bitbake: bitbake: Bump verison 1.43.1 -> 1.43.2

This allows metadata to depend on SignatureGeneratorUniHashMixIn which was recently added.

(Bitbake rev: f0f814407fdd2fffa7071c36c011b489bfcd53da)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

bitbake/bin/bitbake

@@ -26,7 +26,7 @@ from bb.main import bitbake_main, BitBakeConfigParameters, BBMainException
 if sys.getfilesystemencoding() != "utf-8":
     sys.exit("Please use a locale setting which supports UTF-8 (such as LANG=en_US.UTF-8).\nPython can't change the filesystem locale after loading so we need a UTF-8 when Python starts or things won't work.")
 
-__version__ = "1.43.1"
+__version__ = "1.43.2"
 
 if __name__ == "__main__":
     if __version__ != bb.__version__:

bitbake/lib/bb/__init__.py

@@ -9,7 +9,7 @@
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
-__version__ = "1.43.1"
+__version__ = "1.43.2"
 
 import sys
 if sys.version_info < (3, 4, 0):

bitbake/lib/bb/cooker.py

@@ -399,7 +399,6 @@ class BBCooker:
                 self.hashservaddr = "unix://%s/hashserve.sock" % self.data.getVar("TOPDIR")
                 self.hashserv = hashserv.create_server(self.hashservaddr, dbfile, sync=False)
                 self.hashserv.process = multiprocessing.Process(target=self.hashserv.serve_forever)
-                self.hashserv.process.daemon = True
                 self.hashserv.process.start()
             self.data.setVar("BB_HASHSERVE", self.hashservaddr)
             self.databuilder.origdata.setVar("BB_HASHSERVE", self.hashservaddr)

bitbake/lib/bb/cookerdata.py

@@ -13,6 +13,7 @@ import logging
 import os
 import re
 import sys
+import hashlib
 from functools import wraps
 import bb
 from bb import data
@@ -267,6 +268,7 @@ class CookerDataBuilder(object):
         self.mcdata = {}
 
     def parseBaseConfiguration(self):
+        data_hash = hashlib.sha256()
         try:
             self.data = self.parseConfigurationFiles(self.prefiles, self.postfiles)
 
@@ -290,7 +292,7 @@ class CookerDataBuilder(object):
                 bb.event.fire(bb.event.ConfigParsed(), self.data)
 
             bb.parse.init_parser(self.data)
-            self.data_hash = self.data.get_hash()
+            data_hash.update(self.data.get_hash().encode('utf-8'))
             self.mcdata[''] = self.data
 
             multiconfig = (self.data.getVar("BBMULTICONFIG") or "").split()
@@ -298,9 +300,11 @@ class CookerDataBuilder(object):
                 mcdata = self.parseConfigurationFiles(self.prefiles, self.postfiles, config)
                 bb.event.fire(bb.event.ConfigParsed(), mcdata)
                 self.mcdata[config] = mcdata
+                data_hash.update(mcdata.get_hash().encode('utf-8'))
             if multiconfig:
                 bb.event.fire(bb.event.MultiConfigParsed(self.mcdata), self.data)
 
+            self.data_hash = data_hash.hexdigest()
         except (SyntaxError, bb.BBHandledException):
             raise bb.BBHandledException
         except bb.data_smart.ExpansionError as e:

bitbake/lib/bb/fetch2/git.py

@@ -495,14 +495,8 @@ class Git(FetchMethod):
         runfetchcmd("%s remote set-url origin %s" % (ud.basecmd, repourl), d, workdir=destdir)
 
         if self._contains_lfs(ud, d, destdir):
-            if need_lfs:
-                path = d.getVar('PATH')
-                if path:
-                    gitlfstool = bb.utils.which(path, "git-lfs", executable=True)
-                    if not gitlfstool:
-                        raise bb.fetch2.FetchError("Repository %s has LFS content, install git-lfs on host to download (or set lfs=0 to ignore it)" % (repourl))
-                else:
-                    bb.note("Could not find 'PATH'")
+            if need_lfs and not self._find_git_lfs(d):
+                raise bb.fetch2.FetchError("Repository %s has LFS content, install git-lfs on host to download (or set lfs=0 to ignore it)" % (repourl))
             else:
                 bb.note("Repository %s has LFS content but it is not being fetched" % (repourl))
 
@@ -570,6 +564,13 @@ class Git(FetchMethod):
             pass
         return False
 
+    def _find_git_lfs(self, d):
+        """
+        Return True if git-lfs can be found, False otherwise.
+        """
+        import shutil
+        return shutil.which("git-lfs", path=d.getVar('PATH')) is not None
+
     def _get_repo_url(self, ud):
         """
         Return the repository URL

bitbake/lib/bb/runqueue.py

@@ -73,7 +73,7 @@ def build_tid(mc, fn, taskname):
 def pending_hash_index(tid, rqdata):
     (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
     pn = rqdata.dataCaches[mc].pkg_fn[taskfn]
-    h = rqdata.runtaskentries[tid].hash
+    h = rqdata.runtaskentries[tid].unihash
     return pn + ":" + "taskname" + h
 
 class RunQueueStats:
@@ -207,6 +207,8 @@ class RunQueueScheduler(object):
 
     def newbuildable(self, task):
         self.buildable.add(task)
+        # Once tasks are running we don't need to worry about them again
+        self.buildable.difference_update(self.rq.runq_running)
 
     def removebuildable(self, task):
         self.buildable.remove(task)
@@ -1162,6 +1164,8 @@ class RunQueueData:
 
         self.init_progress_reporter.next_stage()
 
+        bb.parse.siggen.set_setscene_tasks(self.runq_setscene_tids)
+
         # Iterate over the task list and call into the siggen code
         dealtwith = set()
         todeal = set(self.runtaskentries)
@@ -1173,7 +1177,6 @@ class RunQueueData:
                     self.prepare_task_hash(tid)
 
         bb.parse.siggen.writeout_file_checksum_cache()
-        bb.parse.siggen.set_setscene_tasks(self.runq_setscene_tids)
 
         #self.dump_data()
         return len(self.runtaskentries)
@@ -1442,6 +1445,7 @@ class RunQueue:
                 self.state = runQueueComplete
             else:
                 self.state = runQueueSceneInit
+                bb.parse.siggen.save_unitaskhashes()
 
         if self.state is runQueueSceneInit:
             self.rqdata.init_progress_reporter.next_stage()
@@ -2299,11 +2303,12 @@ class RunQueueExecute:
         for tid in changed:
             if tid not in self.rqdata.runq_setscene_tids:
                 continue
-            valid = self.rq.validate_hashes(set([tid]), self.cooker.data, None, False)
-            if not valid:
-                continue
             if tid in self.runq_running:
                 continue
+            if tid in self.scenequeue_covered:
+                # Potentially risky, should we report this hash as a match?
+                logger.info("Already covered setscene for %s so ignoring rehash" % (tid))
+                continue
             if tid not in self.pending_migrations:
                 self.pending_migrations.add(tid)
 
@@ -2358,6 +2363,7 @@ class RunQueueExecute:
 
             logger.info("Setscene task %s now valid and being rerun" % tid)
             self.sqdone = False
+            update_scenequeue_data([tid], self.sqdata, self.rqdata, self.rq, self.cooker, self.stampcache, self)
 
         if changed:
             self.holdoff_need_update = True
@@ -2674,64 +2680,77 @@ def build_scenequeue_data(sqdata, rqdata, rq, cooker, stampcache, sqrq):
 
     rqdata.init_progress_reporter.next_stage()
 
-    multiconfigs = set()
+    sqdata.multiconfigs = set()
     for tid in sqdata.sq_revdeps:
-        multiconfigs.add(mc_from_tid(tid))
+        sqdata.multiconfigs.add(mc_from_tid(tid))
         if len(sqdata.sq_revdeps[tid]) == 0:
             sqrq.sq_buildable.add(tid)
 
     rqdata.init_progress_reporter.finish()
 
-    if rq.hashvalidate:
-        noexec = []
-        stamppresent = []
-        tocheck = set()
+    sqdata.noexec = set()
+    sqdata.stamppresent = set()
+    sqdata.valid = set()
 
+    update_scenequeue_data(sqdata.sq_revdeps, sqdata, rqdata, rq, cooker, stampcache, sqrq)
+
+def update_scenequeue_data(tids, sqdata, rqdata, rq, cooker, stampcache, sqrq):
+
+    tocheck = set()
+
+    for tid in sorted(tids):
+        if tid in sqdata.stamppresent:
+            sqdata.stamppresent.remove(tid)
+        if tid in sqdata.valid:
+            sqdata.valid.remove(tid)
+
+        (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
+
+        taskdep = rqdata.dataCaches[mc].task_deps[taskfn]
+
+        if 'noexec' in taskdep and taskname in taskdep['noexec']:
+            sqdata.noexec.add(tid)
+            sqrq.sq_task_skip(tid)
+            bb.build.make_stamp(taskname + "_setscene", rqdata.dataCaches[mc], taskfn)
+            continue
+
+        if rq.check_stamp_task(tid, taskname + "_setscene", cache=stampcache):
+            logger.debug(2, 'Setscene stamp current for task %s', tid)
+            sqdata.stamppresent.add(tid)
+            sqrq.sq_task_skip(tid)
+            continue
+
+        if rq.check_stamp_task(tid, taskname, recurse = True, cache=stampcache):
+            logger.debug(2, 'Normal stamp current for task %s', tid)
+            sqdata.stamppresent.add(tid)
+            sqrq.sq_task_skip(tid)
+            continue
+
+        tocheck.add(tid)
+
+    sqdata.valid |= rq.validate_hashes(tocheck, cooker.data, len(sqdata.stamppresent), False)
+
+    sqdata.hashes = {}
+    for mc in sorted(sqdata.multiconfigs):
         for tid in sorted(sqdata.sq_revdeps):
-            (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
-
-            taskdep = rqdata.dataCaches[mc].task_deps[taskfn]
-
-            if 'noexec' in taskdep and taskname in taskdep['noexec']:
-                noexec.append(tid)
-                sqrq.sq_task_skip(tid)
-                bb.build.make_stamp(taskname + "_setscene", rqdata.dataCaches[mc], taskfn)
-                continue
-
-            if rq.check_stamp_task(tid, taskname + "_setscene", cache=stampcache):
-                logger.debug(2, 'Setscene stamp current for task %s', tid)
-                stamppresent.append(tid)
-                sqrq.sq_task_skip(tid)
-                continue
-
-            if rq.check_stamp_task(tid, taskname, recurse = True, cache=stampcache):
-                logger.debug(2, 'Normal stamp current for task %s', tid)
-                stamppresent.append(tid)
-                sqrq.sq_task_skip(tid)
-                continue
-
-            tocheck.add(tid)
-
-        valid = rq.validate_hashes(tocheck, cooker.data, len(stamppresent), False)
-
-        valid_new = stamppresent
-        for v in valid:
-            valid_new.append(v)
-
-        hashes = {}
-        for mc in sorted(multiconfigs):
-          for tid in sorted(sqdata.sq_revdeps):
             if mc_from_tid(tid) != mc:
                 continue
-            if tid not in valid_new and tid not in noexec and tid not in sqrq.scenequeue_notcovered:
-                sqdata.outrightfail.add(tid)
+            if tid in sqdata.stamppresent:
+                continue
+            if tid in sqdata.valid:
+                continue
+            if tid in sqdata.noexec:
+                continue
+            if tid in sqrq.scenequeue_notcovered:
+                continue
+            sqdata.outrightfail.add(tid)
 
-                h = pending_hash_index(tid, rqdata)
-                if h not in hashes:
-                    hashes[h] = tid
-                else:
-                    sqrq.sq_deferred[tid] = hashes[h]
-                    bb.warn("Deferring %s after %s" % (tid, hashes[h]))
+            h = pending_hash_index(tid, rqdata)
+            if h not in sqdata.hashes:
+                sqdata.hashes[h] = tid
+            else:
+                sqrq.sq_deferred[tid] = sqdata.hashes[h]
+                bb.warn("Deferring %s after %s" % (tid, sqdata.hashes[h]))
 
 
 class TaskFailure(Exception):

bitbake/lib/bb/siggen.py

@@ -44,6 +44,7 @@ class SignatureGenerator(object):
         self.file_checksum_values = {}
         self.taints = {}
         self.unitaskhashes = {}
+        self.setscenetasks = {}
 
     def finalise(self, fn, d, varient):
         return
@@ -75,10 +76,10 @@ class SignatureGenerator(object):
         return
 
     def get_taskdata(self):
-        return (self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints, self.basehash, self.unitaskhashes)
+        return (self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints, self.basehash, self.unitaskhashes, self.setscenetasks)
 
     def set_taskdata(self, data):
-        self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints, self.basehash, self.unitaskhashes = data
+        self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints, self.basehash, self.unitaskhashes, self.setscenetasks = data
 
     def reset(self, data):
         self.__init__(data)
@@ -267,7 +268,7 @@ class SignatureGeneratorBasic(SignatureGenerator):
             sigfile = stampbase
             referencestamp = runtime[11:]
         elif runtime and tid in self.taskhash:
-            sigfile = stampbase + "." + task + ".sigdata" + "." + self.taskhash[tid]
+            sigfile = stampbase + "." + task + ".sigdata" + "." + self.get_unihash(tid)
         else:
             sigfile = stampbase + "." + task + ".sigbasedata" + "." + self.basehash[tid]
 
@@ -295,6 +296,7 @@ class SignatureGeneratorBasic(SignatureGenerator):
             for dep in data['runtaskdeps']:
                 data['runtaskhashes'][dep] = self.get_unihash(dep)
             data['taskhash'] = self.taskhash[tid]
+            data['unihash'] = self.get_unihash(tid)
 
         taint = self.read_taint(fn, task, referencestamp)
         if taint:
@@ -384,7 +386,7 @@ class SignatureGeneratorUniHashMixIn(object):
     def __get_task_unihash_key(self, tid):
         # TODO: The key only *needs* to be the taskhash, the tid is just
         # convenient
-        return '%s:%s' % (tid, self.taskhash[tid])
+        return '%s:%s' % (tid.rsplit("/", 1)[1], self.taskhash[tid])
 
     def get_stampfile_hash(self, tid):
         if tid in self.taskhash:
@@ -440,7 +442,7 @@ class SignatureGeneratorUniHashMixIn(object):
                 bb.debug((1, 2)[unihash == taskhash], 'Found unihash %s in place of %s for %s from %s' % (unihash, taskhash, tid, self.server))
             else:
                 bb.debug(2, 'No reported unihash for %s:%s from %s' % (tid, taskhash, self.server))
-        except hashserv.HashConnectionError as e:
+        except hashserv.client.HashConnectionError as e:
             bb.warn('Error contacting Hash Equivalence Server %s: %s' % (self.server, str(e)))
 
         self.unitaskhashes[key] = unihash
@@ -454,7 +456,11 @@ class SignatureGeneratorUniHashMixIn(object):
         report_taskdata = d.getVar('SSTATE_HASHEQUIV_REPORT_TASKDATA') == '1'
         tempdir = d.getVar('T')
         fn = d.getVar('BB_FILENAME')
-        key = fn + ':do_' + task + ':' + taskhash
+        tid = fn + ':do_' + task
+        key = tid.rsplit("/", 1)[1] + ':' + taskhash
+
+        if self.setscenetasks and tid not in self.setscenetasks:
+            return
 
         # Sanity checks
         cache_unihash = self.unitaskhashes.get(key, None)
@@ -504,7 +510,7 @@ class SignatureGeneratorUniHashMixIn(object):
                     bb.event.fire(bb.runqueue.taskUniHashUpdate(fn + ':do_' + task, new_unihash), d)
                 else:
                     bb.debug(1, 'Reported task %s as unihash %s to %s' % (taskhash, unihash, self.server))
-            except hashserv.HashConnectionError as e:
+            except hashserv.client.HashConnectionError as e:
                 bb.warn('Error contacting Hash Equivalence Server %s: %s' % (self.server, str(e)))
         finally:
             if sigfile:

bitbake/lib/bb/tests/data.py

@@ -381,6 +381,19 @@ class TestOverrides(unittest.TestCase):
         self.d.setVar("OVERRIDES", "foo:bar:some_val")
         self.assertEqual(self.d.getVar("TEST"), " testvalue5")
 
+    def test_append_and_override_1(self):
+        self.d.setVar("TEST_append", "testvalue2")
+        self.d.setVar("TEST_bar", "testvalue3")
+        self.assertEqual(self.d.getVar("TEST"), "testvalue3testvalue2")
+
+    def test_append_and_override_2(self):
+        self.d.setVar("TEST_append_bar", "testvalue2")
+        self.assertEqual(self.d.getVar("TEST"), "testvaluetestvalue2")
+
+    def test_append_and_override_3(self):
+        self.d.setVar("TEST_bar_append", "testvalue2")
+        self.assertEqual(self.d.getVar("TEST"), "testvalue2")
+
     # Test an override with _<numeric> in it based on a real world OE issue
     def test_underscore_override(self):
         self.d.setVar("TARGET_ARCH", "x86_64")

bitbake/lib/bb/tests/fetch.py

@@ -1908,3 +1908,83 @@ class GitShallowTest(FetcherTest):
 
         dir = os.listdir(self.unpackdir + "/git/")
         self.assertIn("fstests.doap", dir)
+
+class GitLfsTest(FetcherTest):
+    def setUp(self):
+        FetcherTest.setUp(self)
+
+        self.gitdir = os.path.join(self.tempdir, 'git')
+        self.srcdir = os.path.join(self.tempdir, 'gitsource')
+        
+        self.d.setVar('WORKDIR', self.tempdir)
+        self.d.setVar('S', self.gitdir)
+        self.d.delVar('PREMIRRORS')
+        self.d.delVar('MIRRORS')
+
+        self.d.setVar('SRCREV', '${AUTOREV}')
+        self.d.setVar('AUTOREV', '${@bb.fetch2.get_autorev(d)}')
+
+        bb.utils.mkdirhier(self.srcdir)
+        self.git('init', cwd=self.srcdir)
+        with open(os.path.join(self.srcdir, '.gitattributes'), 'wt') as attrs:
+            attrs.write('*.mp3 filter=lfs -text')
+        self.git(['add', '.gitattributes'], cwd=self.srcdir)
+        self.git(['commit', '-m', "attributes", '.gitattributes'], cwd=self.srcdir)
+
+    def git(self, cmd, cwd=None):
+        if isinstance(cmd, str):
+            cmd = 'git ' + cmd
+        else:
+            cmd = ['git'] + cmd
+        if cwd is None:
+            cwd = self.gitdir
+        return bb.process.run(cmd, cwd=cwd)[0]
+
+    def fetch(self, uri=None):
+        uris = self.d.getVar('SRC_URI').split()
+        uri = uris[0]
+        d = self.d
+
+        fetcher = bb.fetch2.Fetch(uris, d)
+        fetcher.download()
+        ud = fetcher.ud[uri]
+        return fetcher, ud
+
+    def test_lfs_enabled(self):
+        import shutil
+
+        uri = 'git://%s;protocol=file;subdir=${S};lfs=1' % self.srcdir
+        self.d.setVar('SRC_URI', uri)
+
+        fetcher, ud = self.fetch()
+        self.assertIsNotNone(ud.method._find_git_lfs)
+
+        # If git-lfs can be found, the unpack should be successful
+        ud.method._find_git_lfs = lambda d: True
+        shutil.rmtree(self.gitdir, ignore_errors=True)
+        fetcher.unpack(self.d.getVar('WORKDIR'))
+
+        # If git-lfs cannot be found, the unpack should throw an error
+        with self.assertRaises(bb.fetch2.FetchError):
+            ud.method._find_git_lfs = lambda d: False
+            shutil.rmtree(self.gitdir, ignore_errors=True)
+            fetcher.unpack(self.d.getVar('WORKDIR'))
+
+    def test_lfs_disabled(self):
+        import shutil
+
+        uri = 'git://%s;protocol=file;subdir=${S};lfs=0' % self.srcdir
+        self.d.setVar('SRC_URI', uri)
+
+        fetcher, ud = self.fetch()
+        self.assertIsNotNone(ud.method._find_git_lfs)
+
+        # If git-lfs can be found, the unpack should be successful
+        ud.method._find_git_lfs = lambda d: True
+        shutil.rmtree(self.gitdir, ignore_errors=True)
+        fetcher.unpack(self.d.getVar('WORKDIR'))
+
+        # If git-lfs cannot be found, the unpack should be successful
+        ud.method._find_git_lfs = lambda d: False
+        shutil.rmtree(self.gitdir, ignore_errors=True)
+        fetcher.unpack(self.d.getVar('WORKDIR'))

bitbake/lib/bb/tests/runqueue.py

@@ -12,6 +12,7 @@ import os
 import tempfile
 import subprocess
 import sys
+import time
 
 #
 # TODO:
@@ -257,6 +258,8 @@ class RunQueueTests(unittest.TestCase):
                         'a1:package_write_ipk_setscene', 'a1:package_qa_setscene']
             self.assertEqual(set(tasks), set(expected))
 
+            self.shutdown(tempdir)
+
     @unittest.skipIf(sys.version_info < (3, 5, 0), 'Python 3.5 or later required')
     def test_hashserv_double(self):
         with tempfile.TemporaryDirectory(prefix="runqueuetest") as tempdir:
@@ -280,6 +283,7 @@ class RunQueueTests(unittest.TestCase):
                         'a1:package_write_rpm_setscene', 'b1:package_write_ipk_setscene', 'a1:packagedata_setscene']
             self.assertEqual(set(tasks), set(expected))
 
+            self.shutdown(tempdir)
 
     @unittest.skipIf(sys.version_info < (3, 5, 0), 'Python 3.5 or later required')
     def test_hashserv_multiple_setscene(self):
@@ -307,97 +311,13 @@ class RunQueueTests(unittest.TestCase):
                         'e1:package_setscene']
             self.assertEqual(set(tasks), set(expected))
             for i in expected:
-                if i in ["e1:package_setscene"]:
-                    self.assertEqual(tasks.count(i), 4, "%s not in task list four times" % i)
-                else:
-                    self.assertEqual(tasks.count(i), 1, "%s not in task list once" % i)
+                self.assertEqual(tasks.count(i), 1, "%s not in task list once" % i)
 
-    @unittest.skipIf(sys.version_info < (3, 5, 0), 'Python 3.5 or later required')
-    def test_hashserv_partial_match(self):
-        # e1:do_package matches initial built but not second hash value
-        with tempfile.TemporaryDirectory(prefix="runqueuetest") as tempdir:
-            extraenv = {
-                "BB_HASHSERVE" : "auto",
-                "BB_SIGNATURE_HANDLER" : "TestEquivHash"
-            }
-            cmd = ["bitbake", "a1", "b1"]
-            setscenetasks = ['package_write_ipk_setscene', 'package_write_rpm_setscene', 'packagedata_setscene',
-                             'populate_sysroot_setscene', 'package_qa_setscene']
-            sstatevalid = ""
-            tasks = self.run_bitbakecmd(cmd, tempdir, sstatevalid, extraenv=extraenv, cleanup=True)
-            expected = ['a1:' + x for x in self.alltasks] + ['b1:' + x for x in self.alltasks]
-            self.assertEqual(set(tasks), set(expected))
-            with open(tempdir + "/stamps/a1.do_install.taint", "w") as f:
-               f.write("d460a29e-903f-4b76-a96b-3bcc22a65994")
-            with open(tempdir + "/stamps/b1.do_install.taint", "w") as f:
-               f.write("ed36d46a-2977-458a-b3de-eef885bc1817")
-            cmd = ["bitbake", "e1"]
-            sstatevalid = "e1:do_package:685e69a026b2f029483fdefe6a11e1e06641dd2a0f6f86e27b9b550f8f21229d"
-            tasks = self.run_bitbakecmd(cmd, tempdir, sstatevalid, extraenv=extraenv, cleanup=True)
-            expected = ['a1:package', 'a1:install', 'b1:package', 'b1:install', 'a1:populate_sysroot', 'b1:populate_sysroot',
-                        'a1:package_write_ipk_setscene', 'b1:packagedata_setscene', 'b1:package_write_rpm_setscene',
-                        'a1:package_write_rpm_setscene', 'b1:package_write_ipk_setscene', 'a1:packagedata_setscene',
-                        'e1:package_setscene'] + ['e1:' + x for x in self.alltasks]
-            expected.remove('e1:package')
-            self.assertEqual(set(tasks), set(expected))
+            self.shutdown(tempdir)
 
