This way we put a timestamp on the image, so that someone looking at the
image on an old release tarball has a representation of the release "as
of <date>".
Here set "Oct. 24" as it was the last time the file was updated.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: 108b53abd96fa7fd82107de07a46ae77a6f9269f)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 7b62bbec900bc84a31e4686839e774ba7bd5ae9f)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
glibc 2.36 has added sys/pidfd.h and APIs for
pidfd_send_signal and pidfd_open, therefore check
for this header and include it if it exists
(From OE-Core rev: 2c913a7b66ea756ebc65a573e1b5bb5dba6834d2)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
GCC 14 implicitly turns a warning into a compiler error:
| ../../git/src/lib/packlib.c: In function ‘PWClose’:
| ../../git/src/lib/packlib.c:554:40: error: passing argument 1 of ‘HwmsHostToBigEndian’ from incompatible pointer type [-Wincompatible-pointer-types]
| 554 | HwmsHostToBigEndian(tmp_pwp.hwms, sizeof(tmp_pwp.hwms), en_is32);
| | ~~~~~~~^~~~~
| | |
| | uint32_t * {aka unsigned int *}
| ../../git/src/lib/packlib.c:142:27: note: expected ‘char *’ but argument is of type ‘uint32_t *’ {aka ‘unsigned int *’}
| 142 | HwmsHostToBigEndian(char *pHwms, int nLen,int nBitType)
| | ~~~~~~^~~~~
Add the cast to (char *) to silence it.
(From OE-Core rev: 7cca344feaa16cfabbaa2f34e4aab91cc1af39ee)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* to allow building vala-native on hosts with gcc-14
* we could backport:
23ec71b1a5
which is already included in scarthgap, but that's big patch doing almost the same
(From OE-Core rev: 0f850f213071d4bc3a7065334debabd32c7bd9a1)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
zip's configure fails to link this piece of test code:
int main() { return closedir(opendir(".")); }
with GCC-14 because it now treats implicit declaration of function
as error, unline older GCC version where it was just a warning
and this test would build fine.
Remove 0002-unix.c-Do-not-redefine-DIR-as-FILE.patch which
is now unnecessary (MJ: this part wasn't applicable for kirkstone).
(From OE-Core rev: fd31dd1abc8199a1865801259e6f96b78a17d994)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3422411eb750c7e960b81676637cfb321dbadefb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Newer compilers are strict and have turned some warnings into hard
errors which results in subtle configure check failures. Therefore fix
these tests and also enable largefile support via cflags when its
desired
(From OE-Core rev: 03b7a44e2ff4364cb85758f91d78efa0cf85682d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Running either of these ends up corrupting the os.execv args.
If we run:
./scripts/nativesdk-intercept/chown -R foo:foo bar
The loop here ends up missing the conversion of foo:foo to root:root because
it sees sys.argv[0] and assumes that it's the user:group argument and that we
should convert that. We end up a os.execv(path, args) that have the following
args:
['root:root', '-R', 'foo:foo', 'bar']
As os.execv ignores args[0], we can just populate it with sys.argv[0] and then
loop through sys.argv[1:]. As both chgrp and chown would have either flags and
USER[:GROUP] next, this fixes the issue.
(Backported from OE-Core rev: 2a75f647ec7696d353f4b09099d777ba53f34d36)
(From OE-Core rev: ed009b5d58914582c0770222115fc5c5a16bf16d)
Signed-off-by: Eilís 'pidge' Ní Fhlannagáin <pidge@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The bmaptool (previously: bmap-tools, bmap-tool, bmaptool) has been moved
to be under the Yocto Project umbrella and is now hosted at:
github.com/yoctoproject/bmaptool
(From OE-Core rev: 7678ae7fc255621d91271599b5f4491520387279)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The 'preinit' script can't create mount directories when rootfs is
read-only. Add an option to skip this step. The user must make sure that
all required directories are already in the rootfs directory layout.
