subtree updates
meta-openembedded: 5357c7a40e..a47ef04661:
Adrian Fiergolski (1):
python3-matplotlib: add missing dependency
Adrian Freihofer (2):
conntrack-tools: fix postinst script
modemmanager: update to 1.18.8
Akash Hadke (2):
ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g"
iperf: Set CVE_PRODUCT to "iperf_project:iperf"
Armin Kuster (5):
meta-oe-image: fix build depends
meta-python-image: Fix build depends
meta-gnome: fix layer depends.
mariadb: update to 10.7.4
mariadb: Fix i386 Clang builds
Ashish Sharma (1):
netserver: don't change permissions on /dev/null
Aurélien Bertron (1):
fix(syslog-ng): warning about conf version
Bartosz Golaszewski (2):
python3-speedtest-cli: fix RDEPENDS
python3-pybluez: fix a runtime issue with python 3.10
Bassem Boubaker (1):
conntrack-tools: Fix missing capability
Changqing Li (5):
chrony: create /var/lib/chrony by systemd-tmpfiles
redis: upgrade 6.2.6 -> 6.2.7
redis: upgrade 7.0-rc3 -> 7.0.2
apache2: upgrade 2.4.53 -> 2.4.54
zabbix: upgrade 5.2.6 -> 5.4.12
Chen Qi (1):
ntfs-3g-ntfsprogs: upgrade to 2022.5.17
Davide Gardenal (11):
emlog: ignore unrelated CVEs
imagemagick: upgrade 7.0.10-25 -> 7.0.10-62
usrsctp: add CVE_VERSION to correctly check for CVEs
openflow: ignore CVE-2018-1078
ntp: ignore many CVEs
wireshark: upgrade 3.4.11 -> 3.4.12
thrift: add CVE_PRODUCT to fix CVE reporting
spice: ignore patched CVEs
quagga: ignore CVE-2016-4049
freeradius: ignore patched CVEs
openflow: ignore unrelated CVEs
Denys Dmytriyenko (3):
devmem2: reinstate previous patches, removed by mistake
devmem2: add support for different page sizes
devmem2: the source and patches moved to github repo
Diego Sueiro (1):
bats: upgrade 1.6.0 -> 1.6.1
Gianfranco (2):
sdbus-c++-libsystemd: Bump SRCREV to last commit of 250-stable branch
libmtp: Add doxygen-native dependency in case documentation build is enabled in PACKAGECONFIG. This fixes a FTBFS due to missing dependency.
Gianfranco Costamagna (1):
vboxguestdrivers: upgrade 6.1.32 -> 6.1.34
Hitendra Prajapati (1):
cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
Javier Viguera (1):
networkmanager: fix build with enabled ppp
Jeremy Puhlman (1):
freeradius: mutlilib fixes
Jiaqing Zhao (2):
openldap: Remove libgcrypt dependency
openldap: Upgrade 2.5.9 -> 2.5.12
Joerg Vehlow (1):
jq: Fix typo OE_EXTRACONF -> EXTRA_OECONF
Julien STEPHAN (1):
libcamera: fix packaging
Kai Kang (4):
conntrack-tools: fix postinst script
python3-wxgtk4: backport patch to fix svg issue
libportal: add distro features check
graphviz: rrecommends on liberation-fonts
Khem Raj (11):
ufw: Fix packaging errors found with ppc64
libcereal: Enable for glibc/ppc
mimic: Use special rateconv.c license
makedumpfile: Use right TARGET for ppc32
evince: Add dbus to depnedencies on non-x11 builds
evolution-data-server: Do not pass --library-path to gir compiler
python3-wxgtk4: Needs x11 for sip module
unattended-upgrades: Disable auto-detecting modules
sdbus-c++: Link with libatomic on mips/ppc32
sdbus-c++: Link with libatomic for rv32
sdbus-c++-libsystemd: Fix patch fuzz
Markus Volk (1):
minidlna: fix obsolete license warning
Martin Jansa (3):
ostree: prevent ostree-native depending on target virtual/kernel to provide kernel-module-overlay
leveldb: switch from master branch to main
tesseract-lang: switch from master branch to main
Michael Opdenacker (1):
devmem2: update SRC_URI according to redirect
Mingli Yu (1):
s-nail: Set VAL_MTA
Nicolas Dechesne (1):
imlib2: update SRC_URI
Peter Marko (1):
libgpiod: move test dependencies to ptest package
Richard Neill (1):
bats: Add patch to fix false-negatives caused by teardown code
Wentao Zhang (1):
protobuf-c: update to 1.4.1 fix CVE-2022-33070
Xu Huan (1):
python3-astroid: upgrade 2.11.2 -> 2.11.3
Yi Zhao (4):
frr: inherit autotools-brokensep instead of autotools
networkmanager: fix parallel build failure
dnsmasq: Security fix CVE-2022-0934
strongswan: upgrade 5.9.5 -> 5.9.6
Yue Tao (2):
exo: upgrade 4.16.3 -> 4.16.4
dlt-daemon: upgrade to commit 6a3bd901d8 to fix CVE-2022-31291
wangmy (5):
php: upgrade 8.1.4 -> 8.1.5
php: upgrade 8.1.5 -> 8.1.6
postgresql: upgrade 14.2 -> 14.3
postgresql: upgrade 14.3 -> 14.4
php: upgrade 8.1.6 -> 8.1.7
meta-security: 93f2146211..c79262a30b:
Anton Antonov (1):
Parsec-service: Update installation procedure
Armin Kuster (5):
fscrypt: add distro_check on pam
aide: Update 01.17.4
tpm2-pkcs11: tpm2-pkcs11 module missing
tpm2-tools: Add missing rdepends
oeqa/cases/tpm2: fix and enhance test suite
Davide Gardenal (1):
sssd: ignore CVE-2018-16838
Jeremy A. Puhlman (5):
aide: Add depend on audit when audit is enabled.
lib-perl: prefix man pages to avoid conflicting with base perl
libmhash: add multilib header
python3-privacyidea: add correct path to lib/privacyidea
clamav: make install owner match the added user name
Jose Quaresma (1):
meta-integrity: kernel-modsign: prevents splitting out debug symbols
poky: d84c73d1ef..e4b5c35fd4:
Ahmed Hossam (1):
insane.bbclass: host-user-contaminated: Correct per package home path
Alejandro Hernandez Samaniego (2):
package.bbclass: Fix base directory for debugsource files when using externalsrc
package.bbclass: Fix kernel source handling when not using externalsrc
Alex Kiernan (1):
pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE
Alexander Kanavin (41):
systemd: upgrade 250.4 -> 250.5
mesa: upgrade 22.0.0 -> 22.0.2
bind: upgrade 9.18.1 -> 9.18.2
cronie: upgrade 1.6.0 -> 1.6.1
epiphany: upgrade 42.0 -> 42.2
ffmpeg: upgrade 5.0 -> 5.0.1
fribidi: upgrade 1.0.11 -> 1.0.12
libinput: upgrade 1.19.3 -> 1.19.4
sqlite3: upgrade 3.38.2 -> 3.38.3
webkitgtk: upgrade 2.36.0 -> 2.36.1
xwayland: upgrade 22.1.0 -> 22.1.1
mmc-utils: upgrade to latest revision
gst-devtools: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2
gstreamer1.0: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2
libcgroup: upgrade 2.0.1 -> 2.0.2
mesa: upgrade 22.0.2 -> 22.0.3
mobile-broadband-provider-info: upgrade 20220315 -> 20220511
sqlite3: upgrade 3.38.3 -> 3.38.5
bash: submit patch upstream
valgrind: submit arm patches upstream
zip/unzip: mark all submittable patches as Inactive-Upstream
python3: use built-in distutils for ptest, rather than setuptools' 'fork'
wireless-regdb: upgrade 2022.04.08 -> 2022.06.06
oeqa/sdk: drop the nativesdk-python 2.x test
at: take tarballs from debian
openssl: update 3.0.4 -> 3.0.5
gstreamer1.0: upgrade 1.20.2 -> 1.20.3
weston: update 10.0.0 -> 10.0.1
glib-2.0: upgrade 2.72.2 -> 2.72.3
glib-networking: upgrade 2.72.0 -> 2.72.1
libsoup: upgrade 3.0.6 -> 3.0.7
waffle: correctly request wayland-scanner executable
Aryaman Gupta (1):
e2fsprogs: update upstream status
Bruce Ashfield (48):
linux-yocto/5.10: update to v5.10.110
linux-yocto/5.10: base: enable kernel crypto userspace API
linux-yocto/5.10: update to v5.10.112
linux-yocto/5.15: arm: poky-tiny cleanup and fixes
linux-yocto/5.15: update to v5.15.33
linux-yocto/5.15: base: enable kernel crypto userspace API
linux-yocto/5.15: kasan: fix BUG: sleeping function called from invalid context
linux-yocto/5.15: fix ppc boot
linux-yocto/5.15: netfilter: conntrack: avoid useless indirection during conntrack destruction
linux-yocto/5.15: update to v5.15.35
linux-yocto/5.15: Fix CVE-2022-28796
linux-yocto: enable powerpc debug fragment
linux-yocto/5.15: fix -standard kernel build issue
linux-yocto/5.15: update to v5.15.36
linux-yocto/5.15: fix qemuarm graphical boot
strace: fix ptest failure in landlock
yocto-bsps: update to v5.15.36
linux-yocto/5.15: update to v5.15.37
linux-yocto/5.10: update to v5.10.113
linux-yocto/5.15: update to v5.15.38
linux-yocto/5.10: update to v5.10.114
linux-yocto/5.15: bpf: explicitly disable unpriv eBPF by default
linux-yocto/5.15: update to v5.15.43
linux-yocto/5.10: update to v5.10.118
linux-yocto/5.15: Enable MDIO bus config
linux-yocto/5.15: cfg/xen: Move x86 configs to separate file
linux-yocto/5.15: update to v5.15.44
linux-yocto/5.10: update to v5.10.119
lttng-modules: fix build against 5.18-rc7+
linux-yocto/5.10: update to v5.10.121
linux-yocto/5.10: update to v5.10.123
linux-yocto/5.10: update to v5.10.128
linux-yocto/5.10: fix build_OID_registry/conmakehash buildpaths warning
linux-yocto/5.10: fix buildpaths issue with gen-mach-types
linux-yocto/5.10: update to v5.10.130
linux-yocto/5.10: fix buildpaths issue with pnmtologo
linux-yocto/5.15: update to v5.15.46
linux-yocto/5.15: update to v5.15.48
linux-yocto/5.15: drop obselete GPIO sysfs ABI
linux-yocto/5.15: update to v5.15.52
linux-yocto/5.15: fix qemuppc buildpaths warning
linux-yocto/5.15: fix build_OID_registry buildpaths warning
linux-yocto/5.15: fix buildpaths issue with gen-mach-types
linux-yocto/5.15: update to v5.15.54
linux-yocto/5.15: fix buildpaths issue with pnmtologo
kernel-devsrc: fix reproducibility and buildpaths QA warning
kernel-devsrc: ppc32: fix reproducibility
perf: fix reproducibility in 5.19+
Chanho Park (2):
cargo_common.bbclass: enable bitbake vendoring for externalsrc
externalsrc.bbclass: support crate fetcher on externalsrc
Chen Qi (1):
go-helloworld: remove unused GO_WORKDIR
Christoph Lauer (1):
package.bbclass: Avoid stripping signed kernel modules in splitdebuginfo
Claudius Heine (2):
overlayfs: add docs about skipping QA check & service dependencies
classes: rootfs-postcommands: add skip option to overlayfs_qa_check
David Bagonyi (1):
sanity.bbclass: Add ftps to accepted URI protocols for mirrors sanity
Davide Gardenal (14):
cve-check: add JSON format to summary output
cve-check: fix symlinks where link and output path are equal
rootfs-postcommands: fix symlinks where link and output path are equal
openssl: minor security upgrade 3.0.2 -> 3.0.3
freetype: backport patch for CVE-2022-27404
freetype: backport patch for CVE-2022-27405
freetype: backport patch for CVE-2022-27406
qemu: backport patch for CVE-2021-4206
qemu: backport patch for CVE-2021-4207
base-passwd: Disable shell for default users
libpcre2: upgrade 10.39 -> 10.40
ncurses: update to patchlevel 20220423
baremetal-image: fix broken symlink in do_rootfs
efivar: add musl libc compatibility
Dmitry Baryshkov (6):
linux-firmware: upgrade 20220411 -> 20220509
image.bbclass: allow overriding dependency on virtual/kernel:do_deploy
linux-firmware: package new Qualcomm firmware
linux-firmware: split ath3k firmware
linux-firmware: add support for building snapshots
linux-firmware: upgrade 20220509 -> 20220610
Ernst Sjöstrand (2):
cve-check: Add helper for symlink handling
cve-check: Only include installed packages for rootfs manifest
Felix Moessbauer (1):
wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions
Gunjan Gupta (1):
bitbake: fetch2/osc: Small fixes for osc fetcher
He Zhe (1):
lttng-modules: Fix build failure for 5.10.119+ and 5.15.44+ kernel
Hitendra Prajapati (1):
pcre2: CVE-2022-1586 Out-of-bounds read
Jack Mitchell (1):
meson.bbclass: add cython binary to cross/native toolchain config
Jeremy Puhlman (1):
gcc: depend on zstd-native
Jiaqing Zhao (8):
libxml2: Upgrade 2.9.13 -> 2.9.14
sed: Specify shell for "nobody" user in run-ptest
strace: Don't run ptest as "nobody"
systemd: Drop 0001-test-parse-argument-Include-signal.h.patch
systemd: Remove __compare_fn_t type in musl-specific patch
systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch
systemd: Correct path returned in sd_path_lookup()
systemd: Correct 0001-pass-correct-parameters-to-getdents64.patch
Joerg Vehlow (1):
libseccomp: Add missing files for ptests
Jon Mason (2):
poky-tiny: enable qemuarmv5/qemuarm64 and cleanups
qemuarmv5: use arm-versatile-926ejs KMACHINE
Jose Quaresma (3):
archiver: use bb.note instead of echo
archiver: don't use machine variables in shared recipes
curl: backport openssl fix CN check error code
Justin Bronder (1):
pulseaudio: conditionally depend on alsa-plugins-pulseaudio-conf
Kai Kang (2):
xxhash: fix build with gcc 12
glibc-tests: not clear BBCLASSEXTEND
Khem Raj (11):
kmod: Enable xz support by default
qemu: Add packageconfig for libbpf support
linux-yocto: Enable powerpc-debug fragment for ppc64 LE
systemd: Fix build regression with latest update
ovmf: Fix native build with gcc-12
gcc: Upgrade to 11.3 release
systemd: Drop redundant musl patches
systemd: Document future actions needed for set of musl patches
systemd: Drop 0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
systemd: Update patch status
libmodule-build-perl: Use env utility to find perl interpreter
Konrad Weihmann (1):
linux-firmware: replace mkdir by install
Lee Chee Yang (1):
ghostscript: fix CVE-2022-2085
Lucas Stach (1):
perf: sort-pmuevents: really keep array terminators
Marcel Ziswiler (1):
alsa-plugins: fix libavtp vs. avtp packageconfig
Markus Volk (2):
mesa.inc: package 00-radv-defaults.conf
python3: Backport patch to fix an issue in subinterpreters
Marta Rybczynska (9):
cve-update-db-native: update the CVE database once a day only
cve-update-db-native: let the user to drive the update interval
cve-check: Fix report generation
cve-check: move update_symlinks to a library
cve-check: write empty fragment files in the text mode
cve-check: fix return type in check_cves
cve-update-db-native: make it possible to disable database updates
cve-check: add support for Ignored CVEs
oeqa/selftest/cve_check: add tests for Ignored and partial reports
Martin Jansa (9):
staging.bbclass: process direct dependencies in deterministic order
insane.bbclass: make sure to close .patch files
makedevs: Don't use COPYING.patch just to add license file into ${S}
patch.py: make sure that patches/series file exists before quilt pop
lttng-modules: fix shell syntax
buildhistory.bbclass: fix shell syntax when using dash
rootfs.py: close kernel_abi_ver_file
mesa: backport a patch to support compositors without zwp_linux_dmabuf_v1 again
wic: fix WicError message
Matt Madison (1):
bitbake: providers: use local variable for packages_dynamic pattern
Maxime Roussin-Bélanger (1):
libffi: fix native build being not portable
Michael Opdenacker (4):
rootfs-postcommands.bbclass: correct comments
manuals: switch to the sstate mirror shared between all versions
docs: BB_HASHSERVE_UPSTREAM: update to new host
ref-manual: variables: remove sphinx directive from literal block
Ming Liu (3):
udev-extraconf: let automount base directory configurable
udev-extraconf: fix some systemd automount issues
udev-extraconf:mount.sh: fix path mismatching issues
Mingli Yu (2):
perl: Fix build with gcc-12
oescripts: change compare logic in OEListPackageconfigTests
Muhammad Hamza (6):
initramfs-framework: move storage mounts to actual rootfs
udev-extraconf/mount.sh: add LABELs to mountpoints
udev-extraconf/mount.sh: save mount name in our tmp filecache
udev-extraconf/mount.sh: only mount devices on hotplug
udev-extraconf: force systemd-udevd to use shared MountFlags
udev-extraconf/mount.sh: ignore lvm in automount
Naveen Saini (1):
pciutils: avoid lspci conflict with busybox
Nick Potenski (1):
systemd: systemd-systemctl: Support instance conf files during enable
Pascal Bach (1):
bin_package: install into base_prefix
Paul Eggleton (4):
devtool: ignore pn- overrides when determining SRC_URI overrides
patch: handle if S points to a subdirectory of a git repo
devtool: finish: handle patching when S points to subdir of a git repo
oe-selftest: devtool: test modify git recipe building from a subdir
Paulo Neves (2):
python: Avoid shebang overflow on python-config.py
gtk-doc: Fix potential shebang overflow on gtkdoc-mkhtml2
Pavel Zhukov (3):
bitbake.conf: Make TCLIBC and TCMODE lazy assigned
systemd: update 0008-add-missing-FTW_-macros-for-musl.patch
harfbuzz: Fix compilation with clang
Peter Bergin (1):
rust: fix issue building cross-canadian tools for aarch64 on x86_64
Peter Kjellerstedt (4):
license_image.bbclass: Make QA errors fail the build
libseccomp: Correct LIC_FILES_CHKSUM
license.bbclass: Bound beginline and endline in copy_license_files()
base.bbclass: Correct the test for obsolete license exceptions
Peter Marko (2):
openssl: extract legacy provider module to a separate package
alsa-state: correct license
Pgowda (1):
binutils : CVE-2019-1010204
Portia (1):
volatile-binds: Change DefaultDependencies from false to no
Raju Kumar Pothuraju (1):
kernel-uboot.bbclass: Use vmlinux.initramfs when INITRAMFS_IMAGE_BUNDLE set
Rasmus Villemoes (1):
e2fsprogs: add alternatives handling of lsattr as well
Richard Purdie (79):
bitbake: tests/parse: Fix one test overwriting another
bitbake: server/process: Drop unused import
bitbake: ui/buildinfohelper: Drop unused import
bitbake: cooker: Drop unused loop
bitbake: msg: Drop unused local variable
bitbake: buildinfohelper: Drop unused function
bitbake: fetch2/crate: Drop unused import
bitbake: siggen: Drop pointless break statement
bitbake: ui/knotty: Drop pointless pass statement
bitbake: persist_data: Use a valid exception for missing implementation
bitbake: runqueue: Drop pointless variable assignment
bitbake: buildinfohelper: Drop unused variables
bitbake: fetch2/osc: Add missing parameter
bitbake: runqueue: Fix sig file location when using multiconfig
bitbake: fetch/git : Use cat as pager
lib/sstatesig: Fix find_siginfo to match sstate filename generation
base: Avoid circular references to our own scripts
scripts: Make git intercept global
scripts/git: Ensure we don't have circular references
package: Ensure we track whether PRSERV was active or not
abi_version/sstate: Bump hashequiv and sstate versions due to git changes
build-appliance-image: Update to kirkstone head revision
vim: Upgrade 8.2.4681 -> 8.2.4912
cairo: Add missing GPLv3 license checksum entry
sanity: Don't warn about make 4.2.1 for mint
bitbake: build: Add clean_stamp API function to allow removal of task stamps
staging: Fix rare sysroot corruption issue
selftest/imagefeatures/overlayfs: Always append to DISTRO_FEATURES
vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
tiff: Add jbig PACKAGECONFIG and clarify CVE-2022-1210
libxslt: Mark CVE-2022-29824 as not applying
cve-extra-exclusions: Add kernel CVEs
cve-check: Allow warnings to be disabled
rust-common: Fix sstate signatures between arm hf and non-hf
rust-common: Drop LLVM_TARGET and simplify
rust-common: Fix native signature dependency issues
lzo: Add further info to a patch and mark as Inactive-Upstream
glib-2.0: upgrade 2.72.1 -> 2.72.2
libxkbcommon: upgrade 1.4.0 -> 1.4.1
gtk+3: upgrade 3.24.33 -> 3.24.34
webkitgtk: upgrade 2.36.1 -> 2.36.3
openssl: Backport fix for ptest cert expiry
gcc-cross-canadian: Add nativesdk-zstd dependency
local.conf.sample: Update sstate url to new 'all' path
sanity: Switch to make 4.0 as a minimum version
perl: Add dependency on make-native to avoid race issues
glibc: Drop make-native dependency
vim: Upgrade 8.2.5034 -> 8.2.5083
uboot-sign: Fix potential index error issues
selftest/multiconfig: Test that multiconfigs in separate layers works
gcc-source: Fix incorrect task dependencies from ${B}
liberror-perl: Update sstate/equiv versions to clean cache
python3: Remove problematic paths from sysroot files
python3: Ensure stale empty python module directories don't break the build
bitbake: server/process: Fix logging issues where only the first message was displayed
build-appliance-image: Update to kirkstone head revision
unzip: Port debian fixes for two CVEs
cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
vim: 8.2.5083 -> 9.0.0005
openssl: Upgrade 3.0.3 -> 3.0.4
coreutils: Tweak packaging variable names for coreutils-dev
oeqa/runtime/scp: Disable scp test for dropbear
packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
oe-selftest-image: Ensure the image has sftp as well as dropbear
qemu: Avoid accidental librdmacm linkage
glibc-tests: Avoid reproducibility issues
qemu: Fix slirp determinism issue
qemu: Add PACKAGECONFIG for brlapi
gperf: Add a patch to work around reproducibility issues
gperf: Switch to upstream patch
udev-extraconf/initrdscripts/parted: Rename mount.blacklist -> mount.ignorelist
insane: Fix buildpaths test to work with special devices
lua: Fix multilib buildpath reproducibility issues
vala: Fix on target wrapper buildpaths issue
gtk-doc: Remove hardcoded buildpath
kernel-arch: Fix buildpaths leaking into external module compiles
gcc-runtime: Fix build when using gold
gcc-runtime: Fix missing MLPREFIX in debug mappings
selftest/runtime_test/virgl: Disable for all almalinux
Robert Joslyn (3):
powerpc: Remove invalid GLIBC_EXTRA_OECONF
curl: Backport CVE fixes
curl: Fix multiple CVEs
Robert Yang (1):
bitbake: fetch2/ssh.py: decode path back for ssh
Roland Hieber (1):
bitbake: cache: correctly handle file names containing colons
Ross Burton (12):
cve-check: no need to depend on the fetch task
oeqa/selftest: add test for git working correctly inside pseudo
Revert "bitbake.conf: mark all directories as safe for git to read"
oeqa/selftest/cve_check: add tests for recipe and image reports
tiff: mark CVE-2022-1622 and CVE-2022-1623 as invalid
cups: ignore CVE-2022-26691
busybox: fix CVE-2022-30065
cve-check: hook cleanup to the BuildCompleted event, not CookerExit
tiff: backport the fix for CVE-2022-2056, CVE-2022-2057, and CVE-2022-2058
vim: upgrade to 9.0.0021
perl: don't install Makefile.old into perl-ptest
pulseaudio: add m4-native to DEPENDS
Sakib Sajal (1):
u-boot: fix CVE-2022-34835
Samuli Piippo (1):
binutils: Bump to latest 2.38 release branch
Sean Anderson (1):
rootfs.py: find .ko.zst kernel modules
Stefan Wiehler (1):
kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task
Steve Sakoman (11):
scripts/contrib/oe-build-perf-report-email.py: remove obsolete check for phantomjs and optipng
poky.conf: bump version for 4.0.1 release
virgl: skip headless test on alma 8.6
python3: fix reproducibility issue with python3-core
go: upgrade 1.17.8 -> 1.17.10
poky.conf: bump version for 4.0.2
openssh: break dependency on base package for -dev package
dropbear: break dependency on base package for -dev package
ruby: add PACKAGECONFIG for capstone
qemu: add PACKAGECONFIG for capstone
qemu: Avoid accidental libvdeplug linkage
Sundeep KOKKONDA (4):
rust-common: Ensure sstate signatures have correct dependencues for do_rust_gen_targets
rust-common: Fix for target definitions returning 'NoneType' for arm
glibc: stable 2.35 branch updates
binutils : stable 2.38 branch updates
Thomas Roos (1):
recipetool/devtool: Fix python egg whitespace issues in PACKAGECONFIG
Tomasz Dziendzielski (1):
bitbake: data: Do not depend on vardepvalueexclude flag
Wentao Zhang (1):
harfbuzz: fix CVE-2022-33068
Xiaobing Luo (1):
devtool: Fix _copy_file() TypeError
Yi Zhao (2):
popt: fix override syntax in RDEPENDS
git: fix override syntax in RDEPENDS
leimaohui (1):
cve-check.bbclass: Added do_populate_sdk[recrdeptask].
wangmy (15):
librepo: upgrade 1.14.2 -> 1.14.3
cups: upgrade 2.4.1 -> 2.4.2
logrotate: upgrade 3.19.0 -> 3.20.1
iso-codes: upgrade 4.9.0 -> 4.10.0
lttng-ust: upgrade 2.13.2 -> 2.13.3
gst-devtools: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-libav: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-omx: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-bad: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-base: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-good: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-ugly: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-python: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-rtsp-server: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-vaapi: upgrade 1.20.2 -> 1.20.3
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Ie30881bf20846b7311381bed443623fce8912406
diff --git a/meta-openembedded/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-openembedded/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb
similarity index 92%
rename from meta-openembedded/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
rename to meta-openembedded/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb
index aa1b4c2..b29716a 100644
--- a/meta-openembedded/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
+++ b/meta-openembedded/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb
@@ -10,8 +10,7 @@
file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \
"
S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}"
-SRC_URI[md5sum] = "90da343e78877d388eb34cefae6799ae"
-SRC_URI[sha256sum] = "55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb"
+SRC_URI[sha256sum] = "0489fbb6972581e1b417ab578d543f6ae522e7fa648c3c9b49c789510fd5eb93"
UPSTREAM_CHECK_URI = "https://www.tuxera.com/community/open-source-ntfs-3g/"
UPSTREAM_CHECK_REGEX = "ntfs-3g_ntfsprogs-(?P<pver>\d+(\.\d+)+)\.tgz"
@@ -50,3 +49,5 @@
# Satisfy the -dev runtime dependency
ALLOW_EMPTY:${PN} = "1"
+
+CVE_PRODUCT = "tuxera:ntfs-3g"
diff --git a/meta-openembedded/meta-gnome/conf/layer.conf b/meta-openembedded/meta-gnome/conf/layer.conf
index 2fb3485..2406f5f 100644
--- a/meta-openembedded/meta-gnome/conf/layer.conf
+++ b/meta-openembedded/meta-gnome/conf/layer.conf
@@ -15,7 +15,7 @@
# cause compatibility issues with other layers
LAYERVERSION_gnome-layer = "1"
-LAYERDEPENDS_gnome-layer = "core openembedded-layer networking-layer"
+LAYERDEPENDS_gnome-layer = "core openembedded-layer networking-layer meta-python"
LAYERSERIES_COMPAT_gnome-layer = "kirkstone"
diff --git a/meta-openembedded/meta-gnome/recipes-gnome/evince/evince_42.2.bb b/meta-openembedded/meta-gnome/recipes-gnome/evince/evince_42.2.bb
index af6d74c..c9e5617 100644
--- a/meta-openembedded/meta-gnome/recipes-gnome/evince/evince_42.2.bb
+++ b/meta-openembedded/meta-gnome/recipes-gnome/evince/evince_42.2.bb
@@ -14,7 +14,7 @@
orc \
adwaita-icon-theme \
libhandy \
- ${@bb.utils.contains('DISTRO_FEATURES','x11','gnome-desktop','',d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES','x11','gnome-desktop','dbus',d)} \
"
GNOMEBASEBUILDCLASS = "meson"
diff --git a/meta-openembedded/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch b/meta-openembedded/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch
index 8fd077c..fda84ac 100644
--- a/meta-openembedded/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch
+++ b/meta-openembedded/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch
@@ -1,6 +1,6 @@
---- a/cmake/modules/GObjectIntrospection.cmake 2022-03-06 18:10:47.724184883 +0100
-+++ b/cmake/modules/GObjectIntrospection.cmake 2022-03-06 18:10:12.560450948 +0100
-@@ -122,9 +122,7 @@
+--- a/cmake/modules/GObjectIntrospection.cmake
++++ b/cmake/modules/GObjectIntrospection.cmake
+@@ -122,9 +122,7 @@ macro(gir_add_introspection gir)
file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/${_gir_name}_files "${_gir_files}")
add_custom_command(
@@ -11,3 +11,11 @@
${INTROSPECTION_SCANNER_ARGS}
--namespace=${_gir_namespace}
--nsversion=${_gir_version}
+@@ -240,7 +238,6 @@ macro(gir_add_introspection_simple gir_l
+ ${_gir_identifies_prefixes}
+ ${_gir_deps}
+ --add-include-path=${SHARE_INSTALL_PREFIX}/gir-1.0
+- --library-path=${LIB_INSTALL_DIR}
+ ${_extra_library_path}
+ --pkg-export ${pkg_export_prefix}-${gir_library_version}
+ --c-include=${c_include}
diff --git a/meta-openembedded/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb b/meta-openembedded/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb
index ec728d7..9784f04 100644
--- a/meta-openembedded/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb
+++ b/meta-openembedded/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb
@@ -10,7 +10,9 @@
SRCREV = "13df0b887a7eb7b0f9b14069561a41f62e813155"
S = "${WORKDIR}/git"
-inherit meson gtk-doc gobject-introspection
+inherit meson gtk-doc gobject-introspection features_check
+
+ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
DEPENDS += "glib-2.0 glib-2.0-native gtk+3"
diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb
index 7136260..0b9f3f7 100644
--- a/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb
+++ b/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb
@@ -64,10 +64,10 @@
FILES:${PN}-dev = "${includedir} ${libdir}/pkgconfig"
FILES:${PN}-dev += " ${libdir}/libcamera.so"
-FILES:${PN}-dev += " ${libdir}/libcamera.so.0"
+FILES:${PN} += " ${libdir}/libcamera.so.0"
FILES:${PN} += " ${libdir}/libcamera.so.0.0.0"
FILES:${PN}-dev += " ${libdir}/libcamera-base.so"
-FILES:${PN}-dev += " ${libdir}/libcamera-base.so.0"
+FILES:${PN} += " ${libdir}/libcamera-base.so.0"
FILES:${PN} += " ${libdir}/libcamera-base.so.0.0.0"
FILES:${PN} += " ${libdir}/v4l2-compat.so"
FILES:${PN}-gst = "${libdir}/gstreamer-1.0/libgstlibcamera.so"
diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb
index ac0165a..76f5119 100644
--- a/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb
+++ b/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb
@@ -7,7 +7,7 @@
LICENSE = "MIT & \
PD & \
CMU-Tex & \
- BSD & \
+ rateconv & \
BSD-2-Clause & \
BSD-3-Clause & \
flite & \
diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc b/meta-openembedded/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc
index b913a83..4959a3c 100644
--- a/meta-openembedded/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc
+++ b/meta-openembedded/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc
@@ -1,6 +1,6 @@
DESCRIPTION = "MiniDLNA (aka ReadyDLNA) is server software with the aim of \
being fully compliant with DLNA/UPnP-AV clients."
-LICENSE = "GPL-2.0|BSD-3-Clause"
+LICENSE = "GPL-2.0-only|BSD-3-Clause"
DEPENDS = "ffmpeg flac libav jpeg sqlite3 libexif libogg libid3tag libvorbis"
# because it depends on libav which has commercial flag
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
index da7e604..d6477e3 100644
--- a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
+++ b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
@@ -34,8 +34,15 @@
file://check-openssl-cmds-in-script-bootstrap.patch \
"
+raddbdir="${sysconfdir}/${MLPREFIX}raddb"
+
SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a"
+CVE_CHECK_IGNORE = "\
+ CVE-2002-0318 \
+ CVE-2011-4966 \
+"
+
PARALLEL_MAKE = ""
S = "${WORKDIR}/git"
@@ -48,6 +55,7 @@
--with-docdir=${docdir}/freeradius-${PV} \
--with-openssl-includes=${STAGING_INCDIR} \
--with-openssl-libraries=${STAGING_LIBDIR} \
+ --with-raddbdir=${raddbdir} \
--without-rlm_ippool \
--without-rlm_cache_memcached \
--without-rlm_counter \
@@ -98,7 +106,9 @@
PACKAGECONFIG[rlm-eap-fast] = "--with-rlm_eap_fast, --without-rlm_eap_fast"
PACKAGECONFIG[rlm-eap-pwd] = "--with-rlm_eap_pwd, --without-rlm_eap_pwd"
-inherit useradd autotools-brokensep update-rc.d systemd
+inherit useradd autotools-brokensep update-rc.d systemd multilib_script multilib_header
+
+MULTILIB_SCRIPTS = "${PN}:${sbindir}/checkrad"
# This is not a cpan or python based package, but it needs some definitions
# from cpan-base and python3-dir bbclasses for building rlm_perl and rlm_python
@@ -141,7 +151,7 @@
oe_runmake install R=${D} INSTALLSTRIP=""
# remove unsupported config files
- rm -f ${D}/${sysconfdir}/raddb/experimental.conf
+ rm -f ${D}/${raddbdir}/experimental.conf
# remove scripts that required Perl(DBI)
rm -rf ${D}/${bindir}/radsqlrelay
@@ -153,7 +163,7 @@
rm -rf ${D}/${localstatedir}/log/
install -m 0644 ${WORKDIR}/volatiles.58_radiusd ${D}${sysconfdir}/default/volatiles/58_radiusd
- chown -R radiusd:radiusd ${D}/${sysconfdir}/raddb/
+ chown -R radiusd:radiusd ${D}/${raddbdir}
chown -R radiusd:radiusd ${D}/${localstatedir}/lib/radiusd
# For systemd
@@ -169,6 +179,9 @@
install -d ${D}${sysconfdir}/tmpfiles.d/
install -m 0644 ${WORKDIR}/radiusd-volatiles.conf ${D}${sysconfdir}/tmpfiles.d/radiusd.conf
fi
+ oe_multilib_header freeradius/autoconf.h
+ oe_multilib_header freeradius/missing.h
+ oe_multilib_header freeradius/radpaths.h
}
# This is only needed when we install/update on a running target.
@@ -183,7 +196,7 @@
fi
# Fix ownership for /etc/raddb/*, /var/lib/radiusd
- chown -R radiusd:radiusd ${sysconfdir}/raddb
+ chown -R radiusd:radiusd ${raddbdir}
chown -R radiusd:radiusd ${localstatedir}/lib/radiusd
fi
}
@@ -204,30 +217,30 @@
FILES:${PN}-utils = "${bindir}/*"
FILES:${PN}-ldap = "${libdir}/rlm_ldap.so* \
- ${sysconfdir}/raddb/mods-available/ldap \
+ ${raddbdir}/mods-available/ldap \
"
FILES:${PN}-krb5 = "${libdir}/rlm_krb5.so* \
- ${sysconfdir}/raddb/mods-available/krb5 \
+ ${raddbdir}/mods-available/krb5 \
"
FILES:${PN}-perl = "${libdir}/rlm_perl.so* \
- ${sysconfdir}/raddb/mods-config/perl \
- ${sysconfdir}/raddb/mods-available/perl \
+ ${raddbdir}/mods-config/perl \
+ ${raddbdir}/mods-available/perl \
"
FILES:${PN}-python = "${libdir}/rlm_python3.so* \
- ${sysconfdir}/raddb/mods-config/python3 \
- ${sysconfdir}/raddb/mods-available/python3 \
+ ${raddbdir}/mods-config/python3 \
+ ${raddbdir}/mods-available/python3 \
"
FILES:${PN}-mysql = "${libdir}/rlm_sql_mysql.so* \
- ${sysconfdir}/raddb/mods-config/sql/*/mysql \
- ${sysconfdir}/raddb/mods-available/sql \
+ ${raddbdir}/mods-config/sql/*/mysql \
+ ${raddbdir}/mods-available/sql \
"
FILES:${PN}-postgresql = "${libdir}/rlm_sql_postgresql.so* \
- ${sysconfdir}/raddb/mods-config/sql/*/postgresql \
+ ${raddbdir}/mods-config/sql/*/postgresql \
"
FILES:${PN}-unixodbc = "${libdir}/rlm_sql_unixodbc.so*"
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-libnm-client-test-add-dependency-libnm_client_public.patch b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-libnm-client-test-add-dependency-libnm_client_public.patch
new file mode 100644
index 0000000..6be2d4b
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-libnm-client-test-add-dependency-libnm_client_public.patch
@@ -0,0 +1,34 @@
+From 7b5dc04e1fcc28dc653fb7bf0e9dda3700d93218 Mon Sep 17 00:00:00 2001
+From: Yi Zhao <yi.zhao@windriver.com>
+Date: Tue, 3 May 2022 15:30:37 +0800
+Subject: [PATCH] libnm-client-test: add dependency libnm_client_public_dep
+
+Fix parallel build error:
+| In file included from ../NetworkManager-1.36.0/src/libnm-client-test/nm-test-utils-impl.c:10:
+| ../NetworkManager-1.36.0/src/libnm-client-public/NetworkManager.h:47:10: fatal error: nm-enum-types.h: No such file or directory
+| 47 | #include "nm-enum-types.h"
+| | ^~~~~~~~~~~~~~~~~
+
+Upstream-Status: Submitted
+[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1206]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ src/libnm-client-test/meson.build | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/libnm-client-test/meson.build b/src/libnm-client-test/meson.build
+index 8e2fba1130..bcac437702 100644
+--- a/src/libnm-client-test/meson.build
++++ b/src/libnm-client-test/meson.build
+@@ -13,6 +13,7 @@ libnm_client_test = static_library(
+ ],
+ dependencies: [
+ libnm_core_public_dep,
++ libnm_client_public_dep,
+ glib_dep,
+ ],
+ )
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb
index b09ff18..e3b1296 100644
--- a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb
+++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb
@@ -29,6 +29,7 @@
file://enable-dhcpcd.conf \
file://enable-iwd.conf \
file://0001-do-not-ask-host-for-ifcfg-defaults.patch \
+ file://0001-libnm-client-test-add-dependency-libnm_client_public.patch \
"
SRC_URI[sha256sum] = "ab855cbe3b41832e9a3b003810e7c7313dfe19e630d29806d14d87fdd1470cab"
@@ -82,7 +83,7 @@
# consolekit is not picked by shlibs, so add it to RDEPENDS too
PACKAGECONFIG[consolekit] = "-Dsession_tracking_consolekit=true,-Dsession_tracking_consolekit=false,consolekit,consolekit"
PACKAGECONFIG[modemmanager] = "-Dmodem_manager=true,-Dmodem_manager=false,modemmanager mobile-broadband-provider-info"
-PACKAGECONFIG[ppp] = "-Dppp=true,-Dppp=false,ppp,ppp"
+PACKAGECONFIG[ppp] = "-Dppp=true -Dpppd=/usr/sbin/pppd,-Dppp=false,ppp,ppp"
PACKAGECONFIG[dnsmasq] = "-Ddnsmasq=${bindir}/dnsmasq"
PACKAGECONFIG[nss] = "-Dcrypto=nss,,nss"
PACKAGECONFIG[resolvconf] = "-Dresolvconf=${base_sbindir}/resolvconf,-Dresolvconf=no,,resolvconf"
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb
index 6dca784..b6a768e 100644
--- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb
+++ b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb
@@ -63,7 +63,7 @@
FILES:${PN} += " \
${sbindir}/* \
${datadir}/ufw/* \
- /lib/ufw/* \
+ ${nonarch_base_libdir}/ufw/* \
${sysconfdir}/ufw/* \
${sysconfdir}/default/ufw \
"
diff --git a/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch b/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch
new file mode 100644
index 0000000..3d67f47
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch
@@ -0,0 +1,27 @@
+From 078f98ea154475d953ce5b7cd851732f4dc270a7 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Tue, 5 Jul 2022 09:31:07 +0530
+Subject: [PATCH] CVE-2022-24407
+
+Upstream-Status: Backport [https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc]
+CVE: CVE-2022-24407
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ plugins/sql.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/plugins/sql.c b/plugins/sql.c
+index 6ac81c2f..d90dbac9 100644
+--- a/plugins/sql.c
++++ b/plugins/sql.c
+@@ -1127,6 +1127,7 @@ static int sql_auxprop_lookup(void *glob_context,
+ done:
+ if (escap_userid) sparams->utils->free(escap_userid);
+ if (escap_realm) sparams->utils->free(escap_realm);
++ if (escap_passwd) sparams->utils->free(escap_passwd);
+ if (conn) settings->sql_engine->sql_close(conn);
+ if (userid) sparams->utils->free(userid);
+ if (realm) sparams->utils->free(realm);
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb b/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb
index 98899df..e344733 100644
--- a/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb
+++ b/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb
@@ -14,6 +14,7 @@
file://saslauthd.service \
file://saslauthd.conf \
file://CVE-2019-19906.patch \
+ file://CVE-2022-24407.patch \
"
UPSTREAM_CHECK_URI = "https://github.com/cyrusimap/cyrus-sasl/archives"
diff --git a/meta-openembedded/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb b/meta-openembedded/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb
index de6a72e..8f57e82 100644
--- a/meta-openembedded/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb
+++ b/meta-openembedded/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb
@@ -32,3 +32,9 @@
sed -i 's!/var/!${localstatedir}/!g' ${D}/${sysconfdir}/init.d/conntrack-failover ${D}/${sysconfdir}/init.d/conntrackd ${D}/${sysconfdir}/conntrackd/conntrackd.conf.sample
sed -i 's!^export PATH=.*!export PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}/${sysconfdir}/init.d/conntrackd
}
+
+# fix error message: Do not forget that you need *root* or CAP_NET_ADMIN capabilities ;-)
+pkg_postinst:${PN} () {
+ setcap cap_net_admin+ep "$D/${sbindir}/conntrack"
+}
+PACKAGE_WRITE_DEPS += "libcap-native"
diff --git a/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb
index 91e306f..ceb9410 100644
--- a/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb
+++ b/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb
@@ -26,7 +26,7 @@
# Error: PC-relative reference to a different section
COMPATIBLE_HOST:mips64 = "null"
-inherit autotools python3native pkgconfig useradd systemd
+inherit autotools-brokensep python3native pkgconfig useradd systemd
DEPENDS:class-native = "bison-native elfutils-native"
DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native"
@@ -63,6 +63,8 @@
--with-clippy=${RECIPE_SYSROOT_NATIVE}/usr/lib/clippy \
"
+CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'"
+
LDFLAGS:append:mips = " -latomic"
LDFLAGS:append:mipsel = " -latomic"
LDFLAGS:append:powerpc = " -latomic"
@@ -77,7 +79,7 @@
do_install:class-native () {
install -d ${D}${libdir}
- install -m 755 ${WORKDIR}/build/lib/clippy ${D}${libdir}/clippy
+ install -m 755 ${S}/lib/clippy ${D}${libdir}/clippy
}
do_install:append:class-target () {
diff --git a/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc b/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc
index 15eb65a..aaad0e0 100644
--- a/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc
+++ b/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc
@@ -13,6 +13,11 @@
SRC_URI = "git://gitosis.stanford.edu/openflow.git;protocol=git;branch=master"
+CVE_CHECK_IGNORE = "\
+ CVE-2015-1611 \
+ CVE-2015-1612 \
+"
+
DEPENDS = "virtual/libc"
PACKAGECONFIG ??= ""
@@ -53,3 +58,7 @@
}
FILES:${PN} += "${nonarch_libdir}/tmpfiles.d"
+
+# This CVE is not for this product but cve-check assumes it is
+# because two CPE collides when checking the NVD database
+CVE_CHECK_IGNORE = "CVE-2018-1078"
diff --git a/meta-openembedded/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb b/meta-openembedded/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb
index a7697a1..984264a 100644
--- a/meta-openembedded/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb
+++ b/meta-openembedded/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb
@@ -2,3 +2,7 @@
SRC_URI[md5sum] = "eced21b054d71c9e1b7c6ac43286a166"
SRC_URI[sha256sum] = "e364c082c3309910e1eb7b068bf39ee298e2f2f3f31a6431a5c115193bd653d3"
+
+CVE_CHECK_IGNORE += "\
+ CVE-2016-4049 \
+"
diff --git a/meta-openembedded/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb b/meta-openembedded/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb
index 4f8e4d4..dcfa740 100644
--- a/meta-openembedded/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb
+++ b/meta-openembedded/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb
@@ -23,3 +23,5 @@
PACKAGECONFIG[inet6] = "--enable-inet6,--disable-inet6,"
EXTRA_OECONF += "--disable-debug"
+
+CVE_VERSION = "0.9.3.0"
diff --git a/meta-openembedded/meta-networking/recipes-support/chrony/chrony_4.2.bb b/meta-openembedded/meta-networking/recipes-support/chrony/chrony_4.2.bb
index 57dd635..8ce9e1d 100644
--- a/meta-openembedded/meta-networking/recipes-support/chrony/chrony_4.2.bb
+++ b/meta-openembedded/meta-networking/recipes-support/chrony/chrony_4.2.bb
@@ -126,6 +126,10 @@
${D}${systemd_unitdir}/system/chronyd.service
sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${sysconfdir}/init.d/chronyd
sed -i 's!^EnvironmentFile=.*!EnvironmentFile=-${sysconfdir}/default/chronyd!' ${D}${systemd_unitdir}/system/chronyd.service
+
+ install -d ${D}${sysconfdir}/tmpfiles.d
+ echo "d /var/lib/chrony 0755 root root -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf
+
}
FILES:${PN} = "${sbindir}/chronyd ${sysconfdir} ${localstatedir}/lib/chrony ${localstatedir}"
diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch
new file mode 100644
index 0000000..6bd734d
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch
@@ -0,0 +1,191 @@
+From 3cdecc159e0f417a2f8d43d99632af26beea630f Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 31 Mar 2022 21:35:20 +0100
+Subject: [PATCH] Fix write-after-free error in DHCPv6 code. CVE-2022-0934
+ refers.
+
+CVE: CVE-2022-0934
+
+Upstream-Status: Backport
+[https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=03345ecefe]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ CHANGELOG | 3 +++
+ src/rfc3315.c | 48 +++++++++++++++++++++++++++---------------------
+ 2 files changed, 30 insertions(+), 21 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 5e54df9..a28da2a 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -1,4 +1,7 @@
+ version 2.86
++ Fix write-after-free error in DHCPv6 server code.
++ CVE-2022-0934 refers.
++
+ Handle DHCPREBIND requests in the DHCPv6 server code.
+ Thanks to Aichun Li for spotting this omission, and the initial
+ patch.
+diff --git a/src/rfc3315.c b/src/rfc3315.c
+index 5c2ff97..6ecfeeb 100644
+--- a/src/rfc3315.c
++++ b/src/rfc3315.c
+@@ -33,9 +33,9 @@ struct state {
+ unsigned int mac_len, mac_type;
+ };
+
+-static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
++static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz,
+ struct in6_addr *client_addr, int is_unicast, time_t now);
+-static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now);
++static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now);
+ static void log6_opts(int nest, unsigned int xid, void *start_opts, void *end_opts);
+ static void log6_packet(struct state *state, char *type, struct in6_addr *addr, char *string);
+ static void log6_quiet(struct state *state, char *type, struct in6_addr *addr, char *string);
+@@ -104,12 +104,12 @@ unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *if
+ }
+
+ /* This cost me blood to write, it will probably cost you blood to understand - srk. */
+-static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
++static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz,
+ struct in6_addr *client_addr, int is_unicast, time_t now)
+ {
+ void *end = inbuff + sz;
+ void *opts = inbuff + 34;
+- int msg_type = *((unsigned char *)inbuff);
++ int msg_type = *inbuff;
+ unsigned char *outmsgtypep;
+ void *opt;
+ struct dhcp_vendor *vendor;
+@@ -259,15 +259,15 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
+ return 1;
+ }
+
+-static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now)
++static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now)
+ {
+ void *opt;
+- int i, o, o1, start_opts;
++ int i, o, o1, start_opts, start_msg;
+ struct dhcp_opt *opt_cfg;
+ struct dhcp_netid *tagif;
+ struct dhcp_config *config = NULL;
+ struct dhcp_netid known_id, iface_id, v6_id;
+- unsigned char *outmsgtypep;
++ unsigned char outmsgtype;
+ struct dhcp_vendor *vendor;
+ struct dhcp_context *context_tmp;
+ struct dhcp_mac *mac_opt;
+@@ -296,12 +296,13 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ v6_id.next = state->tags;
+ state->tags = &v6_id;
+
+- /* copy over transaction-id, and save pointer to message type */
+- if (!(outmsgtypep = put_opt6(inbuff, 4)))
++ start_msg = save_counter(-1);
++ /* copy over transaction-id */
++ if (!put_opt6(inbuff, 4))
+ return 0;
+ start_opts = save_counter(-1);
+- state->xid = outmsgtypep[3] | outmsgtypep[2] << 8 | outmsgtypep[1] << 16;
+-
++ state->xid = inbuff[3] | inbuff[2] << 8 | inbuff[1] << 16;
++
+ /* We're going to be linking tags from all context we use.
+ mark them as unused so we don't link one twice and break the list */
+ for (context_tmp = state->context; context_tmp; context_tmp = context_tmp->current)
+@@ -347,7 +348,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ (msg_type == DHCP6REQUEST || msg_type == DHCP6RENEW || msg_type == DHCP6RELEASE || msg_type == DHCP6DECLINE))
+
+ {
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+ o1 = new_opt6(OPTION6_STATUS_CODE);
+ put_opt6_short(DHCP6USEMULTI);
+ put_opt6_string("Use multicast");
+@@ -619,11 +620,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ struct dhcp_netid *solicit_tags;
+ struct dhcp_context *c;
+
+- *outmsgtypep = DHCP6ADVERTISE;
++ outmsgtype = DHCP6ADVERTISE;
+
+ if (opt6_find(state->packet_options, state->end, OPTION6_RAPID_COMMIT, 0))
+ {
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+ state->lease_allocate = 1;
+ o = new_opt6(OPTION6_RAPID_COMMIT);
+ end_opt6(o);
+@@ -809,7 +810,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ int start = save_counter(-1);
+
+ /* set reply message type */
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+ state->lease_allocate = 1;
+
+ log6_quiet(state, "DHCPREQUEST", NULL, ignore ? _("ignored") : NULL);
+@@ -924,7 +925,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ int address_assigned = 0;
+
+ /* set reply message type */
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+
+ log6_quiet(state, msg_type == DHCP6RENEW ? "DHCPRENEW" : "DHCPREBIND", NULL, NULL);
+
+@@ -1057,7 +1058,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ int good_addr = 0;
+
+ /* set reply message type */
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+
+ log6_quiet(state, "DHCPCONFIRM", NULL, NULL);
+
+@@ -1121,7 +1122,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ log6_quiet(state, "DHCPINFORMATION-REQUEST", NULL, ignore ? _("ignored") : state->hostname);
+ if (ignore)
+ return 0;
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+ tagif = add_options(state, 1);
+ break;
+ }
+@@ -1130,7 +1131,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ case DHCP6RELEASE:
+ {
+ /* set reply message type */
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+
+ log6_quiet(state, "DHCPRELEASE", NULL, NULL);
+
+@@ -1195,7 +1196,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ case DHCP6DECLINE:
+ {
+ /* set reply message type */
+- *outmsgtypep = DHCP6REPLY;
++ outmsgtype = DHCP6REPLY;
+
+ log6_quiet(state, "DHCPDECLINE", NULL, NULL);
+
+@@ -1275,7 +1276,12 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ }
+
+ }
+-
++
++ /* Fill in the message type. Note that we store the offset,
++ not a direct pointer, since the packet memory may have been
++ reallocated. */
++ ((unsigned char *)(daemon->outpacket.iov_base))[start_msg] = outmsgtype;
++
+ log_tags(tagif, state->xid);
+ log6_opts(0, state->xid, daemon->outpacket.iov_base + start_opts, daemon->outpacket.iov_base + save_counter(-1));
+
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb
index 31ca51e..0f7880c 100644
--- a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb
+++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb
@@ -3,5 +3,6 @@
SRC_URI[dnsmasq-2.86.sha256sum] = "ef15f608a83ee2b1d1d2c1f11d089a7e0ac401ffb0991de73fc01ce5f290e512"
SRC_URI += "\
file://lua.patch \
+ file://CVE-2022-0934.patch \
"
diff --git a/meta-openembedded/meta-networking/recipes-support/netperf/files/netserver_permissions.patch b/meta-openembedded/meta-networking/recipes-support/netperf/files/netserver_permissions.patch
new file mode 100644
index 0000000..5531636
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/netperf/files/netserver_permissions.patch
@@ -0,0 +1,29 @@
+From 78c9ae7d9a6735575bc72dd28a19b2bc3a251981 Mon Sep 17 00:00:00 2001
+From: Andrew Elble <aweits@rit.edu>
+Date: Mon, 8 Oct 2018 14:31:20 -0400
+Subject: [PATCH] netserver: don't change permissions on /dev/null
+
+the (now default) suppress_debug=1 changes permissions on /dev/null
+to 0644. Don't do this.
+
+Upstream-Status: Pending [https://github.com/HewlettPackard/netperf/pull/27/commits/78c9ae7d9a6735575bc72dd28a19b2bc3a251981]
+Signed-off-by: Ashish Sharma <asharma@mvista.com>
+
+---
+ src/netserver.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/netserver.c b/src/netserver.c
+index 00c8d23..86a1c45 100644
+--- a/src/netserver.c
++++ b/src/netserver.c
+@@ -278,7 +278,8 @@ open_debug_file()
+
+ #if !defined(WIN32)
+
+- chmod(FileName,0644);
++ if (!suppress_debug)
++ chmod(FileName,0644);
+
+ /* redirect stdin to "/dev/null" */
+ rd_null_fp = fopen(NETPERF_NULL,"r");
diff --git a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb
index 62ba966..06b2edd 100644
--- a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb
+++ b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb
@@ -14,6 +14,7 @@
file://netserver.service \
file://0001-netlib.c-Move-including-sched.h-out-og-function.patch \
file://0001-nettest_omni-Remove-duplicate-variable-definitions.patch \
+ file://netserver_permissions.patch \
"
SRCREV = "3bc455b23f901dae377ca0a558e1e32aa56b31c4"
diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb
index fe2bd07..a30f720 100644
--- a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb
+++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb
@@ -29,7 +29,31 @@
SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19"
# CVE-2016-9312 is only for windows.
-CVE_CHECK_IGNORE += "CVE-2016-9312"
+# The other CVEs are not correctly identified because cve-check
+# is not able to check the version correctly (it only checks for 4.2.8 omitting p15 that makes the difference)
+CVE_CHECK_IGNORE += "\
+ CVE-2016-9312 \
+ CVE-2015-5146 \
+ CVE-2015-5300 \
+ CVE-2015-7975 \
+ CVE-2015-7976 \
+ CVE-2015-7977 \
+ CVE-2015-7978 \
+ CVE-2015-7979 \
+ CVE-2015-8138 \
+ CVE-2015-8139 \
+ CVE-2015-8140 \
+ CVE-2015-8158 \
+ CVE-2016-1547 \
+ CVE-2016-2516 \
+ CVE-2016-2517 \
+ CVE-2016-2519 \
+ CVE-2016-7429 \
+ CVE-2016-7433 \
+ CVE-2016-9310 \
+ CVE-2016-9311 \
+"
+
inherit autotools update-rc.d useradd systemd pkgconfig
diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb
index d9083bc..1887a55 100644
--- a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb
+++ b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb
@@ -30,6 +30,12 @@
S = "${WORKDIR}/git"
+CVE_CHECK_IGNORE += "\
+ CVE-2016-0749 \
+ CVE-2016-2150 \
+ CVE-2018-10893 \
+"
+
inherit autotools gettext python3native python3-dir pkgconfig
DEPENDS += "spice-protocol jpeg pixman alsa-lib glib-2.0 python3-pyparsing-native python3-six-native glib-2.0-native"
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-enum-Fix-compiler-warning.patch b/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-enum-Fix-compiler-warning.patch
new file mode 100644
index 0000000..e730fe1
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-enum-Fix-compiler-warning.patch
@@ -0,0 +1,31 @@
+From d23c0ea81e630af3cfda89aeeb52146c0c84c960 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias@strongswan.org>
+Date: Mon, 2 May 2022 09:31:49 +0200
+Subject: [PATCH] enum: Fix compiler warning
+
+Closes strongswan/strongswan#1025
+
+Upstream-Status: Backport
+[https://github.com/strongswan/strongswan/commit/d23c0ea81e630af3cfda89aeeb52146c0c84c960]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ src/libstrongswan/utils/enum.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libstrongswan/utils/enum.c b/src/libstrongswan/utils/enum.c
+index 79da450f0c..1e77489f6f 100644
+--- a/src/libstrongswan/utils/enum.c
++++ b/src/libstrongswan/utils/enum.c
+@@ -97,7 +97,7 @@ char *enum_flags_to_string(enum_name_t *e, u_int val, char *buf, size_t len)
+ return buf;
+ }
+
+- if (snprintf(buf, len, e->names[0]) >= len)
++ if (snprintf(buf, len, "%s", e->names[0]) >= len)
+ {
+ return NULL;
+ }
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch b/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch
deleted file mode 100644
index 7da48cd..0000000
--- a/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-From 3eecd40cec6415fc033f8d9141ab652047e71524 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Wed, 23 Feb 2022 17:29:02 +0100
-Subject: [PATCH] openssl: Don't unload providers
-
-There is a conflict between atexit() handlers registered by OpenSSL and
-some executables (e.g. swanctl or pki) to deinitialize libstrongswan.
-Because plugins are usually loaded after atexit() has been called, the
-handler registered by OpenSSL will run before our handler. So when the
-latter destroys the plugins it's a bad idea to try to access any OpenSSL
-objects as they might already be invalid.
-
-Fixes: f556fce16b60 ("openssl: Load "legacy" provider in OpenSSL 3 for algorithms like MD4, DES etc.")
-Closes strongswan/strongswan#921
-
-Upstream-Status: Backport
-[https://github.com/strongswan/strongswan/commit/3eecd40cec6415fc033f8d9141ab652047e71524]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- .../plugins/openssl/openssl_plugin.c | 27 +++----------------
- 1 file changed, 3 insertions(+), 24 deletions(-)
-
-diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
-index 6b4923649..1491d5cf8 100644
---- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
-+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
-@@ -16,7 +16,6 @@
-
- #include <library.h>
- #include <utils/debug.h>
--#include <collections/array.h>
- #include <threading/thread.h>
- #include <threading/mutex.h>
- #include <threading/thread_value.h>
-@@ -74,13 +73,6 @@ struct private_openssl_plugin_t {
- * public functions
- */
- openssl_plugin_t public;
--
--#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-- /**
-- * Loaded providers
-- */
-- array_t *providers;
--#endif
- };
-
- /**
-@@ -887,15 +879,6 @@ METHOD(plugin_t, get_features, int,
- METHOD(plugin_t, destroy, void,
- private_openssl_plugin_t *this)
- {
--#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-- OSSL_PROVIDER *provider;
-- while (array_remove(this->providers, ARRAY_TAIL, &provider))
-- {
-- OSSL_PROVIDER_unload(provider);
-- }
-- array_destroy(this->providers);
--#endif /* OPENSSL_VERSION_NUMBER */
--
- /* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we
- * can't call it as we couldn't re-initialize the library (as required by the
- * unit tests and the Android app) */
-@@ -1009,20 +992,16 @@ plugin_t *openssl_plugin_create()
- DBG1(DBG_LIB, "unable to load OpenSSL FIPS provider");
- return NULL;
- }
-- array_insert_create(&this->providers, ARRAY_TAIL, fips);
- /* explicitly load the base provider containing encoding functions */
-- array_insert_create(&this->providers, ARRAY_TAIL,
-- OSSL_PROVIDER_load(NULL, "base"));
-+ OSSL_PROVIDER_load(NULL, "base");
- }
- else if (lib->settings->get_bool(lib->settings, "%s.plugins.openssl.load_legacy",
- TRUE, lib->ns))
- {
- /* load the legacy provider for algorithms like MD4, DES, BF etc. */
-- array_insert_create(&this->providers, ARRAY_TAIL,
-- OSSL_PROVIDER_load(NULL, "legacy"));
-+ OSSL_PROVIDER_load(NULL, "legacy");
- /* explicitly load the default provider, as mentioned by crypto(7) */
-- array_insert_create(&this->providers, ARRAY_TAIL,
-- OSSL_PROVIDER_load(NULL, "default"));
-+ OSSL_PROVIDER_load(NULL, "default");
- }
- ossl_provider_names_t data = {};
- OSSL_PROVIDER_do_all(NULL, concat_ossl_providers, &data);
---
-2.25.1
-
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb
similarity index 97%
rename from meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb
rename to meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb
index cfb7b41..1b82dce 100644
--- a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb
+++ b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb
@@ -9,10 +9,10 @@
DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', '', d)}"
SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \
- file://0001-openssl-Don-t-unload-providers.patch \
+ file://0001-enum-Fix-compiler-warning.patch \
"
-SRC_URI[sha256sum] = "983e4ef4a4c6c9d69f5fe6707c7fe0b2b9a9291943bbf4e008faab6bf91c0bdd"
+SRC_URI[sha256sum] = "91d0978ac448912759b85452d8ff0d578aafd4507aaf4f1c1719f9d0c7318ab7"
UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb
similarity index 96%
rename from meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb
rename to meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb
index f1dba22..38fdbce 100644
--- a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb
+++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb
@@ -19,7 +19,7 @@
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
-SRC_URI[sha256sum] = "a0e227bce2cc3a51ef3301891a0243231990b52a39b68a84a6e32f69c4e75279"
+SRC_URI[sha256sum] = "881a13303e263b7dc7fe337534c8a541d4914552287879bed30bbe76c5bf68ca"
PE = "1"
diff --git a/meta-openembedded/meta-oe/licenses/rateconv b/meta-openembedded/meta-oe/licenses/rateconv
new file mode 100644
index 0000000..a0f5683
--- /dev/null
+++ b/meta-openembedded/meta-oe/licenses/rateconv
@@ -0,0 +1,27 @@
+Authors: Markus Mummert
+
+Copyright (c) 1992, 1995 by Markus Mummert
+
+License:
+ Redistribution and use of this software, modifcation and inclusion
+ into other forms of software are permitted provided that the following
+ conditions are met:
+
+ 1. Redistributions of this software must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. If this software is redistributed in a modified condition
+ it must reveal clearly that it has been modified.
+
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS''
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
+ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ DAMAGE.
+
diff --git a/meta-openembedded/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb b/meta-openembedded/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb
index 4a520e3..86e5fef 100644
--- a/meta-openembedded/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb
+++ b/meta-openembedded/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb
@@ -19,3 +19,5 @@
PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)}"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
+
+CVE_PRODUCT = "iperf_project:iperf"
diff --git a/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb b/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb
index a6af23a..2142a8e 100644
--- a/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb
+++ b/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb
@@ -30,3 +30,5 @@
PACKAGECONFIG[openssl] = "--with-openssl=${RECIPE_SYSROOT}${prefix},--without-openssl,openssl"
CFLAGS += "-D_GNU_SOURCE"
+
+CVE_PRODUCT = "iperf_project:iperf"
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb b/meta-openembedded/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb
index b4cbb79..3483db3 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb
@@ -30,7 +30,7 @@
"
PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'largefile', d)}"
-PACKAGECONFIG[doxygen] = "--enable-doxygen,--disable-doxygen"
+PACKAGECONFIG[doxygen] = "--enable-doxygen,--disable-doxygen,doxygen-native"
PACKAGECONFIG[largefile] = "--enable-largefile,--disable-largefile"
PACKAGECONFIG[mtpz] = "--enable-mtpz,--disable-mtpz,libgcrypt"
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch b/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch
index 7c3e775..9147605 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch
+++ b/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch
@@ -1,42 +1,44 @@
-From f7a3292c1c753b29384e216693f51a4213fea7d0 Mon Sep 17 00:00:00 2001
+From 35173fa04d0116ba30a86dc1a19f859f2be14a24 Mon Sep 17 00:00:00 2001
From: "Bruce A. Johnson" <waterfordtrack@gmail.com>
Date: Wed, 22 Dec 2021 14:24:02 -0500
-Subject: [PATCH 1/2] core: switch bash shell scripts to use /bin/sh for use
+Subject: [PATCH] core: switch bash shell scripts to use /bin/sh for use
w/Busybox.
Fixes https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/483
+
+%% original patch: 0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch
---
- data/fcc-unlock/105b | 2 +-
- data/fcc-unlock/1199 | 2 +-
- data/fcc-unlock/1eac | 2 +-
- test/mmcli-test-sms | 2 +-
- tools/tests/test-wrapper.sh.in | 2 +-
+ data/dispatcher-fcc-unlock/105b | 2 +-
+ data/dispatcher-fcc-unlock/1199 | 2 +-
+ data/dispatcher-fcc-unlock/1eac | 2 +-
+ test/mmcli-test-sms | 2 +-
+ tools/tests/test-wrapper.sh.in | 2 +-
5 files changed, 5 insertions(+), 5 deletions(-)
-diff --git a/data/fcc-unlock/105b b/data/fcc-unlock/105b
-index 21fe5329..f276050f 100644
---- a/data/fcc-unlock/105b
-+++ b/data/fcc-unlock/105b
+diff --git a/data/dispatcher-fcc-unlock/105b b/data/dispatcher-fcc-unlock/105b
+index 444bd51f..772c90f4 100644
+--- a/data/dispatcher-fcc-unlock/105b
++++ b/data/dispatcher-fcc-unlock/105b
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
# SPDX-License-Identifier: CC0-1.0
# 2021 Aleksander Morgado <aleksander@aleksander.es>
-diff --git a/data/fcc-unlock/1199 b/data/fcc-unlock/1199
-index 0109c6ab..e1d3804c 100644
---- a/data/fcc-unlock/1199
-+++ b/data/fcc-unlock/1199
+diff --git a/data/dispatcher-fcc-unlock/1199 b/data/dispatcher-fcc-unlock/1199
+index 83ab2c9e..6dbf8d1b 100644
+--- a/data/dispatcher-fcc-unlock/1199
++++ b/data/dispatcher-fcc-unlock/1199
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
# SPDX-License-Identifier: CC0-1.0
# 2021 Aleksander Morgado <aleksander@aleksander.es>
-diff --git a/data/fcc-unlock/1eac b/data/fcc-unlock/1eac
-index 1068d9c2..d9342852 100644
---- a/data/fcc-unlock/1eac
-+++ b/data/fcc-unlock/1eac
+diff --git a/data/dispatcher-fcc-unlock/1eac b/data/dispatcher-fcc-unlock/1eac
+index 1a048dc8..44ce46d7 100644
+--- a/data/dispatcher-fcc-unlock/1eac
++++ b/data/dispatcher-fcc-unlock/1eac
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
@@ -64,5 +66,5 @@
# For debugging behavior of test-modemmanager-service.py, you can modify
# this line to add --log-file option
--
-2.34.1
+2.35.3
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/files/0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch b/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/files/0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch
deleted file mode 100644
index d911d54..0000000
--- a/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/files/0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From ddf634b92bf96b35f521db6da329628b4525c2eb Mon Sep 17 00:00:00 2001
-From: Sven Schwermer <sven.schwermer@disruptive-technologies.com>
-Date: Fri, 25 Feb 2022 21:37:13 +0100
-Subject: [PATCH 2/2] fcc-unlock: Make scripts POSIX shell compatible
-
-This allows us to not rely on bash which may not be available on
-constrained systems, e.g. Yocto-built embedded systems. The scripts now
-pass shellcheck.
-
-Signed-off-by: Sven Schwermer <sven.schwermer@disruptive-technologies.com>
----
- data/fcc-unlock/105b | 8 ++++----
- data/fcc-unlock/1199 | 6 +++---
- data/fcc-unlock/1eac | 8 ++++----
- 3 files changed, 11 insertions(+), 11 deletions(-)
-
-diff --git a/data/fcc-unlock/105b b/data/fcc-unlock/105b
-index f276050f..772c90f4 100644
---- a/data/fcc-unlock/105b
-+++ b/data/fcc-unlock/105b
-@@ -15,20 +15,20 @@ shift
- # second and next arguments are control port names
- for PORT in "$@"; do
- # match port type in Linux 5.14 and newer
-- grep -q MBIM /sys/class/wwan/${PORT}/type 2>/dev/null && {
-+ grep -q MBIM "/sys/class/wwan/$PORT/type" 2>/dev/null && {
- MBIM_PORT=$PORT
- break
- }
- # match port name in Linux 5.13
-- [[ $PORT == *"MBIM"* ]] && {
-+ echo "$PORT" | grep -q MBIM && {
- MBIM_PORT=$PORT
- break
- }
- done
-
- # fail if no MBIM port exposed
--[ -n "${MBIM_PORT}" ] || exit 2
-+[ -n "$MBIM_PORT" ] || exit 2
-
- # run qmicli operation over MBIM
--qmicli --device-open-proxy --device=/dev/${MBIM_PORT} --dms-foxconn-set-fcc-authentication=0
-+qmicli --device-open-proxy --device="/dev/$MBIM_PORT" --dms-foxconn-set-fcc-authentication=0
- exit $?
-diff --git a/data/fcc-unlock/1199 b/data/fcc-unlock/1199
-index e1d3804c..6dbf8d1b 100644
---- a/data/fcc-unlock/1199
-+++ b/data/fcc-unlock/1199
-@@ -19,15 +19,15 @@ shift
- # second and next arguments are control port names
- for PORT in "$@"; do
- # match port name
-- [[ $PORT == *"cdc-wdm"* ]] && {
-+ echo "$PORT" | grep -q cdc-wdm && {
- CDC_WDM_PORT=$PORT
- break
- }
- done
-
- # fail if no cdc-wdm port exposed
--[ -n "${CDC_WDM_PORT}" ] || exit 2
-+[ -n "$CDC_WDM_PORT" ] || exit 2
-
- # run qmicli operation
--qmicli --device-open-proxy --device=/dev/${CDC_WDM_PORT} --dms-set-fcc-authentication
-+qmicli --device-open-proxy --device="/dev/$CDC_WDM_PORT" --dms-set-fcc-authentication
- exit $?
-diff --git a/data/fcc-unlock/1eac b/data/fcc-unlock/1eac
-index d9342852..44ce46d7 100644
---- a/data/fcc-unlock/1eac
-+++ b/data/fcc-unlock/1eac
-@@ -15,20 +15,20 @@ shift
- # second and next arguments are control port names
- for PORT in "$@"; do
- # match port type in Linux 5.14 and newer
-- grep -q MBIM /sys/class/wwan/${PORT}/type 2>/dev/null && {
-+ grep -q MBIM "/sys/class/wwan/$PORT/type" 2>/dev/null && {
- MBIM_PORT=$PORT
- break
- }
- # match port name in Linux 5.13
-- [[ $PORT == *"MBIM"* ]] && {
-+ echo "$PORT" | grep -q MBIM && {
- MBIM_PORT=$PORT
- break
- }
- done
-
- # fail if no MBIM port exposed
--[ -n "${MBIM_PORT}" ] || exit 2
-+[ -n "$MBIM_PORT" ] || exit 2
-
- # run mbimcli operation
--mbimcli --device-open-proxy --device=/dev/${MBIM_PORT} --quectel-set-radio-state=on
-+mbimcli --device-open-proxy --device="/dev/$MBIM_PORT" --quectel-set-radio-state=on
- exit $?
---
-2.34.1
-
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.6.bb b/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.8.bb
similarity index 92%
rename from meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.6.bb
rename to meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.8.bb
index 14d9942..28f81ba 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.6.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.8.bb
@@ -12,13 +12,12 @@
DEPENDS = "glib-2.0 libgudev libxslt-native dbus"
-SRCREV ?= "a7bcf2036b34d5043dbc33fee7d98bae5859c4d3"
+SRCREV ?= "0d8b5e93fc62eb0f41e18a2d9d845331d7af36ec"
-# Patches 0001, 0002 will be in ModemManager > 1.18.6
+# Patch 0001 will be in ModemManager > 1.19
SRC_URI = " \
git://gitlab.freedesktop.org/mobile-broadband/ModemManager.git;protocol=https;branch=mm-1-18 \
file://0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch \
- file://0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb
index 2d601a2..8141abe 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb
@@ -15,6 +15,8 @@
BBCLASSEXTEND = "native nativesdk"
+CVE_PRODUCT = "apache:thrift"
+
inherit pkgconfig cmake python3native
export STAGING_INCDIR
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.6.bb b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb
similarity index 92%
rename from meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.6.bb
rename to meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb
index 66c8075..f5d89d6 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.6.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb
@@ -23,13 +23,13 @@
PACKAGE_ARCH = "${MACHINE_ARCH}"
-SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.2/${BPN}-${PV}.tar.gz \
+SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.4/${BPN}-${PV}.tar.gz \
file://0001-Fix-configure.ac.patch \
file://zabbix-agent.service \
"
-SRC_URI[md5sum] = "31dab3535a1fa212f5724902727f6d4d"
-SRC_URI[sha256sum] = "76cb704f2a04fbc87bb3eff44fa71339c355d467f7bbd8fb53f8927c760e1680"
+SRC_URI[md5sum] = "f295fd2df86143d72f6ff26e47d9e39e"
+SRC_URI[sha256sum] = "d60d5515807c30c05d0900b83a7e6ef6479929aef7d6f248fba481c4816bacf4"
inherit autotools-brokensep linux-kernel-base pkgconfig systemd useradd
diff --git a/meta-openembedded/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-openembedded/meta-oe/recipes-core/emlog/emlog_git.bb
index be9ae58..05fa0c3 100644
--- a/meta-openembedded/meta-oe/recipes-core/emlog/emlog_git.bb
+++ b/meta-openembedded/meta-oe/recipes-core/emlog/emlog_git.bb
@@ -24,3 +24,14 @@
}
RRECOMMENDS:${PN} += "kernel-module-emlog"
+
+# The NVD database doesn't have a CPE for this product,
+# the name of this product is exactly the same as github.com/emlog/emlog
+# but it's not related in any way. The following CVEs are from that project
+# so they can be safely ignored
+CVE_CHECK_IGNORE += "\
+ CVE-2019-16868 \
+ CVE-2019-17073 \
+ CVE-2021-44584 \
+ CVE-2022-1526 \
+"
diff --git a/meta-openembedded/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb b/meta-openembedded/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb
index bc3d4fe..765edc5 100644
--- a/meta-openembedded/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb
+++ b/meta-openembedded/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb
@@ -96,7 +96,7 @@
acpitool \
cpufrequtils \
edac-utils \
- firmwared \
+ ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "firmwared", "", d)} \
flashrom \
fwupd \
fwupd-efi \
@@ -611,12 +611,12 @@
surf \
tesseract-lang \
tesseract \
- tigervnc \
+ ${@bb.utils.contains("DISTRO_FEATURES", "x11 pam", "tigervnc", "", d)} \
tslib \
unclutter-xfixes \
libvdpau \
xcursorgen \
- xscreensaver \
+ ${@bb.utils.contains("DISTRO_FEATURES", "x11 pam", "xscreensaver", "", d)} \
yad \
parallel-deqp-runner \
${@bb.utils.contains("DISTRO_FEATURES", "opengl", "opengl-es-cts", "", d)} \
@@ -729,7 +729,7 @@
anthy \
atop \
ace-cloud-editor \
- driverctl \
+ ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "driverctl", "", d)} \
frame \
${@bb.utils.contains("DISTRO_FEATURES", "x11", "geis", "", d)} \
grail \
diff --git a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch
index 36545c2..005ef02 100644
--- a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch
+++ b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch
@@ -322,8 +322,8 @@
--- a/src/libsystemd/sd-bus/bus-objects.c
+++ b/src/libsystemd/sd-bus/bus-objects.c
-@@ -12,6 +12,7 @@
- #include "set.h"
+@@ -11,6 +11,7 @@
+ #include "missing_capability.h"
#include "string-util.h"
#include "strv.h"
+#include "missing_stdlib.h"
diff --git a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb
index 6bb5f7a..d5c799a 100644
--- a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb
+++ b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb
@@ -10,7 +10,7 @@
DEPENDS += "gperf-native gettext-native util-linux libcap util-linux python3-jinja2-native"
-SRCREV = "1b003bbc806198dbdd57b405d968f30565495e70"
+SRCREV = "73be9643910c3f7f3ff84765d63060846c110016"
SRCBRANCH = "v250-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH} \
file://static-libsystemd-pkgconfig.patch \
diff --git a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb
index 39f0b4c..76fd6b6 100644
--- a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb
+++ b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb
@@ -27,6 +27,12 @@
S = "${WORKDIR}/git"
+# Link libatomic on architectures without 64bit atomics fixes
+# libsdbus-c++.so.1.1.0: undefined reference to `__atomic_load_8'
+LDFLAGS:append:mips = " -Wl,--no-as-needed -latomic -Wl,--as-needed"
+LDFLAGS:append:powerpc = " -Wl,--no-as-needed -latomic -Wl,--as-needed"
+LDFLAGS:append:riscv32 = " -Wl,--no-as-needed -latomic -Wl,--as-needed"
+
do_install:append() {
if ! ${@bb.utils.contains('PTEST_ENABLED', '1', 'true', 'false', d)}; then
rm -rf ${D}${sysconfdir}/dbus-1
diff --git a/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb b/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb
index 87750ec..6afc45a 100644
--- a/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb
+++ b/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb
@@ -4,7 +4,7 @@
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=92d1b128950b11ba8495b64938fc164d"
-SRC_URI = "git://github.com/google/${BPN}.git;branch=master;protocol=https \
+SRC_URI = "git://github.com/google/${BPN}.git;branch=main;protocol=https \
file://run-ptest"
SRCREV = "78b39d68c15ba020c0d60a3906fb66dbf1697595"
diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.3.bb b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb
similarity index 100%
rename from meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.3.bb
rename to meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb
diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc
index 855f124..922373b 100644
--- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc
+++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc
@@ -20,11 +20,10 @@
file://mm_malloc.patch \
file://sys_futex.patch \
file://mariadb-openssl3.patch \
- file://clang-64bit-atomics.patch \
"
SRC_URI:append:libc-musl = " file://ppc-remove-glibc-dep.patch"
-SRC_URI[sha256sum] = "da286919ffc9c913282202349709b6ba4ebcd342815e8dae0aa6b6bd8f515cd4"
+SRC_URI[sha256sum] = "73dd9c9d325520f20ca5e0ef16f94b7be1146bed7e4a78e735c20daebf3a4173"
UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases"
@@ -78,6 +77,8 @@
BUILD_CFLAGS += "-fuse-ld=bfd"
BUILD_CXXFLAGS += "-fuse-ld=bfd"
+LDFLAGS:x86:toolchain-clang = "-latomic"
+
EXTRA_OECMAKE = "-DWITH_EMBEDDED_SERVER=ON \
-DWITH_JEMALLOC=no \
-DWITHOUT_TOKUDB=TRUE \
diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch
deleted file mode 100644
index cdc2947..0000000
--- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-Prevent Clang from emitting atomic libcalls
-
-Clang expects 8-byte alignment for some 64-bit atomic operations
-in some 32-bit targets. Native instruction lock cmpxchg8b (for x86)
-should only require 4-byte alignment.
-
-This patch tries to add 8-byte alignents to data needing atomic ops
-which helps clang to not generate the libatomic calls but emit
-builtins directly.
-
-Upstream-Status: Submitted[https://jira.mariadb.org/browse/MDEV-28162]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
---- a/include/my_atomic.h
-+++ b/include/my_atomic.h
-@@ -115,6 +115,16 @@
- #include "atomic/gcc_builtins.h"
- #endif
-
-+#include <stdint.h>
-+
-+# ifdef __GNUC__
-+typedef __attribute__((__aligned__(8))) int64 ATOMIC_I64;
-+typedef __attribute__((__aligned__(8))) uint64 ATOMIC_U64;
-+# else
-+typedef int64 ATOMIC_I64;
-+typedef uint64 ATOMIC_U64;
-+# endif
-+
- #if SIZEOF_LONG == 4
- #define my_atomic_addlong(A,B) my_atomic_add32((int32*) (A), (B))
- #define my_atomic_loadlong(A) my_atomic_load32((int32*) (A))
-@@ -123,12 +133,12 @@
- #define my_atomic_faslong(A,B) my_atomic_fas32((int32*) (A), (B))
- #define my_atomic_caslong(A,B,C) my_atomic_cas32((int32*) (A), (int32*) (B), (C))
- #else
--#define my_atomic_addlong(A,B) my_atomic_add64((int64*) (A), (B))
--#define my_atomic_loadlong(A) my_atomic_load64((int64*) (A))
--#define my_atomic_loadlong_explicit(A,O) my_atomic_load64_explicit((int64*) (A), (O))
--#define my_atomic_storelong(A,B) my_atomic_store64((int64*) (A), (B))
--#define my_atomic_faslong(A,B) my_atomic_fas64((int64*) (A), (B))
--#define my_atomic_caslong(A,B,C) my_atomic_cas64((int64*) (A), (int64*) (B), (C))
-+#define my_atomic_addlong(A,B) my_atomic_add64((ATOMIC_I64*) (A), (B))
-+#define my_atomic_loadlong(A) my_atomic_load64((ATOMIC_I64*) (A))
-+#define my_atomic_loadlong_explicit(A,O) my_atomic_load64_explicit((ATOMIC_I64*) (A), (O))
-+#define my_atomic_storelong(A,B) my_atomic_store64((ATOMIC_I64*) (A), (B))
-+#define my_atomic_faslong(A,B) my_atomic_fas64((ATOMIC_I64*) (A), (B))
-+#define my_atomic_caslong(A,B,C) my_atomic_cas64((ATOMIC_I64*) (A), (ATOMIC_I64*) (B), (C))
- #endif
-
- #ifndef MY_MEMORY_ORDER_SEQ_CST
---- a/storage/perfschema/pfs_atomic.h
-+++ b/storage/perfschema/pfs_atomic.h
-@@ -41,7 +41,7 @@ public:
- }
-
- /** Atomic load. */
-- static inline int64 load_64(int64 *ptr)
-+ static inline int64 load_64(ATOMIC_I64 *ptr)
- {
- return my_atomic_load64(ptr);
- }
-@@ -53,9 +53,9 @@ public:
- }
-
- /** Atomic load. */
-- static inline uint64 load_u64(uint64 *ptr)
-+ static inline uint64 load_u64(ATOMIC_U64 *ptr)
- {
-- return (uint64) my_atomic_load64((int64*) ptr);
-+ return (uint64) my_atomic_load64((ATOMIC_I64*) ptr);
- }
-
- /** Atomic store. */
-@@ -65,7 +65,7 @@ public:
- }
-
- /** Atomic store. */
-- static inline void store_64(int64 *ptr, int64 value)
-+ static inline void store_64(ATOMIC_I64 *ptr, int64 value)
- {
- my_atomic_store64(ptr, value);
- }
-@@ -77,9 +77,9 @@ public:
- }
-
- /** Atomic store. */
-- static inline void store_u64(uint64 *ptr, uint64 value)
-+ static inline void store_u64(ATOMIC_U64 *ptr, uint64 value)
- {
-- my_atomic_store64((int64*) ptr, (int64) value);
-+ my_atomic_store64((ATOMIC_I64*) ptr, (int64) value);
- }
-
- /** Atomic add. */
-@@ -89,7 +89,7 @@ public:
- }
-
- /** Atomic add. */
-- static inline int64 add_64(int64 *ptr, int64 value)
-+ static inline int64 add_64(ATOMIC_I64 *ptr, int64 value)
- {
- return my_atomic_add64(ptr, value);
- }
-@@ -101,9 +101,9 @@ public:
- }
-
- /** Atomic add. */
-- static inline uint64 add_u64(uint64 *ptr, uint64 value)
-+ static inline uint64 add_u64(ATOMIC_U64 *ptr, uint64 value)
- {
-- return (uint64) my_atomic_add64((int64*) ptr, (int64) value);
-+ return (uint64) my_atomic_add64((ATOMIC_I64*) ptr, (int64) value);
- }
-
- /** Atomic compare and swap. */
-@@ -114,7 +114,7 @@ public:
- }
-
- /** Atomic compare and swap. */
-- static inline bool cas_64(int64 *ptr, int64 *old_value,
-+ static inline bool cas_64(ATOMIC_I64 *ptr, ATOMIC_I64 *old_value,
- int64 new_value)
- {
- return my_atomic_cas64(ptr, old_value, new_value);
-@@ -129,10 +129,10 @@ public:
- }
-
- /** Atomic compare and swap. */
-- static inline bool cas_u64(uint64 *ptr, uint64 *old_value,
-+ static inline bool cas_u64(ATOMIC_U64 *ptr, ATOMIC_U64 *old_value,
- uint64 new_value)
- {
-- return my_atomic_cas64((int64*) ptr, (int64*) old_value,
-+ return my_atomic_cas64((ATOMIC_I64*) ptr, (ATOMIC_I64*) old_value,
- (uint64) new_value);
- }
- };
---- a/sql/sql_class.h
-+++ b/sql/sql_class.h
-@@ -1049,7 +1049,7 @@ static inline void update_global_memory_
- (longlong) global_status_var.global_memory_used,
- size));
- // workaround for gcc 4.2.4-1ubuntu4 -fPIE (from DEB_BUILD_HARDENING=1)
-- int64 volatile * volatile ptr= &global_status_var.global_memory_used;
-+ ATOMIC_I64 volatile * volatile ptr= &global_status_var.global_memory_used;
- my_atomic_add64_explicit(ptr, size, MY_MEMORY_ORDER_RELAXED);
- }
-
---- a/storage/innobase/include/srv0mon.h
-+++ b/storage/innobase/include/srv0mon.h
-@@ -49,7 +49,7 @@ enum monitor_running_status {
- typedef enum monitor_running_status monitor_running_t;
-
- /** Monitor counter value type */
--typedef int64_t mon_type_t;
-+typedef ATOMIC_I64 mon_type_t;
-
- /** Two monitor structures are defined in this file. One is
- "monitor_value_t" which contains dynamic counter values for each
-@@ -568,7 +568,7 @@ Use MONITOR_INC if appropriate mutex pro
- if (enabled) { \
- ib_uint64_t value; \
- value = my_atomic_add64_explicit( \
-- (int64*) &MONITOR_VALUE(monitor), 1, \
-+ (ATOMIC_I64*) &MONITOR_VALUE(monitor), 1, \
- MY_MEMORY_ORDER_RELAXED) + 1; \
- /* Note: This is not 100% accurate because of the \
- inherent race, we ignore it due to performance. */ \
-@@ -585,7 +585,7 @@ Use MONITOR_DEC if appropriate mutex pro
- if (enabled) { \
- ib_uint64_t value; \
- value = my_atomic_add64_explicit( \
-- (int64*) &MONITOR_VALUE(monitor), -1, \
-+ (ATOMIC_I64*) &MONITOR_VALUE(monitor), -1, \
- MY_MEMORY_ORDER_RELAXED) - 1; \
- /* Note: This is not 100% accurate because of the \
- inherent race, we ignore it due to performance. */ \
diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.7.3.bb b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb
similarity index 100%
rename from meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.7.3.bb
rename to meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb
diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch
index 39ec7c2..2256bcc 100644
--- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch
+++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch
@@ -1,4 +1,4 @@
-From 9c9ac8b64f940bf69ecdc92abca9b58f12b401c3 Mon Sep 17 00:00:00 2001
+From 07e605015fad0621c3e67133ff9330a5c6318daa Mon Sep 17 00:00:00 2001
From: Yi Fan Yu <yifan.yu@windriver.com>
Date: Fri, 5 Feb 2021 17:15:42 -0500
Subject: [PATCH] configure.ac: bypass autoconf 2.69 version check
@@ -14,12 +14,12 @@
1 file changed, 4 deletions(-)
diff --git a/configure.ac b/configure.ac
-index 3b148b6..94f39c5 100644
+index 04ef7be..0eb595b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -19,10 +19,6 @@ m4_pattern_forbid(^PGAC_)dnl to catch undefined macros
- AC_INIT([PostgreSQL], [14.2], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/])
+ AC_INIT([PostgreSQL], [14.4], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/])
-m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required.
-Untested combinations of 'autoconf' and PostgreSQL versions are not
diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.2.bb b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb
similarity index 79%
rename from meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.2.bb
rename to meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb
index 52e8867..01a6ee6 100644
--- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.2.bb
+++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb
@@ -10,4 +10,4 @@
file://remove_duplicate.patch \
"
-SRC_URI[sha256sum] = "2cf78b2e468912f8101d695db5340cf313c2e9f68a612fb71427524e8c9a977a"
+SRC_URI[sha256sum] = "c23b6237c5231c791511bdc79098617d6852e9e3bdf360efd8b5d15a1a3d8f6a"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/jq/jq_git.bb b/meta-openembedded/meta-oe/recipes-devtools/jq/jq_git.bb
index d0c70da..8b0218c 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/jq/jq_git.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/jq/jq_git.bb
@@ -21,7 +21,7 @@
PACKAGECONFIG[maintainer-mode] = "--enable-maintainer-mode,--disable-maintainer-mode,flex-native bison-native"
PACKAGECONFIG[oniguruma] = "--with-oniguruma,--without-oniguruma,onig"
-OE_EXTRACONF += " \
+EXTRA_OECONF += " \
--disable-valgrind \
"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.4.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.7.bb
similarity index 98%
rename from meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.4.bb
rename to meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.7.bb
index bf6c543..e9e8ecc 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.4.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.7.bb
@@ -33,7 +33,7 @@
"
S = "${WORKDIR}/php-${PV}"
-SRC_URI[sha256sum] = "b3f688cb69758523838b8e7f509aaef0152133d9b84a84a0b7cf68eeafc1df76"
+SRC_URI[sha256sum] = "b816753eb005511e695d90945c27093c3236cc73db1262656d9fadd73ead7e9d"
inherit autotools pkgconfig python3native gettext
diff --git a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.0.bb b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.1.bb
similarity index 90%
rename from meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.0.bb
rename to meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.1.bb
index b3423ba..d724287 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.0.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.1.bb
@@ -8,12 +8,12 @@
HOMEPAGE = "https://github.com/protobuf-c/protobuf-c"
SECTION = "console/tools"
LICENSE = "BSD-2-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=cb901168715f4782a2b06c3ddaefa558"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=9f725889e0d77383e26cb42b0b62cea2"
DEPENDS = "protobuf-native protobuf"
SRC_URI = "git://github.com/protobuf-c/protobuf-c.git;branch=master;protocol=https"
-SRCREV = "f224ab2eeb648a818eb20687d7150a285442c907"
+SRCREV = "abc67a11c6db271bedbb9f58be85d6f4e2ea8389"
S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/unattended-upgrades/files/0001-setup.py-Disable-autodection-of-modules.patch b/meta-openembedded/meta-oe/recipes-devtools/unattended-upgrades/files/0001-setup.py-Disable-autodection-of-modules.patch
new file mode 100644
index 0000000..ec70dd6
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/unattended-upgrades/files/0001-setup.py-Disable-autodection-of-modules.patch
@@ -0,0 +1,28 @@
+From 8fd80ead718ffc53d7182b9df6f49974113ff8fc Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 23 May 2022 11:23:58 -0700
+Subject: [PATCH] setup.py: Disable autodection of modules
+
+This helps to fix build with latest setuptools
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ setup.py | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/setup.py b/setup.py
+index 932bf01..fd5a092 100755
+--- a/setup.py
++++ b/setup.py
+@@ -12,6 +12,7 @@ if __name__ == "__main__":
+ name='unattended-upgrades',
+ version='0.1',
+ scripts=['unattended-upgrade'],
++ py_modules=[],
+ data_files=[
+ ('../etc/logrotate.d/',
+ ["data/logrotate.d/unattended-upgrades"]),
+--
+2.36.1
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb b/meta-openembedded/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb
index 1ec205f..d4f5b8d 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb
@@ -7,6 +7,7 @@
SRC_URI = "git://github.com/mvo5/unattended-upgrades.git;protocol=https;branch=master \
file://0001-unattended-upgrade-Remove-distro_info-usage-to-check.patch \
+ file://0001-setup.py-Disable-autodection-of-modules.patch \
"
SRCREV = "c6db6fad26a2b83ba301b52ff5dee98cef7558ca"
diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb
index 2cea50d..7a613bc 100644
--- a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb
@@ -19,7 +19,7 @@
file://0004-Modify-systemd-config-directory.patch \
file://0001-cmake-Link-with-libatomic-on-rv32-rv64.patch \
"
-SRCREV = "0138c00811c86eab4ff6bff3c6528163885ade19"
+SRCREV = "6a3bd901d825c7206797e36ea98e10a218f5aad2"
PV .= "+2.18.9git${SRCPV}"
@@ -27,7 +27,7 @@
LDFLAGS:append:riscv64 = " -latomic"
-PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd systemd-watchdog systemd-journal dlt-examples dlt-adaptor dlt-console ', '', d)} \
+PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd systemd-watchdog systemd-journal dlt-examples dlt-adaptor dlt-adaptor-udp dlt-console ', '', d)} \
udp-connection dlt-system dlt-filetransfer "
# dlt-dbus
@@ -44,6 +44,7 @@
# Command line options
PACKAGECONFIG[dlt-system] = "-DWITH_DLT_SYSTEM=ON,-DWITH_DLT_SYSTEM=OFF"
PACKAGECONFIG[dlt-adaptor] = "-DWITH_DLT_ADAPTOR=ON,-DWITH_DLT_ADAPTOR=OFF,,dlt-daemon-systemd"
+PACKAGECONFIG[dlt-adaptor-udp] = "-DWITH_DLT_ADAPTOR_UDP=ON,-DWITH_DLT_ADAPTOR_UDP=OFF,,dlt-daemon-systemd"
PACKAGECONFIG[dlt-filetransfer] = "-DWITH_DLT_FILETRANSFER=ON,-DWITH_DLT_FILETRANSFER=OFF"
PACKAGECONFIG[dlt-console] = "-DWITH_DLT_CONSOLE=ON,-DWITH_DLT_CONSOLE=OFF,,dlt-daemon-systemd"
@@ -58,7 +59,7 @@
${@bb.utils.contains('PACKAGECONFIG', 'dlt-dbus', 'dlt-dbus.service', '', d)}"
SYSTEMD_AUTO_ENABLE:${PN} = "enable"
SYSTEMD_SERVICE:${PN}-systemd = " \
- ${@bb.utils.contains('PACKAGECONFIG', 'dlt-adaptor', 'dlt-adaptor-udp.service', '', d)} \
+ ${@bb.utils.contains('PACKAGECONFIG', 'dlt-adaptor-udp', 'dlt-adaptor-udp.service', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples', 'dlt-example-user.service', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples dlt-console', 'dlt-receive.service', '', d)} \
"
diff --git a/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2021.6.bb b/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2021.6.bb
index cf149ae..b186ba1 100644
--- a/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2021.6.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2021.6.bb
@@ -201,7 +201,7 @@
"
RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-utils glibc-localedata-en-us"
-RRECOMMENDS:${PN} += "kernel-module-overlay"
+RRECOMMENDS:${PN}:append:class-target = " kernel-module-overlay"
SYSTEMD_SERVICE:${PN} = "ostree-remount.service ostree-finalize-staged.path"
SYSTEMD_SERVICE:${PN}-switchroot = "ostree-prepare-root.service"
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch
index 12994da..20f689b 100644
--- a/meta-openembedded/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch
@@ -1,4 +1,4 @@
-From 18dc1457db8f66237e016b85a04dc50833c33c50 Mon Sep 17 00:00:00 2001
+From 98d526f76049be21bf3d77158236b2189419a78e Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sat, 21 Dec 2019 12:09:51 -0800
Subject: [PATCH] Define _GNU_SOURCE to get PTHREAD_MUTEX_INITIALIZER
@@ -10,20 +10,22 @@
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
---
src/zmalloc.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/zmalloc.c b/src/zmalloc.c
-index ba03685..322304f 100644
+index 1f33d09..5e182d1 100644
--- a/src/zmalloc.c
+++ b/src/zmalloc.c
-@@ -32,6 +32,7 @@
- #include "config.h"
- #include "solarisfixes.h"
+@@ -28,6 +28,7 @@
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.6.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.7.bb
similarity index 95%
rename from meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.6.bb
rename to meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.7.bb
index 87fade7..7f922a4 100644
--- a/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.6.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.7.bb
@@ -17,7 +17,7 @@
file://GNU_SOURCE.patch \
file://0006-Define-correct-gregs-for-RISCV32.patch \
"
-SRC_URI[sha256sum] = "5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab"
+SRC_URI[sha256sum] = "b7a79cc3b46d3c6eb52fa37dde34a4a60824079ebdfb3abfbbfa035947c55319"
inherit autotools-brokensep update-rc.d systemd useradd
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0-rc3.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.2.bb
similarity index 95%
rename from meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0-rc3.bb
rename to meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.2.bb
index e977d67..b188278 100644
--- a/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0-rc3.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.2.bb
@@ -19,7 +19,7 @@
file://GNU_SOURCE.patch \
file://0006-Define-correct-gregs-for-RISCV32.patch \
"
-SRC_URI[sha256sum] = "66b2ecc2e4b53c62940589434ea8af3a85546df131001680ed294028cd84ecdc"
+SRC_URI[sha256sum] = "5e57eafe7d4ac5ecb6a7d64d6b61db775616dbf903293b3fcc660716dbda5eeb"
inherit autotools-brokensep update-rc.d systemd useradd
diff --git a/meta-openembedded/meta-oe/recipes-extended/s-nail/files/0001-make.rc-set-VAL_MTA.patch b/meta-openembedded/meta-oe/recipes-extended/s-nail/files/0001-make.rc-set-VAL_MTA.patch
new file mode 100644
index 0000000..f4decda
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/s-nail/files/0001-make.rc-set-VAL_MTA.patch
@@ -0,0 +1,48 @@
+From da8c7a027390de7828d4272a3c8bcdbffbac25ad Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@windriver.com>
+Date: Thu, 5 May 2022 16:57:48 +0800
+Subject: [PATCH] make.rc: set VAL_MTA
+
+Some build server may provide sendmail like /usr/lib/sendmail which
+may result the VAL_MTA to be /usr/lib/sendmail, but the sendmail
+is actually /usr/sbin/sendmail on the target.
+
+Fixes:
+ # echo "invalide address email" | s-nail -s "test mail" -r test@test.com tester@test.com
+ s-nail: Cannot start /usr/lib/sendmail: executable not found (adjust *mta* variable)
+ /home/root/dead.letter 10/234
+ s-nail: ... message not sent
+
+ # which sendmail
+ /usr/sbin/sendmail
+
+Upstream-Status: Inappropriate[oe-specific]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ make.rc | 9 +--------
+ 1 file changed, 1 insertion(+), 8 deletions(-)
+
+diff --git a/make.rc b/make.rc
+index 98bd968..45ac0d4 100644
+--- a/make.rc
++++ b/make.rc
+@@ -96,14 +96,7 @@ VAL_MAIL=`\
+
+ # Path to the local MTA (Mail-Transfer-Agent).
+ # MTA aliases (aliases(5)) are optionally supported via OPT_MTA_ALIASES.
+-VAL_MTA=`\
+- if [ -x /usr/bin/sendmail ]; then \
+- echo /usr/bin/sendmail;\
+- elif [ -x /usr/lib/sendmail ]; then \
+- echo /usr/lib/sendmail;\
+- else \
+- echo /usr/sbin/sendmail;\
+- fi`
++VAL_MTA=/usr/sbin/sendmail
+
+ # Today a lot of systems no longer use sendmail(1), but a different MTA.
+ # To ensure compatibility with sendmail(1), a system called
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb b/meta-openembedded/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb
index bc514b5..539f9c3 100644
--- a/meta-openembedded/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb
@@ -6,7 +6,8 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=87266591c81260f10221f1f38872d023"
SRC_URI = "https://ftp.sdaoden.eu/${BP}.tar.xz \
- file://make-errors.patch"
+ file://make-errors.patch \
+ file://0001-make.rc-set-VAL_MTA.patch"
SRC_URI[sha256sum] = "2714d6b8fb2af3b363fc7c79b76d058753716345d1b6ebcd8870ecd0e4f7ef8c"
DEPENDS = "coreutils-native"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb
index a9258e9..aa597cd 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb
@@ -114,4 +114,6 @@
FILES_SOLIBSDEV:append = " ${libdir}/graphviz/lib*${SOLIBSDEV}"
+RRECOMMENDS:${PN} = "liberation-fonts"
+
BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb b/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb
index 56d41cd..869f812 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb
@@ -14,7 +14,7 @@
AUTO_LIBNAME_PKGS = ""
-SRC_URI = "git://git.enlightenment.org/legacy/${BPN}.git;protocol=https;branch=master"
+SRC_URI = "git://git.enlightenment.org/old/legacy-${BPN}.git;protocol=https;branch=master"
S = "${WORKDIR}/git"
PACKAGECONFIG ??= "jpeg png zlib ${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb b/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb
index 2f7fcac..0d45ee7 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb
@@ -4,7 +4,7 @@
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRCREV = "4767ea922bcc460e70b87b1d303ebdfed0897da8"
-SRC_URI = "git://github.com/tesseract-ocr/tessdata.git;branch=master;protocol=https"
+SRC_URI = "git://github.com/tesseract-ocr/tessdata.git;branch=main;protocol=https"
S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb b/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb
index c3f965b..eb004c2 100644
--- a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb
+++ b/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb
@@ -36,9 +36,13 @@
# If we do not specify TARGET, makedumpfile will build for the host but use the
# target gcc.
#
+
+MAKEDUMPFILE_TARGET ?= "${TARGET_ARCH}"
+MAKEDUMPFILE_TARGET:powerpc = "ppc"
+
EXTRA_OEMAKE = "\
LINKTYPE=static \
- TARGET=${TARGET_ARCH} \
+ TARGET=${MAKEDUMPFILE_TARGET} \
${PACKAGECONFIG_CONFARGS} \
"
diff --git a/meta-openembedded/meta-oe/recipes-support/devmem2/devmem2.bb b/meta-openembedded/meta-oe/recipes-support/devmem2/devmem2.bb
deleted file mode 100644
index 92c05fe..0000000
--- a/meta-openembedded/meta-oe/recipes-support/devmem2/devmem2.bb
+++ /dev/null
@@ -1,27 +0,0 @@
-SUMMARY = "Simple program to read/write from/to any location in memory"
-LICENSE = "GPL-2.0-or-later"
-LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf"
-PR = "r7"
-
-SRC_URI = "http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
- "
-
-S = "${WORKDIR}"
-
-CFLAGS += "-DFORCE_STRICT_ALIGNMENT"
-
-python do_unpack:append() {
- os.rename("devmem2-new.c", "devmem2.c")
-}
-
-do_compile() {
- ${CC} -o devmem2 devmem2.c ${CFLAGS} ${LDFLAGS}
-}
-
-do_install() {
- install -d ${D}${bindir}
- install devmem2 ${D}${bindir}
-}
-
-SRC_URI[md5sum] = "e23f236e94be4c429aa1ceac0f01544b"
-SRC_URI[sha256sum] = "3b15515693bae1ebd14d914e46d388edfec2175829ea1576a7a0c8606ebbe639"
diff --git a/meta-openembedded/meta-oe/recipes-support/devmem2/devmem2_2.0.bb b/meta-openembedded/meta-oe/recipes-support/devmem2/devmem2_2.0.bb
new file mode 100644
index 0000000..aee6bfe
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-support/devmem2/devmem2_2.0.bb
@@ -0,0 +1,19 @@
+SUMMARY = "Simple program to read/write from/to any location in memory"
+LICENSE = "GPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf"
+
+SRC_URI = "git://github.com/denix0/devmem2.git;protocol=https;branch=main"
+SRCREV = "5b395a946894eb4f4ef5d07c80a50a88573a541e"
+
+S = "${WORKDIR}/git"
+
+CFLAGS += "-DFORCE_STRICT_ALIGNMENT"
+
+do_compile() {
+ ${CC} -o devmem2 devmem2.c ${CFLAGS} ${LDFLAGS}
+}
+
+do_install() {
+ install -d ${D}${bindir}
+ install devmem2 ${D}${bindir}
+}
diff --git a/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
index 008a83f..b8167f5 100644
--- a/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
+++ b/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
@@ -4,15 +4,15 @@
DESCRIPTION = "ImageMagick is a collection of tools for displaying, converting, and \
editing raster and vector image files. It can read and write over 200 image file formats."
