https://nvd.nist.gov/general/news/cvss-v4-0-official-support
CVSS v4.0 was released in November 2023
NVD announced support for it in June 2024
Current stats are:
* cvss v4 provided, but also v3, so cve-check showed a value
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 != 0.0;
2069
* only cvss v4 provided, so cve-check did not show any
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 = 0.0;
260
(From OE-Core rev: 358dbfcd80ae1fa414d294c865dd293670c287f0)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: A typo "httpss->https" fixed in Copyright.
Drop deprecated patches.
Inherit autotools-brokensep instead of autotools, there are some
generated headers in ${B} that referring to ${S}.
(From OE-Core rev: 061c99fb84b25cca8783efa66851b52c74126063)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In embedded box, sed might be provided another providers like Busybox,
hence use generic options whenever possible.
/bin/sed -> /etc/alternatives/sed
/etc/alternatives/sed -> /bin/busybox.nosuid
Here used 'sed -u' option is not necessary, hence removed it.
Fixes below error:
sed: invalid option -- 'u'
Also added 'set -eux' option which halts execution of the script
on any failures.
(From OE-Core rev: 07caee1829d2a61bc018fe0e37ecd482922179ee)
Signed-off-by: Aditya Tayade <Aditya.Tayade@kpit.com>
Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With rdp enabled, nothing from freerdp is installed in the rootfs, and
rdp is not usable. It seems there is no actual build time dependency
other than the meson check itself, so add an explicit runtime
dependency.
(From OE-Core rev: 23271a1f908a223b4eb56d6034cbb1ac23da14fe)
Signed-off-by: Tom Hochstein <tom.hochstein@oss.nxp.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Build configuration is applied to bitbake build command
but removed before calling runqemu. Thus disabling KVM
support on aarc64 host was not effective. Note that this
pattern is used in a lot of tests. KVM gets enabled
via CI scripts.
(From OE-Core rev: 7a9fbf509fec2e149fd5702552bc4d819969ab1f)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
test_rawcopy_plugin fails if machine does not build
ext4 images by default. Make the ext4 image build
explicit in the test. Fixes test on genericarm64 machine
which defaults to wic image only.
(From OE-Core rev: 0344b9e7949ef854b09deb0874a45cde2861f55b)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use label to detect rootfs since UKI with kernel command
line is generated before rootfs is generated by wic.
Adapt wic tests to build and boot uki.bbclass generated
UKIs.
Keeping one UKI test in wic.py and rest of the UKI features
are tested with dedicated uki.py test. Add plain non-UKI
systemd-boot tests to wic suite for aarch64 and x86.
(From OE-Core rev: 3f94256b977637d4276f82db7c20b8b5e57b9d86)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
To support "slirp" networking on shared build machines instead
of tun/tap devices. Users can set
TEST_RUNQEMUPARAMS = "slirp"
in their build/conf/local.conf to run selftests using "slirp"
networking. The same works for testimage.bbclass and oeqa runtime
tests.
(From OE-Core rev: 4974ec71367492ce314da63c359ccf99acfca882)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The test is actually using grub-efi not systemd-boot so
remove it completely. systemd-boot will be tested via uki.py
tests.
(From OE-Core rev: 542ea853bb194629d23e1db9c05e25181bfce145)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
TEST_RUNQEMUPARAMS variable is used to add runqemu parameters like
"slirp" networking. Support this also in selftests so that "slirp"
networking can be used instead of the tun/tap devices setup which
is easier to work with on shared build machines.
(From OE-Core rev: 74e44e63378e1c08bb547a0a04428d88753b5040)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tests builds and boots qemu into uki binary with systemd and sysvinit.
Due to depedency to x86 specific ovmf UEFI firmware, tests
are specific to x86 curently. UEFI firmware for ARM can be generated
via qemuarm64-secureboot machine in meta-arm and similar tests
on qemu will pass.
(From OE-Core rev: 8a3cb17876dbcaf07696a4bcd454e2f9a444fb1b)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove custom wic plugin implementation and use systemd ukify reference
implementation when generating UKI images. Fail if users still have
create-unified-kernel-image in wic image config. uki.bbclass use is
detected from IMAGE_CLASSES variable ("inherit uki" in image
recipe) so export that to wic plugins.
