diff options
Diffstat (limited to 'poky/meta')
82 files changed, 1719 insertions, 405 deletions
diff --git a/poky/meta/classes-global/sanity.bbclass b/poky/meta/classes-global/sanity.bbclass index 2d1ff7072c..abb52fbe21 100644 --- a/poky/meta/classes-global/sanity.bbclass +++ b/poky/meta/classes-global/sanity.bbclass @@ -475,7 +475,7 @@ def check_wsl(d): bb.warn("You are running bitbake under WSLv2, this works properly but you should optimize your VHDX file eventually to avoid running out of storage space") return None -# Require at least gcc version 7.5. +# Require at least gcc version 8.0 # # This can be fixed on CentOS-7 with devtoolset-6+ # https://www.softwarecollections.org/en/scls/rhscl/devtoolset-6/ @@ -488,8 +488,8 @@ def check_gcc_version(sanity_data): build_cc, version = oe.utils.get_host_compiler_version(sanity_data) if build_cc.strip() == "gcc": - if bb.utils.vercmp_string_op(version, "7.5", "<"): - return "Your version of gcc is older than 7.5 and will break builds. Please install a newer version of gcc (you could use the project's buildtools-extended-tarball or use scripts/install-buildtools).\n" + if bb.utils.vercmp_string_op(version, "8.0", "<"): + return "Your version of gcc is older than 8.0 and will break builds. Please install a newer version of gcc (you could use the project's buildtools-extended-tarball or use scripts/install-buildtools).\n" return None # Tar version 1.24 and onwards handle overwriting symlinks correctly diff --git a/poky/meta/classes-recipe/cargo-update-recipe-crates.bbclass b/poky/meta/classes-recipe/cargo-update-recipe-crates.bbclass index daa363b0dd..8980137d02 100644 --- a/poky/meta/classes-recipe/cargo-update-recipe-crates.bbclass +++ b/poky/meta/classes-recipe/cargo-update-recipe-crates.bbclass @@ -38,25 +38,12 @@ def get_crates(f): if not crates_candidates: raise ValueError("Unable to find any candidate crates that use crates.io") - # Build a list of crates name that have multiple version - crates_multiple_vers = [] - tmp = [] - for c in crates_candidates: - if c['name'] in tmp: - crates_multiple_vers.append(c['name']) - else: - tmp.append(c['name']) - # Update crates uri and their checksum, to avoid name clashing on the checksum - # we need to rename crates of the same name but different version + # we need to rename crates with name and version to have a unique key cksum_list = '' for c in crates_candidates: - if c['name'] in crates_multiple_vers: - rename = "%s-%s" % (c['name'], c['version']) - c_list += '\n crate://crates.io/%s/%s;name=%s \\\' % (c['name'], c['version'], rename) - else: - rename = c['name'] - c_list += '\n crate://crates.io/%s/%s \\\' % (c['name'], c['version']) + rename = "%s-%s" % (c['name'], c['version']) + c_list += '\n crate://crates.io/%s/%s \\\' % (c['name'], c['version']) if 'checksum' in c: cksum_list += '\nSRC_URI[%s.sha256sum] = "%s"' % (rename, c['checksum']) @@ -69,12 +56,22 @@ import os crates = "# Autogenerated with 'bitbake -c update_crates ${PN}'\n\n" found = False for root, dirs, files in os.walk('${CARGO_LOCK_SRC_DIR}'): + # ignore git and patches directories + if root.startswith(os.path.join('${CARGO_LOCK_SRC_DIR}', '.pc')): + continue + if root.startswith(os.path.join('${CARGO_LOCK_SRC_DIR}', '.git')): + continue for file in files: if file == 'Cargo.lock': - crates += get_crates(os.path.join(root, file)) - found = True + try: + cargo_lock_path = os.path.join(root, file) + crates += get_crates(os.path.join(root, file)) + except Exception as e: + raise ValueError("Cannot parse '%s'" % cargo_lock_path) from e + else: + found = True if not found: - raise ValueError("Unable to find Cargo.lock in ${CARGO_LOCK_SRC_DIR}") + raise ValueError("Unable to find any Cargo.lock in ${CARGO_LOCK_SRC_DIR}") open("${TARGET_FILE}", 'w').write(crates) EOF diff --git a/poky/meta/classes-recipe/cargo_common.bbclass b/poky/meta/classes-recipe/cargo_common.bbclass index f503a001dd..82ab25b59c 100644 --- a/poky/meta/classes-recipe/cargo_common.bbclass +++ b/poky/meta/classes-recipe/cargo_common.bbclass @@ -116,6 +116,39 @@ cargo_common_do_configure () { EOF } +python cargo_common_do_patch_paths() { + cargo_config = os.path.join(d.getVar("CARGO_HOME"), "config") + if not os.path.exists(cargo_config): + return + + src_uri = (d.getVar('SRC_URI') or "").split() + if len(src_uri) == 0: + return + + patches = dict() + workdir = d.getVar('WORKDIR') + fetcher = bb.fetch2.Fetch(src_uri, d) + for url in fetcher.urls: + ud = fetcher.ud[url] + if ud.type == 'git': + name = ud.parm.get('name') + destsuffix = ud.parm.get('destsuffix') + if name is not None and destsuffix is not None: + if ud.user: + repo = '%s://%s@%s%s' % (ud.proto, ud.user, ud.host, ud.path) + else: + repo = '%s://%s%s' % (ud.proto, ud.host, ud.path) + path = '%s = { path = "%s" }' % (name, os.path.join(workdir, destsuffix)) + patches.setdefault(repo, []).append(path) + + with open(cargo_config, "a+") as config: + for k, v in patches.items(): + print('\n[patch."%s"]' % k, file=config) + for name in v: + print(name, file=config) +} +do_configure[postfuncs] += "cargo_common_do_patch_paths" + oe_cargo_fix_env () { export CC="${RUST_TARGET_CC}" export CXX="${RUST_TARGET_CXX}" diff --git a/poky/meta/classes-recipe/devicetree.bbclass b/poky/meta/classes-recipe/devicetree.bbclass index ac1d284ccd..ed2a92e447 100644 --- a/poky/meta/classes-recipe/devicetree.bbclass +++ b/poky/meta/classes-recipe/devicetree.bbclass @@ -4,7 +4,7 @@ # SPDX-License-Identifier: MIT # -# This bbclass implements device tree compliation for user provided device tree +# This bbclass implements device tree compilation for user provided device tree # sources. The compilation of the device tree sources is the same as the kernel # device tree compilation process, this includes being able to include sources # from the kernel such as soc dtsi files or header files such as gpio.h. In diff --git a/poky/meta/classes-recipe/setuptools3-base.bbclass b/poky/meta/classes-recipe/setuptools3-base.bbclass index 21b688ced0..d1c1fa095f 100644 --- a/poky/meta/classes-recipe/setuptools3-base.bbclass +++ b/poky/meta/classes-recipe/setuptools3-base.bbclass @@ -23,15 +23,8 @@ export CCSHARED = "-fPIC -DPIC" # the python executable export LINKFORSHARED = "${SECURITY_CFLAGS} -Xlinker -export-dynamic" -FILES:${PN} += "${libdir}/* ${libdir}/${PYTHON_DIR}/*" +FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR}" +FILES:${PN}-staticdev += "${PYTHON_SITEPACKAGES_DIR}/*.a" +FILES:${PN}-dev += "${PYTHON_SITEPACKAGES_DIR}/*.la" -FILES:${PN}-staticdev += "\ - ${PYTHON_SITEPACKAGES_DIR}/*.a \ -" -FILES:${PN}-dev += "\ - ${datadir}/pkgconfig \ - ${libdir}/pkgconfig \ - ${PYTHON_SITEPACKAGES_DIR}/*.la \ -" inherit python3native python3targetconfig - diff --git a/poky/meta/classes-recipe/testimage.bbclass b/poky/meta/classes-recipe/testimage.bbclass index df22bb2344..b48cd96575 100644 --- a/poky/meta/classes-recipe/testimage.bbclass +++ b/poky/meta/classes-recipe/testimage.bbclass @@ -98,7 +98,7 @@ TESTIMAGELOCK:qemuall = "" TESTIMAGE_DUMP_DIR ?= "${LOG_DIR}/runtime-hostdump/" -TESTIMAGE_UPDATE_VARS ?= "DL_DIR WORKDIR DEPLOY_DIR" +TESTIMAGE_UPDATE_VARS ?= "DL_DIR WORKDIR DEPLOY_DIR_IMAGE IMAGE_LINK_NAME" testimage_dump_target () { top -bn1 diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index 5e2da56046..bd9e7e7445 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -32,7 +32,7 @@ CVE_PRODUCT ??= "${BPN}" CVE_VERSION ??= "${PV}" CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK" -CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db" +CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock" CVE_CHECK_LOG ?= "${T}/cve.log" @@ -161,7 +161,7 @@ python do_cve_check () { } addtask cve_check before do_build -do_cve_check[depends] = "cve-update-db-native:do_fetch" +do_cve_check[depends] = "cve-update-nvd2-native:do_fetch" do_cve_check[nostamp] = "1" python cve_check_cleanup () { diff --git a/poky/meta/classes/externalsrc.bbclass b/poky/meta/classes/externalsrc.bbclass index 26c5803ee6..b00fdba8e9 100644 --- a/poky/meta/classes/externalsrc.bbclass +++ b/poky/meta/classes/externalsrc.bbclass @@ -68,9 +68,7 @@ python () { for url in fetch.urls: url_data = fetch.ud[url] parm = url_data.parm - if (url_data.type == 'file' or - url_data.type == 'npmsw' or url_data.type == 'crate' or - 'type' in parm and parm['type'] == 'kmeta'): + if url_data.type in ['file', 'npmsw', 'crate'] or parm.get('type') in ['kmeta', 'git-dependency']: local_srcuri.append(url) d.setVar('SRC_URI', ' '.join(local_srcuri)) diff --git a/poky/meta/classes/report-error.bbclass b/poky/meta/classes/report-error.bbclass index 2f692fbbcc..2b2ad56514 100644 --- a/poky/meta/classes/report-error.bbclass +++ b/poky/meta/classes/report-error.bbclass @@ -107,6 +107,31 @@ python errorreport_handler () { errorreport_savedata(e, jsondata, "error-report.txt") bb.utils.unlockfile(lock) + elif isinstance(e, bb.event.NoProvider): + bb.utils.mkdirhier(logpath) + data = {} + machine = e.data.getVar("MACHINE") + data['machine'] = machine + data['build_sys'] = e.data.getVar("BUILD_SYS") + data['nativelsb'] = nativelsb() + data['distro'] = e.data.getVar("DISTRO") + data['target_sys'] = e.data.getVar("TARGET_SYS") + data['failures'] = [] + data['component'] = str(e._item) + data['branch_commit'] = str(oe.buildcfg.detect_branch(e.data)) + ": " + str(oe.buildcfg.detect_revision(e.data)) + data['bitbake_version'] = e.data.getVar("BB_VERSION") + data['layer_version'] = get_layers_branch_rev(e.data) + data['local_conf'] = get_conf_data(e, 'local.conf') + data['auto_conf'] = get_conf_data(e, 'auto.conf') + taskdata={} + taskdata['log'] = str(e) + taskdata['package'] = str(e._item) + taskdata['task'] = "Nothing provides " + "'" + str(e._item) + "'" + data['failures'].append(taskdata) + lock = bb.utils.lockfile(datafile + '.lock') + errorreport_savedata(e, data, "error-report.txt") + bb.utils.unlockfile(lock) + elif isinstance(e, bb.event.BuildCompleted): lock = bb.utils.lockfile(datafile + '.lock') jsondata = json.loads(errorreport_getdata(e)) @@ -120,4 +145,4 @@ python errorreport_handler () { } addhandler errorreport_handler -errorreport_handler[eventmask] = "bb.event.BuildStarted bb.event.BuildCompleted bb.build.TaskFailed" +errorreport_handler[eventmask] = "bb.event.BuildStarted bb.event.BuildCompleted bb.build.TaskFailed bb.event.NoProvider" diff --git a/poky/meta/conf/distro/include/cve-extra-exclusions.inc b/poky/meta/conf/distro/include/cve-extra-exclusions.inc index a281a8ac65..8965a15b37 100644 --- a/poky/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/poky/meta/conf/distro/include/cve-extra-exclusions.inc @@ -136,6 +136,16 @@ CVE_CHECK_IGNORE += "CVE-2022-1184" # Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29 CVE_CHECK_IGNORE += "CVE-2022-1462" +# https://nvd.nist.gov/vuln/detail/CVE-2022-2196 +# Introduced in version v5.8 5c911beff20aa8639e7a1f28988736c13e03ed54 +# Breaking commit backported in v5.4.47 64b8f33b2e1e687d465b5cb382e7bec495f1e026 +# Patched in kernel since v6.2 2e7eab81425ad6c875f2ed47c0ce01e78afc38a5 +# Backported in version v5.4.233 f93a1a5bdcdd122aae0a3eab7a52c15b71fb725b +# Backported in version v5.10.170 1b0cafaae8884726c597caded50af185ffc13349 +# Backported in version v5.15.96 6b539a7dbb49250f92515c2ba60aea239efc9e35 +# Backported in version v6.1.14 63fada296062e91ad9f871970d4e7f19e21a6a15 +CVE_CHECK_IGNORE += "CVE-2022-2196" + # https://nvd.nist.gov/vuln/detail/CVE-2022-2308 # Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e # Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b @@ -169,6 +179,15 @@ CVE_CHECK_IGNORE += "CVE-2022-2785" # Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5 CVE_CHECK_IGNORE += "CVE-2022-3176" +# https://nvd.nist.gov/vuln/detail/CVE-2022-3424 +# Introduced in version v2.6.33 55484c45dbeca2eec7642932ec3f60f8a2d4bdbf +# Patched in kernel since v6.2 643a16a0eb1d6ac23744bb6e90a00fc21148a9dc +# Backported in version v5.4.229 0078dd8758561540ed30b2c5daa1cb647e758977 +# Backported in version v5.10.163 0f67ed565f20ea2fdd98e3b0b0169d9e580bb83c +# Backported in version v5.15.86 d5c8f9003a289ee2a9b564d109e021fc4d05d106 +# Backported in version v6.1.2 4e947fc71bec7c7da791f8562d5da233b235ba5e +CVE_CHECK_IGNORE += "CVE-2022-3424" + # https://nvd.nist.gov/vuln/detail/CVE-2022-3435 # Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82 # Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438 @@ -365,6 +384,14 @@ CVE_CHECK_IGNORE += "CVE-2022-42896" # 2023 + +# https://nvd.nist.gov/vuln/detail/CVE-2023-0179 +# Patched in kernel since v6.2 696e1a48b1a1b01edad542a1ef293665864a4dd0 +# Backported in version v5.10.164 550efeff989b041f3746118c0ddd863c39ddc1aa +# Backported in version v5.15.89 a8acfe2c6fb99f9375a9325807a179cd8c32e6e3 +# Backported in version v6.1.7 76ef74d4a379faa451003621a84e3498044e7aa3 +CVE_CHECK_IGNORE += "CVE-2023-0179" + # https://nvd.nist.gov/vuln/detail/CVE-2023-0266 # Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 # Patched in kernel since v6.2 56b88b50565cd8b946a2d00b0c83927b7ebb055e @@ -381,6 +408,110 @@ CVE_CHECK_IGNORE += "CVE-2023-0266" # Backported in version v6.1.7 0afa5f0736584411771299074bbeca8c1f9706d4 CVE_CHECK_IGNORE += "CVE-2023-0394" +# https://nvd.nist.gov/vuln/detail/CVE-2023-0461 +# Introduced in version v4.13 734942cc4ea6478eed125af258da1bdbb4afe578 +# Patched in kernel since v6.2 2c02d41d71f90a5168391b6a5f2954112ba2307c +# Backported in version v5.4.229 c6d29a5ffdbc362314853462a0e24e63330a654d +# Backported in version v5.10.163 f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0 +# Backported in version v5.15.88 dadd0dcaa67d27f550131de95c8e182643d2c9d6 +# Backported in version v6.1.5 7d242f4a0c8319821548c7176c09a6e0e71f223c +CVE_CHECK_IGNORE += "CVE-2023-0461" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-0386 +# Introduced in 5.11 459c7c565ac36ba09ffbf24231147f408fde4203 +# Patched in kernel v6.2 4f11ada10d0ad3fd53e2bd67806351de63a4f9c3 +# Backported in version 6.1.9 42fea1c35254c49cce07c600d026cbc00c6d3c81 +# Backported in version 5.15.91 e91308e63710574c4b6a0cadda3e042a3699666e +CVE_CHECK_IGNORE += "CVE-2023-0386" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1073 +# Introduced in v3.16 1b15d2e5b8077670b1e6a33250a0d9577efff4a5 +# Patched in kernel v6.2 b12fece4c64857e5fab4290bf01b2e0317a88456 +# Backported in version 5.10.166 5dc3469a1170dd1344d262a332b26994214eeb58 +# Backported in version 5.15.91 2b49568254365c9c247beb0eabbaa15d0e279d64 +# Backported in version 6.1.9 cdcdc0531a51659527fea4b4d064af343452062d +CVE_CHECK_IGNORE += "CVE-2023-1073" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1074 +# Patched in kernel v6.2 458e279f861d3f61796894cd158b780765a1569f +# Backported in version 5.15.91 3391bd42351be0beb14f438c7556912b9f96cb32 +# Backported in version 6.1.9 9f08bb650078dca24a13fea1c375358ed6292df3 +CVE_CHECK_IGNORE += "CVE-2023-1074" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1076 +# Patched in kernel v6.3 a096ccca6e503a5c575717ff8a36ace27510ab0a +# Backported in version v5.4.235 d92d87000eda9884d49f1acec1c1fccd63cd9b11 +# Backported in version v5.10.173 9a31af61f397500ccae49d56d809b2217d1e2178 +# Backported in version v5.15.99 67f9f02928a34aad0a2c11dab5eea269f5ecf427 +# Backported in version v6.1.16 b4ada752eaf1341f47bfa3d8ada377eca75a8d44 +# Backported in version v6.2.3 4aa4b4b3b3e9551c4de2bf2987247c28805fb8f6 +CVE_CHECK_IGNORE += "CVE-2023-1076" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1077 +# Patched in kernel 6.3rc1 7c4a5b89a0b5a57a64b601775b296abf77a9fe97 +# Backported in version 5.15.99 2c36c390a74981d03f04f01fe7ee9c3ac3ea11f7 +# Backported in version 6.1.16 6b4fcc4e8a3016e85766c161daf0732fca16c3a3 +CVE_CHECK_IGNORE += "CVE-2023-1077" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1078 +# Patched in kernel 6.2 f753a68980cf4b59a80fe677619da2b1804f526d +# Backported in version 5.15.94 528e3f3a4b53df36dafd10cdf6b8c0fe2aa1c4ba +# Backported in version 6.1.12 1d52bbfd469af69fbcae88c67f160ce1b968e7f3 +CVE_CHECK_IGNORE += "CVE-2023-1078" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1079 +# Patched in kernel since v6.3-rc1 4ab3a086d10eeec1424f2e8a968827a6336203df +# Backported in version v5.4.235 dd08e68d04d08d2f42b09162c939a0b0841216cc +# Backported in version v5.10.173 21a2eec4a440060a6eb294dc890eaf553101ba09 +# Backported in version v5.15.99 3959316f8ceb17866646abc6be4a332655407138 +# Backported in version v6.1.16 ee907829b36949c452c6f89485cb2a58e97c048e +# Backported in version v6.2.3 b08bcfb4c97d7bd41b362cff44b2c537ce9e8540 +CVE_CHECK_IGNORE += "CVE-2023-1079" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1118 +# Introduced in version v2.6.36 9ea53b74df9c4681f5bb2da6b2e10e37d87ea6d6 +# Patched in kernel since v6.3-rc1 29b0589a865b6f66d141d79b2dd1373e4e50fe17 +# Backported in version v5.4.235 d120334278b370b6a1623a75ebe53b0c76cb247c +# Backported in version v5.10.173 78da5a378bdacd5bf68c3a6389bdc1dd0c0f5b3c +# Backported in version v5.15.99 29962c478e8b2e6a6154d8d84b8806dbe36f9c28 +# Backported in version v6.1.16 029c1410e345ce579db5c007276340d072aac54a +# Backported in version v6.2.3 182ea492aae5b64067277e60a4ea5995c4628555 +CVE_CHECK_IGNORE += "CVE-2023-1118" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1281 +# Introduced in version v4.14 9b0d4446b56904b59ae3809913b0ac760fa941a6 +# Patched in kernel since v6.2 ee059170b1f7e94e55fa6cadee544e176a6e59c2 +# Backported in version v5.10.169 eb8e9d8572d1d9df17272783ad8a84843ce559d4 +# Backported in version v5.15.95 becf55394f6acb60dd60634a1c797e73c747f9da +# Backported in version v6.1.13 bd662ba56187b5ef8a62a3511371cd38299a507f +CVE_CHECK_IGNORE += "CVE-2023-1281" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1513 +# Patched in kernel since v6.2 2c10b61421a28e95a46ab489fd56c0f442ff6952 +# Backported in version v5.4.232 9f95a161a7deef62d6d2f57b1a69f94e0546d8d8 +# Backported in version v5.10.169 6416c2108ba54d569e4c98d3b62ac78cb12e7107 +# Backported in version v5.15.95 35351e3060d67eed8af1575d74b71347a87425d8 +# Backported in version v6.1.13 747ca7c8a0c7bce004709143d1cd6596b79b1deb +CVE_CHECK_IGNORE += "CVE-2023-1513" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-23005 +# Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b +# Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee +# But, the CVE is disputed: +# > NOTE: this is disputed by third parties because there are no realistic cases +# > in which a user can cause the alloc_memory_type error case to be reached. +# See: https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2 +# We can safely ignore it. +CVE_CHECK_IGNORE += "CVE-2023-23005" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-28466 +# Introduced in version v4.13 3c4d7559159bfe1e3b94df3a657b2cda3a34e218 +# Patched in kernel since v6.3-rc2 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962 +# Backported in version v5.15.105 0b54d75aa43a1edebc8a3770901f5c3557ee0daa +# Backported in version v6.1.20 14c17c673e1bba08032d245d5fb025d1cbfee123 +# Backported in version v6.2.7 5231fa057bb0e52095591b303cf95ebd17bc62ce +CVE_CHECK_IGNORE += "CVE-2023-28466" + # Wrong CPE in NVD database # https://nvd.nist.gov/vuln/detail/CVE-2022-3563 # https://nvd.nist.gov/vuln/detail/CVE-2022-3637 diff --git a/poky/meta/conf/distro/include/tcmode-default.inc b/poky/meta/conf/distro/include/tcmode-default.inc index ef61377491..f9e88ca426 100644 --- a/poky/meta/conf/distro/include/tcmode-default.inc +++ b/poky/meta/conf/distro/include/tcmode-default.inc @@ -25,7 +25,7 @@ LINUXLIBCVERSION ?= "6.1%" QEMUVERSION ?= "7.2%" GOVERSION ?= "1.20%" LLVMVERSION ?= "15.%" -RUSTVERSION ?= "1.67%" +RUSTVERSION ?= "1.68%" PREFERRED_VERSION_gcc ?= "${GCCVERSION}" PREFERRED_VERSION_gcc-cross-${TARGET_ARCH} ?= "${GCCVERSION}" diff --git a/poky/meta/lib/oe/gpg_sign.py b/poky/meta/lib/oe/gpg_sign.py index 613dab8561..ede6186c84 100644 --- a/poky/meta/lib/oe/gpg_sign.py +++ b/poky/meta/lib/oe/gpg_sign.py @@ -5,11 +5,12 @@ # """Helper module for GPG signing""" -import os import bb -import subprocess +import os import shlex +import subprocess +import tempfile class LocalSigner(object): """Class for handling local (on the build host) signing""" @@ -73,8 +74,6 @@ class LocalSigner(object): cmd += ['--homedir', self.gpg_path] if armor: cmd += ['--armor'] - if output_suffix: - cmd += ['-o', input_file + "." + output_suffix] if use_sha256: cmd += ['--digest-algo', "SHA256"] @@ -83,19 +82,27 @@ class LocalSigner(object): if self.gpg_version > (2,1,): cmd += ['--pinentry-mode', 'loopback'] - cmd += [input_file] - try: if passphrase_file: with open(passphrase_file) as fobj: passphrase = fobj.readline(); - job = subprocess.Popen(cmd, stdin=subprocess.PIPE, stderr=subprocess.PIPE) - (_, stderr) = job.communicate(passphrase.encode("utf-8")) + if not output_suffix: + output_suffix = 'asc' if armor else 'sig' + output_file = input_file + "." + output_suffix + with tempfile.TemporaryDirectory(dir=os.path.dirname(output_file)) as tmp_dir: + tmp_file = os.path.join(tmp_dir, os.path.basename(output_file)) + cmd += ['-o', tmp_file] + + cmd += [input_file] + + job = subprocess.Popen(cmd, stdin=subprocess.PIPE, stderr=subprocess.PIPE) + (_, stderr) = job.communicate(passphrase.encode("utf-8")) - if job.returncode: - bb.fatal("GPG exited with code %d: %s" % (job.returncode, stderr.decode("utf-8"))) + if job.returncode: + bb.fatal("GPG exited with code %d: %s" % (job.returncode, stderr.decode("utf-8"))) + os.rename(tmp_file, output_file) except IOError as e: bb.error("IO error (%s): %s" % (e.errno, e.strerror)) raise Exception("Failed to sign '%s'" % input_file) diff --git a/poky/meta/lib/oe/patch.py b/poky/meta/lib/oe/patch.py index b2dc8d0a90..d047b3b947 100644 --- a/poky/meta/lib/oe/patch.py +++ b/poky/meta/lib/oe/patch.py @@ -499,6 +499,36 @@ class GitApplyTree(PatchTree): finally: shutil.rmtree(tempdir) + def _need_dirty_check(self): + fetch = bb.fetch2.Fetch([], self.d) + check_dirtyness = False + for url in fetch.urls: + url_data = fetch.ud[url] + parm = url_data.parm + # a git url with subpath param will surely be dirty + # since the git tree from which we clone will be emptied + # from all files that are not in the subpath + if url_data.type == 'git' and parm.get('subpath'): + check_dirtyness = True + return check_dirtyness + + def _commitpatch(self, patch, patchfilevar): + output = "" + # Add all files + shellcmd = ["git", "add", "-f", "-A", "."] + output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir) + # Exclude the patches directory + shellcmd = ["git", "reset", "HEAD", self.patchdir] + output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir) + # Commit the result + (tmpfile, shellcmd) = self.prepareCommit(patch['file'], self.commituser, self.commitemail) + try: + shellcmd.insert(0, patchfilevar) + output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir) + finally: + os.remove(tmpfile) + return output + def _applypatch(self, patch, force = False, reverse = False, run = True): import shutil @@ -534,6 +564,19 @@ class GitApplyTree(PatchTree): shutil.copy2(commithook, applyhook) try: patchfilevar = 'PATCHFILE="%s"' % os.path.basename(patch['file']) + if self._need_dirty_check(): + # Check dirtyness of the tree + try: + output = runcmd(["git", "--work-tree=%s" % reporoot, "status", "--short"]) + except CmdError: + pass + else: + if output: + # The tree is dirty, not need to try to apply patches with git anymore + # since they fail, fallback directly to patch + output = PatchTree._applypatch(self, patch, force, reverse, run) + output += self._commitpatch(patch, patchfilevar) + return output try: shellcmd = [patchfilevar, "git", "--work-tree=%s" % reporoot] self.gitCommandUserOptions(shellcmd, self.commituser, self.commitemail) @@ -560,19 +603,7 @@ class GitApplyTree(PatchTree): except CmdError: # Fall back to patch output = PatchTree._applypatch(self, patch, force, reverse, run) - # Add all files - shellcmd = ["git", "add", "-f", "-A", "."] - output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir) - # Exclude the patches directory - shellcmd = ["git", "reset", "HEAD", self.patchdir] - output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir) - # Commit the result - (tmpfile, shellcmd) = self.prepareCommit(patch['file'], self.commituser, self.commitemail) - try: - shellcmd.insert(0, patchfilevar) - output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir) - finally: - os.remove(tmpfile) + output += self._commitpatch(patch, patchfilevar) return output finally: shutil.rmtree(hooks_dir) diff --git a/poky/meta/lib/oeqa/core/loader.py b/poky/meta/lib/oeqa/core/loader.py index f25b5970e9..d12d5a055c 100644 --- a/poky/meta/lib/oeqa/core/loader.py +++ b/poky/meta/lib/oeqa/core/loader.py @@ -316,6 +316,9 @@ class OETestLoader(unittest.TestLoader): module_name_small in self.modules) \ else False + if any(c.isupper() for c in module.__name__): + raise SystemExit("Module '%s' contains uppercase characters and this isn't supported. Please fix the module name." % module.__name__) + return (load_module, load_underscore) diff --git a/poky/meta/lib/oeqa/runtime/cases/apt.py b/poky/meta/lib/oeqa/runtime/cases/apt.py index 4e09374add..8000645843 100644 --- a/poky/meta/lib/oeqa/runtime/cases/apt.py +++ b/poky/meta/lib/oeqa/runtime/cases/apt.py @@ -39,9 +39,9 @@ class AptRepoTest(AptTest): self.target.run('cd %s; echo deb [ allow-insecure=yes ] %s/all ./ > sources.list' % (apt_get_sourceslist_dir, apt_get_source_server)) def setup_source_config_for_package_install_signed(self): - apt_get_source_server = 'http:\/\/%s:%s' % (self.tc.target.server_ip, self.repo_server.port) + apt_get_source_server = 'http://%s:%s' % (self.tc.target.server_ip, self.repo_server.port) apt_get_sourceslist_dir = '/etc/apt/' - self.target.run("cd %s; cp sources.list sources.list.bak; sed -i 's/\[trusted=yes\] http:\/\/bogus_ip:bogus_port/%s/g' sources.list" % (apt_get_sourceslist_dir, apt_get_source_server)) + self.target.run("cd %s; cp sources.list sources.list.bak; sed -i 's|\[trusted=yes\] http://bogus_ip:bogus_port|%s|g' sources.list" % (apt_get_sourceslist_dir, apt_get_source_server)) def cleanup_source_config_for_package_install(self): apt_get_sourceslist_dir = '/etc/apt/' diff --git a/poky/meta/lib/oeqa/runtime/cases/buildcpio.py b/poky/meta/lib/oeqa/runtime/cases/buildcpio.py index bd3b46d9ef..3728855d24 100644 --- a/poky/meta/lib/oeqa/runtime/cases/buildcpio.py +++ b/poky/meta/lib/oeqa/runtime/cases/buildcpio.py @@ -29,7 +29,10 @@ class BuildCpioTest(OERuntimeTestCase): @OEHasPackage(['autoconf']) def test_cpio(self): self.project.download_archive() - self.project.run_configure('--disable-maintainer-mode', - 'sed -i -e "/char \*program_name/d" src/global.c;') + self.project.run_configure('--disable-maintainer-mode') + # This sed is needed until + # https://git.savannah.gnu.org/cgit/cpio.git/commit/src/global.c?id=641d3f489cf6238bb916368d4ba0d9325a235afb + # is in a release. + self.project._run(r'sed -i -e "/char \*program_name/d" %s/src/global.c' % self.project.targetdir) self.project.run_make() self.project.run_install() diff --git a/poky/meta/lib/oeqa/runtime/cases/ping.py b/poky/meta/lib/oeqa/runtime/cases/ping.py index 967b44175f..f72460e7f3 100644 --- a/poky/meta/lib/oeqa/runtime/cases/ping.py +++ b/poky/meta/lib/oeqa/runtime/cases/ping.py @@ -5,6 +5,7 @@ # from subprocess import Popen, PIPE +from time import sleep from oeqa.runtime.case import OERuntimeTestCase from oeqa.core.decorator.oetimeout import OETimeout @@ -16,6 +17,7 @@ class PingTest(OERuntimeTestCase): def test_ping(self): output = '' count = 0 + self.assertNotEqual(len(self.target.ip), 0, msg="No target IP address set") try: while count < 5: cmd = 'ping -c 1 %s' % self.target.ip @@ -25,6 +27,7 @@ class PingTest(OERuntimeTestCase): count += 1 else: count = 0 + sleep(1) except OEQATimeoutError: self.fail("Ping timeout error for address %s, count %s, output: %s" % (self.target.ip, count, output)) msg = ('Expected 5 consecutive, got %d.\n' diff --git a/poky/meta/lib/oeqa/runtime/cases/systemd.py b/poky/meta/lib/oeqa/runtime/cases/systemd.py index 720b4b517a..37f295492d 100644 --- a/poky/meta/lib/oeqa/runtime/cases/systemd.py +++ b/poky/meta/lib/oeqa/runtime/cases/systemd.py @@ -154,7 +154,7 @@ class SystemdJournalTests(SystemdTest): """ # The expression chain that uniquely identifies the time boot message. - expr_items=['Startup finished', 'kernel', 'userspace','\.$'] + expr_items=['Startup finished', 'kernel', 'userspace', r'\.