Age | Commit message (Collapse) | Author |
|
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
Since oe-core 506346, testexport.bbclass pulls in testimage.bbclass via
IMAGE_CLASSES. This works if testexport is inherited with an 'inherit'
statement, but this test case uses IMAGE_CLASSES+="testexport".
By the time the addition of testimage is evaluated, it is too late and
the inherit doesn't happen, so the test fails:
Error for core-image-minimal.bb:do_testexport[depends], dependency
${TESTIMAGEDEPENDS} in ' cpio-native:do_populate_sysroot
${TESTIMAGEDEPENDS}' does not contain exactly one ':' character.
TESTIMAGEDEPENDS isn't set as testimage isn't inherited, so it doesn't
get expanded.
The documentation says to INHERIT += "testexport", and doing that means
the inherits work correctly.
Note that this works on the autobuilder because the local.conf always
has IMAGE_CLASSES += "testimage" added.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
This reverts commit 81cc86cb092d509a7374bdd602346fdd05fe2132.
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
|
|
This class should be in classes-recipe as, like testimage, it is specific
to image recipes.
This also solves a regression where simply INHERIT+=testexport doesn't
work if testimage isn't already in IMAGE_CLASSES because
|
|
There's now a shared decorator for architecture skipping, so use that.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
test_rawcopy_plugin_qemu and test_wic_image_type are x86-specific
currently as the .wks uses x86-specific bootloaders.
This can be fixed, but that can come later.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
These tests should be able to work on qemuarm64, but this is untested
and the runners will need configuration.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
|
|
These tests should respect the MACHINE setting. As not all machines have
a default wks file, mark the wic-using tests as being specific to
qemux86-64 for now.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
Don't hardcode the building of hddimg and iso images, as they're only
buildable on x86-64 targets.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
This test was failing very oddly in qemuarm64 runs. Rewriting the test
to be clearer and less fragile fixed it.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
When the trivial test binary, which just calls printf(), is compiled for
aarch64 with -O2 -D_FORTIFY=2 (as is the default configuration), gdb
resolves main() to the inlined printf() wrapper in stdio2.h instead of
main.c, so the test fails.
Presumably, this is due to debugging being unreliable with -O2. Solve
this problem by not caring where the main() breakpoint resolves to, just
check that it was resolved at all.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
For now, not all machines have a default wks file, so mark the tests
which need a wks as being specific to qemux86-64.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
Set WKS_FILE to wictestdisk.wks, which is a very simple Wic file that
simply contains the root filesystem. It may not actually boot but this
test doesn't care, and it does exercise the wic image construction on
all machines.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
There's no need to build a wic image in this test as not all machines
(such as qemuarm64 currently) have wic images out of the box.
We can simply build ext4 images to work on more machines and save some time.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
There's no need for this to be built for genericx86-64, we want to test
the current MACHINE.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
This test was overly complex with a setUp() method for a single test case,
which was marked as a class function for no good reason.
Generalise the test so that it has the possibility of working on more
machines in the future, add a decorator so that it only runs on
qemux86-64, and respect QEMU_USE_KVM to speed up test execution.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
qemuarm64 currently uses SERIAL_CONSOLES_CHECK but this is incompatible
with read-only rootfs under sysvinit. Until qemuarm64 doesn't use this,
skip the test on qemuarm64.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
There are already decorators to skip on the value of MACHINE, but for
flexibility it's better to skip based on the target architecture. This
means, for example, the ISO image tests could skip if the architecture
isn't x86.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
GitHub redirects /archive/ URLs to codeload.github.com, a dedicated
service for caching git archives:
$ wget -v https://github.com/unicode-org/icu/archive/refs/tags/release-72-1.zip
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/unicode-org/icu/zip/refs/tags/release-72-1 [following]
This is not the case for uploaded artifacts:
$ wget -v https://github.com/unicode-org/icu/releases/download/release-72-1/icu4c-72_1-data-bin-l.zip.asc
HTTP request sent, awaiting response... 302 Found
Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/49244766/... [following]
Check for codeload.github.com URLs in the src-uri-bad check in case
the SRC_URI contains this final URL, and not the public URI.
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
|
OpenSSL 3.0.5 includes a HIGH level security vulnerability [1].
Upgrade the recipe to point to 3.0.7.
CVE-2022-3358 is reported fixed in 3.0.6, so drop the patch for that as
well.
[1] https://www.openssl.org/news/vulnerabilities.html
Fixes CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows
https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
(From OE-Core rev: 48f9f92c547fac35ff398180a32a5b0829cd9fff)
Signed-off-by: Ed Tanous <edtanous@google.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a69ea1f7db96ec8b853573bd581438edd42ad6e0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
=========
** libgnutls: In FIPS140 mode, RSA signature verification is an approved
operation if the key has modulus with known sizes (1024, 1280,
1536, and 1792 bits), in addition to any modulus sizes larger than
2048 bits, according to SP800-131A rev2.
