In SDK, missing perl modules causes 'x86_64-pokysdk-linux-gp-display-html --help' to abort with below errors..
- Can't locate bignum.pm in @INC (you may need to install the feature module).
- Can't locate Math/BigInt.pm in @INC (you may need to install the Math::BigInt module)
By adding the following perl modules to RDEPENDS fixes the above errors:
nativesdk-perl-module-bignum
nativesdk-perl-module-bigint
nativesdk-perl-module-math-bigint
(From OE-Core rev: 05f1099acbbb10b6ce33ea117d313749f7dc4a47)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 6.10 build has been tested on both a BeaglePlay and qemu, so we can
remove the pinning now.
(From meta-yocto rev: d19d6046e96b1c94ee50a6140b1338a50a2cef20)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Only the tested machines are uncommented, so that people don't try to use
the untested machines but it's easy to enable them for testing.
KBRANCH is no longer set as all of the machines use standard/base, which
is the default from the linux-yocto recipe.
(From meta-yocto rev: 57de8f6e5085b57dd4ccfab8f0994ae6c4ee55a4)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Includes patches for CVE-2023-45236, CVE-2023-45237 and
CVE-2024-25742. Refreshed patches with devtool.
Changes:
https://github.com/tianocore/edk2/releases
edk2-stable202408
Release Date 2024-08-23
New Features & Bug Fixes
CryptoPkg:Add more crypto APIs (AESGCM/PEM/X509/RSA/PKCS5/PKCS7/Authenticode) based on Mbedtls
CryptoPkg: Enable Openssl native instruction support for AARCH64
CryptoPkg: Add support for aes128-sha256 and aes256-sha256 cipher
UefiCpuPkg: S3 cleanup
MdePkg/BaseLib: Add CRC16 CCITT False Implementation
DynamicTablesPkg: ACPI TPM2 generator
DynamicTablesPkg: Prepare for supporting other archs
BaseTools: Add VS2022 support
OvmfPkg: Add LoongArchVirt instance to OvmfPkg and enable it
edk2-stable202405
Release Date 2024-05-24
New Features & Bug Fixes
SecurityPkg:Add EFI Device Authentication Signature Database and SPDM
CryptoPkg:add additional RSAES-OAEP crypto functions
OvmfPkg:Add 5-level paging support
OvmfPkg:SEV-SNP Support for running under an SVSM
OvmfPkg:RBP register shall be cleared in TDVMCALL
OvmfPkg:Harden #VC instruction emulation (CVE-2024-25742)
Add SPI bus driver stack
NetworkPkg: Predictable TCP ISNs
NetworkPkg: Use of a Weak PseudoRandom Number Generator
UefiCpuPkg: Add new SmmRelocationLib library
Bugzilla List
Update Notes
NetworkPkg SECURITY PATCH CVE-2023-45237 requires the platform to provide the right implementation of the EFI_RNG_PROTOCOL
(i.e., using a GUID that appears in the allowlist) and EFI_HASH2_PROTOCOL. If it is not implemented, the platform will lose the ability to do network boot.
(From OE-Core rev: 50ae1d4afe436498b157f19e085532a6f0525d85)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Remove 0001-tools-locktest-Use-intmax_t-to-print-off_t.patch, upstream has
fixed it with %lld.
* Remove 0001-reexport.h-Include-unistd.h-to-compile-with-musl.patch, it builds well
with musl without this patch.
* Add libxml2 to DEPENDS to fix:
configure: error: libxml2 not found.
* Add the following 2 patches to fix build errors with musl:
0001-support-include-junction.h-Define-macros-for-musl.patch
0001-support-junction-path.c-Fix-buld-for-musl.patch
(From OE-Core rev: 5e79a26b4188f562fe349ccb4523f60ad6f9c2a0)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add test cases for a module path consisting of only a hostname and add
checksum verification of the unpacked go.mod files.
(Bitbake rev: 9380859b59923dee17469348f472a22e11be1779)
Signed-off-by: Christian Lindeberg <christian.lindeberg@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When mesh is enabled on musl the build fails with conflicting basename
calls.
(From OE-Core rev: 2db90c6508e350d35782db973291bbf5ffdfd3a5)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
To keep the module cache logic in the go module fetchers simple, the
unpacking of the module zip files in the module cache directory is left
to the go install command in do_compile. So for do_populate_lic to find
the license files of module dependencies, do_compile needs to run before
do_populate_lic.
(From OE-Core rev: 35496654db325a4a904997be7a02fb04de74e9be)
Signed-off-by: Christian Lindeberg <christian.lindeberg@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Set the GO_MOD_CACHE_DIR variable and move the location of the module
cache to enable the use of the go module fetchers for downloading and
unpacking module dependencies to the module cache.