$'] try: output = self.journalctl(args='-o cat --reverse') except AssertionError: diff --git a/poky/meta/lib/oeqa/selftest/cases/bblogging.py b/poky/meta/lib/oeqa/selftest/cases/bblogging.py index 1534a36a85..040c6db089 100644 --- a/poky/meta/lib/oeqa/selftest/cases/bblogging.py +++ b/poky/meta/lib/oeqa/selftest/cases/bblogging.py @@ -105,16 +105,14 @@ class BitBakeLogging(OESelftestTestCase): self.write_config('BBINCLUDELOGS = ""') result = bitbake("logging-test -c pythontest_exit -f -v", ignore_status = True) self.assertIn("ERROR: Logfile of failure stored in:", result.output) - # python tasks don't log output with -v currently - #self.assertCount(result.output, "This is python stdout", 1) + self.assertCount(result.output, "This is python stdout", 1) def test_python_exit_loggingD(self): # logs, verbose self.write_config('BBINCLUDELOGS = "yes"') result = bitbake("logging-test -c pythontest_exit -f -v", ignore_status = True) self.assertIn("ERROR: Logfile of failure stored in:", result.output) - # python tasks don't log output with -v currently - #self.assertCount(result.output, "This is python stdout", 1) + self.assertCount(result.output, "This is python stdout", 1) def test_python_exec_func_python_loggingA(self): # no logs, no verbose @@ -139,8 +137,7 @@ class BitBakeLogging(OESelftestTestCase): result = bitbake("logging-test -c pythontest_exec_func_python -f -v", ignore_status = True) self.assertIn("ERROR: Logfile of failure stored in:", result.output) - # python tasks don't log output with -v currently - #self.assertCount(result.output, "This is python stdout", 1) + self.assertCount(result.output, "This is python stdout", 1) def test_python_exec_func_python_loggingD(self): # logs, verbose @@ -148,8 +145,7 @@ class BitBakeLogging(OESelftestTestCase): result = bitbake("logging-test -c pythontest_exec_func_python -f -v", ignore_status = True) self.assertIn("ERROR: Logfile of failure stored in:", result.output) - # python tasks don't log output with -v currently - #self.assertCount(result.output, "This is python stdout", 1) + self.assertCount(result.output, "This is python stdout", 1) def test_python_fatal_loggingA(self): # no logs, no verbose @@ -173,8 +169,7 @@ class BitBakeLogging(OESelftestTestCase): self.write_config('BBINCLUDELOGS = ""') result = bitbake("logging-test -c pythontest_fatal -f -v", ignore_status = True) self.assertIn("ERROR: Logfile of failure stored in:", result.output) - # python tasks don't log output with -v currently - #self.assertCount(result.output, "This is python fatal test stdout", 1) + self.assertCount(result.output, "This is python fatal test stdout", 1) self.assertCount(result.output, "This is a fatal error", 1) def test_python_fatal_loggingD(self): @@ -182,7 +177,6 @@ class BitBakeLogging(OESelftestTestCase): self.write_config('BBINCLUDELOGS = "yes"') result = bitbake("logging-test -c pythontest_fatal -f -v", ignore_status = True) self.assertIn("ERROR: Logfile of failure stored in:", result.output) - # python tasks don't log output with -v currently - #self.assertCount(result.output, "This is python fatal test stdout", 1) + self.assertCount(result.output, "This is python fatal test stdout", 1) self.assertCount(result.output, "This is a fatal error", 1) diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py index 81d02017c1..94873fd19f 100644 --- a/poky/meta/lib/oeqa/selftest/cases/devtool.py +++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py @@ -848,6 +848,99 @@ class DevtoolModifyTests(DevtoolBase): # Try building bitbake(testrecipe) + def test_devtool_modify_git_crates_subpath(self): + # This tests two things in devtool context: + # - that we support local git dependencies for cargo based recipe + # - that we support patches in SRC_URI when git url contains subpath parameter + + # Check preconditions: + # recipe inherits cargo + # git:// uri with a subpath as the main package + # some crate:// in SRC_URI + # others git:// in SRC_URI + # cointains a patch + testrecipe = 'zvariant' + bb_vars = get_bb_vars(['SRC_URI', 'FILE', 'WORKDIR', 'CARGO_HOME'], testrecipe) + recipefile = bb_vars['FILE'] + workdir = bb_vars['WORKDIR'] + cargo_home = bb_vars['CARGO_HOME'] + src_uri = bb_vars['SRC_URI'].split() + self.assertTrue(src_uri[0].startswith('git://'), + 'This test expects the %s recipe to have a git repo has its main uri' % testrecipe) + self.assertIn(';subpath=', src_uri[0], + 'This test expects the %s recipe to have a git uri with subpath' % testrecipe) + self.assertTrue(any([uri.startswith('crate://') for uri in src_uri]), + 'This test expects the %s recipe to have some crates in its src uris' % testrecipe) + self.assertGreater(sum(map(lambda x:x.startswith('git://'), src_uri)), 2, + 'This test expects the %s recipe to have several git:// uris' % testrecipe) + self.assertTrue(any([uri.startswith('file://') and '.patch' in uri for uri in src_uri]), + 'This test expects the %s recipe to have a patch in its src uris' % testrecipe) + + self._test_recipe_contents(recipefile, {}, ['cargo']) + + # Clean up anything in the workdir/sysroot/sstate cache + bitbake('%s -c cleansstate' % testrecipe) + # Try modifying a recipe + tempdir = tempfile.mkdtemp(prefix='devtoolqa') + self.track_for_cleanup(tempdir) + self.track_for_cleanup(self.workspacedir) + self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe) + self.add_command_to_tearDown('bitbake-layers remove-layer */workspace') + result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir)) + self.assertExists(os.path.join(tempdir, 'Cargo.toml'), 'Extracted source could not be found') + self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output) + matches = glob.glob(os.path.join(self.workspacedir, 'appends', 'zvariant_*.bbappend')) + self.assertTrue(matches, 'bbappend not created') + # Test devtool status + result = runCmd('devtool status') + self.assertIn(testrecipe, result.output) + self.assertIn(tempdir, result.output) + # Check git repo + self._check_src_repo(tempdir) + # Check that the patch is correctly applied + # last commit message in the tree must contain + # %% original patch: <patchname> + # .. + patchname = None + for uri in src_uri: + if uri.startswith('file://') and '.patch' in uri: + patchname = uri.replace("file://", "").partition('.patch')[0] + '.patch' + self.assertIsNotNone(patchname) + result = runCmd('git -C %s log -1' % tempdir) + self.assertIn("%%%% original patch: %s" % patchname, result.output) + + # Configure the recipe to check that the git dependencies are correctly patched in cargo config + bitbake('-c configure %s' % testrecipe) + + cargo_config_path = os.path.join(cargo_home, 'config') + with open(cargo_config_path, "r") as f: + cargo_config_contents = [line.strip('\n') for line in f.readlines()] + + # Get back git dependencies of the recipe (ignoring the main one) + # and check that they are all correctly patched to be fetched locally + git_deps = [uri for uri in src_uri if uri.startswith("git://")][1:] + for git_dep in git_deps: + raw_url, _, raw_parms = git_dep.partition(";") + parms = {} + for parm in raw_parms.split(";"): + name_parm, _, value_parm = parm.partition('=') + parms[name_parm]=value_parm + self.assertIn('protocol', parms, 'git dependencies uri should contain the "protocol" parameter') + self.assertIn('name', parms, 'git dependencies uri should contain the "name" parameter') + self.assertIn('destsuffix', parms, 'git dependencies uri should contain the "destsuffix" parameter') + self.assertIn('type', parms, 'git dependencies uri should contain the "type" parameter') + self.assertEqual(parms['type'], 'git-dependency', 'git dependencies uri should have "type=git-dependency"') + raw_url = raw_url.replace("git://", '%s://' % parms['protocol']) + patch_line = '[patch."%s"]' % raw_url + path_patched = os.path.join(workdir, parms['destsuffix']) + path_override_line = '%s = { path = "%s" }' % (parms['name'], path_patched) + # Would have been better to use tomllib to read this file :/ + self.assertIn(patch_line, cargo_config_contents) + self.assertIn(path_override_line, cargo_config_contents) + + # Try to package the recipe + bitbake('-c package_qa %s' % testrecipe) + def test_devtool_modify_localfiles(self): # Check preconditions testrecipe = 'lighttpd' diff --git a/poky/meta/lib/oeqa/selftest/cases/efibootpartition.py b/poky/meta/lib/oeqa/selftest/cases/efibootpartition.py index e17da9f9a0..fa74103dec 100644 --- a/poky/meta/lib/oeqa/selftest/cases/efibootpartition.py +++ b/poky/meta/lib/oeqa/selftest/cases/efibootpartition.py @@ -15,7 +15,7 @@ class GenericEFITest(OESelftestTestCase): @skipIfNotMachine("qemux86-64", "test is qemux86-64 specific currently") def test_boot_efi(self): cmd = "runqemu nographic serial wic ovmf" - if oe.types.qemu_use_kvm(self.td['QEMU_USE_KVM'], self.td["TARGET_ARCH"]): + if oe.types.qemu_use_kvm(self.td.get('QEMU_USE_KVM', 0), self.td["TARGET_ARCH"]): cmd += " kvm" image = "core-image-minimal" diff --git a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py index d31b43d9cc..0292c882f2 100644 --- a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py +++ b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py @@ -229,10 +229,10 @@ UBINIZE_ARGS_mtd_4_256 ?= "-m 4096 -p 256KiB" self.assertTrue(os.path.exists(image_path), "%s image %s doesn't exist" % (itype, image_path)) else: - image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.%s" % (bb_vars['IMAGE_LINK_NAME'], itype)) - # check if result image is in deploy directory - self.assertTrue(os.path.exists(image_path), - "%s image %s doesn't exist" % (itype, image_path)) + image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.%s" % (bb_vars['IMAGE_LINK_NAME'], itype)) + # check if result image is in deploy directory + self.assertTrue(os.path.exists(image_path), + "%s image %s doesn't exist" % (itype, image_path)) def test_useradd_static(self): config = """ diff --git a/poky/meta/lib/oeqa/selftest/cases/runqemu.py b/poky/meta/lib/oeqa/selftest/cases/runqemu.py index e72ff529c4..f01e1eec66 100644 --- a/poky/meta/lib/oeqa/selftest/cases/runqemu.py +++ b/poky/meta/lib/oeqa/selftest/cases/runqemu.py @@ -4,14 +4,15 @@ # SPDX-License-Identifier: MIT # +import os import re -import tempfile import time import oe.types from oeqa.core.decorator import OETestTag from oeqa.core.decorator.data import skipIfNotArch, skipIfNotMachine from oeqa.selftest.case import OESelftestTestCase -from oeqa.utils.commands import bitbake, runqemu, get_bb_var, runCmd +from oeqa.utils.commands import bitbake, runqemu, get_bb_var + @OETestTag("runqemu") class RunqemuTests(OESelftestTestCase): @@ -23,8 +24,8 @@ class RunqemuTests(OESelftestTestCase): def setUpLocal(self): super(RunqemuTests, self).setUpLocal() self.recipe = 'core-image-minimal' - self.machine = self.td['MACHINE'] - self.image_link_name = get_bb_var('IMAGE_LINK_NAME', self.recipe) + self.machine = self.td['MACHINE'] + self.image_link_name = get_bb_var('IMAGE_LINK_NAME', self.recipe) self.fstypes = "ext4" if self.td["HOST_ARCH"] in ('i586', 'i686', 'x86_64'): @@ -61,7 +62,8 @@ SYSLINUX_TIMEOUT = "10" cmd = "%s %s ext4" % (self.cmd_common, self.machine) with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu: with open(qemu.qemurunnerlog) as f: - self.assertIn('rootfs.ext4', f.read(), "Failed: %s" % cmd) + regexp = r'\nROOTFS: .*\.ext4]\n' + self.assertRegex(f.read(), regexp, "Failed to find '%s' in '%s' after running '%s'" % (regexp, qemu.qemurunnerlog, cmd)) @skipIfNotArch(['i586', 'i686', 'x86_64']) def test_boot_machine_iso(self): @@ -69,7 +71,8 @@ SYSLINUX_TIMEOUT = "10" cmd = "%s %s iso" % (self.cmd_common, self.machine) with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu: with open(qemu.qemurunnerlog) as f: - self.assertIn('media=cdrom', f.read(), "Failed: %s" % cmd) + text_in = 'media=cdrom' + self.assertIn(text_in, f.read(), "Failed to find '%s' in '%s' after running '%s'" % (text_in, qemu.qemurunnerlog, cmd)) def test_boot_recipe_image(self): """Test runqemu recipe-image""" @@ -85,7 +88,8 @@ SYSLINUX_TIMEOUT = "10" cmd = "%s %s wic.vmdk" % (self.cmd_common, self.recipe) with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu: with open(qemu.qemurunnerlog) as f: - self.assertIn('format=vmdk', f.read(), "Failed: %s" % cmd) + text_in = 'format=vmdk' + self.assertIn(text_in, f.read(), "Failed to find '%s' in '%s' after running '%s'" % (text_in, qemu.qemurunnerlog, cmd)) @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently") def test_boot_recipe_image_vdi(self): @@ -93,7 +97,8 @@ SYSLINUX_TIMEOUT = "10" cmd = "%s %s wic.vdi" % (self.cmd_common, self.recipe) with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu: with open(qemu.qemurunnerlog) as f: - self.assertIn('format=vdi', f.read(), "Failed: %s" % cmd) + text_in = 'format=vdi' + self.assertIn(text_in, f.read(), "Failed to find '%s' in '%s' after running '%s'" % (text_in, qemu.qemurunnerlog, cmd)) def test_boot_deploy(self): """Test runqemu deploy_dir_image""" @@ -102,7 +107,6 @@ SYSLINUX_TIMEOUT = "10" with open(qemu.qemurunnerlog) as f: self.assertTrue(qemu.runner.logged, "Failed: %s, %s" % (cmd, f.read())) - @skipIfNotArch(['i586', 'i686', 'x86_64']) def test_boot_deploy_hddimg(self): """Test runqemu deploy_dir_image hddimg""" @@ -166,9 +170,9 @@ class QemuTest(OESelftestTestCase): def setUpClass(cls): super(QemuTest, cls).setUpClass() cls.recipe = 'core-image-minimal' - cls.machine = get_bb_var('MACHINE') - cls.deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE') - cls.image_link_name = get_bb_var('IMAGE_LINK_NAME', cls.recipe) + cls.machine = get_bb_var('MACHINE') + cls.deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE') + cls.image_link_name = get_bb_var('IMAGE_LINK_NAME', cls.recipe) cls.cmd_common = "runqemu nographic" cls.qemuboot_conf = "%s.qemuboot.conf" % (cls.image_link_name) cls.qemuboot_conf = os.path.join(cls.deploy_dir_image, cls.qemuboot_conf) diff --git a/poky/meta/lib/oeqa/targetcontrol.py b/poky/meta/lib/oeqa/targetcontrol.py index 1fdff82889..d686fe07ec 100644 --- a/poky/meta/lib/oeqa/targetcontrol.py +++ b/poky/meta/lib/oeqa/targetcontrol.py @@ -7,18 +7,14 @@ # This module is used by testimage.bbclass for setting up and controlling a target machine. import os -import shutil import subprocess import bb -import traceback -import sys import logging from oeqa.utils.sshcontrol import SSHControl from oeqa.utils.qemurunner import QemuRunner from oeqa.utils.qemutinyrunner import QemuTinyRunner from oeqa.utils.dump import TargetDumper from oeqa.utils.dump import MonitorDumper -from oeqa.controllers.testtargetloader import TestTargetLoader from abc import ABCMeta, abstractmethod class BaseTarget(object, metaclass=ABCMeta): @@ -42,7 +38,7 @@ class BaseTarget(object, metaclass=ABCMeta): if os.path.islink(sshloglink): os.unlink(sshloglink) os.symlink(self.sshlog, sshloglink) - self.logger.info("SSH log file: %s" % self.sshlog) + self.logger.info("SSH log file: %s" % self.sshlog) @abstractmethod def start(self, params=None, ssh=True, extra_bootparams=None): @@ -145,7 +141,7 @@ class QemuTarget(BaseTarget): boottime = int(d.getVar("TEST_QEMUBOOT_TIMEOUT")), use_kvm = use_kvm, dump_dir = dump_dir, - dump_host_cmds = d.getVar("testimage_dump_host"), + dump_host_cmds = dump_host_cmds, logger = logger, tmpfsdir = d.getVar("RUNQEMU_TMPFS_DIR"), serial_ports = len(d.getVar("SERIAL_CONSOLES").split())) @@ -163,7 +159,7 @@ class QemuTarget(BaseTarget): os.unlink(qemuloglink) os.symlink(self.qemulog, qemuloglink) - self.logger.info("rootfs file: %s" % self.rootfs) + self.logger.info("rootfs file: %s" % self.rootfs) self.logger.info("Qemu log file: %s" % self.qemulog) super(QemuTarget, self).deploy() @@ -205,7 +201,7 @@ class QemuTarget(BaseTarget): self.server_ip = self.runner.server_ip self.connection = SSHControl(ip=self.ip, logfile=self.sshlog) else: - raise RuntimError("%s - FAILED to re-start qemu - check the task log and the boot log" % self.pn) + raise RuntimeError("%s - FAILED to re-start qemu - check the task log and the boot log" % self.pn) def run_serial(self, command, timeout=60): return self.runner.run_serial(command, timeout=timeout) diff --git a/poky/meta/lib/oeqa/utils/commands.py