summaryrefslogtreecommitdiffstats
path: root/meta/lib/oe
Commit message (Collapse)AuthorAgeFilesLines
* The poky repository master branch is no longer being updated.Richard Purdie2025-11-0763-25227/+0
| | | | | | | | | | | | | | | | | | | | | You can either: a) switch to individual clones of bitbake, openembedded-core, meta-yocto and yocto-docs b) use the new bitbake-setup You can find information about either approach in our documentation: https://docs.yoctoproject.org/ Note that "poky" the distro setting is still available in meta-yocto as before and we continue to use and maintain that. Long live Poky! Some further information on the background of this change can be found in: https://lists.openembedded.org/g/openembedded-architecture/message/2179 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx_common: Fix invalid SPDX downloadLocation for Rust cratesJayasurya Maganuru2025-10-271-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes [YOCTO #15909] SPDX validation was failing due to the use of `crate://crates.io/...` as the `downloadLocation`, which is not a valid SPDX URL as per the 2.2 specification. This patch updates `fetch_data_to_uri()` in `spdx_common.py` to detect when the fetcher type is "crate" and instead use the `url` attribute, which contains a valid HTTP(S) URL in the expected format, e.g.: https://crates.io/api/v1/crates/<name>/<version>/download This aligns the SPDX metadata for Rust crates with the specification and avoids validation errors in tools consuming SPDX documents. Tested with the `python3-bcrypt` recipe and verified that the generated `spdx.json` contains a valid `software_downloadLocation`. Reference: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15909 (From OE-Core rev: 7cadbd1a22e18847d03b5baa902f5581d3e0aafa) Signed-off-by: Jayasurya Maganuru <Maganuru.Jayasurya@Windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipeutils/get_recipe_upstream_version: pass ud.name instead of 'default'Uwe Kleine-König2025-10-091-1/+1
| | | | | | | | | | | | | | | While all but the osc fetcher ignore the third parameter of their latest_revision implementation, 'default' isn't a valid name in general. Since commit 2515fbd10824 ("fetch: Drop multiple branch/revision support for single git urls") in bitbake a fetcher only handles a single branch/revision and the only sensible thing to pass is `ud.name`. (From OE-Core rev: cb36e8a62d7d31b75b3ddc6b84c1bdee09ebbc60) Signed-off-by: Uwe Kleine-König <u.kleine-koenig@baylibre.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.py: replace all files unconditionally when copy debug sourcesChangqing Li2025-10-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is for fixing reproducible issue for package like: intel-speed-select-src. For intel-speed-select, one of the debug sources is /usr/src/debug/intel-speed-select/1.0/include/linux/thermal.h, file include/linux/thermal.h under ${S} (kernel-sources) link file include/linux/thermal.h under ${B}, which link to ${S}/include/uapi/linux/thermal.h During copy debug sources, sources under ${S} copied first, then sources under ${B} is copied. mtime of ${S}/include/linux/thermal.h and ${S}/include/uapi/linux/thermal.h are decided by when it is fetched, so it is not determinate, maybe same or different. For cpio, if the in file is older than or the same as the exist file, cpio will not replace the exist file with warning "cpio: xxx not created: newer or same age version exists". And this will cause intel-speed-select-src maybe not reproducible. And option '-u' for cpio, first, this will make the copied file determistic. Second, source files under ${B} should have higher priority then ${S}, it may be generated during build, the target is more likely to use this file. (From OE-Core rev: 8898f97b4acc9d5c2c6583c91d05327f9093133e) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/lib/oe/recipeutils.py: Handle multi-repo recipes for upgrade checkUwe Kleine-König2025-09-251-1/+1