Cc: Vyacheslav Yurkov <uvv.mail@gmail.com>
(From OE-Core rev: 302dd4a63f97e23631a62a0b902cc253f6843ab0)
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 3d433d8559467d255bd19af2d0999c65ea24a48d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
- Security: Minor follow-up fixes for CVE-2024-40897
- powerpc: fix div255w which still used the inexact substitution
- x86: work around old GCC versions (pre 9.0) having broken xgetbv
implementations
- x86: consider MSYS2/Cygwin as Windows for ABI purposes only
- x86: handle unnatural and misaligned array pointers
- orccodemem: Assorted memory mapping fixes
- Fix include header use from C++
- Some compatibility fixes for Musl
- ppc: Disable VSX and ISA 2.07 for Apple targets
- ppc: Allow detection of ppc64 in Mac OS
- x86: Fix non-C11 typedefs
- meson: Fix detecting XSAVE on older AppleClang
- x86: try fixing AVX detection again by adding check for XSAVE
- Check return values of malloc() and realloc()
(From OE-Core rev: ec300eadd0ab51583502b833798a6b46956f0f47)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ed7e4eb12491968c5f962b7e89d557c2c6d86a33)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This includes CVE-fix for CVE-2024-43790 and CVE-2024-43802
Changes between 9.1.0682 -> 9.1.0698
====================================
https://github.com/vim/vim/compare/v9.1.0682...v9.1.0698
(From OE-Core rev: 45ef5c80b1085d88d08679025bab13161c1f1fb2)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e530265415d93e3f49ec7874cf720aad18ab2e22)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
https://nvd.nist.gov/general/news/cvss-v4-0-official-support
CVSS v4.0 was released in November 2023
NVD announced support for it in June 2024
Current stats are:
* cvss v4 provided, but also v3, so cve-check showed a value
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 != 0.0;
2069
* only cvss v4 provided, so cve-check did not show any
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 = 0.0;
260
(From OE-Core rev: 358dbfcd80ae1fa414d294c865dd293670c287f0)
(From OE-Core rev: 8c20a7badb6e5d6c6c90176e45e90f776df25298)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This allows building detailed vulnerability analysis tools without
relying on external resources.
(From OE-Core rev: 048ff0ad927f4d37cc5547ebeba9e0c221687ea6)
(From OE-Core rev: 3e47644d24d97c2541ccb70d91c144cf6530d5b0)
Signed-off-by: Antoine Lubineau <antoine.lubineau@easymile.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
These CVEs were fixed in 3.10.15
Commit 487e8cdf1d removed patches in favor
of version upgrade, which caused the CVEs to re-appear in reports.
(From OE-Core rev: 2cf10084c56c83da3deff4e65e619afab80e08e1)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A DMA reentrancy issue leading to a use-after-free error
was found in the e1000e NIC emulation code in QEMU. This
issue could allow a privileged guest user to crash the
QEMU process on the host, resulting in a denial of service.
CVE-2023-3019-0002 is the CVE fix and CVE-2023-3019-0001
is dependent CVE fix.
fix indent issue in qemu.inc file.
CVE-2023-3019 patch required Mem ReenttranceyGuard structure
definition, it's defined in commit:
a2e1753b80
but the patch is causing errors:
Failed: qemux86 does not shutdown within timeout(120)
so backported only required structure definition.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-3019
Upstream patches:
7d0fefdf813c0463a650
(From OE-Core rev: 3782e1b21882ffc5e4cc466418e066179470241e)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick patch from branch openssl-3.0.
(From OE-Core rev: 75e1dedf85ac093fc43eb88a59bfe980bb363bf9)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Mention that Scarthgap the latest LTS in a bullet list next to
Kirkstone. Reword the parapraph a bit to make it clearer after this
change.
