[OE-core][PATCH v3] sstatesig: Improve output hash calculation
From: Mateusz Marciniec Symbolic links to the files are included during the output hash calculation but symlinks to the directories are missed. So if the new symlink to a directory was the only change made, then the output hash won't change, and the Hash Equivalence server may change unihash. In the next run bitbake may use an older package from sstate-cache. To fix this followlinks=True flag could be set for os.walk but it can lead to infinite recursion if link points to a parent directory of itself. Also, all files from a directory to which symlink points would be included in depsig file. Therefore another solution was applied, I added code that will loop through directories and process those that are symlinks. Signed-off-by: Mateusz Marciniec Signed-off-by: Tomasz Dziendzielski --- meta/lib/oe/sstatesig.py | 4 1 file changed, 4 insertions(+) diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py index f0224454c9..ae7ef14453 100644 --- a/meta/lib/oe/sstatesig.py +++ b/meta/lib/oe/sstatesig.py @@ -652,6 +652,10 @@ def OEOuthashBasic(path, sigfile, task, d): if f == 'fixmepath': continue process(os.path.join(root, f)) + +for dir in dirs: +if os.path.islink(os.path.join(root, dir)): +process(os.path.join(root, dir)) finally: os.chdir(prev_dir) -- 2.39.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176999): https://lists.openembedded.org/g/openembedded-core/message/176999 Mute This Topic: https://lists.openembedded.org/mt/96888104/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v2 1/2] python3-dtschema: add dependency on pylibfdt
On Fri, Feb 10, 2023 at 9:25 AM Trevor Woerner wrote: > > dt-schema has a dependency on pylibfdt. > FWIW. I find that the pypi libfdt lags quite a bit, and isn't updated often (that being said, there aren't really updates in dtc either, so it probably isn't an issue). When I've been building it for supporting my other projects, I've ended up using the main dtc git, and meson to do the build and install. Bruce > Signed-off-by: Trevor Woerner > --- > changes since v1: > - add a maintainer entry > --- > meta/conf/distro/include/maintainers.inc | 1 + > .../python/python3-dtschema_2023.1.bb | 2 +- > .../python/python3-pylibfdt_1.6.1.bb | 14 ++ > 3 files changed, 16 insertions(+), 1 deletion(-) > create mode 100644 meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb > > diff --git a/meta/conf/distro/include/maintainers.inc > b/meta/conf/distro/include/maintainers.inc > index ec7ea90d16a6..575ceac8f23c 100644 > --- a/meta/conf/distro/include/maintainers.inc > +++ b/meta/conf/distro/include/maintainers.inc > @@ -661,6 +661,7 @@ RECIPE_MAINTAINER:pn-python3-pycparser = "Tim Orling > " > RECIPE_MAINTAINER:pn-python3-pyelftools = "Joshua Watt > " > RECIPE_MAINTAINER:pn-python3-pygments = "Oleksandr Kravchuk > " > RECIPE_MAINTAINER:pn-python3-pygobject = "Zang Ruochen > " > +RECIPE_MAINTAINER:pn-python3-pylibfdt = "Trevor Woerner " > RECIPE_MAINTAINER:pn-python3-pyopenssl = "Tim Orling > " > RECIPE_MAINTAINER:pn-python3-pyparsing = "Oleksandr Kravchuk > " > RECIPE_MAINTAINER:pn-python3-pyproject-hooks = "Ross Burton > " > diff --git a/meta/recipes-devtools/python/python3-dtschema_2023.1.bb > b/meta/recipes-devtools/python/python3-dtschema_2023.1.bb > index 9767c95d3043..24bded9710a9 100644 > --- a/meta/recipes-devtools/python/python3-dtschema_2023.1.bb > +++ b/meta/recipes-devtools/python/python3-dtschema_2023.1.bb > @@ -10,6 +10,6 @@ PYPI_PACKAGE = "dtschema" > SRC_URI[sha256sum] = > "8fc8c269e4c57e9d008af7b32cd33b77afd4ea1ac9552bcfa96b41b9e0c52586" > > DEPENDS += "python3-setuptools-scm-native" > -RDEPENDS:${PN} += "python3-ruamel-yaml python3-jsonschema python3-rfc3987" > +RDEPENDS:${PN} += "python3-ruamel-yaml python3-jsonschema python3-rfc3987 > python3-pylibfdt" > > BBCLASSEXTEND = "native nativesdk" > diff --git a/meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb > b/meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb > new file mode 100644 > index ..966f8f1413fb > --- /dev/null > +++ b/meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb > @@ -0,0 +1,14 @@ > +DESCRIPTION = "libfdt from the dtc project" > +HOMEPAGE = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git" > +LICENSE = "BSD-2-Clause" > +LIC_FILES_CHKSUM = "file://BSD-2-Clause;md5=5d6306d1b08f8df623178dfd81880927" > + > +inherit pypi setuptools3 > + > +PYPI_PACKAGE = "pylibfdt" > + > +SRC_URI[sha256sum] = > "90c667c5adf44c6ab2f13bdc566598897784c7b781bed91064e7373bd270b778" > + > +DEPENDS += "python3-setuptools-scm-native swig-native" > + > +BBCLASSEXTEND = "native nativesdk" > -- > 2.36.0.rc2.17.g4027e30c53 > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176998): https://lists.openembedded.org/g/openembedded-core/message/176998 Mute This Topic: https://lists.openembedded.org/mt/96876890/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] kernel-devsrc: powerpc: add missed dependency for modules_prepare
There is an issue during 'make modules_prepare' execution for PPC_85xx: arch/powerpc/kernel/asm-offsets.c:58:10: fatal error: head_booke.h: No such file or directory 58 | #include "head_booke.h" | ^~ compilation terminated. make[1]: *** [scripts/Makefile.build:118: arch/powerpc/kernel/asm-offsets.s] Error 1 asm-offests.c has dependency on head_booke.h so add it to kernel-devsrc package Signed-off-by: Denys Zagorui --- meta/recipes-kernel/linux/kernel-devsrc.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-kernel/linux/kernel-devsrc.bb b/meta/recipes-kernel/linux/kernel-devsrc.bb index 253b8d307d..683f182c43 100644 --- a/meta/recipes-kernel/linux/kernel-devsrc.bb +++ b/meta/recipes-kernel/linux/kernel-devsrc.bb @@ -215,6 +215,7 @@ do_install() { # v6,1+ cp -a --parents arch/powerpc/kernel/asm-offsets.c $kerneldir/build/ 2>/dev/null || : + cp -a --parents arch/powerpc/kernel/head_booke.h $kerneldir/build/ 2>/dev/null || : fi if [ "${ARCH}" = "riscv" ]; then cp -a --parents arch/riscv/kernel/vdso/*gettimeofday.* $kerneldir/build/ -- 2.28.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176997): https://lists.openembedded.org/g/openembedded-core/message/176997 Mute This Topic: https://lists.openembedded.org/mt/96881268/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][dunfell][PATCH] ffmpeg: fix for CVE-2022-3341
On Fri, Feb 10, 2023 at 2:21 AM Bhabu Bindu wrote: > > From: Bhabu Bindu > > avformat/nutdec: Add check for avformat_new_stream > Check for failure of avformat_new_stream() and propagate > the error code. > > Upstream-Status: Backport > [https://git.yoctoproject.org/poky/commit/?h=kirkstone&id=bba70ce34115151362bfdc49a545ee708eb297ca] > > (From OE-Core rev: e17ddd0fafb562ed7ebe7708dac9bcef2d6cecc1) > > Signed-off-by: Narpat Mali > Signed-off-by: Steve Sakoman > Signed-off-by: Richard Purdie > (cherry picked from commit bba70ce34115151362bfdc49a545ee708eb297ca) > Signed-off-by: Bhabu Bindu > --- > ...ec-Add-check-for-avformat_new_stream.patch | 66 +++ > .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 3 +- > 2 files changed, 68 insertions(+), 1 deletion(-) > create mode 100644 > meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch > > diff --git > a/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch > > b/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch > new file mode 100644 > index 00..706db9669a > --- /dev/null > +++ > b/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch This patch should be named CVE-2022-3341.patch. Please submit a V2! > @@ -0,0 +1,66 @@ > +From 9cf652cef49d74afe3d454f27d49eb1a1394951e Mon Sep 17 00:00:00 2001 > +From: Jiasheng Jiang > +Date: Wed, 23 Feb 2022 10:31:59 +0800 > +Subject: [PATCH] avformat/nutdec: Add check for avformat_new_stream > + > +Check for failure of avformat_new_stream() and propagate > +the error code. > + > +Signed-off-by: Michael Niedermayer > + > +CVE: CVE-2022-3341 > + > +Upstream-Status: Backport > [https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e] > + > +Comments: Refreshed Hunk > +Signed-off-by: Narpat Mali > +Signed-off-by: Bhabu Bindu > +--- > + libavformat/nutdec.c | 16 > + 1 