sana kazi [Fri, 17 Dec 2021 06:55:30 +0000 (12:25 +0530)]
openssh: Fix CVE-2021-41617
Add patch to fix CVE-2021-41617 Link: https://bugzilla.suse.com/attachment.cgi?id=854015 Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Sana Kazi <sanakazisk19@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Marta Rybczynska [Tue, 14 Dec 2021 09:50:27 +0000 (10:50 +0100)]
bluez: fix CVE-2021-0129
Improper access control in BlueZ may allow an authenticated user to
potentially enable information disclosure via adjacent access.
This issue can be fixed in the kernel, in BlueZ or both. This patch
fixes it on the BlueZ side, so that the configuration no longer
depends on the kernel fix.
https://nvd.nist.gov/vuln/detail/CVE-2021-012
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
The commit 'meta/scripts: Manual git url branch additions (dc53fe75cc)'
forget the url branch= parameter in the devtool git fetch test.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1419168a58a5caf99e24ada08c9ab639344a78b4) Signed-off-by: Steve Sakoman <steve@sakoman.com>
The commit 'meta/scripts: Manual git url branch additions (dc53fe75cc)'
sets the branch= parameter too early to master and thereby breaks the
-B/--srcbranch option.
ERROR: branch= parameter and -B/--srcbranch option cannot both be specified - use one or the other
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 34ece8030e7a6a100b5e3e7b94e6c786c0e199a6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Wed, 8 Dec 2021 17:02:30 +0000 (17:02 +0000)]
runqemu: check the qemu PID has been set before kill()ing it
If runqemu is killed, check that we have a valid PID for the qemu before
sending a kill() to it.
[ YOCTO #14651 ]
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0f3afbd3a6a6bef668612f818517df7543c0a683) Signed-off-by: Steve Sakoman <steve@sakoman.com>
lttng-modules: do not search in non-existing folder during install
When CONFIG_TRACEPOINTS is not enabled in kernel config - module
compilation is skipped, which causes the ${D}/${nonarch_base_libdir} not
to be created.
This fails later in do_install:append() due to the fact that find
command in executed for non-existing folder.
Check for folder existence before find command in executed.
Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit de0aa1700ed4e6f04b0a233eb1f6d2ac598e7ed8) Signed-off-by: Aníbal Limón <anibal.limon@linaro.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 9 Dec 2021 06:53:35 +0000 (22:53 -0800)]
gcc: Add CVE-2021-37322 to the list of CVEs to ignore
The CVE applies to binutils 2.26 and not to gcc so ignore there.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
libgcrypt: solve CVE-2021-33560 and CVE-2021-40528
This change fixes patches for two issues reported in a research
paper [1]: a side channel attack (*) and a cross-configuration
attack (**).
In this commit we add a fix for (*) that wasn't marked as a CVE
initially upstream. A fix of (**) previosly available in OE
backports is in fact fixing CVE-2021-40528, not CVE-2021-33560
as marked in the commit message.
We commit the accual fix for CVE-2021-33560 and rename the
existing fix with the correct CVE-2021-40528.
For details of the mismatch and the timeline see [2] (fix of the
documentation) and [3] (the related ticket upstream).
Steve Sakoman [Sun, 5 Dec 2021 17:21:47 +0000 (07:21 -1000)]
cve-extra-exclusions: add db CVEs to exclusion list
Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with
supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed.
Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 679fc70f907fb221f4541ebf30c1610e937209b7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Eero Aaltonen [Tue, 30 Nov 2021 13:23:59 +0000 (15:23 +0200)]
cmake: FindGTest: Add target for gmock library
`googlemock` has been absorbed into the
[googletest](https://github.com/google/googletest) project and is built
and installed from the same source tree.
`googletest` has provided a CMake Config-file Package starting with
GTest 1.8.1. `find_package(GTest ...)` by default dispatches first to
CMake Find Module. Starting with CMake commit 2327b4330cce157d616ff8b611b3e77568d00351 in CMake v3.20.0 the module
dispatches onward to the Config-file Package so that the same targets
are available. In pre v3.20.0 versions of CMake however the Find Module
masks the targets provided by the upstream `GTest` package.