-    @unittest.skipIf(sys.version_info < (3, 5, 0), 'Python 3.5 or later required')
-    def test_hashserv_partial_match2(self):
-        # e1:do_package + e1:do_populate_sysroot matches initial built but not second hash value
-        with tempfile.TemporaryDirectory(prefix="runqueuetest") as tempdir:
-            extraenv = {
-                "BB_HASHSERVE" : "auto",
-                "BB_SIGNATURE_HANDLER" : "TestEquivHash"
-            }
-            cmd = ["bitbake", "a1", "b1"]
-            setscenetasks = ['package_write_ipk_setscene', 'package_write_rpm_setscene', 'packagedata_setscene',
-                             'populate_sysroot_setscene', 'package_qa_setscene']
-            sstatevalid = ""
-            tasks = self.run_bitbakecmd(cmd, tempdir, sstatevalid, extraenv=extraenv, cleanup=True)
-            expected = ['a1:' + x for x in self.alltasks] + ['b1:' + x for x in self.alltasks]
-            self.assertEqual(set(tasks), set(expected))
-            with open(tempdir + "/stamps/a1.do_install.taint", "w") as f:
-               f.write("d460a29e-903f-4b76-a96b-3bcc22a65994")
-            with open(tempdir + "/stamps/b1.do_install.taint", "w") as f:
-               f.write("ed36d46a-2977-458a-b3de-eef885bc1817")
-            cmd = ["bitbake", "e1"]
-            sstatevalid = "e1:do_package:685e69a026b2f029483fdefe6a11e1e06641dd2a0f6f86e27b9b550f8f21229d e1:do_populate_sysroot:ef7dc0e2dd55d0534e75cba50731ff42f949818b6f29a65d72bc05856e56711d"
-            tasks = self.run_bitbakecmd(cmd, tempdir, sstatevalid, extraenv=extraenv, cleanup=True)
-            expected = ['a1:package', 'a1:install', 'b1:package', 'b1:install', 'a1:populate_sysroot', 'b1:populate_sysroot',
-                        'a1:package_write_ipk_setscene', 'b1:packagedata_setscene', 'b1:package_write_rpm_setscene',
-                        'a1:package_write_rpm_setscene', 'b1:package_write_ipk_setscene', 'a1:packagedata_setscene',
-                        'e1:package_setscene', 'e1:populate_sysroot_setscene', 'e1:build', 'e1:package_qa', 'e1:package_write_rpm', 'e1:package_write_ipk', 'e1:packagedata']
-            self.assertEqual(set(tasks), set(expected))
-
-    @unittest.skipIf(sys.version_info < (3, 5, 0), 'Python 3.5 or later required')
-    def test_hashserv_partial_match3(self):
-        # e1:do_package is valid for a1 but not after b1
-        # In former buggy code, this triggered e1:do_fetch, then e1:do_populate_sysroot to run
-        # with none of the intermediate tasks which is a serious bug
-        with tempfile.TemporaryDirectory(prefix="runqueuetest") as tempdir:
-            extraenv = {
-                "BB_HASHSERVE" : "auto",
-                "BB_SIGNATURE_HANDLER" : "TestEquivHash"
-            }
-            cmd = ["bitbake", "a1", "b1"]
-            setscenetasks = ['package_write_ipk_setscene', 'package_write_rpm_setscene', 'packagedata_setscene',
-                             'populate_sysroot_setscene', 'package_qa_setscene']
-            sstatevalid = ""
-            tasks = self.run_bitbakecmd(cmd, tempdir, sstatevalid, extraenv=extraenv, cleanup=True)
-            expected = ['a1:' + x for x in self.alltasks] + ['b1:' + x for x in self.alltasks]
-            self.assertEqual(set(tasks), set(expected))
-            with open(tempdir + "/stamps/a1.do_install.taint", "w") as f:
-               f.write("d460a29e-903f-4b76-a96b-3bcc22a65994")
-            with open(tempdir + "/stamps/b1.do_install.taint", "w") as f:
-               f.write("ed36d46a-2977-458a-b3de-eef885bc1817")
-            cmd = ["bitbake", "e1", "-DD"]
-            sstatevalid = "e1:do_package:af056eae12a733a6a8c4f4da8c6757e588e13565852c94e2aad4d953a3989c13 e1:do_package:a3677703db82b22d28d57c1820a47851dd780104580863f5bd32e66e003a779d"
-            tasks = self.run_bitbakecmd(cmd, tempdir, sstatevalid, extraenv=extraenv, cleanup=True, slowtasks="e1:fetch b1:install")
-            expected = ['a1:package', 'a1:install', 'b1:package', 'b1:install', 'a1:populate_sysroot', 'b1:populate_sysroot',
-                        'a1:package_write_ipk_setscene', 'b1:packagedata_setscene', 'b1:package_write_rpm_setscene',
-                        'a1:package_write_rpm_setscene', 'b1:package_write_ipk_setscene', 'a1:packagedata_setscene',
-                        'e1:package_setscene']  + ['e1:' + x for x in self.alltasks]
-            expected.remove('e1:package')
-            self.assertEqual(set(tasks), set(expected))
+    def shutdown(self, tempdir):
+        # Wait for the hashserve socket to disappear else we'll see races with the tempdir cleanup
+        while os.path.exists(tempdir + "/hashserve.sock"):
+            time.sleep(0.5)
 
 

bitbake/lib/bb/ui/buildinfohelper.py

@@ -646,6 +646,9 @@ class ORMWrapper(object):
                 Target_Installed_Package.objects.create(target = target_obj, package = packagedict[p]['object'])
 
         packagedeps_objs = []
+        pattern_so = re.compile(r'.*\.so(\.\d*)?$')
+        pattern_lib = re.compile(r'.*\-suffix(\d*)?$')
+        pattern_ko = re.compile(r'^kernel-module-.*')
         for p in packagedict:
             for (px,deptype) in packagedict[p]['depends']:
                 if deptype == 'depends':
@@ -654,6 +657,13 @@ class ORMWrapper(object):
                     tdeptype = Package_Dependency.TYPE_TRECOMMENDS
 
                 try:
+                    # Skip known non-package objects like libraries and kernel modules
+                    if pattern_so.match(px) or pattern_lib.match(px):
+                        logger.info("Toaster does not add library file dependencies to packages (%s,%s)", p, px)
+                        continue
+                    if pattern_ko.match(px):
+                        logger.info("Toaster does not add kernel module dependencies to packages (%s,%s)", p, px)
+                        continue
                     packagedeps_objs.append(Package_Dependency(
                         package = packagedict[p]['object'],
                         depends_on = packagedict[px]['object'],

bitbake/lib/hashserv/client.py

@@ -7,6 +7,7 @@ from contextlib import closing
 import json
 import logging
 import socket
+import os
 
 
 logger = logging.getLogger('hashserv.client')

bitbake/lib/hashserv/tests.py

@@ -32,7 +32,6 @@ class TestHashEquivalenceServer(object):
 
         self.server = create_server(self.get_server_addr(), self.dbfile)
         self.server_thread = multiprocessing.Process(target=self._run_server)
-        self.server_thread.daemon = True
         self.server_thread.start()
         self.client = create_client(self.server.address)
 

bitbake/lib/toaster/toastergui/static/js/importlayer.js

@@ -17,11 +17,15 @@ function importLayerPageInit (ctx) {
   var currentLayerDepSelection;
   var validLayerName = /^(\w|-)+$/;
 
+  /* Catch 'disable' race condition between type-ahead started and "input change" */
+  var typeAheadStarted = 0;
+
   libtoaster.makeTypeahead(layerDepInput,
                            libtoaster.ctx.layersTypeAheadUrl,
                            { include_added: "true" }, function(item){
     currentLayerDepSelection = item;
     layerDepBtn.removeAttr("disabled");
+    typeAheadStarted = 1;
   });
 
   layerDepInput.on("typeahead:select", function(event, data){
@@ -34,7 +38,10 @@ function importLayerPageInit (ctx) {
   // disable the "Add layer" button when the layer input typeahead is empty
   // or not in the typeahead choices
   layerDepInput.on("input change", function(){
-    layerDepBtn.attr("disabled","disabled");
+    if (0 == typeAheadStarted) {
+      layerDepBtn.attr("disabled","disabled");
+    }
+    typeAheadStarted = 0;
   });
 
   /* We automatically add "openembedded-core" layer for convenience as a
@@ -50,6 +57,7 @@ function importLayerPageInit (ctx) {
   });
 
   layerDepBtn.click(function(){
+    typeAheadStarted = 0;
     if (currentLayerDepSelection == undefined)
       return;
 
@@ -77,7 +85,7 @@ function importLayerPageInit (ctx) {
 
     $("#layer-deps-list").append(newLayerDep);
 
-    libtoaster.getLayerDepsForProject(currentLayerDepSelection.layerdetailurl,
+    libtoaster.getLayerDepsForProject(currentLayerDepSelection.xhrLayerUrl,
                                       function (data){
         /* These are the dependencies of the layer added as a dependency */
         if (data.list.length > 0) {

meta-poky/conf/local.conf.sample

@@ -248,6 +248,20 @@ PACKAGECONFIG_append_pn-qemu-system-native = " sdl"
 # a handy set of menus for controlling the emulator.
 #PACKAGECONFIG_append_pn-qemu-system-native = " gtk+"
 
+#
+# Hash Equivalence
+#
+# Enable support for automatically running a local hash equivalence server and
+# instruct bitbake to use a hash equivalence aware signature generator. Hash
+# equivalence improves reuse of sstate by detecting when a given sstate
+# artifact can be reused as equivalent, even if the current task hash doesn't
+# match the one that generated the artifact.
+#
+# A shared hash equivalent server can be set with "<HOSTNAME>:<PORT>" format
+#
+#BB_HASHSERVE = "auto"
+#BB_SIGNATURE_HANDLER = "OEEquivHash"
+
 # CONF_VERSION is increased each time build/conf/ changes incompatibly and is used to
 # track the version of this file when it was generated. This can safely be ignored if
 # this doesn't mean anything to you.

meta-selftest/recipes-test/multiconfig/multiconfig-test-parse.bb

@@ -0,0 +1,11 @@
+SUMMARY = "Test Multiconfig Parsing"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+do_showvar() {
+    bbplain "MCTESTVAR=${MCTESTVAR}"
+}
+addtask do_showvar
+

meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.2.bbappend

@@ -8,11 +8,11 @@ KMACHINE_genericx86 ?= "common-pc"
 KMACHINE_genericx86-64 ?= "common-pc-64"
 KMACHINE_beaglebone-yocto ?= "beaglebone"
 
-SRCREV_machine_genericx86    ?= "77c28ea0e55cabb0b22b47d4eb2cc94b0940dfe6"
-SRCREV_machine_genericx86-64 ?= "35276d20c01a78ee3640a074446b0c15c486c5d0"
-SRCREV_machine_edgerouter ?= "35276d20c01a78ee3640a074446b0c15c486c5d0"
-SRCREV_machine_beaglebone-yocto ?= "77c28ea0e55cabb0b22b47d4eb2cc94b0940dfe6"
-SRCREV_machine_mpc8315e-rdb ?= "cae01d71ef67eaafec75ce24f49b038b705b8711"
+SRCREV_machine_genericx86    ?= "25b14cdf9659c68ab32d66616dfdbbe2ece3fd94"
+SRCREV_machine_genericx86-64 ?= "25b14cdf9659c68ab32d66616dfdbbe2ece3fd94"
+SRCREV_machine_edgerouter ?= "25b14cdf9659c68ab32d66616dfdbbe2ece3fd94"
+SRCREV_machine_beaglebone-yocto ?= "25b14cdf9659c68ab32d66616dfdbbe2ece3fd94"
+SRCREV_machine_mpc8315e-rdb ?= "77f031b182885c177b3a96098ae61271911a7954"
 
 COMPATIBLE_MACHINE_genericx86 = "genericx86"
 COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
@@ -20,8 +20,8 @@ COMPATIBLE_MACHINE_edgerouter = "edgerouter"
 COMPATIBLE_MACHINE_beaglebone-yocto = "beaglebone-yocto"
 COMPATIBLE_MACHINE_mpc8315e-rdb = "mpc8315e-rdb"
 
-LINUX_VERSION_genericx86 = "5.2.10"
-LINUX_VERSION_genericx86-64 = "5.2.10"
-LINUX_VERSION_edgerouter = "5.2.10"
-LINUX_VERSION_beaglebone-yocto = "5.2.10"
-LINUX_VERSION_mpc8315e-rdb = "5.2.10"
+LINUX_VERSION_genericx86 = "5.2.17"
+LINUX_VERSION_genericx86-64 = "5.2.17"
+LINUX_VERSION_edgerouter = "5.2.17"
+LINUX_VERSION_beaglebone-yocto = "5.2.17"
+LINUX_VERSION_mpc8315e-rdb = "5.2.17"

meta/classes/base.bbclass

@@ -32,9 +32,11 @@ def oe_import(d):
 
     import oe.data
     for toimport in oe.data.typed_value("OE_IMPORTS", d):
-        imported = __import__(toimport)
-        inject(toimport.split(".", 1)[0], imported)
-
+        try:
+            imported = __import__(toimport)
+            inject(toimport.split(".", 1)[0], imported)
+        except AttributeError as e:
+            bb.error("Error importing OE modules: %s" % str(e))
     return ""
 
 # We need the oe module name space early (before INHERITs get added)

meta/classes/core-image.bbclass

@@ -30,6 +30,7 @@
 # - dev-pkgs            - development packages (headers, etc.) for all installed packages in the rootfs
 # - dbg-pkgs            - debug symbol packages for all installed packages in the rootfs
 # - doc-pkgs            - documentation packages for all installed packages in the rootfs
+# - bash-completion-pkgs - bash-completion packages for recipes using bash-completion bbclass
 # - ptest-pkgs          - ptest packages for all ptest-enabled recipes
 # - read-only-rootfs    - tweaks an image to support read-only rootfs
 # - splash              - bootup splash screen

meta/classes/icecc.bbclass

@@ -138,6 +138,10 @@ def use_icecc(bb,d):
     if icecc_is_cross_canadian(bb, d):
         return "no"
 
+    if d.getVar('INHIBIT_DEFAULT_DEPS', False):
+        # We don't have a compiler, so no icecc
+        return "no"
+
     pn = d.getVar('PN')
     bpn = d.getVar('BPN')
 

meta/classes/image-live.bbclass

@@ -37,7 +37,7 @@ do_bootimg[depends] += "dosfstools-native:do_populate_sysroot \
 LABELS_LIVE ?= "boot install"
 ROOT_LIVE ?= "root=/dev/ram0"
 INITRD_IMAGE_LIVE ?= "${MLPREFIX}core-image-minimal-initramfs"
-INITRD_LIVE ?= "${DEPLOY_DIR_IMAGE}/${INITRD_IMAGE_LIVE}-${MACHINE}.cpio.gz"
+INITRD_LIVE ?= "${DEPLOY_DIR_IMAGE}/${INITRD_IMAGE_LIVE}-${MACHINE}.${INITRAMFS_FSTYPES}"
 
 LIVE_ROOTFS_TYPE ?= "ext4"
 ROOTFS ?= "${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.${LIVE_ROOTFS_TYPE}"

meta/classes/kernel-fitimage.bbclass

@@ -207,7 +207,6 @@ EOF
 fitimage_emit_section_ramdisk() {
 
 	ramdisk_csum="${FIT_HASH_ALG}"
-	ramdisk_ctype="none"
 	ramdisk_loadline=""
 	ramdisk_entryline=""
 
@@ -218,24 +217,6 @@ fitimage_emit_section_ramdisk() {
 		ramdisk_entryline="entry = <${UBOOT_RD_ENTRYPOINT}>;"
 	fi
 
-	case $3 in
-		*.gz)
-			ramdisk_ctype="gzip"
-			;;
-		*.bz2)
-			ramdisk_ctype="bzip2"
-			;;
-		*.lzma)
-			ramdisk_ctype="lzma"
-			;;
-		*.lzo)
-			ramdisk_ctype="lzo"
-			;;
-		*.lz4)
-			ramdisk_ctype="lz4"
-			;;
-	esac
-
 	cat << EOF >> ${1}
                 ramdisk@${2} {
                         description = "${INITRAMFS_IMAGE}";
@@ -243,7 +224,7 @@ fitimage_emit_section_ramdisk() {
                         type = "ramdisk";
                         arch = "${UBOOT_ARCH}";
                         os = "linux";
-                        compression = "${ramdisk_ctype}";
+                        compression = "none";
                         ${ramdisk_loadline}
                         ${ramdisk_entryline}
                         hash@1 {

meta/classes/package.bbclass

@@ -1580,6 +1580,7 @@ SHLIBSDIRS = "${WORKDIR_PKGDATA}/${MLPREFIX}shlibs2"
 SHLIBSWORKDIR = "${PKGDESTWORK}/${MLPREFIX}shlibs2"
 
 python package_do_shlibs() {
+    import itertools
     import re, pipes
     import subprocess
 
@@ -1835,16 +1836,16 @@ python package_do_shlibs() {
                 bb.debug(2, '%s: Dependency %s covered by PRIVATE_LIBS' % (pkg, n[0]))
                 continue
             if n[0] in shlib_provider.keys():
-                shlib_provider_path = []
-                for k in shlib_provider[n[0]].keys():
-                    shlib_provider_path.append(k)
-                match = None
-                for p in list(n[2]) + shlib_provider_path + libsearchpath:
-                    if p in shlib_provider[n[0]]:
-                        match = p
-                        break
-                if match:
-                    (dep_pkg, ver_needed) = shlib_provider[n[0]][match]
+                shlib_provider_map = shlib_provider[n[0]]
+                matches = set()
+                for p in itertools.chain(list(n[2]), sorted(shlib_provider_map.keys()), libsearchpath):
+                    if p in shlib_provider_map:
+                        matches.add(p)
+                if len(matches) > 1:
+                    matchpkgs = ', '.join([shlib_provider_map[match][0] for match in matches])
+                    bb.error("%s: Multiple shlib providers for %s: %s (used by files: %s)" % (pkg, n[0], matchpkgs, n[1]))
+                elif len(matches) == 1:
+                    (dep_pkg, ver_needed) = shlib_provider_map[matches.pop()]
 
                     bb.debug(2, '%s: Dependency %s requires package %s (used by files: %s)' % (pkg, n[0], dep_pkg, n[1]))
 

meta/classes/packagegroup.bbclass

@@ -8,7 +8,7 @@ PACKAGES = "${PN}"
 
 # By default, packagegroup packages do not depend on a certain architecture.
 # Only if dependencies are modified by MACHINE_FEATURES, packages
-# need to be set to MACHINE_ARCH after inheriting packagegroup.bbclass
+# need to be set to MACHINE_ARCH before inheriting packagegroup.bbclass
 PACKAGE_ARCH ?= "all"
 
 # Fully expanded - so it applies the overrides as well

meta/classes/populate_sdk_base.bbclass

@@ -8,6 +8,7 @@ COMPLEMENTARY_GLOB[doc-pkgs] = '*-doc'
 COMPLEMENTARY_GLOB[dbg-pkgs] = '*-dbg'
 COMPLEMENTARY_GLOB[src-pkgs] = '*-src'
 COMPLEMENTARY_GLOB[ptest-pkgs] = '*-ptest'
+COMPLEMENTARY_GLOB[bash-completion-pkgs] = '*-bash-completion'
 
 def complementary_globs(featurevar, d):
     all_globs = d.getVarFlags('COMPLEMENTARY_GLOB')

meta/classes/populate_sdk_ext.bbclass

@@ -379,6 +379,11 @@ python copy_buildsystem () {
             f.write('require conf/locked-sigs.inc\n')
             f.write('require conf/unlocked-sigs.inc\n')
 
+    if os.path.exists(builddir + '/cache/bb_unihashes.dat'):
+        bb.parse.siggen.save_unitaskhashes()
+        bb.utils.mkdirhier(os.path.join(baseoutpath, 'cache'))
+        shutil.copyfile(builddir + '/cache/bb_unihashes.dat', baseoutpath + '/cache/bb_unihashes.dat')
+
     # Write a templateconf.cfg
     with open(baseoutpath + '/conf/templateconf.cfg', 'w') as f:
         f.write('meta/conf\n')
@@ -440,6 +445,11 @@ python copy_buildsystem () {
     else:
         tasklistfn = None
 
+    if os.path.exists(builddir + '/cache/bb_unihashes.dat'):
+        bb.parse.siggen.save_unitaskhashes()
+        bb.utils.mkdirhier(os.path.join(baseoutpath, 'cache'))
+        shutil.copyfile(builddir + '/cache/bb_unihashes.dat', baseoutpath + '/cache/bb_unihashes.dat')
+
     # Add packagedata if enabled
     if d.getVar('SDK_INCLUDE_PKGDATA') == '1':
         lockedsigs_base = d.getVar('WORKDIR') + '/locked-sigs-base.inc'

meta/classes/reproducible_build.bbclass

@@ -39,19 +39,28 @@ inherit ${@oe.utils.ifelse(d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1', 'repr
 
 SDE_DIR ="${WORKDIR}/source-date-epoch"
 SDE_FILE = "${SDE_DIR}/__source_date_epoch.txt"
+SDE_DEPLOYDIR = "${WORKDIR}/deploy-source-date-epoch"
 
 SSTATETASKS += "do_deploy_source_date_epoch"
 
 do_deploy_source_date_epoch () {
     echo "Deploying SDE to ${SDE_DIR}."
+    mkdir -p ${SDE_DEPLOYDIR}
+    if [ -e ${SDE_FILE} ]; then
+        cp -p ${SDE_FILE} ${SDE_DEPLOYDIR}/__source_date_epoch.txt
+    fi
 }
 
 python do_deploy_source_date_epoch_setscene () {
     sstate_setscene(d)
+    bb.utils.mkdirhier(d.getVar('SDE_DIR'))
+    sde_file = os.path.join(d.getVar('SDE_DEPLOYDIR'), '__source_date_epoch.txt')
+    if os.path.exists(sde_file):
+        os.rename(sde_file, d.getVar('SDE_FILE'))
 }
 
-do_deploy_source_date_epoch[dirs] = "${SDE_DIR}"
-do_deploy_source_date_epoch[sstate-plaindirs] = "${SDE_DIR}"
+do_deploy_source_date_epoch[dirs] = "${SDE_DEPLOYDIR}"
+do_deploy_source_date_epoch[sstate-plaindirs] = "${SDE_DEPLOYDIR}"
 addtask do_deploy_source_date_epoch_setscene
 addtask do_deploy_source_date_epoch before do_configure after do_patch
 

meta/classes/rootfs-postcommands.bbclass

@@ -29,7 +29,7 @@ APPEND_append = '${@bb.utils.contains("IMAGE_FEATURES", "read-only-rootfs", " ro
 ROOTFS_POSTPROCESS_COMMAND += "write_image_test_data ; "
 
 # Write manifest
-IMAGE_MANIFEST = "${IMGDEPLOYDIR}/${IMAGE_NAME}.rootfs.manifest"
+IMAGE_MANIFEST = "${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.manifest"
 ROOTFS_POSTUNINSTALL_COMMAND =+ "write_image_manifest ; "
 # Set default postinst log file
 POSTINST_LOGFILE ?= "${localstatedir}/log/postinstall.log"

meta/conf/distro/include/ptest-packagelists.inc

@@ -77,3 +77,5 @@ PTESTS_SLOW = "\
     util-linux-ptest \
     valgrind-ptest \
 "
+
+PTESTS_SLOW_remove_riscv64 = "valgrind-ptest"

meta/conf/machine/include/riscv/qemuriscv.inc

@@ -36,16 +36,3 @@ QB_TCPSERIAL_OPT = " -device virtio-serial-device -chardev socket,id=virtcon,por
 # Add the 'virtio-rng-pci' device otherwise the guest may run out of entropy
 QB_OPT_APPEND = " -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-device,rng=rng0"
 
-BAD_RECOMMENDATIONS += "\
-    libcxx-dev \
-    libcxx-staticdev \
-    compiler-rt-dev \
-    compiler-rt-staticdev \
-"
-
-ASSUME_PROVIDED += "\
-    libcxx-dev \
-    libcxx-staticdev \
-    compiler-rt-dev \
-    compiler-rt-staticdev \
-"

meta/conf/sanity.conf

@@ -3,7 +3,7 @@
 # See sanity.bbclass
 #
 # Expert users can confirm their sanity with "touch conf/sanity.conf"
-BB_MIN_VERSION = "1.43.1"
+BB_MIN_VERSION = "1.43.2"
 
 SANITY_ABIFILE = "${TMPDIR}/abi_version"
 

meta/lib/oe/lsb.py

@@ -110,12 +110,12 @@ def distro_identifier(adjust_hook=None):
     if adjust_hook:
         distro_id, release = adjust_hook(distro_id, release)
     if not distro_id:
-        return "Unknown"
-    # Filter out any non-alphanumerics
-    distro_id = re.sub(r'\W', '', distro_id)
+        return "unknown"
+    # Filter out any non-alphanumerics and convert to lowercase
+    distro_id = re.sub(r'\W', '', distro_id).lower()
 
     if release:
-        id_str = '{0}-{1}'.format(distro_id.lower(), release)
+        id_str = '{0}-{1}'.format(distro_id, release)
     else:
         id_str = distro_id
     return id_str.replace(' ','-').replace('/','-')

meta/lib/oe/sdk.py

@@ -88,10 +88,6 @@ class Sdk(object, metaclass=ABCMeta):
             bb.warn("cannot remove SDK dir: %s" % path)
 
     def install_locales(self, pm):
-        # This is only relevant for glibc
-        if self.d.getVar("TCLIBC") != "glibc":
-            return
-
         linguas = self.d.getVar("SDKIMAGE_LINGUAS")
         if linguas:
             import fnmatch

meta/lib/oe/sstatesig.py

@@ -90,8 +90,7 @@ class SignatureGeneratorOEBasic(bb.siggen.SignatureGeneratorBasic):
     def rundep_check(self, fn, recipename, task, dep, depname, dataCache = None):
         return sstate_rundepfilter(self, fn, recipename, task, dep, depname, dataCache)
 
