subtree updates oct 3 2023

poky: fc25449687..a61e021c65:
  Alberto Planas (1):
        bitbake.conf: add unzstd in HOSTTOOLS

  Alejandro Hernandez Samaniego (2):
        baremetal-helloworld: Update SRCREV to fix entry addresses for ARM architectures
        baremetal-helloworld: Fix race condition

  Alex Kiernan (2):
        rootfs: Add debugfs package db file copy and cleanup
        rpm: Pick debugfs package db files/dirs explicitly

  Alexander Kanavin (35):
        maintaines.inc: unassign Richard Weinberger from erofs-utils entry
        maintainers.inc: unassign Andreas Müller from itstool entry
        maintainers.inc: unassign Pascal Bach from cmake entry
        maintainers.inc: correct unassigned entries
        maintainers.inc: correct Carlos Rafael Giani's email address
        apr: upgrade 1.7.3 -> 1.7.4
        scripts/runqemu: split lock dir creation into a reusable function
        scripts/runqemu: allocate unfsd ports in a way that doesn't race or clash with unrelated processes
        qemu: a pending patch was submitted and accepted upstream
        maintainers.inc: unassign Adrian Bunk from wireless-regdb
        maintainers.inc: unassign Alistair Francis from opensbi
        maintainers.inc: unassign Chase Qi from libc-test
        maintainers.inc: unassign Oleksandr Kravchuk from python3 and all other items
        maintainers.inc: unassign Ricardo Neri from ovmf
        grub: submit determinism.patch upstream
        gawk: upgrade 5.2.1 -> 5.2.2
        gnupg: upgrade 2.4.0 -> 2.4.2
        libx11: upgrade 1.8.4 -> 1.8.5
        linux-firmware: upgrade 20230404 -> 20230515
        serf: upgrade 1.3.9 -> 1.3.10
        wget: upgrade 1.21.3 -> 1.21.4
        wireless-regdb: upgrade 2023.02.13 -> 2023.05.03
        gdb: upgrade 13.1 -> 13.2
        sysfsutils: fetch a supported fork from github
        diffutils: update 3.9 -> 3.10
        libproxy: fetch from git
        cargo.bbclass: set up cargo environment in common do_compile
        rust-common.bbclass: move musl-specific linking fix from rust-source.inc
        Revert "rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock"
        ref-manual: document image-specific variant of INCOMPATIBLE_LICENSE
        glibc-locale: use stricter matching for metapackages' runtime dependencies
        devtool/upgrade: raise an error if extracting source produces more than one directory
        curl: ensure all ptest failures are caught
        python3: upgrade 3.11.2 -> 3.11.3
        python3: update 3.11.3 -> 3.11.4

  Alexis Lothoré (2):
        scripts/resulttool: add mention about new detected tests
        oeqa/utils/gitarchive: fix tag computation when creating archive

  Andrej Valek (2):
        busybox: 1.36.0 -> 1.36.1
        maintainers.inc: Modify email address

  Anuj Mittal (7):
        gstreamer1.0: upgrade 1.22.2 -> 1.22.3
        selftest/cases/glibc.py: fix the override syntax
        glibc/check-test-wrapper: don't emit warnings from ssh
        selftest/cases/glibc.py: increase the memory for testing
        oeqa/utils/nfs: allow requesting non-udp ports
        selftest/cases/glibc.py: switch to using NFS over TCP
        gstreamer1.0: upgrade 1.22.4 -> 1.22.5

  Archana Polampalli (3):
        qemu: fix CVE-2023-0330
        bind: upgrade 9.18.15 -> 9.18.16
        vim: upgrade 9.0.1592 -> 9.0.1664

  BELOUARGA Mohamed (2):
        meta: lib: oe: npm_registry: Add more safe caracters
        linux-firmware : Add firmware of RTL8822 serie