LICENSE = "ImageMagick"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=41b4fa9af60c88e61484b02c0561181a \
- file://NOTICE;md5=a2aa6e41f8a40700196a9ce301693e34"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b97c12a9213df1499565d69b92c73dd7 \
+ file://NOTICE;md5=d8b9d2ccf273687ad12ebd06e5d8478f"
# FIXME: There are many more checked libraries. All should be added or explicitly disabled to get consistent results.
DEPENDS = "lcms bzip2 jpeg libpng tiff zlib fftw freetype libtool"
BASE_PV := "${PV}"
-PV .= "_25"
+PV .= "-62"
SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=https"
-SRCREV = "8b4e00829eb84d4e7b4da11acf1f98f1e8166e5b"
+SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"
S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb b/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb
index fc4fad7..80c962e 100644
--- a/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb
+++ b/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb
@@ -45,6 +45,6 @@
BBCLASSEXTEND = "native nativesdk"
-#it needs to work with CXXFLAGS += " -mlong-double-64" but ppc64 only supports 128bit long double
-COMPATIBLE_HOST:powerpc64le = "null"
-COMPATIBLE_HOST:powerpc = "null"
+#it needs to work with CXXFLAGS += " -mlong-double-64" but ppc only supports 128bit long double
+COMPATIBLE_HOST:powerpc:libc-musl = "null"
+COMPATIBLE_HOST:powerpc64le:libc-musl = "null"
diff --git a/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb
index 35e68b7..2cccf93 100644
--- a/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb
+++ b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb
@@ -14,7 +14,7 @@
inherit autotools pkgconfig python3native ptest
-PACKAGECONFIG[tests] = "--enable-tests,--disable-tests,kmod udev glib-2.0 catch2,bats python3-packaging"
+PACKAGECONFIG[tests] = "--enable-tests,--disable-tests,kmod udev glib-2.0 catch2"
PACKAGECONFIG[cxx] = "--enable-bindings-cxx,--disable-bindings-cxx"
PACKAGECONFIG[python3] = "--enable-bindings-python,--disable-bindings-python,python3"
@@ -54,6 +54,7 @@
coreutils \
${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-unittest', '', d)} \
"
+RDEPENDS:${PN}-ptest += "bats python3-packaging"
PACKAGECONFIG:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'tests', '', d)}"
diff --git a/meta-openembedded/meta-oe/recipes-support/openldap/openldap/openldap-2.4.28-gnutls-gcrypt.patch b/meta-openembedded/meta-oe/recipes-support/openldap/openldap/openldap-2.4.28-gnutls-gcrypt.patch
deleted file mode 100644
index 8cfd003..0000000
--- a/meta-openembedded/meta-oe/recipes-support/openldap/openldap/openldap-2.4.28-gnutls-gcrypt.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-From http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-nds/openldap/files/
-
-Upstream-Status: Pending
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -1263,7 +1263,7 @@ if test $ol_link_tls = no ; then
- ol_link_tls=yes
- WITH_TLS_TYPE=gnutls
-
-- TLS_LIBS="-lgnutls"
-+ TLS_LIBS="-lgnutls -lgcrypt"
-
- AC_DEFINE(HAVE_GNUTLS, 1,
- [define if you have GNUtls])
diff --git a/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.9.bb b/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.12.bb
similarity index 96%
rename from meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.9.bb
rename to meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.12.bb
index 5ac5660..e4475e5 100644
--- a/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.9.bb
+++ b/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.12.bb
@@ -7,7 +7,7 @@
# basically BSD. opensource.org does not record this license
# at present (so it is apparently not OSI certified).
LICENSE = "OpenLDAP"
-LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=5cc6ef74da4ad25d707c4f5903d64975 \
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=beceb5ac7100b6430640c61655b25c1f \
file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \
"
SECTION = "libs"
@@ -15,7 +15,6 @@
LDAP_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}"
SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/${BP}.tgz \
- file://openldap-2.4.28-gnutls-gcrypt.patch \
file://use-urandom.patch \
file://initscript \
file://slapd.service \
@@ -26,8 +25,7 @@
file://0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch \
"
-SRC_URI[md5sum] = "237fc2d881c27f8dd5d9f396e2865c11"
-SRC_URI[sha256sum] = "c08e12f4ca5803d5d9f9948c70ad3491282cda3c17ec8b655dcbcb2364e6fb9e"
+SRC_URI[sha256sum] = "d5086cbfc49597fa7d0670a429a9054552d441b16ee8b2435412797ab0e37b96"
DEPENDS = "util-linux groff-native"
@@ -51,7 +49,7 @@
${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
"
#--with-tls with TLS/SSL support auto|openssl|gnutls [auto]
-PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls libgcrypt"
+PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls"
PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl"
PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl"
diff --git a/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd b/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd
index b63f46d..851bf25 100644
--- a/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd
+++ b/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd
@@ -1,4 +1,4 @@
-@version: 3.31
+@version: 3.36
#
# Syslog-ng configuration file, compatible with default Debian syslogd
# installation. Originally written by anonymous (I can't find his name)
diff --git a/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit b/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit
index 07cd3b0..70afd0d 100644
--- a/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit
+++ b/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit
@@ -1,4 +1,4 @@
-@version: 3.31
+@version: 3.36
#
# Syslog-ng configuration file, compatible with default Debian syslogd
# installation. Originally written by anonymous (I can't find his name)
diff --git a/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.32.bb b/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.34.bb
similarity index 96%
rename from meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.32.bb
rename to meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.34.bb
index a8cf326..5e0accb 100644
--- a/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.32.bb
+++ b/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.34.bb
@@ -16,7 +16,7 @@
file://0001-utils-fix-build-against-5.15-libc-headers-headers.patch \
"
-SRC_URI[sha256sum] = "5d11384200b4e943ad0056d2cf75980ae4bee852c89650e2914e1b34eedc2d2c"
+SRC_URI[sha256sum] = "9c3ce1829432e5b8374f950698587038f45fb0492147dc200e59edb9bb75eb49"
S ?= "${WORKDIR}/vbox_module"
S:task-patch = "${WORKDIR}/${VBOX_NAME}"
diff --git a/meta-openembedded/meta-oe/recipes-test/bats/bats_1.6.0.bb b/meta-openembedded/meta-oe/recipes-test/bats/bats_1.6.1.bb
similarity index 85%
rename from meta-openembedded/meta-oe/recipes-test/bats/bats_1.6.0.bb
rename to meta-openembedded/meta-oe/recipes-test/bats/bats_1.6.1.bb
index 7ea1aa8..7d72a51 100644
--- a/meta-openembedded/meta-oe/recipes-test/bats/bats_1.6.0.bb
+++ b/meta-openembedded/meta-oe/recipes-test/bats/bats_1.6.1.bb
@@ -6,9 +6,12 @@
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.md;md5=2970203aedf9e829edb96a137a4fe81b"
-SRC_URI = "git://github.com/bats-core/bats-core.git;branch=master;protocol=https"
-# v1.4.1
-SRCREV = "210acf3a8ed318ddedad3137c15451739beba7d4"
+SRC_URI = "\
+ git://github.com/bats-core/bats-core.git;branch=version/1.6.x;protocol=https \
+ "
+
+# v1.6.1
+SRCREV = "1977254c2a7faa2e0af17355856f91dc471d1daa"
S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb b/meta-openembedded/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
index f7bf365..fdeb83c 100644
--- a/meta-openembedded/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
+++ b/meta-openembedded/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
@@ -12,9 +12,9 @@
# FORTRAN:forcevariable = ",fortran"
RDEPENDS:packagegroup-meta-python3 = "\
${@bb.utils.contains("DISTRO_FEATURES", "systemd", "python3-systemd", "", d)} \
- ${@bb.utils.contains("DISTRO_FEATURES", "x11", "python3-blivetgui", "", d)} \
+ ${@bb.utils.contains("DISTRO_FEATURES", "x11 systemd", "python3-blivetgui", "", d)} \
gyp \
- pamela \
+ ${@bb.utils.contains("DISTRO_FEATURES", "pam", "pamela", "", d)} \
pyrtm \
python3-absl \
python3-aenum \
@@ -52,7 +52,7 @@
python3-bitstring \
python3-bitstruct \
python3-blinker \
- python3-blivet \
+ ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "python3-blivet", "", d)} \
python3-booleanpy \
python3-cachecontrol \
python3-cached-property \
@@ -84,7 +84,7 @@
python3-croniter \
python3-cson \
python3-custom-inherit \
- python3-cvxopt \
+ ${@bb.utils.contains_any('FORTRAN', [',fortran',',f77'], 'python3-cvxopt', '', d)} \
python3-cycler \
python3-dateparser \
python3-dateutil \
@@ -327,7 +327,7 @@
python3-pyscaffold \
python3-pyserial \
python3-pysonos \
- python3-pystemd \
+ ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "python3-pystemd", "", d)} \
python3-pytest-asyncio \
python3-pytest-benchmark \
python3-pytest-cache \
diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-astroid_2.11.2.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-astroid_2.11.3.bb
similarity index 89%
rename from meta-openembedded/meta-python/recipes-devtools/python/python3-astroid_2.11.2.bb
rename to meta-openembedded/meta-python/recipes-devtools/python/python3-astroid_2.11.3.bb
index c52008e..a2e9111 100644
--- a/meta-openembedded/meta-python/recipes-devtools/python/python3-astroid_2.11.2.bb
+++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-astroid_2.11.3.bb
@@ -4,7 +4,7 @@
LICENSE = "LGPL-2.1-only"
LIC_FILES_CHKSUM = "file://LICENSE;md5=a70cf540abf41acb644ac3b621b2fad1"
-SRC_URI[sha256sum] = "8d0a30fe6481ce919f56690076eafbb2fb649142a89dc874f1ec0e7a011492d0"
+SRC_URI[sha256sum] = "4e5ba10571e197785e312966ea5efb2f5783176d4c1a73fa922d474ae2be59f7"
inherit pypi setuptools3
diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb
index b9eab3c..cd05b45 100644
--- a/meta-openembedded/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb
+++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb
@@ -50,6 +50,7 @@
${PYTHON_PN}-dateutil \
${PYTHON_PN}-kiwisolver \
${PYTHON_PN}-pytz \
+ ${PYTHON_PN}-pillow \
"
ENABLELTO:toolchain-clang:riscv64 = "echo enable_lto = False >> ${S}/mplsetup.cfg"
diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-pybluez/0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch b/meta-openembedded/meta-python/recipes-devtools/python/python3-pybluez/0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch
new file mode 100644
index 0000000..9126aba
--- /dev/null
+++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-pybluez/0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch
@@ -0,0 +1,153 @@
+From aa8ee5e5e934908f0357364f6ec90a3ecda62880 Mon Sep 17 00:00:00 2001
+From: Nicolas Schodet <nico@ni.fr.eu.org>
+Date: Mon, 3 Jan 2022 02:37:01 +0100
+Subject: [PATCH] Use Py_ssize_t when parsing buffer length, fix #426 (#427)
+
+From python 3.9 documentation:
+
+> For all # variants of formats (s#, y#, etc.), the macro
+> PY_SSIZE_T_CLEAN must be defined before including Python.h. On Python
+> 3.9 and older, the type of the length argument is Py_ssize_t if the
+> PY_SSIZE_T_CLEAN macro is defined, or int otherwise.
+
+From python 3.8 changes:
+
+> Use of # variants of formats in parsing or building value (e.g.
+> PyArg_ParseTuple(), Py_BuildValue(), PyObject_CallFunction(), etc.)
+> without PY_SSIZE_T_CLEAN defined raises DeprecationWarning now. It
+> will be removed in 3.10 or 4.0. Read Parsing arguments and building
+> values for detail. (Contributed by Inada Naoki in bpo-36381.)
+
+Fixes https://github.com/pybluez/pybluez/issues/426
+---
+Upstream-Status: Accepted
+
+ bluez/btmodule.c | 23 ++++++++++++++---------
+ msbt/_msbt.c | 6 ++++--
+ 2 files changed, 18 insertions(+), 11 deletions(-)
+
+diff --git a/bluez/btmodule.c b/bluez/btmodule.c
+index 518b723..912a489 100644
+--- a/bluez/btmodule.c
++++ b/bluez/btmodule.c
+@@ -16,7 +16,8 @@ Local naming conventions:
+ - names starting with bt_ are module-level functions
+
+ */
+-
++#define PY_SSIZE_T_CLEAN 1
++#include "Python.h"
+ #include "btmodule.h"
+ #include "structmember.h"
+
+@@ -732,7 +733,7 @@ sock_setsockopt(PySocketSockObject *s, PyObject *args)
+ int optname;
+ int res;
+ void *buf;
+- int buflen;
++ Py_ssize_t buflen;
+ int flag;
+
+ if (PyArg_ParseTuple(args, "iii:setsockopt", &level, &optname, &flag)) {
+@@ -2001,7 +2002,8 @@ static PyObject *
+ bt_hci_send_cmd(PyObject *self, PyObject *args)
+ {
+ PySocketSockObject *socko = NULL;
+- int err, plen = 0;
++ int err;
++ Py_ssize_t plen = 0;
+ uint16_t ogf, ocf;
+ char *param = NULL;
+ int dd = 0;
+@@ -2036,6 +2038,7 @@ bt_hci_send_req(PyObject *self, PyObject *args, PyObject *kwds)
+ int err;
+ int to=0;
+ char rparam[256];
++ Py_ssize_t req_clen;
+ struct hci_request req = { 0 };
+ int dd = 0;
+
+@@ -2043,9 +2046,10 @@ bt_hci_send_req(PyObject *self, PyObject *args, PyObject *kwds)
+ "timeout", 0 };
+
+ if( !PyArg_ParseTupleAndKeywords(args, kwds, "OHHii|s#i", keywords,
+- &socko, &req.ogf, &req.ocf, &req.event, &req.rlen,
+- &req.cparam, &req.clen, &to) )
++ &socko, &req.ogf, &req.ocf, &req.event, &req.rlen,
++ &req.cparam, &req_clen, &to) )
+ return 0;
++ req.clen = req_clen;
+
+ req.rparam = rparam;
+ dd = socko->sock_fd;
+@@ -2274,7 +2278,8 @@ Returns the name of the device, or raises an error on failure");
+ static PyObject * bt_hci_filter_ ## name (PyObject *self, PyObject *args )\
+ { \
+ char *param; \
+- int len, arg; \
++ Py_ssize_t len; \
++ int arg; \
+ if( !PyArg_ParseTuple(args,"s#i", ¶m, &len, &arg) ) \
+ return 0; \
+ if( len != sizeof(struct hci_filter) ) { \
+@@ -2303,7 +2308,7 @@ DECL_HCI_FILTER_OP_1(test_opcode, "test opcode!")
+ static PyObject * bt_hci_filter_ ## name (PyObject *self, PyObject *args )\
+ { \
+ char *param; \
+- int len; \
++ Py_ssize_t len; \
+ if( !PyArg_ParseTuple(args,"s#", ¶m, &len) ) \
+ return 0; \
+ if( len != sizeof(struct hci_filter) ) { \
+@@ -2364,7 +2369,7 @@ static PyObject *
+ bt_ba2str(PyObject *self, PyObject *args)
+ {
+ char *data=NULL;
+- int len=0;
++ Py_ssize_t len=0;
+ char ba_str[19] = {0};
+ if (!PyArg_ParseTuple(args, "s#", &data, &len)) return 0;
+ ba2str((bdaddr_t*)data, ba_str);
+@@ -2579,7 +2584,7 @@ bt_sdp_advertise_service( PyObject *self, PyObject *args )
+ *provider = NULL,
+ *description = NULL;
+ PyObject *service_classes, *profiles, *protocols;
+- int namelen = 0, provlen = 0, desclen = 0;
++ Py_ssize_t namelen = 0, provlen = 0, desclen = 0;
+ uuid_t svc_uuid = { 0 };
+ int i;
+ char addrbuf[256] = { 0 };
+diff --git a/msbt/_msbt.c b/msbt/_msbt.c
+index b3d27ff..81f5ee9 100644
+--- a/msbt/_msbt.c
++++ b/msbt/_msbt.c
+@@ -2,6 +2,8 @@
+ #define UNICODE
+ #endif
+
++#define PY_SSIZE_T_CLEAN 1
++
+ #include <winsock2.h>
+ #include <ws2bth.h>
+ #include <BluetoothAPIs.h>
+@@ -155,7 +157,7 @@ static PyObject *
+ msbt_bind(PyObject *self, PyObject *args)
+ {
+ wchar_t *addrstr = NULL;
+- int addrstrlen = -1;
++ Py_ssize_t addrstrlen = -1;
+ int sockfd = -1;
+ int port = -1;
+ char buf[100] = { 0 };
+@@ -765,7 +767,7 @@ msbt_set_service_raw(PyObject *self, PyObject *args)
+ WSAESETSERVICEOP op;
+
+ char *record = NULL;
+- int reclen = -1;
++ Py_ssize_t reclen = -1;
+ BTH_SET_SERVICE *si = NULL;
+ int silen = -1;
+ ULONG sdpVersion = BTH_SDP_VERSION;
+--
+2.34.1
+
diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb
index b32f3a3..6a1df27 100644
--- a/meta-openembedded/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb
+++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb
@@ -7,6 +7,7 @@
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=8a71d0475d08eee76d8b6d0c6dbec543"
+SRC_URI += "file://0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch"
SRC_URI[md5sum] = "afbe8429bb82d2c46a3d0f5f4f898f9d"
SRC_URI[sha256sum] = "c8f04d2e78951eaa9de486b4d49381704e8943d0a6e6e58f55fcd7b8582e90de"
diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb
index 06d98cb..472113b 100644
--- a/meta-openembedded/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb
+++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb
@@ -7,4 +7,8 @@
inherit pypi setuptools3
-RDEPENDS:${PN} = "${PYTHON_PN}-misc"
+RDEPENDS:${PN} += " \
+ python3-misc \
+ python3-threading \
+ python3-xml \
+"
diff --git a/meta-openembedded/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4/0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch b/meta-openembedded/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4/0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch
new file mode 100644
index 0000000..6be56cb
--- /dev/null
+++ b/meta-openembedded/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4/0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch
@@ -0,0 +1,861 @@
+Upstream-Status: Backport [https://github.com/wxWidgets/Phoenix/commit/b40ab0f8]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From b40ab0f806bdf7aa0c0a51a8c4876ac47754515d Mon Sep 17 00:00:00 2001
+From: Scott Talbert <swt@techie.net>
+Date: Thu, 7 Oct 2021 17:53:05 -0400
+Subject: [PATCH] Update Cython version to fix NanoSVG issues with Python 3.10
+
+---
+ requirements/devel.txt | 2 +-
+ wx/svg/_nanosvg.c | 554 ++++++++++++++++++++++++++---------------
+ 2 files changed, 359 insertions(+), 197 deletions(-)
+
+diff --git a/requirements/devel.txt b/requirements/devel.txt
+index 1d427be0..18164bdc 100644
+--- a/requirements/devel.txt
++++ b/requirements/devel.txt
+@@ -9,7 +9,7 @@ wheel
+ twine
+ requests
+ requests[security]
+-cython==0.29.21
++cython==0.29.24
+ pytest
+ pytest-xdist
+ pytest-forked
+diff --git a/wx/svg/_nanosvg.c b/wx/svg/_nanosvg.c
+index d8f1e158..fd4a5a67 100644
+--- a/wx/svg/_nanosvg.c
++++ b/wx/svg/_nanosvg.c
+@@ -1,4 +1,4 @@
+-/* Generated by Cython 0.29.21 */
++/* Generated by Cython 0.29.24 */
+
+ /* BEGIN: Cython Metadata
+ {
+@@ -33,15 +33,17 @@
+ }
+ END: Cython Metadata */
+
++#ifndef PY_SSIZE_T_CLEAN
+ #define PY_SSIZE_T_CLEAN
++#endif /* PY_SSIZE_T_CLEAN */
+ #include "Python.h"
+ #ifndef Py_PYTHON_H
+ #error Python headers needed to compile C extensions, please install development version of Python.
+ #elif PY_VERSION_HEX < 0x02060000 || (0x03000000 <= PY_VERSION_HEX && PY_VERSION_HEX < 0x03030000)
+ #error Cython requires Python 2.6+ or Python 3.3+.
+ #else
+-#define CYTHON_ABI "0_29_21"
+-#define CYTHON_HEX_VERSION 0x001D15F0
++#define CYTHON_ABI "0_29_24"
++#define CYTHON_HEX_VERSION 0x001D18F0
+ #define CYTHON_FUTURE_DIVISION 0
+ #include <stddef.h>
+ #ifndef offsetof
+@@ -459,8 +461,12 @@ static CYTHON_INLINE void * PyThread_tss_get(Py_tss_t *key) {
+ #endif
+ #if PY_VERSION_HEX > 0x03030000 && defined(PyUnicode_KIND)
+ #define CYTHON_PEP393_ENABLED 1
++ #if defined(PyUnicode_IS_READY)
+ #define __Pyx_PyUnicode_READY(op) (likely(PyUnicode_IS_READY(op)) ?\
+ 0 : _PyUnicode_Ready((PyObject *)(op)))
++ #else
++ #define __Pyx_PyUnicode_READY(op) (0)
++ #endif
+ #define __Pyx_PyUnicode_GET_LENGTH(u) PyUnicode_GET_LENGTH(u)
+ #define __Pyx_PyUnicode_READ_CHAR(u, i) PyUnicode_READ_CHAR(u, i)
+ #define __Pyx_PyUnicode_MAX_CHAR_VALUE(u) PyUnicode_MAX_CHAR_VALUE(u)
+@@ -469,7 +475,11 @@ static CYTHON_INLINE void * PyThread_tss_get(Py_tss_t *key) {
+ #define __Pyx_PyUnicode_READ(k, d, i) PyUnicode_READ(k, d, i)
+ #define __Pyx_PyUnicode_WRITE(k, d, i, ch) PyUnicode_WRITE(k, d, i, ch)
+ #if defined(PyUnicode_IS_READY) && defined(PyUnicode_GET_SIZE)
++ #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03090000
++ #define __Pyx_PyUnicode_IS_TRUE(u) (0 != (likely(PyUnicode_IS_READY(u)) ? PyUnicode_GET_LENGTH(u) : ((PyCompactUnicodeObject *)(u))->wstr_length))
++ #else
+ #define __Pyx_PyUnicode_IS_TRUE(u) (0 != (likely(PyUnicode_IS_READY(u)) ? PyUnicode_GET_LENGTH(u) : PyUnicode_GET_SIZE(u)))
++ #endif
+ #else
+ #define __Pyx_PyUnicode_IS_TRUE(u) (0 != PyUnicode_GET_LENGTH(u))
+ #endif
+@@ -1736,33 +1746,38 @@ static void __pyx_insert_code_object(int code_line, PyCodeObject* code_object);
+ static void __Pyx_AddTraceback(const char *funcname, int c_line,
+ int py_line, const char *filename);
+
++/* GCCDiagnostics.proto */
++#if defined(__GNUC__) && (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 6))
++#define __Pyx_HAS_GCC_DIAGNOSTIC
++#endif
++
+ /* CIntToPy.proto */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value);
+
++/* CIntFromPy.proto */
++static CYTHON_INLINE int __Pyx_PyInt_As_int(PyObject *);
++
+ /* CIntToPy.proto */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_int(int value);
+
+ /* CIntToPy.proto */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_char(char value);
+
++/* CIntFromPy.proto */
++static CYTHON_INLINE char __Pyx_PyInt_As_char(PyObject *);
++
+ /* CIntToPy.proto */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_char(unsigned char value);
+
++/* CIntFromPy.proto */
++static CYTHON_INLINE long __Pyx_PyInt_As_long(PyObject *);
++
+ /* CIntToPy.proto */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGpaintType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType value);
+
+ /* CIntToPy.proto */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value);
+
+-/* CIntFromPy.proto */
+-static CYTHON_INLINE int __Pyx_PyInt_As_int(PyObject *);
+-
+-/* CIntFromPy.proto */
+-static CYTHON_INLINE char __Pyx_PyInt_As_char(PyObject *);
+-
+-/* CIntFromPy.proto */
+-static CYTHON_INLINE long __Pyx_PyInt_As_long(PyObject *);
+-
+ /* CIntToPy.proto */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGfillRule(enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule value);
+
+@@ -1844,6 +1859,7 @@ typedef struct {
+ PyObject *gi_qualname;
+ PyObject *gi_modulename;
+ PyObject *gi_code;
++ PyObject *gi_frame;
+ int resume_label;
+ char is_running;
+ } __pyx_CoroutineObject;
+@@ -14641,11 +14657,9 @@ if (!__Pyx_RefNanny) {
+ #endif
+ /*--- Library function declarations ---*/
+ /*--- Threads initialization code ---*/
+- #if defined(__PYX_FORCE_INIT_THREADS) && __PYX_FORCE_INIT_THREADS
+- #ifdef WITH_THREAD /* Python build with threading support? */
++ #if defined(WITH_THREAD) && PY_VERSION_HEX < 0x030700F0 && defined(__PYX_FORCE_INIT_THREADS) && __PYX_FORCE_INIT_THREADS
+ PyEval_InitThreads();
+ #endif
+- #endif
+ /*--- Module creation code ---*/
+ #if CYTHON_PEP489_MULTI_PHASE_INIT
+ __pyx_m = __pyx_pyinit_module;
+@@ -16766,7 +16780,7 @@ invalid_keyword:
+ #if CYTHON_COMPILING_IN_CPYTHON
+ static CYTHON_INLINE PyObject* __Pyx_PyObject_Call(PyObject *func, PyObject *arg, PyObject *kw) {
+ PyObject *result;
+- ternaryfunc call = func->ob_type->tp_call;
++ ternaryfunc call = Py_TYPE(func)->tp_call;
+ if (unlikely(!call))
+ return PyObject_Call(func, arg, kw);
+ if (unlikely(Py_EnterRecursiveCall((char*)" while calling a Python object")))
+@@ -17149,7 +17163,7 @@ static CYTHON_INLINE PyObject* __Pyx_PyObject_CallOneArg(PyObject *func, PyObjec
+ if (likely(PyCFunction_GET_FLAGS(func) & METH_O)) {
+ return __Pyx_PyObject_CallMethO(func, arg);
+ #if CYTHON_FAST_PYCCALL
+- } else if (PyCFunction_GET_FLAGS(func) & METH_FASTCALL) {
++ } else if (__Pyx_PyFastCFunction_Check(func)) {
+ return __Pyx_PyCFunction_FastCall(func, &arg, 1);
+ #endif
+ }
+@@ -18800,7 +18814,8 @@ static PyObject *
+ __Pyx_CyFunction_reduce(__pyx_CyFunctionObject *m, CYTHON_UNUSED PyObject *args)
+ {
+ #if PY_MAJOR_VERSION >= 3
+- return PyUnicode_FromString(m->func.m_ml->ml_name);
++ Py_INCREF(m->func_qualname);
++ return m->func_qualname;
+ #else
+ return PyString_FromString(m->func.m_ml->ml_name);
+ #endif
+@@ -19443,37 +19458,6 @@ bad:
+ Py_XDECREF(py_frame);
+ }
+
+-/* CIntToPy */
+-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value) {
+- const long neg_one = (long) ((long) 0 - (long) 1), const_zero = (long) 0;
+- const int is_unsigned = neg_one > const_zero;
+- if (is_unsigned) {
+- if (sizeof(long) < sizeof(long)) {
+- return PyInt_FromLong((long) value);
+- } else if (sizeof(long) <= sizeof(unsigned long)) {
+- return PyLong_FromUnsignedLong((unsigned long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(long) <= sizeof(unsigned PY_LONG_LONG)) {
+- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
+-#endif
+- }
+- } else {
+- if (sizeof(long) <= sizeof(long)) {
+- return PyInt_FromLong((long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(long) <= sizeof(PY_LONG_LONG)) {
+- return PyLong_FromLongLong((PY_LONG_LONG) value);
+-#endif
+- }
+- }
+- {
+- int one = 1; int little = (int)*(unsigned char *)&one;
+- unsigned char *bytes = (unsigned char *)&value;
+- return _PyLong_FromByteArray(bytes, sizeof(long),
+- little, !is_unsigned);
+- }
+-}
+-
+ /* CIntFromPyVerify */
+ #define __PYX_VERIFY_RETURN_INT(target_type, func_type, func_value)\
+ __PYX__VERIFY_RETURN_INT(target_type, func_type, func_value, 0)
+@@ -19497,148 +19481,31 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value) {
+ }
+
+ /* CIntToPy */
+-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_int(int value) {
+- const int neg_one = (int) ((int) 0 - (int) 1), const_zero = (int) 0;
+- const int is_unsigned = neg_one > const_zero;
+- if (is_unsigned) {
+- if (sizeof(int) < sizeof(long)) {
+- return PyInt_FromLong((long) value);
+- } else if (sizeof(int) <= sizeof(unsigned long)) {
+- return PyLong_FromUnsignedLong((unsigned long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(int) <= sizeof(unsigned PY_LONG_LONG)) {
+- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
+-#endif
+- }
+- } else {
+- if (sizeof(int) <= sizeof(long)) {
+- return PyInt_FromLong((long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(int) <= sizeof(PY_LONG_LONG)) {
+- return PyLong_FromLongLong((PY_LONG_LONG) value);
+-#endif
+- }
+- }
+- {
+- int one = 1; int little = (int)*(unsigned char *)&one;
+- unsigned char *bytes = (unsigned char *)&value;
+- return _PyLong_FromByteArray(bytes, sizeof(int),
+- little, !is_unsigned);
+- }
+-}
+-
+-/* CIntToPy */
+-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_char(char value) {
+- const char neg_one = (char) ((char) 0 - (char) 1), const_zero = (char) 0;
+- const int is_unsigned = neg_one > const_zero;
+- if (is_unsigned) {
+- if (sizeof(char) < sizeof(long)) {
+- return PyInt_FromLong((long) value);
+- } else if (sizeof(char) <= sizeof(unsigned long)) {
+- return PyLong_FromUnsignedLong((unsigned long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(char) <= sizeof(unsigned PY_LONG_LONG)) {
+- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
+-#endif
+- }
+- } else {
+- if (sizeof(char) <= sizeof(long)) {
+- return PyInt_FromLong((long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(char) <= sizeof(PY_LONG_LONG)) {
+- return PyLong_FromLongLong((PY_LONG_LONG) value);
+-#endif
+- }
+- }
+- {
+- int one = 1; int little = (int)*(unsigned char *)&one;
+- unsigned char *bytes = (unsigned char *)&value;
+- return _PyLong_FromByteArray(bytes, sizeof(char),
+- little, !is_unsigned);
+- }
+-}
+-
+-/* CIntToPy */
+-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_char(unsigned char value) {
+- const unsigned char neg_one = (unsigned char) ((unsigned char) 0 - (unsigned char) 1), const_zero = (unsigned char) 0;
+- const int is_unsigned = neg_one > const_zero;
+- if (is_unsigned) {
+- if (sizeof(unsigned char) < sizeof(long)) {
+- return PyInt_FromLong((long) value);
+- } else if (sizeof(unsigned char) <= sizeof(unsigned long)) {
+- return PyLong_FromUnsignedLong((unsigned long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(unsigned char) <= sizeof(unsigned PY_LONG_LONG)) {
+- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
+-#endif
+- }
+- } else {
+- if (sizeof(unsigned char) <= sizeof(long)) {
+- return PyInt_FromLong((long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(unsigned char) <= sizeof(PY_LONG_LONG)) {
+- return PyLong_FromLongLong((PY_LONG_LONG) value);
+-#endif
+- }
+- }
+- {
+- int one = 1; int little = (int)*(unsigned char *)&one;
+- unsigned char *bytes = (unsigned char *)&value;
+- return _PyLong_FromByteArray(bytes, sizeof(unsigned char),
+- little, !is_unsigned);
+- }
+-}
+-
+-/* CIntToPy */
+-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGpaintType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType value) {
+- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 0;
+- const int is_unsigned = neg_one > const_zero;
+- if (is_unsigned) {
+- if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) < sizeof(long)) {
+- return PyInt_FromLong((long) value);
+- } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned long)) {
+- return PyLong_FromUnsignedLong((unsigned long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned PY_LONG_LONG)) {
+- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value) {
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
+ #endif
+- }
+- } else {
+- if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(long)) {
+- return PyInt_FromLong((long) value);
+-#ifdef HAVE_LONG_LONG
+- } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(PY_LONG_LONG)) {
+- return PyLong_FromLongLong((PY_LONG_LONG) value);
++ const long neg_one = (long) -1, const_zero = (long) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
+ #endif
+- }
+- }
+- {
+- int one = 1; int little = (int)*(unsigned char *)&one;
+- unsigned char *bytes = (unsigned char *)&value;
+- return _PyLong_FromByteArray(bytes, sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType),
+- little, !is_unsigned);
+- }
+-}
+-
+-/* CIntToPy */
+-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value) {
+- const unsigned int neg_one = (unsigned int) ((unsigned int) 0 - (unsigned int) 1), const_zero = (unsigned int) 0;
+ const int is_unsigned = neg_one > const_zero;
+ if (is_unsigned) {
+- if (sizeof(unsigned int) < sizeof(long)) {
++ if (sizeof(long) < sizeof(long)) {
+ return PyInt_FromLong((long) value);
+- } else if (sizeof(unsigned int) <= sizeof(unsigned long)) {
++ } else if (sizeof(long) <= sizeof(unsigned long)) {
+ return PyLong_FromUnsignedLong((unsigned long) value);
+ #ifdef HAVE_LONG_LONG
+- } else if (sizeof(unsigned int) <= sizeof(unsigned PY_LONG_LONG)) {
++ } else if (sizeof(long) <= sizeof(unsigned PY_LONG_LONG)) {
+ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
+ #endif
+ }
+ } else {
+- if (sizeof(unsigned int) <= sizeof(long)) {
++ if (sizeof(long) <= sizeof(long)) {
+ return PyInt_FromLong((long) value);
+ #ifdef HAVE_LONG_LONG
+- } else if (sizeof(unsigned int) <= sizeof(PY_LONG_LONG)) {
++ } else if (sizeof(long) <= sizeof(PY_LONG_LONG)) {
+ return PyLong_FromLongLong((PY_LONG_LONG) value);
+ #endif
+ }
+@@ -19646,14 +19513,21 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value)
+ {
+ int one = 1; int little = (int)*(unsigned char *)&one;
+ unsigned char *bytes = (unsigned char *)&value;
+- return _PyLong_FromByteArray(bytes, sizeof(unsigned int),
++ return _PyLong_FromByteArray(bytes, sizeof(long),
+ little, !is_unsigned);
+ }
+ }
+
+ /* CIntFromPy */
+ static CYTHON_INLINE int __Pyx_PyInt_As_int(PyObject *x) {
+- const int neg_one = (int) ((int) 0 - (int) 1), const_zero = (int) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const int neg_one = (int) -1, const_zero = (int) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ #if PY_MAJOR_VERSION < 3
+ if (likely(PyInt_Check(x))) {
+@@ -19840,9 +19714,92 @@ raise_neg_overflow:
+ return (int) -1;
+ }
+
++/* CIntToPy */
++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_int(int value) {
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const int neg_one = (int) -1, const_zero = (int) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
++ const int is_unsigned = neg_one > const_zero;
++ if (is_unsigned) {
++ if (sizeof(int) < sizeof(long)) {
++ return PyInt_FromLong((long) value);
++ } else if (sizeof(int) <= sizeof(unsigned long)) {
++ return PyLong_FromUnsignedLong((unsigned long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(int) <= sizeof(unsigned PY_LONG_LONG)) {
++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
++#endif
++ }
++ } else {
++ if (sizeof(int) <= sizeof(long)) {
++ return PyInt_FromLong((long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(int) <= sizeof(PY_LONG_LONG)) {
++ return PyLong_FromLongLong((PY_LONG_LONG) value);
++#endif
++ }
++ }
++ {
++ int one = 1; int little = (int)*(unsigned char *)&one;
++ unsigned char *bytes = (unsigned char *)&value;
++ return _PyLong_FromByteArray(bytes, sizeof(int),
++ little, !is_unsigned);
++ }
++}
++
++/* CIntToPy */
++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_char(char value) {
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const char neg_one = (char) -1, const_zero = (char) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
++ const int is_unsigned = neg_one > const_zero;
++ if (is_unsigned) {
++ if (sizeof(char) < sizeof(long)) {
++ return PyInt_FromLong((long) value);
++ } else if (sizeof(char) <= sizeof(unsigned long)) {
++ return PyLong_FromUnsignedLong((unsigned long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(char) <= sizeof(unsigned PY_LONG_LONG)) {
++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
++#endif
++ }
++ } else {
++ if (sizeof(char) <= sizeof(long)) {
++ return PyInt_FromLong((long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(char) <= sizeof(PY_LONG_LONG)) {
++ return PyLong_FromLongLong((PY_LONG_LONG) value);
++#endif
++ }
++ }
++ {
++ int one = 1; int little = (int)*(unsigned char *)&one;
++ unsigned char *bytes = (unsigned char *)&value;
++ return _PyLong_FromByteArray(bytes, sizeof(char),
++ little, !is_unsigned);
++ }
++}
++
+ /* CIntFromPy */
+ static CYTHON_INLINE char __Pyx_PyInt_As_char(PyObject *x) {
+- const char neg_one = (char) ((char) 0 - (char) 1), const_zero = (char) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const char neg_one = (char) -1, const_zero = (char) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ #if PY_MAJOR_VERSION < 3
+ if (likely(PyInt_Check(x))) {
+@@ -20029,9 +19986,54 @@ raise_neg_overflow:
+ return (char) -1;
+ }
+
++/* CIntToPy */
++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_char(unsigned char value) {
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const unsigned char neg_one = (unsigned char) -1, const_zero = (unsigned char) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
++ const int is_unsigned = neg_one > const_zero;
++ if (is_unsigned) {
++ if (sizeof(unsigned char) < sizeof(long)) {
++ return PyInt_FromLong((long) value);
++ } else if (sizeof(unsigned char) <= sizeof(unsigned long)) {
++ return PyLong_FromUnsignedLong((unsigned long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(unsigned char) <= sizeof(unsigned PY_LONG_LONG)) {
++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
++#endif
++ }
++ } else {
++ if (sizeof(unsigned char) <= sizeof(long)) {
++ return PyInt_FromLong((long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(unsigned char) <= sizeof(PY_LONG_LONG)) {
++ return PyLong_FromLongLong((PY_LONG_LONG) value);
++#endif
++ }
++ }
++ {
++ int one = 1; int little = (int)*(unsigned char *)&one;
++ unsigned char *bytes = (unsigned char *)&value;
++ return _PyLong_FromByteArray(bytes, sizeof(unsigned char),
++ little, !is_unsigned);
++ }
++}
++
+ /* CIntFromPy */
+ static CYTHON_INLINE long __Pyx_PyInt_As_long(PyObject *x) {
+- const long neg_one = (long) ((long) 0 - (long) 1), const_zero = (long) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const long neg_one = (long) -1, const_zero = (long) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ #if PY_MAJOR_VERSION < 3
+ if (likely(PyInt_Check(x))) {
+@@ -20218,9 +20220,92 @@ raise_neg_overflow:
+ return (long) -1;
+ }
+
++/* CIntToPy */
++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGpaintType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType value) {
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
++ const int is_unsigned = neg_one > const_zero;
++ if (is_unsigned) {
++ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) < sizeof(long)) {
++ return PyInt_FromLong((long) value);
++ } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned long)) {
++ return PyLong_FromUnsignedLong((unsigned long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned PY_LONG_LONG)) {
++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
++#endif
++ }
++ } else {
++ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(long)) {
++ return PyInt_FromLong((long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(PY_LONG_LONG)) {
++ return PyLong_FromLongLong((PY_LONG_LONG) value);
++#endif
++ }
++ }
++ {
++ int one = 1; int little = (int)*(unsigned char *)&one;
++ unsigned char *bytes = (unsigned char *)&value;
++ return _PyLong_FromByteArray(bytes, sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType),
++ little, !is_unsigned);
++ }
++}
++
++/* CIntToPy */
++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value) {
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const unsigned int neg_one = (unsigned int) -1, const_zero = (unsigned int) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
++ const int is_unsigned = neg_one > const_zero;
++ if (is_unsigned) {
++ if (sizeof(unsigned int) < sizeof(long)) {
++ return PyInt_FromLong((long) value);
++ } else if (sizeof(unsigned int) <= sizeof(unsigned long)) {
++ return PyLong_FromUnsignedLong((unsigned long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(unsigned int) <= sizeof(unsigned PY_LONG_LONG)) {
++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value);
++#endif
++ }
++ } else {
++ if (sizeof(unsigned int) <= sizeof(long)) {
++ return PyInt_FromLong((long) value);
++#ifdef HAVE_LONG_LONG
++ } else if (sizeof(unsigned int) <= sizeof(PY_LONG_LONG)) {
++ return PyLong_FromLongLong((PY_LONG_LONG) value);
++#endif
++ }
++ }
++ {
++ int one = 1; int little = (int)*(unsigned char *)&one;
++ unsigned char *bytes = (unsigned char *)&value;
++ return _PyLong_FromByteArray(bytes, sizeof(unsigned int),
++ little, !is_unsigned);
++ }
++}
++
+ /* CIntToPy */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGfillRule(enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule value) {
+- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ if (is_unsigned) {
+ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) < sizeof(long)) {
+@@ -20251,7 +20336,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg
+
+ /* CIntToPy */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGflags(enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags value) {
+- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ if (is_unsigned) {
+ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) < sizeof(long)) {
+@@ -20282,7 +20374,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg
+
+ /* CIntToPy */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGlineCap(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap value) {
+- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ if (is_unsigned) {
+ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) < sizeof(long)) {
+@@ -20313,7 +20412,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg
+
+ /* CIntToPy */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin value) {
+- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ if (is_unsigned) {
+ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) < sizeof(long)) {
+@@ -20344,7 +20450,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg
+
+ /* CIntToPy */
+ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGspreadType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType value) {
+- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wconversion"
++#endif
++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 0;
++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC
++#pragma GCC diagnostic pop
++#endif
+ const int is_unsigned = neg_one > const_zero;
+ if (is_unsigned) {
+ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) < sizeof(long)) {
+@@ -20907,6 +21020,30 @@ PyObject *__Pyx_Coroutine_MethodReturn(CYTHON_UNUSED PyObject* gen, PyObject *re
+ }
+ return retval;
+ }
++#if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03030000 && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3)
++static CYTHON_INLINE
++PyObject *__Pyx_PyGen_Send(PyGenObject *gen, PyObject *arg) {
++#if PY_VERSION_HEX <= 0x030A00A1
++ return _PyGen_Send(gen, arg);
++#else
++ PyObject *result;
++ if (PyIter_Send((PyObject*)gen, arg ? arg : Py_None, &result) == PYGEN_RETURN) {
++ if (PyAsyncGen_CheckExact(gen)) {
++ assert(result == Py_None);
++ PyErr_SetNone(PyExc_StopAsyncIteration);
++ }
++ else if (result == Py_None) {
++ PyErr_SetNone(PyExc_StopIteration);
++ }
++ else {
++ _PyGen_SetStopIterationValue(result);
++ }
++ Py_CLEAR(result);
++ }
++ return result;
++#endif
++}
++#endif
+ static CYTHON_INLINE
+ PyObject *__Pyx_Coroutine_FinishDelegation(__pyx_CoroutineObject *gen) {
+ PyObject *ret;
+@@ -20943,12 +21080,12 @@ static PyObject *__Pyx_Coroutine_Send(PyObject *self, PyObject *value) {
+ #endif
+ #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03030000 && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3)
+ if (PyGen_CheckExact(yf)) {
+- ret = _PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value);
++ ret = __Pyx_PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value);
+ } else
+ #endif
+ #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03050000 && defined(PyCoro_CheckExact) && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3)
+ if (PyCoro_CheckExact(yf)) {
+- ret = _PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value);
++ ret = __Pyx_PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value);
+ } else
+ #endif
+ {
+@@ -21032,7 +21169,7 @@ static PyObject *__Pyx_Generator_Next(PyObject *self) {
+ #endif
+ #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03030000 && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3)
+ if (PyGen_CheckExact(yf)) {
+- ret = _PyGen_Send((PyGenObject*)yf, NULL);
++ ret = __Pyx_PyGen_Send((PyGenObject*)yf, NULL);
+ } else
+ #endif
+ #ifdef __Pyx_Coroutine_USED
+@@ -21192,6 +21329,7 @@ static int __Pyx_Coroutine_clear(PyObject *self) {
+ }
+ #endif
+ Py_CLEAR(gen->gi_code);
++ Py_CLEAR(gen->gi_frame);
+ Py_CLEAR(gen->gi_name);
+ Py_CLEAR(gen->gi_qualname);
+ Py_CLEAR(gen->gi_modulename);
+@@ -21208,7 +21346,7 @@ static void __Pyx_Coroutine_dealloc(PyObject *self) {
+ if (PyObject_CallFinalizerFromDealloc(self))
+ #else
+ Py_TYPE(gen)->tp_del(self);
+- if (self->ob_refcnt > 0)
++ if (Py_REFCNT(self) > 0)
+ #endif
+ {
+ return;
+@@ -21235,7 +21373,7 @@ static void __Pyx_Coroutine_del(PyObject *self) {
+ }
+ #if !CYTHON_USE_TP_FINALIZE
+ assert(self->ob_refcnt == 0);
+- self->ob_refcnt = 1;
++ __Pyx_SET_REFCNT(self, 1);
+ #endif
+ __Pyx_PyThreadState_assign
+ __Pyx_ErrFetch(&error_type, &error_value, &error_traceback);
+@@ -21302,17 +21440,17 @@ static void __Pyx_Coroutine_del(PyObject *self) {
+ }
+ __Pyx_ErrRestore(error_type, error_value, error_traceback);
+ #if !CYTHON_USE_TP_FINALIZE
+- assert(self->ob_refcnt > 0);
++ assert(Py_REFCNT(self) > 0);
+ if (--self->ob_refcnt == 0) {
+ return;
+ }
+ {
+- Py_ssize_t refcnt = self->ob_refcnt;
++ Py_ssize_t refcnt = Py_REFCNT(self);
+ _Py_NewReference(self);
+- self->ob_refcnt = refcnt;
++ __Pyx_SET_REFCNT(self, refcnt);
+ }
+ #if CYTHON_COMPILING_IN_CPYTHON
+- assert(PyType_IS_GC(self->ob_type) &&
++ assert(PyType_IS_GC(Py_TYPE(self)) &&
+ _Py_AS_GC(self)->gc.gc_refs != _PyGC_REFS_UNTRACKED);
+ _Py_DEC_REFTOTAL;
+ #endif
+@@ -21378,6 +21516,27 @@ __Pyx_Coroutine_set_qualname(__pyx_CoroutineObject *self, PyObject *value, CYTHO
+ Py_XDECREF(tmp);
+ return 0;
+ }
++static PyObject *
++__Pyx_Coroutine_get_frame(__pyx_CoroutineObject *self, CYTHON_UNUSED void *context)
++{
++ PyObject *frame = self->gi_frame;
++ if (!frame) {
++ if (unlikely(!self->gi_code)) {
++ Py_RETURN_NONE;
++ }
++ frame = (PyObject *) PyFrame_New(
++ PyThreadState_Get(), /*PyThreadState *tstate,*/
++ (PyCodeObject*) self->gi_code, /*PyCodeObject *code,*/
++ __pyx_d, /*PyObject *globals,*/
++ 0 /*PyObject *locals*/
++ );
++ if (unlikely(!frame))
++ return NULL;
++ self->gi_frame = frame;
++ }
++ Py_INCREF(frame);
++ return frame;
++}
+ static __pyx_CoroutineObject *__Pyx__Coroutine_New(
+ PyTypeObject* type, __pyx_coroutine_body_t body, PyObject *code, PyObject *closure,
+ PyObject *name, PyObject *qualname, PyObject *module_name) {
+@@ -21411,6 +21570,7 @@ static __pyx_CoroutineObject *__Pyx__Coroutine_NewInit(
+ gen->gi_modulename = module_name;
+ Py_XINCREF(code);
+ gen->gi_code = code;
++ gen->gi_frame = NULL;
+ PyObject_GC_Track(gen);
+ return gen;
+ }
+@@ -21534,6 +21694,8 @@ static PyGetSetDef __pyx_Generator_getsets[] = {
+ (char*) PyDoc_STR("name of the generator"), 0},
+ {(char *) "__qualname__", (getter)__Pyx_Coroutine_get_qualname, (setter)__Pyx_Coroutine_set_qualname,
+ (char*) PyDoc_STR("qualified name of the generator"), 0},
++ {(char *) "gi_frame", (getter)__Pyx_Coroutine_get_frame, NULL,
++ (char*) PyDoc_STR("Frame of the generator"), 0},
+ {0, 0, 0, 0, 0}
+ };
+ static PyTypeObject __pyx_GeneratorType_type = {
+--
+2.33.0
+
diff --git a/meta-openembedded/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb b/meta-openembedded/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb
index 3583acc..4d739b8 100644
--- a/meta-openembedded/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb
+++ b/meta-openembedded/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb
@@ -11,6 +11,7 @@
SRC_URI += "file://add-back-option-build-base.patch \
file://wxgtk-fixup-build-scripts.patch \
file://sip-fix-override-functions.patch \
+ file://0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch \
"
SRC_URI[sha256sum] = "00e5e3180ac7f2852f342ad341d57c44e7e4326de0b550b9a5c4a8361b6c3528"
@@ -18,7 +19,7 @@
inherit pypi setuptools3 pkgconfig features_check
-ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
+REQUIRED_DISTRO_FEATURES = "x11"
export WX_CONFIG = "'${RECIPE_SYSROOT_NATIVE}${bindir}/wx-config --prefix=${STAGING_EXECPREFIXDIR} --baselib=${baselib}'"
diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch
index 5d82919..a652b79 100644
--- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch
+++ b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch
@@ -1,4 +1,4 @@
-From 37699e9be04d83c5923644e298f400e077f76e85 Mon Sep 17 00:00:00 2001
+From abd5b40c9b094e721e91a5d75132639149d7952f Mon Sep 17 00:00:00 2001
From: Paul Eggleton <paul.eggleton@linux.intel.com>
Date: Tue, 17 Jul 2012 11:27:39 +0100
Subject: [PATCH] Log the SELinux context at startup.
@@ -14,7 +14,7 @@
2 files changed, 31 insertions(+)
diff --git a/configure.in b/configure.in
-index c799aec..76811e7 100644
+index ea6cec3..92b74b7 100644
--- a/configure.in
+++ b/configure.in
@@ -491,6 +491,11 @@ getloadavg
@@ -30,7 +30,7 @@
[AC_TRY_RUN(#define _GNU_SOURCE
#include <unistd.h>
diff --git a/server/core.c b/server/core.c
-index 3020090..8fef5fd 100644
+index 4da7209..d3ca25b 100644
--- a/server/core.c
+++ b/server/core.c
@@ -65,6 +65,10 @@
@@ -43,7 +43,7 @@
+
/* LimitRequestBody handling */
#define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
- #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0)
+ #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */
@@ -5126,6 +5130,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte
}
#endif
diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.53.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb
similarity index 98%
rename from meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.53.bb
rename to meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb
index 8413f53..4b0ed2f 100644
--- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.53.bb
+++ b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb
@@ -26,7 +26,7 @@
"
LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
-SRC_URI[sha256sum] = "d0bbd1121a57b5f2a6ff92d7b96f8050c5a45d3f14db118f64979d525858db63"
+SRC_URI[sha256sum] = "eb397feeefccaf254f8d45de3768d9d68e8e73851c49afd5b7176d1ecf80c340"
S = "${WORKDIR}/httpd-${PV}"
diff --git a/meta-openembedded/meta-xfce/recipes-xfce/exo/exo_4.16.3.bb b/meta-openembedded/meta-xfce/recipes-xfce/exo/exo_4.16.4.bb
similarity index 88%
rename from meta-openembedded/meta-xfce/recipes-xfce/exo/exo_4.16.3.bb
rename to meta-openembedded/meta-xfce/recipes-xfce/exo/exo_4.16.4.bb
index 2b16444..b97d994 100644
--- a/meta-openembedded/meta-xfce/recipes-xfce/exo/exo_4.16.3.bb
+++ b/meta-openembedded/meta-xfce/recipes-xfce/exo/exo_4.16.4.bb
@@ -14,7 +14,7 @@
file://configure.patch \
"
-SRC_URI[sha256sum] = "722dff3c3fe23f0a65405e63889cf247c99d092d3f9fb16dec78d062cfb8fae6"
+SRC_URI[sha256sum] = "82a50c67e78f1e5c420b7615515bcca759b86eeab99224ab8eca4306b89d2eca"
# Note: python bindings did not work in oe-dev and are about to be moved to
# pyxfce see http://comments.gmane.org/gmane.comp.desktop.xfce.devel.version4/19560
diff --git a/meta-security/meta-integrity/classes/kernel-modsign.bbclass b/meta-security/meta-integrity/classes/kernel-modsign.bbclass
index 093c358..d3aa7fb 100644
--- a/meta-security/meta-integrity/classes/kernel-modsign.bbclass
+++ b/meta-security/meta-integrity/classes/kernel-modsign.bbclass
@@ -13,7 +13,9 @@
MODSIGN_X509 ?= "${MODSIGN_KEY_DIR}/x509_modsign.crt"
# If this class is enabled, disable stripping signatures from modules
+# as well disable the debug symbols split
INHIBIT_PACKAGE_STRIP = "1"
+INHIBIT_PACKAGE_DEBUG_SPLIT = "1"
kernel_do_configure:prepend() {
if [ -f "${MODSIGN_PRIVKEY}" -a -f "${MODSIGN_X509}" ]; then
diff --git a/meta-security/meta-parsec/recipes-parsec/parsec-service/files/parsec-tmpfiles.conf b/meta-security/meta-parsec/recipes-parsec/parsec-service/files/parsec-tmpfiles.conf
index fe576a2..954bfa3 100644
--- a/meta-security/meta-parsec/recipes-parsec/parsec-service/files/parsec-tmpfiles.conf
+++ b/meta-security/meta-parsec/recipes-parsec/parsec-service/files/parsec-tmpfiles.conf
@@ -1,2 +1,3 @@
#Type Path Mode User Group Age Argument
d /run/parsec 755 parsec parsec - -
+d /var/lib/parsec 700 parsec parsec - -
diff --git a/meta-security/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb b/meta-security/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb
index d1d6c07..ad7e560 100644
--- a/meta-security/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb
+++ b/meta-security/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb
@@ -15,8 +15,8 @@
have_TPM = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', 'TPM', '', d)}"
PACKAGECONFIG:append = " ${@bb.utils.contains('BBFILE_COLLECTIONS', 'tpm-layer', '${have_TPM}', '', d)}"
-PACKAGECONFIG[ALL] = "all-providers cryptoki/generate-bindings tss-esapi/generate-bindings,,tpm2-tss libts,libts"
-PACKAGECONFIG[TPM] = "tpm-provider tss-esapi/generate-bindings,,tpm2-tss"
+PACKAGECONFIG[ALL] = "all-providers cryptoki/generate-bindings tss-esapi/generate-bindings,,tpm2-tss libts,tpm2-tss libtss2-tcti-device libts"
+PACKAGECONFIG[TPM] = "tpm-provider tss-esapi/generate-bindings,,tpm2-tss,tpm2-tss libtss2-tcti-device"
PACKAGECONFIG[PKCS11] = "pkcs11-provider cryptoki/generate-bindings,"
PACKAGECONFIG[MBED-CRYPTO] = "mbed-crypto-provider,"
PACKAGECONFIG[CRYPTOAUTHLIB] = "cryptoauthlib-provider,"
@@ -25,6 +25,9 @@
PARSEC_FEATURES = "${@d.getVar('PACKAGECONFIG_CONFARGS',True).strip().replace(' ', ',')}"
CARGO_BUILD_FLAGS += " --features ${PARSEC_FEATURES}"
+export BINDGEN_EXTRA_CLANG_ARGS
+BINDGEN_EXTRA_CLANG_ARGS = "--sysroot=${WORKDIR}/recipe-sysroot -I${WORKDIR}/recipe-sysroot/usr/include"
+
inherit systemd
SYSTEMD_SERVICE:${PN} = "parsec.service"
@@ -35,7 +38,7 @@
# The file should also be included into SRC_URI then
PARSEC_CONFIG ?= "${S}/config.toml"
-do_install:append () {
+do_install () {
# Binaries
install -d -m 700 -o parsec -g parsec "${D}${libexecdir}/parsec"
install -m 700 -o parsec -g parsec "${WORKDIR}/build/target/${CARGO_TARGET_SUBDIR}/parsec" ${D}${libexecdir}/parsec/parsec
@@ -44,9 +47,6 @@
install -d -m 700 -o parsec -g parsec "${D}${sysconfdir}/parsec"
install -m 400 -o parsec -g parsec "${PARSEC_CONFIG}" ${D}${sysconfdir}/parsec/config.toml
- # Data dir
- install -d -m 700 -o parsec -g parsec "${D}${localstatedir}/lib/parsec"
-
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
install -d ${D}${systemd_unitdir}/system
install -m 644 ${S}/systemd-daemon/parsec.service ${D}${systemd_unitdir}/system
@@ -58,6 +58,8 @@
if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then
install -d ${D}${sysconfdir}/init.d
install -m 755 ${WORKDIR}/parsec_init ${D}${sysconfdir}/init.d/parsec
+ # Data dir
+ install -d -m 700 -o parsec -g parsec "${D}${localstatedir}/lib/parsec"
fi
}
@@ -65,12 +67,12 @@
USERADD_PACKAGES = "${PN}"
USERADD_PARAM:${PN} = "-r -g parsec -s /bin/false -d ${localstatedir}/lib/parsec parsec"
GROUPADD_PARAM:${PN} = "-r parsec"
+GROUPMEMS_PARAM:${PN} = "${@bb.utils.contains('PACKAGECONFIG_CONFARGS', 'tpm-provider', '-a parsec -g tss', '', d)}"
FILES:${PN} += " \
${sysconfdir}/parsec/config.toml \
${libexecdir}/parsec/parsec \
${systemd_unitdir}/system/parsec.service \
- ${localstatedir}/lib/parsec \
${libdir}/tmpfiles.d/parsec-tmpfiles.conf \
${sysconfdir}/init.d/parsec \
"
diff --git a/meta-security/meta-tpm/lib/oeqa/runtime/cases/tpm2.py b/meta-security/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
index c6f9d92..c2c95e7 100644
--- a/meta-security/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
+++ b/meta-security/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
@@ -16,28 +16,45 @@
if expected_endlines:
self.fail('Missing expected line endings:\n %s' % '\n '.join(expected_endlines))
- @OEHasPackage(['tpm2-tss'])
- @OEHasPackage(['tpm2-abrmd'])
@OEHasPackage(['tpm2-tools'])
- @OEHasPackage(['ibmswtpm2'])
+ @OEHasPackage(['tpm2-abrmd'])
+ @OEHasPackage(['swtpm'])
@OETestDepends(['ssh.SSHTest.test_ssh'])
- def test_tpm2_sim(self):
+ def test_tpm2_swtpm_socket(self):
cmds = [
- 'tpm_server &',
- 'tpm2-abrmd --allow-root --tcti=mssim &'
+ 'mkdir /tmp/myvtpm',
+ 'swtpm socket --tpmstate dir=/tmp/myvtpm --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init &',
+ 'export TPM2TOOLS_TCTI="swtpm:port=2321"',
+ 'tpm2_startup -c'
]
for cmd in cmds:
status, output = self.target.run(cmd)
self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
- @OETestDepends(['tpm2.Tpm2Test.test_tpm2_sim'])
- def test_tpm2(self):
- (status, output) = self.target.run('tpm2_pcrlist')
+ @OETestDepends(['tpm2.Tpm2Test.test_tpm2_swtpm_socket'])
+ def test_tpm2_pcrread(self):
+ (status, output) = self.target.run('tpm2_pcrread')
expected_endlines = []
- expected_endlines.append('sha1 :')
- expected_endlines.append(' 0 : 0000000000000000000000000000000000000003')
- expected_endlines.append(' 1 : 0000000000000000000000000000000000000000')
+ expected_endlines.append(' sha1:')
+ expected_endlines.append(' 0 : 0x0000000000000000000000000000000000000000')
+ expected_endlines.append(' 1 : 0x0000000000000000000000000000000000000000')
+ expected_endlines.append(' sha256:')
+ expected_endlines.append(' 0 : 0x0000000000000000000000000000000000000000000000000000000000000000')
+ expected_endlines.append(' 1 : 0x0000000000000000000000000000000000000000000000000000000000000000')
+
self.check_endlines(output, expected_endlines)
+
+ @OEHasPackage(['p11-kit'])
+ @OEHasPackage(['tpm2-pkcs11'])
+ @OETestDepends(['tpm2.Tpm2Test.test_tpm2_swtpm_socket'])
+ def test_tpm2_pkcs11(self):
+ (status, output) = self.target.run('p11-kit list-modules -v')
+ self.assertEqual(status, 0, msg="Modules missing: %s" % output)
+
+ @OETestDepends(['tpm2.Tpm2Test.test_tpm2_pkcs11'])
+ def test_tpm2_swtpm_reset(self):
+ (status, output) = self.target.run('swtpm_ioctl -i --tcp :2322')
+ self.assertEqual(status, 0, msg="swtpm reset failed: %s" % output)
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.8.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.8.0.bb
index a9174e6..e8812d0 100644
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.8.0.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.8.0.bb
@@ -27,8 +27,13 @@
do_install:append() {
install -d ${D}${libdir}/pkcs11
install -d ${D}${datadir}/p11-kit
+
+ # remove symlinks
rm -f ${D}${libdir}/pkcs11/libtpm2_pkcs11.so
+ #install lib
+ install -m 755 ${B}/src/.libs/libtpm2_pkcs11.so ${D}${libdir}/pkcs11/libtpm2_pkcs11.so
+
cd ${S}/tools
export PYTHONPATH="${D}${PYTHON_SITEPACKAGES_DIR}"
${PYTHON_PN} setup.py install --root="${D}" --prefix="${prefix}" --install-lib="${PYTHON_SITEPACKAGES_DIR}" --optimize=1 --skip-build
@@ -48,5 +53,5 @@
${datadir}/p11-kit/* \
"
-RDEPENDS:${PN} = "tpm2-tools"
-RDEPENDS:${PN}-tools += "${PYTHON_PN}-setuptools ${PYTHON_PN}-pyyaml ${PYTHON_PN}-cryptography ${PYTHON_PN}-pyasn1-modules"
+RDEPENDS:${PN} = "p11-kit tpm2-tools "
+RDEPENDS:${PN}-tools = "${PYTHON_PN}-pyyaml ${PYTHON_PN}-cryptography ${PYTHON_PN}-pyasn1-modules"
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.2.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.2.bb
index f924038..c20af7e 100644
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.2.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.2.bb
@@ -16,3 +16,6 @@
# do not extract the version number from git
sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac
}
+
+# need tss-esys
+RDEPENDS:${PN} = "libtss2 tpm2-abrmd"
diff --git a/meta-security/recipes-ids/aide/aide_0.17.3.bb b/meta-security/recipes-ids/aide/aide_0.17.4.bb
similarity index 90%
rename from meta-security/recipes-ids/aide/aide_0.17.3.bb
rename to meta-security/recipes-ids/aide/aide_0.17.4.bb
index b1fb58d..6bc2bfe 100644
--- a/meta-security/recipes-ids/aide/aide_0.17.3.bb
+++ b/meta-security/recipes-ids/aide/aide_0.17.4.bb
@@ -8,7 +8,7 @@
SRC_URI = "https://github.com/aide/aide/releases/download/v${PV}/${BPN}-${PV}.tar.gz \
file://aide.conf"
-SRC_URI[sha256sum] = "a2eb1883cafaad056fbe43ee1e8ae09fd36caa30a0bc8edfea5d47bd67c464f8"
+SRC_URI[sha256sum] = "c81505246f3ffc2e76036d43a77212ae82895b5881d9b9e25c1361b1a9b7a846"
inherit autotools pkgconfig
@@ -20,7 +20,7 @@
PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib, zlib "
PACKAGECONFIG[xattr] = "--with-xattr, --without-xattr, attr, attr"
PACKAGECONFIG[curl] = "--with-curl, --without-curl, curl, libcurl"
-PACKAGECONFIG[audit] = "--with-audit, --without-audit,"
+PACKAGECONFIG[audit] = "--with-audit, --without-audit,audit"
PACKAGECONFIG[gcrypt] = "--with-gcrypt, --without-gcrypt, libgcrypt, libgcrypt"
PACKAGECONFIG[mhash] = "--with-mhash, --without-mhash, libmhash, libmhash"
PACKAGECONFIG[e2fsattrs] = "--with-e2fsattrs, --without-e2fsattrs, e2fsprogs, e2fsprogs"
diff --git a/meta-security/recipes-perl/perl/lib-perl_0.63.bb b/meta-security/recipes-perl/perl/lib-perl_0.63.bb
index 4c964d5..25d0890 100644
--- a/meta-security/recipes-perl/perl/lib-perl_0.63.bb
+++ b/meta-security/recipes-perl/perl/lib-perl_0.63.bb
@@ -26,3 +26,10 @@
export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')"
cpan_do_compile
}
+
+do_install:append() {
+ # Man pages here conflict wtih the main perl documentation
+ for page in ${D}${mandir}/man*/*; do
+ mv $page $(dirname $page)/${BPN}-$(basename $page)
+ done
+}
diff --git a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb
index 3bcb5eb..18e8329 100644
--- a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb
+++ b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb
@@ -56,7 +56,7 @@
do_install:append () {
install -d ${D}/${sysconfdir}
- install -d -o ${CLAMAV_UID} -g ${CLAMAV_GID} ${D}/${localstatedir}/lib/clamav
+ install -d -o ${PN} -g ${CLAMAV_GID} ${D}/${localstatedir}/lib/clamav
install -d ${D}${sysconfdir}/clamav ${D}${sysconfdir}/default/volatiles
install -m 644 ${WORKDIR}/clamd.conf ${D}/${prefix}/${sysconfdir}
diff --git a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
index 663d8e2..8147fe6 100644
--- a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
+++ b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
@@ -8,19 +8,19 @@
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
-BBCLASSEXTEND = "native nativesdk"
-
# fscrypt depends on go and libpam
DEPENDS += "go-native libpam"
SRCREV = "92b1e9a8670ccd3916a7d24a06cab1e4c9815bc4"
SRC_URI = "git://github.com/google/fscrypt.git;branch=master;protocol=https"
+
GO_IMPORT = "import"
-S = "${WORKDIR}/git"
+inherit go goarch features_check
-inherit go
-inherit goarch
+REQUIRED_DISTRO_FEATURES = "pam"
+
+S = "${WORKDIR}/git"
do_compile() {
export GOARCH=${TARGET_GOARCH}
@@ -47,3 +47,5 @@
install -d ${D}/${bindir}
install ${S}/src/${GO_IMPORT}/bin/fscrypt ${D}/${bindir}/fscrypt
}
+
+BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
index 35c5ff8..cd465e4 100644
--- a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
+++ b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
@@ -23,7 +23,11 @@
SRC_URI[md5sum] = "f91c74f9ccab2b574a98be5bc31eb280"
SRC_URI[sha256sum] = "56521c52a9033779154432d0ae47ad7198914785265e1f570cee21ab248dfef0"
-inherit autotools-brokensep ptest
+inherit autotools-brokensep ptest multilib_header
+
+do_install:append () {
+ oe_multilib_header mutils/mhash_config.h
+}
do_compile_ptest() {
if [ ! -d ${S}/demo ]; then mkdir ${S}/demo; fi
diff --git a/meta-security/recipes-security/mfa/python3-privacyidea_3.6.2.bb b/meta-security/recipes-security/mfa/python3-privacyidea_3.6.2.bb
index 40f6d15..8b6af5e 100644
--- a/meta-security/recipes-security/mfa/python3-privacyidea_3.6.2.bb
+++ b/meta-security/recipes-security/mfa/python3-privacyidea_3.6.2.bb
@@ -19,7 +19,7 @@
USERADD_PARAM:${PN} = "--system -g privacyidea -o -r -d /opt/${BPN} \
--shell /bin/false privacyidea"
-FILES:${PN} += " ${prefix}/etc/privacyidea/* ${datadir}/lib/privacyidea/*"
+FILES:${PN} += " ${prefix}/etc/privacyidea/* ${prefix}/lib/privacyidea/*"
RDEPENDS:${PN} += " bash perl freeradius-mysql freeradius-utils"
diff --git a/meta-security/recipes-security/sssd/sssd_2.5.2.bb b/meta-security/recipes-security/sssd/sssd_2.5.2.bb
index 9f1d627..4c75e0a 100644
--- a/meta-security/recipes-security/sssd/sssd_2.5.2.bb
+++ b/meta-security/recipes-security/sssd/sssd_2.5.2.bb
@@ -28,6 +28,10 @@
SRC_URI[sha256sum] = "5e21b3c7b4a2f1063d0fbdd3216d29886b6eaba153b44fb5961698367f399a0f"
+CVE_CHECK_IGNORE += "\
+ CVE-2018-16838 \
+"
+
inherit autotools pkgconfig gettext python3-dir features_check systemd
REQUIRED_DISTRO_FEATURES = "pam"
diff --git a/poky/bitbake/lib/bb/build.py b/poky/bitbake/lib/bb/build.py
index af60c3d..55f68b9 100644
--- a/poky/bitbake/lib/bb/build.py
+++ b/poky/bitbake/lib/bb/build.py
@@ -835,11 +835,7 @@
return [cleanmask, cleanmask.replace(taskflagname, taskflagname + "_setscene")]
-def make_stamp(task, d, file_name = None):
- """
- Creates/updates a stamp for a given task
- (d can be a data dict or dataCache)
- """
+def clean_stamp(task, d, file_name = None):
cleanmask = stamp_cleanmask_internal(task, d, file_name)
for mask in cleanmask:
for name in glob.glob(mask):
@@ -850,6 +846,14 @@
if name.endswith('.taint'):
continue
os.unlink(name)
+ return
+
+def make_stamp(task, d, file_name = None):
+ """
+ Creates/updates a stamp for a given task
+ (d can be a data dict or dataCache)
+ """
+ clean_stamp(task, d, file_name)
stamp = stamp_internal(task, d, file_name)
# Remove the file and recreate to force timestamp
diff --git a/poky/bitbake/lib/bb/cache.py b/poky/bitbake/lib/bb/cache.py
index fcb1579..92e9a3c 100644
--- a/poky/bitbake/lib/bb/cache.py
+++ b/poky/bitbake/lib/bb/cache.py
@@ -619,7 +619,7 @@
for f in flist:
if not f:
continue
- f, exist = f.split(":")
+ f, exist = f.rsplit(":", 1)
if (exist == "True" and not os.path.exists(f)) or (exist == "False" and os.path.exists(f)):
self.logger.debug2("%s's file checksum list file %s changed",
fn, f)
diff --git a/poky/bitbake/lib/bb/cooker.py b/poky/bitbake/lib/bb/cooker.py
index 08593d1..6da9291 100644
--- a/poky/bitbake/lib/bb/cooker.py
+++ b/poky/bitbake/lib/bb/cooker.py
@@ -744,19 +744,18 @@
taskdata[mc].add_unresolved(localdata[mc], self.recipecaches[mc])
mcdeps |= set(taskdata[mc].get_mcdepends())
new = False
- for mc in self.multiconfigs:
- for k in mcdeps:
- if k in seen:
- continue
- l = k.split(':')
- depmc = l[2]
- if depmc not in self.multiconfigs:
- bb.fatal("Multiconfig dependency %s depends on nonexistent multiconfig configuration named configuration %s" % (k,depmc))
- else:
- logger.debug("Adding providers for multiconfig dependency %s" % l[3])
- taskdata[depmc].add_provider(localdata[depmc], self.recipecaches[depmc], l[3])
- seen.add(k)
- new = True
+ for k in mcdeps:
+ if k in seen:
+ continue
+ l = k.split(':')
+ depmc = l[2]
+ if depmc not in self.multiconfigs:
+ bb.fatal("Multiconfig dependency %s depends on nonexistent multiconfig configuration named configuration %s" % (k,depmc))
+ else:
+ logger.debug("Adding providers for multiconfig dependency %s" % l[3])
+ taskdata[depmc].add_provider(localdata[depmc], self.recipecaches[depmc], l[3])
+ seen.add(k)
+ new = True
for mc in self.multiconfigs:
taskdata[mc].add_unresolved(localdata[mc], self.recipecaches[mc])
diff --git a/poky/bitbake/lib/bb/data.py b/poky/bitbake/lib/bb/data.py
index 62ec214..c09d9b0 100644
--- a/poky/bitbake/lib/bb/data.py
+++ b/poky/bitbake/lib/bb/data.py
@@ -277,6 +277,8 @@
try:
if key[-1] == ']':
vf = key[:-1].split('[')
+ if vf[1] == "vardepvalueexclude":
+ return deps, ""
value, parser = d.getVarFlag(vf[0], vf[1], False, retparser=True)
deps |= parser.references
deps = deps | (keys & parser.execs)
diff --git a/poky/bitbake/lib/bb/fetch2/crate.py b/poky/bitbake/lib/bb/fetch2/crate.py
index aac1221..f4ddc78 100644
--- a/poky/bitbake/lib/bb/fetch2/crate.py
+++ b/poky/bitbake/lib/bb/fetch2/crate.py
@@ -13,7 +13,6 @@
import hashlib
import json
import os
-import shutil
import subprocess
import bb
from bb.fetch2 import logger, subprocess_setup, UnpackError
diff --git a/poky/bitbake/lib/bb/fetch2/git.py b/poky/bitbake/lib/bb/fetch2/git.py
index b3eb824..f0df6fb 100644
--- a/poky/bitbake/lib/bb/fetch2/git.py
+++ b/poky/bitbake/lib/bb/fetch2/git.py
@@ -240,7 +240,7 @@
for name in ud.names:
ud.unresolvedrev[name] = 'HEAD'
- ud.basecmd = d.getVar("FETCHCMD_git") or "git -c core.fsyncobjectfiles=0 -c gc.autoDetach=false"
+ ud.basecmd = d.getVar("FETCHCMD_git") or "git -c core.fsyncobjectfiles=0 -c gc.autoDetach=false -c core.pager=cat"
write_tarballs = d.getVar("BB_GENERATE_MIRROR_TARBALLS") or "0"
ud.write_tarballs = write_tarballs != "0" or ud.rebaseable
diff --git a/poky/bitbake/lib/bb/fetch2/osc.py b/poky/bitbake/lib/bb/fetch2/osc.py
index d9ce443..eb0f82c 100644
--- a/poky/bitbake/lib/bb/fetch2/osc.py
+++ b/poky/bitbake/lib/bb/fetch2/osc.py
@@ -36,6 +36,7 @@
# Create paths to osc checkouts
oscdir = d.getVar("OSCDIR") or (d.getVar("DL_DIR") + "/osc")
relpath = self._strip_leading_slashes(ud.path)
+ ud.oscdir = oscdir
ud.pkgdir = os.path.join(oscdir, ud.host)
ud.moddir = os.path.join(ud.pkgdir, relpath, ud.module)
@@ -43,13 +44,13 @@
ud.revision = ud.parm['rev']
else:
pv = d.getVar("PV", False)
- rev = bb.fetch2.srcrev_internal_helper(ud, d)
+ rev = bb.fetch2.srcrev_internal_helper(ud, d, '')
if rev:
ud.revision = rev
else:
ud.revision = ""
- ud.localfile = d.expand('%s_%s_%s.tar.gz' % (ud.module.replace('/', '.'), ud.path.replace('/', '.'), ud.revision))
+ ud.localfile = d.expand('%s_%s_%s.tar.gz' % (ud.module.replace('/', '.'), relpath.replace('/', '.'), ud.revision))
def _buildosccommand(self, ud, d, command):
"""
@@ -86,7 +87,7 @@
logger.debug2("Fetch: checking for module directory '" + ud.moddir + "'")
- if os.access(os.path.join(d.getVar('OSCDIR'), ud.path, ud.module), os.R_OK):
+ if os.access(ud.moddir, os.R_OK):
oscupdatecmd = self._buildosccommand(ud, d, "update")
logger.info("Update "+ ud.url)
# update sources there
@@ -114,20 +115,23 @@
Generate a .oscrc to be used for this run.
"""
- config_path = os.path.join(d.getVar('OSCDIR'), "oscrc")
+ config_path = os.path.join(ud.oscdir, "oscrc")
+ if not os.path.exists(ud.oscdir):
+ bb.utils.mkdirhier(ud.oscdir)
+
if (os.path.exists(config_path)):
os.remove(config_path)
f = open(config_path, 'w')
+ proto = ud.parm.get('proto', 'https')
f.write("[general]\n")
- f.write("apisrv = %s\n" % ud.host)
- f.write("scheme = http\n")
+ f.write("apiurl = %s://%s\n" % (proto, ud.host))
f.write("su-wrapper = su -c\n")
f.write("build-root = %s\n" % d.getVar('WORKDIR'))
f.write("urllist = %s\n" % d.getVar("OSCURLLIST"))
f.write("extra-pkgs = gzip\n")
f.write("\n")
- f.write("[%s]\n" % ud.host)
+ f.write("[%s://%s]\n" % (proto, ud.host))
f.write("user = %s\n" % ud.parm["user"])
f.write("pass = %s\n" % ud.parm["pswd"])
f.close()
diff --git a/poky/bitbake/lib/bb/fetch2/ssh.py b/poky/bitbake/lib/bb/fetch2/ssh.py
index 4844530..8d082b3 100644
--- a/poky/bitbake/lib/bb/fetch2/ssh.py
+++ b/poky/bitbake/lib/bb/fetch2/ssh.py
@@ -32,6 +32,7 @@
import re, os
from bb.fetch2 import check_network_access, FetchMethod, ParameterError, runfetchcmd
+import urllib
__pattern__ = re.compile(r'''
@@ -70,6 +71,7 @@
"git:// prefix with protocol=ssh", urldata.url)
m = __pattern__.match(urldata.url)
path = m.group('path')
+ path = urllib.parse.unquote(path)
host = m.group('host')
urldata.localpath = os.path.join(d.getVar('DL_DIR'),
os.path.basename(os.path.normpath(path)))
@@ -99,7 +101,7 @@
if path[0] != '~':
path = '/%s' % path
- path = path.replace("%3A", ":")
+ path = urllib.parse.unquote(path)
fr += ':%s' % path
@@ -139,7 +141,7 @@
if path[0] != '~':
path = '/%s' % path
- path = path.replace("%3A", ":")
+ path = urllib.parse.unquote(path)
cmd = 'ssh -o BatchMode=true %s %s [ -f %s ]' % (
portarg,
diff --git a/poky/bitbake/lib/bb/msg.py b/poky/bitbake/lib/bb/msg.py
index c95a874..93575d8 100644
--- a/poky/bitbake/lib/bb/msg.py
+++ b/poky/bitbake/lib/bb/msg.py
@@ -133,7 +133,6 @@
self.seen_errors = set()
def filter(self, record):
- msg = record.msg
if record.levelno == bb.msg.BBLogFormatter.WARNONCE:
if record.msg in self.seen_warnings:
return False
diff --git a/poky/bitbake/lib/bb/persist_data.py b/poky/bitbake/lib/bb/persist_data.py
index 9e20a83..ce84a15 100644
--- a/poky/bitbake/lib/bb/persist_data.py
+++ b/poky/bitbake/lib/bb/persist_data.py
@@ -208,7 +208,7 @@
def __lt__(self, other):
if not isinstance(other, Mapping):
- raise NotImplemented
+ raise NotImplementedError()
return len(self) < len(other)
diff --git a/poky/bitbake/lib/bb/providers.py b/poky/bitbake/lib/bb/providers.py
index 8c1c31a..e11a463 100644
--- a/poky/bitbake/lib/bb/providers.py
+++ b/poky/bitbake/lib/bb/providers.py
@@ -396,8 +396,8 @@
return rproviders
# Only search dynamic packages if we can't find anything in other variables
- for pattern in dataCache.packages_dynamic:
- pattern = pattern.replace(r'+', r"\+")
+ for pat_key in dataCache.packages_dynamic:
+ pattern = pat_key.replace(r'+', r"\+")
if pattern in regexp_cache:
regexp = regexp_cache[pattern]
else:
@@ -408,7 +408,7 @@
raise
regexp_cache[pattern] = regexp
if regexp.match(rdepend):
- rproviders += dataCache.packages_dynamic[pattern]
+ rproviders += dataCache.packages_dynamic[pat_key]
logger.debug("Assuming %s is a dynamic package, but it may not exist" % rdepend)
return rproviders
diff --git a/poky/bitbake/lib/bb/runqueue.py b/poky/bitbake/lib/bb/runqueue.py
index a7a8463..f34f156 100644
--- a/poky/bitbake/lib/bb/runqueue.py
+++ b/poky/bitbake/lib/bb/runqueue.py
@@ -1674,7 +1674,7 @@
(mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn]
h = self.rqdata.runtaskentries[tid].hash
- matches = bb.siggen.find_siginfo(pn, taskname, [], self.cfgData)
+ matches = bb.siggen.find_siginfo(pn, taskname, [], self.cooker.databuilder.mcdata[mc])
match = None
for m in matches:
if h in m:
@@ -2664,7 +2664,6 @@
sq_revdeps_squash[point] = set()
if point in rqdata.runq_setscene_tids:
sq_revdeps_squash[point] = tasks
- tasks = set()
continue
for dep in rqdata.runtaskentries[point].depends:
if point in sq_revdeps[dep]:
diff --git a/poky/bitbake/lib/bb/server/process.py b/poky/bitbake/lib/bb/server/process.py
index 19ef839..f2c5c15 100644
--- a/poky/bitbake/lib/bb/server/process.py
+++ b/poky/bitbake/lib/bb/server/process.py
@@ -20,7 +20,6 @@
import sys
import time
import select
-import signal
import socket
import subprocess
import errno
@@ -758,8 +757,11 @@
process.queue_signals = True
self._send(obj)
process.queue_signals = False
- for sig in process.signal_received.pop():
- process.handle_sig(sig, None)
+ try:
+ for sig in process.signal_received.pop():
+ process.handle_sig(sig, None)
+ except IndexError:
+ pass
else:
self._send(obj)
diff --git a/poky/bitbake/lib/bb/siggen.py b/poky/bitbake/lib/bb/siggen.py
index 130b38d..9fa568f 100644
--- a/poky/bitbake/lib/bb/siggen.py
+++ b/poky/bitbake/lib/bb/siggen.py
@@ -40,7 +40,6 @@
for sg in siggens:
if desired == sg.name:
return sg(d)
- break
else:
logger.error("Invalid signature generator '%s', using default 'noop'\n"
"Available generators: %s", desired,
diff --git a/poky/bitbake/lib/bb/tests/parse.py b/poky/bitbake/lib/bb/tests/parse.py
index 4d17f82..2898f9b 100644
--- a/poky/bitbake/lib/bb/tests/parse.py
+++ b/poky/bitbake/lib/bb/tests/parse.py
@@ -119,7 +119,7 @@
EXTRA_OECONF:append = " c"
"""
- def test_parse_overrides(self):
+ def test_parse_overrides2(self):
f = self.parsehelper(self.overridetest2)
d = bb.parse.handle(f.name, self.d)['']
d.appendVar("EXTRA_OECONF", " d")
diff --git a/poky/bitbake/lib/bb/ui/buildinfohelper.py b/poky/bitbake/lib/bb/ui/buildinfohelper.py
index 0761f73..129bb32 100644
--- a/poky/bitbake/lib/bb/ui/buildinfohelper.py
+++ b/poky/bitbake/lib/bb/ui/buildinfohelper.py
@@ -45,7 +45,7 @@
import logging
from datetime import datetime, timedelta
-from django.db import transaction, connection
+from django.db import transaction
# pylint: disable=invalid-name
@@ -496,7 +496,7 @@
if not parent_path:
parent_path = "/"
parent_obj = self._cached_get(Target_File, target = target_obj, path = parent_path, inodetype = Target_File.ITYPE_DIRECTORY)
- tf_obj = Target_File.objects.create(
+ Target_File.objects.create(
target = target_obj,
path = path,
size = size,
@@ -561,7 +561,7 @@
parent_obj = Target_File.objects.get(target = target_obj, path = parent_path, inodetype = Target_File.ITYPE_DIRECTORY)
- tf_obj = Target_File.objects.create(
+ Target_File.objects.create(
target = target_obj,
path = path,
size = size,
@@ -1062,27 +1062,6 @@
return recipe_info
- def _get_path_information(self, task_object):
- self._ensure_build()
-
- assert isinstance(task_object, Task)
- build_stats_format = "{tmpdir}/buildstats/{buildname}/{package}/"
- build_stats_path = []
-
- for t in self.internal_state['targets']:
- buildname = self.internal_state['build'].build_name
- pe, pv = task_object.recipe.version.split(":",1)
- if pe:
- package = task_object.recipe.name + "-" + pe + "_" + pv
- else:
- package = task_object.recipe.name + "-" + pv
-
- build_stats_path.append(build_stats_format.format(tmpdir=self.tmp_dir,
- buildname=buildname,
- package=package))
-
- return build_stats_path
-
################################
## external available methods to store information
diff --git a/poky/bitbake/lib/bb/ui/knotty.py b/poky/bitbake/lib/bb/ui/knotty.py
index 3f410fd..61cf0a3 100644
--- a/poky/bitbake/lib/bb/ui/knotty.py
+++ b/poky/bitbake/lib/bb/ui/knotty.py
@@ -877,7 +877,6 @@
state_force_shutdown()
main.shutdown = main.shutdown + 1
- pass
except Exception as e:
import traceback
sys.stderr.write(traceback.format_exc())
diff --git a/poky/documentation/brief-yoctoprojectqs/index.rst b/poky/documentation/brief-yoctoprojectqs/index.rst
index 12cab1d..a982eae 100644
--- a/poky/documentation/brief-yoctoprojectqs/index.rst
+++ b/poky/documentation/brief-yoctoprojectqs/index.rst
@@ -255,13 +255,8 @@
BB_SIGNATURE_HANDLER = "OEEquivHash"
BB_HASHSERVE = "auto"
- BB_HASHSERVE_UPSTREAM = "typhoon.yocto.io:8687"
- SSTATE_MIRRORS ?= "file://.* https://sstate.yoctoproject.org/&YOCTO_DOC_VERSION;/PATH;downloadfilename=PATH"
-
- The above settings assumed the use of Yocto Project &YOCTO_DOC_VERSION;.
- If you are using the development version instead, set :term:`SSTATE_MIRRORS` as follows::
-
- SSTATE_MIRRORS ?= "file://.* https://sstate.yoctoproject.org/dev/PATH;downloadfilename=PATH"
+ BB_HASHSERVE_UPSTREAM = "hashserv.yocto.io:8687"
+ SSTATE_MIRRORS ?= "file://.* https://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
#. **Start the Build:** Continue with the following command to build an OS
image for the target, which is ``core-image-sato`` in this example:
diff --git a/poky/documentation/migration-guides/release-notes-4.0.rst b/poky/documentation/migration-guides/release-notes-4.0.rst
index eaa40f9..b675cae 100644
--- a/poky/documentation/migration-guides/release-notes-4.0.rst
+++ b/poky/documentation/migration-guides/release-notes-4.0.rst
@@ -22,8 +22,8 @@
BB_SIGNATURE_HANDLER = "OEEquivHash"
BB_HASHSERVE = "auto"
- BB_HASHSERVE_UPSTREAM = "typhoon.yocto.io:8687"
- SSTATE_MIRRORS ?= "file://.* https://sstate.yoctoproject.org/&YOCTO_DOC_VERSION;/PATH;downloadfilename=PATH"
+ BB_HASHSERVE_UPSTREAM = "hashserv.yocto.io:8687"
+ SSTATE_MIRRORS ?= "file://.* https://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
- The Python package build process is now based on `wheels <https://pythonwheels.com/>`__
in line with the upstream direction.
diff --git a/poky/documentation/ref-manual/variables.rst b/poky/documentation/ref-manual/variables.rst
index f8808cc..4746223 100644
--- a/poky/documentation/ref-manual/variables.rst
+++ b/poky/documentation/ref-manual/variables.rst
@@ -7609,7 +7609,7 @@
:ref:`systemd-boot <ref-classes-systemd-boot>` class sets the
:term:`SYSTEMD_BOOT_CFG` as follows::
- SYSTEMD_BOOT_CFG ?= "${:term:`S`}/loader.conf"
+ SYSTEMD_BOOT_CFG ?= "${S}/loader.conf"
For information on Systemd-boot, see the `Systemd-boot
documentation <https://www.freedesktop.org/wiki/Software/systemd/systemd-boot/>`__.
diff --git a/poky/meta-poky/conf/distro/poky.conf b/poky/meta-poky/conf/distro/poky.conf
index 179329f..0cea4ce 100644
--- a/poky/meta-poky/conf/distro/poky.conf
+++ b/poky/meta-poky/conf/distro/poky.conf
@@ -1,7 +1,7 @@
DISTRO = "poky"
DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
#DISTRO_VERSION = "3.4+snapshot-${METADATA_REVISION}"
-DISTRO_VERSION = "4.0"
+DISTRO_VERSION = "4.0.2"
DISTRO_CODENAME = "kirkstone"
SDK_VENDOR = "-pokysdk"
SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${METADATA_REVISION}', 'snapshot')}"
diff --git a/poky/meta-poky/conf/local.conf.sample b/poky/meta-poky/conf/local.conf.sample
index d92aa0e..ae9c87f 100644
--- a/poky/meta-poky/conf/local.conf.sample
+++ b/poky/meta-poky/conf/local.conf.sample
@@ -230,7 +230,7 @@
# Note: For this to work you also need hash-equivalence passthrough to the matching server
#
#BB_HASHSERVE_UPSTREAM = "typhoon.yocto.io:8687"
-#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/4.0/PATH;downloadfilename=PATH"
+#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
#
# Qemu configuration
diff --git a/poky/meta-selftest/conf/multiconfig/muslmc.conf b/poky/meta-selftest/conf/multiconfig/muslmc.conf
new file mode 100644
index 0000000..043cd1c
--- /dev/null
+++ b/poky/meta-selftest/conf/multiconfig/muslmc.conf
@@ -0,0 +1,2 @@
+TCLIBC = "musl"
+TMPDIR = "${TOPDIR}/tmp-mc-musl"
diff --git a/poky/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb b/poky/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
index cc5d7ea..fa3041b 100644
--- a/poky/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
+++ b/poky/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
@@ -7,3 +7,18 @@
SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test;branch=master"
SRCREV = "a2885dd7d25380d23627e7544b7bbb55014b16ee"
+
+S = "${WORKDIR}/git"
+
+do_test_git_as_user() {
+ cd ${S}
+ git status
+}
+addtask test_git_as_user after do_unpack
+
+fakeroot do_test_git_as_root() {
+ cd ${S}
+ git status
+}
+do_test_git_as_root[depends] += "virtual/fakeroot-native:do_populate_sysroot"
+addtask test_git_as_root after do_unpack
diff --git a/poky/meta-selftest/recipes-test/images/oe-selftest-image.bb b/poky/meta-selftest/recipes-test/images/oe-selftest-image.bb
index e295943..317a071 100644
--- a/poky/meta-selftest/recipes-test/images/oe-selftest-image.bb
+++ b/poky/meta-selftest/recipes-test/images/oe-selftest-image.bb
@@ -1,7 +1,7 @@
SUMMARY = "An image used during oe-selftest tests"
# libudev is needed for deploy mdadm via devtool
-IMAGE_INSTALL = "packagegroup-core-boot dropbear libudev"
+IMAGE_INSTALL = "packagegroup-core-boot packagegroup-core-ssh-dropbear libudev"
IMAGE_FEATURES = "debug-tweaks"
IMAGE_LINGUAS = " "
diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
index ff85e2e..85d02a4 100644
--- a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
+++ b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
@@ -7,17 +7,17 @@
KMACHINE:genericx86-64 ?= "common-pc-64"
KMACHINE:beaglebone-yocto ?= "beaglebone"
-SRCREV_machine:genericx86 ?= "7f685244afb3acd13e94968312580b63d7296705"
-SRCREV_machine:genericx86-64 ?= "7f685244afb3acd13e94968312580b63d7296705"
-SRCREV_machine:edgerouter ?= "5a8ec126c297dd9e410eb23685003f670f8f3d57"
-SRCREV_machine:beaglebone-yocto ?= "5a8ec126c297dd9e410eb23685003f670f8f3d57"
+SRCREV_machine:genericx86 ?= "ebfb1822e9f9726d8c587fc0f60cfed43fa0873e"
+SRCREV_machine:genericx86-64 ?= "ebfb1822e9f9726d8c587fc0f60cfed43fa0873e"
+SRCREV_machine:edgerouter ?= "b978686694c3e41968821d6cc2a2a371fd9c2fb0"
+SRCREV_machine:beaglebone-yocto ?= "4c875cf1376178dfab4913aa1350cab50bb093d3"
COMPATIBLE_MACHINE:genericx86 = "genericx86"
COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64"
COMPATIBLE_MACHINE:edgerouter = "edgerouter"
COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto"
-LINUX_VERSION:genericx86 = "5.15.22"
-LINUX_VERSION:genericx86-64 = "5.15.22"
-LINUX_VERSION:edgerouter = "5.15.1"
-LINUX_VERSION:beaglebone-yocto = "5.15.1"
+LINUX_VERSION:genericx86 = "5.15.36"
+LINUX_VERSION:genericx86-64 = "5.15.36"
+LINUX_VERSION:edgerouter = "5.15.36"
+LINUX_VERSION:beaglebone-yocto = "5.15.36"
diff --git a/poky/meta/classes/archiver.bbclass b/poky/meta/classes/archiver.bbclass
index c19c770..33070cd 100644
--- a/poky/meta/classes/archiver.bbclass
+++ b/poky/meta/classes/archiver.bbclass
@@ -55,9 +55,10 @@
DEPLOY_DIR_SRC ?= "${DEPLOY_DIR}/sources"
ARCHIVER_TOPDIR ?= "${WORKDIR}/archiver-sources"
-ARCHIVER_OUTDIR = "${ARCHIVER_TOPDIR}/${TARGET_SYS}/${PF}/"
+ARCHIVER_ARCH = "${TARGET_SYS}"
+ARCHIVER_OUTDIR = "${ARCHIVER_TOPDIR}/${ARCHIVER_ARCH}/${PF}/"
ARCHIVER_RPMTOPDIR ?= "${WORKDIR}/deploy-sources-rpm"
-ARCHIVER_RPMOUTDIR = "${ARCHIVER_RPMTOPDIR}/${TARGET_SYS}/${PF}/"
+ARCHIVER_RPMOUTDIR = "${ARCHIVER_RPMTOPDIR}/${ARCHIVER_ARCH}/${PF}/"
ARCHIVER_WORKDIR = "${WORKDIR}/archiver-work/"
# When producing a combined mirror directory, allow duplicates for the case
@@ -101,6 +102,10 @@
bb.debug(1, 'archiver: %s is excluded, covered by gcc-source' % pn)
return
+ # TARGET_SYS in ARCHIVER_ARCH will break the stamp for gcc-source in multiconfig
+ if pn.startswith('gcc-source'):
+ d.setVar('ARCHIVER_ARCH', "allarch")
+
def hasTask(task):
return bool(d.getVarFlag(task, "task", False)) and not bool(d.getVarFlag(task, "noexec", False))
@@ -579,7 +584,7 @@
SSTATETASKS += "do_deploy_archives"
do_deploy_archives () {
- echo "Deploying source archive files from ${ARCHIVER_TOPDIR} to ${DEPLOY_DIR_SRC}."
+ bbnote "Deploying source archive files from ${ARCHIVER_TOPDIR} to ${DEPLOY_DIR_SRC}."
}
python do_deploy_archives_setscene () {
sstate_setscene(d)
diff --git a/poky/meta/classes/baremetal-image.bbclass b/poky/meta/classes/baremetal-image.bbclass
index 81f5e5e..cb9e250 100644
--- a/poky/meta/classes/baremetal-image.bbclass
+++ b/poky/meta/classes/baremetal-image.bbclass
@@ -47,9 +47,10 @@
Path(manifest_name).touch()
if os.path.exists(manifest_name) and link_name:
manifest_link = deploy_dir + "/" + link_name + ".manifest"
- if os.path.lexists(manifest_link):
- os.remove(manifest_link)
- os.symlink(os.path.basename(manifest_name), manifest_link)
+ if manifest_link != manifest_name:
+ if os.path.lexists(manifest_link):
+ os.remove(manifest_link)
+ os.symlink(os.path.basename(manifest_name), manifest_link)
# A lot of postprocess commands assume the existence of rootfs/etc
sysconfdir = d.getVar("IMAGE_ROOTFS") + d.getVar('sysconfdir')
bb.utils.mkdirhier(sysconfdir)
diff --git a/poky/meta/classes/base.bbclass b/poky/meta/classes/base.bbclass
index 3515720..0cf27fb 100644
--- a/poky/meta/classes/base.bbclass
+++ b/poky/meta/classes/base.bbclass
@@ -115,6 +115,10 @@
tools = d.getVar(toolsvar).split()
origbbenv = d.getVar("BB_ORIGENV", False)
path = origbbenv.getVar("PATH")
+ # Need to ignore our own scripts directories to avoid circular links
+ for p in path.split(":"):
+ if p.endswith("/scripts"):
+ path = path.replace(p, "/ignoreme")
bb.utils.mkdirhier(dest)
notfound = []
for tool in tools:
@@ -592,9 +596,9 @@
for lic_exception in exceptions:
if ":" in lic_exception:
- lic_exception.split(":")[0]
+ lic_exception = lic_exception.split(":")[1]
if lic_exception in oe.license.obsolete_license_list():
- bb.fatal("Invalid license %s used in INCOMPATIBLE_LICENSE_EXCEPTIONS" % lic_exception)
+ bb.fatal("Obsolete license %s used in INCOMPATIBLE_LICENSE_EXCEPTIONS" % lic_exception)
pkgs = d.getVar('PACKAGES').split()
skipped_pkgs = {}
diff --git a/poky/meta/classes/bin_package.bbclass b/poky/meta/classes/bin_package.bbclass
index c3aca20..f0407e1 100644
--- a/poky/meta/classes/bin_package.bbclass
+++ b/poky/meta/classes/bin_package.bbclass
@@ -30,8 +30,9 @@
bbfatal bin_package has nothing to install. Be sure the SRC_URI unpacks into S.
fi
cd ${S}
+ install -d ${D}${base_prefix}
tar --no-same-owner --exclude='./patches' --exclude='./.pc' -cpf - . \
- | tar --no-same-owner -xpf - -C ${D}
+ | tar --no-same-owner -xpf - -C ${D}${base_prefix}
}
FILES:${PN} = "/"
diff --git a/poky/meta/classes/buildhistory.bbclass b/poky/meta/classes/buildhistory.bbclass
index 8db79a4..4345ffc 100644
--- a/poky/meta/classes/buildhistory.bbclass
+++ b/poky/meta/classes/buildhistory.bbclass
@@ -508,7 +508,7 @@
# Set correct pkgdatadir
pkgdatadir=${PKGDATA_DIR}
- if [ "$2" == "sdk" ] && [ "$3" == "host" ]; then
+ if [ "$2" = "sdk" ] && [ "$3" = "host" ] ; then
pkgdatadir="${PKGDATA_DIR_SDK}"
fi
diff --git a/poky/meta/classes/cargo_common.bbclass b/poky/meta/classes/cargo_common.bbclass
index 90fad75..39f3282 100644
--- a/poky/meta/classes/cargo_common.bbclass
+++ b/poky/meta/classes/cargo_common.bbclass
@@ -45,7 +45,7 @@
directory = "${CARGO_VENDORING_DIRECTORY}"
EOF
- if [ -z "${EXTERNALSRC}" ] && [ ${CARGO_DISABLE_BITBAKE_VENDORING} = "0" ]; then
+ if [ ${CARGO_DISABLE_BITBAKE_VENDORING} = "0" ]; then
cat <<- EOF >> ${CARGO_HOME}/config
[source.crates-io]
diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass
index 78516d0..da7f933 100644
--- a/poky/meta/classes/cve-check.bbclass
+++ b/poky/meta/classes/cve-check.bbclass
@@ -47,8 +47,11 @@
CVE_CHECK_COPY_FILES ??= "1"
CVE_CHECK_CREATE_MANIFEST ??= "1"
+# Report Patched or Ignored CVEs
CVE_CHECK_REPORT_PATCHED ??= "1"
+CVE_CHECK_SHOW_WARNINGS ??= "1"
+
# Provide text output
CVE_CHECK_FORMAT_TEXT ??= "1"
@@ -79,9 +82,31 @@
# set to "alphabetical" for version using single alphabetical character as increment release
CVE_VERSION_SUFFIX ??= ""
+def generate_json_report(d, out_path, link_path):
+ if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
+ import json
+ from oe.cve_check import cve_check_merge_jsons, update_symlinks
+
+ bb.note("Generating JSON CVE summary")
+ index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
+ summary = {"version":"1", "package": []}
+ with open(index_file) as f:
+ filename = f.readline()
+ while filename:
+ with open(filename.rstrip()) as j:
+ data = json.load(j)
+ cve_check_merge_jsons(summary, data)
+ filename = f.readline()
+
+ with open(out_path, "w") as f:
+ json.dump(summary, f, indent=2)
+
+ update_symlinks(out_path, link_path)
+
python cve_save_summary_handler () {
import shutil
import datetime
+ from oe.cve_check import update_symlinks
cve_tmp_file = d.getVar("CVE_CHECK_TMP_FILE")
@@ -94,13 +119,15 @@
if os.path.exists(cve_tmp_file):
shutil.copyfile(cve_tmp_file, cve_summary_file)
+ cvefile_link = os.path.join(cvelogpath, cve_summary_name)
+ update_symlinks(cve_summary_file, cvefile_link)
+ bb.plain("Complete CVE report summary created at: %s" % cvefile_link)
- if cve_summary_file and os.path.exists(cve_summary_file):
- cvefile_link = os.path.join(cvelogpath, cve_summary_name)
-
- if os.path.exists(os.path.realpath(cvefile_link)):
- os.remove(cvefile_link)
- os.symlink(os.path.basename(cve_summary_file), cvefile_link)
+ if d.getVar("CVE_CHECK_FORMAT_JSON") == "1":
+ json_summary_link_name = os.path.join(cvelogpath, d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
+ json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % (cve_summary_name, timestamp))
+ generate_json_report(d, json_summary_name, json_summary_link_name)
+ bb.plain("Complete CVE JSON report summary created at: %s" % json_summary_link_name)
}
addhandler cve_save_summary_handler
@@ -119,14 +146,14 @@
bb.fatal("Failure in searching patches")
ignored, patched, unpatched, status = check_cves(d, patched_cves)
if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status):
- cve_data = get_cve_info(d, patched + unpatched)
+ cve_data = get_cve_info(d, patched + unpatched + ignored)
cve_write_data(d, patched, unpatched, ignored, cve_data, status)
else:
bb.note("No CVE database found, skipping CVE check")
}
-addtask cve_check before do_build after do_fetch
+addtask cve_check before do_build
do_cve_check[depends] = "cve-update-db-native:do_fetch"
do_cve_check[nostamp] = "1"
@@ -139,7 +166,7 @@
}
addhandler cve_check_cleanup
-cve_check_cleanup[eventmask] = "bb.cooker.CookerExit"
+cve_check_cleanup[eventmask] = "bb.event.BuildCompleted"
python cve_check_write_rootfs_manifest () {
"""
@@ -147,7 +174,9 @@
"""
import shutil
- from oe.cve_check import cve_check_merge_jsons
+ import json
+ from oe.rootfs import image_list_installed_packages
+ from oe.cve_check import cve_check_merge_jsons, update_symlinks
if d.getVar("CVE_CHECK_COPY_FILES") == "1":
deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE")
@@ -157,47 +186,68 @@
if os.path.exists(deploy_file_json):
bb.utils.remove(deploy_file_json)
- if os.path.exists(d.getVar("CVE_CHECK_TMP_FILE")):
- bb.note("Writing rootfs CVE manifest")
- deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
- link_name = d.getVar("IMAGE_LINK_NAME")
- manifest_name = d.getVar("CVE_CHECK_MANIFEST")
- cve_tmp_file = d.getVar("CVE_CHECK_TMP_FILE")
+ # Create a list of relevant recipies
+ recipies = set()
+ for pkg in list(image_list_installed_packages(d)):
+ pkg_info = os.path.join(d.getVar('PKGDATA_DIR'),
+ 'runtime-reverse', pkg)
+ pkg_data = oe.packagedata.read_pkgdatafile(pkg_info)
+ recipies.add(pkg_data["PN"])
- bb.utils.mkdirhier(os.path.dirname(manifest_name))
- shutil.copyfile(cve_tmp_file, manifest_name)
+ bb.note("Writing rootfs CVE manifest")
+ deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
+ link_name = d.getVar("IMAGE_LINK_NAME")
- if manifest_name and os.path.exists(manifest_name):
- manifest_link = os.path.join(deploy_dir, "%s.cve" % link_name)
- # If we already have another manifest, update symlinks
- if os.path.exists(os.path.realpath(manifest_link)):
- os.remove(manifest_link)
- os.symlink(os.path.basename(manifest_name), manifest_link)
- bb.plain("Image CVE report stored in: %s" % manifest_name)
+ json_data = {"version":"1", "package": []}
+ text_data = ""
+ enable_json = d.getVar("CVE_CHECK_FORMAT_JSON") == "1"
+ enable_text = d.getVar("CVE_CHECK_FORMAT_TEXT") == "1"
- if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
- import json
- bb.note("Generating JSON CVE manifest")
- deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
- link_name = d.getVar("IMAGE_LINK_NAME")
- manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
- index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
- manifest = {"version":"1", "package": []}
- with open(index_file) as f:
- filename = f.readline()
- while filename:
- with open(filename.rstrip()) as j:
+ save_pn = d.getVar("PN")
+
+ for pkg in recipies:
+ # To be able to use the CVE_CHECK_RECIPE_FILE variable we have to evaluate
+ # it with the different PN names set each time.
+ d.setVar("PN", pkg)
+ if enable_text:
+ pkgfilepath = d.getVar("CVE_CHECK_RECIPE_FILE")
+ if os.path.exists(pkgfilepath):
+ with open(pkgfilepath) as pfile:
+ text_data += pfile.read()
+
+ if enable_json:
+ pkgfilepath = d.getVar("CVE_CHECK_RECIPE_FILE_JSON")
+ if os.path.exists(pkgfilepath):
+ with open(pkgfilepath) as j:
data = json.load(j)
- cve_check_merge_jsons(manifest, data)
- filename = f.readline()
+ cve_check_merge_jsons(json_data, data)
+
+ d.setVar("PN", save_pn)
+
+ if enable_text:
+ link_path = os.path.join(deploy_dir, "%s.cve" % link_name)
+ manifest_name = d.getVar("CVE_CHECK_MANIFEST")
with open(manifest_name, "w") as f:
- json.dump(manifest, f, indent=2)
+ f.write(text_data)
+
+ update_symlinks(manifest_name, link_path)
bb.plain("Image CVE report stored in: %s" % manifest_name)
+
+ if enable_json:
+ link_path = os.path.join(deploy_dir, "%s.json" % link_name)
+ manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
+
+ with open(manifest_name, "w") as f:
+ json.dump(json_data, f, indent=2)
+
+ update_symlinks(manifest_name, link_path)
+ bb.plain("Image CVE JSON report stored in: %s" % manifest_name)
}
ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
do_rootfs[recrdeptask] += "${@'do_cve_check' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
+do_populate_sdk[recrdeptask] += "${@'do_cve_check' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
def check_cves(d, patched_cves):
"""
@@ -210,13 +260,14 @@
suffix = d.getVar("CVE_VERSION_SUFFIX")
cves_unpatched = []
+ cves_ignored = []
cves_status = []
cves_in_recipe = False
# CVE_PRODUCT can contain more than one product (eg. curl/libcurl)
products = d.getVar("CVE_PRODUCT").split()
# If this has been unset then we're not scanning for CVEs here (for example, image recipes)
if not products:
- return ([], [], [], {})
+ return ([], [], [], [])
pv = d.getVar("CVE_VERSION").split("+git")[0]
# If the recipe has been skipped/ignored we return empty lists
@@ -243,9 +294,8 @@
cve = cverow[0]
if cve in cve_ignore:
- bb.note("%s-%s has been ignored for %s" % (product, pv, cve))
- # TODO: this should be in the report as 'ignored'
- patched_cves.add(cve)
+ bb.note("%s-%s ignores %s" % (product, pv, cve))
+ cves_ignored.append(cve)
continue
elif cve in patched_cves:
bb.note("%s has been patched" % (cve))
@@ -257,9 +307,13 @@
cves_in_recipe = True
vulnerable = False
+ ignored = False
+
for row in conn.execute("SELECT * FROM PRODUCTS WHERE ID IS ? AND PRODUCT IS ? AND VENDOR LIKE ?", (cve, product, vendor)):
(_, _, _, version_start, operator_start, version_end, operator_end) = row
#bb.debug(2, "Evaluating row " + str(row))
+ if cve in cve_ignore:
+ ignored = True
if (operator_start == '=' and pv == version_start) or version_start == '-':
vulnerable = True
@@ -292,13 +346,16 @@
vulnerable = vulnerable_start or vulnerable_end
if vulnerable:
- bb.note("%s-%s is vulnerable to %s" % (pn, real_pv, cve))
- cves_unpatched.append(cve)
+ if ignored:
+ bb.note("%s is ignored in %s-%s" % (cve, pn, real_pv))
+ cves_ignored.append(cve)
+ else:
+ bb.note("%s-%s is vulnerable to %s" % (pn, real_pv, cve))
+ cves_unpatched.append(cve)
break
if not vulnerable:
bb.note("%s-%s is not vulnerable to %s" % (pn, real_pv, cve))
- # TODO: not patched but not vulnerable
patched_cves.add(cve)
if not cves_in_product:
@@ -310,7 +367,7 @@
if not cves_in_recipe:
bb.note("No CVE records for products in recipe %s" % (pn))
- return (list(cve_ignore), list(patched_cves), cves_unpatched, cves_status)
+ return (list(cves_ignored), list(patched_cves), cves_unpatched, cves_status)
def get_cve_info(d, cves):
"""
@@ -348,6 +405,8 @@
include_layers = d.getVar("CVE_CHECK_LAYER_INCLUDELIST").split()
exclude_layers = d.getVar("CVE_CHECK_LAYER_EXCLUDELIST").split()
+ report_all = d.getVar("CVE_CHECK_REPORT_PATCHED") == "1"
+
if exclude_layers and layer in exclude_layers:
return
@@ -355,7 +414,7 @@
return
# Early exit, the text format does not report packages without CVEs
- if not patched+unpatched:
+ if not patched+unpatched+ignored:
return
nvd_link = "https://nvd.nist.gov/vuln/detail/"
@@ -365,13 +424,16 @@
for cve in sorted(cve_data):
is_patched = cve in patched
- if is_patched and (d.getVar("CVE_CHECK_REPORT_PATCHED") != "1"):
+ is_ignored = cve in ignored
+
+ if (is_patched or is_ignored) and not report_all:
continue
+
write_string += "LAYER: %s\n" % layer
write_string += "PACKAGE NAME: %s\n" % d.getVar("PN")
write_string += "PACKAGE VERSION: %s%s\n" % (d.getVar("EXTENDPE"), d.getVar("PV"))
write_string += "CVE: %s\n" % cve
- if cve in ignored:
+ if is_ignored:
write_string += "CVE STATUS: Ignored\n"
elif is_patched:
write_string += "CVE STATUS: Patched\n"
@@ -384,26 +446,25 @@
write_string += "VECTOR: %s\n" % cve_data[cve]["vector"]
write_string += "MORE INFORMATION: %s%s\n\n" % (nvd_link, cve)
- if unpatched_cves:
+ if unpatched_cves and d.getVar("CVE_CHECK_SHOW_WARNINGS") == "1":
bb.warn("Found unpatched CVE (%s), for more information check %s" % (" ".join(unpatched_cves),cve_file))
- if write_string:
- with open(cve_file, "w") as f:
- bb.note("Writing file %s with CVE information" % cve_file)
+ with open(cve_file, "w") as f:
+ bb.note("Writing file %s with CVE information" % cve_file)
+ f.write(write_string)
+
+ if d.getVar("CVE_CHECK_COPY_FILES") == "1":
+ deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE")
+ bb.utils.mkdirhier(os.path.dirname(deploy_file))
+ with open(deploy_file, "w") as f:
f.write(write_string)
- if d.getVar("CVE_CHECK_COPY_FILES") == "1":
- deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE")
- bb.utils.mkdirhier(os.path.dirname(deploy_file))
- with open(deploy_file, "w") as f:
- f.write(write_string)
+ if d.getVar("CVE_CHECK_CREATE_MANIFEST") == "1":
+ cvelogpath = d.getVar("CVE_CHECK_SUMMARY_DIR")
+ bb.utils.mkdirhier(cvelogpath)
- if d.getVar("CVE_CHECK_CREATE_MANIFEST") == "1":
- cvelogpath = d.getVar("CVE_CHECK_SUMMARY_DIR")
- bb.utils.mkdirhier(cvelogpath)
-
- with open(d.getVar("CVE_CHECK_TMP_FILE"), "a") as f:
- f.write("%s" % write_string)
+ with open(d.getVar("CVE_CHECK_TMP_FILE"), "a") as f:
+ f.write("%s" % write_string)
def cve_check_write_json_output(d, output, direct_file, deploy_file, manifest_file):
"""
@@ -449,6 +510,8 @@
include_layers = d.getVar("CVE_CHECK_LAYER_INCLUDELIST").split()
exclude_layers = d.getVar("CVE_CHECK_LAYER_EXCLUDELIST").split()
+ report_all = d.getVar("CVE_CHECK_REPORT_PATCHED") == "1"
+
if exclude_layers and layer in exclude_layers:
return
@@ -475,10 +538,11 @@
for cve in sorted(cve_data):
is_patched = cve in patched
+ is_ignored = cve in ignored
status = "Unpatched"
- if is_patched and (d.getVar("CVE_CHECK_REPORT_PATCHED") != "1"):
+ if (is_patched or is_ignored) and not report_all:
continue
- if cve in ignored:
+ if is_ignored:
status = "Ignored"
elif is_patched:
status = "Patched"
diff --git a/poky/meta/classes/externalsrc.bbclass b/poky/meta/classes/externalsrc.bbclass
index b2f216f..90792a7 100644
--- a/poky/meta/classes/externalsrc.bbclass
+++ b/poky/meta/classes/externalsrc.bbclass
@@ -68,7 +68,7 @@
url_data = fetch.ud[url]
parm = url_data.parm
if (url_data.type == 'file' or
- url_data.type == 'npmsw' or
+ url_data.type == 'npmsw' or url_data.type == 'crate' or
'type' in parm and parm['type'] == 'kmeta'):
local_srcuri.append(url)
diff --git a/poky/meta/classes/image.bbclass b/poky/meta/classes/image.bbclass
index 7f1f6f8..2139a7e 100644
--- a/poky/meta/classes/image.bbclass
+++ b/poky/meta/classes/image.bbclass
@@ -132,7 +132,12 @@
do_rootfs[vardeps] += "${@rootfs_variables(d)}"
-do_build[depends] += "virtual/kernel:do_deploy"
+# This is needed to have kernel image in DEPLOY_DIR.
+# This follows many common usecases and user expectations.
+# But if you are building an image which doesn't need the kernel image at all,
+# you can unset this variable manually.
+KERNEL_DEPLOY_DEPEND ?= "virtual/kernel:do_deploy"
+do_build[depends] += "${KERNEL_DEPLOY_DEPEND}"
python () {
diff --git a/poky/meta/classes/insane.bbclass b/poky/meta/classes/insane.bbclass
index 0bc6492..f3f8033 100644
--- a/poky/meta/classes/insane.bbclass
+++ b/poky/meta/classes/insane.bbclass
@@ -444,12 +444,14 @@
Check for build paths inside target files and error if paths are not
explicitly ignored.
