Date   

Re: Create the patch for the linux kernel module #dunfell

Khem Raj
 



On Sat, Aug 20, 2022 at 11:52 AM <mahendrasondagar08@...> wrote:

Hi... Community

Hope all are doing well

I'm dealing with the yocto dunfell branch with the STM32MP1

I know, how to create the patch for the device tree source (DTS) and add with the custom image

My intend is to modify the busb.c to work with my bluetooth USB dongle
I have create the patch for the same and adding the same way as i does with the DTS file

But, unfortunately, it's causing the issue wile baking the image!


If it’s in-tree kernel module then you create a patch with your changes and apply it via recipe like any other recipe is going to do in metadata 

However you need to share specific details on errors so someone can get a better content to help you 


Can any one redirect me to the tutorial to customize the kernel module via patch under yocto ?

 

All suggestions and comments welcome

Thanks
Mahendra





Create the patch for the linux kernel module #dunfell

Mahendra Sondagar
 

Hi... Community

Hope all are doing well

I'm dealing with the yocto dunfell branch with the STM32MP1

I know, how to create the patch for the device tree source (DTS) and add with the custom image

My intend is to modify the busb.c to work with my bluetooth USB dongle
I have create the patch for the same and adding the same way as i does with the DTS file

But, unfortunately, it's causing the issue wile baking the image!

Can any one redirect me to the tutorial to customize the kernel module via patch under yocto ?

 

All suggestions and comments welcome

Thanks
Mahendra


[meta-yocto][kirkstone][PATCH 2/2] linux-yocto/5.10: update genericx86* machines to v5.10.135

Rajesh Dangi
 

Signed-off-by: Rajesh Dangi <rajeshx.dangi@...>
---
.../recipes-kernel/linux/linux-yocto_5.10.bbappend | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend
index bec8319c34..1f49fd106c 100644
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend
@@ -7,8 +7,8 @@ KMACHINE:genericx86 ?= "common-pc"
KMACHINE:genericx86-64 ?= "common-pc-64"
KMACHINE:beaglebone-yocto ?= "beaglebone"

-SRCREV_machine:genericx86 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a"
-SRCREV_machine:genericx86-64 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a"
+SRCREV_machine:genericx86 ?= "d09b184cbc0321794bda715ab560dec077a048d0"
+SRCREV_machine:genericx86-64 ?= "d09b184cbc0321794bda715ab560dec077a048d0"
SRCREV_machine:edgerouter ?= "7c9332d91089ee63581be6cd3e7197c9d3e9a883"
SRCREV_machine:beaglebone-yocto ?= "3c44f12b9de336579d00ac0105852f4cbf7e8b7d"

@@ -17,7 +17,7 @@ COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64"
COMPATIBLE_MACHINE:edgerouter = "edgerouter"
COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto"

-LINUX_VERSION:genericx86 = "5.10.130"
-LINUX_VERSION:genericx86-64 = "5.10.130"
+LINUX_VERSION:genericx86 = "5.10.135"
+LINUX_VERSION:genericx86-64 = "5.10.135"
LINUX_VERSION:edgerouter = "5.10.130"
LINUX_VERSION:beaglebone-yocto = "5.10.130"
--
2.17.1


[meta-yocto][kirkstone][PATCH 1/2] linux-yocto/5.15: update genericx86* machines to v5.15.59

Rajesh Dangi
 

Signed-off-by: Rajesh Dangi <rajeshx.dangi@...>
---
.../recipes-kernel/linux/linux-yocto_5.15.bbappend | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
index a5c0ecdbd9..e6826203e3 100644
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
@@ -7,8 +7,8 @@ KMACHINE:genericx86 ?= "common-pc"
KMACHINE:genericx86-64 ?= "common-pc-64"
KMACHINE:beaglebone-yocto ?= "beaglebone"

-SRCREV_machine:genericx86 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec"
-SRCREV_machine:genericx86-64 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec"
+SRCREV_machine:genericx86 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a"
+SRCREV_machine:genericx86-64 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a"
SRCREV_machine:edgerouter ?= "90f1ee6589264545f548d731c2480b08a007230f"
SRCREV_machine:beaglebone-yocto ?= "9aabbaa89fcb21af7028e814c1f5b61171314d5a"

@@ -17,7 +17,7 @@ COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64"
COMPATIBLE_MACHINE:edgerouter = "edgerouter"
COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto"

-LINUX_VERSION:genericx86 = "5.15.54"
-LINUX_VERSION:genericx86-64 = "5.15.54"
+LINUX_VERSION:genericx86 = "5.15.59"
+LINUX_VERSION:genericx86-64 = "5.15.59"
LINUX_VERSION:edgerouter = "5.15.54"
LINUX_VERSION:beaglebone-yocto = "5.15.54"
--
2.17.1


Minutes: Yocto Project Weekly Triage Meeting 8/18/2022

sakib.sajal@...
 

Wiki: https://wiki.yoctoproject.org/wiki/Bug_Triage

Attendees: Steve Sakoman, Joshua Watt, Randy Macleod, Richard Purdie, Alexandre Belloni, Pavel Zhukov, Stephen Jolley, Ross Burton, Saul Wold

ARs:

N/A

Notes:
N/A

Medium+ 4.1 Unassigned Enhancements/Bugs: 78 (Last week 78)

Medium+ 4.99 Unassigned Enhancements/Bugs: 43 (Last week 43)

AB Bugs: 56 (Last week 54)


Devtool fails if SRCREV is set to ${AUTOREV} #kirkstone #devtool #yocto

shibi.cbe@...
 

