subtree updates
meta-arm: 0164b4ca7a..13199c55c0:
Adam Johnston (1):
arm-bsp/linux-yocto: Upgrade kernel to v5.19 for N1SDP
Anton Antonov (4):
meta-arm/trusted-services: Use GCC toolchain for specific TS recipes only.
arm/trusted-services: Remove patches merged upstream
arm/trusted-services: Remove remaining patches merged upstream
arm/trusted-services: include documentation
Davidson K (1):
arm-bsp/linux-arm64-ack: make it compatible with gcc-12 for TC
Emekcan (2):
arm-bsp/linux-yocto: update RPMSG_CTRL config for corstone1000
arm-bsp/kernel: Fix TEE driver bug for corstone1000
Jon Mason (3):
CI: trusted services as a feature instead of a machine
CI: cleanups for targets and removed tests
arm-bsp: zephyr removal
Peter Hoyes (1):
arm/lib: Do not log FVP return codes < 0
Ross Burton (2):
arm/optee-spdevkit: remove
CI: restrict compression threading
Rui Miguel Silva (1):
arm-bsp/corstone1000: bump kernel version to 5.19
Rupinderjit Singh (1):
arm: update Android common kernel
Satish Kumar (4):
arm-bsp/u-boot: corstone1000: esrt support
arm-bsp/trusted-firmware-m: corstone1000: bump tfm SHA
arm-bsp/trusted-firmware-m: corstone1000: fix sournce dir of libmetal and openamp
arm-bsp/trusted-firmware-m: corstone1000: secure debug code checkout from yocto
Sumit Garg (2):
arm-toolchain: update Arm GCC to 11.3
external-arm-toolchain: Enable 11.3.rel1 support
Vishnu Banavath (1):
arm-bsp/corstone500: upgrade kernel to v5.19
meta-raspberrypi: 45d56d82b7..fc5f80a47e:
Devendra Tewari (3):
rpi-cmdline: Leave cma value to kernel default
libcamera: Tweak to build for Raspberry Pi
rpi-libcamera-apps: add new recipe
Martin Jansa (1):
lirc: rename bbappend to match 0.10.%
Zygmunt Krynicki (2):
ci: fix typo: unconditionally
ci: fix apparent typo in file patterns
meta-openembedded: ce0b93fc12..6529e5f963:
Alexander Kanavin (3):
python3-cchardet: depend on cython
python3-gevent: make compatible with python 3.11
python3-pybluez: add python 3.11 patch
Anuj Mittal (1):
opencv: fix reproducibility issues
Devendra Tewari (2):
libcamera: Bump SRCREV and add libyaml to DEPENDS
libcamera: Remove boost from DEPENDS
Fabio Estevam (1):
spice: Include aarch64 to COMPATIBLE_HOST
Federico Pellegrin (2):
chrony: add pkgconfig class as pkg-config is explicitly searched for
chrony: correct parameter to configure to disable readline usage
Hao Jiang (1):
mctp: install the .target files
Jiaqing Zhao (1):
openldap: Upgrade 2.5.12 -> 2.5.13
Khem Raj (2):
open62541: Disable lto on riscv/clang
python3-gevent: Upgrade to 22.8.0
Leon Anavi (10):
python3-networkx: Upgrade 2.8.6 -> 2.8.7
python3-coverage: Upgrade 6.4.4 -> 6.5.0
python3-rdflib: Upgrade 6.1.1 -> 6.2.0
python3-tabulate: Upgrade 0.8.10 -> 0.9.0
python3-imageio: Upgrade 2.22.0 -> 2.22.1
python3-astroid: Upgrade 2.12.10 -> 2.12.11
python3-jsonref: Upgrade 0.2 -> 0.3.0
python3-sentry-sdk: Upgrade 1.5.12 -> 1.9.10
python3-greenlet: Upgrade 1.1.3 -> 1.1.3.post0
python3-xmltodict: Upgrade 0.12.0 -> 0.13.0
Markus Volk (2):
blueman: upgrade 2.2.4 -> 2.3.2
gtkmm3: upgrade 3.24.5 -> 3.24.7
Martin Jansa (2):
re2: fix branch name from master to main
jack: fix compatibility with python-3.11
Mathieu Dubois-Briand (3):
mbedtls: Fix CVE product name
mbedtls: Update to 2.28.1 version
mbedtls: Whitelist CVE-2021-43666, CVE-2021-45451