If UKI is used, then only generate a minimal loader config for
systemd-boot which basically just sets a timeout. Also set 5 second
timeout by default instead of failing if wic bootloader config is
missing. Boot menu is generated at runtime based on UKI binaries
found from ESP partition.
(From OE-Core rev: 725fed6ea40c7443b5e0e69dc1dd9c38ac814c56)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This class calls systemd ukify tool, which will combine
kernel/initrd/stub components to build the UKI. To sign the UKI
(i.e. SecureBoot), the keys/cert files can be specified
in a configuration file or UEFI binary signing can be done
via separate steps, see qemuarm64-secureboot in meta-arm.
UKIs are loaded by UEFI firmware on target which can improve
security by loading only correctly signed kernel, initrd and kernel
command line.
Using systemd-measure to pre-calculate TPM PCR values and sign them is
not supported since that requires a TPM device on the build host. Thus
"ConditionSecurity=measured-uki" default from systemd 256 does not work
but "ConditionSecurity=tpm2" in combination with secure boot will.
These can be used to boot securely into systemd-boot, kernel, kernel
command line and initrd which then securely mounts a read-only dm-verity
/usr partition and creates a TPM encrypted read-write / rootfs.
Tested via qemuarm64-secureboot in meta-arm with
https://lists.yoctoproject.org/g/meta-arm/topic/patch_v3_02_13/108031399
and a few more changes needed, will be posted separately.
(From OE-Core rev: da69a73491a72b46e299f874ce90d81135cd9656)
Signed-off-by: Michelle Lin <michelle.linto91@gmail.com>
Acked-by: Erik Schilling <erik.schilling@linaro.org>
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-update: copyright years
Update 0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch
to only include tests that do not fail under qemu (following upstream
change that also no longer obscures failures).
Drop
0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
(backport)
0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
(fixed upstream)
0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch
(code completely rewritten upstream)
cgi_py.patch
(cgi and cgitb modules removed upstream)
Add fix-armv5.patch
(address armv5 crashes)
Modules removed in 3.13 (look for 'important removals'):
https://docs.python.org/3/whatsnew/3.13.html
Manifest updated accordingly.
Add an explicit dependency on libatomic (needed on mips
and ppc), as upstream has explicitly switched it off
in cross builds. It's a no-op on other targets.
Fcntl relocated to python3-core by the manifest script.
(From OE-Core rev: 0b49c9aa31279ecda565cc66b63d1d61723b37b8)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is helpful to see all the issues in the source mirror test so
use the continue option.
(From OE-Core rev: f52e7ddc6ca5ce03cbcdf3cc15fc04f3ff31cd5c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- update to next stable version 1.37.0
- refresh defconfig
- disable new applets (ip_link_can)
- enable new applets (time64, find_exec_ok, getfattr, udhcpd_bootp)
- disable sha acceleration by default
- enable it just for x86-64, other possible option (x86) is broken
- submitted to mailing list
- fix problem with syslogd when nothing was logged
- fix problem with start-stop-daemon tests
- remove and refresh already merged patches
(From OE-Core rev: 21753f16a364e32050cf8d79bfa7e0f89be52ce7)
Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove unused imports, or disabling code which has been commented out.
(From OE-Core rev: e0ff4813b1cf4df0d851c857d57fb88d7db51bdd)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As per "The rustc book"[1], mips*-unknown-linux-* are "tier 3" targets:
Tier 3 targets are those which the Rust codebase has support for, but
which the Rust project does not build or test automatically, so they
may or may not work.
We already skip qemumips in this selftest, but we're now also seeing
failures with qemumips64 so refactor the test to skip all machines where
the architecture is mips or mips64.
[1] https://doc.rust-lang.org/nightly/rustc/platform-support.html
(From OE-Core rev: 177e268811c04260923ac4b16fa047315304add0)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog (https://github.com/libgit2/libgit2/releases/tag/v1.8.2):
- This release reverts a const-correctness change introduced in
v1.8.0 for the git_commit_create functions. We now retain the
const-behavior for the commits arguments from prior to v1.8.0.
This change was meant to resolve compatibility issues with bindings
and downstream users.