Also, clean out the module cache before unpacking.
(From OE-Core rev: 287daff0bbd877990ce272e10601d4540d71f239)
Signed-off-by: Christian Lindeberg <christian.lindeberg@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changlog:
- Fix issue with device creation when using LTE.
- Fix issue with regulatory domain when powering up.
- Fix issue with resolving ISO3166 code from timezone data.
- Fix issue with handling DNS proxy zero termination of buffers.
- Fix issue with handling DHCP packet length in L3 mode.
- Fix issue with handling DHCP upper length checks.
- Fix issue with handling IPv6 and URL parsing.
- Fix issue with handling online check updates.
- Fix issue with handling proxy method and WISPr.
- Fix issue with handling default gateway setup.
- Add support for low-priority default routes.
(From OE-Core rev: 467d28f5d243d821722cf8dcdbb9675a2820cd4f)
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
- Allow to disable reverse DNS resolution (PTR lookup) with with
environment variable IPUTILS_PING_PTR_LOOKUP=0
- Lower max allowed -s value to 65507 (IPv4) or 65527 (IPv6).
That is the maximum the Linux kernel supports.
- Include pre-generated man pages & HTML docs in dist tarballs.
This allows to avoid libxslt, docbook, ... as a build dependencies.
- require meson >= 0.44
- ping has new option -3
(From OE-Core rev: 6e950f5edd36a2ef1b1a7c46c1bb860ddce7a70f)
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update:
Add copyright and licensing metadata to all files
Changed to LGPL-2.1-or-later
Changelog:
==========
- Improve conformance of the JSON parser
- Add conformance test suite from https://github.com/nst/JSONTestSuite
- Add JsonParser:strict to enable strict parsing
- Add '--strict' to json-glib-validate to enable strict parsing
- Deprecate the signals on JsonParser
- Port tools man pages from DocBook to reStructureText
- Add "documentation" configuration option, and deprecate "gtk_doc"
- Add JsonGenerator.take_root()
- Documentation improvements for JsonReader
- Raise parser error for malformed Unicode
- Build fixes and performance improvements
- Allow disabling installed tests
- Support parsing multiple root statements in non-strict mode
- Allow loading files >4GB with json-glib-validate
(From OE-Core rev: 78402af3e1d893d9554ab71c8a423b80e24af0d8)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Also update sanity tested distros to list distros on the typhoon and
valkyrie clusters which are known to work.
(From meta-yocto rev: d2ff1a0780456681ca0747cdf7aa79d6002cf70a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update to the 5.0.3 release of the 5.0 series for buildtools.
(From OE-Core rev: c922ca720a0c3b7b4d3d3187539e7cf77d93d457)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add styhead. Also fix a typo in the usage instructions.
(Bitbake rev: d3c84198771b7f79aa84dc73061d8ca071fe18f3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When calculating the module name for a gomod URI with only a hostname,
e.g.:
gomod://go.opencensus.io;version=v0.24.0;sha256sum=203a767d7f8e7c1ebe5588220ad168d1e15b14ae70a636de7ca9a4a88a7e0d0c
the non-existing path would actually be treated as "/", which resulted
in a trailing slash being added to the module name preventing the unpack
method from correctly locating the go.mod file.
(Bitbake rev: f0e02e1de4d649e647e4ab61341042dd38d0eeb0)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using Arm binary toolchain, version 2.11 of wpa-supplicant is
failing to compile with the following error:
| ../src/drivers/driver_macsec_linux.c:81:29: error: field ‘offload’ has incomplete type
| 81 | enum macsec_offload offload;
| |
Backport a recent patch that corrects the issue by adding a check for
the version of kernel headers being used in compilation and disabling
that enum if too old a version is being used (or is used by the
binary toolchain).
(From OE-Core rev: 373d8d4f5316416d70eb2c0733d9838e57419ac3)
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The solution to the problem upstream was fixed by the following commit:
ca6546fe52
Now MAX_INPUT is defined for non-glibc systems such as musl.
This fix was added in BlueZ 5.67.
(From OE-Core rev: fea1bb917ebb1f99c83dbbc87a6f0ffc3627879a)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Make ImageQAFailed inherit BBHandledException so exceptions raised in tests are
catched when the actual test function is executed by bb.utils.better_exec.
Change the do_image_qa tasks so errors are handled with oe.qa.handle_error. Add
some comment to explain this requires to list the test in ERROR_QA or WARN_QA.