Hello Everyone

We perform yocto build and do devtool modify for one of package it works
if we perform devtool modify for another package without resetting the previously modified package we are getting below error in modified package during parsing bb step 
 
recipefile:
 
SRC_URI="git://git.com/pkg/linux;branch=mulberry-5.10;protocol=ssh;name=linux;destsuffix=git
 
SRCREV = "${AUTOREV}"
 
PV = "5.10+git${SRCPV}"
 
Yocto version: Kirkstone
BB_SRCREV_POLICY = "clear"
 
Error:
 
ERROR: /local/home/test/workspace/poky/../sources/meta-mulberry/recipes-kernel/linux/linux_5.10.bb: Error executing a python function in <code>:                                                                                                                   | ETA:  --:--:--
 
 
 
The stack trace of python calls that resulted in this exception/failure was:
File: '<code>', lineno: 21, function: <module>
 
     0017:__anon_56__local_home_test_workspace_poky_meta_classes_kernel_fitimage_bbclass(d)
 
     0018:__anon_795__local_home_test_workspace_poky_meta_classes_kernel_fitimage_bbclass(d)
 
     0019:__anon_7__local_home_test_workspace_poky_meta_classes_kernel_devicetree_bbclass(d)
 
     0020:__anon_717__local_home_test_workspace_poky_meta_classes_kernel_yocto_bbclass(d)
 
 *** 0021:__anon_145__local_home_test_workspace_poky_meta_classes_externalsrc_bbclass(d)
 
File: '/local/home/shibikri/mulberry_workspace/poky/meta/classes/externalsrc.bbclass', lineno: 66, function: __anon_145__local_home_test_workspace_poky_meta_classes_externalsrc_bbclass
     0062:        else:
     0063:            d.setVar('B', '${WORKDIR}/${BPN}-${PV}/')
     0064:
     0065:        local_srcuri = []
 *** 0066:        fetch = bb.fetch2.Fetch((d.getVar('SRC_URI') or '').split(), d)
     0067:        for url in fetch.urls:
     0068:            url_data = fetch.ud[url]
     0069:            parm = url_data.parm
     0070:            if (url_data.type == 'file' or
File: '/local/home/test/workspace/poky/bitbake/lib/bb/fetch2/__init__.py', lineno: 1680, function: __init__
     1676:
     1677:        for url in urls:
     1678:            if url not in self.ud:
     1679:                try:
 *** 1680:                    self.ud[url] = FetchData(url, d, localonly)
     1681:                except NonLocalMethod:
     1682:                    if localonly:
     1683:                        self.ud[url] = None
     1684:                        pass
File: '/local/home/test/workspace/poky/bitbake/lib/bb/fetch2/__init__.py', lineno: 1317, function: __init__
     1313:            logger.warning('Consider updating %s recipe to use "protocol" not "proto" in SRC_URI.', d.getVar('PN'))
     1314:            self.parm["protocol"] = self.parm.get("proto", None)
     1315:
     1316:        if hasattr(self.method, "urldata_init"):
 *** 1317:            self.method.urldata_init(self, d)
     1318:
     1319:        if "localpath" in self.parm:
     1320:            # if user sets localpath for file, use it instead.\
     1321:            self.localpath = self.parm["localpath"]
File: '/local/home/shibikri/test/workspace/poky/bitbake/lib/bb/fetch2/git.py', lineno: 249, function: urldata_init
     0245:        write_tarballs = d.getVar("BB_GENERATE_MIRROR_TARBALLS") or "0"
     0246:        ud.write_tarballs = write_tarballs != "0" or ud.rebaseable
     0247:        ud.write_shallow_tarballs = (d.getVar("BB_GENERATE_SHALLOW_TARBALLS") or write_tarballs) != "0"
     0248:
 *** 0249:        ud.setup_revisions(d)
     0250:
     0251:        for name in ud.names:
     0252:            # Ensure anything that doesn't look like a sha256 checksum/revision is translated into one
     0253:            if not ud.revisions[name] or len(ud.revisions[name]) != 40  or (False in [c in "abcdef0123456789" for c in ud.revisions[name]]):
File: '/local/home/test/workspace/poky/bitbake/lib/bb/fetch2/__init__.py', lineno: 1347, function: setup_revisions
     1343:
     1344:    def setup_revisions(self, d):
     1345:        self.revisions = {}
     1346:        for name in self.names:
 *** 1347:            self.revisions[name] = srcrev_internal_helper(self, d, name)
     1348:
     1349:        # add compatibility code for non name specified case
     1350:        if len(self.names) == 1:
     1351:            self.revision = self.revisions[self.names[0]]
File: '/local/home/test/workspace/poky/bitbake/lib/bb/fetch2/__init__.py', lineno: 1212, function: srcrev_internal_helper
     1208:
     1209:    if srcrev == "INVALID" or not srcrev:
     1210:        raise FetchError("Please set a valid SRCREV for url %s (possible key names are %s, or use a ;rev=X URL parameter)" % (str(attempts), ud.url), ud.url)
     1211:    if srcrev == "AUTOINC":
 *** 1212:        srcrev = ud.method.latest_revision(ud, d, name)
     1213:
     1214:    return srcrev
     1215:
     1216:def get_checksum_file_list(d):
File: '/local/home/test/workspace/poky/bitbake/lib/bb/fetch2/__init__.py', lineno: 1624, function: latest_revision
     1620:        key = self.generate_revision_key(ud, d, name)
     1621:        try:
     1622:            return revs[key]
     1623:        except KeyError:
 *** 1624:            revs[key] = rev = self._latest_revision(ud, d, name)
     1625:            return rev
     1626:
     1627:    def sortable_revision(self, ud, d, name):
     1628:        latest_rev = self._build_revision(ud, d, name)
File: '/local/home/test/workspace/poky/bitbake/lib/bb/fetch2/git.py', lineno: 734, function: _latest_revision
     0730:        """
     0731:        Compute the HEAD revision for the url
     0732:        """
     0733:        if not d.getVar("__BBSEENSRCREV"):
 *** 0734:            raise bb.fetch2.FetchError("Recipe uses a floating tag/branch without a fixed SRCREV yet doesn't call bb.fetch2.get_srcrev() (use SRCPV in PV for OE).")
     0735:
     0736:        # Ensure we mark as not cached
     0737:        bb.fetch2.get_autorev(d)
     0738:
Exception: bb.fetch2.FetchError: Fetcher failure: Recipe uses a floating tag/branch without a fixed SRCREV yet doesn't call bb.fetch2.get_srcrev() (use SRCPV in PV for OE).
ERROR: Parsing halted due to errors, see error messages above


