This test mimic the ethernet_static_ip_set_in_connman and ethernet_get_IP_in_connman_via_DHCP test case from oeqa/manual/bsp-hw.json.
The ethernet_static_ip_set_in_connman and ethernet_get_IP_in_connman_via_DHCP manual test case should be remove from oeqa/manual/bsp-hw.json if this patch get merged.
(From OE-Core rev: 008cc0340676cd67f3ec68d3ca8286bbd16c32c6)
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit aaabc94dbe353b12297ba4a237f6817b2c6d4a31)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When dhclient is used with ifupdown and in the /etc/network/interfaces
file is something like e.g. "iface eth0 inet6 dhcp" the system does not
boot but hangs at the after dhcp configuration of IPv4 at the stage
where IPv6 should be configured.
The reason seems to be, that ifupdown calls the dhclient in a blocking
way which leads to a permanent block of the boot when no DHCPv6 server
is available.
A similar bug in Redhat:
https://bugzilla.redhat.com/show_bug.cgi?id=585047
[YOCTO #14117]
(From OE-Core rev: 6d8bf12bffa146cb51153a79a4b96b05298c4fbf)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add the seccomp PACKAGECONFIG option to allow building seccomp features
in QEMU. The libseccomp library is available in additional layers (e.g.
meta-security).
Additionally this serves as a way to disable seccomp by default to avoid
the configure of QEMU automatically finding it (via pkg-config) on the
build host when building qemu-system-native and auto enabling the
feature.
(From OE-Core rev: 80d79ca651b03a3a7d65d25065af3fa5d85925b3)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ruslan Babayev <fib@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This updates the link to the YP docs
and proposes to access the OE website through https
(From OE-Core rev: a73c10667b3ef2d0606dc5b2e4ff9605e2cd52f6)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87686233aeffc639c3f412fd5c4898b32b15013b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix a Makefile race resulting in the target creating a directory being
executed after the target to write into that directory.
[ YOCTO #14485 ]
(From OE-Core rev: 098e9a98ef31211d9a217ab1fde4655b81a7b56d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e90c1d3b80e35fb685d4b321972743771eb2c2c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Nicolas Dechesne spotted there was duplicate code I had introduced with a
previous fix. Remove the second statement since the earlier one is correct
all that is needed.
(From OE-Core rev: aa8e0928bda4a01623552084fc0ac0658e495b53)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f3e8d9f0e53e73de5498fccce81d049a88f6473b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A flaw was found in avahi in versions 0.6 up to 0.8. The event used
to signal the termination of the client connection on the avahi Unix
socket is not correctly handled in the client_work function,
allowing a local attacker to trigger an infinite loop. The highest
threat from this vulnerability is to the availability of the avahi
service, which becomes unresponsive after this flaw is triggered.
https://nvd.nist.gov/vuln/detail/CVE-2021-3468
CVE: CVE-2021-3468
(From OE-Core rev: 7ca7aeb7c703bfa22c9f128849e11b62f93d81b5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A flaw was found in libxml2. Exponential entity expansion attack
is possible bypassing all existing protection mechanisms and leading
to denial of service.
https://nvd.nist.gov/vuln/detail/CVE-2021-3541
CVE: 2021-3541
(From OE-Core rev: 1699293a7011797895c284d6ad664c66badba426)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CPE entries for gst-plugins-* are listed as gstreamer issues
so we need to ignore the false hits for the CVEs we've patched
in plugins recipes
(From OE-Core rev: 55140153e66f13a2d8a673a48f6c21e293415e56)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Change is correct but should be in gstreamer recipe not gstreamer-plugins-base
This reverts commit f32e90a7f8918aacda61ef6176eb1655742045b4.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Change is correct but should be in gstreamer recipe not gstreamer-plugins-good
This reverts commit d853e2bde1ea083f8438e8d7a80f041196d2e38d.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Now that ":" is a valid character in variable key names, it needs to be
allowed by the variable expansion code too, to match.
(Bitbake rev: c5418eae56cc50dbae7951c055434a0c456c53a4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is becomming increasingly clear we need to find a way to show what
is/is not an override in our syntax. We need to do this in a way which
is clear to users, readable and in a way we can transition to.
The most effective way I've found to this is to use the ":" charater
to directly replace "_" where an override is being specified. This
includes "append", "prepend" and "remove" which are effectively special
override directives.
This patch simply adds the character to the parser so bitbake accepts
the value but maps it back to "_" internally so there is no behaviour
change.
This change is simple enough it could potentially be backported to older
version of bitbake meaning layers using the new syntax/markup could
work with older releases. Even if other no other changes are accepted
at this time and we don't backport, it does set us on a path where at
some point in future we could
require a more explict syntax.
I've tested this patch by converting oe-core/meta-yocto to the new
syntax for overrides (9000+ changes) and then seeing that builds
continue to work with this patch.
(Bitbake rev: a6d5fb7554e3cf071e453db56a1e7469ac44277c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If shell function name starts with 'python' or 'fakeroot' parser wrongly
assumes it's python/fakeroot function.
[YOCTO #14204]
Use regex lookahead assertions to check if 'python' expression is
followed by whitespace or '(' and if 'fakeroot' is followed by
whitespace.
(Bitbake rev: 9df61675f0e9bb67a78bfa1a16b1cf9fa4c333f1)
Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As a follow up to commit: 0fc66a0b64953 [kernel: provide module.lds
for out of tree builds in v5.10+], we must not only copy module.lds
from its new location, we have to not error when it isn't found in
the old location.
With this tweak, we have coverage on all supported arches for the
new location of module.lds, and backwards compatibility through
kernel versions.
(From OE-Core rev: 9ae339ace9274be71bfd3b5e5da64dceac9fa963)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cb940d8af359fa370254bd4c2b36ba26708bb54b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
e8d9b740a550 Linux 5.4.131
d2f8a8a07ee3 xen/events: reset active flag for lateeoi events later
a05499b29a6e KVM: SVM: Call SEV Guest Decommission if ASID binding fails
58356f448b61 s390/stack: fix possible register corruption with stack switch helper
abbd42939db6 KVM: SVM: Periodically schedule when unregistering regions on destroy
8b24c7edc2f2 Linux 5.4.130
5e8519c4083b RDMA/mlx5: Block FDB rules when not in switchdev mode
c5fb49e12f2c gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP
cf5eb8209723 drm/nouveau: fix dma_address check for CPU/GPU sync
3edfd34f1338 scsi: sr: Return appropriate error code when disk is ejected
a6c85a8433e0 x86/efi: remove unused variables
(From OE-Core rev: 8c3a582b00842baeea8fdaaa81d641b998fc78a4)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit edfd97ac5a11f46b9f3b905373abe3554f4b85db)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Now that pseudo-native always includes statx support and we have sanity
checks on pseudo-native to ensure it always contains a minimum feature set,
we no longer need to mark pseudo-native as distro specific. This fixes
eSDK build problems.
[YOCTO #14428]
(From OE-Core rev: d7e87a5851d717da047f552be394d5712efa0402)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3279e43fcb469edb63c7c4eb60fdc565d5751f9d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This updates to the latest pseudo version which includes:
Revert "client: Fix some compiler warnings"
ports/linux: Always build statx support
makewrappers: Handle parameters marked as nonnull
client: Fix some compiler warnings
wrappers: Avoid -Wcast-function-type warning
In particular, this pseudo version always has statx enabled which means
we can then remove the need to make pseudo-native host distro specific
which fixes an eSDK issue.
(From OE-Core rev: c78d82c60acd8cf1eabc728d614bf4631a96c2ad)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 58cc70940ff998be49a9b89e1ad0538242cb7998)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building pseudo-native to work with uninative, we need to ensure the
configuration will work on all supported target systems. This means
"new clone" semantics, xattr and statvfs support in particular. It is
extremely unlikely we'd run on a system without any of these but add
a check just to be sure when uninative is enabled.
(From OE-Core rev: 262b70f94c34762f5879f637dc918e2d5928f2d0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ea5b208ee25752bea6037cd0f3b28da7d2c9905e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CPE entries for gst-plugins-good are listed as gstreamer issues
so we need to ignore the false hits for the two CVEs we've patched
(From OE-Core rev: d853e2bde1ea083f8438e8d7a80f041196d2e38d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CPE entries for gst-plugins-base are listed as gstreamer issues
so we need to ignore the false hit for the CVE we've patched
(From OE-Core rev: f32e90a7f8918aacda61ef6176eb1655742045b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The cli_feat_read_cb() function in src/gatt-database.c does not perform
bounds checks on the 'offset' variable before using it as an index into
an array for reading
https://nvd.nist.gov/vuln/detail/CVE-2021-3588
(From OE-Core rev: 569362f338736a1c85f090909a9893d019bfce5d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The base class is always inherited, drop the unneeded inherit.
(From OE-Core rev: cfd74f2bae51413d9c327e0f08ecf751325c2d74)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 837d62c066589e5a12a0bf894ae7b24e8b048665)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
tzcode 2020b changed the default format from "-b fat" to "-b slim".
Allow external control for the binary format.
