When copying files as part of the unpack we currently use cp -p, which
is a shortcut for --preserve=mode,ownership,timestamps.
We do want to preserve timestamps, because some fetchers set these
explicitly.
We don't care about ownership. If the files are owned by us then they
ill remain owned by us, and if they're not then the attempt to change
ownership will be silently ignored. In a shared DL_DIR where files have
group ownership this group access isn't relevant in the single-user build
tree.
We do want to preserve executable bits in the mode, but cp always does
this. The difference between --preserve=mode and no --preserve is that
the mode isn't preserved exactly (no sticky bits, no suid, umask is
applied) but this also isn't a relevant difference in a build tree.
Also expand the arguments to be clearer about what options are being
passed.
The impetus for this is that coreutils 9.4 includes a change in gnulib[1]
and will now try to preserve permission-based xattrs if asked to preserve
the mode. This can result in cp failing when copying a file from a
NFSv4 server with ACLs stored in xattrs to a non-NFS directory where
those xattrs cannot be written:
cp: preserving permissions for ‘./jquery-3.7.1.js’: Operation not supported
The error comes from the kernel refusing to write a system.nfs4_acl
xattr to a file on ext4.
This situation doesn't appear on all systems with coreutils 9.4, at the
time of writing it fails on Ubuntu 24.04 onwards but not Fedora 40. This
is because /etc/xattr.conf is used to determine which xattrs describe
permissions, and Fedora 40 has removed the NFSv4 attributes[2].
Also, use long-form options to make the cp command clearer.
[1] https://github.com/coreutils/gnulib/commit/eb6a8a4dfb
[2] https://src.fedoraproject.org/rpms/attr/blob/rawhide/f/0003-attr-2.4.48-xattr-conf-nfs4-acls.patch
[ YOCTO #15596 ]
(cherry picked from commit 2f35dac0c821ab231459922ed98e1b2cc599ca9a)
(Bitbake rev: 9580f15aae08ae6e3693ebb898b6fd5238f5a7f8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexander Feilke <Alexander.Feilke@ew.tq-group.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Classes can be located in three different directories since Langdale
(4.1), so let's update which directories you can find in a distribution
layer.
(From yocto-docs rev: 2141bc2b04ef4210e008752a97ed82979d817dae)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit fd11d75980315d87ef375091efedad69a123f680)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The COW tests started failing on python 3.13. Looks like it is time
to fix the FIXME and drop the magic numbers!
(Bitbake rev: a0a5ce49f28d886b1dac173842642e69517b44e3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2e6608cec508b3b9bab3530f83e70665ff638182)
[YC: This fixes the bb.tests.cow.COWTestCase.testOriginalTestSuite
bitbake-selftest on the newly added fedora-41 workers]
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The cover email mangling in create-pull-request was cutting off the
actual commit hash to be pulled, making it difficult to verify that the
changes a maintainer merges exactly match those intended by the pull
request author.
The extra lines we want to include are, for example from a recent
whinlatter stable branch PR:
for you to fetch changes up to 6c4c6d39ea3202d756acc13f8ce81b114a468541:
cups: upgrade from 2.4.14 to 2.4.15 (2025-12-29 09:49:31 -0800)
(From OE-Core rev: a18ebd408eba0bffe4e6ea58a91fd41e60f24216)
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c78f5ae4a5ba3675b78cc226feb7b9fbbfd8da19)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
That might help new users send correct first stable patches.
(From OE-Core rev: 625d3c1e1d6b3aa5e6783a4a350238a718d02456)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix a problem with `devtool modify` as suggested by Marcus Flyckt on
the mailing list:
```
I encountered an issue with `do_config` when using `devtool modify`
on `u-boot-imx`.
```
[...]
| cp: cannot stat '[...]/u-boot-imx/2024.04/build/imx8mp_wl400s_defconfig/.config': No such file or directory
| WARNING: exit code 1 from a shell command.
