- new version includes fix for CVE-2022-23308
- drop patche which was upstream
- refresh patch
(From OE-Core rev: d687f1ac2017a1cc94ac4733cd46755d5aabd120)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The project has migrated from www.xmlsoft.org to gitlab.gnome.org.
Update the homepage accordingly, and use gnomebase to construct the
download URL, rather than including it in SRC_URI explicitly.
Note that the download is now in .xz format rather than .gz, so the
sha256sum is updated accordingly. Post-decompression tarballs are
identical, so there is no change to the libxml2 code.
(From OE-Core rev: 8bc17ceb997f8f31a03e5f5efc41c03ef1df3add)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We need to set nobranch=1 as the 0.6.4 tag isn't on any branches at
present.
(From OE-Core rev: 5637ebe76885c21c2c3f975b4f412b02f9e02456)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The statx requires glibc >= 2.28 and linux kernel >= 4.11, but coreutils's
configure only checks glibc compatibility for statx syscall but fail to check
kernel support, e.g.:
RedHat Enterprise Linux Server 7.6 (Maipo)
Host kernel: 3.10.0-1127.8.2.el7.x86_64
Docker OS: Ubuntu 20.04.1 LTS
$ bitbake coreutils-native
find the binary ls and run it as "ls -l ."
The result is something like: "?????????. ? ? ? ? ? foo"
This is because glibc is 2.31 (Ubunut 20.04 in docker) which has statx,
but host's kernel is 3.10.0 (CentOS 7) which doesn't support statx.
Disable statx for native build to fix the problem.
Original from: Davi Poyastro <davi.poyastro@nokia.com>
(From OE-Core rev: 6c120d8856fab044e7b8e09d6de91c2b228a2dd9)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-Fix-VLA-parameter-warning.patch
removed since it's included in 202202
Changelog:
=========
OvmfPkg Add new target for Cloud Hypervisor
Add TDVF to OvmfPkg
Add new APIs to UefiCpuPkg/UefiCpuLib
Add AMD Secure Nested Paging Support
Add SSDT PCI generator in DynamicTablesPkg
Support ACPI 6.4 PPTT changes
Add FdtHwInfoParser library
Add DynamicPlatRepo library
Make package and platform builds reproducible across source format changes
Add Uncrustify CI Plugin
Apply uncrustify changes to all package C and H files
(From OE-Core rev: 5e280a4d6bf67c3b7d26c444bc52f25e63ae57a4)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
Fix issue with multiple offers from the same DHCP server.
Fix issue with Base64 decoding and bytes consumed validation.
(From OE-Core rev: 790f45993ac9c10ee547e4d9ae3dd0bfa96aa469)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In commit ceda3238 (meta/meta-selftest/meta-skeleton: Update LICENSE
variable to use SPDX license identifiers) all LICENSE variables were
updated to only use SPDX license identifiers.
This does the same for comments and other variables where it is
appropriate to use the official SPDX license identifiers. There are
still references to, e.g., "GPLv3", but they are then typically in
descriptive text where they refer to the license in a generic sense.
(From OE-Core rev: 165759dced7fbe73b1db2ede67047896071dc6d0)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When installed, this module mounts a read-write (RW) overlay on
top of a root filesystem, which is kept read-only (RO), free
from modifications by the user, this might prove to be useful
if we want to access or restore the original unmodified rootfs.
The existing overlay-etc.bbclass does something similar, it
mounts an overlay on top of the /etc directory, however doing
the same for root causes the original root to be inaccessible
once the system is booted, hence why this module is added to
the initramfs boot flow, allowing us to mount the RW overlay,
while keeping the original rootfs mounted at /rofs once the
system finishes booting. This script is loosely based on that
class.
This module requires rootrw=<foo> to be passed as a kernel
parameter to specify the device/partition to be used as RW by the
overlay and has a dependency on overlayfs support being present
in the running kernel.
It does not require the read-only IMAGE_FEATURE to be enabled.
The module needs to be executed after the initramfs-module-rootfs
since it relies on it to mount the filesystem at initramfs startup
but before the finish module which normally switches root.
