We were not able to get a response about availability over email, and so the recipe
has to be unassigned.
(From OE-Core rev: 56f1af6d5b3019dccbc27bb0a9692a5f1a32f87b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We were not able to get a response about availability over email, and so the recipes
have to be unassigned.
(From OE-Core rev: 2d2c75530fe336eda72e8ce72f994725b3a77ea0)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We were not able to get a response about availability over email, and so the recipe
has to be unassigned.
(From OE-Core rev: 5be575577d74a3cb81594392b88df74226be9192)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We were not able to get a response about availability over email, and so the recipe
has to be unassigned.
(From OE-Core rev: 60eda3dcbf96b5982a0e282fd0c3c13b0b4d7787)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We were not able to get a response about availability over email, and so the recipe
has to be unassigned.
(From OE-Core rev: 3beb88060be9484cfe75dfa60f041b0b32214978)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
APM has been obsolete for a very long time, and debian no longer
packages it or carries the source tarball.
(From OE-Core rev: d987b79725eb0da2704091d22e3d16b8026fac7d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove the blanket ignore and handle the CVEs individually.
CVE-2019-14899 is related to network interface configuration across
multiple operating systems, so leave this as unresolved.
-3016, -3819 and -3887 are pending CPE updates, so ignore them.
The others have accurate CPE information now so are handled correctly.
(From OE-Core rev: e46bd62a278ec0bb9da995cab9350f1c363131d1)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
All of these CVEs have been fixed in the kernel point release that we
currently ship, so ignore them.
(From OE-Core rev: 86aee302673146dca10f313d0c70b69d6c4bdc7d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a recipe to build the Khronos official Vulkan validation
layers that can assist developers in verifying that their
applications correctly use the Vulkan APIs.
(From OE-Core rev: 35662be85affca2b4d19112d79dfcd9223f573b2)
Signed-off-by: Vincent Davis Jr <vince@underview.tech>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These CVEs have all been fixed <6.1.30, which is the default linux-yocto
kernel version.
(From OE-Core rev: 73f03970f0aadfb053666a1e93f6f6d5b5156ca6)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a dependency which should have been in this list but wasn't, found
when debugging create-spdx hash issues.
(From OE-Core rev: 1075b9fc5d562dada45b3187cb737511ff8c7376)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Also add SRCPV to the list of BB_HASH_CODEPARSER_VALS for code parser
cache handling. Otherwise an empty SRC_URI in the list triggers this
exception:
bb.data_smart.ExpansionError: Failure expanding variable SRCPV, expression was ${@bb.fetch2.get_srcrev(d)} which triggered exception
FetchError: Fetcher failure: SRCREV was used yet no valid SCM was found in SRC_URI
The variable dependency chain for the failure is: SRCPV -> UBOOT_LOCALVERSION -> do_compile
(From OE-Core rev: d17f9da69f430337ee1ef9c09b731c27393eba83)
Signed-off-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Just like UBOOT_LOCALVERSION, an end user can set KERNEL_LOCALVERSION
to append a string to the name of the local version of the kernel
image.
(From OE-Core rev: 229435a52f36ddec5f85fb6d5ccd42044b688397)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This was confirmed via private email.
(From OE-Core rev: c30e9f1972a3e1d4099f39fd6d0dfb37acb73ce1)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This was confirmed via private email.
(From OE-Core rev: cc8bb0da24419424989548ced27b2e76030340d9)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This was confirmed via private email.
(From OE-Core rev: 834519933fcd6e4ff54f24d0cf671ea9ce24398a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some distros e.g. gentoo have latest on gcc-13 branch and we have a
situation where libstdc++ ABI is changed between 13.1 and 13.2 so
official 13.1 release based uninative will no longer work on these
distros, therefore switch to a snapshot that includes [1] which fixes
it
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108969
Reported-by: Martin Jansa <Martin.Jansa@gmail.com>
(From OE-Core rev: d554c404166f6ba1aa247c377fa9d3316e53aa40)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is part of the same project as GitPython, but hasn't been used by
gitdb (the sole user) since 2014.
(From OE-Core rev: 22a4aba5c2799cb09e1cdff075f9fe92426ea438)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is needed as each user could be setting different nice levels
while building, however this should not make the shared cache unusable.
(From OE-Core rev: 42784f9360345da1c01d988070253e7ffd5ac4ac)
Signed-off-by: Lorenzo Arena <arena.lor@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Import from meta-openembedded at commit d250a0dc0 ("libtraceevent:
upgrade 1.7.1 -> 1.7.2").
Starting with kernel 6.4 libtraceevent is a dependency of perf. While
one can still build perf without it by opting out one would loose its
functionality compared with building perf from kernels before 6.4
(From OE-Core rev: 45dddecd1eebc76a9835844c9bd36ac865a792c9)
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
calver is "a setuptools extension for automatically defining your Python
package version as a calendar version." It is required for
python3-trove-classifiers (another new recipe), which in turn is
required for the upgrade of python3-hatchling from 1.13.0 to work.
(From OE-Core rev: 79ed4fcad6bd49c269ada3ab99ca4548aaf34e99)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python3-trove-classifiers is "Canonical source for classifiers on
PyPI.". It is required to update python3-hatchling from the current
version (1.13.0) in oe-core, and depends on python3-calver (another new
recipe). Also add ptests.