What's Changed
New features
- Introduce a stricter debugging allocator for testing by ethomson in #6811
Bug fixes
- Fix constness issue introduced in #6716 by ethomson in #6829
Build and CI improvements
- README: add experimental builds to ci table by ethomson in #6816
(From OE-Core rev: 258e6c2f12e072e94c4e546baa4b7a0ebfb37427)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update PYPI_PACKAGE to lowercase since that's what the upstream tarball
now uses.
ptest results:
|============================================================================
|Testsuite summary
|# TOTAL: 500
|# PASS: 447
|# SKIP: 53
|# XFAIL: 0
|# FAIL: 0
|# XPASS: 0
|# ERROR: 0
|DURATION: 2
|END: /usr/lib/python3-mako/ptest
|2024-10-22T17:30
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
Changelog (https://docs.makotemplates.org/en/latest/changelog.html):
- Fixed long standing bug where the sequence <& would be
misinterpreted by the lexer. It’s not clear why the ampersand
character was part of the characters being consumed here and it may
have been an inadvertent bit of code from one of Mako’s predecessor
languages.
References: #412
(From OE-Core rev: 3871ceb5927d4540e0a109d47d5a08a12a0d48a5)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog (https://hypothesis.readthedocs.io/en/latest/changes.html):
6.115.3 - 2024-10-16
- This patch fixes a regression from version 6.115.2 where generating
values from integers() with certain values for min_value and max_value
would error.
6.115.2 - 2024-10-14
- This release improves integer shrinking by folding the endpoint
upweighting for integers() into the weights parameter of our IR (issue
#3921). If you maintain an alternative backend as part of our (for now
explicitly unstable) Alternative backends for Hypothesis, this release
changes the type of the weights parameter to draw_integer and may be a
breaking change for you.
6.115.1 - 2024-10-14
- This patch improves the performance of from_type() with
pydantic.types.condate (issue #4000).
6.115.0 - 2024-10-12
- This improves the formatting of dataclasses and attrs classes when
printing falsifying examples.
6.114.1 - 2024-10-10
- This patch upgrades remaining type annotations to Python 3.9 syntax.
6.114.0 - 2024-10-09
- This release drops support for Python 3.8, which reached end of life
on 2024-10-07.
6.113.0 - 2024-10-09
- This release adds hypothesis.errors.BackendCannotProceed, an unstable
API for use by Alternative backends for Hypothesis.
6.112.5 - 2024-10-08
- This release fixes a regression where hypothesis.stateful.Bundle did
not work properly with flatmap functionality (issue #4128).
(From OE-Core rev: 0ab451304025f7fdad06345c73233daa47e4f8b9)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes the following runtime issue:
|root@qemux86-64:~# python3
|Python 3.12.6 (main, Sep 6 2024, 19:03:47) [GCC 14.2.0] on linux
|Type "help", "copyright", "credits" or "license" for more information.
|>>> import hypothesis
|Traceback (most recent call last):
| File "<stdin>", line 1, in <module>
| File "/usr/lib/python3.12/site-packages/hypothesis/__init__.py", line 29, in <module>
| from hypothesis.core import example, find, given, reproduce_failure, seed
| File "/usr/lib/python3.12/site-packages/hypothesis/core.py", line 44, in <module>
| from hypothesis import strategies as st
| File "/usr/lib/python3.12/site-packages/hypothesis/strategies/__init__.py", line 48, in <module>
| from hypothesis.strategies._internal.datetime import (
| File "/usr/lib/python3.12/site-packages/hypothesis/strategies/_internal/datetime.py", line 13, in <module>
| import zoneinfo
|ModuleNotFoundError: No module named 'zoneinfo'
(From OE-Core rev: 2a535f7ca6329fee98491251c282741d9d21febc)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog (https://github.com/pypa/trove-classifiers/releases):
2024.10.21.16
- chore: update calver to include hour (#191)
2024.10.14
- Add Django trove classifiers for 5 and upcoming 5.2 release. (#193).
We missed adding the generic `Framework :: Django :: 5`, and I'll add
5.2 since it will be released in a few months.
2024.10.13
- chore: update github actions (#192)
- chore: update release github actions
2024.10.12
- Update CMU to include SPDX in parentheses (#190)
2024.10.11
- Add classifier for MIT-CMU licence (#189)
(From OE-Core rev: 34d00a03c37c1691285b8e618eef833a5ed9ffe5)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently, if you "bitbake XXX" and XXX depends on something else,
the do_package_qa teask for that something may not run. Users would
generally expect it to have though.
Add in the missing dependency to ensure that do_build does trigger
the right package_qa tasks.