[YOCTO #14807]
https://bugzilla.yoctoproject.org/show_bug.cgi?id=14807
(From OE-Core rev: 905e224849fbbed1719e0add231b00e2d570b3b4)
Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In oe-core ebcd355 TCLIBCAPPEND (a string that is appended to TMPDIR) was
removed entirely. Warn if this is being set by the distro as it will no
longer have any effect.
(From OE-Core rev: 992ba784c168710328749fd61a0e2869df519dea)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add the firmware package for the TI CC33xx firmware.
The TI CC33xx family are combo WLAN and BLE devices
supporting 802.11ax and BLE 5.4.
(From OE-Core rev: b618504e496a5df84cfc8d6b90ba295f8f0497e4)
Signed-off-by: Sabeeh Khan <sabeeh-khan@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The libsamplerate option was floating and being enabled on some systems
and not others. Fix this to be deterministic.
(From OE-Core rev: 61455a839e568a3ae7e059ea95c02a1c88d39e1a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is no longer needed/supported. That solves the FIXME I guess!
(From meta-yocto rev: 9ea01f67bb15c78cd7ba0efe1dfc8861f21f9825)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This reverts commit a4f42e396e2942fde94b8b4944487c1c45f7a295.
Unfortunately configparser is a bit more strict and fails to parse e.g.:
e104dd7f27/.gitmodules
[submodule "components/bt/controller/lib_esp32"]
path = components/bt/controller/lib_esp32
url = ../../espressif/esp32-bt-lib.git
The url is using 8 spaces while path 1 tab causing:
Exception: configparser.NoOptionError: No option 'url' in section: 'submodule "components/bt/controller/lib_esp32"'
It was fixed in:
62ca8e2fb4 (diff-fe7afb5c9c916e521401d3fcfb4277d5071798c3baf83baf11d6071742823584)
but mcuboot is using a bit older esp-idf revision in:
https://github.com/ATmobica/mcuboot/blame/main/.gitmodules
and mcuboot is then used as submodule in:
https://github.com/project-chip/connectedhomeip/blob/master/.gitmodules
so it might take a while for the fix to be propagated everywhere.
Not sure how common these issues are, but configparser parses
"url = ../../espressif/esp32-bt-lib.git" as 2nd line of "path"
value (because it's indented differently) while git submodule
and old gitsm implementation parses it as separate path and
url keys.
(Bitbake rev: d9eb2650256292a524a0c0bb1c0562d87bedcbc4)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If user namespaces are not available (typically because AppArmor is
blocking them), alert the user.
We consider network isolation sufficiently important that this is a fatal
error, and the user will need to configure AppArmor to allow bitbake to
create a user namespace.
[ YOCTO #15592 ]
(From OE-Core rev: b6af956fe6e876957a49d4abf425e8c789bf0459)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Integrating the following commit(s) to linux-yocto/.:
1/2 [
Author: Ross Burton
Email: ross.burton@arm.com
Subject: features/security: fix Meltdown/Spectre configurations
Date: Thu, 12 Sep 2024 16:42:50 +0100
These are both specific to x86 so move them into the x86 file, and were
renamed to have a MITIGATION_ prefix in 6.9.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
2/2 [
Author: Ross Burton
Email: ross.burton@arm.com
Subject: bsp/genericarm64: update for 6.10 kconfig symbol renames
Date: Thu, 12 Sep 2024 16:42:51 +0100
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
(From OE-Core rev: dcf2879bb3ac663509743c760042e93cbc5d447e)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Method is_file() was wrongly called as isfile()
(From OE-Core rev: 356c52a45db139bf1fdfcf5b6e0903ece7d1dd46)
Signed-off-by: Daniil Batalov <dbatalov@deltard.ru>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As of systemd 256, libsystemd-shared.so doesn't directly link to a number
of libraries but instead dlopen()'s them as needed to reduce the size of
the attack surface.
Instead the .so has a .note.dlopen segment that lists the libraries that
may be opened, with the intention that these are transformed into package
recommendation fields.
We don't yet have support for these (see #15595) so explicit dependencies
have been added to the systemd package itself. However, in an initramfs
with udev but without systemd and no recommendations you end up without
libkmod, so module loading is impossible.
Add an explicit hard dependency on libkmod to udev, because modules are
critical functionality.
(From OE-Core rev: 12fadefe11ed9f09171087608c3c4b83c7302b3f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The sysvinit PACKAGECONFIG knob enables various legacy/compatibility
code that may not be needed or even desired. If DISTRO_FEATURES
includes systemd (as it must for this recipe to build) but not
sysvinit, there is no point building and installing that legacy
support.
As most other changes, this can cause breakage, but given that
sysvinit not being in DISTRO_FEATURES requires explicit opt-out (due
to backfill), I think the risk is low. Moreover, it is generally
easier to add to than to remove from PACKAGECONFIG.