Update `Modules/FindGTest.cmake` to provide the same targets as the
CMake Config-file Package and backwards compatible targets and result
variables.
Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 26 Nov 2021 15:45:29 +0000 (15:45 +0000)]
oeqa/parselogs: Fix quoting
Fix deprecation warnings about invalid escape sequences.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 43542614395150e8fa34133ba0fc7ee90f215bcb) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Mon, 22 Nov 2021 15:32:36 +0000 (15:32 +0000)]
buildhistory: Fix srcrevs output
The code was assuming that the a recipe with only one srcrev wouldn't "name"
it. This isn't the case as the glibc or bzip2 recipes show, you can have
a single srcrev which is named.
We can pull the data from the fetcher and in fact we already have it, we just
need to handle the "default" case and make that code the default for all srcrev
regardless of length.
[YOCTO #14017]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 45ae567932ba52b758eb41754453e9828d9533a1) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Khem Raj [Mon, 29 Nov 2021 09:11:13 +0000 (09:11 +0000)]
libunwind: Backport a fix for -fno-common option to compile
[Khem Raj]
defaults for gcc is to use -fno-common this ensures that it keeps
building with gcc -fno-common
Fixes
src/arm/Ginit.c:60: multiple definition of `_U_dyn_info_list'; mi/.libs/dyn-info-list.o:/usr/src/debug/libunwind/1.4.0-r0/build/src/../../libunwind-1.4.0/src/mi/dyn-info-list.c:28: first defined here
[Philippe Coval]
Change and related patch ported to dunfell branch on 1.3.1 version
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Origin: https://github.com/openembedded/openembedded-core/commit/6cd2cf6525bcb241b3a2538e559fcef2a2084a7e Signed-off-by: Philippe Coval <philippe.coval@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Steve Sakoman [Mon, 29 Nov 2021 16:28:23 +0000 (06:28 -1000)]
bind: update to 9.11.35
Notes for BIND 9.11.35
Security Fixes
named failed to check the opcode of responses when performing zone refreshes,
stub zone updates, and UPDATE forwarding. This could lead to an assertion
failure under certain conditions and has been addressed by rejecting responses
whose opcode does not match the expected value. [GL #2762]
Steve Sakoman [Mon, 29 Nov 2021 16:19:16 +0000 (06:19 -1000)]
bind: update to 9.11.34
Notes for BIND 9.11.34
This maintenance release of BIND 9.11 contains no significant changes,
although some minor updates have been made (for example, to fix build
issues on Solaris 11).
Steve Sakoman [Mon, 29 Nov 2021 15:44:13 +0000 (05:44 -1000)]
bind: update to 9.11.33
Notes for BIND 9.11.33
This maintenance release of BIND 9.11 contains no significant changes,
although some minor updates have been made (for example, to eliminate
compiler warnings emitted by GCC 11).
Ross Burton [Tue, 30 Nov 2021 16:53:12 +0000 (16:53 +0000)]
vim: fix CVE-2021-3968 and CVE-2021-3973
Backport a fix for -3972, and whitelist -3968: it isn't valid as it
fixes a bug which was introduced after 8.2.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bec5caadfb53638748d8c41ce7230c2bf7808d27) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pavel Zhukov [Wed, 1 Dec 2021 09:54:37 +0000 (10:54 +0100)]
busybox: Fix for CVE-2021-42376
A NULL pointer dereference in Busybox's hush applet leads to denial of service
when processing a crafted shell command, due to missing validation after
a \x03 delimiter character.
This may be used for DoS under very rare conditions of filtered command input.
Pavel Zhukov [Wed, 1 Dec 2021 09:54:36 +0000 (10:54 +0100)]
busybox: Fix for CVE-2021-42374
An out-of-bounds heap read in unlzma leads to information leak and
denial of service when crafted LZMA-compressed input is decompressed.