| | | | | | | | | | | | | | | For a recipe that uses more than one git repo there isn't a single SRCREV variable. For example for linux-yocto there is SRCREV_machine and SRCREV_meta and rd.getVar("SRCREV") yields "INVALID". Luckily bb.fetch2 already handles all the details and exposes the currently used revision in ud. So just use that. (From OE-Core rev: ddf00d6aee955878c070327ee8d751fdb6099444) Signed-off-by: Uwe Kleine-König <u.kleine-koenig@baylibre.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager/ipk: give out useful reason about an unmatched packageChen Qi2025-09-151-2/+14
| | | | | | | | | | | | | | | | | | | | | Give out useful information when a package could not be matched. Before the change: error: opkg_solver_install: No candidates to install catch2 (null)! With this patch: error: opkg_solver_install: No candidates to install catch2 (null)! ... catch2 is a recipe. Its generated packages are: ['catch2-src', 'catch2-dbg', 'catch2-staticdev', 'catch2-dev', 'catch2-doc'] Either specify a generated package or set ALLOW_EMPTY:${PN} = "1" in catch2 recipe (From OE-Core rev: 4bcb97ab4d7622d04dbf71930ea1784c8d57c136) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager/deb: give out useful reason about an unmatched packageChen Qi2025-09-151-2/+12
| | | | | | | | | | | | | | | | | | | | Give out useful information when a package could not be matched. Before the change: E: Package 'catch2' has no installation candidate With this patch: E: Package 'catch2' has no installation candidate catch2 is a recipe. Its generated packages are: ['catch2-src', 'catch2-dbg', 'catch2-staticdev', 'catch2-dev', 'catch2-doc'] Either specify a generated package or set ALLOW_EMPTY:${PN} = "1" in catch2 recipe (From OE-Core rev: ca6c1dd0148c4776bd556fccfd71153fc72d2e3d) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager/rpm: give out useful reason about unmatched packagesChen Qi2025-09-151-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | Unmatched package error is a common error at rootfs. We want to give out more useful information to user. Before this change, if some user specifiy IMAGE_INSTALL += "catch2", the error message will be like: No match for argument: catch2 Error: Unable to find a match: catch2 With this patch, the error message will be like: No match for argument: catch2 Error: Unable to find a match: catch2 catch2 is a recipe. Its generated packages are: ['catch2-src', 'catch2-dbg', 'catch2-staticdev', 'catch2-dev', 'catch2-doc'] Either specify a generated package or set ALLOW_EMPTY:${PN} = "1" in catch2 recipe (From OE-Core rev: 00f871cd07d7f44788124510a75b7160fdc60bb5) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager/__init__.py: add function to give user reason about a ↵Chen Qi2025-09-151-0/+22
| | | | | | | | | | | | | | | | | | | missing package When users specify some package in IMAGE_INSTALL, but get some error at rootfs time, the user might be confusing. This usually happens when the user puts a recipe name in IMAGE_INSTALL. To helper user understand more about what's going on, add a common function here which makes use of pkgdata data to give the possible reason about a missing package. This function is expected to be used by package backends such as rpm. (From OE-Core rev: 4c1f63a7618c5eef1684ecc52af50821a49e2e91) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager/__init__.py: remove obsolete codes related to ↵Chen Qi2025-09-081-4/+1
| | | | | | | | | | | | | packagefeed-stability The packagefeed-stability.bbclass has been removed. The codes related to it are also obsolete. Remove them. (From OE-Core rev: e3bf1c4a40e64acadbf3f905d898d81db762d8f4) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: Add find_licenses_up functionChristian Lindeberg2025-09-081-1/+26
| | | | | | | | | | | Add a function for finding licenses in a directory or upwards but not above a top directory. (From OE-Core rev: c5c3f7397e62e6e4be6b6fe611317a2f5f853a04) Signed-off-by: Christian Lindeberg <christian.lindeberg@axis.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.py: drop visit_StrMartin Jansa2025-09-011-6/+0
