Upgrade to latest 1.24.x release [1]:
$ git --no-pager log --oneline go1.24.0..go1.24.1
339c903a75 (tag: go1.24.1) [release-branch.go1.24] go1.24.1
334de7982f [release-branch.go1.24] all: updated vendored x/net with security fix
5d6920842b [release-branch.go1.24] runtime/cgo: avoid errors from -Wdeclaration-after-statement
949eae84df [release-branch.go1.24] cmd/compile: don't pull constant offsets out of pointer arithmetic
0bfde51e0d [release-branch.go1.24] runtime: document that cleanups can run concurrently with each other
45a52718e3 [release-branch.go1.24] runtime/cgo: avoid errors from -Wdeclaration-after-statement
7f375e2c22 [release-branch.go1.24] reflect: let Value.Seq return the iteration value correct type
4070531920 [release-branch.go1.24] syscall: disable O_DIRECTORY on Windows for js/wasm
5ffdb9c88b [release-branch.go1.24] reflect: correctly handle method values in Seq
becc17ebcd [release-branch.go1.24] runtime: use WCLONE when waiting on pidfd test child
d418e224ae [release-branch.go1.24] syscall: don't send child signal when testing pidfd
456eaf5c29 [release-branch.go1.24] cmd/compile: don't report newLimit discovered when unsat happens multiple times
e4ef83383e [release-branch.go1.24] debug/buildinfo: base64-encode test binaries
4e6d3468cc [release-branch.go1.24] cmd/compile: ensure we don't reuse temporary register
f5c388313f [release-branch.go1.24] internal/godebugs: add fips140 as an opaque godebug setting
af236716b2 [release-branch.go1.24] cmd/compile, runtime: use deferreturn as target PC for recover from deferrangefunc
0f7b7600fb [release-branch.go1.24] doc/godebug: mention GODEBUG=fips140
eb58df7dbf [release-branch.go1.24] cmd/compile: avoid infinite recursion when inlining closures
30f4d9e117 [release-branch.go1.24] syscall: don't truncate newly created files on Windows
bb0e5c2045 [release-branch.go1.24] runtime: fix usleep on s390x/linux
cd0e528d3d [release-branch.go1.24] runtime: add some linknames back for `github.com/bytedance/sonic`
80e2e474b8 [release-branch.go1.24] cmd/go: initialize req.Header when loading git credential
Fixes CVE-2025-22870
[1] https://github.com/golang/go/compare/go1.24.0...go1.24.1
(From OE-Core rev: 55325a3cbc8ade35e811b95b6f4b7a5c2787800d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
============
- Build system:
- PDF book:
- Add support for UNIX V10 sources.
- Makefiles:
- Don't pass an escaped # to grep(1). Use a trick to work with
both new and old systems. This fixes a regressions in the
build system from man-pages-6.11, which was itself introduced
while fixing a regression introduced in man-pages-6.10.
[RP: Tweak version typo in commit message]
(From OE-Core rev: d19fcc6885521d5ec41a32938299b4cc016c0030)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Noteworthy changes in version 2.5.5 (2025-03-07)
------------------------------------------------
* gpg: Fix a verification DoS due to a malicious subkey in the
keyring. [T7527]
* dirmngr: Fix possible hangs due to blocking connection requests.
[T6606, T7434]
* w32: On socket nonce mismatch close the socket. [T7434]
* w32: Print more detailed diagnostics for IPC errors.
* GPGME is not any more distributed with the Windows installer.
Please install gpg4win to get gpgme version.
See-also: gnupg-announce/2025q1/000491.html
Release-info: https://dev.gnupg.org/T7530https://dev.gnupg.org/source/gnupg/browse/master/NEWS
(From OE-Core rev: e0eaf598193012c6b0ada9e56be9bc0d6b19ec97)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit adds a backport patch to address a build issue with pipewire 1.4.0
| /home/flk/poky/build/tmp/work/corei7-64-poky-linux/libsdl2/2.32.2/SDL2-2.32.2/src/audio/pipewire/SDL_pipewire.c:593:37: error: passing argument 1 of 'pw_node_enum_params' from incompatible pointer type [-Wincompatible-pointer-types]
(From OE-Core rev: bacb0c9231176b605d22ad6eb168d041a2c64bd9)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The SPDX library code was being ignored from taskhash calculations due
to accidentally being omitted from BBIMPORTS. This meant that changes in
the code or dependent variables would not cause the task to rebuild
correctly.
In order to add spdx_common, convert the `Dep` object from a named tuple
to a frozen dataclass. These function more or less equivalently, but the
bitbake code parser cannot handle named tuples.
Finally, the vardepsexclude that used to be present on the recipe tasks
needs to be moved to the python code in order for the variables to be
correctly ignored. Several unused exclusions were removed
(From OE-Core rev: eb597bf61cbcb0a4d43149404c93eec0894fb4c7)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
For reasons we have explicit xorg.conf files for a number of the qemu
machines, but not all of them. These mainly disabled screen blanking
(which is now down with a separate fragment) but also explictly set the
device driver to fbdev which meant they didn't use the modesettings
driver as they should (with the virtio framebuffer from qemu).
This is the root cause of why the xserver 21.1.16 upgrade doesn't work
on a number of machines: the /sys probing changed and the fbdev driver
now refuses to use the PCI framebuffer device as there are better
drivers, but we've explictly told xorg to use the wrong driver.
For more details, see https://gitlab.freedesktop.org/xorg/xserver/-/issues/1798.
(From OE-Core rev: 8c8039bf4c2d011e3d12c970ce45036b184902a9)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a configuration fragment that disables screen blanking, and add it
to all qemu machines.
(From OE-Core rev: 780a5ccaa51d5aed18200883a686387e70847e4b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Unfortunately this has been overlooked, and resulted in
erroneous updates to testing/development releases.
The check will report an 'unknown' latest version until 2.6.0
is released.
(From OE-Core rev: 7e505c1506ea6a079b0291f84e4ec6774064ef20)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We're fairly careful in bitbake about how we handle fork() calls and believe our code
to be safe. The upstream deprecation warning is problematic as it can appear in log
output as a WARNING, breaking tests. It also tends to alarm users.
Hide the warning for now to avoids the test failures.
(Bitbake rev: c636bd629896f56e5f3d4030da3d1f130590afc6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Test with only one externally provided ssh key not only with two
keys generated by the kernel-fitimage.bbclass itself.
* Add a test which signs only the configuration but not the image nodes.
There was no test case which covered the probably much more important
use case of setting FIT_SIGN_INDIVIDUAL = "0".
* Cover also the unbundled initramfs use case. Also this use case is
probably much more relevant than the bundled initramnfs use case.
(From OE-Core rev: 0a5b65b83dcd9f8d1d22d074fdfad1f1e472827c)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a comprehensive cleanup of the fitImage related test cases.
The existing test cases were essentially the same code copied and pasted
9 times. All 9 test cases contained the code to parse an its file and to
parse the output of the dumpimage utility in slightly different variants.
Changing the kernel-fitimage.bbclass or the uboot-sign.bbclass would mean
changing 9 test cases individually. This is no longer maintainable.
This cleanup converts the code into reusable functions. The new test
code is more like a reverse implementation of the bbclasses to be tested
than a collection of straightforward test sequences.
This also means that the test code evaluates the same bitbake variables
as the implementation. This makes it much easier to add new test cases,
as a test case is basically just another local.conf file. The code is
not yet complete. But it can now be improved step by step in this
direction.
(From OE-Core rev: 1dfa03a182d9d9e9e38c410847c7dac4ed7e8ce6)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a trivial refactoring.
The goal is to have all tests for kernel-fitimage.bbclass and all tests
for uboot-sign.bbclass together. This refactoring greatly simplifies
the diff of the next commit.
(From OE-Core rev: 638abab58b653a1fb120368bd5e30bc80478757c)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
For u-boot test cases (bitbake virtual/bootloader) inheriting the
kernel-fitimage.bbclass is no longer needed. Also setting any variable
which is evaluated by the kernel-fitimage.bbclass but not by
uboot-sign.bbclass is pointless since:
* Commit OE-Core rev: 5e12dc911d0c541f43aa6d0c046fb87e8b7c1f7e
changed the test case from
bitbake virtual/kernel
to
bitbake virtual/bootloader
* Commit OE-Core rev: 259bfa86f384206f0d0a96a5b84887186c5f689e has
finally removed the dependency of uboot-sign.bbclass on the
kernel-fitimage.bbclass completely.
Remove the related lines of code which are now without any effect.
The two test cases test_uboot_fit_image and test_uboot_sign_fit_image
do the exact same test. Both generate a binary equal its file:
/dts-v1/;
/ {
description = "A model description";
#address-cells = <1>;
images {
uboot {
description = "U-Boot image";
data = /incbin/("u-boot-nodtb.bin");
type = "standalone";
os = "u-boot";
arch = "arm";
compression = "none";
load = <0x80080000>;
entry = <0x80080000>;
};
fdt {
description = "U-Boot FDT";
data = /incbin/("u-boot.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
};
};
configurations {
default = "conf";
conf {
description = "Boot with signed U-Boot FIT";
loadables = "uboot";
fdt = "fdt";
};
};
};
The code diff between the two equal test cases looks like:
@@ -1,8 +1,9 @@
- def test_uboot_fit_image(self):
+ def test_uboot_sign_fit_image(self):
"""
Summary: Check if Uboot FIT image and Image Tree Source
(its) are built and the Image Tree Source has the
- correct fields.
+ correct fields, in the scenario where the Kernel
+ is also creating/signing it's fitImage.
Expected: 1. u-boot-fitImage and u-boot-its can be built
2. The type, load address, entrypoint address and
default values of U-boot image are correct in the
@@ -26,16 +27,15 @@
UBOOT_LOADADDRESS = "0x80080000"
UBOOT_ENTRYPOINT = "0x80080000"
UBOOT_FIT_DESC = "A model description"
-
-# Enable creation of Kernel fitImage
KERNEL_IMAGETYPES += " fitImage "
-KERNEL_CLASSES = " kernel-fitimage"
+KERNEL_CLASSES = " kernel-fitimage "
UBOOT_SIGN_ENABLE = "1"
FIT_GENERATE_KEYS = "1"
UBOOT_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
UBOOT_SIGN_IMG_KEYNAME = "img-oe-selftest"
UBOOT_SIGN_KEYNAME = "cfg-oe-selftest"
FIT_SIGN_INDIVIDUAL = "1"
+UBOOT_MKIMAGE_SIGN_ARGS = "-c 'a smart U-Boot comment'"
"""
self.write_config(config)
Conclusion: The test case test_uboot_sign_fit_image looks redundant.
Contrary to its name, it does not insert any signature nodes into the
its-file and therefore does not test any type of signature.
Code history:
- Commit OE-Core rev: e71e4c617568496ae3bd6bb678f97b4f73cb43d8
introduces both test cases.
- Commit OE-Core rev: 5e12dc911d0c541f43aa6d0c046fb87e8b7c1f7e
changes both test cases like this:
- bitbake("virtual/kernel")
+ bitbake("virtual/bootloader")
It looks like the original implementation of test_uboot_sign_fit_image
was supposed to test the interaction between the kernel-fitimage.bbclass
and uboot-sign.bbclass which does not longer work like that.
When compiling u-boot, the variable that is relevant for creating an its
file with signature nodes is: SPL_SIGN_ENABLE. This is what the test
case test_sign_standalone_uboot_fit_image verifies. Lets just delete the
now obsolete test_uboot_sign_fit_image test case.
(From OE-Core rev: de8bfdff0f997f59a2bd27842a2ffcd365f725f3)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Compiling a FIT image with this default values and dump it with
dumpimage shows decimal converted values. For example the default value
20008000 looks like this:
Image 0 (kernel-1)
...
Load Address: 0x01314c40
Entry Point: 0x01314c40
With this change the expected value is printed by dumpimage.
(From OE-Core rev: e6f2ca9135ef7da8f8b5925957532734c06e55cc)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If FIT_SIGN_INDIVIDUAL is set to “1”, a signature section is added
to all screen sections, but not to the setup section. To match the setup
section with all other sections, the signature is also added. This also
helps to implement the associated tests generically.
This change is intended to make the code more consistent. However, it is
not intended to make the FIT_SIGN_INDIVIDUAL function more popular.
Technically, it would be better to remove the signature from all other
image sections and discard the FIT_SIGN_INDIVIDUAL function, the use of
which is no longer recommended anyway.
(From OE-Core rev: 8bf6a9c07cdde8fc8bbd4bb61a4886ccc02a570f)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Document the include_all directive, which can be used to include
multiple files present in the same location in different layers.
(Bitbake rev: bd41f09c7fa67f917246a740fd4068e4588a1dcd)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The command complete event triggers the UI to start new commands.
We should send this once we've cleaned up existing commands since
on very slow systems, this could otherwise cause failures. There
is a 30s timeout on incomming commands but slow systems have been
known to hit this on poorly configured I setups.
(Bitbake rev: d202298b3d989c39bc532b69c410e2e78b082a11)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We have a "parsing started" event in the cooker deamon log but we don't
currently log the corresponding "parsing complete" event which is
confusing. Add this so that the logs are more logical.
(Bitbake rev: 1aa491c1f1211bf9faab712c321b66629fb7be66)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Whenever Systemd is used as an init manager, it requires a machine-id
file to be present / initialized / or have the RW rootfs. This change
does not introduce a new functionality, but rather merges everything we
do with machine-id in one place.
(From OE-Core rev: 890b81cdfadc427189eff4bbd2c24e32eb286126)
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Instead of the python re-implementation build the actual systemctl from
the systemd source tree. The python script was used when systemd didn't
provide an option to build individual executables. It is possible in the
meantime, so instead of always adapting the script when there's a new
functionality, we simply use upstream implementation.
License-Update: Base recipe is used
(From OE-Core rev: 7a580800db391891a3a0f838c4ae6e1513c710a2)
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