ERROR: Task ([...]/sources/poky/../meta-freescale/recipes-bsp/u-boot/u-boot-imx_2024.04.bb:do_configure) failed with exit code '1'
NOTE: Tasks Summary: Attempted 963 tasks of which 962 didn't need to be rerun and 1 failed.
Summary: 1 task failed:
[...]/sources/poky/../meta-freescale/recipes-bsp/u-boot/u-boot-imx_2024.04.bb:do_configure
Summary: There was 1 ERROR message, returning a non-zero exit code
```
The issue seems to originate from the following lines in
`workspace/appends/u-boot-imx_2024.04.bbappend`:
```
do_configure:append() {
if [ ${@oe.types.boolean(d.getVar("KCONFIG_CONFIG_ENABLE_MENUCONFIG"))} = True ]; then
cp ${KCONFIG_CONFIG_ROOTDIR}/.config ${S}/.config.baseline
ln -sfT ${KCONFIG_CONFIG_ROOTDIR}/.config ${S}/.config.new
fi
}
```
For some reason `KCONFIG_CONFIG_ROOTDIR` does not point to the
correct directory. It gets its value in `uboot-config.bbclass`:
```
if len(ubootconfig) == 1:
d.setVar('KCONFIG_CONFIG_ROOTDIR', os.path.join(d.getVar("B"), d.getVar("UBOOT_MACHINE").strip()))
```
So the main issue is that B gets expanded in this expression, and
then later B gets changed by `externalsrc.bbclass`.
`d.getVar("B", False)` does not solve the issue, however the
proposed change does.
```
- https://lists.yoctoproject.org/g/yocto/topic/109254298#msg64152]
Fixes [YOCTO #15603]
Suggested-by: Marcus Flyckt <marcus.flyckt@gmail.com>
(From OE-Core rev: 6a19e284baaadfdf080ebc5decf065e468655732)
Signed-off-by: Tom Hochstein <tom.hochstein@oss.nxp.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 57b21065a25100c31515b32fd7c77bde3355d684)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update to the 5.0.16 release of the 5.0 series for buildtools
(From OE-Core rev: 917c382c412766b40779788ee2411ac23358f0ae)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Openssl 3.2 has reached EOL.
Some projects would like to use LTS version due to criticality and
exposure of this component, so upgrade to 3.5 branch.
Copy recipe from oe-core master fd3b1efb6f7ffb5505ff7eb95cae222e1db9f776
which is the last revision before disabling TLS 1/1.1 by default.
Single change is replacing UNPACKDIR by WORKIDR (one occurence).
(From OE-Core rev: c4fc6ee6986fbd05d72bf1e6bb1d2c4eee84e5db)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is no "tar" packaging format anymore, so delete these
references.
(From yocto-docs rev: e7cbf979deb9739ee4b968672d4b03ae65b24424)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit e2b4d75fc8d738a39c5941591523620b45bc57e3)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We have a new SVG figure for the Yocto Project workflow figure, which
was updated with d2aaf54bee49 ("overview-manual: convert
YP-flow-diagram.png to SVG"). The one in the "What I wish I’d known
about Yocto Project" is the same. Remove the PNG and make a reference to
the new one.
(From yocto-docs rev: ef4b9077c04ed825890abf79848f45d8e692bbf7)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 4023c47cb6628971b0a142067c4a910420408bb9)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some distros were removed from the autobuilder 5 months ago:
* 070e6bf (config.py: Drop ubuntu2004 workers, 2025-10-01)
* 8238327 (config.py: ubuntu24010 was replaced with ubuntu2504, 2025-10-01)
Update their status in the supported distros list.
(From yocto-docs rev: 2c9de0d74659fef6d7b0054dfd76905fba6ef81d)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An external layer might use the u-boot*.inc files but have a different
base version for which the CVE patches don't apply.
Move the CVE patches in the leaf recipe.