b/poky/meta/lib/oeqa/utils/commands.py index f4daea2507..c1f533802e 100644 --- a/poky/meta/lib/oeqa/utils/commands.py +++ b/poky/meta/lib/oeqa/utils/commands.py @@ -8,11 +8,8 @@ # This module is mainly used by scripts/oe-selftest and modules under meta/oeqa/selftest # It provides a class and methods for running commands on the host in a convienent way for tests. - - import os import sys -import signal import subprocess import threading import time @@ -21,6 +18,7 @@ from oeqa.utils import CommandError from oeqa.utils import ftools import re import contextlib +import errno # Export test doesn't require bb try: import bb @@ -85,7 +83,7 @@ class Command(object): except OSError as ex: # It's not an error when the command does not consume all # of our data. subprocess.communicate() also ignores that. - if ex.errno != EPIPE: + if ex.errno != errno.EPIPE: raise # We write in a separate thread because then we can read @@ -117,7 +115,7 @@ class Command(object): else: deadline = time.time() + self.timeout for thread in self.threads: - timeout = deadline - time.time() + timeout = deadline - time.time() if timeout < 0: timeout = 0 thread.join(timeout) diff --git a/poky/meta/lib/oeqa/utils/qemurunner.py b/poky/meta/lib/oeqa/utils/qemurunner.py index 05385763ac..6734cee48d 100644 --- a/poky/meta/lib/oeqa/utils/qemurunner.py +++ b/poky/meta/lib/oeqa/utils/qemurunner.py @@ -238,7 +238,7 @@ class QemuRunner: self.origchldhandler = signal.getsignal(signal.SIGCHLD) signal.signal(signal.SIGCHLD, self.handleSIGCHLD) - self.logger.debug('launchcmd=%s'%(launch_cmd)) + self.logger.debug('launchcmd=%s' % (launch_cmd)) # FIXME: We pass in stdin=subprocess.PIPE here to work around stty # blocking at the end of the runqemu script when using this within @@ -275,7 +275,7 @@ class QemuRunner: os._exit(0) self.logger.debug("runqemu started, pid is %s" % self.runqemu.pid) - self.logger.debug("waiting at most %s seconds for qemu pid (%s)" % + self.logger.debug("waiting at most %d seconds for qemu pid (%s)" % (self.runqemutime, time.strftime("%D %H:%M:%S"))) endtime = time.time() + self.runqemutime while not self.is_alive() and time.time() < endtime: @@ -299,7 +299,7 @@ class QemuRunner: self.logger.warning('runqemu exited with code %d' % self.runqemu.returncode) if not self.is_alive(): - self.logger.error("Qemu pid didn't appear in %s seconds (%s)" % + self.logger.error("Qemu pid didn't appear in %d seconds (%s)" % (self.runqemutime, time.strftime("%D %H:%M:%S"))) qemu_pid = None @@ -332,8 +332,8 @@ class QemuRunner: try: os.chdir(os.path.dirname(qmp_port)) try: - from qmp.legacy import QEMUMonitorProtocol - self.qmp = QEMUMonitorProtocol(os.path.basename(qmp_port)) + from qmp.legacy import QEMUMonitorProtocol + self.qmp = QEMUMonitorProtocol(os.path.basename(qmp_port)) except OSError as msg: self.logger.warning("Failed to initialize qemu monitor socket: %s File: %s" % (msg, msg.filename)) return False @@ -343,8 +343,8 @@ class QemuRunner: self.logger.debug("QMP Port does not exist waiting for it to be created") endtime = time.time() + self.runqemutime while not os.path.exists(qmp_port) and self.is_alive() and time.time() < endtime: - self.logger.info("QMP port does not exist yet!") - time.sleep(0.5) + self.logger.info("QMP port does not exist yet!") + time.sleep(0.5) if not os.path.exists(qmp_port) and self.is_alive(): self.logger.warning("QMP Port still does not exist but QEMU is alive") return False @@ -354,7 +354,7 @@ class QemuRunner: self.qmp.settimeout(self.runqemutime) self.qmp.connect() connect_time = time.time() - self.logger.info("QMP connected to QEMU at %s and took %s seconds" % + self.logger.info("QMP connected to QEMU at %s and took %.2f seconds" % (time.strftime("%D %H:%M:%S"), time.time() - launch_time)) except OSError as msg: @@ -388,14 +388,14 @@ class QemuRunner: # Release the qemu process to continue running self.run_monitor('cont') - self.logger.info("QMP released QEMU at %s and took %s seconds from connect" % + self.logger.info("QMP released QEMU at %s and took %.2f seconds from connect" % (time.strftime("%D %H:%M:%S"), time.time() - connect_time)) # We are alive: qemu is running out = self.getOutput(output) netconf = False # network configuration is not required by default - self.logger.debug("qemu started in %s seconds - qemu procces pid is %s (%s)" % + self.logger.debug("qemu started in %.2f seconds - qemu procces pid is %s (%s)" % (time.time() - (endtime - self.runqemutime), self.qemupid, time.strftime("%D %H:%M:%S"))) cmdline = '' @@ -419,7 +419,7 @@ class QemuRunner: except (IndexError, ValueError): # Try to get network configuration from runqemu output match = re.match(r'.*Network configuration: (?:ip=)*([0-9.]+)::([0-9.]+):([0-9.]+).*', - out, re.MULTILINE|re.DOTALL) + out, re.MULTILINE | re.DOTALL) if match: self.ip, self.server_ip, self.netmask = match.groups() # network configuration is required as we couldn't get it @@ -486,9 +486,9 @@ class QemuRunner: self.server_socket = qemusock stopread = True reachedlogin = True - self.logger.debug("Reached login banner in %s seconds (%s, %s)" % + self.logger.debug("Reached login banner in %.2f seconds (%s)" % (time.time() - (endtime - self.boottime), - time.strftime("%D %H:%M:%S"), time.time())) + time.strftime("%D %H:%M:%S"))) else: # no need to check if reachedlogin unless we support multiple connections self.logger.debug("QEMU socket disconnected before login banner reached. (%s)" % @@ -516,7 +516,7 @@ class QemuRunner: (status, output) = self.run_serial(self.boot_patterns['send_login_user'], raw=True, timeout=120) if re.search(self.boot_patterns['search_login_succeeded'], output): self.logged = True - self.logger.debug("Logged as root in serial console") + self.logger.debug("Logged in as %s in serial console" % self.boot_patterns['send_login_user'].replace("\n", "")) if netconf: # configure guest networking cmd = "ifconfig eth0 %s netmask %s up\n" % (self.ip, self.netmask) @@ -527,7 +527,7 @@ class QemuRunner: self.logger.debug("Couldn't configure guest networking") else: self.logger.warning("Couldn't login into serial console" - " as root using blank password") + " as %s using blank password" % self.boot_patterns['send_login_user'].replace("\n", "")) self.logger.warning("The output:\n%s" % output) except: self.logger.warning("Serial console failed while trying to login") @@ -548,12 +548,12 @@ class QemuRunner: if e.errno != errno.ESRCH: raise try: - outs, errs = self.runqemu.communicate(timeout = self.runqemutime) + outs, errs = self.runqemu.communicate(timeout=self.runqemutime) if outs: self.logger.info("Output from runqemu:\n%s", outs.decode("utf-8")) if errs: self.logger.info("Stderr from runqemu:\n%s", errs.decode("utf-8")) - except TimeoutExpired: + except subprocess.TimeoutExpired: self.logger.debug("Sending SIGKILL to runqemu") os.killpg(os.getpgid(self.runqemu.pid), signal.SIGKILL) if not self.runqemu.stdout.closed: diff --git a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb index a830385352..bf6835e0d6 100644 --- a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -35,7 +35,7 @@ SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de79 # Issue only affects Debian/SUSE, not us CVE_CHECK_IGNORE += "CVE-2021-26720" -DEPENDS = "expat libcap libdaemon glib-2.0" +DEPENDS = "expat libcap libdaemon glib-2.0 glib-2.0-native gobject-introspection" # For gtk related PACKAGECONFIGs: gtk, gtk3 AVAHI_GTK ?= "" diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.12.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.12.bb index abce1c0f45..68dad77cdc 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.18.12.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.18.12.bb @@ -109,6 +109,5 @@ PACKAGE_BEFORE_PN += "${PN}-libs" # https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88 FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" -FILES:${PN}-staticdev += "${libdir}/*.la" DEV_PKG_DEPENDENCY = "" diff --git a/poky/meta/recipes-core/busybox/busybox.inc b/poky/meta/recipes-core/busybox/busybox.inc index 4569acd475..582d87949e 100644 --- a/poky/meta/recipes-core/busybox/busybox.inc +++ b/poky/meta/recipes-core/busybox/busybox.inc @@ -34,6 +34,7 @@ INITSCRIPT_PACKAGES = "${PN}-httpd ${PN}-syslog ${PN}-udhcpd ${PN}-mdev ${PN}-hw INITSCRIPT_NAME:${PN}-httpd = "busybox-httpd" INITSCRIPT_NAME:${PN}-hwclock = "hwclock.sh" +INITSCRIPT_PARAMS:${PN}-hwclock = "start 40 S . stop 20 0 1 6 ." INITSCRIPT_NAME:${PN}-mdev = "mdev" INITSCRIPT_PARAMS:${PN}-mdev = "start 04 S ." INITSCRIPT_NAME:${PN}-syslog = "syslog" diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb index de0813f96c..a5d7617cda 100644 --- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -26,8 +26,8 @@ inherit core-image setuptools3 features_check REQUIRED_DISTRO_FEATURES += "xattr" -SRCREV ?= "c45d58f003e8d8b323169ca9d479dc49c43a9974" -SRC_URI = "git://git.yoctoproject.org/poky;branch=master \ +SRCREV ?= "b8007d3c22d8062bc257e3b29c4561ef7758aa28" +SRC_URI = "git://git.yoctoproject.org/poky;branch=mickledore \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ file://README_VirtualBox_Guest_Additions.txt \ diff --git a/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb b/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb new file mode 100644 index 0000000000..1c14481c21 --- /dev/null +++ b/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -0,0 +1,333 @@ +SUMMARY = "Updates the NVD CVE database" +LICENSE = "MIT" + +# Important note: +# This product uses the NVD API but is not endorsed or certified by the NVD. + +INHIBIT_DEFAULT_DEPS = "1" + +inherit native + +deltask do_unpack +deltask do_patch +deltask do_configure +deltask do_compile +deltask do_install +deltask do_populate_sysroot + +NVDCVE_URL ?= "https://services.nvd.nist.gov/rest/json/cves/2.0" + +# CVE database update interval, in seconds. By default: once a day (24*60*60). +# Use 0 to force the update +# Use a negative value to skip the update +CVE_DB_UPDATE_INTERVAL ?= "86400" + +# Timeout for blocking socket operations, such as the connection attempt. +CVE_SOCKET_TIMEOUT ?= "60" + +CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" + +CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" + +python () { + if not bb.data.inherits_class("cve-check", d): + raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") +} + +python do_fetch() { + """ + Update NVD database with API 2.0 + """ + import bb.utils + import bb.progress + import shutil + + bb.utils.export_proxies(d) + + db_file = d.getVar("CVE_CHECK_DB_FILE") + db_dir = os.path.dirname(db_file) + db_tmp_file = d.getVar("CVE_DB_TEMP_FILE") + + cleanup_db_download(db_file, db_tmp_file) + # By default let's update the whole database (since time 0) + database_time = 0 + + # The NVD database changes once a day, so no need to update more frequently + # Allow the user to force-update + try: + import time + update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL")) + if update_interval < 0: + bb.note("CVE database update skipped") + return + if time.time() - os.path.getmtime(db_file) < update_interval: + bb.note("CVE database recently updated, skipping") + return + database_time = os.path.getmtime(db_file) + + except OSError: + pass + + bb.utils.mkdirhier(db_dir) + if os.path.exists(db_file): + shutil.copy2(db_file, db_tmp_file) + + if update_db_file(db_tmp_file, d, database_time) == True: + # Update downloaded correctly, can swap files + shutil.move(db_tmp_file, db_file) + else: + # Update failed, do not modify the database + bb.warn("CVE database update failed") + os.remove(db_tmp_file) +} + +do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" +do_fetch[file-checksums] = "" +do_fetch[vardeps] = "" + +def cleanup_db_download(db_file, db_tmp_file): + """ + Cleanup the download space from possible failed downloads + """ + + # Clean up the updates done on the main file + # Remove it only if a journal file exists - it means a complete re-download + if os.path.exists("{0}-journal".format(db_file)): + # If a journal is present the last update might have been interrupted. In that case, + # just wipe any leftovers and force the DB to be recreated. + os.remove("{0}-journal".format(db_file)) + + if os.path.exists(db_file): + os.remove(db_file) + + # Clean-up the temporary file downloads, we can remove both journal + # and the temporary database + if os.path.exists("{0}-journal".format(db_tmp_file)): + # If a journal is present the last update might have been interrupted. In that case, + # just wipe any leftovers and force the DB to be recreated. + os.remove("{0}-journal".format(db_tmp_file)) + + if os.path.exists(db_tmp_file): + os.remove(db_tmp_file) + +def nvd_request_next(url, api_key, args): + """ + Request next part of the NVD dabase + """ + + import urllib.request + import urllib.parse + import gzip + + headers = {} + if api_key: + headers['apiKey'] = api_key + + data = urllib.parse.urlencode(args) + + full_request = url + '?' + data + + for attempt in range(3): + try: + r = urllib.request.urlopen(full_request) + + if (r.headers['content-encoding'] == 'gzip'): + buf = r.read() + raw_data = gzip.decompress(buf) + else: + raw_data = r.read().decode("utf-8") + + r.close() + + except UnicodeDecodeError: + # Received garbage, retry + bb.debug(2, "CVE database: received malformed data, retrying (request: %s)" %(full_request)) + pass + except http.client.IncompleteRead: + # Read incomplete, let's try again + bb.debug(2, "CVE database: received incomplete data, retrying (request: %s)" %(full_request)) + pass + else: + return raw_data + else: + # We failed at all attempts + return None + +def update_db_file(db_tmp_file, d, database_time): + """ + Update the given database file + """ + import bb.utils, bb.progress + import datetime + import sqlite3 + import json + + # Connect to database + conn = sqlite3.connect(db_tmp_file) + initialize_db(conn) + + req_args = {'startIndex' : 0} + + # The maximum range for time is 120 days + # Force a complete update if our range is longer + if (database_time != 0): + database_date = datetime.datetime.combine(datetime.date.fromtimestamp(database_time), datetime.time()) + today_date = datetime.datetime.combine(datetime.date.today(), datetime.time()) + delta = today_date - database_date + if delta.days < 120: + bb.debug(2, "CVE database: performing partial update") + req_args['lastModStartDate'] = database_date.isoformat() + req_args['lastModEndDate'] = today_date.isoformat() + else: + bb.note("CVE database: file too old, forcing a full update") + + with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f: + + bb.debug(2, "Updating entries") + index = 0 + url = d.getVar("NVDCVE_URL") + while True: + req_args['startIndex'] = index + raw_data = nvd_request_next(url, None, req_args) + if raw_data is None: + # We haven't managed to download data + return False + + data = json.loads(raw_data) + + index = data["startIndex"] + total = data["totalResults"] + per_page = data["resultsPerPage"] + + for cve in data["vulnerabilities"]: + update_db(conn, cve) + + index += per_page + ph.update((float(index) / (total+1)) * 100) + if index >= total: + break + + # Recommended by NVD + time.sleep(6) + + # Update success, set the date to cve_check file. + cve_f.write('CVE database update : %s\n\n' % datetime.date.today()) + + conn.commit() + conn.close() + return True + +def initialize_db(conn): + with conn: + c = conn.cursor() + + c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") + + c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ + SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") + + c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \ + VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ + VERSION_END TEXT, OPERATOR_END TEXT)") + c.execute("CREATE INDEX IF NOT EXISTS PRODUCT_ID_IDX on PRODUCTS(ID);") + + c.close() + +def parse_node_and_insert(conn, node, cveId): + + def cpe_generator(): + for cpe in node.get('cpeMatch', ()): + if not cpe['vulnerable']: + return + cpe23 = cpe.get('criteria') + if not cpe23: + return + cpe23 = cpe23.split(':') + if len(cpe23) < 6: + return + vendor = cpe23[3] + product = cpe23[4] + version = cpe23[5] + + if cpe23[6] == '*' or cpe23[6] == '-': + version_suffix = "" + else: + version_suffix = "_" + cpe23[6] + + if version != '*' and version != '-': + # Version is defined, this is a '=' match + yield [cveId, vendor, product, version + version_suffix, '=', '', ''] + elif version == '-': + # no version information is available + yield [cveId, vendor, product, version, '', '', ''] + else: + # Parse start version, end version and operators + op_start = '' + op_end = '' + v_start = '' + v_end = '' + + if 'versionStartIncluding' in cpe: + op_start = '>=' + v_start = cpe['versionStartIncluding'] + + if 'versionStartExcluding' in cpe: + op_start = '>' + v_start = cpe['versionStartExcluding'] + + if 'versionEndIncluding' in cpe: + op_end = '<=' + v_end = cpe['versionEndIncluding'] + + if 'versionEndExcluding' in cpe: + op_end = '<' + v_end = cpe['versionEndExcluding'] + + if op_start or op_end or v_start or v_end: + yield [cveId, vendor, product, v_start, op_start, v_end, op_end] + else: + # This is no version information, expressed differently. + # Save processing by representing as -. + yield [cveId, vendor, product, '-', '', '', ''] + + conn.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()).close() + +def update_db(conn, elt): + """ + Update a single entry in the on-disk database + """ + + accessVector = None + cveId = elt['cve']['id'] + if elt['cve']['vulnStatus'] == "Rejected": + return + cveDesc = "" + for desc in elt['cve']['descriptions']: + if desc['lang'] == 'en': + cveDesc = desc['value'] + date = elt['cve']['lastModified'] + try: + accessVector = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['accessVector'] + cvssv2 = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['baseScore'] + except KeyError: + cvssv2 = 0.0 + try: + accessVector = accessVector or elt['impact']['baseMetricV3']['cvssV3']['attackVector'] + cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore'] + except KeyError: + accessVector = accessVector or "UNKNOWN" + cvssv3 = 0.0 + + conn.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", + [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close() + + try: + configurations = elt['cve']['configurations'][0]['nodes'] + for config in configurations: + parse_node_and_insert(conn, config, cveId) + except KeyError: + bb.debug(2, "Entry without a configuration") + +do_fetch[nostamp] = "1" + +EXCLUDE_FROM_WORLD = "1" diff --git a/poky/meta/recipes-devtools/go/go-1.20.1.inc b/poky/meta/recipes-devtools/go/go-1.20.1.inc index b1f569212d..179f0e29eb 100644 --- a/poky/meta/recipes-devtools/go/go-1.20.1.inc +++ b/poky/meta/recipes-devtools/go/go-1.20.1.inc @@ -16,5 +16,6 @@ SRC_URI += "\ file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \ file://0010-cmd-compile-re-compile-instantiated-generic-methods-.patch \ file://CVE-2023-24532.patch \ + file://CVE-2023-24537.patch \ " SRC_URI[main.sha256sum] = "b5c1a3af52c385a6d1c76aed5361cf26459023980d0320de7658bae3915831a2" diff --git a/poky/meta/recipes-devtools/go/go/CVE-2023-24537.patch b/poky/meta/recipes-devtools/go/go/CVE-2023-24537.patch new file mode 100644 index 0000000000..6b5dc2c8d9 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go/CVE-2023-24537.patch @@ -0,0 +1,89 @@ +From 110e4fb1c2e3a21631704bbfaf672230b9ba2492 Mon Sep 17 00:00:00 2001 +From: Damien Neil <dneil@google.com> +Date: Wed, 22 Mar 2023 09:33:22 -0700 +Subject: [PATCH] go/scanner: reject large line and column numbers in //line + directives + +Setting a large line or column number using a //line directive can cause +integer overflow even in small source files. + +Limit line and column numbers in //line directives to 2^30-1, which +is small enough to avoid int32 overflow on all reasonbly-sized files. + +For #59180 +Fixes CVE-2023-24537 + +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1802456 +Reviewed-by: Julie Qiu <julieqiu@google.com> +Reviewed-by: Roland Shoemaker <bracewell@google.com> +Run-TryBot: Damien Neil <dneil@google.com> +Change-Id: I149bf34deca532af7994203fa1e6aca3c890ea14 +Reviewed-on: https://go-review.googlesource.com/c/go/+/482078 +Reviewed-by: Matthew Dempsky <mdempsky@google.com> +TryBot-Bypass: Michael Knyszek <mknyszek@google.com> +Run-TryBot: Michael Knyszek <mknyszek@google.com> +Auto-Submit: Michael Knyszek <mknyszek@google.com> + +CVE: CVE-2023-24537 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + src/go/parser/parser_test.go | 16 ++++++++++++++++ + src/go/scanner/scanner.go | 7 +++++-- + 2 files changed, 21 insertions(+), 2 deletions(-) + +diff --git a/src/go/parser/parser_test.go b/src/go/parser/parser_test.go +index 153562df75068..22b11a0cc4535 100644 +--- a/src/go/parser/parser_test.go ++++ b/src/go/parser/parser_test.go +@@ -764,3 +764,19 @@ func TestRangePos(t *testing.T) { + }) + } + } ++ ++// TestIssue59180 tests that line number overflow doesn't cause an infinite loop. ++func TestIssue59180(t *testing.T) { ++ testcases := []string{ ++ "package p\n//line :9223372036854775806\n\n//", ++ "package p\n//line :1:9223372036854775806\n\n//", ++ "package p\n//line file:9223372036854775806\n\n//", ++ } ++ ++ for _, src := range testcases { ++ _, err := ParseFile(token.NewFileSet(), "", src, ParseComments) ++ if err == nil { ++ t.Errorf("ParseFile(%s) succeeded unexpectedly", src) ++ } ++ } ++} +diff --git a/src/go/scanner/scanner.go b/src/go/scanner/scanner.go +index 16958d22ce299..0cd9f5901d0bb 100644 +--- a/src/go/scanner/scanner.go ++++ b/src/go/scanner/scanner.go +@@ -253,13 +253,16 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) { + return + } + ++ // Put a cap on the maximum size of line and column numbers. ++ // 30 bits allows for some additional space before wrapping an int32. ++ const maxLineCol = 1<<30 - 1 + var line, col int + i2, n2, ok2 := trailingDigits(text[:i-1]) + if ok2 { + //line filename:line:col + i, i2 = i2, i + line, col = n2, n +- if col == 0 { ++ if col == 0 || col > maxLineCol { + s.error(offs+i2, "invalid column number: "+string(text[i2:])) + return + } +@@ -269,7 +272,7 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) { + line = n + } + +- if line == 0 { ++ if line == 0 || line > maxLineCol { + s.error(offs+i, "invalid line number: "+string(text[i:])) + return + } diff --git a/poky/meta/recipes-devtools/llvm/llvm_git.bb b/poky/meta/recipes-devtools/llvm/llvm_git.bb index f133653903..f617b17231 100644 --- a/poky/meta/recipes-devtools/llvm/llvm_git.bb +++ b/poky/meta/recipes-devtools/llvm/llvm_git.bb @@ -82,9 +82,8 @@ EXTRA_OECMAKE += "-DLLVM_ENABLE_ASSERTIONS=OFF \ -DLLVM_OPTIMIZED_TABLEGEN=ON \ -DLLVM_TARGETS_TO_BUILD='${LLVM_TARGETS}' \ -DLLVM_TEMPORARILY_ALLOW_OLD_TOOLCHAIN=ON \ - -DPYTHON_EXECUTABLE=${HOSTTOOLS_DIR}/python3 \ -DCMAKE_BUILD_TYPE=Release \ - -G Ninja" + " EXTRA_OECMAKE:append:class-target = "\ -DCMAKE_CROSSCOMPILING:BOOL=ON \ diff --git a/poky/meta/recipes-devtools/python/python3-bcrypt-crates.inc b/poky/meta/recipes-devtools/python/python3-bcrypt-crates.inc index 1ff66269c4..16d9e55cc5 100644 --- a/poky/meta/recipes-devtools/python/python3-bcrypt-crates.inc +++ b/poky/meta/recipes-devtools/python/python3-bcrypt-crates.inc @@ -53,52 +53,52 @@ SRC_URI += " \ crate://crates.io/zeroize/1.5.7 \ " -SRC_URI[autocfg.sha256sum] = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -SRC_URI[base64.sha256sum] = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" -SRC_URI[bcrypt.sha256sum] = "a7e7c93a3fb23b2fdde989b2c9ec4dd153063ec81f408507f84c090cd91c6641" -SRC_URI[bcrypt-pbkdf.sha256sum] = "f4ef233ffa9cb9c7820b2b0e9efd0821ed180e866c9120ec9f45518659742074" -SRC_URI[bitflags.sha256sum] = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -SRC_URI[block-buffer.sha256sum] = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" -SRC_URI[blowfish.sha256sum] = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7" -SRC_URI[byteorder.sha256sum] = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" -SRC_URI[cfg-if.sha256sum] = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" -SRC_URI[cipher.sha256sum] = "d1873270f8f7942c191139cb8a40fd228da6c3fd2fc376d7e92d47aa14aeb59e" -SRC_URI[cpufeatures.sha256sum] = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" -SRC_URI[crypto-common.sha256sum] = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" -SRC_URI[digest.sha256sum] = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c" -SRC_URI[generic-array.sha256sum] = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" -SRC_URI[getrandom.sha256sum] = "4eb1a864a501629691edf6c15a593b7a51eebaa1e8468e9ddc623de7c9b58ec6" -SRC_URI[indoc.sha256sum] = "47741a8bc60fb26eb8d6e0238bbb26d8575ff623fdc97b1a2c00c050b9684ed8" -SRC_URI[indoc-impl.sha256sum] = "ce046d161f000fffde5f432a0d034d0341dc152643b2598ed5bfce44c4f3a8f0" -SRC_URI[inout.sha256sum] = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" -SRC_URI[instant.sha256sum] = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" -SRC_URI[libc.sha256sum] = "329c933548736bc49fd575ee68c89e8be4d260064184389a5b77517cddd99ffb" -SRC_URI[lock_api.sha256sum] = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" -SRC_URI[once_cell.sha256sum] = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" -SRC_URI[parking_lot.sha256sum] = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" -SRC_URI[parking_lot_core.sha256sum] = "d76e8e1493bcac0d2766c42737f34458f1c8c50c0d23bcb24ea953affb273216" -SRC_URI[paste.sha256sum] = "45ca20c77d80be666aef2b45486da86238fabe33e38306bd3118fe4af33fa880" -SRC_URI[paste-impl.sha256sum] = "d95a7db200b97ef370c8e6de0088252f7e0dfff7d047a28528e47456c0fc98b6" -SRC_URI[pbkdf2.sha256sum] = "271779f35b581956db91a3e55737327a03aa051e90b1c47aeb189508533adfd7" -SRC_URI[proc-macro-hack.sha256sum] = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" -SRC_URI[proc-macro2.sha256sum] = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" -SRC_URI[pyo3.sha256sum] = "d41d50a7271e08c7c8a54cd24af5d62f73ee3a6f6a314215281ebdec421d5752" -SRC_URI[pyo3-build-config.sha256sum] = "779239fc40b8e18bc8416d3a37d280ca9b9fb04bda54b98037bb6748595c2410" -SRC_URI[pyo3-macros.sha256sum] = "00b247e8c664be87998d8628e86f282c25066165f1f8dda66100c48202fdb93a" -SRC_URI[pyo3-macros-backend.sha256sum] = "5a8c2812c412e00e641d99eeb79dd478317d981d938aa60325dfa7157b607095" -SRC_URI[quote.sha256sum] = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" -SRC_URI[redox_syscall.sha256sum] = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" -SRC_URI[scopeguard.sha256sum] = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" -SRC_URI[sha2.sha256sum] = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" -SRC_URI[smallvec.sha256sum] = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" -SRC_URI[subtle.sha256sum] = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" -SRC_URI[syn.sha256sum] = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" -SRC_URI[typenum.sha256sum] = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" -SRC_URI[unicode-ident.sha256sum] = "dcc811dc4066ac62f84f11307873c4850cb653bfa9b1719cee2bd2204a4bc5dd" -SRC_URI[unindent.sha256sum] = "58ee9362deb4a96cef4d437d1ad49cffc9b9e92d202b6995674e928ce684f112" -SRC_URI[version_check.sha256sum] = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" -SRC_URI[wasi.sha256sum] = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" -SRC_URI[winapi.sha256sum] = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" -SRC_URI[winapi-i686-pc-windows-gnu.sha256sum] = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" -SRC_URI[winapi-x86_64-pc-windows-gnu.sha256sum] = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" -SRC_URI[zeroize.sha256sum] = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" +SRC_URI[autocfg-1.1.0.sha256sum] = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +SRC_URI[base64-0.13.0.sha256sum] = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" +SRC_URI[bcrypt-0.13.0.sha256sum] = "a7e7c93a3fb23b2fdde989b2c9ec4dd153063ec81f408507f84c090cd91c6641" +SRC_URI[bcrypt-pbkdf-0.8.1.sha256sum] = "f4ef233ffa9cb9c7820b2b0e9efd0821ed180e866c9120ec9f45518659742074" +SRC_URI[bitflags-1.3.2.sha256sum] = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +SRC_URI[block-buffer-0.10.3.sha256sum] = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" +SRC_URI[blowfish-0.9.1.sha256sum] = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7" +SRC_URI[byteorder-1.4.3.sha256sum] = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" +SRC_URI[cfg-if-1.0.0.sha256sum] = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +SRC_URI[cipher-0.4.3.sha256sum] = "d1873270f8f7942c191139cb8a40fd228da6c3fd2fc376d7e92d47aa14aeb59e" +SRC_URI[cpufeatures-0.2.5.sha256sum] = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" +SRC_URI[crypto-common-0.1.6.sha256sum] = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +SRC_URI[digest-0.10.5.sha256sum] = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c" +SRC_URI[generic-array-0.14.6.sha256sum] = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" +SRC_URI[getrandom-0.2.7.sha256sum] = "4eb1a864a501629691edf6c15a593b7a51eebaa1e8468e9ddc623de7c9b58ec6" +SRC_URI[indoc-0.3.6.sha256sum] = "47741a8bc60fb26eb8d6e0238bbb26d8575ff623fdc97b1a2c00c050b9684ed8" +SRC_URI[indoc-impl-0.3.6.sha256sum] = "ce046d161f000fffde5f432a0d034d0341dc152643b2598ed5bfce44c4f3a8f0" +SRC_URI[inout-0.1.3.sha256sum] = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +SRC_URI[instant-0.1.12.sha256sum] = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +SRC_URI[libc-0.2.134.sha256sum] = "329c933548736bc49fd575ee68c89e8be4d260064184389a5b77517cddd99ffb" +SRC_URI[lock_api-0.4.9.sha256sum] = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" +SRC_URI[once_cell-1.15.0.sha256sum] = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" +SRC_URI[parking_lot-0.11.2.sha256sum] = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" +SRC_URI[parking_lot_core-0.8.5.sha256sum] = "d76e8e1493bcac0d2766c42737f34458f1c8c50c0d23bcb24ea953affb273216" +SRC_URI[paste-0.1.18.sha256sum] = "45ca20c77d80be666aef2b45486da86238fabe33e38306bd3118fe4af33fa880" +SRC_URI[paste-impl-0.1.18.sha256sum] = "d95a7db200b97ef370c8e6de0088252f7e0dfff7d047a28528e47456c0fc98b6" +SRC_URI[pbkdf2-0.10.1.sha256sum] = "271779f35b581956db91a3e55737327a03aa051e90b1c47aeb189508533adfd7" +SRC_URI[proc-macro-hack-0.5.19.sha256sum] = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" +SRC_URI[proc-macro2-1.0.46.sha256sum] = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" +SRC_URI[pyo3-0.15.2.sha256sum] = "d41d50a7271e08c7c8a54cd24af5d62f73ee3a6f6a314215281ebdec421d5752" +SRC_URI[pyo3-build-config-0.15.2.sha256sum] = "779239fc40b8e18bc8416d3a37d280ca9b9fb04bda54b98037bb6748595c2410" +SRC_URI[pyo3-macros-0.15.2.sha256sum] = "00b247e8c664be87998d8628e86f282c25066165f1f8dda66100c48202fdb93a" +SRC_URI[pyo3-macros-backend-0.15.2.sha256sum] = "5a8c2812c412e00e641d99eeb79dd478317d981d938aa60325dfa7157b607095" +SRC_URI[quote-1.0.21.sha256sum] = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" +SRC_URI[redox_syscall-0.2.16.sha256sum] = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" +SRC_URI[scopeguard-1.1.0.sha256sum] = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +SRC_URI[sha2-0.10.6.sha256sum] = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +SRC_URI[smallvec-1.10.0.sha256sum] = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" +SRC_URI[subtle-2.4.1.sha256sum] = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +SRC_URI[syn-1.0.102.sha256sum] = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" +SRC_URI[typenum-1.15.0.sha256sum] = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" +SRC_URI[unicode-ident-1.0.4.sha256sum] = "dcc811dc4066ac62f84f11307873c4850cb653bfa9b1719cee2bd2204a4bc5dd" +SRC_URI[unindent-0.1.10.sha256sum] = "58ee9362deb4a96cef4d437d1ad49cffc9b9e92d202b6995674e928ce684f112" +SRC_URI[version_check-0.9.4.sha256sum] = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +SRC_URI[wasi-0.11.0+wasi-snapshot-preview1.sha256sum] = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" +SRC_URI[winapi-0.3.9.sha256sum] = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +SRC_URI[winapi-i686-pc-windows-gnu-0.4.0.sha256sum] = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" +SRC_URI[winapi-x86_64-pc-windows-gnu-0.4.0.sha256sum] = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" +SRC_URI[zeroize-1.5.7.sha256sum] = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" diff --git a/poky/meta/recipes-devtools/python/python3-cryptography-crates.inc b/poky/meta/recipes-devtools/python/python3-cryptography-crates.inc index 74f47897a6..410c9f4042 100644 --- a/poky/meta/recipes-devtools/python/python3-cryptography-crates.inc +++ b/poky/meta/recipes-devtools/python/python3-cryptography-crates.inc @@ -70,69 +70,69 @@ SRC_URI += " \ crate://crates.io/winapi-x86_64-pc-windows-gnu/0.4.0 \ " -SRC_URI[Inflector.sha256sum] = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3" -SRC_URI[aliasable.sha256sum] = "250f629c0161ad8107cf89319e990051fae62832fd343083bea452d93e2205fd" -SRC_URI[android_system_properties.sha256sum] = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" -SRC_URI[asn1.sha256sum] = "2affba5e62ee09eeba078f01a00c4aed45ac4287e091298eccbb0d4802efbdc5" -SRC_URI[asn1_derive.sha256sum] = "bfab79c195875e5aef2bd20b4c8ed8d43ef9610bcffefbbcf66f88f555cc78af" -SRC_URI[autocfg.sha256sum] = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -SRC_URI[base64.sha256sum] = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" -SRC_URI[bitflags.sha256sum] = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -SRC_URI[bumpalo.sha256sum] = "37ccbd214614c6783386c1af30caf03192f17891059cecc394b4fb119e363de3" -SRC_URI[cc.sha256sum] = "a20104e2335ce8a659d6dd92a51a767a0c062599c73b343fd152cb401e828c3d" -SRC_URI[cfg-if.sha256sum] = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" -SRC_URI[chrono.sha256sum] = "16b0a3d9ed01224b22057780a37bb8c5dbfe1be8ba48678e7bf57ec4b385411f" -SRC_URI[codespan-reporting.sha256sum] = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" -SRC_URI[core-foundation-sys.sha256sum] = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" -SRC_URI[cxx.sha256sum] = "5add3fc1717409d029b20c5b6903fc0c0b02fa6741d820054f4a2efa5e5816fd" -SRC_URI[cxx-build.sha256sum] = "b4c87959ba14bc6fbc61df77c3fcfe180fc32b93538c4f1031dd802ccb5f2ff0" -SRC_URI[cxxbridge-flags.sha256sum] = "69a3e162fde4e594ed2b07d0f83c6c67b745e7f28ce58c6df5e6b6bef99dfb59" -SRC_URI[cxxbridge-macro.sha256sum] = "3e7e2adeb6a0d4a282e581096b06e1791532b7d576dcde5ccd9382acf55db8e6" -SRC_URI[iana-time-zone.sha256sum] = "64c122667b287044802d6ce17ee2ddf13207ed924c712de9a66a5814d5b64765" -SRC_URI[iana-time-zone-haiku.sha256sum] = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca" -SRC_URI[indoc.sha256sum] = "47741a8bc60fb26eb8d6e0238bbb26d8575ff623fdc97b1a2c00c050b9684ed8" -SRC_URI[indoc-impl.sha256sum] = "ce046d161f000fffde5f432a0d034d0341dc152643b2598ed5bfce44c4f3a8f0" -SRC_URI[instant.sha256sum] = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" -SRC_URI[js-sys.sha256sum] = "49409df3e3bf0856b916e2ceaca09ee28e6871cf7d9ce97a692cacfdb2a25a47" -SRC_URI[libc.sha256sum] = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" -SRC_URI[link-cplusplus.sha256sum] = "ecd207c9c713c34f95a097a5b029ac2ce6010530c7b49d7fea24d977dede04f5" -SRC_URI[lock_api.sha256sum] = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" -SRC_URI[log.sha256sum] = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -SRC_URI[num-integer.sha256sum] = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" -SRC_URI[num-traits.sha256sum] = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" -SRC_URI[once_cell.sha256sum] = "2f7254b99e31cad77da24b08ebf628882739a608578bb1bcdfc1f9c21260d7c0" -SRC_URI[ouroboros.sha256sum] = "dfbb50b356159620db6ac971c6d5c9ab788c9cc38a6f49619fca2a27acb062ca" -SRC_URI[ouroboros_macro.sha256sum] = "4a0d9d1a6191c4f391f87219d1ea42b23f09ee84d64763cd05ee6ea88d9f384d" -SRC_URI[parking_lot.sha256sum] = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" -SRC_URI[parking_lot_core.sha256sum] = "60a2cfe6f0ad2bfc16aefa463b497d5c7a5ecd44a23efa72aa342d90177356dc" -SRC_URI[paste.sha256sum] = "45ca20c77d80be666aef2b45486da86238fabe33e38306bd3118fe4af33fa880" -SRC_URI[paste-impl.sha256sum] = "d95a7db200b97ef370c8e6de0088252f7e0dfff7d047a28528e47456c0fc98b6" -SRC_URI[pem.sha256sum] = "03c64931a1a212348ec4f3b4362585eca7159d0d09cbdf4a7f74f02173596fd4" -SRC_URI[proc-macro-error.sha256sum] = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" -SRC_URI[proc-macro-error-attr.sha256sum] = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" -SRC_URI[proc-macro-hack.sha256sum] = "dc375e1527247fe1a97d8b7156678dfe7c1af2fc075c9a4db3690ecd2a148068" -SRC_URI[proc-macro2.sha256sum] = "57a8eca9f9c4ffde41714334dee777596264c7825420f521abc92b5b5deb63a5" -SRC_URI[pyo3.sha256sum] = "d41d50a7271e08c7c8a54cd24af5d62f73ee3a6f6a314215281ebdec421d5752" -SRC_URI[pyo3-build-config.sha256sum] = "779239fc40b8e18bc8416d3a37d280ca9b9fb04bda54b98037bb6748595c2410" -SRC_URI[pyo3-macros.sha256sum] = "00b247e8c664be87998d8628e86f282c25066165f1f8dda66100c48202fdb93a" -SRC_URI[pyo3-macros-backend.sha256sum] = "5a8c2812c412e00e641d99eeb79dd478317d981d938aa60325dfa7157b607095" -SRC_URI[quote.sha256sum] = "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" -SRC_URI[redox_syscall.sha256sum] = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" -SRC_URI[scopeguard.sha256sum] = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" -SRC_URI[scratch.sha256sum] = "ddccb15bcce173023b3fedd9436f882a0739b8dfb45e4f6b6002bee5929f61b2" -SRC_URI[smallvec.sha256sum] = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" -SRC_URI[syn.sha256sum] = "1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5" -SRC_URI[termcolor.sha256sum] = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" -SRC_URI[unicode-ident.sha256sum] = "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" -SRC_URI[unicode-width.sha256sum] = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" -SRC_URI[unindent.sha256sum] = "e1766d682d402817b5ac4490b3c3002d91dfa0d22812f341609f97b08757359c" -SRC_URI[version_check.sha256sum] = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" -SRC_URI[wasm-bindgen.sha256sum] = "eaf9f5aceeec8be17c128b2e93e031fb8a4d469bb9c4ae2d7dc1888b26887268" -SRC_URI[wasm-bindgen-backend.sha256sum] = "4c8ffb332579b0557b52d268b91feab8df3615f265d5270fec2a8c95b17c1142" -SRC_URI[wasm-bindgen-macro.sha256sum] = "052be0f94026e6cbc75cdefc9bae13fd6052cdcaf532fa6c45e7ae33a1e6c810" -SRC_URI[wasm-bindgen-macro-support.sha256sum] = "07bc0c051dc5f23e307b13285f9d75df86bfdf816c5721e573dec1f9b8aa193c" -SRC_URI[wasm-bindgen-shared.sha256sum] = "1c38c045535d93ec4f0b4defec448e4291638ee608530863b1e2ba115d4fff7f" -SRC_URI[winapi.sha256sum] = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" -SRC_URI[winapi-i686-pc-windows-gnu.sha256sum] = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" -SRC_URI[winapi-util.sha256sum] = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" -SRC_URI[winapi-x86_64-pc-windows-gnu.sha256sum] = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" +SRC_URI[Inflector-0.11.4.sha256sum] = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3" +SRC_URI[aliasable-0.1.3.sha256sum] = "250f629c0161ad8107cf89319e990051fae62832fd343083bea452d93e2205fd" +SRC_URI[android_system_properties-0.1.5.sha256sum] = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +SRC_URI[asn1-0.13.0.sha256sum] = "2affba5e62ee09eeba078f01a00c4aed45ac4287e091298eccbb0d4802efbdc5" +SRC_URI[asn1_derive-0.13.0.sha256sum] = "bfab79c195875e5aef2bd20b4c8ed8d43ef9610bcffefbbcf66f88f555cc78af" +SRC_URI[autocfg-1.1.0.sha256sum] = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +SRC_URI[base64-0.13.1.sha256sum] = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" +SRC_URI[bitflags-1.3.2.sha256sum] = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +SRC_URI[bumpalo-3.10.0.sha256sum] = "37ccbd214614c6783386c1af30caf03192f17891059cecc394b4fb119e363de3" +SRC_URI[cc-1.0.78.sha256sum] = "a20104e2335ce8a659d6dd92a51a767a0c062599c73b343fd152cb401e828c3d" +SRC_URI[cfg-if-1.0.0.sha256sum] = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +SRC_URI[chrono-0.4.23.sha256sum] = "16b0a3d9ed01224b22057780a37bb8c5dbfe1be8ba48678e7bf57ec4b385411f" +SRC_URI[codespan-reporting-0.11.1.sha256sum] = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" +SRC_URI[core-foundation-sys-0.8.3.sha256sum] = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" +SRC_URI[cxx-1.0.85.sha256sum] = "5add3fc1717409d029b20c5b6903fc0c0b02fa6741d820054f4a2efa5e5816fd" +SRC_URI[cxx-build-1.0.85.sha256sum] = "b4c87959ba14bc6fbc61df77c3fcfe180fc32b93538c4f1031dd802ccb5f2ff0" +SRC_URI[cxxbridge-flags-1.0.85.sha256sum] = "69a3e162fde4e594ed2b07d0f83c6c67b745e7f28ce58c6df5e6b6bef99dfb59" +SRC_URI[cxxbridge-macro-1.0.85.sha256sum] = "3e7e2adeb6a0d4a282e581096b06e1791532b7d576dcde5ccd9382acf55db8e6" +SRC_URI[iana-time-zone-0.1.53.sha256sum] = "64c122667b287044802d6ce17ee2ddf13207ed924c712de9a66a5814d5b64765" +SRC_URI[iana-time-zone-haiku-0.1.1.sha256sum] = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca" +SRC_URI[indoc-0.3.6.sha256sum] = "47741a8bc60fb26eb8d6e0238bbb26d8575ff623fdc97b1a2c00c050b9684ed8" +SRC_URI[indoc-impl-0.3.6.sha256sum] = "ce046d161f000fffde5f432a0d034d0341dc152643b2598ed5bfce44c4f3a8f0" +SRC_URI[instant-0.1.12.sha256sum] = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +SRC_URI[js-sys-0.3.60.sha256sum] = "49409df3e3bf0856b916e2ceaca09ee28e6871cf7d9ce97a692cacfdb2a25a47" +SRC_URI[libc-0.2.139.sha256sum] = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" +SRC_URI[link-cplusplus-1.0.8.sha256sum] = "ecd207c9c713c34f95a097a5b029ac2ce6010530c7b49d7fea24d977dede04f5" +SRC_URI[lock_api-0.4.9.sha256sum] = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" +SRC_URI[log-0.4.17.sha256sum] = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" +SRC_URI[num-integer-0.1.45.sha256sum] = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" +SRC_URI[num-traits-0.2.15.sha256sum] = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" +SRC_URI[once_cell-1.14.0.sha256sum] = "2f7254b99e31cad77da24b08ebf628882739a608578bb1bcdfc1f9c21260d7c0" +SRC_URI[ouroboros-0.15.5.sha256sum] = "dfbb50b356159620db6ac971c6d5c9ab788c9cc38a6f49619fca2a27acb062ca" +SRC_URI[ouroboros_macro-0.15.5.sha256sum] = "4a0d9d1a6191c4f391f87219d1ea42b23f09ee84d64763cd05ee6ea88d9f384d" +SRC_URI[parking_lot-0.11.2.sha256sum] = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" +SRC_URI[parking_lot_core-0.8.6.sha256sum] = "60a2cfe6f0ad2bfc16aefa463b497d5c7a5ecd44a23efa72aa342d90177356dc" +SRC_URI[paste-0.1.18.sha256sum] = "45ca20c77d80be666aef2b45486da86238fabe33e38306bd3118fe4af33fa880" +SRC_URI[paste-impl-0.1.18.sha256sum] = "d95a7db200b97ef370c8e6de0088252f7e0dfff7d047a28528e47456c0fc98b6" +SRC_URI[pem-1.1.0.sha256sum] = "03c64931a1a212348ec4f3b4362585eca7159d0d09cbdf4a7f74f02173596fd4" +SRC_URI[proc-macro-error-1.0.4.sha256sum] = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +SRC_URI[proc-macro-error-attr-1.0.4.sha256sum] = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +SRC_URI[proc-macro-hack-0.5.20+deprecated.sha256sum] = "dc375e1527247fe1a97d8b7156678dfe7c1af2fc075c9a4db3690ecd2a148068" +SRC_URI[proc-macro2-1.0.49.sha256sum] = "57a8eca9f9c4ffde41714334dee777596264c7825420f521abc92b5b5deb63a5" +SRC_URI[pyo3-0.15.2.sha256sum] = "d41d50a7271e08c7c8a54cd24af5d62f73ee3a6f6a314215281ebdec421d5752" +SRC_URI[pyo3-build-config-0.15.2.sha256sum] = "779239fc40b8e18bc8416d3a37d280ca9b9fb04bda54b98037bb6748595c2410" +SRC_URI[pyo3-macros-0.15.2.sha256sum] = "00b247e8c664be87998d8628e86f282c25066165f1f8dda66100c48202fdb93a" +SRC_URI[pyo3-macros-backend-0.15.2.sha256sum] = "5a8c2812c412e00e641d99eeb79dd478317d981d938aa60325dfa7157b607095" +SRC_URI[quote-1.0.23.sha256sum] = "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" +SRC_URI[redox_syscall-0.2.16.sha256sum] = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" +SRC_URI[scopeguard-1.1.0.sha256sum] = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +SRC_URI[scratch-1.0.3.sha256sum] = "ddccb15bcce173023b3fedd9436f882a0739b8dfb45e4f6b6002bee5929f61b2" +SRC_URI[smallvec-1.10.0.sha256sum] = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" +SRC_URI[syn-1.0.107.sha256sum] = "1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5" +SRC_URI[termcolor-1.1.3.sha256sum] = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +SRC_URI[unicode-ident-1.0.6.sha256sum] = "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" +SRC_URI[unicode-width-0.1.10.sha256sum] = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" +SRC_URI[unindent-0.1.11.sha256sum] = "e1766d682d402817b5ac4490b3c3002d91dfa0d22812f341609f97b08757359c" +SRC_URI[version_check-0.9.4.sha256sum] = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +SRC_URI[wasm-bindgen-0.2.83.sha256sum] = "eaf9f5aceeec8be17c128b2e93e031fb8a4d469bb9c4ae2d7dc1888b26887268" +SRC_URI[wasm-bindgen-backend-0.2.83.sha256sum] = "4c8ffb332579b0557b52d268b91feab8df3615f265d5270fec2a8c95b17c1142" +SRC_URI[wasm-bindgen-macro-0.2.83.sha256sum] = "052be0f94026e6cbc75cdefc9bae13fd6052cdcaf532fa6c45e7ae33a1e6c810" +SRC_URI[wasm-bindgen-macro-support-0.2.83.sha256sum] = "07bc0c051dc5f23e307b13285f9d75df86bfdf816c5721e573dec1f9b8aa193c" +SRC_URI[wasm-bindgen-shared-0.2.83.sha256sum] = "1c38c045535d93ec4f0b4defec448e4291638ee608530863b1e2ba115d4fff7f" +SRC_URI[winapi-0.3.9.sha256sum] = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +SRC_URI[winapi-i686-pc-windows-gnu-0.4.0.sha256sum] = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" +SRC_URI[winapi-util-0.1.5.sha256sum] = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +SRC_URI[winapi-x86_64-pc-windows-gnu-0.4.0.sha256sum] = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/poky/meta/recipes-devtools/python/python3-pygobject_3.42.2.bb