file changed, 12 insertions(+), 4 deletions(-) > + > +diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c > +index 0a8a700acf..f9ad2c0af1 100644 > +--- a/libavformat/nutdec.c > b/libavformat/nutdec.c > +@@ -351,8 +351,12 @@ static int decode_main_header(NUTContext *nut) > + ret = AVERROR(ENOMEM); > + goto fail; > + } > +-for (i = 0; i < stream_count; i++) > +-avformat_new_stream(s, NULL); > ++for (i = 0; i < stream_count; i++) { > ++if (!avformat_new_stream(s, NULL)) { > ++ret = AVERROR(ENOMEM); > ++goto fail; > ++} > ++} > + > + return 0; > + fail: > +@@ -793,19 +793,23 @@ > + NUTContext *nut = s->priv_data; > + AVIOContext *bc = s->pb; > + int64_t pos; > +-int initialized_stream_count; > ++int initialized_stream_count, ret; > + > + nut->avf = s; > + > + /* main header */ > + pos = 0; > ++ret = 0; > + do { > ++if (ret == AVERROR(ENOMEM)) > ++return ret; > ++ > + pos = find_startcode(bc, MAIN_STARTCODE, pos) + 1; > + if (pos < 0 + 1) { > + av_log(s, AV_LOG_ERROR, "No main startcode found.\n"); > + goto fail; > + } > +-} while (decode_main_header(nut) < 0); > ++} while ((ret = decode_main_header(nut)) < 0); > + > + /* stream headers */ > + pos = 0; > diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb > b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb > index cbfdbf0563..737fd33fa5 100644 > --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb > +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb > @@ -30,7 +30,8 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ > file://CVE-2021-3566.patch \ > file://CVE-2021-38291.patch \ > file://CVE-2022-1475.patch \ > - " > + > file://0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch \ > + " Also, this won't apply because we have your other ffmpeg CVE fix in the current pull request: https://git.openembedded.org/openembedded-core-contrib/commit/?id=a626228a4be4c52c9d3f43eb1756c1defc22a5e4&h=stable%2Fdunfell-next So please take this into account with your V2. Thanks! Steve > SRC_URI[md5sum] = "348956fc2faa57a2f79bbb84ded9fbc3" > SRC_URI[sha256sum] = > "cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c" > > -- > 2.17.1 > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176996): https://lists.openembedded.org/g/openembedded-core/message/176996 Mute This Topic: https://lists.openembedded.org/mt/96874863/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] busybox: Fix depmod patch
The original patch was actually allowing .debug modules though which was in-correct. This change blocks the parsing of .debug modules (which is correct). As noted in [YOCTO #15022] this should address the empty modules.dep when using the BusyBox depmod. Signed-off-by: Saul Wold --- .../busybox/busybox/0001-depmod-Ignore-.debug-directories.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch b/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch index 354f83a4a5f..d76118f85b2 100644 --- a/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch +++ b/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch @@ -21,7 +21,7 @@ index bb42bbe..aa5a2de 100644 /* Arbitrary. Was sb->st_size, but that breaks .gz etc */ size_t len = (64*1024*1024 - 4096); -+ if (strstr(fname, ".debug") == NULL) ++ if (strstr(fname, ".debug") != NULL) + return TRUE; + if (strrstr(fname, ".ko") == NULL) -- 2.39.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176995): https://lists.openembedded.org/g/openembedded-core/message/176995 Mute This Topic: https://lists.openembedded.org/mt/96878297/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 2/2] linux-yocto.inc: add dt-schema to devshell