See related patch in kirkstone:
[kirkstone][PATCH] u-boot: move CVE patch out of u-boot-common.inc
https://lists.openembedded.org/g/openembedded-core/topic/117385432
(From OE-Core rev: f4ced8ff03147dd532a88cf3ce08d61fab057522)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Pick patch mentioned in NVD report.
It also includes CVE ID in commit message.
Use older SNDERR funtion as new one is not yet available.
This was copied from Debian patch.
(From OE-Core rev: 517bda641fcccbeae1988092196dc44ab7cc1491)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This CVE was patched via c9a15206bae7f1e85dc3b8812eabb936a7e6d383
Patch was dropped during update to 6.1.4, however NVD DB does not have
this information so it re-appeared in CVE reports.
Set its status accordingly.
(From OE-Core rev: 26e32dccade107101992dd81f387696c993d47aa)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When wic is used in standalone mode, it relies on host tools such as
debugfs. For directory host->image copies into ext* partitions, wic
uses scripted debugfs "-f" input with multiple mkdir/write commands.
Older host debugfs versions (< 1.46.5) may behave unreliably in this
mode and can silently miss files. This does not affect builds using
debugfs from OE where the version is known to be sufficiently new.
Add a debugfs version check and emit an error when an older host
debugfs is detected. The error is shown once per run and halts execution.
(From OE-Core rev: 977d68d2702f7092fa05d04f94da5fee8e0b2195)
Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cb536737bee95d5a5072b501bda9554705e8cd13)
[YC: removed patch changelog]
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This change adds the --no-gpg-sign option to prevent buildhistory
commits from failing due to GPG signing issues. Depending on the setup,
buildhistory may fail to create a commit if the user has the
commit.gpgsign option enabled.
For example, if the user creates a signing key that requires a password,
the commit won't be created and will fail with the following error:
/
|error: Enter passphrase: Load key "/home/<user>/.ssh/id_ed25519":
|incorrect passphrase supplied to decrypt private key?
|fatal: failed to write commit object
\
The bitbake command won't fail, but buildhistory won't have a commit.
Also, the commit may silently fail when building inside a container due
to missing packages or issues with accessing the GPG agent.
This is similar to [1], and signing the buildhistory commit
should be avoided to prevent such issues.
1 - https://git.openembedded.org/openembedded-core/commit/?id=7595a0a63a933af9dd9d1e458dc34a4ba80d9eae
(From OE-Core rev: 667cd853a231f1fe884ba83ada2ad6cecb1c41cd)
Signed-off-by: Fabio Berton <fabio.berton@ctw.bmwgroup.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a5e18714aee52db898aaf9d222fb5a4168bde96e)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building with the class, avoid errors like:
"sstate found an absolute path symlink /xxx/vendor pointing at
/xxx/import/vendor. Please replace this with a relative link."
Use relative symlinks instead.
(From OE-Core rev: 2ef214747b648733308958b5750c6c053ac49246)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Thomas Vandenabeele <thomas@bootzero.one>
(cherry picked from commit fc4f589cc7a8e5feba7940ccb244a74bd5f96371)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently when generating an SBOM, all packages have the 'doc' feature
indicated as disabled. This is in fact *not* a feature that was
declared in the recipe, but instead the documentation of the
PACKAGECONFIG variable.
But to be safe, if somehow a feature is named 'doc' and enabled, do
not exclude it when exporting PACKAGECONFIG features to SPDX.
(From OE-Core rev: 87de87206b71bb165b946d5f4f6e9e5395292179)
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 933394adcb0d2db66ef7e0656a464241e58ec2e7)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
touch-calibrator of weston 13.0.1 does not work, backport the fix from
upstream:
a5c5702112
this issue only impact weston 13.0.1, has been fixed in 14.0.1.
(From OE-Core rev: 06dcf8f45bb01fe52e16b23668c4a30d9b2d092f)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
