Add documentation for the UBOOT_FIT_CONF_FIRMWARE variable, which allows
users to specify an image to be assigned to the "firmware" property of
the FIT configuration node. This explicitly defines the primary image
to boot, instead of relying on the first entry in the "loadables" list.
(From yocto-docs rev: f72fc69e2d2a074d5eaf1cc36b30726de58e3ab5)
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The UBUNTU_DEBIAN_HOST_PACKAGES_ESSENTIAL macro was removed after
8d993022c2ae ("docs: use literalinclude for system requirements").
Replace by the literalinclude like in the reference manual.
Reported-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
(From yocto-docs rev: 1316bd95f4c4107549de34b78bca0499233497e8)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix as many instances of unbalanced-inline-literals-delimiters as reported
by 'make sphinx-lint' as possible. Sphinx and/or its linter seem to get
tripped up randomly when references contain links to a heading which
contain literals enclosed in double-back-tics; especially in the cases
where a heading either contains multiple literals or when the literal is
not at the end of the heading. Not all of them can be "fixed" to pass both
building and linting.
(From yocto-docs rev: 3460177c46d360b0f2f852cdab23f21bd4ec6d5a)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This modifies the default indexer split() and js splitQuery()
methods to support searching for words with hyphens.
While this might not be an ideal, rock solid, and fully future-proof
solution, it allows at least to search for strings inlcuding hyphens,
such as 'bitbake-layers', 'send-error-report', or 'oe-core'.
Below is a bit more detailed explanation of the two modifications done:
1) The default split regex in the sphinx-doc SearchLanguage base class
is:
| _word_re = re.compile(r'\w+')
which we simply extend to include hyphens '-'.
This will result in a searchindex.js that contains words with hyphens,
too.
2) The 'searchtool.js' code notes for its splitQuery() implementation:
| /**
| * Default splitQuery function. Can be overridden in ``sphinx.search`` with a
| * custom function per language.
| *
| * The regular expression works by splitting the string on consecutive characters
| * that are not Unicode letters, numbers, underscores, or emoji characters.
| * This is the same as ``\W+`` in Python, preserving the surrogate pair area.
| */
| if (typeof splitQuery === "undefined") {
| var splitQuery = (query) => query
| .split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}]+/gu)
| .filter(term => term) // remove remaining empty strings
| }
The hook for this is documented in the sphinx-docs 'SearchLanguage'
base class.
| .. attribute:: js_splitter_code
|
| Return splitter function of JavaScript version. The function should be
| named as ``splitQuery``. And it should take a string and return list of
| strings.
|
| .. versionadded:: 3.0
We use this to define a simplified splitQuery() function with a split
argument that splits on empty spaces only.
We extend SearchEnglish (which extends SearchLanguage) here to retain
the stemmer code and stopwords for English.
[YOCTO #14534]
(From yocto-docs rev: d4a98ee19e0cbd6be96923dc72faee143a6b294b)
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Similar to changes in oe-core for the qemux86* machines, allow users
to set higher tuning levels for the genericx86 targets without changing
the default.
(From meta-yocto rev: 1b29b8168584420a858e2897ba2b0c332dae51bf)
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop obsolete patch, the lib/gnulib.mk has been removed by upstream
- 0001-Unset-need_charset_alias-when-building-for-musl.patch
Drop backport patches:
- 0002-Fix-segfault-with-mangled-rename-patch.patch
- 0003-Allow-input-files-to-be-missing-for-ed-style-patches.patch
- 0004-Fix-arbitrary-command-execution-in-ed-style-patches-.patch
- 0001-Fix-swapping-fake-lines-in-pch_swap.patch
- CVE-2019-13636.patch
- 0001-Invoke-ed-directly-instead-of-using-the-shell.patch
- 0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
- 0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
- CVE-2019-20633.patch
GNU patch 2.8 released: http://savannah.gnu.org/news/?id=10741
NEWS since v2.7.6 (2018-02-03):
The --follow-symlinks option now applies to output files as well as input.
'patch' now supports file timestamps after 2038 even on traditional
GNU/Linux platforms where time_t defaults to 32 bits.
'patch' no longer creates files with names containing newlines,
as encouraged by POSIX.1-2024.
Patches can no longer contain NUL ('\0') bytes in diff directive lines.
These bytes would otherwise cause unpredictable behavior.
Patches can now contain sequences of spaces and tabs around line numbers
and in other places where POSIX requires support for these sequences.
--enable-gcc-warnings no longer uses expensive static checking.
Use --enable-gcc-warnings=expensive if you still want it.
Fix undefined or ill-defined behavior in unusual cases, such as very
large sizes, possible stack overflow, I/O errors, memory exhaustion,
races with other processes, and signals arriving at inopportune moments.
Remove old "Plan B" code, designed for machines with 16-bit pointers.
Assume C99 or later; previously it assumed C89 or later.
Port to current GCC, Autoconf, Gnulib, etc.