  Benjamin Bouvier (1):
        util-linux: add alternative links for ipcs,ipcrm

  Bruce Ashfield (33):
        linux-yocto/6.1: update to v6.1.26
        linux-yocto/6.1: update to v6.1.27
        linux-yocto/6.1: update to v6.1.28
        linux-yocto/6.1: update to v6.1.29
        linux-yocto/6.1: update to v6.1.30
        linux-yocto/6.1: update to v6.1.31
        linux-yocto/6.1: update to v6.1.32
        linux-yocto/5.15: update to v5.15.114
        linux-yocto/5.15: update to v5.15.115
        linux-yocto/5.15: update to v5.15.116
        linux-yocto/5.15: update to v5.15.117
        linux-yocto/5.15: update to v5.15.118
        linux-yocto/5.15: cfg: fix DECNET configuration warning
        linux-yocto/6.1: update to v6.1.33
        linux-yocto/6.1: fix intermittent x86 boot hangs
        linux-yocto/6.1: update to v6.1.34
        linux-yocto/6.1: update to v6.1.35
        linux-yocto/5.15: update to v5.15.119
        linux-yocto/5.15: update to v5.15.120
        linux-yocto/6.1: update to v6.1.36
        linux-yocto/6.1: update to v6.1.37
        linux-yocto/6.1: update to v6.1.38
        linux-yocto/5.15: update to v5.15.122
        linux-yocto/5.15: update to v5.15.123
        linux-yocto/5.15: update to v5.15.124
        linux-yocto/6.1: cfg: update ima.cfg to match current meta-integrity
        linux-yocto/6.1: update to v6.1.41
        linux-yocto/6.1: update to v6.1.43
        linux-yocto/6.1: update to v6.1.44
        linux-yocto/6.1: update to v6.1.45
        linux-yocto/6.1: fix uninitialized read in nohz_full/isolcpus setup
        linux-yocto/6.1: update to v6.1.46
        linux-yocto/6.1: fix IRQ-80 warnings

  Changqing Li (4):
        systemd: fix a dead link under /var/log
        dnf: only write the log lock to root for native dnf
        rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
        erofs-utils: fix CVE-2023-33551/CVE-2023-33552

  Charlie Wu (1):
        devtool: Fix the wrong variable in srcuri_entry

  Chee Yang Lee (6):
        python3-requests: fix CVE-2023-32681
        curl: fix CVE-2023-32001
        ghostscript: fix CVE-2023-38559
        librsvg: upgrade to 2.54.6
        libssh2: fix CVE-2020-22218
        python3: update to 3.11.5

  Chen Qi (13):
        cmake.bbclass: do not search host paths for find_program()
        qemurunner.py: fix error message about qmp
        sdk.py: error out when moving file fails
        sdk.py: fix moving dnf contents
        rpm: write macros under libdir
        zip: fix configure check by using _Static_assert
        zip: remove unnecessary LARGE_FILE_SUPPORT CLFAGS
        unzip: fix configure check for cross compilation
        unzip: remove hardcoded LARGE_FILE_SUPPORT
        ncurses: fix CVE-2023-29491
        cmake.bbclass: fix allarch override syntax
        multilib.conf: explicitly make MULTILIB_VARIANTS vardeps on MULTILIBS
        gcc-crosssdk: ignore MULTILIB_VARIANTS in signature computation

  Daniel Semkowicz (1):
        dev-manual: wic.rst: Update native tools build command

  Deepthi Hemraj (2):
        glibc: stable 2.37 branch updates.
        binutils: stable 2.40 branch updates

  Denys Dmytriyenko (1):
        binutils: move packaging of gprofng static lib into common .inc

  Dmitry Baryshkov (3):
        openssl: fix building on riscv32
        linux-firmware: package firmare for Dragonboard 410c
        linux-firmware: split platform-specific Adreno shaders to separate packages

  Ed Beroset (1):
        ref-manual: add clarification for SRCREV

  Enrico Scholz (1):
        shadow-sysroot: add license information

  Etienne Cordonnier (2):
        libxcrypt: fix hard-coded ".so" extension
        vim: update obsolete comment

  Fabien Mahot (2):
        useradd-example: package typo correction
        oeqa/selftest/bbtests: add non-existent prefile/postfile tests

  Frieder Paape (1):
        image_types: Fix reproducible builds for initramfs and UKI img

  Frieder Schrempf (1):
        psmisc: Set ALTERNATIVE for pstree to resolve conflict with busybox

  Hannu Lounento (1):
        profile-manual: fix blktrace remote usage instructions

  Ian Ray (1):
        systemd-systemctl: support instance expansion in WantedBy

  Jaeyoon Jung (1):
        cml1: Fix KCONFIG_CONFIG_COMMAND not conveyed fully in do_menuconfig

  Jermain Horsman (1):
        logrotate: Do not create logrotate.status file

  Joe Slater (1):
        ghostscript: fix CVE-2023-36664

  Joel Stanley (1):
        kernel: don't fail if Modules.symvers doesn't exist

  Jose Quaresma (8):
        kernel: config modules directories are handled by kernel-module-split
        kernel-module-split: install config modules directories only when they are needed
        kernel-module-split: use context manager to open files
        kernel-module-split: make autoload and probeconf distribution specific
        kernel-module-split add systemd modulesloaddir and modprobedir config
        openssl: add PERLEXTERNAL path to test its existence
        openssl: use a glob on the PERLEXTERNAL to track updates on the path
        go: update 1.20.5 -> 1.20.6