"""
+ import stat
# Ignore .debug files, not interesting
if path.find(".debug") != -1:
return
- # Ignore symlinks
- if os.path.islink(path):
+ # Ignore symlinks/devs/fifos
+ mode = os.lstat(path).st_mode
+ if stat.S_ISLNK(mode) or stat.S_ISBLK(mode) or stat.S_ISFIFO(mode) or stat.S_ISCHR(mode) or stat.S_ISSOCK(mode):
return
tmpdir = bytes(d.getVar('TMPDIR'), encoding="utf-8")
@@ -970,7 +972,7 @@
dest = d.getVar('PKGDEST')
pn = d.getVar('PN')
- home = os.path.join(dest, 'home')
+ home = os.path.join(dest, name, 'home')
if path == home or path.startswith(home + os.sep):
return
@@ -1201,18 +1203,20 @@
if '/meta/' not in fullpath:
continue
- content = open(fullpath, encoding='utf-8', errors='ignore').read()
kinda_status_re = re.compile(r"^.*upstream.*status.*$", re.IGNORECASE | re.MULTILINE)
strict_status_re = re.compile(r"^Upstream-Status: (Pending|Submitted|Denied|Accepted|Inappropriate|Backport|Inactive-Upstream)( .+)?$", re.MULTILINE)
- match_kinda = kinda_status_re.search(content)
- match_strict = strict_status_re.search(content)
guidelines = "https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines#Patch_Header_Recommendations:_Upstream-Status"
- if not match_strict:
- if match_kinda:
- bb.error("Malformed Upstream-Status in patch\n%s\nPlease correct according to %s :\n%s" % (fullpath, guidelines, match_kinda.group(0)))
- else:
- bb.error("Missing Upstream-Status in patch\n%s\nPlease add according to %s ." % (fullpath, guidelines))
+ with open(fullpath, encoding='utf-8', errors='ignore') as f:
+ file_content = f.read()
+ match_kinda = kinda_status_re.search(file_content)
+ match_strict = strict_status_re.search(file_content)
+
+ if not match_strict:
+ if match_kinda:
+ bb.error("Malformed Upstream-Status in patch\n%s\nPlease correct according to %s :\n%s" % (fullpath, guidelines, match_kinda.group(0)))
+ else:
+ bb.error("Missing Upstream-Status in patch\n%s\nPlease add according to %s ." % (fullpath, guidelines))
}
python do_qa_configure() {
diff --git a/poky/meta/classes/kernel-arch.bbclass b/poky/meta/classes/kernel-arch.bbclass
index 07ec242..348a3ad 100644
--- a/poky/meta/classes/kernel-arch.bbclass
+++ b/poky/meta/classes/kernel-arch.bbclass
@@ -61,7 +61,7 @@
TARGET_AR_KERNEL_ARCH ?= ""
HOST_AR_KERNEL_ARCH ?= "${TARGET_AR_KERNEL_ARCH}"
-KERNEL_CC = "${CCACHE}${HOST_PREFIX}gcc ${HOST_CC_KERNEL_ARCH} -fuse-ld=bfd ${DEBUG_PREFIX_MAP} -fdebug-prefix-map=${STAGING_KERNEL_DIR}=${KERNEL_SRC_PATH}"
+KERNEL_CC = "${CCACHE}${HOST_PREFIX}gcc ${HOST_CC_KERNEL_ARCH} -fuse-ld=bfd ${DEBUG_PREFIX_MAP} -fdebug-prefix-map=${STAGING_KERNEL_DIR}=${KERNEL_SRC_PATH} -fdebug-prefix-map=${STAGING_KERNEL_BUILDDIR}=${KERNEL_SRC_PATH}"
KERNEL_LD = "${CCACHE}${HOST_PREFIX}ld.bfd ${HOST_LD_KERNEL_ARCH}"
KERNEL_AR = "${CCACHE}${HOST_PREFIX}ar ${HOST_AR_KERNEL_ARCH}"
TOOLCHAIN = "gcc"
diff --git a/poky/meta/classes/kernel-uboot.bbclass b/poky/meta/classes/kernel-uboot.bbclass
index 2daa068..2facade 100644
--- a/poky/meta/classes/kernel-uboot.bbclass
+++ b/poky/meta/classes/kernel-uboot.bbclass
@@ -15,6 +15,12 @@
linux_comp="none"
else
vmlinux_path="vmlinux"
+ # Use vmlinux.initramfs for linux.bin when INITRAMFS_IMAGE_BUNDLE set
+ # As per the implementation in kernel.bbclass.
+ # See do_bundle_initramfs function
+ if [ "${INITRAMFS_IMAGE_BUNDLE}" = "1" ] && [ -e vmlinux.initramfs ]; then
+ vmlinux_path="vmlinux.initramfs"
+ fi
linux_suffix="${FIT_KERNEL_COMP_ALG_EXTENSION}"
linux_comp="${FIT_KERNEL_COMP_ALG}"
fi
diff --git a/poky/meta/classes/kernel-yocto.bbclass b/poky/meta/classes/kernel-yocto.bbclass
index 4cb6388..afccffc 100644
--- a/poky/meta/classes/kernel-yocto.bbclass
+++ b/poky/meta/classes/kernel-yocto.bbclass
@@ -310,6 +310,8 @@
bbnote "KERNEL_FEATURES: $KERNEL_FEATURES_FINAL"
bbnote "Final scc/cfg list: $sccs_defconfig $bsp_definition $sccs $KERNEL_FEATURES_FINAL"
fi
+
+ set -e
}
do_patch() {
@@ -339,6 +341,8 @@
fi
done
fi
+
+ set -e
}
do_kernel_checkout() {
@@ -397,6 +401,8 @@
git commit -q -m "baseline commit: creating repo for ${PN}-${PV}"
git clean -d -f
fi
+
+ set -e
}
do_kernel_checkout[dirs] = "${S} ${WORKDIR}"
@@ -691,6 +697,8 @@
kgit-s2q --clean
fi
fi
+
+ set -e
}
OE_TERMINAL_EXPORTS += "KBUILD_OUTPUT"
diff --git a/poky/meta/classes/license.bbclass b/poky/meta/classes/license.bbclass
index 0c637e9..4ebfc4f 100644
--- a/poky/meta/classes/license.bbclass
+++ b/poky/meta/classes/license.bbclass
@@ -84,17 +84,17 @@
os.link(src, dst)
except OSError as err:
if err.errno == errno.EXDEV:
- # Copy license files if hard-link is not possible even if st_dev is the
+ # Copy license files if hardlink is not possible even if st_dev is the
# same on source and destination (docker container with device-mapper?)
canlink = False
else:
raise
- # Only chown if we did hardling, and, we're running under pseudo
+ # Only chown if we did hardlink and we're running under pseudo
if canlink and os.environ.get('PSEUDO_DISABLED') == '0':
os.chown(dst,0,0)
if not canlink:
- begin_idx = int(beginline)-1 if beginline is not None else None
- end_idx = int(endline) if endline is not None else None
+ begin_idx = max(0, int(beginline) - 1) if beginline is not None else None
+ end_idx = max(0, int(endline)) if endline is not None else None
if begin_idx is None and end_idx is None:
shutil.copyfile(src, dst)
else:
diff --git a/poky/meta/classes/license_image.bbclass b/poky/meta/classes/license_image.bbclass
index 7e1d0e0..3213ea7 100644
--- a/poky/meta/classes/license_image.bbclass
+++ b/poky/meta/classes/license_image.bbclass
@@ -104,6 +104,8 @@
"The license listed %s was not in the "\
"licenses collected for recipe %s"
% (lic, pkg_dic[pkg]["PN"]), d)
+ oe.qa.exit_if_errors(d)
+
# Two options here:
# - Just copy the manifest
# - Copy the manifest and the license directories
diff --git a/poky/meta/classes/meson.bbclass b/poky/meta/classes/meson.bbclass
index 0bfe945..19b54e0 100644
--- a/poky/meta/classes/meson.bbclass
+++ b/poky/meta/classes/meson.bbclass
@@ -59,6 +59,7 @@
[binaries]
c = ${@meson_array('CC', d)}
cpp = ${@meson_array('CXX', d)}
+cython = 'cython3'
ar = ${@meson_array('AR', d)}
nm = ${@meson_array('NM', d)}
strip = ${@meson_array('STRIP', d)}
@@ -98,6 +99,7 @@
[binaries]
c = ${@meson_array('BUILD_CC', d)}
cpp = ${@meson_array('BUILD_CXX', d)}
+cython = 'cython3'
ar = ${@meson_array('BUILD_AR', d)}
nm = ${@meson_array('BUILD_NM', d)}
strip = ${@meson_array('BUILD_STRIP', d)}
diff --git a/poky/meta/classes/overlayfs.bbclass b/poky/meta/classes/overlayfs.bbclass
index 29fced2..f7069ed 100644
--- a/poky/meta/classes/overlayfs.bbclass
+++ b/poky/meta/classes/overlayfs.bbclass
@@ -16,10 +16,18 @@
#
# OVERLAYFS_MOUNT_POINT[data] ?= "/data"
#
-# The class assumes you have a data.mount systemd unit defined in your
-# systemd-machine-units recipe and installed to the image.
+# Per default the class assumes you have a corresponding fstab entry or systemd
+# mount unit (data.mount in this case) for this mount point installed on the
+# image, for instance via a wks script or the systemd-machine-units recipe.
#
-# Then you can specify writable directories on a recipe base
+# If the mount point is handled somewhere else, e.g. custom boot or preinit
+# scripts or in a initramfs, then this QA check can be skipped by adding
+# mount-configured to the related OVERLAYFS_QA_SKIP flag:
+#
+# OVERLAYFS_QA_SKIP[data] = "mount-configured"
+#
+# To use the overlayfs, you just have to specify writable directories inside
+# their recipe:
#
# OVERLAYFS_WRITABLE_PATHS[data] = "/usr/share/my-custom-application"
#
@@ -30,6 +38,10 @@
# OVERLAYFS_MOUNT_POINT[mnt-overlay] = "/mnt/overlay"
# OVERLAYFS_WRITABLE_PATHS[mnt-overlay] = "/usr/share/another-application"
#
+# If your recipe deploys a systemd service, then it should require and be
+# started after the ${PN}-overlays.service to make sure that all overlays are
+# mounted beforehand.
+#
# Note: the class does not support /etc directory itself, because systemd depends on it
# For /etc directory use overlayfs-etc class
diff --git a/poky/meta/classes/package.bbclass b/poky/meta/classes/package.bbclass
index 44fbc32..97e97d2 100644
--- a/poky/meta/classes/package.bbclass
+++ b/poky/meta/classes/package.bbclass
@@ -382,6 +382,11 @@
debugfile = dvar + dest
sources = []
+ if file.endswith(".ko") and file.find("/lib/modules/") != -1:
+ if oe.package.is_kernel_module_signed(file):
+ bb.debug(1, "Skip strip on signed module %s" % file)
+ return (file, sources)
+
# Split the file...
bb.utils.mkdirhier(os.path.dirname(debugfile))
#bb.note("Split %s -> %s" % (file, debugfile))
@@ -553,13 +558,25 @@
strip = d.getVar("STRIP")
objcopy = d.getVar("OBJCOPY")
workdir = d.getVar("WORKDIR")
+ sdir = d.getVar("S")
+ sparentdir = os.path.dirname(os.path.dirname(sdir))
+ sbasedir = os.path.basename(os.path.dirname(sdir)) + "/" + os.path.basename(sdir)
workparentdir = os.path.dirname(os.path.dirname(workdir))
workbasedir = os.path.basename(os.path.dirname(workdir)) + "/" + os.path.basename(workdir)
+ # If S isnt based on WORKDIR we can infer our sources are located elsewhere,
+ # e.g. using externalsrc; use S as base for our dirs
+ if workdir in sdir or 'work-shared' in sdir:
+ basedir = workbasedir
+ parentdir = workparentdir
+ else:
+ basedir = sbasedir
+ parentdir = sparentdir
+
# If build path exists in sourcefile, it means toolchain did not use
# -fdebug-prefix-map to compile
if checkbuildpath(sourcefile, d):
- localsrc_prefix = workparentdir + "/"
+ localsrc_prefix = parentdir + "/"
else:
localsrc_prefix = "/usr/src/debug/"
@@ -581,7 +598,7 @@
processdebugsrc += "sed 's#%s##g' | "
processdebugsrc += "(cd '%s' ; cpio -pd0mlL --no-preserve-owner '%s%s' 2>/dev/null)"
- cmd = processdebugsrc % (sourcefile, workbasedir, localsrc_prefix, workparentdir, dvar, debugsrcdir)
+ cmd = processdebugsrc % (sourcefile, basedir, localsrc_prefix, parentdir, dvar, debugsrcdir)
try:
subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
except subprocess.CalledProcessError:
@@ -591,9 +608,22 @@
# cpio seems to have a bug with -lL together and symbolic links are just copied, not dereferenced.
# Work around this by manually finding and copying any symbolic links that made it through.
cmd = "find %s%s -type l -print0 -delete | sed s#%s%s/##g | (cd '%s' ; cpio -pd0mL --no-preserve-owner '%s%s')" % \
- (dvar, debugsrcdir, dvar, debugsrcdir, workparentdir, dvar, debugsrcdir)
+ (dvar, debugsrcdir, dvar, debugsrcdir, parentdir, dvar, debugsrcdir)
subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
+
+ # debugsources.list may be polluted from the host if we used externalsrc,
+ # cpio uses copy-pass and may have just created a directory structure
+ # matching the one from the host, if thats the case move those files to
+ # debugsrcdir to avoid host contamination.
+ # Empty dir structure will be deleted in the next step.
+
+ # Same check as above for externalsrc
+ if workdir not in sdir:
+ if os.path.exists(dvar + debugsrcdir + sdir):
+ cmd = "mv %s%s%s/* %s%s" % (dvar, debugsrcdir, sdir, dvar,debugsrcdir)
+ subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
+
# The copy by cpio may have resulted in some empty directories! Remove these
cmd = "find %s%s -empty -type d -delete" % (dvar, debugsrcdir)
subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
@@ -662,7 +692,10 @@
# Used by do_packagedata (and possibly other routines post do_package)
#
+PRSERV_ACTIVE = "${@bool(d.getVar("PRSERV_HOST"))}"
+PRSERV_ACTIVE[vardepvalue] = "${PRSERV_ACTIVE}"
package_get_auto_pr[vardepsexclude] = "BB_TASKDEPDATA"
+package_get_auto_pr[vardeps] += "PRSERV_ACTIVE"
python package_get_auto_pr() {
import oe.prservice
diff --git a/poky/meta/classes/pypi.bbclass b/poky/meta/classes/pypi.bbclass
index 9405d58..5fa7b8a 100644
--- a/poky/meta/classes/pypi.bbclass
+++ b/poky/meta/classes/pypi.bbclass
@@ -24,3 +24,5 @@
UPSTREAM_CHECK_URI ?= "https://pypi.org/project/${PYPI_PACKAGE}/"
UPSTREAM_CHECK_REGEX ?= "/${PYPI_PACKAGE}/(?P<pver>(\d+[\.\-_]*)+)/"
+
+CVE_PRODUCT ?= "python:${PYPI_PACKAGE}"
diff --git a/poky/meta/classes/rootfs-postcommands.bbclass b/poky/meta/classes/rootfs-postcommands.bbclass
index 7b92df6..fc17961 100644
--- a/poky/meta/classes/rootfs-postcommands.bbclass
+++ b/poky/meta/classes/rootfs-postcommands.bbclass
@@ -1,5 +1,5 @@
-# Zap the root password if debug-tweaks feature is not enabled
+# Zap the root password if debug-tweaks and empty-root-password features are not enabled
ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'empty-root-password' ], "", "zap_empty_root_password; ",d)}'
# Allow dropbear/openssh to accept logins from accounts with an empty password string if debug-tweaks or allow-empty-password is enabled
@@ -8,7 +8,7 @@
# Allow dropbear/openssh to accept root logins if debug-tweaks or allow-root-login is enabled
ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'allow-root-login' ], "ssh_allow_root_login; ", "",d)}'
-# Enable postinst logging if debug-tweaks is enabled
+# Enable postinst logging if debug-tweaks or post-install-logging is enabled
ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'post-install-logging' ], "postinst_enable_logging; ", "",d)}'
# Create /etc/timestamp during image construction to give a reasonably sane default time setting
@@ -140,7 +140,7 @@
}
#
-# This function is intended to disallow empty root password if 'debug-tweaks' is not in IMAGE_FEATURES.
+# This function disallows empty root passwords
#
zap_empty_root_password () {
if [ -e ${IMAGE_ROOTFS}/etc/shadow ]; then
@@ -202,7 +202,7 @@
}
#
-# Enable postinst logging if debug-tweaks is enabled
+# Enable postinst logging
#
postinst_enable_logging () {
mkdir -p ${IMAGE_ROOTFS}${sysconfdir}/default
@@ -267,9 +267,10 @@
if os.path.exists(manifest_name) and link_name:
manifest_link = deploy_dir + "/" + link_name + ".manifest"
- if os.path.lexists(manifest_link):
- os.remove(manifest_link)
- os.symlink(os.path.basename(manifest_name), manifest_link)
+ if manifest_link != manifest_name:
+ if os.path.lexists(manifest_link):
+ os.remove(manifest_link)
+ os.symlink(os.path.basename(manifest_name), manifest_link)
}
# Can be used to create /etc/timestamp during image construction to give a reasonably
@@ -339,9 +340,10 @@
if os.path.exists(testdata_name) and link_name:
testdata_link = os.path.join(deploy_dir, "%s.testdata.json" % link_name)
- if os.path.lexists(testdata_link):
- os.remove(testdata_link)
- os.symlink(os.path.basename(testdata_name), testdata_link)
+ if testdata_link != testdata_name:
+ if os.path.lexists(testdata_link):
+ os.remove(testdata_link)
+ os.symlink(os.path.basename(testdata_name), testdata_link)
}
write_image_test_data[vardepsexclude] += "TOPDIR"
@@ -398,6 +400,10 @@
allUnitExist = True;
for mountPoint in overlayMountPoints:
+ qaSkip = (d.getVarFlag("OVERLAYFS_QA_SKIP", mountPoint) or "").split()
+ if "mount-configured" in qaSkip:
+ continue
+
mountPath = d.getVarFlag('OVERLAYFS_MOUNT_POINT', mountPoint)
if mountPath in fstabDevices:
continue
@@ -407,8 +413,10 @@
for dirpath in searchpaths):
continue
- bb.warn('Mount path %s not found in fstat and unit %s not found '
- 'in systemd unit directories' % (mountPath, mountUnit))
+ bb.warn(f'Mount path {mountPath} not found in fstab and unit '
+ f'{mountUnit} not found in systemd unit directories.')
+ bb.warn(f'Skip this check by setting OVERLAYFS_QA_SKIP[{mountPoint}] = '
+ '"mount-configured"')
allUnitExist = False;
if not allUnitExist:
diff --git a/poky/meta/classes/rust-common.bbclass b/poky/meta/classes/rust-common.bbclass
index 02a5382..cb811ac 100644
--- a/poky/meta/classes/rust-common.bbclass
+++ b/poky/meta/classes/rust-common.bbclass
@@ -117,8 +117,11 @@
# its likely best to not use the triple suffix due to potential confusion.
RUST_BUILD_SYS = "${@rust_base_triple(d, 'BUILD')}"
+RUST_BUILD_SYS[vardepvalue] = "${RUST_BUILD_SYS}"
RUST_HOST_SYS = "${@rust_base_triple(d, 'HOST')}"
+RUST_HOST_SYS[vardepvalue] = "${RUST_HOST_SYS}"
RUST_TARGET_SYS = "${@rust_base_triple(d, 'TARGET')}"
+RUST_TARGET_SYS[vardepvalue] = "${RUST_TARGET_SYS}"
# wrappers to get around the fact that Rust needs a single
# binary but Yocto's compiler and linker commands have
diff --git a/poky/meta/classes/sanity.bbclass b/poky/meta/classes/sanity.bbclass
index c72a7b3..b1fac10 100644
--- a/poky/meta/classes/sanity.bbclass
+++ b/poky/meta/classes/sanity.bbclass
@@ -432,8 +432,7 @@
except subprocess.CalledProcessError as e:
return "Unable to execute patch --version, exit code %d:\n%s\n" % (e.returncode, e.output)
-# Unpatched versions of make 3.82 are known to be broken. See GNU Savannah Bug 30612.
-# Use a modified reproducer from http://savannah.gnu.org/bugs/?30612 to validate.
+# Glibc needs make 4.0 or later, we may as well match at this point
def check_make_version(sanity_data):
import subprocess
@@ -442,35 +441,12 @@
except subprocess.CalledProcessError as e:
return "Unable to execute make --version, exit code %d\n%s\n" % (e.returncode, e.output)
version = result.split()[2]
- if bb.utils.vercmp_string_op(version, "3.82", "=="):
- # Construct a test file
- f = open("makefile_test", "w")
- f.write("makefile_test.a: makefile_test_a.c makefile_test_b.c makefile_test.a( makefile_test_a.c makefile_test_b.c)\n")
- f.write("\n")
- f.write("makefile_test_a.c:\n")
- f.write(" touch $@\n")
- f.write("\n")
- f.write("makefile_test_b.c:\n")
- f.write(" touch $@\n")
- f.close()
-
- # Check if make 3.82 has been patched
- try:
- subprocess.check_call(['make', '-f', 'makefile_test'])
- except subprocess.CalledProcessError as e:
- return "Your version of make 3.82 is broken. Please revert to 3.81 or install a patched version.\n"
- finally:
- os.remove("makefile_test")
- if os.path.exists("makefile_test_a.c"):
- os.remove("makefile_test_a.c")
- if os.path.exists("makefile_test_b.c"):
- os.remove("makefile_test_b.c")
- if os.path.exists("makefile_test.a"):
- os.remove("makefile_test.a")
+ if bb.utils.vercmp_string_op(version, "4.0", "<"):
+ return "Please install a make version of 4.0 or later.\n"
if bb.utils.vercmp_string_op(version, "4.2.1", "=="):
distro = oe.lsb.distro_identifier()
- if "ubuntu" in distro or "debian" in distro:
+ if "ubuntu" in distro or "debian" in distro or "linuxmint" in distro:
return None
return "make version 4.2.1 is known to have issues on Centos/OpenSUSE and other non-Ubuntu systems. Please use a buildtools-make-tarball or a newer version of make.\n"
return None
@@ -882,7 +858,7 @@
mirror_vars = ['MIRRORS', 'PREMIRRORS', 'SSTATE_MIRRORS']
protocols = ['http', 'ftp', 'file', 'https', \
'git', 'gitsm', 'hg', 'osc', 'p4', 'svn', \
- 'bzr', 'cvs', 'npm', 'sftp', 'ssh', 's3', 'az' ]
+ 'bzr', 'cvs', 'npm', 'sftp', 'ssh', 's3', 'az', 'ftps']
for mirror_var in mirror_vars:
mirrors = (d.getVar(mirror_var) or '').replace('\\n', ' ').split()
diff --git a/poky/meta/classes/sstate.bbclass b/poky/meta/classes/sstate.bbclass
index 1c0cae4..3513269 100644
--- a/poky/meta/classes/sstate.bbclass
+++ b/poky/meta/classes/sstate.bbclass
@@ -1,4 +1,4 @@
-SSTATE_VERSION = "8"
+SSTATE_VERSION = "10"
SSTATE_ZSTD_CLEVEL ??= "8"
diff --git a/poky/meta/classes/staging.bbclass b/poky/meta/classes/staging.bbclass
index 9fc8f4f..bf8ca58 100644
--- a/poky/meta/classes/staging.bbclass
+++ b/poky/meta/classes/staging.bbclass
@@ -352,7 +352,7 @@
#bb.note(" start is %s" % str(start))
# Direct dependencies should be present and can be depended upon
- for dep in set(start):
+ for dep in sorted(set(start)):
if setscenedeps[dep][1] == "do_populate_sysroot":
if dep not in configuredeps:
configuredeps.append(dep)
@@ -404,7 +404,9 @@
# All files that we're going to be installing, to find conflicts.
fileset = {}
+ invalidate_tasks = set()
for f in os.listdir(depdir):
+ removed = []
if not f.endswith(".complete"):
continue
f = depdir + "/" + f
@@ -414,6 +416,28 @@
sstate_clean_manifest(depdir + "/" + lnk, d, canrace=True, prefix=workdir)
os.unlink(f)
os.unlink(f.replace(".complete", ""))
+ removed.append(os.path.basename(f.replace(".complete", "")))
+
+ # If we've removed files from the sysroot above, the task that installed them may still
+ # have a stamp file present for the task. This is probably invalid right now but may become
+ # valid again if the user were to change configuration back for example. Since we've removed
+ # the files a task might need, remove the stamp file too to force it to rerun.
+ # YOCTO #14790
+ if removed:
+ for i in glob.glob(depdir + "/index.*"):
+ if i.endswith("." + mytaskname):
+ continue
+ with open(i, "r") as f:
+ for l in f:
+ if l.startswith("TaskDeps:"):
+ continue
+ l = l.strip()
+ if l in removed:
+ invalidate_tasks.add(i.rsplit(".", 1)[1])
+ break
+ for t in invalidate_tasks:
+ bb.note("Invalidating stamps for task %s" % t)
+ bb.build.clean_stamp(t, d)
installed = []
for dep in configuredeps:
diff --git a/poky/meta/classes/uboot-sign.bbclass b/poky/meta/classes/uboot-sign.bbclass
index 4ca8118..31ffe1f 100644
--- a/poky/meta/classes/uboot-sign.bbclass
+++ b/poky/meta/classes/uboot-sign.bbclass
@@ -134,6 +134,8 @@
if [ -n "${UBOOT_CONFIG}" ]
then
+ i=0
+ j=0
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
diff --git a/poky/meta/conf/abi_version.conf b/poky/meta/conf/abi_version.conf
index 2a08b12..c716bd7 100644
--- a/poky/meta/conf/abi_version.conf
+++ b/poky/meta/conf/abi_version.conf
@@ -12,4 +12,4 @@
# a reset of the equivalence, for example when reproducibility issues break the
# existing match data. Distros can also append to this value for the same effect.
#
-HASHEQUIV_HASH_VERSION = "12"
+HASHEQUIV_HASH_VERSION = "14"
diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf
index 1deba8d..2a3cf6f 100644
--- a/poky/meta/conf/bitbake.conf
+++ b/poky/meta/conf/bitbake.conf
@@ -386,8 +386,8 @@
# General work and output directories for the build system.
##################################################################
-TCMODE ?= "default"
-TCLIBC ?= "glibc"
+TCMODE ??= "default"
+TCLIBC ??= "glibc"
TMPDIR ?= "${TOPDIR}/tmp"
CACHE = "${TMPDIR}/cache/${TCMODE}-${TCLIBC}${@['', '/' + str(d.getVar('MACHINE'))][bool(d.getVar('MACHINE'))]}${@['', '/' + str(d.getVar('SDKMACHINE'))][bool(d.getVar('SDKMACHINE'))]}"
@@ -776,18 +776,10 @@
export PKG_CONFIG_SYSTEM_LIBRARY_PATH = "${base_libdir}:${libdir}"
export PKG_CONFIG_SYSTEM_INCLUDE_PATH = "${includedir}"
-# Git configuration
-
# Don't allow git to chdir up past WORKDIR so that it doesn't detect the OE
# repository when building a recipe
export GIT_CEILING_DIRECTORIES = "${WORKDIR}"
-# Treat all directories are safe, as during fakeroot tasks git will run as
-# root so recent git releases (eg 2.30.3) will refuse to work on repositories. See
-# https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9 for
-# further details.
-export GIT_CONFIG_PARAMETERS="'safe.directory=*'"
-
###
### Config file processing
###
diff --git a/poky/meta/conf/distro/include/cve-extra-exclusions.inc b/poky/meta/conf/distro/include/cve-extra-exclusions.inc
index 6c19cd2..8b5f8d4 100644
--- a/poky/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/poky/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -53,24 +53,61 @@
CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \
CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981"
-#### CPE update pending ####
-# groff:groff-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0803
-# Appears it was fixed in https://git.savannah.gnu.org/cgit/groff.git/commit/?id=07f95f1674217275ed4612f1dcaa95a88435c6a7
-# so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.
-#CVE_CHECK_IGNORE += "CVE-2000-0803"
+#
+# Kernel CVEs, e.g. linux-yocto*
+#
+# For OE-Core our policy is to stay as close to the kernel stable releases as we can. This should
+# ensure the bulk of the major kernel CVEs are fixed and we don't dive into each individual issue
+# as the stable maintainers are much more able to do that.
+#
+# Rather than just ignore all kernel CVEs, list the ones we ignore on this basis here, allowing new
+# issues to be visible. If anyone wishes to clean up CPE entries with NIST for these, we'd
+# welcome than and then entries can likely be removed from here.
+#
+# 1999-2010
+CVE_CHECK_IGNORE += "CVE-1999-0524 CVE-1999-0656 CVE-2006-2932 CVE-2007-2764 CVE-2007-4998 CVE-2008-2544 \
+ CVE-2008-4609 CVE-2010-0298 CVE-2010-4563"
+# 2011-2017
+CVE_CHECK_IGNORE += "CVE-2011-0640 CVE-2014-2648 CVE-2014-8171 CVE-2016-0774 CVE-2016-3695 CVE-2016-3699 \
+ CVE-2017-1000255 CVE-2017-1000377 CVE-2017-5897 CVE-2017-6264"
+# 2018
+CVE_CHECK_IGNORE += "CVE-2018-1000026 CVE-2018-10840 CVE-2018-10876 CVE-2018-10882 CVE-2018-10901 CVE-2018-10902 \
+ CVE-2018-14625 CVE-2018-16880 CVE-2018-16884 CVE-2018-5873 CVE-2018-6559"
+# 2019
+CVE_CHECK_IGNORE += "CVE-2019-10126 CVE-2019-14899 CVE-2019-18910 CVE-2019-3016 CVE-2019-3819 CVE-2019-3846 CVE-2019-3887"
+# 2020
+CVE_CHECK_IGNORE += "CVE-2020-10732 CVE-2020-10742 CVE-2020-16119 CVE-2020-1749 CVE-2020-25672 CVE-2020-27820 CVE-2020-35501 CVE-2020-8834"
+# 2021
+CVE_CHECK_IGNORE += "CVE-2021-20194 CVE-2021-20226 CVE-2021-20265 CVE-2021-3564 CVE-2021-3743 CVE-2021-3847 CVE-2021-4002 \
+ CVE-2021-4090 CVE-2021-4095 CVE-2021-4197 CVE-2021-4202 CVE-2021-44879 CVE-2021-45402"
+# 2022
+CVE_CHECK_IGNORE += "CVE-2022-0185 CVE-2022-0264 CVE-2022-0286 CVE-2022-0330 CVE-2022-0382 CVE-2022-0433 CVE-2022-0435 \
+ CVE-2022-0492 CVE-2022-0494 CVE-2022-0500 CVE-2022-0516 CVE-2022-0617 CVE-2022-0742 CVE-2022-0854 \
+ CVE-2022-0995 CVE-2022-0998 CVE-2022-1011 CVE-2022-1015 CVE-2022-1048 CVE-2022-1055 CVE-2022-1195 \
+ CVE-2022-1353 CVE-2022-24122 CVE-2022-24448 CVE-2022-24958 CVE-2022-24959 CVE-2022-25258 CVE-2022-25265 \
+ CVE-2022-25375 CVE-2022-26490 CVE-2022-26878 CVE-2022-26966 CVE-2022-27223 CVE-2022-27666 CVE-2022-27950 \
+ CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-28796 CVE-2022-28893 CVE-2022-29156 \
+ CVE-2022-29582 CVE-2022-29968"
-
-#### Upstream still working on ####
-
# qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255
# There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html
-# however qemu maintainers are sure the patch is incorrect and should not be applied.
+# qemu maintainers say the patch is incorrect and should not be applied
+# Ignore from OE's perspectivee as the issue is of low impact, at worst sitting in an infinite loop rather than exploitable
+CVE_CHECK_IGNORE += "CVE-2021-20255"
-# wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879
-# https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
-# No response upstream as of 2021/5/12
+# qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067
+# There was a proposed patch but rejected by upstream qemu. It is unclear if the issue can
+# still be reproduced or where exactly any bug is.
+# Ignore from OE's perspective as we'll pick up any fix when upstream accepts one.
+CVE_CHECK_IGNORE += "CVE-2019-12067"
+
+# nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18974
+# It is a fuzzing related buffer overflow. It is of low impact since most devices
+# wouldn't expose an assembler. The upstream is inactive and there is little to be
+# done about the bug, ignore from an OE perspective.
+CVE_CHECK_IGNORE += "CVE-2020-18974"
diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc
index 2c5e730..0a1897f 100644
--- a/poky/meta/conf/distro/include/maintainers.inc
+++ b/poky/meta/conf/distro/include/maintainers.inc
@@ -189,7 +189,7 @@
RECIPE_MAINTAINER:pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>"
-RECIPE_MAINTAINER:pn-gcc-source-11.2.0 = "Khem Raj <raj.khem@gmail.com>"
+RECIPE_MAINTAINER:pn-gcc-source-11.3.0 = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gconf = "Ross Burton <ross.burton@arm.com>"
RECIPE_MAINTAINER:pn-gcr = "Alexander Kanavin <alex.kanavin@gmail.com>"
RECIPE_MAINTAINER:pn-gdb = "Khem Raj <raj.khem@gmail.com>"
diff --git a/poky/meta/conf/machine/include/powerpc/tune-ppc603e.inc b/poky/meta/conf/machine/include/powerpc/tune-ppc603e.inc
index 8beec00..28680bd 100644
--- a/poky/meta/conf/machine/include/powerpc/tune-ppc603e.inc
+++ b/poky/meta/conf/machine/include/powerpc/tune-ppc603e.inc
@@ -9,6 +9,3 @@
TUNE_FEATURES:tune-ppc603e = "m32 fpu-hard ppc603e bigendian"
TUNE_PKGARCH:tune-ppc603e = "ppc603e"
PACKAGE_EXTRA_ARCHS:tune-ppc603e = "${PACKAGE_EXTRA_ARCHS:tune-powerpc} ppc603e"
-
-# glibc configure options to get 603e specific library (for sqrt)
-GLIBC_EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'ppc603e', '-with-cpu=603e', '', d)}"
diff --git a/poky/meta/conf/machine/include/powerpc/tune-ppc7400.inc b/poky/meta/conf/machine/include/powerpc/tune-ppc7400.inc
index 1e2c9fc..49b94f5 100644
--- a/poky/meta/conf/machine/include/powerpc/tune-ppc7400.inc
+++ b/poky/meta/conf/machine/include/powerpc/tune-ppc7400.inc
@@ -9,6 +9,3 @@
TUNE_FEATURES:tune-ppc7400 = "m32 fpu-hard ppc7400 altivec bigendian"
TUNE_PKGARCH:tune-ppc7400 = "ppc7400"
PACKAGE_EXTRA_ARCHS:tune-ppc7400 = "${PACKAGE_EXTRA_ARCHS:tune-powerpc} ppc7400"
-
-# glibc configure options to get 7400 specific library (for sqrt)
-#GLIBC_EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'ppc7400', '--with-cpu=power4', '', d)}"
diff --git a/poky/meta/conf/machine/include/powerpc/tune-ppce300c3.inc b/poky/meta/conf/machine/include/powerpc/tune-ppce300c3.inc
index b74b6ad..31aff51 100644
--- a/poky/meta/conf/machine/include/powerpc/tune-ppce300c3.inc
+++ b/poky/meta/conf/machine/include/powerpc/tune-ppce300c3.inc
@@ -11,9 +11,6 @@
PACKAGE_EXTRA_ARCHS:tune-ppce300c3 = "${PACKAGE_EXTRA_ARCHS:tune-powerpc} ppce300c3"
TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'ppce300c3', ' -mcpu=e300c3', '', d)}"
-# glibc config options to make use of e300c3 (603e) specific sqrt/sqrtf routines
-GLIBC_EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'ppce300c3', '--with-cpu=e300c3', '', d)}"
-
# soft-float
TUNEVALID[ppce300c3-nf] = "Enable ppce300c3 specific processor optimizations (no fpu)"
TUNE_FEATURES:tune-ppce300c3-nf = "${TUNE_FEATURES:tune-powerpc-nf} ppce300c3-nf"
diff --git a/poky/meta/conf/machine/include/powerpc/tune-ppce500mc.inc b/poky/meta/conf/machine/include/powerpc/tune-ppce500mc.inc
index e3524a1..036f8b2 100644
--- a/poky/meta/conf/machine/include/powerpc/tune-ppce500mc.inc
+++ b/poky/meta/conf/machine/include/powerpc/tune-ppce500mc.inc
@@ -10,8 +10,5 @@
TUNE_PKGARCH:tune-ppce500mc = "ppce500mc"
PACKAGE_EXTRA_ARCHS:tune-ppce500mc = "${PACKAGE_EXTRA_ARCHS:tune-powerpc} ppce500mc"
-# glibc configure options to get e500mc specific library (for sqrt)
-GLIBC_EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'ppce500mc', '-with-cpu=e500mc', '', d)}"
-
# pass -mcpu=e500mc for ppce500mc kernel cross compile
TARGET_CC_KERNEL_ARCH = "-mcpu=e500mc"
diff --git a/poky/meta/conf/machine/include/powerpc/tune-ppce5500.inc b/poky/meta/conf/machine/include/powerpc/tune-ppce5500.inc
index 2cf7b17..4915b81 100644
--- a/poky/meta/conf/machine/include/powerpc/tune-ppce5500.inc
+++ b/poky/meta/conf/machine/include/powerpc/tune-ppce5500.inc
@@ -16,8 +16,5 @@
TUNE_PKGARCH:tune-ppc64e5500 = "ppc64e5500"
PACKAGE_EXTRA_ARCHS:tune-ppc64e5500 = "${PACKAGE_EXTRA_ARCHS:tune-powerpc64} ppc64e5500"
-# glibc configure options to get e5500 specific library (for sqrt)
-GLIBC_EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'e5500', '--with-cpu=e5500', '', d)}"
-
# QEMU usermode fails with invalid instruction error (YOCTO: #10304)
MACHINE_FEATURES_BACKFILL_CONSIDERED:append = "${@bb.utils.contains('TUNE_FEATURES', 'e5500', ' qemu-usermode', '', d)}"
diff --git a/poky/meta/conf/machine/include/powerpc/tune-ppce6500.inc b/poky/meta/conf/machine/include/powerpc/tune-ppce6500.inc
index e78de35..f6310ab 100644
--- a/poky/meta/conf/machine/include/powerpc/tune-ppce6500.inc
+++ b/poky/meta/conf/machine/include/powerpc/tune-ppce6500.inc
@@ -16,9 +16,5 @@
TUNE_PKGARCH:tune-ppc64e6500 = "ppc64e6500"
PACKAGE_EXTRA_ARCHS:tune-ppc64e6500 = "${PACKAGE_EXTRA_ARCHS:tune-powerpc64} ppc64e6500"
-# glibc configure options to get e6500 specific library
-GLIBC_EXTRA_OECONF:powerpc64 += "${@bb.utils.contains('TUNE_FEATURES', 'e6500', '--with-cpu=e6500', '', d)}"
-GLIBC_EXTRA_OECONF:powerpc += "${@bb.utils.contains('TUNE_FEATURES', 'e6500', '--with-cpu=e6500', '', d)}"
-
# QEMU usermode fails with invalid instruction error (YOCTO: #10304)
MACHINE_FEATURES_BACKFILL_CONSIDERED:append = "${@bb.utils.contains('TUNE_FEATURES', 'e6500', ' qemu-usermode', '', d)}"
diff --git a/poky/meta/conf/machine/qemuarmv5.conf b/poky/meta/conf/machine/qemuarmv5.conf
index 2dad504..abdae5f 100644
--- a/poky/meta/conf/machine/qemuarmv5.conf
+++ b/poky/meta/conf/machine/qemuarmv5.conf
@@ -15,7 +15,7 @@
QB_KERNEL_CMDLINE_APPEND = "vmalloc=256"
QB_GRAPHICS = "-device virtio-gpu-pci"
QB_OPT_APPEND = "-device qemu-xhci -device usb-tablet -device usb-kbd"
-PREFERRED_VERSION_linux-yocto ??= "5.15%"
QB_DTB = "${@oe.utils.version_less_or_equal('PREFERRED_VERSION_linux-yocto', '4.7', '', 'zImage-versatile-pb.dtb', d)}"
-KMACHINE:qemuarmv5 = "qemuarm"
+PREFERRED_VERSION_linux-yocto ??= "5.15%"
+KMACHINE:qemuarmv5 = "arm-versatile-926ejs"
diff --git a/poky/meta/lib/oe/cve_check.py b/poky/meta/lib/oe/cve_check.py
index dc7d2e2..aa06497 100644
--- a/poky/meta/lib/oe/cve_check.py
+++ b/poky/meta/lib/oe/cve_check.py
@@ -163,3 +163,13 @@
return
output["package"].append(data["package"][0])
+
+def update_symlinks(target_path, link_path):
+ """
+ Update a symbolic link link_path to point to target_path.
+ Remove the link and recreate it if exist and is different.
+ """
+ if link_path != target_path and os.path.exists(target_path):
+ if os.path.exists(os.path.realpath(link_path)):
+ os.remove(link_path)
+ os.symlink(os.path.basename(target_path), link_path)
diff --git a/poky/meta/lib/oe/patch.py b/poky/meta/lib/oe/patch.py
index 9034fca..4ec9cae 100644
--- a/poky/meta/lib/oe/patch.py
+++ b/poky/meta/lib/oe/patch.py
@@ -299,10 +299,10 @@
PatchTree.__init__(self, dir, d)
self.commituser = d.getVar('PATCH_GIT_USER_NAME')
self.commitemail = d.getVar('PATCH_GIT_USER_EMAIL')
- if not self._isInitialized():
+ if not self._isInitialized(d):
self._initRepo()
- def _isInitialized(self):
+ def _isInitialized(self, d):
cmd = "git rev-parse --show-toplevel"
try:
output = runcmd(cmd.split(), self.dir).strip()
@@ -310,8 +310,8 @@
## runcmd returned non-zero which most likely means 128
## Not a git directory
return False
- ## Make sure repo is in builddir to not break top-level git repos
- return os.path.samefile(output, self.dir)
+ ## Make sure repo is in builddir to not break top-level git repos, or under workdir
+ return os.path.samefile(output, self.dir) or oe.path.is_path_parent(d.getVar('WORKDIR'), output)
def _initRepo(self):
runcmd("git init".split(), self.dir)
@@ -598,6 +598,8 @@
def Clean(self):
try:
+ # make sure that patches/series file exists before quilt pop to keep quilt-0.67 happy
+ open(os.path.join(self.dir, "patches","series"), 'a').close()
self._runcmd(["pop", "-a", "-f"])
oe.path.remove(os.path.join(self.dir, "patches","series"))
except Exception:
diff --git a/poky/meta/lib/oe/recipeutils.py b/poky/meta/lib/oe/recipeutils.py
index 872ff97..b04992c 100644
--- a/poky/meta/lib/oe/recipeutils.py
+++ b/poky/meta/lib/oe/recipeutils.py
@@ -666,7 +666,7 @@
return (appendpath, pathok)
-def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, machine=None, extralines=None, removevalues=None, redirect_output=None):
+def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, machine=None, extralines=None, removevalues=None, redirect_output=None, params=None):
"""
Writes a bbappend file for a recipe
Parameters:
@@ -696,6 +696,9 @@
redirect_output:
If specified, redirects writing the output file to the
specified directory (for dry-run purposes)
+ params:
+ Parameters to use when adding entries to SRC_URI. If specified,
+ should be a list of dicts with the same length as srcfiles.
"""
if not removevalues:
@@ -762,12 +765,14 @@
copyfiles = {}
if srcfiles:
instfunclines = []
- for newfile, origsrcfile in srcfiles.items():
+ for i, (newfile, origsrcfile) in enumerate(srcfiles.items()):
srcfile = origsrcfile
srcurientry = None
if not srcfile:
srcfile = os.path.basename(newfile)
srcurientry = 'file://%s' % srcfile
+ if params and params[i]:
+ srcurientry = '%s;%s' % (srcurientry, ';'.join('%s=%s' % (k,v) for k,v in params[i].items()))
# Double-check it's not there already
# FIXME do we care if the entry is added by another bbappend that might go away?
if not srcurientry in rd.getVar('SRC_URI').split():
diff --git a/poky/meta/lib/oe/rootfs.py b/poky/meta/lib/oe/rootfs.py
index 98cf3f2..9e6b411 100644
--- a/poky/meta/lib/oe/rootfs.py
+++ b/poky/meta/lib/oe/rootfs.py
@@ -311,7 +311,7 @@
def _check_for_kernel_modules(self, modules_dir):
for root, dirs, files in os.walk(modules_dir, topdown=True):
for name in files:
- found_ko = name.endswith((".ko", ".ko.gz", ".ko.xz"))
+ found_ko = name.endswith((".ko", ".ko.gz", ".ko.xz", ".ko.zst"))
if found_ko:
return found_ko
return False
@@ -328,7 +328,9 @@
if not os.path.exists(kernel_abi_ver_file):
bb.fatal("No kernel-abiversion file found (%s), cannot run depmod, aborting" % kernel_abi_ver_file)
- kernel_ver = open(kernel_abi_ver_file).read().strip(' \n')
+ with open(kernel_abi_ver_file) as f:
+ kernel_ver = f.read().strip(' \n')
+
versioned_modules_dir = os.path.join(self.image_rootfs, modules_dir, kernel_ver)
bb.utils.mkdirhier(versioned_modules_dir)
diff --git a/poky/meta/lib/oe/sstatesig.py b/poky/meta/lib/oe/sstatesig.py
index 2cf858e..7150bd0 100644
--- a/poky/meta/lib/oe/sstatesig.py
+++ b/poky/meta/lib/oe/sstatesig.py
@@ -382,13 +382,13 @@
localdata.setVar('PV', '*')
localdata.setVar('PR', '*')
localdata.setVar('BB_TASKHASH', hashval)
+ localdata.setVar('SSTATE_CURRTASK', taskname[3:])
swspec = localdata.getVar('SSTATE_SWSPEC')
if taskname in ['do_fetch', 'do_unpack', 'do_patch', 'do_populate_lic', 'do_preconfigure'] and swspec:
localdata.setVar('SSTATE_PKGSPEC', '${SSTATE_SWSPEC}')
elif pn.endswith('-native') or "-cross-" in pn or "-crosssdk-" in pn:
localdata.setVar('SSTATE_EXTRAPATH', "${NATIVELSBSTRING}/")
- sstatename = taskname[3:]
- filespec = '%s_%s.*.siginfo' % (localdata.getVar('SSTATE_PKG'), sstatename)
+ filespec = '%s.siginfo' % localdata.getVar('SSTATE_PKG')
matchedfiles = glob.glob(filespec)
for fullpath in matchedfiles:
diff --git a/poky/meta/lib/oeqa/runtime/cases/scp.py b/poky/meta/lib/oeqa/runtime/cases/scp.py
index 3a5f292..f2bbc94 100644
--- a/poky/meta/lib/oeqa/runtime/cases/scp.py
+++ b/poky/meta/lib/oeqa/runtime/cases/scp.py
@@ -23,7 +23,7 @@
os.remove(cls.tmp_path)
@OETestDepends(['ssh.SSHTest.test_ssh'])
- @OEHasPackage(['openssh-scp', 'dropbear'])
+ @OEHasPackage(['openssh-scp'])
def test_scp_file(self):
dst = '/tmp/test_scp_file'
diff --git a/poky/meta/lib/oeqa/sdk/cases/python.py b/poky/meta/lib/oeqa/sdk/cases/python.py
index a334abc..d43354c 100644
--- a/poky/meta/lib/oeqa/sdk/cases/python.py
+++ b/poky/meta/lib/oeqa/sdk/cases/python.py
@@ -8,17 +8,6 @@
from oeqa.utils.subprocesstweak import errors_have_output
errors_have_output()
-class Python2Test(OESDKTestCase):
- def setUp(self):
- if not (self.tc.hasHostPackage("nativesdk-python-core") or
- self.tc.hasHostPackage("python-core-native")):
- raise unittest.SkipTest("No python package in the SDK")
-
- def test_python2(self):
- cmd = "python -c \"import codecs; print(codecs.encode('Uryyb, jbeyq', 'rot13'))\""
- output = self._run(cmd)
- self.assertEqual(output, "Hello, world\n")
-
class Python3Test(OESDKTestCase):
def setUp(self):
if not (self.tc.hasHostPackage("nativesdk-python3-core") or
diff --git a/poky/meta/lib/oeqa/selftest/cases/cve_check.py b/poky/meta/lib/oeqa/selftest/cases/cve_check.py
index d1947ba..d0b2213 100644
--- a/poky/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/poky/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -1,9 +1,13 @@
-from oe.cve_check import Version
+import json
+import os
from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_vars
class CVECheck(OESelftestTestCase):
def test_version_compare(self):
+ from oe.cve_check import Version
+
result = Version("100") > Version("99")
self.assertTrue( result, msg="Failed to compare version '100' > '99'")
result = Version("2.3.1") > Version("2.2.3")
@@ -42,3 +46,156 @@
self.assertTrue( result ,msg="Failed to compare version with suffix '1.0p2' > '1.0p1'")
result = Version("1.0_patch2","patch") < Version("1.0_patch3","patch")
self.assertTrue( result ,msg="Failed to compare version with suffix '1.0_patch2' < '1.0_patch3'")
+
+
+ def test_recipe_report_json(self):
+ config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+"""
+ self.write_config(config)
+
+ vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "m4-native_cve.json")
+
+ try:
+ os.remove(summary_json)
+ os.remove(recipe_json)
+ except FileNotFoundError:
+ pass
+
+ bitbake("m4-native -c cve_check")
+
+ def check_m4_json(filename):
+ with open(filename) as f:
+ report = json.load(f)
+ self.assertEqual(report["version"], "1")
+ self.assertEqual(len(report["package"]), 1)
+ package = report["package"][0]
+ self.assertEqual(package["name"], "m4-native")
+ found_cves = { issue["id"]: issue["status"] for issue in package["issue"]}
+ self.assertIn("CVE-2008-1687", found_cves)
+ self.assertEqual(found_cves["CVE-2008-1687"], "Patched")
+
+ self.assertExists(summary_json)
+ check_m4_json(summary_json)
+ self.assertExists(recipe_json)
+ check_m4_json(recipe_json)
+
+
+ def test_image_json(self):
+ config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+"""
+ self.write_config(config)
+
+ vars = get_bb_vars(["CVE_CHECK_DIR", "CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ report_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ print(report_json)
+ try:
+ os.remove(report_json)
+ except FileNotFoundError:
+ pass
+
+ bitbake("core-image-minimal-initramfs")
+ self.assertExists(report_json)
+
+ # Check that the summary report lists at least one package
+ with open(report_json) as f:
+ report = json.load(f)
+ self.assertEqual(report["version"], "1")
+ self.assertGreater(len(report["package"]), 1)
+
+ # Check that a random recipe wrote a recipe report to deploy/cve/
+ recipename = report["package"][0]["name"]
+ recipe_report = os.path.join(vars["CVE_CHECK_DIR"], recipename + "_cve.json")
+ self.assertExists(recipe_report)
+ with open(recipe_report) as f:
+ report = json.load(f)
+ self.assertEqual(report["version"], "1")
+ self.assertEqual(len(report["package"]), 1)
+ self.assertEqual(report["package"][0]["name"], recipename)
+
+
+ def test_recipe_report_json_unpatched(self):
+ config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+CVE_CHECK_REPORT_PATCHED = "0"
+"""
+ self.write_config(config)
+
+ vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "m4-native_cve.json")
+
+ try:
+ os.remove(summary_json)
+ os.remove(recipe_json)
+ except FileNotFoundError:
+ pass
+
+ bitbake("m4-native -c cve_check")
+
+ def check_m4_json(filename):
+ with open(filename) as f:
+ report = json.load(f)
+ self.assertEqual(report["version"], "1")
+ self.assertEqual(len(report["package"]), 1)
+ package = report["package"][0]
+ self.assertEqual(package["name"], "m4-native")
+ #m4 had only Patched CVEs, so the issues array will be empty
+ self.assertEqual(package["issue"], [])
+
+ self.assertExists(summary_json)
+ check_m4_json(summary_json)
+ self.assertExists(recipe_json)
+ check_m4_json(recipe_json)
+
+
+ def test_recipe_report_json_ignored(self):
+ config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+CVE_CHECK_REPORT_PATCHED = "1"
+"""
+ self.write_config(config)
+
+ vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+ recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "logrotate_cve.json")
+
+ try:
+ os.remove(summary_json)
+ os.remove(recipe_json)
+ except FileNotFoundError:
+ pass
+
+ bitbake("logrotate -c cve_check")
+
+ def check_m4_json(filename):
+ with open(filename) as f:
+ report = json.load(f)
+ self.assertEqual(report["version"], "1")
+ self.assertEqual(len(report["package"]), 1)
+ package = report["package"][0]
+ self.assertEqual(package["name"], "logrotate")
+ found_cves = { issue["id"]: issue["status"] for issue in package["issue"]}
+ # m4 CVE should not be in logrotate
+ self.assertNotIn("CVE-2008-1687", found_cves)
+ # logrotate has both Patched and Ignored CVEs
+ self.assertIn("CVE-2011-1098", found_cves)
+ self.assertEqual(found_cves["CVE-2011-1098"], "Patched")
+ self.assertIn("CVE-2011-1548", found_cves)
+ self.assertEqual(found_cves["CVE-2011-1548"], "Ignored")
+ self.assertIn("CVE-2011-1549", found_cves)
+ self.assertEqual(found_cves["CVE-2011-1549"], "Ignored")
+ self.assertIn("CVE-2011-1550", found_cves)
+ self.assertEqual(found_cves["CVE-2011-1550"], "Ignored")
+
+ self.assertExists(summary_json)
+ check_m4_json(summary_json)
+ self.assertExists(recipe_json)
+ check_m4_json(recipe_json)
diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py
index 3eea2b1..34fc791 100644
--- a/poky/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py
@@ -218,6 +218,34 @@
filelist.append(' '.join(splitline))
return filelist
+ def _check_diff(self, diffoutput, addlines, removelines):
+ """Check output from 'git diff' matches expectation"""
+ remaining_addlines = addlines[:]
+ remaining_removelines = removelines[:]
+ for line in diffoutput.splitlines():
+ if line.startswith('+++') or line.startswith('---'):
+ continue
+ elif line.startswith('+'):
+ matched = False
+ for item in addlines:
+ if re.match(item, line[1:].strip()):
+ matched = True
+ remaining_addlines.remove(item)
+ break
+ self.assertTrue(matched, 'Unexpected diff add line: %s' % line)
+ elif line.startswith('-'):
+ matched = False
+ for item in removelines:
+ if re.match(item, line[1:].strip()):
+ matched = True
+ remaining_removelines.remove(item)
+ break
+ self.assertTrue(matched, 'Unexpected diff remove line: %s' % line)
+ if remaining_addlines:
+ self.fail('Expected added lines not found: %s' % remaining_addlines)
+ if remaining_removelines:
+ self.fail('Expected removed lines not found: %s' % remaining_removelines)
+
class DevtoolBase(DevtoolTestCase):
@@ -444,7 +472,7 @@
checkvars['S'] = '${WORKDIR}/MarkupSafe-%s' % testver
checkvars['SRC_URI'] = url
self._test_recipe_contents(recipefile, checkvars, [])
-
+
def test_devtool_add_fetch_git(self):
tempdir = tempfile.mkdtemp(prefix='devtoolqa')
self.track_for_cleanup(tempdir)
@@ -544,6 +572,19 @@
# Test devtool build
result = runCmd('devtool build %s' % pn)
+ def test_devtool_add_python_egg_requires(self):
+ # Fetch source
+ tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+ self.track_for_cleanup(tempdir)
+ testver = '0.14.0'
+ url = 'https://files.pythonhosted.org/packages/e9/9e/25d59f5043cf763833b2581c8027fa92342c4cf8ee523b498ecdf460c16d/uvicorn-%s.tar.gz' % testver
+ testrecipe = 'python3-uvicorn'
+ srcdir = os.path.join(tempdir, testrecipe)
+ # Test devtool add
+ self.track_for_cleanup(self.workspacedir)
+ self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+ result = runCmd('devtool add %s %s -f %s' % (testrecipe, srcdir, url))
+
class DevtoolModifyTests(DevtoolBase):
def test_devtool_modify(self):
@@ -705,6 +746,7 @@
self.assertTrue(bbclassextended, 'None of these recipes are BBCLASSEXTENDed to native - need to adjust testrecipes list: %s' % ', '.join(testrecipes))
self.assertTrue(inheritnative, 'None of these recipes do "inherit native" - need to adjust testrecipes list: %s' % ', '.join(testrecipes))
+
def test_devtool_modify_localfiles_only(self):
# Check preconditions
testrecipe = 'base-files'
@@ -917,23 +959,7 @@
srcurilines[0] = 'SRC_URI = "' + srcurilines[0]
srcurilines.append('"')
removelines = ['SRCREV = ".*"'] + srcurilines
- for line in result.output.splitlines():
- if line.startswith('+++') or line.startswith('---'):
- continue
- elif line.startswith('+'):
- matched = False
- for item in addlines:
- if re.match(item, line[1:].strip()):
- matched = True
- break
- self.assertTrue(matched, 'Unexpected diff add line: %s' % line)
- elif line.startswith('-'):
- matched = False
- for item in removelines:
- if re.match(item, line[1:].strip()):
- matched = True
- break
- self.assertTrue(matched, 'Unexpected diff remove line: %s' % line)
+ self._check_diff(result.output, addlines, removelines)
# Now try with auto mode
runCmd('cd %s; git checkout %s %s' % (os.path.dirname(recipefile), testrecipe, os.path.basename(recipefile)))
result = runCmd('devtool update-recipe %s' % testrecipe)
@@ -1303,6 +1329,73 @@
expected_status = []
self._check_repo_status(os.path.dirname(recipefile), expected_status)
+ def test_devtool_finish_modify_git_subdir(self):
+ # Check preconditions
+ testrecipe = 'dos2unix'
+ bb_vars = get_bb_vars(['SRC_URI', 'S', 'WORKDIR', 'FILE'], testrecipe)
+ self.assertIn('git://', bb_vars['SRC_URI'], 'This test expects the %s recipe to be a git recipe' % testrecipe)
+ workdir_git = '%s/git/' % bb_vars['WORKDIR']
+ if not bb_vars['S'].startswith(workdir_git):
+ self.fail('This test expects the %s recipe to be building from a subdirectory of the git repo' % testrecipe)
+ subdir = bb_vars['S'].split(workdir_git, 1)[1]
+ # Clean up anything in the workdir/sysroot/sstate cache
+ bitbake('%s -c cleansstate' % testrecipe)
+ # Try modifying a recipe
+ tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+ self.track_for_cleanup(tempdir)
+ self.track_for_cleanup(self.workspacedir)
+ self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+ self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+ result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
+ testsrcfile = os.path.join(tempdir, subdir, 'dos2unix.c')
+ self.assertExists(testsrcfile, 'Extracted source could not be found')
+ self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output)
+ self.assertNotExists(os.path.join(tempdir, subdir, '.git'), 'Subdirectory has been initialised as a git repo')
+ # Check git repo
+ self._check_src_repo(tempdir)
+ # Modify file
+ runCmd("sed -i '1s:^:/* Add a comment */\\n:' %s" % testsrcfile)
+ result = runCmd('git commit -a -m "Add a comment"', cwd=tempdir)
+ # Now try updating original recipe
+ recipefile = bb_vars['FILE']
+ recipedir = os.path.dirname(recipefile)
+ self.add_command_to_tearDown('cd %s; rm -f %s/*.patch; git checkout .' % (recipedir, testrecipe))
+ result = runCmd('devtool update-recipe %s' % testrecipe)
+ expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)),
+ ('??', '.*/%s/%s/$' % (testrecipe, testrecipe))]
+ self._check_repo_status(os.path.dirname(recipefile), expected_status)
+ result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile))
+ removelines = ['SRC_URI = "git://.*"']
+ addlines = [
+ 'SRC_URI = "git://.* \\\\',
+ 'file://0001-Add-a-comment.patch;patchdir=.. \\\\',
+ '"'
+ ]
+ self._check_diff(result.output, addlines, removelines)
+ # Put things back so we can run devtool finish on a different layer
+ runCmd('cd %s; rm -f %s/*.patch; git checkout .' % (recipedir, testrecipe))
+ # Run devtool finish
+ res = re.search('recipes-.*', recipedir)
+ self.assertTrue(res, 'Unable to find recipe subdirectory')
+ recipesubdir = res[0]
+ self.add_command_to_tearDown('rm -rf %s' % os.path.join(self.testlayer_path, recipesubdir))
+ result = runCmd('devtool finish %s meta-selftest' % testrecipe)
+ # Check bbappend file contents
+ appendfn = os.path.join(self.testlayer_path, recipesubdir, '%s_%%.bbappend' % testrecipe)
+ with open(appendfn, 'r') as f:
+ appendlines = f.readlines()
+ expected_appendlines = [
+ 'FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
+ '\n',
+ 'SRC_URI += "file://0001-Add-a-comment.patch;patchdir=.."\n',
+ '\n'
+ ]
+ self.assertEqual(appendlines, expected_appendlines)
+ self.assertExists(os.path.join(os.path.dirname(appendfn), testrecipe, '0001-Add-a-comment.patch'))
+ # Try building
+ bitbake('%s -c patch' % testrecipe)
+
+
class DevtoolExtractTests(DevtoolBase):
def test_devtool_extract(self):
diff --git a/poky/meta/lib/oeqa/selftest/cases/git.py b/poky/meta/lib/oeqa/selftest/cases/git.py
new file mode 100644
index 0000000..f12874d
--- /dev/null
+++ b/poky/meta/lib/oeqa/selftest/cases/git.py
@@ -0,0 +1,15 @@
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class GitCheck(OESelftestTestCase):
+ def test_git_intercept(self):
+ """
+ Git binaries with CVE-2022-24765 fixed will refuse to operate on a
+ repository which is owned by a different user. This breaks our
+ do_install task as that runs inside pseudo, so the git repository is
+ owned by the build user but git is running as (fake)root.
+
+ We have an intercept which disables pseudo, so verify that it works.
+ """
+ bitbake("git-submodule-test -c test_git_as_user")
+ bitbake("git-submodule-test -c test_git_as_root")
diff --git a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py
index 6b94ace..6d010b3 100644
--- a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py
+++ b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py
@@ -235,7 +235,7 @@
DISTRO_FEATURES:append = " pam opengl wayland"
# Switch to systemd
-DISTRO_FEATURES += "systemd"
+DISTRO_FEATURES:append = " systemd"
VIRTUAL-RUNTIME_init_manager = "systemd"
VIRTUAL-RUNTIME_initscripts = ""
VIRTUAL-RUNTIME_syslog = ""
diff --git a/poky/meta/lib/oeqa/selftest/cases/multiconfig.py b/poky/meta/lib/oeqa/selftest/cases/multiconfig.py
index baae9b4..83cbd13 100644
--- a/poky/meta/lib/oeqa/selftest/cases/multiconfig.py
+++ b/poky/meta/lib/oeqa/selftest/cases/multiconfig.py
@@ -70,3 +70,16 @@
result = bitbake('mc:test:multiconfig-test-parse -c showvar')
self.assertIn('MCTESTVAR=test2', result.output.splitlines())
+
+ def test_multiconfig_inlayer(self):
+ """
+ Test that a multiconfig from meta-selftest works.
+ """
+
+ config = """
+BBMULTICONFIG = "muslmc"
+"""
+ self.write_config(config)
+
+ # Build a core-image-minimal, only dry run needed to check config is present
+ bitbake('mc:muslmc:bash -n')
diff --git a/poky/meta/lib/oeqa/selftest/cases/oescripts.py b/poky/meta/lib/oeqa/selftest/cases/oescripts.py
index cd68781..bd84f15 100644
--- a/poky/meta/lib/oeqa/selftest/cases/oescripts.py
+++ b/poky/meta/lib/oeqa/selftest/cases/oescripts.py
@@ -129,7 +129,8 @@
def check_endlines(self, results, expected_endlines):
for line in results.output.splitlines():
for el in expected_endlines:
- if line.split() == el.split():
+ if line and line.split()[0] == el.split()[0] and \
+ ' '.join(sorted(el.split())) in ' '.join(sorted(line.split())):
expected_endlines.remove(el)
break
diff --git a/poky/meta/lib/oeqa/selftest/cases/overlayfs.py b/poky/meta/lib/oeqa/selftest/cases/overlayfs.py
index 472746a..96beb8b 100644
--- a/poky/meta/lib/oeqa/selftest/cases/overlayfs.py
+++ b/poky/meta/lib/oeqa/selftest/cases/overlayfs.py
@@ -55,18 +55,36 @@
config = """
IMAGE_INSTALL:append = " overlayfs-user"
-DISTRO_FEATURES += "systemd overlayfs"
+DISTRO_FEATURES:append = " systemd overlayfs"
"""
self.write_config(config)
self.add_overlay_conf_to_machine()
res = bitbake('core-image-minimal', ignore_status=True)
- line = getline(res, " Mount path /mnt/overlay not found in fstat and unit mnt-overlay.mount not found in systemd unit directories")
+ line = getline(res, " Mount path /mnt/overlay not found in fstab and unit mnt-overlay.mount not found in systemd unit directories")
self.assertTrue(line and line.startswith("WARNING:"), msg=res.output)
line = getline(res, "Not all mount paths and units are installed in the image")
self.assertTrue(line and line.startswith("ERROR:"), msg=res.output)
+ def test_not_all_units_installed_but_qa_skipped(self):
+ """
+ Summary: Test skipping the QA check
+ Expected: Image is created successfully
+ Author: Claudius Heine <ch@denx.de>
+ """
+
+ config = """
+IMAGE_INSTALL:append = " overlayfs-user"
+DISTRO_FEATURES += "systemd overlayfs"
+OVERLAYFS_QA_SKIP[mnt-overlay] = "mount-configured"
+"""
+
+ self.write_config(config)
+ self.add_overlay_conf_to_machine()
+
+ bitbake('core-image-minimal')
+
def test_mount_unit_not_set(self):
"""
Summary: Test whether mount unit was set properly
@@ -76,7 +94,7 @@
config = """
IMAGE_INSTALL:append = " overlayfs-user"
-DISTRO_FEATURES += "systemd overlayfs"
+DISTRO_FEATURES:append = " systemd overlayfs"
"""
self.write_config(config)
@@ -94,7 +112,7 @@
config = """
IMAGE_INSTALL:append = " overlayfs-user"
-DISTRO_FEATURES += "systemd overlayfs"
+DISTRO_FEATURES:append = " systemd overlayfs"
"""
wrong_machine_config = """
@@ -118,7 +136,7 @@
config = """
IMAGE_INSTALL:append = " overlayfs-user systemd-machine-units"
-DISTRO_FEATURES += "systemd overlayfs"
+DISTRO_FEATURES:append = " systemd overlayfs"
# Use systemd as init manager
VIRTUAL-RUNTIME_init_manager = "systemd"
@@ -253,7 +271,7 @@
"""
configBase = """
-DISTRO_FEATURES += "systemd"
+DISTRO_FEATURES:append = " systemd"
# Use systemd as init manager
VIRTUAL-RUNTIME_init_manager = "systemd"
@@ -295,7 +313,7 @@
"""
config = """
-DISTRO_FEATURES += "systemd"
+DISTRO_FEATURES:append = " systemd"
# Use systemd as init manager
VIRTUAL-RUNTIME_init_manager = "systemd"
@@ -331,7 +349,7 @@
"""
config = f"""
-DISTRO_FEATURES += "systemd"
+DISTRO_FEATURES:append = " systemd"
# Use systemd as init manager
VIRTUAL-RUNTIME_init_manager = "systemd"
@@ -373,7 +391,7 @@
"""
config = """
-DISTRO_FEATURES += "systemd"
+DISTRO_FEATURES:append = " systemd"
# Use systemd as init manager
VIRTUAL-RUNTIME_init_manager = "systemd"
diff --git a/poky/meta/lib/oeqa/selftest/cases/runtime_test.py b/poky/meta/lib/oeqa/selftest/cases/runtime_test.py
index 3ece617..857737f 100644
--- a/poky/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/poky/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -252,7 +252,7 @@
import subprocess, os
distro = oe.lsb.distro_identifier()
- if distro and distro in ['debian-9', 'debian-10', 'centos-7', 'centos-8', 'ubuntu-16.04', 'ubuntu-18.04', 'almalinux-8.5']:
+ if distro and (distro in ['debian-9', 'debian-10', 'centos-7', 'centos-8', 'ubuntu-16.04', 'ubuntu-18.04'] or distro.startswith('almalinux')):
self.skipTest('virgl headless cannot be tested with %s' %(distro))
render_hint = """If /dev/dri/renderD* is absent due to lack of suitable GPU, 'modprobe vgem' will create one suitable for mesa llvmpipe software renderer."""
diff --git a/poky/meta/recipes-bsp/alsa-state/alsa-state.bb b/poky/meta/recipes-bsp/alsa-state/alsa-state.bb
index df54663..27b2ecc 100644
--- a/poky/meta/recipes-bsp/alsa-state/alsa-state.bb
+++ b/poky/meta/recipes-bsp/alsa-state/alsa-state.bb
@@ -8,8 +8,11 @@
HOMEPAGE = "http://www.alsa-project.org/"
DESCRIPTION = "Alsa Scenario Files - an init script and state files to restore \
sound state at system boot and save it at system shut down."
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+LICENSE = "MIT & GPL-2.0-or-later"
+LIC_FILES_CHKSUM = " \
+ file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \
+ file://alsa-state-init;beginline=3;endline=4;md5=3ff7ecbf534d7d503941abe8e268ef50 \
+"
PV = "0.2.0"
PR = "r5"
diff --git a/poky/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init b/poky/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init
index eee59cb..a04cc27 100755
--- a/poky/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init
+++ b/poky/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init
@@ -1,10 +1,9 @@
#! /bin/sh
#
# Copyright Matthias Hentges <devel@hentges.net> (c) 2007
-# License: GPL (see http://www.gnu.org/licenses/gpl.txt for a copy of the license)
+# SPDX-License-Identifier: GPL-2.0-or-later
#
# Filename: alsa-state
-# Date: 20070308 (YMD)
# source function library
. /etc/init.d/functions
diff --git a/poky/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch b/poky/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
new file mode 100644
index 0000000..ec5b285
--- /dev/null
+++ b/poky/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
@@ -0,0 +1,184 @@
+From cece3ffd5be2f8641eb694513f2b73e5eb97ffd3 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Fri, 28 Jan 2022 12:13:30 +0100
+Subject: [PATCH] efisecdb: fix build with musl libc
+
+Refactor code to use POSIX atexit(3) instead of the GNU specific
+on_exit(3).
+
+Resolves: #197
+Resolves: #202
+Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
+
+Upstream-Status: Backport
+https://github.com/rhboot/efivar/commit/cece3ffd5be2f8641eb694513f2b73e5eb97ffd3
+
+Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
+---
+ src/compiler.h | 2 --
+ src/efisecdb.c | 68 +++++++++++++++++++-------------------------------
+ 2 files changed, 26 insertions(+), 44 deletions(-)
+
+diff --git a/src/compiler.h b/src/compiler.h
+index e2f18f0b..d95fb014 100644
+--- a/src/compiler.h
++++ b/src/compiler.h
+@@ -7,8 +7,6 @@
+ #ifndef COMPILER_H_
+ #define COMPILER_H_
+
+-#include <sys/cdefs.h>
+-
+ /* GCC version checking borrowed from glibc. */
+ #if defined(__GNUC__) && defined(__GNUC_MINOR__)
+ # define GNUC_PREREQ(maj,min) \
+diff --git a/src/efisecdb.c b/src/efisecdb.c
+index f8823737..6bd5ad90 100644
+--- a/src/efisecdb.c
++++ b/src/efisecdb.c
+@@ -25,6 +25,10 @@
+ extern char *optarg;
+ extern int optind, opterr, optopt;
+
++static efi_secdb_t *secdb = NULL;
++static list_t infiles;
++static list_t actions;
++
+ struct hash_param {
+ char *name;
+ efi_secdb_type_t algorithm;
+@@ -187,12 +191,11 @@ add_action(list_t *list, action_type_t action_type, const efi_guid_t *owner,
+ }
+
+ static void
+-free_actions(int status UNUSED, void *actionsp)
++free_actions(void)
+ {
+- list_t *actions = (list_t *)actionsp;
+ list_t *pos, *tmp;
+
+- for_each_action_safe(pos, tmp, actions) {
++ for_each_action_safe(pos, tmp, &actions) {
+ action_t *action = list_entry(pos, action_t, list);
+
+ list_del(&action->list);
+@@ -202,12 +205,11 @@ free_actions(int status UNUSED, void *actionsp)
+ }
+
+ static void
+-free_infiles(int status UNUSED, void *infilesp)
++free_infiles(void)
+ {
+- list_t *infiles = (list_t *)infilesp;
+ list_t *pos, *tmp;
+
+- for_each_ptr_safe(pos, tmp, infiles) {
++ for_each_ptr_safe(pos, tmp, &infiles) {
+ ptrlist_t *entry = list_entry(pos, ptrlist_t, list);
+
+ list_del(&entry->list);
+@@ -216,27 +218,12 @@ free_infiles(int status UNUSED, void *infilesp)
+ }
+
+ static void
+-maybe_free_secdb(int status UNUSED, void *voidp)
++maybe_free_secdb(void)
+ {
+- efi_secdb_t **secdbp = (efi_secdb_t **)voidp;
+-
+- if (secdbp == NULL || *secdbp == NULL)
++ if (secdb == NULL)
+ return;
+
+- efi_secdb_free(*secdbp);
+-}
+-
+-static void
+-maybe_do_unlink(int status, void *filep)
+-{
+- char **file = (char **)filep;
+-
+- if (status == 0)
+- return;
+- if (file == NULL || *file == NULL)
+- return;
+-
+- unlink(*file);
++ efi_secdb_free(secdb);
+ }
+
+ static void
+@@ -323,15 +310,6 @@ parse_input_files(list_t *infiles, char **outfile, efi_secdb_t **secdb,
+ return status;
+ }
+
+-/*
+- * These need to be static globals so that they're not on main's stack when
+- * on_exit() fires.
+- */
+-static efi_secdb_t *secdb = NULL;
+-static list_t infiles;
+-static list_t actions;
+-static char *outfile = NULL;
+-
+ int
+ main(int argc, char *argv[])
+ {
+@@ -351,6 +329,7 @@ main(int argc, char *argv[])
+ bool do_sort_data = false;
+ bool sort_descending = false;
+ int status = 0;
++ char *outfile = NULL;
+
+ const char sopts[] = ":aAc:dfg:h:i:Lo:rs:t:v?";
+ const struct option lopts[] = {
+@@ -376,10 +355,9 @@ main(int argc, char *argv[])
+ INIT_LIST_HEAD(&infiles);
+ INIT_LIST_HEAD(&actions);
+
+- on_exit(free_actions, &actions);
+- on_exit(free_infiles, &infiles);
+- on_exit(maybe_free_secdb, &secdb);
+- on_exit(maybe_do_unlink, &outfile);
++ atexit(free_actions);
++ atexit(free_infiles);
++ atexit(maybe_free_secdb);
+
+ /*
+ * parse the command line.
+@@ -587,24 +565,30 @@ main(int argc, char *argv[])
+ outfd = open(outfile, flags, 0600);
+ if (outfd < 0) {
+ char *tmpoutfile = outfile;
+- if (errno == EEXIST)
+- outfile = NULL;
++ if (errno != EEXIST)
++ unlink(outfile);
+ err(1, "could not open \"%s\"", tmpoutfile);
+ }
+
+ rc = ftruncate(outfd, 0);
+- if (rc < 0)
++ if (rc < 0) {
++ unlink(outfile);
+ err(1, "could not truncate output file \"%s\"", outfile);
++ }
+
+ void *output;
+ size_t size = 0;
+ rc = efi_secdb_realize(secdb, &output, &size);
+- if (rc < 0)
++ if (rc < 0) {
++ unlink(outfile);
+ secdb_err(1, "could not realize signature list");
++ }
+
+ rc = write(outfd, output, size);
+- if (rc < 0)
++ if (rc < 0) {
++ unlink(outfile);
+ err(1, "could not write signature list");
++ }
+
+ close(outfd);
+ xfree(output);
diff --git a/poky/meta/recipes-bsp/efivar/efivar_38.bb b/poky/meta/recipes-bsp/efivar/efivar_38.bb
index 68c4b4b..53fe20a 100644
--- a/poky/meta/recipes-bsp/efivar/efivar_38.bb
+++ b/poky/meta/recipes-bsp/efivar/efivar_38.bb
@@ -10,6 +10,7 @@
SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=main;protocol=https \
file://0001-docs-do-not-build-efisecdb-manpage.patch \
file://0001-src-Makefile-build-util.c-separately-for-makeguids.patch \
+ file://efisecdb-fix-build-with-musl-libc.patch \
"
SRCREV = "1753149d4176ebfb2b135ac0aaf79340bf0e7a93"
@@ -36,5 +37,3 @@
RRECOMMENDS:${PN}:class-target = "kernel-module-efivarfs"
CLEANBROKEN = "1"
-# https://github.com/rhboot/efivar/issues/202
-COMPATIBLE_HOST:libc-musl = 'null'
diff --git a/poky/meta/recipes-bsp/pciutils/pciutils_3.7.0.bb b/poky/meta/recipes-bsp/pciutils/pciutils_3.7.0.bb
index 7d1740f..311e57a 100644
--- a/poky/meta/recipes-bsp/pciutils/pciutils_3.7.0.bb
+++ b/poky/meta/recipes-bsp/pciutils/pciutils_3.7.0.bb
@@ -13,7 +13,7 @@
SRC_URI[sha256sum] = "9d40b97be8b6a2cdf96aead5a61881d1f7e4e0da9544a9bac4fba1ae9dcd40eb"
-inherit multilib_header pkgconfig
+inherit multilib_header pkgconfig update-alternatives
PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'hwdb', '', d)}"
PACKAGECONFIG[hwdb] = "HWDB=yes,HWDB=no,udev"
@@ -57,3 +57,6 @@
SUMMARY:${PN}-ids = "PCI utilities - device ID database"
DESCRIPTION:${PN}-ids = "Package providing the PCI device ID database for pciutils."
RDEPENDS:${PN} += "${PN}-ids"
+
+ALTERNATIVE:${PN} = "lspci"
+ALTERNATIVE_PRIORITY = "100"
diff --git a/poky/meta/recipes-bsp/u-boot/files/0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch b/poky/meta/recipes-bsp/u-boot/files/0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch
new file mode 100644
index 0000000..04ded5b
--- /dev/null
+++ b/poky/meta/recipes-bsp/u-boot/files/0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch
@@ -0,0 +1,126 @@
+From 8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409 Mon Sep 17 00:00:00 2001
+From: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr>
+Date: Fri, 10 Jun 2022 14:50:25 +0000
+Subject: [PATCH] i2c: fix stack buffer overflow vulnerability in i2c md
+ command
+
+When running "i2c md 0 0 80000100", the function do_i2c_md parses the
+length into an unsigned int variable named length. The value is then
+moved to a signed variable:
+
+ int nbytes = length;
+ #define DISP_LINE_LEN 16
+ int linebytes = (nbytes > DISP_LINE_LEN) ? DISP_LINE_LEN : nbytes;
+ ret = dm_i2c_read(dev, addr, linebuf, linebytes);
+
+On systems where integers are 32 bits wide, 0x80000100 is a negative
+value to "nbytes > DISP_LINE_LEN" is false and linebytes gets assigned
+0x80000100 instead of 16.
+
+The consequence is that the function which reads from the i2c device
+(dm_i2c_read or i2c_read) is called with a 16-byte stack buffer to fill
+but with a size parameter which is too large. In some cases, this could
+trigger a crash. But with some i2c drivers, such as drivers/i2c/nx_i2c.c
+(used with "nexell,s5pxx18-i2c" bus), the size is actually truncated to
+a 16-bit integer. This is because function i2c_transfer expects an
+unsigned short length. In such a case, an attacker who can control the
+response of an i2c device can overwrite the return address of a function
+and execute arbitrary code through Return-Oriented Programming.
+
+Fix this issue by using unsigned integers types in do_i2c_md. While at
+it, make also alen unsigned, as signed sizes can cause vulnerabilities
+when people forgot to check that they can be negative.
+
+Signed-off-by: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr>
+Reviewed-by: Heiko Schocher <hs@denx.de>
+
+CVE: CVE-2022-34835
+Upstream-Status: Backport [8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409]
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ cmd/i2c.c | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/cmd/i2c.c b/cmd/i2c.c
+index 9050b2b8d2..bd04b14024 100644
+--- a/cmd/i2c.c
++++ b/cmd/i2c.c
+@@ -200,10 +200,10 @@ void i2c_init_board(void)
+ *
+ * Returns the address length.
+ */
+-static uint get_alen(char *arg, int default_len)
++static uint get_alen(char *arg, uint default_len)
+ {
+- int j;
+- int alen;
++ uint j;
++ uint alen;
+
+ alen = default_len;
+ for (j = 0; j < 8; j++) {
+@@ -247,7 +247,7 @@ static int do_i2c_read(struct cmd_tbl *cmdtp, int flag, int argc,
+ {
+ uint chip;
+ uint devaddr, length;
+- int alen;
++ uint alen;
+ u_char *memaddr;
+ int ret;
+ #if CONFIG_IS_ENABLED(DM_I2C)
+@@ -301,7 +301,7 @@ static int do_i2c_write(struct cmd_tbl *cmdtp, int flag, int argc,
+ {
+ uint chip;
+ uint devaddr, length;
+- int alen;
++ uint alen;
+ u_char *memaddr;
+ int ret;
+ #if CONFIG_IS_ENABLED(DM_I2C)
+@@ -469,8 +469,8 @@ static int do_i2c_md(struct cmd_tbl *cmdtp, int flag, int argc,
+ {
+ uint chip;
+ uint addr, length;
+- int alen;
+- int j, nbytes, linebytes;
++ uint alen;
++ uint j, nbytes, linebytes;
+ int ret;
+ #if CONFIG_IS_ENABLED(DM_I2C)
+ struct udevice *dev;
+@@ -589,9 +589,9 @@ static int do_i2c_mw(struct cmd_tbl *cmdtp, int flag, int argc,
+ {
+ uint chip;
+ ulong addr;
+- int alen;
++ uint alen;
+ uchar byte;
+- int count;
++ uint count;
+ int ret;
+ #if CONFIG_IS_ENABLED(DM_I2C)
+ struct udevice *dev;
+@@ -676,8 +676,8 @@ static int do_i2c_crc(struct cmd_tbl *cmdtp, int flag, int argc,
+ {
+ uint chip;
+ ulong addr;
+- int alen;
+- int count;
++ uint alen;
++ uint count;
+ uchar byte;
+ ulong crc;
+ ulong err;
+@@ -985,7 +985,7 @@ static int do_i2c_loop(struct cmd_tbl *cmdtp, int flag, int argc,
+ char *const argv[])
+ {
+ uint chip;
+- int alen;
++ uint alen;
+ uint addr;
+ uint length;
+ u_char bytes[16];
+--
+2.25.1
+
diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb
index 0d2464d..f244372 100644
--- a/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb
+++ b/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb
@@ -3,6 +3,7 @@
SRC_URI:append = " file://0001-riscv32-Use-double-float-ABI-for-rv32.patch \
file://0001-riscv-fix-build-with-binutils-2.38.patch \
+ file://0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch \
"
DEPENDS += "bc-native dtc-native python3-setuptools-native"
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-avoid-start-failure-with-bind-user.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/0001-avoid-start-failure-with-bind-user.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-avoid-start-failure-with-bind-user.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-named-lwresd-V-and-start-log-hide-build-options.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/0001-named-lwresd-V-and-start-log-hide-build-options.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-named-lwresd-V-and-start-log-hide-build-options.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.2/bind-ensure-searching-for-json-headers-searches-sysr.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/bind-ensure-searching-for-json-headers-searches-sysr.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/bind-ensure-searching-for-json-headers-searches-sysr.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.18.2/bind9
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/bind9
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/bind9
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.2/conf.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/conf.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/conf.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.18.2/generate-rndc-key.sh
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/generate-rndc-key.sh
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/generate-rndc-key.sh
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.2/init.d-add-support-for-read-only-rootfs.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/init.d-add-support-for-read-only-rootfs.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/init.d-add-support-for-read-only-rootfs.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/make-etc-initd-bind-stop-work.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.1/named.service b/poky/meta/recipes-connectivity/bind/bind-9.18.2/named.service
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.1/named.service
rename to poky/meta/recipes-connectivity/bind/bind-9.18.2/named.service
diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.1.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.2.bb
similarity index 97%
rename from poky/meta/recipes-connectivity/bind/bind_9.18.1.bb
rename to poky/meta/recipes-connectivity/bind/bind_9.18.2.bb
index 6aa832f..1c77ace 100644
--- a/poky/meta/recipes-connectivity/bind/bind_9.18.1.bb
+++ b/poky/meta/recipes-connectivity/bind/bind_9.18.2.bb
@@ -20,7 +20,7 @@
file://0001-avoid-start-failure-with-bind-user.patch \
"
-SRC_URI[sha256sum] = "57c7afd871694d615cb4defb1c1bd6ed023350943d7458414db8d493ef560427"
+SRC_URI[sha256sum] = "2e4b38779bba0a23ee634fdf7c525fd9794c41d692bfd83cda25823a2a3ed969"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# follow the ESV versions divisible by 2
diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index 781b921..e6f216e 100644
--- a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -5,8 +5,8 @@
LICENSE = "PD"
LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
-SRCREV = "4cbb44a9fe26aa6f0b28beb79f9488b37c097b5e"
-PV = "20220315"
+SRCREV = "3d5c8d0f7e0264768a2c000d0fd4b4d4a991e041"
+PV = "20220511"
PE = "1"
SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main"
diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
index f306b12..a3a0016 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
+++ b/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -166,6 +166,11 @@
${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \
"
+# break dependency on base package for -dev package
+# otherwise SDK fails to build as the main openssh and dropbear packages
+# conflict with each other
+RDEPENDS:${PN}-dev = ""
+
# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies
RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils"
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch
index 5effa6c..0b7abc3 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch
@@ -13,11 +13,11 @@
Configure | 10 ----------
1 file changed, 10 deletions(-)
-diff --git a/Configure b/Configure
-index 821e680..0387a74 100755
---- a/Configure
-+++ b/Configure
-@@ -1422,16 +1422,6 @@ if ($target =~ /^mingw/ && `$config{CC} --target-help 2>&1` =~ m/-mno-cygwin/m)
+Index: openssl-3.0.4/Configure
+===================================================================
+--- openssl-3.0.4.orig/Configure
++++ openssl-3.0.4/Configure
+@@ -1423,16 +1423,6 @@ if ($target =~ /^mingw/ && `$config{CC}
push @{$config{shared_ldflag}}, "-mno-cygwin";
}
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
index 60890c6..bafdbaa 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
@@ -34,11 +34,11 @@
crypto/build.info | 2 +-
2 files changed, 12 insertions(+), 2 deletions(-)
-diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
-index f88a70f..528cdef 100644
---- a/Configurations/unix-Makefile.tmpl
-+++ b/Configurations/unix-Makefile.tmpl
-@@ -471,13 +471,23 @@ BIN_LDFLAGS={- join(' ', $target{bin_lflags} || (),
+Index: openssl-3.0.4/Configurations/unix-Makefile.tmpl
+===================================================================
+--- openssl-3.0.4.orig/Configurations/unix-Makefile.tmpl
++++ openssl-3.0.4/Configurations/unix-Makefile.tmpl
+@@ -472,13 +472,23 @@ BIN_LDFLAGS={- join(' ', $target{bin_lfl
'$(CNF_LDFLAGS)', '$(LDFLAGS)') -}
BIN_EX_LIBS=$(CNF_EX_LIBS) $(EX_LIBS)
@@ -63,10 +63,10 @@
PERLASM_SCHEME= {- $target{perlasm_scheme} -}
# For x86 assembler: Set PROCESSOR to 386 if you want to support
-diff --git a/crypto/build.info b/crypto/build.info
-index efca6cc..eda433e 100644
---- a/crypto/build.info
-+++ b/crypto/build.info
+Index: openssl-3.0.4/crypto/build.info
+===================================================================
+--- openssl-3.0.4.orig/crypto/build.info
++++ openssl-3.0.4/crypto/build.info
@@ -109,7 +109,7 @@ DEFINE[../libcrypto]=$UPLINKDEF
DEPEND[info.o]=buildinf.h
@@ -74,5 +74,5 @@
-GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)"
+GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC_Q) $(CFLAGS_Q) $(CPPFLAGS_Q)" "$(PLATFORM)"
- GENERATE[uplink-x86.s]=../ms/uplink-x86.pl
+ GENERATE[uplink-x86.S]=../ms/uplink-x86.pl
GENERATE[uplink-x86_64.s]=../ms/uplink-x86_64.pl
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch b/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch
index b7c0e96..cf77e87 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch
@@ -3,11 +3,11 @@
Upstream-Status: Submitted [hhttps://github.com/openssl/openssl/pull/7688]
Signed-off-by: Ross Burton <ross.burton@intel.com>
-diff --git a/Configure b/Configure
-index 3baa8ce..9ef52ed 100755
---- a/Configure
-+++ b/Configure
-@@ -1550,20 +1550,7 @@ unless ($disabled{"crypto-mdebug-backtrace"})
+Index: openssl-3.0.4/Configure
+===================================================================
+--- openssl-3.0.4.orig/Configure
++++ openssl-3.0.4/Configure
+@@ -1681,20 +1681,7 @@ $config{CFLAGS} = [ map { $_ eq '--ossl-
unless ($disabled{afalgeng}) {
$config{afalgeng}="";
if (grep { $_ eq 'afalgeng' } @{$target{enable}}) {
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_3.0.2.bb b/poky/meta/recipes-connectivity/openssl/openssl_3.0.5.bb
similarity index 96%
rename from poky/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
rename to poky/meta/recipes-connectivity/openssl/openssl_3.0.5.bb
index ff2a22c..e50ff7f 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
+++ b/poky/meta/recipes-connectivity/openssl/openssl_3.0.5.bb
@@ -18,7 +18,7 @@
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63"
+SRC_URI[sha256sum] = "aa7d8d9bef71ad6525c55ba11e5f4397889ce49c2c9349dcea6d3e4f0b024a7a"
inherit lib_package multilib_header multilib_script ptest perlnative
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@@ -224,7 +224,7 @@
# file to be installed for both the openssl-bin package and the libcrypto
# package since the openssl-bin package depends on the libcrypto package.
-PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc"
+PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc ${PN}-ossl-module-legacy"
FILES:libcrypto = "${libdir}/libcrypto${SOLIBS}"
FILES:libssl = "${libdir}/libssl${SOLIBS}"
@@ -235,12 +235,13 @@
# ${prefix} comes from what we pass into --prefix at configure time (which is used for INSTALLTOP)
FILES:${PN}-engines:append:mingw32:class-nativesdk = " ${prefix}${libdir}/engines-3"
FILES:${PN}-misc = "${libdir}/ssl-3/misc ${bindir}/c_rehash"
+FILES:${PN}-ossl-module-legacy = "${libdir}/ossl-modules/legacy.so"
FILES:${PN} =+ "${libdir}/ssl-3/* ${libdir}/ossl-modules/"
FILES:${PN}:append:class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
CONFFILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
-RRECOMMENDS:libcrypto += "openssl-conf"
+RRECOMMENDS:libcrypto += "openssl-conf ${PN}-ossl-module-legacy"
RDEPENDS:${PN}-misc = "perl"
RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash sed"
diff --git a/poky/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch b/poky/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch
new file mode 100644
index 0000000..bfaa786
--- /dev/null
+++ b/poky/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch
@@ -0,0 +1,57 @@
+From 91e0db96741359173ddf2be083aafcc1a3c32472 Mon Sep 17 00:00:00 2001
+From: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
+Date: Mon, 18 Apr 2022 11:22:43 +0800
+Subject: [PATCH] Disable shell for default users
+
+Change the shell of all global static users other than root (which
+retains /bin/sh) and sync (as /bin/sync is rather harmless) to
+/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)
+
+Upstream-Status: Backport [https://launchpad.net/ubuntu/+source/base-passwd/3.5.30]
+Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
+---
+ passwd.master | 32 ++++++++++++++++----------------
+ 1 file changed, 16 insertions(+), 16 deletions(-)
+
+diff --git a/passwd.master b/passwd.master
+index e1c32ff..0cd5ffd 100644
+--- a/passwd.master
++++ b/passwd.master
+@@ -1,18 +1,18 @@
+ root::0:0:root:/root:/bin/sh
+-daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+-bin:*:2:2:bin:/bin:/bin/sh
+-sys:*:3:3:sys:/dev:/bin/sh
++daemon:*:1:1:daemon:/usr/sbin:/sbin/nologin
++bin:*:2:2:bin:/bin:/sbin/nologin
++sys:*:3:3:sys:/dev:/sbin/nologin
+ sync:*:4:65534:sync:/bin:/bin/sync
+-games:*:5:60:games:/usr/games:/bin/sh
+-man:*:6:12:man:/var/cache/man:/bin/sh
+-lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+-mail:*:8:8:mail:/var/mail:/bin/sh
+-news:*:9:9:news:/var/spool/news:/bin/sh
+-uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+-proxy:*:13:13:proxy:/bin:/bin/sh
+-www-data:*:33:33:www-data:/var/www:/bin/sh
+-backup:*:34:34:backup:/var/backups:/bin/sh
+-list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+-irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+-gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+-nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
++games:*:5:60:games:/usr/games:/sbin/nologin
++man:*:6:12:man:/var/cache/man:/sbin/nologin
++lp:*:7:7:lp:/var/spool/lpd:/sbin/nologin
++mail:*:8:8:mail:/var/mail:/sbin/nologin
++news:*:9:9:news:/var/spool/news:/sbin/nologin
++uucp:*:10:10:uucp:/var/spool/uucp:/sbin/nologin
++proxy:*:13:13:proxy:/bin:/sbin/nologin
++www-data:*:33:33:www-data:/var/www:/sbin/nologin
++backup:*:34:34:backup:/var/backups:/sbin/nologin
++list:*:38:38:Mailing List Manager:/var/list:/sbin/nologin
++irc:*:39:39:ircd:/var/run/ircd:/sbin/nologin
++gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/sbin/nologin
++nobody:*:65534:65534:nobody:/nonexistent:/sbin/nologin
+--
+2.32.0
+
diff --git a/poky/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb b/poky/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
index 9a27ad3..ef7792a 100644
--- a/poky/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
+++ b/poky/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
@@ -14,6 +14,7 @@
file://input.patch \
file://disable-docs.patch \
file://kvm.patch \
+ file://disable-shell.patch \
"
SRC_URI[md5sum] = "6beccac48083fe8ae5048acd062e5421"
diff --git a/poky/meta/recipes-core/busybox/busybox/CVE-2022-30065.patch b/poky/meta/recipes-core/busybox/busybox/CVE-2022-30065.patch
new file mode 100644
index 0000000..25ad653
--- /dev/null
+++ b/poky/meta/recipes-core/busybox/busybox/CVE-2022-30065.patch
@@ -0,0 +1,29 @@
+Fix use-after-free in awk.
+
+CVE: CVE-2022-30065
+Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2022-June/089768.html]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+fixes https://bugs.busybox.net/show_bug.cgi?id=14781
+
+Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
+---
+ editors/awk.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/editors/awk.c b/editors/awk.c
+index 079d0bde5..728ee8685 100644
+--- a/editors/awk.c
++++ b/editors/awk.c
+@@ -3128,6 +3128,9 @@ static var *evaluate(node *op, var *res)
+
+ case XC( OC_MOVE ):
+ debug_printf_eval("MOVE\n");
++ /* make sure that we never return a temp var */
++ if (L.v == TMPVAR0)
++ L.v = res;
+ /* if source is a temporary string, jusk relink it to dest */
+ if (R.v == TMPVAR1
+ && !(R.v->type & VF_NUMBER)
+--
+2.36.1
diff --git a/poky/meta/recipes-core/busybox/busybox_1.35.0.bb b/poky/meta/recipes-core/busybox/busybox_1.35.0.bb
index f2f1b35..edf8964 100644
--- a/poky/meta/recipes-core/busybox/busybox_1.35.0.bb
+++ b/poky/meta/recipes-core/busybox/busybox_1.35.0.bb
@@ -49,6 +49,7 @@
file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
file://0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch \
file://0002-nslookup-sanitize-all-printed-strings-with-printable.patch \
+ file://CVE-2022-30065.patch \
"
SRC_URI:append:libc-musl = " file://musl.cfg "
diff --git a/poky/meta/recipes-core/coreutils/coreutils_9.0.bb b/poky/meta/recipes-core/coreutils/coreutils_9.0.bb
index e4a948c..865cffd 100644
--- a/poky/meta/recipes-core/coreutils/coreutils_9.0.bb
+++ b/poky/meta/recipes-core/coreutils/coreutils_9.0.bb
@@ -174,8 +174,9 @@
# -dev automatic dependencies fails as we don't want libmodule-build-perl-dev, its too heavy
# may need tweaking if DEPENDS changes
+# Can't use ${PN}-dev here since flags with overrides and key expansion not supported
RRECOMMENDS:coreutils-dev[nodeprrecs] = "1"
-RRECOMMENDS:coreutils-dev = "acl-dev attr-dev gmp-dev libcap-dev bash-dev findutils-dev gawk-dev shadow-dev"
+RRECOMMENDS:${PN}-dev += "acl-dev attr-dev gmp-dev libcap-dev bash-dev findutils-dev gawk-dev shadow-dev"
do_install_ptest () {
install -d ${D}${PTEST_PATH}/tests
diff --git a/poky/meta/recipes-core/dropbear/dropbear.inc b/poky/meta/recipes-core/dropbear/dropbear.inc
index 78f9f9a..2d6e64c 100644
--- a/poky/meta/recipes-core/dropbear/dropbear.inc
+++ b/poky/meta/recipes-core/dropbear/dropbear.inc
@@ -12,6 +12,11 @@
RPROVIDES:${PN} = "ssh sshd"
RCONFLICTS:${PN} = "openssh-sshd openssh"
+# break dependency on base package for -dev package
+# otherwise SDK fails to build as the main openssh and dropbear packages
+# conflict with each other
+RDEPENDS:${PN}-dev = ""
+
DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch
index 816b790..c011439 100644
--- a/poky/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch
+++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch
@@ -1,4 +1,4 @@
-From d52b1b530c5d8a1e70ae45d6e2139e9d3f25207f Mon Sep 17 00:00:00 2001
+From 9a66887179d28d696562dcac43ad05d67580cfdb Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Fri, 11 Mar 2016 15:35:55 +0000
Subject: [PATCH] glib-2.0: relocate the GIO module directory for native builds
diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.72.1.bb b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
similarity index 95%
rename from poky/meta/recipes-core/glib-2.0/glib-2.0_2.72.1.bb
rename to poky/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
index c9ccedd..dd1ea50 100644
--- a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.72.1.bb
+++ b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
@@ -19,7 +19,7 @@
"
SRC_URI:append:class-native = " file://relocate-modules.patch"
-SRC_URI[sha256sum] = "c07e57147b254cef92ce80a0378dc0c02a4358e7de4702e9f403069781095fe2"
+SRC_URI[sha256sum] = "4a39a2f624b8512d500d5840173eda7fa85f51c109052eae806acece85d345f0"
# Find any meson cross files in FILESPATH that are relevant for the current
# build (using siteinfo) and add them to EXTRA_OEMESON.
diff --git a/poky/meta/recipes-core/glib-networking/glib-networking_2.72.0.bb b/poky/meta/recipes-core/glib-networking/glib-networking_2.72.1.bb
similarity index 93%
rename from poky/meta/recipes-core/glib-networking/glib-networking_2.72.0.bb
rename to poky/meta/recipes-core/glib-networking/glib-networking_2.72.1.bb
index d578f17..41f18d1 100644
--- a/poky/meta/recipes-core/glib-networking/glib-networking_2.72.0.bb
+++ b/poky/meta/recipes-core/glib-networking/glib-networking_2.72.1.bb
@@ -9,7 +9,7 @@
SECTION = "libs"
DEPENDS = "glib-2.0"
-SRC_URI[archive.sha256sum] = "100aaebb369285041de52da422b6b716789d5e4d7549a3a71ba587b932e0823b"
+SRC_URI[archive.sha256sum] = "6fc1bedc8062484dc8a0204965995ef2367c3db5c934058ff1607e5a24d95a74"
PACKAGECONFIG ??= "openssl ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}"
diff --git a/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb b/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb
index 414f866..96d0569 100644
--- a/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb
+++ b/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb
@@ -5,6 +5,7 @@
REQUIRED_DISTRO_FEATURES = "ptest"
SRC_URI:append = " \
+ file://reproducible-paths.patch \
file://run-ptest \
"
@@ -18,7 +19,8 @@
d.setVar("PROVIDES", "${PN} ${PN}-ptest")
d.setVar("RPROVIDES", "${PN} ${PN}-ptest")
- d.setVar("BBCLASSEXTEND", "")
+ bbclassextend = d.getVar("BBCLASSEXTEND").replace("nativesdk", "").strip()
+ d.setVar("BBCLASSEXTEND", bbclassextend)
d.setVar("RRECOMMENDS", "")
d.setVar("SYSTEMD_SERVICE:nscd", "")
d.setVar("SYSTEMD_PACKAGES", "")
@@ -30,6 +32,8 @@
RDEPENDS:${PN} = " glibc sed"
DEPENDS:append = " sed"
+export oe_srcdir="${exec_prefix}/src/debug/glibc/${PV}/"
+
# Just build tests for target - do not run them
do_check:append () {
oe_runmake -i check run-built-tests=no
@@ -95,7 +99,7 @@
d.setVar('DEBIAN_NAMES', '')
}
-FILES:${PN} = "${PTEST_PATH}/* /usr/src/debug/glibc-tests/*"
+FILES:${PN} = "${PTEST_PATH}/* /usr/src/debug/${PN}/*"
EXCLUDE_FROM_SHLIBS = "1"
diff --git a/poky/meta/recipes-core/glibc/glibc-version.inc b/poky/meta/recipes-core/glibc/glibc-version.inc
index 080e905..99017ce 100644
--- a/poky/meta/recipes-core/glibc/glibc-version.inc
+++ b/poky/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.35/master"
PV = "2.35"
-SRCREV_glibc ?= "24962427071fa532c3c48c918e9d64d719cc8a6c"
+SRCREV_glibc ?= "b6aade18a7e5719c942aa2da6cf3157aca993fa4"
SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/poky/meta/recipes-core/glibc/glibc/reproducible-paths.patch b/poky/meta/recipes-core/glibc/glibc/reproducible-paths.patch
new file mode 100644
index 0000000..0754dca
--- /dev/null
+++ b/poky/meta/recipes-core/glibc/glibc/reproducible-paths.patch
@@ -0,0 +1,23 @@
+Avoid hardcoded build time paths in the output binaries by replacing the compile
+definitions with the output locations.
+
+Upstream-Status: Inappropriate [would need reworking somehow to be acceptable upstream]
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Index: git/support/Makefile
+===================================================================
+--- git.orig/support/Makefile
++++ git/support/Makefile
+@@ -216,9 +216,9 @@ libsupport-inhibit-o += .o
+ endif
+
+ CFLAGS-support_paths.c = \
+- -DSRCDIR_PATH=\"`cd .. ; pwd`\" \
+- -DOBJDIR_PATH=\"`cd $(objpfx)/..; pwd`\" \
+- -DOBJDIR_ELF_LDSO_PATH=\"`cd $(objpfx)/..; pwd`/elf/$(rtld-installed-name)\" \
++ -DSRCDIR_PATH=\"$(oe_srcdir)\" \
++ -DOBJDIR_PATH=\"$(libdir)/glibc-tests/ptest/tests/glibc-ptest\" \
++ -DOBJDIR_ELF_LDSO_PATH=\"$(slibdir)/$(rtld-installed-name)\" \
+ -DINSTDIR_PATH=\"$(prefix)\" \
+ -DLIBDIR_PATH=\"$(libdir)\" \
+ -DBINDIR_PATH=\"$(bindir)\" \
diff --git a/poky/meta/recipes-core/glibc/glibc_2.35.bb b/poky/meta/recipes-core/glibc/glibc_2.35.bb
index 6ea5b1e..96fe39c 100644
--- a/poky/meta/recipes-core/glibc/glibc_2.35.bb
+++ b/poky/meta/recipes-core/glibc/glibc_2.35.bb
@@ -16,7 +16,7 @@
# Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853
CVE_CHECK_IGNORE += "CVE-2019-1010025"
-DEPENDS += "gperf-native bison-native make-native"
+DEPENDS += "gperf-native bison-native"
NATIVESDKFIXES ?= ""
NATIVESDKFIXES:class-nativesdk = "\
diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb
index dfb9690..398481a 100644
--- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -24,7 +24,7 @@
inherit core-image setuptools3
-SRCREV ?= "0674ae7bc46ebfa90c55bbedec6b22dc5f48dacf"
+SRCREV ?= "213f174999a16daee955296162e62fa3386f841d"
SRC_URI = "git://git.yoctoproject.org/poky;branch=kirkstone \
file://Yocto_Build_Appliance.vmx \
file://Yocto_Build_Appliance.vmxf \
diff --git a/poky/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh b/poky/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh
index 1fcd29e..4bd6ace 100644
--- a/poky/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh
+++ b/poky/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh
@@ -138,7 +138,7 @@
if [ -d /ssd/etc/ ] ; then
# We dont want udev to mount our root device while we're booting...
if [ -d /ssd/etc/udev/ ] ; then
- echo "/dev/${device}" >> /ssd/etc/udev/mount.blacklist
+ echo "/dev/${device}" >> /ssd/etc/udev/mount.ignorelist
fi
fi
diff --git a/poky/meta/recipes-core/initrdscripts/files/init-install-efi.sh b/poky/meta/recipes-core/initrdscripts/files/init-install-efi.sh
index f667518..ffd3870 100644
--- a/poky/meta/recipes-core/initrdscripts/files/init-install-efi.sh
+++ b/poky/meta/recipes-core/initrdscripts/files/init-install-efi.sh
@@ -229,7 +229,7 @@
echo "UUID=$boot_uuid /boot vfat defaults 1 2" >> /tgt_root/etc/fstab
# We dont want udev to mount our root device while we're booting...
if [ -d /tgt_root/etc/udev/ ] ; then
- echo "${device}" >> /tgt_root/etc/udev/mount.blacklist
+ echo "${device}" >> /tgt_root/etc/udev/mount.ignorelist
fi
fi
diff --git a/poky/meta/recipes-core/initrdscripts/files/init-install-testfs.sh b/poky/meta/recipes-core/initrdscripts/files/init-install-testfs.sh
index 7b49001..8ab74dd 100644
--- a/poky/meta/recipes-core/initrdscripts/files/init-install-testfs.sh
+++ b/poky/meta/recipes-core/initrdscripts/files/init-install-testfs.sh
@@ -164,7 +164,7 @@
echo "$bootfs /boot ext3 defaults 1 2" >> /tgt_root/etc/fstab
# We dont want udev to mount our root device while we're booting...
if [ -d /tgt_root/etc/udev/ ] ; then
- echo "/dev/${device}" >> /tgt_root/etc/udev/mount.blacklist
+ echo "/dev/${device}" >> /tgt_root/etc/udev/mount.ignorelist
fi
fi
umount /tgt_root
diff --git a/poky/meta/recipes-core/initrdscripts/files/init-install.sh b/poky/meta/recipes-core/initrdscripts/files/init-install.sh
index e715796..df33791 100644
--- a/poky/meta/recipes-core/initrdscripts/files/init-install.sh
+++ b/poky/meta/recipes-core/initrdscripts/files/init-install.sh
@@ -261,7 +261,7 @@
echo "$bootdev /boot ext3 defaults 1 2" >> /tgt_root/etc/fstab
# We dont want udev to mount our root device while we're booting...
if [ -d /tgt_root/etc/udev/ ] ; then
- echo "${device}" >> /tgt_root/etc/udev/mount.blacklist
+ echo "${device}" >> /tgt_root/etc/udev/mount.ignorelist
fi
fi
umount /tgt_root
diff --git a/poky/meta/recipes-core/initrdscripts/initramfs-framework/finish b/poky/meta/recipes-core/initrdscripts/initramfs-framework/finish
index f08a920..ac0de9f 100755
--- a/poky/meta/recipes-core/initrdscripts/initramfs-framework/finish
+++ b/poky/meta/recipes-core/initrdscripts/initramfs-framework/finish
@@ -26,6 +26,15 @@
info "Switching root to '$ROOTFS_DIR'..."
+ debug "Moving basic mounts onto rootfs"
+ for dir in `awk '/\/dev.* \/run\/media/{print $2}' /proc/mounts`; do
+ # Parse any OCT or HEX encoded chars such as spaces
+ # in the mount points to actual ASCII chars
+ dir=`printf $dir`
+ mkdir -p "${ROOTFS_DIR}/media/${dir##*/}"
+ mount -n --move "$dir" "${ROOTFS_DIR}/media/${dir##*/}"
+ done
+
debug "Moving /dev, /proc and /sys onto rootfs..."
mount --move /dev $ROOTFS_DIR/dev
mount --move /proc $ROOTFS_DIR/proc
diff --git a/poky/meta/recipes-core/libcgroup/libcgroup_2.0.1.bb b/poky/meta/recipes-core/libcgroup/libcgroup_2.0.2.bb
similarity index 93%
rename from poky/meta/recipes-core/libcgroup/libcgroup_2.0.1.bb
rename to poky/meta/recipes-core/libcgroup/libcgroup_2.0.2.bb
index 857a4e8..7ade372 100644
--- a/poky/meta/recipes-core/libcgroup/libcgroup_2.0.1.bb
+++ b/poky/meta/recipes-core/libcgroup/libcgroup_2.0.2.bb
@@ -13,7 +13,7 @@
SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz"
-SRC_URI[sha256sum] = "2dd9c566a90a053e7a5f47607e225648ba7aa9bb7763514dd4778e2ed530fe90"
+SRC_URI[sha256sum] = "8ef63b32e0aff619547dbb8a25e1f6bab152d7c4864795cf915571a5994d0cf8"
UPSTREAM_CHECK_URI = "https://github.com/libcgroup/libcgroup/releases/"
DEPENDS:append:libc-musl = " fts "
diff --git a/poky/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch b/poky/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
deleted file mode 100644
index e188914..0000000
--- a/poky/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From 646fe48d1c8a74310c409ddf81fe7df6700052af Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 22 Feb 2022 11:51:08 +0100
-Subject: [PATCH] Fix --without-valid build
-
-Regressed in commit 652dd12a.