This can be triggered by any applet/format that internally supports
LZMA compression.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
(cherry picked from commit 7eaab4b261017ae49926b4f18228a3af9906c19c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
(cherry picked from commit e42870e233a85bc0d55395ef110b7445dfe784f8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Peter Bergin [Fri, 26 Nov 2021 05:28:07 +0000 (10:58 +0530)]
systemd: add packageconfig for wheel-group
If the distro does not include the group 'wheel' systemd will
complain when trying to parse ACL rules for tmpfiles.d.
systemd-tmpfiles[273]: Failed to parse ACL "d:group:adm:r-x,d:group:wheel:r-x": Invalid argument. Ignoring
Systemd has a configuration parameter to avoid using 'wheel'
group in the standard config files for tmpfiles. Add this as
a PACKAGECONFIG and enable it by default to keep default.
Signed-off-by: Peter Bergin <peter@berginkonsult.se> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 457cc45f51e78a532930d0347de271f24ae0a2ee)
Upstream-Status: Backport Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Sana Kazi <sanakazisk19@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Tue, 21 Sep 2021 09:07:32 +0000 (10:07 +0100)]
reproducible_build/package_XXX: Ensure SDE task is in dependency chain
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 938e4dfb68a465f61cb754b2cd28d0728616b5a9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Yi Zhao [Fri, 19 Nov 2021 14:35:27 +0000 (22:35 +0800)]
oeqa: fix warnings for append operators combined with +=
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f2504115f08b173d919d9abe507a0ba440b0d4df) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Daniel Gomez [Thu, 18 Nov 2021 22:06:09 +0000 (23:06 +0100)]
os-release: Add DISTRO_CODENAME as vardeps for do_compile
DISTRO_CODENAME is part of VERSION variable but not used as dependency
for do_compile task. Append it to the vardeps list to rebuild in case it
changes.
Signed-off-by: Daniel Gomez <daniel@qtec.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ee0345057459c6d77fb64902a955e836c6c1e8e4) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Claus Stovgaard [Sat, 13 Nov 2021 21:37:13 +0000 (22:37 +0100)]
cups: Fix missing installation of cups sysv init scripts
The packageconfig needs to be --disable-systemd as documented in
configure file for cups. With the current value "--without-systemd" the
SYSTEM_DIR variable ends up being set to "no"
It is caused by the --without-* section in configure file resulting in
eval with_$ac_useropt=no ;;
$ac_useropt is "systemd" causing the variable $with_systemd to be set
to "no", because of below test
if test ${with_systemd+y}
then :
withval=$with_systemd; SYSTEMD_DIR="$withval"
else $as_nop
SYSTEMD_DIR=""
fi
cups configure test for i if SYSTEMD_DIR is empty to decide if the init
scripts need to be installed. A value of "no" results in that no init
scripts is installed.
With --disable-systemd it works as expected - installing the init files.
Though cups should properly improve their configure script.
Signed-off-by: Claus Stovgaard <clst@ambu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 967fdd2ba12f22d8e46600ff085833993a32cfeb) Signed-off-by: Steve Sakoman <steve@sakoman.com>
http://ftp.pcre.org is down, take sources according to links on
http://www.pcre.org
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 81ba0ba3e8d9c08b8dc69c24fb1d91446739229b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
The URLs describing Kickstart are no longer valid and do not redirect to
the correct location. Update them with the correct location.
Signed-off-by: Jon Mason <jdmason@kudzu.us> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e5ac75f93c8128b0761af5fee99e8603ddd1657d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 11 Nov 2021 15:06:06 +0000 (15:06 +0000)]
scripts/oe-package-browser: Handle no packages being built
Give the user a proper error message if there aren't packages built,
rather than a less friendly traceback.
[YOCTO #14619]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b14c176b7dd74b7d63ca0f72e6e00fbf209f5a0b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Minjae Kim [Thu, 25 Nov 2021 10:49:12 +0000 (19:49 +0900)]
git: fix CVE-2021-40330
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character,
which may result in unexpected cross-protocol requests,
as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.
