subtree updates

meta-security: 498ca39cd6..93f2146211:
  Anton Antonov (1):
        Upgrade parsec-service to 1.0.0 and parsec-tool to 0.5.2

  Joe Slater (1):
        LICENSE: update to SPDX standard names

  Petr Gotthard (6):
        tpm2-tools: fix missing version number
        tpm2-openssl: update to 1.1.0
        tpm2-tss: update to 3.2.0
        tpm2-abrmd: update to 2.4.1
        tpm2-tss-engine: fix version string and build with openssl 3.0
        tpm2-pkcs11: update to 1.8.0

  Ranjitsinh Rathod (1):
        samhain.inc: Correct LICENSE to GPL-2.0-only

poky: 30b38d9cb9..9e55696042:
  Abongwa Amahnui Bonalais (2):
        documentation/brief-yoctoprojectqs: add directory for local.conf
        dev-manual: add command used to add the signed-off-by line.

  Alex Kiernan (12):
        kernel: Delete unused KERNEL_LOCALVERSION variable
        wpa-supplicant: Reorder/group following style guide
        wpa-supplicant: Avoid changing directory in do_install
        wpa-supplicant: Use PACKAGE_BEFORE_PN/${PN}
        wpa-supplicant: Backport libwpa/clean build fixes
        wpa-supplicant: Build static library if not DISABLE_STATIC
        wpa-supplicant: Use upstream defconfig
        wpa-supplicant: Simplify build/install flow
        wpa-supplicant: Package dynamic modules
        wpa-supplicant: Install wpa_passphrase when not disabled
        wpa-supplicant: Package shared library into wpa-supplicant-lib
        eudev: Remove unused files

  Alexander Kanavin (35):
        webkitgtk: update 2.34.6 -> 2.36.0
        epiphany: upgrade 41.3 -> 42.0
        itstool: correct upstream version check
        piglit: update to latest revision
        vulkan-samples: update to latest revision
        libxvmc: update 1.0.12 -> 1.0.13
        libsndfile1: update 1.0.31 -> 1.1.0
        at-spi2-core: update 2.42.0 -> 2.44.0
        cmake: update 3.22.3 -> 3.23.0
        gdk-pixbuf: upgrade 2.42.6 -> 2.42.8
        librsvg: upgrade 2.52.7 -> 2.54.0
        libgcrypt: upgrade 1.9.4 -> 1.10.1
        llvm: update 13.0.1 -> 14.0.0
        llvm: use default install paths
        squashfs-tools: update 4.5 -> 4.5.1
        webkitgtk: adjust patch status
        go-helloworld: update to latest revision
        libxml2: update patch status
        python3-psutil: submit patch upstream
        gnu-config: update to latest revision
        go-helloworld: update to latest revision
        piglit: update to latest revision
        vulkan-samples: update to latest revision
        python3-typing-extensions: upgrade 3.10.0.0 -> 4.2.0
        python3-pyparsing: upgrade 3.0.7 -> 3.0.8
        glib: upgrade 2.72.0 -> 2.72.1
        go: update 1.18 -> 1.18.1
        meson: update 0.61.3 -> 0.62.1
        icu: update 70.1 -> 71.1
        valgrind: update 3.18.1 -> 3.19.0
        libcap-ng: update 0.8.2 -> 0.8.3
        libgpg-error: 1.44 -> 1.45
        cmake: update 3.23.0 -> 3.23.1
        stress-ng: upgrade 0.13.12 -> 0.14.00
        llvm: update 14.0.0 -> 14.0.1

  Alexandre Belloni (1):
        cmake: update license hashes

  Andrei Gherzan (1):
        automake: Drop redundant 'u' flag in ARFLAGS

  Bruce Ashfield (3):
        linux-yocto-dev: update to v5.18+
        lttng-modules: support kernel 5.18+
        kernel-yocto: allow patch author date to be commit date

  Carlos Rafael Giani (2):
        gstreamer1.0-plugins-good: Fix libsoup dependency
        gstreamer1.0: Minor documentation addition

  Chen Qi (3):
        cases/buildepoxy.py: fix typo
        go.bbclass: disable the use of the default configuration file
        go-helloworld: remove unused GO_WORKDIR

  Davide Gardenal (2):
        create-spdx: fix error when symlink cannot be created
        create-spdx: delete virtual/kernel dependency to fix FreeRTOS build

  Dmitry Baryshkov (5):
        linux-firmware: correct license for ar3k firmware
        linux-firmware: split ath3k firmware
        arch-armv8-2a.inc: fix a typo in TUNEVALID variable
        arch-armv8-4a.inc: add tune include for armv8.4a
        image.bbclass: allow overriding dependency on virtual/kernel:do_deploy

  Ferry Toth (2):
        apt: add apt selftest to test signed package feeds
        package_manager: fix missing dependency on gnupg when signing deb package feeds

  Henning Schild (1):
        wic: do not use PARTLABEL for msdos partition tables

  Jacob Kroon (1):
        zlib: Add patch to fix building icedtea7-native from meta-java

  Jasper Orschulko (1):
        repo: upgrade 2.22 -> 2.23

  Jiaqing Zhao (3):
        sed: Specify shell for "nobody" user in run-ptest
        base-passwd: Disable shell for default users
        strace: Don't run ptest as "nobody"

  Joerg Vehlow (1):
        go: Always pass interpreter to linker

  Jon Mason (4):
        linux-yocto: Remove unnecessary, commented out qemuarm entry
        qemuarm64: use virtio pci interfaces
        poky-tiny: enable qemuarmv5/qemuarm64 and cleanups
        poky-tiny: add a distro description

  Justin Bronder (1):
        pulseaudio: conditionally depend on alsa-plugins-pulseaudio-conf

  Kai Kang (1):
        update_udev_hwdb: fix multilib issue with systemd

  Khem Raj (28):
        webkitgtk: Add missing header locale.h
        python3: Do not detect multiarch when cross compiling
        kernel-devsrc: Check for gen_vdso_offsets.sh before copying on riscv
        babeltrace: Disable warnings as errors
        xserver-xorg: Fix build with gcc12
        systemtap: Fix build with gcc-12
        gnupg: Disable FORTIFY_SOURCES on mips
        riscv: Add tunes for rv64 without compressed instructions
        mdadm: Drop clang specific cflags
        harfbuzz: Upgrade to 4.2.0
        pango: Upgrade to 1.50.6
        pango: Drop using additional cflags with clang
        pango: Skip test-layout ptest
        go: Upgrade to 1.18
        go: Drop GOBUILDMODE
        go: Disable pie in cgo for mips
        go-target: Pass -trimpath to go linker
        seatd: Disable overflow warning as error on ppc64/musl
        gcc: Upgrade to 11.3 release
        musl: Fix build when usrmerge distro feature is enabled
        gcompat: Fix build when usrmerge distro feature is enabled
        libc-glibc: Use libxcrypt to provide virtual/crypt
        glibc: Update to latest 2.35 tip
        qemu.bbclass: Extend ppc/ppc64 extra options
        busybox: Use base_bindir instead of hardcoding /bin path
        musl-locales: Add package
        util-linux: Create u-a symlink for findfs utility
        kmod: Enable xz support by default

  Konrad Weihmann (11):
        kern-tools-native: add missing license
        gmp: add missing COPYINGv3
        itstool: add missing COPYING.GPL3
        libcap: add pam_cap license
        libsdl2: fix license
        libidn2: add Unicode-DFS-2016 license
        gettext: add MIT conditional as license
        python3-pip: correct license
        cmake: add missing licenses
        git: correct license
        ncurses: use COPYING file

  Lee Chee Yang (1):
        migration-guides: release-notes-4.0: update 'Repositories / Downloads' section

  Marius Kriegerowski (1):
        bitbake: bitbake-diffsigs: Make PEP8 compliant

  Martin Jansa (1):
        systemd-boot: remove outdated EFI_LD comment

  Matt Madison (1):
        bitbake: providers: use local variable for packages_dynamic pattern

  Michael Halstead (3):
        releases: update for yocto 4.0
        set_versions: update for 4.0 release
        releases: update to include 3.3.6

  Michael Opdenacker (5):
        meta-poky: update conf-notes.txt
        overview-manual: licensing section fixes
        manuals: correct and improve descriptions of Autotools
        manuals: refer to "YP Compatible" layers instead of "curated" ones
        migration-guides: release-notes-4.0: mention LTS release

  Naveen Saini (1):
        gstreamer1.0-plugins-bad: drop patch

  Nicolas Dechesne (2):
        migration-guides: stop including documents with ".. include"
        sanity: skip make 4.2.1 warning for debian

  Olaf Mandel (1):
        bitbake: fetch2/git: canonicalize ids in generated tarballs

  Paul Eggleton (9):
        migration-3.4: add missing entry on EXTRA_USERS_PARAMS
        ref-manual: add a note about hard-coded passwords
        ref-manual: mention wildcarding support in INCOMPATIBLE_LICENSE
        ref-manual: add mention of vendor filtering to CVE_PRODUCT
        ref-manual: add KERNEL_DEBUG_TIMESTAMPS
        ref-manual: add empty-dirs QA check and QA_EMPTY_DIRS*
        migration-guides: complete migration guide for 4.0
        migration-guides: add release notes for 4.0
        ref-manual: add ZSTD_THREADS

  Paul Gortmaker (1):
        install/devshell: Introduce git intercept script due to fakeroot issues

  Paulo Neves (1):
        selftest/lic_checksum: Add test for filename containing space

  Pavel Zhukov (1):
        bitbake: fetch2: Add GIT_SSH_COMMAND to the list of exports

  Peter Kjellerstedt (8):
        bitbake: pyinotify.py: Simplify identification of which event has occurred
        shadow: Disable the use of syslog() for the native tools
        u-boot: Correct the SRC_URI
        u-boot: Inherit pkgconfig
        bitbake: fetch2/git: Simplify the validation of SHA-1 revisions
        terminal.py: Restore error output from Terminal
        devshell.bbclass: Allow devshell & pydevshell to use the network
        license_image.bbclass: Make QA errors fail the build

  Peter Marko (1):
        openssl: extract legacy provider module to a separate package

  Pgowda (2):
        glibc: ptest: Fix glibc-tests package issue
        rust: update 1.59.0 -> 1.60.0

  Portia (2):
        volatile-binds: Change DefaultDependencies from false to no
        volatile-binds: Remove TimeoutSec and allow DefaultTimeoutSec to be used

  Quentin Schulz (15):
        docs: sphinx-static: switchers.js.in: remove duplicate for outdated versions
        docs: set_versions.py: add information about obsolescence of a release
        docs: sphinx-static: switchers.js.in: improve obsolete version detection
        docs: set_versions.py: fix latest release of a branch being shown twice in switchers.js
        docs: set_versions.py: fix latest version of an active release shown as obsolete
        docs: update Bitbake objects.inv location for master branch
        docs: set_versions.py: mark as obsolete only branches and old tags from obsolete releases
        docs: sphinx-static: switchers.js.in: rename all_versions to switcher_versions
        docs: sphinx-static: switchers.js.in: fix broken switcher for branches
        docs: sphinx-static: switchers.js.in: do not mark branches as outdated
        docs: conf.py: fix cve extlinks caption for sphinx <4.0
        docs: ref-manual: variables: add hashed password example in EXTRA_USERS_PARAMS
        docs: migration-guides: migration-3.4: mention that hardcoded password are supported if hashed
        docs: migration-guides: release-notes-4.0: fix risc-v typo
        docs: migration-guides: release-notes-4.0: replace kernel placeholder with correct recipe name

  Rahul Kumar (1):
        neard: Switch SRC_URI to git repo

  Ricardo Salveti (1):
        bitbake: fetch2/crate: fix logger.debug line

  Richard Purdie (47):
        qemu: Add fix for CVE-2022-1050
        tiff: Add marker for CVE-2022-1056 being fixed
        git: Ignore CVE-2022-24975
        Revert "adwaita-icon-theme: upgrade 41.0 -> 42.0"
        migration-guide: Kirkstone is now 4.0
        local.conf.sample: Update for 4.0 in sstate url
        externalsrc/devtool: Fix to work with fixed export funcition flags handling
        sanity: Show a warning that make 4.2.1 is buggy on non-ubuntu systems
        runqemu: Allow auto detection of the correct graphics options
        bitbake: checksum: Allow spaces in URI filenames
        bitbake: ast: Improve function flags handling for EXPORT_FUNCTIONS
        rxvt-unicode: Fix icon name
        puzzles: Drop broken icon
        build-appliance-image: Update to master head revision
        build-appliance-image: Update to master head revision
        bluez5: Add fix for startup issues under systemd
        build-appliance-image: Update to master head revision
        alsa-tools: Ensure we install correctly
        libxshmfence: Correct LICENSE to HPND
        bitbake.conf: Correct BB_SIGNATURE_EXCLUDE_FLAGS
        git: Upgrade 2.35.1 -> 2.35.2
        build-appliance-image: Update to master head revision
        buildtools-tarball: Only add cert envvars if certs are included
        buildtools: Add standalone make tarball
        poky: Use INIT_MANAGER in main distro config
        bitbake: tests/parse: Fix one test overwriting another
        bitbake: server/process: Drop unused import
        bitbake: ui/buildinfohelper: Drop unused import
        bitbake: cooker: Drop unused loop
        bitbake: msg: Drop unused local variable
        bitbake: buildinfohelper: Drop unused function
        bitbake: fetch2/crate: Drop unused import
        bitbake: siggen: Drop pointless break statement
        bitbake: ui/knotty: Drop pointless pass statement
        bitbake: persist_data: Use a valid exception for missing implementation
        bitbake: runqueue: Drop pointless variable assignment
        bitbake: buildinfohelper: Drop unused variables
        poky/meta-yocto-bsp: Post release version/codename updates
        xorg-app: Tweak handling of compression changes in SRC_URI
        ref-manual: Add XZ_THREADS and XZ_MEMLIMIT
        set_versions: Add a getlatest command to obtain the latest release branch name
        layer.conf: Post release codename changes
        base: Drop git intercept
        bitbake: fetch2/osc: Add missing parameter
        staging: Ensure we filter out ourselves
        lib/sstatesig: Fix find_siginfo to match sstate filename generation
        bitbake: runqueue: Fix sig file location when using multiconfig

  Robert Joslyn (1):
        curl: Update to 7.83.0

  Robert Yang (1):
        bitbake: fetch2/ssh.py: decode path back for ssh

  Ross Burton (12):
        zlib: upgrade to 1.2.12
        qemu: backport a patch to optionally disable i8042 (AT and PS/2) hardware
        qemux86-64: disable legacy i8042 (AT keyboard, PS/2 mouse)
        e2fsprogs: fix CVE-2022-1304
        subversion: upgrade to 1.14.2
        python3: ignore CVE-2015-20107
        bitbake.conf: mark all directories as safe for git to read
        cve_check: skip remote patches that haven't been fetched when searching for CVE tags
        cve-check: no need to depend on the fetch task
        poky.conf: set PACKAGE_CLASSES explicitly to package_rpm
        distro/poky-tiny: don't put translations into images
        musl-locales: explicitly depend on gettext-native

  Russ Dill (2):
        package.bbclass: Prevent perform_packagecopy from removing /sysroot-only
        kernel-yocto.bbclass: Fixup do_kernel_configcheck usage of KMETA

  Schmidt, Adriaan (1):
        bitbake: bitbake-diffsigs: make finding of changed signatures more robust

  Scott Murray (1):
        runqemu: Do not auto detect graphics if publicvnc is specified

  Sean Anderson (1):
        wic: Add dependencies for erofs-utils

  Simone Weiss (1):
        libgpg-error: Add ptest

  Stefan Herbrechtsmeier (1):
        recipetool: Do not use mutable default arguments in Python

  Steve Sakoman (3):
        busybox: fix CVE-2022-28391
        lua: fix CVE-2022-28805
        scripts/contrib/oe-build-perf-report-email.py: remove obsolete check for phantomjs and optipng

  Xu Huan (5):
        python3-dbusmock: upgrade 0.27.3 -> 0.27.5
        python3-pip: upgrade 22.0.3 -> 22.0.4
        python3-zipp: upgrade 3.7.0 -> 3.8.0
        python3-hypothesis: upgrade 6.39.5 -> 6.41.0
        python3-sphinx: upgrade 4.4.0 -> 4.5.0

  wangmy (34):
        freetype: upgrade 2.11.1 -> 2.12.0
        ghostscript: upgrade 9.55.0 -> 9.56.1
        libsoup: upgrade 3.0.5 -> 3.0.6
        libx11: upgrade 1.7.3.1 -> 1.7.5
        acpica: upgrade 20211217 -> 20220331
        apt: upgrade 2.4.3 -> 2.4.4
        dpkg: upgrade 1.21.4 -> 1.21.7
        fontconfig: upgrade 2.13.1 -> 2.14.0
        mc: upgrade 4.8.27 -> 4.8.28
        shared-mime-info: upgrade 2.1 -> 2.2
        strace: upgrade 5.16 -> 5.17
        sysvinit: upgrade 3.01 -> 3.02
        libbsd: upgrade 0.11.5 -> 0.11.6
        boost: upgrade 1.78.0 -> 1.79.0
        enchant2: upgrade 2.3.2 -> 2.3.3
        help2man: upgrade 1.49.1 -> 1.49.2
        json-c: upgrade 0.15 -> 0.16
        libaio: upgrade 0.3.112 -> 0.3.113
        libusb1: upgrade 1.0.25 -> 1.0.26
        libgit2: upgrade 1.4.2 -> 1.4.3
        libcap: upgrade 2.63 -> 2.64
        linux-firmware: upgrade 20220310 -> 20220411
        mtools: upgrade 4.0.38 -> 4.0.39
        libpcre2: upgrade 10.39 -> 10.40
        python3-jsonpointer: upgrade 2.2 -> 2.3
        python3-sphinx-rtd-theme: upgrade 0.5.0 -> 1.0.0
        dropbear: upgrade 2020.81 -> 2022.82
        gptfdisk: upgrade 1.0.8 -> 1.0.9
        kexec-tools: upgrade 2.0.23 -> 2.0.24
        libxcursor: upgrade 1.2.0 -> 1.2.1
        mkfontscale: upgrade 1.2.1 -> 1.2.2
        xdpyinfo: upgrade 1.3.2 -> 1.3.3
        apt: upgrade 2.4.4 -> 2.4.5
        python3-hypothesis: upgrade 6.41.0 -> 6.44.0

  zhengruoqin (7):
        createrepo-c: upgrade 0.19.0 -> 0.20.0
        expat: upgrade 2.4.7 -> 2.4.8
        ethtool: upgrade 5.16 -> 5.17
        git: upgrade 2.35.2 -> 2.35.3
        openssh: upgrade 8.9p1 -> 9.0p1
        wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
        ruby: upgrade 3.1.1 -> 3.1.2

meta-openembedded: 1888971b1f..77c2fda04e:
  Alex Kiernan (2):
        audit: Upgrade 3.0.6 -> 3.0.7
        mosh: Drop perl dependencies from server

  Andreas Müller (21):
        libnma: upgrade 1.8.36 -> 1.8.38
        gnome-control-center: upgrade 41.2 -> 42.0
        gnome-flashback: upgrade 3.42.1 -> 3.44.0
        gnome-panel: upgrade 3.42.0 -> 3.44.0
        gnome-session: upgrade 41.3 -> 42.0
        gnome-shell-extensions: upgrade 41.1 -> 42.0
        gthumb: upgrade 3.12.0 -> 3.12.2
        ibus: upgrade 1.5.23+ -> 1.5.26
        libportal: upgrade 0.5 -> 0.6
        network-manager-applet: upgrade 1.24.0 -> 1.24.0
        sysprof: upgrade 3.42.1 -> 3.44.0
        gnome-shell: fix bluetooth PACKAGECONFIG
        packagegroup-gnome-desktop: replace gnome-bluetooth by gnome-bluetooth4
        gnome-bluetooth: avoid clashes with gnome-bluetooth4
        gnome-bluetooth: rename recipes to avoid suffix in future
        gnome-bluetooth: Add PACKAGECONFIG pulseaudio and filter by distro-feature
        gnome-backgrounds: upgrade 41.0 -> 42.0
        gnome-settings-daemon: upgrade 41.0 -> 42.1
        libgweather4: Fix introspection build
        gjs: Add cairo to DEPENDS unconditionally
        gnome-shell-extensions: Stop copying gnome-classic session to wayland

  Andrej Valek (1):
        poco: upgrade 1.11.1 -> 1.11.2

  Armin Kuster (1):
        meta-oe-image: fix build depends

  Bassem Boubaker (1):
        conntrack-tools: Fix missing capability

  Ben Fekih, Hichem (1):
        sdbus-c++-libsystemd: bugfix dev package is not installed

  Carlos Rafael Giani (1):
        pipewire: Upgrade to version 0.3.50

  Changqing Li (1):
        drbd-utils: fix for usrmerge

  Dmitry Baryshkov (1):
        gpsd: split python utils from gps-utils

  Hongxu Jia (1):
        cdrkit: add new option -eltorito-platform for genimageiso

  Jan Vermaete (1):
        netdata: version bump 1.33.1 -> 1.34.1

  Jiaqing Zhao (1):
        libesmtp: Disable NTLM support by default

  KARN JYE LAU (1):
        icewm:include imlib2-loaders package

  Kai Kang (1):
        python3-blivetgui: use symbolic list-add and edit- icons

  Khem Raj (60):
        dbus-cxx: Include missing <utility> header
        safec: Upgrade to 3.7.1
        mongodb: Update to 4.4.13
        libkcapi: Upgrade to 1.4.0
        libpfm4: Remove -Werror from compiler flags
        parallel-deqp-runner: Fix build with gcc 12
        glmark2: Fix build with gcc12
        memcached: Upgrade to 1.6.15
        tvheadend: Update to latest trunk
        ot-br-posix: Disable Wsign-compare for clang
        opensaf: Fix build with gcc 12
        boost-sml: Disable examples
        mpich: Add new directory modules/hwloc/config to search path
        gnulib: Do not use git operations to install the sources
        sysprof: Fix build to work with llvm libunwind
        linuxconsole: Fix makefile issue found with clang
        mongodb: Fix aarch64 build with gcc12
        libcereal: Link libatomics with gcc as well
        wpantund: Add missing dependency on boost
        gimp: Disable vector icons on 32bit systems
        mozjs-91: Upgrade to 91.8.0
        mozjs-78: Switch to system libicu
        nodejs: Upgrade to 16.14.2
        ot-br-posix: Fix build with gcc
        dlt-daemon: Fix build on rv32/rv64
        grpc: Fix build with rv32/rv64
        ltrace: Fix build on ppc64 with gcc12
        opencv: Fix build with gcc-12 on ppc64
        mozjs-91: Disable strip
        mozjs-91: Add option to use system ICU
        sysprof: Remove libunwind on rv32
        crash: Fix build for mips target
        tcsh: Do not install symlinks into /bin with usrmerge
        arno-iptables-firewall: Do not use bitbake variable inside S
        fluentbit: Fix build with usrmerge distro feature
        tomoyo-tools: Define SBINDIR
        tomoyo-tools: Drop md5sum
        gradm: Upgrade to 3.1-202111052217
        babeld: Upgrade to 1.11
        scsirastools: Fix build with usrmerge
        dietsplash: specify install rootdir
        linux-atm: Add knob to root prefix
        ufw: Fix build with usrmerge distro feature
        netdata: Fix build errors with clang
        klibc: Recognise --dyld-prefix clang option
        mozjs: Use vendored icu on ppc/clang
        boinc-client: Do not overwrite same file when using usrmerge
        pam-ssh-agent-auth: Use specific versions of BSD licenses
        fwupd: Enable build with musl
        lirc: install systemd units only when using systemd distro feature
        fluentbit: Disable systemd support when systemd distro feature is disabled
        gtksourceview5: Allow wayland or x11
        gtkmm3: Allow wayland or x11 in distro features
        gparted: Allow wayland or x11 distro features
        lirc: Delete systemd unit files on non systemd distros
        atkmm: Allow build with wayland
        pangomm: Allow building with wayland
        lockdev: Drop cumulative debian patch
        boinc-client: Make script install not depend on host install paths
        babl: Fix build with meson 0.62+

  Leon Anavi (2):
        python3-bitstruct: Upgrade 8.13.0 -> 8.14.0
        python3-marshmallow: Upgrade 3.14.1 -> 3.15.0

  Marguet, Nicolas (1):
        openjpeg: fix CVE-2022-1122

  Mingli Yu (4):
        tgt: move from meta-openstack
        libconfig-general-perl: move from meta-openstack
        crash: Upgrade to 8.0.0
        makedumpfile: Upgrade to 1.7.1

  Oleksandr Kravchuk (4):
        htpdate: update to 1.3.3
        redis: upgrade to 7.0-rc3
        pkcs11-helper: fix PV
        python3-imgtool: update to 1.9.0

  Peter Kjellerstedt (3):
        gpsd: Only copy the Python files if they are created
        poppler: Support building for native
        gpsd: Correct the creation of the gps-utils-python package

  Preeti Sachan (1):
        gnuplot: inherit pkgconfig

  Robert Yang (1):
        libldb: Fix installed-vs-shipped and rebuild error

  Suhrid_S (1):
        clinfo: Upgrade 2.2.18.04.06 -> 3.0.21.02.21

  Trevor Gamblin (2):
        nftables: add ptest
        phoronix-test-suite: upgrade 10.8.1 -> 10.8.2

  Willy Tu (1):
        absil-cpp: Update SRC_URI to to the latest google internal sync

  Xu Huan (10):
        python3-redis: upgrade 4.2.1 -> 4.2.2
        python3-sentry-sdk: upgrade 1.5.7 -> 1.5.8
        python3-sqlalchemy: upgrade 1.4.34 -> 1.4.35
        python3-graphviz: upgrade 0.19.1 -> 0.19.2
        python3-kivy: upgrade 2.0.0 -> 2.1.0
        python3-aenum: upgrade 3.1.8 -> 3.1.11
        python3-aws-iot-device-sdk-python: upgrade 1.5.1 -> 1.5.2
        python3-cmd2: upgrade 2.4.0 -> 2.4.1
        python3-django: upgrade 2.2.27 -> 2.2.28
        python3-imageio: upgrade 2.16.1 -> 2.17.0

  Yi Zhao (6):
        frr: add recipe
        libldb: upgrade 2.3.2 -> 2.3.3
        samba: upgrade 4.14.12 -> 4.14.13
        frr: install correct initscript
        frr: add PACKAGECONFIG for fpm
        frr: inherit autotools-brokensep instead of autotools

  wangmy (51):
        nbdkit: upgrade 1.25.7 -> 1.30.2
        icewm: upgrade 2.9.0 -> 2.9.6
        lapack: upgrade 3.9.0 -> 3.10.0
        libbpf: upgrade 0.5.0 -> 0.7.0
        libmtp: upgrade 1.1.18 -> 1.1.19
        logwatch: upgrade 7.5.3 -> 7.6
        mpich: upgrade 3.4.3 -> 4.0.2
        libvpx: upgrade 1.8.2 -> 1.11.0
        linuxconsole: upgrade 1.7.0 -> 1.7.1
        mercurial: upgrade 5.5 -> 6.1
        ocl-icd: upgrade 2.3.0 -> 2.3.1
        octave: upgrade 6.4.0 -> 7.1.0
        rdma-core: upgrade 39.0 -> 40.0
        pam-plugin-ldapdb: upgrade 1.3 -> 1.3.1
        pax-utils: upgrade 1.2.2 -> 1.3.3
        pcsc-tools: upgrade 1.5.8 -> 1.6.0
        pegtl: upgrade 3.2.1 -> 3.2.5
        qpdf: upgrade 10.5.0 -> 10.6.3
        s-nail: upgrade 14.9.23 -> 14.9.24
        smcroute: upgrade 2.5.4 -> 2.5.5
        squashfs-tools-ng: upgrade 1.0.2 -> 1.1.4
        st: upgrade 0.8.4 -> 0.8.5
        tracker: upgrade 3.2.1 -> 3.3.0
        thingsboard-gateway: upgrade 2.8 -> 2.9
        thrift: upgrade 0.14.2 -> 0.16.0
        toybox: upgrade 0.8.5 -> 0.8.6
        unbound: upgrade 1.13.2 -> 1.15.0
        twm: upgrade 1.0.11 -> 1.0.12
        unixodbc: upgrade 2.3.7 -> 2.3.9
        xterm: upgrade 368 -> 372
        python3-cppy: upgrade 1.2.0 -> 1.2.1
        evince: upgrade 42.1 -> 42.2
        evolution-data-server: upgrade 3.44.0 -> 3.44.1
        gspell: upgrade 1.9.1 -> 1.10.0
        gtksourceview5: upgrade 5.4.0 -> 5.4.1
        libadwaita: upgrade 1.1.0 -> 1.1.1
        nautilus: upgrade 42.0 -> 42.1.1
        htpdate: upgrade 1.3.3 -> 1.3.4
        nanomsg: upgrade 1.1.5 -> 1.2
        nbdkit: upgrade 1.30.2 -> 1.31.1
        ctags: upgrade 5.9.20220410.0 -> 5.9.20220417.0
        hexedit: upgrade 1.5 -> 1.6
        lapack: upgrade 3.10.0 -> 3.10.1
        links: upgrade to 2.26
        lsscsi: upgrade 0.31 -> 0.32
        openwsman: upgrade 2.6.11 -> 2.7.1
        libdbd-sqlite-perl: upgrade 1.68 -> 1.70
        libencode-perl: upgrade 3.16 -> 3.17
        libextutils-cppguess-perl: upgrade 0.23 -> 0.26
        libtest-harness-perl: upgrade 3.42 -> 3.44
        ostree: upgrade 2021.6 -> 2022.2

  zhengruoqin (5):
        python3-google-api-python-client: upgrade 2.42.0 -> 2.43.0
        python3-googleapis-common-protos: upgrade 1.54.0 -> 1.56.0
        python3-nocaselist: upgrade 1.0.4 -> 1.0.5
        python3-pylint: upgrade 2.13.2 -> 2.13.5
        python3-nocasedict: upgrade 1.0.2 -> 1.0.3

meta-raspberrypi: 83f5577d8d..c97a9e34ab:
  Andrei Gherzan (20):
        raspberrypi-firmware: Update to 20220331
        linux-raspberrypi: Update 5.15 recipe to 5.15.34
        linux-raspberrypi: Update 5.10 recipe to 5.10.110
        bcm2835: Update to 1.71
        pi-blaster: Uprev the recipe
        linux-firmware-rpidistro: Update to 20210315-3+rpt4
        raspi-gpio: Uprev revision to current HEAD of master branch
        python3-rtimu: Upgrade to 7.2.1
        rpio: Upgrade to 0.10.1
        python3-adafruit-pureio: Uprade to 1.1.8
        python3-adafruit-platformdetect: Upgrade to 3.22.1
        python3-adafruit-circuitpython-register: Upgrade to 1.9.8
        rpi-basic-image: Drop image
        rpi-hwup-image: Drop image
        packagegroup-rpi-test: Include more packages
        ci: Use test builds with the test image
        docs: Drop mention of deprecated images
        docs: Bump copyright year
        rpi-base.inc: Add MCP3008 ADC overlay
        kmod: Enable xz compression

  Davide Gardenal (1):
        bluez-firmware-rpidistro: Add compatibility to oe-core/create-spdx

  Jan Vermaete (1):
        docs: link to latest documentation of kas

  Khem Raj (1):
        python3-sense-hat: Use specific BSD license

  Meng Li (1):
        u-boot: Remove the randundant patch

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Icdb885a2d340dc3c88b971c57dede6902a9708e3
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc
index 79d4645..22dd07b 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -53,6 +53,7 @@
            ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
            file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
            file://0001-test-gatt-Fix-hung-issue.patch \
+           file://fix_service.patch \
            "
 S = "${WORKDIR}/bluez-${PV}"
 
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
new file mode 100644
index 0000000..96fdf6b
--- /dev/null
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
@@ -0,0 +1,30 @@
+The systemd bluetooth service failed to start because the /var/lib/bluetooth
+path of ReadWritePaths= is created by the bluetooth daemon itself.
+
+The commit systemd: Add more filesystem lockdown (442d211) add ReadWritePaths=/etc/bluetooth
+and ReadOnlyPaths=/var/lib/bluetooth options to the bluetooth systemd service.
+The existing ProtectSystem=full option mounts the /usr, the boot loader
+directories and /etc read-only. This means the two option are useless and could be removed.
+
+Upstream-Status: Submitted [https://github.com/bluez/bluez/issues/329]
+
+Index: bluez-5.64/src/bluetooth.service.in
+===================================================================
+--- bluez-5.64.orig/src/bluetooth.service.in
++++ bluez-5.64/src/bluetooth.service.in
+@@ -15,12 +15,12 @@ LimitNPROC=1
+ 
+ # Filesystem lockdown
+ ProtectHome=true
+-ProtectSystem=full
++ProtectSystem=strict
+ PrivateTmp=true
+ ProtectKernelTunables=true
+ ProtectControlGroups=true
+-ReadWritePaths=@statedir@
+-ReadOnlyPaths=@confdir@
++ConfigurationDirectory=bluetooth
++StateDirectory=bluetooth
+ 
+ # Execute Mappings
+ MemoryDenyWriteExecute=true
diff --git a/poky/meta/recipes-connectivity/neard/neard_0.16.bb b/poky/meta/recipes-connectivity/neard/neard_0.16.bb
index 57f2a3e..bc9ce07 100644
--- a/poky/meta/recipes-connectivity/neard/neard_0.16.bb
+++ b/poky/meta/recipes-connectivity/neard/neard_0.16.bb
@@ -2,21 +2,22 @@
 DESCRIPTION = "A daemon for the Linux Near Field Communication stack"
 HOMEPAGE = "http://01.org/linux-nfc"
 LICENSE = "GPL-2.0-only"
+LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \
+                    file://src/near.h;beginline=1;endline=20;md5=358e4deefef251a4761e1ffacc965d13 \
+                   "
 
 DEPENDS = "dbus glib-2.0 libnl"
 
-SRC_URI = "${KERNELORG_MIRROR}/linux/network/nfc/${BP}.tar.xz \
+SRC_URI = "git://git.kernel.org/pub/scm/network/nfc/neard.git;protocol=git;branch=master \
            file://neard.in \
            file://Makefile.am-fix-parallel-issue.patch \
            file://Makefile.am-do-not-ship-version.h.patch \
            file://0001-Add-header-dependency-to-nciattach.o.patch \
           "
-SRC_URI[md5sum] = "5c691fb7872856dc0d909c298bc8cb41"
-SRC_URI[sha256sum] = "eae3b11c541a988ec11ca94b7deab01080cd5b58cfef3ced6ceac9b6e6e65b36"
 
-LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \
- file://src/near.h;beginline=1;endline=20;md5=358e4deefef251a4761e1ffacc965d13 \
- "
+SRCREV = "949795024f7625420e93e288c56e194cb9a3e74a"
+
+S = "${WORKDIR}/git"
 
 inherit autotools pkgconfig systemd update-rc.d
 
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch b/poky/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
deleted file mode 100644
index 0241c29..0000000
--- a/poky/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 56194e9a6043873b0ec84f9d15c6e4caca2580c8 Mon Sep 17 00:00:00 2001
-From: Darren Tucker <dtucker@dtucker.net>
-Date: Tue, 8 Mar 2022 20:04:06 +1100
-Subject: [PATCH] Default to not using sandbox when cross compiling.
-
-On most systems poll(2) does not work when the number of FDs is reduced
-with setrlimit, so assume it doesn't when cross compiling and we can't
-run the test.  bz#3398.
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Upstream-Status: Backport [https://anongit.mindrot.org/openssh.git/patch/?id=8cf5275452a950869cb90eeac7d220b01f77b12e]
----
- configure.ac | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 17fb1e6..a165d08 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -3574,8 +3574,8 @@ AC_RUN_IFELSE(
- 	 select_works_with_rlimit=yes],
- 	[AC_MSG_RESULT([no])
- 	 select_works_with_rlimit=no],
--	[AC_MSG_WARN([cross compiling: assuming yes])
--	 select_works_with_rlimit=yes]
-+	[AC_MSG_WARN([cross compiling: assuming no])
-+	 select_works_with_rlimit=no]
- )
- 
- AC_CHECK_MEMBERS([struct pollfd.fd], [], [], [[
--- 
-2.35.1
-
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/f107467179428a0e3ea9e4aa9738ac12ff02822d.patch b/poky/meta/recipes-connectivity/openssh/openssh/f107467179428a0e3ea9e4aa9738ac12ff02822d.patch
deleted file mode 100644
index 847c0a1..0000000
--- a/poky/meta/recipes-connectivity/openssh/openssh/f107467179428a0e3ea9e4aa9738ac12ff02822d.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From f107467179428a0e3ea9e4aa9738ac12ff02822d Mon Sep 17 00:00:00 2001
-From: Colin Watson <cjwatson@debian.org>
-Date: Thu, 24 Feb 2022 16:04:18 +0000
-Subject: [PATCH] Improve detection of -fzero-call-used-regs=all support
-
-GCC doesn't tell us whether this option is supported unless it runs into
-the situation where it would need to emit corresponding code.
-
-Upstream-Status: Backport
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
----
- m4/openssh.m4 | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/m4/openssh.m4 b/m4/openssh.m4
-index 4f9c3792dc1..8c33c701b8b 100644
---- a/m4/openssh.m4
-+++ b/m4/openssh.m4
-@@ -14,6 +14,8 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{
- 	AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
- #include <stdlib.h>
- #include <stdio.h>
-+/* Trivial function to help test for -fzero-call-used-regs */
-+void f(int n) {}
- int main(int argc, char **argv) {
- 	(void)argv;
- 	/* Some math to catch -ftrapv problems in the toolchain */
-@@ -21,6 +23,7 @@ int main(int argc, char **argv) {
- 	float l = i * 2.1;
- 	double m = l / 0.5;
- 	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-+	f(0);
- 	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
- 	/*
- 	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does
diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_9.0p1.bb
similarity index 96%
rename from poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
rename to poky/meta/recipes-connectivity/openssh/openssh_9.0p1.bb
index f306b12..975faed 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
+++ b/poky/meta/recipes-connectivity/openssh/openssh_9.0p1.bb
@@ -24,10 +24,8 @@
            file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
            file://sshd_check_keys \
            file://add-test-support-for-busybox.patch \
-           file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
-           file://0001-Default-to-not-using-sandbox-when-cross-compiling.patch \
            "
-SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
+SRC_URI[sha256sum] = "03974302161e9ecce32153cfa10012f1e65c8f3750f573a73ab1befd5972a28a"
 
 # This CVE is specific to OpenSSH with the pam opie which we don't build/use here
 CVE_CHECK_IGNORE += "CVE-2007-2768"
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_3.0.2.bb b/poky/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
index ff2a22c..a809666 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
+++ b/poky/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
@@ -224,7 +224,7 @@
 # file to be installed for both the openssl-bin package and the libcrypto
 # package since the openssl-bin package depends on the libcrypto package.
 
-PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc"
+PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc ${PN}-ossl-module-legacy"
 
 FILES:libcrypto = "${libdir}/libcrypto${SOLIBS}"
 FILES:libssl = "${libdir}/libssl${SOLIBS}"
@@ -235,12 +235,13 @@
 # ${prefix} comes from what we pass into --prefix at configure time (which is used for INSTALLTOP)
 FILES:${PN}-engines:append:mingw32:class-nativesdk = " ${prefix}${libdir}/engines-3"
 FILES:${PN}-misc = "${libdir}/ssl-3/misc ${bindir}/c_rehash"
+FILES:${PN}-ossl-module-legacy = "${libdir}/ossl-modules/legacy.so"
 FILES:${PN} =+ "${libdir}/ssl-3/* ${libdir}/ossl-modules/"
 FILES:${PN}:append:class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
 
 CONFFILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
 
-RRECOMMENDS:libcrypto += "openssl-conf"
+RRECOMMENDS:libcrypto += "openssl-conf ${PN}-ossl-module-legacy"
 RDEPENDS:${PN}-misc = "perl"
 RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash sed"
 
diff --git a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Install-wpa_passphrase-when-not-disabled.patch b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Install-wpa_passphrase-when-not-disabled.patch
new file mode 100644
index 0000000..c04c608
--- /dev/null
+++ b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Install-wpa_passphrase-when-not-disabled.patch
@@ -0,0 +1,33 @@
+From 57b12a1e43605f71239a21488cb9b541f0751dda Mon Sep 17 00:00:00 2001
+From: Alex Kiernan <alexk@zuma.ai>
+Date: Thu, 21 Apr 2022 10:15:29 +0100
+Subject: [PATCH] Install wpa_passphrase when not disabled
+
+As part of fixing CONFIG_NO_WPA_PASSPHRASE, whilst wpa_passphrase gets
+built, its not installed during `make install`.
+
+Fixes: cb41c214b78d ("build: Re-enable options for libwpa_client.so and wpa_passphrase")
+Signed-off-by: Alex Kiernan <alexk@zuma.ai>
+Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
+Upstream-Status: Submitted [http://lists.infradead.org/pipermail/hostap/2022-April/040448.html]
+---
+ wpa_supplicant/Makefile | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
+index 0bab313f2355..12787c0c7d0f 100644
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -73,6 +73,9 @@ $(DESTDIR)$(BINDIR)/%: %
+ 
+ install: $(addprefix $(DESTDIR)$(BINDIR)/,$(BINALL))
+ 	$(MAKE) -C ../src install
++ifndef CONFIG_NO_WPA_PASSPHRASE
++	install -D wpa_passphrase $(DESTDIR)/$(BINDIR)/wpa_passphrase
++endif
+ ifdef CONFIG_BUILD_WPA_CLIENT_SO
+ 	install -m 0644 -D libwpa_client.so $(DESTDIR)/$(LIBDIR)/libwpa_client.so
+ 	install -m 0644 -D ../src/common/wpa_ctrl.h $(DESTDIR)/$(INCDIR)/wpa_ctrl.h
+-- 
+2.35.1
+
diff --git a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-build-Re-enable-options-for-libwpa_client.so-and-wpa.patch b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-build-Re-enable-options-for-libwpa_client.so-and-wpa.patch
new file mode 100644
index 0000000..6e930fc
--- /dev/null
+++ b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-build-Re-enable-options-for-libwpa_client.so-and-wpa.patch
@@ -0,0 +1,73 @@
+From cb41c214b78d6df187a31950342e48a403dbd769 Mon Sep 17 00:00:00 2001
+From: Sergey Matyukevich <geomatsi@gmail.com>
+Date: Tue, 22 Feb 2022 11:52:19 +0300
+Subject: [PATCH 1/2] build: Re-enable options for libwpa_client.so and
+ wpa_passphrase
+
+Commit a41a29192e5d ("build: Pull common fragments into a build.rules
+file") introduced a regression into wpa_supplicant build process. The
+build target libwpa_client.so is not built regardless of whether the
+option CONFIG_BUILD_WPA_CLIENT_SO is set or not. This happens because
+this config option is used before it is imported from the configuration
+file. Moving its use after including build.rules does not help: the
+variable ALL is processed by build.rules and further changes are not
+applied. Similarly, option CONFIG_NO_WPA_PASSPHRASE also does not work
+as expected: wpa_passphrase is always built regardless of whether the
+option is set or not.
+
+Re-enable these options by adding both build targets to _all
+dependencies.
+
+Fixes: a41a29192e5d ("build: Pull common fragments into a build.rules file")
+Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
+Upstream-Status: Backport
+Signed-off-by: Alex Kiernan <alexk@zuma.ai>
+Signed-off-by: Alex Kiernan <alexk@gmail.com>
+---
+ wpa_supplicant/Makefile | 19 ++++++++++++-------
+ 1 file changed, 12 insertions(+), 7 deletions(-)
+
+diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
+index cb66defac7c8..c456825ae75f 100644
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -1,24 +1,29 @@
+ BINALL=wpa_supplicant wpa_cli
+ 
+-ifndef CONFIG_NO_WPA_PASSPHRASE
+-BINALL += wpa_passphrase
+-endif
+-
+ ALL = $(BINALL)
+ ALL += systemd/wpa_supplicant.service
+ ALL += systemd/wpa_supplicant@.service
+ ALL += systemd/wpa_supplicant-nl80211@.service
+ ALL += systemd/wpa_supplicant-wired@.service
+ ALL += dbus/fi.w1.wpa_supplicant1.service
+-ifdef CONFIG_BUILD_WPA_CLIENT_SO
+-ALL += libwpa_client.so
+-endif
+ 
+ EXTRA_TARGETS=dynamic_eap_methods
+ 
+ CONFIG_FILE=.config
+ include ../src/build.rules
+ 
++ifdef CONFIG_BUILD_WPA_CLIENT_SO
++# add the dependency this way to allow CONFIG_BUILD_WPA_CLIENT_SO
++# being set in the config which is read by build.rules
++_all: libwpa_client.so
++endif
++
++ifndef CONFIG_NO_WPA_PASSPHRASE
++# add the dependency this way to allow CONFIG_NO_WPA_PASSPHRASE
++# being set in the config which is read by build.rules
++_all: wpa_passphrase
++endif
++
+ ifdef LIBS
+ # If LIBS is set with some global build system defaults, clone those for
+ # LIBS_c and LIBS_p to cover wpa_passphrase and wpa_cli as well.
+-- 
+2.35.1
+
diff --git a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Fix-removal-of-wpa_passphrase-on-make-clean.patch b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Fix-removal-of-wpa_passphrase-on-make-clean.patch
new file mode 100644
index 0000000..53b0fcd
--- /dev/null
+++ b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Fix-removal-of-wpa_passphrase-on-make-clean.patch
@@ -0,0 +1,26 @@
+From d001b301ba7987f4b39453a211631b85c48f2ff8 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <quic_jouni@quicinc.com>
+Date: Thu, 3 Mar 2022 13:26:42 +0200
+Subject: [PATCH 2/2] Fix removal of wpa_passphrase on 'make clean'
+
+Fixes: 0430bc8267b4 ("build: Add a common-clean target")
+Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
+Upstream-Status: Backport
+Signed-off-by: Alex Kiernan <alexk@zuma.ai>
+Signed-off-by: Alex Kiernan <alexk@gmail.com>
+---
+ wpa_supplicant/Makefile | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
+index c456825ae75f..4b4688931b1d 100644
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -2077,3 +2077,4 @@ clean: common-clean
+ 	rm -f libwpa_client.a
+ 	rm -f libwpa_client.so
+ 	rm -f libwpa_test1 libwpa_test2
++	rm -f wpa_passphrase
+-- 
+2.35.1
+
diff --git a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/defconfig b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/defconfig
deleted file mode 100644
index f04e398..0000000
--- a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/defconfig
+++ /dev/null
@@ -1,552 +0,0 @@
-# Example wpa_supplicant build time configuration
-#
-# This file lists the configuration options that are used when building the
-# hostapd binary. All lines starting with # are ignored. Configuration option
-# lines must be commented out complete, if they are not to be included, i.e.,
-# just setting VARIABLE=n is not disabling that variable.
-#
-# This file is included in Makefile, so variables like CFLAGS and LIBS can also
-# be modified from here. In most cases, these lines should use += in order not
-# to override previous values of the variables.
-
-
-# Uncomment following two lines and fix the paths if you have installed OpenSSL
-# or GnuTLS in non-default location
-#CFLAGS += -I/usr/local/openssl/include
-#LIBS += -L/usr/local/openssl/lib
-
-# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
-# the kerberos files are not in the default include path. Following line can be
-# used to fix build issues on such systems (krb5.h not found).
-#CFLAGS += -I/usr/include/kerberos
-
-# Example configuration for various cross-compilation platforms
-
-#### sveasoft (e.g., for Linksys WRT54G) ######################################
-#CC=mipsel-uclibc-gcc
-#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
-#CFLAGS += -Os
-#CPPFLAGS += -I../src/include -I../../src/router/openssl/include
-#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl
-###############################################################################
-
-#### openwrt (e.g., for Linksys WRT54G) #######################################
-#CC=mipsel-uclibc-gcc
-#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
-#CFLAGS += -Os
-#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \
-#	-I../WRT54GS/release/src/include
-#LIBS = -lssl
-###############################################################################
-
-
-# Driver interface for Host AP driver
-CONFIG_DRIVER_HOSTAP=y
-
-# Driver interface for Agere driver
-#CONFIG_DRIVER_HERMES=y
-# Change include directories to match with the local setup
-#CFLAGS += -I../../hcf -I../../include -I../../include/hcf
-#CFLAGS += -I../../include/wireless
-
-# Driver interface for madwifi driver
-# Deprecated; use CONFIG_DRIVER_WEXT=y instead.
-#CONFIG_DRIVER_MADWIFI=y
-# Set include directory to the madwifi source tree
-#CFLAGS += -I../../madwifi
-
-# Driver interface for ndiswrapper
-# Deprecated; use CONFIG_DRIVER_WEXT=y instead.
-#CONFIG_DRIVER_NDISWRAPPER=y
-
-# Driver interface for Atmel driver
-# CONFIG_DRIVER_ATMEL=y
-
-# Driver interface for old Broadcom driver
-# Please note that the newer Broadcom driver ("hybrid Linux driver") supports
-# Linux wireless extensions and does not need (or even work) with the old
-# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver.
-#CONFIG_DRIVER_BROADCOM=y
-# Example path for wlioctl.h; change to match your configuration
-#CFLAGS += -I/opt/WRT54GS/release/src/include
-
-# Driver interface for Intel ipw2100/2200 driver
-# Deprecated; use CONFIG_DRIVER_WEXT=y instead.
-#CONFIG_DRIVER_IPW=y
-
-# Driver interface for Ralink driver
-#CONFIG_DRIVER_RALINK=y
-
-# Driver interface for generic Linux wireless extensions
-# Note: WEXT is deprecated in the current Linux kernel version and no new
-# functionality is added to it. nl80211-based interface is the new
-# replacement for WEXT and its use allows wpa_supplicant to properly control
-# the driver to improve existing functionality like roaming and to support new
-# functionality.
-CONFIG_DRIVER_WEXT=y
-
-# Driver interface for Linux drivers using the nl80211 kernel interface
-CONFIG_DRIVER_NL80211=y
-
-# driver_nl80211.c requires libnl. If you are compiling it yourself
-# you may need to point hostapd to your version of libnl.
-#
-#CFLAGS += -I$<path to libnl include files>
-#LIBS += -L$<path to libnl library files>
-
-# Use libnl v2.0 (or 3.0) libraries.
-#CONFIG_LIBNL20=y
-
-# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
-CONFIG_LIBNL32=y
-
-
-# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
-#CONFIG_DRIVER_BSD=y
-#CFLAGS += -I/usr/local/include
-#LIBS += -L/usr/local/lib
-#LIBS_p += -L/usr/local/lib
-#LIBS_c += -L/usr/local/lib
-
-# Driver interface for Windows NDIS
-#CONFIG_DRIVER_NDIS=y
-#CFLAGS += -I/usr/include/w32api/ddk
-#LIBS += -L/usr/local/lib
-# For native build using mingw
-#CONFIG_NATIVE_WINDOWS=y
-# Additional directories for cross-compilation on Linux host for mingw target
-#CFLAGS += -I/opt/mingw/mingw32/include/ddk
-#LIBS += -L/opt/mingw/mingw32/lib
-#CC=mingw32-gcc
-# By default, driver_ndis uses WinPcap for low-level operations. This can be
-# replaced with the following option which replaces WinPcap calls with NDISUIO.
-# However, this requires that WZC is disabled (net stop wzcsvc) before starting
-# wpa_supplicant.
-# CONFIG_USE_NDISUIO=y
-
-# Driver interface for development testing
-#CONFIG_DRIVER_TEST=y
-
-# Driver interface for wired Ethernet drivers
-CONFIG_DRIVER_WIRED=y
-
-# Driver interface for the Broadcom RoboSwitch family
-#CONFIG_DRIVER_ROBOSWITCH=y
-
-# Driver interface for no driver (e.g., WPS ER only)
-#CONFIG_DRIVER_NONE=y
-
-# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
-# included)
-CONFIG_IEEE8021X_EAPOL=y
-
-# EAP-MD5
-CONFIG_EAP_MD5=y
-
-# EAP-MSCHAPv2
-CONFIG_EAP_MSCHAPV2=y
-
-# EAP-TLS
-CONFIG_EAP_TLS=y
-
-# EAL-PEAP
-CONFIG_EAP_PEAP=y
-
-# EAP-TTLS
-CONFIG_EAP_TTLS=y
-
-# EAP-FAST
-# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed
-# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g.,
-# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions.
-#CONFIG_EAP_FAST=y
-
-# EAP-GTC
-CONFIG_EAP_GTC=y
-
-# EAP-OTP
-CONFIG_EAP_OTP=y
-
-# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
-#CONFIG_EAP_SIM=y
-
-# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
-#CONFIG_EAP_PSK=y
-
-# EAP-pwd (secure authentication using only a password)
-#CONFIG_EAP_PWD=y
-
-# EAP-PAX
-#CONFIG_EAP_PAX=y
-
-# LEAP
-CONFIG_EAP_LEAP=y
-
-# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
-#CONFIG_EAP_AKA=y
-
-# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
-# This requires CONFIG_EAP_AKA to be enabled, too.
-#CONFIG_EAP_AKA_PRIME=y
-
-# Enable USIM simulator (Milenage) for EAP-AKA
-#CONFIG_USIM_SIMULATOR=y
-
-# EAP-SAKE
-#CONFIG_EAP_SAKE=y
-
-# EAP-GPSK
-#CONFIG_EAP_GPSK=y
-# Include support for optional SHA256 cipher suite in EAP-GPSK
-#CONFIG_EAP_GPSK_SHA256=y
-
-# EAP-TNC and related Trusted Network Connect support (experimental)
-#CONFIG_EAP_TNC=y
-
-# Wi-Fi Protected Setup (WPS)
-CONFIG_WPS=y
-# Enable WSC 2.0 support
-#CONFIG_WPS2=y
-# Enable WPS external registrar functionality
-#CONFIG_WPS_ER=y
-# Disable credentials for an open network by default when acting as a WPS
-# registrar.
-#CONFIG_WPS_REG_DISABLE_OPEN=y
-# Enable WPS support with NFC config method
-#CONFIG_WPS_NFC=y
-
-# EAP-IKEv2
-#CONFIG_EAP_IKEV2=y
-
-# EAP-EKE
-#CONFIG_EAP_EKE=y
-
-# PKCS#12 (PFX) support (used to read private key and certificate file from
-# a file that usually has extension .p12 or .pfx)
-CONFIG_PKCS12=y
-
-# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
-# engine.
-CONFIG_SMARTCARD=y
-
-# PC/SC interface for smartcards (USIM, GSM SIM)
-# Enable this if EAP-SIM or EAP-AKA is included
-#CONFIG_PCSC=y
-
-# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
-#CONFIG_HT_OVERRIDES=y
-
-# Support VHT overrides (disable VHT, mask MCS rates, etc.)
-#CONFIG_VHT_OVERRIDES=y
-
-# Development testing
-#CONFIG_EAPOL_TEST=y
-
-# Select control interface backend for external programs, e.g, wpa_cli:
-# unix = UNIX domain sockets (default for Linux/*BSD)
-# udp = UDP sockets using localhost (127.0.0.1)
-# named_pipe = Windows Named Pipe (default for Windows)
-# udp-remote = UDP sockets with remote access (only for tests systems/purpose)
-# y = use default (backwards compatibility)
-# If this option is commented out, control interface is not included in the
-# build.
-CONFIG_CTRL_IFACE=y
-
-# Include support for GNU Readline and History Libraries in wpa_cli.
-# When building a wpa_cli binary for distribution, please note that these
-# libraries are licensed under GPL and as such, BSD license may not apply for
-# the resulting binary.
-#CONFIG_READLINE=y
-
-# Include internal line edit mode in wpa_cli. This can be used as a replacement
-# for GNU Readline to provide limited command line editing and history support.
-#CONFIG_WPA_CLI_EDIT=y
-
-# Remove debugging code that is printing out debug message to stdout.
-# This can be used to reduce the size of the wpa_supplicant considerably
-# if debugging code is not needed. The size reduction can be around 35%
-# (e.g., 90 kB).
-#CONFIG_NO_STDOUT_DEBUG=y
-
-# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
-# 35-50 kB in code size.
-#CONFIG_NO_WPA=y
-
-# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
-# This option can be used to reduce code size by removing support for
-# converting ASCII passphrases into PSK. If this functionality is removed, the
-# PSK can only be configured as the 64-octet hexstring (e.g., from
-# wpa_passphrase). This saves about 0.5 kB in code size.
-#CONFIG_NO_WPA_PASSPHRASE=y
-
-# Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
-# This can be used if ap_scan=1 mode is never enabled.
-#CONFIG_NO_SCAN_PROCESSING=y
-
-# Select configuration backend:
-# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
-#	path is given on command line, not here; this option is just used to
-#	select the backend that allows configuration files to be used)
-# winreg = Windows registry (see win_example.reg for an example)
-CONFIG_BACKEND=file
-
-# Remove configuration write functionality (i.e., to allow the configuration
-# file to be updated based on runtime configuration changes). The runtime
-# configuration can still be changed, the changes are just not going to be
-# persistent over restarts. This option can be used to reduce code size by
-# about 3.5 kB.
-#CONFIG_NO_CONFIG_WRITE=y
-
-# Remove support for configuration blobs to reduce code size by about 1.5 kB.
-#CONFIG_NO_CONFIG_BLOBS=y
-
-# Select program entry point implementation:
-# main = UNIX/POSIX like main() function (default)
-# main_winsvc = Windows service (read parameters from registry)
-# main_none = Very basic example (development use only)
-#CONFIG_MAIN=main
-
-# Select wrapper for operatins system and C library specific functions
-# unix = UNIX/POSIX like systems (default)
-# win32 = Windows systems
-# none = Empty template
-#CONFIG_OS=unix
-
-# Select event loop implementation
-# eloop = select() loop (default)
-# eloop_win = Windows events and WaitForMultipleObject() loop
-#CONFIG_ELOOP=eloop
-
-# Should we use poll instead of select? Select is used by default.
-#CONFIG_ELOOP_POLL=y
-
-# Select layer 2 packet implementation
-# linux = Linux packet socket (default)
-# pcap = libpcap/libdnet/WinPcap
-# freebsd = FreeBSD libpcap
-# winpcap = WinPcap with receive thread
-# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
-# none = Empty template
-#CONFIG_L2_PACKET=linux
-
-# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
-CONFIG_PEERKEY=y
-
-# IEEE 802.11w (management frame protection), also known as PMF
-# Driver support is also needed for IEEE 802.11w.
-#CONFIG_IEEE80211W=y
-
-# Select TLS implementation
-# openssl = OpenSSL (default)
-# gnutls = GnuTLS
-# internal = Internal TLSv1 implementation (experimental)
-# none = Empty template
-#CONFIG_TLS=openssl
-
-# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
-# can be enabled to get a stronger construction of messages when block ciphers
-# are used. It should be noted that some existing TLS v1.0 -based
-# implementation may not be compatible with TLS v1.1 message (ClientHello is
-# sent prior to negotiating which version will be used)
-#CONFIG_TLSV11=y
-
-# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
-# can be enabled to enable use of stronger crypto algorithms. It should be
-# noted that some existing TLS v1.0 -based implementation may not be compatible
-# with TLS v1.2 message (ClientHello is sent prior to negotiating which version
-# will be used)
-#CONFIG_TLSV12=y
-
-# If CONFIG_TLS=internal is used, additional library and include paths are
-# needed for LibTomMath. Alternatively, an integrated, minimal version of
-# LibTomMath can be used. See beginning of libtommath.c for details on benefits
-# and drawbacks of this option.
-#CONFIG_INTERNAL_LIBTOMMATH=y
-#ifndef CONFIG_INTERNAL_LIBTOMMATH
-#LTM_PATH=/usr/src/libtommath-0.39
-#CFLAGS += -I$(LTM_PATH)
-#LIBS += -L$(LTM_PATH)
-#LIBS_p += -L$(LTM_PATH)
-#endif
-# At the cost of about 4 kB of additional binary size, the internal LibTomMath
-# can be configured to include faster routines for exptmod, sqr, and div to
-# speed up DH and RSA calculation considerably
-#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
-
-# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
-# This is only for Windows builds and requires WMI-related header files and
-# WbemUuid.Lib from Platform SDK even when building with MinGW.
-#CONFIG_NDIS_EVENTS_INTEGRATED=y
-#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
-
-# Add support for old DBus control interface
-# (fi.epitest.hostap.WPASupplicant)
-#CONFIG_CTRL_IFACE_DBUS=y
-
-# Add support for new DBus control interface
-# (fi.w1.hostap.wpa_supplicant1)
-CONFIG_CTRL_IFACE_DBUS_NEW=y
-
-# Add introspection support for new DBus control interface
-#CONFIG_CTRL_IFACE_DBUS_INTRO=y
-
-# Add support for loading EAP methods dynamically as shared libraries.
-# When this option is enabled, each EAP method can be either included
-# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
-# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
-# be loaded in the beginning of the wpa_supplicant configuration file
-# (see load_dynamic_eap parameter in the example file) before being used in
-# the network blocks.
-#
-# Note that some shared parts of EAP methods are included in the main program
-# and in order to be able to use dynamic EAP methods using these parts, the
-# main program must have been build with the EAP method enabled (=y or =dyn).
-# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
-# unless at least one of them was included in the main build to force inclusion
-# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
-# in the main build to be able to load these methods dynamically.
-#
-# Please also note that using dynamic libraries will increase the total binary
-# size. Thus, it may not be the best option for targets that have limited
-# amount of memory/flash.
-#CONFIG_DYNAMIC_EAP_METHODS=y
-
-# IEEE Std 802.11r-2008 (Fast BSS Transition)
-#CONFIG_IEEE80211R=y
-
-# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
-#CONFIG_DEBUG_FILE=y
-
-# Send debug messages to syslog instead of stdout
-#CONFIG_DEBUG_SYSLOG=y
-# Set syslog facility for debug messages
-#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
-
-# Add support for sending all debug messages (regardless of debug verbosity)
-# to the Linux kernel tracing facility. This helps debug the entire stack by
-# making it easy to record everything happening from the driver up into the
-# same file, e.g., using trace-cmd.
-#CONFIG_DEBUG_LINUX_TRACING=y
-
-# Enable privilege separation (see README 'Privilege separation' for details)
-#CONFIG_PRIVSEP=y
-
-# Enable mitigation against certain attacks against TKIP by delaying Michael
-# MIC error reports by a random amount of time between 0 and 60 seconds
-#CONFIG_DELAYED_MIC_ERROR_REPORT=y
-
-# Enable tracing code for developer debugging
-# This tracks use of memory allocations and other registrations and reports
-# incorrect use with a backtrace of call (or allocation) location.
-#CONFIG_WPA_TRACE=y
-# For BSD, uncomment these.
-#LIBS += -lexecinfo
-#LIBS_p += -lexecinfo
-#LIBS_c += -lexecinfo
-
-# Use libbfd to get more details for developer debugging
-# This enables use of libbfd to get more detailed symbols for the backtraces
-# generated by CONFIG_WPA_TRACE=y.
-#CONFIG_WPA_TRACE_BFD=y
-# For BSD, uncomment these.
-#LIBS += -lbfd -liberty -lz
-#LIBS_p += -lbfd -liberty -lz
-#LIBS_c += -lbfd -liberty -lz
-
-CONFIG_TLS = %ssl%
-CONFIG_CTRL_IFACE_DBUS=y
-CONFIG_CTRL_IFACE_DBUS_NEW=y
-
-# wpa_supplicant depends on strong random number generation being available
-# from the operating system. os_get_random() function is used to fetch random
-# data when needed, e.g., for key generation. On Linux and BSD systems, this
-# works by reading /dev/urandom. It should be noted that the OS entropy pool
-# needs to be properly initialized before wpa_supplicant is started. This is
-# important especially on embedded devices that do not have a hardware random
-# number generator and may by default start up with minimal entropy available
-# for random number generation.
-#
-# As a safety net, wpa_supplicant is by default trying to internally collect
-# additional entropy for generating random data to mix in with the data fetched
-# from the OS. This by itself is not considered to be very strong, but it may
-# help in cases where the system pool is not initialized properly. However, it
-# is very strongly recommended that the system pool is initialized with enough
-# entropy either by using hardware assisted random number generator or by
-# storing state over device reboots.
-#
-# wpa_supplicant can be configured to maintain its own entropy store over
-# restarts to enhance random number generation. This is not perfect, but it is
-# much more secure than using the same sequence of random numbers after every
-# reboot. This can be enabled with -e<entropy file> command line option. The
-# specified file needs to be readable and writable by wpa_supplicant.
-#
-# If the os_get_random() is known to provide strong random data (e.g., on
-# Linux/BSD, the board in question is known to have reliable source of random
-# data from /dev/urandom), the internal wpa_supplicant random pool can be
-# disabled. This will save some in binary size and CPU use. However, this
-# should only be considered for builds that are known to be used on devices
-# that meet the requirements described above.
-#CONFIG_NO_RANDOM_POOL=y
-
-# IEEE 802.11n (High Throughput) support (mainly for AP mode)
-#CONFIG_IEEE80211N=y
-
-# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
-# (depends on CONFIG_IEEE80211N)
-#CONFIG_IEEE80211AC=y
-
-# Wireless Network Management (IEEE Std 802.11v-2011)
-# Note: This is experimental and not complete implementation.
-#CONFIG_WNM=y
-
-# Interworking (IEEE 802.11u)
-# This can be used to enable functionality to improve interworking with
-# external networks (GAS/ANQP to learn more about the networks and network
-# selection based on available credentials).
-#CONFIG_INTERWORKING=y
-
-# Hotspot 2.0
-#CONFIG_HS20=y
-
-# Disable roaming in wpa_supplicant
-#CONFIG_NO_ROAMING=y
-
-# AP mode operations with wpa_supplicant
-# This can be used for controlling AP mode operations with wpa_supplicant. It
-# should be noted that this is mainly aimed at simple cases like
-# WPA2-Personal while more complex configurations like WPA2-Enterprise with an
-# external RADIUS server can be supported with hostapd.
-CONFIG_AP=y
-
-CONFIG_BGSCAN_SIMPLE=y
-
-# P2P (Wi-Fi Direct)
-# This can be used to enable P2P support in wpa_supplicant. See README-P2P for
-# more information on P2P operations.
-#CONFIG_P2P=y
-
-# Enable TDLS support
-#CONFIG_TDLS=y
-
-# Wi-Fi Direct
-# This can be used to enable Wi-Fi Direct extensions for P2P using an external
-# program to control the additional information exchanges in the messages.
-#CONFIG_WIFI_DISPLAY=y
-
-# Autoscan
-# This can be used to enable automatic scan support in wpa_supplicant.
-# See wpa_supplicant.conf for more information on autoscan usage.
-#
-# Enabling directly a module will enable autoscan support.
-# For exponential module:
-CONFIG_AUTOSCAN_EXPONENTIAL=y
-# For periodic module:
-#CONFIG_AUTOSCAN_PERIODIC=y
-
-# Password (and passphrase, etc.) backend for external storage
-# These optional mechanisms can be used to add support for storing passwords
-# and other secrets in external (to wpa_supplicant) location. This allows, for
-# example, operating system specific key storage to be used
-#
-# External password backend for testing purposes (developer use)
-#CONFIG_EXT_PASSWORD_TEST=y
diff --git a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.10.bb b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.10.bb
index 6e80ac7..aee5657 100644
--- a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.10.bb
+++ b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.10.bb
@@ -1,76 +1,61 @@
 SUMMARY = "Client for Wi-Fi Protected Access (WPA)"
-HOMEPAGE = "http://w1.fi/wpa_supplicant/"
 DESCRIPTION = "wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver."
+HOMEPAGE = "http://w1.fi/wpa_supplicant/"
 BUGTRACKER = "http://w1.fi/security/"
 SECTION = "network"
 LICENSE = "BSD-3-Clause"
 LIC_FILES_CHKSUM = "file://COPYING;md5=5ebcb90236d1ad640558c3d3cd3035df \
                     file://README;beginline=1;endline=56;md5=e3d2f6c2948991e37c1ca4960de84747 \
                     file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=76306a95306fee9a976b0ac1be70f705"
+
 DEPENDS = "dbus libnl"
-RRECOMMENDS:${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli"
-
-PACKAGECONFIG ??= "openssl"
-PACKAGECONFIG[gnutls] = ",,gnutls libgcrypt"
-PACKAGECONFIG[openssl] = ",,openssl"
-
-inherit pkgconfig systemd
-
-SYSTEMD_SERVICE:${PN} = "wpa_supplicant.service"
-SYSTEMD_AUTO_ENABLE = "disable"
 
 SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \
-           file://defconfig \
            file://wpa-supplicant.sh \
            file://wpa_supplicant.conf \
            file://wpa_supplicant.conf-sane \
            file://99_wpa_supplicant \
+           file://0001-build-Re-enable-options-for-libwpa_client.so-and-wpa.patch \
+           file://0002-Fix-removal-of-wpa_passphrase-on-make-clean.patch \
+           file://0001-Install-wpa_passphrase-when-not-disabled.patch \
            "
 SRC_URI[sha256sum] = "20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f"
 
-CVE_PRODUCT = "wpa_supplicant"
-
 S = "${WORKDIR}/wpa_supplicant-${PV}"
 
-PACKAGES:prepend = "wpa-supplicant-passphrase wpa-supplicant-cli "
-FILES:wpa-supplicant-passphrase = "${bindir}/wpa_passphrase"
-FILES:wpa-supplicant-cli = "${sbindir}/wpa_cli"
-FILES:${PN} += "${datadir}/dbus-1/system-services/* ${systemd_system_unitdir}/*"
-CONFFILES:${PN} += "${sysconfdir}/wpa_supplicant.conf"
+inherit pkgconfig systemd
+
+PACKAGECONFIG ?= "openssl"
+PACKAGECONFIG[gnutls] = ",,gnutls libgcrypt"
+PACKAGECONFIG[openssl] = ",,openssl"
+
+CVE_PRODUCT = "wpa_supplicant"
+
+EXTRA_OEMAKE = "'LIBDIR=${libdir}' 'INCDIR=${includedir}' 'BINDIR=${sbindir}'"
 
 do_configure () {
 	${MAKE} -C wpa_supplicant clean
-	install -m 0755 ${WORKDIR}/defconfig wpa_supplicant/.config
+	sed -e '/CONFIG_TLS=/d' <wpa_supplicant/defconfig >wpa_supplicant/.config
 
-	if echo "${PACKAGECONFIG}" | grep -qw "openssl"; then
-        	ssl=openssl
-	elif echo "${PACKAGECONFIG}" | grep -qw "gnutls"; then
-        	ssl=gnutls
-	fi
-	if [ -n "$ssl" ]; then
-        	sed -i "s/%ssl%/$ssl/" wpa_supplicant/.config
+	if ${@ bb.utils.contains('PACKAGECONFIG', 'openssl', 'true', 'false', d) }; then
+		echo 'CONFIG_TLS=openssl' >>wpa_supplicant/.config
+	elif ${@ bb.utils.contains('PACKAGECONFIG', 'gnutls', 'true', 'false', d) }; then
+		echo 'CONFIG_TLS=gnutls' >>wpa_supplicant/.config
 	fi
 
 	# For rebuild
 	rm -f wpa_supplicant/*.d wpa_supplicant/dbus/*.d
 }
 
-export EXTRA_CFLAGS = "${CFLAGS}"
-export BINDIR = "${sbindir}"
-
 do_compile () {
-	unset CFLAGS CPPFLAGS CXXFLAGS
-	sed -e "s:CFLAGS\ =.*:& \$(EXTRA_CFLAGS):g" -i ${S}/src/lib.rules
 	oe_runmake -C wpa_supplicant
+	if [ -z "${DISABLE_STATIC}" ]; then
+		oe_runmake -C wpa_supplicant libwpa_client.a
+	fi
 }
 
 do_install () {
-	install -d ${D}${sbindir}
-	install -m 755 wpa_supplicant/wpa_supplicant ${D}${sbindir}
-	install -m 755 wpa_supplicant/wpa_cli        ${D}${sbindir}
-
-	install -d ${D}${bindir}
-	install -m 755 wpa_supplicant/wpa_passphrase ${D}${bindir}
+	oe_runmake -C wpa_supplicant DESTDIR="${D}" install
 
 	install -d ${D}${docdir}/wpa_supplicant
 	install -m 644 wpa_supplicant/README ${WORKDIR}/wpa_supplicant.conf ${D}${docdir}/wpa_supplicant
@@ -82,8 +67,7 @@
 	install -d ${D}${sysconfdir}/network/if-post-down.d/
 	install -d ${D}${sysconfdir}/network/if-down.d/
 	install -m 755 ${WORKDIR}/wpa-supplicant.sh ${D}${sysconfdir}/network/if-pre-up.d/wpa-supplicant
-	cd ${D}${sysconfdir}/network/ && \
-	ln -sf ../if-pre-up.d/wpa-supplicant if-post-down.d/wpa-supplicant
+	ln -sf ../if-pre-up.d/wpa-supplicant ${D}${sysconfdir}/network/if-post-down.d/wpa-supplicant
 
 	install -d ${D}/${sysconfdir}/dbus-1/system.d
 	install -m 644 ${S}/wpa_supplicant/dbus/dbus-wpa_supplicant.conf ${D}/${sysconfdir}/dbus-1/system.d
@@ -97,6 +81,14 @@
 
 	install -d ${D}/etc/default/volatiles
 	install -m 0644 ${WORKDIR}/99_wpa_supplicant ${D}/etc/default/volatiles
+
+	install -d ${D}${includedir}
+	install -m 0644 ${S}/src/common/wpa_ctrl.h ${D}${includedir}
+
+	if [ -z "${DISABLE_STATIC}" ]; then
+		install -d ${D}${libdir}
+		install -m 0644 wpa_supplicant/libwpa_client.a ${D}${libdir}
+	fi
 }
 
 pkg_postinst:${PN} () {
@@ -104,5 +96,39 @@
 	if [ "x$D" = "x" ]; then
 		killall -q -HUP dbus-daemon || true
 	fi
-
 }
+
+PACKAGE_BEFORE_PN += "${PN}-passphrase ${PN}-cli"
+PACKAGES =+ "${PN}-lib"
+PACKAGES += "${PN}-plugins"
+ALLOW_EMPTY:${PN}-plugins = "1"
+
+PACKAGES_DYNAMIC += "^${PN}-plugin-.*$"
+NOAUTOPACKAGEDEBUG = "1"
+
+FILES:${PN}-passphrase = "${sbindir}/wpa_passphrase"
+FILES:${PN}-cli = "${sbindir}/wpa_cli"
+FILES:${PN}-lib = "${libdir}/libwpa_client*${SOLIBSDEV}"
+FILES:${PN} += "${datadir}/dbus-1/system-services/* ${systemd_system_unitdir}/*"
+FILES:${PN}-dbg += "${sbindir}/.debug ${libdir}/.debug"
+
+CONFFILES:${PN} += "${sysconfdir}/wpa_supplicant.conf"
+
+RRECOMMENDS:${PN} = "${PN}-passphrase ${PN}-cli ${PN}-plugins"
+
+SYSTEMD_SERVICE:${PN} = "wpa_supplicant.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
+python split_wpa_supplicant_libs () {
+    libdir = d.expand('${libdir}/wpa_supplicant')
+    dbglibdir = os.path.join(libdir, '.debug')
+
+    split_packages = do_split_packages(d, libdir, r'^(.*)\.so', '${PN}-plugin-%s', 'wpa_supplicant %s plugin', prepend=True)
+    split_dbg_packages = do_split_packages(d, dbglibdir, r'^(.*)\.so', '${PN}-plugin-%s-dbg', 'wpa_supplicant %s plugin - Debugging files', prepend=True, extra_depends='${PN}-dbg')
+
+    if split_packages:
+        pn = d.getVar('PN')
+        d.setVar('RRECOMMENDS:' + pn + '-plugins', ' '.join(split_packages))
+        d.appendVar('RRECOMMENDS:' + pn + '-dbg', ' ' + ' '.join(split_dbg_packages))
+}
+PACKAGESPLITFUNCS:prepend = "split_wpa_supplicant_libs "