Some atomic ops for 32-bit ARC processors are implemented in GCC's libatomic.
For example those dealing with 64-bit data (e.g. __atomic_load_8()) as well as
some others. That said it's required to add "-latomic" for successful linkage.
Otherwise error messages like this happen on OpenSSL building for ARC:
------------------------------->8------------------------------
| ...ld: libcrypto.a(libcrypto-lib-threads_pthread.o): in function `CRYPTO_atomic_or':
| .../openssl-3.0.0/crypto/threads_pthread.c:219: undefined reference to `__atomic_is_lock_free'
| ...ld: .../openssl-3.0.0/crypto/threads_pthread.c:219: undefined reference to `__atomic_is_lock_free'
| ...ld: .../openssl-3.0.0/crypto/threads_pthread.c:220: undefined reference to `__atomic_fetch_or_8'
------------------------------->8------------------------------
Fix that by using a special target, which does exactly what's needed.
See [1] and [2] for more details on the matter.
[1] cdf2986a70
[2] https://github.com/openssl/openssl/pull/15640
(From OE-Core rev: f48227a192022c604f8c2ea4fe973c6664861101)
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch from upstream. Specifically, this fixes signature
validation in trusted-firmware-a with OpenSSL 3.
(From OE-Core rev: ac670fd4f543f439efdea26e813a4b5121161289)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In PACKAGES, ${PN} is used so it makes sense for the pkg_postinst variable
override to match that else it causes user confusion.
[YOCTO #14616]
(From OE-Core rev: ae9094d45bbfff377bd542939e12a8451a4959b6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2021-36217 is treated as a duplicate of CVE-2021-3502.
Update the local-ping.patch to mark it resolve both.
(From OE-Core rev: 4d75d6c39f1faeb38191b55f1fa9311b63fcfb29)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 5.15 kernel has removed ipx support, along with the userspace
visible header.
The build error was found for muslc, since it doesn't have a
fallback header, we disable it for both glibc/muslc.
This support wasn't used previously (as it hasn't been very well
maintained in the kernel for several years), so we can simply
disable it in our build and wait for upstream to do a release that
drops the support.
Although the tarball we use for our build (versus git), doesn't
use the autoconf disable flag to turn off the support, it is included
in this patch in case someone is building via git source base.
Upstream-Status: Inappropriate [OE-specific configuration/headers]
(From OE-Core rev: 2d61b061f52cc8dbed82e2d9547e8b52d3ec9e34)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ARMv8 doesn't imply Aarch64, so correct a check that was making that
assumption. This fixes the build on 32-bit ARMv8 targets such as
Cortex-A32.
(From OE-Core rev: 78ae8b02bfbf0d98ae481682179439845d30c797)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The -r option has been removed from rndc-confgen since bind 9.13[1].
Fix the bind startup error:
$ /etc/init.d/bind start
Starting domain name service: namedrndc-confgen: The -r option has been deprecated.
chmod: cannot access '/etc/bind/rndc.key': No such file or directory
[1]: 3a4f820d62
(From OE-Core rev: a5c5977bef44b7b014af590515ea1f93d7d51f46)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
This update was made with the script added to contrib in this patch which
aims to help others convert other layers.
(From OE-Core rev: b51c405faf6f8c0365f7533bfaf470d79152a463)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0002-src-privsep-linux.c-add-support-for-arc-28.patch
removed since it is included in 9.4.1
-License-Update: Copyright year updated to 2021.
(From OE-Core rev: 85bf75384a60e3db5458153e46dcdeb756d05b47)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These patches are already available in 3.0
(From OE-Core rev: 063d085534b7b3659c5721228bb58f4e8115b5ee)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop 0001-skip-test_symbol_presence.patch - testing revealed
no need for it, and I couldn't quite understand what it does.
Drop reproducible.patch - upstream has removed the non-reproducible
bit.
Process lines in run-ptest with sed one by one rather than with
perl after the test completes, avoiding ptest-runner timeout errors.
License-Update: openssl relicense to apache 2.0. Goodbye awkward
gpl exceptions in consumers.
DEPRECATED_CRYPTO_FLAGS is now empty by default but available
by anyone who wants to set it. Trying to come up with a working
set was not a good idea as shown in the deleted comment.