b/poky/meta/recipes-devtools/python/python3-pygobject_3.42.2.bb index cc7b07e804..f54f4ce784 100644 --- a/poky/meta/recipes-devtools/python/python3-pygobject_3.42.2.bb +++ b/poky/meta/recipes-devtools/python/python3-pygobject_3.42.2.bb @@ -10,7 +10,7 @@ GIR_MESON_OPTION = "" inherit gnomebase setuptools3-base gobject-introspection upstream-version-is-even -DEPENDS += "python3 glib-2.0" +DEPENDS += "python3 glib-2.0 gobject-introspection" SRCNAME="pygobject" diff --git a/poky/meta/recipes-devtools/python/python3/0001-Update-test_sysconfig-for-posix_user-purelib.patch b/poky/meta/recipes-devtools/python/python3/0001-Update-test_sysconfig-for-posix_user-purelib.patch new file mode 100644 index 0000000000..5e113415c2 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0001-Update-test_sysconfig-for-posix_user-purelib.patch @@ -0,0 +1,39 @@ +From b9f825b298b555c4770024d1f68ef1df65aad20a Mon Sep 17 00:00:00 2001 +From: Wentao Zhang <wentao.zhang@windriver.com> +Date: Mon, 20 Mar 2023 13:39:52 +0800 +Subject: [PATCH] Update test_sysconfig for posix_user purelib + +Steps to trigger the failed test: +Edit local.conf to add something as follows: + BASELIB = "lib64" + IMAGE_INSTALL:append = " python3-tests". +bitbake core-image-sato +runqemu qemux86-64 nographic slirp +Reproducer: + $python3 -m test test_sysconfig + +Update test_sysconfig.test_user_similar() for the posix_user scheme: +"purelib" doesn't use sys.platlibdir. + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Wentao Zhang <wentao.zhang@windriver.com> +--- + Lib/test/test_sysconfig.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py +index d96371d..20aea4b 100644 +--- a/Lib/test/test_sysconfig.py ++++ b/Lib/test/test_sysconfig.py +@@ -373,7 +373,7 @@ class TestSysConfig(unittest.TestCase): + expected = os.path.normpath(global_path.replace(base, user, 1)) + # bpo-44860: platlib of posix_user doesn't use sys.platlibdir, + # whereas posix_prefix does. +- if name == 'platlib': ++ if name == 'platlib' or name == 'purelib': + # Replace "/lib64/python3.11/site-packages" suffix + # with "/lib/python3.11/site-packages". + py_version_short = sysconfig.get_python_version() +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/python/python3_3.11.2.bb b/poky/meta/recipes-devtools/python/python3_3.11.2.bb index 5060722beb..5bd8d32b14 100644 --- a/poky/meta/recipes-devtools/python/python3_3.11.2.bb +++ b/poky/meta/recipes-devtools/python/python3_3.11.2.bb @@ -31,6 +31,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch \ file://deterministic_imports.patch \ file://0001-Avoid-shebang-overflow-on-python-config.py.patch \ + file://0001-Update-test_sysconfig-for-posix_user-purelib.patch \ " SRC_URI:append:class-native = " \ diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index b41055fe5d..e2453dd8bc 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -32,6 +32,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://0001-configure-Fix-check-tcg-not-executing-any-tests.patch \ file://0001-Revert-linux-user-add-more-compat-ioctl-definitions.patch \ file://0002-Revert-linux-user-fix-compat-with-glibc-2.36-sys-mou.patch \ + file://0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch \ file://qemu-guest-agent.init \ file://qemu-guest-agent.udev \ " @@ -207,7 +208,7 @@ PACKAGECONFIG[libudev] = "--enable-libudev,--disable-libudev,eudev" PACKAGECONFIG[attr] = "--enable-attr,--disable-attr,attr," PACKAGECONFIG[rbd] = "--enable-rbd,--disable-rbd,ceph,ceph" PACKAGECONFIG[vhost] = "--enable-vhost-net,--disable-vhost-net,," -PACKAGECONFIG[ust] = "--enable-trace-backend=ust,--enable-trace-backend=nop,lttng-ust," +PACKAGECONFIG[ust] = "--enable-trace-backends=ust,,lttng-ust," PACKAGECONFIG[pie] = "--enable-pie,--disable-pie,," PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp,libseccomp" # libnfs is currently provided by meta-kodi diff --git a/poky/meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch b/poky/meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch new file mode 100644 index 0000000000..5ef1184e3c --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch @@ -0,0 +1,87 @@ +From 348ea441db84a211d4fca7ef5544b5cd06a8a872 Mon Sep 17 00:00:00 2001 +From: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> +Date: Tue, 4 Apr 2023 15:26:07 +0200 +Subject: [PATCH] tracetool: use relative paths for '#line' preprocessor + directives + +The event filename is an absolute path. Convert it to a relative path when +writing '#line' directives, to preserve reproducibility of the generated +output when different base paths are used. + +Upstream-Status: Pending + +--- + scripts/tracetool/backend/ftrace.py | 4 +++- + scripts/tracetool/backend/log.py | 4 +++- + scripts/tracetool/backend/syslog.py | 4 +++- + 3 files changed, 9 insertions(+), 3 deletions(-) + +diff --git a/scripts/tracetool/backend/ftrace.py b/scripts/tracetool/backend/ftrace.py +index 5fa30ccc08..baed2ae61c 100644 +--- a/scripts/tracetool/backend/ftrace.py ++++ b/scripts/tracetool/backend/ftrace.py +@@ -12,6 +12,8 @@ + __email__ = "stefanha@redhat.com" + + ++import os.path ++ + from tracetool import out + + +@@ -45,7 +47,7 @@ def generate_h(event, group): + args=event.args, + event_id="TRACE_" + event.name.upper(), + event_lineno=event.lineno, +- event_filename=event.filename, ++ event_filename=os.path.relpath(event.filename), + fmt=event.fmt.rstrip("\n"), + argnames=argnames) + +diff --git a/scripts/tracetool/backend/log.py b/scripts/tracetool/backend/log.py +index 17ba1cd90e..de27b7e62e 100644 +--- a/scripts/tracetool/backend/log.py ++++ b/scripts/tracetool/backend/log.py +@@ -12,6 +12,8 @@ + __email__ = "stefanha@redhat.com" + + ++import os.path ++ + from tracetool import out + + +@@ -53,7 +55,7 @@ def generate_h(event, group): + ' }', + cond=cond, + event_lineno=event.lineno, +- event_filename=event.filename, ++ event_filename=os.path.relpath(event.filename), + name=event.name, + fmt=event.fmt.rstrip("\n"), + argnames=argnames) +diff --git a/scripts/tracetool/backend/syslog.py b/scripts/tracetool/backend/syslog.py +index 5a3a00fe31..012970f6cc 100644 +--- a/scripts/tracetool/backend/syslog.py ++++ b/scripts/tracetool/backend/syslog.py +@@ -12,6 +12,8 @@ + __email__ = "stefanha@redhat.com" + + ++import os.path ++ + from tracetool import out + + +@@ -41,7 +43,7 @@ def generate_h(event, group): + ' }', + cond=cond, + event_lineno=event.lineno, +- event_filename=event.filename, ++ event_filename=os.path.relpath(event.filename), + name=event.name, + fmt=event.fmt.rstrip("\n"), + argnames=argnames) +-- +2.39.2 + diff --git a/poky/meta/recipes-devtools/rust/cargo_1.67.1.bb b/poky/meta/recipes-devtools/rust/cargo_1.68.1.bb index 2b2394e898..2b2394e898 100644 --- a/poky/meta/recipes-devtools/rust/cargo_1.67.1.bb +++ b/poky/meta/recipes-devtools/rust/cargo_1.68.1.bb diff --git a/poky/meta/recipes-devtools/rust/files/crossbeam_atomic.patch b/poky/meta/recipes-devtools/rust/files/crossbeam_atomic.patch index 51dd3c5f65..0a2910391e 100644 --- a/poky/meta/recipes-devtools/rust/files/crossbeam_atomic.patch +++ b/poky/meta/recipes-devtools/rust/files/crossbeam_atomic.patch @@ -48,34 +48,3 @@ Index: rustc-1.66.0-src/vendor/crossbeam-utils-0.8.12/.cargo-checksum.json \ No newline at end of file +{"files":{"CHANGELOG.md":"65d3e11edf9498bdbc930c8c3878b7d3a90c1a0b1698597dc4a396a547fa0948","Cargo.toml":"1e4259a5a47271e8ae040b91e17652b5a4e0e7e45c3f22de5008db276f3a50bf","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"5734ed989dfca1f625b40281ee9f4530f91b2411ec01cb748223e7eb87e201ab","README.md":"2a19af38a52dd965c2d66bb39f90a85b430b51ee9ccb29e9e1978ee7091e5087","benches/atomic_cell.rs":"c927eb3cd1e5ecc4b91adbc3bde98af15ffab4086190792ba64d5cde0e24df3d","build.rs":"108ba75398e3169c35b0e9754782391e4e4a9f9bf0ae2b216b55d836c4ac9ba8","no_atomic.rs":"f58085b9d0666ccf62e0ae17fb5dae937c0a86fcc55dc0ae04ad8659e696a49c","src/atomic/atomic_cell.rs":"0fc99463e633144c5d59d39c35b5477da1f1b90f5448cadc37454b7f4b97707e","src/atomic/consume.rs":"7a7736fcd64f6473dfea7653559ffc5e1a2a234df43835f8aa8734862145ac15","src/atomic/mod.rs":"94193895fa03cece415e8d7be700b73a9a8a7015774ca821253438607f9b0736","src/atomic/seq_lock.rs":"27182e6b87a9db73c5f6831759f8625f9fcdec3c2828204c444aef04f427735a","src/atomic/seq_lock_wide.rs":"9888dd03116bb89ca36d4ab8d5a0b5032107a2983a7eb8024454263b09080088","src/backoff.rs":"8fd5e3dcccc05860680e49c8498de8096bee9140bcfee8723d97117106a020d0","src/cache_padded.rs":"8bb8925e2df44224ffa29f31a2f9c08d88d8bd3df6c1ce47003598225055fdb5","src/lib.rs":"6f1bcf157abe06ad8458a53e865bf8efab9fad4a9424790147cee8fefb3795d8","src/sync/mod.rs":"eca73c04f821859b8434d2b93db87d160dc6a3f65498ca201cd40d732ca4c134","src/sync/once_lock.rs":"c03dc9c05a817e087dccf8b682f7307501542805533551da3c2bab442bc40743","src/sync/parker.rs":"91f3a7d4ee8d9e06b6558d180e8a0df08ff5c6cef612b4ce4790f9f75cb34f84","src/sync/sharded_lock.rs":"6391b3b99b194b8e0888446c2dec340e4fb095753bcf0c1a80bc654f9c8be0e3","src/sync/wait_group.rs":"3e339aab014f50e214fea535c841755113ea058153378ed54e50a4acb403c937","src/thread.rs":"21cf9b3e965529e5c0a6ff8fc1ec846bfe0006c41deb238a149be8d07384e955","tests/atomic_cell.rs":"bf8bc869c922a1cbf929c3b741bae0cae98f2157f572b5a4eb2873d20a407c22","tests/cache_padded.rs":"1bfaff8354c8184e1ee1f902881ca9400b60effb273b0d3f752801a483d2b66d","tests/parker.rs":"6def4721287d9d70b1cfd63ebb34e1c83fbb3376edbad2bc8aac6ef69dd99d20","tests/sharded_lock.rs":"314adeb8a651a28935f7a49c9a261b8fa1fd82bf6a16c865a5aced6216d7e40b","tests/thread.rs":"9a7d7d3028c552fd834c68598b04a1cc252a816bc20ab62cec060d6cd09cab10","tests/wait_group.rs":"02661c2a820a5abe8b0c8fe15a6650aead707b57cdda0610d1b09a2680ed6969"},"package":"edbafec5fa1f196ca66527c1b12c2ec4745ca14b50f1ad8f9f6f720b55d11fac"} \ No newline at end of file -Index: rustc-1.66.0-src/vendor/crossbeam-utils-0.8.8/.cargo-checksum.json -=================================================================== ---- rustc-1.66.0-src.orig/vendor/crossbeam-utils-0.8.8/.cargo-checksum.json -+++ rustc-1.66.0-src/vendor/crossbeam-utils-0.8.8/.cargo-checksum.json -@@ -1 +1 @@ --{"files":{"CHANGELOG.md":"665a9f2c5fd37c98bef7c1b6eda753b58bb925d87e5b42d7298df973d7590631","Cargo.toml":"fe22292acd6a868e65baf225f90d5678678971642814d2d8e92a03954b8bdb40","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"5734ed989dfca1f625b40281ee9f4530f91b2411ec01cb748223e7eb87e201ab","README.md":"dfa9fbed47c344c134a63c84b7c0e4651baeac1554b7b3266d0e38643743fc33","benches/atomic_cell.rs":"c927eb3cd1e5ecc4b91adbc3bde98af15ffab4086190792ba64d5cde0e24df3d","build.rs":"7e74dc72343ff57e83d0a84a9fbdd9ff1645894165909999b4c3d2fba94bc96c","no_atomic.rs":"71b5f78fd701ce604aa766dd3d825fa5bed774282aae4d6c31d7acb01b1b242f","src/atomic/atomic_cell.rs":"01185588e0e16ba81425677966d0c11887dedc4ac0d4a65991a34057c418adc4","src/atomic/consume.rs":"7a7736fcd64f6473dfea7653559ffc5e1a2a234df43835f8aa8734862145ac15","src/atomic/mod.rs":"94193895fa03cece415e8d7be700b73a9a8a7015774ca821253438607f9b0736","src/atomic/seq_lock.rs":"27182e6b87a9db73c5f6831759f8625f9fcdec3c2828204c444aef04f427735a","src/atomic/seq_lock_wide.rs":"9888dd03116bb89ca36d4ab8d5a0b5032107a2983a7eb8024454263b09080088","src/backoff.rs":"7cc7754e15f69b52e92a70d4f49d1bc274693455a0933a2d7eb0605806566af3","src/cache_padded.rs":"6a512698115ad0d5a5b163dbd7a83247e1f1c146c4a30f3fc74b952e3b767b59","src/lib.rs":"6f1bcf157abe06ad8458a53e865bf8efab9fad4a9424790147cee8fefb3795d8","src/sync/mod.rs":"59986f559a8f170a4b3247ab2eea2460b09809d87c8110ed88e4e7103d3519dc","src/sync/parker.rs":"3f997f5b41fec286ccedcf3d36f801d741387badb574820b8e3456117ecd9154","src/sync/sharded_lock.rs":"14be659744918d0b27db24c56b41c618b0f0484b6761da46561023d96c4c120f","src/sync/wait_group.rs":"32e946a7581c55f8aa9904527b92b177c538fa0cf7cbcfa1d1f25990582cb6ea","src/thread.rs":"6a7676fd4e50af63aec6f655121a10cd6e8c704f4677125388186ba58dc5842d","tests/atomic_cell.rs":"d64faa1ca8896373468308031220940d988aa3a1679ea25d2291a7a7d22bc51a","tests/cache_padded.rs":"1bfaff8354c8184e1ee1f902881ca9400b60effb273b0d3f752801a483d2b66d","tests/parker.rs":"6def4721287d9d70b1cfd63ebb34e1c83fbb3376edbad2bc8aac6ef69dd99d20","tests/sharded_lock.rs":"eb6c5b59f007e0d290dd0f58758e8ccb5cacd38af34e3341368ced815f0c41be","tests/thread.rs":"9a7d7d3028c552fd834c68598b04a1cc252a816bc20ab62cec060d6cd09cab10","tests/wait_group.rs":"ad8f0cdfed31f9594a2e0737234d418f8b924d784a4db8d7e469deab8c95f5f8"},"package":"0bf124c720b7686e3c2663cf54062ab0f68a88af2fb6a030e87e30bf721fcb38"} -\ No newline at end of file -+{"files":{"CHANGELOG.md":"665a9f2c5fd37c98bef7c1b6eda753b58bb925d87e5b42d7298df973d7590631","Cargo.toml":"fe22292acd6a868e65baf225f90d5678678971642814d2d8e92a03954b8bdb40","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"5734ed989dfca1f625b40281ee9f4530f91b2411ec01cb748223e7eb87e201ab","README.md":"dfa9fbed47c344c134a63c84b7c0e4651baeac1554b7b3266d0e38643743fc33","benches/atomic_cell.rs":"c927eb3cd1e5ecc4b91adbc3bde98af15ffab4086190792ba64d5cde0e24df3d","build.rs":"d983d511c89607ce89473779d1ee195e3eb509cc4d3043b9efe6aa2f94c98158","no_atomic.rs":"71b5f78fd701ce604aa766dd3d825fa5bed774282aae4d6c31d7acb01b1b242f","src/atomic/atomic_cell.rs":"01185588e0e16ba81425677966d0c11887dedc4ac0d4a65991a34057c418adc4","src/atomic/consume.rs":"7a7736fcd64f6473dfea7653559ffc5e1a2a234df43835f8aa8734862145ac15","src/atomic/mod.rs":"94193895fa03cece415e8d7be700b73a9a8a7015774ca821253438607f9b0736","src/atomic/seq_lock.rs":"27182e6b87a9db73c5f6831759f8625f9fcdec3c2828204c444aef04f427735a","src/atomic/seq_lock_wide.rs":"9888dd03116bb89ca36d4ab8d5a0b5032107a2983a7eb8024454263b09080088","src/backoff.rs":"7cc7754e15f69b52e92a70d4f49d1bc274693455a0933a2d7eb0605806566af3","src/cache_padded.rs":"6a512698115ad0d5a5b163dbd7a83247e1f1c146c4a30f3fc74b952e3b767b59","src/lib.rs":"6f1bcf157abe06ad8458a53e865bf8efab9fad4a9424790147cee8fefb3795d8","src/sync/mod.rs":"59986f559a8f170a4b3247ab2eea2460b09809d87c8110ed88e4e7103d3519dc","src/sync/parker.rs":"3f997f5b41fec286ccedcf3d36f801d741387badb574820b8e3456117ecd9154","src/sync/sharded_lock.rs":"14be659744918d0b27db24c56b41c618b0f0484b6761da46561023d96c4c120f","src/sync/wait_group.rs":"32e946a7581c55f8aa9904527b92b177c538fa0cf7cbcfa1d1f25990582cb6ea","src/thread.rs":"6a7676fd4e50af63aec6f655121a10cd6e8c704f4677125388186ba58dc5842d","tests/atomic_cell.rs":"d64faa1ca8896373468308031220940d988aa3a1679ea25d2291a7a7d22bc51a","tests/cache_padded.rs":"1bfaff8354c8184e1ee1f902881ca9400b60effb273b0d3f752801a483d2b66d","tests/parker.rs":"6def4721287d9d70b1cfd63ebb34e1c83fbb3376edbad2bc8aac6ef69dd99d20","tests/sharded_lock.rs":"eb6c5b59f007e0d290dd0f58758e8ccb5cacd38af34e3341368ced815f0c41be","tests/thread.rs":"9a7d7d3028c552fd834c68598b04a1cc252a816bc20ab62cec060d6cd09cab10","tests/wait_group.rs":"ad8f0cdfed31f9594a2e0737234d418f8b924d784a4db8d7e469deab8c95f5f8"},"package":"0bf124c720b7686e3c2663cf54062ab0f68a88af2fb6a030e87e30bf721fcb38"} -\ No newline at end of file -Index: rustc-1.66.0-src/vendor/crossbeam-utils-0.8.8/build.rs -=================================================================== ---- rustc-1.66.0-src.orig/vendor/crossbeam-utils-0.8.8/build.rs -+++ rustc-1.66.0-src/vendor/crossbeam-utils-0.8.8/build.rs -@@ -29,7 +29,7 @@ use std::env; - include!