After overlayroot is executed the usual boot flow continues from
the real init process.
If something goes wrong while running this module, the rootfs
is still mounted RO (with no overlay) and the finish module is
executed to continue booting normally.
Its worth noting that, on purpose, this isnt installed by default
on any images that use initramfs-framework to keep the boot flow
unmodified, only when a user manually requests to install it,
then it becomes functional.
(From OE-Core rev: 4f876982a856c54a8074c85346632e33caa7ef53)
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
brings in these fixes
* f8bdc304 fix spurious failures by fgetws when buffer ends with partial character
* 5690668a add missing strerror text for key management
* 3b7b4155 fix out-of-bound read processing time zone data with distant-past dates
* 75b3412f fix potentially wrong-sign zero in cproj functions at infinity
* 52f0deb9 make fseek detect and produce an error for invalid whence arguments
* cbacd638 add SEEK_DATA and SEEK_HOLE to unistd.h
(From OE-Core rev: 6c76063019f9aab5c249750e526bae9031829efe)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Move the systemd shared library (libsystemd-shared.so) into its own
package to prevent a runtime dependency from udev package to systemd
package and thereby to a second init manager.
(From OE-Core rev: d1473149816674e3a3aa3f565e8b6390d2d0f1a6)
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
* use fakechroot instead of unsharing the mount namespace and mounting tmpfs
* deb-systemd-invoke: systemctl --machine @<UID> is now available in
v249.10. Adjust the version check accordingly
* Skip build-time tests if DEB_BUILD_OPTIONS=nocheck is set
* Fix typos found by Lintian
* Set Rules-Requires-Root: no
(From OE-Core rev: 5ee6558c4364d49a0e003648ac49f58f1fb41765)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Three CVEs were meant to be ignored via CVE_WHITELIST, but that wasn't
the correct variable name.
The CPEs for those CVEs mean that they don't get picked up in our report,
so just remove the assignment.
(From OE-Core rev: dea00faf30ec7c19b6b5ed4651b430ba3faf69ff)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes:
Error: Transaction test error:
file /usr/include/bits/dl_find_object.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
file /usr/include/bits/rseq.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
file /usr/include/bits/timesize.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
(From OE-Core rev: 0982c2bc19f4cacd72fd43f93c6a0a4d45a75c6a)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Make sure this header file is same in arm and aarch64.
Fix the conflict error when enable multilib:
Error: Transaction test error:
file /usr/include/bits/wordsize.h conflicts between attempted installs of lib32-libc6-dev-2.35-r0.armv7vet2hf_vfp and libc6-dev-2.35-r0.cortexa57
(From OE-Core rev: 402ba8367f5316fd8d25a536ebd12bc0bcdfa400)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
After the change to bitbake, update the references in OE-Core to match the updates.
(From OE-Core rev: 193affb9f28b0116c3fd619834f145326fee08c5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a security fix release containing fixes for CVE-2022-25235, CVE-2022-25236,
CVE-2022-25313, CVE-2022-25314 and CVE-2022-25315.
(From OE-Core rev: b71344dacb71cfc452b335a6f2fb9cb74e2e1ff8)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rename the image, the test controller class/code/module and the underlying
image sentinel file to all match the controller terminology.
(From OE-Core rev: f87b32833ac5327c4659ab8c06af34e7bda83f83)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since upstream commit [d8ea0d0168 Add an internal wrapper for clone, clone2
and clone3] applied, start a unprivileged container (docker run without
--privileged), it creates a thread failed in container.
In commit d8ea0d0168, it calls __clone3 if HAVE_CLONE3_WAPPER is defined. If
__clone3 returns -1 with ENOSYS, fall back to clone or clone2.
As known from [1], cloneXXX fails with EPERM if CLONE_NEWCGROUP,
CLONE_NEWIPC, CLONE_NEWNET, CLONE_NEWNS, CLONE_NEWPID, or CLONE_NEWUTS
was specified by an unprivileged process (process without CAP_SYS_ADMIN)
[1] https://man7.org/linux/man-pages/man2/clone3.2.html
So if __clone3 returns -1 with EPERM, fall back to clone or clone2 could
fix the issue.
