OE is the main user of pseudo and we've had the changes in the oe-core branch
around long enough that we're going to run with them. Swicth back to directly
using the master branch.
(From OE-Core rev: 198ff9141f94c551d2a29f3a036c209e3e554a37)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Luca: re-add 'branch' parameter to fix "does not set any branch parameter" warning]
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
pseudo overrides certain libc functions which are aliases when LFS64 is
enabled. In anycase pseudo may not be of much use on 32bit systems
(From OE-Core rev: 215367b62ac1f48ba224e56e7b8862c0a7bdbcd0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Update to pull in:
pseudo.c: Avoid patch mismatch errors for NAMELESS file entries
In rare cases we see failures, often in linux-libc-headers for things like:
| INSTALL /XXX/linux-libc-headers/6.1-r0/image/usr/include
| abort()ing pseudo client by server request. See https://wiki.yoctoproject.org/wiki/Pseudo_Abort for more details on this.
Pseudo log:
path mismatch [2 links]: ino 46662476 db 'NAMELESS FILE' req '/XXX/linux-libc-headers/6.1-r0/image/usr'.
Setup complete, sending SIGUSR1 to pid 3630890.
Whilst this doesn't easily reproduce, the issue is that multiple different processes are
likely working on the directory and the creation in pseudo might not match accesses
made by other processes.
Ultimately, the "NAMELESS FILE" is harmless and pseudo will reconcile things
so rather than error out, we should ignore this case.
(From OE-Core rev: 77d018ce3b3a9390a5cc020bce9f9ea9017820dd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4f30a1a74828e105cbe69677b3fbe5623f371543)
Signed-off-by: Fabio Berton <fabio.berton@criticaltechworks.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When `-pipe` is enabled, GCC passes data between its different
executables using pipes instead of temporary files. This leads to issues
when cmake attempts to infer compiler internals via the `-v` parameter
as each executable will print to `stderr` in parallel.
In turn this may lead to compilation issues down the line as for example
the system include directories could not be determined properly which
may then propagate to issues such as:
recipe-sysroot/usr/include/c++/11.3.0/cstdlib:75:15: fatal error:
stdlib.h: No such file or directory
| 75 | #include_next <stdlib.h>
| | ^~~~~~~~~~
| compilation terminated.
| ninja: build stopped: subcommand failed.
| WARNING: exit code 1 from a shell command.
Fix this stripping `-pipe` from the command line used to determine
compiler internals.
(From OE-Core rev: 8e2233fd0509b9f20c19d5006dd7ef0c2260bdba)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The pipe library is deprecated in Python 3.11 and will be removed in
Python 3.13. pipe.quote is just an import of shlex.quote anyway.
Clean up imports while we're at it.
(From OE-Core rev: 8eec5c4417301ea3b38e6662e7b29c9071f233e1)
Signed-off-by: Ola x Nilsson <olani@axis.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 5f33c7b99a991c380d1813da8248ba5470ca4d4e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commits from https://github.com/libexpat/libexpat/pull/915
Not picking test is suboptimal, but test structure was changed meanwhile
so we'd have to invent new code.
Skipping tests was already done in previous expat/kirkstone CVE patches.
(From OE-Core rev: 2cf8325876aa4d43151f5a327a21834db37bf0cb)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This CVE is patched in gstreamer1.0-plugins-bad.
cpe product is set to gstreamer, they share source git repository.
(From OE-Core rev: e64d90d4c52f2e236dbe3b24b7deffce10452671)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability
via jbig2_error at /jbig2dec/jbig2.c.
(From OE-Core rev: 3e9018fb14466495be7472a8620918347c732e86)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Reproducible builds are no longer a configuration option but are required.
We also rely on the prefix mapping capability of the compilers now.
As such, rewrite the source locating code to use the prefix maps instead
of taking a guess about WORKDIR which isn't correct for kernels, gcc,
externalsrc and probably more.