----
- valid.c | 58 ++++++++++++++++++++++++++++-----------------------------
- 1 file changed, 29 insertions(+), 29 deletions(-)
----
-
-From https://github.com/GNOME/libxml2.git
- commit 646fe48d1c8a74310c409ddf81fe7df6700052af
-
-CVE: CVE-2022-23308
-Upstream-Status: Backport
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
-
-diff --git a/valid.c b/valid.c
-index 8e596f1d..9684683a 100644
---- a/valid.c
-+++ b/valid.c
-@@ -479,35 +479,6 @@ nodeVPop(xmlValidCtxtPtr ctxt)
- return (ret);
- }
-
--/**
-- * xmlValidNormalizeString:
-- * @str: a string
-- *
-- * Normalize a string in-place.
-- */
--static void
--xmlValidNormalizeString(xmlChar *str) {
-- xmlChar *dst;
-- const xmlChar *src;
--
-- if (str == NULL)
-- return;
-- src = str;
-- dst = str;
--
-- while (*src == 0x20) src++;
-- while (*src != 0) {
-- if (*src == 0x20) {
-- while (*src == 0x20) src++;
-- if (*src != 0)
-- *dst++ = 0x20;
-- } else {
-- *dst++ = *src++;
-- }
-- }
-- *dst = 0;
--}
--
- #ifdef DEBUG_VALID_ALGO
- static void
- xmlValidPrintNode(xmlNodePtr cur) {
-@@ -2636,6 +2607,35 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) {
- (xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \
- xmlFree((char *)(str));
-
-+/**
-+ * xmlValidNormalizeString:
-+ * @str: a string
-+ *
-+ * Normalize a string in-place.
-+ */
-+static void
-+xmlValidNormalizeString(xmlChar *str) {
-+ xmlChar *dst;
-+ const xmlChar *src;
-+
-+ if (str == NULL)
-+ return;
-+ src = str;
-+ dst = str;
-+
-+ while (*src == 0x20) src++;
-+ while (*src != 0) {
-+ if (*src == 0x20) {
-+ while (*src == 0x20) src++;
-+ if (*src != 0)
-+ *dst++ = 0x20;
-+ } else {
-+ *dst++ = *src++;
-+ }
-+ }
-+ *dst = 0;
-+}
-+
- static int
- xmlIsStreaming(xmlValidCtxtPtr ctxt) {
- xmlParserCtxtPtr pctxt;
---
-2.35.1
-
diff --git a/poky/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch b/poky/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
index d211f65..cc9da88 100644
--- a/poky/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
+++ b/poky/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
@@ -1,4 +1,4 @@
-From f57da62218cf72c1342da82abafdac6b0a2e4997 Mon Sep 17 00:00:00 2001
+From 7196bce35954c4b46391cb0139aeb15ed628fa54 Mon Sep 17 00:00:00 2001
From: Tony Tascioglu <tony.tascioglu@windriver.com>
Date: Fri, 14 May 2021 11:50:35 -0400
Subject: [PATCH] AM_PATH_XML2 uses xml-config which we disable through
@@ -16,16 +16,18 @@
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Updated to apply cleanly to v2.9.12
-
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
----
- libxml.m4 | 190 ++----------------------------------------------------
- 1 file changed, 5 insertions(+), 185 deletions(-)
-Index: libxml2-2.9.13/libxml.m4
-===================================================================
---- libxml2-2.9.13.orig/libxml.m4
-+++ libxml2-2.9.13/libxml.m4
+Rebase to 2.9.14
+Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
+---
+ libxml.m4 | 189 ++----------------------------------------------------
+ 1 file changed, 5 insertions(+), 184 deletions(-)
+
+diff --git a/libxml.m4 b/libxml.m4
+index fc7790c..1c53585 100644
+--- a/libxml.m4
++++ b/libxml.m4
@@ -1,191 +1,12 @@
-# Configure paths for LIBXML2
-# Simon Josefsson 2020-02-12
@@ -223,3 +225,6 @@
- AC_SUBST(XML_LIBS)
- rm -f conf.xmltest
])
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/libxml/libxml2_2.9.13.bb b/poky/meta/recipes-core/libxml/libxml2_2.9.14.bb
similarity index 96%
rename from poky/meta/recipes-core/libxml/libxml2_2.9.13.bb
rename to poky/meta/recipes-core/libxml/libxml2_2.9.14.bb
index e361b53..3081ebf 100644
--- a/poky/meta/recipes-core/libxml/libxml2_2.9.13.bb
+++ b/poky/meta/recipes-core/libxml/libxml2_2.9.14.bb
@@ -23,11 +23,8 @@
file://remove-fuzz-from-ptests.patch \
file://libxml-m4-use-pkgconfig.patch \
"
-# will be in v2.9.14
-#
-SRC_URI += "file://CVE-2022-23308-fix-regression.patch"
-SRC_URI[archive.sha256sum] = "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e"
+SRC_URI[archive.sha256sum] = "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee"
SRC_URI[testtar.sha256sum] = "96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7"
BINCONFIG = "${bindir}/xml2-config"
diff --git a/poky/meta/recipes-core/meta/cve-update-db-native.bb b/poky/meta/recipes-core/meta/cve-update-db-native.bb
index e5822ce..18af89b 100644
--- a/poky/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/poky/meta/recipes-core/meta/cve-update-db-native.bb
@@ -13,6 +13,10 @@
deltask do_populate_sysroot
NVDCVE_URL ?= "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-"
+# CVE database update interval, in seconds. By default: once a day (24*60*60).
+# Use 0 to force the update
+# Use a negative value to skip the update
+CVE_DB_UPDATE_INTERVAL ?= "86400"
python () {
if not bb.data.inherits_class("cve-check", d):
@@ -43,12 +47,18 @@
if os.path.exists(db_file):
os.remove(db_file)
- # Don't refresh the database more than once an hour
+ # The NVD database changes once a day, so no need to update more frequently
+ # Allow the user to force-update
try:
import time
- if time.time() - os.path.getmtime(db_file) < (60*60):
+ update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL"))
+ if update_interval < 0:
+ bb.note("CVE database update skipped")
+ return
+ if time.time() - os.path.getmtime(db_file) < update_interval:
bb.debug(2, "Recently updated, skipping")
return
+
except OSError:
pass
diff --git a/poky/meta/recipes-core/ncurses/ncurses.inc b/poky/meta/recipes-core/ncurses/ncurses.inc
index 7a7c7dd..1abcfae 100644
--- a/poky/meta/recipes-core/ncurses/ncurses.inc
+++ b/poky/meta/recipes-core/ncurses/ncurses.inc
@@ -2,7 +2,7 @@
DESCRIPTION = "SVr4 and XSI-Curses compatible curses library and terminfo tools including tic, infocmp, captoinfo. Supports color, multiple highlights, forms-drawing characters, and automatic recognition of keypad and function-key sequences. Extensions include resizable windows and mouse support on both xterm and Linux console using the gpm library."
HOMEPAGE = "http://www.gnu.org/software/ncurses/ncurses.html"
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://COPYING;md5=9529289636145d1bf093c96af067695a;endline=27"
+LIC_FILES_CHKSUM = "file://COPYING;md5=c5a4600fdef86384c41ca33ecc70a4b8;endline=27"
SECTION = "libs"
DEPENDS = "ncurses-native"
DEPENDS:class-native = ""
diff --git a/poky/meta/recipes-core/ncurses/ncurses_6.3.bb b/poky/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb
similarity index 76%
rename from poky/meta/recipes-core/ncurses/ncurses_6.3.bb
rename to poky/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb
index f0256da..f67a3f5 100644
--- a/poky/meta/recipes-core/ncurses/ncurses_6.3.bb
+++ b/poky/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb
@@ -5,10 +5,10 @@
file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \
"
# commit id corresponds to the revision in package version
-SRCREV = "51d0fd9cc3edb975f04224f29f777f8f448e8ced"
+SRCREV = "a0bc708bc6954b5d3c0a38d92b683c3ec3135260"
S = "${WORKDIR}/git"
EXTRA_OECONF += "--with-abi-version=5"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)$"
# This is needed when using patchlevel versions like 6.1+20181013
-#CVE_VERSION = "${@d.getVar("PV").split('+')[0]}.${@d.getVar("PV").split('+')[1]}"
+CVE_VERSION = "${@d.getVar("PV").split('+')[0]}.${@d.getVar("PV").split('+')[1]}"
diff --git a/poky/meta/recipes-core/ovmf/ovmf/0001-BaseTools-fix-gcc12-warning-1.patch b/poky/meta/recipes-core/ovmf/ovmf/0001-BaseTools-fix-gcc12-warning-1.patch
new file mode 100644
index 0000000..23366b4
--- /dev/null
+++ b/poky/meta/recipes-core/ovmf/ovmf/0001-BaseTools-fix-gcc12-warning-1.patch
@@ -0,0 +1,51 @@
+From b0a0b7b605aeb8106e7b50d1efeb746f401498cc Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Thu, 24 Mar 2022 20:04:35 +0800
+Subject: [PATCH] BaseTools: fix gcc12 warning
+
+Sdk/C/LzmaEnc.c: In function ?LzmaEnc_CodeOneMemBlock?:
+Sdk/C/LzmaEnc.c:2828:19: error: storing the address of local variable ?outStream? in ?*p.rc.outStream? [-Werror=dangling-pointer=]
+ 2828 | p->rc.outStream = &outStream.vt;
+ | ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
+Sdk/C/LzmaEnc.c:2811:28: note: ?outStream? declared here
+ 2811 | CLzmaEnc_SeqOutStreamBuf outStream;
+ | ^~~~~~~~~
+Sdk/C/LzmaEnc.c:2811:28: note: ?pp? declared here
+Sdk/C/LzmaEnc.c:2828:19: error: storing the address of local variable ?outStream? in ?*(CLzmaEnc *)pp.rc.outStream? [-Werror=dangling-pointer=]
+ 2828 | p->rc.outStream = &outStream.vt;
+ | ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
+Sdk/C/LzmaEnc.c:2811:28: note: ?outStream? declared here
+ 2811 | CLzmaEnc_SeqOutStreamBuf outStream;
+ | ^~~~~~~~~
+Sdk/C/LzmaEnc.c:2811:28: note: ?pp? declared here
+cc1: all warnings being treated as errors
+
+Upstream-Status: Backport [https://github.com/tianocore/edk2/commit/85021f8cf22d1bd4114803c6c610dea5ef0059f1]
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Reviewed-by: Bob Feng <bob.c.feng@intel.com>
+---
+ BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c b/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c
+index 4e9b499f8d..4b9f5fa692 100644
+--- a/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c
++++ b/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c
+@@ -2825,12 +2825,13 @@ SRes LzmaEnc_CodeOneMemBlock(CLzmaEncHandle pp, BoolInt reInit,
+
+ nowPos64 = p->nowPos64;
+ RangeEnc_Init(&p->rc);
+- p->rc.outStream = &outStream.vt;
+
+ if (desiredPackSize == 0)
+ return SZ_ERROR_OUTPUT_EOF;
+
++ p->rc.outStream = &outStream.vt;
+ res = LzmaEnc_CodeOneBlock(p, desiredPackSize, *unpackSize);
++ p->rc.outStream = NULL;
+
+ *unpackSize = (UInt32)(p->nowPos64 - nowPos64);
+ *destLen -= outStream.rem;
+--
+2.36.1
+
diff --git a/poky/meta/recipes-core/ovmf/ovmf/0001-BaseTools-fix-gcc12-warning.patch b/poky/meta/recipes-core/ovmf/ovmf/0001-BaseTools-fix-gcc12-warning.patch
new file mode 100644
index 0000000..91c0164
--- /dev/null
+++ b/poky/meta/recipes-core/ovmf/ovmf/0001-BaseTools-fix-gcc12-warning.patch
@@ -0,0 +1,49 @@
+From 2435c17e56652479315853cec5b91fb0ea0911a3 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Thu, 24 Mar 2022 20:04:34 +0800
+Subject: [PATCH] BaseTools: fix gcc12 warning
+
+GenFfs.c:545:5: error: pointer ?InFileHandle? used after ?fclose? [-Werror=use-after-free]
+ 545 | Error(NULL, 0, 4001, "Resource", "memory cannot be allocated of %s", InFileHandle);
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+GenFfs.c:544:5: note: call to ?fclose? here
+ 544 | fclose (InFileHandle);
+ | ^~~~~~~~~~~~~~~~~~~~~
+
+Upstream-Status: Backport [https://github.com/tianocore/edk2/commit/7b005f344e533cd913c3ca05b266f9872df886d1]
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Reviewed-by: Bob Feng <bob.c.feng@intel.com>
+---
+ BaseTools/Source/C/GenFfs/GenFfs.c | 2 +-
+ BaseTools/Source/C/GenSec/GenSec.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/BaseTools/Source/C/GenFfs/GenFfs.c b/BaseTools/Source/C/GenFfs/GenFfs.c
+index 949025c333..d78d62ab36 100644
+--- a/BaseTools/Source/C/GenFfs/GenFfs.c
++++ b/BaseTools/Source/C/GenFfs/GenFfs.c
+@@ -542,7 +542,7 @@ GetAlignmentFromFile(char *InFile, UINT32 *Alignment)
+ PeFileBuffer = (UINT8 *) malloc (PeFileSize);
+ if (PeFileBuffer == NULL) {
+ fclose (InFileHandle);
+- Error(NULL, 0, 4001, "Resource", "memory cannot be allocated of %s", InFileHandle);
++ Error(NULL, 0, 4001, "Resource", "memory cannot be allocated for %s", InFile);
+ return EFI_OUT_OF_RESOURCES;
+ }
+ fread (PeFileBuffer, sizeof (UINT8), PeFileSize, InFileHandle);
+diff --git a/BaseTools/Source/C/GenSec/GenSec.c b/BaseTools/Source/C/GenSec/GenSec.c
+index d54a4f9e0a..b1d05367ec 100644
+--- a/BaseTools/Source/C/GenSec/GenSec.c
++++ b/BaseTools/Source/C/GenSec/GenSec.c
+@@ -1062,7 +1062,7 @@ GetAlignmentFromFile(char *InFile, UINT32 *Alignment)
+ PeFileBuffer = (UINT8 *) malloc (PeFileSize);
+ if (PeFileBuffer == NULL) {
+ fclose (InFileHandle);
+- Error(NULL, 0, 4001, "Resource", "memory cannot be allocated of %s", InFileHandle);
++ Error(NULL, 0, 4001, "Resource", "memory cannot be allocated for %s", InFile);
+ return EFI_OUT_OF_RESOURCES;
+ }
+ fread (PeFileBuffer, sizeof (UINT8), PeFileSize, InFileHandle);
+--
+2.36.1
+
diff --git a/poky/meta/recipes-core/ovmf/ovmf_git.bb b/poky/meta/recipes-core/ovmf/ovmf_git.bb
index b15d40e..84e3360 100644
--- a/poky/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/poky/meta/recipes-core/ovmf/ovmf_git.bb
@@ -15,12 +15,18 @@
PACKAGECONFIG[secureboot] = ",,,"
PACKAGECONFIG[tpm] = "-D TPM_ENABLE=TRUE,-D TPM_ENABLE=FALSE,,"
+# GCC12 trips on it
+#see https://src.fedoraproject.org/rpms/edk2/blob/rawhide/f/0032-Basetools-turn-off-gcc12-warning.patch
+BUILD_CFLAGS += "-Wno-error=stringop-overflow"
+
SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https \
file://0001-ovmf-update-path-to-native-BaseTools.patch \
file://0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch \
file://0003-ovmf-Update-to-latest.patch \
file://0005-debug-prefix-map.patch \
file://0006-reproducible.patch \
+ file://0001-BaseTools-fix-gcc12-warning.patch \
+ file://0001-BaseTools-fix-gcc12-warning-1.patch \
"
PV = "edk2-stable202202"
diff --git a/poky/meta/recipes-core/packagegroups/packagegroup-core-ssh-dropbear.bb b/poky/meta/recipes-core/packagegroups/packagegroup-core-ssh-dropbear.bb
index 4f844ad..d06c6a5 100644
--- a/poky/meta/recipes-core/packagegroups/packagegroup-core-ssh-dropbear.bb
+++ b/poky/meta/recipes-core/packagegroups/packagegroup-core-ssh-dropbear.bb
@@ -4,3 +4,4 @@
inherit packagegroup
RDEPENDS:${PN} = "dropbear"
+RRECOMMENDS:${PN} = "openssh-sftp-server"
diff --git a/poky/meta/recipes-core/systemd/systemd-boot_250.4.bb b/poky/meta/recipes-core/systemd/systemd-boot_250.5.bb
similarity index 100%
rename from poky/meta/recipes-core/systemd/systemd-boot_250.4.bb
rename to poky/meta/recipes-core/systemd/systemd-boot_250.5.bb
diff --git a/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl b/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl
index 6324319..6d19666 100755
--- a/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl
+++ b/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl
@@ -11,6 +11,7 @@
import sys
from collections import namedtuple
+from itertools import chain
from pathlib import Path
version = 1.0
@@ -25,12 +26,16 @@
class SystemdFile():
"""Class representing a single systemd configuration file"""
- def __init__(self, root, path):
+ def __init__(self, root, path, instance_unit_name):
self.sections = dict()
self._parse(root, path)
dirname = os.path.basename(path.name) + ".d"
for location in locations:
- for path2 in sorted((root / location / "system" / dirname).glob("*.conf")):
+ files = (root / location / "system" / dirname).glob("*.conf")
+ if instance_unit_name:
+ inst_dirname = instance_unit_name + ".d"
+ files = chain(files, (root / location / "system" / inst_dirname).glob("*.conf"))
+ for path2 in sorted(files):
self._parse(root, path2)
def _parse(self, root, path):
@@ -195,8 +200,11 @@
# if we're enabling an instance, first extract the actual instance
# then figure out what the template unit is
template = re.match(r"[^@]+@(?P<instance>[^\.]*)\.", self.unit)
+ instance_unit_name = None
if template:
instance = template.group('instance')
+ if instance != "":
+ instance_unit_name = self.unit
unit = re.sub(r"@[^\.]*\.", "@.", self.unit, 1)
else:
instance = None
@@ -208,7 +216,7 @@
# ignore aliases
return
- config = SystemdFile(self.root, path)
+ config = SystemdFile(self.root, path, instance_unit_name)
if instance == "":
try:
default_instance = config.get('Install', 'DefaultInstance')[0]
diff --git a/poky/meta/recipes-core/systemd/systemd.inc b/poky/meta/recipes-core/systemd/systemd.inc
index ac454b8..3091052 100644
--- a/poky/meta/recipes-core/systemd/systemd.inc
+++ b/poky/meta/recipes-core/systemd/systemd.inc
@@ -14,7 +14,7 @@
LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"
-SRCREV = "c3aead556847dd2694d559620123b65ff16afe8c"
+SRCREV = "4a31fa2fb040005b73253da75cf84949b8485175"
SRCBRANCH = "v250-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}"
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-Adjust-for-musl-headers.patch b/poky/meta/recipes-core/systemd/systemd/0001-Adjust-for-musl-headers.patch
index 2363679..c42c667 100644
--- a/poky/meta/recipes-core/systemd/systemd/0001-Adjust-for-musl-headers.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0001-Adjust-for-musl-headers.patch
@@ -1,4 +1,4 @@
-From 4c2e932664ec67662f4a0306cca4a7cd82853bda Mon Sep 17 00:00:00 2001
+From 9a1841402ce3ef21a10a7314a07a615f8196d406 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 21 Jan 2022 22:19:37 -0800
Subject: [PATCH] Adjust for musl headers
@@ -6,6 +6,7 @@
Upstream-Status: Inappropriate [musl specific]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
---
src/libsystemd-network/sd-dhcp6-client.c | 2 +-
src/network/netdev/bareudp.c | 2 +-
@@ -29,6 +30,7 @@
src/network/netdev/vrf.c | 2 +-
src/network/netdev/vxcan.c | 2 +-
src/network/netdev/vxlan.c | 2 +-
+ src/network/netdev/wireguard.c | 2 +-
src/network/netdev/xfrm.c | 2 +-
src/network/networkd-bridge-mdb.c | 4 ++--
src/network/networkd-dhcp-common.c | 3 ++-
@@ -41,8 +43,10 @@
src/shared/linux/ethtool.h | 3 ++-
src/shared/netif-util.c | 2 +-
src/udev/udev-builtin-net_id.c | 2 +-
- 34 files changed, 41 insertions(+), 39 deletions(-)
+ 35 files changed, 42 insertions(+), 40 deletions(-)
+diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c
+index 84bc739bba..ff8cb6bf9d 100644
--- a/src/libsystemd-network/sd-dhcp6-client.c
+++ b/src/libsystemd-network/sd-dhcp6-client.c
@@ -5,7 +5,7 @@
@@ -54,6 +58,8 @@
#include <linux/if_infiniband.h>
#include "sd-dhcp6-client.h"
+diff --git a/src/network/netdev/bareudp.c b/src/network/netdev/bareudp.c
+index 8ff0eb1360..7e06b8d57d 100644
--- a/src/network/netdev/bareudp.c
+++ b/src/network/netdev/bareudp.c
@@ -2,7 +2,7 @@
@@ -65,6 +71,8 @@
#include "bareudp.h"
#include "netlink-util.h"
+diff --git a/src/network/netdev/batadv.c b/src/network/netdev/batadv.c
+index 15f3aee3a6..ec76428436 100644
--- a/src/network/netdev/batadv.c
+++ b/src/network/netdev/batadv.c
@@ -3,7 +3,7 @@
@@ -76,6 +84,8 @@
#include "batadv.h"
#include "fileio.h"
+diff --git a/src/network/netdev/bond.c b/src/network/netdev/bond.c
+index 5d94aa1d68..4e379a326d 100644
--- a/src/network/netdev/bond.c
+++ b/src/network/netdev/bond.c
@@ -1,7 +1,7 @@
@@ -87,6 +97,8 @@
#include "alloc-util.h"
#include "bond.h"
+diff --git a/src/network/netdev/bridge.c b/src/network/netdev/bridge.c
+index b974f2ae0a..9a5f18d556 100644
--- a/src/network/netdev/bridge.c
+++ b/src/network/netdev/bridge.c
@@ -2,7 +2,7 @@
@@ -98,6 +110,8 @@
#include <linux/if_bridge.h>
#include "bridge.h"
+diff --git a/src/network/netdev/dummy.c b/src/network/netdev/dummy.c
+index 00df1d2787..77b506b422 100644
--- a/src/network/netdev/dummy.c
+++ b/src/network/netdev/dummy.c
@@ -1,6 +1,6 @@
@@ -108,6 +122,8 @@
#include "dummy.h"
+diff --git a/src/network/netdev/geneve.c b/src/network/netdev/geneve.c
+index 224c17e979..fb79cc13f6 100644
--- a/src/network/netdev/geneve.c
+++ b/src/network/netdev/geneve.c
@@ -2,7 +2,7 @@
@@ -119,6 +135,8 @@
#include "alloc-util.h"
#include "conf-parser.h"
+diff --git a/src/network/netdev/ifb.c b/src/network/netdev/ifb.c
+index d7ff44cb9e..e037629ae4 100644
--- a/src/network/netdev/ifb.c
+++ b/src/network/netdev/ifb.c
@@ -1,7 +1,7 @@
@@ -130,6 +148,8 @@
#include "ifb.h"
+diff --git a/src/network/netdev/ipoib.c b/src/network/netdev/ipoib.c
+index e0ff9e8c62..ab085c1f6d 100644
--- a/src/network/netdev/ipoib.c
+++ b/src/network/netdev/ipoib.c
@@ -1,6 +1,6 @@
@@ -140,6 +160,8 @@
#include <linux/if_link.h>
#include "ipoib.h"
+diff --git a/src/network/netdev/ipvlan.c b/src/network/netdev/ipvlan.c
+index d15766cd7b..60728b4f94 100644
--- a/src/network/netdev/ipvlan.c
+++ b/src/network/netdev/ipvlan.c
@@ -2,7 +2,7 @@
@@ -151,6 +173,8 @@
#include "conf-parser.h"
#include "ipvlan.h"
+diff --git a/src/network/netdev/macsec.c b/src/network/netdev/macsec.c
+index f1a566a9ca..1f37927a83 100644
--- a/src/network/netdev/macsec.c
+++ b/src/network/netdev/macsec.c
@@ -1,7 +1,7 @@
@@ -162,6 +186,8 @@
#include <linux/if_ether.h>
#include <linux/if_macsec.h>
#include <linux/genetlink.h>
+diff --git a/src/network/netdev/macvlan.c b/src/network/netdev/macvlan.c
+index c41be6e78f..ee2660c5bf 100644
--- a/src/network/netdev/macvlan.c
+++ b/src/network/netdev/macvlan.c
@@ -2,7 +2,7 @@
@@ -173,6 +199,8 @@
#include "conf-parser.h"
#include "macvlan.h"
+diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c
+index 8e7fe11c18..701ab2bd69 100644
--- a/src/network/netdev/netdev.c
+++ b/src/network/netdev/netdev.c
@@ -2,7 +2,7 @@
@@ -184,6 +212,8 @@
#include <unistd.h>
#include "alloc-util.h"
+diff --git a/src/network/netdev/netdevsim.c b/src/network/netdev/netdevsim.c
+index 15d5c132f9..a3ffa48b15 100644
--- a/src/network/netdev/netdevsim.c
+++ b/src/network/netdev/netdevsim.c
@@ -1,6 +1,6 @@
@@ -194,6 +224,8 @@
#include "netdevsim.h"
+diff --git a/src/network/netdev/nlmon.c b/src/network/netdev/nlmon.c
+index ff372092e6..eef66811f4 100644
--- a/src/network/netdev/nlmon.c
+++ b/src/network/netdev/nlmon.c
@@ -1,6 +1,6 @@
@@ -204,6 +236,8 @@
#include "nlmon.h"
+diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c
+index 97e534fe99..0302c1cb94 100644
--- a/src/network/netdev/tunnel.c
+++ b/src/network/netdev/tunnel.c
@@ -2,7 +2,7 @@
@@ -215,6 +249,8 @@
#include <linux/if_tunnel.h>
#include <linux/ip.h>
#include <linux/ip6_tunnel.h>
+diff --git a/src/network/netdev/vcan.c b/src/network/netdev/vcan.c
+index 380547ee1e..137c1adf8a 100644
--- a/src/network/netdev/vcan.c
+++ b/src/network/netdev/vcan.c
@@ -1,6 +1,6 @@
@@ -225,6 +261,8 @@
#include "vcan.h"
+diff --git a/src/network/netdev/veth.c b/src/network/netdev/veth.c
+index c946e81fc0..d1a6be73f9 100644
--- a/src/network/netdev/veth.c
+++ b/src/network/netdev/veth.c
@@ -3,7 +3,7 @@
@@ -236,6 +274,8 @@
#include <linux/veth.h>
#include "netlink-util.h"
+diff --git a/src/network/netdev/vlan.c b/src/network/netdev/vlan.c
+index af3e77963e..efa4b0a164 100644
--- a/src/network/netdev/vlan.c
+++ b/src/network/netdev/vlan.c
@@ -2,7 +2,7 @@
@@ -247,6 +287,8 @@
#include <linux/if_vlan.h>
#include "parse-util.h"
+diff --git a/src/network/netdev/vrf.c b/src/network/netdev/vrf.c
+index b1b6707441..1c6d1982e1 100644
--- a/src/network/netdev/vrf.c
+++ b/src/network/netdev/vrf.c
@@ -2,7 +2,7 @@
@@ -258,6 +300,8 @@
#include "vrf.h"
+diff --git a/src/network/netdev/vxcan.c b/src/network/netdev/vxcan.c
+index a0ba048eb1..875f2e5901 100644
--- a/src/network/netdev/vxcan.c
+++ b/src/network/netdev/vxcan.c
@@ -1,7 +1,7 @@
@@ -269,6 +313,8 @@
#include "vxcan.h"
+diff --git a/src/network/netdev/vxlan.c b/src/network/netdev/vxlan.c
+index 30b0855598..a065158801 100644
--- a/src/network/netdev/vxlan.c
+++ b/src/network/netdev/vxlan.c
@@ -2,7 +2,7 @@
@@ -280,6 +326,21 @@
#include "conf-parser.h"
#include "alloc-util.h"
+diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
+index 88f668753a..5fc753384b 100644
+--- a/src/network/netdev/wireguard.c
++++ b/src/network/netdev/wireguard.c
+@@ -6,7 +6,7 @@
+ #include <sys/ioctl.h>
+ #include <net/if.h>
+ #include <netinet/in.h>
+-#include <linux/if_arp.h>
++//#include <linux/if_arp.h>
+ #include <linux/ipv6_route.h>
+
+ #include "sd-resolve.h"
+diff --git a/src/network/netdev/xfrm.c b/src/network/netdev/xfrm.c
+index ef5e735b2b..419afd75f2 100644
--- a/src/network/netdev/xfrm.c
+++ b/src/network/netdev/xfrm.c
@@ -1,6 +1,6 @@
@@ -290,6 +351,8 @@
#include "missing_network.h"
#include "xfrm.h"
+diff --git a/src/network/networkd-bridge-mdb.c b/src/network/networkd-bridge-mdb.c
+index 10025a97ae..a0239ea83a 100644
--- a/src/network/networkd-bridge-mdb.c
+++ b/src/network/networkd-bridge-mdb.c
@@ -1,7 +1,5 @@
@@ -309,6 +372,8 @@
#define STATIC_BRIDGE_MDB_ENTRIES_PER_NETWORK_MAX 1024U
+diff --git a/src/network/networkd-dhcp-common.c b/src/network/networkd-dhcp-common.c
+index 7996960bd1..e870b9ba26 100644
--- a/src/network/networkd-dhcp-common.c
+++ b/src/network/networkd-dhcp-common.c
@@ -1,7 +1,8 @@
@@ -321,6 +386,8 @@
#include "bus-error.h"
#include "dhcp-identifier.h"
+diff --git a/src/network/networkd-dhcp-prefix-delegation.c b/src/network/networkd-dhcp-prefix-delegation.c
+index 7be9713d46..e830fcd575 100644
--- a/src/network/networkd-dhcp-prefix-delegation.c
+++ b/src/network/networkd-dhcp-prefix-delegation.c
@@ -1,7 +1,5 @@
@@ -340,6 +407,8 @@
bool link_dhcp_pd_is_enabled(Link *link) {
assert(link);
+diff --git a/src/network/networkd-dhcp-server.c b/src/network/networkd-dhcp-server.c
+index 9acfd17d49..3108289602 100644
--- a/src/network/networkd-dhcp-server.c
+++ b/src/network/networkd-dhcp-server.c
@@ -1,7 +1,7 @@
@@ -351,6 +420,8 @@
#include <linux/if.h>
#include "sd-dhcp-server.h"
+diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
+index cb9c428ae9..a35d58f3f1 100644
--- a/src/network/networkd-dhcp4.c
+++ b/src/network/networkd-dhcp4.c
@@ -3,7 +3,7 @@
@@ -362,6 +433,8 @@
#include "alloc-util.h"
#include "dhcp-client-internal.h"
+diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
+index b62a154828..75949e6094 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -3,7 +3,7 @@
@@ -373,6 +446,8 @@
#include <linux/if_link.h>
#include <linux/netdevice.h>
#include <sys/socket.h>
+diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c
+index ee7a535075..ce6ed64133 100644
--- a/src/network/networkd-route.c
+++ b/src/network/networkd-route.c
@@ -1,9 +1,5 @@
@@ -396,6 +471,8 @@
int route_new(Route **ret) {
_cleanup_(route_freep) Route *route = NULL;
+diff --git a/src/network/networkd-setlink.c b/src/network/networkd-setlink.c
+index e00cc1e589..e392c7e1a2 100644
--- a/src/network/networkd-setlink.c
+++ b/src/network/networkd-setlink.c
@@ -2,7 +2,7 @@
@@ -407,6 +484,8 @@
#include <linux/if_bridge.h>
#include "missing_network.h"
+diff --git a/src/shared/linux/ethtool.h b/src/shared/linux/ethtool.h
+index 974d4292e7..fe9b8a9e07 100644
--- a/src/shared/linux/ethtool.h
+++ b/src/shared/linux/ethtool.h
@@ -16,7 +16,8 @@
@@ -419,6 +498,8 @@
#ifndef __KERNEL__
#include <limits.h> /* for INT_MAX */
+diff --git a/src/shared/netif-util.c b/src/shared/netif-util.c
+index 603d4de109..7e3531808a 100644
--- a/src/shared/netif-util.c
+++ b/src/shared/netif-util.c
@@ -1,6 +1,6 @@
@@ -429,6 +510,8 @@
#include "arphrd-util.h"
#include "device-util.h"
+diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
+index 65e003eb15..0b3dc04be0 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -18,7 +18,7 @@
@@ -440,14 +523,3 @@
#include <linux/netdevice.h>
#include <linux/pci_regs.h>
---- a/src/network/netdev/wireguard.c
-+++ b/src/network/netdev/wireguard.c
-@@ -6,7 +6,7 @@
- #include <sys/ioctl.h>
- #include <net/if.h>
- #include <netinet/in.h>
--#include <linux/if_arp.h>
-+//#include <linux/if_arp.h>
- #include <linux/ipv6_route.h>
-
- #include "sd-resolve.h"
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch b/poky/meta/recipes-core/systemd/systemd/0001-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
new file mode 100644
index 0000000..31efc4c
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0001-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
@@ -0,0 +1,73 @@
+From beb0219b71510bc63aed81d2a970a04349d6c616 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 29 Sep 2020 18:01:41 -0700
+Subject: [PATCH] Move sysusers.d/sysctl.d/binfmt.d/modules-load.d to /usr
+
+These directories are moved to /lib since systemd v246, commit
+4a56315a990b ("path: use ROOTPREFIX properly"), but in oe-core/yocto,
+the old /usr/lib is still being used.
+
+Upstream-Status: Inappropriate (OE-specific)
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
+---
+ src/core/systemd.pc.in | 8 ++++----
+ src/libsystemd/sd-path/sd-path.c | 8 ++++----
+ 2 files changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
+index fc0f8c34fa..65996bbed8 100644
+--- a/src/core/systemd.pc.in
++++ b/src/core/systemd.pc.in
+@@ -65,16 +65,16 @@ systemdshutdowndir=${systemd_shutdown_dir}
+ tmpfiles_dir=${prefix}/lib/tmpfiles.d
+ tmpfilesdir=${tmpfiles_dir}
+
+-sysusers_dir=${rootprefix}/lib/sysusers.d
++sysusers_dir=${prefix}/lib/sysusers.d
+ sysusersdir=${sysusers_dir}
+
+-sysctl_dir=${rootprefix}/lib/sysctl.d
++sysctl_dir=${prefix}/lib/sysctl.d
+ sysctldir=${sysctl_dir}
+
+-binfmt_dir=${rootprefix}/lib/binfmt.d
++binfmt_dir=${prefix}/lib/binfmt.d
+ binfmtdir=${binfmt_dir}
+
+-modules_load_dir=${rootprefix}/lib/modules-load.d
++modules_load_dir=${prefix}/lib/modules-load.d
+ modulesloaddir=${modules_load_dir}
+
+ catalog_dir=${prefix}/lib/systemd/catalog
+diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c
+index ff1e0d5f8e..19a001f47e 100644
+--- a/src/libsystemd/sd-path/sd-path.c
++++ b/src/libsystemd/sd-path/sd-path.c
+@@ -362,19 +362,19 @@ static int get_path(uint64_t type, char **buffer, const char **ret) {
+ return 0;
+
+ case SD_PATH_SYSUSERS:
+- *ret = ROOTPREFIX_NOSLASH "/lib/sysusers.d";
++ *ret = "/usr/lib/sysusers.d";
+ return 0;
+
+ case SD_PATH_SYSCTL:
+- *ret = ROOTPREFIX_NOSLASH "/lib/sysctl.d";
++ *ret = "/usr/lib/sysctl.d";
+ return 0;
+
+ case SD_PATH_BINFMT:
+- *ret = ROOTPREFIX_NOSLASH "/lib/binfmt.d";
++ *ret = "/usr/lib/binfmt.d";
+ return 0;
+
+ case SD_PATH_MODULES_LOAD:
+- *ret = ROOTPREFIX_NOSLASH "/lib/modules-load.d";
++ *ret = "/usr/lib/modules-load.d";
+ return 0;
+
+ case SD_PATH_CATALOG:
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-pass-correct-parameters-to-getdents64.patch b/poky/meta/recipes-core/systemd/systemd/0001-pass-correct-parameters-to-getdents64.patch
index 03a29b5..9ebff98 100644
--- a/poky/meta/recipes-core/systemd/systemd/0001-pass-correct-parameters-to-getdents64.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0001-pass-correct-parameters-to-getdents64.patch
@@ -1,7 +1,7 @@
-From fbc10748c7c59d82024a4d35146b8dfef8d52927 Mon Sep 17 00:00:00 2001
+From dab02796780f00d689cc1c7a0ba81abe7c5f28d0 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 21 Jan 2022 15:15:11 -0800
-Subject: [PATCH 1/2] pass correct parameters to getdents64
+Subject: [PATCH] pass correct parameters to getdents64
Fixes
../git/src/basic/recurse-dir.c:57:40: error: incompatible pointer types passing 'uint8_t *' (aka 'unsigned char *') to parameter of type 'struct dirent *' [-Werror,-Wincompatible-pointer-types]
@@ -12,15 +12,16 @@
n = getdents64(fd, &buffer, sizeof(buffer));
^~~~~~~
-Upstream-Status: Pending
+Upstream-Status: Inappropriate [musl specific]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
---
src/basic/recurse-dir.c | 2 +-
src/basic/stat-util.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/basic/recurse-dir.c b/src/basic/recurse-dir.c
-index efa1797b7b..797285e3be 100644
+index efa1797b7b..03ff10ebe9 100644
--- a/src/basic/recurse-dir.c
+++ b/src/basic/recurse-dir.c
@@ -54,7 +54,7 @@ int readdir_all(int dir_fd,
@@ -28,12 +29,12 @@
assert(bs > de->buffer_size);
- n = getdents64(dir_fd, (uint8_t*) de->buffer + de->buffer_size, bs - de->buffer_size);
-+ n = getdents64(dir_fd, de->buffer + de->buffer_size, bs - de->buffer_size);
++ n = getdents64(dir_fd, (struct dirent*)((uint8_t*) de->buffer + de->buffer_size), bs - de->buffer_size);
if (n < 0)
return -errno;
if (n == 0)
diff --git a/src/basic/stat-util.c b/src/basic/stat-util.c
-index efac7b002e..9e1fe7f5a0 100644
+index c2269844f8..7cd6c7fa42 100644
--- a/src/basic/stat-util.c
+++ b/src/basic/stat-util.c
@@ -99,7 +99,7 @@ int dir_is_empty_at(int dir_fd, const char *path) {
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-resolve-Use-sockaddr-pointer-type-for-bind.patch b/poky/meta/recipes-core/systemd/systemd/0001-resolve-Use-sockaddr-pointer-type-for-bind.patch
new file mode 100644
index 0000000..8567283
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0001-resolve-Use-sockaddr-pointer-type-for-bind.patch
@@ -0,0 +1,46 @@
+From ad1428f29196bcc88ae382ee67ff705928e2be24 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Thu, 5 May 2022 20:25:37 -0700
+Subject: [PATCH] resolve: Use sockaddr pointer type for bind()
+
+bind() expects sockaddr* but SERVER_ADDRESS is sockaddr_in type struct
+
+Fixes errors with clang e.g.
+
+../git/src/resolve/test-resolved-stream.c:112:32: error: incompatible pointer types passing 'struct sockaddr_in *' to parameter of type 'const struct sockaddr *' [-Werror,-Wincompatible-pointer-types]
+ assert_se(bind(bindfd, &SERVER_ADDRESS, sizeof(SERVER_ADDRESS)) >= 0);
+ ^~~~~~~~~~~~~~~
+../git/src/resolve/test-resolved-stream.c:251:39: error: incompatible pointer types passing 'struct sockaddr_in *' to parameter of type 'const struct sockaddr *' [-Werror,-Wincompatible-pointer-types]
+ r = connect(clientfd, &SERVER_ADDRESS, sizeof(SERVER_ADDRESS));
+
+Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/23281]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/resolve/test-resolved-stream.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/resolve/test-resolved-stream.c b/src/resolve/test-resolved-stream.c
+index f12c729e50..504b532002 100644
+--- a/src/resolve/test-resolved-stream.c
++++ b/src/resolve/test-resolved-stream.c
+@@ -109,7 +109,7 @@ static void *tcp_dns_server(void *p) {
+
+ assert_se((bindfd = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0)) >= 0);
+ assert_se(setsockopt(bindfd, SOL_SOCKET, SO_REUSEADDR, &(int){1}, sizeof(int)) >= 0);
+- assert_se(bind(bindfd, &SERVER_ADDRESS, sizeof(SERVER_ADDRESS)) >= 0);
++ assert_se(bind(bindfd, (struct sockaddr*)&SERVER_ADDRESS, sizeof(SERVER_ADDRESS)) >= 0);
+ assert_se(listen(bindfd, 1) >= 0);
+ assert_se((acceptfd = accept(bindfd, NULL, NULL)) >= 0);
+ server_handle(acceptfd);
+@@ -248,7 +248,7 @@ static void test_dns_stream(bool tls) {
+ assert_se((clientfd = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0)) >= 0);
+
+ for (int i = 0; i < 100; i++) {
+- r = connect(clientfd, &SERVER_ADDRESS, sizeof(SERVER_ADDRESS));
++ r = connect(clientfd, (struct sockaddr*)&SERVER_ADDRESS, sizeof(SERVER_ADDRESS));
+ if (r >= 0)
+ break;
+ usleep(EVENT_TIMEOUT_USEC / 100);
+--
+2.36.0
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch b/poky/meta/recipes-core/systemd/systemd/0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch
deleted file mode 100644
index 7528246..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 58860e0f248576a80ff2af256ba42713c186ae93 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 29 Sep 2020 18:01:41 -0700
-Subject: [PATCH] systemd.pc.in: use ROOTPREFIX without suffixed slash
-
-This complements the commit
-https://github.com/poettering/systemd/commit/b612c26ceb9f56af0271fc9f07c1724d2d260a8a
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/core/systemd.pc.in | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
-index b5cc8f9..21dbf30 100644
---- a/src/core/systemd.pc.in
-+++ b/src/core/systemd.pc.in
-@@ -65,16 +65,16 @@ systemdshutdowndir=${systemd_shutdown_dir}
- tmpfiles_dir=${prefix}/lib/tmpfiles.d
- tmpfilesdir=${tmpfiles_dir}
-
--sysusers_dir=${rootprefix}/lib/sysusers.d
-+sysusers_dir=${prefix}/lib/sysusers.d
- sysusersdir=${sysusers_dir}
-
--sysctl_dir=${rootprefix}/lib/sysctl.d
-+sysctl_dir=${prefix}/lib/sysctl.d
- sysctldir=${sysctl_dir}
-
--binfmt_dir=${rootprefix}/lib/binfmt.d
-+binfmt_dir=${prefix}/lib/binfmt.d
- binfmtdir=${binfmt_dir}
-
--modules_load_dir=${rootprefix}/lib/modules-load.d
-+modules_load_dir=${prefix}/lib/modules-load.d
- modulesloaddir=${modules_load_dir}
-
- catalog_dir=${prefix}/lib/systemd/catalog
---
-2.25.1
-
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-test-parse-argument-Include-signal.h.patch b/poky/meta/recipes-core/systemd/systemd/0001-test-parse-argument-Include-signal.h.patch
deleted file mode 100644
index 898e8af..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0001-test-parse-argument-Include-signal.h.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 93c7e482d39cf7765974b3c729d29c1b120a60e3 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Mon, 24 May 2021 18:26:27 -0700
-Subject: [PATCH] test-parse-argument: Include signal.h
-
-Fixes
-src/test/test-parse-argument.c:49:29: error: use of undeclared identifier 'SIGABRT'
-
-Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/19718]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
----
- src/test/test-parse-argument.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/test/test-parse-argument.c b/src/test/test-parse-argument.c
-index cf3d54288a..15104e5282 100644
---- a/src/test/test-parse-argument.c
-+++ b/src/test/test-parse-argument.c
-@@ -5,6 +5,7 @@
- #include "parse-argument.h"
- #include "stdio-util.h"
- #include "tests.h"
-+#include <signal.h>
-
- TEST(parse_json_argument) {
- JsonFormatFlags flags = JSON_FORMAT_PRETTY;
diff --git a/poky/meta/recipes-core/systemd/systemd/0002-Add-sys-stat.h-for-S_IFDIR.patch b/poky/meta/recipes-core/systemd/systemd/0002-Add-sys-stat.h-for-S_IFDIR.patch
index 7dfa1a0..8cf0546 100644
--- a/poky/meta/recipes-core/systemd/systemd/0002-Add-sys-stat.h-for-S_IFDIR.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0002-Add-sys-stat.h-for-S_IFDIR.patch
@@ -1,13 +1,14 @@
-From d16f7b37c917b91e951b9313e2c8264c72ed93e5 Mon Sep 17 00:00:00 2001
+From 4b731a5e2547b5292f9a774b849e14c0cf7b3955 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 21 Jan 2022 15:17:37 -0800
-Subject: [PATCH 2/2] Add sys/stat.h for S_IFDIR
+Subject: [PATCH] Add sys/stat.h for S_IFDIR
../git/src/shared/mkdir-label.c:13:61: error: use of undeclared identifier 'S_IFDIR'
r = mac_selinux_create_file_prepare_at(dirfd, path, S_IFDIR);
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/23441]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
---
src/shared/mkdir-label.c | 1 +
1 file changed, 1 insertion(+)
@@ -24,6 +25,3 @@
int mkdirat_label(int dirfd, const char *path, mode_t mode) {
int r;
---
-2.34.1
-
diff --git a/poky/meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch b/poky/meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch
deleted file mode 100644
index 5027682..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch
+++ /dev/null
@@ -1,157 +0,0 @@
-From 5d730902f47498a2866b46875352f6810a01d67c Mon Sep 17 00:00:00 2001
-From: Chen Qi <Qi.Chen@windriver.com>
-Date: Mon, 25 Feb 2019 13:41:41 +0800
-Subject: [PATCH] don't use glibc-specific qsort_r
-
-Upstream-Status: Inappropriate [musl specific]
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-[Rebased for v241]
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
-[Rebased for v242]
-Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
-[Rebased for v247]
-Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
-
----
- src/basic/sort-util.h | 14 --------------
- src/shared/format-table.c | 36 ++++++++++++++++++++++++------------
- src/shared/hwdb-util.c | 19 ++++++++++++++-----
- 3 files changed, 38 insertions(+), 31 deletions(-)
-
---- a/src/basic/sort-util.h
-+++ b/src/basic/sort-util.h
-@@ -61,18 +61,4 @@ static inline void _qsort_safe(void *bas
- _qsort_safe((p), (n), sizeof((p)[0]), (comparison_fn_t) _func_); \
- })
-
--static inline void qsort_r_safe(void *base, size_t nmemb, size_t size, comparison_userdata_fn_t compar, void *userdata) {
-- if (nmemb <= 1)
-- return;
--
-- assert(base);
-- qsort_r(base, nmemb, size, compar, userdata);
--}
--
--#define typesafe_qsort_r(p, n, func, userdata) \
-- ({ \
-- int (*_func_)(const typeof(p[0])*, const typeof(p[0])*, typeof(userdata)) = func; \
-- qsort_r_safe((p), (n), sizeof((p)[0]), (comparison_userdata_fn_t) _func_, userdata); \
-- })
--
- int cmp_int(const int *a, const int *b);
---- a/src/shared/format-table.c
-+++ b/src/shared/format-table.c
-@@ -1324,30 +1324,32 @@ static int cell_data_compare(TableData *
- return CMP(index_a, index_b);
- }
-
--static int table_data_compare(const size_t *a, const size_t *b, Table *t) {
-+static Table *user_table;
-+static int table_data_compare(const void *x, const void *y) {
-+ const size_t *a = x, *b=y;
- int r;
-
-- assert(t);
-- assert(t->sort_map);
-+ assert(user_table);
-+ assert(user_table->sort_map);
-
- /* Make sure the header stays at the beginning */
-- if (*a < t->n_columns && *b < t->n_columns)
-+ if (*a < user_table->n_columns && *b < user_table->n_columns)
- return 0;
-- if (*a < t->n_columns)
-+ if (*a < user_table->n_columns)
- return -1;
-- if (*b < t->n_columns)
-+ if (*b < user_table->n_columns)
- return 1;
-
- /* Order other lines by the sorting map */
-- for (size_t i = 0; i < t->n_sort_map; i++) {
-+ for (size_t i = 0; i < user_table->n_sort_map; i++) {
- TableData *d, *dd;
-
-- d = t->data[*a + t->sort_map[i]];
-- dd = t->data[*b + t->sort_map[i]];
-+ d = user_table->data[*a + user_table->sort_map[i]];
-+ dd = user_table->data[*b + user_table->sort_map[i]];
-
- r = cell_data_compare(d, *a, dd, *b);
- if (r != 0)
-- return t->reverse_map && t->reverse_map[t->sort_map[i]] ? -r : r;
-+ return user_table->reverse_map && user_table->reverse_map[user_table->sort_map[i]] ? -r : r;
- }
-
- /* Order identical lines by the order there were originally added in */
-@@ -2009,7 +2011,12 @@ int table_print(Table *t, FILE *f) {
- for (size_t i = 0; i < n_rows; i++)
- sorted[i] = i * t->n_columns;
-
-- typesafe_qsort_r(sorted, n_rows, table_data_compare, t);
-+ if (n_rows <= 1)
-+ return 0;
-+ assert(sorted);
-+ user_table = t;
-+ qsort(sorted, n_rows, sizeof(size_t), table_data_compare);
-+ user_table = NULL;
- }
-
- if (t->display_map)
-@@ -2647,7 +2654,12 @@ int table_to_json(Table *t, JsonVariant
- for (size_t i = 0; i < n_rows; i++)
- sorted[i] = i * t->n_columns;
-
-- typesafe_qsort_r(sorted, n_rows, table_data_compare, t);
-+ if (n_rows <= 1)
-+ return 0;
-+ assert(sorted);
-+ user_table = t;
-+ qsort(sorted, n_rows, sizeof(size_t), table_data_compare);
-+ user_table = NULL;
- }
-
- if (t->display_map)
---- a/src/shared/hwdb-util.c
-+++ b/src/shared/hwdb-util.c
-@@ -127,9 +127,13 @@ static struct trie* trie_free(struct tri
-
- DEFINE_TRIVIAL_CLEANUP_FUNC(struct trie*, trie_free);
-
--static int trie_values_cmp(const struct trie_value_entry *a, const struct trie_value_entry *b, struct trie *trie) {
-- return strcmp(trie->strings->buf + a->key_off,
-- trie->strings->buf + b->key_off);
-+static struct trie *trie_node_add_value_trie;
-+static int trie_values_cmp(const void *v1, const void *v2) {
-+ const struct trie_value_entry *a = v1;
-+ const struct trie_value_entry *b = v2;
-+
-+ return strcmp(trie_node_add_value_trie->strings->buf + a->key_off,
-+ trie_node_add_value_trie->strings->buf + b->key_off);
- }
-
- static int trie_node_add_value(struct trie *trie, struct trie_node *node,
-@@ -157,7 +161,10 @@ static int trie_node_add_value(struct tr
- .value_off = v,
- };
-
-- val = typesafe_bsearch_r(&search, node->values, node->values_count, trie_values_cmp, trie);
-+ trie_node_add_value_trie = trie;
-+ val = bsearch(&search, node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp);
-+ trie_node_add_value_trie = NULL;
-+
- if (val) {
- /* At this point we have 2 identical properties on the same match-string.
- * Since we process files in order, we just replace the previous value. */
-@@ -183,7 +190,9 @@ static int trie_node_add_value(struct tr
- .line_number = line_number,
- };
- node->values_count++;
-- typesafe_qsort_r(node->values, node->values_count, trie_values_cmp, trie);
-+ trie_node_add_value_trie = trie;
-+ qsort(node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp);
-+ trie_node_add_value_trie = NULL;
- return 0;
- }
-
diff --git a/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch b/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-comparison_fn_t.patch
similarity index 64%
rename from poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch
rename to poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-comparison_fn_t.patch
index f3edc7d..c28c838 100644
--- a/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-comparison_fn_t.patch
@@ -1,10 +1,9 @@
-From 3b42a888685aee1776a12cff84a5fe0063378483 Mon Sep 17 00:00:00 2001
+From 5513b918d02900a3a78fd0e0300a118b163edfef Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 13:55:12 +0800
-Subject: [PATCH] missing_type.h: add __compare_fn_t and comparison_fn_t
+Subject: [PATCH] missing_type.h: add comparison_fn_t
-Make it work with musl where comparison_fn_t and __compare_fn_t
-is not provided.
+Make it work with musl where comparison_fn_t and is not provided.
Upstream-Status: Inappropriate [musl specific]
@@ -13,17 +12,19 @@
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
[Rebased for v242]
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
-
+[Rebased for v250, Drop __compare_fn_t]
+Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
---
- src/basic/missing_type.h | 9 +++++++++
+ src/basic/missing_type.h | 4 ++++
src/basic/sort-util.h | 1 +
- src/core/kmod-setup.c | 1 +
src/libsystemd/sd-journal/catalog.c | 1 +
- 4 files changed, 12 insertions(+)
+ 3 files changed, 6 insertions(+)
+diff --git a/src/basic/missing_type.h b/src/basic/missing_type.h
+index f6233090a9..6c0456349d 100644
--- a/src/basic/missing_type.h
+++ b/src/basic/missing_type.h
-@@ -10,3 +10,12 @@
+@@ -10,3 +10,7 @@
#if !HAVE_CHAR16_T
#define char16_t uint16_t
#endif
@@ -31,11 +32,8 @@
+#ifndef __GLIBC__
+typedef int (*comparison_fn_t)(const void *, const void *);
+#endif
-+
-+#ifndef __COMPAR_FN_T
-+#define __COMPAR_FN_T
-+typedef int (*__compar_fn_t)(const void *, const void *);
-+#endif
+diff --git a/src/basic/sort-util.h b/src/basic/sort-util.h
+index 02a6784d99..0b33c83d59 100644
--- a/src/basic/sort-util.h
+++ b/src/basic/sort-util.h
@@ -4,6 +4,7 @@
@@ -46,16 +44,8 @@
/* This is the same as glibc's internal __compar_d_fn_t type. glibc exports a public comparison_fn_t, for the
* external type __compar_fn_t, but doesn't do anything similar for __compar_d_fn_t. Let's hence do that
---- a/src/core/kmod-setup.c
-+++ b/src/core/kmod-setup.c
-@@ -10,6 +10,7 @@
- #include "macro.h"
- #include "recurse-dir.h"
- #include "string-util.h"
-+#include "missing_type.h"
-
- #if HAVE_KMOD
- #include "module-util.h"
+diff --git a/src/libsystemd/sd-journal/catalog.c b/src/libsystemd/sd-journal/catalog.c
+index 8fc87b131a..36a6efdbd8 100644
--- a/src/libsystemd/sd-journal/catalog.c
+++ b/src/libsystemd/sd-journal/catalog.c
@@ -28,6 +28,7 @@
@@ -66,3 +56,6 @@
const char * const catalog_file_dirs[] = {
"/usr/local/lib/systemd/catalog/",
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch b/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch
index d93f630..1bd538b 100644
--- a/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch
@@ -1,4 +1,4 @@
-From 3e0df2c22bfd37bc62bf09a01ec498e40d3599de Mon Sep 17 00:00:00 2001
+From 3d9910dcda697b1e361bba49c99050ee0d116742 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Sat, 22 May 2021 20:26:24 +0200
Subject: [PATCH] add fallback parse_printf_format implementation
@@ -22,6 +22,8 @@
create mode 100644 src/basic/parse-printf-format.c
create mode 100644 src/basic/parse-printf-format.h
+diff --git a/meson.build b/meson.build
+index cb9936ee8b..ae53345260 100644
--- a/meson.build
+++ b/meson.build
@@ -686,6 +686,7 @@ endif
@@ -32,9 +34,11 @@
'sys/auxv.h',
'valgrind/memcheck.h',
'valgrind/valgrind.h',
+diff --git a/src/basic/meson.build b/src/basic/meson.build
+index 49e1e7f43e..4131494bfa 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
-@@ -335,6 +335,11 @@ endforeach
+@@ -334,6 +334,11 @@ endforeach
basic_sources += generated_gperf_headers
@@ -46,6 +50,9 @@
############################################################
arch_list = [
+diff --git a/src/basic/parse-printf-format.c b/src/basic/parse-printf-format.c
+new file mode 100644
+index 0000000000..49437e5445
--- /dev/null
+++ b/src/basic/parse-printf-format.c
@@ -0,0 +1,273 @@
@@ -322,6 +329,9 @@
+
+ return last;
+}
+diff --git a/src/basic/parse-printf-format.h b/src/basic/parse-printf-format.h
+new file mode 100644
+index 0000000000..47be7522d7
--- /dev/null
+++ b/src/basic/parse-printf-format.h
@@ -0,0 +1,57 @@
@@ -382,6 +392,8 @@
+size_t parse_printf_format(const char *fmt, size_t n, int *types);
+
+#endif /* HAVE_PRINTF_H */
+diff --git a/src/basic/stdio-util.h b/src/basic/stdio-util.h
+index 69d7062ec6..f55c5aab2c 100644
--- a/src/basic/stdio-util.h
+++ b/src/basic/stdio-util.h
@@ -1,13 +1,13 @@
@@ -399,6 +411,8 @@
#define snprintf_ok(buf, len, fmt, ...) \
({ \
+diff --git a/src/libsystemd/sd-journal/journal-send.c b/src/libsystemd/sd-journal/journal-send.c
+index 1e10ed5524..e6ceba54f9 100644
--- a/src/libsystemd/sd-journal/journal-send.c
+++ b/src/libsystemd/sd-journal/journal-send.c
@@ -2,7 +2,6 @@
@@ -409,7 +423,7 @@
#include <stddef.h>
#include <sys/un.h>
#include <unistd.h>
-@@ -21,6 +20,7 @@
+@@ -25,6 +24,7 @@
#include "stdio-util.h"
#include "string-util.h"
#include "tmpfile-util.h"
diff --git a/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch b/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch
index 36545c2..680930c 100644
--- a/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch
@@ -1,4 +1,4 @@
-From cef23a651ea200e30e1e6ed2a2564505e3a42d46 Mon Sep 17 00:00:00 2001
+From 106b7bd7186c9d6c1dcd72bd4ca6457d3fa72d0b Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 14:18:21 +0800
Subject: [PATCH] src/basic/missing.h: check for missing strndupa
@@ -17,7 +17,6 @@
[rebased for systemd 244]
[Rebased for v247]
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
-
---
meson.build | 1 +
src/backlight/backlight.c | 1 +
@@ -41,6 +40,7 @@
src/core/kmod-setup.c | 1 +
src/core/service.c | 1 +
src/coredump/coredump-vacuum.c | 1 +
+ src/fstab-generator/fstab-generator.c | 1 +
src/journal-remote/journal-remote-main.c | 1 +
src/journal/journalctl.c | 1 +
src/libsystemd/sd-bus/bus-message.c | 1 +
@@ -70,11 +70,13 @@
src/udev/udev-builtin-path_id.c | 1 +
src/udev/udev-event.c | 1 +
src/udev/udev-rules.c | 1 +
- 51 files changed, 62 insertions(+)
+ 52 files changed, 63 insertions(+)
+diff --git a/meson.build b/meson.build
+index cb9936ee8b..7ab201c6d9 100644
--- a/meson.build
+++ b/meson.build
-@@ -507,6 +507,7 @@ foreach ident : ['secure_getenv', '__sec
+@@ -507,6 +507,7 @@ foreach ident : ['secure_getenv', '__secure_getenv']
endforeach
foreach ident : [
@@ -82,6 +84,8 @@
['memfd_create', '''#include <sys/mman.h>'''],
['gettid', '''#include <sys/types.h>
#include <unistd.h>'''],
+diff --git a/src/backlight/backlight.c b/src/backlight/backlight.c
+index 5a3095cbba..22cfa4d526 100644
--- a/src/backlight/backlight.c
+++ b/src/backlight/backlight.c
@@ -19,6 +19,7 @@
@@ -92,6 +96,8 @@
static int help(void) {
_cleanup_free_ char *link = NULL;
+diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
+index a626ecf2e2..f7dc6c8421 100644
--- a/src/basic/cgroup-util.c
+++ b/src/basic/cgroup-util.c
@@ -37,6 +37,7 @@
@@ -102,6 +108,8 @@
static int cg_enumerate_items(const char *controller, const char *path, FILE **_f, const char *item) {
_cleanup_free_ char *fs = NULL;
+diff --git a/src/basic/env-util.c b/src/basic/env-util.c
+index 885967e7f3..d0b7dc845e 100644
--- a/src/basic/env-util.c
+++ b/src/basic/env-util.c
@@ -19,6 +19,7 @@
@@ -112,6 +120,8 @@
/* We follow bash for the character set. Different shells have different rules. */
#define VALID_BASH_ENV_NAME_CHARS \
+diff --git a/src/basic/log.c b/src/basic/log.c
+index 12071e2ebd..15254c7bbc 100644
--- a/src/basic/log.c
+++ b/src/basic/log.c
@@ -36,6 +36,7 @@
@@ -122,6 +132,8 @@
#define SNDBUF_SIZE (8*1024*1024)
+diff --git a/src/basic/missing_stdlib.h b/src/basic/missing_stdlib.h
+index 8c76f93eb2..9068bfb4f0 100644
--- a/src/basic/missing_stdlib.h
+++ b/src/basic/missing_stdlib.h
@@ -11,3 +11,15 @@
@@ -140,6 +152,8 @@
+ (char *)memcpy(__new, __old, __len); \
+ })
+#endif
+diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
+index 51a0d74e87..03569f71f8 100644
--- a/src/basic/mkdir.c
+++ b/src/basic/mkdir.c
@@ -15,6 +15,7 @@
@@ -150,6 +164,8 @@
int mkdir_safe_internal(
const char *path,
+diff --git a/src/basic/mountpoint-util.c b/src/basic/mountpoint-util.c
+index 82a33a6829..d947774b40 100644
--- a/src/basic/mountpoint-util.c
+++ b/src/basic/mountpoint-util.c
@@ -13,6 +13,7 @@
@@ -160,6 +176,8 @@
#include "mountpoint-util.h"
#include "nulstr-util.h"
#include "parse-util.h"
+diff --git a/src/basic/parse-util.c b/src/basic/parse-util.c
+index 2888ab6523..d941afec2d 100644
--- a/src/basic/parse-util.c
+++ b/src/basic/parse-util.c
@@ -18,6 +18,7 @@
@@ -170,6 +188,8 @@
int parse_boolean(const char *v) {
if (!v)
+diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c
+index 6fb8c40e7a..c4b59e8518 100644
--- a/src/basic/path-lookup.c
+++ b/src/basic/path-lookup.c
@@ -16,6 +16,7 @@
@@ -180,6 +200,8 @@
int xdg_user_runtime_dir(char **ret, const char *suffix) {
const char *e;
+diff --git a/src/basic/percent-util.c b/src/basic/percent-util.c
+index cab9d0eaea..5f6ca258e9 100644
--- a/src/basic/percent-util.c
+++ b/src/basic/percent-util.c
@@ -3,6 +3,7 @@
@@ -190,6 +212,8 @@
static int parse_parts_value_whole(const char *p, const char *symbol) {
const char *pc, *n;
+diff --git a/src/basic/proc-cmdline.c b/src/basic/proc-cmdline.c
+index 410b8a3eb5..f2c4355609 100644
--- a/src/basic/proc-cmdline.c
+++ b/src/basic/proc-cmdline.c
@@ -15,6 +15,7 @@
@@ -200,6 +224,8 @@
int proc_cmdline(char **ret) {
const char *e;
+diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c
+index 65f96abb06..e485a0196b 100644
--- a/src/basic/procfs-util.c
+++ b/src/basic/procfs-util.c
@@ -12,6 +12,7 @@
@@ -210,6 +236,8 @@
int procfs_get_pid_max(uint64_t *ret) {
_cleanup_free_ char *value = NULL;
+diff --git a/src/basic/time-util.c b/src/basic/time-util.c
+index b659d6905d..020112be24 100644
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@@ -26,6 +26,7 @@
@@ -220,6 +248,8 @@
static clockid_t map_clock_id(clockid_t c) {
+diff --git a/src/boot/bless-boot.c b/src/boot/bless-boot.c
+index 9e4b0d1f72..d640316ff7 100644
--- a/src/boot/bless-boot.c
+++ b/src/boot/bless-boot.c
@@ -19,6 +19,7 @@
@@ -230,356 +260,8 @@
static char **arg_path = NULL;
---- a/src/core/dbus-execute.c
-+++ b/src/core/dbus-execute.c
-@@ -44,6 +44,7 @@
- #include "unit-printf.h"
- #include "user-util.h"
- #include "utf8.h"
-+#include "missing_stdlib.h"
-
- BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_exec_output, exec_output, ExecOutput);
- static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_input, exec_input, ExecInput);
---- a/src/core/dbus-util.c
-+++ b/src/core/dbus-util.c
-@@ -9,6 +9,7 @@
- #include "unit-printf.h"
- #include "user-util.h"
- #include "unit.h"
-+#include "missing_stdlib.h"
-
- int bus_property_get_triggered_unit(
- sd_bus *bus,
---- a/src/core/execute.c
-+++ b/src/core/execute.c
-@@ -102,6 +102,7 @@
- #include "unit-serialize.h"
- #include "user-util.h"
- #include "utmp-wtmp.h"
-+#include "missing_stdlib.h"
-
- #define IDLE_TIMEOUT_USEC (5*USEC_PER_SEC)
- #define IDLE_TIMEOUT2_USEC (1*USEC_PER_SEC)
---- a/src/core/kmod-setup.c
-+++ b/src/core/kmod-setup.c
-@@ -11,6 +11,7 @@
- #include "recurse-dir.h"
- #include "string-util.h"
- #include "missing_type.h"
-+#include "missing_stdlib.h"
-
- #if HAVE_KMOD
- #include "module-util.h"
---- a/src/core/service.c
-+++ b/src/core/service.c
-@@ -42,6 +42,7 @@
- #include "unit.h"
- #include "utf8.h"
- #include "util.h"
-+#include "missing_stdlib.h"
-
- static const UnitActiveState state_translation_table[_SERVICE_STATE_MAX] = {
- [SERVICE_DEAD] = UNIT_INACTIVE,
---- a/src/coredump/coredump-vacuum.c
-+++ b/src/coredump/coredump-vacuum.c
-@@ -16,6 +16,7 @@
- #include "string-util.h"
- #include "time-util.h"
- #include "user-util.h"
-+#include "missing_stdlib.h"
-
- #define DEFAULT_MAX_USE_LOWER (uint64_t) (1ULL*1024ULL*1024ULL) /* 1 MiB */
- #define DEFAULT_MAX_USE_UPPER (uint64_t) (4ULL*1024ULL*1024ULL*1024ULL) /* 4 GiB */
---- a/src/journal-remote/journal-remote-main.c
-+++ b/src/journal-remote/journal-remote-main.c
-@@ -24,6 +24,7 @@
- #include "stat-util.h"
- #include "string-table.h"
- #include "strv.h"
-+#include "missing_stdlib.h"
-
- #define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem"
- #define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem"
---- a/src/journal/journalctl.c
-+++ b/src/journal/journalctl.c
-@@ -73,6 +73,7 @@
- #include "unit-name.h"
- #include "user-util.h"
- #include "varlink.h"
-+#include "missing_stdlib.h"
-
- #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
- #define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */
---- a/src/libsystemd/sd-bus/bus-message.c
-+++ b/src/libsystemd/sd-bus/bus-message.c
-@@ -20,6 +20,7 @@
- #include "strv.h"
- #include "time-util.h"
- #include "utf8.h"
-+#include "missing_stdlib.h"
-
- static int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored);
-
---- a/src/libsystemd/sd-bus/bus-objects.c
-+++ b/src/libsystemd/sd-bus/bus-objects.c
-@@ -12,6 +12,7 @@
- #include "set.h"
- #include "string-util.h"
- #include "strv.h"
-+#include "missing_stdlib.h"
-
- static int node_vtable_get_userdata(
- sd_bus *bus,
---- a/src/libsystemd/sd-bus/bus-socket.c
-+++ b/src/libsystemd/sd-bus/bus-socket.c
-@@ -28,6 +28,7 @@
- #include "string-util.h"
- #include "user-util.h"
- #include "utf8.h"
-+#include "missing_stdlib.h"
-
- #define SNDBUF_SIZE (8*1024*1024)
-
---- a/src/libsystemd/sd-bus/sd-bus.c
-+++ b/src/libsystemd/sd-bus/sd-bus.c
-@@ -43,6 +43,7 @@
- #include "string-util.h"
- #include "strv.h"
- #include "user-util.h"
-+#include "missing_stdlib.h"
-
- #define log_debug_bus_message(m) \
- do { \
---- a/src/libsystemd/sd-bus/test-bus-benchmark.c
-+++ b/src/libsystemd/sd-bus/test-bus-benchmark.c
-@@ -14,6 +14,7 @@
- #include "string-util.h"
- #include "time-util.h"
- #include "util.h"
-+#include "missing_stdlib.h"
-
- #define MAX_SIZE (2*1024*1024)
-
---- a/src/libsystemd/sd-journal/sd-journal.c
-+++ b/src/libsystemd/sd-journal/sd-journal.c
-@@ -41,6 +41,7 @@
- #include "string-util.h"
- #include "strv.h"
- #include "syslog-util.h"
-+#include "missing_stdlib.h"
-
- #define JOURNAL_FILES_MAX 7168
-
---- a/src/locale/keymap-util.c
-+++ b/src/locale/keymap-util.c
-@@ -24,6 +24,7 @@
- #include "string-util.h"
- #include "strv.h"
- #include "tmpfile-util.h"
-+#include "missing_stdlib.h"
-
- static bool startswith_comma(const char *s, const char *prefix) {
- s = startswith(s, prefix);
---- a/src/login/pam_systemd.c
-+++ b/src/login/pam_systemd.c
-@@ -31,6 +31,7 @@
- #include "locale-util.h"
- #include "login-util.h"
- #include "macro.h"
-+#include "missing_stdlib.h"
- #include "pam-util.h"
- #include "parse-util.h"
- #include "path-util.h"
---- a/src/network/generator/network-generator.c
-+++ b/src/network/generator/network-generator.c
-@@ -13,6 +13,7 @@
- #include "string-table.h"
- #include "string-util.h"
- #include "strv.h"
-+#include "missing_stdlib.h"
-
- /*
- # .network
---- a/src/nspawn/nspawn-settings.c
-+++ b/src/nspawn/nspawn-settings.c
-@@ -17,6 +17,7 @@
- #include "strv.h"
- #include "user-util.h"
- #include "util.h"
-+#include "missing_stdlib.h"
-
- Settings *settings_new(void) {
- Settings *s;
---- a/src/nss-mymachines/nss-mymachines.c
-+++ b/src/nss-mymachines/nss-mymachines.c
-@@ -21,6 +21,7 @@
- #include "nss-util.h"
- #include "signal-util.h"
- #include "string-util.h"
-+#include "missing_stdlib.h"
-
- static void setup_logging_once(void) {
- static pthread_once_t once = PTHREAD_ONCE_INIT;
---- a/src/portable/portable.c
-+++ b/src/portable/portable.c
-@@ -39,6 +39,7 @@
- #include "strv.h"
- #include "tmpfile-util.h"
- #include "user-util.h"
-+#include "missing_stdlib.h"
-
- /* Markers used in the first line of our 20-portable.conf unit file drop-in to determine, that a) the unit file was
- * dropped there by the portable service logic and b) for which image it was dropped there. */
---- a/src/resolve/resolvectl.c
-+++ b/src/resolve/resolvectl.c
-@@ -43,6 +43,7 @@
- #include "utf8.h"
- #include "verb-log-control.h"
- #include "verbs.h"
-+#include "missing_stdlib.h"
-
- static int arg_family = AF_UNSPEC;
- static int arg_ifindex = 0;
---- a/src/shared/bus-get-properties.c
-+++ b/src/shared/bus-get-properties.c
-@@ -4,6 +4,7 @@
- #include "rlimit-util.h"
- #include "stdio-util.h"
- #include "string-util.h"
-+#include "missing_stdlib.h"
-
- int bus_property_get_bool(
- sd_bus *bus,
---- a/src/shared/bus-unit-procs.c
-+++ b/src/shared/bus-unit-procs.c
-@@ -10,6 +10,7 @@
- #include "sort-util.h"
- #include "string-util.h"
- #include "terminal-util.h"
-+#include "missing_stdlib.h"
-
- struct CGroupInfo {
- char *cgroup_path;
---- a/src/shared/bus-unit-util.c
-+++ b/src/shared/bus-unit-util.c
-@@ -49,6 +49,7 @@
- #include "unit-def.h"
- #include "user-util.h"
- #include "utf8.h"
-+#include "missing_stdlib.h"
-
- int bus_parse_unit_info(sd_bus_message *message, UnitInfo *u) {
- assert(message);
---- a/src/shared/bus-util.c
-+++ b/src/shared/bus-util.c
-@@ -21,6 +21,7 @@
- #include "path-util.h"
- #include "socket-util.h"
- #include "stdio-util.h"
-+#include "missing_stdlib.h"
-
- static int name_owner_change_callback(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
- sd_event *e = userdata;
---- a/src/shared/dns-domain.c
-+++ b/src/shared/dns-domain.c
-@@ -17,6 +17,7 @@
- #include "string-util.h"
- #include "strv.h"
- #include "utf8.h"
-+#include "missing_stdlib.h"
-
- int dns_label_unescape(const char **name, char *dest, size_t sz, DNSLabelFlags flags) {
- const char *n;
---- a/src/shared/journal-importer.c
-+++ b/src/shared/journal-importer.c
-@@ -15,6 +15,7 @@
- #include "parse-util.h"
- #include "string-util.h"
- #include "unaligned.h"
-+#include "missing_stdlib.h"
-
- enum {
- IMPORTER_STATE_LINE = 0, /* waiting to read, or reading line */
---- a/src/shared/logs-show.c
-+++ b/src/shared/logs-show.c
-@@ -42,6 +42,7 @@
- #include "utf8.h"
- #include "util.h"
- #include "web-util.h"
-+#include "missing_stdlib.h"
-
- /* up to three lines (each up to 100 characters) or 300 characters, whichever is less */
- #define PRINT_LINE_THRESHOLD 3
---- a/src/shared/pager.c
-+++ b/src/shared/pager.c
-@@ -26,6 +26,7 @@
- #include "strv.h"
- #include "terminal-util.h"
- #include "util.h"
-+#include "missing_stdlib.h"
-
- static pid_t pager_pid = 0;
-
---- a/src/shared/uid-range.c
-+++ b/src/shared/uid-range.c
-@@ -9,6 +9,7 @@
- #include "sort-util.h"
- #include "uid-range.h"
- #include "user-util.h"
-+#include "missing_stdlib.h"
-
- static bool uid_range_intersect(UidRange *range, uid_t start, uid_t nr) {
- assert(range);
---- a/src/socket-proxy/socket-proxyd.c
-+++ b/src/socket-proxy/socket-proxyd.c
-@@ -26,6 +26,7 @@
- #include "socket-util.h"
- #include "string-util.h"
- #include "util.h"
-+#include "missing_stdlib.h"
-
- #define BUFFER_SIZE (256 * 1024)
-
---- a/src/test/test-hexdecoct.c
-+++ b/src/test/test-hexdecoct.c
-@@ -7,6 +7,7 @@
- #include "macro.h"
- #include "random-util.h"
- #include "string-util.h"
-+#include "missing_stdlib.h"
- #include "tests.h"
-
- TEST(hexchar) {
---- a/src/udev/udev-builtin-path_id.c
-+++ b/src/udev/udev-builtin-path_id.c
-@@ -22,6 +22,7 @@
- #include "sysexits.h"
- #include "udev-builtin.h"
- #include "udev-util.h"
-+#include "missing_stdlib.h"
-
- _printf_(2,3)
- static void path_prepend(char **path, const char *fmt, ...) {
---- a/src/udev/udev-event.c
-+++ b/src/udev/udev-event.c
-@@ -35,6 +35,7 @@
- #include "udev-util.h"
- #include "udev-watch.h"
- #include "user-util.h"
-+#include "missing_stdlib.h"
-
- typedef struct Spawn {
- sd_device *device;
---- a/src/udev/udev-rules.c
-+++ b/src/udev/udev-rules.c
-@@ -34,6 +34,7 @@
- #include "udev-util.h"
- #include "user-util.h"
- #include "virt.h"
-+#include "missing_stdlib.h"
-
- #define RULES_DIRS (const char* const*) CONF_PATHS_STRV("udev/rules.d")
-
+diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c
+index f0d8759e85..b4c1053e64 100644
--- a/src/core/dbus-cgroup.c
+++ b/src/core/dbus-cgroup.c
@@ -21,6 +21,7 @@
@@ -590,6 +272,80 @@
#include "socket-util.h"
BUS_DEFINE_PROPERTY_GET(bus_property_get_tasks_max, "t", TasksMax, tasks_max_resolve);
+diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
+index 5c499e5d06..e7ab1bb9a5 100644
+--- a/src/core/dbus-execute.c
++++ b/src/core/dbus-execute.c
+@@ -44,6 +44,7 @@
+ #include "unit-printf.h"
+ #include "user-util.h"
+ #include "utf8.h"
++#include "missing_stdlib.h"
+
+ BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_exec_output, exec_output, ExecOutput);
+ static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_input, exec_input, ExecInput);
+diff --git a/src/core/dbus-util.c b/src/core/dbus-util.c
+index 32a2ec0ff9..36be2511e4 100644
+--- a/src/core/dbus-util.c
++++ b/src/core/dbus-util.c
+@@ -9,6 +9,7 @@
+ #include "unit-printf.h"
+ #include "user-util.h"
+ #include "unit.h"
++#include "missing_stdlib.h"
+
+ int bus_property_get_triggered_unit(
+ sd_bus *bus,
+diff --git a/src/core/execute.c b/src/core/execute.c
+index 0b20d386d3..fccfb9268c 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -102,6 +102,7 @@
+ #include "unit-serialize.h"
+ #include "user-util.h"
+ #include "utmp-wtmp.h"
++#include "missing_stdlib.h"
+
+ #define IDLE_TIMEOUT_USEC (5*USEC_PER_SEC)
+ #define IDLE_TIMEOUT2_USEC (1*USEC_PER_SEC)
+diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c
+index d054668b8e..9b4caa7651 100644
+--- a/src/core/kmod-setup.c
++++ b/src/core/kmod-setup.c
+@@ -10,6 +10,7 @@
+ #include "macro.h"
+ #include "recurse-dir.h"
+ #include "string-util.h"
++#include "missing_stdlib.h"
+
+ #if HAVE_KMOD
+ #include "module-util.h"
+diff --git a/src/core/service.c b/src/core/service.c
+index 87f0d34c8c..ccda3feb29 100644
+--- a/src/core/service.c
++++ b/src/core/service.c
+@@ -42,6 +42,7 @@
+ #include "unit.h"
+ #include "utf8.h"
+ #include "util.h"
++#include "missing_stdlib.h"
+
+ static const UnitActiveState state_translation_table[_SERVICE_STATE_MAX] = {
+ [SERVICE_DEAD] = UNIT_INACTIVE,
+diff --git a/src/coredump/coredump-vacuum.c b/src/coredump/coredump-vacuum.c
+index dcf9cc03cd..8f8d992ec2 100644
+--- a/src/coredump/coredump-vacuum.c
++++ b/src/coredump/coredump-vacuum.c
+@@ -16,6 +16,7 @@
+ #include "string-util.h"
+ #include "time-util.h"
+ #include "user-util.h"
++#include "missing_stdlib.h"
+
+ #define DEFAULT_MAX_USE_LOWER (uint64_t) (1ULL*1024ULL*1024ULL) /* 1 MiB */
+ #define DEFAULT_MAX_USE_UPPER (uint64_t) (4ULL*1024ULL*1024ULL*1024ULL) /* 4 GiB */
+diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c
+index 9b32383a76..f8d3397a06 100644
--- a/src/fstab-generator/fstab-generator.c
+++ b/src/fstab-generator/fstab-generator.c
@@ -29,6 +29,7 @@
@@ -600,3 +356,354 @@
typedef enum MountPointFlags {
MOUNT_NOAUTO = 1 << 0,
+diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
+index 3e3646e45f..6a8fc60f6d 100644
+--- a/src/journal-remote/journal-remote-main.c
++++ b/src/journal-remote/journal-remote-main.c
+@@ -24,6 +24,7 @@
+ #include "stat-util.h"
+ #include "string-table.h"
+ #include "strv.h"
++#include "missing_stdlib.h"
+
+ #define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem"
+ #define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem"
+diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
+index 3c4a7c0a7a..6a792404f2 100644
+--- a/src/journal/journalctl.c
++++ b/src/journal/journalctl.c
+@@ -73,6 +73,7 @@
+ #include "unit-name.h"
+ #include "user-util.h"
+ #include "varlink.h"
++#include "missing_stdlib.h"
+
+ #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
+ #define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */
+diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c
+index 96529b422b..ddb5e9c698 100644
+--- a/src/libsystemd/sd-bus/bus-message.c
++++ b/src/libsystemd/sd-bus/bus-message.c
+@@ -20,6 +20,7 @@
+ #include "strv.h"
+ #include "time-util.h"
+ #include "utf8.h"
++#include "missing_stdlib.h"
+
+ static int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored);
+
+diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
+index 28d8336718..5d3ce88a53 100644
+--- a/src/libsystemd/sd-bus/bus-objects.c
++++ b/src/libsystemd/sd-bus/bus-objects.c
+@@ -12,6 +12,7 @@
+ #include "set.h"
+ #include "string-util.h"
+ #include "strv.h"
++#include "missing_stdlib.h"
+
+ static int node_vtable_get_userdata(
+ sd_bus *bus,
+diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
+index 14951ccb33..b7f86ca501 100644
+--- a/src/libsystemd/sd-bus/bus-socket.c
++++ b/src/libsystemd/sd-bus/bus-socket.c
+@@ -28,6 +28,7 @@
+ #include "string-util.h"
+ #include "user-util.h"
+ #include "utf8.h"
++#include "missing_stdlib.h"
+
+ #define SNDBUF_SIZE (8*1024*1024)
+
+diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
+index 9e1d29cc1d..8c3165f0ce 100644
+--- a/src/libsystemd/sd-bus/sd-bus.c
++++ b/src/libsystemd/sd-bus/sd-bus.c
+@@ -43,6 +43,7 @@
+ #include "string-util.h"
+ #include "strv.h"
+ #include "user-util.h"
++#include "missing_stdlib.h"
+
+ #define log_debug_bus_message(m) \
+ do { \
+diff --git a/src/libsystemd/sd-bus/test-bus-benchmark.c b/src/libsystemd/sd-bus/test-bus-benchmark.c
+index 317653bedc..d028216c48 100644
+--- a/src/libsystemd/sd-bus/test-bus-benchmark.c
++++ b/src/libsystemd/sd-bus/test-bus-benchmark.c
+@@ -14,6 +14,7 @@
+ #include "string-util.h"
+ #include "time-util.h"
+ #include "util.h"
++#include "missing_stdlib.h"
+
+ #define MAX_SIZE (2*1024*1024)
+
+diff --git a/src/libsystemd/sd-journal/sd-journal.c b/src/libsystemd/sd-journal/sd-journal.c
+index 7a6cc4aca3..b7f7cd65c5 100644
+--- a/src/libsystemd/sd-journal/sd-journal.c
++++ b/src/libsystemd/sd-journal/sd-journal.c
+@@ -41,6 +41,7 @@
+ #include "string-util.h"
+ #include "strv.h"
+ #include "syslog-util.h"
++#include "missing_stdlib.h"
+
+ #define JOURNAL_FILES_MAX 7168
+
+diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c
+index 10d2ed7aec..4fbe3f6b4a 100644
+--- a/src/locale/keymap-util.c
++++ b/src/locale/keymap-util.c
+@@ -24,6 +24,7 @@
+ #include "string-util.h"
+ #include "strv.h"
+ #include "tmpfile-util.h"
++#include "missing_stdlib.h"
+
+ static bool startswith_comma(const char *s, const char *prefix) {
+ s = startswith(s, prefix);
+diff --git a/src/login/pam_systemd.c b/src/login/pam_systemd.c
+index 5bd7efc3e8..282899601e 100644
+--- a/src/login/pam_systemd.c
++++ b/src/login/pam_systemd.c
+@@ -31,6 +31,7 @@
+ #include "locale-util.h"
+ #include "login-util.h"
+ #include "macro.h"
++#include "missing_stdlib.h"
+ #include "pam-util.h"
+ #include "parse-util.h"
+ #include "path-util.h"
+diff --git a/src/network/generator/network-generator.c b/src/network/generator/network-generator.c
+index 063ad08d80..f9823a433b 100644
+--- a/src/network/generator/network-generator.c
++++ b/src/network/generator/network-generator.c
+@@ -13,6 +13,7 @@
+ #include "string-table.h"
+ #include "string-util.h"
+ #include "strv.h"
++#include "missing_stdlib.h"
+
+ /*
+ # .network
+diff --git a/src/nspawn/nspawn-settings.c b/src/nspawn/nspawn-settings.c
+index 1f58bf3ed4..8457a3b0e3 100644
+--- a/src/nspawn/nspawn-settings.c
++++ b/src/nspawn/nspawn-settings.c
+@@ -17,6 +17,7 @@
+ #include "strv.h"
+ #include "user-util.h"
+ #include "util.h"
++#include "missing_stdlib.h"
+
+ Settings *settings_new(void) {
+ Settings *s;
+diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c
+index c64e79bdff..eda26b0b9a 100644
+--- a/src/nss-mymachines/nss-mymachines.c
++++ b/src/nss-mymachines/nss-mymachines.c
+@@ -21,6 +21,7 @@
+ #include "nss-util.h"
+ #include "signal-util.h"
+ #include "string-util.h"
++#include "missing_stdlib.h"
+
+ static void setup_logging_once(void) {
+ static pthread_once_t once = PTHREAD_ONCE_INIT;
+diff --git a/src/portable/portable.c b/src/portable/portable.c
+index 0e6461ba93..54148d5924 100644
+--- a/src/portable/portable.c
++++ b/src/portable/portable.c
+@@ -39,6 +39,7 @@
+ #include "strv.h"
+ #include "tmpfile-util.h"
+ #include "user-util.h"
++#include "missing_stdlib.h"
+
+ /* Markers used in the first line of our 20-portable.conf unit file drop-in to determine, that a) the unit file was
+ * dropped there by the portable service logic and b) for which image it was dropped there. */
+diff --git a/src/resolve/resolvectl.c b/src/resolve/resolvectl.c
+index 5b3ceeff36..d36d1d57ae 100644
+--- a/src/resolve/resolvectl.c
++++ b/src/resolve/resolvectl.c
+@@ -43,6 +43,7 @@
+ #include "utf8.h"
+ #include "verb-log-control.h"
+ #include "verbs.h"
++#include "missing_stdlib.h"
+
+ static int arg_family = AF_UNSPEC;
+ static int arg_ifindex = 0;
+diff --git a/src/shared/bus-get-properties.c b/src/shared/bus-get-properties.c
+index 8b4f66b22e..5926e4c61b 100644
+--- a/src/shared/bus-get-properties.c
++++ b/src/shared/bus-get-properties.c
+@@ -4,6 +4,7 @@
+ #include "rlimit-util.h"
+ #include "stdio-util.h"
+ #include "string-util.h"
++#include "missing_stdlib.h"
+
+ int bus_property_get_bool(
+ sd_bus *bus,
+diff --git a/src/shared/bus-unit-procs.c b/src/shared/bus-unit-procs.c
+index 87c0334fec..402ab3493b 100644
+--- a/src/shared/bus-unit-procs.c
++++ b/src/shared/bus-unit-procs.c
+@@ -10,6 +10,7 @@
+ #include "sort-util.h"
+ #include "string-util.h"
+ #include "terminal-util.h"
++#include "missing_stdlib.h"
+
+ struct CGroupInfo {
+ char *cgroup_path;
+diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
+index dcce530c99..faf5a5bda0 100644
+--- a/src/shared/bus-unit-util.c
++++ b/src/shared/bus-unit-util.c
+@@ -49,6 +49,7 @@
+ #include "unit-def.h"
+ #include "user-util.h"
+ #include "utf8.h"
++#include "missing_stdlib.h"
+
+ int bus_parse_unit_info(sd_bus_message *message, UnitInfo *u) {
+ assert(message);
+diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
+index 4a2b7684bc..ee6d687c58 100644
+--- a/src/shared/bus-util.c
++++ b/src/shared/bus-util.c
+@@ -21,6 +21,7 @@
+ #include "path-util.h"
+ #include "socket-util.h"
+ #include "stdio-util.h"
++#include "missing_stdlib.h"
+
+ static int name_owner_change_callback(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
+ sd_event *e = userdata;
+diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c
+index f54b187a1b..299758c7e4 100644
+--- a/src/shared/dns-domain.c
++++ b/src/shared/dns-domain.c
+@@ -17,6 +17,7 @@
+ #include "string-util.h"
+ #include "strv.h"
+ #include "utf8.h"
++#include "missing_stdlib.h"
+
+ int dns_label_unescape(const char **name, char *dest, size_t sz, DNSLabelFlags flags) {
+ const char *n;
+diff --git a/src/shared/journal-importer.c b/src/shared/journal-importer.c
+index c6caf9330a..ebe33bd44a 100644
+--- a/src/shared/journal-importer.c
++++ b/src/shared/journal-importer.c
+@@ -15,6 +15,7 @@
+ #include "parse-util.h"
+ #include "string-util.h"
+ #include "unaligned.h"
++#include "missing_stdlib.h"
+
+ enum {
+ IMPORTER_STATE_LINE = 0, /* waiting to read, or reading line */
+diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
+index cf83eb6bca..e672a003a3 100644
+--- a/src/shared/logs-show.c
++++ b/src/shared/logs-show.c
+@@ -42,6 +42,7 @@
+ #include "utf8.h"
+ #include "util.h"
+ #include "web-util.h"
++#include "missing_stdlib.h"
+
+ /* up to three lines (each up to 100 characters) or 300 characters, whichever is less */
+ #define PRINT_LINE_THRESHOLD 3
+diff --git a/src/shared/pager.c b/src/shared/pager.c
+index f75ef62d2d..530001a821 100644
+--- a/src/shared/pager.c
++++ b/src/shared/pager.c
+@@ -26,6 +26,7 @@
+ #include "strv.h"
+ #include "terminal-util.h"
+ #include "util.h"
++#include "missing_stdlib.h"
+
+ static pid_t pager_pid = 0;
+
+diff --git a/src/shared/uid-range.c b/src/shared/uid-range.c
+index 2c07a1b7a8..2a9d6ef4ab 100644
+--- a/src/shared/uid-range.c
++++ b/src/shared/uid-range.c
+@@ -9,6 +9,7 @@
+ #include "sort-util.h"
+ #include "uid-range.h"
+ #include "user-util.h"
++#include "missing_stdlib.h"
+
+ static bool uid_range_intersect(UidRange *range, uid_t start, uid_t nr) {
+ assert(range);
+diff --git a/src/socket-proxy/socket-proxyd.c b/src/socket-proxy/socket-proxyd.c
+index 7e9ab19666..56f619e54e 100644
+--- a/src/socket-proxy/socket-proxyd.c
++++ b/src/socket-proxy/socket-proxyd.c
+@@ -26,6 +26,7 @@
+ #include "socket-util.h"
+ #include "string-util.h"
+ #include "util.h"
++#include "missing_stdlib.h"
+
+ #define BUFFER_SIZE (256 * 1024)
+
+diff --git a/src/test/test-hexdecoct.c b/src/test/test-hexdecoct.c
+index cc9a7cb838..a679614a47 100644
+--- a/src/test/test-hexdecoct.c
++++ b/src/test/test-hexdecoct.c
+@@ -7,6 +7,7 @@
+ #include "macro.h"
+ #include "random-util.h"
+ #include "string-util.h"
++#include "missing_stdlib.h"
+ #include "tests.h"
+
+ TEST(hexchar) {
+diff --git a/src/udev/udev-builtin-path_id.c b/src/udev/udev-builtin-path_id.c
+index ae92e45205..1e6f3205cb 100644
+--- a/src/udev/udev-builtin-path_id.c
++++ b/src/udev/udev-builtin-path_id.c
+@@ -22,6 +22,7 @@
+ #include "sysexits.h"
+ #include "udev-builtin.h"
+ #include "udev-util.h"
++#include "missing_stdlib.h"
+
+ _printf_(2,3)
+ static void path_prepend(char **path, const char *fmt, ...) {
+diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
+index a60e4f294c..571c43765b 100644
+--- a/src/udev/udev-event.c
++++ b/src/udev/udev-event.c
+@@ -35,6 +35,7 @@
+ #include "udev-util.h"
+ #include "udev-watch.h"
+ #include "user-util.h"
++#include "missing_stdlib.h"
+
+ typedef struct Spawn {
+ sd_device *device;
+diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
+index 1a384d6b38..0089833e3f 100644
+--- a/src/udev/udev-rules.c
++++ b/src/udev/udev-rules.c
+@@ -34,6 +34,7 @@
+ #include "udev-util.h"
+ #include "user-util.h"
+ #include "virt.h"
++#include "missing_stdlib.h"
+
+ #define RULES_DIRS (const char* const*) CONF_PATHS_STRV("udev/rules.d")
+
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch b/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
index 846c01b..b84fbaa 100644
--- a/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
@@ -1,4 +1,4 @@
-From fb068403b25002156435350165ea418a6338a313 Mon Sep 17 00:00:00 2001
+From 74c664bcd6b9a5fcf3466310c07f608d12456f7f Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 14:56:21 +0800
Subject: [PATCH] don't fail if GLOB_BRACE and GLOB_ALTDIRFUNC is not defined
@@ -23,6 +23,8 @@
src/tmpfiles/tmpfiles.c | 10 ++++++++++
3 files changed, 38 insertions(+)
+diff --git a/src/basic/glob-util.c b/src/basic/glob-util.c
+index e026b29478..815e56ef68 100644
--- a/src/basic/glob-util.c
+++ b/src/basic/glob-util.c
@@ -12,6 +12,12 @@
@@ -46,7 +48,7 @@
/* We want to set GLOB_ALTDIRFUNC ourselves, don't allow it to be set. */
assert(!(flags & GLOB_ALTDIRFUNC));
-@@ -32,9 +39,14 @@ int safe_glob(const char *path, int flag
+@@ -32,9 +39,14 @@ int safe_glob(const char *path, int flags, glob_t *pglob) {
pglob->gl_lstat = lstat;
if (!pglob->gl_stat)
pglob->gl_stat = stat;
@@ -61,6 +63,8 @@
if (k == GLOB_NOMATCH)
return -ENOENT;
if (k == GLOB_NOSPACE)
+diff --git a/src/test/test-glob-util.c b/src/test/test-glob-util.c
+index ec8b74f48f..d99a6095df 100644
--- a/src/test/test-glob-util.c
+++ b/src/test/test-glob-util.c
@@ -13,6 +13,12 @@
@@ -110,6 +114,8 @@
assert_se(r == GLOB_NOMATCH);
(void) rm_rf(template, REMOVE_ROOT|REMOVE_PHYSICAL);
+diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
+index fcab51c208..fdef1807ae 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -67,6 +67,12 @@
@@ -135,7 +141,7 @@
};
int r = 0, k;
char **fn;
-@@ -1981,7 +1989,9 @@ static int glob_item(Item *i, action_t a
+@@ -1981,7 +1989,9 @@ static int glob_item(Item *i, action_t action) {
static int glob_item_recursively(Item *i, fdaction_t action) {
_cleanup_globfree_ glob_t g = {
diff --git a/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch b/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch
index 57e18a5..0c0d3d0 100644
--- a/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch
@@ -1,4 +1,4 @@
-From 7ca9887f84adba065dc2e59b3de55ace2fc72ec0 Mon Sep 17 00:00:00 2001
+From a0450f7909348e7ff1d58adc0aee4119a0519c1f Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 15:00:06 +0800
Subject: [PATCH] add missing FTW_ macros for musl
@@ -7,20 +7,26 @@
locale-util.c:296:24: error: 'FTW_STOP' undeclared
+Revisit this when upgrading to 251+ since most of these defines are not
+needed anymore except FTW_CONTINUE
+
Upstream-Status: Inappropriate [musl specific]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
- src/basic/missing_type.h | 20 ++++++++++++++++++++
- src/shared/mount-setup.c | 1 +
- 2 files changed, 21 insertions(+)
+ src/basic/missing_type.h | 20 ++++++++++++++++++++
+ src/shared/mount-setup.c | 1 +
+ src/test/test-recurse-dir.c | 1 +
+ 3 files changed, 22 insertions(+)
+diff --git a/src/basic/missing_type.h b/src/basic/missing_type.h
+index 6c0456349d..5140892e22 100644
--- a/src/basic/missing_type.h
+++ b/src/basic/missing_type.h
-@@ -19,3 +19,23 @@ typedef int (*comparison_fn_t)(const voi
- #define __COMPAR_FN_T
- typedef int (*__compar_fn_t)(const void *, const void *);
+@@ -14,3 +14,23 @@
+ #ifndef __GLIBC__
+ typedef int (*comparison_fn_t)(const void *, const void *);
#endif
+
+#ifndef FTW_ACTIONRETVAL
@@ -42,6 +48,8 @@
+#ifndef FTW_SKIP_SIBLINGS
+#define FTW_SKIP_SIBLINGS 3
+#endif
+diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c
+index 7917968497..cc3d5baaab 100644
--- a/src/shared/mount-setup.c
+++ b/src/shared/mount-setup.c
@@ -32,6 +32,7 @@
@@ -52,6 +60,8 @@
typedef enum MountMode {
MNT_NONE = 0,
+diff --git a/src/test/test-recurse-dir.c b/src/test/test-recurse-dir.c
+index 2c2120b136..bc60a178a2 100644
--- a/src/test/test-recurse-dir.c
+++ b/src/test/test-recurse-dir.c
@@ -6,6 +6,7 @@
diff --git a/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch b/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch
index 0fc3204..e7b7269 100644
--- a/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch
@@ -1,10 +1,13 @@
-From c7453b716ae308b89cf4b2b231a36ddd38a49752 Mon Sep 17 00:00:00 2001
+From 3ca0920429f7eaf8c59f9ac8afd30a43b83d95ed Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 15:03:47 +0800
Subject: [PATCH] fix missing of __register_atfork for non-glibc builds
Upstream-Status: Inappropriate [musl specific]
+Drop this when upgrading to 251+, systemd does not use
+__register_atfork anymore
+
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
@@ -12,7 +15,7 @@
1 file changed, 7 insertions(+)
diff --git a/src/basic/process-util.c b/src/basic/process-util.c
-index 461bbfe9a5..2d06f9f60a 100644
+index c971852158..df6e85b1fc 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -18,6 +18,9 @@
@@ -25,7 +28,7 @@
#include "alloc-util.h"
#include "architecture.h"
-@@ -1202,11 +1205,15 @@ void reset_cached_pid(void) {
+@@ -1161,11 +1164,15 @@ void reset_cached_pid(void) {
cached_pid = CACHED_PID_UNSET;
}
diff --git a/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch b/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch
index 029f413..3a47d09 100644
--- a/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch
@@ -1,4 +1,4 @@
-From 856010e268a6aca8e5f02502457afe289bd877f1 Mon Sep 17 00:00:00 2001
+From 48a791aae7a47a2a08e9e60c18054071a43b8cda Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 15:12:41 +0800
Subject: [PATCH] Use uintmax_t for handling rlim_t
@@ -27,9 +27,11 @@
src/core/execute.c | 4 ++--
3 files changed, 9 insertions(+), 15 deletions(-)
+diff --git a/src/basic/format-util.h b/src/basic/format-util.h
+index 8719df3e29..9becc96066 100644
--- a/src/basic/format-util.h
+++ b/src/basic/format-util.h
-@@ -34,13 +34,7 @@ assert_cc(sizeof(gid_t) == sizeof(uint32
+@@ -34,13 +34,7 @@ assert_cc(sizeof(gid_t) == sizeof(uint32_t));
# error Unknown timex member size
#endif
@@ -44,9 +46,11 @@
#if SIZEOF_DEV_T == 8
# define DEV_FMT "%" PRIu64
+diff --git a/src/basic/rlimit-util.c b/src/basic/rlimit-util.c
+index 33dfde9d6c..e018fd81fd 100644
--- a/src/basic/rlimit-util.c
+++ b/src/basic/rlimit-util.c
-@@ -44,7 +44,7 @@ int setrlimit_closest(int resource, cons
+@@ -44,7 +44,7 @@ int setrlimit_closest(int resource, const struct rlimit *rlim) {
fixed.rlim_max == highest.rlim_max)
return 0;
@@ -55,7 +59,7 @@
return RET_NERRNO(setrlimit(resource, &fixed));
}
-@@ -307,13 +307,13 @@ int rlimit_format(const struct rlimit *r
+@@ -307,13 +307,13 @@ int rlimit_format(const struct rlimit *rl, char **ret) {
if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY)
r = free_and_strdup(&s, "infinity");
else if (rl->rlim_cur >= RLIM_INFINITY)
@@ -82,9 +86,11 @@
return 1;
}
+diff --git a/src/core/execute.c b/src/core/execute.c
+index fccfb9268c..90f00e10a5 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
-@@ -5639,9 +5639,9 @@ void exec_context_dump(const ExecContext
+@@ -5633,9 +5633,9 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
for (unsigned i = 0; i < RLIM_NLIMITS; i++)
if (c->rlimit[i]) {
fprintf(f, "%sLimit%s: " RLIM_FMT "\n",
diff --git a/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch b/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch
index 327084b..7e4587c 100644
--- a/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch
@@ -1,4 +1,4 @@
-From ad395dda5db9b1ae156be121cfc8a38960de6c55 Mon Sep 17 00:00:00 2001
+From e8025c8eefdf1be4bba34c48f3430838f3859c52 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Wed, 28 Feb 2018 21:25:22 -0800
Subject: [PATCH] test-sizeof.c: Disable tests for missing typedefs in musl
@@ -12,6 +12,8 @@
src/test/test-sizeof.c | 4 ++++
1 file changed, 4 insertions(+)
+diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c
+index f349852553..602772227e 100644
--- a/src/test/test-sizeof.c
+++ b/src/test/test-sizeof.c
@@ -55,8 +55,10 @@ int main(void) {
diff --git a/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch b/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
index 0026a7b..6eecd31 100644
--- a/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
@@ -1,4 +1,4 @@
-From 5d4c6b2f4b88b69b31f967371d2a6136c65dc3fd Mon Sep 17 00:00:00 2001
+From 46fdc959257d60d9b32953cae0152ae118f8564b Mon Sep 17 00:00:00 2001
From: Andre McCurdy <armccurdy@gmail.com>
Date: Tue, 10 Oct 2017 14:33:30 -0700
Subject: [PATCH] don't pass AT_SYMLINK_NOFOLLOW flag to faccessat()
@@ -27,13 +27,15 @@
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
- src/basic/fs-util.h | 23 +++++++++++++++++++++--
+ src/basic/fs-util.h | 21 ++++++++++++++++++++-
src/shared/base-filesystem.c | 6 +++---
- 2 files changed, 24 insertions(+), 5 deletions(-)
+ 2 files changed, 23 insertions(+), 4 deletions(-)
+diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h
+index 0bbb3f6298..3dc494dbfb 100644
--- a/src/basic/fs-util.h
+++ b/src/basic/fs-util.h
-@@ -46,8 +46,27 @@ int futimens_opath(int fd, const struct
+@@ -46,8 +46,27 @@ int futimens_opath(int fd, const struct timespec ts[2]);
int fd_warn_permissions(const char *path, int fd);
int stat_warn_permissions(const char *path, const struct stat *st);
@@ -62,9 +64,11 @@
int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode);
int touch(const char *path);
+diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
+index 5f5328c8cf..d396bc99fe 100644
--- a/src/shared/base-filesystem.c
+++ b/src/shared/base-filesystem.c
-@@ -117,7 +117,7 @@ int base_filesystem_create(const char *r
+@@ -117,7 +117,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
return log_error_errno(errno, "Failed to open root file system: %m");
for (size_t i = 0; i < ELEMENTSOF(table); i++) {
@@ -73,7 +77,7 @@
continue;
if (table[i].target) {
-@@ -125,7 +125,7 @@ int base_filesystem_create(const char *r
+@@ -125,7 +125,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
/* check if one of the targets exists */
NULSTR_FOREACH(s, table[i].target) {
@@ -82,7 +86,7 @@
continue;
/* check if a specific file exists at the target path */
-@@ -136,7 +136,7 @@ int base_filesystem_create(const char *r
+@@ -136,7 +136,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
if (!p)
return log_oom();
diff --git a/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch b/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch
index 612a535..7b22d62 100644
--- a/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch
@@ -1,4 +1,4 @@
-From 1803ea271b93370fdcf7ec497277344f1e775429 Mon Sep 17 00:00:00 2001
+From d0bdce977b7acc5e45e82cf84256c4bedc0e74c4 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sun, 27 May 2018 08:36:44 -0700
Subject: [PATCH] Define glibc compatible basename() for non-glibc systems
@@ -14,6 +14,8 @@
src/machine/machine-dbus.c | 5 +++++
1 file changed, 5 insertions(+)
+diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c
+index 8f11afd65b..a2b57deb7a 100644
--- a/src/machine/machine-dbus.c
+++ b/src/machine/machine-dbus.c
@@ -10,6 +10,11 @@
diff --git a/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch b/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
index baf4903..015347c 100644
--- a/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
@@ -1,4 +1,4 @@
-From 30b08f76ea7f5c324afedf97f0867b76dac9f128 Mon Sep 17 00:00:00 2001
+From e480d28305907c3874f4e58b722b8aa43c3ac7a2 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Wed, 4 Jul 2018 15:00:44 +0800
Subject: [PATCH] Do not disable buffering when writing to oom_score_adj
@@ -24,6 +24,8 @@
src/basic/process-util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/src/basic/process-util.c b/src/basic/process-util.c
+index df6e85b1fc..635dbb5d26 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -1489,7 +1489,7 @@ int set_oom_score_adjust(int value) {
diff --git a/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch b/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
index 878914b..c563982 100644
--- a/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
@@ -1,4 +1,4 @@
-From 873202f63f9f117c6e5a98e444cc709057042979 Mon Sep 17 00:00:00 2001
+From 0542d27ebbb250c09bdcfcf9f2ea3d27426fe522 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Tue, 10 Jul 2018 15:40:17 +0800
Subject: [PATCH] distinguish XSI-compliant strerror_r from GNU-specifi
@@ -24,9 +24,11 @@
src/libsystemd/sd-journal/journal-send.c | 5 +++++
2 files changed, 10 insertions(+)
+diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c
+index bdfa145ab7..61928f4bf3 100644
--- a/src/libsystemd/sd-bus/bus-error.c
+++ b/src/libsystemd/sd-bus/bus-error.c
-@@ -409,7 +409,12 @@ static void bus_error_strerror(sd_bus_er
+@@ -409,7 +409,12 @@ static void bus_error_strerror(sd_bus_error *e, int error) {
return;
errno = 0;
@@ -39,9 +41,11 @@
if (errno == ERANGE || strlen(x) >= k - 1) {
free(m);
k *= 2;
+diff --git a/src/libsystemd/sd-journal/journal-send.c b/src/libsystemd/sd-journal/journal-send.c
+index e6ceba54f9..285ebbc9ef 100644
--- a/src/libsystemd/sd-journal/journal-send.c
+++ b/src/libsystemd/sd-journal/journal-send.c
-@@ -348,7 +348,12 @@ static int fill_iovec_perror_and_send(co
+@@ -370,7 +370,12 @@ static int fill_iovec_perror_and_send(const char *message, int skip, struct iove
char* j;
errno = 0;
diff --git a/poky/meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch b/poky/meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
deleted file mode 100644
index e6507c5..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From e7441559266074e7a33e3c11ff5cdaf5ba9c0e24 Mon Sep 17 00:00:00 2001
-From: Chen Qi <Qi.Chen@windriver.com>
-Date: Mon, 25 Feb 2019 15:18:00 +0800
-Subject: [PATCH] Hide __start_BUS_ERROR_MAP and __stop_BUS_ERROR_MAP
-
-for currently unknown reasons they get exported to the shared libries
-even without being listed in the sym file
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-[Rebased for v241]
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
-
----
- src/libsystemd/sd-bus/bus-error.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c
-index c49be29e46..90731bd7e7 100644
---- a/src/libsystemd/sd-bus/bus-error.c
-+++ b/src/libsystemd/sd-bus/bus-error.c
-@@ -55,8 +55,8 @@ BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_standard_errors[] = {
- };
-
- /* GCC maps this magically to the beginning and end of the BUS_ERROR_MAP section */
--extern const sd_bus_error_map __start_SYSTEMD_BUS_ERROR_MAP[];
--extern const sd_bus_error_map __stop_SYSTEMD_BUS_ERROR_MAP[];
-+extern const sd_bus_error_map __start_SYSTEMD_BUS_ERROR_MAP[] _hidden_;
-+extern const sd_bus_error_map __stop_SYSTEMD_BUS_ERROR_MAP[] _hidden_;
-
- /* Additional maps registered with sd_bus_error_add_map() are in this
- * NULL terminated array */
diff --git a/poky/meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch b/poky/meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch
deleted file mode 100644
index eeff693..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 64f4d2eb976b9f23ce85b3655a876f7299eafd58 Mon Sep 17 00:00:00 2001
-From: Chen Qi <Qi.Chen@windriver.com>
-Date: Mon, 25 Feb 2019 15:27:54 +0800
-Subject: [PATCH] missing_type.h: add __compar_d_fn_t definition
-
-Fix the following compile failure:
-src/basic/util.h:71:18: error: unknown type name '__compar_d_fn_t'; did you mean '__compar_fn_t'?
