Re: [yocto] [OE-core] How to create connman_1.40.bbappend to enable and to build connman with iwd?
Hi, i tried this a while ago and for me the iwd.service failed to start. Manually executing /usr/libexec/iwd from terminal told me, that my Kernel config was missing a bunch of CONFIG_CRYPTO_ entries enabled. After rebuilding the kernel the iwd service started properly and iwd was basically set up for connman. But to my knowledge even upstream connman is not able to scan wifi with iwd. That is quite a showstopper. You cant completely remove wpa-supplicant because you would still need it to set up your network. So this is not ready for productive use i'd say. Am 27.11.21 um 06:50 schrieb JH: Thanks Tim for the link, I have built the iwd. According to Daniel's advice to configure with "--disable-wifi, --enable-iwd", I added PACKAGECONFIG[wifi] = "--disable-wifi, --enable-iwd", to override PACKAGECONFIG[wifi] in oe-core connman_1.40.bb. The intention is to remove wpa-supplicant and to add iwd to connman_1.40.bbappend, it built the image without error, I believe that the syntax is OK, but the wpa-supplicant was still built and packaged. Any idea from OE/Yocto insiders why PACKAGECONFIG[wifi] in bbappend is not effective? Daniel, how can I verify in the Linux console if the connmand is running with iwd or with wpa_supplicant? I have disabled wpa_supplicant.service, and I'll remove wpa_supplicant completely when I find a way to do it. Thank you. Kind regards, - jh On 11/27/21, Tim Orling wrote: On Fri, Nov 26, 2021 at 5:48 PM Tim Orling via lists.yoctoproject.org wrote: On Thu, Nov 25, 2021 at 10:26 PM JH wrote: Hi, Given the high profile of iwd and advocating connman with iwd, I believe someone have already built Yocto connman and iwd, surprisingly, I could not even find an iwd recipe in https://github.com/openembedded/openembedded/tree/master/recipes, nor can I find connman document and instructions to replace wpa_supplicant by iwd, what could I be missing here? Please look at the layer index for recipes: https://layers.openembedded.org/layerindex/branch/master/layers/ I don’t have any advice for building it however. I forgot to include the recipe link: https://layers.openembedded.org/layerindex/recipe/89268/ Appreciate your kind advice. Thank you. Kind regards, - jh On 11/26/21, JH via lists.yoctoproject.org wrote: Hi, Please correct me, but it seems to me the connman is moving to a direction to ditch out wpa_supplicant and to use iwd, but the Honister still configure connman with wpa_supplicant by default, appreciate your advice: - Is connman with iwd stable enough? - How can I create a connman_1.40.bbappend to replace wpa_supplicant by iwd configure? - Where are the documents for configuring and building connman with iwd? Where is the operational guidance to run connman with iwd? Can I use the same connman dbus APIs or are there any dbus API changes to run connman with iwd? My apology for FAQs. Thank you very much. Kind regards, - JH -- "A man can fail many times, but he isn't a failure until he begins to blame somebody else." -- John Burroughs -- "A man can fail many times, but he isn't a failure until he begins to blame somebody else." -- John Burroughs -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158848): https://lists.openembedded.org/g/openembedded-core/message/158848 Mute This Topic: https://lists.openembedded.org/mt/87331164/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [OE-core] How to create connman_1.40.bbappend to enable and to build connman with iwd?
Thanks Tim for the link, I have built the iwd. According to Daniel's advice to configure with "--disable-wifi, --enable-iwd", I added PACKAGECONFIG[wifi] = "--disable-wifi, --enable-iwd", to override PACKAGECONFIG[wifi] in oe-core connman_1.40.bb. The intention is to remove wpa-supplicant and to add iwd to connman_1.40.bbappend, it built the image without error, I believe that the syntax is OK, but the wpa-supplicant was still built and packaged. Any idea from OE/Yocto insiders why PACKAGECONFIG[wifi] in bbappend is not effective? Daniel, how can I verify in the Linux console if the connmand is running with iwd or with wpa_supplicant? I have disabled wpa_supplicant.service, and I'll remove wpa_supplicant completely when I find a way to do it. Thank you. Kind regards, - jh On 11/27/21, Tim Orling wrote: > On Fri, Nov 26, 2021 at 5:48 PM Tim Orling via lists.yoctoproject.org > wrote: > >> >> >> On Thu, Nov 25, 2021 at 10:26 PM JH wrote: >> >>> Hi, >>> >>> Given the high profile of iwd and advocating connman with iwd, I >>> believe someone have already built Yocto connman and iwd, >>> surprisingly, I could not even find an iwd recipe in >>> https://github.com/openembedded/openembedded/tree/master/recipes, nor >>> can I find connman document and instructions to replace wpa_supplicant >>> by iwd, what could I be missing here? >>> >> >> Please look at the layer index for recipes: >> https://layers.openembedded.org/layerindex/branch/master/layers/ >> >> I don’t have any advice for building it however. >> > > I forgot to include the recipe link: > https://layers.openembedded.org/layerindex/recipe/89268/ > > >> >>> Appreciate your kind advice. >>> >>> Thank you. >>> >>> Kind regards, >>> >>> - jh >>> >>> >>> On 11/26/21, JH via lists.yoctoproject.org >>> wrote: >>> > Hi, >>> > >>> > Please correct me, but it seems to me the connman is moving to a >>> > direction to ditch out wpa_supplicant and to use iwd, but the Honister >>> > still configure connman with wpa_supplicant by default, appreciate >>> > your advice: >>> > >>> > - Is connman with iwd stable enough? >>> > >>> > - How can I create a connman_1.40.bbappend to replace wpa_supplicant >>> > by iwd configure? >>> > >>> > - Where are the documents for configuring and building connman with >>> > iwd? Where is the operational guidance to run connman with iwd? Can I >>> > use the same connman dbus APIs or are there any dbus API changes to >>> > run connman with iwd? >>> > >>> > My apology for FAQs. >>> > >>> > Thank you very much. >>> > >>> > Kind regards, >>> > >>> > - JH >>> > >>> >>> >>> -- >>> "A man can fail many times, but he isn't a failure until he begins to >>> blame somebody else." >>> -- John Burroughs >>> >>> >>> >>> >> >> >> > -- "A man can fail many times, but he isn't a failure until he begins to blame somebody else." -- John Burroughs -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158847): https://lists.openembedded.org/g/openembedded-core/message/158847 Mute This Topic: https://lists.openembedded.org/mt/87331164/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [OE-core] How to create connman_1.40.bbappend to enable and to build connman with iwd?