(From OE-Core rev: f028a55383588d68c052f19f16d0f3f4d0560c57)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream database uses both "connman" and "connection_manager" to report CVEs
(From OE-Core rev: eadf7bb17289731be9747822e3d4084ab69cf109)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
intltool was replaced with gettext in the 0.8 release.
(From OE-Core rev: 0438c8e73419c0a81bbb42f777eb3e36f4878e79)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Repo-wide replacement to use newer variable to represent systemd
system unitdir directory.
(From OE-Core rev: 5ace3ada5c54500c71becc8e0c6eddeb8bc053e3)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
"BSD" is ambiguous, use the precise licenses BSD-3-Clause-Attribution
and BSD-3-Clause.
(From OE-Core rev: dceba0bcdb14a117cf8a77448a3bbc8410d96a73)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The license statement already includes BSD-2-Clause and BSD-3-Clause, so
remove the redundant and ambiguous BSD license.
(From OE-Core rev: 5c0b03cda19bcebfc71e1e601a4336fcda4bfc2b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
"BSD" is ambiguous, use the precise license BSD-3-Clause.
(From OE-Core rev: 5214d23cf0d316d501a147a09edfb46df42d6cb7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
5.61 includes a fix for CVE-2021-3658 (bluez: adapter incorrectly
restores Discoverable state after powered down), as well as other
fixes.
>From the changelog:
ver 5.61:
Fix issue with A2DP while waiting for command response.
Fix issue with A2DP when SetConfiguration fails.
Fix issue with device removal handling.
Fix issue with storing discoverable setting.
Add support for Central Address Resolution characteristic.
Add support for admin policy plugin.
(From OE-Core rev: 5f87fbf13bd35169a488ca564875974681aafd4f)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
--- 9.16.19 released ---
5671. [bug] A race condition could occur where two threads were
competing for the same set of key file locks, leading to
a deadlock. This has been fixed. [GL #2786]
5670. [bug] create_keydata() created an invalid placeholder keydata
record upon a refresh failure, which prevented the
database of managed keys from subsequently being read
back. This has been fixed. [GL #2686]
5669. [func] KASP support was extended with the "check DS" feature.
Zones with "dnssec-policy" and "parental-agents"
configured now check for DS presence and can perform
automatic KSK rollovers. [GL #1126]
5668. [bug] Rescheduling a setnsec3param() task when a zone failed
to load on startup caused a hang on shutdown. This has
been fixed. [GL #2791]
5667. [bug] The configuration-checking code failed to account for
the inheritance rules of the "dnssec-policy" option.
This has been fixed. [GL #2780]
5666. [doc] The safe "edns-udp-size" value was tweaked to match the
probing value from BIND 9.16 for better compatibility.
[GL #2183]
5665. [bug] If nsupdate sends an SOA request and receives a REFUSED
response, it now fails over to the next available
server. [GL #2758]
5664. [func] For UDP messages larger than the path MTU, named now
sends an empty response with the TC (TrunCated) bit set.
In addition, setting the DF (Don't Fragment) flag on
outgoing UDP sockets was re-enabled. [GL #2790]
5662. [bug] Views with recursion disabled are now configured with a
default cache size of 2 MB unless "max-cache-size" is
explicitly set. This prevents cache RBT hash tables from
being needlessly preallocated for such views. [GL #2777]
5661. [bug] Change 5644 inadvertently introduced a deadlock: when
locking the key file mutex for each zone structure in a
different view, the "in-view" logic was not considered.
This has been fixed. [GL #2783]
5658. [bug] Increasing "max-cache-size" for a running named instance
(using "rndc reconfig") did not cause the hash tables
used by cache databases to be grown accordingly. This
has been fixed. [GL #2770]
5655. [bug] Signed, insecure delegation responses prepared by named
either lacked the necessary NSEC records or contained
duplicate NSEC records when both wildcard expansion and
CNAME chaining were required to prepare the response.
This has been fixed. [GL #2759]
5653. [bug] A bug that caused the NSEC3 salt to be changed on every
restart for zones using KASP has been fixed. [GL #2725]
(From OE-Core rev: 8afda7983aa6476eb5d44962e99992eb479eff1f)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Key generation may wait for user input, due to the existence of
temporary keys resulting from power interruption in the first boot.
This prevents users from login via ssh.
(From OE-Core rev: 3196249a6917a32491be56e70bbf26d3b9818e0e)
Signed-off-by: Asfak Rahman <asfakr@outlook.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