(From OE-Core rev: b7034d912122582bd63f06d2e4a849dd376b7157)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Clang finds more warnings in kernel code, make clang happy to not treat
these extra warnings as errors
(From OE-Core rev: c587f473a4581d1640aa227a23d517c51b7ec3cc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
clang can build it ok but the openmp directives
get emitted with full paths into binaries [1] until
thats fixed in clang/openmp stick to gcc
[1] https://github.com/llvm/llvm-project/issues/82541
(From OE-Core rev: 89d2401ab0484478aa582fbdda21fd1d287605c4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It uses compiler built-ins which clang does not provide
(From OE-Core rev: 0b8ce7e7f5e04fc078014cdfb25cf3502dbf4d49)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It does not compile with clang due to include_next stdarg.h not working
as the system expects to match gcc behavior
(From OE-Core rev: 4ef959f37816f23e4ed57a71cb9a42fd818aa1fb)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It needs porting to work with clang
(From OE-Core rev: 18ebddf859c9baa4048601ebd968f6b8b02881ed)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
GCC is not yet compilable with clang e.g.
(From OE-Core rev: 28e84b252eb6c01956cad554e9c453412b45e51f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Prevent an abort in the bfd linker when attempting to
generate dynamic relocs for a corrupt input file.
PR 32638
Backport a patch from upstream to fix CVE-2025-1178
Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0]
(From OE-Core rev: f58f174daa7e30baa18abe4db9eda9c1b1c425cc)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
fix the issue that:
| Error: Transaction test error:
| file /usr/libexec/libunwind/check-namespace.sh conflicts between attempted installs of libunwind-1.8.1-r0.core2_64 and lib32-libunwind-1.8.1-r0.core2_32
| file /usr/libexec/libunwind/test-runner conflicts between attempted installs of libunwind-1.8.1-r0.core2_64 and lib32-libunwind-1.8.1-r0.core2_32
By default, test suite from srcdir/tests/* will be installed to /usr/libexec/libunwind, here pass --disable-tests to not install test suite.
Test suite can be added to libunwind-ptest in the future if needed
(From OE-Core rev: 9d9c36cd5fc59e88bcd8a08ba70ced996c7d74be)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Building of spirv-mesa and spirv64-mesa CLC targets (which are required
for Mesa to work) requires a working llvm-spirv tool (provided by the
spirv-llvm-translator-native package). Make clang build-depend on the
corresponding recipe in order to be able to build requried targets.
Fixes: 4178fe97371b ("clang: split SPIRV-LLVM-Translator to its own recipe")
(From OE-Core rev: 177aaa7912f317da4a17a57081eb4f5667ef2c02)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add the ability to set the "firmware" property in the FIT configuration node
by introducing the UBOOT_FIT_CONF_FIRMWARE variable.
This property defines the primary image to be executed during boot. If it is
set, its value will be written into the FIT configuration under the "firmware"
field. If not set, the bootloader will fall back to using the first entry in
the "loadables" list.
Using this property improves control over the boot sequence, especially in
multi-binary boot scenarios.
(From OE-Core rev: 82e1d7cbc855dbe4bec93f9b049851cbe376ea5e)
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An unintended "-e" string may be written into the generated ITS file when users
set the UBOOT_FIT_USER_SETTINGS variable to include custom binaries in the U-Boot
image.
This issue is caused by the use of 'echo -e', which behaves inconsistently across
different shells. While bash interprets '-e' as enabling escape sequences
(e.g., \n, \t), dash—the default /bin/sh on many systems—does not recognize
'-e' and treats it as a literal string. As a result, "-e" can be mistakenly
injected into the ITS file under certain build environments.
To ensure consistent and shell-agnostic behavior, replace 'echo -e' with
'printf', which is well-defined by POSIX and behaves reliably across all common
shells.
This change improves portability and prevents malformed ITS files caused by unintended
string injection.
Fixes: c12e013 ("uboot-sign: support to add users specific image tree source")
(From OE-Core rev: 1d5d22a38188f2c879e289a9732b620b0a6f7a6e)
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The following bugs have been fixed or resolved in this point release:
503098 Incorrect NAN-boxing for float registers in RISC-V
503641 close_range syscalls started failing with 3.25.0
503914 mount syscall param filesystemtype may be NULL
504177 FILE DESCRIPTORS banner shows when closing some inherited fds
504265 FreeBSD: missing syscall wrappers for fchroot and setcred
504466 Double close causes SEGV
To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed above.
(From OE-Core rev: 582e832634d5f1fa4ff9c89d095c10eaffcb3582)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
chrpath has limitations e.g. the original rpath in ELF have to bigger in size
than the one being edited into it by chrpath, some toolchains do not use RPATH
but emit the RUNPATHs into ELF files and chrpath is not able to handle the
runpaths, this is the case with mips and pp32 build of rust, especially
when using clang compiler to build them.
patchelf can do more:
Modify RUNPATH entries
Add RPATH/RUNPATH where none existed
Set longer paths than the original
Convert between RPATH and RUNPATH
(From OE-Core rev: 22b903f6620455e142e836412d3f7f6a4f03bea7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When the input compiler enables AVX, stack realignment requirements
causes gcc to fail to omit %rbp use, due to which the test fails to
clobber %rbp in inline asm. Disable AVX to build the test on x86_64 so
that the test continues working.
