subtree updates
meta-raspberrypi: 95a9103f91..92a9b7a012:
Michał Kluska (1):
rpi-base: Added missing HiFiBerry
meta-openembedded: 9f0e513211..a0237019f5:
Alexander Stein (1):
libkcapi: Update HOMEPAGE url
Changqing Li (4):
syslog-ng: upgrade 4.0.1 -> 4.6.0
multipath-tools: upgrade 0.9.3 -> 0.9.8
nodejs: upgrade 20.11.0 -> 20.11.1
postgresql: upgrade 15.5 -> 16.2
Joe Slater (1):
googletest: allow for shared libraries
Khem Raj (17):
python3-fastjsonschema: Add missing ptest deps
python3-gpiod: Tests rely on configfs support in kernel
python3-pyzmq: Add missing dep on python3-unixadmin for ptests
python3-betamax: Upgrade to 0.9.0
libgpiod: Tests rely on configfs support in kernel
keyutils: Add missing rdep for ptests
fuse3: Make kmod as a recommendation instead of rdep for ptests
drbd-utils: Disable warnings as errors
influxdb: Define GOPROXY
crucible: Define GOPROXY
syzkaller: Fix build with go 1.21
e2tools: Delete unneeded files from ptest package
ptest-packagelists-meta-oe: Move libgpiod out of PTESTS_PROBLEMS_META_OE
ptest-packagelists-meta-python: Move py3-libgpiod out of PTESTS_PROBLEMS_META_PYTHON
pgpool2: Upgrade to 4.5.1
pgpool2: Fix build with postgresql 16+
emacs: Add packageconfig for selinux support
Krupal Ka Patel (1):
python3-aiohappyeyeballs: Correct the typo of BBCLASSEXTEND
Markus Volk (3):
folks: update 0.15.6 -> 0.15.7
mozjs-115: update 115.6.0 -> 115.8.0
polkit: update 123 -> 124
Martin Jansa (3):
ristretto: use python3native and depend on glib-2.0-native, python3-packaging-native
xfce4-notifyd: use python3native and depend on python3-packaging-native
fuse3: use 4 spaces for indentation
Mingli Yu (1):
nlohmann-json: Upgrade to 3.11.3
Randolph Sapp (1):
glmark2: add upstream patch to not care about stencil config
Ulrich Ölmann (1):
signing.bbclass: fix typos
Xiangyu Chen (3):
iperf3: upgrade 3.15 -> 3.16
grpc: upgrade 1.60.0 -> 1.60.1
drbd-utils: upgrade 9.22.0 -> 9.27.0
Yi Zhao (7):
openipmi: fix do_configure error when using dash
cryptsetup: upgrade 2.6.1 -> 2.7.0
layer.conf: Add nativesdk-libdevmapper PREFERRED_RPROVIDER
krb5: upgrade 1.20.2 -> 1.21.2
postfix: upgrade 3.7.3 -> 3.8.5
openldap: upgrade 2.5.16 -> 2.6.7
openvpn: upgrade 2.6.7 -> 2.6.9
Yoann Congal (3):
drbd-utils: Drop a duplicated line in DESCRIPTION
drbd-utils: Fix a udev rule reproducibility
toybox-inittab: Fix serial getty reproducibility
alperak (9):
python3-google-auth: upgrade 2.28.0 -> 2.28.1
python3-netaddr: upgrade 0.10.1 -> 1.2.1 and add ptest
ptest-packagelists-meta-python: Move python3-xlrd from PTESTS_PROBLEMS_META_PYTHON to PTESTS_FAST_META_PYTHON
python3-wrapt: add ptest
python3-freezegun: add recipe and add ptest
python3-dateutil: upgrade 2.8.2 -> 2.9.0
python3-types-python-dateutil: add recipe
python3-arrow: add ptest, update backend and runtime dependencies
python3-marshmallow: upgrade 3.20.2 -> 3.21.1 and add ptest
poky: 25d60ac6f6..7165c23237:
Alexander Kanavin (48):
xz: correct upstream version check
python3-sphinxcontrib-jquery: add a recipe and make python3-sphinx-rtd-theme depend on it
acl: upgrade 2.3.1 -> 2.3.2
appstream: upgrade 1.0.0 -> 1.0.2
boost: upgrade 1.83.0 -> 1.84.0
btrfs-tools: upgrade 6.5.3 -> 6.7.1
dnf: upgrade 4.18.2 -> 4.19.0
diffoscope: upgrade 253 -> 259
ell: upgrade 0.62 -> 0.63
elfutils: upgrade 0.189 -> 0.191
epiphany: upgrade 45.1 -> 45.3
gettext: upgrade 0.22.4 -> 0.22.5
glib-2.0: upgrade 2.78.3 -> 2.78.4
glib-networking: upgrade 2.78.0 -> 2.78.1
kmscube: upgrade to latest revision
libbsd: upgrade 0.11.8 -> 0.12.1
libdnf: update 0.72.0 -> 0.73.0
