528773a4da9fad8bf4baff26fc0d2) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-11-09T16:57:26+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2023-11-08T14:16:23+00:00 urn:sha1:935a2dbfe320d26f98ba9917eaef63bb10e783ff It could be argued that it should be an error to have a reduced context patch now that we've had many years to ensure that our kernel path queues are clean. But there are still some supported scenarios where a patch is on multiple branches and reduced context makes sense. Applying the following patch to make sure these are reproducible like the primary mode of application. kgit-s2q: use additional git-am options with reduced context as well (From OE-Core rev: a76a31419e8f3c612699bc45dfc7637d6d542c08) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-08-24T15:50:24+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2023-08-11T13:31:24+00:00 urn:sha1:65318019cd8c6db19ae5d4526a0fa2d8c8ef25fa Now that SRCPV isn't needed we can simplify things in a few places... (From OE-Core rev: 843f82a246a535c353e08072f252d1dc78217872) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-08-22T14:13:54+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2023-08-21T15:44:39+00:00 urn:sha1:5e8e48567c253e50e41c856c586651f36af270d0 Trevor Woerner contributed a simple utility that cleans up a .config diff to produce a fragment. kconfig-diff2frag.py: introduce a utility to post process a config diff Add a python tool to generate a config fragment from a unified diff of two kernel configurations. The diff is read from stdin and the fragment is printed to stdout. Usage: $ diff -u config1 config2 | kconfig-diff2frag.py (From OE-Core rev: f9fc16e1776452d3f0c4d6dd8f8eece66722128a) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-05-05T10:07:25+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2023-05-04T16:06:05+00:00 urn:sha1:1285f78ce861a92dbb99f476b49499574259e615 The recommendation from server maintainers is that the https protocol is both faster and more reliable than the dedicated git protocol at this point. Switch to it where possible. (From OE-Core rev: 139102a73d4151f4748b4a861bd4ab28dda7dab7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-11-22T12:26:45+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-11-18T22:28:51+00:00 urn:sha1:2888cb39c199df8e706c286af8fefcbd4acc7a9b Bumping the SRCREV to integrat the following kern-tools change: commit 2d01f24bc78256c709728eb3f204491bce13e0e5 Author: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com> Date: Fri Nov 4 23:32:38 2022 +0000 kconf_check: store some files in tmpdir Some file systems, like ZFS, are very slow at appending to existing files. Due to Copy-On-Write nature, they create a new copy of a file each time we do ">>" in a shell script. This becomes very noticeable if shell script does lots and lots of appends, like sanitize_fragment() function in kconf_check. On my setup, do_kernel_configcheck task takes literally hours to complete. To fix this issue, we can store sanitized_list and fragment_errors.txt files on tmpfs, which is extremely fast at writing. As most distros use tmpfs for /tmp, logical step is to use `mktemp` to create temporary files. After completing writing to temporary locations, we can move those two files back to ${LOGDIR}. Also, function 'cleanup' was added to remove temporary files in case of abnormal exit. With this patch, do_kernel_configcheck task completes in ~2 minutes on my setup, which is a great improvement. Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (From OE-Core rev: 9d50e2606eb66019044ee176f355a84a65a1499c) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-10-26T11:28:39+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-10-19T03:39:09+00:00 urn:sha1:4c9b5da26bf56c80f2dfdbcb8b35ee36baa8ad7c The previous fix for processing of paths with relative components, broke uses cases that were a mix of patches and configuration fragments. Updating the SRCREV to include a simplied fix for relative paths, and a cleanup patch from Jose: [ Author: Jose Quaresma <quaresma.jose@gmail.com> Date: Thu Sep 29 16:37:23 2022 +0000 scc: only look for error in scc_output_file if it has valid content When process_file function fails the output of the processed script is show to the user, some parsing is performed as well to look for common errors so we can point to the right input file. This can only be done when the scc_output_file have some valid content otherwise it will show invalid messages to the user. Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Author: Bruce Ashfield <bruce.ashfield@gmail.com> Date: Wed Oct 5 19:13:33 2022 +0000 spp: ensure that prefix check uses absolute paths The previous fix for this issue was too broad, and impacted all calls to the prefix check and removal. With this change, we only expand the input on scc/spp operations that may execute with relative paths. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> ] (From OE-Core rev: 533720a1756454447341769c4a0969fce8d6f287) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-09-21T08:20:49+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-09-19T14:28:32+00:00 urn:sha1:dcfd7f1883be9b7d21a6668f56da4e760c733c78 commit b627b8bd17501400649d38bf61c8a3d2121a1b8f (HEAD -> master, origin/master, origin/HEAD) Author: Bruce Ashfield <bruce.ashfield@gmail.com> Date: Sun Sep 18 16:36:43 2022 -0400 symbol_why: allow options to be flagged as built-in or module Some options that are hardware related, can either be built in or modules, and meet the criteria of being acceptable for a BSP. To allow these options to not throw warnings, we create a new configuration fragment to go along with the 'hardware.cfg' and 'nonhardware.cfg' special fragments. This new fragment is called 'y_or_m_enabled.cfg' and is effective for the fragments in its directory. The format is the same as hardware/nonhardware.cfg, is simply a list of CONFIG_ options. (From OE-Core rev: 9cd0623f89d8ff5ea95d6ab713dd4bf45742a8b1) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>