(From OE-Core rev: 1b417898c296b5732eac14465ba459411ebe4902)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Existing implementation required to list both specific problematic apis, and files that
use them: neither is necessary as both are seen in package_qa error messages, and
can cause excessive amount of exception lines, if there are too many files, or
they are installed in arch-specific locations. Also, the value of INSANE_SKIP
should be the test that needs to be skipped, and in this case it wasn't.
Also, all problematic recipes are now correctly listed.
(From OE-Core rev: e6ebd0c556dfc576a59f5755d97089a2a241f698)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In particular this enables a number of useful features in glibc
(which utilize newer kernel APIs), such as actually using 64 bit
time_t versions of kernel syscalls:
https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/kernel-features.h;h=07b440f4eea364b05fa49bf71ceebf78f80efe13;hb=HEAD#l164
In general, OLDEST_KERNEL setting is used in these two places:
- kernel.bbclass compares it with the target kernel version being built.
If a vendor BSP still offers an older kernel, OLDEST_KERNEL should be set to match.
- glibc recipe passes it as a parameter to the build so that additional features
and optimized paths that kernels older than OLDEST_KERNEL are enabled.
Note that there is a related setting, SDK_OLDEST_KERNEL, which remains as
it was (at 3.2.0) to ensure maximum compatibility with kernels on SDK host
machines; that setting is used to build nativesdk-glibc and verify the kernel
version when the SDK is being installed.
Build host kernel versions are not checked directly; compatible distros
are listed instead.
(From OE-Core rev: feb8e3fb71131a414a2a9271832b4e16860301ea)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It builds glibc source like other glibc recipes do,
and so the same problems occur.
(From OE-Core rev: 68b50d362ec61f27be818e40fcbb281d9bacf756)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Specifically:
- add missing maintainer.inc entries for initramfs-module-*, systemd-machine-units and
target-sdk-provides-dummy and drop them from exception list.
- remove rust from exception list for unbuildable-by-default recipes as it is now buildable.
- add missing maintainer.inc entry for libx11-compose-data and cve-update-nvd2-native;
as they are also unbuildable by default, they needs to be in exception list as well.
(From OE-Core rev: e9158b191c1cfc16f97abed6c05891aa84fe9463)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop backported/merged patches:
Revert-linux-user-add-more-compat-ioctl-definitions.patch
configure-Fix-check-tcg-not-executing-any-tests.patch
contrib-vhost-user-blk-Replace-lseek64-with-lseek.patch
Revert-linux-user-fix-compat-with-glibc-2.36-sys-mou.patch
Drop socket chardev patch with conflicts:
chardev-connect-socket-to-a-spawned-command.patch
This last patch was added in support of swtpm however it isn't clear if anyone
is still using that workflow. The patch uses API calls such as as qemu_fork()
which were removed in 8.0.0 and replaced with gspawn calls. If anyone needs the
patch, it will be better for them to forward port it, test it and reinstate it,
preferably with a discussion with upstream about it too.
(From OE-Core rev: fe8125565af07b73f9b29db2188ecb6e884bcc70)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Found two places missed with droping from this list a few years back.
(From OE-Core rev: 7db8c52dd31c495c35c239d317bc5a098662cc53)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a ptest for lz4.
- It is taking around 9 min to execute with kvm, so added it to PTEST_SLOW.
- It contains one case: test_frame.
- Below is the run log:
START: ptest-runner
2023-04-06T00:36
BEGIN: /usr/lib/lz4/ptest
Starting lz4frame tester (64-bits, 1.9.4)
Seed = 7314
Basic tests completed
All tests completed
PASS: lz4/test_frame
DURATION: 573
END: /usr/lib/lz4/ptest
2023-04-06T00:45
STOP: ptest-runner
TOTAL: 1 FAIL: 0
(From OE-Core rev: 2ee144a0bfb88823bfa788697bb7afc9a572c413)
Signed-off-by: Qiu Tingting <qiutt@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is little point in having "crosssdk" suffex added to the virtual provider within
binutils since the TARGET_PREFIX or SDK_PREFIX already encapsulates this. Remove it
allowing some of the special case overriding to be removed.
(From OE-Core rev: 6856fc5c848cc2564bebe03a007ef109f46d0adb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2023-1652 & CVE-2023-1829 are fixed by all version used by
linux-yocto.
Fixing commits are not referenced by NVD but are referenced by:
* https://www.linuxkernelcves.com
* Debian kernel-sec team
... this should be trust worthy enough.
(From OE-Core rev: 8f9d6c5b0238641313387c139442566752a1d25d)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In 5c6064 the qemuarm* machines gained vmalloc=256, because in testing
Bruce was seeing problems when the vmalloc area was too big for the
memory size of the machine (eg 256MB).
The intention was for the area to be very small, but 256 bytes is too
small and the kernel sets a minimal vmalloc area of 16MiB:
[ 0.000000] vmalloc area is too small, limiting to 16MiB
However, a 16MiB area is too small and results in pages of messages when
you try and use the system:
[ 242.822481] vmap allocation for size 4100096 failed: use vmalloc=<size> to increase size
There have been a number of changes since this commit, remove the
explicit vmalloc argument and use the default. I've tested that the
system still boots locally.
[1] early_vmalloc(), https://elixir.bootlin.com/linux/latest/source/arch/arm/mm/mmu.c#L1170
(From OE-Core rev: 816dd95320ba2e4a0f6b816e4f58999c0f235ae2)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add some information about some further kernel CVEs which don't apply for
either linux-yocto or don't apply for linux-yocto 6.1.
(From OE-Core rev: 85c1713bf0c01c68558bfba38edcc005c1ebb1c9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