** libgnutls: gnutls_session_channel_binding performs additional checks when
GNUTLS_CB_TLS_EXPORTER is requested. According to RFC9622 4.2, the
"tls-exporter" channel binding is only usable when the handshake is
bound to a unique master secret (i.e., either TLS 1.3 or extended
master secret extension is negotiated). Otherwise the function now
returns error.
** libgnutls: usage of the following functions, which are designed to
loosen restrictions imposed by allowlisting mode of configuration,
has been additionally restricted. Invoking them is now only allowed
if system-wide TLS priority string has not been initialized yet:
gnutls_digest_set_secure
gnutls_sign_set_secure
gnutls_sign_set_secure_for_certs
gnutls_protocol_set_enabled
(From OE-Core rev: a583ac20cc82ede59e1a4e30708cf5434b49ce37)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 858886aa07d0c2c2ef2489996cc8eca5fbe931fa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When machine configuration defines a mount point, which is not used in
any recipe, allow to fall through and only report a note in the logs.
This can be expected behavior, when a mount point is defined for several
machines, but not used in all of them
(From OE-Core rev: c7c6b273656a3e2b8b959004b996e56d4086ce5e)
Signed-off-by: Vyacheslav Yurkov <Vyacheslav.Yurkov@bruker.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit a9c604b5e0d943b5b5f7c8bdd5be730c2abcf866)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The code to parse arguments was inadvertently skipping all arguments in
the elif block after gl-es if it was specified on the command line.
(From OE-Core rev: dd1dcfada1fa46ecb8227c2852769b35026875d3)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 718bb8d56f6a24c86e67830a7d13af54df2ebb4e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Instead of changing the script environment to affect the child
processes, make a copy of the environment with modifications and pass
that to subprocess.
Specifically, when dri rendering is enabled, LD_PRELOAD was being passed
to all processes created by the script which resulted in other commands
(e.g. stty) exiting with a failure like:
/bin/sh: symbol lookup error: sysroots-uninative/x86_64-linux/lib/librt.so.1: undefined symbol: __libc_unwind_link_get, version GLIBC_PRIVATE
Making a copy of the environment fixes this because the LD_PRELOAD is
now only passed to qemu itself.
(From OE-Core rev: 91c2449d4e873b2cec8777d71e218a12f899669d)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 2232599d330bd5f2a9e206b490196569ad855de8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
With libjack-devel or jack-audio-connection-kit-devel, qemu-native
detects the library/header and tries to build with it. Since its
missing from the sysroot, it fails to build.
-O2 -fPIE -D_REENTRANT -Wno-undef -MD -MQ libcommon.fa.p/audio_jackaudio.c.o
-MF libcommon.fa.p/audio_jackaudio.c.o.d -o libcommon.fa.p/audio_jackaudio.c.o
-c ../qemu-6.2.0/audio/jackaudio.c
| ../qemu-6.2.0/audio/jackaudio.c:34:10: fatal error: jack/jack.h: No such file
or directory
| 34 | #include <jack/jack.h>
| | ^~~~~~~~~~~~~
| compilation terminated.
(From OE-Core rev: 7c8f23aa594175f2169df0d62051bf42d491a1bb)
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 27260be388f7f9f324ff405e7d8e254925b4ae90)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The custom path of the ca-certificates.crt within the buildtools-tarball requires more
environment variables to be exported. Namely REQUESTS_CA_BUNDLE for the python requests library
and CURL_CA_BUNDLE for curl.
(From OE-Core rev: facafa0f76af9cbf80f862497b66c18b3fbfa60b)
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 5c249db9de8ad8cfe0996ff4fee4c575a5ff1e34)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
0001-nir-nir_opt_move-fix-ALWAYS_INLINE-compiler-error.patch is not
needed by target mesa any more. But it still fails to compile
mesa-native without this patch when DEBUG_BUILD is enabled on Ubuntu
18.04 with gcc 7.5.0:
| ../mesa-22.1.6/src/compiler/nir/nir_inline_helpers.h: In function ‘nir_opt_move_block’:
| ../mesa-22.1.6/src/compiler/nir/nir_opt_move.c:55:1: error: inlining failed in call to
always_inline ‘src_is_ssa’: indirect function call with a yet undetermined callee
| src_is_ssa(nir_src *src, void *state)
| ^~~~~~~~~~
So only apply it for mesa-native.