Matthias Klein (1):
paho-mqtt-c: upgrade 1.3.10 -> 1.3.11
Michael Opdenacker (1):
tio: correct license information
Mingli Yu (1):
mariadb: not use qemu to run cross-compiled binaries
S. Lockwood-Childs (1):
x265: support aarch64
Thomas Perrot (1):
spitools: remove unused BPV variable
Vyacheslav Yurkov (1):
opcua: Add new recipe
Wang Mingyu (20):
ctags: upgrade 5.9.20220925.0 -> 5.9.20221002.0
dnfdragora: upgrade 2.1.2 -> 2.1.3
dool: upgrade 1.0.0 -> 1.1.0
freeglut: upgrade 3.2.1 -> 3.4.0
gspell: upgrade 1.11.1 -> 1.12.0
hwdata: upgrade 0.362 -> 0.363
iperf3: upgrade 3.11 -> 3.12
libnet-dns-perl: upgrade 1.34 -> 1.35
lirc: upgrade 0.10.1 -> 0.10.2
metacity: upgrade 3.44.0 -> 3.46.0
flatbuffers: upgrade 2.0.8 -> 22.9.29
opencl-headers: upgrade 2022.09.23 -> 2022.09.30
php: upgrade 8.1.10 -> 8.1.11
poppler: upgrade 22.09.0 -> 22.10.0
xfstests: upgrade 2022.09.04 -> 2022.09.25
links: upgrade 2.27 -> 2.28
st: upgrade 0.8.5 -> 0.9
python3-requests-toolbelt: upgrade 0.9.1 -> 0.10.0
Add nativesdk-systemd-systemctl as dependency of dnf-plugin-tui
dnf-plugin-tui: Add nativesdk
Yi Zhao (4):
strongswan: upgrade 5.9.7 -> 5.9.8
open-vm-tools: upgrade 11.3.5 -> 12.1.0
dhcp-relay: upgrade 4.4.3 -> 4.4.3-P1
frr: Security fix CVE-2022-37032
zhengrq.fnst (5):
python3-protobuf: upgrade 4.21.6 -> 4.21.7
stunnel: upgrade 5.65 -> 5.66
python3-web3: upgrade 5.31.0 -> 5.31.1
wolfssl: upgrade 5.5.0 -> 5.5.1
python3-xmlschema: upgrade 2.1.0 -> 2.1.1
meta-security: 824d2762f6..e8e7318189:
Armin Kuster (3):
apparmor: update to 3.0.7
libgssglue: update to 0.7
cryptmount: update to 6.0
Michael Haener (1):
tpm: update the linux-yocto rule with the one from sanity-meta-tpm class
poky: 5200799866..3e5faccfaf:
Johan Korsnes (1):
migration guides: 3.4: remove spurious space in example
Lee Chee Yang (1):
migration guides: add release notes for 4.0.4
Michael Opdenacker (35):
manuals: improve initramfs details
manuals: add references to the "do_fetch" task
manuals: add reference to the "do_install" task
manuals: add references to the "do_build" task
manuals: add reference to "do_configure" task
manuals: add reference to the "do_compile" task
manuals: add references to the "do_deploy" task
manuals: add references to the "do_image" task
manuals: add references to the "do_package" task
manuals: add references to the "do_package_qa" task
overview-manual: concepts.rst: add reference to "do_packagedata" task
manuals: add references to the "do_patch" task
manuals: add references to "do_package_write_*" tasks
ref-manual: variables.rst: add reference to "do_populate_lic" task
manuals: add reference to the "do_populate_sdk" task
overview-manual: concepts.rst: add reference to "do_populate_sdk_ext" task
manuals: add references to "do_populate_sysroot" task
manuals: add references to the "do_unpack" task
dev-manual: common-tasks.rst: add reference to "do_clean" task
manuals: add references to the "do_cleanall" task
ref-manual: tasks.rst: add references to the "do_cleansstate" task
manuals: add references to the "do_devshell" task
dev-manual: common-tasks.rst: add reference to "do_listtasks" task
manuals: add references to the "do_bundle_initramfs" task
manuals: add references to the "do_rootfs" task