-class SignatureGeneratorOEBasicHash(bb.siggen.SignatureGeneratorBasicHash):
-    name = "OEBasicHash"
+class SignatureGeneratorOEBasicHashMixIn(object):
     def init_rundepcheck(self, data):
         self.abisaferecipes = (data.getVar("SIGGEN_EXCLUDERECIPES_ABISAFE") or "").split()
         self.saferecipedeps = (data.getVar("SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS") or "").split()
@@ -129,12 +128,11 @@ class SignatureGeneratorOEBasicHash(bb.siggen.SignatureGeneratorBasicHash):
         return sstate_rundepfilter(self, fn, recipename, task, dep, depname, dataCache)
 
     def get_taskdata(self):
-        data = super(bb.siggen.SignatureGeneratorBasicHash, self).get_taskdata()
-        return (data, self.lockedpnmap, self.lockedhashfn)
+        return (self.lockedpnmap, self.lockedhashfn, self.lockedhashes) + super().get_taskdata()
 
     def set_taskdata(self, data):
-        coredata, self.lockedpnmap, self.lockedhashfn = data
-        super(bb.siggen.SignatureGeneratorBasicHash, self).set_taskdata(coredata)
+        self.lockedpnmap, self.lockedhashfn, self.lockedhashes = data[:3]
+        super().set_taskdata(data[3:])
 
     def dump_sigs(self, dataCache, options):
         sigfile = os.getcwd() + "/locked-sigs.inc"
@@ -171,10 +169,11 @@ class SignatureGeneratorOEBasicHash(bb.siggen.SignatureGeneratorBasicHash):
                 h_locked = self.lockedsigs[recipename][task][0]
                 var = self.lockedsigs[recipename][task][1]
                 self.lockedhashes[tid] = h_locked
+                unihash = super().get_unihash(tid)
                 self.taskhash[tid] = h_locked
                 #bb.warn("Using %s %s %s" % (recipename, task, h))
 
-                if h != h_locked:
+                if h != h_locked and h_locked != unihash:
                     self.mismatch_msgs.append('The %s:%s sig is computed to be %s, but the sig is locked to %s in %s'
                                           % (recipename, task, h, h_locked, var))
 
@@ -182,6 +181,11 @@ class SignatureGeneratorOEBasicHash(bb.siggen.SignatureGeneratorBasicHash):
         #bb.warn("%s %s %s" % (recipename, task, h))
         return h
 
+    def get_unihash(self, tid):
+        if tid in self.lockedhashes:
+            return self.lockedhashes[tid]
+        return super().get_unihash(tid)
+
     def dump_sigtask(self, fn, task, stampbase, runtime):
         tid = fn + ":" + task
         if tid in self.lockedhashes:
@@ -211,7 +215,7 @@ class SignatureGeneratorOEBasicHash(bb.siggen.SignatureGeneratorBasicHash):
                     (_, _, task, fn) = bb.runqueue.split_tid_mcfn(tid)
                     if tid not in self.taskhash:
                         continue
-                    f.write("    " + self.lockedpnmap[fn] + ":" + task + ":" + self.taskhash[tid] + " \\\n")
+                    f.write("    " + self.lockedpnmap[fn] + ":" + task + ":" + self.get_unihash(tid) + " \\\n")
                 f.write('    "\n')
             f.write('SIGGEN_LOCKEDSIGS_TYPES_%s = "%s"' % (self.machine, " ".join(l)))
 
@@ -257,7 +261,10 @@ class SignatureGeneratorOEBasicHash(bb.siggen.SignatureGeneratorBasicHash):
         if error_msgs:
             bb.fatal("\n".join(error_msgs))
 
-class SignatureGeneratorOEEquivHash(bb.siggen.SignatureGeneratorUniHashMixIn, SignatureGeneratorOEBasicHash):
+class SignatureGeneratorOEBasicHash(SignatureGeneratorOEBasicHashMixIn, bb.siggen.SignatureGeneratorBasicHash):
+    name = "OEBasicHash"
+
+class SignatureGeneratorOEEquivHash(SignatureGeneratorOEBasicHashMixIn, bb.siggen.SignatureGeneratorUniHashMixIn, bb.siggen.SignatureGeneratorBasicHash):
     name = "OEEquivHash"
 
     def init_rundepcheck(self, data):

meta/lib/oeqa/core/case.py

@@ -59,7 +59,7 @@ class OEPTestResultTestCase:
     """
     @staticmethod
     def _compress_log(log):
-        logdata = log.encode("utf-8")
+        logdata = log.encode("utf-8") if isinstance(log, str) else log
         logdata = zlib.compress(logdata)
         logdata = base64.b64encode(logdata).decode("utf-8")
         return {"compressed" : logdata}
@@ -80,7 +80,7 @@ class OEPTestResultTestCase:
         if log is not None:
             sections[section]["log"] = self._compress_log(log)
         elif logfile is not None:
-            with open(logfile, "r") as f:
+            with open(logfile, "rb") as f:
                 sections[section]["log"] = self._compress_log(f.read())
 
         if duration is not None:

meta/lib/oeqa/core/utils/concurrencytest.py

@@ -78,29 +78,29 @@ class ProxyTestResult:
     def __init__(self, target):
         self.result = target
 
-    def _addResult(self, method, test, *args, **kwargs):
+    def _addResult(self, method, test, *args, exception = False, **kwargs):
         return method(test, *args, **kwargs)
 
-    def addError(self, test, *args, **kwargs):
-        self._addResult(self.result.addError, test, *args, **kwargs)
+    def addError(self, test, err = None, **kwargs):
+        self._addResult(self.result.addError, test, err, exception = True, **kwargs)
 
-    def addFailure(self, test, *args, **kwargs):
-        self._addResult(self.result.addFailure, test, *args, **kwargs)
+    def addFailure(self, test, err = None, **kwargs):
+        self._addResult(self.result.addFailure, test, err, exception = True, **kwargs)
 
-    def addSuccess(self, test, *args, **kwargs):
-        self._addResult(self.result.addSuccess, test, *args, **kwargs)
+    def addSuccess(self, test, **kwargs):
+        self._addResult(self.result.addSuccess, test, **kwargs)
 
-    def addExpectedFailure(self, test, *args, **kwargs):
-        self._addResult(self.result.addExpectedFailure, test, *args, **kwargs)
+    def addExpectedFailure(self, test, err = None, **kwargs):
+        self._addResult(self.result.addExpectedFailure, test, err, exception = True, **kwargs)
 
-    def addUnexpectedSuccess(self, test, *args, **kwargs):
-        self._addResult(self.result.addUnexpectedSuccess, test, *args, **kwargs)
+    def addUnexpectedSuccess(self, test, **kwargs):
+        self._addResult(self.result.addUnexpectedSuccess, test, **kwargs)
 
     def __getattr__(self, attr):
         return getattr(self.result, attr)
 
 class ExtraResultsDecoderTestResult(ProxyTestResult):
-    def _addResult(self, method, test, *args, **kwargs):
+    def _addResult(self, method, test, *args, exception = False, **kwargs):
         if "details" in kwargs and "extraresults" in kwargs["details"]:
             if isinstance(kwargs["details"]["extraresults"], Content):
                 kwargs = kwargs.copy()
@@ -114,7 +114,7 @@ class ExtraResultsDecoderTestResult(ProxyTestResult):
         return method(test, *args, **kwargs)
 
 class ExtraResultsEncoderTestResult(ProxyTestResult):
-    def _addResult(self, method, test, *args, **kwargs):
+    def _addResult(self, method, test, *args, exception = False, **kwargs):
         if hasattr(test, "extraresults"):
             extras = lambda : [json.dumps(test.extraresults).encode()]
             kwargs = kwargs.copy()
@@ -123,6 +123,11 @@ class ExtraResultsEncoderTestResult(ProxyTestResult):
             else:
                 kwargs["details"] = kwargs["details"].copy()
             kwargs["details"]["extraresults"] = Content(ContentType("application", "json", {'charset': 'utf8'}), extras)
+        # if using details, need to encode any exceptions into the details obj,
+        # testtools does not handle "err" and "details" together.
+        if "details" in kwargs and exception and (len(args) >= 1 and args[0] is not None):
+            kwargs["details"]["traceback"] = testtools.content.TracebackContent(args[0], test)
+            args = []
         return method(test, *args, **kwargs)
 
 #

meta/lib/oeqa/selftest/case.py

@@ -193,13 +193,20 @@ to ensure accurate results.")
         self.logger.debug("Adding path '%s' to be cleaned up when test is over" % path)
         self._track_for_cleanup.append(path)
 
-    def write_config(self, data):
-        """Write to <builddir>/conf/selftest.inc"""
+    def write_config(self, data, multiconfig=None):
+        """Write to config file"""
+        if multiconfig:
+            multiconfigdir = "%s/conf/multiconfig" % self.builddir
+            os.makedirs(multiconfigdir, exist_ok=True)
+            dest_path = '%s/%s.conf' % (multiconfigdir, multiconfig)
+            self.track_for_cleanup(dest_path)
+        else:
+            dest_path = self.testinc_path
 
-        self.logger.debug("Writing to: %s\n%s\n" % (self.testinc_path, data))
-        ftools.write_file(self.testinc_path, data)
+        self.logger.debug("Writing to: %s\n%s\n" % (dest_path, data))
+        ftools.write_file(dest_path, data)
 
-        if self.tc.custommachine and 'MACHINE' in data:
+        if not multiconfig and self.tc.custommachine and 'MACHINE' in data:
             machine = get_bb_var('MACHINE')
             self.logger.warning('MACHINE overridden: %s' % machine)
 

meta/lib/oeqa/selftest/cases/bbtests.py

@@ -118,11 +118,12 @@ class BitbakeTests(OESelftestTestCase):
             self.assertIn(task, result.output, msg="Couldn't find %s task.")
 
     def test_bitbake_g(self):
-        result = bitbake('-g core-image-minimal')
+        recipe = 'base-files'
+        result = bitbake('-g %s' % recipe)
         for f in ['pn-buildlist', 'task-depends.dot']:
             self.addCleanup(os.remove, f)
         self.assertTrue('Task dependencies saved to \'task-depends.dot\'' in result.output, msg = "No task dependency \"task-depends.dot\" file was generated for the given task target. bitbake output: %s" % result.output)
-        self.assertTrue('busybox' in ftools.read_file(os.path.join(self.builddir, 'task-depends.dot')), msg = "No \"busybox\" dependency found in task-depends.dot file.")
+        self.assertTrue(recipe in ftools.read_file(os.path.join(self.builddir, 'task-depends.dot')), msg = "No \"%s\" dependency found in task-depends.dot file." % recipe)
 
     def test_image_manifest(self):
         bitbake('core-image-minimal')

meta/lib/oeqa/selftest/cases/devtool.py

@@ -518,8 +518,8 @@ class DevtoolModifyTests(DevtoolBase):
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
         self.track_for_cleanup(tempdir)
         self.track_for_cleanup(self.workspacedir)
-        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.add_command_to_tearDown('bitbake -c clean mdadm')
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         result = runCmd('devtool modify mdadm -x %s' % tempdir)
         self.assertExists(os.path.join(tempdir, 'Makefile'), 'Extracted source could not be found')
         self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created')
@@ -587,8 +587,8 @@ class DevtoolModifyTests(DevtoolBase):
         self.track_for_cleanup(tempdir_m4)
         self.track_for_cleanup(builddir_m4)
         self.track_for_cleanup(self.workspacedir)
-        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.add_command_to_tearDown('bitbake -c clean mdadm m4')
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.write_recipeinc('m4', 'EXTERNALSRC_BUILD = "%s"\ndo_clean() {\n\t:\n}\n' % builddir_m4)
         try:
             runCmd('devtool modify mdadm -x %s' % tempdir_mdadm)
@@ -604,6 +604,7 @@ class DevtoolModifyTests(DevtoolBase):
             bitbake('mdadm m4 -c buildclean')
             assertNoFile(tempdir_mdadm, 'mdadm')
             assertNoFile(builddir_m4, 'src/m4')
+            runCmd('echo "#Trigger rebuild" >> %s/Makefile' % tempdir_mdadm)
             bitbake('mdadm m4 -c compile')
             assertFile(tempdir_mdadm, 'mdadm')
             assertFile(builddir_m4, 'src/m4')
@@ -683,8 +684,8 @@ class DevtoolModifyTests(DevtoolBase):
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
         self.track_for_cleanup(tempdir)
         self.track_for_cleanup(self.workspacedir)
-        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
         self.assertExists(os.path.join(tempdir, 'Makefile.am'), 'Extracted source could not be found')
         self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output)
@@ -715,8 +716,8 @@ class DevtoolModifyTests(DevtoolBase):
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
         self.track_for_cleanup(tempdir)
         self.track_for_cleanup(self.workspacedir)
-        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
         self.assertExists(os.path.join(tempdir, 'configure.ac'), 'Extracted source could not be found')
         self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created')
@@ -1246,8 +1247,8 @@ class DevtoolExtractTests(DevtoolBase):
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
         self.track_for_cleanup(tempdir)
         self.track_for_cleanup(self.workspacedir)
-        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
         # Test that deploy-target at this point fails (properly)
         result = runCmd('devtool deploy-target -n %s root@localhost' % testrecipe, ignore_status=True)
@@ -1297,8 +1298,8 @@ class DevtoolExtractTests(DevtoolBase):
         self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
         image = 'core-image-minimal'
         self.track_for_cleanup(self.workspacedir)
-        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.add_command_to_tearDown('bitbake -c clean %s' % image)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         bitbake('%s -c clean' % image)
         # Add target and native recipes to workspace
         recipes = ['mdadm', 'parted-native']
@@ -1707,8 +1708,8 @@ class DevtoolUpgradeTests(DevtoolBase):
         self.track_for_cleanup(tempdir)
         self.track_for_cleanup(tempdir_cfg)
         self.track_for_cleanup(self.workspacedir)
-        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         self.add_command_to_tearDown('bitbake -c clean %s' % kernel_provider)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         #Step 1
         #Here is just generated the config file instead of all the kernel to optimize the
         #time of executing this test case.

meta/lib/oeqa/selftest/cases/multiconfig.py

@@ -3,16 +3,16 @@
 #
 
 import os
+import textwrap
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import bitbake
-import oeqa.utils.ftools as ftools
 
 class MultiConfig(OESelftestTestCase):
 
     def test_multiconfig(self):
         """
-        Test that a simple multiconfig build works. This uses the mcextend class and the 
-        multiconfig-image-packager test recipe to build a core-image-full-cmdline image which 
+        Test that a simple multiconfig build works. This uses the mcextend class and the
+        multiconfig-image-packager test recipe to build a core-image-full-cmdline image which
         contains a tiny core-image-minimal and a musl core-image-minimal, installed as packages.
         """
 
@@ -28,20 +28,45 @@ DISTRO = "poky"
 TCLIBC = "musl"
 TMPDIR = "${TOPDIR}/tmp-mc-musl"
 """
+        self.write_config(muslconfig, 'musl')
 
         tinyconfig = """
 MACHINE = "qemux86"
 DISTRO = "poky-tiny"
 TMPDIR = "${TOPDIR}/tmp-mc-tiny"
 """
-
-        multiconfigdir = self.builddir + "/conf/multiconfig"
-        os.makedirs(multiconfigdir, exist_ok=True)
-        self.track_for_cleanup(multiconfigdir + "/musl.conf")
-        ftools.write_file(multiconfigdir + "/musl.conf", muslconfig)
-        self.track_for_cleanup(multiconfigdir + "/tiny.conf")
-        ftools.write_file(multiconfigdir + "/tiny.conf", tinyconfig)
+        self.write_config(tinyconfig, 'tiny')
 
         # Build a core-image-minimal
         bitbake('core-image-full-cmdline')
 
+    def test_multiconfig_reparse(self):
+        """
+        Test that changes to a multiconfig conf file are correctly detected and
+        cause a reparse/rebuild of a recipe.
+        """
+        config = textwrap.dedent('''\
+                MCTESTVAR = "test"
+                BBMULTICONFIG = "test"
+                ''')
+        self.write_config(config)
+
+        testconfig = textwrap.dedent('''\
+                MCTESTVAR_append = "1"
+                ''')
+        self.write_config(testconfig, 'test')
+
+        # Check that the 1) the task executed and 2) that it output the correct
+        # value. Note "bitbake -e" is not used because it always reparses the
+        # recipe and we want to ensure that the automatic reparsing and parse
+        # caching is detected.
+        result = bitbake('mc:test:multiconfig-test-parse -c showvar')
+        self.assertIn('MCTESTVAR=test1', result.output.splitlines())
+
+        testconfig = textwrap.dedent('''\
+                MCTESTVAR_append = "2"
+                ''')
+        self.write_config(testconfig, 'test')
+
+        result = bitbake('mc:test:multiconfig-test-parse -c showvar')
+        self.assertIn('MCTESTVAR=test2', result.output.splitlines())

meta/lib/oeqa/selftest/cases/reproducible.py

@@ -72,7 +72,7 @@ def compare_file(reference, test, diffutils_sysroot):
     return result
 
 class ReproducibleTests(OESelftestTestCase):
-    package_classes = ['deb']
+    package_classes = ['deb', 'ipk']
     images = ['core-image-minimal']
 
     def setUpLocal(self):

meta/lib/oeqa/selftest/cases/signing.py

@@ -180,6 +180,8 @@ class LockedSignatures(OESelftestTestCase):
         AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
         """
 
+        import uuid
+
         test_recipe = 'ed'
         locked_sigs_file = 'locked-sigs.inc'
 
@@ -197,9 +199,10 @@ class LockedSignatures(OESelftestTestCase):
         bitbake(test_recipe)
 
         # Make a change that should cause the locked task signature to change
+        # Use uuid so hash equivalance server isn't triggered
         recipe_append_file = test_recipe + '_' + get_bb_var('PV', test_recipe) + '.bbappend'
         recipe_append_path = os.path.join(self.testlayer_path, 'recipes-test', test_recipe, recipe_append_file)
-        feature = 'SUMMARY += "test locked signature"\n'
+        feature = 'SUMMARY_${PN} = "test locked signature%s"\n' % uuid.uuid4()
 
         os.mkdir(os.path.join(self.testlayer_path, 'recipes-test', test_recipe))
         write_file(recipe_append_path, feature)
@@ -210,7 +213,7 @@ class LockedSignatures(OESelftestTestCase):
         ret = bitbake(test_recipe)
 
         # Verify you get the warning and that the real task *isn't* run (i.e. the locked signature has worked)
-        patt = r'WARNING: The %s:do_package sig is computed to be \S+, but the sig is locked to \S+ in SIGGEN_LOCKEDSIGS\S+' % test_recipe
+        patt = r'The %s:do_package sig is computed to be \S+, but the sig is locked to \S+ in SIGGEN_LOCKEDSIGS\S+' % test_recipe
         found_warn = re.search(patt, ret.output)
 
         self.assertIsNotNone(found_warn, "Didn't find the expected warning message. Output: %s" % ret.output)

meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch

@@ -0,0 +1,69 @@
+From 39a759494f734c4cdc3e2b919671bfb3134b41ae Mon Sep 17 00:00:00 2001
+From: Paul Emge <paulemge@forallsecure.com>
+Date: Mon, 8 Jul 2019 16:37:03 -0700
+Subject: [PATCH 1/9] CVE-2019-13103: disk: stop infinite recursion in DOS
+ Partitions
+
+part_get_info_extended and print_partition_extended can recurse infinitely
+while parsing a self-referential filesystem or one with a silly number of
+extended partitions. This patch adds a limit to the number of recursive
+partitions.
+
+Signed-off-by: Paul Emge <paulemge@forallsecure.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=232e2f4fd9a24bf08215ddc8c53ccadffc841fb5]
+
+CVE: CVE-2019-13103
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ disk/part_dos.c | 18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+diff --git a/disk/part_dos.c b/disk/part_dos.c
+index 936cee0d36..aae9d95906 100644
+--- a/disk/part_dos.c
++++ b/disk/part_dos.c
+@@ -23,6 +23,10 @@
+ 
+ #define DOS_PART_DEFAULT_SECTOR 512
+ 
++/* should this be configurable? It looks like it's not very common at all
++ * to use large numbers of partitions */
++#define MAX_EXT_PARTS 256
++
+ /* Convert char[4] in little endian format to the host format integer
+  */
+ static inline unsigned int le32_to_int(unsigned char *le32)
+@@ -126,6 +130,13 @@ static void print_partition_extended(struct blk_desc *dev_desc,
+ 	dos_partition_t *pt;
+ 	int i;
+ 
++	/* set a maximum recursion level */
++	if (part_num > MAX_EXT_PARTS)
++	{
++		printf("** Nested DOS partitions detected, stopping **\n");
++		return;
++    }
++
+ 	if (blk_dread(dev_desc, ext_part_sector, 1, (ulong *)buffer) != 1) {
+ 		printf ("** Can't read partition table on %d:" LBAFU " **\n",
+ 			dev_desc->devnum, ext_part_sector);
+@@ -191,6 +202,13 @@ static int part_get_info_extended(struct blk_desc *dev_desc,
+ 	int i;
+ 	int dos_type;
+ 
++	/* set a maximum recursion level */
++	if (part_num > MAX_EXT_PARTS)
++	{
++		printf("** Nested DOS partitions detected, stopping **\n");
++		return -1;
++    }
++
+ 	if (blk_dread(dev_desc, ext_part_sector, 1, (ulong *)buffer) != 1) {
+ 		printf ("** Can't read partition table on %d:" LBAFU " **\n",
+ 			dev_desc->devnum, ext_part_sector);
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch

@@ -0,0 +1,49 @@
+From 1d36545e43003f4b1bb3a303a3b468abd482fa2f Mon Sep 17 00:00:00 2001
+From: Paul Emge <paulemge@forallsecure.com>
+Date: Mon, 8 Jul 2019 16:37:05 -0700
+Subject: [PATCH 2/9] CVE-2019-13104: ext4: check for underflow in
+ ext4fs_read_file
+
+in ext4fs_read_file, it is possible for a broken/malicious file
+system to cause a memcpy of a negative number of bytes, which
+overflows all memory. This patch fixes the issue by checking for
+a negative length.
+
+Signed-off-by: Paul Emge <paulemge@forallsecure.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=878269dbe74229005dd7f27aca66c554e31dad8e]
+
+CVE: CVE-2019-13104
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ fs/ext4/ext4fs.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c
+index 26db677a1f..c8c8655ed8 100644
+--- a/fs/ext4/ext4fs.c
++++ b/fs/ext4/ext4fs.c
+@@ -66,13 +66,15 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
+ 
+ 	ext_cache_init(&cache);
+ 
+-	if (blocksize <= 0)
+-		return -1;
+-
+ 	/* Adjust len so it we can't read past the end of the file. */
+ 	if (len + pos > filesize)
+ 		len = (filesize - pos);
+ 
++	if (blocksize <= 0 || len <= 0) {
++		ext_cache_fini(&cache);
++		return -1;
++	}
++
+ 	blockcnt = lldiv(((len + pos) + blocksize - 1), blocksize);
+ 
+ 	for (i = lldiv(pos, blocksize); i < blockcnt; i++) {
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch

@@ -0,0 +1,37 @@
+From 4e937d0de669ee69cf41c20494cbf66c339c3174 Mon Sep 17 00:00:00 2001
+From: Paul Emge <paulemge@forallsecure.com>
+Date: Mon, 8 Jul 2019 16:37:04 -0700
+Subject: [PATCH 3/9] CVE-2019-13105: ext4: fix double-free in ext4_cache_read
+
+ext_cache_read doesn't null cache->buf, after freeing, which results
+in a later function double-freeing it. This patch fixes
+ext_cache_read to call ext_cache_fini instead of free.
+
+Signed-off-by: Paul Emge <paulemge@forallsecure.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=6e5a79de658cb1c8012c86e0837379aa6eabd024]
+
+CVE: CVE-2019-13105
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ fs/ext4/ext4fs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c
+index c8c8655ed8..e2b740cac4 100644
+--- a/fs/ext4/ext4fs.c
++++ b/fs/ext4/ext4fs.c
+@@ -288,7 +288,7 @@ int ext_cache_read(struct ext_block_cache *cache, lbaint_t block, int size)
+ 	if (!cache->buf)
+ 		return 0;
+ 	if (!ext4fs_devread(block, 0, size, cache->buf)) {
+-		free(cache->buf);
++		ext_cache_fini(cache);
+ 		return 0;
+ 	}
+ 	cache->block = block;
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch

@@ -0,0 +1,56 @@
+From 1307dabf5422372483f840dda3963f9dbd2e8e6f Mon Sep 17 00:00:00 2001
+From: Paul Emge <paulemge@forallsecure.com>
+Date: Mon, 8 Jul 2019 16:37:07 -0700
+Subject: [PATCH 4/9] CVE-2019-13106: ext4: fix out-of-bounds memset
+
+In ext4fs_read_file in ext4fs.c, a memset can overwrite the bounds of
+the destination memory region. This patch adds a check to disallow
+this.
+
+Signed-off-by: Paul Emge <paulemge@forallsecure.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=e205896c5383c938274262524adceb2775fb03ba]
+
+CVE: CVE-2019-13106
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ fs/ext4/ext4fs.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c
+index e2b740cac4..37b31d9f0f 100644
+--- a/fs/ext4/ext4fs.c
++++ b/fs/ext4/ext4fs.c
+@@ -61,6 +61,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
+ 	lbaint_t delayed_skipfirst = 0;
+ 	lbaint_t delayed_next = 0;
+ 	char *delayed_buf = NULL;
++	char *start_buf = buf;
+ 	short status;
+ 	struct ext_block_cache cache;
+ 
+@@ -139,6 +140,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
+ 			}
+ 		} else {
+ 			int n;
++			int n_left;
+ 			if (previous_block_number != -1) {
+ 				/* spill */
+ 				status = ext4fs_devread(delayed_start,
+@@ -153,8 +155,9 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
+ 			}
+ 			/* Zero no more than `len' bytes. */
+ 			n = blocksize - skipfirst;
+-			if (n > len)
+-				n = len;
++			n_left = len - ( buf - start_buf );
++			if (n > n_left)
++				n = n_left;
+ 			memset(buf, 0, n);
+ 		}
+ 		buf += blocksize - skipfirst;
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch

@@ -0,0 +1,43 @@
+From e8e602f4a4b2aacfb3da32bb8a838be15ea70e7b Mon Sep 17 00:00:00 2001
+From: "liucheng (G)" <liucheng32@huawei.com>
+Date: Thu, 29 Aug 2019 13:47:33 +0000
+Subject: [PATCH 5/9] CVE: net: fix unbounded memcpy of UDP packet
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch adds a check to udp_len to fix unbounded memcpy for
+CVE-2019-14192, CVE-2019-14193 and CVE-2019-14199.
+
+Signed-off-by: Cheng Liu <liucheng32@huawei.com>
+Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
+Reported-by: Fermín Serna <fermin@semmle.com>
+Acked-by: Joe Hershberger <joe.hershberger@ni.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=fe7288069d2e6659117049f7d27e261b550bb725]
+
+CVE: CVE-2019-14192, CVE-2019-14193 and CVE-2019-14199
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ net/net.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/net/net.c b/net/net.c
+index 58b0417cbe..38105f1142 100644
+--- a/net/net.c
++++ b/net/net.c
+@@ -1252,6 +1252,9 @@ void net_process_received_packet(uchar *in_packet, int len)
+ 			return;
+ 		}
+ 
++		if (ntohs(ip->udp_len) < UDP_HDR_SIZE || ntohs(ip->udp_len) > ntohs(ip->ip_len))
++			return;
++
+ 		debug_cond(DEBUG_DEV_PKT,
+ 			   "received UDP (to=%pI4, from=%pI4, len=%d)\n",
+ 			   &dst_ip, &src_ip, len);
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch

@@ -0,0 +1,44 @@
+From 261658ddaf24bb35edd477cf09ec055569fd9894 Mon Sep 17 00:00:00 2001
+From: "liucheng (G)" <liucheng32@huawei.com>
+Date: Thu, 29 Aug 2019 13:47:40 +0000
+Subject: [PATCH 6/9] CVE: nfs: fix stack-based buffer overflow in some
+ nfs_handler reply helper functions
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197,
+CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204.
+
+Signed-off-by: Cheng Liu <liucheng32@huawei.com>
+Reported-by: Fermín Serna <fermin@semmle.com>
+Acked-by: Joe Hershberger <joe.hershberger@ni.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21]
+
+CVE: CVE-2019-14197, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202,
+     CVE-2019-14203 and CVE-2019-14204
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ net/nfs.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/net/nfs.c b/net/nfs.c
+index d6a7f8e827..b7cf3b3a18 100644
+--- a/net/nfs.c
++++ b/net/nfs.c
+@@ -732,6 +732,9 @@ static void nfs_handler(uchar *pkt, unsigned dest, struct in_addr sip,
+ 
+ 	debug("%s\n", __func__);
+ 
++	if (len > sizeof(struct rpc_t))
++		return;
++
+ 	if (dest != nfs_our_port)
+ 		return;
+ 
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch

@@ -0,0 +1,42 @@
+From fb6dc193bf2685b7574b218f7ca558aa54659e11 Mon Sep 17 00:00:00 2001
+From: "liucheng (G)" <liucheng32@huawei.com>
+Date: Thu, 29 Aug 2019 13:47:48 +0000
+Subject: [PATCH 7/9] CVE-2019-14194/CVE-2019-14198: nfs: fix unbounded memcpy
+ with a failed length check at nfs_read_reply
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch adds a check to rpc_pkt.u.reply.data at nfs_read_reply.
+
+Signed-off-by: Cheng Liu <liucheng32@huawei.com>
+Reported-by: Fermín Serna <fermin@semmle.com>
+Acked-by: Joe Hershberger <joe.hershberger@ni.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=aa207cf3a6d68f39d64cd29057a4fb63943e9078]
+
+CVE: CVE-2019-14194 and CVE-2019-14198
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ net/nfs.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/net/nfs.c b/net/nfs.c
+index b7cf3b3a18..11941fad1a 100644
+--- a/net/nfs.c
++++ b/net/nfs.c
+@@ -701,6 +701,9 @@ static int nfs_read_reply(uchar *pkt, unsigned len)
+ 			&(rpc_pkt.u.reply.data[4 + nfsv3_data_offset]);
+ 	}
+ 
++	if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + rlen) > len)
++			return -9999;
++
+ 	if (store_block(data_ptr, nfs_offset, rlen))
+ 			return -9999;
+ 
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch

@@ -0,0 +1,42 @@
+From 2236973b8a173ff54ae1ebf8ec2300928e69bd1b Mon Sep 17 00:00:00 2001
+From: "liucheng (G)" <liucheng32@huawei.com>
+Date: Thu, 29 Aug 2019 13:47:54 +0000
+Subject: [PATCH 8/9] CVE-2019-14195: nfs: fix unbounded memcpy with
+ unvalidated length at nfs_readlink_reply
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch adds a check to rpc_pkt.u.reply.data at nfs_readlink_reply.
+
+Signed-off-by: Cheng Liu <liucheng32@huawei.com>
+Reported-by: Fermín Serna <fermin@semmle.com>
+Acked-by: Joe Hershberger <joe.hershberger@ni.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=cf3a4f1e86ecdd24f87b615051b49d8e1968c230]
+
+CVE: CVE-2019-14195
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ net/nfs.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/net/nfs.c b/net/nfs.c
+index 11941fad1a..915acd95cf 100644
+--- a/net/nfs.c
++++ b/net/nfs.c
+@@ -634,6 +634,9 @@ static int nfs_readlink_reply(uchar *pkt, unsigned len)
+ 	/* new path length */
+ 	rlen = ntohl(rpc_pkt.u.reply.data[1 + nfsv3_data_offset]);
+ 
++	if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + rlen) > len)
++		return -NFS_RPC_DROP;
++
+ 	if (*((char *)&(rpc_pkt.u.reply.data[2 + nfsv3_data_offset])) != '/') {
+ 		int pathlen;
+ 
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch

@@ -0,0 +1,48 @@
+From 74c468caa95c86cdb12c4b8073e154c435ac0bf7 Mon Sep 17 00:00:00 2001
+From: "liucheng (G)" <liucheng32@huawei.com>
+Date: Thu, 29 Aug 2019 13:48:02 +0000
+Subject: [PATCH 9/9] CVE-2019-14196: nfs: fix unbounded memcpy with a failed
+ length check at nfs_lookup_reply
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch adds a check to rpc_pkt.u.reply.data at nfs_lookup_reply.
+
+Signed-off-by: Cheng Liu <liucheng32@huawei.com>
+Reported-by: Fermín Serna <fermin@semmle.com>
+Acked-by: Joe Hershberger <joe.hershberger@ni.com>
+
+Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
+                 h=5d14ee4e53a81055d34ba280cb8fd90330f22a96]
+
+CVE: CVE-2019-14196
+
+Signed-off-by: Meng Li <Meng.Li@windriver.com>
+---
+ net/nfs.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/net/nfs.c b/net/nfs.c
+index 915acd95cf..89952aeb66 100644
+--- a/net/nfs.c
++++ b/net/nfs.c
+@@ -566,11 +566,15 @@ static int nfs_lookup_reply(uchar *pkt, unsigned len)
+ 	}
+ 
+ 	if (supported_nfs_versions & NFSV2_FLAG) {
++		if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + NFS_FHSIZE) > len)
++			return -NFS_RPC_DROP;
+ 		memcpy(filefh, rpc_pkt.u.reply.data + 1, NFS_FHSIZE);
+ 	} else {  /* NFSV3_FLAG */
+ 		filefh3_length = ntohl(rpc_pkt.u.reply.data[1]);
+ 		if (filefh3_length > NFS3_FHSIZE)
+ 			filefh3_length  = NFS3_FHSIZE;
++		if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + filefh3_length) > len)
++			return -NFS_RPC_DROP;
+ 		memcpy(filefh, rpc_pkt.u.reply.data + 2, filefh3_length);
+ 	}
+ 
+-- 
+2.17.1
+

meta/recipes-bsp/u-boot/u-boot-common.inc

@@ -14,6 +14,16 @@ PE = "1"
 # repo during parse
 SRCREV = "e5aee22e4be75e75a854ab64503fc80598bc2004"
 
-SRC_URI = "git://git.denx.de/u-boot.git"
+SRC_URI = "git://git.denx.de/u-boot.git \
+           file://0001-CVE-2019-13103.patch \
+           file://0002-CVE-2019-13104.patch \
+           file://0003-CVE-2019-13105.patch \
+           file://0004-CVE-2019-13106.patch \
+           file://0005-CVE-2019-14192-14193-14199.patch \
+           file://0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch \
+           file://0007-CVE-2019-14194-14198.patch \
+           file://0008-CVE-2019-14195.patch \
+           file://0009-CVE-2019-14196.patch \
+"
 
 S = "${WORKDIR}/git"

meta/recipes-connectivity/bluez5/bluez5/CVE-2018-10910.patch

@@ -1,3 +1,8 @@
+From 977321f2c7f974ea68a3d90df296c66189a3f254 Mon Sep 17 00:00:00 2001
+From: Lei Maohui <leimaohui@cn.fujitsu.com>
+Date: Fri, 21 Jun 2019 17:57:35 +0900
+Subject: [PATCH] CVE-2018-10910
+
 A bug in Bluez may allow for the Bluetooth Discoverable state being set to on
 when no Bluetooth agent is registered with the system. This situation could
 lead to the unauthorized pairing of certain Bluetooth devices without any
@@ -21,14 +26,24 @@ DiscoverableTimeout property:
 [bluetooth]# discoverable-timeout 180
 Changing discoverable-timeout 180 succeeded
 ---
- client/main.c | 43 +++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 43 insertions(+)
+ client/main.c       |  82 +++++++++++++++++++++++++++++++++-
+ doc/adapter-api.txt |   6 +++
+ src/adapter.c       | 125 ++++++++++++++++++++++++++++++++++++++++++++++------
+ 3 files changed, 198 insertions(+), 15 deletions(-)
 
 diff --git a/client/main.c b/client/main.c
-index 87323d8f7..59820c6d9 100644
+index 87323d8..1a66a3a 100644
 --- a/client/main.c
 +++ b/client/main.c
-@@ -1061,6 +1061,47 @@ static void cmd_discoverable(int argc, char *argv[])
+@@ -877,6 +877,7 @@ static void cmd_show(int argc, char *argv[])
+ 	print_property(proxy, "Class");
+ 	print_property(proxy, "Powered");
+ 	print_property(proxy, "Discoverable");
++	print_property(proxy, "DiscoverableTimeout");
+ 	print_property(proxy, "Pairable");
+ 	print_uuids(proxy);
+ 	print_property(proxy, "Modalias");
+@@ -1061,6 +1062,47 @@ static void cmd_discoverable(int argc, char *argv[])
  	return bt_shell_noninteractive_quit(EXIT_FAILURE);
  }
  
@@ -76,7 +91,87 @@ index 87323d8f7..59820c6d9 100644
  static void cmd_agent(int argc, char *argv[])
  {
  	dbus_bool_t enable;
-@@ -2549,6 +2590,8 @@ static const struct bt_shell_menu main_menu = {
+@@ -1124,6 +1166,7 @@ static struct set_discovery_filter_args {
+ 	char **uuids;
+ 	size_t uuids_len;
+ 	dbus_bool_t duplicate;
++	dbus_bool_t discoverable;
+ 	bool set;
+ } filter = {
+ 	.rssi = DISTANCE_VAL_INVALID,
+@@ -1163,6 +1206,11 @@ static void set_discovery_filter_setup(DBusMessageIter *iter, void *user_data)
+ 						DBUS_TYPE_BOOLEAN,
+ 						&args->duplicate);
+ 
++	if (args->discoverable)
++		g_dbus_dict_append_entry(&dict, "Discoverable",
++						DBUS_TYPE_BOOLEAN,
++						&args->discoverable);
++
+ 	dbus_message_iter_close_container(iter, &dict);
+ }
+ 
+@@ -1320,6 +1368,26 @@ static void cmd_scan_filter_duplicate_data(int argc, char *argv[])
+ 	filter.set = false;
+ }
+ 
++static void cmd_scan_filter_discoverable(int argc, char *argv[])
++{
++	if (argc < 2 || !strlen(argv[1])) {
++		bt_shell_printf("Discoverable: %s\n",
++				filter.discoverable ? "on" : "off");
++		return bt_shell_noninteractive_quit(EXIT_SUCCESS);
++	}
++
++	if (!strcmp(argv[1], "on"))
++		filter.discoverable = true;
++	else if (!strcmp(argv[1], "off"))
++		filter.discoverable = false;
++	else {
++		bt_shell_printf("Invalid option: %s\n", argv[1]);
++		return bt_shell_noninteractive_quit(EXIT_FAILURE);
++	}
++
++	filter.set = false;
++}
++
+ static void filter_clear_uuids(void)
+ {
+ 	g_strfreev(filter.uuids);
+@@ -1348,6 +1416,11 @@ static void filter_clear_duplicate(void)
+ 	filter.duplicate = false;
+ }
+ 
++static void filter_clear_discoverable(void)
++{
++	filter.discoverable = false;
++}
++
+ struct clear_entry {
+ 	const char *name;
+ 	void (*clear) (void);
+@@ -1359,6 +1432,7 @@ static const struct clear_entry filter_clear[] = {
+ 	{ "pathloss", filter_clear_pathloss },
+ 	{ "transport", filter_clear_transport },
+ 	{ "duplicate-data", filter_clear_duplicate },
++	{ "discoverable", filter_clear_discoverable },
+ 	{}
+ };
+ 
+@@ -2468,7 +2542,11 @@ static const struct bt_shell_menu scan_menu = {
+ 	{ "duplicate-data", "[on/off]", cmd_scan_filter_duplicate_data,
+ 				"Set/Get duplicate data filter",
+ 				NULL },
+-	{ "clear", "[uuids/rssi/pathloss/transport/duplicate-data]",
++	{ "discoverable", "[on/off]", cmd_scan_filter_discoverable,
++				"Set/Get discoverable filter",
++				NULL },
++	{ "clear",
++		"[uuids/rssi/pathloss/transport/duplicate-data/discoverable]",
+ 				cmd_scan_filter_clear,
+ 				"Clears discovery filter.",
+ 				filter_clear_generator },
+@@ -2549,6 +2627,8 @@ static const struct bt_shell_menu main_menu = {
  	{ "discoverable", "<on/off>", cmd_discoverable,
  					"Set controller discoverable mode",
  							NULL },
@@ -85,74 +180,36 @@ index 87323d8f7..59820c6d9 100644
  	{ "agent",        "<on/off/capability>", cmd_agent,
  				"Enable/disable agent with given capability",
  							capability_generator},
--- 
-2.17.1
-
-Subject:    [PATCH BlueZ 2/4] client: Make show command print DiscoverableTimeout
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-25 10:20:33
-Message-ID: 20180725102035.19439-2-luiz.dentz () gmail ! com
-[Download RAW message or body]
-
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-Controller XX:XX:XX:XX:XX:XX (public)
-	Name: Vudentz's T460s
-	Alias: Intel-1
-	Class: 0x004c010c
-	Powered: yes
-	Discoverable: no
-	DiscoverableTimeout: 0x00000000
-	Pairable: yes
-	UUID: Headset AG                (00001112-0000-1000-8000-00805f9b34fb)
-	UUID: Generic Attribute Profile (00001801-0000-1000-8000-00805f9b34fb)
-	UUID: A/V Remote Control        (0000110e-0000-1000-8000-00805f9b34fb)
-	UUID: SIM Access                (0000112d-0000-1000-8000-00805f9b34fb)
-	UUID: Generic Access Profile    (00001800-0000-1000-8000-00805f9b34fb)
-	UUID: PnP Information           (00001200-0000-1000-8000-00805f9b34fb)
-	UUID: A/V Remote Control Target (0000110c-0000-1000-8000-00805f9b34fb)
-	UUID: Audio Source              (0000110a-0000-1000-8000-00805f9b34fb)
-	UUID: Audio Sink                (0000110b-0000-1000-8000-00805f9b34fb)
-	UUID: Headset                   (00001108-0000-1000-8000-00805f9b34fb)
-	Modalias: usb:v1D6Bp0246d0532
-	Discovering: no
----
- client/main.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/client/main.c b/client/main.c
-index 59820c6d9..6f472d050 100644
---- a/client/main.c
-+++ b/client/main.c
-@@ -877,6 +877,7 @@ static void cmd_show(int argc, char *argv[])
- 	print_property(proxy, "Class");
- 	print_property(proxy, "Powered");
- 	print_property(proxy, "Discoverable");
-+	print_property(proxy, "DiscoverableTimeout");
- 	print_property(proxy, "Pairable");
- 	print_uuids(proxy);
- 	print_property(proxy, "Modalias");
--- 
-2.17.1
-Subject:    [PATCH BlueZ 3/4] adapter: Track pending settings
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-25 10:20:34
-Message-ID: 20180725102035.19439-3-luiz.dentz () gmail ! com
-[Download RAW message or body]
-
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-This tracks settings being changed and in case the settings is already
-pending considered it to be done.
----
- src/adapter.c | 30 ++++++++++++++++++++++++++++--
- 1 file changed, 28 insertions(+), 2 deletions(-)
-
+diff --git a/doc/adapter-api.txt b/doc/adapter-api.txt
+index d14d0ca..4791af2 100644
+--- a/doc/adapter-api.txt
++++ b/doc/adapter-api.txt
+@@ -113,6 +113,12 @@ Methods		void StartDiscovery()
+ 				generated for either ManufacturerData and
+ 				ServiceData everytime they are discovered.
+ 
++			bool Discoverable (Default: false)
++
++				Make adapter discoverable while discovering,
++				if the adapter is already discoverable this
++				setting this filter won't do anything.
++
+ 			When discovery filter is set, Device objects will be
+ 			created as new devices with matching criteria are
+ 			discovered regardless of they are connectable or
 diff --git a/src/adapter.c b/src/adapter.c
-index af340fd6e..20c20f9e9 100644
+index af340fd..822bd34 100644
 --- a/src/adapter.c
 +++ b/src/adapter.c
-@@ -196,6 +196,7 @@ struct btd_adapter {
+@@ -157,6 +157,7 @@ struct discovery_filter {
+ 	int16_t rssi;
+ 	GSList *uuids;
+ 	bool duplicate;
++	bool discoverable;
+ };
+ 
+ struct watch_client {
+@@ -196,6 +197,7 @@ struct btd_adapter {
  	char *name;			/* controller device name */
  	char *short_name;		/* controller short name */
  	uint32_t supported_settings;	/* controller supported settings */
@@ -160,7 +217,15 @@ index af340fd6e..20c20f9e9 100644
  	uint32_t current_settings;	/* current controller settings */
  
  	char *path;			/* adapter object path */
-@@ -509,8 +510,10 @@ static void settings_changed(struct btd_adapter *adapter, uint32_t settings)
+@@ -213,6 +215,7 @@ struct btd_adapter {
+ 
+ 	bool discovering;		/* discovering property state */
+ 	bool filtered_discovery;	/* we are doing filtered discovery */
++	bool filtered_discoverable;	/* we are doing filtered discovery */
+ 	bool no_scan_restart_delay;	/* when this flag is set, restart scan
+ 					 * without delay */
+ 	uint8_t discovery_type;		/* current active discovery type */
+@@ -509,8 +512,10 @@ static void settings_changed(struct btd_adapter *adapter, uint32_t settings)
  	changed_mask = adapter->current_settings ^ settings;
  
  	adapter->current_settings = settings;
@@ -171,7 +236,7 @@ index af340fd6e..20c20f9e9 100644
  
  	if (changed_mask & MGMT_SETTING_POWERED) {
  	        g_dbus_emit_property_changed(dbus_conn, adapter->path,
-@@ -596,10 +599,31 @@ static bool set_mode(struct btd_adapter *adapter, uint16_t opcode,
+@@ -596,10 +601,31 @@ static bool set_mode(struct btd_adapter *adapter, uint16_t opcode,
  							uint8_t mode)
  {
  	struct mgmt_mode cp;
@@ -203,7 +268,184 @@ index af340fd6e..20c20f9e9 100644
  	DBG("sending set mode command for index %u", adapter->dev_id);
  
  	if (mgmt_send(adapter->mgmt, opcode,
-@@ -2739,13 +2763,15 @@ static void property_set_mode(struct btd_adapter *adapter, uint32_t setting,
+@@ -1818,7 +1844,17 @@ static void discovery_free(void *user_data)
+ 	g_free(client);
+ }
+ 
+-static void discovery_remove(struct watch_client *client)
++static bool set_filtered_discoverable(struct btd_adapter *adapter, bool enable)
++{
++	if (adapter->filtered_discoverable == enable)
++		return true;
++
++	adapter->filtered_discoverable = enable;
++
++	return set_discoverable(adapter, enable, 0);
++}
++
++static void discovery_remove(struct watch_client *client, bool exit)
+ {
+ 	struct btd_adapter *adapter = client->adapter;
+ 
+@@ -1830,7 +1866,27 @@ static void discovery_remove(struct watch_client *client)
+ 	adapter->discovery_list = g_slist_remove(adapter->discovery_list,
+ 								client);
+ 
+-	discovery_free(client);
++	if (adapter->filtered_discoverable &&
++			client->discovery_filter->discoverable) {
++		GSList *l;
++
++		for (l = adapter->discovery_list; l; l = g_slist_next(l)) {
++			struct watch_client *client = l->data;
++
++			if (client->discovery_filter->discoverable)
++				break;
++		}
++
++		/* Disable filtered discoverable if there are no clients */
++		if (!l)
++			set_filtered_discoverable(adapter, false);
++	}
++
++	if (!exit && client->discovery_filter)
++		adapter->set_filter_list = g_slist_prepend(
++					adapter->set_filter_list, client);
++	else
++		discovery_free(client);
+ 
+ 	/*
+ 	 * If there are other client discoveries in progress, then leave
+@@ -1859,8 +1915,11 @@ static void stop_discovery_complete(uint8_t status, uint16_t length,
+ 		goto done;
+ 	}
+ 
+-	if (client->msg)
++	if (client->msg) {
+ 		g_dbus_send_reply(dbus_conn, client->msg, DBUS_TYPE_INVALID);
++		dbus_message_unref(client->msg);
++		client->msg = NULL;
++	}
+ 
+ 	adapter->discovery_type = 0x00;
+ 	adapter->discovery_enable = 0x00;
+@@ -1873,7 +1932,7 @@ static void stop_discovery_complete(uint8_t status, uint16_t length,
+ 	trigger_passive_scanning(adapter);
+ 
+ done:
+-	discovery_remove(client);
++	discovery_remove(client, false);
+ }
+ 
+ static int compare_sender(gconstpointer a, gconstpointer b)
+@@ -2094,14 +2153,14 @@ static int update_discovery_filter(struct btd_adapter *adapter)
+ 	return -EINPROGRESS;
+ }
+ 
+-static int discovery_stop(struct watch_client *client)
++static int discovery_stop(struct watch_client *client, bool exit)
+ {
+ 	struct btd_adapter *adapter = client->adapter;
+ 	struct mgmt_cp_stop_discovery cp;
+ 
+ 	/* Check if there are more client discovering */
+ 	if (g_slist_next(adapter->discovery_list)) {
+-		discovery_remove(client);
++		discovery_remove(client, exit);
+ 		update_discovery_filter(adapter);
+ 		return 0;
+ 	}
+@@ -2111,7 +2170,7 @@ static int discovery_stop(struct watch_client *client)
+ 	 * and so it is enough to send out the signal and just return.
+ 	 */
+ 	if (adapter->discovery_enable == 0x00) {
+-		discovery_remove(client);
++		discovery_remove(client, exit);
+ 		adapter->discovering = false;
+ 		g_dbus_emit_property_changed(dbus_conn, adapter->path,
+ 					ADAPTER_INTERFACE, "Discovering");
+@@ -2136,7 +2195,7 @@ static void discovery_disconnect(DBusConnection *conn, void *user_data)
+ 
+ 	DBG("owner %s", client->owner);
+ 
+-	discovery_stop(client);
++	discovery_stop(client, true);
+ }
+ 
+ /*
+@@ -2200,6 +2259,15 @@ static DBusMessage *start_discovery(DBusConnection *conn,
+ 					     adapter->set_filter_list, client);
+ 		adapter->discovery_list = g_slist_prepend(
+ 					      adapter->discovery_list, client);
++
++		/* Reset discoverable filter if already set */
++		if (adapter->current_settings & MGMT_OP_SET_DISCOVERABLE)
++			goto done;
++
++		/* Set discoverable if filter requires and it*/
++		if (client->discovery_filter->discoverable)
++			set_filtered_discoverable(adapter, true);
++
+ 		goto done;
+ 	}
+ 
+@@ -2324,6 +2392,17 @@ static bool parse_duplicate_data(DBusMessageIter *value,
+ 	return true;
+ }
+ 
++static bool parse_discoverable(DBusMessageIter *value,
++					struct discovery_filter *filter)
++{
++	if (dbus_message_iter_get_arg_type(value) != DBUS_TYPE_BOOLEAN)
++		return false;
++
++	dbus_message_iter_get_basic(value, &filter->discoverable);
++
++	return true;
++}
++
+ struct filter_parser {
+ 	const char *name;
+ 	bool (*func)(DBusMessageIter *iter, struct discovery_filter *filter);
+@@ -2333,6 +2412,7 @@ struct filter_parser {
+ 	{ "Pathloss", parse_pathloss },
+ 	{ "Transport", parse_transport },
+ 	{ "DuplicateData", parse_duplicate_data },
++	{ "Discoverable", parse_discoverable },
+ 	{ }
+ };
+ 
+@@ -2372,6 +2452,7 @@ static bool parse_discovery_filter_dict(struct btd_adapter *adapter,
+ 	(*filter)->rssi = DISTANCE_VAL_INVALID;
+ 	(*filter)->type = get_scan_type(adapter);
+ 	(*filter)->duplicate = false;
++	(*filter)->discoverable = false;
+ 
+ 	dbus_message_iter_init(msg, &iter);
+ 	if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY ||
+@@ -2417,8 +2498,10 @@ static bool parse_discovery_filter_dict(struct btd_adapter *adapter,
+ 		goto invalid_args;
+ 
+ 	DBG("filtered discovery params: transport: %d rssi: %d pathloss: %d "
+-		" duplicate data: %s ", (*filter)->type, (*filter)->rssi,
+-		(*filter)->pathloss, (*filter)->duplicate ? "true" : "false");
++		" duplicate data: %s discoverable %s", (*filter)->type,
++		(*filter)->rssi, (*filter)->pathloss,
++		(*filter)->duplicate ? "true" : "false",
++		(*filter)->discoverable ? "true" : "false");
+ 
+ 	return true;
+ 
+@@ -2510,7 +2593,7 @@ static DBusMessage *stop_discovery(DBusConnection *conn,
+ 	if (client->msg)
+ 		return btd_error_busy(msg);
+ 
+-	err = discovery_stop(client);
++	err = discovery_stop(client, false);
+ 	switch (err) {
+ 	case 0:
+ 		return dbus_message_new_method_return(msg);
+@@ -2739,13 +2822,15 @@ static void property_set_mode(struct btd_adapter *adapter, uint32_t setting,
  	else
  		current_enable = FALSE;
  