| | | | | | | | | | | | | | | | | In https://git.openembedded.org/openembedded-core/commit/?h=kirkstone&id=abc93390a3f19bc4cc159c5690a478b9e2270906 visit_Constant was added for compatibility with Python 3.8 and newer, but visit_Str was kept, because at that time bitbake did require Python 3.6. Now latest bitbake requires 3.9 and even version 2.4 used in mickledore builds requires 3.8 since: https://git.openembedded.org/bitbake/commit/?h=2.4&id=744310f360d2288ac2ef07745abc86852126b5b9 so we can safely remove these. (From OE-Core rev: 6d3da37adbcaf5a7a3dade08f9d052571b195249) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.py: avoid deprecated ast.StrMartin Jansa2025-08-251-2/+2
| | | | | | | | | | | | | | | | | | | | | | * it's deprecated since python-3.12 and removed in 3.14 causing: openembedded-core/meta/lib/oe/license.py', lineno: 176, function: visit 0172: 0173: LicenseVisitor.__init__(self) 0174: 0175: def visit(self, node): *** 0176: if isinstance(node, ast.Str): 0177: lic = node.s 0178: 0179: if license_ok(self._canonical_license(self._d, lic), 0180: self._dont_want_licenses) == True: Exception: AttributeError: module 'ast' has no attribute 'Str' (From OE-Core rev: 1eb2137324202107baa5cadcfdd682629a9cc269) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx30_tasks: Change package license to declaredJoshua Watt2025-08-211-1/+1
| | | | | | | | | | | | | | Per discussion with SPDX licensing group, the package license statements classify as declared licenses, not concluded licenses. Note that this is the same as a change made to the recipe licenses, just for packages. (From OE-Core rev: 61ba0ef1400a2fa3729473e496e8459cbbba73ad) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/utils: use multiprocessing from bbMartin Jansa2025-08-141-1/+1
| | | | | | | | | | | | | | | | Fixes build with python-3.14 It was added to bitbake in 62be9113d98fccb347c6aa0a10d5c4ee2857f8b6 and oe-core now requires latest bitbake already, so we can use this. [YOCTO #15858] (From OE-Core rev: 75b39bf4b0cbf0884ce5c7209f3ae9420a86316e) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/lib: Switch classextend to use new filter APIRichard Purdie2025-08-122-138/+119
| | | | | | | | | | | | | | | | | | Currently, class extensions are implmented using shadow variables and access indirection which is horribly ineffient and ugly. Switch to using the new bitbake filter API, which allows a translation of the variable before the expanded value is returned. This allows us to drop the shadow variable accesses. It also avoids the need to iterate PACKAGES and make many variable changes since a filter against RDEPENDS applies to RDEPENDS:${PN} and all of it's other overridden values. Since data expansion happens at access, it also avoids many of the race conditions this code has tranditionally been plagued with. (From OE-Core rev: 24a9858a8927e91d499ee342ed93a0dbb44d83bc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/utils: extract method for parallel_make without d contextPeter Marko2025-08-111-8/+18
| | | | | | | | | | | | | | | oeqa does not have general access to d variable context and needs to determine parallel make settings. Extract the code from parallel_make into reusable parallel_make_value. Also correct function description of return value from None to empty string. (From OE-Core rev: c8670e9c7db565401412dad979c2ee53a586b59d) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx30: Allow VEX Justification to be configurableJoshua Watt2025-07-031-17/+16
| | | | | | | | | | | | | | | Instead of hard coding the VEX justifications for "Ignored" CVE status, add a map that configures what justification should be used for each status. This allows other justifications to be easily added, and also ensures that status fields added externally (by downstream) can set an appropriate justification if necessary. (From OE-Core rev: c0fa3d92cefa74fa57c6c48c94acc64aa454e781) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity/utils: Directly use gcc, not BUILD_CCRichard Purdie2025-07-031-11/+6