Upstream-Status: Backport [https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473]
CVE: CVE-2021-40330 Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Mon, 22 Nov 2021 11:40:56 +0000 (11:40 +0000)]
gmp: fix CVE-2021-43618
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fb3b9a7f668a6ffd56a99e1e8b83cdbad2a4bc66) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Mon, 15 Nov 2021 12:53:28 +0000 (12:53 +0000)]
vim: fix CVE-2021-3927 and CVE-2021-3928
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2001631e7a6edb7adc40ee4357466cc54472db71) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Wed, 10 Nov 2021 10:26:27 +0000 (10:26 +0000)]
vim: add patch number to CVE-2021-3778 patch
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 222be29051a3543ac63a0eb07019e90d44429b16) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Tue, 9 Nov 2021 23:13:07 +0000 (23:13 +0000)]
vim: fix CVE-2021-3796, CVE-2021-3872, and CVE-2021-3875
Backport patches from upstream to fix these CVEs.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b493eb4f9a6bb75a2f01a53b6c70762845bf79f9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Marta Rybczynska [Fri, 26 Nov 2021 11:08:41 +0000 (12:08 +0100)]
python3: upgrade 3.8.11 -> 3.8.12
Release Date: Aug. 30, 2021
This is a security release of Python 3.8
Note: The release you're looking at is Python 3.8.12, a security bugfix release
for the legacy 3.8 series. Python 3.10 is now the latest feature release series
of Python 3. Get the latest release of 3.10.x here.
Security content in this release contains four fixes. There are also four
additional fixes for bugs that might have lead to denial-of-service attacks.
Finally, while we're not providing binary installers anymore, for those users
who produce installers, we upgraded the OpenSSL version used to 1.1.1l.
Take a look at the change log for details.
According to the release calendar specified in PEP 569, Python 3.8 is now in the
"security fixes only" stage of its life cycle: 3.8 branch only accepts security
fixes and releases of those are made irregularly in source-only form until
October 2024. Python 3.8 isn't receiving regular bug fixes anymore, and binary
installers are no longer provided for it. Python 3.8.10 was the last full bugfix
release of Python 3.8 with binary installers.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1ca3fb1c7f11e04bf8d8bf59901ddd60178cb13c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Wed, 10 Nov 2021 13:08:47 +0000 (08:08 -0500)]
linux-yocto/5.4: update to v5.4.158
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
c65356f0f726 Linux 5.4.158 e31d51f8a41f ARM: 9120/1: Revert "amba: make use of -1 IRQs warn" 960b1fdfc39a Revert "drm/ttm: fix memleak in ttm_transfered_destroy" a73ebe514a60 sfc: Fix reading non-legacy supported link modes 6789e4b7593b Revert "usb: core: hcd: Add support for deferring roothub registration" 049849492b77 Revert "xhci: Set HCD flag to defer primary roothub registration" 2461f38384d5 media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() 21fc2bb836e5 net: ethernet: microchip: lan743x: Fix skb allocation failure e02fdd7db471 vrf: Revert "Reset skb conntrack connection..." 1ce287eff9f2 scsi: core: Put LLD module refcnt after SCSI device is released e6de9a8b5b30 Linux 5.4.157 39fb393e2102 perf script: Check session->header.env.arch before using it 472d9354a9ce KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu 07e9a4e1abfe KVM: s390: clear kicked_mask before sleeping again 5919a07d71b1 cfg80211: correct bridge/4addr mode check dba9e632eda0 net: use netif_is_bridge_port() to check for IFF_BRIDGE_PORT 0f5b4c57dc85 sctp: add vtag check in sctp_sf_ootb df527764072c sctp: add vtag check in sctp_sf_do_8_5_1_E_sa 0aa322b5fe70 sctp: add vtag check in sctp_sf_violation d6470c220025 sctp: fix the processing for COOKIE_ECHO chunk 5fe74d5e4d58 sctp: fix the processing for INIT_ACK chunk 5953ee99bab1 sctp: use init_tag from inithdr for ABORT chunk 5395650d154c phy: phy_start_aneg: Add an unlocked version c85b696270db phy: phy_ethtool_ksettings_get: Lock the phy for consistency 0dea6379e273 net/tls: Fix flipped sign in async_wait.err assignment