-
-Upstream-Status: Inappropriate [musl specific]
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
-
----
- src/basic/missing_type.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/basic/missing_type.h b/src/basic/missing_type.h
-index 3df1084ef2..697aa7f58a 100644
---- a/src/basic/missing_type.h
-+++ b/src/basic/missing_type.h
-@@ -13,6 +13,7 @@
-
- #ifndef __GLIBC__
- typedef int (*comparison_fn_t)(const void *, const void *);
-+typedef int (*__compar_d_fn_t) (const void *, const void *, void *);
- #endif
-
- #ifndef __COMPAR_FN_T
diff --git a/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch b/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch
index 5ca5386..1fcba7a 100644
--- a/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch
@@ -1,4 +1,4 @@
-From d95330f328c23c1cd6c51aeca43f081746cf2899 Mon Sep 17 00:00:00 2001
+From e1d0210b47906dd121f936f3181092835df6a95c Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 15:44:54 +0800
Subject: [PATCH] avoid redefinition of prctl_mm_map structure
diff --git a/poky/meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch b/poky/meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch
deleted file mode 100644
index d51ac42..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From 2284f2f44b1b30f10b9196e0f5c6d0a2e0c1871f Mon Sep 17 00:00:00 2001
-From: Alex Kiernan <alex.kiernan@gmail.com>
-Date: Fri, 7 Aug 2020 15:19:27 +0000
-Subject: [PATCH] Handle missing LOCK_EX
-
-Upstream-Status: Inappropriate [musl specific]
-Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
-
----
- src/partition/makefs.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/partition/makefs.c b/src/partition/makefs.c
-index 7c94fbfedb..42f966722d 100644
---- a/src/partition/makefs.c
-+++ b/src/partition/makefs.c
-@@ -6,6 +6,7 @@
- #include <sys/stat.h>
- #include <sys/types.h>
- #include <unistd.h>
-+#include <sys/file.h>
-
- #include "alloc-util.h"
- #include "blockdev-util.h"
diff --git a/poky/meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch b/poky/meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch
deleted file mode 100644
index 1ba5c12..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From a6a25e1ecae91f48a4f87bf0cc17eaaf0a919ffe Mon Sep 17 00:00:00 2001
-From: Alex Kiernan <alex.kiernan@gmail.com>
-Date: Fri, 7 Aug 2020 15:20:17 +0000
-Subject: [PATCH] Fix incompatible pointer type struct sockaddr_un *
-
-| ../../../../../../workspace/sources/systemd/src/nspawn/nspawn.c: In function 'cant_be_in_netns':
-| ../../../../../../workspace/sources/systemd/src/nspawn/nspawn.c:4893:25: error: passing argument 2 of 'connect' from incompatible pointer type [-Werror=incompatible-pointer-types]
-| 4893 | if (connect(fd, &sa.un, SOCKADDR_UN_LEN(sa.un)) < 0) {
-| | ^~~~~~
-| | |
-| | struct sockaddr_un *
-| In file included from ../../../../../../workspace/sources/systemd/src/systemd/sd-daemon.h:22,
-| from ../../../../../../workspace/sources/systemd/src/nspawn/nspawn.c:21:
-| /home/ubuntu/poky/build/tmp/work/core2-64-poky-linux-musl/systemd/1_246-r0/recipe-sysroot/usr/include/sys/socket.h:384:19: note: expected 'const struct sockaddr *' but argument is of type 'struct sockaddr_un *'
-| 384 | int connect (int, const struct sockaddr *, socklen_t);
-| | ^~~~~~~~~~~~~~~~~~~~~~~
-| cc1: some warnings being treated as errors
-
-Upstream-Status: Inappropriate [musl specific]
-Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
-
----
- src/nspawn/nspawn.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/src/nspawn/nspawn.c
-+++ b/src/nspawn/nspawn.c
-@@ -5389,7 +5389,7 @@ static int cant_be_in_netns(void) {
- if (fd < 0)
- return log_error_errno(errno, "Failed to allocate udev control socket: %m");
-
-- if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
-+ if (connect(fd, (struct sockaddr *)&sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
-
- if (errno == ENOENT || ERRNO_IS_DISCONNECT(errno))
- return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
diff --git a/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch b/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch
index dfab8fb..82a01f7 100644
--- a/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch
@@ -1,4 +1,4 @@
-From 47472da6e8900773c26da8fd26699367447d97a6 Mon Sep 17 00:00:00 2001
+From e10a73de254b570bbc29b26423dbb86b4265bb05 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 16:53:06 +0800
Subject: [PATCH] test-json.c: define M_PIl
@@ -8,12 +8,18 @@
Upstream-Status: Inappropriate [musl specific]
+This is fixed upstream where systemd no longer needs M_PIl so it could
+be dropped when upgrading to 251+ see
+https://github.com/systemd/systemd/commit/f9a1fd2a3b2d8212ba84ef1c3b55657ced34475e
+
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
src/test/test-json.c | 4 ++++
1 file changed, 4 insertions(+)
+diff --git a/src/test/test-json.c b/src/test/test-json.c
+index b385edc269..5e5830238c 100644
--- a/src/test/test-json.c
+++ b/src/test/test-json.c
@@ -14,6 +14,10 @@
diff --git a/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch b/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch
index d389e1d..4dd6ff6 100644
--- a/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch
@@ -1,4 +1,4 @@
-From 0f9422780a569c79a4b28e44c79c70b4a354bd92 Mon Sep 17 00:00:00 2001
+From 414e2f97008a1f3c26a260a6dc4d51a8c1fa6900 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Fri, 1 Mar 2019 15:22:15 +0800
Subject: [PATCH] do not disable buffer in writing files
@@ -20,27 +20,34 @@
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
---
- src/basic/cgroup-util.c | 10 +++++-----
+ src/basic/cgroup-util.c | 12 ++++++------
+ src/basic/namespace-util.c | 4 ++--
src/basic/procfs-util.c | 4 ++--
src/basic/sysctl-util.c | 2 +-
src/basic/util.c | 2 +-
src/binfmt/binfmt.c | 6 +++---
+ src/core/cgroup.c | 2 +-
src/core/main.c | 4 ++--
src/core/smack-setup.c | 8 ++++----
src/hibernate-resume/hibernate-resume.c | 2 +-
+ src/home/homework.c | 2 +-
src/libsystemd/sd-device/sd-device.c | 2 +-
src/nspawn/nspawn-cgroup.c | 2 +-
src/nspawn/nspawn.c | 6 +++---
+ src/shared/binfmt-util.c | 2 +-
src/shared/cgroup-setup.c | 4 ++--
- src/shared/mount-util.c | 4 ++--
+ src/shared/coredump-util.c | 2 +-
src/shared/smack-util.c | 2 +-
src/sleep/sleep.c | 8 ++++----
+ src/udev/udev-rules.c | 1 -
src/vconsole/vconsole-setup.c | 2 +-
- 16 files changed, 34 insertions(+), 34 deletions(-)
+ 21 files changed, 39 insertions(+), 40 deletions(-)
+diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
+index f7dc6c8421..5f7a27c2c4 100644
--- a/src/basic/cgroup-util.c
+++ b/src/basic/cgroup-util.c
-@@ -390,7 +390,7 @@ int cg_kill_kernel_sigkill(const char *c
+@@ -390,7 +390,7 @@ int cg_kill_kernel_sigkill(const char *controller, const char *path) {
if (r < 0)
return r;
@@ -49,7 +56,7 @@
if (r < 0)
return r;
-@@ -803,7 +803,7 @@ int cg_install_release_agent(const char
+@@ -803,7 +803,7 @@ int cg_install_release_agent(const char *controller, const char *agent) {
sc = strstrip(contents);
if (isempty(sc)) {
@@ -58,7 +65,7 @@
if (r < 0)
return r;
} else if (!path_equal(sc, agent))
-@@ -821,7 +821,7 @@ int cg_install_release_agent(const char
+@@ -821,7 +821,7 @@ int cg_install_release_agent(const char *controller, const char *agent) {
sc = strstrip(contents);
if (streq(sc, "0")) {
@@ -67,7 +74,7 @@
if (r < 0)
return r;
-@@ -848,7 +848,7 @@ int cg_uninstall_release_agent(const cha
+@@ -848,7 +848,7 @@ int cg_uninstall_release_agent(const char *controller) {
if (r < 0)
return r;
@@ -76,7 +83,7 @@
if (r < 0)
return r;
-@@ -858,7 +858,7 @@ int cg_uninstall_release_agent(const cha
+@@ -858,7 +858,7 @@ int cg_uninstall_release_agent(const char *controller) {
if (r < 0)
return r;
@@ -85,7 +92,7 @@
if (r < 0)
return r;
-@@ -1704,7 +1704,7 @@ int cg_set_attribute(const char *control
+@@ -1704,7 +1704,7 @@ int cg_set_attribute(const char *controller, const char *path, const char *attri
if (r < 0)
return r;
@@ -94,9 +101,30 @@
}
int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) {
+diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c
+index b9120a5ed0..78e460b75f 100644
+--- a/src/basic/namespace-util.c
++++ b/src/basic/namespace-util.c
+@@ -202,12 +202,12 @@ int userns_acquire(const char *uid_map, const char *gid_map) {
+ freeze();
+
+ xsprintf(path, "/proc/" PID_FMT "/uid_map", pid);
+- r = write_string_file(path, uid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(path, uid_map, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write UID map: %m");
+
+ xsprintf(path, "/proc/" PID_FMT "/gid_map", pid);
+- r = write_string_file(path, gid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(path, gid_map, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write GID map: %m");
+
+diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c
+index e485a0196b..8bff210356 100644
--- a/src/basic/procfs-util.c
+++ b/src/basic/procfs-util.c
-@@ -64,13 +64,13 @@ int procfs_tasks_set_limit(uint64_t limi
+@@ -64,13 +64,13 @@ int procfs_tasks_set_limit(uint64_t limit) {
* decrease it, as threads-max is the much more relevant sysctl. */
if (limit > pid_max-1) {
sprintf(buffer, "%" PRIu64, limit+1); /* Add one, since PID 0 is not a valid PID */
@@ -112,9 +140,11 @@
if (r < 0) {
uint64_t threads_max;
+diff --git a/src/basic/sysctl-util.c b/src/basic/sysctl-util.c
+index b66a6622ae..8d1c93008a 100644
--- a/src/basic/sysctl-util.c
+++ b/src/basic/sysctl-util.c
-@@ -58,7 +58,7 @@ int sysctl_write(const char *property, c
+@@ -58,7 +58,7 @@ int sysctl_write(const char *property, const char *value) {
log_debug("Setting '%s' to '%s'", p, value);
@@ -123,6 +153,8 @@
}
int sysctl_writef(const char *property, const char *format, ...) {
+diff --git a/src/basic/util.c b/src/basic/util.c
+index d7ef382737..31c35118d1 100644
--- a/src/basic/util.c
+++ b/src/basic/util.c
@@ -168,7 +168,7 @@ void disable_coredumps(void) {
@@ -134,6 +166,8 @@
if (r < 0)
log_debug_errno(r, "Failed to turn off coredumps, ignoring: %m");
}
+diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
+index 18231c2618..6c598d55c8 100644
--- a/src/binfmt/binfmt.c
+++ b/src/binfmt/binfmt.c
@@ -29,7 +29,7 @@ static bool arg_unregister = false;
@@ -145,7 +179,7 @@
}
static int apply_rule(const char *filename, unsigned line, const char *rule) {
-@@ -59,7 +59,7 @@ static int apply_rule(const char *filena
+@@ -59,7 +59,7 @@ static int apply_rule(const char *filename, unsigned line, const char *rule) {
if (r >= 0)
log_debug("%s:%u: Rule '%s' deleted.", filename, line, rulename);
@@ -163,9 +197,24 @@
if (r < 0)
log_warning_errno(r, "Failed to flush binfmt_misc rules, ignoring: %m");
else
+diff --git a/src/core/cgroup.c b/src/core/cgroup.c
+index f58de95a49..7a97ab6f99 100644
+--- a/src/core/cgroup.c
++++ b/src/core/cgroup.c
+@@ -4140,7 +4140,7 @@ int unit_cgroup_freezer_action(Unit *u, FreezerAction action) {
+ else
+ u->freezer_state = FREEZER_THAWING;
+
+- r = write_string_file(path, one_zero(action == FREEZER_FREEZE), WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(path, one_zero(action == FREEZER_FREEZE), 0);
+ if (r < 0)
+ return r;
+
+diff --git a/src/core/main.c b/src/core/main.c
+index 57aedb9b93..7ef36d22f5 100644
--- a/src/core/main.c
+++ b/src/core/main.c
-@@ -1466,7 +1466,7 @@ static int bump_unix_max_dgram_qlen(void
+@@ -1466,7 +1466,7 @@ static int bump_unix_max_dgram_qlen(void) {
if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
return 0;
@@ -174,7 +223,7 @@
"%lu", DEFAULT_UNIX_MAX_DGRAM_QLEN);
if (r < 0)
return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
-@@ -1737,7 +1737,7 @@ static void initialize_core_pattern(bool
+@@ -1737,7 +1737,7 @@ static void initialize_core_pattern(bool skip_setup) {
if (getpid_cached() != 1)
return;
@@ -183,9 +232,11 @@
if (r < 0)
log_warning_errno(r, "Failed to write '%s' to /proc/sys/kernel/core_pattern, ignoring: %m",
arg_early_core_pattern);
+diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
+index f88cb80834..68055fb64a 100644
--- a/src/core/smack-setup.c
+++ b/src/core/smack-setup.c
-@@ -320,17 +320,17 @@ int mac_smack_setup(bool *loaded_policy)
+@@ -320,17 +320,17 @@ int mac_smack_setup(bool *loaded_policy) {
}
#if HAVE_SMACK_RUN_LABEL
@@ -207,6 +258,8 @@
if (r < 0)
log_warning_errno(r, "Failed to set SMACK netlabel rule \"127.0.0.1 -CIPSO\": %m");
#endif
+diff --git a/src/hibernate-resume/hibernate-resume.c b/src/hibernate-resume/hibernate-resume.c
+index 58e35e403e..1d0beb4008 100644
--- a/src/hibernate-resume/hibernate-resume.c
+++ b/src/hibernate-resume/hibernate-resume.c
@@ -45,7 +45,7 @@ int main(int argc, char *argv[]) {
@@ -218,9 +271,24 @@
if (r < 0) {
log_error_errno(r, "Failed to write '%s' to /sys/power/resume: %m", major_minor);
return EXIT_FAILURE;
+diff --git a/src/home/homework.c b/src/home/homework.c
+index 9fdc74b775..9858a2b415 100644
+--- a/src/home/homework.c
++++ b/src/home/homework.c
+@@ -284,7 +284,7 @@ static void drop_caches_now(void) {
+ * details. We write "2" into /proc/sys/vm/drop_caches to ensure dentries/inodes are flushed, but not
+ * more. */
+
+- r = write_string_file("/proc/sys/vm/drop_caches", "2\n", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/vm/drop_caches", "2\n", 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to drop caches, ignoring: %m");
+ else
+diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c
+index b163a0fb6b..fd6c5301d6 100644
--- a/src/libsystemd/sd-device/sd-device.c
+++ b/src/libsystemd/sd-device/sd-device.c
-@@ -2108,7 +2108,7 @@ _public_ int sd_device_set_sysattr_value
+@@ -2108,7 +2108,7 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
if (!value)
return -ENOMEM;
@@ -229,9 +297,11 @@
if (r < 0) {
/* On failure, clear cache entry, as we do not know how it fails. */
device_remove_cached_sysattr_value(device, sysattr);
+diff --git a/src/nspawn/nspawn-cgroup.c b/src/nspawn/nspawn-cgroup.c
+index d472e80c03..c7780c7fc6 100644
--- a/src/nspawn/nspawn-cgroup.c
+++ b/src/nspawn/nspawn-cgroup.c
-@@ -124,7 +124,7 @@ int sync_cgroup(pid_t pid, CGroupUnified
+@@ -124,7 +124,7 @@ int sync_cgroup(pid_t pid, CGroupUnified unified_requested, uid_t uid_shift) {
fn = strjoina(tree, cgroup, "/cgroup.procs");
sprintf(pid_string, PID_FMT, pid);
@@ -240,9 +310,11 @@
if (r < 0) {
log_error_errno(r, "Failed to move process: %m");
goto finish;
+diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
+index fb6af295b5..0d83f1e4d2 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
-@@ -2757,7 +2757,7 @@ static int reset_audit_loginuid(void) {
+@@ -2759,7 +2759,7 @@ static int reset_audit_loginuid(void) {
if (streq(p, "4294967295"))
return 0;
@@ -251,7 +323,7 @@
if (r < 0) {
log_error_errno(r,
"Failed to reset audit login UID. This probably means that your kernel is too\n"
-@@ -4163,7 +4163,7 @@ static int setup_uid_map(
+@@ -4175,7 +4175,7 @@ static int setup_uid_map(
return log_oom();
xsprintf(uid_map, "/proc/" PID_FMT "/uid_map", pid);
@@ -260,7 +332,7 @@
if (r < 0)
return log_error_errno(r, "Failed to write UID map: %m");
-@@ -4173,7 +4173,7 @@ static int setup_uid_map(
+@@ -4185,7 +4185,7 @@ static int setup_uid_map(
return log_oom();
xsprintf(uid_map, "/proc/" PID_FMT "/gid_map", pid);
@@ -269,9 +341,24 @@
if (r < 0)
return log_error_errno(r, "Failed to write GID map: %m");
+diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c
+index 724d7f27d9..dd725cff92 100644
+--- a/src/shared/binfmt-util.c
++++ b/src/shared/binfmt-util.c
+@@ -26,7 +26,7 @@ int disable_binfmt(void) {
+ if (r < 0)
+ return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m");
+
+- r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", 0);
+ if (r < 0)
+ return log_warning_errno(r, "Failed to unregister binfmt_misc entries: %m");
+
+diff --git a/src/shared/cgroup-setup.c b/src/shared/cgroup-setup.c
+index 8bda66ca36..4e1e9943ee 100644
--- a/src/shared/cgroup-setup.c
+++ b/src/shared/cgroup-setup.c
-@@ -345,7 +345,7 @@ int cg_attach(const char *controller, co
+@@ -345,7 +345,7 @@ int cg_attach(const char *controller, const char *path, pid_t pid) {
xsprintf(c, PID_FMT "\n", pid);
@@ -289,9 +376,22 @@
if (r < 0) {
log_debug_errno(r, "Failed to %s controller %s for %s (%s): %m",
FLAGS_SET(mask, bit) ? "enable" : "disable", n, p, fs);
+diff --git a/src/shared/coredump-util.c b/src/shared/coredump-util.c
+index a0b648bf79..13f921390d 100644
+--- a/src/shared/coredump-util.c
++++ b/src/shared/coredump-util.c
+@@ -70,5 +70,5 @@ int set_coredump_filter(uint64_t value) {
+ sprintf(t, "0x%"PRIx64, value);
+
+ return write_string_file("/proc/self/coredump_filter", t,
+- WRITE_STRING_FILE_VERIFY_ON_FAILURE|WRITE_STRING_FILE_DISABLE_BUFFER);
++ WRITE_STRING_FILE_VERIFY_ON_FAILURE);
+ }
+diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c
+index 0df1778cb2..3b9a0c934e 100644
--- a/src/shared/smack-util.c
+++ b/src/shared/smack-util.c
-@@ -114,7 +114,7 @@ int mac_smack_apply_pid(pid_t pid, const
+@@ -114,7 +114,7 @@ int mac_smack_apply_pid(pid_t pid, const char *label) {
return 0;
p = procfs_file_alloca(pid, "attr/current");
@@ -300,9 +400,11 @@
if (r < 0)
return r;
+diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c
+index 7064f3a905..8f2a7d9da2 100644
--- a/src/sleep/sleep.c
+++ b/src/sleep/sleep.c
-@@ -46,7 +46,7 @@ static int write_hibernate_location_info
+@@ -46,7 +46,7 @@ static int write_hibernate_location_info(const HibernateLocation *hibernate_loca
assert(hibernate_location->swap);
xsprintf(resume_str, "%u:%u", major(hibernate_location->devno), minor(hibernate_location->devno));
@@ -311,7 +413,7 @@
if (r < 0)
return log_debug_errno(r, "Failed to write partition device to /sys/power/resume for '%s': '%s': %m",
hibernate_location->swap->device, resume_str);
-@@ -73,7 +73,7 @@ static int write_hibernate_location_info
+@@ -73,7 +73,7 @@ static int write_hibernate_location_info(const HibernateLocation *hibernate_loca
}
xsprintf(offset_str, "%" PRIu64, hibernate_location->offset);
@@ -329,7 +431,7 @@
if (k >= 0)
return 0;
-@@ -112,7 +112,7 @@ static int write_state(FILE **f, char **
+@@ -112,7 +112,7 @@ static int write_state(FILE **f, char **states) {
STRV_FOREACH(state, states) {
int k;
@@ -338,9 +440,23 @@
if (k >= 0)
return 0;
log_debug_errno(k, "Failed to write '%s' to /sys/power/state: %m", *state);
+diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
+index 0089833e3f..0a6a3abbb4 100644
+--- a/src/udev/udev-rules.c
++++ b/src/udev/udev-rules.c
+@@ -2181,7 +2181,6 @@ static int udev_rule_apply_token_to_event(
+ log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value);
+ r = write_string_file(buf, value,
+ WRITE_STRING_FILE_VERIFY_ON_FAILURE |
+- WRITE_STRING_FILE_DISABLE_BUFFER |
+ WRITE_STRING_FILE_AVOID_NEWLINE |
+ WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
+ if (r < 0)
+diff --git a/src/vconsole/vconsole-setup.c b/src/vconsole/vconsole-setup.c
+index 50930d4af3..5efd5d3728 100644
--- a/src/vconsole/vconsole-setup.c
+++ b/src/vconsole/vconsole-setup.c
-@@ -108,7 +108,7 @@ static int toggle_utf8_vc(const char *na
+@@ -108,7 +108,7 @@ static int toggle_utf8_vc(const char *name, int fd, bool utf8) {
static int toggle_utf8_sysfs(bool utf8) {
int r;
@@ -349,72 +465,3 @@
if (r < 0)
return log_warning_errno(r, "Failed to %s sysfs UTF-8 flag: %m", enable_disable(utf8));
---- a/src/basic/namespace-util.c
-+++ b/src/basic/namespace-util.c
-@@ -202,12 +202,12 @@ int userns_acquire(const char *uid_map,
- freeze();
-
- xsprintf(path, "/proc/" PID_FMT "/uid_map", pid);
-- r = write_string_file(path, uid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(path, uid_map, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to write UID map: %m");
-
- xsprintf(path, "/proc/" PID_FMT "/gid_map", pid);
-- r = write_string_file(path, gid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(path, gid_map, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to write GID map: %m");
-
---- a/src/core/cgroup.c
-+++ b/src/core/cgroup.c
-@@ -4140,7 +4140,7 @@ int unit_cgroup_freezer_action(Unit *u,
- else
- u->freezer_state = FREEZER_THAWING;
-
-- r = write_string_file(path, one_zero(action == FREEZER_FREEZE), WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(path, one_zero(action == FREEZER_FREEZE), 0);
- if (r < 0)
- return r;
-
---- a/src/home/homework.c
-+++ b/src/home/homework.c
-@@ -284,7 +284,7 @@ static void drop_caches_now(void) {
- * details. We write "2" into /proc/sys/vm/drop_caches to ensure dentries/inodes are flushed, but not
- * more. */
-
-- r = write_string_file("/proc/sys/vm/drop_caches", "2\n", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/vm/drop_caches", "2\n", 0);
- if (r < 0)
- log_warning_errno(r, "Failed to drop caches, ignoring: %m");
- else
---- a/src/shared/binfmt-util.c
-+++ b/src/shared/binfmt-util.c
-@@ -26,7 +26,7 @@ int disable_binfmt(void) {
- if (r < 0)
- return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m");
-
-- r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", 0);
- if (r < 0)
- return log_warning_errno(r, "Failed to unregister binfmt_misc entries: %m");
-
---- a/src/shared/coredump-util.c
-+++ b/src/shared/coredump-util.c
-@@ -70,5 +70,5 @@ int set_coredump_filter(uint64_t value)
- sprintf(t, "0x%"PRIx64, value);
-
- return write_string_file("/proc/self/coredump_filter", t,
-- WRITE_STRING_FILE_VERIFY_ON_FAILURE|WRITE_STRING_FILE_DISABLE_BUFFER);
-+ WRITE_STRING_FILE_VERIFY_ON_FAILURE);
- }
---- a/src/udev/udev-rules.c
-+++ b/src/udev/udev-rules.c
-@@ -2181,7 +2181,6 @@ static int udev_rule_apply_token_to_even
- log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value);
- r = write_string_file(buf, value,
- WRITE_STRING_FILE_VERIFY_ON_FAILURE |
-- WRITE_STRING_FILE_DISABLE_BUFFER |
- WRITE_STRING_FILE_AVOID_NEWLINE |
- WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
- if (r < 0)
diff --git a/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch b/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch
index e001ed5..6981d70 100644
--- a/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch
@@ -1,4 +1,4 @@
-From e4f9ef547fa342102db15188544daa18e71e9c66 Mon Sep 17 00:00:00 2001
+From 8871f78c559f37169c0cfaf20b0af1dbec0399af Mon Sep 17 00:00:00 2001
From: Scott Murray <scott.murray@konsulko.com>
Date: Fri, 13 Sep 2019 19:26:27 -0400
Subject: [PATCH] Handle __cpu_mask usage
@@ -38,7 +38,7 @@
typedef struct CPUSet {
cpu_set_t *set;
diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c
-index 4403c0aa52..e7e4ae112d 100644
+index 602772227e..7f1ed19d77 100644
--- a/src/test/test-sizeof.c
+++ b/src/test/test-sizeof.c
@@ -1,6 +1,5 @@
diff --git a/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch b/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch
index 2d06ab8..2c56838 100644
--- a/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch
@@ -1,4 +1,4 @@
-From 66a926cf906260c2fb5ea851e55efe03edd444dc Mon Sep 17 00:00:00 2001
+From ec519727bb1ceda6e7787ccf86237a6aad07137c Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Tue, 10 Mar 2020 11:05:20 +0000
Subject: [PATCH] Handle missing gshadow
@@ -17,6 +17,8 @@
src/shared/userdb.c | 7 ++++++-
3 files changed, 30 insertions(+), 1 deletion(-)
+diff --git a/src/shared/user-record-nss.c b/src/shared/user-record-nss.c
+index 88b8fc2f8f..a819d41bac 100644
--- a/src/shared/user-record-nss.c
+++ b/src/shared/user-record-nss.c
@@ -331,8 +331,10 @@ int nss_group_to_group_record(
@@ -46,7 +48,7 @@
r = json_build(&g->json, JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(g->group_name)),
-@@ -388,6 +392,7 @@ int nss_sgrp_for_group(const struct grou
+@@ -388,6 +392,7 @@ int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **re
assert(ret_sgrp);
assert(ret_buffer);
@@ -54,7 +56,7 @@
for (;;) {
_cleanup_free_ char *buf = NULL;
struct sgrp sgrp, *result;
-@@ -416,6 +421,9 @@ int nss_sgrp_for_group(const struct grou
+@@ -416,6 +421,9 @@ int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **re
buflen *= 2;
buf = mfree(buf);
}
@@ -120,6 +122,8 @@
if (r < 0)
return r;
+diff --git a/src/shared/user-record-nss.h b/src/shared/user-record-nss.h
+index 22ab04d6ee..4e52e7a911 100644
--- a/src/shared/user-record-nss.h
+++ b/src/shared/user-record-nss.h
@@ -2,7 +2,11 @@
@@ -134,9 +138,11 @@
#include <pwd.h>
#include <shadow.h>
+diff --git a/src/shared/userdb.c b/src/shared/userdb.c
+index 0eddd382e6..d506b8e263 100644
--- a/src/shared/userdb.c
+++ b/src/shared/userdb.c
-@@ -1046,13 +1046,15 @@ int groupdb_iterator_get(UserDBIterator
+@@ -1046,13 +1046,15 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
if (gr) {
_cleanup_free_ char *buffer = NULL;
bool incomplete = false;
@@ -153,7 +159,7 @@
if (!FLAGS_SET(iterator->flags, USERDB_SUPPRESS_SHADOW)) {
r = nss_sgrp_for_group(gr, &sgrp, &buffer);
if (r < 0) {
-@@ -1065,6 +1067,9 @@ int groupdb_iterator_get(UserDBIterator
+@@ -1065,6 +1067,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
}
r = nss_group_to_group_record(gr, r >= 0 ? &sgrp : NULL, ret);
diff --git a/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch b/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
index f4a71be..6c97a27 100644
--- a/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
@@ -1,4 +1,4 @@
-From 6f0dd2ba75b68036d7b4ebfe47ac5eaf44d26f06 Mon Sep 17 00:00:00 2001
+From 754a16eeb255c06dbdd4655632276573f0f075ec Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 12 Apr 2021 23:44:53 -0700
Subject: [PATCH] missing_syscall.h: Define MIPS ABI defines for musl
@@ -12,9 +12,12 @@
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- src/basic/missing_syscall.h | 6 ++++++
- 1 file changed, 6 insertions(+)
+ src/basic/missing_syscall.h | 6 ++++++
+ src/shared/base-filesystem.c | 1 +
+ 2 files changed, 7 insertions(+)
+diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
+index 793d111c55..9665848b88 100644
--- a/src/basic/missing_syscall.h
+++ b/src/basic/missing_syscall.h
@@ -20,6 +20,12 @@
@@ -30,6 +33,8 @@
#include "macro.h"
#include "missing_keyctl.h"
#include "missing_stat.h"
+diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
+index d396bc99fe..7e9c0c3412 100644
--- a/src/shared/base-filesystem.c
+++ b/src/shared/base-filesystem.c
@@ -19,6 +19,7 @@
diff --git a/poky/meta/recipes-core/systemd/systemd/0029-network-enable-KeepConfiguration-when-running-on-net.patch b/poky/meta/recipes-core/systemd/systemd/0029-network-enable-KeepConfiguration-when-running-on-net.patch
deleted file mode 100644
index 782b964..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0029-network-enable-KeepConfiguration-when-running-on-net.patch
+++ /dev/null
@@ -1,253 +0,0 @@
-From 6f4e84126aaa4e26cb6865b054ea5ddebd3906e5 Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Thu, 3 Feb 2022 12:14:19 +0900
-Subject: [PATCH] network: enable KeepConfiguration= when running on network
- filesystem
-Cc: pavel@zhukoff.net
-
-Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/22383]
-[YOCTO #14708]
-
-network-generator: rename DHCP_TYPE_DHCP -> DHCP_TYPE_DHCP4
-
-To emphasize this is DHCPv4. No behavior is changed.
-
-stat-util: introduce path_is_network_fs()
-
-network: enable KeepConfiguration= when running on network filesystem
-
-Also, set KeepConfiguration=dhcp-on-stop by default when running in
-initrd.
-
-Fixes #21967.
----
- man/systemd.network.xml | 6 +++--
- src/basic/stat-util.c | 9 +++++++
- src/basic/stat-util.h | 1 +
- src/network/generator/network-generator.c | 4 ++--
- src/network/generator/network-generator.h | 2 +-
- src/network/networkd-manager.c | 29 +++++++++++++++++++++++
- src/network/networkd-manager.h | 2 ++
- src/network/networkd-network.c | 12 ++++++----
- src/network/test-networkd-conf.c | 5 ++++
- 9 files changed, 60 insertions(+), 10 deletions(-)
-
-diff --git a/man/systemd.network.xml b/man/systemd.network.xml
-index af431e4f2c..f90cff4cd6 100644
---- a/man/systemd.network.xml
-+++ b/man/systemd.network.xml
-@@ -944,8 +944,10 @@ Table=1234</programlisting></para>
- lease expires. This is contrary to the DHCP specification, but may be the best choice if,
- e.g., the root filesystem relies on this connection. The setting <literal>dhcp</literal>
- implies <literal>dhcp-on-stop</literal>, and <literal>yes</literal> implies
-- <literal>dhcp</literal> and <literal>static</literal>. Defaults to <literal>no</literal>.
-- </para>
-+ <literal>dhcp</literal> and <literal>static</literal>. Defaults to
-+ <literal>dhcp-on-stop</literal> when <command>systemd-networkd</command> is running in
-+ initrd, <literal>yes</literal> when the root filesystem is a network filesystem, and
-+ <literal>no</literal> otherwise.</para>
- </listitem>
- </varlistentry>
- </variablelist>
-diff --git a/src/basic/stat-util.c b/src/basic/stat-util.c
-index efac7b002e..c2269844f8 100644
---- a/src/basic/stat-util.c
-+++ b/src/basic/stat-util.c
-@@ -249,6 +249,15 @@ int path_is_temporary_fs(const char *path) {
- return is_temporary_fs(&s);
- }
-
-+int path_is_network_fs(const char *path) {
-+ struct statfs s;
-+
-+ if (statfs(path, &s) < 0)
-+ return -errno;
-+
-+ return is_network_fs(&s);
-+}
-+
- int stat_verify_regular(const struct stat *st) {
- assert(st);
-
-diff --git a/src/basic/stat-util.h b/src/basic/stat-util.h
-index a566114f7c..f7d2f12aa9 100644
---- a/src/basic/stat-util.h
-+++ b/src/basic/stat-util.h
-@@ -53,6 +53,7 @@ int fd_is_temporary_fs(int fd);
- int fd_is_network_fs(int fd);
-
- int path_is_temporary_fs(const char *path);
-+int path_is_network_fs(const char *path);
-
- /* Because statfs.t_type can be int on some architectures, we have to cast
- * the const magic to the type, otherwise the compiler warns about
-diff --git a/src/network/generator/network-generator.c b/src/network/generator/network-generator.c
-index c081ec673c..063ad08d80 100644
---- a/src/network/generator/network-generator.c
-+++ b/src/network/generator/network-generator.c
-@@ -47,7 +47,7 @@ static const char * const dracut_dhcp_type_table[_DHCP_TYPE_MAX] = {
- [DHCP_TYPE_OFF] = "off",
- [DHCP_TYPE_ON] = "on",
- [DHCP_TYPE_ANY] = "any",
-- [DHCP_TYPE_DHCP] = "dhcp",
-+ [DHCP_TYPE_DHCP4] = "dhcp",
- [DHCP_TYPE_DHCP6] = "dhcp6",
- [DHCP_TYPE_AUTO6] = "auto6",
- [DHCP_TYPE_EITHER6] = "either6",
-@@ -62,7 +62,7 @@ static const char * const networkd_dhcp_type_table[_DHCP_TYPE_MAX] = {
- [DHCP_TYPE_OFF] = "no",
- [DHCP_TYPE_ON] = "yes",
- [DHCP_TYPE_ANY] = "yes",
-- [DHCP_TYPE_DHCP] = "ipv4",
-+ [DHCP_TYPE_DHCP4] = "ipv4",
- [DHCP_TYPE_DHCP6] = "ipv6",
- [DHCP_TYPE_AUTO6] = "no", /* TODO: enable other setting? */
- [DHCP_TYPE_EITHER6] = "ipv6", /* TODO: enable other setting? */
-diff --git a/src/network/generator/network-generator.h b/src/network/generator/network-generator.h
-index dd0a58738b..0e0da2a57a 100644
---- a/src/network/generator/network-generator.h
-+++ b/src/network/generator/network-generator.h
-@@ -13,7 +13,7 @@ typedef enum DHCPType {
- DHCP_TYPE_OFF,
- DHCP_TYPE_ON,
- DHCP_TYPE_ANY,
-- DHCP_TYPE_DHCP,
-+ DHCP_TYPE_DHCP4,
- DHCP_TYPE_DHCP6,
- DHCP_TYPE_AUTO6,
- DHCP_TYPE_EITHER6,
-diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
-index 7e89366ae8..3261f289e9 100644
---- a/src/network/networkd-manager.c
-+++ b/src/network/networkd-manager.c
-@@ -398,6 +398,30 @@ static int signal_restart_callback(sd_event_source *s, const struct signalfd_sig
- return sd_event_exit(sd_event_source_get_event(s), 0);
- }
-
-+static int manager_set_keep_configuration(Manager *m) {
-+ int r;
-+
-+ assert(m);
-+
-+ if (in_initrd()) {
-+ log_debug("Running in initrd, keep DHCPv4 addresses on stopping networkd by default.");
-+ m->keep_configuration = KEEP_CONFIGURATION_DHCP_ON_STOP;
-+ return 0;
-+ }
-+
-+ r = path_is_network_fs("/");
-+ if (r < 0)
-+ return log_error_errno(r, "Failed to detect if root is network filesystem: %m");
-+ if (r == 0) {
-+ m->keep_configuration = _KEEP_CONFIGURATION_INVALID;
-+ return 0;
-+ }
-+
-+ log_debug("Running on network filesystem, enabling KeepConfiguration= by default.");
-+ m->keep_configuration = KEEP_CONFIGURATION_YES;
-+ return 0;
-+}
-+
- int manager_setup(Manager *m) {
- int r;
-
-@@ -453,6 +477,10 @@ int manager_setup(Manager *m) {
- if (r < 0)
- return r;
-
-+ r = manager_set_keep_configuration(m);
-+ if (r < 0)
-+ return r;
-+
- m->state_file = strdup("/run/systemd/netif/state");
- if (!m->state_file)
- return -ENOMEM;
-@@ -468,6 +496,7 @@ int manager_new(Manager **ret, bool test_mode) {
- return -ENOMEM;
-
- *m = (Manager) {
-+ .keep_configuration = _KEEP_CONFIGURATION_INVALID,
- .test_mode = test_mode,
- .speed_meter_interval_usec = SPEED_METER_DEFAULT_TIME_INTERVAL,
- .online_state = _LINK_ONLINE_STATE_INVALID,
-diff --git a/src/network/networkd-manager.h b/src/network/networkd-manager.h
-index 36313589a3..86de529124 100644
---- a/src/network/networkd-manager.h
-+++ b/src/network/networkd-manager.h
-@@ -28,6 +28,8 @@ struct Manager {
- Hashmap *polkit_registry;
- int ethtool_fd;
-
-+ KeepConfiguration keep_configuration;
-+
- bool test_mode;
- bool enumerating;
- bool dirty;
-diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
-index 3142be471f..edcd68d616 100644
---- a/src/network/networkd-network.c
-+++ b/src/network/networkd-network.c
-@@ -124,6 +124,7 @@ int network_verify(Network *network) {
- int r;
-
- assert(network);
-+ assert(network->manager);
- assert(network->filename);
-
- if (net_match_is_empty(&network->match) && !network->conditions)
-@@ -248,10 +249,11 @@ int network_verify(Network *network) {
- }
-
- if (network->dhcp_critical >= 0) {
-- if (network->keep_configuration >= 0)
-- log_warning("%s: Both KeepConfiguration= and deprecated CriticalConnection= are set. "
-- "Ignoring CriticalConnection=.", network->filename);
-- else if (network->dhcp_critical)
-+ if (network->keep_configuration >= 0) {
-+ if (network->manager->keep_configuration < 0)
-+ log_warning("%s: Both KeepConfiguration= and deprecated CriticalConnection= are set. "
-+ "Ignoring CriticalConnection=.", network->filename);
-+ } else if (network->dhcp_critical)
- /* CriticalConnection=yes also preserve foreign static configurations. */
- network->keep_configuration = KEEP_CONFIGURATION_YES;
- else
-@@ -386,7 +388,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
- .allmulticast = -1,
- .promiscuous = -1,
-
-- .keep_configuration = _KEEP_CONFIGURATION_INVALID,
-+ .keep_configuration = manager->keep_configuration,
-
- .dhcp_duid.type = _DUID_TYPE_INVALID,
- .dhcp_critical = -1,
-diff --git a/src/network/test-networkd-conf.c b/src/network/test-networkd-conf.c
-index 4b00a98086..5f1328e39c 100644
---- a/src/network/test-networkd-conf.c
-+++ b/src/network/test-networkd-conf.c
-@@ -6,6 +6,7 @@
- #include "net-condition.h"
- #include "networkd-address.h"
- #include "networkd-conf.h"
-+#include "networkd-manager.h"
- #include "networkd-network.h"
- #include "strv.h"
-
-@@ -166,11 +167,15 @@ static void test_config_parse_ether_addr(void) {
- }
-
- static void test_config_parse_address_one(const char *rvalue, int family, unsigned n_addresses, const union in_addr_union *u, unsigned char prefixlen) {
-+ _cleanup_(manager_freep) Manager *manager = NULL;
- _cleanup_(network_unrefp) Network *network = NULL;
-
-+ assert_se(manager_new(&manager, /* test_mode = */ true) >= 0);
- assert_se(network = new0(Network, 1));
- network->n_ref = 1;
-+ network->manager = manager;
- assert_se(network->filename = strdup("hogehoge.network"));
-+
- assert_se(config_parse_match_ifnames("network", "filename", 1, "section", 1, "Name", 0, "*", &network->match.ifname, network) == 0);
- assert_se(config_parse_address("network", "filename", 1, "section", 1, "Address", 0, rvalue, network, network) == 0);
- assert_se(ordered_hashmap_size(network->addresses_by_section) == 1);
---
-2.34.1
-
diff --git a/poky/meta/recipes-core/systemd/systemd_250.4.bb b/poky/meta/recipes-core/systemd/systemd_250.5.bb
similarity index 97%
rename from poky/meta/recipes-core/systemd/systemd_250.4.bb
rename to poky/meta/recipes-core/systemd/systemd_250.5.bb
index 15e2185..006b2f8 100644
--- a/poky/meta/recipes-core/systemd/systemd_250.4.bb
+++ b/poky/meta/recipes-core/systemd/systemd_250.5.bb
@@ -23,16 +23,14 @@
file://systemd-pager.sh \
file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \
file://0003-implment-systemd-sysv-install-for-OE.patch \
- file://0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch \
- file://0001-test-parse-argument-Include-signal.h.patch \
- file://0029-network-enable-KeepConfiguration-when-running-on-net.patch \
+ file://0001-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch \
+ file://0001-resolve-Use-sockaddr-pointer-type-for-bind.patch \
"
# patches needed by musl
SRC_URI:append:libc-musl = " ${SRC_URI_MUSL}"
SRC_URI_MUSL = "\
- file://0002-don-t-use-glibc-specific-qsort_r.patch \
- file://0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch \
+ file://0003-missing_type.h-add-comparison_fn_t.patch \
file://0004-add-fallback-parse_printf_format-implementation.patch \
file://0005-src-basic-missing.h-check-for-missing-strndupa.patch \
file://0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch \
@@ -44,11 +42,7 @@
file://0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch \
file://0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \
file://0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \
- file://0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \
- file://0017-missing_type.h-add-__compar_d_fn_t-definition.patch \
file://0018-avoid-redefinition-of-prctl_mm_map-structure.patch \
- file://0019-Handle-missing-LOCK_EX.patch \
- file://0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch \
file://0021-test-json.c-define-M_PIl.patch \
file://0022-do-not-disable-buffer-in-writing-files.patch \
file://0025-Handle-__cpu_mask-usage.patch \
diff --git a/poky/meta/recipes-core/udev/udev-extraconf/mount.blacklist b/poky/meta/recipes-core/udev/udev-extraconf/mount.ignorelist
similarity index 100%
rename from poky/meta/recipes-core/udev/udev-extraconf/mount.blacklist
rename to poky/meta/recipes-core/udev/udev-extraconf/mount.ignorelist
diff --git a/poky/meta/recipes-core/udev/udev-extraconf/mount.sh b/poky/meta/recipes-core/udev/udev-extraconf/mount.sh
index b237318..43acb3a 100644
--- a/poky/meta/recipes-core/udev/udev-extraconf/mount.sh
+++ b/poky/meta/recipes-core/udev/udev-extraconf/mount.sh
@@ -6,6 +6,7 @@
BASE_INIT="`readlink -f "@base_sbindir@/init"`"
INIT_SYSTEMD="@systemd_unitdir@/systemd"
+MOUNT_BASE="@MOUNT_BASE@"
if [ "x$BASE_INIT" = "x$INIT_SYSTEMD" ];then
# systemd as init uses systemd-mount to mount block devices
@@ -26,11 +27,11 @@
PMOUNT="/usr/bin/pmount"
-for line in `grep -h -v ^# /etc/udev/mount.blacklist /etc/udev/mount.blacklist.d/*`
+for line in `grep -h -v ^# /etc/udev/mount.ignorelist /etc/udev/mount.ignorelist.d/*`
do
if [ ` expr match "$DEVNAME" "$line" ` -gt 0 ];
then
- logger "udev/mount.sh" "[$DEVNAME] is blacklisted, ignoring"
+ logger "udev/mount.sh" "[$DEVNAME] is marked to ignore"
exit 0
fi
done
@@ -39,11 +40,21 @@
name="`basename "$DEVNAME"`"
# Skip already mounted partitions
- if [ -f /run/systemd/transient/run-media-$name.mount ]; then
- logger "mount.sh/automount" "/run/media/$name already mounted"
+ if [ -f /run/systemd/transient/$(echo $MOUNT_BASE | cut -d '/' -f 2- | sed 's#/#-#g')-*$name.mount ]; then
+ logger "mount.sh/automount" "$MOUNT_BASE/$name already mounted"
return
fi
+ # Get the unique name for mount point
+ get_label_name "${DEVNAME}"
+
+ # Only go for auto-mounting when the device has been cleaned up in remove
+ # or has not been identified yet
+ if [ -e "/tmp/.automount-$name" ]; then
+ logger "mount.sh/automount" "[$MOUNT_BASE/$name] is already cached"
+ return
+ fi
+
# Skip the partition which are already in /etc/fstab
grep "^[[:space:]]*$DEVNAME" /etc/fstab && return
for n in LABEL PARTLABEL UUID PARTUUID; do
@@ -53,7 +64,7 @@
grep "^[[:space:]]*$tmp" /etc/fstab && return
done
- [ -d "/run/media/$name" ] || mkdir -p "/run/media/$name"
+ [ -d "$MOUNT_BASE/$name" ] || mkdir -p "$MOUNT_BASE/$name"
MOUNT="$MOUNT -o silent"
@@ -65,17 +76,19 @@
;;
swap)
return ;;
+ lvm*|LVM*)
+ return ;;
# TODO
*)
;;
esac
- if ! $MOUNT --no-block -t auto $DEVNAME "/run/media/$name"
+ if ! $MOUNT --no-block -t auto $DEVNAME "$MOUNT_BASE/$name"
then
- #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"/run/media/$name\" failed!"
- rm_dir "/run/media/$name"
+ #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"$MOUNT_BASE/$name\" failed!"
+ rm_dir "$MOUNT_BASE/$name"
else
- logger "mount.sh/automount" "Auto-mount of [/run/media/$name] successful"
+ logger "mount.sh/automount" "Auto-mount of [$MOUNT_BASE/$name] successful"
touch "/tmp/.automount-$name"
fi
}
@@ -93,7 +106,17 @@
# configured in fstab
grep -q "^$DEVNAME " /proc/mounts && return
- ! test -d "/run/media/$name" && mkdir -p "/run/media/$name"
+ # Get the unique name for mount point
+ get_label_name "${DEVNAME}"
+
+ # Only go for auto-mounting when the device has been cleaned up in remove
+ # or has not been identified yet
+ if [ -e "/tmp/.automount-$name" ]; then
+ logger "mount.sh/automount" "[$MOUNT_BASE/$name] is already cached"
+ return
+ fi
+
+ ! test -d "$MOUNT_BASE/$name" && mkdir -p "$MOUNT_BASE/$name"
# Silent util-linux's version of mounting auto
if [ "x`readlink $MOUNT`" = "x/bin/mount.util-linux" ] ;
then
@@ -108,18 +131,23 @@
;;
swap)
return ;;
+ lvm*|LVM*)
+ return ;;
# TODO
*)
;;
esac
- if ! $MOUNT -t auto $DEVNAME "/run/media/$name"
+ if ! $MOUNT -t auto $DEVNAME "$MOUNT_BASE/$name"
then
- #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"/run/media/$name\" failed!"
- rm_dir "/run/media/$name"
+ #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"$MOUNT_BASE/$name\" failed!"
+ rm_dir "$MOUNT_BASE/$name"
else
- logger "mount.sh/automount" "Auto-mount of [/run/media/$name] successful"
- touch "/tmp/.automount-$name"
+ logger "mount.sh/automount" "Auto-mount of [$MOUNT_BASE/$name] successful"
+ # The actual device might not be present in the remove event so blkid cannot
+ # be used to calculate what name was generated here. Simply save the mount
+ # name in our tmp file.
+ echo "$name" > "/tmp/.automount-$name"
fi
}
@@ -133,6 +161,18 @@
fi
}
+get_label_name() {
+ # Get the LABEL or PARTLABEL
+ LABEL=`/sbin/blkid | grep "$1:" | grep -o 'LABEL=".*"' | cut -d '"' -f2`
+ # If the $DEVNAME has a LABEL or a PARTLABEL
+ if [ -n "$LABEL" ]; then
+ # Set the mount location dir name to LABEL appended
+ # with $name e.g. label-sda. That would avoid overlapping
+ # mounts in case two devices have same LABEL
+ name="${LABEL}-${name}"
+ fi
+}
+
# No ID_FS_TYPE for cdrom device, yet it should be mounted
name="`basename "$DEVNAME"`"
[ -e /sys/block/$name/device/media ] && media_type=`cat /sys/block/$name/device/media`
@@ -150,12 +190,18 @@
fi
if [ "$ACTION" = "remove" ] || [ "$ACTION" = "change" ] && [ -x "$UMOUNT" ] && [ -n "$DEVNAME" ]; then
- for mnt in `cat /proc/mounts | grep "$DEVNAME" | cut -f 2 -d " " `
- do
- $UMOUNT $mnt
- done
-
- # Remove empty directories from auto-mounter
name="`basename "$DEVNAME"`"
- test -e "/tmp/.automount-$name" && rm_dir "/run/media/$name"
+ tmpfile=`find /tmp | grep "\.automount-.*${name}$"`
+ if [ ! -e "/sys/$DEVPATH" -a -e "$tmpfile" ]; then
+ logger "mount.sh/remove" "cleaning up $DEVNAME, was mounted by the auto-mounter"
+ for mnt in `cat /proc/mounts | grep "$DEVNAME" | cut -f 2 -d " " `
+ do
+ $UMOUNT $mnt
+ done
+ # Remove mount directory created by the auto-mounter
+ # and clean up our tmp cache file
+ mntdir=`cat "$tmpfile"`
+ rm_dir "$MOUNT_BASE/$mntdir"
+ rm "$tmpfile"
+ fi
fi
diff --git a/poky/meta/recipes-core/udev/udev-extraconf_1.1.bb b/poky/meta/recipes-core/udev/udev-extraconf_1.1.bb
index 2ba35b0..30f1fe7 100644
--- a/poky/meta/recipes-core/udev/udev-extraconf_1.1.bb
+++ b/poky/meta/recipes-core/udev/udev-extraconf_1.1.bb
@@ -1,13 +1,13 @@
SUMMARY = "Extra machine specific configuration files"
HOMEPAGE = "https://wiki.gentoo.org/wiki/Eudev"
-DESCRIPTION = "Extra machine specific configuration files for udev, specifically blacklist information."
+DESCRIPTION = "Extra machine specific configuration files for udev, specifically information on devices to ignore."
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
SRC_URI = " \
file://automount.rules \
file://mount.sh \
- file://mount.blacklist \
+ file://mount.ignorelist \
file://autonet.rules \
file://network.sh \
file://localextra.rules \
@@ -15,6 +15,7 @@
S = "${WORKDIR}"
+MOUNT_BASE = "/run/media"
do_install() {
install -d ${D}${sysconfdir}/udev/rules.d
@@ -23,21 +24,33 @@
install -m 0644 ${WORKDIR}/autonet.rules ${D}${sysconfdir}/udev/rules.d/autonet.rules
install -m 0644 ${WORKDIR}/localextra.rules ${D}${sysconfdir}/udev/rules.d/localextra.rules
- install -d ${D}${sysconfdir}/udev/mount.blacklist.d
- install -m 0644 ${WORKDIR}/mount.blacklist ${D}${sysconfdir}/udev/
+ install -d ${D}${sysconfdir}/udev/mount.ignorelist.d
+ install -m 0644 ${WORKDIR}/mount.ignorelist ${D}${sysconfdir}/udev/
install -d ${D}${sysconfdir}/udev/scripts/
install -m 0755 ${WORKDIR}/mount.sh ${D}${sysconfdir}/udev/scripts/mount.sh
sed -i 's|@systemd_unitdir@|${systemd_unitdir}|g' ${D}${sysconfdir}/udev/scripts/mount.sh
sed -i 's|@base_sbindir@|${base_sbindir}|g' ${D}${sysconfdir}/udev/scripts/mount.sh
+ sed -i 's|@MOUNT_BASE@|${MOUNT_BASE}|g' ${D}${sysconfdir}/udev/scripts/mount.sh
install -m 0755 ${WORKDIR}/network.sh ${D}${sysconfdir}/udev/scripts
}
-FILES:${PN} = "${sysconfdir}/udev"
-RDEPENDS:${PN} = "udev"
-CONFFILES:${PN} = "${sysconfdir}/udev/mount.blacklist"
+pkg_postinst:${PN} () {
+ if [ -e $D${systemd_unitdir}/system/systemd-udevd.service ]; then
+ sed -i "/\[Service\]/aMountFlags=shared" $D${systemd_unitdir}/system/systemd-udevd.service
+ fi
+}
+
+pkg_postrm:${PN} () {
+ if [ -e $D${systemd_unitdir}/system/systemd-udevd.service ]; then
+ sed -i "/MountFlags=shared/d" $D${systemd_unitdir}/system/systemd-udevd.service
+ fi
+}
+
+RDEPENDS:${PN} = "udev util-linux-blkid ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'util-linux-lsblk', '', d)}"
+CONFFILES:${PN} = "${sysconfdir}/udev/mount.ignorelist"
# to replace udev-extra-rules from meta-oe
RPROVIDES:${PN} = "udev-extra-rules"
diff --git a/poky/meta/recipes-core/volatile-binds/files/volatile-binds.service.in b/poky/meta/recipes-core/volatile-binds/files/volatile-binds.service.in
index 6612d2a..8fe7d8d 100644
--- a/poky/meta/recipes-core/volatile-binds/files/volatile-binds.service.in
+++ b/poky/meta/recipes-core/volatile-binds/files/volatile-binds.service.in
@@ -1,6 +1,6 @@
[Unit]
Description=Bind mount volatile @where@
-DefaultDependencies=false
+DefaultDependencies=no
Before=local-fs.target
RequiresMountsFor=@whatparent@ @whereparent@
ConditionPathIsReadWrite=@whatparent@
diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.38.inc b/poky/meta/recipes-devtools/binutils/binutils-2.38.inc
index 3544c0c..742ca86 100644
--- a/poky/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/poky/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -18,7 +18,7 @@
UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
-SRCREV ?= "6938a3aca19044aeb9bc4b9564e04f9092a701ed"
+SRCREV ?= "eed56ee299b9ef8754bb4e53f2e9cf2a7c28c04d"
BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=git"
SRC_URI = "\
${BINUTILS_GIT_URI} \
@@ -32,5 +32,6 @@
file://0011-sync-with-OE-libtool-changes.patch \
file://0012-Check-for-clang-before-checking-gcc-version.patch \
file://0013-Avoid-as-info-race-condition.patch \
+ file://0014-CVE-2019-1010204.patch \
"
S = "${WORKDIR}/git"
diff --git a/poky/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch b/poky/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
new file mode 100644
index 0000000..dad4a62
--- /dev/null
+++ b/poky/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
@@ -0,0 +1,49 @@
+From 2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Mon, 27 Jun 2022 13:07:40 +0100
+Subject: [PATCH] Have gold's File_read::do_read() function check the start
+ parameter
+
+ PR 23765
+ * fileread.cc (File_read::do_read): Check start parameter before
+ computing number of bytes to read.
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d]
+
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+---
+ gold/ChangeLog | 6 ++++++
+ gold/fileread.cc | 6 ++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/gold/ChangeLog b/gold/ChangeLog
+index 5103dab7b67..8557dc6db7f 100644
+--- a/gold/ChangeLog
++++ b/gold/ChangeLog
+@@ -1,3 +1,9 @@
++2022-06-27 Nick Clifton <nickc@redhat.com>
++
++ PR 23765
++ * fileread.cc (File_read::do_read): Check start parameter before
++ computing number of bytes to read.
++
+ 2022-02-17 Nick Clifton <nickc@redhat.com>
+
+ * po/sr.po: Updated Serbian translation.
+diff --git a/gold/fileread.cc b/gold/fileread.cc
+index 2b653f78c2e..af2df215468 100644
+--- a/gold/fileread.cc
++++ b/gold/fileread.cc
+@@ -385,6 +385,12 @@ File_read::do_read(off_t start, section_
+ ssize_t bytes;
+ if (this->whole_file_view_ != NULL)
+ {
++ // See PR 23765 for an example of a testcase that triggers this error.
++ if (((ssize_t) start) < 0)
++ gold_fatal(_("%s: read failed, starting offset (%#llx) less than zero"),
++ this->filename().c_str(),
++ static_cast<long long>(start));
++
+ bytes = this->size_ - start;
+ if (static_cast<section_size_type>(bytes) >= size)
+ {
diff --git a/poky/meta/recipes-devtools/cargo/cargo-cross-canadian.inc b/poky/meta/recipes-devtools/cargo/cargo-cross-canadian.inc
index 840793c..7fc22a4 100644
--- a/poky/meta/recipes-devtools/cargo/cargo-cross-canadian.inc
+++ b/poky/meta/recipes-devtools/cargo/cargo-cross-canadian.inc
@@ -28,8 +28,6 @@
PN = "cargo-cross-canadian-${TRANSLATED_TARGET_ARCH}"
-LLVM_TARGET[x86_64] = "${RUST_HOST_SYS}"
-
python do_rust_gen_targets () {
wd = d.getVar('WORKDIR') + '/targets/'
diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch
index ffaecc6..2c09bb2 100644
--- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch
+++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch
@@ -1,5 +1,5 @@
CVE: CVE-2022-1304
-Upstream-Status: Submitted [https://lore.kernel.org/linux-ext4/20220421173148.20193-1-lczerner@redhat.com/]
+Upstream-Status: Backport [ ab51d587bb9b229b1fade1afd02e1574c1ba5c76 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
From 347084c9c1ad20f47dae16f5a3dcd8628d5fc7b0 Mon Sep 17 00:00:00 2001
diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb
index ec48f41..5b2d192 100644
--- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb
+++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb
@@ -51,6 +51,7 @@
oe_multilib_header ext2fs/ext2_types.h
install -d ${D}${base_bindir}
mv ${D}${bindir}/chattr ${D}${base_bindir}/chattr.e2fsprogs
+ mv ${D}${bindir}/lsattr ${D}${base_bindir}/lsattr.e2fsprogs
install -v -m 755 ${S}/contrib/populate-extfs.sh ${D}${base_sbindir}/
@@ -99,10 +100,12 @@
FILES:libext2fs = "${libdir}/e2initrd_helper ${base_libdir}/libext2fs.so.*"
FILES:${PN}-dev += "${datadir}/*/*.awk ${datadir}/*/*.sed ${base_libdir}/*.so ${bindir}/compile_et ${bindir}/mk_cmds"
-ALTERNATIVE:${PN} = "chattr"
+ALTERNATIVE:${PN} = "chattr lsattr"
ALTERNATIVE_PRIORITY = "100"
ALTERNATIVE_LINK_NAME[chattr] = "${base_bindir}/chattr"
ALTERNATIVE_TARGET[chattr] = "${base_bindir}/chattr.e2fsprogs"
+ALTERNATIVE_LINK_NAME[lsattr] = "${base_bindir}/lsattr"
+ALTERNATIVE_TARGET[lsattr] = "${base_bindir}/lsattr.e2fsprogs"
ALTERNATIVE:${PN}-doc = "fsck.8"
ALTERNATIVE_LINK_NAME[fsck.8] = "${mandir}/man8/fsck.8"
diff --git a/poky/meta/recipes-devtools/gcc/gcc-11.2.inc b/poky/meta/recipes-devtools/gcc/gcc-11.2.inc
deleted file mode 100644
index 68e0d20..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc-11.2.inc
+++ /dev/null
@@ -1,123 +0,0 @@
-require gcc-common.inc
-
-# Third digit in PV should be incremented after a minor release
-
-PV = "11.2.0"
-
-# BINV should be incremented to a revision after a minor gcc release
-
-BINV = "11.2.0"
-
-FILESEXTRAPATHS =. "${FILE_DIRNAME}/gcc:${FILE_DIRNAME}/gcc/backport:"
-
-DEPENDS =+ "mpfr gmp libmpc zlib flex-native"
-NATIVEDEPS = "mpfr-native gmp-native libmpc-native zlib-native flex-native"
-
-LICENSE = "GPL-3.0-with-GCC-exception & GPL-3.0-only"
-
-LIC_FILES_CHKSUM = "\
- file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \
- file://COPYING3;md5=d32239bcb673463ab874e80d47fae504 \
- file://COPYING3.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \
- file://COPYING.LIB;md5=2d5025d4aa3495befef8f17206a5b0a1 \
- file://COPYING.RUNTIME;md5=fe60d87048567d4fe8c8a0ed2448bcc8 \
-"
-
-#RELEASE ?= "5b2ac9b40c325e9209c0bd55955db84aad4a0cc5"
-#BASEURI ?= "https://github.com/gcc-mirror/gcc/archive/${RELEASE}.zip;downloadfilename=gcc-${PV}-${RELEASE}.zip"
-
-BASEURI ?= "${GNU_MIRROR}/gcc/gcc-${PV}/gcc-${PV}.tar.xz \
- "
-SRC_URI = "\
- ${BASEURI} \
- file://0001-gcc-4.3.1-ARCH_FLAGS_FOR_TARGET.patch \
- file://0002-gcc-poison-system-directories.patch \
- file://0004-64-bit-multilib-hack.patch \
- file://0007-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch \
- file://0009-cpp-honor-sysroot.patch \
- file://0011-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch \
- file://0012-gcc-Fix-argument-list-too-long-error.patch \
- file://0014-libtool.patch \
- file://0015-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch \
- file://0016-Use-the-multilib-config-files-from-B-instead-of-usin.patch \
- file://0017-Avoid-using-libdir-from-.la-which-usually-points-to-.patch \
- file://0018-export-CPP.patch \
- file://0019-Ensure-target-gcc-headers-can-be-included.patch \
- file://0020-Don-t-search-host-directory-during-relink-if-inst_pr.patch \
- file://0023-libcc1-fix-libcc1-s-install-path-and-rpath.patch \
- file://0024-handle-sysroot-support-for-nativesdk-gcc.patch \
- file://0025-Search-target-sysroot-gcc-version-specific-dirs-with.patch \
- file://0027-nios2-Define-MUSL_DYNAMIC_LINKER.patch \
- file://0028-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch \
- file://0029-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch \
- file://0030-sync-gcc-stddef.h-with-musl.patch \
- file://0033-Re-introduce-spe-commandline-options.patch \
- file://0034-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch \
- file://0035-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch \
- file://0036-mingw32-Enable-operation_not_supported.patch \
- file://0037-libatomic-Do-not-enforce-march-on-aarch64.patch \
- file://0041-apply-debug-prefix-maps-before-checksumming-DIEs.patch \
- file://0006-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch \
- file://0001-Fix-install-path-of-linux64.h.patch \
- file://0001-CVE-2021-35465.patch \
- file://0002-CVE-2021-35465.patch \
- file://0003-CVE-2021-35465.patch \
- file://0004-CVE-2021-35465.patch \
- file://0001-CVE-2021-42574.patch \
- file://0002-CVE-2021-42574.patch \
- file://0003-CVE-2021-42574.patch \
- file://0004-CVE-2021-42574.patch \
- file://0001-CVE-2021-46195.patch \
- file://0042-Fix-thread-stack-size-init.patch \
-"
-SRC_URI[sha256sum] = "d08edc536b54c372a1010ff6619dd274c0f1603aa49212ba20f7aa2cda36fa8b"
-
-S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}"
-
-# For dev release snapshotting
-#S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${RELEASE}"
-#B = "${WORKDIR}/gcc-${PV}/build.${HOST_SYS}.${TARGET_SYS}"
-
-# Language Overrides
-FORTRAN = ""
-JAVA = ""
-
-SSP ?= "--disable-libssp"
-SSP:mingw32 = "--enable-libssp"
-
-EXTRA_OECONF_BASE = "\
- ${SSP} \
- --enable-libitm \
- --enable-lto \
- --disable-bootstrap \
- --with-system-zlib \
- ${@'--with-linker-hash-style=${LINKER_HASH_STYLE}' if '${LINKER_HASH_STYLE}' else ''} \
- --enable-linker-build-id \
- --with-ppl=no \
- --with-cloog=no \
- --enable-checking=release \
- --enable-cheaders=c_global \
- --without-isl \
-"
-
-EXTRA_OECONF_INITIAL = "\
- --disable-libgomp \
- --disable-libitm \
- --disable-libquadmath \
- --with-system-zlib \
- --disable-lto \
- --disable-plugin \
- --enable-linker-build-id \
- --enable-decimal-float=no \
- --without-isl \
- --disable-libssp \
-"
-
-EXTRA_OECONF_PATHS = "\
- --with-gxx-include-dir=/not/exist{target_includedir}/c++/${BINV} \
- --with-sysroot=/not/exist \
- --with-build-sysroot=${STAGING_DIR_TARGET} \
-"
-
-# Is a binutils 2.26 issue, not gcc
-CVE_CHECK_IGNORE += "CVE-2021-37322"
diff --git a/poky/meta/recipes-devtools/gcc/gcc-11.3.inc b/poky/meta/recipes-devtools/gcc/gcc-11.3.inc
new file mode 100644
index 0000000..acbb43a
--- /dev/null
+++ b/poky/meta/recipes-devtools/gcc/gcc-11.3.inc
@@ -0,0 +1,119 @@
+require gcc-common.inc
+
+# Third digit in PV should be incremented after a minor release
+
+PV = "11.3.0"
+
+# BINV should be incremented to a revision after a minor gcc release
+
+BINV = "11.3.0"
+
+FILESEXTRAPATHS =. "${FILE_DIRNAME}/gcc:${FILE_DIRNAME}/gcc/backport:"
+
+DEPENDS =+ "mpfr gmp libmpc zlib flex-native"
+NATIVEDEPS = "mpfr-native gmp-native libmpc-native zlib-native flex-native zstd-native"
+
+LICENSE = "GPL-3.0-with-GCC-exception & GPL-3.0-only"
+
+LIC_FILES_CHKSUM = "\
+ file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \
+ file://COPYING3;md5=d32239bcb673463ab874e80d47fae504 \
+ file://COPYING3.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \
+ file://COPYING.LIB;md5=2d5025d4aa3495befef8f17206a5b0a1 \
+ file://COPYING.RUNTIME;md5=fe60d87048567d4fe8c8a0ed2448bcc8 \
+"
+
+#RELEASE ?= "5b2ac9b40c325e9209c0bd55955db84aad4a0cc5"
+#BASEURI ?= "https://github.com/gcc-mirror/gcc/archive/${RELEASE}.zip;downloadfilename=gcc-${PV}-${RELEASE}.zip"
+
+BASEURI ?= "${GNU_MIRROR}/gcc/gcc-${PV}/gcc-${PV}.tar.xz \
+ "
+SRC_URI = "\
+ ${BASEURI} \
+ file://0001-gcc-4.3.1-ARCH_FLAGS_FOR_TARGET.patch \
+ file://0002-gcc-poison-system-directories.patch \
+ file://0003-64-bit-multilib-hack.patch \
+ file://0004-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch \
+ file://0005-cpp-honor-sysroot.patch \
+ file://0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch \
+ file://0007-gcc-Fix-argument-list-too-long-error.patch \
+ file://0008-libtool.patch \
+ file://0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch \
+ file://0010-Use-the-multilib-config-files-from-B-instead-of-usin.patch \
+ file://0011-Avoid-using-libdir-from-.la-which-usually-points-to-.patch \
+ file://0012-Ensure-target-gcc-headers-can-be-included.patch \
+ file://0013-Don-t-search-host-directory-during-relink-if-inst_pr.patch \
+ file://0014-libcc1-fix-libcc1-s-install-path-and-rpath.patch \
+ file://0015-Makefile.in-Ensure-build-CPP-CPPFLAGS-is-used-for-bu.patch \
+ file://0016-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch \
+ file://0017-handle-sysroot-support-for-nativesdk-gcc.patch \
+ file://0018-Search-target-sysroot-gcc-version-specific-dirs-with.patch \
+ file://0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch \
+ file://0020-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch \
+ file://0021-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch \
+ file://0022-sync-gcc-stddef.h-with-musl.patch \
+ file://0023-Re-introduce-spe-commandline-options.patch \
+ file://0024-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch \
+ file://0025-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch \
+ file://0026-mingw32-Enable-operation_not_supported.patch \
+ file://0027-libatomic-Do-not-enforce-march-on-aarch64.patch \
+ file://0028-debug-101473-apply-debug-prefix-maps-before-checksum.patch \
+ file://0029-Fix-install-path-of-linux64.h.patch \
+ \
+ file://0001-CVE-2021-42574.patch \
+ file://0002-CVE-2021-42574.patch \
+ file://0003-CVE-2021-42574.patch \
+ file://0004-CVE-2021-42574.patch \
+ file://0001-CVE-2021-46195.patch \
+"
+SRC_URI[sha256sum] = "b47cf2818691f5b1e21df2bb38c795fac2cfbd640ede2d0a5e1c89e338a3ac39"
+
+S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}"
+
+# For dev release snapshotting
+#S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${RELEASE}"
+#B = "${WORKDIR}/gcc-${PV}/build.${HOST_SYS}.${TARGET_SYS}"
+
+# Language Overrides
+FORTRAN = ""
+JAVA = ""
+
+SSP ?= "--disable-libssp"
+SSP:mingw32 = "--enable-libssp"
+
+EXTRA_OECONF_BASE = "\
+ ${SSP} \
+ --enable-libitm \
+ --enable-lto \
+ --disable-bootstrap \
+ --with-system-zlib \
+ ${@'--with-linker-hash-style=${LINKER_HASH_STYLE}' if '${LINKER_HASH_STYLE}' else ''} \
+ --enable-linker-build-id \
+ --with-ppl=no \
+ --with-cloog=no \
+ --enable-checking=release \
+ --enable-cheaders=c_global \
+ --without-isl \
+"
+
+EXTRA_OECONF_INITIAL = "\
+ --disable-libgomp \
+ --disable-libitm \
+ --disable-libquadmath \
+ --with-system-zlib \
+ --disable-lto \
+ --disable-plugin \
+ --enable-linker-build-id \
+ --enable-decimal-float=no \
+ --without-isl \
+ --disable-libssp \
+"
+
+EXTRA_OECONF_PATHS = "\
+ --with-gxx-include-dir=/not/exist{target_includedir}/c++/${BINV} \
+ --with-sysroot=/not/exist \
+ --with-build-sysroot=${STAGING_DIR_TARGET} \
+"
+
+# Is a binutils 2.26 issue, not gcc
+CVE_CHECK_IGNORE += "CVE-2021-37322"
diff --git a/poky/meta/recipes-devtools/gcc/gcc-common.inc b/poky/meta/recipes-devtools/gcc/gcc-common.inc
index 0f70be7..2abc0e3 100644
--- a/poky/meta/recipes-devtools/gcc/gcc-common.inc
+++ b/poky/meta/recipes-devtools/gcc/gcc-common.inc
@@ -96,7 +96,7 @@
#S = "${WORKDIR}/gcc-${PV}"
S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}"
-B = "${WORKDIR}/gcc-${PV}/build.${HOST_SYS}.${TARGET_SYS}"
+B ?= "${WORKDIR}/gcc-${PV}/build.${HOST_SYS}.${TARGET_SYS}"
target_includedir ?= "${includedir}"
target_libdir ?= "${libdir}"
diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc
index 168486b..a87b446 100644
--- a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc
+++ b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc
@@ -175,7 +175,7 @@
}
ELFUTILS = "nativesdk-elfutils"
-DEPENDS += "nativesdk-gmp nativesdk-mpfr nativesdk-libmpc ${ELFUTILS} nativesdk-zlib"
+DEPENDS += "nativesdk-gmp nativesdk-mpfr nativesdk-libmpc ${ELFUTILS} nativesdk-zlib nativesdk-zstd"
RDEPENDS:${PN} += "nativesdk-mpfr nativesdk-libmpc ${ELFUTILS}"
SYSTEMHEADERS = "${target_includedir}/"
diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_11.2.bb b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/gcc-cross-canadian_11.2.bb
rename to poky/meta/recipes-devtools/gcc/gcc-cross-canadian_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross_11.2.bb b/poky/meta/recipes-devtools/gcc/gcc-cross_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/gcc-cross_11.2.bb
rename to poky/meta/recipes-devtools/gcc/gcc-cross_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/gcc-crosssdk_11.2.bb b/poky/meta/recipes-devtools/gcc/gcc-crosssdk_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/gcc-crosssdk_11.2.bb
rename to poky/meta/recipes-devtools/gcc/gcc-crosssdk_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/gcc-runtime.inc b/poky/meta/recipes-devtools/gcc/gcc-runtime.inc
index e9f2cf1..c85b588 100644
--- a/poky/meta/recipes-devtools/gcc/gcc-runtime.inc
+++ b/poky/meta/recipes-devtools/gcc/gcc-runtime.inc
@@ -53,7 +53,7 @@
REL_S = "/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR}"
DEBUG_PREFIX_MAP:class-target = " \
- -fdebug-prefix-map=${WORKDIR}/recipe-sysroot= \
+ -fdebug-prefix-map=${WORKDIR}/${MLPREFIX}recipe-sysroot= \
-fdebug-prefix-map=${WORKDIR}/recipe-sysroot-native= \
-fdebug-prefix-map=${S}=${REL_S} \
-fdebug-prefix-map=${S}/include=${REL_S}/libstdc++-v3/../include \
@@ -68,7 +68,8 @@
# libstdc++ isn't built yet so CXX would error not able to find it which breaks stdc++'s configure
# tests. Create a dummy empty lib for the purposes of configure.
mkdir -p ${WORKDIR}/dummylib
- touch ${WORKDIR}/dummylib/libstdc++.so
+ touch ${WORKDIR}/dummylib/dummylib.c
+ ${CC} ${WORKDIR}/dummylib/dummylib.c -shared -o ${WORKDIR}/dummylib/libstdc++.so
for d in libgcc ${RUNTIMETARGET}; do
echo "Configuring $d"
rm -rf ${B}/${TARGET_SYS}/$d/
diff --git a/poky/meta/recipes-devtools/gcc/gcc-runtime_11.2.bb b/poky/meta/recipes-devtools/gcc/gcc-runtime_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/gcc-runtime_11.2.bb
rename to poky/meta/recipes-devtools/gcc/gcc-runtime_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/gcc-sanitizers_11.2.bb b/poky/meta/recipes-devtools/gcc/gcc-sanitizers_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/gcc-sanitizers_11.2.bb
rename to poky/meta/recipes-devtools/gcc/gcc-sanitizers_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/gcc-source.inc b/poky/meta/recipes-devtools/gcc/gcc-source.inc
index 03bab97..224b777 100644
--- a/poky/meta/recipes-devtools/gcc/gcc-source.inc
+++ b/poky/meta/recipes-devtools/gcc/gcc-source.inc
@@ -18,6 +18,7 @@
DEPENDS = ""
PACKAGES = ""
+B = "${WORKDIR}/build"
# This needs to be Python to avoid lots of shell variables becoming dependencies.
python do_preconfigure () {
diff --git a/poky/meta/recipes-devtools/gcc/gcc-source_11.2.bb b/poky/meta/recipes-devtools/gcc/gcc-source_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/gcc-source_11.2.bb
rename to poky/meta/recipes-devtools/gcc/gcc-source_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
deleted file mode 100644
index e4aee10..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
+++ /dev/null
@@ -1,138 +0,0 @@
-From 3929bca9ca95de9d35e82ae8828b188029e3eb70 Mon Sep 17 00:00:00 2001
-From: Richard Earnshaw <rearnsha@arm.com>
-Date: Fri, 11 Jun 2021 16:02:05 +0100
-Subject: [PATCH] arm: Add command-line option for enabling CVE-2021-35465
- mitigation [PR102035]
-
-Add a new option, -mfix-cmse-cve-2021-35465 and document it. Enable it
-automatically for cortex-m33, cortex-m35p and cortex-m55.
-
-gcc:
- PR target/102035
- * config/arm/arm.opt (mfix-cmse-cve-2021-35465): New option.
- * doc/invoke.texi (Arm Options): Document it.
- * config/arm/arm-cpus.in (quirk_vlldm): New feature bit.
- (ALL_QUIRKS): Add quirk_vlldm.
- (cortex-m33): Add quirk_vlldm.
- (cortex-m35p, cortex-m55): Likewise.
- * config/arm/arm.c (arm_option_override): Enable fix_vlldm if
- targetting an affected CPU and not explicitly controlled on
- the command line.
-
-CVE: CVE-2021-35465
-Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
-Signed-off-by: Pgowda <pgowda.cve@gmail.com>
-
----
- gcc/config/arm/arm-cpus.in | 9 +++++++--
- gcc/config/arm/arm.c | 9 +++++++++
- gcc/config/arm/arm.opt | 4 ++++
- gcc/doc/invoke.texi | 9 +++++++++
- 4 files changed, 29 insertions(+), 2 deletions(-)
-
-diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c
---- a/gcc/config/arm/arm.c 2021-11-15 02:13:11.100579812 -0800
-+++ b/gcc/config/arm/arm.c 2021-11-15 02:17:36.988237692 -0800
-@@ -3610,6 +3610,15 @@ arm_option_override (void)
- fix_cm3_ldrd = 0;
- }
-
-+ /* Enable fix_vlldm by default if required. */
-+ if (fix_vlldm == 2)
-+ {
-+ if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_vlldm))
-+ fix_vlldm = 1;
-+ else
-+ fix_vlldm = 0;
-+ }
-+
- /* Hot/Cold partitioning is not currently supported, since we can't
- handle literal pool placement in that case. */
- if (flag_reorder_blocks_and_partition)
-diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in
---- a/gcc/config/arm/arm-cpus.in 2021-11-15 02:13:11.104579747 -0800
-+++ b/gcc/config/arm/arm-cpus.in 2021-11-15 02:17:36.984237757 -0800
-@@ -186,6 +186,9 @@ define feature quirk_armv6kz
- # Cortex-M3 LDRD quirk.
- define feature quirk_cm3_ldrd
-
-+# v8-m/v8.1-m VLLDM errata.
-+define feature quirk_vlldm
-+
- # Don't use .cpu assembly directive
- define feature quirk_no_asmcpu
-
-@@ -322,7 +325,7 @@ define implied vfp_base MVE MVE_FP ALL_F
- # architectures.
- # xscale isn't really a 'quirk', but it isn't an architecture either and we
- # need to ignore it for matching purposes.
--define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd xscale quirk_no_asmcpu
-+define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu
-
- define fgroup IGNORE_FOR_MULTILIB cdecp0 cdecp1 cdecp2 cdecp3 cdecp4 cdecp5 cdecp6 cdecp7
-
-@@ -1570,6 +1573,7 @@ begin cpu cortex-m33
- architecture armv8-m.main+dsp+fp
- option nofp remove ALL_FP
- option nodsp remove armv7em
-+ isa quirk_vlldm
- costs v7m
- end cpu cortex-m33
-
-@@ -1579,6 +1583,7 @@ begin cpu cortex-m35p
- architecture armv8-m.main+dsp+fp
- option nofp remove ALL_FP
- option nodsp remove armv7em
-+ isa quirk_vlldm
- costs v7m
- end cpu cortex-m35p
-
-@@ -1590,7 +1595,7 @@ begin cpu cortex-m55
- option nomve remove mve mve_float
- option nofp remove ALL_FP mve_float
- option nodsp remove MVE mve_float
-- isa quirk_no_asmcpu
-+ isa quirk_no_asmcpu quirk_vlldm
- costs v7m
- vendor 41
- end cpu cortex-m55
-diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt
---- a/gcc/config/arm/arm.opt 2021-11-15 02:13:11.104579747 -0800
-+++ b/gcc/config/arm/arm.opt 2021-11-15 02:17:36.988237692 -0800
-@@ -268,6 +268,10 @@ Target Var(fix_cm3_ldrd) Init(2)
- Avoid overlapping destination and address registers on LDRD instructions
- that may trigger Cortex-M3 errata.
-
-+mfix-cmse-cve-2021-35465
-+Target Var(fix_vlldm) Init(2)
-+Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
-+
- munaligned-access
- Target Var(unaligned_access) Init(2) Save
- Enable unaligned word and halfword accesses to packed data.
-diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
---- a/gcc/doc/invoke.texi 2021-11-15 02:13:11.112579616 -0800
-+++ b/gcc/doc/invoke.texi 2021-11-15 02:17:36.996237562 -0800
-@@ -804,6 +804,7 @@ Objective-C and Objective-C++ Dialects}.
- -mverbose-cost-dump @gol
- -mpure-code @gol
- -mcmse @gol
-+-mfix-cmse-cve-2021-35465 @gol
- -mfdpic}
-
- @emph{AVR Options}
-@@ -20487,6 +20488,14 @@ Generate secure code as per the "ARMv8-M
- Development Tools Engineering Specification", which can be found on
- @url{https://developer.arm.com/documentation/ecm0359818/latest/}.
-
-+@item -mfix-cmse-cve-2021-35465
-+@opindex mfix-cmse-cve-2021-35465
-+Mitigate against a potential security issue with the @code{VLLDM} instruction
-+in some M-profile devices when using CMSE (CVE-2021-365465). This option is
-+enabled by default when the option @option{-mcpu=} is used with
-+@code{cortex-m33}, @code{cortex-m35p} or @code{cortex-m55}. The option
-+@option{-mno-fix-cmse-cve-2021-35465} can be used to disable the mitigation.
-+
- @item -mfdpic
- @itemx -mno-fdpic
- @opindex mfdpic
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0001-gcc-4.3.1-ARCH_FLAGS_FOR_TARGET.patch b/poky/meta/recipes-devtools/gcc/gcc/0001-gcc-4.3.1-ARCH_FLAGS_FOR_TARGET.patch
index 0a108ee..0bf8834 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0001-gcc-4.3.1-ARCH_FLAGS_FOR_TARGET.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0001-gcc-4.3.1-ARCH_FLAGS_FOR_TARGET.patch
@@ -1,4 +1,4 @@
-From 368eaf1846733a9920c7cf5bc547a377e7167785 Mon Sep 17 00:00:00 2001
+From 6badb97389cae4ff9a533d38dc7cceefe21b97a8 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 29 Mar 2013 08:37:11 +0400
Subject: [PATCH] gcc-4.3.1: ARCH_FLAGS_FOR_TARGET
@@ -12,10 +12,10 @@
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure b/configure
-index 504f6410274..bcebad264ec 100755
+index e218a19e333..45744e6e471 100755
--- a/configure
+++ b/configure
-@@ -9728,7 +9728,7 @@ fi
+@@ -9750,7 +9750,7 @@ fi
# for target_alias and gcc doesn't manage it consistently.
target_configargs="--cache-file=./config.cache ${target_configargs}"
@@ -25,10 +25,10 @@
*" newlib "*)
case " $target_configargs " in
diff --git a/configure.ac b/configure.ac
-index 088e735c5db..1289fe08760 100644
+index 7e8e628b325..bf66b51373c 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -3240,7 +3240,7 @@ fi
+@@ -3255,7 +3255,7 @@ fi
# for target_alias and gcc doesn't manage it consistently.
target_configargs="--cache-file=./config.cache ${target_configargs}"
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch
deleted file mode 100644
index e09818f..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 574e7950bd6b34e9e2cacce18c802b45505d1d0a Mon Sep 17 00:00:00 2001
-From: Richard Earnshaw <rearnsha@arm.com>
-Date: Fri, 18 Jun 2021 17:16:25 +0100
-Subject: [PATCH] arm: add erratum mitigation to __gnu_cmse_nonsecure_call
- [PR102035]
-
-Add the recommended erratum mitigation sequence to
-__gnu_cmse_nonsecure_call for use on Armv8-m.main devices. Since this
-is in the library code we cannot know in advance whether the core we
-are running on will be affected by this, so always enable it.
-
-libgcc:
- PR target/102035
- * config/arm/cmse_nonsecure_call.S (__gnu_cmse_nonsecure_call):
- Add vlldm erratum work-around.
-
-CVE: CVE-2021-35465
-Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a]
-Signed-off-by: Pgowda <pgowda.cve@gmail.com>
-
----
- libgcc/config/arm/cmse_nonsecure_call.S | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libgcc/config/arm/cmse_nonsecure_call.S b/libgcc/config/arm/cmse_nonsecure_call.S
---- a/libgcc/config/arm/cmse_nonsecure_call.S
-+++ b/libgcc/config/arm/cmse_nonsecure_call.S
-@@ -102,6 +102,11 @@ blxns r4
- #ifdef __ARM_PCS_VFP
- vpop.f64 {d8-d15}
- #else
-+/* VLLDM erratum mitigation sequence. */
-+mrs r5, control
-+tst r5, #8 /* CONTROL_S.SFPA */
-+it ne
-+.inst.w 0xeeb00a40 /* vmovne s0, s0 */
- vlldm sp /* Lazy restore of d0-d16 and FPSCR. */
- add sp, sp, #0x88 /* Free space used to save floating point registers. */
- #endif /* __ARM_PCS_VFP */
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch b/poky/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch
index 18a9fb8..d19cefb 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0002-gcc-poison-system-directories.patch
@@ -1,4 +1,4 @@
-From 118c6f054711d437167ff125a88c9236bfc8099c Mon Sep 17 00:00:00 2001
+From 863f1f9dc78839ecd021b2cb01d501e8c9e00ef7 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 8 Mar 2021 16:04:20 -0800
Subject: [PATCH] gcc: poison-system-directories
@@ -25,7 +25,7 @@
7 files changed, 86 insertions(+), 2 deletions(-)
diff --git a/gcc/common.opt b/gcc/common.opt
-index c75dd36843e..49acbd6ed44 100644
+index a75b44ee47e..d15105a73f3 100644
--- a/gcc/common.opt
+++ b/gcc/common.opt
@@ -683,6 +683,10 @@ Wreturn-local-addr
@@ -40,10 +40,10 @@
Common Var(warn_shadow) Warning
Warn when one variable shadows another. Same as -Wshadow=global.
diff --git a/gcc/config.in b/gcc/config.in
-index 10a13cde586..8848284da41 100644
+index 048bf52e8c2..4f973f7906a 100644
--- a/gcc/config.in
+++ b/gcc/config.in
-@@ -218,6 +218,16 @@
+@@ -230,6 +230,16 @@
#endif
@@ -61,10 +61,10 @@
optimizer and back end) to be checked for dynamic type safety at runtime.
This is quite expensive. */
diff --git a/gcc/configure b/gcc/configure
-index 9bb436ce7bd..3f0734bff11 100755
+index 7218b0c331a..d7445339f9a 100755
--- a/gcc/configure
+++ b/gcc/configure
-@@ -1020,6 +1020,7 @@ enable_maintainer_mode
+@@ -1019,6 +1019,7 @@ enable_maintainer_mode
enable_link_mutex
enable_link_serialization
enable_version_specific_runtime_libs
@@ -72,7 +72,7 @@
enable_plugin
enable_host_shared
enable_libquadmath_support
-@@ -1782,6 +1783,8 @@ Optional Features:
+@@ -1781,6 +1782,8 @@ Optional Features:
--enable-version-specific-runtime-libs
specify that runtime libraries should be installed
in a compiler-specific directory
@@ -81,7 +81,7 @@
--enable-plugin enable plugin support
--enable-host-shared build host code as shared libraries
--disable-libquadmath-support
-@@ -31325,6 +31328,22 @@ if test "${enable_version_specific_runtime_libs+set}" = set; then :
+@@ -31932,6 +31935,22 @@ if test "${enable_version_specific_runtime_libs+set}" = set; then :
fi
@@ -105,10 +105,10 @@
diff --git a/gcc/configure.ac b/gcc/configure.ac
-index caa611933df..54e21764b3e 100644
+index 49f043ed29b..fe488f2232b 100644
--- a/gcc/configure.ac
+++ b/gcc/configure.ac
-@@ -7123,6 +7123,22 @@ AC_ARG_ENABLE(version-specific-runtime-libs,
+@@ -7393,6 +7393,22 @@ AC_ARG_ENABLE(version-specific-runtime-libs,
[specify that runtime libraries should be
installed in a compiler-specific directory])])
@@ -132,7 +132,7 @@
AC_SUBST(subdirs)
AC_SUBST(srcdir)
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
-index 7a368959e5e..6659a903bf0 100644
+index 35508efb4ef..40f798eac78 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -369,6 +369,7 @@ Objective-C and Objective-C++ Dialects}.
@@ -143,7 +143,7 @@
-Wno-pragmas -Wno-prio-ctor-dtor -Wredundant-decls @gol
-Wrestrict -Wno-return-local-addr -Wreturn-type @gol
-Wno-scalar-storage-order -Wsequence-point @gol
-@@ -7735,6 +7736,14 @@ made up of data only and thus requires no special treatment. But, for
+@@ -7728,6 +7729,14 @@ made up of data only and thus requires no special treatment. But, for
most targets, it is made up of code and thus requires the stack to be
made executable in order for the program to work properly.
@@ -159,7 +159,7 @@
@opindex Wfloat-equal
@opindex Wno-float-equal
diff --git a/gcc/gcc.c b/gcc/gcc.c
-index 7837553958b..19c75b6e20d 100644
+index 0af888c7d78..b047fc31c2f 100644
--- a/gcc/gcc.c
+++ b/gcc/gcc.c
@@ -1152,6 +1152,8 @@ proper position among the other output files. */
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0004-64-bit-multilib-hack.patch b/poky/meta/recipes-devtools/gcc/gcc/0003-64-bit-multilib-hack.patch
similarity index 98%
rename from poky/meta/recipes-devtools/gcc/gcc/0004-64-bit-multilib-hack.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0003-64-bit-multilib-hack.patch
index 5f14dd2..c0e8cbd 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0004-64-bit-multilib-hack.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0003-64-bit-multilib-hack.patch
@@ -1,4 +1,4 @@
-From 2fa5c93641b75a662839c1b6eee172b6c481c70e Mon Sep 17 00:00:00 2001
+From b87a3ac51df372128be2fda992238c5aab4a719a Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 29 Mar 2013 09:10:06 +0400
Subject: [PATCH] 64-bit multilib hack.
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch
deleted file mode 100644
index c7a7c76..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-From 30461cf8dba3d3adb15a125e4da48800eb2b9b8f Mon Sep 17 00:00:00 2001
-From: Richard Earnshaw <rearnsha@arm.com>
-Date: Fri, 18 Jun 2021 17:18:37 +0100
-Subject: [PATCH] arm: fix vlldm erratum for Armv8.1-m [PR102035]
-
-For Armv8.1-m we generate code that emits VLLDM directly and do not
-rely on support code in the library, so emit the mitigation directly
-as well, when required. In this case, we can use the compiler options
-to determine when to apply the fix and when it is safe to omit it.
-
-gcc:
- PR target/102035
- * config/arm/arm.md (attribute arch): Add fix_vlldm.
- (arch_enabled): Use it.
- * config/arm/vfp.md (lazy_store_multiple_insn): Add alternative to
- use when erratum mitigation is needed.
-
-CVE: CVE-2021-35465
-Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f]
-Signed-off-by: Pgowda <pgowda.cve@gmail.com>
-
----
- gcc/config/arm/arm.md | 11 +++++++++--
- gcc/config/arm/vfp.md | 10 +++++++---
- 2 files changed, 16 insertions(+), 5 deletions(-)
-
-diff -upr a/gcc/config/arm/arm.md b/gcc/config/arm/arm.md
---- a/gcc/config/arm/arm.md 2020-07-22 23:35:17.344384552 -0700
-+++ b/gcc/config/arm/arm.md 2021-11-11 20:33:58.431543947 -0800
-@@ -132,9 +132,12 @@
- ; TARGET_32BIT, "t1" or "t2" to specify a specific Thumb mode. "v6"
- ; for ARM or Thumb-2 with arm_arch6, and nov6 for ARM without
- ; arm_arch6. "v6t2" for Thumb-2 with arm_arch6 and "v8mb" for ARMv8-M
--; Baseline. This attribute is used to compute attribute "enabled",
-+; Baseline. "fix_vlldm" is for fixing the v8-m/v8.1-m VLLDM erratum.
-+; This attribute is used to compute attribute "enabled",
- ; use type "any" to enable an alternative in all cases.
--(define_attr "arch" "any,a,t,32,t1,t2,v6,nov6,v6t2,v8mb,iwmmxt,iwmmxt2,armv6_or_vfpv3,neon,mve"
-+(define_attr "arch" "any, a, t, 32, t1, t2, v6,nov6, v6t2, \
-+ v8mb, fix_vlldm, iwmmxt, iwmmxt2, armv6_or_vfpv3, \
-+ neon, mve"
- (const_string "any"))
-
- (define_attr "arch_enabled" "no,yes"
-@@ -177,6 +180,10 @@
- (match_test "TARGET_THUMB1 && arm_arch8"))
- (const_string "yes")
-
-+ (and (eq_attr "arch" "fix_vlldm")
-+ (match_test "fix_vlldm"))
-+ (const_string "yes")
-+
- (and (eq_attr "arch" "iwmmxt2")
- (match_test "TARGET_REALLY_IWMMXT2"))
- (const_string "yes")
-diff -upr a/gcc/config/arm/vfp.md b/gcc/config/arm/vfp.md
---- a/gcc/config/arm/vfp.md 2020-07-22 23:35:17.356384684 -0700
-+++ b/gcc/config/arm/vfp.md 2021-11-11 20:33:58.431543947 -0800
-@@ -1703,12 +1703,15 @@
- (set_attr "type" "mov_reg")]
- )
-
-+;; Both this and the next instruction are treated by GCC in the same
-+;; way as a blockage pattern. That's perhaps stronger than it needs
-+;; to be, but we do not want accesses to the VFP register bank to be
-+;; moved across either instruction.
-+
- (define_insn "lazy_store_multiple_insn"
-- [(set (match_operand:SI 0 "s_register_operand" "+&rk")
-- (post_dec:SI (match_dup 0)))
-- (unspec_volatile [(const_int 0)
-- (mem:SI (post_dec:SI (match_dup 0)))]
-- VUNSPEC_VLSTM)]
-+ [(unspec_volatile
-+ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk"))]
-+ VUNSPEC_VLSTM)]
- "use_cmse && reload_completed"
- "vlstm%?\\t%0"
- [(set_attr "predicable" "yes")
-@@ -1716,14 +1719,16 @@
- )
-
- (define_insn "lazy_load_multiple_insn"
-- [(set (match_operand:SI 0 "s_register_operand" "+&rk")
-- (post_inc:SI (match_dup 0)))
-- (unspec_volatile:SI [(const_int 0)
-- (mem:SI (match_dup 0))]
-- VUNSPEC_VLLDM)]
-+ [(unspec_volatile
-+ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk,rk"))]
-+ VUNSPEC_VLLDM)]
- "use_cmse && reload_completed"
-- "vlldm%?\\t%0"
-- [(set_attr "predicable" "yes")
-+ "@
-+ vscclrm\\t{vpr}\;vlldm\\t%0
-+ vlldm\\t%0"
-+ [(set_attr "arch" "fix_vlldm,*")
-+ (set_attr "predicable" "no")
-+ (set_attr "length" "8,4")
- (set_attr "type" "load_4")]
- )
-
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch
deleted file mode 100644
index 9dd6a31..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch
+++ /dev/null
@@ -1,304 +0,0 @@
-From 809330ab8450261e05919b472783bf15e4b000f7 Mon Sep 17 00:00:00 2001
-From: Richard Earnshaw <rearnsha@arm.com>
-Date: Tue, 6 Jul 2021 15:10:18 +0100
-Subject: [PATCH] arm: Add tests for VLLDM mitigation [PR102035]
-
-New tests for the erratum mitigation.
-
-gcc/testsuite:
- PR target/102035
- * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c: New test.
- * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c: Likewise.
- * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c: Likewise.
- * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c: Likewise.
- * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c: Likewise.
- * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c: Likewise.
- * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c: Likewise.
- * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c: Likewise.
-
-CVE: CVE-2021-35465
-Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7]
-Signed-off-by: Pgowda <pgowda.cve@gmail.com>
-
----
- .../arm/cmse/mainline/8_1m/soft/cmse-13a.c | 31 +++++++++++++++++++
- .../arm/cmse/mainline/8_1m/soft/cmse-7a.c | 28 +++++++++++++++++
- .../arm/cmse/mainline/8_1m/soft/cmse-8a.c | 30 ++++++++++++++++++
- .../cmse/mainline/8_1m/softfp-sp/cmse-7a.c | 27 ++++++++++++++++
- .../cmse/mainline/8_1m/softfp-sp/cmse-8a.c | 29 +++++++++++++++++
- .../arm/cmse/mainline/8_1m/softfp/cmse-13a.c | 30 ++++++++++++++++++
- .../arm/cmse/mainline/8_1m/softfp/cmse-7a.c | 27 ++++++++++++++++
- .../arm/cmse/mainline/8_1m/softfp/cmse-8a.c | 29 +++++++++++++++++
- 8 files changed, 231 insertions(+)
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c
- create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c
-
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,31 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
-+
-+#include "../../../cmse-13.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
-+/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */
-+/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler-not "vmov" } } */
-+/* { dg-final { scan-assembler-not "vmsr" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,28 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
-+
-+#include "../../../cmse-7.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler-not "vmov" } } */
-+/* { dg-final { scan-assembler-not "vmsr" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,30 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
-+
-+#include "../../../cmse-8.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
-+/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler-not "vmov" } } */
-+/* { dg-final { scan-assembler-not "vmsr" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,30 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
-+/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
-+
-+#include "../../../cmse-13.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
-+/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */
-+/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,27 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
-+/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
-+
-+#include "../../../cmse-7.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,29 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
-+/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
-+
-+#include "../../../cmse-8.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
-+/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,27 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
-+/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */
-+
-+#include "../../../cmse-7.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
-diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c
---- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
-+++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 2021-11-15 02:30:37.210637445 -0800
-@@ -0,0 +1,29 @@
-+/* { dg-do compile } */
-+/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */
-+/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
-+/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */
-+
-+#include "../../../cmse-8.x"
-+
-+/* Checks for saving and clearing prior to function call. */
-+/* Shift on the same register as blxns. */
-+/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
-+/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
-+/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
-+/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+/* { dg-final { scan-assembler "vlstm\tsp" } } */
-+/* Check the right registers are cleared and none appears twice. */
-+/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
-+/* Check that the right number of registers is cleared and thus only one
-+ register is missing. */
-+/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
-+/* Check that no cleared register is used for blxns. */
-+/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
-+/* Check for v8.1-m variant of erratum work-around. */
-+/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
-+/* { dg-final { scan-assembler "vlldm\tsp" } } */
-+/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
-+
-+/* Now we check that we use the correct intrinsic to call. */
-+/* { dg-final { scan-assembler "blxns" } } */
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0007-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch b/poky/meta/recipes-devtools/gcc/gcc/0004-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch
similarity index 91%
rename from poky/meta/recipes-devtools/gcc/gcc/0007-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0004-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch
index 9844c2a..55a5885 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0007-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0004-Use-the-defaults.h-in-B-instead-of-S-and-t-oe-in-B.patch
@@ -1,4 +1,4 @@
-From e64342df647829d3e1c52fd480a5be7c1281ced0 Mon Sep 17 00:00:00 2001
+From 1766cf28fd7d917df510b1c262c47211b9ea70fa Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 29 Mar 2013 09:17:25 +0400
Subject: [PATCH] Use the defaults.h in ${B} instead of ${S}, and t-oe in ${B}
@@ -26,7 +26,7 @@
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/gcc/Makefile.in b/gcc/Makefile.in
-index 8a5fb3fd99c..7da6f439fff 100644
+index 7bfd6ce653f..95962ae37b6 100644
--- a/gcc/Makefile.in
+++ b/gcc/Makefile.in
@@ -552,7 +552,7 @@ TARGET_SYSTEM_ROOT = @TARGET_SYSTEM_ROOT@
@@ -39,10 +39,10 @@
TM_MULTILIB_CONFIG=@TM_MULTILIB_CONFIG@
TM_MULTILIB_EXCEPTIONS_CONFIG=@TM_MULTILIB_EXCEPTIONS_CONFIG@
diff --git a/gcc/configure b/gcc/configure
-index 3f0734bff11..c5d3bc4ee2d 100755
+index d7445339f9a..f5b99d1cf7d 100755
--- a/gcc/configure
+++ b/gcc/configure
-@@ -13090,8 +13090,8 @@ for f in $tm_file; do
+@@ -13131,8 +13131,8 @@ for f in $tm_file; do
tm_include_list="${tm_include_list} $f"
;;
defaults.h )
@@ -54,10 +54,10 @@
* )
tm_file_list="${tm_file_list} \$(srcdir)/config/$f"
diff --git a/gcc/configure.ac b/gcc/configure.ac
-index 54e21764b3e..f83420326d6 100644
+index fe488f2232b..29005f6d18f 100644
--- a/gcc/configure.ac
+++ b/gcc/configure.ac
-@@ -2263,8 +2263,8 @@ for f in $tm_file; do
+@@ -2294,8 +2294,8 @@ for f in $tm_file; do
tm_include_list="${tm_include_list} $f"
;;
defaults.h )
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0005-cpp-honor-sysroot.patch b/poky/meta/recipes-devtools/gcc/gcc/0005-cpp-honor-sysroot.patch
new file mode 100644
index 0000000..f2883fe
--- /dev/null
+++ b/poky/meta/recipes-devtools/gcc/gcc/0005-cpp-honor-sysroot.patch
@@ -0,0 +1,53 @@
+From e6a820a19c4cd115d8af7c235c5f9700c7a24730 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 29 Mar 2013 09:22:00 +0400
+Subject: [PATCH] cpp: honor sysroot.
+
+Currently, if the gcc toolchain is relocated and installed from sstate, then you try and compile
+preprocessed source (.i or .ii files), the compiler will try and access the builtin sysroot location
+rather than the --sysroot option specified on the commandline. If access to that directory is
+permission denied (unreadable), gcc will error.
+
+This happens when ccache is in use due to the fact it uses preprocessed source files.
+
+The fix below adds %I to the cpp-output spec macro so the default substitutions for -iprefix,
+-isystem, -isysroot happen and the correct sysroot is used.
+
+[YOCTO #2074]
+
+RP 2012/04/13
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Upstream-Status: Submitted [https://gcc.gnu.org/pipermail/gcc-patches/2021-October/582725.html]
+---
+ gcc/cp/lang-specs.h | 2 +-
+ gcc/gcc.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/cp/lang-specs.h b/gcc/cp/lang-specs.h
+index 8902ae1d2ed..e99e2fcd6ad 100644
+--- a/gcc/cp/lang-specs.h
++++ b/gcc/cp/lang-specs.h
+@@ -116,7 +116,7 @@ along with GCC; see the file COPYING3. If not see
+ {".ii", "@c++-cpp-output", 0, 0, 0},
+ {"@c++-cpp-output",
+ "%{!E:%{!M:%{!MM:"
+- " cc1plus -fpreprocessed %i %(cc1_options) %2"
++ " cc1plus -fpreprocessed %i %I %(cc1_options) %2"
+ " %{!fsyntax-only:"
+ " %{fmodule-only:%{!S:-o %g.s%V}}"
+ " %{!fmodule-only:%{!fmodule-header*:%(invoke_as)}}}"
+diff --git a/gcc/gcc.c b/gcc/gcc.c
+index b047fc31c2f..bdee2671532 100644
+--- a/gcc/gcc.c
++++ b/gcc/gcc.c
+@@ -1469,7 +1469,7 @@ static const struct compiler default_compilers[] =
+ %W{o*:--output-pch=%*}}%V}}}}}}}", 0, 0, 0},
+ {".i", "@cpp-output", 0, 0, 0},
+ {"@cpp-output",
+- "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
++ "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %I %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+ {".s", "@assembler", 0, 0, 0},
+ {"@assembler",
+ "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0},
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0011-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch b/poky/meta/recipes-devtools/gcc/gcc/0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
similarity index 81%
rename from poky/meta/recipes-devtools/gcc/gcc/0011-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
index 0884730..ef19eef 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0011-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
@@ -1,4 +1,4 @@
-From 8e9d6efecdc8c42f47e3a012dee764b13c3dad59 Mon Sep 17 00:00:00 2001
+From 84dd8ea4c982fc2c82af642293d29e9c1880de5b Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 29 Mar 2013 09:24:50 +0400
Subject: [PATCH] Define GLIBC_DYNAMIC_LINKER and UCLIBC_DYNAMIC_LINKER
@@ -12,25 +12,43 @@
Removes the do_headerfix task in metadata
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
Upstream-Status: Inappropriate [OE configuration]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- gcc/config/alpha/linux-elf.h | 4 ++--
- gcc/config/arm/linux-eabi.h | 4 ++--
- gcc/config/arm/linux-elf.h | 2 +-
- gcc/config/i386/linux.h | 2 +-
- gcc/config/i386/linux64.h | 6 +++---
- gcc/config/linux.h | 8 ++++----
- gcc/config/mips/linux.h | 12 ++++++------
- gcc/config/riscv/linux.h | 2 +-
- gcc/config/rs6000/linux64.h | 15 +++++----------
- gcc/config/sh/linux.h | 2 +-
- gcc/config/sparc/linux.h | 2 +-
- gcc/config/sparc/linux64.h | 4 ++--
- 12 files changed, 29 insertions(+), 34 deletions(-)
+ gcc/config/aarch64/aarch64-linux.h | 4 ++--
+ gcc/config/alpha/linux-elf.h | 4 ++--
+ gcc/config/arm/linux-eabi.h | 4 ++--
+ gcc/config/arm/linux-elf.h | 2 +-
+ gcc/config/i386/linux.h | 2 +-
+ gcc/config/i386/linux64.h | 6 +++---
+ gcc/config/linux.h | 8 ++++----
+ gcc/config/mips/linux.h | 12 ++++++------
+ gcc/config/riscv/linux.h | 2 +-
+ gcc/config/rs6000/linux64.h | 15 +++++----------
+ gcc/config/sh/linux.h | 2 +-
+ gcc/config/sparc/linux.h | 2 +-
+ gcc/config/sparc/linux64.h | 4 ++--
+ 13 files changed, 31 insertions(+), 36 deletions(-)
-unchanged:
+diff --git a/gcc/config/aarch64/aarch64-linux.h b/gcc/config/aarch64/aarch64-linux.h
+index 7f2529a2a1d..4bcae7f3110 100644
+--- a/gcc/config/aarch64/aarch64-linux.h
++++ b/gcc/config/aarch64/aarch64-linux.h
+@@ -21,10 +21,10 @@
+ #ifndef GCC_AARCH64_LINUX_H
+ #define GCC_AARCH64_LINUX_H
+
+-#define GLIBC_DYNAMIC_LINKER "/lib/ld-linux-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
++#define GLIBC_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-linux-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
+
+ #undef MUSL_DYNAMIC_LINKER
+-#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
++#define MUSL_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-musl-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
+
+ #undef ASAN_CC1_SPEC
+ #define ASAN_CC1_SPEC "%{%:sanitize(address):-funwind-tables}"
+diff --git a/gcc/config/alpha/linux-elf.h b/gcc/config/alpha/linux-elf.h
+index c1dae8ca2cf..3ce2b76c1a4 100644
--- a/gcc/config/alpha/linux-elf.h
+++ b/gcc/config/alpha/linux-elf.h
@@ -23,8 +23,8 @@ along with GCC; see the file COPYING3. If not see
@@ -44,7 +62,8 @@
#if DEFAULT_LIBC == LIBC_UCLIBC
#define CHOOSE_DYNAMIC_LINKER(G, U) "%{mglibc:" G ";:" U "}"
#elif DEFAULT_LIBC == LIBC_GLIBC
-unchanged:
+diff --git a/gcc/config/arm/linux-eabi.h b/gcc/config/arm/linux-eabi.h
+index 85d0136e76e..6bd95855827 100644
--- a/gcc/config/arm/linux-eabi.h
+++ b/gcc/config/arm/linux-eabi.h
@@ -65,8 +65,8 @@
@@ -58,7 +77,8 @@
#define GLIBC_DYNAMIC_LINKER_DEFAULT GLIBC_DYNAMIC_LINKER_SOFT_FLOAT
#define GLIBC_DYNAMIC_LINKER \
-unchanged:
+diff --git a/gcc/config/arm/linux-elf.h b/gcc/config/arm/linux-elf.h
+index 0c1c4e70b6b..6bd643ade11 100644
--- a/gcc/config/arm/linux-elf.h
+++ b/gcc/config/arm/linux-elf.h
@@ -60,7 +60,7 @@
@@ -70,7 +90,8 @@
#define LINUX_TARGET_LINK_SPEC "%{h*} \
%{static:-Bstatic} \
-unchanged:
+diff --git a/gcc/config/i386/linux.h b/gcc/config/i386/linux.h
+index 04b274f1654..7aafcf3ac2d 100644
--- a/gcc/config/i386/linux.h
+++ b/gcc/config/i386/linux.h
@@ -20,7 +20,7 @@ along with GCC; see the file COPYING3. If not see
@@ -82,7 +103,8 @@
#undef MUSL_DYNAMIC_LINKER
#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-i386.so.1"
-unchanged:
+diff --git a/gcc/config/i386/linux64.h b/gcc/config/i386/linux64.h
+index b3822ced528..92d303e80d6 100644
--- a/gcc/config/i386/linux64.h
+++ b/gcc/config/i386/linux64.h
@@ -27,9 +27,9 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see
@@ -98,7 +120,8 @@
#undef MUSL_DYNAMIC_LINKER32
#define MUSL_DYNAMIC_LINKER32 "/lib/ld-musl-i386.so.1"
-unchanged:
+diff --git a/gcc/config/linux.h b/gcc/config/linux.h
+index 4e1db60fced..87efc5f69fe 100644
--- a/gcc/config/linux.h
+++ b/gcc/config/linux.h
@@ -94,10 +94,10 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see
@@ -116,7 +139,8 @@
#define BIONIC_DYNAMIC_LINKER "/system/bin/linker"
#define BIONIC_DYNAMIC_LINKER32 "/system/bin/linker"
#define BIONIC_DYNAMIC_LINKER64 "/system/bin/linker64"
-unchanged:
+diff --git a/gcc/config/mips/linux.h b/gcc/config/mips/linux.h
+index 44a85e410d9..8d41b5574f6 100644
--- a/gcc/config/mips/linux.h
+++ b/gcc/config/mips/linux.h
@@ -22,20 +22,20 @@ along with GCC; see the file COPYING3. If not see
@@ -146,7 +170,8 @@
#undef MUSL_DYNAMIC_LINKER32
#define MUSL_DYNAMIC_LINKER32 \
-unchanged:
+diff --git a/gcc/config/riscv/linux.h b/gcc/config/riscv/linux.h
+index fce5b896e6e..03aa55cb5ab 100644
--- a/gcc/config/riscv/linux.h
+++ b/gcc/config/riscv/linux.h
@@ -22,7 +22,7 @@ along with GCC; see the file COPYING3. If not see
@@ -158,7 +183,8 @@
#define MUSL_ABI_SUFFIX \
"%{mabi=ilp32:-sf}" \
-unchanged:
+diff --git a/gcc/config/rs6000/linux64.h b/gcc/config/rs6000/linux64.h
+index e3f2cd254f6..a11e01faa3d 100644
--- a/gcc/config/rs6000/linux64.h
+++ b/gcc/config/rs6000/linux64.h
@@ -336,24 +336,19 @@ extern int dot_symbols;
@@ -191,7 +217,8 @@
#undef DEFAULT_ASM_ENDIAN
#if (TARGET_DEFAULT & MASK_LITTLE_ENDIAN)
-unchanged:
+diff --git a/gcc/config/sh/linux.h b/gcc/config/sh/linux.h
+index 7558d2f7195..3aaa6c3a078 100644
--- a/gcc/config/sh/linux.h
+++ b/gcc/config/sh/linux.h
@@ -64,7 +64,7 @@ along with GCC; see the file COPYING3. If not see
@@ -203,7 +230,8 @@
#undef SUBTARGET_LINK_EMUL_SUFFIX
#define SUBTARGET_LINK_EMUL_SUFFIX "%{mfdpic:_fd;:_linux}"
-unchanged:
+diff --git a/gcc/config/sparc/linux.h b/gcc/config/sparc/linux.h
+index 2550d7ee8f0..a94f4cd8ba2 100644
--- a/gcc/config/sparc/linux.h
+++ b/gcc/config/sparc/linux.h
@@ -78,7 +78,7 @@ extern const char *host_detect_local_cpu (int argc, const char **argv);
@@ -215,7 +243,8 @@
#undef LINK_SPEC
#define LINK_SPEC "-m elf32_sparc %{shared:-shared} \
-unchanged:
+diff --git a/gcc/config/sparc/linux64.h b/gcc/config/sparc/linux64.h
+index 95af8afa9b5..63127afb074 100644
--- a/gcc/config/sparc/linux64.h
+++ b/gcc/config/sparc/linux64.h
@@ -78,8 +78,8 @@ along with GCC; see the file COPYING3. If not see
@@ -229,19 +258,3 @@
#ifdef SPARC_BI_ARCH
-diff -u b/gcc/config/aarch64/aarch64-linux.h b/gcc/config/aarch64/aarch64-linux.h
---- b/gcc/config/aarch64/aarch64-linux.h
-+++ b/gcc/config/aarch64/aarch64-linux.h
-@@ -21,10 +21,10 @@
- #ifndef GCC_AARCH64_LINUX_H
- #define GCC_AARCH64_LINUX_H
-
--#define GLIBC_DYNAMIC_LINKER "/lib/ld-linux-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
-+#define GLIBC_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-linux-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
-
- #undef MUSL_DYNAMIC_LINKER
--#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
-+#define MUSL_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-musl-aarch64%{mbig-endian:_be}%{mabi=ilp32:_ilp32}.so.1"
-
- #undef ASAN_CC1_SPEC
- #define ASAN_CC1_SPEC "%{%:sanitize(address):-funwind-tables}"
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0007-gcc-Fix-argument-list-too-long-error.patch b/poky/meta/recipes-devtools/gcc/gcc/0007-gcc-Fix-argument-list-too-long-error.patch
new file mode 100644
index 0000000..9f9f8cc
--- /dev/null
+++ b/poky/meta/recipes-devtools/gcc/gcc/0007-gcc-Fix-argument-list-too-long-error.patch
@@ -0,0 +1,42 @@
+From 768e9075e88d811b00207d991123438bb996e4ea Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 29 Mar 2013 09:26:37 +0400
+Subject: [PATCH] gcc: Fix argument list too long error.