(From OE-Core rev: f6fb2da56ef1f35b536ebf62a03e10bba59d8276)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit c6a6d0c2680799683d58968c2558a224f27caaa2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ifupdown (0.8.38)
* Remove dependency on lsb-base (Closes: #1020604)
* Remove pump support (no longer in Debian archive)
* Fix error message when turning down VLAN interfaces. Thanks to Aleksandr
Muravjov (Closes: #1007889)
* Ship Ubuntu's integration scripts for systemd-resolved. Thanks to Luca
Boccassi (Closes: #1016798)
* Add rfkill support. Thanks to Sebastian Reichel <email address hidden>
(Closes: #645559)
ifupdown (0.8.39)
* Add execution permission on resolved scripts. Thanks to Vincent Lefèvre
(Closes: #1021259)
(From OE-Core rev: 342fb3183fd1910b76c2bed242bf8b2ea179d217)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f0462e3336c7134aeeb2684692732c187971b330)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
disable-hardcoded-configs.patch
refreshed for new version
Changelo:
=========
- Made it possible again to have FAT32 filesystems with less
than 0xfff5 clusters
- Make FAT32 entries 0 and 1 match what windows 10 does
- Misc source code and configure script cleanup
(From OE-Core rev: 9ac0de44f11123876a92f7d7819d5ff2c20475b7)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b19127f0cd0e10c7180c138284b38c97fa9db7af)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Overview of changes in 1.50.10, 16-09-2022
=========================================
- Avoid some unnecessary strdups
- Fix line height computations with a non-trivial CTM
(From OE-Core rev: 78dc0bf6384349c23a54f59d89988ad242125581)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 884ce27b9cee231e093fe53192d04133c437404e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Include fixes for CVE-2022-3352.
(From OE-Core rev: 9067e3a24bc5558af6a41f2c5e6f16c37116e3ed)
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 8aa707f80ae1cfe89d5e20ec1f1632a65149aed4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: fe33134efbe109b9f3bffa1b05fd6fed8860129c)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 3c87597dcde7676858f76c1066cd87195ecc8aef)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The meson-wrapper adds setup options to facilitate cross-compilation.
The current options are exclusive to the setup sub-command and might
cause issues with other sub-commands.
Update the wrapper to make options sub-command specific.
(From OE-Core rev: 4475250ee0d83cc90322f2fcd9ec8df7c05b6903)
Signed-off-by: Liam Beguin <liambeguin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7bcda141f2019862b4fb5d8dec7956cd8344b420)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: d63c5b210b50a2c332a5c309298ec13b510cc7c8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d820389728b0f5e085954b4f995da2b2014acedf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The CVE number in the patch is a typo. CVE-2022-2053 is not related to
libtiff. So fix it.
(From OE-Core rev: 3ef84008bf729f74f1244e8b57451cdeb3a9e262)
Signed-off-by: Zheng Qiu <zheng.qiu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c9f76ef859b0b4edb83ac098816b625f52c78173)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport fixes from upstream for the following CVEs:
- CVE-2022-3599
- CVE-2022-3597
- CVE-2022-3626
- CVE-2022-3627
- CVE-2022-3570
- CVE-2022-3598
(From OE-Core rev: bfd6d135a555e854e30d45ea36b0cbd612e322df)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 722bbb88777cc3c7d1c8273f1279fc18ba33e87c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 9163db79ec90ff4b8ecd189f5fb6e44e27b9e53b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit e32401d8bf44afcca88af7e4c5948d2c28e1813f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 2017ed15cc5b29319fe1b769c1fcfc5c2f799fd8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 769576f36aac9652525beec5c7e8a4d26632b844)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 3a65a787d1b53f57cd0eedbf7a70ce6dcde0d148)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 5d30f124274d2822d72b56f84eb8c8ae64e31e0d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
encryption
Upstream-Status: Backport from https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b]
Description:
CVE-2022-3358 openssl: Using a Custom Cipher with NID_undef may lead to NULL encryption.
Affects "openssl < 3.0.6"
(From OE-Core rev: c28dc71f17133f6e4470fc0c1a552c743869b3ad)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f98b2273c6f03f8f6029a7a409600ce290817e27)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2022-39253 in git meant file:// urls within submodules were disabled. Add
a parameter to the commands in the tests to allow this to continue to work.
(Bitbake rev: 209f7ba352b60722830157054e3fc56cb9c693eb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a test for special characters in user and password to qualify
decodeurl() inspired by a bug report describing that '=' signs in a
password was problematic.
Add a second test to qualify decodeurl() as related to the change in
commit 628c4bf6c89b [fetch2/__init__: handle @ in package names].
Relates to [YOCTO #14476]
(Bitbake rev: ee04cf09c7022168c035affa654773652a49793e)
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
variables
(Bitbake rev: 72e9847dd578c3cbed52a9c16fea23ebbeef5046)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In the case where hashlib is not available, the try would fail and fall
through resulting in a backtrace on the usage of the 'sig'. The backtrace
itself was confusing and made it difficult to determine what went wrong.
Update the import to be in it's own try block with an appropriate
message to indicate what went wrong.
Note, the current version of ply all of this code has been restructured
so this is not applicable upstream.
Additionally, some versions of hashlib don't appear to implement the
second FIPS related argument. Detect this and support both versions.
(Bitbake rev: 484ab42f440070c0369b81f5c69da860fa47a798)
Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|