ref-manual: tasks.rst: add reference to the "do_kernel_checkout" task
manuals: add reference to the "do_kernel_configcheck" task
manuals: add references to the "do_kernel_configme" task
ref-manual: tasks.rst: add reference to the "do_kernel_metadata" task
migration-guides: add reference to the "do_shared_workdir" task
ref-manual: tasks.rst: add reference to the "do_validate_branches" task
ref-manual: tasks.rst: add reference to the "do_image_complete" task
ref-manual: system-requirements: Ubuntu 22.04 now supported
overview-manual: concepts.rst: fix formating and add references
ref-manual/faq.rst: update references to products built with OE / Yocto Project
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I14d679e25bd1c7545bc2d0f545f876aeb0a333b4
diff --git a/meta-arm/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-11.3/0002-gcc-poison-system-directories.patch b/meta-arm/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-11.3/0002-gcc-poison-system-directories.patch
new file mode 100644
index 0000000..d19cefb
--- /dev/null
+++ b/meta-arm/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-11.3/0002-gcc-poison-system-directories.patch
@@ -0,0 +1,226 @@
+From 863f1f9dc78839ecd021b2cb01d501e8c9e00ef7 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 8 Mar 2021 16:04:20 -0800
+Subject: [PATCH] gcc: poison-system-directories
+
+Add /sw/include and /opt/include based on the original
+zecke-no-host-includes.patch patch. The original patch checked for
+/usr/include, /sw/include and /opt/include and then triggered a failure and
+aborted.
+
+Instead, we add the two missing items to the current scan. If the user
+wants this to be a failure, they can add "-Werror=poison-system-directories".
+
+Upstream-Status: Pending
+Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ gcc/common.opt | 4 ++++
+ gcc/config.in | 10 ++++++++++
+ gcc/configure | 19 +++++++++++++++++++
+ gcc/configure.ac | 16 ++++++++++++++++
+ gcc/doc/invoke.texi | 9 +++++++++
+ gcc/gcc.c | 9 +++++++--
+ gcc/incpath.c | 21 +++++++++++++++++++++
+ 7 files changed, 86 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/common.opt b/gcc/common.opt
+index a75b44ee47e..d15105a73f3 100644
+--- a/gcc/common.opt
++++ b/gcc/common.opt
+@@ -683,6 +683,10 @@ Wreturn-local-addr
+ Common Var(warn_return_local_addr) Init(1) Warning
+ Warn about returning a pointer/reference to a local or temporary variable.
+
++Wpoison-system-directories
++Common Var(flag_poison_system_directories) Init(1) Warning
++Warn for -I and -L options using system directories if cross compiling
++
+ Wshadow
+ Common Var(warn_shadow) Warning
+ Warn when one variable shadows another. Same as -Wshadow=global.
+diff --git a/gcc/config.in b/gcc/config.in
+index 048bf52e8c2..4f973f7906a 100644
+--- a/gcc/config.in
++++ b/gcc/config.in
+@@ -230,6 +230,16 @@
+ #endif
+
+
++/* Define to warn for use of native system header directories */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_POISON_SYSTEM_DIRECTORIES
++#endif
++/* Define to warn for use of native system header directories */
++#ifndef USED_FOR_TARGET
++#undef POISON_BY_DEFAULT
++#endif
++
++
+ /* Define if you want all operations on RTL (the basic data structure of the
+ optimizer and back end) to be checked for dynamic type safety at runtime.