@@ -220,7 +462,7 @@ index af340fd6e..20c20f9e9 100644
  	switch (setting) {
  	case MGMT_SETTING_POWERED:
  		opcode = MGMT_OP_SET_POWERED;
-@@ -2798,7 +2824,7 @@ static void property_set_mode(struct btd_adapter *adapter, uint32_t setting,
+@@ -2798,7 +2883,7 @@ static void property_set_mode(struct btd_adapter *adapter, uint32_t setting,
  	data->id = id;
  
  	if (mgmt_send(adapter->mgmt, opcode, adapter->dev_id, len, param,
@@ -229,29 +471,7 @@ index af340fd6e..20c20f9e9 100644
  		return;
  
  	g_free(data);
--- 
-2.17.1
-Subject:    [PATCH BlueZ 4/4] adapter: Check pending when setting DiscoverableTimeout
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-25 10:20:35
-Message-ID: 20180725102035.19439-4-luiz.dentz () gmail ! com
-[Download RAW message or body]
-
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-This makes DiscoverableTimeout check if discoverable is already pending
-and don't attempt to set it once again which may cause discoverable to
-be re-enabled when in fact the application just want to set the timeout
-alone.
----
- src/adapter.c | 14 +++++++++++++-
- 1 file changed, 13 insertions(+), 1 deletion(-)
-
-diff --git a/src/adapter.c b/src/adapter.c
-index 20c20f9e9..f92c897c7 100644
---- a/src/adapter.c
-+++ b/src/adapter.c
-@@ -2901,6 +2901,7 @@ static void property_set_discoverable_timeout(
+@@ -2875,6 +2960,7 @@ static void property_set_discoverable_timeout(
  				GDBusPendingPropertySet id, void *user_data)
  {
  	struct btd_adapter *adapter = user_data;
@@ -259,7 +479,7 @@ index 20c20f9e9..f92c897c7 100644
  	dbus_uint32_t value;
  
  	dbus_message_iter_get_basic(iter, &value);
-@@ -2914,8 +2915,19 @@ static void property_set_discoverable_timeout(
+@@ -2888,8 +2974,19 @@ static void property_set_discoverable_timeout(
  	g_dbus_emit_property_changed(dbus_conn, adapter->path,
  				ADAPTER_INTERFACE, "DiscoverableTimeout");
  
@@ -281,425 +501,5 @@ index 20c20f9e9..f92c897c7 100644
  }
  
 -- 
-2.17.1
-Subject:    [PATCH BlueZ 1/5] doc/adapter-api: Add Discoverable option to SetDiscoveryFilter
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-26 14:17:19
-Message-ID: 20180726141723.20199-1-luiz.dentz () gmail ! com
-[Download RAW message or body]
+2.7.4
 
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-This enables the client to set its discoverable setting while
-discovering which is very typical situation as usually the setings
-application would allow incoming pairing request while scanning, so
-this would reduce the number of calls setting Discoverable and
-DiscoverableTimeout and restoring after done with discovery.
----
- doc/adapter-api.txt | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/doc/adapter-api.txt b/doc/adapter-api.txt
-index d14d0ca50..4791af2c7 100644
---- a/doc/adapter-api.txt
-+++ b/doc/adapter-api.txt
-@@ -113,6 +113,12 @@ Methods		void StartDiscovery()
- 				generated for either ManufacturerData and
- 				ServiceData everytime they are discovered.
- 
-+			bool Discoverable (Default: false)
-+
-+				Make adapter discoverable while discovering,
-+				if the adapter is already discoverable this
-+				setting this filter won't do anything.
-+
- 			When discovery filter is set, Device objects will be
- 			created as new devices with matching criteria are
- 			discovered regardless of they are connectable or
--- 
-2.17.1
-Subject:    [PATCH BlueZ 2/5] adapter: Discovery filter discoverable
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-26 14:17:20
-Message-ID: 20180726141723.20199-2-luiz.dentz () gmail ! com
-[Download RAW message or body]
-
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-This implements the discovery filter discoverable and tracks which
-clients had enabled it and restores the settings when the last client
-enabling it exits.
----
- src/adapter.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++++--
- 1 file changed, 54 insertions(+), 2 deletions(-)
-
-diff --git a/src/adapter.c b/src/adapter.c
-index f92c897c7..bd9edddc6 100644
---- a/src/adapter.c
-+++ b/src/adapter.c
-@@ -157,6 +157,7 @@ struct discovery_filter {
- 	int16_t rssi;
- 	GSList *uuids;
- 	bool duplicate;
-+	bool discoverable;
- };
- 
- struct watch_client {
-@@ -214,6 +215,7 @@ struct btd_adapter {
- 
- 	bool discovering;		/* discovering property state */
- 	bool filtered_discovery;	/* we are doing filtered discovery */
-+	bool filtered_discoverable;	/* we are doing filtered discovery */
- 	bool no_scan_restart_delay;	/* when this flag is set, restart scan
- 					 * without delay */
- 	uint8_t discovery_type;		/* current active discovery type */
-@@ -1842,6 +1844,16 @@ static void discovery_free(void *user_data)
- 	g_free(client);
- }
- 
-+static bool set_filtered_discoverable(struct btd_adapter *adapter, bool enable)
-+{
-+	if (adapter->filtered_discoverable == enable)
-+		return true;
-+
-+	adapter->filtered_discoverable = enable;
-+
-+	return set_discoverable(adapter, enable, 0);
-+}
-+
- static void discovery_remove(struct watch_client *client)
- {
- 	struct btd_adapter *adapter = client->adapter;
-@@ -1854,6 +1866,22 @@ static void discovery_remove(struct watch_client *client)
- 	adapter->discovery_list = g_slist_remove(adapter->discovery_list,
- 								client);
- 
-+	if (adapter->filtered_discoverable &&
-+			client->discovery_filter->discoverable) {
-+		GSList *l;
-+
-+		for (l = adapter->discovery_list; l; l = g_slist_next(l)) {
-+			struct watch_client *client = l->data;
-+
-+			if (client->discovery_filter->discoverable)
-+				break;
-+		}
-+
-+		/* Disable filtered discoverable if there are no clients */
-+		if (!l)
-+			set_filtered_discoverable(adapter, false);
-+	}
-+
- 	discovery_free(client);
- 
- 	/*
-@@ -2224,6 +2252,15 @@ static DBusMessage *start_discovery(DBusConnection *conn,
- 					     adapter->set_filter_list, client);
- 		adapter->discovery_list = g_slist_prepend(
- 					      adapter->discovery_list, client);
-+
-+		/* Reset discoverable filter if already set */
-+		if (adapter->current_settings & MGMT_OP_SET_DISCOVERABLE)
-+			goto done;
-+
-+		/* Set discoverable if filter requires and it*/
-+		if (client->discovery_filter->discoverable)
-+			set_filtered_discoverable(adapter, true);
-+
- 		goto done;
- 	}
- 
-@@ -2348,6 +2385,17 @@ static bool parse_duplicate_data(DBusMessageIter *value,
- 	return true;
- }
- 
-+static bool parse_discoverable(DBusMessageIter *value,
-+					struct discovery_filter *filter)
-+{
-+	if (dbus_message_iter_get_arg_type(value) != DBUS_TYPE_BOOLEAN)
-+		return false;
-+
-+	dbus_message_iter_get_basic(value, &filter->discoverable);
-+
-+	return true;
-+}
-+
- struct filter_parser {
- 	const char *name;
- 	bool (*func)(DBusMessageIter *iter, struct discovery_filter *filter);
-@@ -2357,6 +2405,7 @@ struct filter_parser {
- 	{ "Pathloss", parse_pathloss },
- 	{ "Transport", parse_transport },
- 	{ "DuplicateData", parse_duplicate_data },
-+	{ "Discoverable", parse_discoverable },
- 	{ }
- };
- 
-@@ -2396,6 +2445,7 @@ static bool parse_discovery_filter_dict(struct btd_adapter *adapter,
- 	(*filter)->rssi = DISTANCE_VAL_INVALID;
- 	(*filter)->type = get_scan_type(adapter);
- 	(*filter)->duplicate = false;
-+	(*filter)->discoverable = false;
- 
- 	dbus_message_iter_init(msg, &iter);
- 	if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY ||
-@@ -2441,8 +2491,10 @@ static bool parse_discovery_filter_dict(struct btd_adapter *adapter,
- 		goto invalid_args;
- 
- 	DBG("filtered discovery params: transport: %d rssi: %d pathloss: %d "
--		" duplicate data: %s ", (*filter)->type, (*filter)->rssi,
--		(*filter)->pathloss, (*filter)->duplicate ? "true" : "false");
-+		" duplicate data: %s discoverable %s", (*filter)->type,
-+		(*filter)->rssi, (*filter)->pathloss,
-+		(*filter)->duplicate ? "true" : "false",
-+		(*filter)->discoverable ? "true" : "false");
- 
- 	return true;
- 
--- 
-2.17.1
-Subject:    [PATCH BlueZ 3/5] client: Add scan.discoverable command
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-26 14:17:21
-Message-ID: 20180726141723.20199-3-luiz.dentz () gmail ! com
-[Download RAW message or body]
-
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-This adds discoverable command to scan menu which can be used to set
-if adapter should become discoverable while scanning:
-
-[bluetooth]# scan.discoverable on
-[bluetooth]# scan on
-SetDiscoveryFilter success
-[CHG] Controller XX:XX:XX:XX:XX:XX Discoverable: yes
-Discovery started
-[CHG] Controller XX:XX:XX:XX:XX:XX Discovering: yes
-[bluetooth]# scan off
-Discovery stopped
-[CHG] Controller XX:XX:XX:XX:XX:XX Discoverable: no
----
- client/main.c | 29 +++++++++++++++++++++++++++++
- 1 file changed, 29 insertions(+)
-
-diff --git a/client/main.c b/client/main.c
-index 6f472d050..6e6f6d2fb 100644
---- a/client/main.c
-+++ b/client/main.c
-@@ -1166,6 +1166,7 @@ static struct set_discovery_filter_args {
- 	char **uuids;
- 	size_t uuids_len;
- 	dbus_bool_t duplicate;
-+	dbus_bool_t discoverable;
- 	bool set;
- } filter = {
- 	.rssi = DISTANCE_VAL_INVALID,
-@@ -1205,6 +1206,11 @@ static void set_discovery_filter_setup(DBusMessageIter *iter, void *user_data)
- 						DBUS_TYPE_BOOLEAN,
- 						&args->duplicate);
- 
-+	if (args->discoverable)
-+		g_dbus_dict_append_entry(&dict, "Discoverable",
-+						DBUS_TYPE_BOOLEAN,
-+						&args->discoverable);
-+
- 	dbus_message_iter_close_container(iter, &dict);
- }
- 
-@@ -1362,6 +1368,26 @@ static void cmd_scan_filter_duplicate_data(int argc, char *argv[])
- 	filter.set = false;
- }
- 
-+static void cmd_scan_filter_discoverable(int argc, char *argv[])
-+{
-+	if (argc < 2 || !strlen(argv[1])) {
-+		bt_shell_printf("Discoverable: %s\n",
-+				filter.discoverable ? "on" : "off");
-+		return bt_shell_noninteractive_quit(EXIT_SUCCESS);
-+	}
-+
-+	if (!strcmp(argv[1], "on"))
-+		filter.discoverable = true;
-+	else if (!strcmp(argv[1], "off"))
-+		filter.discoverable = false;
-+	else {
-+		bt_shell_printf("Invalid option: %s\n", argv[1]);
-+		return bt_shell_noninteractive_quit(EXIT_FAILURE);
-+	}
-+
-+	filter.set = false;
-+}
-+
- static void filter_clear_uuids(void)
- {
- 	g_strfreev(filter.uuids);
-@@ -2510,6 +2536,9 @@ static const struct bt_shell_menu scan_menu = {
- 	{ "duplicate-data", "[on/off]", cmd_scan_filter_duplicate_data,
- 				"Set/Get duplicate data filter",
- 				NULL },
-+	{ "discoverable", "[on/off]", cmd_scan_filter_discoverable,
-+				"Set/Get discoverable filter",
-+				NULL },
- 	{ "clear", "[uuids/rssi/pathloss/transport/duplicate-data]",
- 				cmd_scan_filter_clear,
- 				"Clears discovery filter.",
--- 
-2.17.1
-Subject:    [PATCH BlueZ 4/5] client: Add scan.clear discoverable
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-26 14:17:22
-Message-ID: 20180726141723.20199-4-luiz.dentz () gmail ! com
-[Download RAW message or body]
-
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-This implements scan.clear for discoverable filter.
----
- client/main.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/client/main.c b/client/main.c
-index 6e6f6d2fb..1a66a3ab4 100644
---- a/client/main.c
-+++ b/client/main.c
-@@ -1416,6 +1416,11 @@ static void filter_clear_duplicate(void)
- 	filter.duplicate = false;
- }
- 
-+static void filter_clear_discoverable(void)
-+{
-+	filter.discoverable = false;
-+}
-+
- struct clear_entry {
- 	const char *name;
- 	void (*clear) (void);
-@@ -1427,6 +1432,7 @@ static const struct clear_entry filter_clear[] = {
- 	{ "pathloss", filter_clear_pathloss },
- 	{ "transport", filter_clear_transport },
- 	{ "duplicate-data", filter_clear_duplicate },
-+	{ "discoverable", filter_clear_discoverable },
- 	{}
- };
- 
-@@ -2539,7 +2545,8 @@ static const struct bt_shell_menu scan_menu = {
- 	{ "discoverable", "[on/off]", cmd_scan_filter_discoverable,
- 				"Set/Get discoverable filter",
- 				NULL },
--	{ "clear", "[uuids/rssi/pathloss/transport/duplicate-data]",
-+	{ "clear",
-+		"[uuids/rssi/pathloss/transport/duplicate-data/discoverable]",
- 				cmd_scan_filter_clear,
- 				"Clears discovery filter.",
- 				filter_clear_generator },
--- 
-2.17.1
-Subject:    [PATCH BlueZ 5/5] adapter: Fix not keeping discovery filters
-From:       Luiz Augusto von Dentz <luiz.dentz () gmail ! com>
-Date:       2018-07-26 14:17:23
-Message-ID: 20180726141723.20199-5-luiz.dentz () gmail ! com
-[Download RAW message or body]
-
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-
-If the discovery has been stopped and the client has set filters those
-should be put back into filter list since the client may still be
-interested in using them the next time it start a scanning.
----
- src/adapter.c | 25 ++++++++++++++++---------
- 1 file changed, 16 insertions(+), 9 deletions(-)
-
-diff --git a/src/adapter.c b/src/adapter.c
-index bd9edddc6..822bd3472 100644
---- a/src/adapter.c
-+++ b/src/adapter.c
-@@ -1854,7 +1854,7 @@ static bool set_filtered_discoverable(struct btd_adapter *adapter, bool enable)
- 	return set_discoverable(adapter, enable, 0);
- }
- 
--static void discovery_remove(struct watch_client *client)
-+static void discovery_remove(struct watch_client *client, bool exit)
- {
- 	struct btd_adapter *adapter = client->adapter;
- 
-@@ -1882,7 +1882,11 @@ static void discovery_remove(struct watch_client *client)
- 			set_filtered_discoverable(adapter, false);
- 	}
- 
--	discovery_free(client);
-+	if (!exit && client->discovery_filter)
-+		adapter->set_filter_list = g_slist_prepend(
-+					adapter->set_filter_list, client);
-+	else
-+		discovery_free(client);
- 
- 	/*
- 	 * If there are other client discoveries in progress, then leave
-@@ -1911,8 +1915,11 @@ static void stop_discovery_complete(uint8_t status, uint16_t length,
- 		goto done;
- 	}
- 
--	if (client->msg)
-+	if (client->msg) {
- 		g_dbus_send_reply(dbus_conn, client->msg, DBUS_TYPE_INVALID);
-+		dbus_message_unref(client->msg);
-+		client->msg = NULL;
-+	}
- 
- 	adapter->discovery_type = 0x00;
- 	adapter->discovery_enable = 0x00;
-@@ -1925,7 +1932,7 @@ static void stop_discovery_complete(uint8_t status, uint16_t length,
- 	trigger_passive_scanning(adapter);
- 
- done:
--	discovery_remove(client);
-+	discovery_remove(client, false);
- }
- 
- static int compare_sender(gconstpointer a, gconstpointer b)
-@@ -2146,14 +2153,14 @@ static int update_discovery_filter(struct btd_adapter *adapter)
- 	return -EINPROGRESS;
- }
- 
--static int discovery_stop(struct watch_client *client)
-+static int discovery_stop(struct watch_client *client, bool exit)
- {
- 	struct btd_adapter *adapter = client->adapter;
- 	struct mgmt_cp_stop_discovery cp;
- 
- 	/* Check if there are more client discovering */
- 	if (g_slist_next(adapter->discovery_list)) {
--		discovery_remove(client);
-+		discovery_remove(client, exit);
- 		update_discovery_filter(adapter);
- 		return 0;
- 	}
-@@ -2163,7 +2170,7 @@ static int discovery_stop(struct watch_client *client)
- 	 * and so it is enough to send out the signal and just return.
- 	 */
- 	if (adapter->discovery_enable == 0x00) {
--		discovery_remove(client);
-+		discovery_remove(client, exit);
- 		adapter->discovering = false;
- 		g_dbus_emit_property_changed(dbus_conn, adapter->path,
- 					ADAPTER_INTERFACE, "Discovering");
-@@ -2188,7 +2195,7 @@ static void discovery_disconnect(DBusConnection *conn, void *user_data)
- 
- 	DBG("owner %s", client->owner);
- 
--	discovery_stop(client);
-+	discovery_stop(client, true);
- }
- 
- /*
-@@ -2586,7 +2593,7 @@ static DBusMessage *stop_discovery(DBusConnection *conn,
- 	if (client->msg)
- 		return btd_error_busy(msg);
- 
--	err = discovery_stop(client);
-+	err = discovery_stop(client, false);
- 	switch (err) {
- 	case 0:
- 		return dbus_message_new_method_return(msg);
--- 
-2.17.1

meta/recipes-core/initrdscripts/initramfs-framework/rootfs

@@ -27,8 +27,13 @@ rootfs_run() {
 			fi
 
 			if [ "`echo ${bootparam_root} | cut -c1-9`" = "PARTUUID=" ]; then
-				root_uuid=`echo $bootparam_root | cut -c10-`
-				bootparam_root="/dev/disk/by-partuuid/$root_uuid"
+				root_partuuid=`echo $bootparam_root | cut -c10-`
+				bootparam_root="/dev/disk/by-partuuid/$root_partuuid"
+			fi
+
+			if [ "`echo ${bootparam_root} | cut -c1-10`" = "PARTLABEL=" ]; then
+				root_partlabel=`echo $bootparam_root | cut -c11-`
+				bootparam_root="/dev/disk/by-partlabel/$root_partlabel"
 			fi
 
 			if [ "`echo ${bootparam_root} | cut -c1-10`" = "PARTLABEL=" ]; then

meta/recipes-core/meta/meta-extsdk-toolchain.bb

@@ -24,8 +24,3 @@ python do_locked_sigs() {
     sigfile = os.path.join(outdir, 'locked-sigs-extsdk-toolchain.inc')
     oe.copy_buildsystem.generate_locked_sigs(sigfile, d)
 }
-
-python do_locked_sigs_setscene () {
-    sstate_setscene(d)
-}
-addtask do_locked_sigs_setscene

meta/recipes-core/musl/musl/0001-Change-container-for-riscv-floating-point-state-to-_.patch

@@ -0,0 +1,67 @@
+From 52a37610650e7366a398dd07393d3902d2f3faa3 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sat, 28 Sep 2019 12:19:57 -0700
+Subject: [PATCH] Change container for riscv floating-point state to __riscv_mc_fp_state
+
+Match the struct elements with glibc
+glibc also uses __riscv_mc prefix, some packages like gdb uses that
+
+Upstream-Status: Submitted [https://www.openwall.com/lists/musl/2019/09/28/1]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ arch/riscv64/bits/signal.h | 18 +++++++++---------
+ arch/riscv64/bits/user.h   |  2 +-
+ 2 files changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/arch/riscv64/bits/signal.h b/arch/riscv64/bits/signal.h
+index 76d7ad80..aba7ab00 100644
+--- a/arch/riscv64/bits/signal.h
++++ b/arch/riscv64/bits/signal.h
+@@ -13,25 +13,25 @@ typedef unsigned long greg_t;
+ typedef unsigned long gregset_t[32];
+ 
+ struct __riscv_mc_f_ext_state {
+-	unsigned int f[32];
+-	unsigned int fcsr;
++	unsigned int __f[32];
++	unsigned int __fcsr;
+ };
+ 
+ struct __riscv_mc_d_ext_state {
+-	unsigned long long f[32];
+-	unsigned int fcsr;
++	unsigned long long __f[32];
++	unsigned int __fcsr;
+ };
+ 
+ struct __riscv_mc_q_ext_state {
+-	unsigned long long f[64] __attribute__((aligned(16)));
+-	unsigned int fcsr;
++	unsigned long long __f[64] __attribute__((aligned(16)));
++	unsigned int __fcsr;
+ 	unsigned int reserved[3];
+ };
+ 
+ union __riscv_mc_fp_state {
+-	struct __riscv_mc_f_ext_state f;
+-	struct __riscv_mc_d_ext_state d;
+-	struct __riscv_mc_q_ext_state q;
++	struct __riscv_mc_f_ext_state __f;
++	struct __riscv_mc_d_ext_state __d;
++	struct __riscv_mc_q_ext_state __q;
+ };
+ 
+ typedef union __riscv_mc_fp_state fpregset_t;
+diff --git a/arch/riscv64/bits/user.h b/arch/riscv64/bits/user.h
+index d2e383b2..9918a2fe 100644
+--- a/arch/riscv64/bits/user.h
++++ b/arch/riscv64/bits/user.h
+@@ -5,4 +5,4 @@ struct user_fpregs_struct {
+ 
+ #define ELF_NGREG 32
+ typedef unsigned long elf_greg_t, elf_gregset_t[ELF_NGREG];
+-typedef struct user_fpregs_struct elf_fpregset_t;
++typedef union __riscv_mc_fp_state elf_fpregset_t;
+-- 
+2.23.0
+

meta/recipes-core/musl/musl/0001-correct-the-operand-specifiers-in-the-riscv64-CAS-ro.patch