+
+There would be an "Argument list too long" error when the
+build directory is longer than 200, this is caused by:
+
+headers=`echo $(PLUGIN_HEADERS) | tr ' ' '\012' | sort -u`
+
+The PLUGIN_HEADERS is too long before sort, so the "echo" can't handle
+it, use the $(sort list) of GNU make which can handle the too long list
+would fix the problem, the header would be short enough after sorted.
+The "tr ' ' '\012'" was used for translating the space to "\n", the
+$(sort list) doesn't need this.
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+RP: gcc then added *.h and *.def additions to this list, breaking the original
+fix. Add the sort to the original gcc code, leaving the tr+sort to fix the original
+issue but include the new files too as reported by Zhuang <qiuguang.zqg@alibaba-inc.com>
+
+Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=66e157188bd2f789809e17e85f917534c9381599]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ gcc/Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gcc/Makefile.in b/gcc/Makefile.in
+index 95962ae37b6..d1d4512bba3 100644
+--- a/gcc/Makefile.in
++++ b/gcc/Makefile.in
+@@ -3671,7 +3671,7 @@ install-plugin: installdirs lang.install-plugin s-header-vars install-gengtype
+ # We keep the directory structure for files in config, common/config or
+ # c-family and .def files. All other files are flattened to a single directory.
+ $(mkinstalldirs) $(DESTDIR)$(plugin_includedir)
+- headers=`echo $(PLUGIN_HEADERS) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \
++ headers=`echo $(sort $(PLUGIN_HEADERS)) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`; \
+ for file in $$headers; do \
+ if [ -f $$file ] ; then \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0014-libtool.patch b/poky/meta/recipes-devtools/gcc/gcc/0008-libtool.patch
similarity index 94%
rename from poky/meta/recipes-devtools/gcc/gcc/0014-libtool.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0008-libtool.patch
index f2b8924..358e1d7 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0014-libtool.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0008-libtool.patch
@@ -1,4 +1,4 @@
-From a5b984db9669cf38a7bd76c3fcdb41c086f740db Mon Sep 17 00:00:00 2001
+From b19700ef0103f9414416b9a779a64d6138c58b1f Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 29 Mar 2013 09:29:11 +0400
Subject: [PATCH] libtool
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0009-cpp-honor-sysroot.patch b/poky/meta/recipes-devtools/gcc/gcc/0009-cpp-honor-sysroot.patch
deleted file mode 100644
index 37f26f0..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0009-cpp-honor-sysroot.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From: Richard Purdie <richard.purdie@linuxfoundation.org>
-Subject: [PATCH 5/5] gcc: Pass sysroot options to cpp for preprocessed source
-
-OpenEmbedded/Yocto Project extensively uses the --sysroot support within gcc.
-We discovered that when compiling preprocessed source (.i or .ii files), the
-compiler will try and access the builtin sysroot location rather than the
---sysroot option specified on the commandline. If access to that directory is
-permission denied (unreadable), gcc will error. This is particularly problematic
-when ccache is involved.
-
-This patch adds %I to the cpp-output spec macro so the default substitutions for
--iprefix, -isystem, -isysroot happen and the correct sysroot is used.
-
-2021-10-27 Richard Purdie <richard.purdie@linuxfoundation.org>
-
-gcc/cp/ChangeLog:
-
- * lang-specs.h: Pass sysroot options to cpp for preprocessed source
-
-gcc/ChangeLog:
-
- * gcc.c: Pass sysroot options to cpp for preprocessed source
-
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-
-[YOCTO #2074]
-
-Upstream-Status: Submitted [https://gcc.gnu.org/pipermail/gcc-patches/2021-October/582725.html]
----
- gcc/cp/lang-specs.h | 2 +-
- gcc/gcc.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-Index: gcc-11.2.0/gcc/cp/lang-specs.h
-===================================================================
---- gcc-11.2.0.orig/gcc/cp/lang-specs.h
-+++ gcc-11.2.0/gcc/cp/lang-specs.h
-@@ -116,7 +116,7 @@ along with GCC; see the file COPYING3.
- {".ii", "@c++-cpp-output", 0, 0, 0},
- {"@c++-cpp-output",
- "%{!E:%{!M:%{!MM:"
-- " cc1plus -fpreprocessed %i %(cc1_options) %2"
-+ " cc1plus -fpreprocessed %i %I %(cc1_options) %2"
- " %{!fsyntax-only:"
- " %{fmodule-only:%{!S:-o %g.s%V}}"
- " %{!fmodule-only:%{!fmodule-header*:%(invoke_as)}}}"
-Index: gcc-11.2.0/gcc/gcc.c
-===================================================================
---- gcc-11.2.0.orig/gcc/gcc.c
-+++ gcc-11.2.0/gcc/gcc.c
-@@ -1470,7 +1470,7 @@ static const struct compiler default_com
- %W{o*:--output-pch=%*}}%V}}}}}}}", 0, 0, 0},
- {".i", "@cpp-output", 0, 0, 0},
- {"@cpp-output",
-- "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
-+ "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %I %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
- {".s", "@assembler", 0, 0, 0},
- {"@assembler",
- "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0},
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0015-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch b/poky/meta/recipes-devtools/gcc/gcc/0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
similarity index 95%
rename from poky/meta/recipes-devtools/gcc/gcc/0015-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
index 1ccf39c..ac13954 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0015-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
@@ -1,4 +1,4 @@
-From 0ae7090dec149cb2ff0c87eef87c043d4000ece1 Mon Sep 17 00:00:00 2001
+From 10d23d93697167396e223711bf6210e1642ee926 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 29 Mar 2013 09:30:32 +0400
Subject: [PATCH] gcc: armv4: pass fix-v4bx to linker to support EABI.
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0016-Use-the-multilib-config-files-from-B-instead-of-usin.patch b/poky/meta/recipes-devtools/gcc/gcc/0010-Use-the-multilib-config-files-from-B-instead-of-usin.patch
similarity index 89%
rename from poky/meta/recipes-devtools/gcc/gcc/0016-Use-the-multilib-config-files-from-B-instead-of-usin.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0010-Use-the-multilib-config-files-from-B-instead-of-usin.patch
index bde7ec6..4912fa9 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0016-Use-the-multilib-config-files-from-B-instead-of-usin.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0010-Use-the-multilib-config-files-from-B-instead-of-usin.patch
@@ -1,4 +1,4 @@
-From 5ce8aa4615a3816d12c43752323154744517ae9f Mon Sep 17 00:00:00 2001
+From 5970fb3fadccd8c43f7f7030e6ff51e0295731ef Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 29 Mar 2013 09:33:04 +0400
Subject: [PATCH] Use the multilib config files from ${B} instead of using the
@@ -18,10 +18,10 @@
2 files changed, 36 insertions(+), 8 deletions(-)
diff --git a/gcc/configure b/gcc/configure
-index 5160917d73e..e663052cad2 100755
+index f5b99d1cf7d..ec3c24482df 100755
--- a/gcc/configure
+++ b/gcc/configure
-@@ -13070,10 +13070,20 @@ done
+@@ -13111,10 +13111,20 @@ done
tmake_file_=
for f in ${tmake_file}
do
@@ -46,7 +46,7 @@
done
tmake_file="${tmake_file_}${omp_device_property_tmake_file}"
-@@ -13084,6 +13094,10 @@ tm_file_list="options.h"
+@@ -13125,6 +13135,10 @@ tm_file_list="options.h"
tm_include_list="options.h insn-constants.h"
for f in $tm_file; do
case $f in
@@ -58,10 +58,10 @@
f=`echo $f | sed 's/^..//'`
tm_file_list="${tm_file_list} $f"
diff --git a/gcc/configure.ac b/gcc/configure.ac
-index 50f78308e8a..2b84875b028 100644
+index 29005f6d18f..ea794cd1763 100644
--- a/gcc/configure.ac
+++ b/gcc/configure.ac
-@@ -2243,10 +2243,20 @@ done
+@@ -2274,10 +2274,20 @@ done
tmake_file_=
for f in ${tmake_file}
do
@@ -86,7 +86,7 @@
done
tmake_file="${tmake_file_}${omp_device_property_tmake_file}"
-@@ -2257,6 +2267,10 @@ tm_file_list="options.h"
+@@ -2288,6 +2298,10 @@ tm_file_list="options.h"
tm_include_list="options.h insn-constants.h"
for f in $tm_file; do
case $f in
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0017-Avoid-using-libdir-from-.la-which-usually-points-to-.patch b/poky/meta/recipes-devtools/gcc/gcc/0011-Avoid-using-libdir-from-.la-which-usually-points-to-.patch
similarity index 92%
rename from poky/meta/recipes-devtools/gcc/gcc/0017-Avoid-using-libdir-from-.la-which-usually-points-to-.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0011-Avoid-using-libdir-from-.la-which-usually-points-to-.patch
index 3e0a1b4..e3e3594 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0017-Avoid-using-libdir-from-.la-which-usually-points-to-.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0011-Avoid-using-libdir-from-.la-which-usually-points-to-.patch
@@ -1,4 +1,4 @@
-From 75a1ce0265ca123f74f17a40ad8bd8f26d9c2ab3 Mon Sep 17 00:00:00 2001
+From 2af537b9ff0018945a27a7f89efad736a0f647d4 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 20 Feb 2015 09:39:38 +0000
Subject: [PATCH] Avoid using libdir from .la which usually points to a host
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0019-Ensure-target-gcc-headers-can-be-included.patch b/poky/meta/recipes-devtools/gcc/gcc/0012-Ensure-target-gcc-headers-can-be-included.patch
similarity index 96%
rename from poky/meta/recipes-devtools/gcc/gcc/0019-Ensure-target-gcc-headers-can-be-included.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0012-Ensure-target-gcc-headers-can-be-included.patch
index 120d5a2..d33925e 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0019-Ensure-target-gcc-headers-can-be-included.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0012-Ensure-target-gcc-headers-can-be-included.patch
@@ -1,4 +1,4 @@
-From 6f410ed8fb7eee11ba7a25634c2257666b98ef52 Mon Sep 17 00:00:00 2001
+From 9427c6cedf88e15f747c48cb4fcf9eda6f5c4555 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 20 Feb 2015 10:25:11 +0000
Subject: [PATCH] Ensure target gcc headers can be included
@@ -25,7 +25,7 @@
4 files changed, 22 insertions(+)
diff --git a/gcc/Makefile.in b/gcc/Makefile.in
-index 59c45c81393..9b17d120aa1 100644
+index d1d4512bba3..06eb0d27a28 100644
--- a/gcc/Makefile.in
+++ b/gcc/Makefile.in
@@ -630,6 +630,7 @@ libexecdir = @libexecdir@
@@ -36,7 +36,7 @@
# Directory in which the compiler finds executables
libexecsubdir = $(libexecdir)/gcc/$(real_target_noncanonical)/$(version)$(accel_dir_suffix)
# Directory in which all plugin resources are installed
-@@ -3016,6 +3017,7 @@ CFLAGS-intl.o += -DLOCALEDIR=\"$(localedir)\"
+@@ -3009,6 +3010,7 @@ CFLAGS-intl.o += -DLOCALEDIR=\"$(localedir)\"
PREPROCESSOR_DEFINES = \
-DGCC_INCLUDE_DIR=\"$(libsubdir)/include\" \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch b/poky/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch
deleted file mode 100644
index ebee30b..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From: Richard Purdie <richard.purdie@linuxfoundation.org>
-Subject: [PATCH 2/5] gcc: Fix "argument list too long" from install-plugins
-
-When building in longer build paths (200+ characters), the
-"echo $(PLUGIN_HEADERS)" from the install-plugins target would cause an
-"argument list too long error" on some systems.
-
-Avoid this by calling make's sort function on the list which removes
-duplicates and stops the overflow from reaching the echo command.
-The original sort is left to handle the the .h and .def files.
-
-2021-10-26 Richard Purdie <richard.purdie@linuxfoundation.org>
-
-gcc/ChangeLog:
-
- * Makefile.in: Fix "argument list too long" from install-plugins
-
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-
-Submitted [https://gcc.gnu.org/pipermail/gcc-patches/2021-October/582722.html]
-Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=66e157188bd2f789809e17e85f917534c9381599]
----
- gcc/Makefile.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: gcc-11.2.0/gcc/Makefile.in
-===================================================================
---- gcc-11.2.0.orig/gcc/Makefile.in
-+++ gcc-11.2.0/gcc/Makefile.in
-@@ -3678,7 +3678,7 @@ install-plugin: installdirs lang.install
- # We keep the directory structure for files in config, common/config or
- # c-family and .def files. All other files are flattened to a single directory.
- $(mkinstalldirs) $(DESTDIR)$(plugin_includedir)
-- headers=`echo $(PLUGIN_HEADERS) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \
-+ headers=`echo $(sort $(PLUGIN_HEADERS)) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \
- srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`; \
- for file in $$headers; do \
- if [ -f $$file ] ; then \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0020-Don-t-search-host-directory-during-relink-if-inst_pr.patch b/poky/meta/recipes-devtools/gcc/gcc/0013-Don-t-search-host-directory-during-relink-if-inst_pr.patch
similarity index 93%
rename from poky/meta/recipes-devtools/gcc/gcc/0020-Don-t-search-host-directory-during-relink-if-inst_pr.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0013-Don-t-search-host-directory-during-relink-if-inst_pr.patch
index bb2a367..5b5d229 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0020-Don-t-search-host-directory-during-relink-if-inst_pr.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0013-Don-t-search-host-directory-during-relink-if-inst_pr.patch
@@ -1,4 +1,4 @@
-From cd09adb1e7f2a7e81a9f595a17c36f24911b90ac Mon Sep 17 00:00:00 2001
+From ab6e6af5deca6f4b35b089a6b197776df38780e6 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 3 Mar 2015 08:21:19 +0000
Subject: [PATCH] Don't search host directory during "relink" if $inst_prefix
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0023-libcc1-fix-libcc1-s-install-path-and-rpath.patch b/poky/meta/recipes-devtools/gcc/gcc/0014-libcc1-fix-libcc1-s-install-path-and-rpath.patch
similarity index 90%
rename from poky/meta/recipes-devtools/gcc/gcc/0023-libcc1-fix-libcc1-s-install-path-and-rpath.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0014-libcc1-fix-libcc1-s-install-path-and-rpath.patch
index fb4511c..b82277c 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0023-libcc1-fix-libcc1-s-install-path-and-rpath.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0014-libcc1-fix-libcc1-s-install-path-and-rpath.patch
@@ -1,4 +1,4 @@
-From 2cfc5ee38b3f5ec1d7965aae0991bcd48b5dc2e6 Mon Sep 17 00:00:00 2001
+From fd862c8c112067d8613d921ae89c99056aca54a1 Mon Sep 17 00:00:00 2001
From: Robert Yang <liezhi.yang@windriver.com>
Date: Sun, 5 Jul 2015 20:25:18 -0700
Subject: [PATCH] libcc1: fix libcc1's install path and rpath
@@ -20,10 +20,10 @@
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/libcc1/Makefile.am b/libcc1/Makefile.am
-index f148fdd7aa2..0b6eb8f2855 100644
+index 3b75e7d9290..d3a4c4f9ddf 100644
--- a/libcc1/Makefile.am
+++ b/libcc1/Makefile.am
-@@ -40,8 +40,8 @@ libiberty = $(if $(wildcard $(libiberty_noasan)),$(Wc)$(libiberty_noasan), \
+@@ -41,8 +41,8 @@ libiberty = $(if $(wildcard $(libiberty_noasan)),$(Wc)$(libiberty_noasan), \
$(Wc)$(libiberty_normal)))
libiberty_dep = $(patsubst $(Wc)%,%,$(libiberty))
@@ -35,7 +35,7 @@
if ENABLE_PLUGIN
plugin_LTLIBRARIES = libcc1plugin.la libcp1plugin.la
diff --git a/libcc1/Makefile.in b/libcc1/Makefile.in
-index 753d435c9cb..455627b0a3b 100644
+index 07fa9d94c83..a9f737d78f2 100644
--- a/libcc1/Makefile.in
+++ b/libcc1/Makefile.in
@@ -398,8 +398,8 @@ libiberty = $(if $(wildcard $(libiberty_noasan)),$(Wc)$(libiberty_noasan), \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0018-export-CPP.patch b/poky/meta/recipes-devtools/gcc/gcc/0015-Makefile.in-Ensure-build-CPP-CPPFLAGS-is-used-for-bu.patch
similarity index 79%
rename from poky/meta/recipes-devtools/gcc/gcc/0018-export-CPP.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0015-Makefile.in-Ensure-build-CPP-CPPFLAGS-is-used-for-bu.patch
index 86ab657..45953f8 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0018-export-CPP.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0015-Makefile.in-Ensure-build-CPP-CPPFLAGS-is-used-for-bu.patch
@@ -1,5 +1,8 @@
+From 667b302f637be0a4b6ef714b5eb0026c54425386 Mon Sep 17 00:00:00 2001
From: Richard Purdie <richard.purdie@linuxfoundation.org>
-Subject: [PATCH 1/5] Makefile.in: Ensure build CPP/CPPFLAGS is used for build targets
+Date: Sun, 31 Oct 2021 17:40:12 -0700
+Subject: [PATCH] Makefile.in: Ensure build CPP/CPPFLAGS is used for build
+ targets
During cross compiling, CPP is being set to the target compiler even for
build targets. As an example, when building a cross compiler targetting
@@ -42,6 +45,8 @@
Submitted [https://gcc.gnu.org/pipermail/gcc-patches/2021-October/582727.html]
Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=84401ce5fb4ecab55decb472b168100e7593e01f]
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Makefile.in | 6 ++++++
Makefile.tpl | 6 ++++++
@@ -51,41 +56,10 @@
gcc/configure.ac | 2 +-
6 files changed, 22 insertions(+), 2 deletions(-)
-Index: gcc-11.2.0/Makefile.in
-===================================================================
---- gcc-11.2.0.orig/Makefile.in
-+++ gcc-11.2.0/Makefile.in
-@@ -151,6 +151,8 @@ BUILD_EXPORTS = \
- CC="$(CC_FOR_BUILD)"; export CC; \
- CFLAGS="$(CFLAGS_FOR_BUILD)"; export CFLAGS; \
- CONFIG_SHELL="$(SHELL)"; export CONFIG_SHELL; \
-+ CPP="$(CPP_FOR_BUILD)"; export CPP; \
-+ CPPFLAGS="$(CPPFLAGS_FOR_BUILD)"; export CPPFLAGS; \
- CXX="$(CXX_FOR_BUILD)"; export CXX; \
- CXXFLAGS="$(CXXFLAGS_FOR_BUILD)"; export CXXFLAGS; \
- GFORTRAN="$(GFORTRAN_FOR_BUILD)"; export GFORTRAN; \
-@@ -198,6 +200,8 @@ HOST_EXPORTS = \
- AR="$(AR)"; export AR; \
- AS="$(AS)"; export AS; \
- CC_FOR_BUILD="$(CC_FOR_BUILD)"; export CC_FOR_BUILD; \
-+ CPP_FOR_BUILD="$(CPP_FOR_BUILD)"; export CPP_FOR_BUILD; \
-+ CPPFLAGS_FOR_BUILD="$(CPPFLAGS_FOR_BUILD)"; export CPPFLAGS_FOR_BUILD; \
- CXX_FOR_BUILD="$(CXX_FOR_BUILD)"; export CXX_FOR_BUILD; \
- DLLTOOL="$(DLLTOOL)"; export DLLTOOL; \
- LD="$(LD)"; export LD; \
-@@ -353,6 +357,8 @@ AR_FOR_BUILD = @AR_FOR_BUILD@
- AS_FOR_BUILD = @AS_FOR_BUILD@
- CC_FOR_BUILD = @CC_FOR_BUILD@
- CFLAGS_FOR_BUILD = @CFLAGS_FOR_BUILD@
-+CPP_FOR_BUILD = @CPP_FOR_BUILD@
-+CPPFLAGS_FOR_BUILD = @CPPFLAGS_FOR_BUILD@
- CXXFLAGS_FOR_BUILD = @CXXFLAGS_FOR_BUILD@
- CXX_FOR_BUILD = @CXX_FOR_BUILD@
- DLLTOOL_FOR_BUILD = @DLLTOOL_FOR_BUILD@
-Index: gcc-11.2.0/Makefile.tpl
-===================================================================
---- gcc-11.2.0.orig/Makefile.tpl
-+++ gcc-11.2.0/Makefile.tpl
+diff --git a/Makefile.in b/Makefile.in
+index 20cbbe2906d..33476d53327 100644
+--- a/Makefile.in
++++ b/Makefile.in
@@ -154,6 +154,8 @@ BUILD_EXPORTS = \
CC="$(CC_FOR_BUILD)"; export CC; \
CFLAGS="$(CFLAGS_FOR_BUILD)"; export CFLAGS; \
@@ -95,7 +69,7 @@
CXX="$(CXX_FOR_BUILD)"; export CXX; \
CXXFLAGS="$(CXXFLAGS_FOR_BUILD)"; export CXXFLAGS; \
GFORTRAN="$(GFORTRAN_FOR_BUILD)"; export GFORTRAN; \
-@@ -201,6 +203,8 @@ HOST_EXPORTS = \
+@@ -202,6 +204,8 @@ HOST_EXPORTS = \
AR="$(AR)"; export AR; \
AS="$(AS)"; export AS; \
CC_FOR_BUILD="$(CC_FOR_BUILD)"; export CC_FOR_BUILD; \
@@ -103,8 +77,8 @@
+ CPPFLAGS_FOR_BUILD="$(CPPFLAGS_FOR_BUILD)"; export CPPFLAGS_FOR_BUILD; \
CXX_FOR_BUILD="$(CXX_FOR_BUILD)"; export CXX_FOR_BUILD; \
DLLTOOL="$(DLLTOOL)"; export DLLTOOL; \
- LD="$(LD)"; export LD; \
-@@ -356,6 +360,8 @@ AR_FOR_BUILD = @AR_FOR_BUILD@
+ DSYMUTIL="$(DSYMUTIL)"; export DSYMUTIL; \
+@@ -360,6 +364,8 @@ AR_FOR_BUILD = @AR_FOR_BUILD@
AS_FOR_BUILD = @AS_FOR_BUILD@
CC_FOR_BUILD = @CC_FOR_BUILD@
CFLAGS_FOR_BUILD = @CFLAGS_FOR_BUILD@
@@ -113,11 +87,42 @@
CXXFLAGS_FOR_BUILD = @CXXFLAGS_FOR_BUILD@
CXX_FOR_BUILD = @CXX_FOR_BUILD@
DLLTOOL_FOR_BUILD = @DLLTOOL_FOR_BUILD@
-Index: gcc-11.2.0/configure
-===================================================================
---- gcc-11.2.0.orig/configure
-+++ gcc-11.2.0/configure
-@@ -652,6 +652,8 @@ GFORTRAN_FOR_BUILD
+diff --git a/Makefile.tpl b/Makefile.tpl
+index 9adf4f94728..e39d85d1109 100644
+--- a/Makefile.tpl
++++ b/Makefile.tpl
+@@ -157,6 +157,8 @@ BUILD_EXPORTS = \
+ CC="$(CC_FOR_BUILD)"; export CC; \
+ CFLAGS="$(CFLAGS_FOR_BUILD)"; export CFLAGS; \
+ CONFIG_SHELL="$(SHELL)"; export CONFIG_SHELL; \
++ CPP="$(CPP_FOR_BUILD)"; export CPP; \
++ CPPFLAGS="$(CPPFLAGS_FOR_BUILD)"; export CPPFLAGS; \
+ CXX="$(CXX_FOR_BUILD)"; export CXX; \
+ CXXFLAGS="$(CXXFLAGS_FOR_BUILD)"; export CXXFLAGS; \
+ GFORTRAN="$(GFORTRAN_FOR_BUILD)"; export GFORTRAN; \
+@@ -205,6 +207,8 @@ HOST_EXPORTS = \
+ AR="$(AR)"; export AR; \
+ AS="$(AS)"; export AS; \
+ CC_FOR_BUILD="$(CC_FOR_BUILD)"; export CC_FOR_BUILD; \
++ CPP_FOR_BUILD="$(CPP_FOR_BUILD)"; export CPP_FOR_BUILD; \
++ CPPFLAGS_FOR_BUILD="$(CPPFLAGS_FOR_BUILD)"; export CPPFLAGS_FOR_BUILD; \
+ CXX_FOR_BUILD="$(CXX_FOR_BUILD)"; export CXX_FOR_BUILD; \
+ DLLTOOL="$(DLLTOOL)"; export DLLTOOL; \
+ DSYMUTIL="$(DSYMUTIL)"; export DSYMUTIL; \
+@@ -363,6 +367,8 @@ AR_FOR_BUILD = @AR_FOR_BUILD@
+ AS_FOR_BUILD = @AS_FOR_BUILD@
+ CC_FOR_BUILD = @CC_FOR_BUILD@
+ CFLAGS_FOR_BUILD = @CFLAGS_FOR_BUILD@
++CPP_FOR_BUILD = @CPP_FOR_BUILD@
++CPPFLAGS_FOR_BUILD = @CPPFLAGS_FOR_BUILD@
+ CXXFLAGS_FOR_BUILD = @CXXFLAGS_FOR_BUILD@
+ CXX_FOR_BUILD = @CXX_FOR_BUILD@
+ DLLTOOL_FOR_BUILD = @DLLTOOL_FOR_BUILD@
+diff --git a/configure b/configure
+index 45744e6e471..ff0de8a68b4 100755
+--- a/configure
++++ b/configure
+@@ -655,6 +655,8 @@ DSYMUTIL_FOR_BUILD
DLLTOOL_FOR_BUILD
CXX_FOR_BUILD
CXXFLAGS_FOR_BUILD
@@ -126,15 +131,15 @@
CFLAGS_FOR_BUILD
CC_FOR_BUILD
AS_FOR_BUILD
-@@ -4092,6 +4094,7 @@ if test "${build}" != "${host}" ; then
+@@ -4100,6 +4102,7 @@ if test "${build}" != "${host}" ; then
AR_FOR_BUILD=${AR_FOR_BUILD-ar}
AS_FOR_BUILD=${AS_FOR_BUILD-as}
CC_FOR_BUILD=${CC_FOR_BUILD-gcc}
+ CPP_FOR_BUILD="${CPP_FOR_BUILD-\$(CPP)}"
CXX_FOR_BUILD=${CXX_FOR_BUILD-g++}
+ DSYMUTIL_FOR_BUILD=${DSYMUTIL_FOR_BUILD-dsymutil}
GFORTRAN_FOR_BUILD=${GFORTRAN_FOR_BUILD-gfortran}
- GOC_FOR_BUILD=${GOC_FOR_BUILD-gccgo}
-@@ -9809,6 +9812,7 @@ esac
+@@ -9831,6 +9834,7 @@ esac
# our build compiler if desired.
if test x"${build}" = x"${host}" ; then
CFLAGS_FOR_BUILD=${CFLAGS_FOR_BUILD-${CFLAGS}}
@@ -142,19 +147,19 @@
CXXFLAGS_FOR_BUILD=${CXXFLAGS_FOR_BUILD-${CXXFLAGS}}
LDFLAGS_FOR_BUILD=${LDFLAGS_FOR_BUILD-${LDFLAGS}}
fi
-Index: gcc-11.2.0/configure.ac
-===================================================================
---- gcc-11.2.0.orig/configure.ac
-+++ gcc-11.2.0/configure.ac
+diff --git a/configure.ac b/configure.ac
+index bf66b51373c..09fa3896dc7 100644
+--- a/configure.ac
++++ b/configure.ac
@@ -1347,6 +1347,7 @@ if test "${build}" != "${host}" ; then
AR_FOR_BUILD=${AR_FOR_BUILD-ar}
AS_FOR_BUILD=${AS_FOR_BUILD-as}
CC_FOR_BUILD=${CC_FOR_BUILD-gcc}
+ CPP_FOR_BUILD="${CPP_FOR_BUILD-\$(CPP)}"
CXX_FOR_BUILD=${CXX_FOR_BUILD-g++}
+ DSYMUTIL_FOR_BUILD=${DSYMUTIL_FOR_BUILD-dsymutil}
GFORTRAN_FOR_BUILD=${GFORTRAN_FOR_BUILD-gfortran}
- GOC_FOR_BUILD=${GOC_FOR_BUILD-gccgo}
-@@ -3321,6 +3322,7 @@ esac
+@@ -3336,6 +3337,7 @@ esac
# our build compiler if desired.
if test x"${build}" = x"${host}" ; then
CFLAGS_FOR_BUILD=${CFLAGS_FOR_BUILD-${CFLAGS}}
@@ -162,7 +167,7 @@
CXXFLAGS_FOR_BUILD=${CXXFLAGS_FOR_BUILD-${CXXFLAGS}}
LDFLAGS_FOR_BUILD=${LDFLAGS_FOR_BUILD-${LDFLAGS}}
fi
-@@ -3387,6 +3389,8 @@ AC_SUBST(AR_FOR_BUILD)
+@@ -3402,6 +3404,8 @@ AC_SUBST(AR_FOR_BUILD)
AC_SUBST(AS_FOR_BUILD)
AC_SUBST(CC_FOR_BUILD)
AC_SUBST(CFLAGS_FOR_BUILD)
@@ -171,11 +176,11 @@
AC_SUBST(CXXFLAGS_FOR_BUILD)
AC_SUBST(CXX_FOR_BUILD)
AC_SUBST(DLLTOOL_FOR_BUILD)
-Index: gcc-11.2.0/gcc/configure
-===================================================================
---- gcc-11.2.0.orig/gcc/configure
-+++ gcc-11.2.0/gcc/configure
-@@ -12699,7 +12699,7 @@ else
+diff --git a/gcc/configure b/gcc/configure
+index ec3c24482df..31a460dc9d0 100755
+--- a/gcc/configure
++++ b/gcc/configure
+@@ -12740,7 +12740,7 @@ else
CC="${CC_FOR_BUILD}" CFLAGS="${CFLAGS_FOR_BUILD}" \
CXX="${CXX_FOR_BUILD}" CXXFLAGS="${CXXFLAGS_FOR_BUILD}" \
LD="${LD_FOR_BUILD}" LDFLAGS="${LDFLAGS_FOR_BUILD}" \
@@ -184,11 +189,11 @@
${realsrcdir}/configure \
--enable-languages=${enable_languages-all} \
${enable_obsolete+--enable-obsolete="$enable_obsolete"} \
-Index: gcc-11.2.0/gcc/configure.ac
-===================================================================
---- gcc-11.2.0.orig/gcc/configure.ac
-+++ gcc-11.2.0/gcc/configure.ac
-@@ -2023,7 +2023,7 @@ else
+diff --git a/gcc/configure.ac b/gcc/configure.ac
+index ea794cd1763..b965eb036bc 100644
+--- a/gcc/configure.ac
++++ b/gcc/configure.ac
+@@ -2054,7 +2054,7 @@ else
CC="${CC_FOR_BUILD}" CFLAGS="${CFLAGS_FOR_BUILD}" \
CXX="${CXX_FOR_BUILD}" CXXFLAGS="${CXXFLAGS_FOR_BUILD}" \
LD="${LD_FOR_BUILD}" LDFLAGS="${LDFLAGS_FOR_BUILD}" \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0006-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch b/poky/meta/recipes-devtools/gcc/gcc/0016-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch
similarity index 68%
rename from poky/meta/recipes-devtools/gcc/gcc/0006-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0016-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch
index 98a1bb2..7f807a9 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0006-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0016-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch
@@ -1,8 +1,8 @@
-From e700190743fa29ddaebd6ee075298a24b1688773 Mon Sep 17 00:00:00 2001
+From 2c2a92573598ddbc33c023fe5d499191491fb523 Mon Sep 17 00:00:00 2001
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Thu, 28 Oct 2021 11:33:40 +0100
-Subject: [PATCH 6/6] If CXXFLAGS contains something unsupported by the build
- CXX, we see build failures (e.g. using -fmacro-prefix-map for the target).
+Subject: [PATCH] If CXXFLAGS contains something unsupported by the build CXX,
+ we see build failures (e.g. using -fmacro-prefix-map for the target).
Pass CXXFLAGS_FOR_BUILD in a couple of places to avoid these errors.
@@ -13,19 +13,20 @@
* Makefile.in: Regenerate.
* Makefile.tpl: Add missing CXXFLAGS_FOR_BUILD overrides
+Upstream-Status: Pending [should be submittable]
+
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Makefile.in | 2 ++
Makefile.tpl | 2 ++
2 files changed, 4 insertions(+)
-Upstream-Status: Pending [should be submittable]
-
-Index: gcc-11.2.0/Makefile.in
-===================================================================
---- gcc-11.2.0.orig/Makefile.in
-+++ gcc-11.2.0/Makefile.in
-@@ -172,6 +172,7 @@ BUILD_EXPORTS = \
+diff --git a/Makefile.in b/Makefile.in
+index 33476d53327..b949dffee0e 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -176,6 +176,7 @@ BUILD_EXPORTS = \
# built for the build system to override those in BASE_FLAGS_TO_PASS.
EXTRA_BUILD_FLAGS = \
CFLAGS="$(CFLAGS_FOR_BUILD)" \
@@ -33,19 +34,19 @@
LDFLAGS="$(LDFLAGS_FOR_BUILD)"
# This is the list of directories to built for the host system.
-@@ -203,6 +204,7 @@ HOST_EXPORTS = \
+@@ -207,6 +208,7 @@ HOST_EXPORTS = \
CPP_FOR_BUILD="$(CPP_FOR_BUILD)"; export CPP_FOR_BUILD; \
CPPFLAGS_FOR_BUILD="$(CPPFLAGS_FOR_BUILD)"; export CPPFLAGS_FOR_BUILD; \
CXX_FOR_BUILD="$(CXX_FOR_BUILD)"; export CXX_FOR_BUILD; \
+ CXXFLAGS_FOR_BUILD="$(CXXFLAGS_FOR_BUILD)"; export CXXFLAGS_FOR_BUILD; \
DLLTOOL="$(DLLTOOL)"; export DLLTOOL; \
+ DSYMUTIL="$(DSYMUTIL)"; export DSYMUTIL; \
LD="$(LD)"; export LD; \
- LDFLAGS="$(STAGE1_LDFLAGS) $(LDFLAGS)"; export LDFLAGS; \
-Index: gcc-11.2.0/Makefile.tpl
-===================================================================
---- gcc-11.2.0.orig/Makefile.tpl
-+++ gcc-11.2.0/Makefile.tpl
-@@ -175,6 +175,7 @@ BUILD_EXPORTS = \
+diff --git a/Makefile.tpl b/Makefile.tpl
+index e39d85d1109..d8520cbb164 100644
+--- a/Makefile.tpl
++++ b/Makefile.tpl
+@@ -179,6 +179,7 @@ BUILD_EXPORTS = \
# built for the build system to override those in BASE_FLAGS_TO_PASS.
EXTRA_BUILD_FLAGS = \
CFLAGS="$(CFLAGS_FOR_BUILD)" \
@@ -53,11 +54,11 @@
LDFLAGS="$(LDFLAGS_FOR_BUILD)"
# This is the list of directories to built for the host system.
-@@ -206,6 +207,7 @@ HOST_EXPORTS = \
+@@ -210,6 +211,7 @@ HOST_EXPORTS = \
CPP_FOR_BUILD="$(CPP_FOR_BUILD)"; export CPP_FOR_BUILD; \
CPPFLAGS_FOR_BUILD="$(CPPFLAGS_FOR_BUILD)"; export CPPFLAGS_FOR_BUILD; \
CXX_FOR_BUILD="$(CXX_FOR_BUILD)"; export CXX_FOR_BUILD; \
+ CXXFLAGS_FOR_BUILD="$(CXXFLAGS_FOR_BUILD)"; export CXXFLAGS_FOR_BUILD; \
DLLTOOL="$(DLLTOOL)"; export DLLTOOL; \
+ DSYMUTIL="$(DSYMUTIL)"; export DSYMUTIL; \
LD="$(LD)"; export LD; \
- LDFLAGS="$(STAGE1_LDFLAGS) $(LDFLAGS)"; export LDFLAGS; \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0024-handle-sysroot-support-for-nativesdk-gcc.patch b/poky/meta/recipes-devtools/gcc/gcc/0017-handle-sysroot-support-for-nativesdk-gcc.patch
similarity index 98%
rename from poky/meta/recipes-devtools/gcc/gcc/0024-handle-sysroot-support-for-nativesdk-gcc.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0017-handle-sysroot-support-for-nativesdk-gcc.patch
index b1054fa..5d86e4c 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0024-handle-sysroot-support-for-nativesdk-gcc.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0017-handle-sysroot-support-for-nativesdk-gcc.patch
@@ -1,4 +1,4 @@
-From 354682ad8f71f62643dcd83f64b51b5979615a0c Mon Sep 17 00:00:00 2001
+From 68802ca536b01ab21cfa58e11ef332e30d9a3c5e Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 7 Dec 2015 23:39:54 +0000
Subject: [PATCH] handle sysroot support for nativesdk-gcc
@@ -46,10 +46,10 @@
8 files changed, 94 insertions(+), 72 deletions(-)
diff --git a/gcc/c-family/c-opts.c b/gcc/c-family/c-opts.c
-index 89e05a4c551..5577383665d 100644
+index 6f001e0bb6c..55ab07c278f 100644
--- a/gcc/c-family/c-opts.c
+++ b/gcc/c-family/c-opts.c
-@@ -1436,8 +1436,8 @@ add_prefixed_path (const char *suffix, incpath_kind chain)
+@@ -1438,8 +1438,8 @@ add_prefixed_path (const char *suffix, incpath_kind chain)
size_t prefix_len, suffix_len;
suffix_len = strlen (suffix);
@@ -378,7 +378,7 @@
subdirectory of the actual installation. */
extern const char *gcc_exec_prefix;
diff --git a/gcc/gcc.c b/gcc/gcc.c
-index 8737bae5353..aa6fbe43965 100644
+index bdee2671532..36e8af38630 100644
--- a/gcc/gcc.c
+++ b/gcc/gcc.c
@@ -252,6 +252,8 @@ FILE *report_times_to_file = NULL;
@@ -398,7 +398,7 @@
%S process STARTFILE_SPEC as a spec. A capital S is actually used here.
%E process ENDFILE_SPEC as a spec. A capital E is actually used here.
%C process CPP_SPEC as a spec.
-@@ -1621,10 +1624,10 @@ static const char *gcc_libexec_prefix;
+@@ -1620,10 +1623,10 @@ static const char *gcc_libexec_prefix;
gcc_exec_prefix is set because, in that case, we know where the
compiler has been installed, and use paths relative to that
location instead. */
@@ -413,7 +413,7 @@
/* For native compilers, these are well-known paths containing
components that may be provided by the system. For cross
-@@ -1632,9 +1635,9 @@ static const char *const standard_startfile_prefix = STANDARD_STARTFILE_PREFIX;
+@@ -1631,9 +1634,9 @@ static const char *const standard_startfile_prefix = STANDARD_STARTFILE_PREFIX;
static const char *md_exec_prefix = MD_EXEC_PREFIX;
static const char *md_startfile_prefix = MD_STARTFILE_PREFIX;
static const char *md_startfile_prefix_1 = MD_STARTFILE_PREFIX_1;
@@ -425,7 +425,7 @@
= STANDARD_STARTFILE_PREFIX_2;
/* A relative path to be used in finding the location of tools
-@@ -6564,6 +6567,11 @@ do_spec_1 (const char *spec, int inswitch, const char *soft_matched_part)
+@@ -6570,6 +6573,11 @@ do_spec_1 (const char *spec, int inswitch, const char *soft_matched_part)
}
break;
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0025-Search-target-sysroot-gcc-version-specific-dirs-with.patch b/poky/meta/recipes-devtools/gcc/gcc/0018-Search-target-sysroot-gcc-version-specific-dirs-with.patch
similarity index 93%
rename from poky/meta/recipes-devtools/gcc/gcc/0025-Search-target-sysroot-gcc-version-specific-dirs-with.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0018-Search-target-sysroot-gcc-version-specific-dirs-with.patch
index ff622b1..0f43e98 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0025-Search-target-sysroot-gcc-version-specific-dirs-with.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0018-Search-target-sysroot-gcc-version-specific-dirs-with.patch
@@ -1,4 +1,4 @@
-From c55e24459370ad96577496ecd87475e3a9de7dad Mon Sep 17 00:00:00 2001
+From 14291076874b133e7fb67ef1714b768a2c48ea44 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 7 Dec 2015 23:41:45 +0000
Subject: [PATCH] Search target sysroot gcc version specific dirs with
@@ -51,10 +51,10 @@
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/gcc/gcc.c b/gcc/gcc.c
-index aa6fbe43965..f8a71a13826 100644
+index 36e8af38630..d1faa788d60 100644
--- a/gcc/gcc.c
+++ b/gcc/gcc.c
-@@ -2811,7 +2811,7 @@ for_each_path (const struct path_prefix *paths,
+@@ -2810,7 +2810,7 @@ for_each_path (const struct path_prefix *paths,
if (path == NULL)
{
len = paths->max_len + extra_space + 1;
@@ -63,7 +63,7 @@
path = XNEWVEC (char, len);
}
-@@ -2823,6 +2823,33 @@ for_each_path (const struct path_prefix *paths,
+@@ -2822,6 +2822,33 @@ for_each_path (const struct path_prefix *paths,
/* Look first in MACHINE/VERSION subdirectory. */
if (!skip_multi_dir)
{
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch b/poky/meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch
new file mode 100644
index 0000000..76ebfd7
--- /dev/null
+++ b/poky/meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch
@@ -0,0 +1,25 @@
+From 9ec4db8e910d9a51ae43f6b20d4bf1dac2d8cca8 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 2 Feb 2016 10:26:10 -0800
+Subject: [PATCH] nios2: Define MUSL_DYNAMIC_LINKER
+
+Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=e5ddbbf992b909d8e38851bd3179d29389e6ac97]
+
+Signed-off-by: Marek Vasut <marex@denx.de>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ gcc/config/nios2/linux.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/gcc/config/nios2/linux.h b/gcc/config/nios2/linux.h
+index 08edf1521f6..15696d86241 100644
+--- a/gcc/config/nios2/linux.h
++++ b/gcc/config/nios2/linux.h
+@@ -30,6 +30,7 @@
+ #define CPP_SPEC "%{posix:-D_POSIX_SOURCE} %{pthread:-D_REENTRANT}"
+
+ #define GLIBC_DYNAMIC_LINKER "/lib/ld-linux-nios2.so.1"
++#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-nios2.so.1"
+
+ #undef LINK_SPEC
+ #define LINK_SPEC LINK_SPEC_ENDIAN \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0028-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch b/poky/meta/recipes-devtools/gcc/gcc/0020-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch
similarity index 84%
rename from poky/meta/recipes-devtools/gcc/gcc/0028-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0020-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch
index 9c616d2..b82fa44 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0028-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0020-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch
@@ -1,4 +1,4 @@
-From 745a2ac7825c73102b888226c54397d21512f86b Mon Sep 17 00:00:00 2001
+From af72a47a677ce98c08cb73444bdd741ca8e28422 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 27 Jun 2017 18:10:54 -0700
Subject: [PATCH] Add ssp_nonshared to link commandline for musl targets
@@ -22,9 +22,11 @@
gcc/config/rs6000/linux64.h | 10 ++++++++++
3 files changed, 27 insertions(+)
+diff --git a/gcc/config/linux.h b/gcc/config/linux.h
+index ba02c013e30..8fcaa0c9faf 100644
--- a/gcc/config/linux.h
+++ b/gcc/config/linux.h
-@@ -203,6 +203,13 @@ see the files COPYING3 and COPYING.RUNTI
+@@ -203,6 +203,13 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see
{ GCC_INCLUDE_DIRVAR, "GCC", 0, 1, 0, 0 }, \
{ 0, 0, 0, 0, 0, 0 } \
}
@@ -38,6 +40,8 @@
#endif
#if (DEFAULT_LIBC == LIBC_UCLIBC) && defined (SINGLE_LIBC) /* uClinux */
+diff --git a/gcc/config/rs6000/linux.h b/gcc/config/rs6000/linux.h
+index 47c9d9ac0b6..d065f88b377 100644
--- a/gcc/config/rs6000/linux.h
+++ b/gcc/config/rs6000/linux.h
@@ -94,6 +94,16 @@
@@ -57,6 +61,8 @@
#undef LINK_OS_LINUX_SPEC
#define LINK_OS_LINUX_SPEC LINK_OS_LINUX_EMUL " %{!shared: %{!static: \
%{!static-pie: \
+diff --git a/gcc/config/rs6000/linux64.h b/gcc/config/rs6000/linux64.h
+index a11e01faa3d..ce464f3626b 100644
--- a/gcc/config/rs6000/linux64.h
+++ b/gcc/config/rs6000/linux64.h
@@ -369,6 +369,16 @@ extern int dot_symbols;
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0029-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch b/poky/meta/recipes-devtools/gcc/gcc/0021-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch
similarity index 93%
rename from poky/meta/recipes-devtools/gcc/gcc/0029-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0021-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch
index b74aeb8..9b7c5c5 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0029-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0021-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch
@@ -1,4 +1,4 @@
-From 695adb4dffb23c6f5cbc757e05cf4187a2bd6528 Mon Sep 17 00:00:00 2001
+From 79a568dec47baa264eb6290fed3df3244450a92e Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 4 May 2016 21:11:34 -0700
Subject: [PATCH] Link libgcc using LDFLAGS, not just SHLIB_LDFLAGS
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0030-sync-gcc-stddef.h-with-musl.patch b/poky/meta/recipes-devtools/gcc/gcc/0022-sync-gcc-stddef.h-with-musl.patch
similarity index 97%
rename from poky/meta/recipes-devtools/gcc/gcc/0030-sync-gcc-stddef.h-with-musl.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0022-sync-gcc-stddef.h-with-musl.patch
index fd7d604..86fb22f 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0030-sync-gcc-stddef.h-with-musl.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0022-sync-gcc-stddef.h-with-musl.patch
@@ -1,4 +1,4 @@
-From a9173429ae256c4b4a3ab4d758a6adf42f8c4239 Mon Sep 17 00:00:00 2001
+From 07a06aa8e8285c1bb06d0bebeaa9ad04eb76f2e2 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 3 Feb 2017 12:56:00 -0800
Subject: [PATCH] sync gcc stddef.h with musl
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch b/poky/meta/recipes-devtools/gcc/gcc/0023-Re-introduce-spe-commandline-options.patch
similarity index 90%
rename from poky/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0023-Re-introduce-spe-commandline-options.patch
index 129f555..23cf02a 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0023-Re-introduce-spe-commandline-options.patch
@@ -1,4 +1,4 @@
-From 0b900d6410b7c1938e86eceb87b032fd538566a9 Mon Sep 17 00:00:00 2001
+From ca73043041c3c7aa86af9a3d4f316abc87eb3254 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 6 Jun 2018 12:10:22 -0700
Subject: [PATCH] Re-introduce spe commandline options
@@ -14,7 +14,7 @@
1 file changed, 13 insertions(+)
diff --git a/gcc/config/rs6000/rs6000.opt b/gcc/config/rs6000/rs6000.opt
-index 0dbdf753673..b273eb65c35 100644
+index 6b0a3e27529..1bd2e356ac9 100644
--- a/gcc/config/rs6000/rs6000.opt
+++ b/gcc/config/rs6000/rs6000.opt
@@ -352,6 +352,19 @@ mdebug=
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0034-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch b/poky/meta/recipes-devtools/gcc/gcc/0024-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch
similarity index 94%
rename from poky/meta/recipes-devtools/gcc/gcc/0034-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0024-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch
index 3f666dc..f915f28 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0034-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0024-libgcc_s-Use-alias-for-__cpu_indicator_init-instead-.patch
@@ -1,4 +1,4 @@
-From ea9154338cb3acbd75945fddde4202e73c20dd1a Mon Sep 17 00:00:00 2001
+From b3957bc1fd52ec427a1b71b10055905cab4bbc7c Mon Sep 17 00:00:00 2001
From: Szabolcs Nagy <nsz@port70.net>
Date: Sat, 24 Oct 2015 20:09:53 +0000
Subject: [PATCH] libgcc_s: Use alias for __cpu_indicator_init instead of
@@ -39,10 +39,10 @@
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/gcc/config/i386/i386-expand.c b/gcc/config/i386/i386-expand.c
-index ac69eed4d32..ffaa44a16fc 100644
+index 31eae75d277..ec7e858ec83 100644
--- a/gcc/config/i386/i386-expand.c
+++ b/gcc/config/i386/i386-expand.c
-@@ -11038,10 +11038,10 @@ ix86_expand_builtin (tree exp, rtx target, rtx subtarget,
+@@ -11066,10 +11066,10 @@ ix86_expand_builtin (tree exp, rtx target, rtx subtarget,
{
case IX86_BUILTIN_CPU_INIT:
{
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0035-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch b/poky/meta/recipes-devtools/gcc/gcc/0025-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch
similarity index 98%
rename from poky/meta/recipes-devtools/gcc/gcc/0035-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0025-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch
index 874cd77..f33193e 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0035-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0025-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch
@@ -1,4 +1,4 @@
-From 520411cf364ee4b0b5a8f0857498aaabd790afb3 Mon Sep 17 00:00:00 2001
+From 5fd90d243ae14034a4699443110070dafc0d4d30 Mon Sep 17 00:00:00 2001
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Tue, 10 Mar 2020 08:26:53 -0700
Subject: [PATCH] gentypes/genmodes: Do not use __LINE__ for maintaining
@@ -17,7 +17,7 @@
2 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/gcc/gengtype.c b/gcc/gengtype.c
-index 5f50242e857..cbaca9b8cd0 100644
+index 98d4626f87e..f602da8b501 100644
--- a/gcc/gengtype.c
+++ b/gcc/gengtype.c
@@ -991,7 +991,7 @@ create_field_at (pair_p next, type_p type, const char *name, options_p opt,
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch b/poky/meta/recipes-devtools/gcc/gcc/0026-mingw32-Enable-operation_not_supported.patch
similarity index 93%
rename from poky/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0026-mingw32-Enable-operation_not_supported.patch
index 3a7618c..b46bde1 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0026-mingw32-Enable-operation_not_supported.patch
@@ -1,4 +1,4 @@
-From 96d895c8d5dc895d24fe37aa2b4f201a2566b4cc Mon Sep 17 00:00:00 2001
+From 7bc34769f0b055e25286576e4ba6d211e8159834 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 12 May 2020 10:39:09 -0700
Subject: [PATCH] mingw32: Enable operation_not_supported
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0037-libatomic-Do-not-enforce-march-on-aarch64.patch b/poky/meta/recipes-devtools/gcc/gcc/0027-libatomic-Do-not-enforce-march-on-aarch64.patch
similarity index 85%
rename from poky/meta/recipes-devtools/gcc/gcc/0037-libatomic-Do-not-enforce-march-on-aarch64.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0027-libatomic-Do-not-enforce-march-on-aarch64.patch
index 4c9a79c..85b1251 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0037-libatomic-Do-not-enforce-march-on-aarch64.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0027-libatomic-Do-not-enforce-march-on-aarch64.patch
@@ -1,4 +1,4 @@
-From 36d4fdbc99e69f9d70a29e2bada40cc3c1534557 Mon Sep 17 00:00:00 2001
+From df1c63bbd7a520e8c6d0d0692b4d8bff56952394 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 13 May 2020 15:10:38 -0700
Subject: [PATCH] libatomic: Do not enforce march on aarch64
@@ -17,7 +17,7 @@
2 files changed, 2 deletions(-)
diff --git a/libatomic/Makefile.am b/libatomic/Makefile.am
-index 0f3cd6f7121..c8124c1d5aa 100644
+index ab8c2da24a1..f614a46b34d 100644
--- a/libatomic/Makefile.am
+++ b/libatomic/Makefile.am
@@ -125,7 +125,6 @@ libatomic_la_LIBADD = $(foreach s,$(SIZES),$(addsuffix _$(s)_.lo,$(SIZEOBJS)))
@@ -29,14 +29,14 @@
endif
if ARCH_ARM_LINUX
diff --git a/libatomic/Makefile.in b/libatomic/Makefile.in
-index 0a51bd55f01..6d5b1581706 100644
+index 80d25653dc7..7377689ab34 100644
--- a/libatomic/Makefile.in
+++ b/libatomic/Makefile.in
-@@ -432,7 +432,6 @@ M_SRC = $(firstword $(filter %/$(M_FILE), $(all_c_files)))
+@@ -434,7 +434,6 @@ M_SRC = $(firstword $(filter %/$(M_FILE), $(all_c_files)))
libatomic_la_LIBADD = $(foreach s,$(SIZES),$(addsuffix \
_$(s)_.lo,$(SIZEOBJS))) $(am__append_1) $(am__append_2) \
$(am__append_3) $(am__append_4)
-@ARCH_AARCH64_LINUX_TRUE@@HAVE_IFUNC_TRUE@IFUNC_OPTIONS = -march=armv8-a+lse
@ARCH_ARM_LINUX_TRUE@@HAVE_IFUNC_TRUE@IFUNC_OPTIONS = -march=armv7-a+fp -DHAVE_KERNEL64
@ARCH_I386_TRUE@@HAVE_IFUNC_TRUE@IFUNC_OPTIONS = -march=i586
- @ARCH_X86_64_TRUE@@HAVE_IFUNC_TRUE@IFUNC_OPTIONS = -mcx16
+ @ARCH_X86_64_TRUE@@HAVE_IFUNC_TRUE@IFUNC_OPTIONS = -mcx16 -mcx16
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0027-nios2-Define-MUSL_DYNAMIC_LINKER.patch b/poky/meta/recipes-devtools/gcc/gcc/0027-nios2-Define-MUSL_DYNAMIC_LINKER.patch
deleted file mode 100644
index 97c2713..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0027-nios2-Define-MUSL_DYNAMIC_LINKER.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Richard Purdie <richard.purdie@linuxfoundation.org>
-Subject: [PATCH 4/5] gcc/nios2: Define the musl linker
-
-Add a definition of the musl linker used on the nios2 platform.
-
-2021-10-26 Richard Purdie <richard.purdie@linuxfoundation.org>
-
-gcc/ChangeLog:
-
- * config/nios2/linux.h (MUSL_DYNAMIC_LINKER): Add musl linker
-
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-
-Submitted [https://gcc.gnu.org/pipermail/gcc-patches/2021-October/582723.html]
-Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=e5ddbbf992b909d8e38851bd3179d29389e6ac97]
----
- gcc/config/nios2/linux.h | 1 +
- 1 file changed, 1 insertion(+)
-
-Index: gcc-11.2.0/gcc/config/nios2/linux.h
-===================================================================
---- gcc-11.2.0.orig/gcc/config/nios2/linux.h
-+++ gcc-11.2.0/gcc/config/nios2/linux.h
-@@ -30,6 +30,7 @@
- #define CPP_SPEC "%{posix:-D_POSIX_SOURCE} %{pthread:-D_REENTRANT}"
-
- #define GLIBC_DYNAMIC_LINKER "/lib/ld-linux-nios2.so.1"
-+#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-nios2.so.1"
-
- #undef LINK_SPEC
- #define LINK_SPEC LINK_SPEC_ENDIAN \
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0041-apply-debug-prefix-maps-before-checksumming-DIEs.patch b/poky/meta/recipes-devtools/gcc/gcc/0028-debug-101473-apply-debug-prefix-maps-before-checksum.patch
similarity index 81%
rename from poky/meta/recipes-devtools/gcc/gcc/0041-apply-debug-prefix-maps-before-checksumming-DIEs.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0028-debug-101473-apply-debug-prefix-maps-before-checksum.patch
index c8dcd74..de06793 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0041-apply-debug-prefix-maps-before-checksumming-DIEs.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0028-debug-101473-apply-debug-prefix-maps-before-checksum.patch
@@ -1,7 +1,8 @@
-From 7cc2df084b7977653a9b59cbc34a9ad500ae619c Mon Sep 17 00:00:00 2001
+From 49008eeedc97014f44e12afe179d3785e4438372 Mon Sep 17 00:00:00 2001
From: Richard Biener <rguenther@suse.de>
Date: Tue, 20 Jul 2021 11:00:33 +0200
-Subject: [PATCH] debug/101473 - apply debug prefix maps before checksumming DIEs
+Subject: [PATCH] debug/101473 - apply debug prefix maps before checksumming
+ DIEs
The following makes sure to apply the debug prefix maps to filenames
before checksumming DIEs to create the global symbol for the CU DIE
@@ -36,10 +37,15 @@
this version of gcc.
Signed-off-by: Tony Battersby <tonyb@cybernetics.com>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
-diff -urpN a/gcc/dwarf2out.c b/gcc/dwarf2out.c
---- a/gcc/dwarf2out.c 2021-04-27 06:00:13.000000000 -0400
-+++ b/gcc/dwarf2out.c 2021-07-23 16:40:06.141886167 -0400
+ gcc/dwarf2out.c | 13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/gcc/dwarf2out.c b/gcc/dwarf2out.c
+index e5d3ce4966d..41ac3008507 100644
+--- a/gcc/dwarf2out.c
++++ b/gcc/dwarf2out.c
@@ -1283,6 +1283,7 @@ dwarf2out_switch_text_section (void)
/* Data about a single source file. */
@@ -48,7 +54,7 @@
const char * filename;
int emitted_number;
};
-@@ -12334,7 +12335,7 @@ file_name_acquire (dwarf_file_data **slo
+@@ -12335,7 +12336,7 @@ file_name_acquire (dwarf_file_data **slot, file_name_acquire_data *fnad)
fi = fnad->files + fnad->used_files++;
@@ -57,7 +63,7 @@
/* Skip all leading "./". */
while (f[0] == '.' && IS_DIR_SEPARATOR (f[1]))
-@@ -27231,13 +27232,13 @@ dwarf2out_ignore_block (const_tree block
+@@ -27259,13 +27260,13 @@ dwarf2out_ignore_block (const_tree block)
bool
dwarf_file_hasher::equal (dwarf_file_data *p1, const char *p2)
{
@@ -73,7 +79,7 @@
}
/* Lookup FILE_NAME (in the list of filenames that we know about here in
-@@ -27267,7 +27268,8 @@ lookup_filename (const char *file_name)
+@@ -27295,7 +27296,8 @@ lookup_filename (const char *file_name)
return *slot;
created = ggc_alloc<dwarf_file_data> ();
@@ -83,7 +89,7 @@
created->emitted_number = 0;
*slot = created;
return created;
-@@ -27293,8 +27295,7 @@ maybe_emit_file (struct dwarf_file_data
+@@ -27321,8 +27323,7 @@ maybe_emit_file (struct dwarf_file_data * fd)
if (output_asm_line_debug_info ())
{
fprintf (asm_out_file, "\t.file %u ", fd->emitted_number);
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0001-Fix-install-path-of-linux64.h.patch b/poky/meta/recipes-devtools/gcc/gcc/0029-Fix-install-path-of-linux64.h.patch
similarity index 82%
rename from poky/meta/recipes-devtools/gcc/gcc/0001-Fix-install-path-of-linux64.h.patch
rename to poky/meta/recipes-devtools/gcc/gcc/0029-Fix-install-path-of-linux64.h.patch
index 5bf895d..d7e156e 100644
--- a/poky/meta/recipes-devtools/gcc/gcc/0001-Fix-install-path-of-linux64.h.patch
+++ b/poky/meta/recipes-devtools/gcc/gcc/0029-Fix-install-path-of-linux64.h.patch
@@ -1,4 +1,4 @@
-From 58211c7ceb0510b2a11a7f1da3c7fa968c658749 Mon Sep 17 00:00:00 2001
+From 8a62cc0a64670e39f462c1dbbf82e04d2f03b89e Mon Sep 17 00:00:00 2001
From: Andrei Gherzan <andrei.gherzan@huawei.com>
Date: Wed, 22 Dec 2021 12:49:25 +0100
Subject: [PATCH] Fix install path of linux64.h
@@ -11,15 +11,16 @@
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Upstream-Status: Inappropriate [configuration]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
gcc/Makefile.in | 2 ++
1 file changed, 2 insertions(+)
diff --git a/gcc/Makefile.in b/gcc/Makefile.in
-index 9b17d120a..d175ec4e3 100644
+index 06eb0d27a28..a8678ca24ed 100644
--- a/gcc/Makefile.in
+++ b/gcc/Makefile.in
-@@ -3693,6 +3693,8 @@ install-plugin: installdirs lang.install-plugin s-header-vars install-gengtype
+@@ -3686,6 +3686,8 @@ install-plugin: installdirs lang.install-plugin s-header-vars install-gengtype
"$(srcdir)"/config/* | "$(srcdir)"/common/config/* \
| "$(srcdir)"/c-family/* | "$(srcdir)"/*.def ) \
base=`echo "$$path" | sed -e "s|$$srcdirstrip/||"`;; \
@@ -28,6 +29,3 @@
*) base=`basename $$path` ;; \
esac; \
dest=$(plugin_includedir)/$$base; \
---
-2.25.1
-
diff --git a/poky/meta/recipes-devtools/gcc/gcc/0042-Fix-thread-stack-size-init.patch b/poky/meta/recipes-devtools/gcc/gcc/0042-Fix-thread-stack-size-init.patch
deleted file mode 100644
index 3fb9ee9..0000000
--- a/poky/meta/recipes-devtools/gcc/gcc/0042-Fix-thread-stack-size-init.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-The patch is needed in order to support recent glibc (2.34).
-
-Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=91f8a7a34cf29ae7c465603a801326767f1cc7e9]
-
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-
----
---- a/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp 2022-03-15 07:59:54.515325204 -0700
-+++ b/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp 2022-03-15 08:01:45.919405931 -0700
-@@ -166,9 +166,10 @@
- #if !SANITIZER_GO
- // TODO(glider): different tools may require different altstack size.
- static uptr GetAltStackSize() {
-- // SIGSTKSZ is not enough.
-- static const uptr kAltStackSize = SIGSTKSZ * 4;
-- return kAltStackSize;
-+ // Note: since GLIBC_2.31, SIGSTKSZ may be a function call, so this may be
-+ // more costly that you think. However GetAltStackSize is only call 2-3 times
-+ // per thread so don't cache the evaluation.
-+ return SIGSTKSZ * 4;
- }
-
- void SetAlternateSignalStack() {
diff --git a/poky/meta/recipes-devtools/gcc/gcc_11.2.bb b/poky/meta/recipes-devtools/gcc/gcc_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/gcc_11.2.bb
rename to poky/meta/recipes-devtools/gcc/gcc_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/libgcc-initial_11.2.bb b/poky/meta/recipes-devtools/gcc/libgcc-initial_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/libgcc-initial_11.2.bb
rename to poky/meta/recipes-devtools/gcc/libgcc-initial_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/libgcc_11.2.bb b/poky/meta/recipes-devtools/gcc/libgcc_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/libgcc_11.2.bb
rename to poky/meta/recipes-devtools/gcc/libgcc_11.3.bb
diff --git a/poky/meta/recipes-devtools/gcc/libgfortran_11.2.bb b/poky/meta/recipes-devtools/gcc/libgfortran_11.3.bb
similarity index 100%
rename from poky/meta/recipes-devtools/gcc/libgfortran_11.2.bb
rename to poky/meta/recipes-devtools/gcc/libgfortran_11.3.bb
diff --git a/poky/meta/recipes-devtools/git/git_2.35.3.bb b/poky/meta/recipes-devtools/git/git_2.35.3.bb
index 68981d4..794045c 100644
--- a/poky/meta/recipes-devtools/git/git_2.35.3.bb
+++ b/poky/meta/recipes-devtools/git/git_2.35.3.bb
@@ -147,7 +147,7 @@
# git-tk package with gitk and git-gui
PACKAGES =+ "${PN}-tk"
-#RDEPENDS_${PN}-tk = "${PN} tk tcl"
+#RDEPENDS:${PN}-tk = "${PN} tk tcl"
#EXTRA_OEMAKE = "TCL_PATH=${STAGING_BINDIR_CROSS}/tclsh"
FILES:${PN}-tk = " \
${bindir}/gitk \
diff --git a/poky/meta/recipes-devtools/go/go-1.17.8.inc b/poky/meta/recipes-devtools/go/go-1.17.10.inc
similarity index 92%
rename from poky/meta/recipes-devtools/go/go-1.17.8.inc
rename to poky/meta/recipes-devtools/go/go-1.17.10.inc
index 649c09e..e71feb5 100644
--- a/poky/meta/recipes-devtools/go/go-1.17.8.inc
+++ b/poky/meta/recipes-devtools/go/go-1.17.10.inc
@@ -17,7 +17,7 @@
file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \
file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
"
-SRC_URI[main.sha256sum] = "2effcd898140da79a061f3784ca4f8d8b13d811fb2abe9dad2404442dabbdf7a"
+SRC_URI[main.sha256sum] = "299e55af30f15691b015d8dcf8ecae72412412569e5b2ece20361753a456f2f9"
# Upstream don't believe it is a signifiant real world issue and will only
# fix in 1.17 onwards where we can drop this.
diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.17.8.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.17.10.bb
similarity index 83%
rename from poky/meta/recipes-devtools/go/go-binary-native_1.17.8.bb
rename to poky/meta/recipes-devtools/go/go-binary-native_1.17.10.bb
index 1b85cd5..0f49ceb 100644
--- a/poky/meta/recipes-devtools/go/go-binary-native_1.17.8.bb
+++ b/poky/meta/recipes-devtools/go/go-binary-native_1.17.10.bb
@@ -8,8 +8,8 @@
PROVIDES = "go-native"
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "980e65a863377e69fd9b67df9d8395fd8e93858e7a24c9f55803421e453f4f99"
-SRC_URI[go_linux_arm64.sha256sum] = "57a9171682e297df1a5bd287be056ed0280195ad079af90af16dcad4f64710cb"
+SRC_URI[go_linux_amd64.sha256sum] = "87fc728c9c731e2f74e4a999ef53cf07302d7ed3504b0839027bd9c10edaa3fd"
+SRC_URI[go_linux_arm64.sha256sum] = "649141201efa7195403eb1301b95dc79c5b3e65968986a391da1370521701b0c"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.8.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-cross-canadian_1.17.8.bb
rename to poky/meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-cross_1.17.8.bb b/poky/meta/recipes-devtools/go/go-cross_1.17.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-cross_1.17.8.bb
rename to poky/meta/recipes-devtools/go/go-cross_1.17.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.17.8.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.17.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-crosssdk_1.17.8.bb
rename to poky/meta/recipes-devtools/go/go-crosssdk_1.17.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-native_1.17.8.bb b/poky/meta/recipes-devtools/go/go-native_1.17.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-native_1.17.8.bb
rename to poky/meta/recipes-devtools/go/go-native_1.17.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.17.8.bb b/poky/meta/recipes-devtools/go/go-runtime_1.17.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-runtime_1.17.8.bb
rename to poky/meta/recipes-devtools/go/go-runtime_1.17.10.bb
diff --git a/poky/meta/recipes-devtools/go/go_1.17.8.bb b/poky/meta/recipes-devtools/go/go_1.17.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go_1.17.8.bb
rename to poky/meta/recipes-devtools/go/go_1.17.10.bb
diff --git a/poky/meta/recipes-devtools/librepo/librepo_1.14.2.bb b/poky/meta/recipes-devtools/librepo/librepo_1.14.3.bb
similarity index 94%
rename from poky/meta/recipes-devtools/librepo/librepo_1.14.2.bb
rename to poky/meta/recipes-devtools/librepo/librepo_1.14.3.bb
index 8dece94..2c8e592 100644
--- a/poky/meta/recipes-devtools/librepo/librepo_1.14.2.bb
+++ b/poky/meta/recipes-devtools/librepo/librepo_1.14.3.bb
@@ -10,7 +10,7 @@
file://0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch \
"
-SRCREV = "3b9a8d17188ba602d139f79b6e61305030f21109"
+SRCREV = "8fc7950795282d9c7c50071f45973006de5594ab"
S = "${WORKDIR}/git"
diff --git a/poky/meta/recipes-devtools/lua/lua/lua.pc.in b/poky/meta/recipes-devtools/lua/lua/lua.pc.in
index c27e86e..1fc288c 100644
--- a/poky/meta/recipes-devtools/lua/lua/lua.pc.in
+++ b/poky/meta/recipes-devtools/lua/lua/lua.pc.in
@@ -1,6 +1,5 @@
-prefix=/usr
-libdir=${prefix}/lib
-includedir=${prefix}/include
+libdir=@LIBDIR@
+includedir=@INCLUDEDIR@
Name: Lua
Description: Lua language engine
diff --git a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb
index d704841..6f2cea5 100644
--- a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb
+++ b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb
@@ -45,7 +45,7 @@
install
install -d ${D}${libdir}/pkgconfig
- sed -e s/@VERSION@/${PV}/ ${WORKDIR}/lua.pc.in > ${WORKDIR}/lua.pc
+ sed -e s/@VERSION@/${PV}/ -e s#@LIBDIR@#${libdir}# -e s#@INCLUDEDIR@#${includedir}# ${WORKDIR}/lua.pc.in > ${WORKDIR}/lua.pc
install -m 0644 ${WORKDIR}/lua.pc ${D}${libdir}/pkgconfig/
rmdir ${D}${datadir}/lua/5.4
rmdir ${D}${datadir}/lua
diff --git a/poky/meta/recipes-devtools/makedevs/makedevs/COPYING.patch b/poky/meta/recipes-devtools/makedevs/makedevs/COPYING.patch
deleted file mode 100644
index 3a8902b..0000000
--- a/poky/meta/recipes-devtools/makedevs/makedevs/COPYING.patch
+++ /dev/null
@@ -1,346 +0,0 @@
-Upstream-Status: Inappropriate [licensing]
-
-diff -ruN makedevs-1.0.0-orig/COPYING makedevs-1.0.0/COPYING
---- makedevs-1.0.0-orig/COPYING 1970-01-01 08:00:00.000000000 +0800
-+++ makedevs-1.0.0/COPYING 2010-12-09 16:42:20.274984665 +0800
-@@ -0,0 +1,340 @@
-+ GNU GENERAL PUBLIC LICENSE
-+ Version 2, June 1991
-+
-+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-+ 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-+ Everyone is permitted to copy and distribute verbatim copies
-+ of this license document, but changing it is not allowed.
-+
-+ Preamble
-+
-+ The licenses for most software are designed to take away your
-+freedom to share and change it. By contrast, the GNU General Public
-+License is intended to guarantee your freedom to share and change free
-+software--to make sure the software is free for all its users. This
-+General Public License applies to most of the Free Software
-+Foundation's software and to any other program whose authors commit to
-+using it. (Some other Free Software Foundation software is covered by
-+the GNU Library General Public License instead.) You can apply it to
-+your programs, too.
-+
-+ When we speak of free software, we are referring to freedom, not
-+price. Our General Public Licenses are designed to make sure that you
-+have the freedom to distribute copies of free software (and charge for
-+this service if you wish), that you receive source code or can get it
-+if you want it, that you can change the software or use pieces of it
-+in new free programs; and that you know you can do these things.
-+
-+ To protect your rights, we need to make restrictions that forbid
-+anyone to deny you these rights or to ask you to surrender the rights.
-+These restrictions translate to certain responsibilities for you if you
-+distribute copies of the software, or if you modify it.
-+
-+ For example, if you distribute copies of such a program, whether
-+gratis or for a fee, you must give the recipients all the rights that
-+you have. You must make sure that they, too, receive or can get the
-+source code. And you must show them these terms so they know their
-+rights.
-+
-+ We protect your rights with two steps: (1) copyright the software, and
-+(2) offer you this license which gives you legal permission to copy,
-+distribute and/or modify the software.
-+
-+ Also, for each author's protection and ours, we want to make certain
-+that everyone understands that there is no warranty for this free
-+software. If the software is modified by someone else and passed on, we
-+want its recipients to know that what they have is not the original, so
-+that any problems introduced by others will not reflect on the original
-+authors' reputations.
-+
-+ Finally, any free program is threatened constantly by software
-+patents. We wish to avoid the danger that redistributors of a free
-+program will individually obtain patent licenses, in effect making the
-+program proprietary. To prevent this, we have made it clear that any
-+patent must be licensed for everyone's free use or not licensed at all.
-+
-+ The precise terms and conditions for copying, distribution and
-+modification follow.
-+�
-+ GNU GENERAL PUBLIC LICENSE
-+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-+
-+ 0. This License applies to any program or other work which contains
-+a notice placed by the copyright holder saying it may be distributed
-+under the terms of this General Public License. The "Program", below,
-+refers to any such program or work, and a "work based on the Program"
-+means either the Program or any derivative work under copyright law:
-+that is to say, a work containing the Program or a portion of it,
-+either verbatim or with modifications and/or translated into another
-+language. (Hereinafter, translation is included without limitation in
-+the term "modification".) Each licensee is addressed as "you".
-+
-+Activities other than copying, distribution and modification are not
-+covered by this License; they are outside its scope. The act of
-+running the Program is not restricted, and the output from the Program
-+is covered only if its contents constitute a work based on the
-+Program (independent of having been made by running the Program).
-+Whether that is true depends on what the Program does.
-+
-+ 1. You may copy and distribute verbatim copies of the Program's
-+source code as you receive it, in any medium, provided that you
-+conspicuously and appropriately publish on each copy an appropriate
-+copyright notice and disclaimer of warranty; keep intact all the
-+notices that refer to this License and to the absence of any warranty;
-+and give any other recipients of the Program a copy of this License
-+along with the Program.
-+
-+You may charge a fee for the physical act of transferring a copy, and
-+you may at your option offer warranty protection in exchange for a fee.
-+
-+ 2. You may modify your copy or copies of the Program or any portion
-+of it, thus forming a work based on the Program, and copy and
-+distribute such modifications or work under the terms of Section 1
-+above, provided that you also meet all of these conditions:
-+
-+ a) You must cause the modified files to carry prominent notices
-+ stating that you changed the files and the date of any change.
-+
-+ b) You must cause any work that you distribute or publish, that in
-+ whole or in part contains or is derived from the Program or any
-+ part thereof, to be licensed as a whole at no charge to all third
-+ parties under the terms of this License.
-+
-+ c) If the modified program normally reads commands interactively
-+ when run, you must cause it, when started running for such
-+ interactive use in the most ordinary way, to print or display an
-+ announcement including an appropriate copyright notice and a
-+ notice that there is no warranty (or else, saying that you provide
-+ a warranty) and that users may redistribute the program under
-+ these conditions, and telling the user how to view a copy of this
-+ License. (Exception: if the Program itself is interactive but
-+ does not normally print such an announcement, your work based on
-+ the Program is not required to print an announcement.)
-+�
-+These requirements apply to the modified work as a whole. If
-+identifiable sections of that work are not derived from the Program,
-+and can be reasonably considered independent and separate works in
-+themselves, then this License, and its terms, do not apply to those
-+sections when you distribute them as separate works. But when you
-+distribute the same sections as part of a whole which is a work based
-+on the Program, the distribution of the whole must be on the terms of
-+this License, whose permissions for other licensees extend to the
-+entire whole, and thus to each and every part regardless of who wrote it.
-+
-+Thus, it is not the intent of this section to claim rights or contest
-+your rights to work written entirely by you; rather, the intent is to
-+exercise the right to control the distribution of derivative or
-+collective works based on the Program.
-+
-+In addition, mere aggregation of another work not based on the Program
-+with the Program (or with a work based on the Program) on a volume of
-+a storage or distribution medium does not bring the other work under
-+the scope of this License.
-+
-+ 3. You may copy and distribute the Program (or a work based on it,
-+under Section 2) in object code or executable form under the terms of
-+Sections 1 and 2 above provided that you also do one of the following:
-+
-+ a) Accompany it with the complete corresponding machine-readable
-+ source code, which must be distributed under the terms of Sections
-+ 1 and 2 above on a medium customarily used for software interchange; or,
-+
-+ b) Accompany it with a written offer, valid for at least three
-+ years, to give any third party, for a charge no more than your
-+ cost of physically performing source distribution, a complete
-+ machine-readable copy of the corresponding source code, to be
-+ distributed under the terms of Sections 1 and 2 above on a medium
-+ customarily used for software interchange; or,
-+
-+ c) Accompany it with the information you received as to the offer
-+ to distribute corresponding source code. (This alternative is
-+ allowed only for noncommercial distribution and only if you
-+ received the program in object code or executable form with such
-+ an offer, in accord with Subsection b above.)
-+
-+The source code for a work means the preferred form of the work for
-+making modifications to it. For an executable work, complete source
-+code means all the source code for all modules it contains, plus any
-+associated interface definition files, plus the scripts used to
-+control compilation and installation of the executable. However, as a
-+special exception, the source code distributed need not include
-+anything that is normally distributed (in either source or binary
-+form) with the major components (compiler, kernel, and so on) of the
-+operating system on which the executable runs, unless that component
-+itself accompanies the executable.
-+
-+If distribution of executable or object code is made by offering
-+access to copy from a designated place, then offering equivalent
-+access to copy the source code from the same place counts as
-+distribution of the source code, even though third parties are not
-+compelled to copy the source along with the object code.
-+�
-+ 4. You may not copy, modify, sublicense, or distribute the Program
-+except as expressly provided under this License. Any attempt
-+otherwise to copy, modify, sublicense or distribute the Program is
-+void, and will automatically terminate your rights under this License.
-+However, parties who have received copies, or rights, from you under
-+this License will not have their licenses terminated so long as such
-+parties remain in full compliance.
-+
-+ 5. You are not required to accept this License, since you have not
-+signed it. However, nothing else grants you permission to modify or
-+distribute the Program or its derivative works. These actions are
-+prohibited by law if you do not accept this License. Therefore, by
-+modifying or distributing the Program (or any work based on the
-+Program), you indicate your acceptance of this License to do so, and
-+all its terms and conditions for copying, distributing or modifying
-+the Program or works based on it.
-+
-+ 6. Each time you redistribute the Program (or any work based on the
-+Program), the recipient automatically receives a license from the
-+original licensor to copy, distribute or modify the Program subject to
-+these terms and conditions. You may not impose any further
-+restrictions on the recipients' exercise of the rights granted herein.
-+You are not responsible for enforcing compliance by third parties to
-+this License.
-+
-+ 7. If, as a consequence of a court judgment or allegation of patent
-+infringement or for any other reason (not limited to patent issues),
-+conditions are imposed on you (whether by court order, agreement or
-+otherwise) that contradict the conditions of this License, they do not
-+excuse you from the conditions of this License. If you cannot
-+distribute so as to satisfy simultaneously your obligations under this
-+License and any other pertinent obligations, then as a consequence you
-+may not distribute the Program at all. For example, if a patent
-+license would not permit royalty-free redistribution of the Program by
-+all those who receive copies directly or indirectly through you, then
-+the only way you could satisfy both it and this License would be to
-+refrain entirely from distribution of the Program.
-+
-+If any portion of this section is held invalid or unenforceable under
-+any particular circumstance, the balance of the section is intended to
-+apply and the section as a whole is intended to apply in other
-+circumstances.
-+
-+It is not the purpose of this section to induce you to infringe any
-+patents or other property right claims or to contest validity of any
-+such claims; this section has the sole purpose of protecting the
-+integrity of the free software distribution system, which is
-+implemented by public license practices. Many people have made
-+generous contributions to the wide range of software distributed
-+through that system in reliance on consistent application of that
-+system; it is up to the author/donor to decide if he or she is willing
-+to distribute software through any other system and a licensee cannot
-+impose that choice.
-+
-+This section is intended to make thoroughly clear what is believed to
-+be a consequence of the rest of this License.
-+�
-+ 8. If the distribution and/or use of the Program is restricted in
-+certain countries either by patents or by copyrighted interfaces, the
-+original copyright holder who places the Program under this License
-+may add an explicit geographical distribution limitation excluding
-+those countries, so that distribution is permitted only in or among
-+countries not thus excluded. In such case, this License incorporates
-+the limitation as if written in the body of this License.
-+
-+ 9. The Free Software Foundation may publish revised and/or new versions
-+of the General Public License from time to time. Such new versions will
-+be similar in spirit to the present version, but may differ in detail to
-+address new problems or concerns.
-+
-+Each version is given a distinguishing version number. If the Program
-+specifies a version number of this License which applies to it and "any
-+later version", you have the option of following the terms and conditions
-+either of that version or of any later version published by the Free
-+Software Foundation. If the Program does not specify a version number of
-+this License, you may choose any version ever published by the Free Software
-+Foundation.
-+
-+ 10. If you wish to incorporate parts of the Program into other free
-+programs whose distribution conditions are different, write to the author
-+to ask for permission. For software which is copyrighted by the Free
-+Software Foundation, write to the Free Software Foundation; we sometimes
-+make exceptions for this. Our decision will be guided by the two goals
-+of preserving the free status of all derivatives of our free software and
-+of promoting the sharing and reuse of software generally.
-+
-+ NO WARRANTY
-+
-+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
-+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
-+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
-+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-+REPAIR OR CORRECTION.
-+
-+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-+POSSIBILITY OF SUCH DAMAGES.
-+
-+ END OF TERMS AND CONDITIONS
-+�
-+ How to Apply These Terms to Your New Programs
-+
-+ If you develop a new program, and you want it to be of the greatest
-+possible use to the public, the best way to achieve this is to make it
-+free software which everyone can redistribute and change under these terms.
-+
-+ To do so, attach the following notices to the program. It is safest
-+to attach them to the start of each source file to most effectively
-+convey the exclusion of warranty; and each file should have at least
-+the "copyright" line and a pointer to where the full notice is found.
-+
-+ <one line to give the program's name and a brief idea of what it does.>
-+ Copyright (C) <year> <name of author>
-+
-+ This program is free software; you can redistribute it and/or modify
-+ it under the terms of the GNU General Public License as published by
-+ the Free Software Foundation; either version 2 of the License, or
-+ (at your option) any later version.
-+
-+ This program is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ GNU General Public License for more details.
-+
-+ You should have received a copy of the GNU General Public License
-+ along with this program; if not, write to the Free Software
-+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-+
-+
-+Also add information on how to contact you by electronic and paper mail.
-+
-+If the program is interactive, make it output a short notice like this
-+when it starts in an interactive mode:
-+
-+ Gnomovision version 69, Copyright (C) year name of author
-+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-+ This is free software, and you are welcome to redistribute it
-+ under certain conditions; type `show c' for details.
-+
-+The hypothetical commands `show w' and `show c' should show the appropriate
-+parts of the General Public License. Of course, the commands you use may
-+be called something other than `show w' and `show c'; they could even be
-+mouse-clicks or menu items--whatever suits your program.
-+
-+You should also get your employer (if you work as a programmer) or your
-+school, if any, to sign a "copyright disclaimer" for the program, if
-+necessary. Here is a sample; alter the names:
-+
-+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
-+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
-+
-+ <signature of Ty Coon>, 1 April 1989
-+ Ty Coon, President of Vice
-+
-+This General Public License does not permit incorporating your program into
-+proprietary programs. If your program is a subroutine library, you may
-+consider it more useful to permit linking proprietary applications with the
-+library. If this is what you want to do, use the GNU Library General
-+Public License instead of this License.
diff --git a/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c b/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c
index 32b9872..df2e3cf 100644
--- a/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c
+++ b/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c
@@ -1,3 +1,7 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-only
+ */
+
#define _GNU_SOURCE
#include <stdio.h>
#include <errno.h>
diff --git a/poky/meta/recipes-devtools/makedevs/makedevs_1.0.1.bb b/poky/meta/recipes-devtools/makedevs/makedevs_1.0.1.bb
index 007ebbc..0d6c7a0 100644
--- a/poky/meta/recipes-devtools/makedevs/makedevs_1.0.1.bb
+++ b/poky/meta/recipes-devtools/makedevs/makedevs_1.0.1.bb
@@ -1,10 +1,9 @@
SUMMARY = "Tool for creating device nodes"
DESCRIPTION = "${SUMMARY}"
LICENSE = "GPL-2.0-only"
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+LIC_FILES_CHKSUM = "file://makedevs.c;beginline=2;endline=2;md5=c3817b10013a30076c68a90e40a55570"
SECTION = "base"
-SRC_URI = "file://makedevs.c \
- file://COPYING.patch"
+SRC_URI = "file://makedevs.c"
S = "${WORKDIR}"
diff --git a/poky/meta/recipes-devtools/mmc/mmc-utils_git.bb b/poky/meta/recipes-devtools/mmc/mmc-utils_git.bb
index addefe9..3e611d1 100644
--- a/poky/meta/recipes-devtools/mmc/mmc-utils_git.bb
+++ b/poky/meta/recipes-devtools/mmc/mmc-utils_git.bb
@@ -5,7 +5,7 @@
LIC_FILES_CHKSUM = "file://mmc.c;beginline=1;endline=20;md5=fae32792e20f4d27ade1c5a762d16b7d"
SRCBRANCH ?= "master"
-SRCREV = "4303889c8bd9a2357587eb6ebacecb70098a264d"
+SRCREV = "b7e4d5a6ae9942d26a11de9b05ae7d52c0802802"
PV = "0.1+git${SRCPV}"
diff --git a/poky/meta/recipes-devtools/perl/files/0001-Fix-build-with-gcc-12.patch b/poky/meta/recipes-devtools/perl/files/0001-Fix-build-with-gcc-12.patch
new file mode 100644
index 0000000..1d98e13
--- /dev/null
+++ b/poky/meta/recipes-devtools/perl/files/0001-Fix-build-with-gcc-12.patch
@@ -0,0 +1,143 @@
+From ee957eb9e4ec29a462cdbb2f3bbe29d4270534ef Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@windriver.com>
+Date: Thu, 2 Jun 2022 13:01:37 +0800
+Subject: [PATCH] proto.h: Fix build with gcc-12
+
+Fixes:
+ In function 'dynprep',
+ inlined from 'S_sortsv_flags_impl' at pp_sort.c:358:20,
+ inlined from 'sortsv_amagic_i_ncmp' at pp_sort.c:572:5:
+ pp_sort.c:1232:1: error: inlining failed in call to 'always_inline' 'S_amagic_i_ncmp': function not considered for inlining
+ 1232 | S_amagic_i_ncmp(pTHX_ SV *const a, SV *const b)
+
+Upstream-Status: Submitted [https://github.com/Perl/perl5/pull/19808]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ proto.h | 42 ++++++++++++++----------------------------
+ 1 file changed, 14 insertions(+), 28 deletions(-)
+
+diff --git a/proto.h b/proto.h
+index faca6d1..3a76c04 100644
+--- a/proto.h
++++ b/proto.h
+@@ -5606,50 +5606,43 @@ STATIC SSize_t S_unpack_rec(pTHX_ struct tempsym* symptr, const char *s, const c
+ #endif
+ #if defined(PERL_IN_PP_SORT_C)
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp(pTHX_ SV *const str1, SV *const str2)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp(pTHX_ SV *const str1, SV *const str2);
+ #define PERL_ARGS_ASSERT_AMAGIC_CMP \
+ assert(str1); assert(str2)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp_desc(pTHX_ SV *const str1, SV *const str2)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp_desc(pTHX_ SV *const str1, SV *const str2);
+ #define PERL_ARGS_ASSERT_AMAGIC_CMP_DESC \
+ assert(str1); assert(str2)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_i_ncmp(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_i_ncmp(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_AMAGIC_I_NCMP \
+ assert(a); assert(b)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_i_ncmp_desc(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_i_ncmp_desc(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_AMAGIC_I_NCMP_DESC \
+ assert(a); assert(b)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_ncmp(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_ncmp(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_AMAGIC_NCMP \
+ assert(a); assert(b)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_ncmp_desc(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_ncmp_desc(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_AMAGIC_NCMP_DESC \
+ assert(a); assert(b)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_cmp_desc(pTHX_ SV *const str1, SV *const str2)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_cmp_desc(pTHX_ SV *const str1, SV *const str2);
+ #define PERL_ARGS_ASSERT_CMP_DESC \
+ assert(str1); assert(str2)
+ #endif
+@@ -5671,51 +5664,44 @@ PERL_STATIC_FORCE_INLINE void S_sortsv_flags_impl(pTHX_ SV** array, size_t num_e
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_sv_i_ncmp(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_sv_i_ncmp(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_SV_I_NCMP \
+ assert(a); assert(b)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_sv_i_ncmp_desc(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_sv_i_ncmp_desc(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_SV_I_NCMP_DESC \
+ assert(a); assert(b)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_sv_ncmp(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_sv_ncmp(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_SV_NCMP \
+ assert(a); assert(b)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_sv_ncmp_desc(pTHX_ SV *const a, SV *const b)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_sv_ncmp_desc(pTHX_ SV *const a, SV *const b);
+ #define PERL_ARGS_ASSERT_SV_NCMP_DESC \
+ assert(a); assert(b)
+ #endif
+
+ # if defined(USE_LOCALE_COLLATE)
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp_locale(pTHX_ SV *const str1, SV *const str2)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp_locale(pTHX_ SV *const str1, SV *const str2);
+ #define PERL_ARGS_ASSERT_AMAGIC_CMP_LOCALE \
+ assert(str1); assert(str2)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp_locale_desc(pTHX_ SV *const str1, SV *const str2)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_amagic_cmp_locale_desc(pTHX_ SV *const str1, SV *const str2);
+ #define PERL_ARGS_ASSERT_AMAGIC_CMP_LOCALE_DESC \
+ assert(str1); assert(str2)
+ #endif
+
+ #ifndef PERL_NO_INLINE_FUNCTIONS
+-PERL_STATIC_FORCE_INLINE I32 S_cmp_locale_desc(pTHX_ SV *const str1, SV *const str2)
+- __attribute__always_inline__;
++PERL_STATIC_FORCE_INLINE I32 S_cmp_locale_desc(pTHX_ SV *const str1, SV *const str2);
+ #define PERL_ARGS_ASSERT_CMP_LOCALE_DESC \
+ assert(str1); assert(str2)
+ #endif
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/perl/liberror-perl_0.17029.bb b/poky/meta/recipes-devtools/perl/liberror-perl_0.17029.bb
index 497f480..67e5811 100644
--- a/poky/meta/recipes-devtools/perl/liberror-perl_0.17029.bb
+++ b/poky/meta/recipes-devtools/perl/liberror-perl_0.17029.bb
@@ -9,6 +9,10 @@
LIC_FILES_CHKSUM = "file://LICENSE;md5=8f3499d09ee74a050c0319391ff9d100"
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
+
DEPENDS += "perl"
RDEPENDS:${PN} += " \
diff --git a/poky/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb b/poky/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb
index e2c79d9..881d5e6 100644
--- a/poky/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb
+++ b/poky/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb
@@ -37,6 +37,7 @@
do_install:append () {
rm -rf ${D}${docdir}/perl/html
+ sed -i "s:^#!.*:#!/usr/bin/env perl:" ${D}${bindir}/config_data
}
do_install_ptest() {
diff --git a/poky/meta/recipes-devtools/perl/perl-ptest.inc b/poky/meta/recipes-devtools/perl/perl-ptest.inc
index 54c7807..c233fab 100644
--- a/poky/meta/recipes-devtools/perl/perl-ptest.inc
+++ b/poky/meta/recipes-devtools/perl/perl-ptest.inc
@@ -10,12 +10,12 @@
sed -e "s:\/usr\/local:${bindir}:g" -i cpan/version/t/*
sed -e "s:\/opt:\/usr:" -i Porting/add-package.pl
sed -e "s:\/local\/gnu\/:\/:" -i hints/cxux.sh
- tar -c --exclude=try --exclude=a.out --exclude='*.o' --exclude=libperl.so* --exclude=Makefile --exclude=makefile --exclude=hostperl \
+ tar -c --exclude=try --exclude=a.out --exclude='*.o' --exclude=libperl.so* --exclude=[Mm]akefile --exclude=hostperl \
--exclude=cygwin --exclude=os2 --exclude=djgpp --exclude=qnx --exclude=symbian --exclude=haiku \
--exclude=vms --exclude=vos --exclude=NetWare --exclude=amigaos4 --exclude=buildcustomize.pl \
--exclude='win32/config.*' --exclude=plan9 --exclude=README.plan9 --exclude=perlplan9.pod --exclude=Configure \
--exclude=veryclean.sh --exclude=realclean.sh --exclude=getioctlsizes \
- --exclude=dl_aix.xs --exclude=sdbm.3 --exclude='cflags.SH' --exclude=makefile.old \
+ --exclude=dl_aix.xs --exclude=sdbm.3 --exclude='cflags.SH' --exclude=[Mm]akefile.old \
--exclude=miniperl --exclude=generate_uudmap --exclude=patches --exclude='config.log' * | ( cd ${D}${PTEST_PATH} && tar -x )
ln -sf ${bindir}/perl ${D}${PTEST_PATH}/t/perl
diff --git a/poky/meta/recipes-devtools/perl/perl_5.34.1.bb b/poky/meta/recipes-devtools/perl/perl_5.34.1.bb
index 0e9d0c0..42bcb8b 100644
--- a/poky/meta/recipes-devtools/perl/perl_5.34.1.bb
+++ b/poky/meta/recipes-devtools/perl/perl_5.34.1.bb
@@ -17,6 +17,7 @@
file://0002-Constant-Fix-up-shebang.patch \
file://determinism.patch \
file://0001-cpan-Sys-Syslog-Makefile.PL-Fix-_PATH_LOG-for-determ.patch \
+ file://0001-Fix-build-with-gcc-12.patch \
"
SRC_URI:append:class-native = " \
file://perl-configpm-switch.patch \
@@ -32,6 +33,8 @@
inherit upstream-version-is-even update-alternatives
DEPENDS += "perlcross-native zlib virtual/crypt"
+# make 4.1 has race issues with the double-colon usage of MakeMaker, see #14096
+DEPENDS += "make-native"
PERL_LIB_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}.0"
diff --git a/poky/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch b/poky/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
new file mode 100644
index 0000000..921da8d
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
@@ -0,0 +1,33 @@
+From f0c9dec63d452a7cd1e15ea653f4aced281f021c Mon Sep 17 00:00:00 2001
+From: Paulo Neves <ptsneves@gmail.com>
+Date: Tue, 7 Jun 2022 16:16:41 +0200
+Subject: [PATCH 1/1] Avoid shebang overflow on python-config.py
+
+The whole native path may be too big, leading to shebang
+overflow. Let's just use the env shebang.
+
+Denial reason: [1]
+
+Upstream-Status: Denied [distribution]
+
+[1] https://github.com/python/cpython/pull/93760#pullrequestreview-1005365737
+---
+ Makefile.pre.in | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/Makefile.pre.in b/Makefile.pre.in
+index f0aedb76cb58999427804255da56fa53284d7032..dd88e43114730f7681715777cc76dabb31113176 100644
+--- a/Makefile.pre.in
++++ b/Makefile.pre.in
+@@ -1638,6 +1638,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
+ @ # Substitution happens here, as the completely-expanded BINDIR
+ @ # is not available in configure
+ sed -e "s,@EXENAME@,$(BINDIR)/python$(LDVERSION)$(EXE)," < $(srcdir)/Misc/python-config.in >python-config.py
++ @ # Otherwise we might get huge shebangs with native paths
++ sed -i -e '1s|^#!.*|#!/usr/bin/env python3|' python-config.py
+ @ # Replace makefile compat. variable references with shell script compat. ones; $(VAR) -> ${VAR}
+ LC_ALL=C sed -e 's,\$$(\([A-Za-z0-9_]*\)),\$$\{\1\},g' < Misc/python-config.sh >python-config
+ @ # In OpenEmbedded, always use the python version of the script, the shell
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch b/poky/meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch
new file mode 100644
index 0000000..6a58c35
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch
@@ -0,0 +1,54 @@
+From 178a238f25ab8aff7689d7a09d66dc1583ecd6cb Mon Sep 17 00:00:00 2001
+From: "Miss Islington (bot)"
+ <31488909+miss-islington@users.noreply.github.com>
+Date: Wed, 4 May 2022 03:23:29 -0700
+Subject: [PATCH 01/40] gh-92036: Fix gc_fini_untrack() (GH-92037)
+
+Fix a crash in subinterpreters related to the garbage collector. When
+a subinterpreter is deleted, untrack all objects tracked by its GC.
+To prevent a crash in deallocator functions expecting objects to be
+tracked by the GC, leak a strong reference to these objects on
+purpose, so they are never deleted and their deallocator functions
+are not called.
+(cherry picked from commit 14243369b5f80613628a565c224bba7fb3fcacd8)
+
+Co-authored-by: Victor Stinner <vstinner@python.org>
+
+Upstream-Status: Backport
+---
+ .../2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst | 5 +++++
+ Modules/gcmodule.c | 6 ++++++
+ 2 files changed, 11 insertions(+)
+ create mode 100644 Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst
+
+diff --git a/Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst b/Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst
+new file mode 100644
+index 0000000000..78094c5e4f
+--- /dev/null
++++ b/Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst
+@@ -0,0 +1,5 @@
++Fix a crash in subinterpreters related to the garbage collector. When a
++subinterpreter is deleted, untrack all objects tracked by its GC. To prevent a
++crash in deallocator functions expecting objects to be tracked by the GC, leak
++a strong reference to these objects on purpose, so they are never deleted and
++their deallocator functions are not called. Patch by Victor Stinner.
+diff --git a/Modules/gcmodule.c b/Modules/gcmodule.c
+index 805a159d53..43ae6fa98b 100644
+--- a/Modules/gcmodule.c
++++ b/Modules/gcmodule.c
+@@ -2170,6 +2170,12 @@ gc_fini_untrack(PyGC_Head *list)
+ for (gc = GC_NEXT(list); gc != list; gc = GC_NEXT(list)) {
+ PyObject *op = FROM_GC(gc);
+ _PyObject_GC_UNTRACK(op);
++ // gh-92036: If a deallocator function expect the object to be tracked
++ // by the GC (ex: func_dealloc()), it can crash if called on an object
++ // which is no longer tracked by the GC. Leak one strong reference on
++ // purpose so the object is never deleted and its deallocator is not
++ // called.
++ Py_INCREF(op);
+ }
+ }
+
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/python/python3/deterministic_imports.patch b/poky/meta/recipes-devtools/python/python3/deterministic_imports.patch
new file mode 100644
index 0000000..296b413
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3/deterministic_imports.patch
@@ -0,0 +1,32 @@
+There are two issues here. Firstly, the modules are accessed in on disk order. This
+means behaviour seen on one system might not reproduce on another and is a real headache.
+
+Secondly, empty directories left behind by previous modules might be looked at. This
+has caused a long string of different issues for us.
+
+As a result, patch this to a behaviour which works for us.
+
+Upstream-Status: Pending [need to talk to upstream to see if they'll take one or both fixes]
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+
+Index: Python-3.10.4/Lib/importlib/metadata/__init__.py
+===================================================================
+--- Python-3.10.4.orig/Lib/importlib/metadata/__init__.py
++++ Python-3.10.4/Lib/importlib/metadata/__init__.py
+@@ -819,7 +819,14 @@ class Lookup:
+ self.infos = FreezableDefaultDict(list)
+ self.eggs = FreezableDefaultDict(list)
+
+- for child in path.children():
++ for child in sorted(path.children()):
++ childpath = pathlib.Path(path.root, child)
++ try:
++ if childpath.is_dir() and not any(childpath.iterdir()):
++ # Empty directories aren't interesting
++ continue
++ except PermissionError:
++ continue
+ low = child.lower()
+ if low.endswith((".dist-info", ".egg-info")):
+ # rpartition is faster than splitext and suitable for this purpose.
diff --git a/poky/meta/recipes-devtools/python/python3/run-ptest b/poky/meta/recipes-devtools/python/python3/run-ptest
index 405b07f..05396e9 100644
--- a/poky/meta/recipes-devtools/python/python3/run-ptest
+++ b/poky/meta/recipes-devtools/python/python3/run-ptest
@@ -1,3 +1,3 @@
#!/bin/sh
-python3 -m test -v | sed -u -e '/\.\.\. ok/ s/^/PASS: /g' -r -e '/\.\.\. (ERROR|FAIL)/ s/^/FAIL: /g' -e '/\.\.\. skipped/ s/^/SKIP: /g' -e 's/ \.\.\. ok//g' -e 's/ \.\.\. ERROR//g' -e 's/ \.\.\. FAIL//g' -e 's/ \.\.\. skipped//g'
+SETUPTOOLS_USE_DISTUTILS=nonlocal python3 -m test -v | sed -u -e '/\.\.\. ok/ s/^/PASS: /g' -r -e '/\.\.\. (ERROR|FAIL)/ s/^/FAIL: /g' -e '/\.\.\. skipped/ s/^/SKIP: /g' -e 's/ \.\.\. ok//g' -e 's/ \.\.\. ERROR//g' -e 's/ \.\.\. FAIL//g' -e 's/ \.\.\. skipped//g'
diff --git a/poky/meta/recipes-devtools/python/python3_3.10.4.bb b/poky/meta/recipes-devtools/python/python3_3.10.4.bb
index d678d55..34fd289 100644
--- a/poky/meta/recipes-devtools/python/python3_3.10.4.bb
+++ b/poky/meta/recipes-devtools/python/python3_3.10.4.bb
@@ -33,6 +33,9 @@
file://0001-sysconfig.py-use-platlibdir-also-for-purelib.patch \
file://0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch \
file://0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch \
+ file://deterministic_imports.patch \
+ file://0001-Avoid-shebang-overflow-on-python-config.py.patch \
+ file://0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch \
"
SRC_URI:append:class-native = " \
@@ -165,6 +168,9 @@
# tarballs and sysroot creation.
find ${D} -name *.pyc -delete
+ # Nothing should be looking into ${B} for python3-native
+ sed -i -e 's:${B}:/build/path/unavailable/:g' \
+ ${D}/${libdir}/python${PYTHON_MAJMIN}/config-${PYTHON_MAJMIN}${PYTHON_ABI}*/Makefile
}
do_install:append() {
@@ -175,15 +181,16 @@
mkdir -p ${D}${libdir}/python-sysconfigdata
sysconfigfile=`find ${D} -name _sysconfig*.py`
- cp $sysconfigfile ${D}${libdir}/python-sysconfigdata/_sysconfigdata.py
-
sed -i \
-e "s,^ 'LIBDIR'.*, 'LIBDIR': '${STAGING_LIBDIR}'\,,g" \
-e "s,^ 'INCLUDEDIR'.*, 'INCLUDEDIR': '${STAGING_INCDIR}'\,,g" \
-e "s,^ 'CONFINCLUDEDIR'.*, 'CONFINCLUDEDIR': '${STAGING_INCDIR}'\,,g" \
-e "/^ 'INCLDIRSTOMAKE'/{N; s,/usr/include,${STAGING_INCDIR},g}" \
-e "/^ 'INCLUDEPY'/s,/usr/include,${STAGING_INCDIR},g" \
- ${D}${libdir}/python-sysconfigdata/_sysconfigdata.py
+ -e "s,${B},/build/path/unavailable/,g" \
+ $sysconfigfile
+ cp $sysconfigfile ${D}${libdir}/python-sysconfigdata/_sysconfigdata.py
+
# Unfortunately the following pyc files are non-deterministc due to 'frozenset'
# being written without strict ordering, even with PYTHONHASHSEED = 0
@@ -193,6 +200,11 @@
rm -f ${D}${libdir}/python${PYTHON_MAJMIN}/test/__pycache__/test_range.cpython*
rm -f ${D}${libdir}/python${PYTHON_MAJMIN}/test/__pycache__/test_xml_etree.cpython*
+ # Similar to the above, we're getting reproducibility issues with
+ # /usr/lib/python3.10/__pycache__/traceback.cpython-310.pyc
+ # so remove it too
+ rm -f ${D}${libdir}/python${PYTHON_MAJMIN}/__pycache__/traceback.cpython*
+
# Remove the opt-1.pyc and opt-2.pyc files. They effectively waste space on embedded
# style targets as they're only used when python is called with the -O or -OO options
# which is rare.
diff --git a/poky/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb b/poky/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb
index bc5384d..5ccede5 100644
--- a/poky/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb
+++ b/poky/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb
@@ -11,7 +11,7 @@
EXTRA_OECONF:append = " --target-list=${@get_qemu_system_target_list(d)}"
-PACKAGECONFIG ??= "fdt alsa kvm pie \
+PACKAGECONFIG ??= "fdt alsa kvm pie slirp \
${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer epoxy', '', d)} \
"
diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc
index 4e94c4b..63f0569 100644
--- a/poky/meta/recipes-devtools/qemu/qemu.inc
+++ b/poky/meta/recipes-devtools/qemu/qemu.inc
@@ -33,6 +33,8 @@
file://0001-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch \
file://0002-virtio-net-fix-map-leaking-on-error-during-receive.patch \
file://pvrdma.patch \
+ file://CVE-2021-4206.patch \
+ file://CVE-2021-4207.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
@@ -196,6 +198,12 @@
PACKAGECONFIG[pmem] = "--enable-libpmem,--disable-libpmem,pmdk"
PACKAGECONFIG[pulsedio] = "--enable-pa,--disable-pa,pulseaudio"
PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux"
+PACKAGECONFIG[bpf] = "--enable-bpf,--disable-bpf,libbpf"
+PACKAGECONFIG[capstone] = "--enable-capstone,--disable-capstone"
+PACKAGECONFIG[rdma] = "--enable-rdma,--disable-rdma"
+PACKAGECONFIG[vde] = "--enable-vde,--disable-vde"
+PACKAGECONFIG[slirp] = "--enable-slirp=internal,--disable-slirp"
+PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi"
INSANE_SKIP:${PN} = "arch"
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch
new file mode 100644
index 0000000..05f9c8f
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch
@@ -0,0 +1,89 @@
+From fa892e9abb728e76afcf27323ab29c57fb0fe7aa Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella <mcascell@redhat.com>
+Date: Thu, 7 Apr 2022 10:17:12 +0200
+Subject: [PATCH] ui/cursor: fix integer overflow in cursor_alloc
+ (CVE-2021-4206)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+Prevent potential integer overflow by limiting 'width' and 'height' to
+512x512. Also change 'datasize' type to size_t. Refer to security
+advisory https://starlabs.sg/advisories/22-4206/ for more information.