+ This is quite expensive. */
+diff --git a/gcc/configure b/gcc/configure
+index 7218b0c331a..d7445339f9a 100755
+--- a/gcc/configure
++++ b/gcc/configure
+@@ -1019,6 +1019,7 @@ enable_maintainer_mode
+ enable_link_mutex
+ enable_link_serialization
+ enable_version_specific_runtime_libs
++enable_poison_system_directories
+ enable_plugin
+ enable_host_shared
+ enable_libquadmath_support
+@@ -1781,6 +1782,8 @@ Optional Features:
+ --enable-version-specific-runtime-libs
+ specify that runtime libraries should be installed
+ in a compiler-specific directory
++ --enable-poison-system-directories
++ warn for use of native system header directories
+ --enable-plugin enable plugin support
+ --enable-host-shared build host code as shared libraries
+ --disable-libquadmath-support
+@@ -31932,6 +31935,22 @@ if test "${enable_version_specific_runtime_libs+set}" = set; then :
+ fi
+
+
++# Check whether --enable-poison-system-directories was given.
++if test "${enable_poison_system_directories+set}" = set; then :
++ enableval=$enable_poison_system_directories;
++else
++ enable_poison_system_directories=no
++fi
++
++if test "x${enable_poison_system_directories}" != "xno"; then
++
++$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
++if test "$enable_poison_system_directories" = "error"; then
++$as_echo "#define POISON_BY_DEFAULT 1" >>confdefs.h
++fi
++
++fi
++
+ # Substitute configuration variables
+
+
+diff --git a/gcc/configure.ac b/gcc/configure.ac
+index 49f043ed29b..fe488f2232b 100644
+--- a/gcc/configure.ac
++++ b/gcc/configure.ac
+@@ -7393,6 +7393,22 @@ AC_ARG_ENABLE(version-specific-runtime-libs,
+ [specify that runtime libraries should be
+ installed in a compiler-specific directory])])
+
++AC_ARG_ENABLE([poison-system-directories],
++ AS_HELP_STRING([--enable-poison-system-directories],
++ [warn for use of native system header directories (no/yes/error)]),,
++ [enable_poison_system_directories=no])
++AC_MSG_NOTICE([poisoned directories $enable_poison_system_directories])
++if test "x${enable_poison_system_directories}" != "xno"; then
++ AC_MSG_NOTICE([poisoned directories enabled])
++ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
++ [1],
++ [Define to warn for use of native system header directories])
++ if test $enable_poison_system_directories = "error"; then
++ AC_MSG_NOTICE([poisoned directories are fatal])
++ AC_DEFINE([POISON_BY_DEFAULT], [1], [Define to make poison warnings errors])
++ fi
++fi
++
+ # Substitute configuration variables
+ AC_SUBST(subdirs)
+ AC_SUBST(srcdir)
+diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+index 35508efb4ef..40f798eac78 100644
+--- a/gcc/doc/invoke.texi
++++ b/gcc/doc/invoke.texi
+@@ -369,6 +369,7 @@ Objective-C and Objective-C++ Dialects}.
+ -Wpacked -Wno-packed-bitfield-compat -Wpacked-not-aligned -Wpadded @gol
+ -Wparentheses -Wno-pedantic-ms-format @gol
+ -Wpointer-arith -Wno-pointer-compare -Wno-pointer-to-int-cast @gol
++-Wno-poison-system-directories @gol
+ -Wno-pragmas -Wno-prio-ctor-dtor -Wredundant-decls @gol
+ -Wrestrict -Wno-return-local-addr -Wreturn-type @gol
+ -Wno-scalar-storage-order -Wsequence-point @gol
+@@ -7728,6 +7729,14 @@ made up of data only and thus requires no special treatment. But, for
+ most targets, it is made up of code and thus requires the stack to be
+ made executable in order for the program to work properly.