| | | | | | | | | The test/helper is written assuming gcc, so just call that and stop accessing BUILD_CC which may be set to clang. (From OE-Core rev: 0a165a93693a293f08cb0d7e2dfa1016803a917a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative/utils: Drop workarounds for gcc 4.8/4.9Richard Purdie2025-07-031-26/+0
| | | | | | | | | We require at least gcc 8.0 in sanity.bbclass so drop the 4.8/4.9 special case handling in uninative. (From OE-Core rev: 552e037bf598ac523f35b69d2dafc99e5ba59c5f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/licenses: move tidy_licenses from recipetoolRoss Burton2025-07-011-0/+15
| | | | | | | | | | This function, to tidy a license string, is useful outside of recipetool so move it to oe.license. (From OE-Core rev: 9d57b53169bc60b281510c49e54123941a17a8f5) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx30_tasks: Change recipe license to declaredJoshua Watt2025-06-261-1/+1
| | | | | | | | | | | Per discussion with the SPDX licensing group, recipe LICENSE statements classify as a declared license, not a concluded license. (From OE-Core rev: 561447c7cc1485366dbf41cfbf8dcc1cbf29d043) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/go: document map_arch, and raise an error on unknown architectureRoss Burton2025-06-231-1/+5
| | | | | | | | | | | | | Add a comment explaining what this function does and where the values come from. If the architecture isn't know, instead of returning an empty string which could fail mysteriously, raise a KeyError so it fails quickly. (From OE-Core rev: 025414c16319b068df1cd757ad9a3c987a6b871d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: remove S in recipes that fetch from git via setting ↵Alexander Kanavin2025-06-201-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BB_GIT_DEFAULT_DESTSUFFIX Removing all the S = ${WORKDIR}/git assignments works because BB_GIT_DEFAULT_DESTSUFFIX is set to match S from bitbake.conf (which itself is set to match typical tarball releases). A few recipes are setting S to a sub-directory of the git tree and need to be adjusted accordingly. bzip2 recipe is fetching a tarball and separately cloning tests; adjust the recipe to put the latter into 'bzip2-tests', instead of 'git'. devupstream.bbclass no longer needs to rewrite S, and is adjusted accordingly. Adjust scripts/lib/recipetool/append.py to not hardcode 'git' as unpack destination. Adjust kernel-yocto.bbclass to use the git unpack variable instead of hardcoding 'git' (there's also removal of repetition of string constants and a correction of workdir/unpackdir mismatch in one of the if-else branches). Ensure build-appliance-image recipe does not use 'git' as checkout directory for poky repo, but rather explicitly name it 'poky'. Ensure reproducible.py code that looks for git repositories does not hardcode 'git' but uses the destination set by BB_GIT_DEFAULT_DESTSUFFIX. Ensure recipetool does not write out unneeded S settings into newly created recipes that fetch from git. Adjust selftest to not hardcode 'git' as unpack directory. (From OE-Core rev: f80c07019ddadaf9c5fb890faabfda7920ecd15e) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rust-target-config.bbclass: Update for new riscv TUNE_FEATURESMark Hatle2025-06-201-2/+0
| | | | | | | | | | | | | | | | Add the new TUNE_FEATURES to the 'features:' list, based on matching output with: rustc --target=riscv32i-unknown-none-elf -Ctarget-feature=help Use the TUNE_RISCV_ABI instead of guessing for the ABI. Pass the arch "as-is", since it should now be riscv32 or riscv64. (From OE-Core rev: 88b59db87d2c65e5be0f3fee1ebf4ee64ef05f18) Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* riscv tunes: ISA Implementation of RISC-V tune featuresMark Hatle2025-06-202-1/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This implements the following base ISAs: * rv32i, rv64i * rv32e, rv64i The following ABIs: * ilp32, ilp32e, ilp32f, ilp32d * lp64, lp64e, lp64f, lp64d The following ISA extension are also implemented: * M - Integer Multiplication and Division Extension * A - Atomic Memory Extension * F - Single-Precision