libpciaccess: upgrade 0.17 -> 0.18
libpcre2: upgrade 10.42 -> 10.43
librepo: update 1.16.0 -> 1.17.0
libusb1: upgrade 1.0.26 -> 1.0.27
libxml2: upgrade 2.11.5 -> 2.12.5
linux-firmware: upgrade 20231211 -> 20240220
librsvg: upgrade 2.56.3 -> 2.57.1
lsof: upgrade 4.98.0 -> 4.99.3
man-pages: upgrade 6.05.01 -> 6.06
mc: upgrade 4.8.30 -> 4.8.31
mesa: upgrade 24.0.1 -> 24.0.2
minicom: upgrade 2.8 -> 2.9
nghttp2: upgrade 1.59.0 -> 1.60.0
orc: upgrade 0.4.37 -> 0.4.38
puzzles: upgrade to latest revision
piglit: upgrade to latest revision
python3-build: upgrade 1.0.3 -> 1.1.1
python3-dtschema: upgrade 2023.7 -> 2024.2
python3-jsonschema: upgrade 4.17.3 -> 4.21.1 and add new dependencies
python3-ruamel-yaml: upgrade 0.17.35 -> 0.18.6
python3-setuptools: upgrade 69.0.3 -> 69.1.1
python3-wcwidth: upgrade 0.2.12 -> 0.2.13
repo: upgrade 2.41 -> 2.42
shaderc: update 2023.7 -> 2023.8
systemd: upgrade 255.1 -> 255.4
ttyrun: upgrade 2.30.0 -> 2.31.0
taglib: upgrade 1.13.1 -> 2.0 and add utfcpp recipe to support that
update-rc.d: upgrade to latest revision
vala: upgrade 0.56.13 -> 0.56.15
vulkan: upgrade 1.3.268.0 -> 1.3.275.0
webkitgtk: upgrade 2.42.2 -> 2.42.5
Bruce Ashfield (3):
linux-yocto/cfg/6.6: drop CONFIG_DEBUG_CREDENTIALS
linux-yocto/6.6: update to v6.6.20
linux-yocto/6.6: update CVE exclusions
Changqing Li (3):
rxvt-unicode: Fix installing of terminfo
systemd: fix dead link /var/log/README
go: filter out build specific path from the linker flags
Chen Qi (2):
systemd: use RDEPENDS for systemd-vconsole-setup
systemd: remove systemd-bus-proxy settings
Christian Taedcke (1):
image_types.bbclass: fix vfat image names
Eilís 'pidge' Ní Fhlannagáin (6):
qemurunner.py: Fix error on calls to run_monitor
screenshot-tests: Add initial screenshot test png files for core-image-sato
oeqa/runtime/login: Proof of concept for screenshot testcases
oeqa/runtime/login: Exclude qemuriscv64
oeqa/runtime/login: Add screenshot sample logic/timeout/dbus-wait
sstatetests.py: Add testing for correct sstate permissions
Fabio Estevam (1):
u-boot: Move UBOOT_INITIAL_ENV back to u-boot.inc
Geoff Parker (1):
ref-manual: variables: adding multiple groups in GROUPADD_PARAM
Johan Bezem (1):
ref-manual: variables: correct sdk installation default path
Jose Quaresma (7):
go: rework patch to avoid identation
go: bump 1.21.0
goarch: disable dynamic linking globally
oeqa/gotoolchain: set GOPROXY
go: upgrade 1.21.0 -> 1.21.5
go: upgrade 1.21.5 -> 1.21.7
go: bump 1.22.0
Khem Raj (4):
mesa,mesa-gl: Fix build when dri3 is not enabled
linux-yocto: Enable gpio-sim with ptests
rust: Fix build failure re-appeared on riscv32
gdb: Upgrade 14.1 -> 14.2
Luca Ceresoli (2):
ref-manual: tasks: do_cleanall: recommend using '-f' instead
ref-manual: tasks: do_cleansstate: recommend using '-f' instead for a shared sstate
Markus Volk (1):
gtk+3: update 3.24.38 -> 3.24.41
Michael Opdenacker (4):
core-image-full-cmdline: add package-management
bitbake: utils: remove BB_ENV_PASSTHROUGH from preserved_envvars()
dev-manual: packages: fix capitalization
manuals: document VIRTUAL-RUNTIME variables
Randy MacLeod (1):
valgrind: skip intermittently failing ptests
Richard Purdie (9):
no-gplv3: Tweak for packagemangement in core-image-full-cmdline
qemu: Replace workaround with proper usermode fix for shmat
bitbake: fetch/git: Avoid clean upon failure
go: Further tweak indentation in patch
go: Drop linkmode with nativesdk/cross-canadian
libpng: Update SRC_URI to avoid redirects
oeqa/runtime/login: Various code improvements and fixes
oeqa/runtime/login: Mask out the mouse panel icon for now
oeqa/runtime/login: Fix dbus-wait timeout and loop conditional
Robert P. J. Day (1):
python3-cryptography_42.0.5.bb: delete redundant ptest packaging
Ross Burton (2):
Add genericarm64 MACHINE
rxvt: add rxvt to desktop entry name
Simone Weiß (4):
coreutils: backport patch to fix heap overflow in split
qemu: backport patch for ui/clipboard issue
ref-manual: classes: add cve status check for oe.qa
contributor-guide: add notes for tests
Tim Orling (1):
python3-hypothesis: upgrade 6.98.12 -> 6.98.15
Trevor Woerner (2):
bmaptool: now part of Yocto Project
dev-manual: bmaptool: rename
Yi Zhao (1):
expat: upgrdae 2.6.0 -> 2.6.1
Yoann Congal (1):
bitbake: prserv/serv: Fix a PID file removal race on prserv stop
Change-Id: Ie94e4df79e3d8f68aea3377f816d7106987a05f8
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
diff --git a/meta-openembedded/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.7.0.bb b/meta-openembedded/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.7.0.bb
new file mode 100644
index 0000000..c5e84b1
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.7.0.bb
@@ -0,0 +1,117 @@
+SUMMARY = "Manage plain dm-crypt and LUKS encrypted volumes"
+DESCRIPTION = "Cryptsetup is used to conveniently setup dm-crypt managed \
+device-mapper mappings. These include plain dm-crypt volumes and \
+LUKS volumes. The difference is that LUKS uses a metadata header \
+and can hence offer more features than plain dm-crypt. On the other \
+hand, the header is visible and vulnerable to damage."
+HOMEPAGE = "https://gitlab.com/cryptsetup/cryptsetup"
+SECTION = "console"
+LICENSE = "GPL-2.0-with-OpenSSL-exception"
+LIC_FILES_CHKSUM = "file://COPYING;md5=32107dd283b1dfeb66c9b3e6be312326"
+
+DEPENDS = " \
+ json-c \
+ libdevmapper \
+ popt \
+ util-linux-libuuid \
+"
+
+DEPENDS:append:libc-musl = " argp-standalone"
+LDFLAGS:append:libc-musl = " -largp"
+
+SRC_URI = "${KERNELORG_MIRROR}/linux/utils/${BPN}/v${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}/${BP}.tar.xz"
+SRC_URI[sha256sum] = "94003a00cd5a81944f45e8dc529e0cfd2a6ff629bd2cd21cf5e574e465daf795"
+
+inherit autotools gettext pkgconfig
+
+# Use openssl because libgcrypt drops root privileges
+# if libgcrypt is linked with libcap support
+PACKAGECONFIG ??= " \
+ keyring \
+ cryptsetup \
+ veritysetup \
+ luks2-reencryption \
+ integritysetup \
+ ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)} \
+ kernel_crypto \
+ internal-argon2 \
+ blkid \
+ luks-adjust-xts-keysize \
+ openssl \
+ ssh-token \
+"
+PACKAGECONFIG:append:class-target = " \
+ udev \
+"
+
+PACKAGECONFIG[keyring] = "--enable-keyring,--disable-keyring"
+PACKAGECONFIG[fips] = "--enable-fips,--disable-fips"
+PACKAGECONFIG[pwquality] = "--enable-pwquality,--disable-pwquality,libpwquality"
+PACKAGECONFIG[passwdqc] = "--enable-passwdqc,--disable-passwdqc,passwdqc"
+PACKAGECONFIG[cryptsetup] = "--enable-cryptsetup,--disable-cryptsetup"
+PACKAGECONFIG[veritysetup] = "--enable-veritysetup,--disable-veritysetup"
+PACKAGECONFIG[luks2-reencryption] = "--enable-luks2-reencryption,--disable-luks2-reencryption"
+PACKAGECONFIG[integritysetup] = "--enable-integritysetup,--disable-integritysetup"
+PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux"
+PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,,udev lvm2-udevrules"
+PACKAGECONFIG[kernel_crypto] = "--enable-kernel_crypto,--disable-kernel_crypto"
+# gcrypt-pkbdf2 requries --with-crypto_backend=gcrypt or the flag isn't
+# recognized.
+PACKAGECONFIG[gcrypt-pbkdf2] = "--enable-gcrypt-pbkdf2"
+PACKAGECONFIG[internal-argon2] = "--enable-internal-argon2,--disable-internal-argon2"
+PACKAGECONFIG[internal-sse-argon2] = "--enable-internal-sse-argon2,--disable-internal-sse-argon2"
+PACKAGECONFIG[blkid] = "--enable-blkid,--disable-blkid,util-linux"
+PACKAGECONFIG[dev-random] = "--enable-dev-random,--disable-dev-random"
+PACKAGECONFIG[luks-adjust-xts-keysize] = "--enable-luks-adjust-xts-keysize,--disable-luks-adjust-xts-keysize"
+PACKAGECONFIG[openssl] = "--with-crypto_backend=openssl,,openssl"
+PACKAGECONFIG[gcrypt] = "--with-crypto_backend=gcrypt,,libgcrypt"
+PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss"
+PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel"
+PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle"
+PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1"
+PACKAGECONFIG[ssh-token] = "--enable-ssh-token,--disable-ssh-token,libssh"
+
+EXTRA_OECONF = "--enable-static"
+# Building without largefile is not supported by upstream
+EXTRA_OECONF += "--enable-largefile"
+# Requires a static popt library
+EXTRA_OECONF += "--disable-static-cryptsetup"
+# There's no recipe for libargon2 yet
+EXTRA_OECONF += "--disable-libargon2"
+# Disable documentation, there is no asciidoctor-native available in OE
+EXTRA_OECONF += "--disable-asciidoc"
+# libcryptsetup default PBKDF algorithm, Argon2 memory cost (KB), parallel threads and iteration time (ms)
+LUKS2_PBKDF ?= "argon2i"
+LUKS2_MEMORYKB ?= "1048576"
+LUKS2_PARALLEL_THREADS ?= "4"
+LUKS2_ITERTIME ?= "2000"
+
+EXTRA_OECONF += "--with-luks2-pbkdf=${LUKS2_PBKDF} \
+ --with-luks2-memory-kb=${LUKS2_MEMORYKB} \
+ --with-luks2-parallel-threads=${LUKS2_PARALLEL_THREADS} \
+ --with-luks2-iter-time=${LUKS2_ITERTIME}"
+
+do_install:append() {
+ # The /usr/lib/cryptsetup directory is always created, even when ssh-token
+ # is disabled. In that case it is empty and causes a packaging error. Since
+ # there is no reason to distribute the empty directory, the easiest solution
+ # is to remove it if it is empty.
+ rmdir -p --ignore-fail-on-non-empty ${D}${libdir}/${BPN}
+}
+
+FILES:${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}"
+
+RDEPENDS:${PN} = " \
+ libdevmapper \
+"
+
+RRECOMMENDS:${PN}:class-target = " \
+ kernel-module-aes-generic \
+ kernel-module-dm-crypt \
+ kernel-module-md5 \
+ kernel-module-cbc \
+ kernel-module-sha256-generic \
+ kernel-module-xts \
+"
+
+BBCLASSEXTEND = "native nativesdk"