Reviewed-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
(From yocto-docs rev: 23c4ca4fdfffb7793cf4ffaea365e042e1a25325)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit afeded9939777d88bf4cb9ebf7a61aadd476642d)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* Add Walnascar release.
* Remove dunfell, gatesgarth, hardknott, honister: these release are not
supported anymore. Start from kirkstone, which is still supported.
(From yocto-docs rev: 1955aa1052d16a05cc7d493d5e7c0fe113141812)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit aa9a580c8c57af4baa4fb24a43487fb7afc258e5)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The package splitting section of the overview manual currently lacks any
explanation of how package splitting is implemented and redirects to
the package class, which is not really understandable for newcomers to
the project.
This patch adds a short explanation of what is done:
* How the PACKAGES variable is defined.
* How the FILES variable is defined.
* How the two work together.
* How to add a custom package.
This should give enough details to a new user on what package splitting
achieves and how to add a custom package.
Adresses [YOCTO #13225]
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: ef4150029d377ce1c35645971502ae56345915a6)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 143c3cacdec36c9d7ab81c89bbcc12c0c3936bd9)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
GNOME gitlab has occasional downtime which impacts bitbake-selftest
and causes autobuilder failures. Switch to our own mirror for test
purposes to avoid those issues.
(Bitbake rev: 0c30e9aadd30fc6f0dcf811eb8340687b52eb00b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 91e268b11ed683bd197026f9b36001f6d54ee05c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
GNOME gitlab has occasional downtime which impacts bitbake-selftest
and causes autobuilder failures. Switch to our own mirror for test
purposes to avoid those issues.
(Bitbake rev: e4ec4267e4c0818a1682f8a1a4bf3d1419e509a1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 008808755ed6cfeb6c41273e69ce718f0833c26c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The tmpdir such as downloads/tmplp3cnemv won't be removed without this fix.
(Bitbake rev: 15582daed9a18330bcf1ad316a57d46571bbf7c6)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2ba8d3214759142afc11f0a88d80eb30a8bcde3a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There are 14 lines can be removed, and can make it easy to maintain.
(Bitbake rev: ff2dfda55258d8034ea748d87222e51124a03f02)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0ea2c1ac079d63349407a69172ff80cd9acc7252)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(Bitbake rev: c092f7e6c5e07a829173b25e591ab0326e9dcb67)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The pipes module is removed in python 3.13. It was already using the
quote function from shlex so use that directly instead.
The module already imports shlex too so it is an easy substitution.
(Bitbake rev: 53264dc14554890b3a2afc83cb1749cf10d86854)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Document `hosttools/`, `pkgdata/` and add some more information on
`work-shared/`.
Adresses [YOCTO #14543].
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: 259fce03ffab9fb588676c1e150d999d54cf6d85)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 372b5b4ca55819c294970b20aa8b8d8167144329)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This variable can be used to specify one or more compiled device tree or
device tree overlays to use in addition to the one compiled by the
kernel.
(From yocto-docs rev: 708514ea676246ddf251ad47c95442e8ec5c0e1f)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 6566ffceab3780dc5ecbfe26f786ebe6ff17e693)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Variables that can be used for toggling creation of manifest and
specifying the path to the output in the deploy directory.
(From yocto-docs rev: fb462c47bb15522cc02642fe51f39c8e15044957)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 14131a42a7ea8bbae2165c1b8dbcabd5f28b2b22)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport the upstream buffer modifier fix for create_framebuffer to
handle the case where no valid modifiers are available.