Floating-Point Extension * D - Double-Precision Floating-Point Extension * C - Compressed Extension * B - Bit Manipulation Extension (implies Zba, Zbb, Zbs) * V - Vector Operations Extension * Zicsr - Control and Status Register Access Extension * Zifencei - Instruction-Fetch Fence Extension * Zba - Address bit manipulation extension * Zbb - Basic bit manipulation extension * Zbc - Carry-less multiplication extension * Zbs - Single-bit manipulation extension * Zicbom - Cache-block management extension The existing processors tunes are preserved: * riscv64 (rv64gc) * riscv32 (rv32gc) * riscv64nf (rv64imac_zicsr_zifencei) * riscv32nf (rv32imac_zicsr_zifencei) * riscv64nc (rv64imafd_zicsr_zifencei) Previously defined feature 'big-endian' has been removed as it was not used. (From OE-Core rev: bcaf298a146dfd10e4c8f44223ea083bc4baf45c) Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx: add option to include only compiled sourcesDaniel Turull2025-06-172-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | When SPDX_INCLUDE_COMPILED_SOURCES is enabled, only include the source code files that are used during compilation. It uses debugsource information generated during do_package. This enables an external tool to use the SPDX information to disregard vulnerabilities that are not compiled. As example, when used with the default config with linux-yocto, the spdx size is reduced from 156MB to 61MB. Tested with bitbake world on oe-core. CC: Quentin Schulz <quentin.schulz@cherry.de> CC: Joshua Watt <JPEWhacker@gmail.com> CC: Peter Marko <peter.marko@siemens.com> (From OE-Core rev: c6a2f1fca76fae4c3ea471a0c63d0b453beea968) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wic: Update after plugin name changesRichard Purdie2025-06-161-1/+1
| | | | | | | | Update the plugin names to account for the "-" to "_" plugin name change. (From OE-Core rev: afa1b5c9f6ed17c021e37a54d0d6abee50a60bf9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: support extra hashes being passed to find_licensesRoss Burton2025-06-161-3/+4
| | | | | | | | | | | | | When using the license finder the caller might know some more license hashes, for example if it is updating existing metadata. Allow the caller to pass more hashes that can be used when identifying licenses. (From OE-Core rev: 9011bc307fcdccb144b75d77b36bbc5c8d4bd96d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: rewrite license checksum loading, scan more licensesRoss Burton2025-06-161-36/+29
| | | | | | | | | | | | | Rewrite the license checksum generation and loading of CSV files to be clearer. This also expands the scan of COMMON_LICENSE_DIR to include LICENSE_PATH, which can be extended by layers to provide more license texts. (From OE-Core rev: 417240ba7a9b3985530988940a222b079b503b64) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: don't return the "crunched" license text in crunch_licenseRoss Burton2025-06-161-7/+6
| | | | | | | | | | | | | | crunch_license() will perform some basic text manipulation to try and canonicalise the license texts. It also returns the new license text but none of the callers use this, and as a slightly mangled version of the original it has no real purpose. Remove this return value and clean up the callers. (From OE-Core rev: 34603ed3b4919dcfba19ef57db11a6d3bb2704f1) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: remove unused arguments in get_license_md5sumsRoss Burton2025-06-161-14/+9
| | | | | | | | | | | | | | | get_license_md5sums() has two optional arguments: - static_only: if set, don't checksum the licenses in COMMON_LICENSE_DIR - linenumbers: if set, the CSV file can contain begin/end/md5 values as used in LIC_FILES_CHKSUM. Neither of these are used and complicate the logic, so remove them. (From OE-Core rev: 148e501bd4fe65e7bed68d086ba98180a9b2483c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: consolidate hash->license mapsRoss Burton2025-06-161-59/+0