[meta-parsec][PATCH] Use CARGO_TARGET_SUBDIR in do_install

Anton Antonov
 

Signed-off-by: Anton Antonov <Anton.Antonov@...>
---
.../recipes-parsec/parsec-service/parsec-service_1.0.0.bb | 2 +-
meta-parsec/recipes-parsec/parsec-tool/parsec-tool_0.5.2.bb | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb b/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb
index 84539f9..2a25178 100644
--- a/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb
+++ b/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb
@@ -45,7 +45,7 @@ PARSEC_CONFIG ?= "${S}/config.toml"
do_install () {
# Binaries
install -d -m 700 -o parsec -g parsec "${D}${libexecdir}/parsec"
- install -m 700 -o parsec -g parsec "${WORKDIR}/build/target/${CARGO_TARGET_SUBDIR}/parsec" ${D}${libexecdir}/parsec/parsec
+ install -m 700 -o parsec -g parsec "${B}/target/${CARGO_TARGET_SUBDIR}/parsec" ${D}${libexecdir}/parsec/parsec

# Config file
install -d -m 700 -o parsec -g parsec "${D}${sysconfdir}/parsec"
diff --git a/meta-parsec/recipes-parsec/parsec-tool/parsec-tool_0.5.2.bb b/meta-parsec/recipes-parsec/parsec-tool/parsec-tool_0.5.2.bb
index 4b053b9..6ecce8e 100644
--- a/meta-parsec/recipes-parsec/parsec-tool/parsec-tool_0.5.2.bb
+++ b/meta-parsec/recipes-parsec/parsec-tool/parsec-tool_0.5.2.bb
@@ -11,7 +11,7 @@ RDEPENDS:${PN} = "openssl-bin"

do_install() {
install -d ${D}/${bindir}
- install -m 755 "${B}/target/${TARGET_SYS}/release/parsec-tool" "${D}${bindir}/parsec-tool"
+ install -m 755 "${B}/target/${CARGO_TARGET_SUBDIR}/parsec-tool" "${D}${bindir}/parsec-tool"
install -m 755 "${S}/tests/parsec-cli-tests.sh" "${D}${bindir}/parsec-cli-tests.sh"
}

--
2.25.1


Re: wget - The certificate has not yet been activated (does also happen in qemuarm "virt" machine)

Tomasz Moń <tomasz.mon@...>
 

On Thu, 2022-02-03 at 17:13 +0000, Matthias Klein wrote:
I can "fix" the bug by switching from gnutls to openssl:

PACKAGECONFIG:remove = "gnutls"
PACKAGECONFIG:append = " openssl"

Can anyone explain this?
The issue is that gnutls configure script detects 32-bit time_t while
wget detects 64-bit time_t.

Function ssl_check_certificate() in wget/src/gnutls.c contains:
time_t now = time (NULL);
...
if (now < gnutls_x509_crt_get_activation_time (cert))
...

gnutls_x509_crt_get_activation_time() returns time_t. In wget context
it means that two 64-bit time_t are being compared.

On imx6, when a function returns 32-bit value, the result is stored in
r0. When a function returns 64-bit value, the low 32-bits are stored in
r0 while the high 32-bits are stored in r1.

The problem is that gnutls_x509_crt_get_activation_time() compiled in
gnutls recipe, has 32-bit time_t and thus sets only r0. The likelihood
that r1 will have value that will make code consider the certificate as
active (before 2038 the only such value is 0) is low. As r1 is not 0,
the supposed activation time is way past 2038 and thus "The certificate
has not yet been activated" error is printed.

The solution is to fix gnutls recipe to detect time_t as 64-bit.

What exactly does the change to openssl mean?
The gnutls_x509_crt_get_activation_time() is no longer used at all.
Instead, SSL_get_verify_result() is used (ssl_check_certificate() in
wget/src/openssl.c). The SSL_get_verify_result() does the check within
OpenSSL library itself, so even if wget and OpenSSL does not agree on
time_t size, it doesn't matter (wget and OpenSSL have to agree on long
size, because SSL_get_verify_result() returns long).

Best Regards,
Tomasz Moń


[ANNOUNCEMENT] Yocto Project 4.0.3 is Released

Lee Chee Yang
 

Hi

We are pleased to announce the Yocto Project 4.0.3 Release is now available for download.


http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2

A gpg signed version of these release notes is available at:


http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/RELEASENOTES

 

Full Test Report:


http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/testreport.txt

 

Thank you for everyone's contributions to this release.