+
+Fixes: CVE-2021-4206
+Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20220407081712.345609-1-mcascell@redhat.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+
+Upstream-Status: Backport
+https://git.qemu.org/?p=qemu.git;a=commit;h=fa892e9abb728e76afcf27323ab29c57fb0fe7aa
+
+Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
+---
+ hw/display/qxl-render.c | 7 +++++++
+ hw/display/vmware_vga.c | 2 ++
+ ui/cursor.c | 8 +++++++-
+ 3 files changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/hw/display/qxl-render.c b/hw/display/qxl-render.c
+index 237ed29..ca21700 100644
+--- a/hw/display/qxl-render.c
++++ b/hw/display/qxl-render.c
+@@ -247,6 +247,13 @@ static QEMUCursor *qxl_cursor(PCIQXLDevice *qxl, QXLCursor *cursor,
+ size_t size;
+
+ c = cursor_alloc(cursor->header.width, cursor->header.height);
++
++ if (!c) {
++ qxl_set_guest_bug(qxl, "%s: cursor %ux%u alloc error", __func__,
++ cursor->header.width, cursor->header.height);
++ goto fail;
++ }
++
+ c->hot_x = cursor->header.hot_spot_x;
+ c->hot_y = cursor->header.hot_spot_y;
+ switch (cursor->header.type) {
+diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c
+index 98c8347..45d06cb 100644
+--- a/hw/display/vmware_vga.c
++++ b/hw/display/vmware_vga.c
+@@ -515,6 +515,8 @@ static inline void vmsvga_cursor_define(struct vmsvga_state_s *s,
+ int i, pixels;
+
+ qc = cursor_alloc(c->width, c->height);
++ assert(qc != NULL);
++
+ qc->hot_x = c->hot_x;
+ qc->hot_y = c->hot_y;
+ switch (c->bpp) {
+diff --git a/ui/cursor.c b/ui/cursor.c
+index 1d62ddd..835f080 100644
+--- a/ui/cursor.c
++++ b/ui/cursor.c
+@@ -46,6 +46,8 @@ static QEMUCursor *cursor_parse_xpm(const char *xpm[])
+
+ /* parse pixel data */
+ c = cursor_alloc(width, height);
++ assert(c != NULL);
++
+ for (pixel = 0, y = 0; y < height; y++, line++) {
+ for (x = 0; x < height; x++, pixel++) {
+ idx = xpm[line][x];
+@@ -91,7 +93,11 @@ QEMUCursor *cursor_builtin_left_ptr(void)
+ QEMUCursor *cursor_alloc(int width, int height)
+ {
+ QEMUCursor *c;
+- int datasize = width * height * sizeof(uint32_t);
++ size_t datasize = width * height * sizeof(uint32_t);
++
++ if (width > 512 || height > 512) {
++ return NULL;
++ }
+
+ c = g_malloc0(sizeof(QEMUCursor) + datasize);
+ c->width = width;
+--
+1.8.3.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch
new file mode 100644
index 0000000..38f36ab
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch
@@ -0,0 +1,43 @@
+From 9569f5cb5b4bffa9d3ebc8ba7da1e03830a9a895 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella <mcascell@redhat.com>
+Date: Thu, 7 Apr 2022 10:11:06 +0200
+Subject: [PATCH] display/qxl-render: fix race condition in qxl_cursor
+ (CVE-2021-4207)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+Avoid fetching 'width' and 'height' a second time to prevent possible
+race condition. Refer to security advisory
+https://starlabs.sg/advisories/22-4207/ for more information.
+
+Fixes: CVE-2021-4207
+Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20220407081106.343235-1-mcascell@redhat.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+
+Upstream-Status: Backport
+https://git.qemu.org/?p=qemu.git;a=commit;h=9569f5cb5b4bffa9d3ebc8ba7da1e03830a9a895
+
+Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
+---
+ hw/display/qxl-render.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/display/qxl-render.c b/hw/display/qxl-render.c
+index d28849b..237ed29 100644
+--- a/hw/display/qxl-render.c
++++ b/hw/display/qxl-render.c
+@@ -266,7 +266,7 @@ static QEMUCursor *qxl_cursor(PCIQXLDevice *qxl, QXLCursor *cursor,
+ }
+ break;
+ case SPICE_CURSOR_TYPE_ALPHA:
+- size = sizeof(uint32_t) * cursor->header.width * cursor->header.height;
++ size = sizeof(uint32_t) * c->width * c->height;
+ qxl_unpack_chunks(c->data, size, qxl, &cursor->chunk, group_id);
+ if (qxl->debug > 2) {
+ cursor_print_ascii_art(c, "qxl/alpha");
+--
+1.8.3.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu_6.2.0.bb b/poky/meta/recipes-devtools/qemu/qemu_6.2.0.bb
index 9f7fad9..42e1339 100644
--- a/poky/meta/recipes-devtools/qemu/qemu_6.2.0.bb
+++ b/poky/meta/recipes-devtools/qemu/qemu_6.2.0.bb
@@ -15,12 +15,12 @@
EXTRA_OECONF:append:class-nativesdk = " --target-list=${@get_qemu_target_list(d)}"
PACKAGECONFIG ??= " \
- fdt sdl kvm pie \
+ fdt sdl kvm pie slirp \
${@bb.utils.filter('DISTRO_FEATURES', 'alsa xen', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer epoxy', '', d)} \
${@bb.utils.filter('DISTRO_FEATURES', 'seccomp', d)} \
"
-PACKAGECONFIG:class-nativesdk ??= "fdt sdl kvm pie \
+PACKAGECONFIG:class-nativesdk ??= "fdt sdl kvm pie slirp \
${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer epoxy', '', d)} \
"
# ppc32 hosts are no longer supported in qemu
diff --git a/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb
index 38ba467..6fc1f53 100644
--- a/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb
+++ b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb
@@ -25,6 +25,7 @@
# rdoc is off by default due to non-reproducibility reported in
# https://bugs.ruby-lang.org/issues/18456
PACKAGECONFIG[rdoc] = "--enable-install-rdoc,--disable-install-rdoc,"
+PACKAGECONFIG[capstone] = "--with-capstone=yes, --with-capstone=no"
EXTRA_OECONF = "\
--disable-versioned-paths \
diff --git a/poky/meta/recipes-devtools/rust/rust-common.inc b/poky/meta/recipes-devtools/rust/rust-common.inc
index 310aece..ef70c48 100644
--- a/poky/meta/recipes-devtools/rust/rust-common.inc
+++ b/poky/meta/recipes-devtools/rust/rust-common.inc
@@ -119,17 +119,15 @@
## arm-unknown-linux-gnueabihf
-DATA_LAYOUT[arm-eabi] = "e-m:e-p:32:32-i64:64-v128:64:128-a:0:32-n32-S64"
-LLVM_TARGET[arm-eabi] = "${RUST_TARGET_SYS}"
-TARGET_ENDIAN[arm-eabi] = "little"
-TARGET_POINTER_WIDTH[arm-eabi] = "32"
-TARGET_C_INT_WIDTH[arm-eabi] = "32"
-MAX_ATOMIC_WIDTH[arm-eabi] = "64"
-FEATURES[arm-eabi] = "+v6,+vfp2"
+DATA_LAYOUT[arm] = "e-m:e-p:32:32-i64:64-v128:64:128-a:0:32-n32-S64"
+TARGET_ENDIAN[arm] = "little"
+TARGET_POINTER_WIDTH[arm] = "32"
+TARGET_C_INT_WIDTH[arm] = "32"
+MAX_ATOMIC_WIDTH[arm] = "64"
+FEATURES[arm] = "+v6,+vfp2"
## armv7-unknown-linux-gnueabihf
DATA_LAYOUT[armv7-eabi] = "e-m:e-p:32:32-i64:64-v128:64:128-a:0:32-n32-S64"
-LLVM_TARGET[armv7-eabi] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[armv7-eabi] = "little"
TARGET_POINTER_WIDTH[armv7-eabi] = "32"
TARGET_C_INT_WIDTH[armv7-eabi] = "32"
@@ -138,7 +136,6 @@
## aarch64-unknown-linux-{gnu, musl}
DATA_LAYOUT[aarch64] = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128"
-LLVM_TARGET[aarch64] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[aarch64] = "little"
TARGET_POINTER_WIDTH[aarch64] = "64"
TARGET_C_INT_WIDTH[aarch64] = "32"
@@ -146,7 +143,6 @@
## x86_64-unknown-linux-{gnu, musl}
DATA_LAYOUT[x86_64] = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
-LLVM_TARGET[x86_64] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[x86_64] = "little"
TARGET_POINTER_WIDTH[x86_64] = "64"
TARGET_C_INT_WIDTH[x86_64] = "32"
@@ -154,7 +150,6 @@
## x86_64-unknown-linux-gnux32
DATA_LAYOUT[x86_64-x32] = "e-m:e-p:32:32-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128"
-LLVM_TARGET[x86_64-x32] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[x86_64-x32] = "little"
TARGET_POINTER_WIDTH[x86_64-x32] = "32"
TARGET_C_INT_WIDTH[x86_64-x32] = "32"
@@ -162,7 +157,6 @@
## i686-unknown-linux-{gnu, musl}
DATA_LAYOUT[i686] = "e-m:e-p:32:32-f64:32:64-f80:32-n8:16:32-S128"
-LLVM_TARGET[i686] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[i686] = "little"
TARGET_POINTER_WIDTH[i686] = "32"
TARGET_C_INT_WIDTH[i686] = "32"
@@ -170,7 +164,6 @@
## XXX: a bit of a hack so qemux86 builds, clone of i686-unknown-linux-{gnu, musl} above
DATA_LAYOUT[i586] = "e-m:e-p:32:32-f64:32:64-f80:32-n8:16:32-S128"
-LLVM_TARGET[i586] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[i586] = "little"
TARGET_POINTER_WIDTH[i586] = "32"
TARGET_C_INT_WIDTH[i586] = "32"
@@ -178,7 +171,6 @@
## mips-unknown-linux-{gnu, musl}
DATA_LAYOUT[mips] = "E-m:m-p:32:32-i8:8:32-i16:16:32-i64:64-n32-S64"
-LLVM_TARGET[mips] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[mips] = "big"
TARGET_POINTER_WIDTH[mips] = "32"
TARGET_C_INT_WIDTH[mips] = "32"
@@ -186,7 +178,6 @@
## mipsel-unknown-linux-{gnu, musl}
DATA_LAYOUT[mipsel] = "e-m:m-p:32:32-i8:8:32-i16:16:32-i64:64-n32-S64"
-LLVM_TARGET[mipsel] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[mipsel] = "little"
TARGET_POINTER_WIDTH[mipsel] = "32"
TARGET_C_INT_WIDTH[mipsel] = "32"
@@ -194,7 +185,6 @@
## mips64-unknown-linux-{gnu, musl}
DATA_LAYOUT[mips64] = "E-m:e-i8:8:32-i16:16:32-i64:64-n32:64-S128"
-LLVM_TARGET[mips64] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[mips64] = "big"
TARGET_POINTER_WIDTH[mips64] = "64"
TARGET_C_INT_WIDTH[mips64] = "64"
@@ -202,7 +192,6 @@
## mips64el-unknown-linux-{gnu, musl}
DATA_LAYOUT[mips64el] = "e-m:e-i8:8:32-i16:16:32-i64:64-n32:64-S128"
-LLVM_TARGET[mips64el] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[mips64el] = "little"
TARGET_POINTER_WIDTH[mips64el] = "64"
TARGET_C_INT_WIDTH[mips64el] = "64"
@@ -210,7 +199,6 @@
## powerpc-unknown-linux-{gnu, musl}
DATA_LAYOUT[powerpc] = "E-m:e-p:32:32-i64:64-n32"
-LLVM_TARGET[powerpc] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[powerpc] = "big"
TARGET_POINTER_WIDTH[powerpc] = "32"
TARGET_C_INT_WIDTH[powerpc] = "32"
@@ -218,7 +206,6 @@
## powerpc64-unknown-linux-{gnu, musl}
DATA_LAYOUT[powerpc64] = "E-m:e-i64:64-n32:64-S128-v256:256:256-v512:512:512"
-LLVM_TARGET[powerpc64] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[powerpc64] = "big"
TARGET_POINTER_WIDTH[powerpc64] = "64"
TARGET_C_INT_WIDTH[powerpc64] = "64"
@@ -226,7 +213,6 @@
## powerpc64le-unknown-linux-{gnu, musl}
DATA_LAYOUT[powerpc64le] = "e-m:e-i64:64-n32:64-v256:256:256-v512:512:512"
-LLVM_TARGET[powerpc64le] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[powerpc64le] = "little"
TARGET_POINTER_WIDTH[powerpc64le] = "64"
TARGET_C_INT_WIDTH[powerpc64le] = "64"
@@ -234,7 +220,6 @@
## riscv32-unknown-linux-{gnu, musl}
DATA_LAYOUT[riscv32] = "e-m:e-p:32:32-i64:64-n32-S128"
-LLVM_TARGET[riscv32] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[riscv32] = "little"
TARGET_POINTER_WIDTH[riscv32] = "32"
TARGET_C_INT_WIDTH[riscv32] = "32"
@@ -242,7 +227,6 @@
## riscv64-unknown-linux-{gnu, musl}
DATA_LAYOUT[riscv64] = "e-m:e-p:64:64-i64:64-i128:128-n64-S128"
-LLVM_TARGET[riscv64] = "${RUST_TARGET_SYS}"
TARGET_ENDIAN[riscv64] = "little"
TARGET_POINTER_WIDTH[riscv64] = "64"
TARGET_C_INT_WIDTH[riscv64] = "64"
@@ -325,7 +309,7 @@
# build tspec
tspec = {}
- tspec['llvm-target'] = d.getVarFlag('LLVM_TARGET', arch_abi)
+ tspec['llvm-target'] = d.getVar('RUST_TARGET_SYS', arch_abi)
tspec['data-layout'] = d.getVarFlag('DATA_LAYOUT', arch_abi)
tspec['max-atomic-width'] = int(d.getVarFlag('MAX_ATOMIC_WIDTH', arch_abi))
tspec['target-pointer-width'] = d.getVarFlag('TARGET_POINTER_WIDTH', arch_abi)
@@ -360,6 +344,11 @@
with open(wd + sys + '.json', 'w') as f:
json.dump(tspec, f, indent=4)
+# These are accounted for in tmpdir path names so don't need to be in the task sig
+rust_gen_target[vardepsexclude] += "RUST_HOST_SYS RUST_TARGET_SYS"
+
+do_rust_gen_targets[vardeps] += "DATA_LAYOUT TARGET_ENDIAN TARGET_POINTER_WIDTH TARGET_C_INT_WIDTH MAX_ATOMIC_WIDTH FEATURES"
+
python do_rust_gen_targets () {
wd = d.getVar('WORKDIR') + '/targets/'
build_arch = d.getVar('BUILD_ARCH')
diff --git a/poky/meta/recipes-devtools/rust/rust-cross-canadian-common.inc b/poky/meta/recipes-devtools/rust/rust-cross-canadian-common.inc
index 827000f..1f21c8a 100644
--- a/poky/meta/recipes-devtools/rust/rust-cross-canadian-common.inc
+++ b/poky/meta/recipes-devtools/rust/rust-cross-canadian-common.inc
@@ -25,7 +25,6 @@
-fdebug-prefix-map=${STAGING_DIR_NATIVE}= \
"
-LLVM_TARGET[x86_64] = "${RUST_HOST_SYS}"
python do_rust_gen_targets () {
wd = d.getVar('WORKDIR') + '/targets/'
rust_gen_target(d, 'TARGET', wd, d.getVar('TARGET_LLVM_FEATURES') or "", d.getVar('TARGET_LLVM_CPU'), d.getVar('TARGET_ARCH'))
diff --git a/poky/meta/recipes-devtools/strace/strace/0001-landlock-update-expected-string.patch b/poky/meta/recipes-devtools/strace/strace/0001-landlock-update-expected-string.patch
new file mode 100644
index 0000000..9d67d68
--- /dev/null
+++ b/poky/meta/recipes-devtools/strace/strace/0001-landlock-update-expected-string.patch
@@ -0,0 +1,67 @@
+From d0dae2fb30b907bc9bf70382f37c9e00207ae036 Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@gmail.com>
+Date: Sat, 30 Apr 2022 01:09:42 -0400
+Subject: [PATCH] landlock: update expected string
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Kernel commit:
+
+ commit 3d4b396a616d0d67bf95d6823ad1197f6247292e
+ Author: Christian Brauner <christian.brauner@ubuntu.com>
+ Date: Mon Oct 11 15:37:04 2021 +0200
+
+ landlock: Use square brackets around "landlock-ruleset"
+
+ commit aea0b9f2486da8497f35c7114b764bf55e17c7ea upstream.
+
+ Make the name of the anon inode fd "[landlock-ruleset]" instead of
+ "landlock-ruleset". This is minor but most anon inode fds already
+ carry square brackets around their name:
+
+ [eventfd]
+ [eventpoll]
+ [fanotify]
+ [fscontext]
+ [io_uring]
+ [pidfd]
+ [signalfd]
+ [timerfd]
+ [userfaultfd]
+
+ For the sake of consistency lets do the same for the landlock-ruleset anon
+ inode fd that comes with landlock. We did the same in
+ 1cdc415f1083 ("uapi, fsopen: use square brackets around "fscontext" [ver #2]")
+ for the new mount api.
+
+ Cc: linux-security-module@vger.kernel.org
+ Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
+ Link: https://lore.kernel.org/r/20211011133704.1704369-1-brauner@kernel.org
+ Cc: stable@vger.kernel.org
+ Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
+ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+Changed the format of the landlock tracing. We need to update the strace
+expected string to match.
+
+Upstream-Status: Submitted [https://lists.strace.io/pipermail/strace-devel/2022-April/011064.html]
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
+---
+ tests/landlock_create_ruleset-y.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/landlock_create_ruleset-y.c b/tests/landlock_create_ruleset-y.c
+index a30966b..50e19c2 100644
+--- a/tests/landlock_create_ruleset-y.c
++++ b/tests/landlock_create_ruleset-y.c
+@@ -1,4 +1,4 @@
+-#define FD_PATH "<anon_inode:landlock-ruleset>"
++#define FD_PATH "<anon_inode:[landlock-ruleset]>"
+ #define SKIP_IF_PROC_IS_UNAVAILABLE skip_if_unavailable("/proc/self/fd/")
+
+ #include "landlock_create_ruleset.c"
+--
+2.19.1
+
diff --git a/poky/meta/recipes-devtools/strace/strace/run-ptest b/poky/meta/recipes-devtools/strace/strace/run-ptest
index 02bb91e..86daed9 100755
--- a/poky/meta/recipes-devtools/strace/strace/run-ptest
+++ b/poky/meta/recipes-devtools/strace/strace/run-ptest
@@ -3,11 +3,7 @@
set -u
export TIMEOUT_DURATION=240
-chown nobody tests
-chown nobody tests/*
-chown nobody ../ptest
-
-su nobody -c "make -B -C tests -k test-suite.log"
+make -B -C tests -k test-suite.log
res=$?
if [ $res -ne 0 ]; then
cat tests/test-suite.log
diff --git a/poky/meta/recipes-devtools/strace/strace_5.16.bb b/poky/meta/recipes-devtools/strace/strace_5.16.bb
index 4bde14f..ae19318 100644
--- a/poky/meta/recipes-devtools/strace/strace_5.16.bb
+++ b/poky/meta/recipes-devtools/strace/strace_5.16.bb
@@ -13,6 +13,7 @@
file://ptest-spacesave.patch \
file://0001-strace-fix-reproducibilty-issues.patch \
file://skip-load.patch \
+ file://0001-landlock-update-expected-string.patch \
"
SRC_URI[sha256sum] = "dc7db230ff3e57c249830ba94acab2b862da1fcaac55417e9b85041a833ca285"
diff --git a/poky/meta/recipes-devtools/vala/vala.inc b/poky/meta/recipes-devtools/vala/vala.inc
index 90e0b77..974baa3 100644
--- a/poky/meta/recipes-devtools/vala/vala.inc
+++ b/poky/meta/recipes-devtools/vala/vala.inc
@@ -60,3 +60,9 @@
}
SSTATE_SCAN_FILES += "vapigen-wrapper"
+
+PACKAGE_PREPROCESS_FUNCS += "vala_package_preprocess"
+
+vala_package_preprocess () {
+ sed -i -e 's:${RECIPE_SYSROOT}::g;' ${PKGD}${bindir}/vapigen-wrapper
+}
diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/0001-makefiles-Drop-setting-mcpu-to-cortex-a8-on-arm-arch.patch b/poky/meta/recipes-devtools/valgrind/valgrind/0001-makefiles-Drop-setting-mcpu-to-cortex-a8-on-arm-arch.patch
index 9f1da7b..073713c 100644
--- a/poky/meta/recipes-devtools/valgrind/valgrind/0001-makefiles-Drop-setting-mcpu-to-cortex-a8-on-arm-arch.patch
+++ b/poky/meta/recipes-devtools/valgrind/valgrind/0001-makefiles-Drop-setting-mcpu-to-cortex-a8-on-arm-arch.patch
@@ -10,7 +10,7 @@
Fixes
| cc1: warning: switch -mcpu=cortex-a8 conflicts with -march=armv7ve switch
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=454346]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/avoid-neon-for-targets-which-don-t-support-it.patch b/poky/meta/recipes-devtools/valgrind/valgrind/avoid-neon-for-targets-which-don-t-support-it.patch
index 5fcfec0..82b8344 100644
--- a/poky/meta/recipes-devtools/valgrind/valgrind/avoid-neon-for-targets-which-don-t-support-it.patch
+++ b/poky/meta/recipes-devtools/valgrind/valgrind/avoid-neon-for-targets-which-don-t-support-it.patch
@@ -8,7 +8,7 @@
possible, but fallback to C when building for ARM targets which don't
support neon.
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=454346]
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/use-appropriate-march-mcpu-mfpu-for-ARM-test-apps.patch b/poky/meta/recipes-devtools/valgrind/valgrind/use-appropriate-march-mcpu-mfpu-for-ARM-test-apps.patch
index adea405..f15d04b 100644
--- a/poky/meta/recipes-devtools/valgrind/valgrind/use-appropriate-march-mcpu-mfpu-for-ARM-test-apps.patch
+++ b/poky/meta/recipes-devtools/valgrind/valgrind/use-appropriate-march-mcpu-mfpu-for-ARM-test-apps.patch
@@ -15,7 +15,7 @@
See similar cases in none/tests/arm/Makefile.am
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=454346]
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
diff --git a/poky/meta/recipes-extended/at/at_3.2.5.bb b/poky/meta/recipes-extended/at/at_3.2.5.bb
index 6769eb3..87a4361 100644
--- a/poky/meta/recipes-extended/at/at_3.2.5.bb
+++ b/poky/meta/recipes-extended/at/at_3.2.5.bb
@@ -22,7 +22,7 @@
RCONFLICTS:${PN} = "atd"
RREPLACES:${PN} = "atd"
-SRC_URI = "http://software.calhariz.com/at/${BPN}_${PV}.orig.tar.gz \
+SRC_URI = "${DEBIAN_MIRROR}/main/a/at/${BPN}_${PV}.orig.tar.gz \
file://posixtm.c \
file://posixtm.h \
file://file_replacement_with_gplv2.patch \
diff --git a/poky/meta/recipes-extended/bash/bash/makerace2.patch b/poky/meta/recipes-extended/bash/bash/makerace2.patch
index 43cdd04..abb51a5 100644
--- a/poky/meta/recipes-extended/bash/bash/makerace2.patch
+++ b/poky/meta/recipes-extended/bash/bash/makerace2.patch
@@ -11,7 +11,7 @@
See [YOCTO #14227]
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://savannah.gnu.org/patch/index.php?10210]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Index: bash-5.1.8/builtins/Makefile.in
diff --git a/poky/meta/recipes-extended/cronie/cronie_1.6.0.bb b/poky/meta/recipes-extended/cronie/cronie_1.6.1.bb
similarity index 96%
rename from poky/meta/recipes-extended/cronie/cronie_1.6.0.bb
rename to poky/meta/recipes-extended/cronie/cronie_1.6.1.bb
index d2f08c9..6d150dd 100644
--- a/poky/meta/recipes-extended/cronie/cronie_1.6.0.bb
+++ b/poky/meta/recipes-extended/cronie/cronie_1.6.1.bb
@@ -25,7 +25,7 @@
PAM_SRC_URI = "file://crond_pam_config.patch"
PAM_DEPS = "libpam libpam-runtime pam-plugin-access pam-plugin-loginuid"
-SRC_URI[sha256sum] = "3f7cc263d21838b53a9943eb2a26b862059e2ae36c3f11789ac33cd6818e3628"
+SRC_URI[sha256sum] = "2cd0f0dd1680e6b9c39bf1e3a5e7ad6df76aa940de1ee90a453633aa59984e62"
inherit autotools update-rc.d useradd systemd
diff --git a/poky/meta/recipes-extended/cups/cups.inc b/poky/meta/recipes-extended/cups/cups.inc
index 8f2ad8a..4592980 100644
--- a/poky/meta/recipes-extended/cups/cups.inc
+++ b/poky/meta/recipes-extended/cups/cups.inc
@@ -26,6 +26,8 @@
CVE_CHECK_IGNORE += "CVE-2009-0032"
# This is an Ubuntu only issue.
CVE_CHECK_IGNORE += "CVE-2018-6553"
+# This is fixed in 2.4.2 but the cve-check class still reports it
+CVE_CHECK_IGNORE += "CVE-2022-26691"
LEAD_SONAME = "libcupsdriver.so"
diff --git a/poky/meta/recipes-extended/cups/cups_2.4.1.bb b/poky/meta/recipes-extended/cups/cups_2.4.1.bb
deleted file mode 100644
index 27c88f8..0000000
--- a/poky/meta/recipes-extended/cups/cups_2.4.1.bb
+++ /dev/null
@@ -1,5 +0,0 @@
-require cups.inc
-
-LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
-
-SRC_URI[sha256sum] = "c7339f75f8d4f2dec50c673341a45fc06b6885bb6d4366d6bf59a4e6c10ae178"
diff --git a/poky/meta/recipes-extended/cups/cups_2.4.2.bb b/poky/meta/recipes-extended/cups/cups_2.4.2.bb
new file mode 100644
index 0000000..f5ca749
--- /dev/null
+++ b/poky/meta/recipes-extended/cups/cups_2.4.2.bb
@@ -0,0 +1,5 @@
+require cups.inc
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+SRC_URI[sha256sum] = "f03ccb40b087d1e30940a40e0141dcbba263f39974c20eb9f2521066c9c6c908"
diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch
new file mode 100644
index 0000000..58cb937
--- /dev/null
+++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch
@@ -0,0 +1,44 @@
+From ae1061d948d88667bdf51d47d918c4684d0f67df Mon Sep 17 00:00:00 2001
+From: Robin Watts <Robin.Watts@artifex.com>
+Date: Wed, 16 Feb 2022 15:22:50 +0000
+Subject: [PATCH] Bug 704945: Add init_device_procs entry for mem_x_device.
+
+When allocating a buffer device, we rely on an init_device_procs
+being defined for the device we are using as a prototype. Which
+device we use as a prototype depends upon the number of bits per
+pixel we are using. For bpp > 64, we use mem_x_device, which does
+not currently have an init_device_procs defined.
+
+This is a fairly hard case to tickle, as very few devices use
+more than 64 bits per pixel. The DeviceN device is one of the
+few that does, and then the problem only kicks in if the
+MaxBitmap figure is high enough (or conversely the resolution is
+low enough).
+
+
+http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=ae1061d948d88667bdf51d47d918c4684d0f67df
+Upstream-Status: Backport
+CVE: CVE-2022-2085
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ base/gdevmx.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/base/gdevmx.c b/base/gdevmx.c
+index 08b0cbcfe..89e9ff774 100644
+--- a/base/gdevmx.c
++++ b/base/gdevmx.c
+@@ -1,4 +1,4 @@
+-/* Copyright (C) 2001-2021 Artifex Software, Inc.
++/* Copyright (C) 2001-2022 Artifex Software, Inc.
+ All Rights Reserved.
+
+ This software is provided AS-IS with no warranty, either express or
+@@ -25,4 +25,4 @@
+
+ /* The device descriptor. */
+ const gx_device_memory mem_x_device =
+- mem_device("imagex", 256, 0, NULL);
++ mem_device("imagex", 256, 0, mem_initialize_device_procs);
+--
+2.25.1
diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/poky/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
index c28e62f..365420f 100644
--- a/poky/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
+++ b/poky/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
@@ -33,6 +33,7 @@
file://do-not-check-local-libpng-source.patch \
file://avoid-host-contamination.patch \
file://mkdir-p.patch \
+ file://CVE-2022-2085.patch \
"
SRC_URI = "${SRC_URI_BASE} \
diff --git a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
index b3a8631..0055b32 100644
--- a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
+++ b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
@@ -11,7 +11,7 @@
GO_IMPORT = "golang.org/x/example"
GO_INSTALL = "${GO_IMPORT}/hello"
-GO_WORKDIR = "${GO_INSTALL}"
+
export GO111MODULE="off"
inherit go
diff --git a/poky/meta/recipes-extended/gperf/gperf/1862c6e57a308a05889c80c048dbc58bdc378dcb.patch b/poky/meta/recipes-extended/gperf/gperf/1862c6e57a308a05889c80c048dbc58bdc378dcb.patch
new file mode 100644
index 0000000..98959db
--- /dev/null
+++ b/poky/meta/recipes-extended/gperf/gperf/1862c6e57a308a05889c80c048dbc58bdc378dcb.patch
@@ -0,0 +1,181 @@
+From 1862c6e57a308a05889c80c048dbc58bdc378dcb Mon Sep 17 00:00:00 2001
+From: Bruno Haible <bruno@clisp.org>
+Date: Tue, 5 Jul 2022 07:51:46 +0200
+Subject: [PATCH] Add support for reproducible builds.
+
+Suggested by Richard Purdie <richard.purdie@linuxfoundation.org> in
+<https://lists.gnu.org/archive/html/bug-gperf/2022-07/msg00000.html>.
+
+* autogen.sh: Import also lib/filename.h.
+* Makefile.in (IMPORTED_FILES): Add lib/filename.h.
+* src/options.cc: Include filename.h.
+(Options::print_options): Print only the base name of the program name.
+* tests/*.exp: Update.
+
+Upstream-Status: Backport
+
+Index: gperf-3.1/ChangeLog
+===================================================================
+--- gperf-3.1.orig/ChangeLog
++++ gperf-3.1/ChangeLog
+@@ -1,3 +1,14 @@
++2022-07-05 Bruno Haible <bruno@clisp.org>
++
++ Add support for reproducible builds.
++ Suggested by Richard Purdie <richard.purdie@linuxfoundation.org> in
++ <https://lists.gnu.org/archive/html/bug-gperf/2022-07/msg00000.html>.
++ * autogen.sh: Import also lib/filename.h.
++ * Makefile.in (IMPORTED_FILES): Add lib/filename.h.
++ * src/options.cc: Include filename.h.
++ (Options::print_options): Print only the base name of the program name.
++ * tests/*.exp: Update.
++
+ 2017-01-02 Marcel Schaible <marcel.schaible@studium.fernuni-hagen.de>
+
+ * gperf-3.1 released.
+Index: gperf-3.1/src/options.cc
+===================================================================
+--- gperf-3.1.orig/src/options.cc
++++ gperf-3.1/src/options.cc
+@@ -26,6 +26,7 @@
+ #include <string.h> /* declares strcmp() */
+ #include <ctype.h> /* declares isdigit() */
+ #include <limits.h> /* defines CHAR_MAX */
++#include "filename.h"
+ #include "getopt.h"
+ #include "version.h"
+
+@@ -280,6 +281,16 @@ Options::print_options () const
+ {
+ const char *arg = _argument_vector[i];
+
++ if (i == 0)
++ {
++ /* _argument_vector[0] is the program name. Print only its base name.
++ This is useful for reproducible builds. */
++ const char *p = arg + strlen (arg);
++ while (p > arg && ! ISSLASH (p[-1]))
++ p--;
++ arg = p;
++ }
++
+ /* Escape arg if it contains shell metacharacters. */
+ if (*arg == '-')
+ {
+Index: gperf-3.1/lib/filename.h
+===================================================================
+--- /dev/null
++++ gperf-3.1/lib/filename.h
+@@ -0,0 +1,112 @@
++/* Basic filename support macros.
++ Copyright (C) 2001-2022 Free Software Foundation, Inc.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++/* From Paul Eggert and Jim Meyering. */
++
++#ifndef _FILENAME_H
++#define _FILENAME_H
++
++#include <string.h>
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++
++/* Filename support.
++ ISSLASH(C) tests whether C is a directory separator
++ character.
++ HAS_DEVICE(Filename) tests whether Filename contains a device
++ specification.
++ FILE_SYSTEM_PREFIX_LEN(Filename) length of the device specification
++ at the beginning of Filename,
++ index of the part consisting of
++ alternating components and slashes.
++ FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE
++ 1 when a non-empty device specification
++ can be followed by an empty or relative
++ part,
++ 0 when a non-empty device specification
++ must be followed by a slash,
++ 0 when device specification don't exist.
++ IS_ABSOLUTE_FILE_NAME(Filename)
++ tests whether Filename is independent of
++ any notion of "current directory".
++ IS_RELATIVE_FILE_NAME(Filename)
++ tests whether Filename may be concatenated
++ to a directory filename.
++ Note: On native Windows, OS/2, DOS, "c:" is neither an absolute nor a
++ relative file name!
++ IS_FILE_NAME_WITH_DIR(Filename) tests whether Filename contains a device
++ or directory specification.
++ */
++#if defined _WIN32 || defined __CYGWIN__ \
++ || defined __EMX__ || defined __MSDOS__ || defined __DJGPP__
++ /* Native Windows, Cygwin, OS/2, DOS */
++# define ISSLASH(C) ((C) == '/' || (C) == '\\')
++ /* Internal macro: Tests whether a character is a drive letter. */
++# define _IS_DRIVE_LETTER(C) \
++ (((C) >= 'A' && (C) <= 'Z') || ((C) >= 'a' && (C) <= 'z'))
++ /* Help the compiler optimizing it. This assumes ASCII. */
++# undef _IS_DRIVE_LETTER
++# define _IS_DRIVE_LETTER(C) \
++ (((unsigned int) (C) | ('a' - 'A')) - 'a' <= 'z' - 'a')
++# define HAS_DEVICE(Filename) \
++ (_IS_DRIVE_LETTER ((Filename)[0]) && (Filename)[1] == ':')
++# define FILE_SYSTEM_PREFIX_LEN(Filename) (HAS_DEVICE (Filename) ? 2 : 0)
++# ifdef __CYGWIN__
++# define FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE 0
++# else
++ /* On native Windows, OS/2, DOS, the system has the notion of a
++ "current directory" on each drive. */
++# define FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE 1
++# endif
++# if FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE
++# define IS_ABSOLUTE_FILE_NAME(Filename) \
++ ISSLASH ((Filename)[FILE_SYSTEM_PREFIX_LEN (Filename)])
++# else
++# define IS_ABSOLUTE_FILE_NAME(Filename) \
++ (ISSLASH ((Filename)[0]) || HAS_DEVICE (Filename))
++# endif
++# define IS_RELATIVE_FILE_NAME(Filename) \
++ (! (ISSLASH ((Filename)[0]) || HAS_DEVICE (Filename)))
++# define IS_FILE_NAME_WITH_DIR(Filename) \
++ (strchr ((Filename), '/') != NULL || strchr ((Filename), '\\') != NULL \
++ || HAS_DEVICE (Filename))
++#else
++ /* Unix */
++# define ISSLASH(C) ((C) == '/')
++# define HAS_DEVICE(Filename) ((void) (Filename), 0)
++# define FILE_SYSTEM_PREFIX_LEN(Filename) ((void) (Filename), 0)
++# define FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE 0
++# define IS_ABSOLUTE_FILE_NAME(Filename) ISSLASH ((Filename)[0])
++# define IS_RELATIVE_FILE_NAME(Filename) (! ISSLASH ((Filename)[0]))
++# define IS_FILE_NAME_WITH_DIR(Filename) (strchr ((Filename), '/') != NULL)
++#endif
++
++/* Deprecated macros. For backward compatibility with old users of the
++ 'filename' module. */
++#define IS_ABSOLUTE_PATH IS_ABSOLUTE_FILE_NAME
++#define IS_PATH_WITH_DIR IS_FILE_NAME_WITH_DIR
++
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif /* _FILENAME_H */
diff --git a/poky/meta/recipes-extended/gperf/gperf_3.1.bb b/poky/meta/recipes-extended/gperf/gperf_3.1.bb
index 82750fc..c9f09c7 100644
--- a/poky/meta/recipes-extended/gperf/gperf_3.1.bb
+++ b/poky/meta/recipes-extended/gperf/gperf_3.1.bb
@@ -9,6 +9,8 @@
SRC_URI[md5sum] = "9e251c0a618ad0824b51117d5d9db87e"
SRC_URI[sha256sum] = "588546b945bba4b70b6a3a616e80b4ab466e3f33024a352fc2198112cdbb3ae2"
+SRC_URI += "file://1862c6e57a308a05889c80c048dbc58bdc378dcb.patch"
+
inherit autotools
# The nested configures don't find the parent aclocal.m4 out of the box, so tell
diff --git a/poky/meta/recipes-extended/logrotate/logrotate_3.19.0.bb b/poky/meta/recipes-extended/logrotate/logrotate_3.20.1.bb
similarity index 97%
rename from poky/meta/recipes-extended/logrotate/logrotate_3.19.0.bb
rename to poky/meta/recipes-extended/logrotate/logrotate_3.20.1.bb
index 2a60d9b..3597753 100644
--- a/poky/meta/recipes-extended/logrotate/logrotate_3.19.0.bb
+++ b/poky/meta/recipes-extended/logrotate/logrotate_3.20.1.bb
@@ -15,7 +15,7 @@
SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz"
-SRC_URI[sha256sum] = "ddd5274d684c5c99ca724e8069329f343ebe376e07493d537d9effdc501214ba"
+SRC_URI[sha256sum] = "742f6d6e18eceffa49a4bacd933686d3e42931cfccfb694d7f6369b704e5d094"
# These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used
CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550"
diff --git a/poky/meta/recipes-extended/parted/files/run-ptest b/poky/meta/recipes-extended/parted/files/run-ptest
index c3d6fca..0960789 100644
--- a/poky/meta/recipes-extended/parted/files/run-ptest
+++ b/poky/meta/recipes-extended/parted/files/run-ptest
@@ -1,7 +1,7 @@
#!/bin/sh
-mkdir -p /etc/udev/mount.blacklist.d
-echo /dev/sda1 >> /etc/udev/mount.blacklist.d/parted-tmp
+mkdir -p /etc/udev/mount.ignorelist.d
+echo /dev/sda1 >> /etc/udev/mount.ignorelist.d/parted-tmp
rm -f tests/*.log
make -C tests test-suite.log
-rm /etc/udev/mount.blacklist.d/parted-tmp
+rm /etc/udev/mount.ignorelist.d/parted-tmp
diff --git a/poky/meta/recipes-extended/sed/sed/run-ptest b/poky/meta/recipes-extended/sed/sed/run-ptest
index 993d7d5..0460c79 100644
--- a/poky/meta/recipes-extended/sed/sed/run-ptest
+++ b/poky/meta/recipes-extended/sed/sed/run-ptest
@@ -2,4 +2,4 @@
chown nobody testsuite
chown nobody ../ptest
-su nobody -c "make test-suite.log"
+su nobody -s /bin/sh -c "make test-suite.log"
diff --git a/poky/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch b/poky/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch
index 716766d..5a6d194 100644
--- a/poky/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch
+++ b/poky/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch
@@ -6,7 +6,7 @@
Ensures that right flags from recipes are honored, otherwise tests fail
which otherwise should not.
-Upstream-Status: Pending
+Upstream-Status: Inactive-Upstream
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
unix/configure | 28 ++++++++++++++--------------
diff --git a/poky/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch b/poky/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch
index 6ba2b87..c010344 100644
--- a/poky/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch
+++ b/poky/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch
@@ -20,7 +20,7 @@
CVE: CVE-2021-4217
-Upstream-Status: Pending [infozip upstream inactive]
+Upstream-Status: Inactive-Upstream [infozip upstream inactive]
Signed-off-by: Joe Slater <joe.slater@windriver.com>
diff --git a/poky/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch b/poky/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch
new file mode 100644
index 0000000..1c1e120
--- /dev/null
+++ b/poky/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch
@@ -0,0 +1,39 @@
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355
+
+CVE: CVE-2022-0529
+Upstream-Status: Inactive-Upstream [need a new release]
+
+diff --git a/process.c b/process.c
+index d2a846e..99b9c7b 100644
+--- a/process.c
++++ b/process.c
+@@ -2507,13 +2507,15 @@ char *wide_to_local_string(wide_string, escape_all)
+ char buf[9];
+ char *buffer = NULL;
+ char *local_string = NULL;
++ size_t buffer_size;
+
+ for (wsize = 0; wide_string[wsize]; wsize++) ;
+
+ if (max_bytes < MAX_ESCAPE_BYTES)
+ max_bytes = MAX_ESCAPE_BYTES;
+
+- if ((buffer = (char *)malloc(wsize * max_bytes + 1)) == NULL) {
++ buffer_size = wsize * max_bytes + 1;
++ if ((buffer = (char *)malloc(buffer_size)) == NULL) {
+ return NULL;
+ }
+
+@@ -2552,7 +2554,11 @@ char *wide_to_local_string(wide_string, escape_all)
+ /* no MB for this wide */
+ /* use escape for wide character */
+ char *escape_string = wide_to_escape_string(wide_string[i]);
+- strcat(buffer, escape_string);
++ size_t buffer_len = strlen(buffer);
++ size_t escape_string_len = strlen(escape_string);
++ if (buffer_len + escape_string_len + 1 > buffer_size)
++ escape_string_len = buffer_size - buffer_len - 1;
++ strncat(buffer, escape_string, escape_string_len);
+ free(escape_string);
+ }
+ }
diff --git a/poky/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch b/poky/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch
new file mode 100644
index 0000000..363dafd
--- /dev/null
+++ b/poky/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch
@@ -0,0 +1,33 @@
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355
+
+CVE: CVE-2022-0530
+Upstream-Status: Inactive-Upstream [need a new release]
+
+diff --git a/fileio.c b/fileio.c
+index 6290824..77e4b5f 100644
+--- a/fileio.c
++++ b/fileio.c
+@@ -2361,6 +2361,9 @@ int do_string(__G__ length, option) /* return PK-type error code */
+ /* convert UTF-8 to local character set */
+ fn = utf8_to_local_string(G.unipath_filename,
+ G.unicode_escape_all);
++ if (fn == NULL)
++ return PK_ERR;
++
+ /* make sure filename is short enough */
+ if (strlen(fn) >= FILNAMSIZ) {
+ fn[FILNAMSIZ - 1] = '\0';
+diff --git a/process.c b/process.c
+index d2a846e..715bc0f 100644
+--- a/process.c
++++ b/process.c
+@@ -2605,6 +2605,8 @@ char *utf8_to_local_string(utf8_string, escape_all)
+ int escape_all;
+ {
+ zwchar *wide = utf8_to_wide_string(utf8_string);
++ if (wide == NULL)
++ return NULL;
+ char *loc = wide_to_local_string(wide, escape_all);
+ free(wide);
+ return loc;
+
diff --git a/poky/meta/recipes-extended/unzip/unzip/avoid-strip.patch b/poky/meta/recipes-extended/unzip/unzip/avoid-strip.patch
index e0c89d8..70bedc8 100644
--- a/poky/meta/recipes-extended/unzip/unzip/avoid-strip.patch
+++ b/poky/meta/recipes-extended/unzip/unzip/avoid-strip.patch
@@ -1,4 +1,4 @@
-Upstream-Status: Inappropriate [need a new release]
+Upstream-Status: Inactive-Upstream [need a new release]
unix/Makefile: remove hard coded strip commands
diff --git a/poky/meta/recipes-extended/unzip/unzip/define-ldflags.patch b/poky/meta/recipes-extended/unzip/unzip/define-ldflags.patch
index dc554c3..dd01c01 100644
--- a/poky/meta/recipes-extended/unzip/unzip/define-ldflags.patch
+++ b/poky/meta/recipes-extended/unzip/unzip/define-ldflags.patch
@@ -1,6 +1,6 @@
Pass LDFLAGS to the linker
-Upstream-Status: Inappropriate [need a new release]
+Upstream-Status: Inactive-Upstream [need a new release]
Signed-off-by: Mikhail Durnev <Mikhail_Durnev@mentor.com>
diff --git a/poky/meta/recipes-extended/unzip/unzip/fix-security-format.patch b/poky/meta/recipes-extended/unzip/unzip/fix-security-format.patch
index ba6ead3..2889c65 100644
--- a/poky/meta/recipes-extended/unzip/unzip/fix-security-format.patch
+++ b/poky/meta/recipes-extended/unzip/unzip/fix-security-format.patch
@@ -5,7 +5,7 @@
[YOCTO #9551]
[https://bugzilla.yoctoproject.org/show_bug.cgi?id=9551]
-Upstream-Status: Inappropriate [need a new release]
+Upstream-Status: Inactive-Upstream [need a new release]
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
diff --git a/poky/meta/recipes-extended/unzip/unzip/symlink.patch b/poky/meta/recipes-extended/unzip/unzip/symlink.patch
index c1d82ac..26f1c8b 100644
--- a/poky/meta/recipes-extended/unzip/unzip/symlink.patch
+++ b/poky/meta/recipes-extended/unzip/unzip/symlink.patch
@@ -6,7 +6,7 @@
This patch is taken from Fedora (https://bugzilla.redhat.com/show_bug.cgi?id=972427)
-Upstream-Status: Inappropriate [need a new release]
+Upstream-Status: Inactive-Upstream [need a new release]
Signed-off-by: Ross Burton <ross.burton@intel.com>
--- unzip60/process.c.sav 2013-06-09 12:08:57.070392264 +0200
diff --git a/poky/meta/recipes-extended/unzip/unzip_6.0.bb b/poky/meta/recipes-extended/unzip/unzip_6.0.bb
index c222a68..f35856c 100644
--- a/poky/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/poky/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -29,6 +29,8 @@
file://unzip_optimization.patch \
file://0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch \
file://CVE-2021-4217.patch \
+ file://CVE-2022-0529.patch \
+ file://CVE-2022-0530.patch \
"
UPSTREAM_VERSION_UNKNOWN = "1"
diff --git a/poky/meta/recipes-extended/zip/zip-3.0/0001-configure-Use-CFLAGS-and-LDFLAGS-when-doing-link-tes.patch b/poky/meta/recipes-extended/zip/zip-3.0/0001-configure-Use-CFLAGS-and-LDFLAGS-when-doing-link-tes.patch
index 475a653..92d0d5d 100644
--- a/poky/meta/recipes-extended/zip/zip-3.0/0001-configure-Use-CFLAGS-and-LDFLAGS-when-doing-link-tes.patch
+++ b/poky/meta/recipes-extended/zip/zip-3.0/0001-configure-Use-CFLAGS-and-LDFLAGS-when-doing-link-tes.patch
@@ -8,7 +8,7 @@
configure detection go wrong, ensure these flags are used along with CC
when tests involve linking
-Upstream-Status: Pending
+Upstream-Status: Inactive-Upstream
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
unix/configure | 16 ++++++++--------
diff --git a/poky/meta/recipes-extended/zip/zip-3.0/10-remove-build-date.patch b/poky/meta/recipes-extended/zip/zip-3.0/10-remove-build-date.patch
index 244ddea..6fd04df 100644
--- a/poky/meta/recipes-extended/zip/zip-3.0/10-remove-build-date.patch
+++ b/poky/meta/recipes-extended/zip/zip-3.0/10-remove-build-date.patch
@@ -2,7 +2,7 @@
Subject: Remove (optional) build date to make the build reproducible
Bug-Debian: http://bugs.debian.org/779042
-Upstream-Status: Inappropriate [no upstream]
+Upstream-Status: Inactive-Upstream [no upstream]
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
diff --git a/poky/meta/recipes-extended/zip/zip-3.0/fix-security-format.patch b/poky/meta/recipes-extended/zip/zip-3.0/fix-security-format.patch
index 5cdbf22..f85fddb 100644
--- a/poky/meta/recipes-extended/zip/zip-3.0/fix-security-format.patch
+++ b/poky/meta/recipes-extended/zip/zip-3.0/fix-security-format.patch
@@ -14,7 +14,7 @@
[YOCTO #9552]
[https://bugzilla.yoctoproject.org/show_bug.cgi?id=9552]
-Upstream-Status: Inappropriate [need a new release]
+Upstream-Status: Inactive-Upstream [need a new release]
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
diff --git a/poky/meta/recipes-extended/zip/zip-3.0/zipnote-crashes-with-segfault.patch b/poky/meta/recipes-extended/zip/zip-3.0/zipnote-crashes-with-segfault.patch
index ce6caff..77ade40 100644
--- a/poky/meta/recipes-extended/zip/zip-3.0/zipnote-crashes-with-segfault.patch
+++ b/poky/meta/recipes-extended/zip/zip-3.0/zipnote-crashes-with-segfault.patch
@@ -4,7 +4,7 @@
Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
-Upstream-Status: Inappropriate [no upstream]
+Upstream-Status: Inactive-Upstream [no upstream]
diff --git a/zipnote.c b/zipnote.c
index 5e02cb6..996f012 100644
diff --git a/poky/meta/recipes-gnome/epiphany/epiphany_42.0.bb b/poky/meta/recipes-gnome/epiphany/epiphany_42.2.bb
similarity index 94%
rename from poky/meta/recipes-gnome/epiphany/epiphany_42.0.bb
rename to poky/meta/recipes-gnome/epiphany/epiphany_42.2.bb
index 1cf731c..dc1b34a 100644
--- a/poky/meta/recipes-gnome/epiphany/epiphany_42.0.bb
+++ b/poky/meta/recipes-gnome/epiphany/epiphany_42.2.bb
@@ -28,7 +28,7 @@
file://migrator.patch \
file://distributor.patch \
"
-SRC_URI[archive.sha256sum] = "3dbfa8c00e45b7f44e1824d01f0febe83707b5fb9330c261173f68b7f03cd5e3"
+SRC_URI[archive.sha256sum] = "92c02cf886d10d2ccff5de658e1a420eab31d20bb50e746d430e9535b485192d"
PACKAGECONFIG_SOUP ?= "soup2"
PACKAGECONFIG ??= "${PACKAGECONFIG_SOUP}"
diff --git a/poky/meta/recipes-gnome/gtk+/gtk+3_3.24.33.bb b/poky/meta/recipes-gnome/gtk+/gtk+3_3.24.34.bb
similarity index 88%
rename from poky/meta/recipes-gnome/gtk+/gtk+3_3.24.33.bb
rename to poky/meta/recipes-gnome/gtk+/gtk+3_3.24.34.bb
index fb9e29d..f862e14 100644
--- a/poky/meta/recipes-gnome/gtk+/gtk+3_3.24.33.bb
+++ b/poky/meta/recipes-gnome/gtk+/gtk+3_3.24.34.bb
@@ -7,7 +7,7 @@
file://0003-Add-disable-opengl-configure-option.patch \
file://link_fribidi.patch \
"
-SRC_URI[sha256sum] = "588b06522e25d1579e989b6f9d8a1bdbf2fe13cde01a04e904ff346a225e7801"
+SRC_URI[sha256sum] = "dbc69f90ddc821b8d1441f00374dc1da4323a2eafa9078e61edbe5eeefa852ec"
S = "${WORKDIR}/gtk+-${PV}"
diff --git a/poky/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb b/poky/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb
index 150d2c0..150eca9 100644
--- a/poky/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb
+++ b/poky/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb
@@ -18,6 +18,8 @@
PACKAGECONFIG[working-scripts] = ",,libxslt-native xmlto-native python3-six python3-pygments"
PACKAGECONFIG[tests] = "--enable-tests,--disable-tests,glib-2.0"
+CACHED_CONFIGUREVARS += "ac_cv_path_XSLTPROC=xsltproc"
+
SRC_URI[archive.sha256sum] = "cc1b709a20eb030a278a1f9842a362e00402b7f834ae1df4c1998a723152bf43"
SRC_URI += "file://0001-Do-not-hardocode-paths-to-perl-python-in-scripts.patch \
file://0001-Do-not-error-out-if-xsltproc-is-not-found.patch \
@@ -43,6 +45,7 @@
${datadir}/gtk-doc/python/gtkdoc/config.py; do
sed -e 's,${RECIPE_SYSROOT_NATIVE}/usr/bin/pkg-config,${bindir}/pkg-config,' \
-e 's,${HOSTTOOLS_DIR}/python3,${bindir}/python3,' \
+ -e '1s|^#!.*|#!/usr/bin/env python3|' \
-i ${D}$fn
done
}
diff --git a/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb b/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb
index 0b5d1d5..67081bb 100644
--- a/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb
+++ b/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb
@@ -18,7 +18,9 @@
LICENSE:${PN}-script-interpreter = "MPL-1.1 | LGPL-2.1-only"
LICENSE:${PN}-perf-utils = "GPL-3.0-or-later"
-LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77"
+LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77 \
+ file://util/cairo-trace/COPYING-GPL-3;md5=d32239bcb673463ab874e80d47fae504"
+
DEPENDS = "fontconfig glib-2.0 libpng pixman zlib"
@@ -53,6 +55,7 @@
PACKAGECONFIG[egl] = "--enable-egl=yes,--disable-egl,virtual/egl"
PACKAGECONFIG[glesv2] = "--enable-glesv2,--disable-glesv2,virtual/libgles2"
PACKAGECONFIG[opengl] = "--enable-gl,--disable-gl,virtual/libgl"
+# trace is under GPLv3
PACKAGECONFIG[trace] = "--enable-trace,--disable-trace"
EXTRA_OECONF += " \
diff --git a/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch b/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch
new file mode 100644
index 0000000..3335fbd
--- /dev/null
+++ b/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch
@@ -0,0 +1,48 @@
+From 53dfdcd8198d2b3201a23c4bad9190519ba918db Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Thu, 17 Mar 2022 19:24:16 +0100
+Subject: [PATCH] [sfnt] Avoid invalid face index.
+
+Fixes #1138.
+
+* src/sfnt/sfobjs.c (sfnt_init_face), src/sfnt/sfwoff2.c (woff2_open_font):
+Check `face_index` before decrementing.
+
+Upstream-Status: Backport
+https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db
+
+Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
+---
+ src/sfnt/sfobjs.c | 2 +-
+ src/sfnt/sfwoff2.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/sfnt/sfobjs.c b/src/sfnt/sfobjs.c
+index f9d4d3858..9771c35df 100644
+--- a/src/sfnt/sfobjs.c
++++ b/src/sfnt/sfobjs.c
+@@ -566,7 +566,7 @@
+ face_index = FT_ABS( face_instance_index ) & 0xFFFF;
+
+ /* value -(N+1) requests information on index N */
+- if ( face_instance_index < 0 )
++ if ( face_instance_index < 0 && face_index > 0 )
+ face_index--;
+
+ if ( face_index >= face->ttc_header.count )
+diff --git a/src/sfnt/sfwoff2.c b/src/sfnt/sfwoff2.c
+index cb1e0664a..165b875e5 100644
+--- a/src/sfnt/sfwoff2.c
++++ b/src/sfnt/sfwoff2.c
+@@ -2085,7 +2085,7 @@
+ /* Validate requested face index. */
+ *num_faces = woff2.num_fonts;
+ /* value -(N+1) requests information on index N */
+- if ( *face_instance_index < 0 )
++ if ( *face_instance_index < 0 && face_index > 0 )
+ face_index--;
+
+ if ( face_index >= woff2.num_fonts )
+--
+GitLab
+
diff --git a/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch b/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch
new file mode 100644
index 0000000..582a985
--- /dev/null
+++ b/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch
@@ -0,0 +1,41 @@
+From 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Sat, 19 Mar 2022 06:40:17 +0100
+Subject: [PATCH] * src/base/ftobjs.c (ft_open_face_internal): Properly guard
+ `face_index`.
+
+We must ensure that the cast to `FT_Int` doesn't change the sign.
+
+Fixes #1139.
+
+Upstream-Status: Backport
+https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5
+
+Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
+---
+ src/base/ftobjs.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c
+index 2c0f0e6c9..10952a6c6 100644
+--- a/src/base/ftobjs.c
++++ b/src/base/ftobjs.c
+@@ -2527,6 +2527,15 @@
+ #endif
+
+
++ /* only use lower 31 bits together with sign bit */
++ if ( face_index > 0 )
++ face_index &= 0x7FFFFFFFL;
++ else
++ {
++ face_index &= 0x7FFFFFFFL;
++ face_index = -face_index;
++ }
++
+ #ifdef FT_DEBUG_LEVEL_TRACE
+ FT_TRACE3(( "FT_Open_Face: " ));
+ if ( face_index < 0 )
+--
+GitLab
+
diff --git a/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch b/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch
new file mode 100644
index 0000000..49f76c6
--- /dev/null
+++ b/poky/meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch
@@ -0,0 +1,32 @@
+From 0c2bdb01a2e1d24a3e592377a6d0822856e10df2 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Sat, 19 Mar 2022 09:37:28 +0100
+Subject: [PATCH] * src/base/ftobjs.c (FT_Request_Size): Guard `face->size`.
+
+Fixes #1140.
+
+Upstream-Status: Backport
+https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2
+
+Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
+---
+ src/base/ftobjs.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c
+index 6492a1517..282c9121a 100644
+--- a/src/base/ftobjs.c
++++ b/src/base/ftobjs.c
+@@ -3409,6 +3409,9 @@
+ if ( !face )
+ return FT_THROW( Invalid_Face_Handle );
+
++ if ( !face->size )
++ return FT_THROW( Invalid_Size_Handle );
++
+ if ( !req || req->width < 0 || req->height < 0 ||
+ req->type >= FT_SIZE_REQUEST_TYPE_MAX )
+ return FT_THROW( Invalid_Argument );
+--
+GitLab
+
diff --git a/poky/meta/recipes-graphics/freetype/freetype_2.11.1.bb b/poky/meta/recipes-graphics/freetype/freetype_2.11.1.bb
index 5055ff1..5b464d3 100644
--- a/poky/meta/recipes-graphics/freetype/freetype_2.11.1.bb
+++ b/poky/meta/recipes-graphics/freetype/freetype_2.11.1.bb
@@ -12,7 +12,11 @@
file://docs/FTL.TXT;md5=9f37b4e6afa3fef9dba8932b16bd3f97 \
file://docs/GPLv2.TXT;md5=8ef380476f642c20ebf40fecb0add2ec"
-SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/${BPN}/${BP}.tar.xz"
+SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/${BPN}/${BP}.tar.xz \
+ file://CVE-2022-27404.patch \
+ file://CVE-2022-27405.patch \
+ file://CVE-2022-27406.patch \
+ "
SRC_URI[sha256sum] = "3333ae7cfda88429c97a7ae63b7d01ab398076c3b67182e960e5684050f2c5c8"
UPSTREAM_CHECK_REGEX = "freetype-(?P<pver>\d+(\.\d+)+)"
diff --git a/poky/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch b/poky/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch
new file mode 100644
index 0000000..0f9b869
--- /dev/null
+++ b/poky/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch
@@ -0,0 +1,25 @@
+From e421613e8f825508afa9a0b54d33085557c37441 Mon Sep 17 00:00:00 2001
+From: Behdad Esfahbod <behdad@behdad.org>
+Date: Wed, 1 Jun 2022 09:07:57 -0600
+Subject: [PATCH] [sbix] Fix conditional
+
+Signed-off: Pavel Zhukov <pavel.zhukov@huawei.com>
+Upstream-Status: Backport [e421613e8f825508afa9a0b54d33085557c37441]
+
+---
+ src/hb-ot-color-sbix-table.hh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh
+index 6efae43cda..d0e2235fb2 100644
+--- a/src/hb-ot-color-sbix-table.hh
++++ b/src/hb-ot-color-sbix-table.hh
+@@ -298,7 +298,7 @@ struct sbix
+
+ const PNGHeader &png = *blob->as<PNGHeader>();
+
+- if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536)
++ if (png.IHDR.height >= 65536 || png.IHDR.width >= 65536)
+ {
+ hb_blob_destroy (blob);
+ return false;
diff --git a/poky/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch b/poky/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch
new file mode 100644
index 0000000..931b9ab
--- /dev/null
+++ b/poky/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch
@@ -0,0 +1,35 @@
+From 62e803b36173fd096d7ad460dd1d1db9be542593 Mon Sep 17 00:00:00 2001
+From: Behdad Esfahbod <behdad@behdad.org>
+Date: Wed, 1 Jun 2022 07:38:21 -0600
+Subject: [PATCH] [sbix] Limit glyph extents
+
+Fixes https://github.com/harfbuzz/harfbuzz/issues/3557
+
+Upstream-Status: Backport [https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593]
+CVE:CVE-2022-33068
+Signed-off-by: Wentao Zhang<Wentao.Zhang@windriver.com>
+
+---
+ src/hb-ot-color-sbix-table.hh | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh
+index 9741ebd45..6efae43cd 100644
+--- a/src/hb-ot-color-sbix-table.hh
++++ b/src/hb-ot-color-sbix-table.hh
+@@ -298,6 +298,12 @@ struct sbix
+
+ const PNGHeader &png = *blob->as<PNGHeader>();
+
++ if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536)
++ {
++ hb_blob_destroy (blob);
++ return false;
++ }
++
+ extents->x_bearing = x_offset;
+ extents->y_bearing = png.IHDR.height + y_offset;
+ extents->width = png.IHDR.width;
+--
+2.25.1
+
diff --git a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
index bf77a5e..b639c27 100644
--- a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
+++ b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
@@ -11,7 +11,9 @@
UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases"
UPSTREAM_CHECK_REGEX = "harfbuzz-(?P<pver>\d+(\.\d+)+).tar"
-SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz"
+SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz \
+ file://CVE-2022-33068.patch \
+ file://0001-Fix-conditional.patch"
SRC_URI[sha256sum] = "98f68777272db6cd7a3d5152bac75083cd52a26176d87bc04c8b3929d33bce49"
inherit meson pkgconfig lib_package gtk-doc gobject-introspection
diff --git a/poky/meta/recipes-graphics/mesa/files/0001-Revert-egl-wayland-deprecate-drm_handle_format-and-d.patch b/poky/meta/recipes-graphics/mesa/files/0001-Revert-egl-wayland-deprecate-drm_handle_format-and-d.patch
new file mode 100644
index 0000000..dac2de4
--- /dev/null
+++ b/poky/meta/recipes-graphics/mesa/files/0001-Revert-egl-wayland-deprecate-drm_handle_format-and-d.patch
@@ -0,0 +1,158 @@
+From 7796c2c56c960ac55e49246f0349ac52539ada55 Mon Sep 17 00:00:00 2001
+From: Leandro Ribeiro <leandro.ribeiro@collabora.com>
+Date: Sun, 10 Apr 2022 22:54:36 -0300
+Subject: [PATCH] Revert "egl/wayland: deprecate drm_handle_format() and
+ drm_handle_capabilities()"
+
+Commit af1ee8e010441f8f2ed8c77065b159652a4ac9fe dropped support to
+wl_drm, as we thought that most compositors from active projects were
+already supporting zwp_linux_dmabuf_v1.
+
+But that's not true, so revert this commit in order to give these
+projects a longer transition period.
+
+Note that we didn't add back the support to GEM name API, and that was
+on purpose.
+
+Signed-off-by: Leandro Ribeiro <leandro.ribeiro@collabora.com>
+Reviewed-by: Simon Ser <contact@emersion.fr>
+Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/15822>
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+Upstream-Status: Backport [https://gitlab.freedesktop.org/mesa/mesa/-/commit/c60fea8c228ae3f32e20d6b65c473d9f04871d20]
+---
+ src/egl/drivers/dri2/egl_dri2.h | 1 +
+ src/egl/drivers/dri2/platform_wayland.c | 59 +++++++++++++++++++------
+ 2 files changed, 47 insertions(+), 13 deletions(-)
+
+diff --git a/src/egl/drivers/dri2/egl_dri2.h b/src/egl/drivers/dri2/egl_dri2.h
+index c466ff83c53..eecb32a53fd 100644
+--- a/src/egl/drivers/dri2/egl_dri2.h
++++ b/src/egl/drivers/dri2/egl_dri2.h
+@@ -283,6 +283,7 @@ struct dri2_egl_display
+ struct zwp_linux_dmabuf_feedback_v1 *wl_dmabuf_feedback;
+ struct dmabuf_feedback_format_table format_table;
+ bool authenticated;
++ uint32_t capabilities;
+ char *device_name;
+ #endif
+
+diff --git a/src/egl/drivers/dri2/platform_wayland.c b/src/egl/drivers/dri2/platform_wayland.c
+index 5ff83cce08a..843434376a7 100644
+--- a/src/egl/drivers/dri2/platform_wayland.c
++++ b/src/egl/drivers/dri2/platform_wayland.c
+@@ -1343,7 +1343,7 @@ create_wl_buffer(struct dri2_egl_display *dri2_dpy,
+ struct dri2_egl_surface *dri2_surf,
+ __DRIimage *image)
+ {
+- struct wl_buffer *ret;
++ struct wl_buffer *ret = NULL;
+ EGLBoolean query;
+ int width, height, fourcc, num_planes;
+ uint64_t modifier = DRM_FORMAT_MOD_INVALID;
+@@ -1447,11 +1447,28 @@ create_wl_buffer(struct dri2_egl_display *dri2_dpy,
+ ret = zwp_linux_buffer_params_v1_create_immed(params, width, height,
+ fourcc, 0);
+ zwp_linux_buffer_params_v1_destroy(params);
++ } else {
++ struct wl_drm *wl_drm =
++ dri2_surf ? dri2_surf->wl_drm_wrapper : dri2_dpy->wl_drm;
++ int fd = -1, stride;
++
++ if (num_planes > 1)
++ return NULL;
++
++ query = dri2_dpy->image->queryImage(image, __DRI_IMAGE_ATTRIB_FD, &fd);
++ query &= dri2_dpy->image->queryImage(image, __DRI_IMAGE_ATTRIB_STRIDE, &stride);
++ if (!query) {
++ if (fd >= 0)
++ close(fd);
++ return NULL;
++ }
+
+- return ret;
++ ret = wl_drm_create_prime_buffer(wl_drm, fd, width, height, fourcc, 0,
++ stride, 0, 0, 0, 0);
++ close(fd);
+ }
+
+- return NULL;
++ return ret;
+ }
+
+ static EGLBoolean
+@@ -1698,16 +1715,21 @@ drm_handle_device(void *data, struct wl_drm *drm, const char *device)
+ static void
+ drm_handle_format(void *data, struct wl_drm *drm, uint32_t format)
+ {
+- /* deprecated, as compositors already support the dma-buf protocol extension
+- * and so we can rely on dmabuf_handle_modifier() to receive formats and
+- * modifiers */
++ struct dri2_egl_display *dri2_dpy = data;
++ int visual_idx = dri2_wl_visual_idx_from_fourcc(format);
++
++ if (visual_idx == -1)
++ return;
++
++ BITSET_SET(dri2_dpy->formats.formats_bitmap, visual_idx);
+ }
+
+ static void
+ drm_handle_capabilities(void *data, struct wl_drm *drm, uint32_t value)
+ {
+- /* deprecated, as compositors already support the dma-buf protocol extension
+- * and so we can rely on it to create wl_buffer's */
++ struct dri2_egl_display *dri2_dpy = data;
++
++ dri2_dpy->capabilities = value;
+ }
+
+ static void
+@@ -2075,13 +2097,12 @@ dri2_initialize_wayland_drm(_EGLDisplay *disp)
+ wl_registry_add_listener(dri2_dpy->wl_registry,
+ ®istry_listener_drm, dri2_dpy);
+
+- /* The compositor must expose the dma-buf interface. */
+- if (roundtrip(dri2_dpy) < 0 || dri2_dpy->wl_dmabuf == NULL)
++ if (roundtrip(dri2_dpy) < 0)
+ goto cleanup;
+
+ /* Get default dma-buf feedback */
+- if (zwp_linux_dmabuf_v1_get_version(dri2_dpy->wl_dmabuf) >=
+- ZWP_LINUX_DMABUF_V1_GET_DEFAULT_FEEDBACK_SINCE_VERSION) {
++ if (dri2_dpy->wl_dmabuf && zwp_linux_dmabuf_v1_get_version(dri2_dpy->wl_dmabuf) >=
++ ZWP_LINUX_DMABUF_V1_GET_DEFAULT_FEEDBACK_SINCE_VERSION) {
+ dmabuf_feedback_format_table_init(&dri2_dpy->format_table);
+ dri2_dpy->wl_dmabuf_feedback =
+ zwp_linux_dmabuf_v1_get_default_feedback(dri2_dpy->wl_dmabuf);
+@@ -2089,7 +2110,6 @@ dri2_initialize_wayland_drm(_EGLDisplay *disp)
+ &dmabuf_feedback_listener, dri2_dpy);
+ }
+
+- /* Receive events from the interfaces */
+ if (roundtrip(dri2_dpy) < 0)
+ goto cleanup;
+
+@@ -2176,6 +2196,19 @@ dri2_initialize_wayland_drm(_EGLDisplay *disp)
+
+ dri2_wl_setup_swap_interval(disp);
+
++ if (dri2_dpy->wl_drm) {
++ /* To use Prime, we must have _DRI_IMAGE v7 at least. createImageFromFds
++ * support indicates that Prime export/import is supported by the driver.
++ * We deprecated the support to GEM names API, so we bail out if the
++ * driver does not suport Prime. */
++ if (!(dri2_dpy->capabilities & WL_DRM_CAPABILITY_PRIME) ||
++ (dri2_dpy->image->base.version < 7) ||
++ (dri2_dpy->image->createImageFromFds == NULL)) {
++ _eglLog(_EGL_WARNING, "wayland-egl: display does not support prime");
++ goto cleanup;
++ }
++ }
++
+ if (dri2_dpy->is_different_gpu &&
+ (dri2_dpy->image->base.version < 9 ||
+ dri2_dpy->image->blitImage == NULL)) {
+--
+2.35.1
+
diff --git a/poky/meta/recipes-graphics/mesa/mesa-gl_22.0.0.bb b/poky/meta/recipes-graphics/mesa/mesa-gl_22.0.3.bb
similarity index 100%
rename from poky/meta/recipes-graphics/mesa/mesa-gl_22.0.0.bb
rename to poky/meta/recipes-graphics/mesa/mesa-gl_22.0.3.bb
diff --git a/poky/meta/recipes-graphics/mesa/mesa.inc b/poky/meta/recipes-graphics/mesa/mesa.inc
index e8c07a4..afac801 100644
--- a/poky/meta/recipes-graphics/mesa/mesa.inc
+++ b/poky/meta/recipes-graphics/mesa/mesa.inc
@@ -20,9 +20,10 @@
file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \
file://0001-futex.h-Define-__NR_futex-if-it-does-not-exist.patch \
file://0001-util-format-Check-for-NEON-before-using-it.patch \
+ file://0001-Revert-egl-wayland-deprecate-drm_handle_format-and-d.patch \
"
-SRC_URI[sha256sum] = "e6c41928b5b9917485bd67cec22d15e62cad7a358bf4c711a647979987601250"
+SRC_URI[sha256sum] = "9f2b30f5276a9abaf71aafc6979685e2636189de1a87aea2c9e69744a6d0ebb9"
UPSTREAM_CHECK_GITTAGREGEX = "mesa-(?P<pver>\d+(\.\d+)+)"
@@ -286,7 +287,7 @@
PACKAGES_DYNAMIC += "^mesa-driver-.*"
PACKAGES_DYNAMIC:class-native = "^mesa-driver-.*-native"
-FILES:mesa-megadriver = "${libdir}/dri/* ${datadir}/drirc.d/00-mesa-defaults.conf"
+FILES:mesa-megadriver = "${libdir}/dri/* ${datadir}/drirc.d"
FILES:mesa-vulkan-drivers = "${libdir}/libvulkan_*.so ${datadir}/vulkan"
FILES:${PN}-vdpau-drivers = "${libdir}/vdpau/*.so.*"
FILES:libegl-mesa = "${libdir}/libEGL.so.*"
diff --git a/poky/meta/recipes-graphics/mesa/mesa_22.0.0.bb b/poky/meta/recipes-graphics/mesa/mesa_22.0.3.bb
similarity index 100%
rename from poky/meta/recipes-graphics/mesa/mesa_22.0.0.bb
rename to poky/meta/recipes-graphics/mesa/mesa_22.0.3.bb
diff --git a/poky/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch b/poky/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch
new file mode 100644
index 0000000..1b62db9
--- /dev/null
+++ b/poky/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch
@@ -0,0 +1,27 @@
+From 2195cec1e5bc66128d72049c11ff381ca4516a4b Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex@linutronix.de>
+Date: Tue, 5 Jul 2022 11:51:39 +0200
+Subject: [PATCH] meson.build: request native wayland-scanner
+
+This matters in cross compilation, as otherwise meson will
+try to use a cross-binary, and fail.
+
+Upstream-Status: Submitted [https://gitlab.freedesktop.org/mesa/waffle/-/merge_requests/110]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ meson.build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/meson.build b/meson.build
+index 0bb6128..0b6da1f 100644
+--- a/meson.build
++++ b/meson.build
+@@ -108,7 +108,7 @@ else
+ 'wayland-egl', version : '>= 9.1', required : get_option('wayland'),
+ )
+ dep_wayland_scanner = dependency(
+- 'wayland-scanner', version : '>= 1.15', required : get_option('wayland'),
++ 'wayland-scanner', version : '>= 1.15', required : get_option('wayland'), native: true,
+ )
+ if dep_wayland_scanner.found()
+ prog_wayland_scanner = find_program(dep_wayland_scanner.get_pkgconfig_variable('wayland_scanner'))
diff --git a/poky/meta/recipes-graphics/waffle/waffle_1.7.0.bb b/poky/meta/recipes-graphics/waffle/waffle_1.7.0.bb
index f1fd9e7..dc47590 100644
--- a/poky/meta/recipes-graphics/waffle/waffle_1.7.0.bb
+++ b/poky/meta/recipes-graphics/waffle/waffle_1.7.0.bb
@@ -11,6 +11,7 @@
SRC_URI = "git://gitlab.freedesktop.org/mesa/waffle.git;protocol=https;branch=master \
file://0001-waffle-do-not-make-core-protocol-into-the-library.patch \
+ file://0001-meson.build-request-native-wayland-scanner.patch \
"
SRCREV = "905c6c10f2483adf0cbfa024e2d3c2ed541fb300"
S = "${WORKDIR}/git"
diff --git a/poky/meta/recipes-graphics/wayland/libinput_1.19.3.bb b/poky/meta/recipes-graphics/wayland/libinput_1.19.4.bb
similarity index 95%
rename from poky/meta/recipes-graphics/wayland/libinput_1.19.3.bb
rename to poky/meta/recipes-graphics/wayland/libinput_1.19.4.bb
index a7f1324..a7d0c4b 100644
--- a/poky/meta/recipes-graphics/wayland/libinput_1.19.3.bb
+++ b/poky/meta/recipes-graphics/wayland/libinput_1.19.4.bb
@@ -16,7 +16,7 @@
file://run-ptest \
file://determinism.patch \
"
-SRC_URI[sha256sum] = "3cae78ccde19d7d0f387e58bc734d4d17ab5f6426f54a9e8b728c90b17baa068"
+SRC_URI[sha256sum] = "ff33a570b5a936c81e6c08389a8581c2665311d026ce3d225c88d09c49f9b440"
UPSTREAM_CHECK_REGEX = "libinput-(?P<pver>\d+\.\d+\.(?!9\d+)\d+)"
diff --git a/poky/meta/recipes-graphics/wayland/weston_10.0.0.bb b/poky/meta/recipes-graphics/wayland/weston_10.0.1.bb
similarity index 96%
rename from poky/meta/recipes-graphics/wayland/weston_10.0.0.bb
rename to poky/meta/recipes-graphics/wayland/weston_10.0.1.bb
index 93f7b59..e27dac1 100644
--- a/poky/meta/recipes-graphics/wayland/weston_10.0.0.bb
+++ b/poky/meta/recipes-graphics/wayland/weston_10.0.1.bb
@@ -6,7 +6,7 @@
file://libweston/compositor.c;endline=27;md5=eb6d5297798cabe2ddc65e2af519bcf0 \
"
-SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
+SRC_URI = "https://gitlab.freedesktop.org/wayland/weston/-/releases/${PV}/downloads/${BPN}-${PV}.tar.xz \
file://weston.png \
file://weston.desktop \
file://xwayland.weston-start \
@@ -15,7 +15,7 @@
SRC_URI:append:libc-musl = " file://dont-use-plane-add-prop.patch "
-SRC_URI[sha256sum] = "5c23964112b90238bed39e5dd1e41cd71a79398813cdc3bbb15a9fdc94e547ae"
+SRC_URI[sha256sum] = "8a9e52506a865a7410981b04f8341b89b84106db8531ab1f9fdd37b5dc034115"
UPSTREAM_CHECK_URI = "https://wayland.freedesktop.org/releases.html"
diff --git a/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.0.bb b/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.1.bb
similarity index 94%
rename from poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.0.bb
rename to poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.1.bb
index 34652e9..89093e6 100644
--- a/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.0.bb
+++ b/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.1.bb
@@ -9,7 +9,7 @@
SRC_URI = "http://xkbcommon.org/download/${BPN}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "106cec5263f9100a7e79b5f7220f889bc78e7d7ffc55d2b6fdb1efefb8024031"
+SRC_URI[sha256sum] = "943c07a1e2198026d8102b17270a1f406e4d3d6bbc4ae105b9e1b82d7d136b39"
UPSTREAM_CHECK_URI = "http://xkbcommon.org/"
diff --git a/poky/meta/recipes-graphics/xwayland/xwayland_22.1.0.bb b/poky/meta/recipes-graphics/xwayland/xwayland_22.1.1.bb
similarity index 95%
rename from poky/meta/recipes-graphics/xwayland/xwayland_22.1.0.bb
rename to poky/meta/recipes-graphics/xwayland/xwayland_22.1.1.bb
index 9769235..b512b99 100644
--- a/poky/meta/recipes-graphics/xwayland/xwayland_22.1.0.bb
+++ b/poky/meta/recipes-graphics/xwayland/xwayland_22.1.1.bb
@@ -10,7 +10,7 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=5df87950af51ac2c5822094553ea1880"
SRC_URI = "https://www.x.org/archive/individual/xserver/xwayland-${PV}.tar.xz"
-SRC_URI[sha256sum] = "1752d6d0a930e71292b5a308d3811ebd54d8cc68cacff44de654265b8617a2bf"
+SRC_URI[sha256sum] = "f5d0e0ba37e19bb87c62f61da5970bd204939f2120620964bed4cc8495baa657"
UPSTREAM_CHECK_REGEX = "xwayland-(?P<pver>\d+(\.(?!90\d)\d+)+)\.tar"
diff --git a/poky/meta/recipes-kernel/kmod/kmod_29.bb b/poky/meta/recipes-kernel/kmod/kmod_29.bb
index 9b66349..32dc49c 100644
--- a/poky/meta/recipes-kernel/kmod/kmod_29.bb
+++ b/poky/meta/recipes-kernel/kmod/kmod_29.bb
@@ -27,7 +27,7 @@
EXTRA_OECONF += "--enable-tools"
-PACKAGECONFIG ??= "zlib"
+PACKAGECONFIG ??= "zlib xz"
PACKAGECONFIG[debug] = "--enable-debug,--disable-debug"
PACKAGECONFIG[logging] = " --enable-logging,--disable-logging"
PACKAGECONFIG[manpages] = "--enable-manpages, --disable-manpages, libxslt-native xmlto-native"
diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220411.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220610.bb
similarity index 96%
rename from poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220411.bb
rename to poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220610.bb
index 4a443d1..78b38df 100644
--- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220411.bb
+++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220610.bb
@@ -69,6 +69,7 @@
& WHENCE \
"
+WHENCE_CHKSUM = "385947b278a6646ae4c3d39ba8c9b1bb"
LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
file://LICENCE.adsp_sst;md5=615c45b91a5a4a9fe046d6ab9a2df728 \
file://LICENCE.agere;md5=af0133de6b4a9b2522defd5f188afd31 \
@@ -132,7 +133,7 @@
file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \
file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \
file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \
- file://WHENCE;md5=4cf67d71a21887c682c3989a4318745e \
+ file://WHENCE;md5=${WHENCE_CHKSUM} \
"
# These are not common licenses, set NO_GENERIC_LICENSE for them
@@ -203,9 +204,16 @@
PE = "1"
-SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz"
+SRC_URI = "\
+ ${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz \
+"
-SRC_URI[sha256sum] = "020b11f6412f4956f5a6f98de7d41867d2b30ea0ce81b1e2d206ec9840363849"
+BBCLASSEXTEND = "devupstream:target"
+SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git;protocol=https;branch=main"
+# Pin this to the 20220509 release, override this in local.conf
+SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae"
+
+SRC_URI[sha256sum] = "faf3aedf89530e61f4fa1e8c7303dead9127cc24416945647797d079feb12837"
inherit allarch
@@ -267,7 +275,7 @@
${PN}-bcm4373 \
${PN}-bcm43xx \
${PN}-bcm43xx-hdr \
- ${PN}-atheros-license ${PN}-ar9170 ${PN}-ath6k ${PN}-ath9k \
+ ${PN}-atheros-license ${PN}-ar9170 ${PN}-ath6k ${PN}-ath9k ${PN}-ath3k \
${PN}-gplv2-license ${PN}-carl9170 \
${PN}-ar3k-license ${PN}-ar3k ${PN}-ath10k-license ${PN}-ath10k ${PN}-ath11k ${PN}-qca \
\
@@ -304,8 +312,9 @@
${PN}-qcom-license \
${PN}-qcom-venus-1.8 ${PN}-qcom-venus-4.2 ${PN}-qcom-venus-5.2 ${PN}-qcom-venus-5.4 \
${PN}-qcom-vpu-1.0 ${PN}-qcom-vpu-2.0 \
- ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a530 \
+ ${PN}-qcom-adreno-a2xx ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a4xx ${PN}-qcom-adreno-a530 \
${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \
+ ${PN}-qcom-apq8096-audio ${PN}-qcom-apq8096-modem \
${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \
${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \
${PN}-amlogic-vdec-license ${PN}-amlogic-vdec \
@@ -316,6 +325,7 @@
# For atheros
LICENSE:${PN}-ar9170 = "Firmware-atheros_firmware"
+LICENSE:${PN}-ath3k = "Firmware-atheros_firmware"
LICENSE:${PN}-ath6k = "Firmware-atheros_firmware"
LICENSE:${PN}-ath9k = "Firmware-atheros_firmware"
LICENSE:${PN}-atheros-license = "Firmware-atheros_firmware"
@@ -324,6 +334,9 @@
FILES:${PN}-ar9170 = " \
${nonarch_base_libdir}/firmware/ar9170*.fw \
"
+FILES:${PN}-ath3k = " \
+ ${nonarch_base_libdir}/firmware/ath3k*fw \
+"
FILES:${PN}-ath6k = " \
${nonarch_base_libdir}/firmware/ath6k \
"
@@ -958,11 +971,15 @@
FILES:${PN}-qcom-venus-5.4 = "${nonarch_base_libdir}/firmware/qcom/venus-5.4/*"
FILES:${PN}-qcom-vpu-1.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-1.0/*"
FILES:${PN}-qcom-vpu-2.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-2.0/*"
-FILES:${PN}-qcom-adreno-a3xx = "${nonarch_base_libdir}/firmware/qcom/a300_*.fw ${nonarch_base_libdir}/firmware/a300_*.fw"
+FILES:${PN}-qcom-adreno-a2xx = "${nonarch_base_libdir}/firmware/qcom/leia_*.fw"
+FILES:${PN}-qcom-adreno-a3xx = "${nonarch_base_libdir}/firmware/qcom/a3*_*.fw ${nonarch_base_libdir}/firmware/a300_*.fw"
+FILES:${PN}-qcom-adreno-a4xx = "${nonarch_base_libdir}/firmware/qcom/a4*_*.fw"
FILES:${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.*"
FILES:${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*"
FILES:${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*"
FILES:${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*"
+FILES:${PN}-qcom-apq8096-audio = "${nonarch_base_libdir}/firmware/qcom/apq8096/adsp*.*"
+FILES:${PN}-qcom-apq8096-modem = "${nonarch_base_libdir}/firmware/qcom/apq8096/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8096/modem*.* ${nonarch_base_libdir}/firmware/qcom/apq8096/wlanmdsp.mbn"
FILES:${PN}-qcom-sdm845-audio = "${nonarch_base_libdir}/firmware/qcom/sdm845/adsp*.*"
FILES:${PN}-qcom-sdm845-compute = "${nonarch_base_libdir}/firmware/qcom/sdm845/cdsp*.*"
FILES:${PN}-qcom-sdm845-modem = "${nonarch_base_libdir}/firmware/qcom/sdm845/mba.mbn ${nonarch_base_libdir}/firmware/qcom/sdm845/modem*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/wlanmdsp.mbn"
@@ -974,11 +991,15 @@
RDEPENDS:${PN}-qcom-venus-5.4 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-vpu-1.0 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-vpu-2.0 = "${PN}-qcom-license"
+RDEPENDS:${PN}-qcom-adreno-a2xx = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a3xx = "${PN}-qcom-license"
+RDEPENDS:${PN}-qcom-adreno-a4xx = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a530 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a630 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a650 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a660 = "${PN}-qcom-license"
+RDEPENDS:${PN}-qcom-apq8096-audio = "${PN}-qcom-license"
+RDEPENDS:${PN}-qcom-apq8096-modem = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-sdm845-audio = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-sdm845-compute = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-sdm845-modem = "${PN}-qcom-license"
diff --git a/poky/meta/recipes-kernel/linux/kernel-devsrc.bb b/poky/meta/recipes-kernel/linux/kernel-devsrc.bb
index 9654488..f8f7171 100644
--- a/poky/meta/recipes-kernel/linux/kernel-devsrc.bb
+++ b/poky/meta/recipes-kernel/linux/kernel-devsrc.bb
@@ -128,8 +128,12 @@
# breaks workflows.
cp -a --parents include/generated/autoconf.h $kerneldir/build 2>/dev/null || :
- if [ -e $kerneldir/include/generated/.vdso-offsets.h.cmd ]; then
- rm $kerneldir/include/generated/.vdso-offsets.h.cmd
+ if [ -e $kerneldir/include/generated/.vdso-offsets.h.cmd ] ||
+ [ -e $kerneldir/build/include/generated/.vdso-offsets.h.cmd ] ||
+ [ -e $kerneldir/build/include/generated/.vdso32-offsets.h.cmd ] ; then
+ rm -f $kerneldir/include/generated/.vdso-offsets.h.cmd
+ rm -f $kerneldir/build/include/generated/.vdso-offsets.h.cmd
+ rm -f $kerneldir/build/include/generated/.vdso32-offsets.h.cmd
fi
)
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index 3ff54b9..53ccd41 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -11,13 +11,13 @@
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "40a6731993d406d6c9fed43cb20c6a4f178ff2cc"
-SRCREV_meta ?= "2278ed571c14df6e87d8e01ac26f649d98020623"
+SRCREV_machine ?= "63771123b1eea439bea2cf80f9f5682667528d9f"
+SRCREV_meta ?= "96ea2660bb97e15f48f4885b9e436f24c3606bd9"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.10.109"
+LINUX_VERSION ?= "5.10.130"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 87ccfc1..b6e443d 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "29d051cc421a76432897019edc33edae35b16e39"
-SRCREV_meta ?= "63e25b5717751b4b33685bd5991d10c52934a4c6"
+SRCREV_machine ?= "0222cbb8d40318cf5377875017e32eebefa59ab8"
+SRCREV_meta ?= "0e3a81a5aefbea03388b1235fbcc3dec278425d0"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.32"
+LINUX_VERSION ?= "5.15.54"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index bbaa0eb..7b3aaa7 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -6,7 +6,7 @@
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.10.109"
+LINUX_VERSION ?= "5.10.130"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine:qemuarm ?= "9524d0ca0feeeb4cb698e3c984f4391ccb4b8e19"
-SRCREV_machine ?= "bccf3a5f14511fb8ce6a9dd990216508d2c2ec6e"
-SRCREV_meta ?= "2278ed571c14df6e87d8e01ac26f649d98020623"
+SRCREV_machine:qemuarm ?= "bff12aa9748d83efc518e524858913c028f0707a"
+SRCREV_machine ?= "5bdf36bd73803640ee495fc6f36b0207993bf62a"
+SRCREV_meta ?= "96ea2660bb97e15f48f4885b9e436f24c3606bd9"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index d8ce5dc..aadf014 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -1,12 +1,11 @@
KBRANCH ?= "v5.15/standard/tiny/base"
-KBRANCH:qemuarm ?= "v5.15/standard/tiny/arm-versatile-926ejs"
LINUX_KERNEL_TYPE = "tiny"
KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.32"
+LINUX_VERSION ?= "5.15.54"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,16 +14,15 @@
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine:qemuarm ?= "cc9e92e826af229b841fcaf8c645e638a86eba43"
-SRCREV_machine ?= "c3d54a67cbf3fb8e6df2d88c80e9d2c74f69aba4"
-SRCREV_meta ?= "63e25b5717751b4b33685bd5991d10c52934a4c6"
+SRCREV_machine ?= "9b1d0e5eb8b08323577f5e2b21cbb2065aba0aa1"
+SRCREV_meta ?= "0e3a81a5aefbea03388b1235fbcc3dec278425d0"
PV = "${LINUX_VERSION}+git${SRCPV}"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-COMPATIBLE_MACHINE = "qemux86|qemux86-64|qemuarm|qemuarmv5"
+COMPATIBLE_MACHINE = "qemux86|qemux86-64|qemuarm64|qemuarm|qemuarmv5"
# Functionality flags
KERNEL_FEATURES = ""
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index 06242ad..d5bf2c9 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -13,23 +13,23 @@
KBRANCH:qemux86-64 ?= "v5.10/standard/base"
KBRANCH:qemumips64 ?= "v5.10/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "dfeff112cafaf3a04da6cd60301d297406e1b77f"
-SRCREV_machine:qemuarm64 ?= "3641e4234255c71c33cb2d9422f54c17b70c8941"
-SRCREV_machine:qemumips ?= "7eead19134a43cf9ccc0fa9d75c45be2a7743f13"
-SRCREV_machine:qemuppc ?= "6e1d66b2a871be0450722a50fc087ff8ccbcddd7"
-SRCREV_machine:qemuriscv64 ?= "d2f7a595bf0b752275d503046494b668549cb151"
-SRCREV_machine:qemuriscv32 ?= "d2f7a595bf0b752275d503046494b668549cb151"
-SRCREV_machine:qemux86 ?= "d2f7a595bf0b752275d503046494b668549cb151"
-SRCREV_machine:qemux86-64 ?= "d2f7a595bf0b752275d503046494b668549cb151"
-SRCREV_machine:qemumips64 ?= "279f142932679a8ba212ebae4b9db851636a1fab"
-SRCREV_machine ?= "d2f7a595bf0b752275d503046494b668549cb151"
-SRCREV_meta ?= "2278ed571c14df6e87d8e01ac26f649d98020623"
+SRCREV_machine:qemuarm ?= "8d513bf2294b60cbfa7bfbfab43f7ec458e88de0"
+SRCREV_machine:qemuarm64 ?= "f86e70ec0a39fa6cfd5b19a013703345cf9e8d4c"
+SRCREV_machine:qemumips ?= "a5c1977699a2733ed4ddd08f1bcc1cbcc1fa8862"
+SRCREV_machine:qemuppc ?= "2e52a4c55beaea77e6b99720de58624c416e7569"
+SRCREV_machine:qemuriscv64 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a"
+SRCREV_machine:qemuriscv32 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a"
+SRCREV_machine:qemux86 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a"
+SRCREV_machine:qemux86-64 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a"
+SRCREV_machine:qemumips64 ?= "37c7c3e8979a2b0eb75bf8ceab7f2b7f12565ceb"
+SRCREV_machine ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a"
+SRCREV_meta ?= "96ea2660bb97e15f48f4885b9e436f24c3606bd9"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.10.109"
+LINUX_VERSION ?= "5.10.130"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
@@ -50,6 +50,9 @@
KERNEL_FEATURES:append:qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc"
KERNEL_FEATURES:append:qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc"
KERNEL_FEATURES:append:qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append:powerpc =" arch/powerpc/powerpc-debug.scc"
+KERNEL_FEATURES:append:powerpc64 =" arch/powerpc/powerpc-debug.scc"
+KERNEL_FEATURES:append:powerpc64le =" arch/powerpc/powerpc-debug.scc"
KERNEL_FEATURES:append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}"
KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}"
KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 5cfa0c3..4c1d163 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "b6fd1a7dd80a336567fa30c1d674f0d5df9af836"
-SRCREV_machine:qemuarm64 ?= "387a676543764b59e38cf6b13d6474846fb07d78"
-SRCREV_machine:qemumips ?= "7c084cf3a700f7a2c68c8909501f4d35b3215e40"
-SRCREV_machine:qemuppc ?= "239f7c8f37bf9ade16325101df3c06a485ccc74e"
-SRCREV_machine:qemuriscv64 ?= "c9f3902d8069e32a8928153a38d8f6115194d128"
-SRCREV_machine:qemuriscv32 ?= "c9f3902d8069e32a8928153a38d8f6115194d128"
-SRCREV_machine:qemux86 ?= "c9f3902d8069e32a8928153a38d8f6115194d128"
-SRCREV_machine:qemux86-64 ?= "c9f3902d8069e32a8928153a38d8f6115194d128"
-SRCREV_machine:qemumips64 ?= "a4805fe749c9c56d18a60b5378674760ef0e85ed"
-SRCREV_machine ?= "c9f3902d8069e32a8928153a38d8f6115194d128"
-SRCREV_meta ?= "63e25b5717751b4b33685bd5991d10c52934a4c6"
+SRCREV_machine:qemuarm ?= "c284142affccb534122ad93bdcd4774af161d767"
+SRCREV_machine:qemuarm64 ?= "c4c194a34c568c17389120608b2ee8a7a988150a"
+SRCREV_machine:qemumips ?= "7b446965d9659d312952ef4dedf5b50a493e60c2"
+SRCREV_machine:qemuppc ?= "0c2a4ad856c8f0c1b3ca8a38c17e1194f47e4643"
+SRCREV_machine:qemuriscv64 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec"
+SRCREV_machine:qemuriscv32 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec"
+SRCREV_machine:qemux86 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec"
+SRCREV_machine:qemux86-64 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec"
+SRCREV_machine:qemumips64 ?= "9a8d4e00df67daf224ae62b238c151a3f3f70ae7"
+SRCREV_machine ?= "a40d2daf2795d89e3ef8af0413b25190558831ec"
+SRCREV_meta ?= "0e3a81a5aefbea03388b1235fbcc3dec278425d0"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "e29be6724adbc9c3126d2a9550ec21f927f22f6d"
+SRCREV_machine:class-devupstream ?= "843dae1756d9bddee21a96827784791fd97d484e"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.32"
+LINUX_VERSION ?= "5.15.54"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
@@ -62,6 +62,9 @@
KERNEL_FEATURES:append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}"
KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}"
KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}"
+KERNEL_FEATURES:append:powerpc =" arch/powerpc/powerpc-debug.scc"
+KERNEL_FEATURES:append:powerpc64 =" arch/powerpc/powerpc-debug.scc"
+KERNEL_FEATURES:append:powerpc64le =" arch/powerpc/powerpc-debug.scc"
INSANE_SKIP:kernel-vmlinux:qemuppc64 = "textrel"
diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch
new file mode 100644
index 0000000..d27cbc3
--- /dev/null
+++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch
@@ -0,0 +1,44 @@
+From 13e4c978d45237b8780f1de6d404812b3af26a49 Mon Sep 17 00:00:00 2001
+From: He Zhe <zhe.he@windriver.com>
+Date: Thu, 2 Jun 2022 06:36:08 +0000
+Subject: [PATCH] fix: random: remove unused tracepoints (v5.10, v5.15)
+
+The following kernel commit has been back ported to v5.10.119 and v5.15.44.
+
+commit 14c174633f349cb41ea90c2c0aaddac157012f74
+Author: Jason A. Donenfeld <Jason@zx2c4.com>
+Date: Thu Feb 10 16:40:44 2022 +0100
+
+ random: remove unused tracepoints
+
+ These explicit tracepoints aren't really used and show sign of aging.
+ It's work to keep these up to date, and before I attempted to keep them
+ up to date, they weren't up to date, which indicates that they're not
+ really used. These days there are better ways of introspecting anyway.
+
+Upstream-Status: Pending
+
+Signed-off-by: He Zhe <zhe.he@windriver.com>
+---
+ src/probes/Kbuild | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/probes/Kbuild b/src/probes/Kbuild
+index 5478447..31e0ee8 100644
+--- a/src/probes/Kbuild
++++ b/src/probes/Kbuild
+@@ -204,7 +204,10 @@ endif
+
+ # Introduced in v3.6, remove in v5.18
+ obj-$(CONFIG_LTTNG) += $(shell \
+- if [ \( ! \( $(VERSION) -ge 6 -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) \) \
++ if [ \( ! \( $(VERSION) -ge 6 \
++ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \
++ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -eq 15 -a $(SUBLEVEL) -ge 44 \) \
++ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -eq 10 -a $(SUBLEVEL) -ge 119 \) \) \) \
+ -a \
+ $(VERSION) -ge 4 \
+ -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -ge 6 \) \
+--
+2.32.0
+
diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch
new file mode 100644
index 0000000..b41053b
--- /dev/null
+++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch
@@ -0,0 +1,59 @@
+From 9c5b8de32b5745f3ff31079c02da64595e101bee Mon Sep 17 00:00:00 2001
+From: Michael Jeanson <mjeanson@efficios.com>
+Date: Tue, 17 May 2022 11:46:29 -0400
+Subject: [PATCH] fix: sched/tracing: Append prev_state to tp args instead
+ (v5.18)
+
+See upstream commit :
+
+ commit 9c2136be0878c88c53dea26943ce40bb03ad8d8d
+ Author: Delyan Kratunov <delyank@fb.com>
+ Date: Wed May 11 18:28:36 2022 +0000
+
+ sched/tracing: Append prev_state to tp args instead
+
+ Commit fa2c3254d7cf (sched/tracing: Don't re-read p->state when emitting
+ sched_switch event, 2022-01-20) added a new prev_state argument to the
+ sched_switch tracepoint, before the prev task_struct pointer.
+
+ This reordering of arguments broke BPF programs that use the raw
+ tracepoint (e.g. tp_btf programs). The type of the second argument has
+ changed and existing programs that assume a task_struct* argument
+ (e.g. for bpf_task_storage access) will now fail to verify.
+
+ If we instead append the new argument to the end, all existing programs
+ would continue to work and can conditionally extract the prev_state
+ argument on supported kernel versions.
+
+
+Upstream-Status: Backport
+
+Change-Id: Ife2ec88a8bea2743562590cbd357068d7773863f
+Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
+Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+---
+ include/instrumentation/events/sched.h | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/include/instrumentation/events/sched.h b/include/instrumentation/events/sched.h
+index 339bec94..c1c3df15 100644
+--- a/include/instrumentation/events/sched.h
++++ b/include/instrumentation/events/sched.h
+@@ -356,11 +356,11 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(sched_wakeup_template, sched_wakeup_new,
+ LTTNG_TRACEPOINT_EVENT(sched_switch,
+
+ TP_PROTO(bool preempt,
+- unsigned int prev_state,
+ struct task_struct *prev,
+- struct task_struct *next),
++ struct task_struct *next,
++ unsigned int prev_state),
+
+- TP_ARGS(preempt, prev_state, prev, next),
++ TP_ARGS(preempt, prev, next, prev_state),
+
+ TP_FIELDS(
+ ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN)
+--
+2.19.1
+
diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb b/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb
index 2b00534..e049bdc 100644
--- a/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb
+++ b/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb
@@ -20,6 +20,8 @@
file://0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch \
file://0009-Rename-genhd-wrapper-to-blkdev.patch \
file://0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch \
+ file://0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch \
+ file://0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch \
"
# Use :append here so that the patch is applied also when using devupstream
diff --git a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.2.bb b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.3.bb
similarity index 95%
rename from poky/meta/recipes-kernel/lttng/lttng-ust_2.13.2.bb
rename to poky/meta/recipes-kernel/lttng/lttng-ust_2.13.3.bb
index 516d90a..cc88bf5 100644
--- a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.2.bb
+++ b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.3.bb
@@ -34,7 +34,7 @@
file://0001-Makefile.am-update-rpath-link.patch \
"
-SRC_URI[sha256sum] = "08679a1dfc2c9428885273861628aa5d828972f389a38bb08fdce39adee589b7"
+SRC_URI[sha256sum] = "2cc42f51145050430ac4ab72b32d95fd78d5566ccbe44e14a8fcdd23c0ed8f6f"
CVE_PRODUCT = "ust"
diff --git a/poky/meta/recipes-kernel/perf/perf.bb b/poky/meta/recipes-kernel/perf/perf.bb
index adefc44..603d3f9 100644
--- a/poky/meta/recipes-kernel/perf/perf.bb
+++ b/poky/meta/recipes-kernel/perf/perf.bb
@@ -228,6 +228,12 @@
sed -i -e 's,$(call get-executable-or-default\,PYTHON\,$(PYTHON_AUTO)),$(notdir $(call get-executable-or-default\,PYTHON\,$(PYTHON_AUTO))),g' \
${S}/tools/perf/Makefile.config
+ # likewise with this substitution. Kernels with commit 18f2967418d031a39
+ # [perf tools: Use Python devtools for version autodetection rather than runtime]
+ # need this substitution for reproducibility.
+ sed -i -e 's,$(call get-executable-or-default\,PYTHON\,$(subst -config\,\,$(PYTHON_AUTO))),$(notdir $(call get-executable-or-default\,PYTHON\,$(subst -config\,\,$(PYTHON_AUTO)))),g' \
+ ${S}/tools/perf/Makefile.config
+
# The following line:
# srcdir_SQ = $(patsubst %tools/perf,tools/perf,$(subst ','\'',$(srcdir))),
# Captures the full src path of perf, which of course makes it not
diff --git a/poky/meta/recipes-kernel/perf/perf/sort-pmuevents.py b/poky/meta/recipes-kernel/perf/perf/sort-pmuevents.py
index 09ba332..0362f2d 100755
--- a/poky/meta/recipes-kernel/perf/perf/sort-pmuevents.py
+++ b/poky/meta/recipes-kernel/perf/perf/sort-pmuevents.py
@@ -62,7 +62,10 @@
#print( " name found: %s" % name.group(1) )
entry_dict[struct[2]]['fields'][name.group(1)] = entry
- if not entry_dict[struct[2]]['fields']:
+ # unmatched entries are most likely array terminators and
+ # should end up as the last element in the sorted list, which
+ # is achieved by using '0' as the key
+ if not cpuid and not name:
entry_dict[struct[2]]['fields']['0'] = entry
# created ordered dictionaries from the captured values. These are ordered by
diff --git a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.04.08.bb b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.06.06.bb
similarity index 94%
rename from poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.04.08.bb
rename to poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.06.06.bb
index cd42039..2eba4f8 100644
--- a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.04.08.bb
+++ b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.06.06.bb
@@ -5,7 +5,7 @@
LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c"
SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz"
-SRC_URI[sha256sum] = "884ba2e3c1e8b98762b6dc25ff60b5ec75c8d33a39e019b3ed4aa615491460d3"
+SRC_URI[sha256sum] = "ac00f97efecce5046ed069d1d93f3365fdf994c7c7854a8fc50831e959537230"
inherit bin_package allarch
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.2.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.2.6.bb
index c435f61..560fd80 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.2.6.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.2.6.bb
@@ -34,7 +34,7 @@
speexdsp \
${@bb.utils.filter('DISTRO_FEATURES', 'pulseaudio', d)} \
"
-PACKAGECONFIG[aaf] = "--enable-aaf,--disable-aaf,avtp"
+PACKAGECONFIG[aaf] = "--enable-aaf,--disable-aaf,libavtp"
PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack"
PACKAGECONFIG[libav] = "--enable-libav,--disable-libav,libav"
PACKAGECONFIG[maemo-plugin] = "--enable-maemo-plugin,--disable-maemo-plugin"
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
similarity index 98%
rename from poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.bb
rename to poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
index 96eef5e..dd14f8d 100644
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.bb
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
@@ -25,7 +25,7 @@
SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
"
-SRC_URI[sha256sum] = "51e919f7d205062c0fd4fae6243a84850391115104ccf1efc451733bc0ac7298"
+SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a93007b"
# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
ARM_INSTRUCTION_SET:armv4 = "arm"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.3.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.3.bb
index ade7cb7..c515e17 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.3.bb
@@ -12,7 +12,7 @@
file://0001-connect-has-a-different-signature-on-musl.patch \
"
-SRC_URI[sha256sum] = "81f1c7ef105b8bdb63412638952f6320723b3161c96a80f113b020e2de554b2b"
+SRC_URI[sha256sum] = "bbbd45ead703367ea8f4be9b3c082d7b62bef47b240a39083f27844e28758c47"
DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
RRECOMMENDS:${PN} = "git"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.3.bb
similarity index 91%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.3.bb
index 16a298a..e8da49a 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.3.bb
@@ -12,7 +12,7 @@
"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "91a71fb633b75e1bd52e22a457845cb0ba563a2972ba5954ec88448f443a9fc7"
+SRC_URI[sha256sum] = "3fedd10560fcdfaa1b6462cbf79a38c4e7b57d7f390359393fc0cef6dbf27dfe"
S = "${WORKDIR}/gst-libav-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.3.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.3.bb
index 835f9a3..fb48562 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.3.bb
@@ -10,7 +10,7 @@
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
-SRC_URI[sha256sum] = "86b52e30ebd0f59fcb5cf81a163211975f73ef32e5a6782562804646316bcd7c"
+SRC_URI[sha256sum] = "8db48040bb41f09edf8d17ff6d16c54888d7777ba4501c2c69f0083350ea9a15"
S = "${WORKDIR}/gst-omx-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.3.bb
similarity index 98%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.3.bb
index 7c4665a..05de217 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.3.bb
@@ -11,7 +11,7 @@
file://0003-ensure-valid-sentinals-for-gst_structure_get-etc.patch \
file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
"
-SRC_URI[sha256sum] = "09d3c2cf5911f0bc7da6bf557a55251779243d3de216b6a26cc90c445b423848"
+SRC_URI[sha256sum] = "7a11c13b55dd1d2386dd902219e41cbfcdda8e1e0aa3e738186c95074b35da4f"
S = "${WORKDIR}/gst-plugins-bad-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.3.bb
similarity index 97%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.3.bb
index 0953261..7eebbba 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.3.bb
@@ -11,7 +11,7 @@
file://0003-viv-fb-Make-sure-config.h-is-included.patch \
file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
"
-SRC_URI[sha256sum] = "96d8a6413ba9394fbec1217aeef63741a729d476a505a797c1d5337d8fa7c204"
+SRC_URI[sha256sum] = "7e30b3dd81a70380ff7554f998471d6996ff76bbe6fc5447096f851e24473c9f"
S = "${WORKDIR}/gst-plugins-base-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.3.bb
similarity index 97%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.3.bb
index 1f61d9a..0235935 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.3.bb
@@ -8,7 +8,7 @@
file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
"
-SRC_URI[sha256sum] = "3c66876f821d507bcdbebffb08b4f31a322727d6753f65a0f02c905ecb7084aa"
+SRC_URI[sha256sum] = "f8f3c206bf5cdabc00953920b47b3575af0ef15e9f871c0b6966f6d0aa5868b7"
S = "${WORKDIR}/gst-plugins-good-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.3.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.3.bb
index b0746c0..ad7b84b 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.3.bb
@@ -14,7 +14,7 @@
SRC_URI = " \
https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
"
-SRC_URI[sha256sum] = "42035145e29983308d2828207bb4ef933ed0407bb587fb3a569738c6a57fdb19"
+SRC_URI[sha256sum] = "8caa20789a09c304b49cf563d33cca9421b1875b84fcc187e4a385fa01d6aefd"
S = "${WORKDIR}/gst-plugins-ugly-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.3.bb
similarity index 91%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.3.bb
index a8ae274..57026ba 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.3.bb
@@ -8,7 +8,7 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "ba6cd59faa3db3981d8c6982351c239d823c0b8e80b1acf58d2997b050289422"
+SRC_URI[sha256sum] = "db348120eae955b8cc4de3560a7ea06e36d6e1ddbaa99a7ad96b59846601cfdc"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.3.bb
similarity index 90%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.3.bb
index 90d788a..fd4f82f 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.3.bb
@@ -10,7 +10,7 @@
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "4745bc528ad7de711a41d576ddce7412266e66d05c4cfcc636c9ba4da5521509"
+SRC_URI[sha256sum] = "ee402718be9b127f0e5e66ca4c1b4f42e4926ec93ba307b7ccca5dc6cc9794ca"
S = "${WORKDIR}/${PNREAL}-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.3.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.3.bb
index 48b571f..6e580f9 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.3.bb
@@ -11,7 +11,7 @@
SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "87fbf6c537af9079c99a9aefe951da119e16e5bcc9cc8614f5035f062bf21137"
+SRC_URI[sha256sum] = "6ee99eb316abdde9ad37002915bd8c3867918f6fdc74b7cf2ac4c1ae0d690b45"
S = "${WORKDIR}/${REALPN}-${PV}"
DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.3.bb
similarity index 96%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.1.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.3.bb
index 81b9492..1f4576c 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.1.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.3.bb
@@ -23,7 +23,7 @@
file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \
file://0005-tests-remove-gstbin-test_watch_for_state_change-test.patch \
"
-SRC_URI[sha256sum] = "de094a404a3ad8f4977829ea87edf695a4da0b5c8f613ebe54ab414bac89f031"
+SRC_URI[sha256sum] = "607daf64bbbd5fb18af9d17e21c0d22c4d702fffe83b23cb22d1b1af2ca23a2a"
PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
check \
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch b/poky/meta/recipes-multimedia/libtiff/tiff/0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch
new file mode 100644
index 0000000..a28df6e
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libtiff/tiff/0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch
@@ -0,0 +1,182 @@
+From 029da2cf70e8e38f10d62d4b0be440fb9d145af0 Mon Sep 17 00:00:00 2001
+From: 4ugustus <wangdw.augustus@qq.com>
+Date: Sat, 11 Jun 2022 09:31:43 +0000
+Subject: [PATCH] fix the FPE in tiffcrop (#415, #427, and #428)
+
+CVE: CVE-2022-2056 CVE-2022-2057 CVE-2022-2058
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ libtiff/tif_aux.c | 9 +++++++
+ libtiff/tiffiop.h | 1 +
+ tools/tiffcrop.c | 62 ++++++++++++++++++++++++++---------------------
+ 3 files changed, 44 insertions(+), 28 deletions(-)
+
+diff --git a/libtiff/tif_aux.c b/libtiff/tif_aux.c
+index 140f26c..5b88c8d 100644
+--- a/libtiff/tif_aux.c
++++ b/libtiff/tif_aux.c
+@@ -402,6 +402,15 @@ float _TIFFClampDoubleToFloat( double val )
+ return (float)val;
+ }
+
++uint32_t _TIFFClampDoubleToUInt32(double val)
++{
++ if( val < 0 )
++ return 0;
++ if( val > 0xFFFFFFFFU || val != val )
++ return 0xFFFFFFFFU;
++ return (uint32_t)val;
++}
++
+ int _TIFFSeekOK(TIFF* tif, toff_t off)
+ {
+ /* Huge offsets, especially -1 / UINT64_MAX, can cause issues */
+diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h
+index f1151f5..c1d0276 100644
+--- a/libtiff/tiffiop.h
++++ b/libtiff/tiffiop.h
+@@ -368,6 +368,7 @@ extern double _TIFFUInt64ToDouble(uint64_t);
+ extern float _TIFFUInt64ToFloat(uint64_t);
+
+ extern float _TIFFClampDoubleToFloat(double);
++extern uint32_t _TIFFClampDoubleToUInt32(double);
+
+ extern tmsize_t
+ _TIFFReadEncodedStripAndAllocBuffer(TIFF* tif, uint32_t strip,
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index e407bf5..b9b13d8 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -5182,17 +5182,17 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image,
+ {
+ if ((crop->res_unit == RESUNIT_INCH) || (crop->res_unit == RESUNIT_CENTIMETER))
+ {
+- x1 = (uint32_t) (crop->corners[i].X1 * scale * xres);
+- x2 = (uint32_t) (crop->corners[i].X2 * scale * xres);
+- y1 = (uint32_t) (crop->corners[i].Y1 * scale * yres);
+- y2 = (uint32_t) (crop->corners[i].Y2 * scale * yres);
++ x1 = _TIFFClampDoubleToUInt32(crop->corners[i].X1 * scale * xres);
++ x2 = _TIFFClampDoubleToUInt32(crop->corners[i].X2 * scale * xres);
++ y1 = _TIFFClampDoubleToUInt32(crop->corners[i].Y1 * scale * yres);
++ y2 = _TIFFClampDoubleToUInt32(crop->corners[i].Y2 * scale * yres);
+ }
+ else
+ {
+- x1 = (uint32_t) (crop->corners[i].X1);
+- x2 = (uint32_t) (crop->corners[i].X2);
+- y1 = (uint32_t) (crop->corners[i].Y1);
+- y2 = (uint32_t) (crop->corners[i].Y2);
++ x1 = _TIFFClampDoubleToUInt32(crop->corners[i].X1);
++ x2 = _TIFFClampDoubleToUInt32(crop->corners[i].X2);
++ y1 = _TIFFClampDoubleToUInt32(crop->corners[i].Y1);
++ y2 = _TIFFClampDoubleToUInt32(crop->corners[i].Y2);
+ }
+ if (x1 < 1)
+ crop->regionlist[i].x1 = 0;
+@@ -5255,17 +5255,17 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image,
+ {
+ if (crop->res_unit != RESUNIT_INCH && crop->res_unit != RESUNIT_CENTIMETER)
+ { /* User has specified pixels as reference unit */
+- tmargin = (uint32_t)(crop->margins[0]);
+- lmargin = (uint32_t)(crop->margins[1]);
+- bmargin = (uint32_t)(crop->margins[2]);
+- rmargin = (uint32_t)(crop->margins[3]);
++ tmargin = _TIFFClampDoubleToUInt32(crop->margins[0]);
++ lmargin = _TIFFClampDoubleToUInt32(crop->margins[1]);
++ bmargin = _TIFFClampDoubleToUInt32(crop->margins[2]);
++ rmargin = _TIFFClampDoubleToUInt32(crop->margins[3]);
+ }
+ else
+ { /* inches or centimeters specified */
+- tmargin = (uint32_t)(crop->margins[0] * scale * yres);
+- lmargin = (uint32_t)(crop->margins[1] * scale * xres);
+- bmargin = (uint32_t)(crop->margins[2] * scale * yres);
+- rmargin = (uint32_t)(crop->margins[3] * scale * xres);
++ tmargin = _TIFFClampDoubleToUInt32(crop->margins[0] * scale * yres);
++ lmargin = _TIFFClampDoubleToUInt32(crop->margins[1] * scale * xres);
++ bmargin = _TIFFClampDoubleToUInt32(crop->margins[2] * scale * yres);
++ rmargin = _TIFFClampDoubleToUInt32(crop->margins[3] * scale * xres);
+ }
+
+ if ((lmargin + rmargin) > image->width)
+@@ -5295,24 +5295,24 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image,
+ if (crop->res_unit != RESUNIT_INCH && crop->res_unit != RESUNIT_CENTIMETER)
+ {
+ if (crop->crop_mode & CROP_WIDTH)
+- width = (uint32_t)crop->width;
++ width = _TIFFClampDoubleToUInt32(crop->width);
+ else
+ width = image->width - lmargin - rmargin;
+
+ if (crop->crop_mode & CROP_LENGTH)
+- length = (uint32_t)crop->length;
++ length = _TIFFClampDoubleToUInt32(crop->length);
+ else
+ length = image->length - tmargin - bmargin;
+ }
+ else
+ {
+ if (crop->crop_mode & CROP_WIDTH)
+- width = (uint32_t)(crop->width * scale * image->xres);
++ width = _TIFFClampDoubleToUInt32(crop->width * scale * image->xres);
+ else
+ width = image->width - lmargin - rmargin;
+
+ if (crop->crop_mode & CROP_LENGTH)
+- length = (uint32_t)(crop->length * scale * image->yres);
++ length = _TIFFClampDoubleToUInt32(crop->length * scale * image->yres);
+ else
+ length = image->length - tmargin - bmargin;
+ }
+@@ -5711,13 +5711,13 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image,
+ {
+ if (page->res_unit == RESUNIT_INCH || page->res_unit == RESUNIT_CENTIMETER)
+ { /* inches or centimeters specified */
+- hmargin = (uint32_t)(page->hmargin * scale * page->hres * ((image->bps + 7) / 8));
+- vmargin = (uint32_t)(page->vmargin * scale * page->vres * ((image->bps + 7) / 8));
++ hmargin = _TIFFClampDoubleToUInt32(page->hmargin * scale * page->hres * ((image->bps + 7) / 8));
++ vmargin = _TIFFClampDoubleToUInt32(page->vmargin * scale * page->vres * ((image->bps + 7) / 8));
+ }
+ else
+ { /* Otherwise user has specified pixels as reference unit */
+- hmargin = (uint32_t)(page->hmargin * scale * ((image->bps + 7) / 8));
+- vmargin = (uint32_t)(page->vmargin * scale * ((image->bps + 7) / 8));
++ hmargin = _TIFFClampDoubleToUInt32(page->hmargin * scale * ((image->bps + 7) / 8));
++ vmargin = _TIFFClampDoubleToUInt32(page->vmargin * scale * ((image->bps + 7) / 8));
+ }
+
+ if ((hmargin * 2.0) > (pwidth * page->hres))
+@@ -5755,13 +5755,13 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image,
+ {
+ if (page->mode & PAGE_MODE_PAPERSIZE )
+ {
+- owidth = (uint32_t)((pwidth * page->hres) - (hmargin * 2));
+- olength = (uint32_t)((plength * page->vres) - (vmargin * 2));
++ owidth = _TIFFClampDoubleToUInt32((pwidth * page->hres) - (hmargin * 2));
++ olength = _TIFFClampDoubleToUInt32((plength * page->vres) - (vmargin * 2));
+ }
+ else
+ {
+- owidth = (uint32_t)(iwidth - (hmargin * 2 * page->hres));
+- olength = (uint32_t)(ilength - (vmargin * 2 * page->vres));
++ owidth = _TIFFClampDoubleToUInt32(iwidth - (hmargin * 2 * page->hres));
++ olength = _TIFFClampDoubleToUInt32(ilength - (vmargin * 2 * page->vres));
+ }
+ }
+
+@@ -5770,6 +5770,12 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image,
+ if (olength > ilength)
+ olength = ilength;
+
++ if (owidth == 0 || olength == 0)
++ {
++ TIFFError("computeOutputPixelOffsets", "Integer overflow when calculating the number of pages");
++ exit(EXIT_FAILURE);
++ }
++
+ /* Compute the number of pages required for Portrait or Landscape */
+ switch (page->orient)
+ {
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
index 9c9108a..c2d4b35 100644
--- a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
+++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
@@ -18,6 +18,7 @@
file://0004-TIFFFetchNormalTag-avoid-calling-memcpy-with-a-null-.patch \
file://0005-fix-the-FPE-in-tiffcrop-393.patch \
file://0006-fix-heap-buffer-overflow-in-tiffcp-278.patch \
+ file://0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch \
"
SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8"
@@ -28,6 +29,12 @@
# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313
# and 4.3.0 doesn't have the issue
CVE_CHECK_IGNORE += "CVE-2015-7313"
+# These issues only affect libtiff post-4.3.0 but before 4.4.0,
+# caused by 3079627e and fixed by b4e79bfa.