(From OE-Core rev: 3668235fd60a9027608f37251c4b453ed21b3687)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previously, incrementing "0.9" would result in "0.1.0", which
generally gets recognised as a lower version number. Even more
surprising, incrementing "0.99" returned "0.1.0.0".
This is due to the behaviour of the list function on a string
object; it adds each character as an element in a new list,
causing the new string '10' to become the list [ '1', '0' ].
Instead of converting a string to a list, add the string to a
new list, and concatenate it with the existing list slice. And
provide test cases for "0.9" -> "0.10" and related edge cases.
(Bitbake rev: 96ddeefa88ff4c37e9ea096726a7cdca5b5b4572)
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
.gitmodules is basically ini-style, so use configparser instead of manually
parsing by hand.
(Bitbake rev: a4f42e396e2942fde94b8b4944487c1c45f7a295)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A lot of Qualcomm-based devices incorporate WCN3990 WiFi/BT chips. The
ath10k firmware package provides two small files for such boards, the
rest of ath10k firmware isn't applicable. Split the WCN3990 firmware
package to simplify using of the WiFI in the resource-constrained
environments (e.g. from the initramfs).
(From OE-Core rev: 40d2fbece1c2f6ecf62bffa44ad37850e90268cb)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: additional firmwares
The commit [1] adds the venus.mdt symlink in WHENCE file
as a patch, we can remove the patch now as linux-firmware
20240909 already contains this fix as part of WHENCE file.
[1] 91f955b730
(From OE-Core rev: 7a29ddc98de315a9ff5d7a5f6c7c6aa0d410e2aa)
Signed-off-by: Vivek Puar <quic_vpuar@quicinc.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We had previously excluded certain test cases due to failures in earlier versions.
However, with the latest version of Rust, many of these test cases are passing.
As a result, we have removed them from the exclude list and added them back into the test suite for execution.
The rust-1.79 has been successfully tested with the current test inclusions.
(From OE-Core rev: e8dae0ee5ea958bb84af33d9b9a29ab357d96e31)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
------C65ED3E1A5DE826CA595746785F6AF6F
To: openembedded-core@lists.openembedded.org
CC: Alban Bedel <alban.bedel@aerq.com>
Subject: [PATCH] bind: Fix build with the `httpstats` package config enabled
Date: Wed, 11 Sep 2024 08:26:47 +0200
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain
MIME-Version: 1.0
When the `httpstats` package config is enabled configure fails with
the error:
> configure: error: Specifying libxml2 installation path is not
> supported, adjust PKG_CONFIG_PATH instead
Drop the explicit path from `--with-libxml2` to solve this issue.
(From OE-Core rev: 9b076fa51f5e6fd685066fb817c47239960778e6)
Signed-off-by: Alban Bedel <alban.bedel@aerq.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building the new selftest builddir, paths in environment variables
are rewritten to point to the new buildir, but users can have
environment variables that point outside of the build dir using
relative paths from builddir. We must not rewrite those.
Check this by verifying that the absolute path still contains the
builddir.
Fixes [YOCTO #15241]
(From OE-Core rev: c5e70500caffcd0518899cc6eba23a38bc3be108)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are times that a user might not have SHELL set for some reason.
We should default back to a known shell in the event that SHELL is not
set.
(From OE-Core rev: 9f3099b7eddccf2b7328c0fdd6423269d17138ce)
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta-ide-support:do_write_test_data dumps the bitbake data dictionary to
a file using export2json(). As this obviously includes the value of
MACHINE, and other MACHINE-specific variables, the recipe needs to be
marked as MACHINE-specific.
RP: Note that this patch does change the name of the environment script
since it is no longer package arch specific but machine arch specific.
[RP: Fix selftest to reference new environment file]
(From OE-Core rev: 3be2bc8a9b0c9d6a178329c8b451a6bedf255d6c)
Signed-off-by: Paul Barker <paul.barker.ct@bp.renesas.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This package is only tested upstream for aarch64 and x86-64 targets,
for example there are int/long cast issues on 32-bit platforms and ATSC
is only ported to aarch64/x86-64.
Instead of listing the machines where we know it doesn't work, limit the
recipe to machines where it is known to work.
(From OE-Core rev: 05aeab99dedd2a9ccde5bf22942fcbb2d88a311c)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The presence or lack of nroff on the host was changing the doc type. Stop
the code from looking at host paths outside HOSTTOOLS and hence cause the
doc type to be deterministic and reproducible.
(From OE-Core rev: 918e2b266eba6779f19f65349f85caa880ba45e7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
