default-distrovars.inc: Remove the empty default for WHITELIST_GPL-3.0
There is no reason to set an empty default for it, while not doing it
for all other potential WHITELIST_* variables. The reason it was set
here is a leftover from before when it was actually set to a value.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When installed, this module mounts a read-write (RW) overlay on
top of a root filesystem, which is kept read-only (RO), free
from modifications by the user, this might prove to be useful
if we want to access or restore the original unmodified rootfs.
The existing overlay-etc.bbclass does something similar, it
mounts an overlay on top of the /etc directory, however doing
the same for root causes the original root to be inaccessible
once the system is booted, hence why this module is added to
the initramfs boot flow, allowing us to mount the RW overlay,
while keeping the original rootfs mounted at /rofs once the
system finishes booting. This script is loosely based on that
class.
This module requires rootrw=<foo> to be passed as a kernel
parameter to specify the device/partition to be used as RW by the
overlay and has a dependency on overlayfs support being present
in the running kernel.
It does not require the read-only IMAGE_FEATURE to be enabled.
The module needs to be executed after the initramfs-module-rootfs
since it relies on it to mount the filesystem at initramfs startup
but before the finish module which normally switches root.
After overlayroot is executed the usual boot flow continues from
the real init process.
If something goes wrong while running this module, the rootfs
is still mounted RO (with no overlay) and the finish module is
executed to continue booting normally.
Its worth noting that, on purpose, this isnt installed by default
on any images that use initramfs-framework to keep the boot flow
unmodified, only when a user manually requests to install it,
then it becomes functional.
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Fri, 25 Feb 2022 18:09:17 +0000 (10:09 -0800)]
musl: Update to latest master
brings in these fixes
* f8bdc304 fix spurious failures by fgetws when buffer ends with partial character
* 5690668a add missing strerror text for key management
* 3b7b4155 fix out-of-bound read processing time zone data with distant-past dates
* 75b3412f fix potentially wrong-sign zero in cproj functions at infinity
* 52f0deb9 make fseek detect and produce an error for invalid whence arguments
* cbacd638 add SEEK_DATA and SEEK_HOLE to unistd.h
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd: move systemd shared library into its own package
Move the systemd shared library (libsystemd-shared.so) into its own
package to prevent a runtime dependency from udev package to systemd
package and thereby to a second init manager.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wangmy [Wed, 23 Feb 2022 07:44:55 +0000 (15:44 +0800)]
python3-git: upgrade 3.1.26 -> 3.1.27
Changelog:
=========
-Reduced startup time due to optimized imports.
-Fix a vulenerability that could cause great slowdowns when encountering long
remote path names when pulling/fetching.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Fri, 25 Feb 2022 04:03:31 +0000 (20:03 -0800)]
pip_install_wheel: improved wheel filename guess
Rather than only use PYPI_PACKAGE as a guess, fall back on PN for cases
where a recipe does not inherit pypi.
Wheels can only have alphanumeric characters in the 'distribution'
name [1]. Any other characters are replaced with an underscore. Provide a
function to replace dash with underscore.
insane: use HOST_ variables, not TARGET_ to determine the cross system
Almost everywhere those are the same, except when making a cross toolchain
where HOST_ is where it's going to run, and TARGET_ is what it's going to
produce.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This matters when cross-compiling a cross-toolchain:
we need to specify the system where the toolchain
will run, not the system it will produce output for.
For everything else, HOST and TARGET are the same.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Fri, 25 Feb 2022 05:30:50 +0000 (21:30 -0800)]
disutils*.bbclasses: move to meta-python
distutils has been deprecated in Python 3.10 and will be removed in
Python 3.12 (predicted release date October 2023). For now, move these
classes from oe-core to meta-python to allow users to migrate.
[YOCTO #14610]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wangmy [Wed, 23 Feb 2022 07:44:57 +0000 (15:44 +0800)]
python3-markupsafe: upgrade 2.0.1 -> 2.1.0
Changelog:
==========
Drop support for Python 3.6. :pr:'262'
Remove soft_unicode, which was previously deprecated. Use soft_str instead. :pr:'261'
Raise error on missing single placeholder during string interpolation. :issue:'225'
Disable speedups module for GraalPython. :issue:'277'
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wangmy [Wed, 23 Feb 2022 07:44:56 +0000 (15:44 +0800)]
python3-hypothesis: upgrade 6.36.2 -> 6.37.2
This patch fixes a bug in stateful testing, where returning a single value
wrapped in :func:'~hypothesis.stateful.multiple' would be printed such that
the assigned variable was a tuple rather than the single element
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 22 Feb 2022 19:16:58 +0000 (11:16 -0800)]
python3-nose: drop recipe
The code has not been touched since 2016 and numerous files still have
Python2 syntax code in them. This causes do_compile errors when
packaging a wheel (PEP-517 packaging).