Instead, iterate the maps to locate any matching source code, keeping
in mind that multiple maps may map to one target location.
(From OE-Core rev: 80289f49d0c5ca98da1d1558728b8a468aab4326)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cbd6144a9769d21371ae0fe04db2adc05f6eed02)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Commit 7806e21e7d47 ("gcc: upgrade to v11.5") removed one patch named
0001-aarch64-Update-Neoverse-N2-core-defini.patch by mistake, this will
cause the Neoverse N2 core to be identified as the armv8.5 architecture,
restore this patch to avoid related compilation issues.
(From OE-Core rev: 4c75edda8ec28fb8dee19ca90a1ea7f33ba80999)
Signed-off-by: Ruiqiang Hao <Ruiqiang.Hao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Rtaher than trying to use a sqlite database over NFS from DL_DIR, work from
a local copy in STAGING DIR after fetching.
(From OE-Core rev: 9b6363994e5715f1d08b98956befd8915c128e85)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 03596904392d257572a905a182b92c780d636744)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
GCC 14 implicitly turns a warning into a compiler error:
| ../../git/src/lib/packlib.c: In function ‘PWClose’:
| ../../git/src/lib/packlib.c:554:40: error: passing argument 1 of ‘HwmsHostToBigEndian’ from incompatible pointer type [-Wincompatible-pointer-types]
| 554 | HwmsHostToBigEndian(tmp_pwp.hwms, sizeof(tmp_pwp.hwms), en_is32);
| | ~~~~~~~^~~~~
| | |
| | uint32_t * {aka unsigned int *}
| ../../git/src/lib/packlib.c:142:27: note: expected ‘char *’ but argument is of type ‘uint32_t *’ {aka ‘unsigned int *’}
| 142 | HwmsHostToBigEndian(char *pHwms, int nLen,int nBitType)
| | ~~~~~~^~~~~
Add the cast to (char *) to silence it.
(From OE-Core rev: 7cca344feaa16cfabbaa2f34e4aab91cc1af39ee)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* to allow building vala-native on hosts with gcc-14
* we could backport:
23ec71b1a5
which is already included in scarthgap, but that's big patch doing almost the same
(From OE-Core rev: 0f850f213071d4bc3a7065334debabd32c7bd9a1)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
zip's configure fails to link this piece of test code:
int main() { return closedir(opendir(".")); }
with GCC-14 because it now treats implicit declaration of function
as error, unline older GCC version where it was just a warning
and this test would build fine.
Remove 0002-unix.c-Do-not-redefine-DIR-as-FILE.patch which
is now unnecessary (MJ: this part wasn't applicable for kirkstone).
(From OE-Core rev: fd31dd1abc8199a1865801259e6f96b78a17d994)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3422411eb750c7e960b81676637cfb321dbadefb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Newer compilers are strict and have turned some warnings into hard
errors which results in subtle configure check failures. Therefore fix
these tests and also enable largefile support via cflags when its
desired
(From OE-Core rev: 03b7a44e2ff4364cb85758f91d78efa0cf85682d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The bmaptool (previously: bmap-tools, bmap-tool, bmaptool) has been moved
to be under the Yocto Project umbrella and is now hosted at:
github.com/yoctoproject/bmaptool
(From OE-Core rev: 7678ae7fc255621d91271599b5f4491520387279)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The 'preinit' script can't create mount directories when rootfs is
read-only. Add an option to skip this step. The user must make sure that
all required directories are already in the rootfs directory layout.