@@ -0,0 +1,55 @@
+From 59f2954fcaacd9426827c69a729e2647cb9977e5 Mon Sep 17 00:00:00 2001
+From: Palmer Dabbelt <palmer@sifive.com>
+Date: Tue, 24 Sep 2019 20:30:15 -0700
+Subject: [PATCH] correct the operand specifiers in the riscv64 CAS routines
+
+The operand sepcifiers in a_cas and a_casp for riscv64 were incorrect:
+there's a backwards branch in the routine, so despite tmp being written
+at the end of the assembly fragment it cannot be allocated in one of the
+input registers because the input values may be needed for another trip
+around the loop.
+
+For code that follows the guarnteed forward progress requirements, he
+backwards branch is rarely taken: SiFive's hardware only fails a store
+conditional on execptional cases (ie, instruction cache misses inside
+the loop), and until recently a bug in QEMU allowed back-to-back
+store conditionals to succeed.  The bug has been fixed in the latest
+QEMU release, but it turns out that the fix caused this latent bug in
+musl to manifest.
+
+Full disclosure: I haven't actually even compiled musl.  I just guessed
+this would fix a bug introducted by the new QEMU behavior, Alistair
+(CC'd) actually checked it fixes the problem.  The rest is just
+conjecture.
+
+Upstream-Status: Submitted
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ arch/riscv64/atomic_arch.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/arch/riscv64/atomic_arch.h b/arch/riscv64/atomic_arch.h
+index c9765342..41ad4d04 100644
+--- a/arch/riscv64/atomic_arch.h
++++ b/arch/riscv64/atomic_arch.h
+@@ -14,7 +14,7 @@ static inline int a_cas(volatile int *p, int t, int s)
+ 		"	sc.w.aqrl %1, %4, (%2)\n"
+ 		"	bnez %1, 1b\n"
+ 		"1:"
+-		: "=&r"(old), "=r"(tmp)
++		: "=&r"(old), "=&r"(tmp)
+ 		: "r"(p), "r"(t), "r"(s)
+ 		: "memory");
+ 	return old;
+@@ -31,7 +31,7 @@ static inline void *a_cas_p(volatile void *p, void *t, void *s)
+ 		"	sc.d.aqrl %1, %4, (%2)\n"
+ 		"	bnez %1, 1b\n"
+ 		"1:"
+-		: "=&r"(old), "=r"(tmp)
++		: "=&r"(old), "=&r"(tmp)
+ 		: "r"(p), "r"(t), "r"(s)
+ 		: "memory");
+ 	return old;
+-- 
+2.23.0
+

meta/recipes-core/musl/musl_git.bb

@@ -15,6 +15,8 @@ PV = "${BASEVER}+git${SRCPV}"
 SRC_URI = "git://git.musl-libc.org/musl \
            file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \
            file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \
+           file://0001-correct-the-operand-specifiers-in-the-riscv64-CAS-ro.patch \
+           file://0001-Change-container-for-riscv-floating-point-state-to-_.patch \
           "
 
 S = "${WORKDIR}/git"

meta/recipes-core/packagegroups/packagegroup-core-standalone-sdk-target.bb

@@ -1,6 +1,8 @@
 SUMMARY = "Target packages for the standalone SDK"
 PR = "r8"
 
+PACKAGE_ARCH = "${TUNE_PKGARCH}"
+
 inherit packagegroup
 
 RDEPENDS_${PN} = "\

meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb

@@ -4,6 +4,8 @@
 
 SUMMARY = "Debugging tools"
 
+PACKAGE_ARCH = "${TUNE_PKGARCH}"
+
 inherit packagegroup
 
 PR = "r3"

meta/recipes-core/packagegroups/packagegroup-self-hosted.bb

@@ -6,6 +6,8 @@ SUMMARY = "Self-hosting"
 DESCRIPTION = "Packages required to run the build system"
 PR = "r13"
 
+PACKAGE_ARCH = "${TUNE_PKGARCH}"
+
 inherit packagegroup  distro_features_check
 # rdepends on libx11-dev
 REQUIRED_DISTRO_FEATURES = "x11"

meta/recipes-core/systemd/systemd/0001-unit-file.c-consider-symlink-on-filesystems-like-NFS.patch

@@ -0,0 +1,42 @@
+From d0122c077d2d8fd0fd29b463c501e7ddf9177ff3 Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Tue, 24 Sep 2019 17:04:50 +0800
+Subject: [PATCH] unit-file.c: consider symlink on filesystems like NFS
+
+Some filesystems do not fully support readdir, according to the manual,
+so we should also consider DT_UNKNOWN to correctly handle symlinks.
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+
+Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/13637]
+---
+ src/shared/unit-file.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/shared/unit-file.c b/src/shared/unit-file.c
+index 4a5f23e6c1..8373103000 100644
+--- a/src/shared/unit-file.c
++++ b/src/shared/unit-file.c
+@@ -247,6 +247,7 @@ int unit_file_build_name_map(
+                         _cleanup_free_ char *_filename_free = NULL, *simplified = NULL;
+                         const char *suffix, *dst = NULL;
+                         bool valid_unit_name;
++                        struct stat sb;
+ 
+                         valid_unit_name = unit_name_is_valid(de->d_name, UNIT_NAME_ANY);
+ 
+@@ -279,7 +280,10 @@ int unit_file_build_name_map(
+                         if (hashmap_contains(ids, de->d_name))
+                                 continue;
+ 
+-                        if (de->d_type == DT_LNK) {
++                        if (de->d_type == DT_LNK ||
++                            (de->d_type == DT_UNKNOWN &&
++                             lstat(filename, &sb) == 0 &&
++                             (sb.st_mode & S_IFMT) == S_IFLNK)) {
+                                 /* We don't explicitly check for alias loops here. unit_ids_map_get() which
+                                  * limits the number of hops should be used to access the map. */
+ 
+-- 
+2.17.1
+

meta/recipes-core/systemd/systemd_243.bb

@@ -22,6 +22,7 @@ SRC_URI += "file://touchscreen.rules \
            file://0003-implment-systemd-sysv-install-for-OE.patch \
            file://0004-rules-whitelist-hd-devices.patch \
            file://0005-rules-watch-metadata-changes-in-ide-devices.patch \
+           file://0001-unit-file.c-consider-symlink-on-filesystems-like-NFS.patch \
            file://99-default.preset \
            "
 
@@ -299,9 +300,10 @@ do_install() {
 }
 
 do_install_append () {
-       # Mips qemu is extremely slow, allow more time for the hwdb update
-       # This is a workaround until https://github.com/systemd/systemd/issues/13581 is resolved
-       sed -i -e s#TimeoutSec=90s#TimeoutSec=180s# ${D}${systemd_unitdir}/system/systemd-hwdb-update.service
+	# Mips qemu is extremely slow, allow more time for the hwdb update
+	# This is a workaround until https://github.com/systemd/systemd/issues/13581 is resolved
+	[ ! -e ${D}${systemd_unitdir}/system/systemd-hwdb-update.service ] ||
+		sed -i -e s#TimeoutSec=90s#TimeoutSec=180s# ${D}${systemd_unitdir}/system/systemd-hwdb-update.service
 }
 
 python populate_packages_prepend (){
@@ -635,7 +637,7 @@ python do_warn_musl() {
 }
 addtask warn_musl before do_configure
 
-ALTERNATIVE_${PN} = "halt reboot shutdown poweroff runlevel resolv-conf"
+ALTERNATIVE_${PN} = "halt reboot shutdown poweroff runlevel ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolv-conf', '', d)}"
 
 ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd"
 ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf"

meta/recipes-devtools/binutils/binutils-2.32.inc

@@ -14,11 +14,8 @@ def binutils_branch_version(d):
     pvsplit = d.getVar('PV').split('.')
     return pvsplit[0] + "_" + pvsplit[1]
 
-# Actual upstream version is 2.32 (without the .0), so we have to set
-# UPSTREAM_VERSION_UNKNOWN to avoid the version check failure. The line can
-# be removed when a new version of binutils is released (if the PV is then
-# correctly set to match the upstream version tag).
-UPSTREAM_VERSION_UNKNOWN = "1"
+# When upgrading to 2.33, please make sure there is no trailing .0, so
+# that upstream version check can work correctly.
 PV = "2.32.0"
 CVE_VERSION = "2.32"
 BINUPV = "${@binutils_branch_version(d)}"

meta/recipes-devtools/distcc/distcc_3.3.3.bb

@@ -12,12 +12,12 @@ PACKAGECONFIG[gtk] = "--with-gtk,--without-gtk --without-gnome,gtk+"
 # use system popt by default
 PACKAGECONFIG[popt] = "--without-included-popt,--with-included-popt,popt"
 
-RRECOMMENDS_${PN} = "avahi-daemon"
+RRECOMMENDS_${PN}-server = "avahi-daemon"
 
 SRC_URI = "git://github.com/distcc/distcc.git \
+           file://fix-gnome.patch \
            file://separatebuilddir.patch \
            file://default \
-           file://distccmon-gnome.desktop \
            file://distcc \
            file://distcc.service"
 SRCREV = "4cde9bcfbda589abd842e3bbc652ce369085eaae"
@@ -29,17 +29,20 @@ ASNEEDED = ""
 
 EXTRA_OECONF += "--disable-Werror PYTHON='' --disable-pump-mode"
 
-USERADD_PACKAGES = "${PN}"
-USERADD_PARAM_${PN} = "--system \
+PACKAGE_BEFORE_PN = "${PN}-distmon-gnome ${PN}-server"
+
+USERADD_PACKAGES = "${PN}-server"
+USERADD_PARAM_${PN}-server = "--system \
                        --home /dev/null \
                        --no-create-home \
                        --gid nogroup \
                        distcc"
 
+UPDATERCPN = "${PN}-server"
 INITSCRIPT_NAME = "distcc"
 
-SYSTEMD_PACKAGES = "${PN}"
-SYSTEMD_SERVICE_${PN} = "distcc.service"
+SYSTEMD_PACKAGES = "${PN}-server"
+SYSTEMD_SERVICE_${PN}-server = "distcc.service"
 
 do_install() {
     # Improve reproducibility: compress w/o timestamps
@@ -51,25 +54,14 @@ do_install() {
     install -d ${D}${systemd_unitdir}/system/
     install -m 0644 ${WORKDIR}/distcc.service ${D}${systemd_unitdir}/system
     sed -i -e 's,@BINDIR@,${bindir},g' ${D}${systemd_unitdir}/system/distcc.service
-    ${DESKTOPINSTALL}
 }
-DESKTOPINSTALL = ""
-DESKTOPINSTALL_libc-glibc () {
-    install -d ${D}${datadir}/distcc/
-    install -m 0644 ${WORKDIR}/distccmon-gnome.desktop ${D}${datadir}/distcc/
-}
-PACKAGES += "distcc-distmon-gnome"
-
-FILES_${PN} = " ${sysconfdir} \
-		${bindir}/distcc \
-		${bindir}/lsdistcc \
-		${bindir}/distccd \
-		${bindir}/distccmon-text \
-		${sbindir}/update-distcc-symlinks \
-		${systemd_unitdir}/system/distcc.service"
-FILES_distcc-distmon-gnome = "  ${bindir}/distccmon-gnome \
-				${datadir}/distcc"
 
+FILES_${PN}-server = "${sysconfdir} \
+                      ${bindir}/distccd \
+                      ${sbindir}"
+FILES_${PN}-distmon-gnome = "${bindir}/distccmon-gnome \
+                             ${datadir}/applications \
+                             ${datadir}/pixmaps"
 
 #
 # distcc upstream dropped the 3.2 branch which we reference in older project releases

meta/recipes-devtools/distcc/files/default

@@ -21,4 +21,4 @@ ALLOWEDNETS="127.0.0.1"
 #
 # OPTIONS is used for the systemd service file
 #
-OPTIONS="--allow 127.0.0.1 --make-me-a-botnet"
+OPTIONS="--allow 127.0.0.1 --enable-tcp-insecure"

meta/recipes-devtools/distcc/files/distccmon-gnome.desktop

@@ -1,12 +0,0 @@
-[Desktop Entry]
-Version=0.9.4
-Exec=distccmon-gnome
-Name=distcc monitor
-GenericName=Distributed Compile Monitor
-Comment=Graphical view of distributed compile tasks
-Icon=distccmon-gnome-icon
-TryExec=distccmon-gnome
-Terminal=false
-Type=Application
-Categories=GNOME;Development;
-StartupNotify=true

meta/recipes-devtools/distcc/files/fix-gnome.patch

@@ -0,0 +1,122 @@
+Upstream-Status: Backport [https://github.com/distcc/distcc/pull/319]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From 2faacc2be8d7eeee0a3f66d88fedd1d3ab11070e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= <mgorny@gentoo.org>
+Date: Sat, 8 Dec 2018 12:50:07 +0100
+Subject: [PATCH] Fix desktop spec compliance of distccmon-gnome install
+
+Update the .desktop file and install rules for distccmon-gnome to
+conform to the freedesktop.org specifications.  More specifically:
+
+- update to version 1.0 of the spec
+- remove obsolete 'Encoding' key
+- remove obsolete 'Application' category and add recommended 'GTK'
+- install icon file to the correct directory
+- strip suffix from desktop file (specifying it is deprecated)
+- while at it, remove redundant '-icon' from the filename
+- install desktop file to the correct directory
+---
+ Makefile.in                                   |  18 ++++++++++--------
+ gnome/distccmon-gnome.desktop                 |   7 +++----
+ ...mon-gnome-icon.png => distccmon-gnome.png} | Bin
+ src/mon-gnome.c                               |   2 +-
+ 4 files changed, 14 insertions(+), 13 deletions(-)
+ rename gnome/{distccmon-gnome-icon.png => distccmon-gnome.png} (100%)
+
+diff --git a/Makefile.in b/Makefile.in
+index 6e1e467..1106559 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -52,13 +52,14 @@ mandir = @mandir@
+ includedir = @includedir@
+ oldincludedir = /usr/include
+ docdir = @docdir@
+-pkgdatadir = $(datadir)/@PACKAGE_NAME@
++icondir = $(datarootdir)/pixmaps
++desktopdir = $(datarootdir)/applications
+ 
+ include_server_builddir = $(builddir)/_include_server
+ 
+ # These must be done from here, not from autoconf, because they can 
+ # contain variable expansions written in Make syntax.  Ew.
+-DIR_DEFS = -DLIBDIR="\"${libdir}\"" -DSYSCONFDIR="\"${sysconfdir}\"" -DPKGDATADIR="\"${pkgdatadir}\""
++DIR_DEFS = -DLIBDIR="\"${libdir}\"" -DSYSCONFDIR="\"${sysconfdir}\"" -DICONDIR="\"${icondir}\""
+ 
+ # arguments to pkgconfig
+ GNOME_PACKAGES = @GNOME_PACKAGES@
+@@ -387,7 +388,7 @@ man_HTML = man/distcc_1.html man/distccd_1.html man/distccmon_text_1.html \
+            man/lsdistcc_1.html man/pump_1.html man/include_server_1.html
+ MEN = $(man1_MEN)
+ 
+-gnome_data = gnome/distccmon-gnome-icon.png	\
++gnome_data = gnome/distccmon-gnome.png	\
+ 	gnome/distccmon-gnome.desktop
+ 
+ popt_OBJS=popt/findme.o  popt/popt.o  popt/poptconfig.o \
+@@ -1033,7 +1034,8 @@ showpaths:
+ 	@echo "  programs             $(DESTDIR)$(bindir)"
+ 	@echo "  sbin programs        $(DESTDIR)$(sbindir)"
+ 	@echo "  system configuration $(DESTDIR)$(sysconfdir)"
+-	@echo "  shared data files    $(DESTDIR)$(pkgdatadir)"
++	@echo "  icon file            $(DESTDIR)$(icondir)"
++	@echo "  application file     $(DESTDIR)$(desktopdir)"
+ 
+ 
+ # install-sh can't handle multiple arguments, but we don't need any
+@@ -1129,10 +1131,10 @@ install-example: $(example_DOCS)
+ 	done
+ 
+ install-gnome-data: $(gnome_data)
+-	$(mkinstalldirs) "$(DESTDIR)$(pkgdatadir)"
+-	for p in $(gnome_data); do \
+-	  $(INSTALL_DATA) "$$p" "$(DESTDIR)$(pkgdatadir)" || exit 1; \
+-	done
++	$(mkinstalldirs) "$(DESTDIR)$(icondir)"
++	$(mkinstalldirs) "$(DESTDIR)$(desktopdir)"
++	$(INSTALL_DATA) gnome/distccmon-gnome.png "$(DESTDIR)$(icondir)"
++	$(INSTALL_DATA) gnome/distccmon-gnome.desktop "$(DESTDIR)$(desktopdir)"
+ 
+ install-conf: $(conf_files) $(default_files)
+ 	$(mkinstalldirs) "$(DESTDIR)$(sysconfdir)/distcc"
+diff --git a/gnome/distccmon-gnome.desktop b/gnome/distccmon-gnome.desktop
+index bd1fa26..7205f5e 100644
+--- a/gnome/distccmon-gnome.desktop
++++ b/gnome/distccmon-gnome.desktop
+@@ -1,6 +1,5 @@
+ [Desktop Entry]
+-Version=0.9.4
+-Encoding=UTF-8
++Version=1.0
+ Exec=distccmon-gnome
+ Name=distcc monitor
+ Name[sv]=distcc övervakare
+@@ -8,9 +7,9 @@ GenericName=Distributed Compile Monitor
+ GenericName[sv]=Distribuerad kompilerings-övervakare
+ Comment=Graphical view of distributed compile tasks
+ Comment[sv]=Grafisk vy av distribuerade kompileringsuppgifter
+-Icon=distccmon-gnome-icon.png
++Icon=distccmon-gnome
+ TryExec=distccmon-gnome
+ Terminal=false
+ Type=Application
+-Categories=GNOME;Application;Development;
++Categories=GNOME;GTK;Development;
+ StartupNotify=true
+diff --git a/gnome/distccmon-gnome-icon.png b/gnome/distccmon-gnome.png
+similarity index 100%
+rename from gnome/distccmon-gnome-icon.png
+rename to gnome/distccmon-gnome.png
+diff --git a/src/mon-gnome.c b/src/mon-gnome.c
+index 24681d0..bfc286d 100644
+--- a/src/mon-gnome.c
++++ b/src/mon-gnome.c
+@@ -599,7 +599,7 @@ static GtkWidget * dcc_gnome_make_mainwin (void)
+ 
+ #if GTK_CHECK_VERSION(2,2,0)
+   gtk_window_set_icon_from_file (GTK_WINDOW (mainwin),
+-                                 PKGDATADIR "/distccmon-gnome-icon.png",
++                                 ICONDIR "/distccmon-gnome.png",
+                                  NULL);
+ #endif
+ 

meta/recipes-devtools/distcc/files/separatebuilddir.patch

@@ -1,21 +1,33 @@
-When building with a separate build directory, make install fails,
-unable to find the gnome_data files. This patch corrects the
-patch and ensures the build works in this case.
+Upstream-Status: Backport [https://github.com/distcc/distcc/pull/363]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
 
-RP 2013/3/8
+From 469628ee8dc90c7162d1a850c0b179b7349f9cf3 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@intel.com>
+Date: Tue, 17 Sep 2019 13:04:22 +0100
+Subject: [PATCH] Makefile.in: fix out-of-tree builds when the GNOME UI is
+ enabled
 
-Upstream-Status: Pending
+The install command doesn't use $(srcdir) so out-of-tree builds fail.
 
-Index: git/Makefile.in
-===================================================================
---- git.orig/Makefile.in
-+++ git/Makefile.in
-@@ -1117,7 +1117,7 @@ install-example: $(example_DOCS)
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+---
+ Makefile.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 123054f..b9ce974 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -1130,8 +1130,8 @@ install-example: $(example_DOCS)
  install-gnome-data: $(gnome_data)
- 	$(mkinstalldirs) "$(DESTDIR)$(pkgdatadir)"
- 	for p in $(gnome_data); do \
--	  $(INSTALL_DATA) "$$p" "$(DESTDIR)$(pkgdatadir)" || exit 1; \
-+	  $(INSTALL_DATA) "$(srcdir)/$$p" "$(DESTDIR)$(pkgdatadir)" || exit 1; \
- 	done
+ 	$(mkinstalldirs) "$(DESTDIR)$(icondir)"
+ 	$(mkinstalldirs) "$(DESTDIR)$(desktopdir)"
+-	$(INSTALL_DATA) gnome/distccmon-gnome.png "$(DESTDIR)$(icondir)"
+-	$(INSTALL_DATA) gnome/distccmon-gnome.desktop "$(DESTDIR)$(desktopdir)"
++	$(INSTALL_DATA) $(srcdir)/gnome/distccmon-gnome.png "$(DESTDIR)$(icondir)"
++	$(INSTALL_DATA) $(srcdir)/gnome/distccmon-gnome.desktop "$(DESTDIR)$(desktopdir)"
  
  install-conf: $(conf_files) $(default_files)
+ 	$(mkinstalldirs) "$(DESTDIR)$(sysconfdir)/distcc"
+-- 
+2.20.1

meta/recipes-devtools/expect/expect/0001-exp_main_sub.c-Use-PATH_MAX-for-path.patch

@@ -0,0 +1,55 @@
+From 1407fcad6f1dac0a4efe8041660bf6139c1cd16a Mon Sep 17 00:00:00 2001
+From: Robert Yang <liezhi.yang@windriver.com>
+Date: Tue, 24 Sep 2019 13:40:10 +0800
+Subject: [PATCH] exp_main_sub.c: Use PATH_MAX for path
+
+If expect was built from a long path whose length > 200, then it couldn't run:
+$ expect -c 'puts yes'
+*** buffer overflow detected ***: expect terminated
+Aborted (core dumped)
+
+Use PATH_MAX to fix the problem.
+
+Upstream-Status: Pending [Upstream seems dead]
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+---
+ exp_main_sub.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/exp_main_sub.c b/exp_main_sub.c
+index fcfaa6e..bf6c4be 100644
+--- a/exp_main_sub.c
++++ b/exp_main_sub.c
+@@ -48,6 +48,10 @@ char exp_version[] = PACKAGE_VERSION;
+ #define NEED_TCL_MAJOR		7
+ #define NEED_TCL_MINOR		5
+ 
++#ifndef PATH_MAX
++#define PATH_MAX 4096
++#endif
++
+ char *exp_argv0 = "this program";	/* default program name */
+ void (*exp_app_exit)() = 0;
+ void (*exp_event_exit)() = 0;
+@@ -901,7 +905,7 @@ int sys_rc;
+ 	int rc;
+ 
+ 	if (sys_rc) {
+-	    char file[200];
++	    char file[PATH_MAX];
+ 	    int fd;
+ 
+ 	    sprintf(file,"%s/expect.rc",SCRIPTDIR);
+@@ -917,7 +921,7 @@ int sys_rc;
+ 	    }
+ 	}
+ 	if (my_rc) {
+-	    char file[200];
++	    char file[PATH_MAX];
+ 	    char *home;
+ 	    int fd;
+ 	    char *getenv();
+-- 
+2.7.4
+

meta/recipes-devtools/expect/expect_5.45.4.bb

@@ -25,6 +25,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/expect/Expect/${PV}/${BPN}${PV}.tar.gz \
            file://0001-expect-install-scripts-without-using-the-fixline1-tc.patch \
            file://0001-Resolve-string-formatting-issues.patch \
            file://0001-expect-Fix-segfaults-if-Tcl-is-built-with-stubs-and-.patch \
+           file://0001-exp_main_sub.c-Use-PATH_MAX-for-path.patch \
           "
 SRC_URI[md5sum] = "00fce8de158422f5ccd2666512329bd2"
 SRC_URI[sha256sum] = "49a7da83b0bdd9f46d04a04deec19c7767bb9a323e40c4781f89caf760b92c34"
@@ -44,9 +45,9 @@ do_install_append() {
 }
 
 # Apparently the public Tcl headers are only in /usr/include/tcl8.6
-# when building for the target.
-TCL_INCLUDE_PATH = ""
-TCL_INCLUDE_PATH_class-target = "--with-tclinclude=${STAGING_INCDIR}/tcl8.6"
+# when building for the target and nativesdk.
+TCL_INCLUDE_PATH = "--with-tclinclude=${STAGING_INCDIR}/tcl8.6"
+TCL_INCLUDE_PATH_class-native = ""
 
 EXTRA_OECONF += "--with-tcl=${STAGING_LIBDIR} \
                  --enable-shared \

meta/recipes-devtools/json-c/json-c_0.13.1.bb

@@ -10,25 +10,13 @@ SRC_URI = "https://s3.amazonaws.com/json-c_releases/releases/${BP}.tar.gz \
 SRC_URI[md5sum] = "04969ad59cc37bddd83741a08b98f350"
 SRC_URI[sha256sum] = "b87e608d4d3f7bfdd36ef78d56d53c74e66ab278d318b71e6002a369d36f4873"
 