| | | | | | | | | | | | | | There are two locations where mappings of checksums to license names are: the license-hashes.csv file and a hard-coded set of assignments in the code. There's no need for two, so remove the assignments and move the hashes into the CSV file. (From OE-Core rev: a775c6cb5a2bf1f30a94ba3b88af9aa491e98b1a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: add first_only argument to find_licenses()Ross Burton2025-06-161-4/+12
| | | | | | | | | | | | It may be desired to find only the "top-level" license file instead of every potential candidate, so add a first_only argument (defaulting to False to preserve existing behaviour) to return just the first license found. (From OE-Core rev: 995936ffda02a1def1863490ec315783a7470c72) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/license_finder: skip .sh files when looking for licensesRoss Burton2025-06-161-1/+1
| | | | | | | | | Shell scripts are not licenses, so skip them. (From OE-Core rev: 0ce9ad80d3b90edc1d1e690763e8f3d9f0cd523d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/license_finder: extract license finding code from recipetoolRoss Burton2025-06-161-0/+242
| | | | | | | | | | | | This code is 99% identical to the original code in recipetool/create.py, but with two minor changes: - The implicit recipetool logger is changed to an explicit logger - The CSV of license hashes is moved to meta/files/ (From OE-Core rev: b132652c6e520121c6b0e7e873b0d33ede0309b5) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe: Move vardepexclude entries alongside functionsRichard Purdie2025-06-165-1/+15
| | | | | | | | | Now we have decorators that can do this, move the variable dependencies exclusions alongside the code that needs them for maintainability. (From OE-Core rev: e522169c5f95de6fc74b43672573700d8eb8e082) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package: export debugsources in PKGDESTWORK as jsonDaniel Turull2025-06-121-0/+46
| | | | | | | | | | | | | | | | | | | | | | | The source information used during packaging can be use from other tasks to have more detailed information on the files used during the compilation and improve SPDX accuracy. Source files used during compilation are store as compressed zstd json in pkgdata/debugsources/$PN-debugsources.json.zstd Format: { binary1: [src1, src2, ...], binary2: [src1, src2, ...] } I checked the sstate size, and it slightly increases using core-image-full-cmdline: without patch: 2456792 KB sstate-cache/ with patch: 2460028 KB sstate-cache/ (4236 KB or 0.17%) CC: Richard Purdie <richard.purdie@linuxfoundation.org> (From OE-Core rev: c507dcb8a8780a42bfe68b1ebaff0909b4236e6b) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-fit-image.bbclass: add a new FIT image implementationAdrian Freihofer2025-06-051-0/+547
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new recipe linux-yocto-fitimage.bb and the new kernel-fit-image.bbclass are intended to become successors of the kernel-fitimage.bbclass. Instead of injecting the FIT image related build steps into the kernel recipe, the new recipe takes the kernel artifacts from the kernel recipe and creates the FIT image as an independent task. This solves some basic problems: * sstate does not work well when a fitImage contains an initramfs. The kernel is rebuilt from scratch if the build runs from an empty TMPDIR. * A fitImage kernel is not available as a package, but all other kernel image types are. * The task dependencies in the kernel are very complex and difficult to debug if something goes wrong. As a separate, downstream recipe, this is now much easier. The recipe takes the kernel artifacts from the deploy folder. There was also a test implementation passing the kernel artifacts via sysroot directory. This requires changes on the kernel.bbclass to make it copying the artifacts also to the sysroot directory while the same artifacts are already in the sstate-cached deploy directory. The new class kernel-fit-extra-artifacts.bbclass generates and deploys the kernel binary intended for inclusion in a FIT image. Note that the kernel used in a FIT image is a stripped (and optionally compressed) vmlinux ELF binary - not a self-extracting format like zImage, which is already available in the deploy directory if needed separately. The kernel-fit-extra-artifacts.bbclass can be used like this: KERNEL_CLASSES += "kernel-fit-extra-artifacts" (if uImage support is not needed, or with :append otherwise) The long story about this issue is here: [YOCTO #12912] (From OE-Core rev: 05d0c7342d7638dbe8a9f2fd3d1c709ee87d6579) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs.py: Don't create modules directory for all kernelsMike Crowe2025-05-271-5/+6