  Julien Stephan (1):
        automake: fix buildtest patch

  Jörg Sommer (2):
        runqemu-gen-tapdevs: Refactoring
        runqemu-ifupdown/get-tapdevs: Add support for ip tuntap

  Kai Kang (4):
        pm-utils: fix multilib conflictions
        webkitgtk: 2.38.5 -> 2.38.6
        webkitgtk: fix CVE-2023-32439
        webkitgtk: fix CVE-2023-32435

  Khem Raj (10):
        systemd: Drop a backport
        perf: Make built-in libtraceevent plugins cohabit with external libtraceevent
        glibc: Pass linker choice via compiler flags
        babeltrace2: Always use BFD linker when building tests with ld-is-lld distro feature
        parted: Add missing libuuid to linker cmdline for libparted-fs-resize.so
        rpcsvc-proto: Upgrade to 1.4.4
        libxml2: Do not use lld linker when building with tests on rv64
        python3-bcrypt: Use BFD linker when building tests
        meson.bbclass: Point to llvm-config from native sysroot
        build-sysroots: Add SUMMARY field

  Lee Chee Yang (7):
        migration-guides: add release notes for 4.0.10
        migration-guides: add release notes for 4.0.11
        migration-guides: add release notes for 4.2.2
        migration-guides: add release notes for 4.2.3
        migration-guides: add release notes for 4.0.12
        bind: update to 9.18.19
        ffmpeg: 5.1.2 -> 5.1.3

  Marc Ferland (1):
        connman: fix warning by specifying runstatedir at configure time

  Marek Vasut (1):
        linux-firmware: Fix mediatek mt7601u firmware path

  Mark Hatle (1):
        tcf-agent: Update to 1.8.0 release

  Markus Niebel (1):
        wic: fix wrong attempt to create file system in upartitioned regions

  Markus Volk (3):
        ell: upgrade 0.56 -> 0.57
        gtk4: upgrade 4.10.3 -> 4.10.4
        gtk4: upgrade 4.10.4 -> 4.10.5

  Martin Jansa (8):
        libx11: remove unused patch and FILESEXTRAPATHS
        qemu: remove unused qemu-7.0.0-glibc-2.36.patch
        minicom: remove unused patch files
        inetutils: remove unused patch files
        libgloss: remove unused patch file
        kmod: remove unused ptest.patch
        tcl: prevent installing another copy of tzdata
        gcc: backport a fix for ICE caused by CVE-2023-4039.patch

  Michael Halstead (4):
        resulttool/resultutils: allow index generation despite corrupt json
        yocto-uninative: Update hashes for uninative 4.1
        yocto-uninative: Update to 4.2 for glibc 2.38
        yocto-uninative: Update to 4.3

  Michael Opdenacker (13):
        ref-manual: releases.svg: updates
        conf.py: add macro for Mitre CVE links
        ref-manual: LTS releases now supported for 4 years
        poky.conf: update SANITY_TESTED_DISTROS to match autobuilder
        scripts/create-pull-request: update URLs to git repositories
        ref-manual: system-requirements: update supported distros
        manuals: add new contributor guide
        dev-manual: disk-space: mention faster "find" command to trim sstate cache
        sdk-manual: extensible.rst: fix multiple formatting issues
        dev-manual: disk-space: improve wording for obsolete sstate cache files
        dev-manual: new-recipe.rst fix inconsistency with contributor guide
        contributor-guide: recipe-style-guide: add Upstream-Status
        dev-manual: licenses: mention SPDX for license compliance

  Mikko Rapeli (1):
        useradd-staticids.bbclass: improve error message

  Mingli Yu (5):
        curl: fix CVE-2023-28319 through CVE-2023-28322
        python3-numpy: remove NPY_INLINE, use inline instead
        acpica: Update SRC_URI
        cups: Fix CVE-2023-34241
        ruby: Fix CVE-2023-36617

  Narpat Mali (5):
        python3-certifi: upgrade 2022.12.7 -> 2023.7.22
        ffmpeg: add CVE_CHECK_IGNORE for CVE-2023-39018
        python3-git: upgrade 3.1.31 -> 3.1.32
        python3-pygments: fix for CVE-2022-40896
        python3-git: upgrade 3.1.32 -> 3.1.37

  Natasha Bailey (1):
        tiff: backport a fix for CVE-2023-2731

  Oleksandr Hnatiuk (2):
        file: return wrapper to fix builds when file is in buildtools-tarball
        file: fix the way path is written to environment-setup.d