Cc: Vyacheslav Yurkov <uvv.mail@gmail.com>
(From OE-Core rev: 302dd4a63f97e23631a62a0b902cc253f6843ab0)
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 3d433d8559467d255bd19af2d0999c65ea24a48d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
- Security: Minor follow-up fixes for CVE-2024-40897
- powerpc: fix div255w which still used the inexact substitution
- x86: work around old GCC versions (pre 9.0) having broken xgetbv
implementations
- x86: consider MSYS2/Cygwin as Windows for ABI purposes only
- x86: handle unnatural and misaligned array pointers
- orccodemem: Assorted memory mapping fixes
- Fix include header use from C++
- Some compatibility fixes for Musl
- ppc: Disable VSX and ISA 2.07 for Apple targets
- ppc: Allow detection of ppc64 in Mac OS
- x86: Fix non-C11 typedefs
- meson: Fix detecting XSAVE on older AppleClang
- x86: try fixing AVX detection again by adding check for XSAVE
- Check return values of malloc() and realloc()
(From OE-Core rev: ec300eadd0ab51583502b833798a6b46956f0f47)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ed7e4eb12491968c5f962b7e89d557c2c6d86a33)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
https://nvd.nist.gov/general/news/cvss-v4-0-official-support
CVSS v4.0 was released in November 2023
NVD announced support for it in June 2024
Current stats are:
* cvss v4 provided, but also v3, so cve-check showed a value
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 != 0.0;
2069
* only cvss v4 provided, so cve-check did not show any
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 = 0.0;
260
(From OE-Core rev: 358dbfcd80ae1fa414d294c865dd293670c287f0)
(From OE-Core rev: 8c20a7badb6e5d6c6c90176e45e90f776df25298)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
These CVEs were fixed in 3.10.15
Commit 487e8cdf1d removed patches in favor
of version upgrade, which caused the CVEs to re-appear in reports.
(From OE-Core rev: 2cf10084c56c83da3deff4e65e619afab80e08e1)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A DMA reentrancy issue leading to a use-after-free error
was found in the e1000e NIC emulation code in QEMU. This
issue could allow a privileged guest user to crash the
QEMU process on the host, resulting in a denial of service.
CVE-2023-3019-0002 is the CVE fix and CVE-2023-3019-0001
is dependent CVE fix.
fix indent issue in qemu.inc file.
CVE-2023-3019 patch required Mem ReenttranceyGuard structure
definition, it's defined in commit:
a2e1753b80
but the patch is causing errors:
Failed: qemux86 does not shutdown within timeout(120)
so backported only required structure definition.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-3019
Upstream patches:
7d0fefdf813c0463a650
(From OE-Core rev: 3782e1b21882ffc5e4cc466418e066179470241e)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick patch from branch openssl-3.0.
(From OE-Core rev: 75e1dedf85ac093fc43eb88a59bfe980bb363bf9)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport the upstream buffer modifier fix for create_framebuffer to
handle the case where no valid modifiers are available.
(From OE-Core rev: 983e3efb51ab22f1fa5f90cbbfba2d701aa425fc)
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
syslinux has vendored copy of ext2fs/ext2_fs.h but uses ext2fs/ext2fs.h
from e2fsprogs package, however, ext2fs/ext2fs.h has dependencies on
ext2fs/ext2_fs.h coming from e2fsprogs package as these both headers
come from same package, here syslinux uses ext2fs.h from e2fsprogs but
supplies its own copy of ext2_fs.h which maybe out of sync and that
results in warnings about implicit implicit-function-declarations
e.g.
recipe-sysroot/usr/include/ext2fs/ext2fs.h:727:16: error: implicit declaration of function 'ext2fs_has_feature_gdt_csum' [-Wimplicit-function-declaration]
| 727 | ext2fs_has_feature_gdt_csum(fs->super);
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
ext2fs_has_feature_gdt_csum here comes from newer version of
ext2fs/ext2_fs.h but missing from vendored copy, hence the warning.
With gcc-14 this warning is treated as error by default, which breaks
the build, so lets treat it as warning only.
All these functions are never used in syslinux, so functionality-wise we
are fine.
(From OE-Core rev: 14fdee535c37aaa44898dc22149004c97b2456ca)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a2b30108055e68b62fdad7319d7d569bc38a07b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Last version bump removed patch for this CVE because it was integrated
in new release. This has caused the CVE to reappear in reports because
2023-09-12 is "higher" than 11.5...