e12b8f3c2b73 net: nxp: lpc_eth.c: avoid hang when bringing interface down b232898c1d4b net: ethernet: microchip: lan743x: Fix dma allocation failure by using dma_set_mask_and_coherent 92507dc1efac net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume fails 3708aa267d67 nios2: Make NIOS2_DTB_SOURCE_BOOL depend on !COMPILE_TEST b1c76f97ad2c RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string 18a012869fa7 net: Prevent infinite while loop in skb_tx_hash() 6422e8471890 net: batman-adv: fix error handling 1cead23c1c0b regmap: Fix possible double-free in regcache_rbtree_exit() 207e6e93e7d6 arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node c29c3295e0e5 RDMA/mlx5: Set user priority for DCT 13ad93a42ce3 nvme-tcp: fix data digest pointer calculation b597b0e2e80b nvmet-tcp: fix data digest pointer calculation d997d4e4365f IB/hfi1: Fix abba locking issue with sc_disable() 0f8cdfff0682 IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields 5f0bfe21c853 tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function bd99782f3ca4 drm/ttm: fix memleak in ttm_transfered_destroy d2c64ebcc76a net: lan78xx: fix division by zero in send path a37c5e70ac24 cfg80211: scan: fix RCU in cfg80211_add_nontrans_list() 590abe5becf5 mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit 07da44b08641 mmc: sdhci: Map more voltage level to SDHCI_POWER_330 0821c5608d80 mmc: dw_mmc: exynos: fix the finding clock sample value 08328d65cb78 mmc: cqhci: clear HALT state after CQE enable 55a3870f4a26 mmc: vub300: fix control-message timeouts e0cfd5159f31 net/tls: Fix flipped sign in tls_err_abort() calls 6a18d155d5b3 Revert "net: mdiobus: Fix memory leak in __mdiobus_register" 9fdcf66ee413 nfc: port100: fix using -ERRNO as command type mask 853f22623dd5 ata: sata_mv: Fix the error handling of mv_chip_id() 6d0b30784fcd Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode" b7dfc536db87 usbnet: fix error return code in usbnet_probe() 492140e45d2b usbnet: sanity check for maxpacket 4ba6c163fe64 ipv4: use siphash instead of Jenkins in fnhe_hashfun() 3f439c231a03 ipv6: use siphash in rt6_exception_hash() 1cad781ecf37 powerpc/bpf: Fix BPF_MOD when imm == 1 ca10ddbbabd0 ARM: 9141/1: only warn about XIP address when not compile testing 40cd32945552 ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype 2f7647cc13be ARM: 9134/1: remove duplicate memcpy() definition 9f44f66396f3 ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Wed, 10 Nov 2021 13:08:44 +0000 (08:08 -0500)]
linux-yocto/5.4: update to v5.4.154
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
ce061ef43f1d Linux 5.4.154 291a48871e51 sched: Always inline is_percpu_thread() 3e105ecc4ab7 scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" 1ff5ee9d3926 scsi: ses: Fix unsigned comparison with less than zero 83d857d6b096 drm/amdgpu: fix gart.bo pin_count leak 1843ae8c4b2b net: sun: SUNVNET_COMMON should depend on INET 6d1d7acb1067 mac80211: check return value of rhashtable_init 2aaf3fd5e109 net: prevent user from passing illegal stab size 1e66a472b51b m68k: Handle arrivals of multiple signals correctly be191c8e68fe mac80211: Drop frames from invalid MAC address in ad-hoc mode fffad5988f28 netfilter: nf_nat_masquerade: defer conntrack walk to work queue b3cb06303419 netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic a9d8aa2d3ca8 HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs 8c6680025b49 netfilter: ip6_tables: zero-initialize fragment offset 744b908a7f3f HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS b6bccc978ec8 ext4: correct the error path of ext4_write_inline_data_end() de4a28b718bb net: phy: bcm7xxx: Fixed indirect MMD operations
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Previously if BUILD_REPRODUCIBLE_BINARIES was set to 0, the system would
fall back and select the default epoch (April 2011), but still perform
the reproducible build actions. This resulted in binaries that had an
unusually old date.
Simplify the functions and remove the anonymous python as no longer
necessary.
Also improve the documentation to better explain what the class is doing
and how a recipe can override the behavior if necessary.
Signed-off-by: Mark Hatle <mark.hatle@xilinx.com> Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1976013b026cfba94de32a13e994d92d7e9e39e5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 19 Sep 2021 15:20:28 +0000 (16:20 +0100)]
sstate: Avoid deploy_source_date_epoch sstate when unneeded
This sstate task is only needed when depended upon, it can be skipped
if there are no tasks running that directly depend upon it.
This reduced the number of sstate tasks in something like an image
build.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 601cee016da5c7505915e26641a085714de175ce) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Mon, 13 Sep 2021 22:56:16 +0000 (23:56 +0100)]
sstate: Ensure SDE is accounted for in package task timestamps
When creating packages we build them with --clamp-mtime and use
SOURCE_DATE_EPOCH as the maximum mtime. This makes the end packages
reproducible. The data stored in sstate for do_package and the package
task doesn't benefit from this though and have varying timestamps.
This means their outhash varies and means hash equivalance isn't
effective at all and doesn't work as intended/desired.
We could create the sstate archives with the same clamping however
that would lead to different results depending on whether a task was
installed from sstate or not. Making that differ is a path to madness.
It also wouldn't fix the outhash of the task to be determninistic
without clamping of the date in the hash calculation code.
Instead, iterate over the files in sstate output and clamp them at
the code level. This isn't ideal but does make the file timestamps
determnistic everywhere and means we don't have to change the hash
calculation code.
This issue can be clearly seen looking at the do_package outhash for
a recipe which you then re-run the package task for after adding
something like whitespace to the install task. The outhash shouldn't
change but currently does.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c3b3cc4745811b48b9193f83889946b2e1788932) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Jose Quaresma [Sun, 7 Nov 2021 11:36:52 +0000 (11:36 +0000)]
sstate: another fix for touching files inside pseudo
This patch is a fixup for 676757f "sstate: fix touching files inside pseudo"
running the 'id' command inside the sstate_unpack_package
function shows that this funcion run inside the pseudo:
uid=0(root) gid=0(root) groups=0(root)
The check for [ -w ${SSTATE_PKG} ] and [ -O ${SSTATE_PKG}.siginfo ]
will always return true and the touch can fail when the real user
don't have permission or in readonly filesystem.
As the documentation refers:
- the file test operator "-w" check if the file has write permission
(for the user running the test).
- the file test operator "-O" check if you are owner of file
We can avoid this test running the touch and mask any return errors
that we have.
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5b9210d66c78bb3f79056e5586cea7b0edd714a9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Tue, 9 Nov 2021 13:21:31 +0000 (13:21 +0000)]
mirrors: Add uninative mirror on kernel.org
At the last nas outage, we realised that we don't have good mirrors of the
uninative tarball if our main system can't be accessed. kernel.org mirrors
some Yocto Project data so we've ensured uninative is there. Add the appropriate
mirror url to make use of that.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Marek Vasut [Sat, 6 Nov 2021 12:59:15 +0000 (13:59 +0100)]
piglit: upgrade to latest revision
Update piglit to latest git revision and update the branch name,
since the original one is no longer updated. Make sure the VK
tests are only enabled if VK is also enabled in PACKAGECONFIG,
and that this is opt-in, otherwise older systems fail to build.