If the user invokes the devshell on the linux-yocto kernel, add python3-dtschema-native to their native sysroot so they can do things like: devshell> make dtbs_check Signed-off-by: Trevor Woerner --- changes since v1: - none --- meta/recipes-kernel/linux/linux-yocto.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-kernel/linux/linux-yocto.inc b/meta/recipes-kernel/linux/linux-yocto.inc index 091003ed8299..782dc7a06ef7 100644 --- a/meta/recipes-kernel/linux/linux-yocto.inc +++ b/meta/recipes-kernel/linux/linux-yocto.inc @@ -63,6 +63,7 @@ KERNEL_FEATURES:append:qemuall=" features/kernel-sample/kernel-sample.scc" KERNEL_DEBUG_OPTIONS ?= "stack" KERNEL_EXTRA_ARGS:append:x86-64 = " ${@bb.utils.contains('KERNEL_DEBUG_OPTIONS', 'stack', 'HOST_LIBELF_LIBS="-L${RECIPE_SYSROOT_NATIVE}/usr/lib/pkgconfig/../../../usr/lib/ -lelf"', '', d)}" +do_devshell[depends] += "python3-dtschema-native:do_populate_sysroot" do_devshell:prepend() { # setup native pkg-config variables (kconfig scripts call pkg-config directly, cannot generically be overriden to pkg-config-native) d.setVar("PKG_CONFIG_DIR", "${STAGING_DIR_NATIVE}${libdir_native}/pkgconfig") -- 2.36.0.rc2.17.g4027e30c53 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176994): https://lists.openembedded.org/g/openembedded-core/message/176994 Mute This Topic: https://lists.openembedded.org/mt/96876892/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 1/2] python3-dtschema: add dependency on pylibfdt
dt-schema has a dependency on pylibfdt. Signed-off-by: Trevor Woerner --- changes since v1: - add a maintainer entry --- meta/conf/distro/include/maintainers.inc | 1 + .../python/python3-dtschema_2023.1.bb | 2 +- .../python/python3-pylibfdt_1.6.1.bb | 14 ++ 3 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc index ec7ea90d16a6..575ceac8f23c 100644 --- a/meta/conf/distro/include/maintainers.inc +++ b/meta/conf/distro/include/maintainers.inc @@ -661,6 +661,7 @@ RECIPE_MAINTAINER:pn-python3-pycparser = "Tim Orling " RECIPE_MAINTAINER:pn-python3-pyelftools = "Joshua Watt " RECIPE_MAINTAINER:pn-python3-pygments = "Oleksandr Kravchuk " RECIPE_MAINTAINER:pn-python3-pygobject = "Zang Ruochen " +RECIPE_MAINTAINER:pn-python3-pylibfdt = "Trevor Woerner " RECIPE_MAINTAINER:pn-python3-pyopenssl = "Tim Orling " RECIPE_MAINTAINER:pn-python3-pyparsing = "Oleksandr Kravchuk " RECIPE_MAINTAINER:pn-python3-pyproject-hooks = "Ross Burton " diff --git a/meta/recipes-devtools/python/python3-dtschema_2023.1.bb b/meta/recipes-devtools/python/python3-dtschema_2023.1.bb index 9767c95d3043..24bded9710a9 100644 --- a/meta/recipes-devtools/python/python3-dtschema_2023.1.bb +++ b/meta/recipes-devtools/python/python3-dtschema_2023.1.bb @@ -10,6 +10,6 @@ PYPI_PACKAGE = "dtschema" SRC_URI[sha256sum] = "8fc8c269e4c57e9d008af7b32cd33b77afd4ea1ac9552bcfa96b41b9e0c52586" DEPENDS += "python3-setuptools-scm-native" -RDEPENDS:${PN} += "python3-ruamel-yaml python3-jsonschema python3-rfc3987" +RDEPENDS:${PN} += "python3-ruamel-yaml python3-jsonschema python3-rfc3987 python3-pylibfdt" BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb b/meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb new file mode 100644 index ..966f8f1413fb --- /dev/null +++ b/meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb @@ -0,0 +1,14 @@ +DESCRIPTION = "libfdt from the dtc project" +HOMEPAGE = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://BSD-2-Clause;md5=5d6306d1b08f8df623178dfd81880927" + +inherit pypi setuptools3 + +PYPI_PACKAGE = "pylibfdt" + +SRC_URI[sha256sum] = "90c667c5adf44c6ab2f13bdc566598897784c7b781bed91064e7373bd270b778" + +DEPENDS += "python3-setuptools-scm-native swig-native" + +BBCLASSEXTEND = "native nativesdk" -- 2.36.0.rc2.17.g4027e30c53 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176993): https://lists.openembedded.org/g/openembedded-core/message/176993 Mute This Topic: https://lists.openembedded.org/mt/96876890/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][dunfell 00/27] Pull request (cover letter only)