(From OE-Core rev: bbd3e7886e2ec5ab3578d618b28d007a80d917aa)
Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some recipes might provide conf files produced during build phase or
simply tracked in the VCS instead of generating them with Yocto.
In such cases those conf files wouldn't be assigned to correct packages.
With this change, if user wants to generate a conf file they still can,
but not generating them won't prevent assigning the file to proper
package given the file exists.
(From OE-Core rev: c7faf141592d1e2a5cab32a83f7e1498ee498d65)
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The default adapters for sqlite datetime are deprecated as of Python
3.12, so implement our own.
[YOCTO #15333]
(Bitbake rev: 38a1d715bf58acbc9cb21eed413b3542c81cf15a)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- drop two merged patches
- clover frontend is always compiled, even if not enabled
clover is deprecated and was removed in master branch
add a patch to fix that
- install gbm_backend_abi.h
(From OE-Core rev: 3d334e5b1e0e152178afce73f01cd1a3ded30677)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Compiler can analyse function pointer parameters now a days and
it reports the mismatches, hence fixed.
(From OE-Core rev: 99c62c5d26e9a046276f4ccd9df307c7a25cd393)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This option is not universal for all compilers
(From OE-Core rev: 2d3b08b4327b3b6b2e16f6a19f1f9a2f951fc027)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This has been 4 years in making, it has fixes to build with gcc-15
and some patches are upstream [1] [2]
This release collects several years of portability improvements, as
well as a couple of minor optimizations to performance. Notable
improvements in this release include faster execution of the 'eval'
builtin. More details [3]
[1] 2d830e4a79
[2] https://git.savannah.gnu.org/gitweb/?p=libsigsegv.git;a=commitdiff;h=a6ff69873110c0a8ba6f7fd90532dbc11224828c
[3] https://lists.gnu.org/archive/html/m4-announce/2025-05/msg00000.html
(From OE-Core rev: b30b952d82af8d505728123023344aac3d9204b8)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A "buffer overflow detected" issue was observed as follows:
| *** buffer overflow detected ***: terminated
|
| zip error: Interrupted (aborting)
This issue is addressed by:
https://bugzilla.redhat.com/show_bug.cgi?id=2165653
Port the fix.
(From OE-Core rev: e2f3eeaedc0ea896f5f5b23f756056331b1647cf)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CPE data in the NVD database is now complete, so these overrides are
no longer needed.
This reverts commit e3419fbaf2999a821e1890a12ab27285cc25b577.
(From OE-Core rev: 252b52ce3fd51acda6ab9108ea6354cb0885a4f7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CPE data in the NVD database is now complete, so these overrides are
no longer needed.
This reverts commit 76c7bb2b9c1b5300f957f11e1601816f8f90b501.
(From OE-Core rev: 693f79b94edb6793d718f97457b6ebd4fa4bfb43)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If no buildstats directories are specified, then find the last two runs
under BUILDDIR.
(From OE-Core rev: 6ed0a13ae68a5e41a43ebd97d9ed154080a7101b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is not a linux-yocto CVE yet it shows up in the reports as:
linux-yocto-custom CVE-2023-3079 0.0 8.8 Unpatched https://nvd.nist.gov/vuln/detail/CVE-2023-3079
For reference, the CPE says:
Affects cpe:2.3⭕linux:linux_kernel:-:*:*:*:*:*:*:*
So affects all Linux systems,
Running on/with cpe:2.3🅰️google:chrome:*:*:*:*:*:*:*:*
[ YOCTO #15780 ]
(From OE-Core rev: 22ef4d2d116afb9d603a05fb107dd9da0e74558b)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The upstream Makefile now supports installing the headers directly[1],
so use the target instead of calling install manually.
[1] e3962fea4e
(From OE-Core rev: 749de43ccc13488c0ec74e4a4257cc25cbf89370)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using clang pass LLVM=y to makefile so it can select needed bits
using clang
(From OE-Core rev: 9f95660886db562669d064f380d963353eef524c)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2025-47268
ping in iputils through 20240905 allows a denial of service (application
error or incorrect data collection) via a crafted ICMP Echo Reply
packet, because of a signed 64-bit integer overflow in timestamp
multiplication.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-47268
Patch from:
070cfacd73
(From OE-Core rev: a4a58d3f6cd49a54a8c271abaad8098958d4f27f)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen) without a check for whether
the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be
larger than the amount of remaining packet data in the current state
of parsing. Values of stack memory locations may be sent over the
network in a response.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-32366
Upstream-patch:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4
(From OE-Core rev: 548eddd84f23c6cb0352b9a692144050da8ba37a)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