+
++@item -Wno-poison-system-directories
++@opindex Wno-poison-system-directories
++Do not warn for @option{-I} or @option{-L} options using system
++directories such as @file{/usr/include} when cross compiling. This
++option is intended for use in chroot environments when such
++directories contain the correct headers and libraries for the target
++system rather than the host.
++
+ @item -Wfloat-equal
+ @opindex Wfloat-equal
+ @opindex Wno-float-equal
+diff --git a/gcc/gcc.c b/gcc/gcc.c
+index 0af888c7d78..b047fc31c2f 100644
+--- a/gcc/gcc.c
++++ b/gcc/gcc.c
+@@ -1152,6 +1152,8 @@ proper position among the other output files. */
+ "%{fuse-ld=*:-fuse-ld=%*} " LINK_COMPRESS_DEBUG_SPEC \
+ "%X %{o*} %{e*} %{N} %{n} %{r}\
+ %{s} %{t} %{u*} %{z} %{Z} %{!nostdlib:%{!r:%{!nostartfiles:%S}}} \
++ %{Wno-poison-system-directories:--no-poison-system-directories} \
++ %{Werror=poison-system-directories:--error-poison-system-directories} \
+ %{static|no-pie|static-pie:} %@{L*} %(mfwrap) %(link_libgcc) " \
+ VTABLE_VERIFICATION_SPEC " " SANITIZER_EARLY_SPEC " %o "" \
+ %{fopenacc|fopenmp|%:gt(%{ftree-parallelize-loops=*:%*} 1):\
+@@ -1247,8 +1249,11 @@ static const char *cpp_unique_options =
+ static const char *cpp_options =
+ "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\
+ %{f*} %{g*:%{%:debug-level-gt(0):%{g*}\
+- %{!fno-working-directory:-fworking-directory}}} %{O*}\
+- %{undef} %{save-temps*:-fpch-preprocess}";
++ %{!fno-working-directory:-fworking-directory}}} %{O*}"
++#ifdef POISON_BY_DEFAULT
++ " -Werror=poison-system-directories"
++#endif
++ " %{undef} %{save-temps*:-fpch-preprocess}";
+
+ /* Pass -d* flags, possibly modifying -dumpdir, -dumpbase et al.
+
+diff --git a/gcc/incpath.c b/gcc/incpath.c
+index 446d280321d..fbfc0ce03b8 100644
+--- a/gcc/incpath.c
++++ b/gcc/incpath.c
+@@ -26,6 +26,7 @@
+ #include "intl.h"
+ #include "incpath.h"
+ #include "cppdefault.h"
++#include "diagnostic-core.h"
+
+ /* Microsoft Windows does not natively support inodes.
+ VMS has non-numeric inodes. */
+@@ -395,6 +396,26 @@ merge_include_chains (const char *sysroot, cpp_reader *pfile, int verbose)
+ }
+ fprintf (stderr, _("End of search list.\n"));
+ }
++
++#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
++ if (flag_poison_system_directories)
++ {
++ struct cpp_dir *p;
++
++ for (p = heads[INC_QUOTE]; p; p = p->next)
++ {
++ if ((!strncmp (p->name, "/usr/include", 12))
++ || (!strncmp (p->name, "/usr/local/include", 18))
++ || (!strncmp (p->name, "/usr/X11R6/include", 18))
++ || (!strncmp (p->name, "/sw/include", 11))
++ || (!strncmp (p->name, "/opt/include", 12)))
++ warning (OPT_Wpoison_system_directories,
++ "include location \"%s\" is unsafe for "
++ "cross-compilation",
++ p->name);
++ }
++ }
++#endif
+ }
+
+ /* Use given -I paths for #include "..." but not #include <...>, and