There are new CVEs reported for this recipe which are not for this
componene, but for a component with same name from apache.
sqlite> select vendor, product, id, count(*) from products where product like 'orc' group by vendor, product, id;
apache|orc|CVE-2018-8015|1
apache|orc|CVE-2025-47436|4
gstreamer|orc|CVE-2024-40897|1
(From OE-Core rev: 683f19c2e3337784e50134b6a1331b4b9626894d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The fdisk option is not enabled by default when it should be as that was
the existing behaviour.
Neither of the RDEPENDS are needed, as systemd doesn't call the tools
directly and the library dependencies will be generated automatically.
This reverts commit 4ec67113e1e7e1ecea9cde33ef4d3962dad5f2ad.
(From OE-Core rev: fac80672339bce66dc551c659932aa728478ffaf)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LLDB defaults to adding rpaths into the binaries which are then stripped
by CMake on install.
However, this rpath removal is implemented by editing the binary instead
of relinking at install time, so the final binary will have an entry in
the dynstr section which is all nulls but is as long as the build path.
Obviously this breaks reproducibility, so disable the use of rpaths in
LLDB to remove this problem.
(From OE-Core rev: d96e0458b696a7359d310cbe112c5dc2fc60f97d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LLDB links to clang libraries, so it really does need clang and not just
LLVM.
(From OE-Core rev: 1a37bb2f0bbdbd599e1d5967eae1ecde4eff6a80)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This API is no longer used and bitbake has moved beyond Python 2.7.3 as
the minimum version, so remove it.
(Bitbake rev: 0eb7b5dd512ed8d8b77b5779858b9fbd99edb4a4)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Python 3.14 changes the default multiprocessing context from "fork" to
"forkserver"; however bitbake heavily relies on "fork" to efficiently
pass data to the child processes. As such, make "fork" context in the bb
namespace and use it in place of the normal multiprocessing module.
Note that multiprocessing contexts were added in Python 3.4, so this
should be safe to use even before Python 3.14
[YOCTO #15858]
(Bitbake rev: 62be9113d98fccb347c6aa0a10d5c4ee2857f8b6)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
After commit d591d7633fe8 ("fetch/git: Rework tag parameter handling"),
update the description of the tag= parameter for the Git fetcher.
(Bitbake rev: 85b31a55d114a1430868233d56573b470fef8908)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The upstream servers are having issues so switch to our own shadow copy
of the repo.
(Bitbake rev: e910c7cd24fd366d6756641cd599c4efeb492e2a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Set LLVM_HEADERS_TBLGEN so that we don't build another copy of tblgen.
Also remove LLVM_OPTIMIZED_TABLEGEN, this is redundant as we're not
building a tablegen binary in this recipe anymore.
(From OE-Core rev: 259a3e9a8281c4e9ab73dee82738f359f029b78d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The cmake.bbclass already does this.
(From OE-Core rev: 85c1aecdf847b97409930d915a90ab850e92bc38)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The GPU targets are incredibly slow to build, so if the DISTRO_FEATURES
doesn't include opengl or vulkan assume that the user will not be using
a GPU and disable them.
Alternatively, a distribution could state that they'll only be using
one of the backends, and set LLVM_TARGETS_GPU explicitly.
On my build machine, disabling the GPU targets reduces the build time of
clang-native from 21m to 16m.
(From OE-Core rev: 2273a0685757421f39541a352d77b67e5ba604d3)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Split the libclc subproject out of the clang recipe and into a dedicated
libclc recipe.
This is useful because libclc is the OpenCL runtime library and as such
isn't target-specific and needs a native clang to build, not a target
libllvm.
Verified that nothing is dropped by adding clang and libclc to an image
and verifying that the file list is the same before and after this
change.
We need to patch the libclc CMakeLists to allow it to use an out-of-tree
prepare_builtins binary, discussion is ongoing with upstream to resolve
this properly.
(From OE-Core rev: 33a8742a1280b4c6779a7aa487c2dd4a713babe6)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If these variables are set explictly then CMake assumes that it is
cross-compiling[1]. We don't need to set them as the default values as
detected by CMake are correct for native.
[1] https://cmake.org/cmake/help/latest/variable/CMAKE_CROSSCOMPILING.html
(From OE-Core rev: 0ea50cba64b5004722051c0ece900443dc4ca929)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When TC_CXX_RUNTIME is set to be 'llvm' then clang looks for
libcxx to provide C++ runtime and unwinding library
(From OE-Core rev: aba2d949818b032222dbaed98e38cd29e3c992b6)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This ensures that default system linker is used correctly based upon
distro features, current default remain same i.e. uses BFD linker
(From OE-Core rev: 33e7c85e92ddbc35989e7afcaf5fe4c14efdefab)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
clang-tidy is used by many packages these days and probed during
build.
(From OE-Core rev: 71ff6d6d1b152076e6dbf03a146f6a9fd2a9c065)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This option is not respected by clang
(From OE-Core rev: 82484ccb3eb1a7b5562131881b5ed6545144e5eb)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Introduce new PACKAGECONFIG options in systemd for both libblkid and
libfdisk [1][2].
Set blkid as enabled by default because the bootctl command depends
on it to be built. For example, images like core-image-sato-sdk rely on
bootctl and have specific tests for it.
Previously this worked implicitly because the upstream Meson option
defaulted to auto, which enabled the dependency if libblkid was present.
Now, without explicitly enabling it via PACKAGECONFIG, the feature would
be disabled, which triggers testimage errors.
[1] https://github.com/systemd/systemd/blob/main/README#L219
[2] https://github.com/systemd/systemd/blob/main/README#L228
(From OE-Core rev: 4ec67113e1e7e1ecea9cde33ef4d3962dad5f2ad)
Signed-off-by: Hiago De Franco <hiago.franco@toradex.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog 301:
- Avoid spurious differences in h5dump output caused by exposure of absolute
internal extraction paths.
- Use our_check_output in the ODT comparator.
- Memoize a number of calls to --version.
Changelog 300:
- Fix a regression and add a test so that diffoscope picks up differences
in metadata for identical files again.
Changelog 299:
- Add python3-defusedxml to the Build-Depends in order to include it in the
Docker image.
(From OE-Core rev: b740601fd6b523e09c2d22e83aed1c0589a8203d)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
objcopy: Don't extend the output section size
Since the output section contents are copied from the input, don't
extend the output section size beyond the input section size.
Backport a patch from upstream to fix CVE-2025-7545
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944]
(From OE-Core rev: 3af3d09684caddb4c4dfd45a30e3721f8f6140e4)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
clang doesn't have Arm big.LITTLE specific tune options - when such an option is used,
the compilation fails with an error like this:
aarch64-poky-linux-clang: error: unsupported argument 'cortex-a72.cortex-a53+crc+crypto' to option '-mcpu='
To avoid this, in case a big.LITTLE SoC is the target and the toolchain is clang, select
the tune corresponding to the LITTLE core.
(From OE-Core rev: 12c820f624730a04a17ae2cdbecc4e6987c45cf7)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-sched_attr-Do-not-define-for-glibc-2.41.patch
removed since it's included in 2.9
(From OE-Core rev: b02c62abe932322ef99fd03c948c745e4088a645)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dropped 0001-src-libgit2-CMakeLists.txt-install-cmake-files-into-.patch
because it's included in this release.
Changelog: see https://github.com/libgit2/libgit2/releases/tag/v1.9.1
(From OE-Core rev: 92bfe7333748bf52a436f03452fecacd95b6b0bf)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream explicitly say in their CONFIG.md file to build with -Os:
Make sure you build with your compiler's "optimize for size" option.
On `gcc` this is `-Os` [ ... ] HarfBuzz heavily uses inline functions
and the optimize-size flag can make the library smaller by 20% or
more. Moreover, sometimes, based on the target CPU, the optimize-size
builds perform *faster* as well, thanks to lower code footprint and
caching effects
Drop the patch to build just hb-subset-plan-layout.cc with -Os (which
was a workaround for a GCC bug), and pass -Os globally.
This manages to reduce the duration to harfbuzz:do_compile on my machine
from 75s to 47s, and has a big impact on the library sizes:
harfbuzz: PKGSIZE changed from 1769358 to 1237070 (-30%)
harfbuzz-dbg: PKGSIZE changed from 84920168 to 71203208 (-16%)
harfbuzz-subset: PKGSIZE changed from 1579247 to 940191 (-40%)
(From OE-Core rev: d795b3e16ed01d7273d4f3779684eb41cc16f809)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The media player buttons weren't working. At runtime there were warnings
like:
(gtk-play:824): Gtk-WARNING **: 12:37:53.946: Could not find signal handler 'next_button_clicked_cb'. Did you compile with -rdynamic?
Add the missing linker option to make the buttons work.
[YOCTO #15915]
(From OE-Core rev: 5571061e26a98804670b0d39b86f3b3b205061b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add following patches.
- 0001-test-Add-support-ptest.patch
- Some default paths in test code are invalid at runtime and cause
- test failures. So add a patch to adjust path to test data for ptest
- environment.
- 0001-ICU-23120-Mask-UnicodeStringTest-TestLargeMemory-on-.patch
- Since ICU-77.1, a test case (TestLargeMemory) that fails to build
- in a 32-bit environment. So add a patch to skip this test case.
- This bug has been reported to upstream. See https://unicode-org.atlassian.net/browse/ICU-23120.
Install icu test-suite to run it as a ptest.
Add icu to PTESTS_FAST because it takes 27sec (less than 30sec) to complete on
qemux86-64 with kvm enabled.
root@qemux86-64:~# ptest-runner icu
START: ptest-runner
2025-07-06T00:46
BEGIN: /usr/lib/icu/ptest
___(snip)___
--------------------------------------
Elapsed Time: 00:00:23.070
PASS: ./intltest
DURATION: 27
END: /usr/lib/icu/ptest
2025-07-06T00:47
STOP: ptest-runner
TOTAL: 1 FAIL: 0
(From OE-Core rev: 4a729a529067a5ba7036a224cf330e31b8a5f838)
Signed-off-by: Daisuke Yamane <yamane07ynct@gmail.com>
CC: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use a more logical name for the profile reports and put each report
into a separate file since people struggle to discover them currently.
(Bitbake rev: a8145c84e0899285a5e6a809f1515118b002b106)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Running "time bitbake -pP idle" with a valid cache shows around 800,000
calls to enum creation from python's signal.py. We don't care about this
overhead and it adversely affects cache load time quite badly.
Try and use _signal directly, falling back to signal, which avoids
this overhead we don't need and makes cache loading much faster.
(Bitbake rev: ee5fce67ce35b025c68aa61e2e758903269ee346)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove rev's "master" default value. Mention that it must match SRCREV,
if set.
Reported-by: Quentin Schulz <quentin.schulz@cherry.de>
(Bitbake rev: 2519b317e4afb1686f907274715a9e2b9c6457f4)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Starting with python 3.12, profiling now stays enabled over threads yet
you can't extract the profile data in the threads themselves, which makes it
difficult to use for our use case.
Our main loop starts the idle loop which starts the parsing threads and this
means we can't profile in the main loop and the parsing threads or the idle
loop at the same time due to this.
Add options to the commandline so you can specify which piece of bitbake
you want to enable profiling for. This allows some profiling with python 3.12
onwards rather than crashing.
(Bitbake rev: 09f29a4968841ee5070f70277ba8c253bb14f017)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is possible for multple bitbake threads to empty ui_queue in parallel
leading to duplicate console messages and much confusion when debuging.
Use the lock to extract the queue data which means only one thread will
processing, removing the duplicate out of order messages.
(Bitbake rev: 945095602e40d54efb8de494218f4a2b25c9969f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We have code duplication in the way we handle profiling of code sections.
Create a common function in utils which covers this.
The main loop and idle loop profile files were also reversed. Fix this and the naming,
removing a couple of unused variables containing the profile log names in the process too.
(Bitbake rev: b4f6bae97ac9607420fc49fd4c9e957d89c9a5f3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the server is quickly stopped, we see tracebacks in the locks
due to the file not existing. Hide these as they're not errors.
(Bitbake rev: a7e1a07e9ef7e6f6a1bcaf567d7916a8ee1ef087)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Neither LLVM_ENABLE_TERMINFO or COMPILER_RT_TERMINFO_LIB are used in the
current CMakeLists.
(From OE-Core rev: 134880baa4a971660e0800f70404d15c758fb7db)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Accidentally duplicated the beginning of the variable name.
(From OE-Core rev: 1484e2cf36428fbe7f5095ec881fdd018eea344b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Brings following fixes
* 87f0227cb601 [InstCombine] Avoid folding `select(umin(X, Y), X)` with min/max values in false arm (#143020)
* df43f93388b7 [PhaseOrdering] Add test for #139050 (NFC)
* 25bcf1145fd7 [RISCV] Fix assertion failure when using -fstack-clash-protection (#135248)
* 6fb913d3e2ec [RelLookupTableConverter] Drop unnamed_addr for GVs in entries to avoid generating GOTPCREL relocations (#146068)
* 0c9f909b7976 [AArch64][SME] Fix restoring callee-saves from FP with hazard padding (#143371)
* fa792cd4c630 [AsmPrinter] Always emit global equivalents if there is non-global uses (#145648)
* ce455b382c08 [objcopy][MachO] Revert special handling of encryptable binaries (#144058)
* 0de59a293f7a [X86] Ignore NSW when DstSVT is i32 (#131755)
* 9af763f038f7 [gtest] Fix building on OpenBSD/sparc64 (#145225)
* 1daceb20611f [LoongArch] Pass OptLevel to LoongArchDAGToDAGISel correctly
* b21155f97a0a [LoongArch] Precommit test case to show bug in LoongArchISelDagToDag
* da18fb9f04ce [LoongArch] Fix xvshuf instructions lowering (#145868)
* 65ce78f338cf [LoongArch] Pre-commit test for fixing xvshuf instructions. NFC
* 5532d5b745e4 [AArch64] Ensure the LR is preserved if we must call __arm_get_current_vg (#145760)
* 5ac3ce819688 [WebAssembly] Fix inline assembly with vector types (#146574)
* b83658b7e2c8 Bump version to 20.1.8
(From OE-Core rev: 4c6e132d6e5e49426c911d0fa9215957eb43f186)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is currently no recipe for bluez4 in openembedded-core.
BlueZ 4 hasn't had any updates/support since it's last point release 4.101 back
in 2012.
(From OE-Core rev: d2de6ae13cbd3f4ade218037ebcfd55d86961a5a)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are a number of recipes that are part of the LLVM Project, so set
CVE_PRODUCT to llvm:llvm in common.inc to ensure that all of the recipes
are covered.
Also add llvm:clang in the clang recipe, as there are a number of CVEs
with that product name.
(From OE-Core rev: 319e97643c1e342491931b6274996d1c8caa7d33)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Below commits on binutils-2.44 stable branch are updated.
b09cf42d51e ld/PE: special-case relocation types only for COFF inputs
f0019390d12 s390: Prevent GOT access rewrite for misaligned symbols
452f5511154 x86: Check MODRM for call and jmp in binutils older than 2.45
4058d5a38a1 ld: fix C23 issue in vers7 test
33578177adc dwarf: Dump .debug_loclists only for DWARF-5
Test Results:
Before After Diff
No. of expected passes 310 310 0
No. of unexpected failures 1 1 0
No. of untested testcases 1 1 0
No. of unsupported tests 9 9 0
Testing was done and there were no regressions found
(From OE-Core rev: 3bd3ea6ea53e5ff553b7dd785ba1bc973e72d09e)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