Nothing in oe-core depends on python3-nose.
[YOCTO #14638]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 24 Feb 2022 14:49:30 +0000 (14:49 +0000)]
python3-pip: Improve reproducibility
Pip installed wheels are not reproducible currently. The direct_url
files encode an installation path and the installed wheels compile
the python files at their location, not their final install location
which is incorrect.
To fix this, simply disable the direct_urls and pass the "root" to
the python compile function to strip that path out of the compiled
files.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Wed, 23 Feb 2022 22:09:10 +0000 (14:09 -0800)]
python3-pip-native: install scripts in ${bindir}
The naïve approach of simply unzipping the built wheel is not
sufficient. 'pip install' would normally have created the
[console_scripts] from entry-points.txt in ${D}${bindir}.
For bootstrapping purposes, hardcode the scripts and install them into
${D}${bindir}. Skip the ${bindir}/pip variant.
[YOCTO #14739]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 23 Feb 2022 12:27:06 +0000 (12:27 +0000)]
python3-pip: Don't change shebang
Patch pip to disable shebang mangling and also force the python executable
to be python3 from the environment when building anything for the target
(or nativesdk).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 22 Feb 2022 19:16:33 +0000 (11:16 -0800)]
python3-pip: inherit setuptools_build_meta
Upstream provides a pyproject.toml which declares setuptools.build_meta
as the backend for PEP-517 packaging.
We bootstrap the -native installation by simply unzipping the wheel to
PYTHON_SITEPACKAGES_DIR, so that all other recipes can use pip to
install wheels (as intended by upstream).
Check for presence of ${D}${bindir}/pip and remove if found (this was
originally to make sure Python2 pip was the default).
[YOCTO #14638]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Wed, 23 Feb 2022 22:09:13 +0000 (14:09 -0800)]
python3-wheel-native: install ${bindir}/wheel
pip install would normally install [project.scripts] to ${D}${bindir}
but our naïve bootstrapping only unzipps the wheel to
${D}${PYTHON_SITEPACKAGES_DIR}. Correct this by creating the equivalent
script in do_install:class-native
[YOCTO #14739]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 23 Feb 2022 12:10:05 +0000 (12:10 +0000)]
pip_install_wheel: Use --ignore-installed for pip
Replace the use of --force-reinstall with --ignore-installed when running pip
install. It can detect currently installed modules in the wrong environment and
try to remove them currently which is not what is desired. Ignoring them is the
correct thing to do.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 22 Feb 2022 19:16:31 +0000 (11:16 -0800)]
pip_install_wheel.bbclass: add helper class
Provide a helper class to use pip to install wheels built by either
bdist_wheel or a PEP-517 backend.
Set pip install arguments via PIP_INSTALL_ARGS, which can be overriden
by recipes.
Pass --root and --prefix to ensure that pip installs things into the
proper place in sysroot.
By passing --no-deps and --no-index we avoid finicky dependency
checking (pip expects wheels in its cache) and avoid trying to fetch
wheels from pypi.org. This is basically the same behavior we have now,
the dependencies should be declared in the recipe.
Also pass --force-reinstall to make sure built wheels are always installed
so that FILES gets properly populated.
Pass --no-cache to avoid a (harmless) warning about the pip cache in
$HOME be avoiding use of cache. We do not likely want wheels cached
anyway,
pip install changes the python interpreter in scripts installed in
${bindir}, e.g. to #!/usr/bin/nativepython3, correct the behavior after
install to #!/usr/bin/env python3.
[YOCTO #14638]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 22 Feb 2022 19:16:30 +0000 (11:16 -0800)]
python3-wheel: inherit flit_core
Backport pyproject.toml from flit-backend branch.
Inherit flit_core class to build
Inherit pip_install_wheel to install wheels for target
We need to bootstrap python3-wheel-native in order to have bdist_wheel
available to python3-setuptools-native and the refactored
setuptools3.bbclass. Simply unzip the wheel into
PYTHON_SITEPACKAGES_DIR for class-native.
[YOCTO #14638]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 22 Feb 2022 19:16:28 +0000 (11:16 -0800)]
python3-flit-core: add recipe for 3.6.0
This is the core of one of the "new build system" tools--hosted
officially as part of the pypa (Python Packaging Authority)
repositories--it is an increasingly common build tool (e.g.
typing_extensions and tomli) as declared in pyproject.toml for
said packages.
This package provides a very simple bootstrapping method that builds
the source tarball (build_sdist) and a wheel (build_wheel).
Bootstrap -native by simply unzipping the wheel to
PYTHON_SITEPACKAGES_DIR.
Use pip to install the wheel for class-target.
Wheels are the official vehicle for delivering Python packages now.
Eggs (egg-info) are deprecated and will increasingly go away.
[YOCTO #14638]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
classes: rootfs-postcommands: avoid exception in overlayfs_qa_check
The overlayfs_qa_check in the rootfs-postcommands class throws an
exception if the overlayfs distro feature is enabled but no global
OVERLAYFS_MOUNT_POINT is specifived.
File: '/home/stefan/dalos-linutronix/poky/meta/classes/rootfs-postcommands.bbclass', lineno: 389, function: overlayfs_qa_check
0385: searchpaths = [oe.path.join(imagepath, d.getVar("sysconfdir"), "systemd", "system"),
0386: oe.path.join(imagepath, d.getVar("systemd_system_unitdir"))]
0387:
0388: allUnitExist = True;
*** 0389: for mountPoint in overlayMountPoints:
0390: path = d.getVarFlag('OVERLAYFS_MOUNT_POINT', mountPoint)
0391: unit = mountUnitName(path)
0392:
0393: if not any(os.path.isfile(oe.path.join(dirpath, unit))
Exception: TypeError: 'NoneType' object is not iterable
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It seems that the homepage has moved (for a while now) from
http://www.mega-nerd.com/libsndfile/
to
https://libsndfile.github.io/libsndfile/
On Github, the development group seems to include Erik de Castro Lopo (the
original author of libsndfile1). Link: https://github.com/orgs/libsndfile/people
All backported CVE patches are in version 1.0.31 (I've checked).
The supported format page [1], mentions that Ogg/Opus is supported since
1.0.29, however that isn't currently added in this patch. And it may
require libopus.
And mp3 is supported at around version 1.1.0, but that version is in beta.
This change focuses solely on updating to 1.0.31 and removing all
backported patches.
Alex Stewart [Tue, 22 Feb 2022 23:44:57 +0000 (17:44 -0600)]
sudo: add /etc/sudoers to sudo-lib conffiles
When OE-core commit 788c95c3bb8ede0d3d6a8f125743ac47c0b3f00e created the
`sudo-lib` subpackage, /etc/sudoers was moved from `sudo` to `sudo-lib`.
The commit didn't update the `CONFFILES:${PN}` assignment in sudo.inc,
however. So the `sudo` base package continued to advertise conffile
ownership of /etc/sudoers, though it did not contain it.
Move the CONFFILES assignment to the sudo.bb file, since it is
packaging-related. Change the package owner to the `sudo-lib`
subpackage, since it is the rightful file-owner.
Signed-off-by: Alex Stewart <alex.stewart@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wangmy [Wed, 23 Feb 2022 11:03:11 +0000 (19:03 +0800)]
init-system-helpers: upgrade 1.60 -> 1.62
Changelog:
=========
* use fakechroot instead of unsharing the mount namespace and mounting tmpfs
* deb-systemd-invoke: systemctl --machine @<UID> is now available in
v249.10. Adjust the version check accordingly
* Skip build-time tests if DEB_BUILD_OPTIONS=nocheck is set
* Fix typos found by Lintian
* Set Rules-Requires-Root: no
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wangmy [Wed, 23 Feb 2022 11:03:09 +0000 (19:03 +0800)]
bind: upgrade 9.16.25 -> 9.16.26
Changelog:
==========
Log "quota reached" message when hard quota is reached when accepting a connection.
Add ECS support to the DLZ interface.
A failed view configuration during a named reconfiguration procedure could cause
inconsistencies in BIND internal structures, causing a crash or other unexpected errors.
rndc could crash when interrupted by a signal before receiving a response.
Correctly detect and enable UDP recvmmsg support in all versions of libuv that support it.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LiweiSong [Wed, 23 Feb 2022 09:57:55 +0000 (17:57 +0800)]
qemu: add tpm string section to qemu acpi table
This will create _STR and _UID section for TPM in qemu acpi table,
with these section, the missing "description" and "uid" files will
be created for TPM in /sys by kernel.