(From OE-Core rev: d74fd7c4e9353fc00f0b79f05de101efb0148a6f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We can't support vgem on RHEL derived distros so disable this test for
all fedora hosts rather than specific versions.
(From OE-Core rev: c4760d6a52011515b0f931d08f619c7e49e72158)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This test fails consistently on the new valkyrie autobuilder cluster
The estimate instructions (rcpss, rcpps, rsqrtps, rsqrtss) are, as the
name suggests, not expected to give a fully accurate result. They may
produce slighly different results on different CPU families because
their results are not defined by the IEEE standard.
(From OE-Core rev: 9269edb63d3c68de62326f5960ffff0c1068e709)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
[Backport from OE-Core: 40f85de590c188c9c3985e64a83efaf06b0b4fbc]
zstd is dual-licensed under BSD _OR_ GPLv2 which was updated in the README for v1.5.6.
License wording in the README for v1.5.2 is misleading, but license headers in the code
clearly state that there is a choice between the two licenses.
(From OE-Core rev: 4ef9b4d947b6e8ed7637cdd9e722c3f0c83990dd)
Signed-off-by: Massimiliano Minella <massimiliano.minella@se.com>
Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fixes:
http://errors.yoctoproject.org/Errors/Details/770525/
| checking whether the C compiler (gcc -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe ) works... no
| configure: error: installation or configuration problem: C compiler cannot create executables.
| RULES/rules.cnf:70: incs/amd-ryzen-threadripper-3970x-32-core-processor-linux-cc/rules.cnf: No such file or directory
| make: *** [RULES/rules.cnf:59: incs/amd-ryzen-threadripper-3970x-32-core-processor-linux-cc/rules.cnf] Error 1
| make: *** Waiting for unfinished jobs....
where config.log show it's caused by gcc-14:
configure:1189: checking whether the C compiler (gcc -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe ) works
configure:1211: gcc -o conftest -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe -D_GNU_SOURCE conftest.c 1>&5
configure:1208:1: error: return type defaults to 'int' [-Wimplicit-int]
configure: failed program was:
main(){return(0);}
(From OE-Core rev: 6fd1bc0620e6d6ce9b940eaeb68474f4d0b9369b)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 094273bd7d1768e14fbdcd2f239bee14c630a625)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since this is a recipe with PACKAGES = "", inherit the nopackages
class to skip the various packaging functions which wouldn't do anything anyway.
This fixes errors from buildhistory changes where packages-split would be empty.
(From OE-Core rev: fc8ad580c5d76266ad722c9429f39adf5370c2fb)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since this bbclass sets PACKAGES = "", inherit the nopackages
class to skip the various packaging functions which wouldn't
do anything anyway.
This fixes errors from buildhistory changes where packages-split would be empty.
e.g. meta-toolchain build now fails with:
| DEBUG: Executing shell function buildhistory_list_pkg_files
| find: ".../meta-toolchain/1.0/packages-split/*": No such file or directory
| WARNING: exit code 1 from a shell command.
| DEBUG: Python function buildhistory_emit_pkghistory finished
(From OE-Core rev: 3b646f322b4ffd5ed520f3815ce0726cf225ced2)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.com>
Signed-off-by: Atharva Nandanwar <atharvanandanwar@outlook.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
On some platforms, `EGLNativeDisplayType` is an int instead of
a pointer, in which case the void pointer will raise
a `-Wint-conversion`.
Add change as a patch instead of updating SRCREV .
if we update SRCREV might will get compatiblity issue
with current gstreamer 1.20.7 version because SRCREV brings changes
which resolves negotiation issues encountered with V4L2 stateless
hardware video decoders when using kmscube video playback option
which has gstreamer dependency requirement to 1.22.0
(From OE-Core rev: 19a899d2ec69572e0eae4576d9fc55a7ba857309)
Signed-off-by: Purushottam Choudhary <purushottam27.kumar@lge.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