(From OE-Core rev: e0beb64c6d3cf1d649f79a8704fb25cdf83b4a8b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
pseudo has to wrap all glibc calls including the 32 bit ones so
this warning is a false positive.
(From OE-Core rev: 13f8b50f055be219aed50c62c5f7552c4c2f18f2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This test makes patchtest check to ensure that there aren't any
GitHub-style user account names being tagged in the commit message, e.g.
it should catch lines like:
"fix added by @threexc"
This is desired so that if (for example) we add upstream changelogs in
recipe upgrade commit messages verbatim, we don't end up subscribing any
associated maintainers to our repo mirrors' updates by accident.
There is a small possibility of a false positive with this test, where
if someone is mentioning Python decorators in their commit message (or
similar syntax from other languages), it will fail when it should pass.
However, having this test in place to guard against username inclusion
is more important that the occasional false positive for that reason.
With this addition, a failure will look like:
|FAIL: test commit message user tags: Mbox includes one or more GitHub-style username tags. Ensure that any "@" symbols are stripped out of usernames (test_mbox.TestMbox.test_commit_message_user_tags)
(From OE-Core rev: 8278d82d8203212bb159eb3805d4a5617c5370df)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Udev script network.sh is called when a new ethernet interface is plugged (eg. USB).
Due to some (old) missing files, this script does nothing, instead of configuring the
interfaces with ifup.
I just commented the corresponding lines to allow the script to reach the part where
it calls ifup.
(From OE-Core rev: 160f7139172ffdf510a0d7d4e85f7fbaac7fd000)
Signed-off-by: Regis Dargent <regis.dargent@gmail.com>
Fixes [YOCTO 15616]
network.sh relies on (long) missing files (eg. /etc/network/options,
/etc/init.d/network) to decide if it should configure the new network
interface (ifup) or put its name in /etc/udev_network_queue for future
initialization by /etc/init.d/network service.
The actual result was that the new hotplugged interface was never
automatically configured.
Removing the obsolete tests allows the script to do its intended job.
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The new 20241017 version contains some breaking changes
regarding firmware file deduplication.
Disable running check_whence.py in copy-firmware.sh to avoid
build issues. Instead, assume that WHENCE as accepted into
release tarballs is correct.
The kernel, dracut and systemd all support compressed firmware
files. Allow compressing them either as xz or zst which allows
significant disk space savings.
Ship non-compressed firmware as default.
(From OE-Core rev: c0fedbc7fc886a74c8d7c77e083e4c2d8215f7f1)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The '-fdebug-prefix-map' options are used to map source files locations,
otherwise, DW_AT_comp_dir will contain buildpath.
The '-gno-record-gcc-switches' option is used to fix the buildpath introduced
by '-fintrinsic-modules-path' option, which is automatically added by fortran.
Here's some output from 'readelf --debug-dump libgfortran.so.5.0.0' when this
option is not added:
"""
<0><1a37d3>: Abbrev Number: 4 (DW_TAG_compile_unit)
<1a37d4> DW_AT_producer : (indirect string, offset: 0xd653): GNU Fortran2008 14.2.0 -m64
-march=core2 -mtune=core2 -msse3
-mfpmath=sse -mshstk -g -O2 -O2 -fstack-protector-strong -fimplicit-none
-fno-repack-arrays -fno-underscoring -fcf-protection=full
-fallow-leading-underscore -fbuilding-libgfortran -fPIC
-fintrinsic-modules-path /ala-lpggp72/qichen/Yocto/builds/build-poky/tmp/work/
core2-64-poky-linux/libgfortran/14.2.0/recipe-sysroot-native/usr/bin/x86_64-poky-linux
/../../lib/x86_64-poky-linux/gcc/x86_64-poky-linux/14.2.0/finclude
-fpre-include=../../../../recipe-sysroot/usr/include/finclude/math-vector-fortran.h
"""
See https://gcc.gnu.org/pipermail/fortran/2024-October/061204.html for more
detailed information.
(From OE-Core rev: 1eb084956bcba83782bc2b24cf8cc89459a57e34)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The data layout for x86-64 target was different in rust from llvm.