(From OE-Core rev: 983e3efb51ab22f1fa5f90cbbfba2d701aa425fc)
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
syslinux has vendored copy of ext2fs/ext2_fs.h but uses ext2fs/ext2fs.h
from e2fsprogs package, however, ext2fs/ext2fs.h has dependencies on
ext2fs/ext2_fs.h coming from e2fsprogs package as these both headers
come from same package, here syslinux uses ext2fs.h from e2fsprogs but
supplies its own copy of ext2_fs.h which maybe out of sync and that
results in warnings about implicit implicit-function-declarations
e.g.
recipe-sysroot/usr/include/ext2fs/ext2fs.h:727:16: error: implicit declaration of function 'ext2fs_has_feature_gdt_csum' [-Wimplicit-function-declaration]
| 727 | ext2fs_has_feature_gdt_csum(fs->super);
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
ext2fs_has_feature_gdt_csum here comes from newer version of
ext2fs/ext2_fs.h but missing from vendored copy, hence the warning.
With gcc-14 this warning is treated as error by default, which breaks
the build, so lets treat it as warning only.
All these functions are never used in syslinux, so functionality-wise we
are fine.
(From OE-Core rev: 14fdee535c37aaa44898dc22149004c97b2456ca)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a2b30108055e68b62fdad7319d7d569bc38a07b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Last version bump removed patch for this CVE because it was integrated
in new release. This has caused the CVE to reappear in reports because
2023-09-12 is "higher" than 11.5...
(From OE-Core rev: d74fd7c4e9353fc00f0b79f05de101efb0148a6f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We can't support vgem on RHEL derived distros so disable this test for
all fedora hosts rather than specific versions.
(From OE-Core rev: c4760d6a52011515b0f931d08f619c7e49e72158)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This test fails consistently on the new valkyrie autobuilder cluster
The estimate instructions (rcpss, rcpps, rsqrtps, rsqrtss) are, as the
name suggests, not expected to give a fully accurate result. They may
produce slighly different results on different CPU families because
their results are not defined by the IEEE standard.
(From OE-Core rev: 9269edb63d3c68de62326f5960ffff0c1068e709)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
[Backport from OE-Core: 40f85de590c188c9c3985e64a83efaf06b0b4fbc]
zstd is dual-licensed under BSD _OR_ GPLv2 which was updated in the README for v1.5.6.
License wording in the README for v1.5.2 is misleading, but license headers in the code
clearly state that there is a choice between the two licenses.
(From OE-Core rev: 4ef9b4d947b6e8ed7637cdd9e722c3f0c83990dd)
Signed-off-by: Massimiliano Minella <massimiliano.minella@se.com>
Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fixes:
http://errors.yoctoproject.org/Errors/Details/770525/
| checking whether the C compiler (gcc -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe ) works... no
| configure: error: installation or configuration problem: C compiler cannot create executables.
| RULES/rules.cnf:70: incs/amd-ryzen-threadripper-3970x-32-core-processor-linux-cc/rules.cnf: No such file or directory
| make: *** [RULES/rules.cnf:59: incs/amd-ryzen-threadripper-3970x-32-core-processor-linux-cc/rules.cnf] Error 1
| make: *** Waiting for unfinished jobs....
where config.log show it's caused by gcc-14:
configure:1189: checking whether the C compiler (gcc -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe ) works
configure:1211: gcc -o conftest -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe -D_GNU_SOURCE conftest.c 1>&5
configure:1208:1: error: return type defaults to 'int' [-Wimplicit-int]
configure: failed program was:
main(){return(0);}
(From OE-Core rev: 6fd1bc0620e6d6ce9b940eaeb68474f4d0b9369b)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 094273bd7d1768e14fbdcd2f239bee14c630a625)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since this is a recipe with PACKAGES = "", inherit the nopackages
class to skip the various packaging functions which wouldn't do anything anyway.
This fixes errors from buildhistory changes where packages-split would be empty.
(From OE-Core rev: fc8ad580c5d76266ad722c9429f39adf5370c2fb)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This CVE iwas created because fix for CVE-2024-24576 was incomplete.
Ignore the new CVE in the same way as the old one.
See https://nvd.nist.gov/vuln/detail/CVE-2024-43402
(From OE-Core rev: 62bb1b8f89c97fa32a7b15021e9e3fbbb878ae68)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