(From OE-Core rev: 58802b2c4f63a4572cc7cca26d1d8a6b30e2fc79)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If mounts are left lingering, then after we switch_root, attempts to
modify the block devices will result in an EBUSY with no way to unmount
them. As we're about to switch_root anyways, there isn't much use to
keep anything mounted unless it has the new rootfs.
(From OE-Core rev: 4dc7af6d25597ea10ea43e76c7c3d7251462c0e5)
Signed-off-by: Justin Bronder <jsbronder@cold-front.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some of the buildtools tests test network access so allow this.
(From OE-Core rev: c47424b8e71b95e60f4c5f343176825082b53896)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add libsystemd dependency if we have systemd in DISTRO_FEATURES.
This is needed to build the systemd backend. Projects that use seatd
to hook into logind (e.g. wlroots) fail to properly login without it.
(From OE-Core rev: c659e7468686b8f6995cdc01dd0dbe0e84946bf6)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
Add glibc-on-or1k (OpenRISC 1000) entry to libcrypt.minver.
This was added in GNU libc 2.35.
(From OE-Core rev: 63a37426109911ad629454cae1b66a2e34c4a43e)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Package /usr/bin/ld.so in a separate package
ld.so is a new tool which is added as a symlink to original dynamic
linker so make it available with same name across architectures which is
useful to leveral features like --preload, --audit, and --list-diagnostics
more accessible to end users
(From OE-Core rev: 2658dcbcfc3db814af1ee104303effc1b6cfa489)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
COPYING.LIBGLOSS simply had the FSF street address change.
COPYING.NEWLIB now includes BSD-3-Clause.
(From OE-Core rev: 78080015b7d83f46770be718a22ffcfedd15daf2)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fix boot from NFS for systemd enabled systems. Previously
systemd-networkd dropped network configuration on exit from initrd even
if there're NFS mount.
[YOCTO #14708]
(From OE-Core rev: afb6b1625a43d64eba090f0f4c5e231d87df7833)
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Link udev shared with systemd helper to minimize the udev package size
if DISTRO_FEATURES doesn't configure sysvinit to be used.
It is only usefull to link udev static with systemd helper if udev
should be installed without systemd such as a mixed sysvinit and systemd environment
[RP: Fixed to use sysvinit distro feature instead of systemd]
(From OE-Core rev: 061cae73e2617dff62962fac131ff62d401e500c)
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a PACKAGECONFIG to link systemd-udev and its helpers to
libsystemd-shared.so. If enabled the udev package depends on the systemd
package.
(From OE-Core rev: 2e854402a899c26e25bd0edc198b40fe45fc6c7d)
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Systemd version 250 has a regression which blocks mountd service from
creating subdirectories if path contains symlink. This blocks bind
mounts under /var/run, /lib for example.
Bug-Url: https://github.com/systemd/systemd/issues/22334
(From OE-Core rev: 10f952f4a49ee340f3404df10e9309f90e0c58ab)
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is needed to run weston properly as non-root in the absence
of systemd-logind, and other compositors will likely require seatd
as well.
(From OE-Core rev: f0c7e8cdeea065ddfcd4187f1fabc074b2753ba1)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With the removal of prelink, we no longer need the glibc patch for it
either.
(From OE-Core rev: 7b1b5a7ac5f64fb04c9df7f77e1f65f8acde18a8)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes in this srcrev bump
* c4d4028d fix failure to use add-cfi scripts on asm when building out-of-tree
* 775bde6b fix wcwidth of hangul combining (vowel/final) letters
* 8d404733 fix mismatched signatures for strtod_l family
* 98e688a9 define NULL as nullptr when used in C++11 or later
* 8274aaaa fix hwcap access in powerpc-sf setjmp/longjmp
* 3733c831 fix struct layout mismatch in sound ioctl time32 fallback conversion
(From OE-Core rev: 3ea0b084cc3e394e59399b8cdc479eee0ff1419b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It was set to "debug", but the officially supported value is ".debug".
(From OE-Core rev: 14ac72ead9c581c5fac224a9b330b62d5faa048a)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