(From OE-Core rev: 1e9393cae53b4de260ec951e7855d74f206730d0)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c9e8b716eb71d4526517825eacefb91ab2c1781c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Having two possible failures in multiprocesslauch creates a race where one failure
may occur and stop processes being lanuched meaning the second failure may not
be seen. Rather than having periodic races appearing on the autobuilder, only
have one failure, making the test much more deterministic.
[YOCTO #13054]
(From OE-Core rev: 5df87fc7d3353abb8a8f4a25b544e7927c8b39eb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 31e9dcda40aae3ce0801580c838928956e1455e3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We use dwarfsrcfiles in package.bbclass to list the source files used by a binary.
This is done before they're stripped and linked to debug symbols in separate files.
It is possible a binary may already have a link to separate debug symbols, e.g.
some of the test binaries in lttng-tools ptest. In those cases, the linked binary
may be changed by package.bbclass code whilst dwarfsrcfiles is reading it. That
would result in a rare SIGBUS race causing the binary to fail.
To avoid this, break the debug file search path so no other binaries are found.
Also fix a segfault if no binary is specified while here.
[YOCTO #14400]
(From OE-Core rev: 317e334518c6394ecba4a3fdd4ba18b185822d22)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit efef732859e265533acf16f2f4da3b29d50e0df4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Includes the following fixes:
4f0a61f753 wordexp: handle overflow in positional parameter number (bug 28011)
8e88c0d888 Fix SXID_ERASE behavior in setuid programs (BZ #27471)
74a4425fae Enhance setuid-tunables test
bb5bb87959 tst-env-setuid: Use support_capture_subprogram_self_sgid
700264179c support: Add capability to fork an sgid child
7fa6d30eea support: Typo and formatting fixes
0de2b69c31 support: Pass environ to child process
0c92f409a7 S390: Also check vector support in memmove ifunc-selector [BZ #27511]
(From OE-Core rev: eb03d3f72472539b10de49a32bdd3c68c34b658e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a bug fix release in the stable 2.28 series.
Fixes several crashes and rendering issues.
backport a patch from master to fix clang11 build error
(From OE-Core rev: 16f345895dfb82475ab4640e608d232c38b072f6)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d38f23f5c34dfb2a2d28b834b0c35b1f7778f85)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a bug fix release in the stable 2.28 series.
- Enable kinetic scrolling with async scrolling.
- Fix web process hangs on large GitHub pages.
- Bubblewrap sandbox should not attempt to bind empty paths.
- Fix threading issues in the media player.
- Fix several crashes and rendering issues.
Remove CVE-2020-13753.patch since fix is included in 2.28.3
(From OE-Core rev: a452fbbdb9646cb2a2f37a680a269b41f4bf215b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1e67e325ba620fe91ef11ab2a1029fbbc54b3c69)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Release Date: June 28, 2021
This is a security release of Python 3.8
Note: The release you're looking at is Python 3.8.11, a security bugfix release
for the legacy 3.8 series. Python 3.9 is now the latest feature release series
of Python 3. Get the latest release of 3.9.x here.
Security content in this release contains three fixes. There's also two fixes
for 3.8.10 regressions. Take a look at the change log for details.
According to the release calendar specified in PEP 569, Python 3.8 is now in
security fixes only stage of its life cycle: 3.8 branch only accepts security
fixes and releases of those are made irregularly in source-only form until
October 2024. Python 3.8 isn't receiving regular bugfixes anymore, and binary
installers are no longer provided for it. Python 3.8.10 was the last full
bugfix release of Python 3.8 with binary installers.
References:
https://docs.python.org/release/3.8.11/whatsnew/changelog.html#python-3-8-11-final
(From OE-Core rev: 1ba51ee2d52ee92bbdede9f2cd2f9ed9ff04ddb6)
Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If we tweak sstate to not remove empty directories under conditions
where a race could occur, we see failures from:
"oe-selftest -r archiver.Archiver.test_archiver_filters_by_type archiver.Archiver.test_archiver_filters_by_type_and_name"
since an empty directory is left behind. Update the tests to ignore
empty directories.
(From OE-Core rev: c96bcf97272f243df14598c84a41097746884b65)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 10cda713faea9a348fd278137ac75e4a6d76a71c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit a2db4fa127 added ${WORKDIR}/deploy-* to
PSEUDO_IGNORE_PATHS. This breaks the --strip mode since ${D} is copied to
deploy-target-stripped. Use the directory devtool-deploy-target-stripped
instead.
[YOCTO #14451]
(From OE-Core rev: 9e2c7750f57bd1baa429d2f28a4c836ee57d1bfc)
Signed-off-by: Florian Amstutz <florian.amstutz@scs.ch>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 02661f20faf11d0fa2f1874bd423f5d9fa7a31c9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