Signed-off-by: Liwei Song <liwei.song@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 23 Feb 2022 12:54:31 +0000 (12:54 +0000)]
cve-check: get_cve_info should open the database read-only
All of the function in cve-check should open the database read-only, as
the only writer is the fetch task in cve-update-db. However,
get_cve_info() was failing to do this, which might be causing locking
issues with sqlite.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wangmy [Wed, 23 Feb 2022 13:08:08 +0000 (21:08 +0800)]
quilt: upgrade 0.66 -> 0.67
Changelog:
=========
- Call pager with original LANG environment variable
- Consistently complain early if no series file is found
- Fix handling of symbolic links by several commands
- Tighten the patch format parsing
- Reuse the shell (performance)
- Document the series file format further
- Document that quilt loads /etc/quilt.quiltrc
- configure: Make stat configurable
- series: Minor optimizations
- setup: Don't obey the settings of any englobing .pc
- setup: Default to fast mode
- quilt.el: Fix documentation of quilt-pc-directory
- quilt.el: Load /etc/quilt.quiltrc if ~/.quiltrc doesn't exist
- quilt.el: Fix quilt-editable when QUILT_PATCHES_PREFIX is set
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta-openembedded has gtk4 which has its own version of
gtk-update-icon-cache. Allow programs that want to use gtk4
use the proper version of the gtk-update-icon-cache utility
and the proper build and runtime dependencies.
Also use a more readable syntax for conditional values in DEPENDS.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Native depmod by default try to find config files from the following
directories:
```
${STAGING_ETCDIR_NATIVE}/depmod.d
/run/depmod.d
/usr/local/lib/depmod.d
/lib/depmod.d
```
but none of them is correct, change to load config files from
${sysconfdir}/depmod.d of basedir.
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@toradex.com> Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yi Zhao [Thu, 24 Feb 2022 07:41:07 +0000 (15:41 +0800)]
glibc: fix multilib headers conflict for arm
Fixes:
Error: Transaction test error:
file /usr/include/bits/dl_find_object.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
file /usr/include/bits/rseq.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
file /usr/include/bits/timesize.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yi Zhao [Thu, 24 Feb 2022 07:41:06 +0000 (15:41 +0800)]
glibc: unify wordsize.h between arm and aarch64
Make sure this header file is same in arm and aarch64.
Fix the conflict error when enable multilib:
Error: Transaction test error:
file /usr/include/bits/wordsize.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Lee Chee Yang [Thu, 24 Feb 2022 02:41:22 +0000 (10:41 +0800)]
libarchive : update to 3.5.3
Libarchive 3.5.3 is a security release
Security Fixes:
extended fix for following symlinks when processing the fixup list (#1566, #1617, CVE-2021-31566)
fix invalid memory access and out of bounds read in RAR5 reader (#1491, #1492, #1493, CVE-2021-36976)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Scott Murray [Tue, 22 Feb 2022 14:45:34 +0000 (09:45 -0500)]
scripts: fix file writing in convert-spdx-licenses
The convert-spdx-licenses.py script needs the same file closing
fix as was made to convert-variable-renames to ensure modified
file contents get flushed out.
Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Tue, 22 Feb 2022 13:26:57 +0000 (14:26 +0100)]
icecc.bbclass: fix syntax error
'class' is already taken as keyword and python doesn't like this:
ERROR: Error in compiling python function in oe-core/meta/classes/icecc.bbclass, line 151:
The code lines resulting in this error were:
0020: check_pn = set([pn, bpn])
0021:
0022: class_disable = (d.getVar('ICECC_CLASS_DISABLE') or "").split()
0023:
*** 0024: for class in class_disable:
0025: if bb.data.inherits_class(class, d):
0026: bb.debug(1, "%s: class %s found in disable, disable icecc" % (pn, class))
0027: return "no"
0028:
SyntaxError: invalid syntax (icecc.bbclass, line 151)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Scott Murray [Tue, 22 Feb 2022 04:21:38 +0000 (23:21 -0500)]
scripts: fix file writing in convert-variable-renames
In my test environments (Fedora 35 and Debian 10.10 on AMD 2970WX),
running the convert-variable-renames.py rename script was resulting
in empty files instead of updated ones. From inspection, the new
files are never flushed/closed before moving them into place, which
seems inherently racy. Adding an explicit close to flush the modified
contents out before moving into place fixes the issue for me.
Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 17 Feb 2022 11:43:36 +0000 (11:43 +0000)]
icecc: Improve variables/terminology
The SYSTEM and USER seperation between variables seems odd and not necessary,
drop it. Avoid the use of whitelist/blacklist and also change "packages" to
"recipes" since that misuse causes confusion.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Thu, 17 Feb 2022 00:32:48 +0000 (16:32 -0800)]
scripts: Add convert-variable-renames script for inclusive language variable renaming
This script searches for a list of variable that have been renamed
and converts them to their more descriptive names. It also searches
for a list of variables that have been removed or deprecated and
prints a message.
It will print a message to inform the user that there are terms that
need to be updated in their files. Many of these changes are context
sensitive and may not be modified as they might be existing calls to
other libraries. This message is informational only.
I have tested this on poky and meta-openembedded so far.