  Ovidiu Panait (7):
        mdadm: fix util-linux ptest dependency
        mdadm: fix 07revert-inplace ptest
        mdadm: fix segfaults when running ptests
        mdadm: skip running known broken ptests
        mdadm: re-add mdadm-ptest to PTESTS_SLOW
        mdadm: add util-linux-blockdev ptest dependency
        mdadm: skip running 04update-uuid and 07revert-inplace testcases

  Peter Marko (7):
        cve-update-nvd2-native: fix cvssV3 metrics
        cve-update-nvd2-native: retry all errors and sleep between retries
        cve-update-nvd2-native: increase retry count
        libjpeg-turbo: patch CVE-2023-2804
        python3: ignore CVE-2023-36632
        libarchive: ignore CVE-2023-30571
        openssl: Upgrade 3.1.1 -> 3.1.2

  Peter Suti (1):
        externalsrc: fix dependency chain issues

  Poonam Jadhav (1):
        pixman: Remove duplication of license MIT

  Quentin Schulz (3):
        docs: bsp-guide: bsp: fix typo
        docs: ref-manual: terms: fix typos in SPDX term
        uboot-extlinux-config.bbclass: fix old override syntax in comment

  Randolph Sapp (6):
        weston-init: make sure the render group exists
        weston-init: add weston user to the render group
        weston-init: add the weston user to the wayland group
        weston-init: fix the mixed indentation
        weston-init: guard against systemd configs
        weston-init: add profile to point users to global socket

  Richard Purdie (24):
        selftest/license: Exclude from world
        layer.conf: Add missing dependency exclusion
        v86d: Improve kernel dependency
        strace: Disable failing test
        bitbake: runqueue: Fix deferred task/multiconfig race issue
        strace: Merge two similar patches
        strace: Update patches/tests with upstream fixes
        ptest-runner: Pull in sync fix to improve log warnings
        ptest-runner: Ensure data writes don't race
        ptest-runner: Pull in "runner: Remove threads and mutexes" fix
        gcc-testsuite: Fix ppc cpu specification
        ptest-runner: Pull in parallel test fixes and output handling
        glibc-testsuite: Fix network restrictions causing test failures
        oeqa/target/ssh: Ensure EAGAIN doesn't truncate output
        oeqa/runtime/ltp: Increase ltp test output timeout
        ltp: Add kernel loopback module dependency
        target/ssh: Ensure exit code set for commands
        oeqa/ssh: Further improve process exit handling
        pseudo: Fix to work with glibc 2.38
        lib/package_manager: Improve repo artefact filtering
        gnupg: Fix reproducibility failure
        resulttool/report: Avoid divide by zero
        build-sysroots: Ensure dependency chains are minimal
        vim: Upgrade 9.0.1664 -> 9.0.1894

  Riyaz Khan (1):
        openssh: Remove BSD-4-clause contents completely from codebase

  Roland Hieber (2):
        template: fix typo in section header
        ref-manual: point outdated link to the new location

  Ross Burton (24):
        ninja: ignore CVE-2021-4336, wrong ninja
        binutils: fix CVE-2023-1972
        pkgconf: upgrade 1.9.4 -> 1.9.5
        git: upgrade to 2.39.3
        gobject-introspection: remove obsolete DEPENDS
        cve-update-nvd2-native: handle all configuration nodes, not just first
        cve-update-nvd2-native: use exact times, don't truncate
        cve-update-nvd2-native: log a little more
        cve-update-nvd2-native: actually use API keys
        tiff: upgrade to 4.5.1
        gcc: don't pass --enable-standard-branch-protection
        machine/arch-arm64: add -mbranch-protection=standard
        pkgconf: update SRC_URI
        python3: fix missing comma in get_module_deps3.py
        oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case
        rootfs_rpm: don't depend on opkg-native for update-alternatives
        ltp: add RDEPENDS on findutils
        openssh: upgrade to 9.3p2
        linux-yocto: add script to generate kernel CVE_CHECK_IGNORE entries
        linux/cve-exclusion: add generated CVE_CHECK_IGNOREs
        procps: backport fix for CVE-2023-4016
        graphene: fix runtime detection of IEEE754 behaviour
        gcc: Fix -fstack-protector issue on aarch64
        linux-yocto: update CVE exclusions

  Sakib Sajal (4):
        go: Upgrade 1.20.4 -> 1.20.5
        bno_plot.py, btt_plot.py: Ask for python3 specifically
        go: fix CVE-2023-24531
        go: upgrade 1.20.6 -> 1.20.7