This is the final pull request for the 3.1.23 release. Steve On Wed, Feb 8, 2023 at 4:26 AM Steve Sakoman via lists.openembedded.org wrote: > > The following changes since commit db81e3c7e7f1d4d9eba52ac35ac97627d0240b63: > > build-appliance-image: Update to dunfell head revision (2023-01-13 18:11:40 > +) > > are available in the Git repository at: > > https://git.openembedded.org/openembedded-core-contrib stable/dunfell-next > > http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next > > Alexander Kanavin (2): > linux-firmware: upgrade 20221109 -> 20221214 > selftest/virgl: use pkg-config from the host > > BenoƮt Mauduit (1): > lib/oe/reproducible: Use git log without gpg signature > > Bhabu Bindu (1): > ffmpeg: Fix CVE-2022-3109 > > Bruce Ashfield (2): > linux-yocto/5.4: update to v5.4.229 > linux-yocto/5.4: update to v5.4.230 > > Hitendra Prajapati (1): > xserver-xorg: Fix Multiple CVEs > > Jan Kircher (1): > toolchain-scripts: compatibility with unbound variable protection > > Jermain Horsman (1): > cve-check: write the cve manifest to IMGDEPLOYDIR > > Khem Raj (1): > libtirpc: Check if file exists before operating on it > > Marta Rybczynska (1): > cve-update-db-native: avoid incomplete updates > > Niko Mauno (2): > systemd: Consider PACKAGECONFIG in RRECOMMENDS > Fix missing leading whitespace with ':append' > > Quentin Schulz (1): > cairo: fix CVE patches assigned wrong CVE number > > Randy MacLeod (1): > vim: upgrade 9.0.0947 -> 9.0.1211 > > Ranjitsinh Rathod (1): > libsdl2: Add fix for CVE-2022-4743 > > Ross Burton (2): > cve-update-db-native: add more logging when fetching > cve-update-db-native: show IP on failure > > Steve Sakoman (5): > python3: fix packaging of Windows distutils installer stubs > lttng-modules: update 2.11.6 -> 2.11.7 > lttng-modules: update 2.11.7 -> 2.11.8 > lttng-modules: update 2.11.8 -> 2.11.9 > lttng-modules: fix build with 5.4.229 kernel > > Thomas Roos (1): > devtool: fix devtool finish when gitmodules file is empty > > Vivek Kumbhar (1): > go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* > functions > > Xiaobing Luo (1): > devtool: Fix _copy_file() TypeError > > jan (1): > cve-update-db-native: Allow to overrule the URL in a bbappend. > > meta/classes/cve-check.bbclass| 6 +- > meta/classes/externalsrc.bbclass | 2 +- > meta/classes/populate_sdk_ext.bbclass | 2 +- > meta/classes/toolchain-scripts.bbclass| 2 +- > meta/lib/oe/reproducible.py | 3 +- > meta/lib/oeqa/selftest/cases/runtime_test.py | 2 +- > .../recipes-core/meta/cve-update-db-native.bb | 97 +++-- > meta/recipes-core/systemd/systemd_244.5.bb| 4 +- > meta/recipes-devtools/go/go-1.14.inc | 1 + > .../go/go-1.14/CVE-2022-1962.patch| 357 ++ > .../python/python3/python3-manifest.json | 4 +- > .../libtirpc/libtirpc_1.2.6.bb| 2 +- > .../cairo/cairo/CVE-2019-6461.patch | 46 +-- > .../cairo/cairo/CVE-2019-6462.patch | 46 ++- > .../libsdl2/libsdl2/CVE-2022-4743.patch | 38 ++ > .../libsdl2/libsdl2_2.0.12.bb | 1 + > .../xserver-xorg/CVE-2022-4283.patch | 39 ++ > .../xserver-xorg/CVE-2022-46340.patch | 55 +++ > .../xserver-xorg/CVE-2022-46341.patch | 86 + > .../xserver-xorg/CVE-2022-46342.patch | 78 > .../xserver-xorg/CVE-2022-46343.patch | 51 +++ > .../xserver-xorg/CVE-2022-46344.patch | 75 > .../xorg-xserver/xserver-xorg_1.20.14.bb | 8 +- > ...20221109.bb => linux-firmware_20221214.bb} | 4 +- > .../linux/linux-yocto-rt_5.4.bb | 6 +- > .../linux/linux-yocto-tiny_5.4.bb | 8 +- > meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +- > ...ncpy-equals-destination-size-warning.patch | 42 --- > ...jtool-Rename-frame.h-objtool.h-v5.10.patch | 88 - > ...oints-output-proper-root-owner-for-t.patch | 316 > ...rdered-extent-tracepoint-take-btrfs_.patch | 179 - > ...ext4-fast-commit-recovery-path-v5.10.patch | 91 - > ...intr-vectoring-info-and-error-code-t.patch | 124 -- > ...x86-mmu-Add-TDP-MMU-PF-handler-v5.10.patch | 82 > ...Return-unique-RET_PF_-values-if-the-.patch | 71 > ...int-Optimize-using-static_call-v5.10.patch | 155 > ...-fix-include-order-for-older-kernels.patch | 31 -- > .../0011-Add-release-maintainer-script.patch | 59 --- > .../0012-Improve-the-release-script.patch | 173 - > ...fix-ext4-fast-commit-recovery-path-v.patch | 32 -- > ...-fix-include-order-for-older-kernels.patch | 32 -- > ...fix-tracepoint-Optimize-using-static.patch | 46 --- > ...ion-range-for-trace_find_free_extent.patch | 30 -- > ...ix-jbd2-use-the-correct-print-format.patch | 147 > ...ules_2.11.6.bb => lttng-module
[OE-core] [PATCH] wic/plugins/source/bootimg-efi: Configure installation of kernel image into boot partition.