It resulted in the following data layout error:
--------------------------------------------------------------------------------------
error: data-layout for target `x86_64-linux`, `e-m:e-i64:64-f80:128-n8:16:32:64-S128`,
differs from LLVM target's `x86_64-unknown-linux-gnu` default layout,
`e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-i128:128-f80:128-n8:16:32:64-S128`
--------------------------------------------------------------------------------------
The issue was reported in meta-rust layer as:
https://github.com/meta-rust/meta-rust/pull/442
Hence, the data layout for x86-64 is modified as per the llvm sources which fixes the issue.
After running the testsuite with the modified data layout; it was observed that the
"tests/codegen/i128-x86-align.rs" passed. The modified data layout fixed the scalar pair which
resolved the testcase failure. Hence, the testcase has been removed from the exclude list.
(From OE-Core rev: 96f11d299b32a32086eb3d890c88eb7ce42057b0)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- License-Update: One of COPYRIGHT holders name changed [1]
- Brings these changes
* 047a1639 sys/stat.h: fix typo in statx member name stx_dio_offset_align
* 5be920e9 s390x: don't allow br r0 in CRTJMP asm
* 2fc56aaa update contributor name in authorship notices
* 43664364 fix compile regression in exit on archs without SYS_pause
* 6d8000d3 abstract missing SYS_pause syscall with macros
* 23ab04a8 statx: add new struct statx fields and corresponding mask macros
* 4ca8c267 statx: fix uninitialized attributes/mask in fallback path
* 251cbb63 statx: fix ENOSYS emulation not setting stx_rdev_*
* 8c43c562 sysconf: fix _SC_MINSIGSTKSZ computation to match kernel interpretation
* 300a1f53 sigaltstack: enforce dynamic MINSIGSTKSZ limit
* 572a2e2e printf: drastically reduce stack usage without [long] double args
* c94a0c16 isatty: don't collapse all non-EBADF errors to ENOTTY
* ee18e584 printf core: replace if(0) blocks around switch cases with explicit gotos
* 06a96470 iconv: add cp858
* e1b57ede catan: remove no-op reduction mod pi and unused code
* ca4e632d remove incorrect comment regarding powl exceptional cases
* c851b268 strerror: add error strings for EUCLEAN and ENAVAIL
* 9c78557a use hidden visibility for C entry point function _start_c
* 882aedf6 fix lost or delayed wakes in sem_post under certain race conditions
* b09e3174 m68k: fix POLLWRNORM and POLLWRBAND
* 2de6b426 fix missing make dependency for Scrt1.o due to typo
* cde213f9 timer_create: replace pthread barrier with semaphores for thread start
* 9ee6f104 atexit: fail rather than deadlocking after last handler is called
* 8cca79a7 exit: add back lock to make concurrent calls to exit safe
* ef7d0ae2 move __utc string object to its own translation unit
[1] https://git.musl-libc.org/cgit/musl/commit/?id=2fc56aaa9f660ebd735d1595c3501b792af42eb8
(From OE-Core rev: 13381184a262f6cc69240a34985646fd0ad44655)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently, CVE_PRODUCT only detects vulnerabilities where the product is "ffmpeg".
However, there are also vulnerabilities where the product is "libswresample",
and "libavcodec" as shown below.
https://app.opencve.io/vendors/?vendor=ffmpeg
Therefore, add "libswresample libavcodec" to CVE_PRODUCT to detect vulnerabilities
where the product is "libswresample libavcodec" as well.
(From OE-Core rev: 9684eba5c543de229108008e29afd1dd021a9799)
Signed-off-by: aszh07 <mail2szahir@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cortexa32 is a 32-bit armv8a architecture processor, so set the tune feature
as armv8a instead of aarch64 which is 64-bit armv8a architecture.
It solves the following build error while compiling libgcc-initial
and libssp-nonshared.
-- snip --
aarch64-poky-linux-musl-gcc: error: unrecognized command-line option '-mfpu=neon'
aarch64-poky-linux-musl-gcc: error: unrecognized command-line option '-mfloat-abi=hard'
-- snip --
(From OE-Core rev: 3b898270aca62559dfa42ed71d296fe8a8b46a41)
Signed-off-by: Jagadeesh Krishnanjanappa <workjagadeesh@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade to U-Boot 2024.10.
Add the gnutls-native dependency because now U-Boot needs it installed
on the host machine to handle the CONFIG_TOOLS_MKEFICAPSULE option.
(From OE-Core rev: e3ece22060725c9eebc0feed9b2be2d00ce4bf8e)
Signed-off-by: Fabio Estevam <festevam@denx.de>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