  Sanjana (1):
        binutils: Fix CVE-2023-39128

  Sanjay Chitroda (2):
        cups: Fix CVE-2023-32324
        curl: Add CVE-2023-28320 follow-up fix

  Siddharth (1):
        tiff: Security fix for CVE-2023-25434 and CVE-2023-26965

  Siddharth Doshi (1):
        gdb: Fix CVE-2023-39128

  Soumya (1):
        perl: Fix CVE-2023-31484 & CVE-2023-31486

  Staffan Rydén (1):
        kernel: Fix path comparison in kernel staging dir symlinking

  Steve Sakoman (6):
        maintainers.inc: update version for gcc-source
        Revert "systemd: fix a dead link under /var/log"
        poky.conf: bump version for 4.2.2 release
        build-appliance-image: Update to mickledore head revision
        poky.conf: bump version for 4.2.3 release
        build-appliance-image: Update to mickledore head revision

  Stéphane Veyret (1):
        scripts/oe-setup-builddir: copy conf-notes.txt to build dir

  Sudip Mukherjee (2):
        dpkg: upgrade to v1.21.22
        bind: upgrade to v9.18.17

  Sundeep KOKKONDA (1):
        gcc : upgrade to v12.3

  Thomas Roos (1):
        testimage/oeqa: Drop testimage_dump_host functionality

  Tim Orling (1):
        openssl: upgrade 3.1.0 -> 3.1.1

  Tom Hochstein (1):
        weston: Cleanup and fix x11 and xwayland dependencies

  Trevor Gamblin (4):
        bind: upgrade 9.18.13 -> 9.18.14
        glib-networking: use correct error code in ptest
        vim: upgrade 9.0.1527 -> 9.0.1592
        linux-firmware: upgrade 20230515 -> 20230625

  Wang Mingyu (24):
        babeltrace2: upgrade 2.0.4 -> 2.0.5
        fribidi: upgrade 1.0.12 -> 1.0.13
        libdnf: upgrade 0.70.0 -> 0.70.1
        libmicrohttpd: upgrade 0.9.76 -> 0.9.77
        libxft: upgrade 2.3.7 -> 2.3.8
        libxpm: upgrade 3.5.15 -> 3.5.16
        mobile-broadband-provider-info: upgrade 20221107 -> 20230416
        bind: upgrade 9.18.14 -> 9.18.15
        xdpyinfo: upgrade 1.3.3 -> 1.3.4
        libxml2: upgrade 2.10.3 -> 2.10.4
        freetype: upgrade 2.13.0 -> 2.13.1
        gstreamer1.0: upgrade 1.22.3 -> 1.22.4
        libassuan: upgrade 2.5.5 -> 2.5.6
        libksba: upgrade 1.6.3 -> 1.6.4
        libx11: upgrade 1.8.5 -> 1.8.6
        lttng-ust: upgrade 2.13.5 -> 2.13.6
        taglib: upgrade 1.13 -> 1.13.1
        libwebp: upgrade 1.3.0 -> 1.3.1
        libnss-nis: upgrade 3.1 -> 3.2
        opkg: upgrade 0.6.1 -> 0.6.2
        opkg-utils: upgrade 0.5.0 -> 0.6.2
        file: upgrade 5.44 -> 5.45
        tar: upgrade 1.34 -> 1.35
        bind: upgrade 9.18.17 -> 9.18.18

  Xiangyu Chen (1):
        dbus: upgrade 1.14.6 -> 1.14.8

  Yash Shinde (1):
        glibc: fix CVE-2023-4527

  Yi Zhao (1):
        ifupdown: install missing directories

  Yoann Congal (3):
        recipetool: Fix inherit in created -native* recipes
        oeqa/selftest/devtool: add unit test for "devtool add -b"
        dev-manual: remove unsupported :term: markup inside markup

  Yogita Urade (8):
        dmidecode: fix CVE-2023-30630
        qemu: fix CVE-2023-3301
        qemu: fix CVE-2023-3255
        qemu: fix CVE-2023-2861
        inetutils: fix CVE-2023-40303
        nghttp2: fix CVE-2023-35945
        dropbear: fix CVE-2023-36328
        qemu: fix CVE-2023-3354

  Yuta Hayama (1):
        systemd-systemctl: fix errors in instance name expansion

  nikhil (1):
        libwebp: Fix CVE-2023-1999

  sanjana (2):
        binutils: stable 2.40 branch updates
        glibc: stable 2.37 branch updates

meta-openembedded: 9286582126..922f41b39f:
  Armin Kuster (1):
        openldap: update to 2.5.16.