-UPSTREAM_CHECK_REGEX = "json-c-(?P<pver>\d+(\.\d+)+).tar"
-# json-c releases page is fetching the list of releases in some weird XML format
-# from https://s3.amazonaws.com/json-c_releases and processes it with javascript :-/
-#UPSTREAM_CHECK_URI = "https://s3.amazonaws.com/json-c_releases/releases/index.html"
-RECIPE_UPSTREAM_VERSION = "0.13.1"
-RECIPE_UPSTREAM_DATE = "Mar 04, 2018"
-CHECK_DATE = "May 02, 2018"
+UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases"
+UPSTREAM_CHECK_REGEX = "json-c-(?P<pver>\d+(\.\d+)+)-\d+"
 
 RPROVIDES_${PN} = "libjson"
 
 inherit autotools
 
-EXTRA_OECONF = "--disable-werror \
-                --enable-rdrand \
-                "
-
-do_configure_prepend() {
-    # Clean up autoconf cruft that should not be in the tarball
-    rm -f ${S}/config.status
-}
+EXTRA_OECONF = "--disable-werror"
 
 BBCLASSEXTEND = "native nativesdk"

meta/recipes-devtools/opkg/opkg_0.4.1.bb

@@ -25,7 +25,7 @@ SRC_URI[sha256sum] = "45ac1e037d3877f635d883f8a555e172883a25d3eeb7986c75890fdd31
 # PTEST_PATH ?= "${libdir}/${BPN}/ptest"
 PACKAGES =+ "libopkg"
 
-inherit autotools pkgconfig systemd ptest
+inherit autotools pkgconfig ptest
 
 target_localstatedir := "${localstatedir}"
 OPKGLIBDIR ??= "${target_localstatedir}/lib"
@@ -37,9 +37,9 @@ PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl"
 PACKAGECONFIG[ssl-curl] = "--enable-ssl-curl,--disable-ssl-curl,curl openssl"
 PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl"
 PACKAGECONFIG[sha256] = "--enable-sha256,--disable-sha256"
-PACKAGECONFIG[pathfinder] = "--enable-pathfinder,--disable-pathfinder,pathfinder"
 PACKAGECONFIG[libsolv] = "--with-libsolv,--without-libsolv,libsolv"
 
+EXTRA_OECONF += " --disable-pathfinder"
 EXTRA_OECONF_class-native = "--localstatedir=/${@os.path.relpath('${localstatedir}', '${STAGING_DIR_NATIVE}')} --sysconfdir=/${@os.path.relpath('${sysconfdir}', '${STAGING_DIR_NATIVE}')}"
 
 # Release tarball has unused binaries on the tests folder, automatically created by automake.

meta/recipes-devtools/python/python3-pip_19.2.3.bb

@@ -25,6 +25,7 @@ RDEPENDS_${PN} = "\
   python3-setuptools \
   python3-unixadmin \
   python3-xmlrpc \
+  python3-pickle \
 "
 
 BBCLASSEXTEND = "native nativesdk"

meta/recipes-devtools/python/python3-subunit_1.3.0.bb

@@ -1,2 +1,4 @@
 inherit setuptools3
 require python-subunit.inc
+
+RDEPENDS_${PN} = " python3-testtools"

meta/recipes-devtools/python/python3/python3-manifest.json

@@ -291,6 +291,7 @@
             "${libdir}/python${PYTHON_MAJMIN}/re.py",
             "${libdir}/python${PYTHON_MAJMIN}/reprlib.py",
             "${libdir}/python${PYTHON_MAJMIN}/rlcompleter.py",
+            "${libdir}/python${PYTHON_MAJMIN}/runpy.py",
             "${libdir}/python${PYTHON_MAJMIN}/selectors.py",
             "${libdir}/python${PYTHON_MAJMIN}/signal.py",
             "${libdir}/python${PYTHON_MAJMIN}/site.py",
@@ -355,6 +356,7 @@
             "${libdir}/python${PYTHON_MAJMIN}/__pycache__/re.*.pyc",
             "${libdir}/python${PYTHON_MAJMIN}/__pycache__/reprlib.*.pyc",
             "${libdir}/python${PYTHON_MAJMIN}/__pycache__/rlcompleter.*.pyc",
+            "${libdir}/python${PYTHON_MAJMIN}/__pycache__/runpy.*.pyc",
             "${libdir}/python${PYTHON_MAJMIN}/__pycache__/selectors.*.pyc",
             "${libdir}/python${PYTHON_MAJMIN}/__pycache__/signal.*.pyc",
             "${libdir}/python${PYTHON_MAJMIN}/__pycache__/site.*.pyc",
@@ -783,7 +785,6 @@
             "profile",
             "pydoc",
             "resource",
-            "runpy",
             "shell",
             "smtpd",
             "sqlite3",
@@ -1005,19 +1006,6 @@
         ],
         "cached": []
     },
-    "runpy": {
-        "summary": "Python helper for locating/executing scripts in module namespace",
-        "rdepends": [
-            "core",
-            "pkgutil"
-        ],
-        "files": [
-            "${libdir}/python${PYTHON_MAJMIN}/runpy.py"
-        ],
-        "cached": [
-            "${libdir}/python${PYTHON_MAJMIN}/__pycache__/runpy.*.pyc"
-        ]
-    },
     "shell": {
         "summary": "Python shell-like functionality",
         "rdepends": [

meta/recipes-devtools/python/python3_3.7.4.bb

@@ -321,6 +321,6 @@ FILES_${PN}-man = "${datadir}/man"
 
 RDEPENDS_${PN}-ptest = "${PN}-modules ${PN}-tests unzip bzip2 libgcc tzdata-europe coreutils sed"
 RDEPENDS_${PN}-ptest_append_libc-glibc = " locale-base-tr-tr.iso-8859-9"
-RDEPENDS_${PN}-tkinter += "${@bb.utils.contains('PACKAGECONFIG', 'tk', 'tk', '', d)}"
+RDEPENDS_${PN}-tkinter += "${@bb.utils.contains('PACKAGECONFIG', 'tk', 'tk tk-lib', '', d)}"
 RDEPENDS_${PN}-dev = ""
 

meta/recipes-devtools/python/python_2.7.16.bb

@@ -173,7 +173,7 @@ RDEPENDS_${PN}-modules += "${PN}-misc"
 
 # ptest
 RDEPENDS_${PN}-ptest = "${PN}-modules ${PN}-tests unzip tzdata-europe coreutils sed"
-RDEPENDS_${PN}-tkinter += "${@bb.utils.contains('PACKAGECONFIG', 'tk', 'tk', '', d)}"
+RDEPENDS_${PN}-tkinter += "${@bb.utils.contains('PACKAGECONFIG', 'tk', 'tk tk-lib', '', d)}"
 # catch manpage
 PACKAGES += "${PN}-man"
 FILES_${PN}-man = "${datadir}/man"

meta/recipes-devtools/ruby/ruby/0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch

@@ -0,0 +1,101 @@
+From 3a8189530312e81d6c005c396565f985a47f3383 Mon Sep 17 00:00:00 2001
+From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date: Fri, 8 Feb 2019 07:22:55 +0000
+Subject: [PATCH] configure.ac: check finite,isinf,isnan as macros first
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+[ruby-core:91487] [Bug #15595]
+
+git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67036 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+
+---
+Upstream-Status: Backport [https://github.com/ruby/ruby/commit/74f94b3e6ebf15b76f3b357e754095412b006e94]
+(modified so as to apply cleanly here)
+Signed-off-by: André Draszik <andre.draszik@jci.com>
+---
+ aclocal.m4                    |  1 +
+ configure.ac                  | 13 ++++---------
+ tool/m4/ruby_replace_funcs.m4 | 13 +++++++++++++
+ 3 files changed, 18 insertions(+), 9 deletions(-)
+ create mode 100644 tool/m4/ruby_replace_funcs.m4
+
+diff --git a/aclocal.m4 b/aclocal.m4
+index 18ba297b05..2a907b3467 100644
+--- a/aclocal.m4
++++ b/aclocal.m4
+@@ -13,3 +13,4 @@
+ 
+ m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])])
+ m4_include([acinclude.m4])
++m4_include([tool/m4/ruby_replace_funcs.m4])
+diff --git a/configure.ac b/configure.ac
+index 8a7cee55b8..b97c5b3cc9 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1189,9 +1189,6 @@ main()
+ 		ac_cv_func_fsync=yes
+ 		ac_cv_func_seekdir=yes
+ 		ac_cv_func_telldir=yes
+-		ac_cv_func_isinf=yes
+-		ac_cv_func_isnan=yes
+-		ac_cv_func_finite=yes
+ 		ac_cv_func_lchown=yes
+ 		ac_cv_func_link=yes
+ 		ac_cv_func_readlink=yes
+@@ -1239,9 +1236,6 @@ main()
+ [netbsd*], [	LIBS="-lm $LIBS"
+ 		],
+ [dragonfly*], [	LIBS="-lm $LIBS"
+-		# isinf() and isnan() are macros on DragonFly.
+-		ac_cv_func_isinf=yes
+-		ac_cv_func_isnan=yes
+ 		],
+ [aix*],[	LIBS="-lm $LIBS"
+ 		ac_cv_func_round=no
+@@ -2213,11 +2207,8 @@ AC_REPLACE_FUNCS(dup2)
+ AC_REPLACE_FUNCS(erf)
+ AC_REPLACE_FUNCS(explicit_bzero)
+ AC_REPLACE_FUNCS(ffs)
+-AC_REPLACE_FUNCS(finite)
+ AC_REPLACE_FUNCS(flock)
+ AC_REPLACE_FUNCS(hypot)
+-AC_REPLACE_FUNCS(isinf)
+-AC_REPLACE_FUNCS(isnan)
+ AC_REPLACE_FUNCS(lgamma_r)
+ AC_REPLACE_FUNCS(memmove)
+ AC_REPLACE_FUNCS(nextafter)
+@@ -2229,6 +2220,10 @@ AC_REPLACE_FUNCS(strlcpy)
+ AC_REPLACE_FUNCS(strstr)
+ AC_REPLACE_FUNCS(tgamma)
+ 
++RUBY_REPLACE_FUNC([finite], [@%:@include <math.h>])
++RUBY_REPLACE_FUNC([isinf], [@%:@include <math.h>])
++RUBY_REPLACE_FUNC([isnan], [@%:@include <math.h>])
++
+ # for missing/setproctitle.c
+ AS_CASE(["$target_os"],
+ [aix* | k*bsd*-gnu | kopensolaris*-gnu | linux* | darwin*], [AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)],
+diff --git a/tool/m4/ruby_replace_funcs.m4 b/tool/m4/ruby_replace_funcs.m4
+new file mode 100644
+index 0000000000..d0612e29a0
+--- /dev/null
++++ b/tool/m4/ruby_replace_funcs.m4
+@@ -0,0 +1,13 @@
++# -*- Autoconf -*-
++dnl RUBY_REPLACE_FUNC [func] [included]
++AC_DEFUN([RUBY_REPLACE_FUNC], [dnl
++    AC_CHECK_DECL([$1],dnl
++        [AC_DEFINE(AS_TR_CPP(HAVE_[$1]))],dnl
++        [AC_REPLACE_FUNCS($1)],dnl
++        [$2])dnl
++])
++
++dnl RUBY_REPLACE_FUNCS [funcs] [included]
++AC_DEFUN([RUBY_REPLACE_FUNCS] [dnl
++    m4_map_args_w([$1], [RUBY_REPLACE_FUNC(], [), [$2]])dnl
++])
+-- 
+2.23.0.rc1
+

meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9226.patch

@@ -1,32 +0,0 @@
-From b4bf968ad52afe14e60a2dc8a95d3555c543353a Mon Sep 17 00:00:00 2001
-From: "K.Kosako" <kosako@sofnec.co.jp>
-Date: Thu, 18 May 2017 17:05:27 +0900
-Subject: [PATCH] fix #55 : check too big code point value for single byte
- value in next_state_val()
-
----
- regparse.c |    3 +++
- 1 file changed, 3 insertions(+)
-
---- end of original header
-
-CVE: CVE-2017-9226
-
-Add check for octal number bigger than 255.
-
-Upstream-Status: Pending
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
-
---- ruby-2.4.1.orig/regparse.c
-+++ ruby-2.4.1/regparse.c
-@@ -4450,6 +4450,9 @@ next_state_val(CClassNode* cc, CClassNod
-   switch (*state) {
-   case CCS_VALUE:
-     if (*type == CCV_SB) {
-+      if (*from > 0xff)
-+          return ONIGERR_INVALID_CODE_POINT_VALUE;
-+
-       BITSET_SET_BIT_CHKDUP(cc->bs, (int )(*from));
-       if (IS_NOT_NULL(asc_cc))
- 	BITSET_SET_BIT(asc_cc->bs, (int )(*from));

meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9228.patch

@@ -1,34 +0,0 @@
-From 3b63d12038c8d8fc278e81c942fa9bec7c704c8b Mon Sep 17 00:00:00 2001
-From: "K.Kosako" <kosako@sofnec.co.jp>
-Date: Wed, 24 May 2017 13:43:25 +0900
-Subject: [PATCH] fix #60 : invalid state(CCS_VALUE) in parse_char_class()
-
----
- regparse.c |    4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
---- end of original header
-
-CVE: CVE-2017-9228
-
-Upstream-Status: Inappropriate [not author]
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
-diff --git a/regparse.c b/regparse.c
-index 69875fa..1988747 100644
---- a/regparse.c
-+++ b/regparse.c
-@@ -4081,7 +4081,9 @@ next_state_class(CClassNode* cc, OnigCodePoint* vs, enum CCVALTYPE* type,
-     }
-   }
- 
--  *state = CCS_VALUE;
-+  if (*state != CCS_START)
-+    *state = CCS_VALUE;
-+
-   *type  = CCV_CLASS;
-   return 0;
- }
--- 
-1.7.9.5
-

meta/recipes-devtools/ruby/ruby_2.5.5.bb

@@ -1,25 +1,19 @@
 require ruby.inc
 
 SRC_URI += " \
-           file://ruby-CVE-2017-9226.patch \
-           file://ruby-CVE-2017-9228.patch \
+           file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
            file://run-ptest \
            "
 
 SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
 SRC_URI[sha256sum] = "28a945fdf340e6ba04fc890b98648342e3cccfd6d223a48f3810572f11b2514c"
 
-# it's unknown to configure script, but then passed to extconf.rb
-# maybe it's not really needed as we're hardcoding the result with
-# 0001-socket-extconf-hardcode-wide-getaddr-info-test-outco.patch
-UNKNOWN_CONFIGURE_WHITELIST += "--enable-wide-getaddrinfo"
-
 PACKAGECONFIG ??= ""
 PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
 
 PACKAGECONFIG[valgrind] = "--with-valgrind=yes, --with-valgrind=no, valgrind"
 PACKAGECONFIG[gmp] = "--with-gmp=yes, --with-gmp=no, gmp"
-PACKAGECONFIG[ipv6] = ",--enable-wide-getaddrinfo,"
+PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6,"
 
 EXTRA_AUTORECONF += "--exclude=aclocal"
 

meta/recipes-devtools/strace/strace/disable-git-version-gen.patch

@@ -1,4 +1,4 @@
-From ed30a4fc4dc264ce5f5881462e03ae13c921bfed Mon Sep 17 00:00:00 2001
+From 3bc47502ab011ea8d7c9cd724b25174ecd9506bc Mon Sep 17 00:00:00 2001
 From: Andre McCurdy <armccurdy@gmail.com>
 Date: Mon, 18 Jan 2016 13:33:50 -0800
 Subject: [PATCH] strace: remove need for scripts
@@ -16,20 +16,20 @@ Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
  1 file changed, 3 insertions(+), 3 deletions(-)
 
 diff --git a/configure.ac b/configure.ac
-index 8045ebd..4319709 100644
+index 949b058..4ba989c 100644
 --- a/configure.ac
 +++ b/configure.ac
 @@ -12,12 +12,12 @@
  
  AC_PREREQ(2.57)
  AC_INIT([strace],
--	m4_esyscmd([./git-version-gen .tarball-version]),
+-	st_esyscmd_s([./git-version-gen .tarball-version]),
 +	m4_esyscmd_s([cat .tarball-version]),
  	[strace-devel@lists.strace.io],
  	[strace],
  	[https://strace.io])
--m4_define([copyright_year], m4_esyscmd([./copyright-year-gen .year]))
--m4_define([manpage_date], m4_esyscmd([./file-date-gen strace.1.in]))
+-m4_define([copyright_year], st_esyscmd_s([./copyright-year-gen .year]))
+-m4_define([manpage_date], st_esyscmd_s([./file-date-gen strace.1.in]))
 +m4_define([copyright_year], m4_esyscmd_s([cat .year]))
 +m4_define([manpage_date], m4_esyscmd_s([cat .strace.1.in.date]))
  AC_COPYRIGHT([Copyright (c) 1999-]copyright_year[ The strace developers.])

meta/recipes-devtools/strace/strace_5.3.bb

@@ -15,8 +15,8 @@ SRC_URI = "https://strace.io/files/${PV}/strace-${PV}.tar.xz \
            file://0001-tests-sigaction-Check-for-mips-and-alpha-before-usin.patch \
            file://ptest-spacesave.patch \
            "
-SRC_URI[md5sum] = "b9c02b07dcde5125498ce7da69b77baf"
-SRC_URI[sha256sum] = "d513bc085609a9afd64faf2ce71deb95b96faf46cd7bc86048bc655e4e4c24d2"
+SRC_URI[md5sum] = "84f5e72de813c9b1bb6057ee8ab428d8"
+SRC_URI[sha256sum] = "6c131198749656401fe3efd6b4b16a07ea867e8f530867ceae8930bbc937a047"
 
 inherit autotools ptest
 

meta/recipes-extended/lighttpd/lighttpd_1.4.54.bb

@@ -39,14 +39,13 @@ PACKAGECONFIG[krb5] = "--with-krb5,--without-krb5,krb5"
 PACKAGECONFIG[pcre] = "--with-pcre,--without-pcre,libpcre"
 PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib"
 PACKAGECONFIG[bzip2] = "--with-bzip2,--without-bzip2,bzip2"
-PACKAGECONFIG[fam] = "--with-fam,--without-fam,gamin"
 PACKAGECONFIG[webdav-props] = "--with-webdav-props,--without-webdav-props,libxml2 sqlite3"
 PACKAGECONFIG[webdav-locks] = "--with-webdav-locks,--without-webdav-locks,util-linux"
 PACKAGECONFIG[gdbm] = "--with-gdbm,--without-gdbm,gdbm"
 PACKAGECONFIG[memcache] = "--with-memcached,--without-memcached,libmemcached"
 PACKAGECONFIG[lua] = "--with-lua,--without-lua,lua"
 
-EXTRA_OECONF += "--enable-lfs"
+EXTRA_OECONF += "--enable-lfs --without-fam"
 
 inherit autotools pkgconfig update-rc.d gettext systemd
 

meta/recipes-extended/ltp/ltp/0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch

@@ -0,0 +1,64 @@
+From e3a8502d0a4f8a44ddd02ca4b2efc097133fb9f7 Mon Sep 17 00:00:00 2001
+From: Mathias Fiedler <mathias.fiedler@aox-tech.de>
+Date: Fri, 23 Aug 2019 12:46:48 +0200
+Subject: [PATCH] cve-2017-17052: Avoid unsafe exits in threads
+
+According to manpage exit(3) calling exit is not thread-safe.
+And with glibc 2.28 (and probably also with glibc >=2.27) sometimes
+child processes created in fork_thread can get stuck on process exit in
+glibc's __run_exit_handlers trying to acquire some lock which was in
+locked state while the fork was created. This can happen when exit is
+called in mmap_thread concurrently to the fork.
+While the main process will still return with PASSED some of its
+children are left behind.
+
+Comparing the source code with the original program as described in the
+commit 2b7e8665b4ff51c034c55df3cff76518d1a9ee3a of linux kernel >=4.13
+the exits in mmap_thread and fork_thread should not be necessary to
+trigger the original bug.
+
+Therefore those exit calls are removed. The mmap_thread and fork_thread
+should still exit when their corresponding main thread in do_test_fork
+calls exit_group. The remaining exit in do_test_fork will be called in
+the main thread without any concurrent thread in the same process.
+
+Signed-off-by: Mathias Fiedler <mathias.fiedler@aox-tech.de>
+Acked-by: Cyril Hrubis <chrubis@suse.cz>
+Acked-by: Jan Stancek <jstancek@redhat.com>
+
+Upstream-Status: Backport
+[https://github.com/linux-test-project/ltp/commit/9f0b452c1af4bcb54da35711eb3fa77334a350b4]
+
+CVE: CVE-2017-17052
+
+Signed-off-by: He Zhe <zhe.he@windriver.com>
+---
+ testcases/cve/cve-2017-17052.c | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/testcases/cve/cve-2017-17052.c b/testcases/cve/cve-2017-17052.c
+index d7da7e919..18cd2a6d7 100644
+--- a/testcases/cve/cve-2017-17052.c
++++ b/testcases/cve/cve-2017-17052.c
+@@ -58,8 +58,6 @@ static void *mmap_thread(void *arg)
+ 	for (;;) {
+ 		SAFE_MMAP(NULL, 0x1000000, PROT_READ,
+ 				MAP_POPULATE|MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
+-		if (*do_exit)
+-			exit(0);
+ 	}
+ 
+ 	return arg;
+@@ -67,9 +65,6 @@ static void *mmap_thread(void *arg)
+ 
+ static void *fork_thread(void *arg)
+ {
+-	if (*do_exit)
+-		exit(0);
+-
+ 	usleep(rand() % 10000);
+ 	SAFE_FORK();
+ 
+-- 
+2.17.1
+

meta/recipes-extended/ltp/ltp_20190517.bb

@@ -48,6 +48,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \
            file://0001-cve-meltdown.c-Fix-kernel-symbol-finding.patch \
            file://0001-testcases-use-python3-everywhere-to-run-python-scrip.patch \
            file://0001-syscall-rt_sigtimedwait01-Fix-wrong-sigset-length-fo.patch \
+           file://0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch \
            "
 
 S = "${WORKDIR}/git"

meta/recipes-extended/net-tools/net-tools_1.60-26.bb

@@ -95,7 +95,7 @@ do_compile() {
 
 do_install() {
 	# We don't need COPTS or LOPTS, but let's be consistent.
-	oe_runmake COPTS="$CFLAGS" LOPTS="$LDFLAGS" 'BASEDIR=${D}' install
+	oe_runmake COPTS="$CFLAGS" LOPTS="$LDFLAGS" BASEDIR=${D} INSTALLNLSDIR=${D}${datadir}/locale mandir=${mandir} install
 
 	if [ "${base_bindir}" != "/bin" ]; then
 		mkdir -p ${D}/${base_bindir}

meta/recipes-extended/shadow/shadow.inc

@@ -14,12 +14,12 @@ SRC_URI = "https://github.com/shadow-maint/shadow/releases/download/${PV}/${BP}.
            file://0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch  \
            file://0001-configure.ac-fix-configure-error-with-dash.patch \
            ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
+           file://shadow-relaxed-usernames.patch \
            "
 
 SRC_URI_append_class-target = " \
            file://login_defs_pam.sed \
            file://shadow-update-pam-conf.patch \
-           file://shadow-relaxed-usernames.patch \
            "
 