On Fri, Nov 26, 2021 at 5:48 PM Tim Orling via lists.yoctoproject.org wrote: > > > On Thu, Nov 25, 2021 at 10:26 PM JH wrote: > >> Hi, >> >> Given the high profile of iwd and advocating connman with iwd, I >> believe someone have already built Yocto connman and iwd, >> surprisingly, I could not even find an iwd recipe in >> https://github.com/openembedded/openembedded/tree/master/recipes, nor >> can I find connman document and instructions to replace wpa_supplicant >> by iwd, what could I be missing here? >> > > Please look at the layer index for recipes: > https://layers.openembedded.org/layerindex/branch/master/layers/ > > I don’t have any advice for building it however. > I forgot to include the recipe link: https://layers.openembedded.org/layerindex/recipe/89268/ > >> Appreciate your kind advice. >> >> Thank you. >> >> Kind regards, >> >> - jh >> >> >> On 11/26/21, JH via lists.yoctoproject.org >> wrote: >> > Hi, >> > >> > Please correct me, but it seems to me the connman is moving to a >> > direction to ditch out wpa_supplicant and to use iwd, but the Honister >> > still configure connman with wpa_supplicant by default, appreciate >> > your advice: >> > >> > - Is connman with iwd stable enough? >> > >> > - How can I create a connman_1.40.bbappend to replace wpa_supplicant >> > by iwd configure? >> > >> > - Where are the documents for configuring and building connman with >> > iwd? Where is the operational guidance to run connman with iwd? Can I >> > use the same connman dbus APIs or are there any dbus API changes to >> > run connman with iwd? >> > >> > My apology for FAQs. >> > >> > Thank you very much. >> > >> > Kind regards, >> > >> > - JH >> > >> >> >> -- >> "A man can fail many times, but he isn't a failure until he begins to >> blame somebody else." >> -- John Burroughs >> >> >> >> > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158846): https://lists.openembedded.org/g/openembedded-core/message/158846 Mute This Topic: https://lists.openembedded.org/mt/87331164/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] How to create connman_1.40.bbappend to enable and to build connman with iwd?
On Thu, Nov 25, 2021 at 10:26 PM JH wrote: > Hi, > > Given the high profile of iwd and advocating connman with iwd, I > believe someone have already built Yocto connman and iwd, > surprisingly, I could not even find an iwd recipe in > https://github.com/openembedded/openembedded/tree/master/recipes, nor > can I find connman document and instructions to replace wpa_supplicant > by iwd, what could I be missing here? > Please look at the layer index for recipes: https://layers.openembedded.org/layerindex/branch/master/layers/ I don’t have any advice for building it however. > Appreciate your kind advice. > > Thank you. > > Kind regards, > > - jh > > > On 11/26/21, JH via lists.yoctoproject.org > wrote: > > Hi, > > > > Please correct me, but it seems to me the connman is moving to a > > direction to ditch out wpa_supplicant and to use iwd, but the Honister > > still configure connman with wpa_supplicant by default, appreciate > > your advice: > > > > - Is connman with iwd stable enough? > > > > - How can I create a connman_1.40.bbappend to replace wpa_supplicant > > by iwd configure? > > > > - Where are the documents for configuring and building connman with > > iwd? Where is the operational guidance to run connman with iwd? Can I > > use the same connman dbus APIs or are there any dbus API changes to > > run connman with iwd? > > > > My apology for FAQs. > > > > Thank you very much. > > > > Kind regards, > > > > - JH > > > > > -- > "A man can fail many times, but he isn't a failure until he begins to > blame somebody else." > -- John Burroughs > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158845): https://lists.openembedded.org/g/openembedded-core/message/158845 Mute This Topic: https://lists.openembedded.org/mt/87314752/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [dunfell][PATCH v2] git: fix CVE-2021-40330
On Thu, Nov 25, 2021 at 12:49 AM Minjae Kim wrote: > > git_connect_git in connect.c in Git before 2.30.1 allows a repository path to > contain a newline character, > which may result in unexpected cross-protocol requests, > as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 > substring. > > Upstream-Status: Backport > [https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473] > CVE: CVE-2021-40330 > Signed-off-by: Minjae Kim > --- > .../git/files/CVE-2021-40330.patch| 108 ++ This patch file will not apply: ERROR: git-2.24.3-r0 do_patch: Applying patch 'CVE-2021-40330.patch' on target directory '/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/git/2.24.3-r0/git-2.24.3' Command Error: 'quilt --quiltrc /home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/git/2.24.3-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output: Applying patch CVE-2021-40330.patch patching file connect.c Hunk #1 FAILED at 1064. 1 out of 1 hunk FAILED -- rejects in file connect.c patching file t/t5570-git-daemon.sh Hunk #1 succeeded at 103 with fuzz 1. Patch CVE-2021-40330.patch does not apply (enforce with -f) ERROR: Logfile of failure stored in: /home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/git/2.24.3-r0/temp/log.do_patch.298303 ERROR: Task (/home/steve/builds/poky-contrib/meta/recipes-devtools/git/git_2.24.3.bb:do_patch) failed with exit code '1' Taking a closer look at this, it seems there are two issues. The first is that your mailer (?) is changing tabs to spaces, and this is why the patch won't apply. There is a second more minor issue -- there is a fuzz of 1 in the second hunk. I can fix these issues if you like, but it might be good for you to track down why this is happening so it isn't an issue with future patches you submit to the list. Let me know what you prefer! Steve > meta/recipes-devtools/git/git.inc | 4 +- > 2 files changed, 111 insertions(+), 1 deletion(-) > create mode 100644 meta/recipes-devtools/git/files/CVE-2021-40330.patch > > diff --git a/meta/recipes-devtools/git/files/CVE-2021-40330.patch > b/meta/recipes-devtools/git/files/CVE-2021-40330.patch > new file mode 100644 > index 00..282cd3fbe5 > --- /dev/null > +++ b/meta/recipes-devtools/git/files/CVE-2021-40330.patch > @@ -0,0 +1,108 @@ > +From e77ca0c7d577408878d2b3e8c7336e6119cb3931 Mon Sep 17 00:00:00 2001 > +From: Minjae Kim > +Date: Thu, 25 Nov 2021 06:36:26 + > +Subject: [PATCH] git_connect_git(): forbid newlines in host and path > + > +When we connect to a git:// server, we send an initial request that > +looks something like: > + > + 002dgit-upload-pack repo.git\0host=example.com > + > +If the repo path contains a newline, then it's included literally, and > +we get: > + > + 002egit-upload-pack repo > + .git\0host=example.com > + > +This works fine if you really do have a newline in your repository name; > +the server side uses the pktline framing to parse the string, not > +newlines. However, there are many _other_ protocols in the wild that do > +parse on newlines, such as HTTP. So a carefully constructed git:// URL > +can actually turn into a valid HTTP request. For example: > + > + git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 > %0d%0aHost:localhost%0d%0a%0d%0a > + > +becomes: > + > + 0050git-upload-pack / > + GET / HTTP/1.1 > + Host:localhost > + > + host=localhost:1234 > + > +on the wire. Again, this isn't a problem for a real Git server, but it > +does mean that feeding a malicious URL to Git (e.g., through a > +submodule) can cause it to make unexpected cross-protocol requests. > +Since repository names with newlines are presumably quite rare (and > +indeed, we already disallow them in git-over-http), let's just disallow > +them over this protocol. > + > +Hostnames could likewise inject a newline, but this is unlikely a > +problem in practice; we'd try resolving the hostname with a newline in > +it, which wouldn't work. Still, it doesn't hurt to err on the side of > +caution there, since we would not expect them to work in the first > +place. > + > +The ssh and local code paths are unaffected by this patch. In both cases > +we're trying to run upload-pack via a shell, and will quote the newline > +so that it makes it intact. An attacker can point an ssh url at an > +arbitrary port, of course, but unless there's an actual ssh server > +there, we'd never get as far as sending our shell command anyway. We > +_could_ similarly restrict newlines in those protocols out of caution, > +but there seems little benefit to doing so. > + > +The new test here is run alongside the git-daemon tests, which cover the > +same protocol, but it shouldn't actually contact the daemon at all. In > +theory we could make the test more robust by setting up an actual > +repository with a newline in it (so that our clone would succeed if our > +new check didn't kick in). But a re
Re: [OE-core] [PATCH] sanity/lib: Replace usage if LooseVersion with bb.utils.vercmp_string_op
On Fri, Nov 26, 2021 at 8:34 AM Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:
> distutils is going away and we have functionality in bitbake which can
> handle these comparisions so switch to the bb.utils function.
>
Looks good. I will refactor the distutils deprecation series to follow suit.
> Signed-off-by: Richard Purdie
> ---
> meta/classes/sanity.bbclass | 18 ++
> meta/lib/oe/distro_check.py | 2 +-
> meta/lib/oe/terminal.py | 7 +++
> 3 files changed, 10 insertions(+), 17 deletions(-)
>
> diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass
> index 9fbc9c18e7c..0e20589b22d 100644
> --- a/meta/classes/sanity.bbclass
> +++ b/meta/classes/sanity.bbclass
> @@ -462,13 +462,12 @@ def check_sanity_validmachine(sanity_data):
> # Patch before 2.7 can't handle all the features in git-style diffs. Some
> # patches may incorrectly apply, and others won't apply at all.
> def check_patch_version(sanity_data):
> -from distutils.version import LooseVersion
> import re, subprocess
>
> try:
> result = subprocess.check_output(["patch", "--version"],
> stderr=subprocess.STDOUT).decode('utf-8')
> version = re.search(r"[0-9.]+", result.splitlines()[0]).group()
> -if LooseVersion(version) < LooseVersion("2.7"):
> +if bb.utils.vercmp_string_op(version, "2.7", "<"):
> return "Your version of patch is older than 2.7 and has bugs
> which will break builds. Please install a newer version of patch.\n"
> else:
> return None
> @@ -478,7 +477,6 @@ def check_patch_version(sanity_data):
> # Unpatched versions of make 3.82 are known to be broken. See GNU
> Savannah Bug 30612.
> # Use a modified reproducer from http://savannah.gnu.org/bugs/?30612 to
> validate.
> def check_make_version(sanity_data):
> -from distutils.version import LooseVersion
> import subprocess
>
> try:
> @@ -486,7 +484,7 @@ def check_make_version(sanity_data):
> except subprocess.CalledProcessError as e:
> return "Unable to execute make --version, exit code %d\n%s\n" %
> (e.returncode, e.output)
> version = result.split()[2]
> -if LooseVersion(version) == LooseVersion("3.82"):
> +if bb.utils.vercmp_string_op(version, "3.82", "=="):
> # Construct a test file
> f = open("makefile_test", "w")
> f.write("makefile_test.a: makefile_test_a.c makefile_test_b.c
> makefile_test.a( makefile_test_a.c makefile_test_b.c)\n")
> @@ -539,12 +537,11 @@ def check_wsl(d):
> # built buildtools-extended-tarball)
> #
> def check_gcc_version(sanity_data):
> -from distutils.version import LooseVersion
> import subprocess
>
> build_cc, version = oe.utils.get_host_compiler_version(sanity_data)
> if build_cc.strip() == "gcc":
> -if LooseVersion(version) < LooseVersion("7.5"):
> +if bb.utils.vercmp_string_op(version, "7.5", "<"):
> return "Your version of gcc is older than 7.5 and will break
> builds. Please install a newer version of gcc (you could use the project's
> buildtools-extended-tarball or use scripts/install-buildtools).\n"
> return None
>
> @@ -552,14 +549,13 @@ def check_gcc_version(sanity_data):
> # but earlier versions do not; this needs to work properly for sstate
> # Version 1.28 is needed so opkg-build works correctly when reproducibile
> builds are enabled
> def check_tar_version(sanity_data):
> -from distutils.version import LooseVersion
> import subprocess
> try:
> result = subprocess.check_output(["tar", "--version"],
> stderr=subprocess.STDOUT).decode('utf-8')
> except subprocess.CalledProcessError as e:
> return "Unable to execute tar --version, exit code %d\n%s\n" %
> (e.returncode, e.output)
> version = result.split()[3]
> -if LooseVersion(version) < LooseVersion("1.28"):
> +if bb.utils.vercmp_string_op(version, "1.28", "<"):
> return "Your version of tar is older than 1.28 and does not have
> the support needed to enable reproducible builds. Please install a newer
> version of tar (you could use the project's buildtools-tarball from our
> last release or use scripts/install-buildtools).\n"
> return None
>
> @@ -567,14 +563,13 @@ def check_tar_version(sanity_data):
> # The kernel tools assume git >= 1.8.3.1 (verified needed > 1.7.9.5) see
> #6162
> # The git fetcher also had workarounds for git < 1.7.9.2 which we've
> dropped
> def check_git_version(sanity_data):
> -from distutils.version import LooseVersion
> import subprocess
> try:
> result = subprocess.check_output(["git", "--version"],
> stderr=subprocess.DEVNULL).decode('utf-8')
> except subprocess.CalledProcessError as e:
> return "Unable to execute git --version, exit code %d\n%s\n" %
> (e.returncode, e.output)
> version = result.split()[2]
> -if LooseVersion(version) < LooseVersion("1.8.3.1"):
> +if bb.utils.vercmp_s
Re: [PATCH v3] Re: [OE-core] [PATCH v2 2/3] Rust cross testing file
On 2021-11-02 1:12 a.m., Pgowda wrote: Hi Alexandre, There are still issues with that series and I replied the following a https://lists.openembedded.org/g/openembedded-core/message/156655 I had a detailed investigation on the cryptic errors which was mentioned in the build. Those are the tests that are supposed to FAIL in the rust testsuite. Ah, that's good to know. The current patch provides the framework to run the rust testsuite from rust sources. It does not modify the test case or results and hence is unable to deal with failures from rust source. Hence, we see the final message as "command failed" at the end of testsuite run due to some test case failures from rust source. Can you please let me know how to deal with this? In Yocto, we want the return status to indicate only that we were able to _try_ to run all the tests. If some tests fail that's acceptable. We need to know what the result was and we'll monitor it to ensure that the number of failed tests does not increase. Is there a way we can provide these failures as expected or ignore them? I think this problem is rust specific so you'd have to deal with it in your patch. Maybe someone can point out another case that is similar to this one but I don't know of one offhand. ../Randy Thanks, Pgowda -- # Randy MacLeod # Wind River Linux -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158842): https://lists.openembedded.org/g/openembedded-core/message/158842 Mute This Topic: https://lists.openembedded.org/mt/86459542/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [docs] [PATCH] dev-manual: how to purge duplicate sstate cache files
On 11/26/21 18:23, Michael Opdenacker wrote:
> Hi Jacob,
>
> Thank you for the suggestion!
>
> On 11/26/21 10:20 AM, Jacob Kroon wrote:
>> I also use the --stamps-dir method since that removes additional files.
>> You just gotta remember to do a build of everything you want to keep first.
>
>
> I don't understand the value of this option in the simple case when you
> have a single build directory. Here's the description of this option:
>
> --stamps-dir=,...
> Specify the build directory's stamps directories, the sstate
> cache file which IS USED by these build diretories will be KEPT,
> other sstate cache files in cache-dir will be removed. Use ","
> as the separator. For example:
> --stamps-dir=build1/tmp/stamps,build2/tmp/stamps
>
> What am I missing?
>
--stamps-dir=${TMPDIR}/stamps
in a default build dir I think that would be "build/tmp-glibc/stamps"
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#158841):
https://lists.openembedded.org/g/openembedded-core/message/158841
Mute This Topic: https://lists.openembedded.org/mt/87255323/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [docs] [PATCH] dev-manual: how to purge duplicate sstate cache files
Hi Slava, On 11/26/21 10:13 AM, Vyacheslav Yurkov wrote:Did anyone have time to have a look at what I wrote ? There may be >> better ways to purge the sstate cache files. >> Thanks in advance >> Michael. > > The description looks good to me. By other ways you mean other usage > scenarios of sstate-cache-management.sh script or by means of > something else? Thanks for the review. I was interested in any advise from real life experience, with or without this script, to get rid of obsolete sstate cache files. Cheers Michael. -- Michael Opdenacker, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158840): https://lists.openembedded.org/g/openembedded-core/message/158840 Mute This Topic: https://lists.openembedded.org/mt/87255323/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [docs] [PATCH] dev-manual: how to purge duplicate sstate cache files
Hi Jacob, Thank you for the suggestion! On 11/26/21 10:20 AM, Jacob Kroon wrote: > I also use the --stamps-dir method since that removes additional files. > You just gotta remember to do a build of everything you want to keep first. I don't understand the value of this option in the simple case when you have a single build directory. Here's the description of this option: --stamps-dir=,... Specify the build directory's stamps directories, the sstate cache file which IS USED by these build diretories will be KEPT, other sstate cache files in cache-dir will be removed. Use "," as the separator. For example: --stamps-dir=build1/tmp/stamps,build2/tmp/stamps What am I missing? Thanks again Michael. -- Michael Opdenacker, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158839): https://lists.openembedded.org/g/openembedded-core/message/158839 Mute This Topic: https://lists.openembedded.org/mt/87255323/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] sanity/lib: Replace usage if LooseVersion with bb.utils.vercmp_string_op
distutils is going away and we have functionality in bitbake which can
handle these comparisions so switch to the bb.utils function.
Signed-off-by: Richard Purdie
---
meta/classes/sanity.bbclass | 18 ++
meta/lib/oe/distro_check.py | 2 +-
meta/lib/oe/terminal.py | 7 +++
3 files changed, 10 insertions(+), 17 deletions(-)
diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass
index 9fbc9c18e7c..0e20589b22d 100644
--- a/meta/classes/sanity.bbclass
+++ b/meta/classes/sanity.bbclass
@@ -462,13 +462,12 @@ def check_sanity_validmachine(sanity_data):
# Patch before 2.7 can't handle all the features in git-style diffs. Some
# patches may incorrectly apply, and others won't apply at all.
def check_patch_version(sanity_data):
-from distutils.version import LooseVersion
import re, subprocess
try:
result = subprocess.check_output(["patch", "--version"],
stderr=subprocess.STDOUT).decode('utf-8')
version = re.search(r"[0-9.]+", result.splitlines()[0]).group()
-if LooseVersion(version) < LooseVersion("2.7"):
+if bb.utils.vercmp_string_op(version, "2.7", "<"):
return "Your version of patch is older than 2.7 and has bugs which
will break builds. Please install a newer version of patch.\n"
else:
return None
@@ -478,7 +477,6 @@ def check_patch_version(sanity_data):
# Unpatched versions of make 3.82 are known to be broken. See GNU Savannah
Bug 30612.
# Use a modified reproducer from http://savannah.gnu.org/bugs/?30612 to
validate.
def check_make_version(sanity_data):
-from distutils.version import LooseVersion
import subprocess
try:
@@ -486,7 +484,7 @@ def check_make_version(sanity_data):
except subprocess.CalledProcessError as e:
return "Unable to execute make --version, exit code %d\n%s\n" %
(e.returncode, e.output)
version = result.split()[2]
-if LooseVersion(version) == LooseVersion("3.82"):
+if bb.utils.vercmp_string_op(version, "3.82", "=="):
# Construct a test file
f = open("makefile_test", "w")
f.write("makefile_test.a: makefile_test_a.c makefile_test_b.c
makefile_test.a( makefile_test_a.c makefile_test_b.c)\n")
@@ -539,12 +537,11 @@ def check_wsl(d):
# built buildtools-extended-tarball)
#
def check_gcc_version(sanity_data):
-from distutils.version import LooseVersion
import subprocess
build_cc, version = oe.utils.get_host_compiler_version(sanity_data)
if build_cc.strip() == "gcc":
-if LooseVersion(version) < LooseVersion("7.5"):
+if bb.utils.vercmp_string_op(version, "7.5", "<"):
return "Your version of gcc is older than 7.5 and will break
builds. Please install a newer version of gcc (you could use the project's
buildtools-extended-tarball or use scripts/install-buildtools).\n"
return None
@@ -552,14 +549,13 @@ def check_gcc_version(sanity_data):
# but earlier versions do not; this needs to work properly for sstate
# Version 1.28 is needed so opkg-build works correctly when reproducibile
builds are enabled
def check_tar_version(sanity_data):
-from distutils.version import LooseVersion
import subprocess
try:
result = subprocess.check_output(["tar", "--version"],
stderr=subprocess.STDOUT).decode('utf-8')
except subprocess.CalledProcessError as e:
return "Unable to execute tar --version, exit code %d\n%s\n" %
(e.returncode, e.output)
version = result.split()[3]
-if LooseVersion(version) < LooseVersion("1.28"):
+if bb.utils.vercmp_string_op(version, "1.28", "<"):
return "Your version of tar is older than 1.28 and does not have the
support needed to enable reproducible builds. Please install a newer version of
tar (you could use the project's buildtools-tarball from our last release or
use scripts/install-buildtools).\n"
return None
@@ -567,14 +563,13 @@ def check_tar_version(sanity_data):
# The kernel tools assume git >= 1.8.3.1 (verified needed > 1.7.9.5) see #6162
# The git fetcher also had workarounds for git < 1.7.9.2 which we've dropped
def check_git_version(sanity_data):
-from distutils.version import LooseVersion
import subprocess
try:
result = subprocess.check_output(["git", "--version"],
stderr=subprocess.DEVNULL).decode('utf-8')
except subprocess.CalledProcessError as e:
return "Unable to execute git --version, exit code %d\n%s\n" %
(e.returncode, e.output)
version = result.split()[2]
-if LooseVersion(version) < LooseVersion("1.8.3.1"):
+if bb.utils.vercmp_string_op(version, "1.8.3.1", "<"):
return "Your version of git is older than 1.8.3.1 and has bugs which
will break builds. Please install a newer version of git.\n"
return None
@@ -796,9 +791,8 @@ def check_sanity_everybuild(status, d):
status.addresult('The system requires at least Python 3.6 to run.
Please update your Pytho
[OE-core] [PATCH 2/3] oeqa/utils/dump: Fix typo
Signed-off-by: Richard Purdie
---
meta/lib/oeqa/utils/dump.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oeqa/utils/dump.py b/meta/lib/oeqa/utils/dump.py
index bb067f48462..dc8757807e7 100644
--- a/meta/lib/oeqa/utils/dump.py
+++ b/meta/lib/oeqa/utils/dump.py
@@ -134,4 +134,4 @@ class MonitorDumper(BaseDumper):
output = self.runner.run_monitor(cmd_name)
self._write_dump(cmd_name, output)
except Exception as e:
-print("Failed to dump QMP CMD: %s with\nExecption: %s" %
(cmd_name, e))
+print("Failed to dump QMP CMD: %s with\nException: %s" %
(cmd_name, e))
--
2.32.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#158836):
https://lists.openembedded.org/g/openembedded-core/message/158836
Mute This Topic: https://lists.openembedded.org/mt/87321968/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 3/3] ptest-packagelists: Add missing python3-jsonpointer entry
Resolves: WARNING: python3-jsonpointer-2.2-r0 do_package_qa: QA Issue: supports ptests but is not included in oe-core's ptest-packagelists.inc [missing-ptest] Signed-off-by: Richard Purdie --- meta/conf/distro/include/ptest-packagelists.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/conf/distro/include/ptest-packagelists.inc b/meta/conf/distro/include/ptest-packagelists.inc index 374c1b8c150..bf9d158a0a4 100644 --- a/meta/conf/distro/include/ptest-packagelists.inc +++ b/meta/conf/distro/include/ptest-packagelists.inc @@ -51,6 +51,7 @@ PTESTS_FAST = "\ python3-atomicwrites-ptest \ python3-hypothesis-ptest \ python3-jinja2-ptest \ +python3-jsonpointer-ptest \ python3-markupsafe-ptest \ python3-more-itertools-ptest \ python3-pluggy-ptest \ -- 2.32.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158837): https://lists.openembedded.org/g/openembedded-core/message/158837 Mute This Topic: https://lists.openembedded.org/mt/87321969/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/3] oeqa/parselogs: Fix quoting
Fix deprecation warnings about invalid escape sequences.
Signed-off-by: Richard Purdie
---
meta/lib/oeqa/runtime/cases/parselogs.py | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py
b/meta/lib/oeqa/runtime/cases/parselogs.py
index 50101b78513..b81acdd18a2 100644
--- a/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -303,7 +303,7 @@ class ParseLogsTest(OERuntimeTestCase):
grepcmd = 'grep '
grepcmd += '-Ei "'
for error in errors:
-grepcmd += '\<' + error + '\>' + '|'
+grepcmd += r'\<' + error + r'\>' + '|'
grepcmd = grepcmd[:-1]
grepcmd += '" ' + str(log) + " | grep -Eiv \'"
@@ -314,13 +314,13 @@ class ParseLogsTest(OERuntimeTestCase):
errorlist = ignore_errors['default']
for ignore_error in errorlist:
-ignore_error = ignore_error.replace('(', '\(')
-ignore_error = ignore_error.replace(')', '\)')
+ignore_error = ignore_error.replace('(', r'\(')
+ignore_error = ignore_error.replace(')', r'\)')
ignore_error = ignore_error.replace("'", '.')
-ignore_error = ignore_error.replace('?', '\?')
-ignore_error = ignore_error.replace('[', '\[')
-ignore_error = ignore_error.replace(']', '\]')
-ignore_error = ignore_error.replace('*', '\*')
+ignore_error = ignore_error.replace('?', r'\?')
+ignore_error = ignore_error.replace('[', r'\[')
+ignore_error = ignore_error.replace(']', r'\]')
+ignore_error = ignore_error.replace('*', r'\*')
ignore_error = ignore_error.replace('0-9', '[0-9]')
grepcmd += ignore_error + '|'
grepcmd = grepcmd[:-1]
--
2.32.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#158835):
https://lists.openembedded.org/g/openembedded-core/message/158835
Mute This Topic: https://lists.openembedded.org/mt/87321967/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [RFC PATCH 02/26] setuptools: refactor for no distutils bbclasses
On Thu, Nov 25, 2021 at 11:37 PM Konrad Weihmann
wrote:
>
>
> On 26.11.21 05:35, Tim Orling wrote:
> > Signed-off-by: Tim Orling
> > ---
> > meta/classes/setuptools3-base.bbclass | 31 +
> > meta/classes/setuptools3.bbclass | 67 ++-
> > 2 files changed, 97 insertions(+), 1 deletion(-)
> > create mode 100644 meta/classes/setuptools3-base.bbclass
> >
> > diff --git a/meta/classes/setuptools3-base.bbclass
> b/meta/classes/setuptools3-base.bbclass
> > new file mode 100644
> > index 000..5098ae9d64e
> > --- /dev/null
> > +++ b/meta/classes/setuptools3-base.bbclass
> > @@ -0,0 +1,31 @@
> > +DEPENDS:append:class-target = " ${PYTHON_PN}-native ${PYTHON_PN}"
> > +DEPENDS:append:class-nativesdk = " ${PYTHON_PN}-native ${PYTHON_PN}"
> > +RDEPENDS:${PN} += "${@['', '${PYTHON_PN}-core']['${CLASSOVERRIDE}' ==
> 'class-target']}"
> > +
> > +export STAGING_INCDIR
> > +export STAGING_LIBDIR
> > +
> > +# LDSHARED is the ld *command* used to create shared library
> > +export LDSHARED = "${CCLD} -shared"
> > +# LDXXSHARED is the ld *command* used to create shared library of C++
> > +# objects
> > +export LDCXXSHARED = "${CXX} -shared"
> > +# CCSHARED are the C *flags* used to create objects to go into a shared
> > +# library (module)
> > +export CCSHARED = "-fPIC -DPIC"
> > +# LINKFORSHARED are the flags passed to the $(CC) command that links
> > +# the python executable
> > +export LINKFORSHARED = "${SECURITY_CFLAGS} -Xlinker -export-dynamic"
> > +
> > +FILES:${PN} += "${libdir}/* ${libdir}/${PYTHON_DIR}/*"
> > +
> > +FILES:${PN}-staticdev += "\
> > + ${PYTHON_SITEPACKAGES_DIR}/*.a \
> > +"
> > +FILES:${PN}-dev += "\
> > + ${datadir}/pkgconfig \
> > + ${libdir}/pkgconfig \
> > + ${PYTHON_SITEPACKAGES_DIR}/*.la \
> > +"
> > +inherit python3native python3targetconfig
> > +
> > diff --git a/meta/classes/setuptools3.bbclass
> b/meta/classes/setuptools3.bbclass
> > index 8ca66ee708e..4b8eca3f96e 100644
> > --- a/meta/classes/setuptools3.bbclass
> > +++ b/meta/classes/setuptools3.bbclass
> > @@ -1,4 +1,69 @@
> > -inherit distutils3
> > +inherit setuptools3-base
> >
> > +B = "${WORKDIR}/build"
> > +distutils_do_configure[cleandirs] = "${B}"
>
> I hope this will be removed in a later patch, as the function name
> doesn't match the rest of the class code function naming.
> Or this here deserves a in code explantion
>
> This was a copy-paste oversight and needs to be changed in a v2.
I believe I was trying to contemplate if it was still needed and forgot to
loop back.
https://git.yoctoproject.org/poky/tree/meta/classes/distutils3.bbclass#n4
> +
> > +SETUPTOOLS_BUILD_ARGS ?= ""
> > +SETUPTOOLS_INSTALL_ARGS ?= "--root=${D} \
> > +--prefix=${prefix} \
> > +--install-lib=${PYTHON_SITEPACKAGES_DIR} \
> > +--install-data=${datadir}"
> > +
> > +SETUPTOOLS_PYTHON = "python3"
> > +SETUPTOOLS_PYTHON:class-native = "nativepython3"
> > +
> > +SETUPTOOLS_SETUP_PATH ?= "${S}"
> > +
> > +setuptools3_do_configure() {
> > +:
> > +}
>
> Why do we need to export an empty function?
> Wouldn't it make sense to use noexec here?
>
> This is what was in the original distutils3.bbclass
https://git.yoctoproject.org/poky/tree/meta/classes/distutils3.bbclass#n18
The colon (:) makes it a no-op (not empty). I believe this is our version
of defining an "interface" that can be implemented by subsequent recipes
inheriting the class.
> +
> > +setuptools3_do_compile() {
> > +cd ${SETUPTOOLS_SETUP_PATH}
> > +NO_FETCH_BUILD=1 \
> > +STAGING_INCDIR=${STAGING_INCDIR} \
> > +STAGING_LIBDIR=${STAGING_LIBDIR} \
> > +${STAGING_BINDIR_NATIVE}/${PYTHON_PN}-native/${PYTHON_PN}
> setup.py \
> > +build --build-base=${B} ${SETUPTOOLS_BUILD_ARGS} || \
> > +bbfatal_log "'${PYTHON_PN} setup.py build
> ${SETUPTOOLS_BUILD_ARGS}' execution failed."
> > +}
> > +setuptools3_do_compile[vardepsexclude] = "MACHINE"
>
> Please append or += here otherwise manipulation done to this function
> vardepexclude done *before* the inherit in the recipe will be lost,
> without people noticing that easily
>
> This is directly from the original distutils3.bbclass
https://git.yoctoproject.org/poky/tree/meta/classes/distutils3.bbclass#n30
> +
> > +setuptools3_do_install() {
> > +cd ${SETUPTOOLS_SETUP_PATH}
> > +install -d ${D}${PYTHON_SITEPACKAGES_DIR}
> > +STAGING_INCDIR=${STAGING_INCDIR} \
> > +STAGING_LIBDIR=${STAGING_LIBDIR} \
> > +PYTHONPATH=${D}${PYTHON_SITEPACKAGES_DIR} \
> > +${STAGING_BINDIR_NATIVE}/${PYTHON_PN}-native/${PYTHON_PN}
> setup.py \
> > +build --build-base=${B} install --skip-build
> ${SETUPTOOLS_INSTALL_ARGS} || \
> > +bbfatal_log "'${PYTHON_PN} setup.py install
> ${SETUPTOOLS_INSTALL_ARGS}' execution failed."
> > +
> > +# support filenames with *spaces*
> > +find ${D} -name "*.py" -exec grep -q ${D} {} \; \
> > + -exec sed -i -e s:${D}::
[OE-core] [dunfell][PATCH v2 2/2] openssh: remove redundant BSD license
From: Ross Burton The license statement already includes BSD-2-Clause and BSD-3-Clause, so remove the redundant and ambiguous BSD license. (From OE-Core rev: 5c0b03cda19bcebfc71e1e601a4336fcda4bfc2b) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie Signed-off-by: Mikko Rapeli (cherry picked from commit 7eaab4b261017ae49926b4f18228a3af9906c19c) --- meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index 78f1669240..b60d1a6bd4 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -5,7 +5,7 @@ Ssh (Secure Shell) is a program for logging into a remote machine \ and for executing commands on a remote machine." HOMEPAGE = "http://www.openssh.com/"; SECTION = "console/network" -LICENSE = "BSD-2-Clause & BSD-3-Clause & BSD-4-Clause & BSD & ISC & MIT" +LICENSE = "BSD-2-Clause & BSD-3-Clause & BSD-4-Clause & ISC & MIT" LIC_FILES_CHKSUM = "file://LICENCE;md5=18d9e5a8b3dd1790d73502f50426d4d3" DEPENDS = "zlib openssl virtual/crypt" -- 2.20.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158833): https://lists.openembedded.org/g/openembedded-core/message/158833 Mute This Topic: https://lists.openembedded.org/mt/87319931/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [dunfell][PATCH v2 1/2] openssh: Improve LICENSE to show BSD license variants.
From: Wang Mingyu Update LICENSE to show that BSD-2-Clause, BSD-3-Clause and BSD-4-Clause are all present. (From OE-Core rev: d17938953fc2524bc5f04db4409a47aa400e756a) Signed-off-by: Wang Mingyu Signed-off-by: Richard Purdie Signed-off-by: Mikko Rapeli (cherry picked from commit e42870e233a85bc0d55395ef110b7445dfe784f8) --- meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index 5f03bdc877..78f1669240 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -5,7 +5,7 @@ Ssh (Secure Shell) is a program for logging into a remote machine \ and for executing commands on a remote machine." HOMEPAGE = "http://www.openssh.com/"; SECTION = "console/network" -LICENSE = "BSD & ISC & MIT" +LICENSE = "BSD-2-Clause & BSD-3-Clause & BSD-4-Clause & BSD & ISC & MIT" LIC_FILES_CHKSUM = "file://LICENCE;md5=18d9e5a8b3dd1790d73502f50426d4d3" DEPENDS = "zlib openssl virtual/crypt" -- 2.20.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158832): https://lists.openembedded.org/g/openembedded-core/message/158832 Mute This Topic: https://lists.openembedded.org/mt/87319929/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/2] openssh: Improve LICENSE to show BSD license variants.
Missing dunfell subject prefix. Will send v2. -Mikko -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158831): https://lists.openembedded.org/g/openembedded-core/message/158831 Mute This Topic: https://lists.openembedded.org/mt/87319793/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/2] openssh: Improve LICENSE to show BSD license variants.
From: Wang Mingyu Update LICENSE to show that BSD-2-Clause, BSD-3-Clause and BSD-4-Clause are all present. (From OE-Core rev: d17938953fc2524bc5f04db4409a47aa400e756a) Signed-off-by: Wang Mingyu Signed-off-by: Richard Purdie Signed-off-by: Mikko Rapeli (cherry picked from commit e42870e233a85bc0d55395ef110b7445dfe784f8) --- meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index 5f03bdc877..78f1669240 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -5,7 +5,7 @@ Ssh (Secure Shell) is a program for logging into a remote machine \ and for executing commands on a remote machine." HOMEPAGE = "http://www.openssh.com/"; SECTION = "console/network" -LICENSE = "BSD & ISC & MIT" +LICENSE = "BSD-2-Clause & BSD-3-Clause & BSD-4-Clause & BSD & ISC & MIT" LIC_FILES_CHKSUM = "file://LICENCE;md5=18d9e5a8b3dd1790d73502f50426d4d3" DEPENDS = "zlib openssl virtual/crypt" -- 2.20.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158830): https://lists.openembedded.org/g/openembedded-core/message/158830 Mute This Topic: https://lists.openembedded.org/mt/87319793/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe-core][dunfell][PATCH] python3: upgrade 3.8.11 -> 3.8.12
Release Date: Aug. 30, 2021
This is a security release of Python 3.8
Note: The release you're looking at is Python 3.8.12, a security bugfix release
for the legacy 3.8 series. Python 3.10 is now the latest feature release series
of Python 3. Get the latest release of 3.10.x here.
Security content in this release contains four fixes. There are also four
additional fixes for bugs that might have lead to denial-of-service attacks.
Finally, while we're not providing binary installers anymore, for those users
who produce installers, we upgraded the OpenSSL version used to 1.1.1l.
Take a look at the change log for details.
According to the release calendar specified in PEP 569, Python 3.8 is now in the
"security fixes only" stage of its life cycle: 3.8 branch only accepts security
fixes and releases of those are made irregularly in source-only form until
October 2024. Python 3.8 isn't receiving regular bug fixes anymore, and binary
installers are no longer provided for it. Python 3.8.10 was the last full bugfix
release of Python 3.8 with binary installers.
This release includes a fix for CVE-2021-29921.
References:
https://docs.python.org/release/3.8.12/whatsnew/changelog.html#changelog
Signed-off-by: Marta Rybczynska
---
.../python/{python3_3.8.11.bb => python3_3.8.12.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-devtools/python/{python3_3.8.11.bb => python3_3.8.12.bb}
(99%)
diff --git a/meta/recipes-devtools/python/python3_3.8.11.bb
b/meta/recipes-devtools/python/python3_3.8.12.bb
similarity index 99%
rename from meta/recipes-devtools/python/python3_3.8.11.bb
rename to meta/recipes-devtools/python/python3_3.8.12.bb
index 2a2472b3d0..cfcc91b396 100644
--- a/meta/recipes-devtools/python/python3_3.8.11.bb
+++ b/meta/recipes-devtools/python/python3_3.8.12.bb
@@ -42,8 +42,8 @@ SRC_URI_append_class-native = " \
file://0001-Don-t-search-system-for-headers-libraries.patch \
"
-SRC_URI[md5sum] = "5840ba601128f48fee4e7c98fbdac65d"
-SRC_URI[sha256sum] =
"fb1a1114ebfe9e97199603c6083e20b236a0e007a2c51f29283ffb50c1420fb2"
+SRC_URI[md5sum] = "9dd8f82e586b776383c82e27923f8795"
+SRC_URI[sha256sum] =
"b1d3a76420375343b5e8a22fceb1ac65b77193e9ed27146524f0a9db058728ea"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar"
--
2.33.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#158829):
https://lists.openembedded.org/g/openembedded-core/message/158829
Mute This Topic: https://lists.openembedded.org/mt/87317089/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [docs] [PATCH] dev-manual: how to purge duplicate sstate cache files
Hi Michael, On 11/26/21 10:13, Vyacheslav Yurkov wrote: > Hi Michael > > On 23.11.2021 10:14, Michael Opdenacker wrote: >> Greetings, >> >> On 11/19/21 5:06 PM, Michael Opdenacker wrote: >>> Signed-off-by: Michael Opdenacker >>> --- >>> documentation/dev-manual/common-tasks.rst | 25 ++- >>> 1 file changed, 24 insertions(+), 1 deletion(-) >>> >>> diff --git a/documentation/dev-manual/common-tasks.rst >>> b/documentation/dev-manual/common-tasks.rst >>> index 3eead147a3..37612c84b7 100644 >>> --- a/documentation/dev-manual/common-tasks.rst >>> +++ b/documentation/dev-manual/common-tasks.rst >>> @@ -6242,8 +6242,11 @@ Changing the listed common targets is as easy >>> as editing your version of >>> ``conf-notes.txt`` in your custom template configuration directory and >>> making sure you have ``TEMPLATECONF`` set to your directory. >>> +Conserving Disk Space >>> += >>> + >>> Conserving Disk Space During Builds >>> -=== >>> +--- >>> To help conserve disk space during builds, you can add the following >>> statement to your project's ``local.conf`` configuration file found in >>> @@ -6257,6 +6260,26 @@ building a recipe once the recipe is built. >>> For more information on >>> :ref:`rm_work ` class in the >>> Yocto Project Reference Manual. >>> +Purging Duplicate Shared State Cache Files >>> +--- >>> + >>> +After multiple build iterations, the Shared State (sstate) cache can >>> contain >>> +duplicate cache files for a given package, while only the most >>> recent one >>> +is likely to be reusable. The following command purges all but the >>> +newest sstate cache file for each package:: >>> + >>> + sstate-cache-management.sh --remove-duplicated >>> --cache-dir=build/sstate-cache >>> + >>> +This command will ask you to confirm the deletions it identifies. >>> + >>> +Note:: >>> + >>> + The duplicated sstate cache files of one package must have the same >>> + architecture, which means that sstate cache files with multiple >>> + architectures are not considered as duplicate. >>> + >>> +Run ``sstate-cache-management.sh`` for more details about this script. >>> + >>> Working with Packages >>> = >>> >> Did anyone have time to have a look at what I wrote ? There may be >> better ways to purge the sstate cache files. >> Thanks in advance >> Michael. > > The description looks good to me. By other ways you mean other usage > scenarios of sstate-cache-management.sh script or by means of something > else? > I also use the --stamps-dir method since that removes additional files. You just gotta remember to do a build of everything you want to keep first. /Jacob -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158828): https://lists.openembedded.org/g/openembedded-core/message/158828 Mute This Topic: https://lists.openembedded.org/mt/87255323/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [docs] [PATCH] dev-manual: how to purge duplicate sstate cache files
Hi Michael On 23.11.2021 10:14, Michael Opdenacker wrote: Greetings, On 11/19/21 5:06 PM, Michael Opdenacker wrote: Signed-off-by: Michael Opdenacker --- documentation/dev-manual/common-tasks.rst | 25 ++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/documentation/dev-manual/common-tasks.rst b/documentation/dev-manual/common-tasks.rst index 3eead147a3..37612c84b7 100644 --- a/documentation/dev-manual/common-tasks.rst +++ b/documentation/dev-manual/common-tasks.rst @@ -6242,8 +6242,11 @@ Changing the listed common targets is as easy as editing your version of ``conf-notes.txt`` in your custom template configuration directory and making sure you have ``TEMPLATECONF`` set to your directory. +Conserving Disk Space += + Conserving Disk Space During Builds -=== +--- To help conserve disk space during builds, you can add the following statement to your project's ``local.conf`` configuration file found in @@ -6257,6 +6260,26 @@ building a recipe once the recipe is built. For more information on :ref:`rm_work ` class in the Yocto Project Reference Manual. +Purging Duplicate Shared State Cache Files +--- + +After multiple build iterations, the Shared State (sstate) cache can contain +duplicate cache files for a given package, while only the most recent one +is likely to be reusable. The following command purges all but the +newest sstate cache file for each package:: + + sstate-cache-management.sh --remove-duplicated --cache-dir=build/sstate-cache + +This command will ask you to confirm the deletions it identifies. + +Note:: + + The duplicated sstate cache files of one package must have the same + architecture, which means that sstate cache files with multiple + architectures are not considered as duplicate. + +Run ``sstate-cache-management.sh`` for more details about this script. + Working with Packages = Did anyone have time to have a look at what I wrote ? There may be better ways to purge the sstate cache files. Thanks in advance Michael. The description looks good to me. By other ways you mean other usage scenarios of sstate-cache-management.sh script or by means of something else? Vyacheslav -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158827): https://lists.openembedded.org/g/openembedded-core/message/158827 Mute This Topic: https://lists.openembedded.org/mt/87255323/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] openssl: fix EVP_PKEY_CTX_get_rsa_pss_saltlen() not returning a value
On Thu, 2021-11-25 at 11:10 +, Ross Burton wrote: > Backport a patch submitted upstream. Specifically, this fixes signature > validation in trusted-firmware-a with OpenSSL 3. > > Signed-off-by: Ross Burton > --- > ...-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch | 89 +++ > .../openssl/openssl_3.0.0.bb | 1 + > 2 files changed, 90 insertions(+) > create mode 100644 > meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch > > diff --git > a/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch > > b/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch > new file mode 100644 > index 00..5c76485b5f > --- /dev/null > +++ > b/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch > @@ -0,0 +1,89 @@ > +Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/17136] > +Signed-off-by: Ross Burton > + > +From 425191c295ada8510b0ee87d292ef18b7a45d062 Mon Sep 17 00:00:00 2001 > +From: Tom Cosgrove > +Date: Thu, 25 Nov 2021 10:17:15 + > +Subject: [PATCH] Fix EVP_PKEY_CTX_get_rsa_pss_saltlen() not returning a value > + > +When an integer value was specified, it was not being passed back via > +the orig_p2 weirdness. > + > +Regression test included. > +--- > + crypto/evp/ctrl_params_translate.c | 10 +- > + test/evp_extra_test.c | 28 > + 2 files changed, 33 insertions(+), 5 deletions(-) > + I suspect this may be from this patch: https://autobuilder.yoctoproject.org/typhoon/#/builders/82/builds/2586 https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/2865 Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#158826): https://lists.openembedded.org/g/openembedded-core/message/158826 Mute This Topic: https://lists.openembedded.org/mt/87300168/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