 

Chee Yang chee.yang.lee@...

Yocto Project Build and Release

 

- --------------------------

yocto-4.0.3 Release Notes

- --------------------------

 

 

- --------------------------

Repositories/Downloads

- --------------------------

 

Repository Name: poky

Repository Location: https://git.yoctoproject.org/git/poky

Branch: kirkstone

Tag: yocto-4.0.3

Git Revision: 387ab5f18b17c3af3e9e30dc58584641a70f359f

Release Artefact: poky-387ab5f18b17c3af3e9e30dc58584641a70f359f

sha: fe674186bdb0684313746caa9472134fc19e6f1443c274fe02c06cb1e675b404

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2

 

Repository Name: openembedded-core

Repository Location: https://git.openembedded.org/openembedded-core

Branch: kirkstone

Tag: yocto-4.0.3

Git Revision: 2cafa6ed5f0aa9df5a120b6353755d56c7c7800d

Release Artefact: oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d

sha: 5181d3e8118c6112936637f01a07308b715e0e3d12c7eba338556747dfcabe92

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d.tar.bz2

 

Repository Name: meta-mingw

Repository Location: https://git.yoctoproject.org/git/meta-mingw

Branch: kirkstone

Tag: yocto-4.0.3

Git Revision: a90614a6498c3345704e9611f2842eb933dc51c1

Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1

sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2

 

Repository Name: meta-gplv2

Repository Location: https://git.yoctoproject.org/git/meta-gplv2

Branch: kirkstone

Tag: yocto-4.0.3

Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a

Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a

sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2

 

Repository Name: bitbake

Repository Location: https://git.openembedded.org/bitbake

Branch: 2.0

Tag: yocto-4.0.3

Git Revision: b8fd6f5d9959d27176ea016c249cf6d35ac8ba03

Release Artefact: bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03

sha: 373818b1dee2c502264edf654d6d8f857b558865437f080e02d5ba6bb9e72cc3

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2

 

Repository Name: yocto-docs

Repository Location: https://git.yoctoproject.org/git/yocto-docs

Branch: kirkstone

Tag: yocto-4.0.3

Git Revision: d9b3dcf65ef25c06f552482aba460dd16862bf96

 

 

- ---------------

Contributors

- ---------------

Ahmed Hossam

Alejandro Hernandez Samaniego

Alex Kiernan

Alexander Kanavin

Bruce Ashfield

Chanho Park

Christoph Lauer

David Bagonyi

Dmitry Baryshkov

He Zhe

Hitendra Prajapati

Jose Quaresma

Joshua Watt

Kai Kang

Khem Raj

Lee Chee Yang

Lucas Stach

Markus Volk

Martin Jansa

Maxime Roussin-Bélanger

Michael Opdenacker

Mihai Lindner

Ming Liu

Mingli Yu

Muhammad Hamza

Naveen

Pascal Bach

Paul Eggleton

Pavel Zhukov

Peter Bergin

Peter Kjellerstedt

Peter Marko

Pgowda

Raju Kumar Pothuraju

Richard Purdie

Robert Joslyn

Ross Burton

Sakib Sajal

Shruthi Ravichandran

Steve Sakoman

Sundeep KOKKONDA

Thomas Roos

Tom Hochstein

Wentao Zhang

Yi Zhao

Yue Tao

gr embeter

leimaohui

wangmy

 

 

- ---------------

Known Issues

- ---------------

N/A

 

 

- ---------------

Security Fixes

- ---------------

binutils : CVE-2019-1010204

busybox: fix CVE-2022-30065

cups: ignore CVE-2022-26691

curl: Fix CVE-2022-32205, CVE-2022-32206, CVE-2022-32207 and CVE-2022-32208

dpkg: fix CVE-2022-1664

ghostscript: fix CVE-2022-2085

harfbuzz: fix CVE-2022-33068

libtirpc: fix CVE-2021-46828

lua: fix CVE-2022-33099

nasm: ignore CVE-2020-18974

qemu: fix CVE-2022-35414

qemu: ignore CVE-2021-20255 and CVE-2019-12067

tiff: fix CVE-2022-1354, CVE-2022-1355, CVE-2022-2056, CVE-2022-2057 and CVE-2022-2058

u-boot: fix CVE-2022-34835

unzip: fix CVE-2022-0529 and CVE-2022-0530

 

 

- ---------------

Fixes

- ---------------

alsa-state: correct license

at: take tarballs from debian

base.bbclass: Correct the test for obsolete license exceptions

base/reproducible: Change Source Date Epoch generation methods

bin_package: install into base_prefix

bind: Remove legacy python3 PACKAGECONFIG code

bind: upgrade to 9.18.4

binutils: stable 2.38 branch updates

build-appliance-image: Update to kirkstone head revision

cargo_common.bbclass: enable bitbake vendoring for externalsrc

coreutils: Tweak packaging variable names for coreutils-dev

curl: backport openssl fix CN check error code

cve-check: hook cleanup to the BuildCompleted event, not CookerExit

cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)

devtool: finish: handle patching when S points to subdir of a git repo

devtool: ignore pn- overrides when determining SRC_URI overrides

docs: BB_HASHSERVE_UPSTREAM: update to new host

dropbear: break dependency on base package for -dev package

efivar: fix import functionality

encodings: update to 1.0.6

epiphany: upgrade to 42.3

externalsrc.bbclass: support crate fetcher on externalsrc

font-util: update 1.3.2 -> 1.3.3

gcc-runtime: Fix build when using gold

gcc-runtime: Fix missing MLPREFIX in debug mappings

gcc-runtime: Pass -nostartfiles when building dummy libstdc++.so

gcc: Backport a fix for gcc bug 105039

git: upgrade to v2.35.4

glib-2.0: upgrade to 2.72.3

glib-networking: upgrade to 2.72.1

glibc : stable 2.35 branch updates

glibc-tests: Avoid reproducibility issues

glibc-tests: not clear BBCLASSEXTEND

glibc: revert one upstream change to work around broken DEBUG_BUILD build

glibc: stable 2.35 branch updates

gnupg: upgrade to 2.3.7

go: upgrade to v1.17.12

gobject-introspection-data: Disable cache for g-ir-scanner

gperf: Add a patch to work around reproducibility issues

gperf: Switch to upstream patch

gst-devtools: upgrade to 1.20.3

gstreamer1.0-libav: upgrade to 1.20.3

gstreamer1.0-omx: upgrade to 1.20.3

gstreamer1.0-plugins-bad: upgrade to 1.20.3

gstreamer1.0-plugins-base: upgrade to 1.20.3

gstreamer1.0-plugins-good: upgrade to 1.20.3

gstreamer1.0-plugins-ugly: upgrade to 1.20.3

gstreamer1.0-python: upgrade to 1.20.3

gstreamer1.0-rtsp-server: upgrade to 1.20.3

gstreamer1.0-vaapi: upgrade to 1.20.3

gstreamer1.0: upgrade to 1.20.3

gtk-doc: Remove hardcoded buildpath

harfbuzz: Fix compilation with clang

initramfs-framework: move storage mounts to actual rootfs

initscripts: run umountnfs as a KILL script

insane.bbclass: host-user-contaminated: Correct per package home path

insane: Fix buildpaths test to work with special devices

kernel-arch: Fix buildpaths leaking into external module compiles

kernel-devsrc: fix reproducibility and buildpaths QA warning

kernel-devsrc: ppc32: fix reproducibility

kernel-uboot.bbclass: Use vmlinux.initramfs when INITRAMFS_IMAGE_BUNDLE set

kernel.bbclass: pass LD also in savedefconfig

libffi: fix native build being not portable

libgcc: Fix standalone target builds with usrmerge distro feature

libmodule-build-perl: Use env utility to find perl interpreter

libsoup: upgrade to 3.0.7

libuv: upgrade to 1.44.2

linux-firmware: upgrade to 20220708

linux-firwmare: restore WHENCE_CHKSUM variable

linux-yocto-rt/5.15: update to -rt48 (and fix -stable merge)

linux-yocto/5.10: fix build_OID_registry/conmakehash buildpaths warning

linux-yocto/5.10: fix buildpaths issue with gen-mach-types

linux-yocto/5.10: fix buildpaths issue with pnmtologo

linux-yocto/5.10: update to v5.10.135

linux-yocto/5.15: drop obselete GPIO sysfs ABI

linux-yocto/5.15: fix build_OID_registry buildpaths warning

linux-yocto/5.15: fix buildpaths issue with gen-mach-types

linux-yocto/5.15: fix buildpaths issue with pnmtologo

linux-yocto/5.15: fix qemuppc buildpaths warning

linux-yocto/5.15: fix reproducibility issues

linux-yocto/5.15: update to v5.15.59

log4cplus: upgrade to 2.0.8

lttng-modules: Fix build failure for kernel v5.15.58

lttng-modules: upgrade to 2.13.4

lua: Fix multilib buildpath reproducibility issues

mkfontscale: upgrade to 1.2.2

oe-selftest-image: Ensure the image has sftp as well as dropbear

oe-selftest: devtool: test modify git recipe building from a subdir

oeqa/runtime/scp: Disable scp test for dropbear

oeqa/runtime: add test that the kernel has CONFIG_PREEMPT_RT enabled

oeqa/sdk: drop the nativesdk-python 2.x test

openssh: Add openssh-sftp-server to openssh RDEPENDS

openssh: break dependency on base package for -dev package

openssl: update to 3.0.5

package.bbclass: Avoid stripping signed kernel modules in splitdebuginfo

package.bbclass: Fix base directory for debugsource files when using externalsrc

package.bbclass: Fix kernel source handling when not using externalsrc

package_manager/ipk: do not pipe stderr to stdout

packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation

patch: handle if S points to a subdirectory of a git repo

perf: fix reproducibility in 5.19+

perf: fix reproduciblity in older releases of Linux

perf: sort-pmuevents: really keep array terminators

perl: don't install Makefile.old into perl-ptest

poky.conf: bump version for 4.0.3

pulseaudio: add m4-native to DEPENDS

python3: Backport patch to fix an issue in subinterpreters

qemu: Add PACKAGECONFIG for brlapi

qemu: Avoid accidental librdmacm linkage

qemu: Avoid accidental libvdeplug linkage

qemu: Fix slirp determinism issue

qemu: add PACKAGECONFIG for capstone

recipetool/devtool: Fix python egg whitespace issues in PACKAGECONFIG

ref-manual: variables: remove sphinx directive from literal block

rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S}

ruby: add PACKAGECONFIG for capstone

rust: fix issue building cross-canadian tools for aarch64 on x86_64

sanity.bbclass: Add ftps to accepted URI protocols for mirrors sanity

selftest/runtime_test/virgl: Disable for all almalinux

sstatesig: Include all dependencies in SPDX task signatures

strace: set COMPATIBLE_HOST for riscv32

systemd: Added base_bindir into pkg_postinst:udev-hwdb.

udev-extraconf/initrdscripts/parted: Rename mount.blacklist -> mount.ignorelist

udev-extraconf/mount.sh: add LABELs to mountpoints

udev-extraconf/mount.sh: ignore lvm in automount

udev-extraconf/mount.sh: only mount devices on hotplug

udev-extraconf/mount.sh: save mount name in our tmp filecache

udev-extraconf: fix some systemd automount issues

udev-extraconf: force systemd-udevd to use shared MountFlags

udev-extraconf: let automount base directory configurable

udev-extraconf:mount.sh: fix a umount issue

udev-extraconf:mount.sh: fix path mismatching issues

vala: Fix on target wrapper buildpaths issue

vala: upgrade to 0.56.2

vim: upgrade to 9.0.0063

waffle: correctly request wayland-scanner executable

webkitgtk: upgrade to 2.36.4

weston: upgrade to 10.0.1

wic/plugins/rootfs: Fix NameError for 'orig_path'

wic: fix WicError message

wireless-regdb: upgrade to 2022.06.06

xdpyinfo: upgrade to 1.3.3

xev: upgrade to 1.2.5

xf86-input-synaptics: upgrade to 1.9.2

xmodmap: upgrade to 1.0.11

xorg-app: Tweak handling of compression changes in SRC_URI

xserver-xorg: upgrade to 21.1.4

xwayland: upgrade to 22.1.3

yocto-bsps/5.10: fix buildpaths issue with gen-mach-types

yocto-bsps/5.10: fix buildpaths issue with pnmtologo

yocto-bsps/5.15: fix buildpaths issue with gen-mach-types

yocto-bsps/5.15: fix buildpaths issue with pnmtologo

yocto-bsps: buildpaths fixes

yocto-bsps: update to v5.10.130

yocto-bsps: buildpaths fixes

yocto-bsps: update to v5.15.54

 


Re: Custom QA Checks

Ross Burton
 

On 7 Aug 2022, at 20:21, Paul Wicks via lists.yoctoproject.org <pwicks86=gmail.com@...> wrote:

Is it possible to create additional QA checks such that they apply to all recipes automatically? Or even just to all recipes in a given layer?
Yes, and yes.

For example, I have https://github.com/rossburton/meta-ross/blob/master/classes/insanitier.bbclass

This defines some new sanity checks, and adds them to WARN_QA so that they’re enabled and classified as warnings (use ERROR_QA if you want them to be errors).

Simply inheriting the class in your local or distro configuration with INHERIT += is enough to enable them for all recipes.

Ross


#linux #kirkstone #yocto x86_64 machine bootloader #linux #kirkstone #yocto

Martin Leduc <martin.leduc@...>
 

Hi community,

I'm wondering how to manage the bootloader files contents in a X86_64 machine and if those files have a relation with the WKS.in file.

By doing a bitbake -e <my_image> I can't figure out which variables are involved into the bootimg-efi.py (./poky/scripts/lib/wic/plugins/source/bootimg-efi.py), which recipe call or start this scripts and the ENV variables used by the script.

The main goal is to rename "title boot" by anything else without having to add a recipe to replace the boot file at the do_rootfs stage.

Any information/instructions will be appreciated and I didn't find any information into the MEGA Manual on this topic.  I'm probably blind 😁😁

BR,

Martin


Yocto Project Status 16 August 2022 (WW33)

Stephen Jolley
 

Current Dev Position: YP 4.1 M3

Next Deadline: 22nd August 2022 YP 4.1 M3 Build

 

Next Team Meetings:

 

Key Status/Updates:

  • YP 4.0.3 has been through QA with a clean report and is likely to be released
  • The CVE count for master rose sharply this week but a number of fixes were sent by Khem, thanks!
  • Bitbake changes in class handling merged which means classes can now be enforced to be in “global” or “recipe” scope. This handles a long standing usability issue of it not being clear which scope classes should be used in. For example, “testimage” now needs to be included via IMAGE_CLASSES and not via INHERIT. Global class inclusions in recipes such as “base” and “package” will now show a parsing error. “base” was particularly pointless and can simply be removed as it was always inherited.
  • The rust toolchain changes merged and are now being tested by default on the autobuilder but there is one intermittent issue with shebang length overflow in the SDK which still needs to be resolved
  • We upgraded glibc to 2.36 and produced a new uninative version which supports this.
  • There are patches out for review for the debug path improvements. These rely on a gcc patch and small change of gcc behavior which is being discussed with upstream.
  • There were cleanups to copyright and license headers in OE-Core and Bitbake.
  • “largefile” support in oe-core was cleaned up and removed as we assume this everywhere now, completing something we said would happen in release notes a few years ago.
  • Help is very much welcome in trying to resolve our autobuilder intermittent issues. You can see the list of failures we’re continuing to see by searching for the “AB-INT” tag in bugzilla: https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=AB-INT

 

Ways to contribute:

 

YP 4.1 Milestone Dates:

  • YP 4.1 M3 build date 2022/08/22
  • YP 4.1 M3 Release date 2022/09/02
  • YP 4.1 M4 build date 2022/10/03
  • YP 4.1 M4 Release date 2022/10/28

 

Upcoming dot releases:

  • YP 4.0.3 Out of QA
  • YP 3.1.19 build date 2022/08/29
  • YP 3.1.19 Release date 2022/09/09
  • YP 4.0.4 build date 2022/09/19
  • YP 4.0.4 Release date 2022/09/30
  • YP 3.1.20 build date 2022/10/10
  • YP 3.1.20 Release date 2022/10/21
  • YP 4.0.5 build date 2022/10/31
  • YP 4.0.5 Release date 2022/11/11

 

Tracking Metrics:

 

The Yocto Project’s technical governance is through its Technical Steering Committee, more information is available at:

https://wiki.yoctoproject.org/wiki/TSC

 

The Status reports are now stored on the wiki at: https://wiki.yoctoproject.org/wiki/Weekly_Status

 

[If anyone has suggestions for other information you’d like to see on this weekly status update, let us know!]

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


[meta-yocto][dunfell][PATCH] linux-yocto/5.4: update genericx86* machines to v5.4.205

Rajesh Dangi
 

Signed-off-by: Rajesh Dangi <rajeshx.dangi@...>
---
.../recipes-kernel/linux/linux-yocto_5.4.bbappend | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
index b2824cbb1d..219e788f47 100644
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
@@ -7,8 +7,8 @@ KMACHINE_genericx86 ?= "common-pc"
KMACHINE_genericx86-64 ?= "common-pc-64"
KMACHINE_beaglebone-yocto ?= "beaglebone"

-SRCREV_machine_genericx86 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
-SRCREV_machine_genericx86-64 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
+SRCREV_machine_genericx86 ?= "8a59dfded81659402005acfb06fbb00b71c8ce86"
+SRCREV_machine_genericx86-64 ?= "8a59dfded81659402005acfb06fbb00b71c8ce86"
SRCREV_machine_edgerouter ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd"
SRCREV_machine_beaglebone-yocto ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd"

@@ -17,7 +17,7 @@ COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
COMPATIBLE_MACHINE_edgerouter = "edgerouter"
COMPATIBLE_MACHINE_beaglebone-yocto = "beaglebone-yocto"

-LINUX_VERSION_genericx86 = "5.4.178"
-LINUX_VERSION_genericx86-64 = "5.4.178"
+LINUX_VERSION_genericx86 = "5.4.205"
+LINUX_VERSION_genericx86-64 = "5.4.205"
LINUX_VERSION_edgerouter = "5.4.58"
LINUX_VERSION_beaglebone-yocto = "5.4.58"
--
2.17.1


Re: Conditional configuration of recipe dependent on other recipe

Alexander Kanavin
 

The neat way would be to include appropriate configuration into the webserver recipe, e.g. a file installed in /etc/firewall.d/ that opens the port (and nothing else).

Alex


On Tue, 16 Aug 2022 at 10:35, Maik Vermeulen <maik.vermeulen@...> wrote:
Hi,

Currently we are struggling with 'interdependent' recipes.

For example: 
A webservice of ours uses a specific port, and needs to be allowed through the firewall, for which we also have a recipe.

Is there a neat way to make sure that the firewall recipe only allows that specific port if that webservice recipe is actually included in the image? And the firewall recipe should allow the port configured in the webservice recipe?

Thanks,
Kind regards,

Maik Vermeulen

Embedded Software Engineer — Lightyear






Automotive Campus 70 —5708 JZ Helmond, the Netherlands

This email may contain information which is privileged and/or confidential. If you received this e-mail in error, please notify us immediately by e-mail and delete the email without copying or disclosing its contents to any other person. Lightyear is a trade name of Atlas Technologies B.V. and is registered at the Dutch Chamber of Commerce under number 67264298. 




Conditional configuration of recipe dependent on other recipe

Maik Vermeulen
 

Hi,

Currently we are struggling with 'interdependent' recipes.

For example: 
A webservice of ours uses a specific port, and needs to be allowed through the firewall, for which we also have a recipe.

Is there a neat way to make sure that the firewall recipe only allows that specific port if that webservice recipe is actually included in the image? And the firewall recipe should allow the port configured in the webservice recipe?

Thanks,
Kind regards,

Maik Vermeulen

Embedded Software Engineer — Lightyear






Automotive Campus 70 —5708 JZ Helmond, the Netherlands

This email may contain information which is privileged and/or confidential. If you received this e-mail in error, please notify us immediately by e-mail and delete the email without copying or disclosing its contents to any other person. Lightyear is a trade name of Atlas Technologies B.V. and is registered at the Dutch Chamber of Commerce under number 67264298. 


Re: [qa-build-notification] QA notification for completed autobuilder build (yocto-4.0.3.rc1)

Teoh, Jay Shen
 

Hi Everyone,

QA for yocto-4.0.3.rc1 is completed. This is the full report for this release:
https://git.yoctoproject.org/cgit/cgit.cgi/yocto-testresults-contrib/tree/?h=intel-yocto-testresults

======= Summary ========
No high milestone defects.

No new issue found.

Thanks,
Jay

-----Original Message-----
From: qa-build-notification@... <qa-build-
notification@...> On Behalf Of Pokybuild User
Sent: Thursday, 11 August, 2022 3:11 AM
To: yocto@...
Cc: qa-build-notification@...
Subject: [qa-build-notification] QA notification for completed autobuilder
build (yocto-4.0.3.rc1)


A build flagged for QA (yocto-4.0.3.rc1) was completed on the autobuilder
and is available at:


https://autobuilder.yocto.io/pub/releases/yocto-4.0.3.rc1


Build hash information:

bitbake: b8fd6f5d9959d27176ea016c249cf6d35ac8ba03
meta-agl: 3ff972228b08c37adf41b760c2bbc5313b90715f
meta-arm: cf9365fcec2e741c56ad88db7f3838f636e29cae
meta-aws: 4ffc63cf28ff925bb67477cbaf7e390e968b1f8e
meta-gplv2: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
meta-intel: ef3aa3064b9bbfa19f600eafb1e7d3473f62af74
meta-mingw: a90614a6498c3345704e9611f2842eb933dc51c1
meta-openembedded: 8f2dc1023482863e2630d1b94052c41ce748b38f
meta-virtualization: 26a361a39ff5ab6fae22efbdc582f84d13330ba2
oecore: 2cafa6ed5f0aa9df5a120b6353755d56c7c7800d
poky: 387ab5f18b17c3af3e9e30dc58584641a70f359f



This is an automated message from the Yocto Project Autobuilder
Git: git://git.yoctoproject.org/yocto-autobuilder2
Email: richard.purdie@...







[meta-mingw][PATCH] mingw-libgnurx: update license name

Kai Kang
 

From: Kai Kang <kai.kang@...>

Update license name with SPDX identifier to eliminate warning:

WARNING: mingw-libgnurx-2.5.1-r0 do_package_qa: QA Issue: Recipe LICENSE
includes obsolete licenses LGPLv2.1 [obsolete-license]

Signed-off-by: Kai Kang <kai.kang@...>
---
recipes-support/mingw-libgnurx/mingw-libgnurx_2.5.1.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/recipes-support/mingw-libgnurx/mingw-libgnurx_2.5.1.bb b/recipes-support/mingw-libgnurx/mingw-libgnurx_2.5.1.bb
index ca5bbf9..4547298 100644
--- a/recipes-support/mingw-libgnurx/mingw-libgnurx_2.5.1.bb
+++ b/recipes-support/mingw-libgnurx/mingw-libgnurx_2.5.1.bb
@@ -1,6 +1,6 @@
# Copyright (C) 2021 Khem Raj <raj.khem@...>
# Released under the MIT license (see COPYING.MIT for the terms)
-LICENSE = "LGPLv2.1"
+LICENSE = "LGPL-2.1-only"
LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=bbb461211a33b134d42ed5ee802b37ff"

SRC_URI = "http://download.sourceforge.net/mingw/Other/UserContributed/regex/mingw-regex-${PV}/mingw-libgnurx-${PV}-src.tar.gz \
--
2.17.1


M+ & H bugs with Milestone Movements WW33

Stephen Jolley
 

All,

YP M+ or high bugs which moved to a new milestone in WW33 are listed below:

Priority

Bug ID

Short Description

High

14800

AB-INT PTEST: libgcrypt ptest intermittent failure

Medium+

11704

Add other resource monitoring options to conf/local.conf STOPTASKS/ABORT

 

12723

mysql requires unicode and char length filtering

 

13008

toaster testing

 

13109

Implement CPE to package to Release mapping

 

13103

[Bug][QA 2.7 M1 rc1][Toaster] "Recipes" tableá and á"machines" table are not getting populated after clickingáon imported layer as well as after clicking Machines Tab on project page

 

13123

package.PackageTests.test_gdb_hardlink_debug failed

 

13190

RRS cannot handle multiple recipes with same PN

 

13520

many valgrind tests fail for arm64

 

13980

Investigate replacements for PhantomJS for buildperf output

 

14430

valgrind memcheck/tests/linux/stack_changes failure

 

14443

valgrind none/tests/amd64/fb_test_amd64 ptest intermittent failure

 

14466

python: Should we add this optimization: -fno-semantic-interposition for 1.3x speed improvment?

 

14538

Recipes shouldn't use "virtual/" in RPROVIDES and RDEPENDS

 

14693

cmake-native do_configure fails when rebuilding without sstate on NIS hosts

 

14814

ncurses version of taskexp.py

 

14834

Timeout issue with Toaster and bitbake

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Enhancements/Bugs closed WW33!

Stephen Jolley
 

All,

The below were the owners of enhancements or bugs closed during the last week!

Who

Count

richard.purdie@...

2

luca.ceresoli@...

1

randy.macleod@...

1

Vikkram.Ravi@...

1

yogesh.tyagi@...

1

Ahmed.Hossam@...

1

alexandre.belloni@...

1

Grand Total

8

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Current high bug count owners for Yocto Project 4.1

Stephen Jolley
 

All,

Below is the list as of top 35 bug owners as of the end of WW33 of who have open medium or higher bugs and enhancements against YP 4.1.   There are 52 possible work days left until the final release candidates for YP 4.1 needs to be released.

Who

Count

michael.opdenacker@...

36

ross.burton@...

26

david.reyna@...

23

bruce.ashfield@...

21

randy.macleod@...

15

richard.purdie@...

13

saul.wold@...

10

JPEWhacker@...

9

sakib.sajal@...

9

Aryaman.Gupta@...

7

tim.orling@...

6

sundeep.kokkonda@...

5

mhalstead@...

4

jon.mason@...

4

akuster808@...

3

tvgamblin@...

2

hongxu.jia@...

2

pgowda.cve@...

2

Qi.Chen@...

2

pavel@...

2

sgw@...

1

raj.khem@...

1

ola.x.nilsson@...

1

behanw@...

1

thomas.perrot@...

1

martin.beeger@...

1

aehs29@...

1

open.source@...

1

ptsneves@...

1

Martin.Jansa@...

1

nicolas.dechesne@...

1

mostthingsweb@...

1

shachar@...

1

alexandre.belloni@...

1

alejandro@...

1

Grand Total

216

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...