The issue with installing the kernel image to both rootfs and boot partition is that some systems rely on the kernel image in rootfs and not in the boot partition. This leads to duplication of the kernel image, which can cause unnecessary storage usage. This patch provides a solution to the problem by adding a new parameter "install-kernel-into-boot-dir" to the wic kickstart file. If this parameter is set to 'true', the plugin will install the kernel image to the boot partition. If the parameter is set to 'false', the plugin will skip installing the kernel image, avoiding duplication. Tests for this functionality will be added in the next patch. Signed-off-by: Kareem Zarka --- scripts/lib/wic/plugins/source/bootimg-efi.py | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 4b00913a70..4e99d37f26 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -363,9 +363,10 @@ class BootimgEFIPlugin(SourcePlugin): objcopy_cmd += " %s %s/EFI/Linux/linux.efi" % (efi_stub, hdddir) exec_native_cmd(objcopy_cmd, native_sysroot) else: -install_cmd = "install -m 0644 %s/%s %s/%s" % \ -(staging_kernel_dir, kernel, hdddir, kernel) -exec_cmd(install_cmd) +if source_params.get('install-kernel-into-boot-dir') != 'false': +install_cmd = "install -m 0644 %s/%s %s/%s" % \ +(staging_kernel_dir, kernel, hdddir, kernel) +exec_cmd(install_cmd) if get_bitbake_var("IMAGE_EFI_BOOT_FILES"): for src_path, dst_path in cls.install_task: -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176989): https://lists.openembedded.org/g/openembedded-core/message/176989 Mute This Topic: https://lists.openembedded.org/mt/96873813/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] meta/lib/oeqa/selftest/cases/wic: Add tests for configuring kernel image install into boot partition.
- test_skip_kernel_install: This test verifies that the kernel is not installed in the boot partition when the 'install-kernel-into-boot-dir' parameter is set to false. - test_kernel_install: This test verifies that the kernel is installed in the boot partition when the 'install-kernel-into-boot-dir' parameter is set to true . Both tests use a WKS (Kickstart) file to specify the desired configuration, build a disk image using WIC, and extract the disk image to a temporary directory to verify the results. Signed-off-by: Kareem Zarka --- meta/lib/oeqa/selftest/cases/wic.py | 66 + 1 file changed, 66 insertions(+) diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py index ca1abb970a..b46dccc144 100644 --- a/meta/lib/oeqa/selftest/cases/wic.py +++ b/meta/lib/oeqa/selftest/cases/wic.py @@ -16,6 +16,7 @@ import hashlib from glob import glob from shutil import rmtree, copy from tempfile import NamedTemporaryFile +from tempfile import TemporaryDirectory from oeqa.selftest.case import OESelftestTestCase from oeqa.core.decorator import OETestTag @@ -146,6 +147,71 @@ class CLITests(OESelftestTestCase): self.assertEqual(1, runCmd('wic', ignore_status=True).status) class Wic(WicTestCase): +def test_skip_kernel_install(self): +"""Test the functionality of not installing the kernel in the boot directory using the wic plugin""" +# create a temporary file for the WKS content +with NamedTemporaryFile("w", suffix=".wks") as wks: +wks.write( +'part --source bootimg-efi ' + '--sourceparams="loader=grub-efi,install-kernel-into-boot-dir=false" ' +'--label boot --active\n' +) +wks.flush() +# create a temporary directory to extract the disk image to +with TemporaryDirectory() as tmpdir: +img = 'core-image-minimal' +# build the image using the WKS file +cmd = "wic create %s -e %s -o %s" % ( +wks.name, img, self.resultdir) +runCmd(cmd) +wksname = os.path.splitext(os.path.basename(wks.name))[0] +out = glob(os.path.join( +self.resultdir, "%s-*.direct" % wksname)) +self.assertEqual(1, len(out)) +# extract the content of the disk image to the temporary directory +cmd = "wic cp %s:1 %s" % (out[0], tmpdir) +runCmd(cmd) +# check if the kernel is installed or not +kimgtype = get_bb_var('KERNEL_IMAGETYPE', img) +for file in os.listdir(tmpdir): +if file == kimgtype: +raise AssertionError( +"The kernel image '{}' was found in the partition".format(kimgtype) +) + +def