| | | | | | | | | | | | | | | | | | | | | efa88e1c227d695319197f511701e0230d301f39 arranged for the versioned modules directory to be created and depmod to run for every kernel package. Unfortunately this happens for every _built_ kernel package, even if that package and/or its modules aren't installed in the rootfs. Let's assume that there's no point in running depmod if the modules directory did not already exist. (This problem was observed in Scarthgap and this fix was tested there. It doesn't look like any of the subsequent changes will have affected this behaviour.) (From OE-Core rev: 80c218462c6e4a2deb73803a5d36e8b1f7ed5ed7) Signed-off-by: Mike Crowe <mac@mcrowe.com> Reviewed-by: Jack Mitchell <jack@embed.me.uk> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/sdk: fix empty SDK manifestsRoss Burton2025-05-121-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The SDK manifests are generated by listing the sstate was that used, but it hardcodes that the sstate data filenames end in .tgz. This has not been the case since sstate switched to Zstd[1] in 2021, which meant that all of the tests which checked for packages existing were being skipped as the manifests were empty. For example, see a representative core-image-sato eSDK test run[2]: RESULTS - cmake.CMakeTest.test_assimp: SKIPPED (0.00s) RESULTS - gtk3.GTK3Test.test_galculator: SKIPPED (0.00s) RESULTS - kmod.KernelModuleTest.test_cryptodev: SKIPPED (0.00s) RESULTS - maturin.MaturinDevelopTest.test_maturin_develop: SKIPPED (0.00s) RESULTS - maturin.MaturinTest.test_maturin_list_python: SKIPPED (0.00s) RESULTS - meson.MesonTest.test_epoxy: SKIPPED (0.00s) RESULTS - perl.PerlTest.test_perl: SKIPPED (0.00s) RESULTS - python.Python3Test.test_python3: SKIPPED (0.00s) All of those tests should have been ran. Solve this by generalising the filename check so that it doesn't care what specfic compression algorithm is used. [1] oe-core 0710e98f40e ("sstate: Switch to ZStandard compressor support") [2] https://autobuilder.yoctoproject.org/valkyrie/#/builders/16/builds/1517/steps/15/logs/stdio (From OE-Core rev: b293c44f87b6a52e4239ce14066514e87d9b08d0) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx30: Provide software_packageUrl field in SPDX 3.0 SBOMHongxu Jia2025-05-081-0/+8
| | | | | | | | | | | | | | | | | | | Define var-SPDX_PACKAGE_URL to provide software_packageUrl field [1][2] in SPDX 3.0 SBOM, support to override with package name SPDX_PACKAGE_URL:<pkgname> Currently, the format of purl is not defined in Yocto, set empty for now until we have a comprehensive plan for what Yocto purls look like. But users could customize their own purl by setting var-SPDX_PACKAGE_URL [1] https://spdx.github.io/spdx-spec/v3.0.1/model/Software/Properties/packageUrl/ [2] https://spdx.github.io/spdx-spec/v3.0.1/annexes/pkg-url-specification/ (From OE-Core rev: c8e6953a0b6f59ffca994c440069db39e60b12d2) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/classes/conf: refactor qemu.bbclass functions into library functionsChen Qi2025-05-012-1/+55
| | | | | | | | | | | | | | | | | Move the functions in qemu.bbclass to meta/lib/oe/qemu.py as they are generally useful. The qemu.bbclass is still kept, and recipes can continue to use functions from it, though they have become wrapper functions on qemu.py functions. Note that the QEMU_OPTIONS settings are still kept in qemu.bbclass. This sets a clear barrier for people to use qemu user mode. (From OE-Core rev: 7b3563b3b3901c96c3e498799a83ab8cabcf84b4) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstatesig: Handle special case of llvm-project-source shared-workdirKhem Raj2025-05-011-0/+3