  Beniamin Sandu (1):
        lmsensors: do not pull in unneeded perl modules for run-time dependencies

  Changqing Li (2):
        redis: upgrade 6.2.12 -> 6.2.13
        redis: upgrade 7.0.11 -> 7.0.12

  Chee Yang Lee (2):
        rabbitmq-c: Fix CVE-2023-35789
        c-ares: upgrade 1.19.0 -> 1.19.1

  Chen Qi (3):
        redis: use the files path correctly
        grpc: fix CVE-2023-32732
        grpc: fix CVE-2023-33953

  Chris Dimich (1):
        image_types_sparse: Fix syntax error

  Hitendra Prajapati (4):
        wireshark: Fix CVE-2023-2855 & CVE-2023-2856
        wireshark: Fix CVE-2023-2858 & CVE-2023-2879
        wireshark: CVE-2023-2952 XRA dissector infinite loop
        wireshark: Fix Multiple CVEs

  Jasper Orschulko (1):
        yaml-cpp: Fix cmake export

  Joe Slater (3):
        libgpiod: modify test 'gpioset: toggle (continuous)'
        python3-sqlparse: fix CVE-2023-30608
        libgpiod: modify RDEPENDS for ptest

  Khem Raj (2):
        fftw: Check for TOOLCHAIN_OPTIONS to be non-empty before sed ops
        system-config-printer: Delete __pycache__ files

  Lee Chee Yang (2):
        opensc: fix CVE-2023-2977
        x11vnc: Fix CVE-2020-29074

  Linus Jacobson (1):
        khronos-cts: Replace wayland feature dependancy with vulkan

  Martin Jansa (5):
        libiio: use main branch instead of master
        mongodb: enable hardware crc32 only with crc in TUNE_FEATURES
        khronos-cts.inc: respect MLPREFIX when appending DEPENDS with anonymous python
        libcyusbserial: fix installed-vs-shipped QA issue with multilib
        tcpreplay: fix pcap detection with /usr/lib32 multilib

  Mingli Yu (6):
        dialog: Update the SRC_URI
        gnulib: Update SRC_URI
        yajl: Fix CVE-2023-33460
        iniparser: Fix CVE-2023-33461
        php: Upgrade to 8.2.8
        mcelog: Drop unneeded autotools-brokensep

  Polampalli, Archana (6):
        tcpreplay: upgrade 4.4.3 -> 4.4.4
        nodejs: upgrade 18.14.2 -> 18.16.1
        yasm: fix CVE-2023-31975
        nodejs: upgrade 18.16.1 -> 18.17.1
        hwloc: fix CVE-2022-47022
        python3-appdirs: print ptest results in unified format

  Ross Burton (5):
        glade: add autoconf-archive-native DEPENDS
        libgxim: add autoconf-archive-native DEPENDS
        libblockdev: clean up DEPENDS
        imsettings: add missing DEPENDS on autoconf-archive-native
        system-config-printer: clean up DEPENDS

  Sandeep Gundlupet Raju 837 (1):
        opencv: Revert fix runtime dependencies

  Sanjay Chitroda (1):
        netkit-telnet: Fix CVE-2022-39028

  Soumya (1):
        yasm: fix CVE-2023-37732

  Soumya Sambu (1):
        krb5: Fix CVE-2023-36054

  Soumya via (1):
        opencv: Fix for CVE-2023-2617

  Urade, Yogita t.mo (1):
        c-ares: fix CVE-2023-32067

  Wang Mingyu (3):
        python3-django: upgrade 4.1.7 -> 4.2.1
        iperf3: upgrade 3.13 -> 3.14
        tcpdump: upgrade 4.99.3 -> 4.99.4

  Xiangyu Chen (2):
        libbpf: installing uapi headers for native package
        meta-oe: add pahole to NON_MULTILIB_RECIPES

  Yi Zhao (4):
        frr: upgrade 8.4.2 -> 8.4.4
        mbedtls: upgrade 2.28.2 -> 2.28.3
        open-vm-tools: Security fix CVE-2023-20867
        frr: Security fix CVE-2023-3748

  Yogita Urade (1):
        poppler: fix CVE-2023-34872

meta-arm: 8db460fa5d..6e199b354e:
  Abdellatif El Khlifi (6):
        arm-bsp/documentation: corstone1000: Update change log
        arm-bsp/doc: corstone1000: Update the software architecture document
        arm-bsp/documentation: corstone1000: update the release note
        arm-bsp/documentation: corstone1000: update user guide
        kas: set the SHAs for 2023.06 release
        arm-bsp/trusted-firmware-a: corstone1000: enable ERRATA_A35_855472