+CVE_CHECK_IGNORE += "CVE-2022-1622 CVE-2022-1623"
+
+# Issue is in jbig which we don't enable
+CVE_CHECK_IGNORE += "CVE-2022-1210"
inherit autotools multilib_header
@@ -37,6 +44,7 @@
strip-chopping extrasample-as-alpha check-ycbcr-subsampling"
PACKAGECONFIG[cxx] = "--enable-cxx,--disable-cxx,,"
+PACKAGECONFIG[jbig] = "--enable-jbig,--disable-jbig,jbig,"
PACKAGECONFIG[jpeg] = "--enable-jpeg,--disable-jpeg,jpeg,"
PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib,"
PACKAGECONFIG[lzma] = "--enable-lzma,--disable-lzma,xz,"
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
index a69dd32..61d5bb0 100644
--- a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
@@ -61,7 +61,7 @@
"
# libtool is needed for libltdl, used in module loading.
-DEPENDS = "libatomic-ops libsndfile1 libtool"
+DEPENDS = "m4-native libatomic-ops libsndfile1 libtool"
# optional
DEPENDS += "udev alsa-lib glib-2.0"
DEPENDS += "speexdsp libxml-parser-perl-native libcap"
@@ -254,7 +254,7 @@
# If the server is installed, it's usually desirable to make ALSA applications
# use PulseAudio. alsa-plugins-pulseaudio-conf will install the configuration
# that makes the PulseAudio plugin the default ALSA device.
-RDEPENDS:pulseaudio-server += "alsa-plugins-pulseaudio-conf"
+RDEPENDS:pulseaudio-server += "${@bb.utils.contains('DISTRO_FEATURES', 'pulseaudio', 'alsa-plugins-pulseaudio-conf', '', d)}"
# pulseaudio-module-console-kit is built whenever dbus is enabled by PACKAGECONFIG
# but consolekit depends on libx11 and is available only for DISTRO with x11 in DISTRO_FEATURES
diff --git a/poky/meta/recipes-sato/webkit/webkitgtk/add_missing_include.patch b/poky/meta/recipes-sato/webkit/webkitgtk/add_missing_include.patch
deleted file mode 100644
index 8f59db3..0000000
--- a/poky/meta/recipes-sato/webkit/webkitgtk/add_missing_include.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Include locale.h for LC_MESSAGE definition
-
-This fixes build error
-Source/WebCore/accessibility/atspi/AccessibilityRootAtspi.cpp:115:51: error: use of undeclared identifier 'LC_MESSAGES'
- return g_variant_new_string(setlocale(LC_MESSAGES, nullptr));
- ^
-Upstream-Status: Submitted [https://bugs.webkit.org/show_bug.cgi?id=239030]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
---- a/Source/WebCore/accessibility/atspi/AccessibilityRootAtspi.cpp
-+++ b/Source/WebCore/accessibility/atspi/AccessibilityRootAtspi.cpp
-@@ -30,6 +30,7 @@
- #include "FrameView.h"
- #include "Page.h"
- #include <glib/gi18n-lib.h>
-+#include <locale.h>
-
- namespace WebCore {
-
diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.36.0.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.36.3.bb
similarity index 97%
rename from poky/meta/recipes-sato/webkit/webkitgtk_2.36.0.bb
rename to poky/meta/recipes-sato/webkit/webkitgtk_2.36.3.bb
index db8a565..83b6f8a 100644
--- a/poky/meta/recipes-sato/webkit/webkitgtk_2.36.0.bb
+++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.36.3.bb
@@ -15,10 +15,9 @@
file://0001-Fix-build-without-opengl-or-es.patch \
file://reproducibility.patch \
file://0001-When-building-introspection-files-do-not-quote-CFLAG.patch \
- file://add_missing_include.patch \
"
-SRC_URI[sha256sum] = "b877cca1f105235f5dd57c7ac2b2c2be3c6b691ff444f93925c7254cf156c64d"
+SRC_URI[sha256sum] = "732fcf8c4ec644b8ed28b46ebbd7c1ebab9d9e0afea9bdf5e5d12786afc478d1"
inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc
diff --git a/poky/meta/recipes-support/curl/curl/0001-openssl-fix-CN-check-error-code.patch b/poky/meta/recipes-support/curl/curl/0001-openssl-fix-CN-check-error-code.patch
new file mode 100644
index 0000000..c0a2355
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/0001-openssl-fix-CN-check-error-code.patch
@@ -0,0 +1,38 @@
+From 0677924c6ec7e0d68964553fb760f6d407242c54 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 8 Mar 2022 13:38:13 +0100
+Subject: [PATCH] openssl: fix CN check error code
+
+Due to a missing 'else' this returns error too easily.
+
+Regressed in: d15692ebb
+
+Reported-by: Kristoffer Gleditsch
+Fixes #8559
+Closes #8560
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/911714d617c106ed5d553bf003e34ec94ab6a136]
+
+Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
+
+---
+ lib/vtls/openssl.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
+index 616a510..1bafe96 100644
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -1808,7 +1808,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
+ memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
+ peer_CN[peerlen] = '\0';
+ }
+- result = CURLE_OUT_OF_MEMORY;
++ else
++ result = CURLE_OUT_OF_MEMORY;
+ }
+ }
+ else /* not a UTF8 name */
+--
+2.34.1
+
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-22576.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-22576.patch
new file mode 100644
index 0000000..469cf22
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-22576.patch
@@ -0,0 +1,145 @@
+From 371264697a70e8ed3da678aefbe20940759485fa Mon Sep 17 00:00:00 2001
+From: Patrick Monnerat <patrick@monnerat.net>
+Date: Mon, 25 Apr 2022 11:44:05 +0200
+Subject: [PATCH] url: check sasl additional parameters for connection reuse.
+
+Also move static function safecmp() as non-static Curl_safecmp() since
+its purpose is needed at several places.
+
+Bug: https://curl.se/docs/CVE-2022-22576.html
+
+CVE-2022-22576
+
+Closes #8746
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/852aa5ad351ea53e5f01d2f44b5b4370c2bf5425]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/strcase.c | 10 ++++++++++
+ lib/strcase.h | 2 ++
+ lib/url.c | 13 ++++++++++++-
+ lib/urldata.h | 1 +
+ lib/vtls/vtls.c | 21 ++++++---------------
+ 5 files changed, 31 insertions(+), 16 deletions(-)
+
+diff --git a/lib/strcase.c b/lib/strcase.c
+index dd46ca1..692a3f1 100644
+--- a/lib/strcase.c
++++ b/lib/strcase.c
+@@ -131,6 +131,16 @@ void Curl_strntolower(char *dest, const char *src, size_t n)
+ } while(*src++ && --n);
+ }
+
++/* Compare case-sensitive NUL-terminated strings, taking care of possible
++ * null pointers. Return true if arguments match.
++ */
++bool Curl_safecmp(char *a, char *b)
++{
++ if(a && b)
++ return !strcmp(a, b);
++ return !a && !b;
++}
++
+ /* --- public functions --- */
+
+ int curl_strequal(const char *first, const char *second)
+diff --git a/lib/strcase.h b/lib/strcase.h
+index b628656..382b80a 100644
+--- a/lib/strcase.h
++++ b/lib/strcase.h
+@@ -47,4 +47,6 @@ char Curl_raw_toupper(char in);
+ void Curl_strntoupper(char *dest, const char *src, size_t n);
+ void Curl_strntolower(char *dest, const char *src, size_t n);
+
++bool Curl_safecmp(char *a, char *b);
++
+ #endif /* HEADER_CURL_STRCASE_H */
+diff --git a/lib/url.c b/lib/url.c
+index adef2cd..94e3406 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -779,6 +779,7 @@ static void conn_free(struct connectdata *conn)
+ Curl_safefree(conn->passwd);
+ Curl_safefree(conn->sasl_authzid);
+ Curl_safefree(conn->options);
++ Curl_safefree(conn->oauth_bearer);
+ Curl_dyn_free(&conn->trailer);
+ Curl_safefree(conn->host.rawalloc); /* host name buffer */
+ Curl_safefree(conn->conn_to_host.rawalloc); /* host name buffer */
+@@ -1340,7 +1341,9 @@ ConnectionExists(struct Curl_easy *data,
+ /* This protocol requires credentials per connection,
+ so verify that we're using the same name and password as well */
+ if(strcmp(needle->user, check->user) ||
+- strcmp(needle->passwd, check->passwd)) {
++ strcmp(needle->passwd, check->passwd) ||
++ !Curl_safecmp(needle->sasl_authzid, check->sasl_authzid) ||
++ !Curl_safecmp(needle->oauth_bearer, check->oauth_bearer)) {
+ /* one of them was different */
+ continue;
+ }
+@@ -3635,6 +3638,14 @@ static CURLcode create_conn(struct Curl_easy *data,
+ }
+ }
+
++ if(data->set.str[STRING_BEARER]) {
++ conn->oauth_bearer = strdup(data->set.str[STRING_BEARER]);
++ if(!conn->oauth_bearer) {
++ result = CURLE_OUT_OF_MEMORY;
++ goto out;
++ }
++ }
++
+ #ifdef USE_UNIX_SOCKETS
+ if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
+ conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
+diff --git a/lib/urldata.h b/lib/urldata.h
+index cc8a600..03da59a 100644
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -984,6 +984,7 @@ struct connectdata {
+ char *passwd; /* password string, allocated */
+ char *options; /* options string, allocated */
+ char *sasl_authzid; /* authorisation identity string, allocated */
++ char *oauth_bearer; /* OAUTH2 bearer, allocated */
+ unsigned char httpversion; /* the HTTP version*10 reported by the server */
+ struct curltime now; /* "current" time */
+ struct curltime created; /* creation time */
+diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
+index 03b85ba..a40ac06 100644
+--- a/lib/vtls/vtls.c
++++ b/lib/vtls/vtls.c
+@@ -125,15 +125,6 @@ static bool blobcmp(struct curl_blob *first, struct curl_blob *second)
+ return !memcmp(first->data, second->data, first->len); /* same data */
+ }
+
+-static bool safecmp(char *a, char *b)
+-{
+- if(a && b)
+- return !strcmp(a, b);
+- else if(!a && !b)
+- return TRUE; /* match */
+- return FALSE; /* no match */
+-}
+-
+
+ bool
+ Curl_ssl_config_matches(struct ssl_primary_config *data,
+@@ -147,12 +138,12 @@ Curl_ssl_config_matches(struct ssl_primary_config *data,
+ blobcmp(data->cert_blob, needle->cert_blob) &&
+ blobcmp(data->ca_info_blob, needle->ca_info_blob) &&
+ blobcmp(data->issuercert_blob, needle->issuercert_blob) &&
+- safecmp(data->CApath, needle->CApath) &&
+- safecmp(data->CAfile, needle->CAfile) &&
+- safecmp(data->issuercert, needle->issuercert) &&
+- safecmp(data->clientcert, needle->clientcert) &&
+- safecmp(data->random_file, needle->random_file) &&
+- safecmp(data->egdsocket, needle->egdsocket) &&
++ Curl_safecmp(data->CApath, needle->CApath) &&
++ Curl_safecmp(data->CAfile, needle->CAfile) &&
++ Curl_safecmp(data->issuercert, needle->issuercert) &&
++ Curl_safecmp(data->clientcert, needle->clientcert) &&
++ Curl_safecmp(data->random_file, needle->random_file) &&
++ Curl_safecmp(data->egdsocket, needle->egdsocket) &&
+ Curl_safe_strcasecompare(data->cipher_list, needle->cipher_list) &&
+ Curl_safe_strcasecompare(data->cipher_list13, needle->cipher_list13) &&
+ Curl_safe_strcasecompare(data->curves, needle->curves) &&
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
new file mode 100644
index 0000000..f24003f
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
@@ -0,0 +1,45 @@
+From f489d50ca5fd8b6a3a622e2521e2ca52787a6608 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 25 Apr 2022 16:24:33 +0200
+Subject: [PATCH] connect: store "conn_remote_port" in the info struct
+
+To make it available after the connection ended.
+
+Prerequisite for the patches that address CVE-2022-27774.
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/08b8ef4e726ba10f45081ecda5b3cea788d3c839]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/connect.c | 1 +
+ lib/urldata.h | 6 +++++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/lib/connect.c b/lib/connect.c
+index 64f9511..7518807 100644
+--- a/lib/connect.c
++++ b/lib/connect.c
+@@ -623,6 +623,7 @@ void Curl_persistconninfo(struct Curl_easy *data, struct connectdata *conn,
+ data->info.conn_scheme = conn->handler->scheme;
+ data->info.conn_protocol = conn->handler->protocol;
+ data->info.conn_primary_port = conn->port;
++ data->info.conn_remote_port = conn->remote_port;
+ data->info.conn_local_port = local_port;
+ }
+
+diff --git a/lib/urldata.h b/lib/urldata.h
+index f92052a..5218f76 100644
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -1160,7 +1160,11 @@ struct PureInfo {
+ reused, in the connection cache. */
+
+ char conn_primary_ip[MAX_IPADR_LEN];
+- int conn_primary_port;
++ int conn_primary_port; /* this is the destination port to the connection,
++ which might have been a proxy */
++ int conn_remote_port; /* this is the "remote port", which is the port
++ number of the used URL, independent of proxy or
++ not */
+ char conn_local_ip[MAX_IPADR_LEN];
+ int conn_local_port;
+ const char *conn_scheme;
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27774-2.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-2.patch
new file mode 100644
index 0000000..9739634
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-2.patch
@@ -0,0 +1,80 @@
+From 50aebd6ea20956513e9b7d7c776830b54d9c8ff6 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 25 Apr 2022 16:24:33 +0200
+Subject: [PATCH] transfer: redirects to other protocols or ports clear auth
+
+... unless explicitly permitted.
+
+Bug: https://curl.se/docs/CVE-2022-27774.html
+Reported-by: Harry Sintonen
+Closes #8748
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/620ea21410030a9977396b4661806bc187231b79]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/transfer.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 48 insertions(+), 1 deletion(-)
+
+diff --git a/lib/transfer.c b/lib/transfer.c
+index 1f8019b..752fe14 100644
+--- a/lib/transfer.c
++++ b/lib/transfer.c
+@@ -1608,10 +1608,57 @@ CURLcode Curl_follow(struct Curl_easy *data,
+ return CURLE_OUT_OF_MEMORY;
+ }
+ else {
+-
+ uc = curl_url_get(data->state.uh, CURLUPART_URL, &newurl, 0);
+ if(uc)
+ return Curl_uc_to_curlcode(uc);
++
++ /* Clear auth if this redirects to a different port number or protocol,
++ unless permitted */
++ if(!data->set.allow_auth_to_other_hosts && (type != FOLLOW_FAKE)) {
++ char *portnum;
++ int port;
++ bool clear = FALSE;
++
++ if(data->set.use_port && data->state.allow_port)
++ /* a custom port is used */
++ port = (int)data->set.use_port;
++ else {
++ uc = curl_url_get(data->state.uh, CURLUPART_PORT, &portnum,
++ CURLU_DEFAULT_PORT);
++ if(uc) {
++ free(newurl);
++ return Curl_uc_to_curlcode(uc);
++ }
++ port = atoi(portnum);
++ free(portnum);
++ }
++ if(port != data->info.conn_remote_port) {
++ infof(data, "Clear auth, redirects to port from %u to %u",
++ data->info.conn_remote_port, port);
++ clear = TRUE;
++ }
++ else {
++ char *scheme;
++ const struct Curl_handler *p;
++ uc = curl_url_get(data->state.uh, CURLUPART_SCHEME, &scheme, 0);
++ if(uc) {
++ free(newurl);
++ return Curl_uc_to_curlcode(uc);
++ }
++
++ p = Curl_builtin_scheme(scheme);
++ if(p && (p->protocol != data->info.conn_protocol)) {
++ infof(data, "Clear auth, redirects scheme from %s to %s",
++ data->info.conn_scheme, scheme);
++ clear = TRUE;
++ }
++ free(scheme);
++ }
++ if(clear) {
++ Curl_safefree(data->state.aptr.user);
++ Curl_safefree(data->state.aptr.passwd);
++ }
++ }
+ }
+
+ if(type == FOLLOW_FAKE) {
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27774-3.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-3.patch
new file mode 100644
index 0000000..e4e8c29
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-3.patch
@@ -0,0 +1,83 @@
+From 8af08ebf94bc6448dbc7da59845f5b78964689d9 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 25 Apr 2022 17:59:15 +0200
+Subject: [PATCH] openssl: don't leak the SRP credentials in redirects either
+
+Follow-up to 620ea21410030
+
+Reported-by: Harry Sintonen
+Closes #8751
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/139a54ed0a172adaaf1a78d6f4fff50b2c3f9e08]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/http.c | 10 +++++-----
+ lib/http.h | 6 ++++++
+ lib/vtls/openssl.c | 3 ++-
+ 3 files changed, 13 insertions(+), 6 deletions(-)
+
+diff --git a/lib/http.c b/lib/http.c
+index 0791dcf..4433824 100644
+--- a/lib/http.c
++++ b/lib/http.c
+@@ -776,10 +776,10 @@ output_auth_headers(struct Curl_easy *data,
+ }
+
+ /*
+- * allow_auth_to_host() tells if autentication, cookies or other "sensitive
+- * data" can (still) be sent to this host.
++ * Curl_allow_auth_to_host() tells if authentication, cookies or other
++ * "sensitive data" can (still) be sent to this host.
+ */
+-static bool allow_auth_to_host(struct Curl_easy *data)
++bool Curl_allow_auth_to_host(struct Curl_easy *data)
+ {
+ struct connectdata *conn = data->conn;
+ return (!data->state.this_is_a_follow ||
+@@ -864,7 +864,7 @@ Curl_http_output_auth(struct Curl_easy *data,
+
+ /* To prevent the user+password to get sent to other than the original host
+ due to a location-follow */
+- if(allow_auth_to_host(data)
++ if(Curl_allow_auth_to_host(data)
+ #ifndef CURL_DISABLE_NETRC
+ || conn->bits.netrc
+ #endif
+@@ -1917,7 +1917,7 @@ CURLcode Curl_add_custom_headers(struct Curl_easy *data,
+ checkprefix("Cookie:", compare)) &&
+ /* be careful of sending this potentially sensitive header to
+ other hosts */
+- !allow_auth_to_host(data))
++ !Curl_allow_auth_to_host(data))
+ ;
+ else {
+ #ifdef USE_HYPER
+diff --git a/lib/http.h b/lib/http.h
+index 07e963d..9000bae 100644
+--- a/lib/http.h
++++ b/lib/http.h
+@@ -320,4 +320,10 @@ Curl_http_output_auth(struct Curl_easy *data,
+ bool proxytunnel); /* TRUE if this is the request setting
+ up the proxy tunnel */
+
++/*
++ * Curl_allow_auth_to_host() tells if authentication, cookies or other
++ * "sensitive data" can (still) be sent to this host.
++ */
++bool Curl_allow_auth_to_host(struct Curl_easy *data);
++
+ #endif /* HEADER_CURL_HTTP_H */
+diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
+index 616a510..e8633f4 100644
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -2893,7 +2893,8 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
+ #endif
+
+ #ifdef USE_OPENSSL_SRP
+- if(ssl_authtype == CURL_TLSAUTH_SRP) {
++ if((ssl_authtype == CURL_TLSAUTH_SRP) &&
++ Curl_allow_auth_to_host(data)) {
+ char * const ssl_username = SSL_SET_OPTION(username);
+
+ infof(data, "Using TLS-SRP username: %s", ssl_username);
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
new file mode 100644
index 0000000..a642336
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
@@ -0,0 +1,35 @@
+From 56a145d6ca031841610daeebde99fbde0f8fcf21 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 26 Apr 2022 07:46:19 +0200
+Subject: [PATCH] gnutls: don't leak the SRP credentials in redirects
+
+Follow-up to 620ea21410030 and 139a54ed0a172a
+
+Reported-by: Harry Sintonen
+Closes #8752
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/093531556203decd92d92bccd431edbe5561781c]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/vtls/gtls.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
+index 5749376..fe45b3a 100644
+--- a/lib/vtls/gtls.c
++++ b/lib/vtls/gtls.c
+@@ -437,11 +437,11 @@ gtls_connect_step1(struct Curl_easy *data,
+ }
+
+ #ifdef HAVE_GNUTLS_SRP
+- if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) {
++ if((SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) &&
++ Curl_allow_auth_to_host(data)) {
+ infof(data, "Using TLS-SRP username: %s", SSL_SET_OPTION(username));
+
+- rc = gnutls_srp_allocate_client_credentials(
+- &backend->srp_client_cred);
++ rc = gnutls_srp_allocate_client_credentials(&backend->srp_client_cred);
+ if(rc != GNUTLS_E_SUCCESS) {
+ failf(data, "gnutls_srp_allocate_client_cred() failed: %s",
+ gnutls_strerror(rc));
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27775.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27775.patch
new file mode 100644
index 0000000..666a906
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27775.patch
@@ -0,0 +1,37 @@
+From eef2b165c39245857b1663e9153e7c4b4b519a4c Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 25 Apr 2022 11:48:00 +0200
+Subject: [PATCH] conncache: include the zone id in the "bundle" hashkey
+
+Make connections to two separate IPv6 zone ids create separate
+connections.
+
+Reported-by: Harry Sintonen
+Bug: https://curl.se/docs/CVE-2022-27775.html
+Closes #8747
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/058f98dc3fe595f21dc26a5b9b1699e519ba5705]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/conncache.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/lib/conncache.c b/lib/conncache.c
+index cd5756a..9b9f683 100644
+--- a/lib/conncache.c
++++ b/lib/conncache.c
+@@ -155,8 +155,12 @@ static void hashkey(struct connectdata *conn, char *buf,
+ /* report back which name we used */
+ *hostp = hostname;
+
+- /* put the number first so that the hostname gets cut off if too long */
+- msnprintf(buf, len, "%ld%s", port, hostname);
++ /* put the numbers first so that the hostname gets cut off if too long */
++#ifdef ENABLE_IPV6
++ msnprintf(buf, len, "%u/%ld/%s", conn->scope_id, port, hostname);
++#else
++ msnprintf(buf, len, "%ld/%s", port, hostname);
++#endif
+ Curl_strntolower(buf, buf, len);
+ }
+
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27776.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27776.patch
new file mode 100644
index 0000000..2feee45
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27776.patch
@@ -0,0 +1,115 @@
+From f6eba3638f9b25adfe85f3570f9a0fb2ceb09c2b Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 25 Apr 2022 13:05:40 +0200
+Subject: [PATCH] http: avoid auth/cookie on redirects same host diff port
+
+CVE-2022-27776
+
+Reported-by: Harry Sintonen
+Bug: https://curl.se/docs/CVE-2022-27776.html
+Closes #8749
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/6e659993952aa5f90f48864be84a1bbb047fc258]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/http.c | 34 ++++++++++++++++++++++------------
+ lib/urldata.h | 16 +++++++++-------
+ 2 files changed, 31 insertions(+), 19 deletions(-)
+
+diff --git a/lib/http.c b/lib/http.c
+index 799d4fb..0791dcf 100644
+--- a/lib/http.c
++++ b/lib/http.c
+@@ -775,6 +775,21 @@ output_auth_headers(struct Curl_easy *data,
+ return CURLE_OK;
+ }
+
++/*
++ * allow_auth_to_host() tells if autentication, cookies or other "sensitive
++ * data" can (still) be sent to this host.
++ */
++static bool allow_auth_to_host(struct Curl_easy *data)
++{
++ struct connectdata *conn = data->conn;
++ return (!data->state.this_is_a_follow ||
++ data->set.allow_auth_to_other_hosts ||
++ (data->state.first_host &&
++ strcasecompare(data->state.first_host, conn->host.name) &&
++ (data->state.first_remote_port == conn->remote_port) &&
++ (data->state.first_remote_protocol == conn->handler->protocol)));
++}
++
+ /**
+ * Curl_http_output_auth() setups the authentication headers for the
+ * host/proxy and the correct authentication
+@@ -847,17 +862,14 @@ Curl_http_output_auth(struct Curl_easy *data,
+ with it */
+ authproxy->done = TRUE;
+
+- /* To prevent the user+password to get sent to other than the original
+- host due to a location-follow, we do some weirdo checks here */
+- if(!data->state.this_is_a_follow ||
++ /* To prevent the user+password to get sent to other than the original host
++ due to a location-follow */
++ if(allow_auth_to_host(data)
+ #ifndef CURL_DISABLE_NETRC
+- conn->bits.netrc ||
++ || conn->bits.netrc
+ #endif
+- !data->state.first_host ||
+- data->set.allow_auth_to_other_hosts ||
+- strcasecompare(data->state.first_host, conn->host.name)) {
++ )
+ result = output_auth_headers(data, conn, authhost, request, path, FALSE);
+- }
+ else
+ authhost->done = TRUE;
+
+@@ -1905,10 +1917,7 @@ CURLcode Curl_add_custom_headers(struct Curl_easy *data,
+ checkprefix("Cookie:", compare)) &&
+ /* be careful of sending this potentially sensitive header to
+ other hosts */
+- (data->state.this_is_a_follow &&
+- data->state.first_host &&
+- !data->set.allow_auth_to_other_hosts &&
+- !strcasecompare(data->state.first_host, conn->host.name)))
++ !allow_auth_to_host(data))
+ ;
+ else {
+ #ifdef USE_HYPER
+@@ -2084,6 +2093,7 @@ CURLcode Curl_http_host(struct Curl_easy *data, struct connectdata *conn)
+ return CURLE_OUT_OF_MEMORY;
+
+ data->state.first_remote_port = conn->remote_port;
++ data->state.first_remote_protocol = conn->handler->protocol;
+ }
+ Curl_safefree(data->state.aptr.host);
+
+diff --git a/lib/urldata.h b/lib/urldata.h
+index 03da59a..f92052a 100644
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -1329,14 +1329,16 @@ struct UrlState {
+ char *ulbuf; /* allocated upload buffer or NULL */
+ curl_off_t current_speed; /* the ProgressShow() function sets this,
+ bytes / second */
+- char *first_host; /* host name of the first (not followed) request.
+- if set, this should be the host name that we will
+- sent authorization to, no else. Used to make Location:
+- following not keep sending user+password... This is
+- strdup() data.
+- */
++
++ /* host name, port number and protocol of the first (not followed) request.
++ if set, this should be the host name that we will sent authorization to,
++ no else. Used to make Location: following not keep sending user+password.
++ This is strdup()ed data. */
++ char *first_host;
++ int first_remote_port;
++ unsigned int first_remote_protocol;
++
+ int retrycount; /* number of retries on a new connection */
+- int first_remote_port; /* remote port of the first (not followed) request */
+ struct Curl_ssl_session *session; /* array of 'max_ssl_sessions' size */
+ long sessionage; /* number of the most recent session */
+ struct tempbuf tempwrite[3]; /* BOTH, HEADER, BODY */
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27779.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27779.patch
new file mode 100644
index 0000000..235be90
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27779.patch
@@ -0,0 +1,42 @@
+From 33dac5777fe5f9c8d2d7d340144b1685cd511d11 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 9 May 2022 16:47:06 +0200
+Subject: [PATCH] cookies: make bad_domain() not consider a trailing dot fine
+
+The check for a dot in the domain must not consider a single trailing
+dot to be fine, as then TLD + trailing dot is fine and curl will accept
+setting cookies for it.
+
+CVE-2022-27779
+
+Reported-by: Axel Chong
+Bug: https://curl.se/docs/CVE-2022-27779.html
+Closes #8820
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/7e92d12b4e6911f424678a133b19de670e183a59]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/cookie.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index d418efa..1b8c8f9 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -427,7 +427,15 @@ static void remove_expired(struct CookieInfo *cookies)
+ /* Make sure domain contains a dot or is localhost. */
+ static bool bad_domain(const char *domain)
+ {
+- return !strchr(domain, '.') && !strcasecompare(domain, "localhost");
++ if(strcasecompare(domain, "localhost"))
++ return FALSE;
++ else {
++ /* there must be a dot present, but that dot must not be a trailing dot */
++ char *dot = strchr(domain, '.');
++ if(dot)
++ return dot[1] ? FALSE : TRUE;
++ }
++ return TRUE;
+ }
+
+ /*
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27780.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27780.patch
new file mode 100644
index 0000000..8820af3
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27780.patch
@@ -0,0 +1,33 @@
+From 304b7acf73712fa501119b1ca0724f71f3074fe7 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 9 May 2022 08:19:38 +0200
+Subject: [PATCH] urlapi: reject percent-decoding host name into separator
+ bytes
+
+CVE-2022-27780
+
+Reported-by: Axel Chong
+Bug: https://curl.se/docs/CVE-2022-27780.html
+Closes #8826
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/914aaab9153764ef8fa4178215b8ad89d3ac263a]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/urlapi.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/urlapi.c b/lib/urlapi.c
+index ff00ee4..00222fc 100644
+--- a/lib/urlapi.c
++++ b/lib/urlapi.c
+@@ -678,8 +678,8 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname)
+ #endif
+ }
+ else {
+- /* letters from the second string is not ok */
+- len = strcspn(hostname, " \r\n");
++ /* letters from the second string are not ok */
++ len = strcspn(hostname, " \r\n\t/:#?!@");
+ if(hlen != len)
+ /* hostname with bad content */
+ return CURLUE_BAD_HOSTNAME;
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27781.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27781.patch
new file mode 100644
index 0000000..52f39a0
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27781.patch
@@ -0,0 +1,43 @@
+From 5bb5b2a901db4c6441fc451f21408be2a9463058 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 9 May 2022 10:07:15 +0200
+Subject: [PATCH] nss: return error if seemingly stuck in a cert loop
+
+CVE-2022-27781
+
+Reported-by: Florian Kohnhäuser
+Bug: https://curl.se/docs/CVE-2022-27781.html
+Closes #8822
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/5c7da89d404bf59c8dd82a001119a16d18365917]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/vtls/nss.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
+index 558e3be..52f2060 100644
+--- a/lib/vtls/nss.c
++++ b/lib/vtls/nss.c
+@@ -983,6 +983,9 @@ static void display_cert_info(struct Curl_easy *data,
+ PR_Free(common_name);
+ }
+
++/* A number of certs that will never occur in a real server handshake */
++#define TOO_MANY_CERTS 300
++
+ static CURLcode display_conn_info(struct Curl_easy *data, PRFileDesc *sock)
+ {
+ CURLcode result = CURLE_OK;
+@@ -1018,6 +1021,11 @@ static CURLcode display_conn_info(struct Curl_easy *data, PRFileDesc *sock)
+ cert2 = CERT_FindCertIssuer(cert, now, certUsageSSLCA);
+ while(cert2) {
+ i++;
++ if(i >= TOO_MANY_CERTS) {
++ CERT_DestroyCertificate(cert2);
++ failf(data, "certificate loop");
++ return CURLE_SSL_CERTPROBLEM;
++ }
+ if(cert2->isRoot) {
+ CERT_DestroyCertificate(cert2);
+ break;
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27782-1.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27782-1.patch
new file mode 100644
index 0000000..ce2599b
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27782-1.patch
@@ -0,0 +1,458 @@
+From acee9eb38639b35af9047521d71333423657de0d Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 9 May 2022 23:13:53 +0200
+Subject: [PATCH] tls: check more TLS details for connection reuse
+
+CVE-2022-27782
+
+Reported-by: Harry Sintonen
+Bug: https://curl.se/docs/CVE-2022-27782.html
+Closes #8825
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/f18af4f874cecab82a9797e8c7541e0990c7a64c]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/setopt.c | 29 +++++++++++++++++------------
+ lib/url.c | 23 ++++++++++++++++-------
+ lib/urldata.h | 13 +++++++------
+ lib/vtls/gtls.c | 32 +++++++++++++++++---------------
+ lib/vtls/mbedtls.c | 2 +-
+ lib/vtls/nss.c | 6 +++---
+ lib/vtls/openssl.c | 10 +++++-----
+ lib/vtls/vtls.c | 21 +++++++++++++++++++++
+ 8 files changed, 87 insertions(+), 49 deletions(-)
+
+diff --git a/lib/setopt.c b/lib/setopt.c
+index 8e1bf12..7aa6fdb 100644
+--- a/lib/setopt.c
++++ b/lib/setopt.c
+@@ -2294,6 +2294,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
+
+ case CURLOPT_SSL_OPTIONS:
+ arg = va_arg(param, long);
++ data->set.ssl.primary.ssl_options = (unsigned char)(arg & 0xff);
+ data->set.ssl.enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);
+ data->set.ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
+ data->set.ssl.no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN);
+@@ -2307,6 +2308,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
+ #ifndef CURL_DISABLE_PROXY
+ case CURLOPT_PROXY_SSL_OPTIONS:
+ arg = va_arg(param, long);
++ data->set.proxy_ssl.primary.ssl_options = (unsigned char)(arg & 0xff);
+ data->set.proxy_ssl.enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);
+ data->set.proxy_ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
+ data->set.proxy_ssl.no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN);
+@@ -2745,49 +2747,52 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
+ case CURLOPT_TLSAUTH_USERNAME:
+ result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_USERNAME],
+ va_arg(param, char *));
+- if(data->set.str[STRING_TLSAUTH_USERNAME] && !data->set.ssl.authtype)
+- data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
++ if(data->set.str[STRING_TLSAUTH_USERNAME] &&
++ !data->set.ssl.primary.authtype)
++ data->set.ssl.primary.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
+ break;
+ #ifndef CURL_DISABLE_PROXY
+ case CURLOPT_PROXY_TLSAUTH_USERNAME:
+ result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_USERNAME_PROXY],
+ va_arg(param, char *));
+ if(data->set.str[STRING_TLSAUTH_USERNAME_PROXY] &&
+- !data->set.proxy_ssl.authtype)
+- data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
++ !data->set.proxy_ssl.primary.authtype)
++ data->set.proxy_ssl.primary.authtype = CURL_TLSAUTH_SRP; /* default to
++ SRP */
+ break;
+ #endif
+ case CURLOPT_TLSAUTH_PASSWORD:
+ result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD],
+ va_arg(param, char *));
+- if(data->set.str[STRING_TLSAUTH_USERNAME] && !data->set.ssl.authtype)
+- data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
++ if(data->set.str[STRING_TLSAUTH_USERNAME] &&
++ !data->set.ssl.primary.authtype)
++ data->set.ssl.primary.authtype = CURL_TLSAUTH_SRP; /* default */
+ break;
+ #ifndef CURL_DISABLE_PROXY
+ case CURLOPT_PROXY_TLSAUTH_PASSWORD:
+ result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD_PROXY],
+ va_arg(param, char *));
+ if(data->set.str[STRING_TLSAUTH_USERNAME_PROXY] &&
+- !data->set.proxy_ssl.authtype)
+- data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
++ !data->set.proxy_ssl.primary.authtype)
++ data->set.proxy_ssl.primary.authtype = CURL_TLSAUTH_SRP; /* default */
+ break;
+ #endif
+ case CURLOPT_TLSAUTH_TYPE:
+ argptr = va_arg(param, char *);
+ if(!argptr ||
+ strncasecompare(argptr, "SRP", strlen("SRP")))
+- data->set.ssl.authtype = CURL_TLSAUTH_SRP;
++ data->set.ssl.primary.authtype = CURL_TLSAUTH_SRP;
+ else
+- data->set.ssl.authtype = CURL_TLSAUTH_NONE;
++ data->set.ssl.primary.authtype = CURL_TLSAUTH_NONE;
+ break;
+ #ifndef CURL_DISABLE_PROXY
+ case CURLOPT_PROXY_TLSAUTH_TYPE:
+ argptr = va_arg(param, char *);
+ if(!argptr ||
+ strncasecompare(argptr, "SRP", strlen("SRP")))
+- data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP;
++ data->set.proxy_ssl.primary.authtype = CURL_TLSAUTH_SRP;
+ else
+- data->set.proxy_ssl.authtype = CURL_TLSAUTH_NONE;
++ data->set.proxy_ssl.primary.authtype = CURL_TLSAUTH_NONE;
+ break;
+ #endif
+ #endif
+diff --git a/lib/url.c b/lib/url.c
+index 94e3406..5ebf5e2 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -540,7 +540,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data)
+ set->ssl.primary.verifypeer = TRUE;
+ set->ssl.primary.verifyhost = TRUE;
+ #ifdef USE_TLS_SRP
+- set->ssl.authtype = CURL_TLSAUTH_NONE;
++ set->ssl.primary.authtype = CURL_TLSAUTH_NONE;
+ #endif
+ set->ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
+ type */
+@@ -1758,11 +1758,17 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
+ conn->ssl_config.verifystatus = data->set.ssl.primary.verifystatus;
+ conn->ssl_config.verifypeer = data->set.ssl.primary.verifypeer;
+ conn->ssl_config.verifyhost = data->set.ssl.primary.verifyhost;
++ conn->ssl_config.ssl_options = data->set.ssl.primary.ssl_options;
++#ifdef USE_TLS_SRP
++#endif
+ #ifndef CURL_DISABLE_PROXY
+ conn->proxy_ssl_config.verifystatus =
+ data->set.proxy_ssl.primary.verifystatus;
+ conn->proxy_ssl_config.verifypeer = data->set.proxy_ssl.primary.verifypeer;
+ conn->proxy_ssl_config.verifyhost = data->set.proxy_ssl.primary.verifyhost;
++ conn->proxy_ssl_config.ssl_options = data->set.proxy_ssl.primary.ssl_options;
++#ifdef USE_TLS_SRP
++#endif
+ #endif
+ conn->ip_version = data->set.ipver;
+ conn->bits.connect_only = data->set.connect_only;
+@@ -3848,7 +3854,8 @@ static CURLcode create_conn(struct Curl_easy *data,
+ data->set.str[STRING_SSL_ISSUERCERT_PROXY];
+ data->set.proxy_ssl.primary.issuercert_blob =
+ data->set.blobs[BLOB_SSL_ISSUERCERT_PROXY];
+- data->set.proxy_ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY];
++ data->set.proxy_ssl.primary.CRLfile =
++ data->set.str[STRING_SSL_CRLFILE_PROXY];
+ data->set.proxy_ssl.cert_type = data->set.str[STRING_CERT_TYPE_PROXY];
+ data->set.proxy_ssl.key = data->set.str[STRING_KEY_PROXY];
+ data->set.proxy_ssl.key_type = data->set.str[STRING_KEY_TYPE_PROXY];
+@@ -3856,18 +3863,20 @@ static CURLcode create_conn(struct Curl_easy *data,
+ data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY];
+ data->set.proxy_ssl.key_blob = data->set.blobs[BLOB_KEY_PROXY];
+ #endif
+- data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE];
++ data->set.ssl.primary.CRLfile = data->set.str[STRING_SSL_CRLFILE];
+ data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE];
+ data->set.ssl.key = data->set.str[STRING_KEY];
+ data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE];
+ data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD];
+ data->set.ssl.primary.clientcert = data->set.str[STRING_CERT];
+ #ifdef USE_TLS_SRP
+- data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME];
+- data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD];
++ data->set.ssl.primary.username = data->set.str[STRING_TLSAUTH_USERNAME];
++ data->set.ssl.primary.password = data->set.str[STRING_TLSAUTH_PASSWORD];
+ #ifndef CURL_DISABLE_PROXY
+- data->set.proxy_ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY];
+- data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
++ data->set.proxy_ssl.primary.username =
++ data->set.str[STRING_TLSAUTH_USERNAME_PROXY];
++ data->set.proxy_ssl.primary.password =
++ data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
+ #endif
+ #endif
+ data->set.ssl.key_blob = data->set.blobs[BLOB_KEY];
+diff --git a/lib/urldata.h b/lib/urldata.h
+index 5218f76..e006495 100644
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -253,10 +253,17 @@ struct ssl_primary_config {
+ char *cipher_list; /* list of ciphers to use */
+ char *cipher_list13; /* list of TLS 1.3 cipher suites to use */
+ char *pinned_key;
++ char *CRLfile; /* CRL to check certificate revocation */
+ struct curl_blob *cert_blob;
+ struct curl_blob *ca_info_blob;
+ struct curl_blob *issuercert_blob;
++#ifdef USE_TLS_SRP
++ char *username; /* TLS username (for, e.g., SRP) */
++ char *password; /* TLS password (for, e.g., SRP) */
++ enum CURL_TLSAUTH authtype; /* TLS authentication type (default SRP) */
++#endif
+ char *curves; /* list of curves to use */
++ unsigned char ssl_options; /* the CURLOPT_SSL_OPTIONS bitmask */
+ BIT(verifypeer); /* set TRUE if this is desired */
+ BIT(verifyhost); /* set TRUE if CN/SAN must match hostname */
+ BIT(verifystatus); /* set TRUE if certificate status must be checked */
+@@ -266,7 +273,6 @@ struct ssl_primary_config {
+ struct ssl_config_data {
+ struct ssl_primary_config primary;
+ long certverifyresult; /* result from the certificate verification */
+- char *CRLfile; /* CRL to check certificate revocation */
+ curl_ssl_ctx_callback fsslctx; /* function to initialize ssl ctx */
+ void *fsslctxp; /* parameter for call back */
+ char *cert_type; /* format for certificate (default: PEM)*/
+@@ -274,11 +280,6 @@ struct ssl_config_data {
+ struct curl_blob *key_blob;
+ char *key_type; /* format for private key (default: PEM) */
+ char *key_passwd; /* plain text private key password */
+-#ifdef USE_TLS_SRP
+- char *username; /* TLS username (for, e.g., SRP) */
+- char *password; /* TLS password (for, e.g., SRP) */
+- enum CURL_TLSAUTH authtype; /* TLS authentication type (default SRP) */
+-#endif
+ BIT(certinfo); /* gather lots of certificate info */
+ BIT(falsestart);
+ BIT(enable_beast); /* allow this flaw for interoperability's sake*/
+diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
+index fe45b3a..3c31782 100644
+--- a/lib/vtls/gtls.c
++++ b/lib/vtls/gtls.c
+@@ -437,9 +437,10 @@ gtls_connect_step1(struct Curl_easy *data,
+ }
+
+ #ifdef HAVE_GNUTLS_SRP
+- if((SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) &&
++ if((SSL_SET_OPTION(primary.authtype) == CURL_TLSAUTH_SRP) &&
+ Curl_allow_auth_to_host(data)) {
+- infof(data, "Using TLS-SRP username: %s", SSL_SET_OPTION(username));
++ infof(data, "Using TLS-SRP username: %s",
++ SSL_SET_OPTION(primary.username));
+
+ rc = gnutls_srp_allocate_client_credentials(&backend->srp_client_cred);
+ if(rc != GNUTLS_E_SUCCESS) {
+@@ -449,8 +450,8 @@ gtls_connect_step1(struct Curl_easy *data,
+ }
+
+ rc = gnutls_srp_set_client_credentials(backend->srp_client_cred,
+- SSL_SET_OPTION(username),
+- SSL_SET_OPTION(password));
++ SSL_SET_OPTION(primary.username),
++ SSL_SET_OPTION(primary.password));
+ if(rc != GNUTLS_E_SUCCESS) {
+ failf(data, "gnutls_srp_set_client_cred() failed: %s",
+ gnutls_strerror(rc));
+@@ -507,19 +508,19 @@ gtls_connect_step1(struct Curl_easy *data,
+ }
+ #endif
+
+- if(SSL_SET_OPTION(CRLfile)) {
++ if(SSL_SET_OPTION(primary.CRLfile)) {
+ /* set the CRL list file */
+ rc = gnutls_certificate_set_x509_crl_file(backend->cred,
+- SSL_SET_OPTION(CRLfile),
++ SSL_SET_OPTION(primary.CRLfile),
+ GNUTLS_X509_FMT_PEM);
+ if(rc < 0) {
+ failf(data, "error reading crl file %s (%s)",
+- SSL_SET_OPTION(CRLfile), gnutls_strerror(rc));
++ SSL_SET_OPTION(primary.CRLfile), gnutls_strerror(rc));
+ return CURLE_SSL_CRL_BADFILE;
+ }
+ else
+ infof(data, "found %d CRL in %s",
+- rc, SSL_SET_OPTION(CRLfile));
++ rc, SSL_SET_OPTION(primary.CRLfile));
+ }
+
+ /* Initialize TLS session as a client */
+@@ -590,7 +591,7 @@ gtls_connect_step1(struct Curl_easy *data,
+ #ifdef HAVE_GNUTLS_SRP
+ /* Only add SRP to the cipher list if SRP is requested. Otherwise
+ * GnuTLS will disable TLS 1.3 support. */
+- if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) {
++ if(SSL_SET_OPTION(primary.authtype) == CURL_TLSAUTH_SRP) {
+ size_t len = strlen(prioritylist);
+
+ char *prioritysrp = malloc(len + sizeof(GNUTLS_SRP) + 1);
+@@ -685,7 +686,7 @@ gtls_connect_step1(struct Curl_easy *data,
+
+ #ifdef HAVE_GNUTLS_SRP
+ /* put the credentials to the current session */
+- if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) {
++ if(SSL_SET_OPTION(primary.authtype) == CURL_TLSAUTH_SRP) {
+ rc = gnutls_credentials_set(session, GNUTLS_CRD_SRP,
+ backend->srp_client_cred);
+ if(rc != GNUTLS_E_SUCCESS) {
+@@ -867,8 +868,8 @@ Curl_gtls_verifyserver(struct Curl_easy *data,
+ SSL_CONN_CONFIG(verifyhost) ||
+ SSL_CONN_CONFIG(issuercert)) {
+ #ifdef HAVE_GNUTLS_SRP
+- if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP
+- && SSL_SET_OPTION(username) != NULL
++ if(SSL_SET_OPTION(primary.authtype) == CURL_TLSAUTH_SRP
++ && SSL_SET_OPTION(primary.username)
+ && !SSL_CONN_CONFIG(verifypeer)
+ && gnutls_cipher_get(session)) {
+ /* no peer cert, but auth is ok if we have SRP user and cipher and no
+@@ -926,7 +927,8 @@ Curl_gtls_verifyserver(struct Curl_easy *data,
+ failf(data, "server certificate verification failed. CAfile: %s "
+ "CRLfile: %s", SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile):
+ "none",
+- SSL_SET_OPTION(CRLfile)?SSL_SET_OPTION(CRLfile):"none");
++ SSL_SET_OPTION(primary.CRLfile) ?
++ SSL_SET_OPTION(primary.CRLfile) : "none");
+ return CURLE_PEER_FAILED_VERIFICATION;
+ }
+ else
+@@ -1556,8 +1558,8 @@ static int gtls_shutdown(struct Curl_easy *data, struct connectdata *conn,
+ gnutls_certificate_free_credentials(backend->cred);
+
+ #ifdef HAVE_GNUTLS_SRP
+- if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP
+- && SSL_SET_OPTION(username) != NULL)
++ if(SSL_SET_OPTION(primary.authtype) == CURL_TLSAUTH_SRP
++ && SSL_SET_OPTION(primary.username) != NULL)
+ gnutls_srp_free_client_credentials(backend->srp_client_cred);
+ #endif
+
+diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
+index b9fd26a..bd4ad8f 100644
+--- a/lib/vtls/mbedtls.c
++++ b/lib/vtls/mbedtls.c
+@@ -279,7 +279,7 @@ mbed_connect_step1(struct Curl_easy *data, struct connectdata *conn,
+ const char * const ssl_capath = SSL_CONN_CONFIG(CApath);
+ char * const ssl_cert = SSL_SET_OPTION(primary.clientcert);
+ const struct curl_blob *ssl_cert_blob = SSL_SET_OPTION(primary.cert_blob);
+- const char * const ssl_crlfile = SSL_SET_OPTION(CRLfile);
++ const char * const ssl_crlfile = SSL_SET_OPTION(primary.CRLfile);
+ const char * const hostname = SSL_HOST_NAME();
+ #ifndef CURL_DISABLE_VERBOSE_STRINGS
+ const long int port = SSL_HOST_PORT();
+diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
+index 52f2060..959e23e 100644
+--- a/lib/vtls/nss.c
++++ b/lib/vtls/nss.c
+@@ -2035,13 +2035,13 @@ static CURLcode nss_setup_connect(struct Curl_easy *data,
+ }
+ }
+
+- if(SSL_SET_OPTION(CRLfile)) {
+- const CURLcode rv = nss_load_crl(SSL_SET_OPTION(CRLfile));
++ if(SSL_SET_OPTION(primary.CRLfile)) {
++ const CURLcode rv = nss_load_crl(SSL_SET_OPTION(primary.CRLfile));
+ if(rv) {
+ result = rv;
+ goto error;
+ }
+- infof(data, " CRLfile: %s", SSL_SET_OPTION(CRLfile));
++ infof(data, " CRLfile: %s", SSL_SET_OPTION(primary.CRLfile));
+ }
+
+ if(SSL_SET_OPTION(primary.clientcert)) {
+diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
+index e8633f4..d98bbcb 100644
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -2632,7 +2632,7 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
+ #endif
+ const long int ssl_version = SSL_CONN_CONFIG(version);
+ #ifdef USE_OPENSSL_SRP
+- const enum CURL_TLSAUTH ssl_authtype = SSL_SET_OPTION(authtype);
++ const enum CURL_TLSAUTH ssl_authtype = SSL_SET_OPTION(primary.authtype);
+ #endif
+ char * const ssl_cert = SSL_SET_OPTION(primary.clientcert);
+ const struct curl_blob *ssl_cert_blob = SSL_SET_OPTION(primary.cert_blob);
+@@ -2643,7 +2643,7 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
+ (ca_info_blob ? NULL : SSL_CONN_CONFIG(CAfile));
+ const char * const ssl_capath = SSL_CONN_CONFIG(CApath);
+ const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
+- const char * const ssl_crlfile = SSL_SET_OPTION(CRLfile);
++ const char * const ssl_crlfile = SSL_SET_OPTION(primary.CRLfile);
+ char error_buffer[256];
+ struct ssl_backend_data *backend = connssl->backend;
+ bool imported_native_ca = false;
+@@ -2895,15 +2895,15 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
+ #ifdef USE_OPENSSL_SRP
+ if((ssl_authtype == CURL_TLSAUTH_SRP) &&
+ Curl_allow_auth_to_host(data)) {
+- char * const ssl_username = SSL_SET_OPTION(username);
+-
++ char * const ssl_username = SSL_SET_OPTION(primary.username);
++ char * const ssl_password = SSL_SET_OPTION(primary.password);
+ infof(data, "Using TLS-SRP username: %s", ssl_username);
+
+ if(!SSL_CTX_set_srp_username(backend->ctx, ssl_username)) {
+ failf(data, "Unable to set SRP user name");
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ }
+- if(!SSL_CTX_set_srp_password(backend->ctx, SSL_SET_OPTION(password))) {
++ if(!SSL_CTX_set_srp_password(backend->ctx, ssl_password)) {
+ failf(data, "failed setting SRP password");
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ }
+diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
+index a40ac06..e2d3438 100644
+--- a/lib/vtls/vtls.c
++++ b/lib/vtls/vtls.c
+@@ -132,6 +132,7 @@ Curl_ssl_config_matches(struct ssl_primary_config *data,
+ {
+ if((data->version == needle->version) &&
+ (data->version_max == needle->version_max) &&
++ (data->ssl_options == needle->ssl_options) &&
+ (data->verifypeer == needle->verifypeer) &&
+ (data->verifyhost == needle->verifyhost) &&
+ (data->verifystatus == needle->verifystatus) &&
+@@ -144,9 +145,15 @@ Curl_ssl_config_matches(struct ssl_primary_config *data,
+ Curl_safecmp(data->clientcert, needle->clientcert) &&
+ Curl_safecmp(data->random_file, needle->random_file) &&
+ Curl_safecmp(data->egdsocket, needle->egdsocket) &&
++#ifdef USE_TLS_SRP
++ Curl_safecmp(data->username, needle->username) &&
++ Curl_safecmp(data->password, needle->password) &&
++ (data->authtype == needle->authtype) &&
++#endif
+ Curl_safe_strcasecompare(data->cipher_list, needle->cipher_list) &&
+ Curl_safe_strcasecompare(data->cipher_list13, needle->cipher_list13) &&
+ Curl_safe_strcasecompare(data->curves, needle->curves) &&
++ Curl_safe_strcasecompare(data->CRLfile, needle->CRLfile) &&
+ Curl_safe_strcasecompare(data->pinned_key, needle->pinned_key))
+ return TRUE;
+
+@@ -163,6 +170,10 @@ Curl_clone_primary_ssl_config(struct ssl_primary_config *source,
+ dest->verifyhost = source->verifyhost;
+ dest->verifystatus = source->verifystatus;
+ dest->sessionid = source->sessionid;
++ dest->ssl_options = source->ssl_options;
++#ifdef USE_TLS_SRP
++ dest->authtype = source->authtype;
++#endif
+
+ CLONE_BLOB(cert_blob);
+ CLONE_BLOB(ca_info_blob);
+@@ -177,6 +188,11 @@ Curl_clone_primary_ssl_config(struct ssl_primary_config *source,
+ CLONE_STRING(cipher_list13);
+ CLONE_STRING(pinned_key);
+ CLONE_STRING(curves);
++ CLONE_STRING(CRLfile);
++#ifdef USE_TLS_SRP
++ CLONE_STRING(username);
++ CLONE_STRING(password);
++#endif
+
+ return TRUE;
+ }
+@@ -196,6 +212,11 @@ void Curl_free_primary_ssl_config(struct ssl_primary_config *sslc)
+ Curl_safefree(sslc->ca_info_blob);
+ Curl_safefree(sslc->issuercert_blob);
+ Curl_safefree(sslc->curves);
++ Curl_safefree(sslc->CRLfile);
++#ifdef USE_TLS_SRP
++ Curl_safefree(sslc->username);
++ Curl_safefree(sslc->password);
++#endif
+ }
+
+ #ifdef USE_SSL
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-27782-2.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-27782-2.patch
new file mode 100644
index 0000000..74fa7f8
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-27782-2.patch
@@ -0,0 +1,71 @@
+From 782a5e8e5b0271f8cb33eeef6a3819b0149093e0 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 9 May 2022 23:13:53 +0200
+Subject: [PATCH] url: check SSH config match on connection reuse
+
+CVE-2022-27782
+
+Reported-by: Harry Sintonen
+Bug: https://curl.se/docs/CVE-2022-27782.html
+Closes #8825
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/1645e9b44505abd5cbaf65da5282c3f33b5924a5]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/url.c | 11 +++++++++++
+ lib/vssh/ssh.h | 6 +++---
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index 5ebf5e2..c713e54 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -1098,6 +1098,12 @@ static void prune_dead_connections(struct Curl_easy *data)
+ }
+ }
+
++static bool ssh_config_matches(struct connectdata *one,
++ struct connectdata *two)
++{
++ return (Curl_safecmp(one->proto.sshc.rsa, two->proto.sshc.rsa) &&
++ Curl_safecmp(one->proto.sshc.rsa_pub, two->proto.sshc.rsa_pub));
++}
+ /*
+ * Given one filled in connection struct (named needle), this function should
+ * detect if there already is one that has all the significant details
+@@ -1356,6 +1362,11 @@ ConnectionExists(struct Curl_easy *data,
+ (data->state.httpwant < CURL_HTTP_VERSION_2_0))
+ continue;
+
++ if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
++ if(!ssh_config_matches(needle, check))
++ continue;
++ }
++
+ if((needle->handler->flags&PROTOPT_SSL)
+ #ifndef CURL_DISABLE_PROXY
+ || !needle->bits.httpproxy || needle->bits.tunnel_proxy
+diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h
+index 7972081..30d82e5 100644
+--- a/lib/vssh/ssh.h
++++ b/lib/vssh/ssh.h
+@@ -7,7 +7,7 @@
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+- * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+@@ -131,8 +131,8 @@ struct ssh_conn {
+
+ /* common */
+ const char *passphrase; /* pass-phrase to use */
+- char *rsa_pub; /* path name */
+- char *rsa; /* path name */
++ char *rsa_pub; /* strdup'ed public key file */
++ char *rsa; /* strdup'ed private key file */
+ bool authed; /* the connection has been authenticated fine */
+ bool acceptfail; /* used by the SFTP_QUOTE (continue if
+ quote command fails) */
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-30115.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-30115.patch
new file mode 100644
index 0000000..96839cf
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-30115.patch
@@ -0,0 +1,82 @@
+From 8313ef3f507b5bdc54e985cae71aa9df00609d55 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 9 May 2022 08:13:55 +0200
+Subject: [PATCH] hsts: ignore trailing dots when comparing hosts names
+
+CVE-2022-30115
+
+Reported-by: Axel Chong
+Bug: https://curl.se/docs/CVE-2022-30115.html
+Closes #8821
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/fae6fea209a2d4db1582f608bd8cc8000721733a]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/hsts.c | 30 +++++++++++++++++++++++++-----
+ 1 file changed, 25 insertions(+), 5 deletions(-)
+
+diff --git a/lib/hsts.c b/lib/hsts.c
+index 03fcc9e..b9fa6f7 100644
+--- a/lib/hsts.c
++++ b/lib/hsts.c
+@@ -114,16 +114,25 @@ static CURLcode hsts_create(struct hsts *h,
+ curl_off_t expires)
+ {
+ struct stsentry *sts = hsts_entry();
++ char *duphost;
++ size_t hlen;
+ if(!sts)
+ return CURLE_OUT_OF_MEMORY;
+
+- sts->expires = expires;
+- sts->includeSubDomains = subdomains;
+- sts->host = strdup(hostname);
+- if(!sts->host) {
++ duphost = strdup(hostname);
++ if(!duphost) {
+ free(sts);
+ return CURLE_OUT_OF_MEMORY;
+ }
++
++ hlen = strlen(duphost);
++ if(duphost[hlen - 1] == '.')
++ /* strip off trailing any dot */
++ duphost[--hlen] = 0;
++
++ sts->host = duphost;
++ sts->expires = expires;
++ sts->includeSubDomains = subdomains;
+ Curl_llist_insert_next(&h->list, h->list.tail, sts, &sts->node);
+ return CURLE_OK;
+ }
+@@ -238,10 +247,21 @@ struct stsentry *Curl_hsts(struct hsts *h, const char *hostname,
+ bool subdomain)
+ {
+ if(h) {
++ char buffer[MAX_HSTS_HOSTLEN + 1];
+ time_t now = time(NULL);
+ size_t hlen = strlen(hostname);
+ struct Curl_llist_element *e;
+ struct Curl_llist_element *n;
++
++ if((hlen > MAX_HSTS_HOSTLEN) || !hlen)
++ return NULL;
++ memcpy(buffer, hostname, hlen);
++ if(hostname[hlen-1] == '.')
++ /* remove the trailing dot */
++ --hlen;
++ buffer[hlen] = 0;
++ hostname = buffer;
++
+ for(e = h->list.head; e; e = n) {
+ struct stsentry *sts = e->ptr;
+ n = e->next;
+@@ -440,7 +460,7 @@ static CURLcode hsts_pull(struct Curl_easy *data, struct hsts *h)
+ CURLSTScode sc;
+ DEBUGASSERT(h);
+ do {
+- char buffer[257];
++ char buffer[MAX_HSTS_HOSTLEN + 1];
+ struct curl_hstsentry e;
+ e.name = buffer;
+ e.namelen = sizeof(buffer)-1;
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-32205.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-32205.patch
new file mode 100644
index 0000000..165fd8a
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-32205.patch
@@ -0,0 +1,174 @@
+From a91c22a072cbb32e296f1efba3502f1b7775dfaf Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Sun, 26 Jun 2022 11:00:48 +0200
+Subject: [PATCH] cookie: apply limits
+
+- Send no more than 150 cookies per request
+- Cap the max length used for a cookie: header to 8K
+- Cap the max number of received Set-Cookie: headers to 50
+
+Bug: https://curl.se/docs/CVE-2022-32205.html
+CVE-2022-32205
+Reported-by: Harry Sintonen
+Closes #9048
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/48d7064a49148f0394]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/cookie.c | 14 ++++++++++++--
+ lib/cookie.h | 21 +++++++++++++++++++--
+ lib/http.c | 13 +++++++++++--
+ lib/urldata.h | 1 +
+ 4 files changed, 43 insertions(+), 6 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 1b8c8f9..8a6aa1a 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -477,6 +477,10 @@ Curl_cookie_add(struct Curl_easy *data,
+ (void)data;
+ #endif
+
++ DEBUGASSERT(MAX_SET_COOKIE_AMOUNT <= 255); /* counter is an unsigned char */
++ if(data->req.setcookies >= MAX_SET_COOKIE_AMOUNT)
++ return NULL;
++
+ /* First, alloc and init a new struct for it */
+ co = calloc(1, sizeof(struct Cookie));
+ if(!co)
+@@ -816,7 +820,7 @@ Curl_cookie_add(struct Curl_easy *data,
+ freecookie(co);
+ return NULL;
+ }
+-
++ data->req.setcookies++;
+ }
+ else {
+ /*
+@@ -1354,7 +1358,8 @@ static struct Cookie *dup_cookie(struct Cookie *src)
+ *
+ * It shall only return cookies that haven't expired.
+ */
+-struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
++struct Cookie *Curl_cookie_getlist(struct Curl_easy *data,
++ struct CookieInfo *c,
+ const char *host, const char *path,
+ bool secure)
+ {
+@@ -1409,6 +1414,11 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+ mainco = newco;
+
+ matches++;
++ if(matches >= MAX_COOKIE_SEND_AMOUNT) {
++ infof(data, "Included max number of cookies (%u) in request!",
++ matches);
++ break;
++ }
+ }
+ else
+ goto fail;
+diff --git a/lib/cookie.h b/lib/cookie.h
+index 0ffe08e..7411980 100644
+--- a/lib/cookie.h
++++ b/lib/cookie.h
+@@ -81,10 +81,26 @@ struct CookieInfo {
+ */
+ #define MAX_COOKIE_LINE 5000
+
+-/* This is the maximum length of a cookie name or content we deal with: */
++/* Maximum length of an incoming cookie name or content we deal with. Longer
++ cookies are ignored. */
+ #define MAX_NAME 4096
+ #define MAX_NAME_TXT "4095"
+
++/* Maximum size for an outgoing cookie line libcurl will use in an http
++ request. This is the default maximum length used in some versions of Apache
++ httpd. */
++#define MAX_COOKIE_HEADER_LEN 8190
++
++/* Maximum number of cookies libcurl will send in a single request, even if
++ there might be more cookies that match. One reason to cap the number is to
++ keep the maximum HTTP request within the maximum allowed size. */
++#define MAX_COOKIE_SEND_AMOUNT 150
++
++/* Maximum number of Set-Cookie: lines accepted in a single response. If more
++ such header lines are received, they are ignored. This value must be less
++ than 256 since an unsigned char is used to count. */
++#define MAX_SET_COOKIE_AMOUNT 50
++
+ struct Curl_easy;
+ /*
+ * Add a cookie to the internal list of cookies. The domain and path arguments
+@@ -97,7 +113,8 @@ struct Cookie *Curl_cookie_add(struct Curl_easy *data,
+ const char *domain, const char *path,
+ bool secure);
+
+-struct Cookie *Curl_cookie_getlist(struct CookieInfo *c, const char *host,
++struct Cookie *Curl_cookie_getlist(struct Curl_easy *data,
++ struct CookieInfo *c, const char *host,
+ const char *path, bool secure);
+ void Curl_cookie_freelist(struct Cookie *cookies);
+ void Curl_cookie_clearall(struct CookieInfo *cookies);
+diff --git a/lib/http.c b/lib/http.c
+index 4433824..2c8b0c4 100644
+--- a/lib/http.c
++++ b/lib/http.c
+@@ -2709,12 +2709,14 @@ CURLcode Curl_http_bodysend(struct Curl_easy *data, struct connectdata *conn,
+ }
+
+ #if !defined(CURL_DISABLE_COOKIES)
++
+ CURLcode Curl_http_cookies(struct Curl_easy *data,
+ struct connectdata *conn,
+ struct dynbuf *r)
+ {
+ CURLcode result = CURLE_OK;
+ char *addcookies = NULL;
++ bool linecap = FALSE;
+ if(data->set.str[STRING_COOKIE] &&
+ !Curl_checkheaders(data, STRCONST("Cookie")))
+ addcookies = data->set.str[STRING_COOKIE];
+@@ -2732,7 +2734,7 @@ CURLcode Curl_http_cookies(struct Curl_easy *data,
+ !strcmp(host, "127.0.0.1") ||
+ !strcmp(host, "[::1]") ? TRUE : FALSE;
+ Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
+- co = Curl_cookie_getlist(data->cookies, host, data->state.up.path,
++ co = Curl_cookie_getlist(data, data->cookies, host, data->state.up.path,
+ secure_context);
+ Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
+ }
+@@ -2746,6 +2748,13 @@ CURLcode Curl_http_cookies(struct Curl_easy *data,
+ if(result)
+ break;
+ }
++ if((Curl_dyn_len(r) + strlen(co->name) + strlen(co->value) + 1) >=
++ MAX_COOKIE_HEADER_LEN) {
++ infof(data, "Restricted outgoing cookies due to header size, "
++ "'%s' not sent", co->name);
++ linecap = TRUE;
++ break;
++ }
+ result = Curl_dyn_addf(r, "%s%s=%s", count?"; ":"",
+ co->name, co->value);
+ if(result)
+@@ -2756,7 +2765,7 @@ CURLcode Curl_http_cookies(struct Curl_easy *data,
+ }
+ Curl_cookie_freelist(store);
+ }
+- if(addcookies && !result) {
++ if(addcookies && !result && !linecap) {
+ if(!count)
+ result = Curl_dyn_addn(r, STRCONST("Cookie: "));
+ if(!result) {
+diff --git a/lib/urldata.h b/lib/urldata.h
+index e006495..54faf7d 100644
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -707,6 +707,7 @@ struct SingleRequest {
+ #ifndef CURL_DISABLE_DOH
+ struct dohdata *doh; /* DoH specific data for this request */
+ #endif
++ unsigned char setcookies;
+ BIT(header); /* incoming data has HTTP header */
+ BIT(content_range); /* set TRUE if Content-Range: was found */
+ BIT(upload_done); /* set to TRUE when doing chunked transfer-encoding
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-32206.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-32206.patch
new file mode 100644
index 0000000..25f5b27
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-32206.patch
@@ -0,0 +1,51 @@
+From e12531340b03d242d3f892aa8797faf12b56dddf Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 16 May 2022 16:28:13 +0200
+Subject: [PATCH] content_encoding: return error on too many compression steps
+
+The max allowed steps is arbitrarily set to 5.
+
+Bug: https://curl.se/docs/CVE-2022-32206.html
+CVE-2022-32206
+Reported-by: Harry Sintonen
+Closes #9049
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/3a09fbb7f264c67c43]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/content_encoding.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/lib/content_encoding.c b/lib/content_encoding.c
+index c03637a..6f994b3 100644
+--- a/lib/content_encoding.c
++++ b/lib/content_encoding.c
+@@ -1026,12 +1026,16 @@ static const struct content_encoding *find_encoding(const char *name,
+ return NULL;
+ }
+
++/* allow no more than 5 "chained" compression steps */
++#define MAX_ENCODE_STACK 5
++
+ /* Set-up the unencoding stack from the Content-Encoding header value.
+ * See RFC 7231 section 3.1.2.2. */
+ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data,
+ const char *enclist, int maybechunked)
+ {
+ struct SingleRequest *k = &data->req;
++ int counter = 0;
+
+ do {
+ const char *name;
+@@ -1066,6 +1070,11 @@ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data,
+ if(!encoding)
+ encoding = &error_encoding; /* Defer error at stack use. */
+
++ if(++counter >= MAX_ENCODE_STACK) {
++ failf(data, "Reject response due to %u content encodings",
++ counter);
++ return CURLE_BAD_CONTENT_ENCODING;
++ }
+ /* Stack the unencoding stage. */
+ writer = new_unencoding_writer(data, encoding, k->writer_stack);
+ if(!writer)
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-32207.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-32207.patch
new file mode 100644
index 0000000..bc16b62
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-32207.patch
@@ -0,0 +1,283 @@
+From 759088694e2ba68ddc5ffe042b071dadad6ff675 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 25 May 2022 10:09:53 +0200
+Subject: [PATCH] fopen: add Curl_fopen() for better overwriting of files
+
+Bug: https://curl.se/docs/CVE-2022-32207.html
+CVE-2022-32207
+Reported-by: Harry Sintonen
+Closes #9050
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/20f9dd6bae50b]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ CMakeLists.txt | 1 +
+ configure.ac | 1 +
+ lib/Makefile.inc | 2 +
+ lib/cookie.c | 19 ++-----
+ lib/curl_config.h.cmake | 3 ++
+ lib/fopen.c | 113 ++++++++++++++++++++++++++++++++++++++++
+ lib/fopen.h | 30 +++++++++++
+ 7 files changed, 154 insertions(+), 15 deletions(-)
+ create mode 100644 lib/fopen.c
+ create mode 100644 lib/fopen.h
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index b77de6d..a0bfaad 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -1027,6 +1027,7 @@ elseif(HAVE_LIBSOCKET)
+ set(CMAKE_REQUIRED_LIBRARIES socket)
+ endif()
+
++check_symbol_exists(fchmod "${CURL_INCLUDES}" HAVE_FCHMOD)
+ check_symbol_exists(basename "${CURL_INCLUDES}" HAVE_BASENAME)
+ check_symbol_exists(socket "${CURL_INCLUDES}" HAVE_SOCKET)
+ check_symbol_exists(select "${CURL_INCLUDES}" HAVE_SELECT)
+diff --git a/configure.ac b/configure.ac
+index d431870..7433bb9 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -3351,6 +3351,7 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se
+
+
+ AC_CHECK_FUNCS([fnmatch \
++ fchmod \
+ geteuid \
+ getpass_r \
+ getppid \
+diff --git a/lib/Makefile.inc b/lib/Makefile.inc
+index e8f110f..5139b03 100644
+--- a/lib/Makefile.inc
++++ b/lib/Makefile.inc
+@@ -133,6 +133,7 @@ LIB_CFILES = \
+ escape.c \
+ file.c \
+ fileinfo.c \
++ fopen.c \
+ formdata.c \
+ ftp.c \
+ ftplistparser.c \
+@@ -263,6 +264,7 @@ LIB_HFILES = \
+ escape.h \
+ file.h \
+ fileinfo.h \
++ fopen.h \
+ formdata.h \
+ ftp.h \
+ ftplistparser.h \
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 8a6aa1a..cb0c03b 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -96,8 +96,8 @@ Example set of cookies:
+ #include "curl_get_line.h"
+ #include "curl_memrchr.h"
+ #include "parsedate.h"
+-#include "rand.h"
+ #include "rename.h"
++#include "fopen.h"
+
+ /* The last 3 #include files should be in this order */
+ #include "curl_printf.h"
+@@ -1620,20 +1620,9 @@ static CURLcode cookie_output(struct Curl_easy *data,
+ use_stdout = TRUE;
+ }
+ else {
+- unsigned char randsuffix[9];
+-
+- if(Curl_rand_hex(data, randsuffix, sizeof(randsuffix)))
+- return 2;
+-
+- tempstore = aprintf("%s.%s.tmp", filename, randsuffix);
+- if(!tempstore)
+- return CURLE_OUT_OF_MEMORY;
+-
+- out = fopen(tempstore, FOPEN_WRITETEXT);
+- if(!out) {
+- error = CURLE_WRITE_ERROR;
++ error = Curl_fopen(data, filename, &out, &tempstore);
++ if(error)
+ goto error;
+- }
+ }
+
+ fputs("# Netscape HTTP Cookie File\n"
+@@ -1680,7 +1669,7 @@ static CURLcode cookie_output(struct Curl_easy *data,
+ if(!use_stdout) {
+ fclose(out);
+ out = NULL;
+- if(Curl_rename(tempstore, filename)) {
++ if(tempstore && Curl_rename(tempstore, filename)) {
+ unlink(tempstore);
+ error = CURLE_WRITE_ERROR;
+ goto error;
+diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
+index d2a0f43..c254359 100644
+--- a/lib/curl_config.h.cmake
++++ b/lib/curl_config.h.cmake
+@@ -157,6 +157,9 @@
+ /* Define to 1 if you have the <assert.h> header file. */
+ #cmakedefine HAVE_ASSERT_H 1
+
++/* Define to 1 if you have the `fchmod' function. */
++#cmakedefine HAVE_FCHMOD 1
++
+ /* Define to 1 if you have the `basename' function. */
+ #cmakedefine HAVE_BASENAME 1
+
+diff --git a/lib/fopen.c b/lib/fopen.c
+new file mode 100644
+index 0000000..ad3691b
+--- /dev/null
++++ b/lib/fopen.c
+@@ -0,0 +1,113 @@
++/***************************************************************************
++ * _ _ ____ _
++ * Project ___| | | | _ \| |
++ * / __| | | | |_) | |
++ * | (__| |_| | _ <| |___
++ * \___|\___/|_| \_\_____|
++ *
++ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++ *
++ * This software is licensed as described in the file COPYING, which
++ * you should have received as part of this distribution. The terms
++ * are also available at https://curl.se/docs/copyright.html.
++ *
++ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
++ * copies of the Software, and permit persons to whom the Software is
++ * furnished to do so, under the terms of the COPYING file.
++ *
++ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
++ * KIND, either express or implied.
++ *
++ * SPDX-License-Identifier: curl
++ *
++ ***************************************************************************/
++
++#include "curl_setup.h"
++
++#if !defined(CURL_DISABLE_COOKIES) || !defined(CURL_DISABLE_ALTSVC) || \
++ !defined(CURL_DISABLE_HSTS)
++
++#ifdef HAVE_FCNTL_H
++#include <fcntl.h>
++#endif
++
++#include "urldata.h"
++#include "rand.h"
++#include "fopen.h"
++/* The last 3 #include files should be in this order */
++#include "curl_printf.h"
++#include "curl_memory.h"
++#include "memdebug.h"
++
++/*
++ * Curl_fopen() opens a file for writing with a temp name, to be renamed
++ * to the final name when completed. If there is an existing file using this
++ * name at the time of the open, this function will clone the mode from that
++ * file. if 'tempname' is non-NULL, it needs a rename after the file is
++ * written.
++ */
++CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
++ FILE **fh, char **tempname)
++{
++ CURLcode result = CURLE_WRITE_ERROR;
++ unsigned char randsuffix[9];
++ char *tempstore = NULL;
++ struct_stat sb;
++ int fd = -1;
++ *tempname = NULL;
++
++ if(stat(filename, &sb) == -1 || !S_ISREG(sb.st_mode)) {
++ /* a non-regular file, fallback to direct fopen() */
++ *fh = fopen(filename, FOPEN_WRITETEXT);
++ if(*fh)
++ return CURLE_OK;
++ goto fail;
++ }
++
++ result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix));
++ if(result)
++ goto fail;
++
++ tempstore = aprintf("%s.%s.tmp", filename, randsuffix);
++ if(!tempstore) {
++ result = CURLE_OUT_OF_MEMORY;
++ goto fail;
++ }
++
++ result = CURLE_WRITE_ERROR;
++ fd = open(tempstore, O_WRONLY | O_CREAT | O_EXCL, 0600);
++ if(fd == -1)
++ goto fail;
++
++#ifdef HAVE_FCHMOD
++ {
++ struct_stat nsb;
++ if((fstat(fd, &nsb) != -1) &&
++ (nsb.st_uid == sb.st_uid) && (nsb.st_gid == sb.st_gid)) {
++ /* if the user and group are the same, clone the original mode */
++ if(fchmod(fd, sb.st_mode) == -1)
++ goto fail;
++ }
++ }
++#endif
++
++ *fh = fdopen(fd, FOPEN_WRITETEXT);
++ if(!*fh)
++ goto fail;
++
++ *tempname = tempstore;
++ return CURLE_OK;
++
++fail:
++ if(fd != -1) {
++ close(fd);
++ unlink(tempstore);
++ }
++
++ free(tempstore);
++
++ *tempname = NULL;
++ return result;
++}
++
++#endif /* ! disabled */
+diff --git a/lib/fopen.h b/lib/fopen.h
+new file mode 100644
+index 0000000..289e55f
+--- /dev/null
++++ b/lib/fopen.h
+@@ -0,0 +1,30 @@
++#ifndef HEADER_CURL_FOPEN_H
++#define HEADER_CURL_FOPEN_H
++/***************************************************************************
++ * _ _ ____ _
++ * Project ___| | | | _ \| |
++ * / __| | | | |_) | |
++ * | (__| |_| | _ <| |___
++ * \___|\___/|_| \_\_____|
++ *
++ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++ *
++ * This software is licensed as described in the file COPYING, which
++ * you should have received as part of this distribution. The terms
++ * are also available at https://curl.se/docs/copyright.html.
++ *
++ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
++ * copies of the Software, and permit persons to whom the Software is
++ * furnished to do so, under the terms of the COPYING file.
++ *
++ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
++ * KIND, either express or implied.
++ *
++ * SPDX-License-Identifier: curl
++ *
++ ***************************************************************************/
++
++CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
++ FILE **fh, char **tempname);
++
++#endif
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-32208.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-32208.patch
new file mode 100644
index 0000000..9a4e398
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2022-32208.patch
@@ -0,0 +1,67 @@
+From fd2ffddec315c029e923e6e6f2c049809d01a5fc Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Thu, 9 Jun 2022 09:27:24 +0200
+Subject: [PATCH] krb5: return error properly on decode errors
+
+Bug: https://curl.se/docs/CVE-2022-32208.html
+CVE-2022-32208
+Reported-by: Harry Sintonen
+Closes #9051
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/6ecdf5136b52af7]
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+---
+ lib/krb5.c | 18 +++++++++++-------
+ 1 file changed, 11 insertions(+), 7 deletions(-)
+
+diff --git a/lib/krb5.c b/lib/krb5.c
+index 787137c..6f9e1f7 100644
+--- a/lib/krb5.c
++++ b/lib/krb5.c
+@@ -140,11 +140,8 @@ krb5_decode(void *app_data, void *buf, int len,
+ enc.value = buf;
+ enc.length = len;
+ maj = gss_unwrap(&min, *context, &enc, &dec, NULL, NULL);
+- if(maj != GSS_S_COMPLETE) {
+- if(len >= 4)
+- strcpy(buf, "599 ");
++ if(maj != GSS_S_COMPLETE)
+ return -1;
+- }
+
+ memcpy(buf, dec.value, dec.length);
+ len = curlx_uztosi(dec.length);
+@@ -506,6 +503,7 @@ static CURLcode read_data(struct connectdata *conn,
+ {
+ int len;
+ CURLcode result;
++ int nread;
+
+ result = socket_read(fd, &len, sizeof(len));
+ if(result)
+@@ -514,7 +512,10 @@ static CURLcode read_data(struct connectdata *conn,
+ if(len) {
+ /* only realloc if there was a length */
+ len = ntohl(len);
+- buf->data = Curl_saferealloc(buf->data, len);
++ if(len > CURL_MAX_INPUT_LENGTH)
++ len = 0;
++ else
++ buf->data = Curl_saferealloc(buf->data, len);
+ }
+ if(!len || !buf->data)
+ return CURLE_OUT_OF_MEMORY;
+@@ -522,8 +523,11 @@ static CURLcode read_data(struct connectdata *conn,
+ result = socket_read(fd, buf->data, len);
+ if(result)
+ return result;
+- buf->size = conn->mech->decode(conn->app_data, buf->data, len,
+- conn->data_prot, conn);
++ nread = conn->mech->decode(conn->app_data, buf->data, len,
++ conn->data_prot, conn);
++ if(nread < 0)
++ return CURLE_RECV_ERROR;
++ buf->size = (size_t)nread;
+ buf->index = 0;
+ return CURLE_OK;
+ }
diff --git a/poky/meta/recipes-support/curl/curl_7.82.0.bb b/poky/meta/recipes-support/curl/curl_7.82.0.bb
index 23bd7ea..67de022 100644
--- a/poky/meta/recipes-support/curl/curl_7.82.0.bb
+++ b/poky/meta/recipes-support/curl/curl_7.82.0.bb
@@ -9,7 +9,26 @@
LICENSE = "MIT-open-group"
LIC_FILES_CHKSUM = "file://COPYING;md5=190c514872597083303371684954f238"
-SRC_URI = "https://curl.se/download/${BP}.tar.xz"
+SRC_URI = "https://curl.se/download/${BP}.tar.xz \
+ file://CVE-2022-22576.patch \
+ file://CVE-2022-27775.patch \
+ file://CVE-2022-27776.patch \
+ file://CVE-2022-27774-1.patch \
+ file://CVE-2022-27774-2.patch \
+ file://CVE-2022-27774-3.patch \
+ file://CVE-2022-27774-4.patch \
+ file://CVE-2022-30115.patch \
+ file://CVE-2022-27780.patch \
+ file://CVE-2022-27781.patch \
+ file://CVE-2022-27779.patch \
+ file://CVE-2022-27782-1.patch \
+ file://CVE-2022-27782-2.patch \
+ file://0001-openssl-fix-CN-check-error-code.patch \
+ file://CVE-2022-32205.patch \
+ file://CVE-2022-32206.patch \
+ file://CVE-2022-32207.patch \
+ file://CVE-2022-32208.patch \
+ "
SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c"
# Curl has used many names over the years...
diff --git a/poky/meta/recipes-support/fribidi/fribidi_1.0.11.bb b/poky/meta/recipes-support/fribidi/fribidi_1.0.12.bb
similarity index 89%
rename from poky/meta/recipes-support/fribidi/fribidi_1.0.11.bb
rename to poky/meta/recipes-support/fribidi/fribidi_1.0.12.bb
index 56ca734..b29c478 100644
--- a/poky/meta/recipes-support/fribidi/fribidi_1.0.11.bb
+++ b/poky/meta/recipes-support/fribidi/fribidi_1.0.12.bb
@@ -11,7 +11,7 @@
SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.xz \
"
-SRC_URI[sha256sum] = "30f93e9c63ee627d1a2cedcf59ac34d45bf30240982f99e44c6e015466b4e73d"
+SRC_URI[sha256sum] = "0cd233f97fc8c67bb3ac27ce8440def5d3ffacf516765b91c2cc654498293495"
UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases"
diff --git a/poky/meta/recipes-support/iso-codes/iso-codes_4.9.0.bb b/poky/meta/recipes-support/iso-codes/iso-codes_4.10.0.bb
similarity index 93%
rename from poky/meta/recipes-support/iso-codes/iso-codes_4.9.0.bb
rename to poky/meta/recipes-support/iso-codes/iso-codes_4.10.0.bb
index f51edf0..857fe46 100644
--- a/poky/meta/recipes-support/iso-codes/iso-codes_4.9.0.bb
+++ b/poky/meta/recipes-support/iso-codes/iso-codes_4.10.0.bb
@@ -9,7 +9,7 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
SRC_URI = "git://salsa.debian.org/iso-codes-team/iso-codes.git;protocol=https;branch=main;"
-SRCREV = "35ae2024024eb8e6603d3034dbbc406594f3874c"
+SRCREV = "9a6c24ee40e737ab34273c1af13a8dabcae888dd"
# inherit gettext cannot be used, because it adds gettext-native to BASEDEPENDS which
# are inhibited by allarch
diff --git a/poky/meta/recipes-support/libffi/libffi_3.4.2.bb b/poky/meta/recipes-support/libffi/libffi_3.4.2.bb
index 733fcc5..71d9518 100644
--- a/poky/meta/recipes-support/libffi/libffi_3.4.2.bb
+++ b/poky/meta/recipes-support/libffi/libffi_3.4.2.bb
@@ -19,6 +19,7 @@
UPSTREAM_CHECK_REGEX = "libffi-(?P<pver>\d+(\.\d+)+)\.tar"
EXTRA_OECONF += "--disable-builddir --disable-exec-static-tramp"
+EXTRA_OECONF:class-native += "--with-gcc-arch=generic"
EXTRA_OEMAKE:class-target = "LIBTOOLFLAGS='--tag=CC'"
inherit autotools texinfo multilib_header
@@ -33,4 +34,3 @@
MIPS_INSTRUCTION_SET = "mips"
BBCLASSEXTEND = "native nativesdk"
-
diff --git a/poky/meta/recipes-support/libpcre/libpcre2_10.39.bb b/poky/meta/recipes-support/libpcre/libpcre2_10.40.bb
similarity index 89%
rename from poky/meta/recipes-support/libpcre/libpcre2_10.39.bb
rename to poky/meta/recipes-support/libpcre/libpcre2_10.40.bb
index b5ec62f..3843d43 100644
--- a/poky/meta/recipes-support/libpcre/libpcre2_10.39.bb
+++ b/poky/meta/recipes-support/libpcre/libpcre2_10.40.bb
@@ -8,13 +8,13 @@
HOMEPAGE = "http://www.pcre.org"
SECTION = "devel"
LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENCE;md5=43cfa999260dd853cd6cb174dc396f3d"
+LIC_FILES_CHKSUM = "file://LICENCE;md5=41bfb977e4933c506588724ce69bf5d2"
-SRC_URI = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2"
-
+SRC_URI = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2 \
+"
UPSTREAM_CHECK_URI = "https://github.com/PhilipHazel/pcre2/releases"
-SRC_URI[sha256sum] = "0f03caf57f81d9ff362ac28cd389c055ec2bf0678d277349a1a4bee00ad6d440"
+SRC_URI[sha256sum] = "14e4b83c4783933dc17e964318e6324f7cae1bc75d8f3c79bc6969f00c159d68"
CVE_PRODUCT = "pcre2"
diff --git a/poky/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb b/poky/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb
index e6260a7..4c0fb1d 100644
--- a/poky/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb
+++ b/poky/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb
@@ -3,7 +3,7 @@
HOMEPAGE = "https://github.com/seccomp/libseccomp"
SECTION = "security"
LICENSE = "LGPL-2.1-only"
-LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=7c13b3376cea0ce68d2d2da0a1b3a72c"
DEPENDS += "gperf-native"
@@ -37,6 +37,10 @@
for file in $(find tests/*.tests -type f); do
install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests
done
+ for file in $(find tests/*.pfc -type f); do
+ install -m 644 ${S}/${file} ${D}/${PTEST_PATH}/tests
+ done
+ install -m 644 ${S}/tests/valgrind_test.supp ${D}/${PTEST_PATH}/tests
for file in $(find tools/* -executable -type f); do
install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tools
done
diff --git a/poky/meta/recipes-support/libsoup/libsoup_3.0.6.bb b/poky/meta/recipes-support/libsoup/libsoup_3.0.7.bb
similarity index 94%
rename from poky/meta/recipes-support/libsoup/libsoup_3.0.6.bb
rename to poky/meta/recipes-support/libsoup/libsoup_3.0.7.bb
index 17825ae..59cc4a1 100644
--- a/poky/meta/recipes-support/libsoup/libsoup_3.0.6.bb
+++ b/poky/meta/recipes-support/libsoup/libsoup_3.0.7.bb
@@ -12,7 +12,7 @@
SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}"
SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz"
-SRC_URI[sha256sum] = "b45d59f840b9acf9bb45fd45854e3ef672f57e3ab957401c3ad8d7502ac23da6"
+SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8"
PROVIDES = "libsoup-3.0"
CVE_PRODUCT = "libsoup"
diff --git a/poky/meta/recipes-support/libxslt/libxslt_1.1.35.bb b/poky/meta/recipes-support/libxslt/libxslt_1.1.35.bb
index 51cfb2e..2fd7777 100644
--- a/poky/meta/recipes-support/libxslt/libxslt_1.1.35.bb
+++ b/poky/meta/recipes-support/libxslt/libxslt_1.1.35.bb
@@ -19,6 +19,10 @@
UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar"
+# We have libxml2 2.9.14 and we don't link statically with it anyway
+# so this isn't an issue.
+CVE_CHECK_IGNORE += "CVE-2022-29824"
+
S = "${WORKDIR}/libxslt-${PV}"
BINCONFIG = "${bindir}/xslt-config"
diff --git a/poky/meta/recipes-support/lzo/lzo/0001-Use-memcpy-instead-of-reinventing-it.patch b/poky/meta/recipes-support/lzo/lzo/0001-Use-memcpy-instead-of-reinventing-it.patch
index db3a70e..a0d2502 100644
--- a/poky/meta/recipes-support/lzo/lzo/0001-Use-memcpy-instead-of-reinventing-it.patch
+++ b/poky/meta/recipes-support/lzo/lzo/0001-Use-memcpy-instead-of-reinventing-it.patch
@@ -10,7 +10,15 @@
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757037
-Upstream-Status: Pending
+RP: Patch is still in debian as of 20220524 in a revised form:
+https://sources.debian.org/patches/lzo2/2.10-2/
+https://sources.debian.org/patches/lzo2/2.10-2/0001-Conditionally-replace-reinvention-of-memcpy-with-cal.patch/
+It was submitted in 2015, no reply to an email from RP in 2022 either.
+
+We likely need this in OE to prevent against unaligned accesses
+on systems such as armv5.
+
+Upstream-Status: Inactive-Upstream
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
minilzo/minilzo.c | 14 ++++++++++++++
diff --git a/poky/meta/recipes-support/popt/popt_1.18.bb b/poky/meta/recipes-support/popt/popt_1.18.bb
index af8add4..b465f88 100644
--- a/poky/meta/recipes-support/popt/popt_1.18.bb
+++ b/poky/meta/recipes-support/popt/popt_1.18.bb
@@ -17,7 +17,7 @@
inherit autotools gettext ptest
-RDEPENDS_${PN}-ptest += "bash"
+RDEPENDS:${PN}-ptest += "bash"
do_compile_ptest() {
sed 's#lt-test1#test1#g' ${S}/tests/testit.sh > ${B}/tests/testit.sh
diff --git a/poky/meta/recipes-support/sqlite/sqlite3_3.38.2.bb b/poky/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
similarity index 86%
rename from poky/meta/recipes-support/sqlite/sqlite3_3.38.2.bb
rename to poky/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
index a37aff6..d56a3a0 100644
--- a/poky/meta/recipes-support/sqlite/sqlite3_3.38.2.bb
+++ b/poky/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
@@ -4,7 +4,7 @@
LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz"
-SRC_URI[sha256sum] = "e7974aa1430bad690a5e9f79a6ee5c8492ada8269dc675875ad0fb747d7cada4"
+SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c"
# -19242 is only an issue in specific development branch commits
CVE_CHECK_IGNORE += "CVE-2019-19242"
diff --git a/poky/meta/recipes-support/vim/vim-tiny_8.2.bb b/poky/meta/recipes-support/vim/vim-tiny_9.0.bb
similarity index 100%
rename from poky/meta/recipes-support/vim/vim-tiny_8.2.bb
rename to poky/meta/recipes-support/vim/vim-tiny_9.0.bb
diff --git a/poky/meta/recipes-support/vim/vim.inc b/poky/meta/recipes-support/vim/vim.inc
index 21ff036..7e2c624 100644
--- a/poky/meta/recipes-support/vim/vim.inc
+++ b/poky/meta/recipes-support/vim/vim.inc
@@ -11,7 +11,7 @@
LICENSE = "Vim"
LIC_FILES_CHKSUM = "file://LICENSE;md5=6b30ea4fa660c483b619924bc709ef99 \
- file://runtime/doc/uganda.txt;md5=daf48235bb824c77fe8ae88d5f575f74"
+ file://runtime/doc/uganda.txt;md5=001ef779f422a0e9106d428c84495b4d"
SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
file://disable_acl_header_check.patch \
@@ -21,8 +21,8 @@
file://racefix.patch \
"
-PV .= ".4681"
-SRCREV = "15f74fab653a784548d5d966644926b47ba2cfa7"
+PV .= ".0021"
+SRCREV = "5e59ea54c0c37c2f84770f068d95280069828774"
# Remove when 8.3 is out
UPSTREAM_VERSION_UNKNOWN = "1"
diff --git a/poky/meta/recipes-support/vim/vim_8.2.bb b/poky/meta/recipes-support/vim/vim_9.0.bb
similarity index 100%
rename from poky/meta/recipes-support/vim/vim_8.2.bb
rename to poky/meta/recipes-support/vim/vim_9.0.bb
diff --git a/poky/meta/recipes-support/xxhash/xxhash_0.8.1.bb b/poky/meta/recipes-support/xxhash/xxhash_0.8.1.bb
index b3b9702..222ba7b 100644
--- a/poky/meta/recipes-support/xxhash/xxhash_0.8.1.bb
+++ b/poky/meta/recipes-support/xxhash/xxhash_0.8.1.bb
@@ -14,6 +14,8 @@
S = "${WORKDIR}/git"
+CFLAGS += "${@bb.utils.contains('SELECTED_OPTIMIZATION', '-Og', '-DXXH_NO_INLINE_HINTS', '', d)}"
+
do_compile () {
oe_runmake all
}
diff --git a/poky/scripts/contrib/oe-build-perf-report-email.py b/poky/scripts/contrib/oe-build-perf-report-email.py
index c900720..7192113 100755
--- a/poky/scripts/contrib/oe-build-perf-report-email.py
+++ b/poky/scripts/contrib/oe-build-perf-report-email.py
@@ -27,17 +27,6 @@
log = logging.getLogger('oe-build-perf-report')
-def check_utils():
- """Check that all needed utils are installed in the system"""
- missing = []
- for cmd in ('phantomjs', 'optipng'):
- if not shutil.which(cmd):
- missing.append(cmd)
- if missing:
- log.error("The following tools are missing: %s", ' '.join(missing))
- sys.exit(1)
-
-
def parse_args(argv):
"""Parse command line arguments"""
description = """Email build perf test report"""
@@ -101,8 +90,6 @@
if args.debug:
log.setLevel(logging.DEBUG)
- check_utils()
-
if args.outdir:
outdir = args.outdir
if not os.path.exists(outdir):
diff --git a/poky/scripts/git b/poky/scripts/git
new file mode 100755
index 0000000..644055e
--- /dev/null
+++ b/poky/scripts/git
@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+#
+# Wrapper around 'git' that doesn't think we are root
+
+import os
+import shutil
+import sys
+
+os.environ['PSEUDO_UNLOAD'] = '1'
+
+# calculate path to the real 'git'
+path = os.environ['PATH']
+# we need to remove our path but also any other copy of this script which
+# may be present, e.g. eSDK.
+replacements = [os.path.dirname(sys.argv[0])]
+for p in path.split(":"):
+ if p.endswith("/scripts"):
+ replacements.append(p)
+for r in replacements:
+ path = path.replace(r, '/ignoreme')
+real_git = shutil.which('git', path=path)
+
+if len(sys.argv) == 1:
+ os.execl(real_git, 'git')
+
+os.execv(real_git, sys.argv)
diff --git a/poky/scripts/git-intercept/git b/poky/scripts/git-intercept/git
deleted file mode 100755
index 8adf5c9..0000000
--- a/poky/scripts/git-intercept/git
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/usr/bin/env python3
-#
-# Wrapper around 'git' that doesn't think we are root
-
-import os
-import shutil
-import sys
-
-os.environ['PSEUDO_UNLOAD'] = '1'
-
-# calculate path to the real 'git'
-path = os.environ['PATH']
-path = path.replace(os.path.dirname(sys.argv[0]), '')
-real_git = shutil.which('git', path=path)
-
-if len(sys.argv) == 1:
- os.execl(real_git, 'git')
-
-os.execv(real_git, sys.argv)
diff --git a/poky/scripts/lib/devtool/standard.py b/poky/scripts/lib/devtool/standard.py
index 01fb5ad..c98bfe8 100644
--- a/poky/scripts/lib/devtool/standard.py
+++ b/poky/scripts/lib/devtool/standard.py
@@ -353,7 +353,7 @@
bb.utils.mkdirhier(dst_d)
shutil.move(src, dst)
-def _copy_file(src, dst, dry_run_outdir=None):
+def _copy_file(src, dst, dry_run_outdir=None, base_outdir=None):
"""Copy a file. Creates all the directory components of destination path."""
dry_run_suffix = ' (dry-run)' if dry_run_outdir else ''
logger.debug('Copying %s to %s%s' % (src, dst, dry_run_suffix))
@@ -520,7 +520,9 @@
for event in history:
if not 'flag' in event:
if event['op'].startswith((':append[', ':prepend[')):
- extra_overrides.append(event['op'].split('[')[1].split(']')[0])
+ override = event['op'].split('[')[1].split(']')[0]
+ if not override.startswith('pn-'):
+ extra_overrides.append(override)
# We want to remove duplicate overrides. If a recipe had multiple
# SRC_URI_override += values it would cause mulitple instances of
# overrides. This doesn't play nicely with things like creating a
@@ -1604,6 +1606,19 @@
if not os.path.exists(append):
raise DevtoolError('unable to find workspace bbappend for recipe %s' %
recipename)
+ srctreebase = workspace[recipename]['srctreebase']
+ relpatchdir = os.path.relpath(srctreebase, srctree)
+ if relpatchdir == '.':
+ patchdir_params = {}
+ else:
+ patchdir_params = {'patchdir': relpatchdir}
+
+ def srcuri_entry(fname):
+ if patchdir_params:
+ paramstr = ';' + ';'.join('%s=%s' % (k,v) for k,v in patchdir_params.items())
+ else:
+ paramstr = ''
+ return 'file://%s%s' % (basepath, paramstr)
initial_rev, update_rev, changed_revs, filter_patches = _get_patchset_revs(srctree, append, initial_rev, force_patch_refresh)
if not initial_rev:
@@ -1625,7 +1640,6 @@
new_f = {}
del_f = {}
else:
- srctreebase = workspace[recipename]['srctreebase']
upd_f, new_f, del_f = _export_local_files(srctree, rd, local_files_dir, srctreebase)
remove_files = []
@@ -1661,14 +1675,15 @@
removedentries, remaining = _remove_file_entries(
srcuri, remove_files)
if removedentries or remaining:
- remaining = ['file://' + os.path.basename(item) for
+ remaining = [srcuri_entry(os.path.basename(item)) for
item in remaining]
removevalues = {'SRC_URI': removedentries + remaining}
appendfile, destpath = oe.recipeutils.bbappend_recipe(
rd, appendlayerdir, files,
wildcardver=wildcard_version,
removevalues=removevalues,
- redirect_output=dry_run_outdir)
+ redirect_output=dry_run_outdir,
+ params=[patchdir_params] * len(files))
else:
logger.info('No patches or local source files needed updating')
else:
@@ -1692,7 +1707,7 @@
# replace the entry in SRC_URI with our local version
logger.info('Replacing remote patch %s with updated local version' % basepath)
path = os.path.join(files_dir, basepath)
- _replace_srcuri_entry(srcuri, basepath, 'file://%s' % basepath)
+ _replace_srcuri_entry(srcuri, basepath, srcuri_entry(basepath))
updaterecipe = True
else:
logger.info('Updating patch %s%s' % (basepath, dry_run_suffix))
@@ -1706,7 +1721,7 @@
os.path.join(files_dir, basepath),
dry_run_outdir=dry_run_outdir,
base_outdir=recipedir)
- srcuri.append('file://%s' % basepath)
+ srcuri.append(srcuri_entry(basepath))
updaterecipe = True
for basepath, path in new_p.items():
logger.info('Adding new patch %s%s' % (basepath, dry_run_suffix))
@@ -1714,7 +1729,7 @@
os.path.join(files_dir, basepath),
dry_run_outdir=dry_run_outdir,
base_outdir=recipedir)
- srcuri.append('file://%s' % basepath)
+ srcuri.append(srcuri_entry(basepath))
updaterecipe = True
# Update recipe, if needed
if _remove_file_entries(srcuri, remove_files)[0]:
diff --git a/poky/scripts/lib/recipetool/create_buildsys_python.py b/poky/scripts/lib/recipetool/create_buildsys_python.py
index f4f51c8..5686a62 100644
--- a/poky/scripts/lib/recipetool/create_buildsys_python.py
+++ b/poky/scripts/lib/recipetool/create_buildsys_python.py
@@ -209,6 +209,18 @@
continue
if line.startswith('['):
+ # PACKAGECONFIG must not contain expressions or whitespace
+ line = line.replace(" ", "")
+ line = line.replace(':', "")
+ line = line.replace('.', "-dot-")
+ line = line.replace('"', "")
+ line = line.replace('<', "-smaller-")
+ line = line.replace('>', "-bigger-")
+ line = line.replace('_', "-")
+ line = line.replace('(', "")
+ line = line.replace(')', "")
+ line = line.replace('!', "-not-")
+ line = line.replace('=', "-equals-")
current_feature = line[1:-1]
elif current_feature:
extras_req[current_feature].append(line)
@@ -297,6 +309,7 @@
lines_after.append('# The following configs & dependencies are from setuptools extras_require.')
lines_after.append('# These dependencies are optional, hence can be controlled via PACKAGECONFIG.')
lines_after.append('# The upstream names may not correspond exactly to bitbake package names.')
+ lines_after.append('# The configs are might not correct, since PACKAGECONFIG does not support expressions as may used in requires.txt - they are just replaced by text.')
lines_after.append('#')
lines_after.append('# Uncomment this line to enable all the optional features.')
lines_after.append('#PACKAGECONFIG ?= "{}"'.format(' '.join(k.lower() for k in extras_req)))
diff --git a/poky/scripts/lib/wic/plugins/source/rootfs.py b/poky/scripts/lib/wic/plugins/source/rootfs.py
index 2e34e71..25bb41d 100644
--- a/poky/scripts/lib/wic/plugins/source/rootfs.py
+++ b/poky/scripts/lib/wic/plugins/source/rootfs.py
@@ -50,7 +50,7 @@
@staticmethod
def __get_rootfs_dir(rootfs_dir):
- if os.path.isdir(rootfs_dir):
+ if rootfs_dir and os.path.isdir(rootfs_dir):
return os.path.realpath(rootfs_dir)
image_rootfs_dir = get_bitbake_var("IMAGE_ROOTFS", rootfs_dir)
@@ -97,6 +97,9 @@
part.has_fstab = os.path.exists(os.path.join(part.rootfs_dir, "etc/fstab"))
pseudo_dir = os.path.join(part.rootfs_dir, "../pseudo")
if not os.path.lexists(pseudo_dir):
+ pseudo_dir = os.path.join(cls.__get_rootfs_dir(None), '../pseudo')
+
+ if not os.path.lexists(pseudo_dir):
logger.warn("%s folder does not exist. "
"Usernames and permissions will be invalid " % pseudo_dir)
pseudo_dir = None
diff --git a/poky/scripts/wic b/poky/scripts/wic
index aee63a4..06e0b48 100755
--- a/poky/scripts/wic
+++ b/poky/scripts/wic
@@ -209,7 +209,7 @@
logger.info(" (Please check that the build artifacts for the machine")
logger.info(" selected in local.conf actually exist and that they")
logger.info(" are the correct artifacts for the image (.wks file)).\n")
- raise WicError("The artifact that couldn't be found was %s:\n %s", not_found, not_found_dir)
+ raise WicError("The artifact that couldn't be found was %s:\n %s" % (not_found, not_found_dir))
krootfs_dir = options.rootfs_dir
if krootfs_dir is None: