Introduce the GRUB_MKIMAGE_OPTS variable to allow additional options
to be passed to grub-mkimage, making its behavior more configurable.
(for example, this allows disabling shim lock when necessary).
Update do_mkimage to use ${GRUB_MKIMAGE_OPTS}. This change reduce the
need for hardcoded modifications and makes future adjustments easier.
(From OE-Core rev: a6147adefcba7aae3f4eb8ed76d6a94315cafe61)
Signed-off-by: Valeria Petrov <valeria.petrov@spinetix.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This package is built using simple makefiles, therefore using
autotools bbclass is not right and moreover it is now a hard
error in core
(From OE-Core rev: 3754ebfc0ef127922bce24c5afde4306541ce2f4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard managed to reproduce a pseudo bug that pciutils in a minimal
test case[1] which confirmed that it was the symlink creation causing
issues.
The pciutils Makefile has several installation targets:
- install: binaries, manpages, shared library
- install-lib: headers, library symlinks, shared library
We need to run both targets to install the full set of files we want to
be installed, but notably they both create the .so symlink and as they're
running in parallel this is what triggers the bug in pseudo.
Until the bug has been resolved (or the Makefiles don't duplicate rules),
just run the two targets separately.
[ YOCTO #14957 ]
[1] https://lore.kernel.org/openembedded-core/20250319133457.806384-1-richard.purdie@linuxfoundation.org/T/#u
(From OE-Core rev: a5fc49fafe910a25be7372c82bfbd7876871ce3f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is used to fix multiple CVEs.
(From OE-Core rev: 05791100fe67fd36ef24f98323890a4f3d6c3524)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2021-46705 was needed only with 2.06
CVE-2023-4692 and CVE-2023-4693 were fixed in NVD DB meanwhile
(From OE-Core rev: d4a6b7b559465c2af5c016dd39475df6492c719f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Due to some musl build issues with 2025.01.0, we skip this version and
move forward to 2025.02.0 directly.
Changes in 2025.01.0
--------------------
* Added LLVM/Clang support for the sandbox architecture.
* Enabled command execution from the sandbox command line.
* Improved TFTP with dentry caching and default-disabled window size.
* Introduced hardening features: register zeroing, stack variable
initialization, and malloc buffer zeroing.
* Enhanced AM625 support with network support, watchdog driver, and
bootsource detection.
Changelog: https://lore.barebox.org/barebox/Z4oUYdHXEAtnkySC@pengutronix.de/T/#u
Changes in 2025.02.0
--------------------
* Several memory overflow fixes for different filesystems.
* Added 'Security Considerations' guideline:
https://www.barebox.org/doc/latest/user/security.html
* Added FIT image build target for booting barebox 2nd stage from a
U-Boot with the bootm command (for development purpose).
* AM625 1st stage support including DDR, clock and power domain drivers.
* Added support for the AM625-SK board
* Added support for the Pine64 PineTab 2 (Rockchip)
* CVE's fixed:
- CVE-2025-26721
- CVE-2025-26722
- CVE-2025-26723
- CVE-2025-26724
- CVE-2025-26725
Changelog: https://lore.barebox.org/barebox/Z7iJIYuoxZAja_F7@pengutronix.de/T/#u
(From OE-Core rev: 8a526783e31d9fbb65ffdf234607fa6229543f8d)
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch was removed from SRC_URI but not deleted from the directory
tree.
Fixes: 3291a8fa ("barebox: upgrade 2024.10.0 -> 2024.12.0")
(From OE-Core rev: 0a3c4e3550cb52b4f42858ff6cc3356c96f5a6bf)
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Gold hasn't seen development in some time and is being dropped from binutils
releases. Drop the small number of special cases for it we were carrying.
This patch also turns off gold in the binutils recipe.
(From OE-Core rev: a4addb9ab63011e7c604fc5daff95559e7d214e7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Recipes are much more readable with whitespace around the assignment operators.
Fix various assignments in OE-Core to show this is definitely the preferred
formatting.
(From OE-Core rev: 30ea609d3357fb3de911f2f6a5e6856c151b976a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Release 39 includes support for riscv64.
(From OE-Core rev: 2644e59b0973ddb4039c8b4184842ecf310bd8d8)
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Until now, the default title of a boot entry is its label. The label is
a variable which determines the script to run during an early boot stage
and is not necessarily human readable.
This patch allows to provide a human-readable title for each boot entry.
(From OE-Core rev: a5a7f6ada786b7f2c1a317f20b7e642f1e978de9)
Signed-off-by: Simon A. Eugster <simon.eu@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade to U-Boot 2025.01.
Remove the patch as it has been upstreamed.
(From OE-Core rev: e16a24f04b56ca3fec6509a3286e2e3bb5c21c1e)
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This release has:
- Support for parsing riscv,isa-extensions DT property
- Setup serial console very early in cold boot path
- Support for multiple heaps and aligned memory allocation
- Support for shadow stacks (Zicfiss) ISA extension
- Support for landing pads (Zicfilp) ISA extension
- Support for per-domain data
- Support for double-trap (Smdbltrp/Ssdbltrp) ISA extensions
- DT-based configurable heap size
- Common fdt_driver and helpers for driver initialization
- Support for SBI PMU raw event v2 (Experimental)
- Simple FDT based mailbox driver framework
- RPMI shared memory transport driver (Experimental)
- RPMI system reset driver (Experimental)
- Simple FDT based system suspend driver framework
- RPMI system suspend driver (Experimental)
- Simple FDT based HSM driver framework
- RPMI HSM driver (Experimental)
- Simple FDT based CPPC driver framework
- RPMI CPPC driver (Experimental)
- SBI Message Proxy (MPXY) extension (Experimental)
- Simple FDT based MPXY driver framework
- Common RPMI client driver for MPXY (Experimental)
- Support for vector misaligned load/store
Overall, this release adds more ISA extensions, drivers, and other improvements.
(From OE-Core rev: 2757297b54f5436d341cb1fdeeb756703e5349af)
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
barebox-tools needs to be updated in lockstep with barebox,
and was already once erroneously updated to 2024.10 without
barebox itself.
Particularly, this change puts PV into .inc as well for both
recipes. This will allow AUH to produce correct update patches,
as barebox recipe is mutually exclusive with u-boot, and
so isn't handled by AUH. mesa-gl recipe uses a similar trick
with mesa.
(From OE-Core rev: 555a637d467364f896b72436a83b118e29ee5550)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This server redirects to https:, so we might as well avoid the redirect.
(From OE-Core rev: 244779cc4d5e46cd3611c73862e653d38c8b99dd)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gnu-efi isn't making releases on SourceForge anymore, so switch to git
clones and track releases on GitHub.
License-Update: "Copright" typo fixed.
(From OE-Core rev: 958a1e5e911a3cd7912f9207528a2c9d61c2af6a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gnu-efi is a mix of BSD and GPL licensed source code, not a choice
between the two.
(From OE-Core rev: 186ccb678a83468c8d1b8a457ed600921c932627)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The original patch in 2013[1] did this:
+-libefi.a: libefi.a($(OBJS))
++libefi.a: $(OBJS)
The Makefile no longer uses this syntax and simply replacing $^ with
$(OBJS) is a no-op, so this patch isn't needed.
[1] meta-intel c2c13d4dba2d9c70862891adf0b250ce2be65f68
(From OE-Core rev: fd80af9abce3547f7e929e592bababd3c736bcee)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Pass the correct host compiler (HOSTCC) and include directory to the
build.
Also enable verbose builds (V=1).
(From OE-Core rev: 093e4222948b29dafc272c97b9f200e4b126cadd)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This makes it more obvious to update barebox and barebox-tools together
and should help the AUH to update both.
Suggested-by: Alexander Kanavin <alex.kanavin@gmail.com>
(From OE-Core rev: 9753d5cb44c2d648e19a2e7706590ca4390b2965)
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CPE vendor is "denx" and the CPE product is "u-boot".
Set CVE_PRODUCT for properly matching in the NVD database.
(From OE-Core rev: d2e5d427de13b33694a1d802f5ac833b2c04ced6)
Signed-off-by: Maik Otto <m.otto@phytec.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lz4c has been considered deprecated by upstream since at least 2018 [1]
and has been disabled by default recently [2]. openSUSE Tumbleweed is
no longer packaging the deprecated version and others will likely
follow.
Going back as far as Ubuntu 16.04/Fedora 25, both lz4 and lz4c are
installed as part of the same package so switching should be safe.
1. https://github.com/lz4/lz4/pull/553
2. https://github.com/lz4/lz4/pull/1479
Upstream-Status: Submitted [http://lists.infradead.org/pipermail/barebox/2024-November/048491.html]
(From OE-Core rev: d25c027c6c5ca5cc4b93d3dc394d5bbae15dbafc)
Signed-off-by: Justin Bronder <jsbronder@cold-front.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-scripts-dtc-pylibfdt-libfdt.i_shipped-Use-SWIG_Appen.patch is now
applied in U-Boot upstream.
Update the Upstream-Status accordingly.
(From OE-Core rev: 718f97d90b13c190e2b1852447764c31464ebdf1)
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Swig has changed language specific AppendOutput functions. The helper
macro SWIG_AppendOutput remains unchanged. Use that instead
of SWIG_Python_AppendOutput, which would require an extra parameter
since swig 4.3.0.
(From OE-Core rev: 4eae7888e91c7c864bf490dee38716267be6202e)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update to version 018, which has been converted to meson.
Patch 0001-usbutils.pc.in-Fix-Cflags-entry.patch is no longer needed
as usbutils now uses meson.
Patch 0001-usb-devices-Fix-usb-devices-with-busybox.patch has been
upstreamed.
Add CC0-1.0, LGPL-2.1-or-later, and MIT to the LICENSES entry
due to the following usbutils commits:
32154d0dbed04e63e551
License-Update: Add CC0-1.0, LGPL-2.1-or-later, and MIT entries.
(From OE-Core rev: d10843f712f9e14e744f60243b995dc1e65f891c)
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