test_kernel_install(self): +"""Test the installation of the kernel to the boot directory in the wic plugin""" +# create a temporary file for the WKS content +with NamedTemporaryFile("w", suffix=".wks") as wks: +wks.write( +'part --source bootimg-efi ' + '--sourceparams="loader=grub-efi,install-kernel-into-boot-dir=true" ' +'--label boot --active\n' +) +wks.flush() +# create a temporary directory to extract the disk image to +with TemporaryDirectory() as tmpdir: +img = 'core-image-minimal' +# build the image using the WKS file +cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir) +runCmd(cmd) +wksname = os.path.splitext(os.path.basename(wks.name))[0] +out = glob(os.path.join(self.resultdir, "%s-*.direct" % wksname)) +self.assertEqual(1, len(out)) +# extract the content of the disk image to the temporary directory +cmd = "wic cp %s:1 %s" % (out[0], tmpdir) +runCmd(cmd) +# check if the kernel is installed or not +kimgtype = get_bb_var('KERNEL_IMAGETYPE', img) +found = False +for file in os.listdir(tmpdir): +if file == kimgtype: +found = True +break +self.assertTrue( +found, "The kernel image '{}' was not found in the boot partition".format(kimgtype) +) + def test_build_image_name(self): """Test wic create wictestdisk --image-name=core-image-minimal""" cmd = "wic create wictestdisk --image-name=core-image-minimal -o %s" % self.resultdir -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176990): https://lists.openembedded.org/g/openembedded-core/message
[OE-core] [PATCH] meta/lib/oeqa/selftest/cases/wic: Add tests for configuring kernel image install into boot partition.
- test_skip_kernel_install: This test verifies that the kernel is not installed in the boot partition when the 'install-kernel-into-boot-dir' parameter is set to false. - test_kernel_install: This test verifies that the kernel is installed in the boot partition when the 'install-kernel-into-boot-dir' parameter is set to true . Both tests use a WKS (Kickstart) file to specify the desired configuration, build a disk image using WIC, and extract the disk image to a temporary directory to verify the results. Signed-off-by: Kareem Zarka --- meta/lib/oeqa/selftest/cases/wic.py | 66 + 1 file changed, 66 insertions(+) diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py index ca1abb970a..b46dccc144 100644 --- a/meta/lib/oeqa/selftest/cases/wic.py +++ b/meta/lib/oeqa/selftest/cases/wic.py @@ -16,6 +16,7 @@ import hashlib from glob import glob from shutil import rmtree, copy from tempfile import NamedTemporaryFile +from tempfile import TemporaryDirectory from oeqa.selftest.case import OESelftestTestCase from oeqa.core.decorator import OETestTag @@ -146,6 +147,71 @@ class CLITests(OESelftestTestCase): self.assertEqual(1, runCmd('wic', ignore_status=True).status) class Wic(WicTestCase): +def test_skip_kernel_install(self): +"""Test the functionality of not installing the kernel in the boot directory using the wic plugin""" +# create a temporary file for the WKS content +with NamedTemporaryFile("w", suffix=".wks") as wks: +wks.write( +'part --source bootimg-efi ' + '--sourceparams="loader=grub-efi,install-kernel-into-boot-dir=false" ' +'--label boot --active\n' +) +wks.flush() +# create a temporary directory to extract the disk image to +with TemporaryDirectory() as tmpdir: +img = 'core-image-minimal' +# build the image using the WKS file +cmd = "wic create %s -e %s -o %s" % ( +wks.name, img, self.resultdir) +runCmd(cmd) +wksname = os.path.splitext(os.path.basename(wks.name))[0] +out = glob(os.path.join( +self.resultdir, "%s-*.direct" % wksname)) +self.assertEqual(1, len(out)) +# extract the content of the disk image to the temporary directory +cmd = "wic cp %s:1 %s" % (out[0], tmpdir) +runCmd(cmd) +# check if the kernel is installed or not +kimgtype = get_bb_var('KERNEL_IMAGETYPE', img) +for file in os.listdir(tmpdir): +if file == kimgtype: +raise AssertionError( +"The kernel image '{}' was found in the partition".format(kimgtype) +) + +def test_kernel_install(self): +"""Test the installation of the kernel to the boot directory in the wic plugin""" +# create a temporary