Cherry picked from squashed commits: eb3a8d4c7b ("piglit: upgrade to latest revision") a27b06f73a ("piglit: upgrade to latest revision") bb091bc0be ("piglit: upgrade to latest revision") 394746d1cb ("piglit: upgrade to latest revision") 5aec8cff94 ("piglit: upgrade to latest revision") fc4c82773d ("piglit: fix reproducibility") 6fbec0f12a ("piglit: update to latest revision") 8d23a0d498 ("piglit: upgrade to latest revision") 5144d515fe ("piglit: upgrade to latest revision") dd085bd577 ("piglit: upgrade to latest revision") 9ba6df1b2c ("piglit: upgrade to latest revision") 1ccd71eb3e ("piglit: upgrade to latest revision")
Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Cc: Anuj Mittal <anuj.mittal@intel.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Steve Sakoman <steve@sakoman.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 29 Oct 2021 10:14:42 +0000 (11:14 +0100)]
pseudo: Add fcntl64 wrapper
Add fcntl64 wrapper which hopefully fixes issues seen in findutils and the find
command in the libtool removal code when built with LFS compile flags on Gentoo.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f26867fe4daec7299f59a82ae4a0d70cceb3e082) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 25 Sep 2021 09:37:14 +0000 (10:37 +0100)]
pseudo: Add in ability to flush database with shutdown request
Pulls in:
pseudo_db: Flush DB if there is a shutdown request
fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (test fix)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0882095d608ce3abbcc9814517434c21ea549063) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 29 Oct 2021 14:13:28 +0000 (15:13 +0100)]
linunistring: Add missing gperf-native dependency
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 73d3efbaeb2f412ab8d3491d2da3f3124fc009f3) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Mingli Yu [Thu, 4 Jun 2020 08:13:39 +0000 (16:13 +0800)]
python3-magic: add the missing rdepends
Add the missing rdepends to fix below error:
# python3
[snip]
>>> import magic
[snip]
ModuleNotFoundError: No module named 'ctypes'
ModuleNotFoundError: No module named 'tempfile'
Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 115791844124bdddfbaec9d75bb887ef35c41f20) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Joshua Watt [Sun, 30 Aug 2020 03:00:34 +0000 (22:00 -0500)]
oeqa: reproducible: Fix test not producing diffs
Diffoscope changed the --exclude-directory-metadata option to require an
argument.
Add a test to validate that diffoscope is functioning as
expected to ensure that future upgrades do not unintentionally break
the reproducibility tests.
[YOCTO #14025]
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ea8fbcb7978ce48d7a9a83143d09402329535f86) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 29 Oct 2021 12:34:24 +0000 (13:34 +0100)]
meta/scripts: Manual git url branch additions
Following the scripted conversion adding branches to git://
SRC_URI entries, add the remaining references, mainly in the selftests
and recipetool.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5340c0d688036c1be6c938f05d8a8c1e3b49ec38) Signed-off-by: Steve Sakoman <steve@sakoman.com>
This update was made with the convert-scruri.py script in scripts/contrib
This script handles two emerging issues:
1. There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
2. Github are dropping support for git:// protocol fetching, so remap github
urls as needed. For more details see:
Richard Purdie [Tue, 2 Nov 2021 11:34:21 +0000 (11:34 +0000)]
scripts/convert-srcuri: Backport SRC_URI conversion script from master branch
This script handles two emerging issues:
1. There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
2. Github are dropping support for git:// protocol fetching, so remap github
urls as needed. For more details see:
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7f4d11e8da6bb79232535c42ad41798a56162ac7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
License-Update: new firmware files, copyright years, file names Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bfceaba4f38771047dfdfdfdbf16b794006dfd78) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 17 Feb 2021 17:57:13 +0000 (17:57 +0000)]
git: Fix determinism issue
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9ae740939f8315c64fe7571f912404127a29dc89) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Teoh Jay Shen [Thu, 28 Oct 2021 11:15:44 +0000 (19:15 +0800)]
oeqa/runtime/parselogs: modified drm error in common errors list
Changed the following line from:
[drm] Cannot find any crtc or sizes - going 1024x768 > [drm] Cannot find any crtc or sizes
This will expand the coverage of the failure to also cover the case when fallback size is not set.
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0569fa735458512d6e15aa3315218ecbdf8510a3) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Wed, 20 Oct 2021 17:30:07 +0000 (18:30 +0100)]
oeqa/runtime: search sys.path explicitly for modules
The controller module loading code needs to be told what directories
to search for modules via the target_modules_path keyword argument, which
is set to BBPATH.
However, as the actual module loading is done via importlib this relies
on the paths being on sys.path, which it is as base.bbclass puts each
layer's lib/ in sys.path.