| | | | | | | | | | | | | | | | | bitbake-dumpsig or bitbake-diffsig tools do not work on any of tasks exposed by llvm-project-source recipe. This is due to it being a shared-workdir recipe. Fixes bitbake-diffsigs -t llvm-project-source-20.1.2 do_preconfigure NOTE: Starting bitbake server... ERROR: No sigdata files found matching llvm-project-source-20.1.2 do_preconfigure (From OE-Core rev: a6d46935939a94b8ea2b83c024aa86f05efbd7ce) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: extract extending CVE_STATUS to library functionPeter Marko2025-04-241-0/+22
| | | | | | | | | | | | The same code for extending CVE_STATUS by CVE_CHECK_IGNORE and CVE_STATUS_GROUPS is used on multiple places. Create a library funtion to have the code on single place and ready for reuse by additional classes. (From OE-Core rev: 45e18f4270d084d81c21b1e5a4a601ce975d8a77) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildstats.py: Add tracking of network I/O per interfaceOlga Denisova2025-04-241-2/+41
| | | | | | | | | | | | | | This patch extends SystemStats to collect and store data from /proc/net/dev. It extracts per-interface received and transmitted bytes, calculates deltas between samples, and stores them for further analysis. Useful for identifying network bottlenecks during long-running builds. (From OE-Core rev: 09cbe17e43783fc6b8e3a341d564956452a04c0a) Signed-off-by: denisova-ok <denisova.olga.k@yandex.ru> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildstats.py: extend diskstats support for NVMe and flexible token countdenisova-ok2025-04-241-2/+2
| | | | | | | | | | | | Added support for NVMe devices in the diskstats regex pattern to ensure stats are properly collected from devices like nvme0n1. Relaxed the check for the number of fields in /proc/diskstats from an exact match (14) to a minimum check (at least 14), to handle kernel variations and additional fields gracefully. (From OE-Core rev: 87a31bc4ca3661aae94cf43f3f579b02f4fb4923) Signed-off-by: denisova-ok <denisova.olga.k@yandex.ru> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildcfg: get_metadata_git_*: catch also bb.process.NotFoundErrorMartin Jansa2025-04-241-6/+6
| | | | | | | | | | * bb.process.NotFoundError is triggered when e.g. oe.buildcfg.get_metadata_git_branch is called on non-existent directory (From OE-Core rev: 34c1f66c4c689b26a4c3129eb62f4ff9b6ec14be) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: Switch prefix mapping to use -ffile-prefix-mapKhem Raj2025-04-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | -ffile-prefix map is more comprehensive when it comes to reproducible builds and its superset of all prefix-mapping options in compilers This makes is cleaner and workable across gcc and clang, clang does not support -fcanon-prefix-map and it has to be explicitly omitted when using clang. There are lambdas generated in templates by clang which still get the absolute paths despite -fdebug-prefix-map, this helps with that as well. nasm is an outlier and we have fixed it by adding -fdebug-prefix-map option luckily we do not pass DEBUG_PREFIX_MAP to nasm, in all recipes which use nasm either pass -fdebug-prefix-map explicitly to nasm or they rewrite it to use nasm flags syntax. We have discussed this in past [1] [1] https://patchwork.yoctoproject.org/project/oe-core/patch/20230428032030.2047920-1-raj.khem@gmail.com/#10281 (From OE-Core rev: ff73fa7ef7666a6dbe34f15515bc3ab6e574c5b0) Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Jacob Kroon <jacob.kroon@gmail.com> Cc: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/cve_check: Mark variable flag dependenciesJoshua Watt2025-04-161-0/+2
| | | | | | | | | | | Marks CVE check functions which depend on non-constant variable flags as depending on the variables. This allows changes in the flags to correctly trigger a rebuild (From OE-Core rev: 2cc43c72ff28aa39a417dd8d57cd7c8741c0e541) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>