  Adam Johnston (2):
        CI: Platform specific Trusted Services config
        arm-bsp/trusted-firmware-a: Reserve OP-TEE memory from NWd on N1SDP

  Anton Antonov (1):
        arm/oeqa: Make ts-service-test config match selected SPs

  Denys Dmytriyenko (1):
        optee-os: do not explicitly set CFG_MAP_EXT_DT_SECURE=y

  Emekcan Aras (7):
        arm-bsp/u-boot: corstone1000: Fix EFI multiple protocol install failure
        arm-bsp/u-boot: corstone1000: Enable EFI set/get time services
        arm-bsp/trusted-services: corstone1000: GetNextVariableName Fix
        arm-bsp/optee-os:corstone1000: Drop SPMC non secure interrupt patches
        arm-bsp/u-boot: corstone1000: Fix u-boot compilation warnings
        arm-bsp/trusted-services: corstone1000: Fix PSA_RAW_KEY agreement test
        arm-bsp/trusted-services: corstone1000: Fix Capsule Update

  Gyorgy Szing (11):
        arm/trusted-services: update TS version
        optee-os: remove v3.18 pin of OP-TEE on qemuarm64-secureboot
        optee-os: Add support for TOS_FW_CONFIG on qemu
        arm/trusted-firmware-a: Add TOS_FW_CONFIG handling for quemu
        optee-test: backport SWd ABI compatibility changes
        optee-os: enable SPMC test
        arm/oeqa: enable OP-TEE SPMC tests
        trusted-services: update documentation
        arm/trusted-services: disable psa-iat on qemuarm64-secureboot
        arm/trusted-services: fix nanopb build error
        optee-os: unblock NWd interrupts

  Jon Mason (3):
        CI: remove master refspec for meta-virtualization yml file
        arm/linux-yocto: move 6.1 patches to a unique bbappend
        README: remove reference to meta-arm-autonomy

  Robbie Cao (1):
        arm/recipes-kernel: Add preempt-rt support for generic-arm64

  Rui Miguel Silva (3):
        arm-bsp/trusted-services:corstone1000: remove already merged patches
        arm-bsp/trusted-services: remove merged patches for corstone1000
        arm-bps/corstone1000: setup trusted service proxy configuration

  Tomás González (2):
        arm-bsp/documentation: corstone1000: Update the user guide
        arm-bsp/documentation: corstone1000: Update the release notes

Change-Id: I19ad289a1580a28192b5c063d06553d4e171687b
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
584 files changed
tree: be163d890651760d24effea503cd567df3e119b5
  1. .github/
  2. meta-amd/
  3. meta-ampere/
  4. meta-arm/
  5. meta-aspeed/
  6. meta-asrock/
  7. meta-bytedance/
  8. meta-delta/
  9. meta-evb/
  10. meta-facebook/
  11. meta-fii/
  12. meta-google/
  13. meta-hpe/
  14. meta-ibm/
  15. meta-ingrasys/
  16. meta-inspur/
  17. meta-intel-openbmc/
  18. meta-inventec/
  19. meta-nuvoton/
  20. meta-openembedded/
  21. meta-openpower/
  22. meta-phosphor/
  23. meta-qualcomm/
  24. meta-quanta/
  25. meta-raspberrypi/
  26. meta-security/
  27. meta-supermicro/
  28. meta-tyan/
  29. meta-ufispace/
  30. meta-wistron/
  31. meta-yadro/
  32. poky/
  33. .eslintrc.json
  34. .gitignore
  35. .gitreview
  36. openbmc-env
  37. OWNERS
  38. README.md
  39. setup
README.md

OpenBMC

Build Status

OpenBMC is a Linux distribution for management controllers used in devices such as servers, top of rack switches or RAID appliances. It uses Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your platform.

Setting up your OpenBMC project

1) Prerequisite

See the Yocto documentation for the latest requirements

Ubuntu

sudo apt install git python3-distutils gcc g++ make file wget \
    gawk diffstat bzip2 cpio chrpath zstd lz4 bzip2

Fedora

sudo dnf install git python3 gcc g++ gawk which bzip2 chrpath cpio \
    hostname file diffutils diffstat lz4 wget zstd rpcgen patch

2) Download the source

git clone https://github.com/openbmc/openbmc
cd openbmc

3) Target your hardware

Any build requires an environment set up according to your hardware target. There is a special script in the root of this repository that can be used to configure the environment as needed. The script is called setup and takes the name of your hardware target as an argument.

The script needs to be sourced while in the top directory of the OpenBMC repository clone, and, if run without arguments, will display the list of supported hardware targets, see the following example:

$ . setup <machine> [build_dir]
Target machine must be specified. Use one of:

bletchley               mori                    s8036
dl360poc                mtjade                  swift
e3c246d4i               mtmitchell              tatlin-archive-x86
ethanolx                nicole                  tiogapass
evb-ast2500             olympus-nuvoton         transformers
evb-ast2600             on5263m5                vegman-n110
evb-npcm750             p10bmc                  vegman-rx20
f0b                     palmetto                vegman-sx20
fp5280g2                qcom-dc-scm-v1          witherspoon
g220a                   quanta-q71l             witherspoon-tacoma
gbs                     romed8hm3               x11spi
greatlakes              romulus                 yosemitev2
gsj                     s2600wf                 zaius
kudo                    s6q
lannister               s7106

Once you know the target (e.g. romulus), source the setup script as follows:

. setup romulus

4) Build

bitbake obmc-phosphor-image

Additional details can be found in the docs repository.

OpenBMC Development

The OpenBMC community maintains a set of tutorials new users can go through to get up to speed on OpenBMC development out here

Build Validation and Testing

Commits submitted by members of the OpenBMC GitHub community are compiled and tested via our Jenkins server. Commits are run through two levels of testing. At the repository level the makefile make check directive is run. At the system level, the commit is built into a firmware image and run with an arm-softmmu QEMU model against a barrage of CI tests.

Commits submitted by non-members do not automatically proceed through CI testing. After visual inspection of the commit, a CI run can be manually performed by the reviewer.

Automated testing against the QEMU model along with supported systems are performed. The OpenBMC project uses the Robot Framework for all automation. Our complete test repository can be found here.

Submitting Patches

Support of additional hardware and software packages is always welcome. Please follow the contributing guidelines when making a submission. It is expected that contributions contain test cases.

Bug Reporting

Issues are managed on GitHub. It is recommended you search through the issues before opening a new one.

Questions

First, please do a search on the internet. There's a good chance your question has already been asked.

For general questions, please use the openbmc tag on Stack Overflow. Please review the discussion on Stack Overflow licensing before posting any code.

For technical discussions, please see contact info below for Discord and mailing list information. Please don't file an issue to ask a question. You'll get faster results by using the mailing list or Discord.

Will OpenBMC run on my Acme Server Corp. XYZ5000 motherboard?

This is a common question, particularly regarding boards from popular COTS (commercial off-the-shelf) vendors such as Supermicro and ASRock. You can see the list of supported boards by running . setup (with no further arguments) in the root of the OpenBMC source tree. Most of the platforms supported by OpenBMC are specialized servers operated by companies running large datacenters, but some more generic COTS servers are supported to varying degrees.

If your motherboard is not listed in the output of . setup it is not currently supported. Porting OpenBMC to a new platform is a non-trivial undertaking, ideally done with the assistance of schematics and other documentation from the manufacturer (it is not completely infeasible to take on a porting effort without documentation via reverse engineering, but it is considerably more difficult, and probably involves a greater risk of hardware damage).

However, even if your motherboard is among those listed in the output of . setup, there are two significant caveats to bear in mind. First, not all ports are equally mature -- some platforms are better supported than others, and functionality on some "supported" boards may be fairly limited. Second, support for a motherboard is not the same as support for a complete system -- in particular, fan control is critically dependent on not just the motherboard but also the fans connected to it and the chassis that the board and fans are housed in, both of which can vary dramatically between systems using the same board model. So while you may be able to compile and install an OpenBMC build on your system and get some basic functionality, rough edges (such as your cooling fans running continuously at full throttle) are likely.

Features of OpenBMC

Feature List

  • Host management: Power, Cooling, LEDs, Inventory, Events, Watchdog
  • Full IPMI 2.0 Compliance with DCMI
  • Code Update Support for multiple BMC/BIOS images
  • Web-based user interface
  • REST interfaces
  • D-Bus based interfaces
  • SSH based SOL
  • Remote KVM
  • Hardware Simulation
  • Automated Testing
  • User management
  • Virtual media

Features In Progress

  • OpenCompute Redfish Compliance
  • Verified Boot

Features Requested but need help

  • OpenBMC performance monitoring

Finding out more

Dive deeper into OpenBMC by opening the docs repository.

Technical Steering Committee

The Technical Steering Committee (TSC) guides the project. Members are:

  • Roxanne Clarke, IBM
  • Nancy Yuen, Google
  • Patrick Williams, Meta
  • Terry Duncan, Intel
  • Sagar Dharia, Microsoft
  • Samer El-Haj-Mahmoud, Arm

Contact