Simplify the code by removing this indirection, and simply search
sys.path directly.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 570a19581f582f77e04d6892adb647cd649a6943) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Fri, 15 Oct 2021 17:41:20 +0000 (18:41 +0100)]
testimage: fix unclosed testdata file
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c192a97e3e1c015a48667d6903cc07a8b2620e4) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 14 Oct 2021 11:04:46 +0000 (12:04 +0100)]
reproducible_build: Drop obsolete sstate workaround
sstate has been sufficiently invalidated since this change was made, drop
the workaround now.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7a497d8f30f21bafc78d0f22f3442a9cc99544cb) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Thu, 14 Oct 2021 16:33:18 +0000 (17:33 +0100)]
oe/utils: log exceptions in ThreadedWorker functions
If the function a ThreadedWorker is executing raises an exception, don't
use print() as that mostly disappears. Instead, output it to the logger.
This is done using bb.mainlogger.debug directly instead of bb.debug() as
this allows us to pass the exception instance directly, which is then
incorporated into the log stream.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f1ea25c222b344dd8b784b2bc73a6540ab30274) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since Python 3.8 visit_Num(), visit_Str() and so on are all deprecated
and replaced with visit_Constant. We can't yet remove the deprecated
functions until we require 3.8, but we can implement visit_Constant to
silence the deprecation warnings.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 875a944392a3c93f40081a14af357f70b6b8264f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since Python 3.8 visit_Num(), visit_Str() and so on are all deprecated
and replaced with visit_Constant. We can't yet remove the deprecated
functions until we require 3.8, but we can implement visit_Constant to
silence the deprecation warnings.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit abc93390a3f19bc4cc159c5690a478b9e2270906) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Daniel McGregor [Tue, 12 Oct 2021 15:44:50 +0000 (09:44 -0600)]
bitbake.conf: Add gpg-agent as a host tool
If gpg is used, it will find the first gpg agent in the path, this
may lead to issues where gpg comes from the host, and the agent
comes from a gnupg-native due to package signing. The versions
being out of sync causes gpg to fail.
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2b59fb9d52a405a32a1d069d4c5320b72fbd35ce) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 9 Oct 2021 22:33:15 +0000 (23:33 +0100)]
base: Use repr() for printing exceptions
Exceptions print more clearly using repr() instead of str(), fix
in fetch and unpack tasks.
Drop part of the test which no longer makes sense after this change.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c94816259cc1c09746353ad26ca0c811e0c962c2) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 9 Oct 2021 16:46:17 +0000 (17:46 +0100)]
base: Clean up unneeded len() calls
This code pattern isn't very pythonic, improve it to drop the unneeded
len() calls.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 69376ac1a6147b26fe1abaa4cf68414024814d63) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Thu, 14 Oct 2021 16:33:19 +0000 (17:33 +0100)]
sstate: don't silently handle all exceptions in sstate_checkhashes
If checkstatus returns an exception we should silently handle
FetchError, as this means the fetch failed for 'normal' reasons such as
file not found. However, other exceptions may be raised, and these
should be made visible.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 50d99faf88a1d82cbd939b9bd6e33ebed2b1ffd8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Thu, 28 Oct 2021 08:05:37 +0000 (10:05 +0200)]
devtool: fix modify with patches in override directories
If a recipe applies patches which are in machine-specific override
directories, devtool will fail to fetch the patches that don't match the
default configuration. For example where there are patches at
qemux86/x86.patch and qemuarm/arm.patch:
The patch apply phase sets OVERRIDES but does not set FILESOVERRIDES, so
it cannot find the patch files as the search path isn't correct. Fix
this by setting FILESOVERRIDES too.
Also when iterating through the overrides we need to be sure that other
overrides that are used are not enabled, so extend no_overrides instead of
simply appending the current override.
Jose Quaresma [Wed, 20 Oct 2021 17:25:46 +0000 (18:25 +0100)]
sstate: fix touching files inside pseudo
running the 'id' command inside the sstate_create_package
function shows that this funcion run inside the pseudo:
uid=0(root) gid=0(root) groups=0(root)
The check for touch files [ ! -w ${SSTATE_PKG} ]
will always return true and the touch can fail
when the real user don't have permission or
in readonly filesystem.
As the documentation refers, the file test operator "-w"
check if the file has write permission (for the user running the test).
We can avoid this test running the touch and mask any return errors
that we have.
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f6e7445c94443544e92fda97a017ce93393c5f84) Signed-off-by: Steve Sakoman <steve@sakoman.com>