 SRC_URI_append_class-native = " \

meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch

@@ -0,0 +1,33 @@
+From 080d52c3c9416c731f637f9c6e003961ef43f079 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Mon, 27 May 2019 08:20:32 -0700
+Subject: [PATCH 1/3] Fix bug in undefer_input() that misplaced the input
+ state.
+
+CVE: CVE-2019-13232
+Upstream-Status: Backport
+[https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ fileio.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/fileio.c b/fileio.c
+index 7605a29..14460f3 100644
+--- a/fileio.c
++++ b/fileio.c
+@@ -532,8 +532,10 @@ void undefer_input(__G)
+          * This condition was checked when G.incnt_leftover was set > 0 in
+          * defer_leftover_input(), and it is NOT allowed to touch G.csize
+          * before calling undefer_input() when (G.incnt_leftover > 0)
+-         * (single exception: see read_byte()'s  "G.csize <= 0" handling) !!
++         * (single exception: see readbyte()'s  "G.csize <= 0" handling) !!
+          */
++        if (G.csize < 0L)
++            G.csize = 0L;
+         G.incnt = G.incnt_leftover + (int)G.csize;
+         G.inptr = G.inptr_leftover - (int)G.csize;
+         G.incnt_leftover = 0;
+-- 
+2.22.0.vfs.1.1.57.gbaf16c8

meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch

@@ -0,0 +1,356 @@
+From 1aae47fa8935654a84403768f32c03ecbb1be470 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Tue, 11 Jun 2019 22:01:18 -0700
+Subject: [PATCH 2/3] Detect and reject a zip bomb using overlapped entries.
+
+This detects an invalid zip file that has at least one entry that
+overlaps with another entry or with the central directory to the
+end of the file. A Fifield zip bomb uses overlapped local entries
+to vastly increase the potential inflation ratio. Such an invalid
+zip file is rejected.
+
+See https://www.bamsoftware.com/hacks/zipbomb/ for David Fifield's
+analysis, construction, and examples of such zip bombs.
+
+The detection maintains a list of covered spans of the zip files
+so far, where the central directory to the end of the file and any
+bytes preceding the first entry at zip file offset zero are
+considered covered initially. Then as each entry is decompressed
+or tested, it is considered covered. When a new entry is about to
+be processed, its initial offset is checked to see if it is
+contained by a covered span. If so, the zip file is rejected as
+invalid.
+
+This commit depends on a preceding commit: "Fix bug in
+undefer_input() that misplaced the input state."
+
+CVE: CVE-2019-13232
+Upstream-Status: Backport
+[https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ extract.c | 190 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
+ globals.c |   1 +
+ globals.h |   3 +
+ process.c |  10 +++
+ unzip.h   |   1 +
+ 5 files changed, 204 insertions(+), 1 deletion(-)
+
+diff --git a/extract.c b/extract.c
+index 24db2a8..2bb72ba 100644
+--- a/extract.c
++++ b/extract.c
+@@ -321,6 +321,125 @@ static ZCONST char Far UnsupportedExtraField[] =
+   "\nerror:  unsupported extra-field compression type (%u)--skipping\n";
+ static ZCONST char Far BadExtraFieldCRC[] =
+   "error [%s]:  bad extra-field CRC %08lx (should be %08lx)\n";
++static ZCONST char Far NotEnoughMemCover[] =
++  "error: not enough memory for bomb detection\n";
++static ZCONST char Far OverlappedComponents[] =
++  "error: invalid zip file with overlapped components (possible zip bomb)\n";
++
++
++
++
++
++/* A growable list of spans. */
++typedef zoff_t bound_t;
++typedef struct {
++    bound_t beg;        /* start of the span */
++    bound_t end;        /* one past the end of the span */
++} span_t;
++typedef struct {
++    span_t *span;       /* allocated, distinct, and sorted list of spans */
++    size_t num;         /* number of spans in the list */
++    size_t max;         /* allocated number of spans (num <= max) */
++} cover_t;
++
++/*
++ * Return the index of the first span in cover whose beg is greater than val.
++ * If there is no such span, then cover->num is returned.
++ */
++static size_t cover_find(cover, val)
++    cover_t *cover;
++    bound_t val;
++{
++    size_t lo = 0, hi = cover->num;
++    while (lo < hi) {
++        size_t mid = (lo + hi) >> 1;
++        if (val < cover->span[mid].beg)
++            hi = mid;
++        else
++            lo = mid + 1;
++    }
++    return hi;
++}
++
++/* Return true if val lies within any one of the spans in cover. */
++static int cover_within(cover, val)
++    cover_t *cover;
++    bound_t val;
++{
++    size_t pos = cover_find(cover, val);
++    return pos > 0 && val < cover->span[pos - 1].end;
++}
++
++/*
++ * Add a new span to the list, but only if the new span does not overlap any
++ * spans already in the list. The new span covers the values beg..end-1. beg
++ * must be less than end.
++ *
++ * Keep the list sorted and merge adjacent spans. Grow the allocated space for
++ * the list as needed. On success, 0 is returned. If the new span overlaps any
++ * existing spans, then 1 is returned and the new span is not added to the
++ * list. If the new span is invalid because beg is greater than or equal to
++ * end, then -1 is returned. If the list needs to be grown but the memory
++ * allocation fails, then -2 is returned.
++ */
++static int cover_add(cover, beg, end)
++    cover_t *cover;
++    bound_t beg;
++    bound_t end;
++{
++    size_t pos;
++    int prec, foll;
++
++    if (beg >= end)
++    /* The new span is invalid. */
++        return -1;
++
++    /* Find where the new span should go, and make sure that it does not
++       overlap with any existing spans. */
++    pos = cover_find(cover, beg);
++    if ((pos > 0 && beg < cover->span[pos - 1].end) ||
++        (pos < cover->num && end > cover->span[pos].beg))
++        return 1;
++
++    /* Check for adjacencies. */
++    prec = pos > 0 && beg == cover->span[pos - 1].end;
++    foll = pos < cover->num && end == cover->span[pos].beg;
++    if (prec && foll) {
++        /* The new span connects the preceding and following spans. Merge the
++           following span into the preceding span, and delete the following
++           span. */
++        cover->span[pos - 1].end = cover->span[pos].end;
++        cover->num--;
++        memmove(cover->span + pos, cover->span + pos + 1,
++                (cover->num - pos) * sizeof(span_t));
++    }
++    else if (prec)
++        /* The new span is adjacent only to the preceding span. Extend the end
++           of the preceding span. */
++        cover->span[pos - 1].end = end;
++    else if (foll)
++        /* The new span is adjacent only to the following span. Extend the
++           beginning of the following span. */
++        cover->span[pos].beg = beg;
++    else {
++        /* The new span has gaps between both the preceding and the following
++           spans. Assure that there is room and insert the span.  */
++        if (cover->num == cover->max) {
++            size_t max = cover->max == 0 ? 16 : cover->max << 1;
++            span_t *span = realloc(cover->span, max * sizeof(span_t));
++            if (span == NULL)
++                return -2;
++            cover->span = span;
++            cover->max = max;
++        }
++        memmove(cover->span + pos + 1, cover->span + pos,
++                (cover->num - pos) * sizeof(span_t));
++        cover->num++;
++        cover->span[pos].beg = beg;
++        cover->span[pos].end = end;
++    }
++    return 0;
++}
+ 
+ 
+ 
+@@ -376,6 +495,29 @@ int extract_or_test_files(__G)    /* return PK-type error code */
+     }
+ #endif /* !SFX || SFX_EXDIR */
+ 
++    /* One more: initialize cover structure for bomb detection. Start with a
++       span that covers the central directory though the end of the file. */
++    if (G.cover == NULL) {
++        G.cover = malloc(sizeof(cover_t));
++        if (G.cover == NULL) {
++            Info(slide, 0x401, ((char *)slide,
++              LoadFarString(NotEnoughMemCover)));
++            return PK_MEM;
++        }
++        ((cover_t *)G.cover)->span = NULL;
++        ((cover_t *)G.cover)->max = 0;
++    }
++    ((cover_t *)G.cover)->num = 0;
++    if ((G.extra_bytes != 0 &&
++         cover_add((cover_t *)G.cover, 0, G.extra_bytes) != 0) ||
++        cover_add((cover_t *)G.cover,
++                  G.extra_bytes + G.ecrec.offset_start_central_directory,
++                  G.ziplen) != 0) {
++        Info(slide, 0x401, ((char *)slide,
++          LoadFarString(NotEnoughMemCover)));
++        return PK_MEM;
++    }
++
+ /*---------------------------------------------------------------------------
+     The basic idea of this function is as follows.  Since the central di-
+     rectory lies at the end of the zipfile and the member files lie at the
+@@ -593,7 +735,8 @@ int extract_or_test_files(__G)    /* return PK-type error code */
+             if (error > error_in_archive)
+                 error_in_archive = error;
+             /* ...and keep going (unless disk full or user break) */
+-            if (G.disk_full > 1 || error_in_archive == IZ_CTRLC) {
++            if (G.disk_full > 1 || error_in_archive == IZ_CTRLC ||
++                error == PK_BOMB) {
+                 /* clear reached_end to signal premature stop ... */
+                 reached_end = FALSE;
+                 /* ... and cancel scanning the central directory */
+@@ -1062,6 +1205,11 @@ static int extract_or_test_entrylist(__G__ numchunk,
+ 
+         /* seek_zipf(__G__ pInfo->offset);  */
+         request = G.pInfo->offset + G.extra_bytes;
++        if (cover_within((cover_t *)G.cover, request)) {
++            Info(slide, 0x401, ((char *)slide,
++              LoadFarString(OverlappedComponents)));
++            return PK_BOMB;
++        }
+         inbuf_offset = request % INBUFSIZ;
+         bufstart = request - inbuf_offset;
+ 
+@@ -1593,6 +1741,18 @@ reprompt:
+             return IZ_CTRLC;        /* cancel operation by user request */
+         }
+ #endif
++        error = cover_add((cover_t *)G.cover, request,
++                          G.cur_zipfile_bufstart + (G.inptr - G.inbuf));
++        if (error < 0) {
++            Info(slide, 0x401, ((char *)slide,
++              LoadFarString(NotEnoughMemCover)));
++            return PK_MEM;
++        }
++        if (error != 0) {
++            Info(slide, 0x401, ((char *)slide,
++              LoadFarString(OverlappedComponents)));
++            return PK_BOMB;
++        }
+ #ifdef MACOS  /* MacOS is no preemptive OS, thus call event-handling by hand */
+         UserStop();
+ #endif
+@@ -1994,6 +2154,34 @@ static int extract_or_test_member(__G)    /* return PK-type error code */
+     }
+ 
+     undefer_input(__G);
++
++    if ((G.lrec.general_purpose_bit_flag & 8) != 0) {
++        /* skip over data descriptor (harder than it sounds, due to signature
++         * ambiguity)
++         */
++#       define SIG 0x08074b50
++#       define LOW 0xffffffff
++        uch buf[12];
++        unsigned shy = 12 - readbuf((char *)buf, 12);
++        ulg crc = shy ? 0 : makelong(buf);
++        ulg clen = shy ? 0 : makelong(buf + 4);
++        ulg ulen = shy ? 0 : makelong(buf + 8); /* or high clen if ZIP64 */
++        if (crc == SIG &&                       /* if not SIG, no signature */
++            (G.lrec.crc32 != SIG ||             /* if not SIG, have signature */
++             (clen == SIG &&                    /* if not SIG, no signature */
++              ((G.lrec.csize & LOW) != SIG ||   /* if not SIG, have signature */
++               (ulen == SIG &&                  /* if not SIG, no signature */
++                (G.zip64 ? G.lrec.csize >> 32 : G.lrec.ucsize) != SIG
++                                                /* if not SIG, have signature */
++                )))))
++                   /* skip four more bytes to account for signature */
++                   shy += 4 - readbuf((char *)buf, 4);
++        if (G.zip64)
++            shy += 8 - readbuf((char *)buf, 8); /* skip eight more for ZIP64 */
++        if (shy)
++            error = PK_ERR;
++    }
++
+     return error;
+ 
+ } /* end function extract_or_test_member() */
+diff --git a/globals.c b/globals.c
+index fa8cca5..1e0f608 100644
+--- a/globals.c
++++ b/globals.c
+@@ -181,6 +181,7 @@ Uz_Globs *globalsCtor()
+ # if (!defined(NO_TIMESTAMPS))
+     uO.D_flag=1;    /* default to '-D', no restoration of dir timestamps */
+ # endif
++    G.cover = NULL;     /* not allocated yet */
+ #endif
+ 
+     uO.lflag=(-1);
+diff --git a/globals.h b/globals.h
+index 11b7215..2bdcdeb 100644
+--- a/globals.h
++++ b/globals.h
+@@ -260,12 +260,15 @@ typedef struct Globals {
+     ecdir_rec       ecrec;         /* used in unzip.c, extract.c */
+     z_stat   statbuf;              /* used by main, mapname, check_for_newer */
+ 
++    int zip64;                     /* true if Zip64 info in extra field */
++
+     int      mem_mode;
+     uch      *outbufptr;           /* extract.c static */
+     ulg      outsize;              /* extract.c static */
+     int      reported_backslash;   /* extract.c static */
+     int      disk_full;
+     int      newfile;
++    void     **cover;              /* used in extract.c for bomb detection */
+ 
+     int      didCRlast;            /* fileio static */
+     ulg      numlines;             /* fileio static: number of lines printed */
+diff --git a/process.c b/process.c
+index a3c1a4d..208619c 100644
+--- a/process.c
++++ b/process.c
+@@ -637,6 +637,13 @@ void free_G_buffers(__G)     /* releases all memory allocated in global vars */
+     }
+ #endif
+ 
++    /* Free the cover span list and the cover structure. */
++    if (G.cover != NULL) {
++        free(*(G.cover));
++        free(G.cover);
++        G.cover = NULL;
++    }
++
+ } /* end function free_G_buffers() */
+ 
+ 
+@@ -1905,6 +1912,7 @@ int getZip64Data(__G__ ef_buf, ef_len)
+ 
+ #define Z64FLGS 0xffff
+ #define Z64FLGL 0xffffffff
++    G.zip64 = FALSE;
+ 
+     if (ef_len == 0 || ef_buf == NULL)
+         return PK_COOL;
+@@ -1964,6 +1972,8 @@ int getZip64Data(__G__ ef_buf, ef_len)
+             G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf);
+             offset += 4;
+           }
++
++          G.zip64 = TRUE;
+ #if 0
+           break;                /* Expect only one EF_PKSZ64 block. */
+ #endif /* 0 */
+diff --git a/unzip.h b/unzip.h
+index 5b2a326..ed24a5b 100644
+--- a/unzip.h
++++ b/unzip.h
+@@ -645,6 +645,7 @@ typedef struct _Uzp_cdir_Rec {
+ #define PK_NOZIP           9   /* zipfile not found */
+ #define PK_PARAM          10   /* bad or illegal parameters specified */
+ #define PK_FIND           11   /* no files found */
++#define PK_BOMB           12   /* likely zip bomb */
+ #define PK_DISK           50   /* disk full */
+ #define PK_EOF            51   /* unexpected EOF */
+ 
+-- 
+2.22.0.vfs.1.1.57.gbaf16c8

meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch

@@ -0,0 +1,121 @@
+From be88aa4811af47ca06d8b7dcda294f899eba70ea Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Thu, 25 Jul 2019 20:43:17 -0700
+Subject: [PATCH 3/3] Do not raise a zip bomb alert for a misplaced central
+ directory.
+
+There is a zip-like file in the Firefox distribution, omni.ja,
+which is a zip container with the central directory placed at the
+start of the file instead of after the local entries as required
+by the zip standard. This commit marks the actual location of the
+central directory, as well as the end of central directory records,
+as disallowed locations. This now permits such containers to not
+raise a zip bomb alert, where in fact there are no overlaps.
+
+CVE: CVE-2019-13232
+Upstream-Status: Backport
+[https://github.com/madler/unzip/commit/6d351831be705cc26d897db44f878a978f4138fc]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ extract.c | 25 +++++++++++++++++++------
+ process.c |  6 ++++++
+ unzpriv.h | 10 ++++++++++
+ 3 files changed, 35 insertions(+), 6 deletions(-)
+
+diff --git a/extract.c b/extract.c
+index 2bb72ba..a9dcca8 100644
+--- a/extract.c
++++ b/extract.c
+@@ -495,8 +495,11 @@ int extract_or_test_files(__G)    /* return PK-type error code */
+     }
+ #endif /* !SFX || SFX_EXDIR */
+ 
+-    /* One more: initialize cover structure for bomb detection. Start with a
+-       span that covers the central directory though the end of the file. */
++    /* One more: initialize cover structure for bomb detection. Start with
++       spans that cover any extra bytes at the start, the central directory,
++       the end of central directory record (including the Zip64 end of central
++       directory locator, if present), and the Zip64 end of central directory
++       record, if present. */
+     if (G.cover == NULL) {
+         G.cover = malloc(sizeof(cover_t));
+         if (G.cover == NULL) {
+@@ -508,15 +511,25 @@ int extract_or_test_files(__G)    /* return PK-type error code */
+         ((cover_t *)G.cover)->max = 0;
+     }
+     ((cover_t *)G.cover)->num = 0;
+-    if ((G.extra_bytes != 0 &&
+-         cover_add((cover_t *)G.cover, 0, G.extra_bytes) != 0) ||
+-        cover_add((cover_t *)G.cover,
++    if (cover_add((cover_t *)G.cover,
+                   G.extra_bytes + G.ecrec.offset_start_central_directory,
+-                  G.ziplen) != 0) {
++                  G.extra_bytes + G.ecrec.offset_start_central_directory +
++                  G.ecrec.size_central_directory) != 0) {
+         Info(slide, 0x401, ((char *)slide,
+           LoadFarString(NotEnoughMemCover)));
+         return PK_MEM;
+     }
++    if ((G.extra_bytes != 0 &&
++         cover_add((cover_t *)G.cover, 0, G.extra_bytes) != 0) ||
++        (G.ecrec.have_ecr64 &&
++         cover_add((cover_t *)G.cover, G.ecrec.ec64_start,
++                   G.ecrec.ec64_end) != 0) ||
++        cover_add((cover_t *)G.cover, G.ecrec.ec_start,
++                  G.ecrec.ec_end) != 0) {
++        Info(slide, 0x401, ((char *)slide,
++          LoadFarString(OverlappedComponents)));
++        return PK_BOMB;
++    }
+ 
+ /*---------------------------------------------------------------------------
+     The basic idea of this function is as follows.  Since the central di-
+diff --git a/process.c b/process.c
+index 208619c..5f8f6c6 100644
+--- a/process.c
++++ b/process.c
+@@ -1408,6 +1408,10 @@ static int find_ecrec64(__G__ searchlen)         /* return PK-class error */
+ 
+     /* Now, we are (almost) sure that we have a Zip64 archive. */
+     G.ecrec.have_ecr64 = 1;
++    G.ecrec.ec_start -= ECLOC64_SIZE+4;
++    G.ecrec.ec64_start = ecrec64_start_offset;
++    G.ecrec.ec64_end = ecrec64_start_offset +
++                       12 + makeint64(&byterec[ECREC64_LENGTH]);
+ 
+     /* Update the "end-of-central-dir offset" for later checks. */
+     G.real_ecrec_offset = ecrec64_start_offset;
+@@ -1542,6 +1546,8 @@ static int find_ecrec(__G__ searchlen)          /* return PK-class error */
+       makelong(&byterec[OFFSET_START_CENTRAL_DIRECTORY]);
+     G.ecrec.zipfile_comment_length =
+       makeword(&byterec[ZIPFILE_COMMENT_LENGTH]);
++    G.ecrec.ec_start = G.real_ecrec_offset;
++    G.ecrec.ec_end = G.ecrec.ec_start + 22 + G.ecrec.zipfile_comment_length;
+ 
+     /* Now, we have to read the archive comment, BEFORE the file pointer
+        is moved away backwards to seek for a Zip64 ECLOC64 structure.
+diff --git a/unzpriv.h b/unzpriv.h
+index c8d3eab..5e177c7 100644
+--- a/unzpriv.h
++++ b/unzpriv.h
+@@ -2185,6 +2185,16 @@ typedef struct VMStimbuf {
+        int have_ecr64;                  /* valid Zip64 ecdir-record exists */
+        int is_zip64_archive;            /* Zip64 ecdir-record is mandatory */
+        ush zipfile_comment_length;
++       zusz_t ec_start, ec_end;         /* offsets of start and end of the
++                                           end of central directory record,
++                                           including if present the Zip64
++                                           end of central directory locator,
++                                           which immediately precedes the
++                                           end of central directory record */
++       zusz_t ec64_start, ec64_end;     /* if have_ecr64 is true, then these
++                                           are the offsets of the start and
++                                           end of the Zip64 end of central
++                                           directory record */
+    } ecdir_rec;
+ 
+ 
+-- 
+2.22.0.vfs.1.1.57.gbaf16c8
+

meta/recipes-extended/unzip/unzip_6.0.bb

@@ -22,6 +22,9 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/
 	file://symlink.patch \
 	file://0001-unzip-fix-CVE-2018-1000035.patch \
 	file://CVE-2018-18384.patch \
+	file://CVE-2019-13232_p1.patch \
+	file://CVE-2019-13232_p2.patch \
+	file://CVE-2019-13232_p3.patch \
 "
 UPSTREAM_VERSION_UNKNOWN = "1"
 

meta/recipes-graphics/mesa/mesa.inc

@@ -98,6 +98,7 @@ PACKAGECONFIG[gles] = "-Dgles1=true -Dgles2=true, -Dgles1=false -Dgles2=false"
 PACKAGECONFIG[egl] = "-Degl=true, -Degl=false"
 
 PACKAGECONFIG[etnaviv] = ""
+PACKAGECONFIG[freedreno] = ""
 PACKAGECONFIG[kmsro] = ""
 PACKAGECONFIG[vc4] = ""
 PACKAGECONFIG[v3d] = ""
@@ -107,6 +108,7 @@ GALLIUMDRIVERS = "swrast"
 GALLIUMDRIVERS_x86-x32 = ""
 
 GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'etnaviv', ',etnaviv', '', d)}"
+GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'freedreno', ',freedreno', '', d)}"
 GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'kmsro', ',kmsro', '', d)}"
 GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'vc4', ',vc4', '', d)}"
 GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'v3d', ',v3d', '', d)}"

meta/recipes-graphics/pango/pango/0001-Skip-thai-break-tests-without-libthai.patch

@@ -0,0 +1,36 @@
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From 12beb39925b5a4574a7cfd86073b59bceb49f791 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen@redhat.com>
+Date: Wed, 4 Sep 2019 15:51:06 -0400
+Subject: [PATCH] Skip thai break tests without libthai
+
+If we don't have libthai, these tests fail.
+
+Closes: https://gitlab.gnome.org/GNOME/pango/issues/420
+---
+ tests/meson.build | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/tests/meson.build b/tests/meson.build
+index 4c22c12c..c617331f 100644
+--- a/tests/meson.build
++++ b/tests/meson.build
+@@ -89,9 +89,12 @@ test_breaks_data = [
+   'breaks/one',
+   'breaks/two',
+   'breaks/three',
+-  'breaks/four',
+ ]
+ 
++if thai_dep.found()
++  test_breaks_data += [ 'breaks/four', ]
++endif
++
+ test_items_data = [
+   'itemize/one',
+ ]
+-- 
+2.20.1
+

meta/recipes-graphics/pango/pango_1.44.6.bb

@@ -15,7 +15,8 @@ GNOMEBASEBUILDCLASS = "meson"
 
 inherit gnomebase gtk-doc ptest-gnome upstream-version-is-even gobject-introspection
 
-SRC_URI += "file://run-ptest"
+SRC_URI += "file://run-ptest \
+            file://0001-Skip-thai-break-tests-without-libthai.patch"
 SRC_URI[archive.md5sum] = "db0a3243ba33e02aaa775412f8e5f412"
 SRC_URI[archive.sha256sum] = "3e1e41ba838737e200611ff001e3b304c2ca4cdbba63d200a20db0b0ddc0f86c"
 

meta/recipes-kernel/kexec/kexec-tools/0006-kexec-arm-undefine-__NR_kexec_file_load-for-arm.patch

@@ -0,0 +1,40 @@
+From b54816eff272324320c490d62dc36b27d2838732 Mon Sep 17 00:00:00 2001
+From: Quanyang Wang <quanyang.wang@windriver.com>
+Date: Mon, 16 Sep 2019 10:49:05 +0800
+Subject: [PATCH] kexec/arm: undefine __NR_kexec_file_load for arm
+
+In the kernel upstream commit 4ab65ba7a5cb
+("ARM: add kexec_file_load system call number"),
+__NR_kexec_file_load for arm has been defined to be 401.
+This results that even if kexec_file_load isn't implemented
+for arm but the function is_kexec_file_load_implemented()
+will still return true. So undef __NR_kexec_file_load for
+arm architecture.
+
+Upstream-Status: Backport
+[https://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git/commit/kexec/kexec-syscall.h?id=b54816eff272324320c490d62dc36b27d2838732]
+
+Signed-off-by: Quanyang Wang <quanyang.wang@windriver.com>
+Signed-off-by: Simon Horman <horms@verge.net.au>
+---
+ kexec/kexec-syscall.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/kexec/kexec-syscall.h b/kexec/kexec-syscall.h
+index dac1c1f..92d51d3 100644
+--- a/kexec/kexec-syscall.h
++++ b/kexec/kexec-syscall.h
+@@ -56,6 +56,10 @@
+ #endif
+ #endif /*ifndef __NR_kexec_load*/
+ 
++#ifdef __arm__
++#undef __NR_kexec_file_load
++#endif
++
+ #ifndef __NR_kexec_file_load
+ 
+ #ifdef __x86_64__
+-- 
+2.17.1
+

meta/recipes-kernel/kexec/kexec-tools_2.0.19.bb

@@ -18,6 +18,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/kernel/kexec/kexec-tools-${PV}.tar.gz
     file://0003-kexec-ARM-Fix-add_buffer_phys_virt-align-issue.patch \
     file://0004-x86_64-Add-support-to-build-kexec-tools-with-x32-ABI.patch \
     file://0005-Disable-PIE-during-link.patch \
+    file://0006-kexec-arm-undefine-__NR_kexec_file_load-for-arm.patch \
 "
 
 SRC_URI[md5sum] = "052458f0a35c2a3b0d2302caa3318e9f"

meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb

@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "ca2e3322f4c5678eaef6434c808d0842c805d74d"
-SRCREV_meta ?= "20a6158aa35dbf11819382ef1eeb28915afea765"
+SRCREV_machine ?= "02f0c38dd20819c0e9d279e3b1e95280101ea8ab"
+SRCREV_meta ?= "a7cb57afb9fb9787079c28a1028d797632105e56"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-4.19;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "4.19.61"
+LINUX_VERSION ?= "4.19.72"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 

meta/recipes-kernel/linux/linux-yocto-rt_5.2.bb

@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "c6eb169e914def00c37cc2917486c637d800d404"
-SRCREV_meta ?= "a36c82128d9ccec878d1c0c4542b87d6cf5e9a7c"
+SRCREV_machine ?= "04d5cfbbd09ba202134f97f8818372c7c9c81fe7"
+SRCREV_meta ?= "56f5bc749e5a8e40b55a3819288ac277813ec5ef"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.2;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.2.10"
+LINUX_VERSION ?= "5.2.17"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"