file for the WKS content +with NamedTemporaryFile("w", suffix=".wks") as wks: +wks.write( +'part --source bootimg-efi ' + '--sourceparams="loader=grub-efi,install-kernel-into-boot-dir=true" ' +'--label boot --active\n' +) +wks.flush() +# create a temporary directory to extract the disk image to +with TemporaryDirectory() as tmpdir: +img = 'core-image-minimal' +# build the image using the WKS file +cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir) +runCmd(cmd) +wksname = os.path.splitext(os.path.basename(wks.name))[0] +out = glob(os.path.join(self.resultdir, "%s-*.direct" % wksname)) +self.assertEqual(1, len(out)) +# extract the content of the disk image to the temporary directory +cmd = "wic cp %s:1 %s" % (out[0], tmpdir) +runCmd(cmd) +# check if the kernel is installed or not +kimgtype = get_bb_var('KERNEL_IMAGETYPE', img) +found = False +for file in os.listdir(tmpdir): +if file == kimgtype: +found = True +break +self.assertTrue( +found, "The kernel image '{}' was not found in the boot partition".format(kimgtype) +) + def test_build_image_name(self): """Test wic create wictestdisk --image-name=core-image-minimal""" cmd = "wic create wictestdisk --image-name=core-image-minimal -o %s" % self.resultdir -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176988): https://lists.openembedded.org/g/openembedded-core/message
[OE-core] [PATCH] wic/plugins/source/bootimg-efi: Configure installation of
The issue with installing the kernel image to both rootfs and boot partition is that some systems rely on the kernel image in rootfs and not in the boot partition. This leads to duplication of the kernel image, which can cause unnecessary storage usage. This patch provides a solution to the problem by adding a new parameter "install-kernel-into-boot-dir" to the wic kickstart file. If this parameter is set to 'true', the plugin will install the kernel image to the boot partition. If the parameter is set to 'false', the plugin will skip installing the kernel image, avoiding duplication. Tests for this functionality will be added in the next patch. Signed-off-by: Kareem Zarka --- scripts/lib/wic/plugins/source/bootimg-efi.py | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 4b00913a70..4e99d37f26 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -363,9 +363,10 @@ class BootimgEFIPlugin(SourcePlugin): objcopy_cmd += " %s %s/EFI/Linux/linux.efi" % (efi_stub, hdddir) exec_native_cmd(objcopy_cmd, native_sysroot) else: -install_cmd = "install -m 0644 %s/%s %s/%s" % \ -(staging_kernel_dir, kernel, hdddir, kernel) -exec_cmd(install_cmd) +if source_params.get('install-kernel-into-boot-dir') != 'false': +install_cmd = "install -m 0644 %s/%s %s/%s" % \ +(staging_kernel_dir, kernel, hdddir, kernel) +exec_cmd(install_cmd) if get_bitbake_var("IMAGE_EFI_BOOT_FILES"): for src_path, dst_path in cls.install_task: -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176987): https://lists.openembedded.org/g/openembedded-core/message/176987 Mute This Topic: https://lists.openembedded.org/mt/96814230/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/2] python3-dtschema: add dependency on pylibfdt
Hello Trevor, On Thu, 9 Feb 2023 13:37:55 -0500 "Trevor Woerner" wrote: > dt-schema has a dependency on pylibfdt. > > Signed-off-by: Trevor Woerner This patches triggers an error due to the new recipe not having a maintainer: The following recipes do not have a maintainer assigned to them. Please add an entry to meta/conf/distro/include/maintainers.inc file. python3-pylibfdt (/home/pokybuild/yocto-worker/oe-selftest-armhost/build/meta/recipes-devtools/python/python3-pylibfdt_1.6.1.bb) Some logs from the autobuilders that found this: https://autobuilder.yoctoproject.org/typhoon/#/builders/127/builds/943/steps/14/logs/stdio https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/4823/steps/14/logs/stdio Best regards, -- Luca Ceresoli, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176986): https://lists.openembedded.org/g/openembedded-core/message/176986 Mute This Topic: https://lists.openembedded.org/mt/96859715/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-