("no_atomic.rs"); - - fn main() { -- let target = match env::var("TARGET") { -+ let mut target = match env::var("TARGET") { - Ok(target) => target, - Err(e) => { - println!( -@@ -40,6 +40,8 @@ fn main() { - return; - } - }; -+ let vendor = env::var("TARGET_VENDOR").unwrap(); -+ target = target.replace(&vendor, "-unknown"); - - // Note that this is `no_*`, not `has_*`. This allows treating - // `cfg(target_has_atomic = "ptr")` as true when the build script doesn't diff --git a/poky/meta/recipes-devtools/rust/files/getrandom-open64.patch b/poky/meta/recipes-devtools/rust/files/getrandom-open64.patch index 6fc981e2aa..b35195e837 100644 --- a/poky/meta/recipes-devtools/rust/files/getrandom-open64.patch +++ b/poky/meta/recipes-devtools/rust/files/getrandom-open64.patch @@ -6,24 +6,41 @@ therefore check for target env along when target OS is linux before using open64, this is more available. Latest Musl has made these namespace changes [1] +There is no need for using LFS64 open explicitly as we are only using it +for opening device files and not real files + [1] https://git.musl-libc.org/cgit/musl/commit/?id=246f1c811448f37a44b41cd8df8d0ef9736d95f4 -Upstream-Status: Submitted [https://github.com/rust-random/getrandom/pull/326] +Upstream-Status: Backport [https://github.com/rust-random/getrandom/commit/7f73e3ccc1f53bfc419e4ddcfd343766aa5837b6] Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- a/vendor/getrandom-0.2.0/.cargo-checksum.json -+++ b/vendor/getrandom-0.2.0/.cargo-checksum.json +Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> +--- a/vendor/getrandom/.cargo-checksum.json ++++ b/vendor/getrandom/.cargo-checksum.json @@ -1 +1 @@ --{"files":{"CHANGELOG.md":"4a5b61c82668507beffc7ad33f602257013263d7847cf17a246ef1128ba27950","Cargo.toml":"b59322815506cf16acd6e0cbe2634dec1be0886e686b51fa5cdf5a5ac9fdcf32","LICENSE-APACHE":"aaff376532ea30a0cd5330b9502ad4a4c8bf769c539c87ffe78819d188a18ebf","LICENSE-MIT":"209fbbe0ad52d9235e37badf9cadfe4dbdc87203179c0899e738b39ade42177b","README.md":"e0bacefbe4310c23578c65926bda6e4318750f6718bb6b97ff9a4fa9056af6a6","benches/mod.rs":"5495735ff210a50cab23c2cc84191ed910af7c30395a3d9d6095b722765b3864","build.rs":"90355b5e76dedd97d604cd83b4a0a5ab074bbd4dde9632ee2b56c87c175b1e14","src/bsd_arandom.rs":"d2ee195acd80c7d1364a369ad0d2dad46f5f9f973f9d3960367413fd87acfcd6","src/cloudabi.rs":"9201af65a607587aa8615ec92cfab9d176f4199f6799dad9ca743c51d175028b","src/custom.rs":"f75ef80ec024fe3c97c7faff79de9f7d457993ed3c5f69f21593e140c8b62790","src/error.rs":"f40aa6cb36bc024285dc2e40349fdd3754db949a307ec73831ec253549d2b0a3","src/error_impls.rs":"733ed75ab89a9d0d5a7cc7abd85f31a23d772ea9c1e7c10def1477207d19fd8b","src/fuchsia.rs":"470d8509deb5b06fa6417f294c0a49e0e35a580249a5d8944c3be5aa746f64ea","src/ios.rs":"cc46ee9c48ab746d2af342a242e383b8de840045d3f52fd77ee337161367a1a1","src/lib.rs":"6aff4b429e4b1a07aad2ab7148d7cc9d0987b230597649af42041508320592e0","src/linux_android.rs":"39cb80999c8534145240a350976d261b8924436bf9a4563960c7bd8c2c83c773","src/macos.rs":"b692f2fcc2319a5195f47751d5bd7dd87c7c24a61d14fa4e3dbc992ae66212b7","src/openbsd.rs":"066b2dd395c190444a658bb0b52a052eabbd68ea5a534fb729c7e5373abc0a6a","src/rdrand.rs":"79d23183b1905d61bd9df9729dc798505a2ed750d3339e342ab144e1709827e4","src/solaris_illumos.rs":"9c7004446fabe5a7a21c73d5a65d7e2115b5bd1d1dbb735c984cab3dba239785","src/stdweb.rs":"f140081e47cfbb61937212e7840391bce5adf7829039d732d62b82a19e567dfa","src/test_common.rs":"895d71c06722e3a6f365999d29430f37f571aeb1eb4a525777b760005c9818be","src/test_rdrand.rs":"8c8df6de836463a41808396016428bf0a2a69c715ae96e7e0e7598fcea61ace8","src/use_file.rs":"c9fe635a83614be6f303e40f98b8e678c36ac6d9724b024430d3ea1ad1510add","src/util.rs":"da6964dc1523f1cb8d26365fa6a8ece46360587e6974931624b271f0c72cda8b","src/util_libc.rs":"d851394bc9c43dc09afde1e03401aa6c207858ec58fdffbc5131911b116418c7","src/vxworks.rs":"a5aa0e40f890e0f35626458bb656a3340b8af3111e4bacd2e12505a8d50a3505","src/wasi.rs":"3413e5a391b156f5d05600f4651f7f8eb4df2c8984fca7766ca50c0cfe0b2e9c","src/wasm-bindgen.rs":"0648388724c46697a9b3c654b8d931b2bf187a3193ca1888221d4529f764e376","src/windows.rs":"39dfae2814d958993619c3654bb39745de897971aea7a414fa32f90770850ce2","src/windows_uwp.rs":"672f41a0fac79a71bfaaecad59826c948b8538f69a0133ab1c09a1865ecd6114"},"package":"ee8025cf36f917e6a52cce185b7c7177689b838b7ec138364e50cc2277a56cf4"} +-{"files":{"CHANGELOG.md":"cb054908f44d0e7f229dcc4580bcc4f2c3e2da198c84292710f730b33cc3d5f6","Cargo.toml":"708a5d9c89443b937aa50260e26a01f9ebfdd50a7ae312956795834e3187baf3","LICENSE-APACHE":"aaff376532ea30a0cd5330b9502ad4a4c8bf769c539c87ffe78819d188a18ebf","LICENSE-MIT":"209fbbe0ad52d9235e37badf9cadfe4dbdc87203179c0899e738b39ade42177b","README.md":"7ae74633326a22fd6298d7f209fb14884277bd98049795f444945acbb2b0dfbd","benches/mod.rs":"c01b05c6d690a4b8937d25252f1385a6bff378517318ce832ea520036aabd571","src/3ds.rs":"0f48fc15f89b518fb92e06aaa4838b62dc073598e8f288df56ad1e5a9251af1e","src/bsd_arandom.rs":"d90c419d4def20f83e7535cd3f5ec07035045011a50c3652951d196a120c5d3e","src/custom.rs":"ce4640776d36872dbbd5e194bf29f6bcda3ef4549ca04fe59f5aeab1dea1d821","src/dragonfly.rs":"47f933eac189f6ea48ecf021efd0747ebce1b43d1bece6bbf72a951bab705987","src/error.rs":"ff09a7e02d7aff3e45eca6bbef6c686cc46f3c2371a0897a856e4dec4b942e46","src/error_impls.rs":"9c34832ebb99cd5e31bc5c8ffc5beb5b3fa6f7ff0226aaa1cdf8e10e6d64b324","src/espidf.rs":"19f101486584fde6dad962f4d9792de168658047312106641a5caf6866a5bbcf","src/fuchsia.rs":"470d8509deb5b06fa6417f294c0a49e0e35a580249a5d8944c3be5aa746f64ea","src/ios.rs":"4bad4f5c096a50338b86aeac91a937c18bc55b9555e6f34806ad13732e64523d","src/js.rs":"370610a19045012c87c986279aad6b150cd728a44015dcc5779256e4a2e6629b","src/lib.rs":"8e5c2c8edcbdbf2cee46b86d96d951cc6d5c00f7c11cfc9c27de27e756b5c4cc","src/linux_android.rs":"ec24575aa4ae71b6991290dadfdea931b05397c3faababf24bd794f1a9624835","src/macos.rs":"6c09827ad5292cd022e063efa79523bfdb50ed08b9867ebaa007cd321b8d218e","src/openbsd.rs":"450a23ead462d4a840fee4aa0bfdab1e3d88c8f48e4bb608d457429ddeca69c0","src/rdrand.rs":"79d23183b1905d61bd9df9729dc798505a2ed750d3339e342ab144e1709827e4","src/solaris_illumos.rs":"d52fee9dd7d661f960c01894edd563c1ff8a512c111f7803092d9aa2ff98718e","src/solid.rs":"997035d54c9762d22a5a14f54e7fbed4dd266cdeacbdf6aab7d8aee05537e8ba","src/use_file.rs":"16e42eb0a56e375c330c1ca8eb58c444e82ef3ad35230b961fdba96a02a68804","src/util.rs":"da6964dc1523f1cb8d26365fa6a8ece46360587e6974931624b271f0c72cda8b","src/util_libc.rs":"2a63ac0e6dab16b85c4728b79a16e0640301e8b876f151b0a1db0b4394fa219f","src/vxworks.rs":"a5aa0e40f890e0f35626458bb656a3340b8af3111e4bacd2e12505a8d50a3505","src/wasi.rs":"dfdd0a870581948bd03abe64d49ca4295d9cfa26e09b97a526fd5e17148ad9ca","src/windows.rs":"d0b4f2afd1959660aa9abcd9477764bd7dc0b7d7048aee748804b37963c77c6f","tests/common/mod.rs":"b6beee8f535d2d094a65711fe0af91a6fc220aa09729ed7269fe33cafdc9177f","tests/custom.rs":"9f2c0193193f6bcf641116ca0b3653b33d2015e0e98ce107ee1d1f60c5eeae3a","tests/normal.rs":"9e1c4b1e468a09ed0225370dfb6608f8b8135e0fabb09bbc1a718105164aade6","tests/rdrand.rs":"4474ccebf9d33c89288862a7e367018405968dddc55c7c6f97e21b5fe2264601"},"package":"c05aeb6a22b8f62540c194aac980f2115af067bfe15a0734d7277a768d396b31"} +\ No newline at end of file ++{"files":{"CHANGELOG.md":"cb054908f44d0e7f229dcc4580bcc4f2c3e2da198c84292710f730b33cc3d5f6","Cargo.toml":"708a5d9c89443b937aa50260e26a01f9ebfdd50a7ae312956795834e3187baf3","LICENSE-APACHE":"aaff376532ea30a0cd5330b9502ad4a4c8bf769c539c87ffe78819d188a18ebf","LICENSE-MIT":"209fbbe0ad52d9235e37badf9cadfe4dbdc87203179c0899e738b39ade42177b","README.md":"7ae74633326a22fd6298d7f209fb14884277bd98049795f444945acbb2b0dfbd","benches/mod.rs":"c01b05c6d690a4b8937d25252f1385a6bff378517318ce832ea520036aabd571","src/3ds.rs":"0f48fc15f89b518fb92e06aaa4838b62dc073598e8f288df56ad1e5a9251af1e","src/bsd_arandom.rs":"d90c419d4def20f83e7535cd3f5ec07035045011a50c3652951d196a120c5d3e","src/custom.rs":"ce4640776d36872dbbd5e194bf29f6bcda3ef4549ca04fe59f5aeab1dea1d821","src/dragonfly.rs":"47f933eac189f6ea48ecf021efd0747ebce1b43d1bece6bbf72a951bab705987","src/error.rs":"ff09a7e02d7aff3e45eca6bbef6c686cc46f3c2371a0897a856e4dec4b942e46","src/error_impls.rs":"9c34832ebb99cd5e31bc5c8ffc5beb5b3fa6f7ff0226aaa1cdf8e10e6d64b324","src/espidf.rs":"19f101486584fde6dad962f4d9792de168658047312106641a5caf6866a5bbcf","src/fuchsia.rs":"470d8509deb5b06fa6417f294c0a49e0e35a580249a5d8944c3be5aa746f64ea","src/ios.rs":"4bad4f5c096a50338b86aeac91a937c18bc55b9555e6f34806ad13732e64523d","src/js.rs":"370610a19045012c87c986279aad6b150cd728a44015dcc5779256e4a2e6629b","src/lib.rs":"8e5c2c8edcbdbf2cee46b86d96d951cc6d5c00f7c11cfc9c27de27e756b5c4cc","src/linux_android.rs":"ec24575aa4ae71b6991290dadfdea931b05397c3faababf24bd794f1a9624835","src/macos.rs":"6c09827ad5292cd022e063efa79523bfdb50ed08b9867ebaa007cd321b8d218e","src/openbsd.rs":"450a23ead462d4a840fee4aa0bfdab1e3d88c8f48e4bb608d457429ddeca69c0","src/rdrand.rs":"79d23183b1905d61bd9df9729dc798505a2ed750d3339e342ab144e1709827e4","src/solaris_illumos.rs":"d52fee9dd7d661f960c01894edd563c1ff8a512c111f7803092d9aa2ff98718e","src/solid.rs":"997035d54c9762d22a5a14f54e7fbed4dd266cdeacbdf6aab7d8aee05537e8ba","src/use_file.rs":"16e42eb0a56e375c330c1ca8eb58c444e82ef3ad35230b961fdba96a02a68804","src/util.rs":"da6964dc1523f1cb8d26365fa6a8ece46360587e6974931624b271f0c72cda8b","src/util_libc.rs":"a47b20e73637fed248405650f56358f3339e511b217b7ba80e32011d8ee2ca22","src/vxworks.rs":"a5aa0e40f890e0f35626458bb656a3340b8af3111e4bacd2e12505a8d50a3505","src/wasi.rs":"dfdd0a870581948bd03abe64d49ca4295d9cfa26e09b97a526fd5e17148ad9ca","src/windows.rs":"d0b4f2afd1959660aa9abcd9477764bd7dc0b7d7048aee748804b37963c77c6f","tests/common/mod.rs":"b6beee8f535d2d094a65711fe0af91a6fc220aa09729ed7269fe33cafdc9177f","tests/custom.rs":"9f2c0193193f6bcf641116ca0b3653b33d2015e0e98ce107ee1d1f60c5eeae3a","tests/normal.rs":"9e1c4b1e468a09ed0225370dfb6608f8b8135e0fabb09bbc1a718105164aade6","tests/rdrand.rs":"4474ccebf9d33c89288862a7e367018405968dddc55c7c6f97e21b5fe2264601"},"package":"c05aeb6a22b8f62540c194aac980f2115af067bfe15a0734d7277a768d396b31"} \ No newline at end of file -+{"files":{"CHANGELOG.md":"4a5b61c82668507beffc7ad33f602257013263d7847cf17a246ef1128ba27950","Cargo.toml":"b59322815506cf16acd6e0cbe2634dec1be0886e686b51fa5cdf5a5ac9fdcf32","LICENSE-APACHE":"aaff376532ea30a0cd5330b9502ad4a4c8bf769c539c87ffe78819d188a18ebf","LICENSE-MIT":"209fbbe0ad52d9235e37badf9cadfe4dbdc87203179c0899e738b39ade42177b","README.md":"e0bacefbe4310c23578c65926bda6e4318750f6718bb6b97ff9a4fa9056af6a6","benches/mod.rs":"5495735ff210a50cab23c2cc84191ed910af7c30395a3d9d6095b722765b3864","build.rs":"90355b5e76dedd97d604cd83b4a0a5ab074bbd4dde9632ee2b56c87c175b1e14","src/bsd_arandom.rs":"d2ee195acd80c7d1364a369ad0d2dad46f5f9f973f9d3960367413fd87acfcd6","src/cloudabi.rs":"9201af65a607587aa8615ec92cfab9d176f4199f6799dad9ca743c51d175028b","src/custom.rs":"f75ef80ec024fe3c97c7faff79de9f7d457993ed3c5f69f21593e140c8b62790","src/error.rs":"f40aa6cb36bc024285dc2e40349fdd3754db949a307ec73831ec253549d2b0a3","src/error_impls.rs":"733ed75ab89a9d0d5a7cc7abd85f31a23d772ea9c1e7c10def1477207d19fd8b","src/fuchsia.rs":"470d8509deb5b06fa6417f294c0a49e0e35a580249a5d8944c3be5aa746f64ea","src/ios.rs":"cc46ee9c48ab746d2af342a242e383b8de840045d3f52fd77ee337161367a1a1","src/lib.rs":"6aff4b429e4b1a07aad2ab7148d7cc9d0987b230597649af42041508320592e0","src/linux_android.rs":"39cb80999c8534145240a350976d261b8924436bf9a4563960c7bd8c2c83c773","src/macos.rs":"b692f2fcc2319a5195f47751d5bd7dd87c7c24a61d14fa4e3dbc992ae66212b7","src/openbsd.rs":"066b2dd395c190444a658bb0b52a052eabbd68ea5a534fb729c7e5373abc0a6a","src/rdrand.rs":"79d23183b1905d61bd9df9729dc798505a2ed750d3339e342ab144e1709827e4","src/solaris_illumos.rs":"9c7004446fabe5a7a21c73d5a65d7e2115b5bd1d1dbb735c984cab3dba239785","src/stdweb.rs":"f140081e47cfbb61937212e7840391bce5adf7829039d732d62b82a19e567dfa","src/test_common.rs":"895d71c06722e3a6f365999d29430f37f571aeb1eb4a525777b760005c9818be","src/test_rdrand.rs":"8c8df6de836463a41808396016428bf0a2a69c715ae96e7e0e7598fcea61ace8","src/use_file.rs":"c9fe635a83614be6f303e40f98b8e678c36ac6d9724b024430d3ea1ad1510add","src/util.rs":"da6964dc1523f1cb8d26365fa6a8ece46360587e6974931624b271f0c72cda8b","src/util_libc.rs":"c602b47e2958fa94443b3690faddf52a8c545689d18579c86dd8a07927c145b1","src/vxworks.rs":"a5aa0e40f890e0f35626458bb656a3340b8af3111e4bacd2e12505a8d50a3505","src/wasi.rs":"3413e5a391b156f5d05600f4651f7f8eb4df2c8984fca7766ca50c0cfe0b2e9c","src/wasm-bindgen.rs":"0648388724c46697a9b3c654b8d931b2bf187a3193ca1888221d4529f764e376","src/windows.rs":"39dfae2814d958993619c3654bb39745de897971aea7a414fa32f90770850ce2","src/windows_uwp.rs":"672f41a0fac79a71bfaaecad59826c948b8538f69a0133ab1c09a1865ecd6114"},"package":"ee8025cf36f917e6a52cce185b7c7177689b838b7ec138364e50cc2277a56cf4"} ---- a/vendor/getrandom-0.2.0/src/util_libc.rs -+++ b/vendor/getrandom-0.2.0/src/util_libc.rs -@@ -97,7 +97,7 @@ impl Weak { +--- a/vendor/getrandom/src/util_libc.rs ++++ b/vendor/getrandom/src/util_libc.rs +@@ -135,19 +135,11 @@ impl Weak { + } } - cfg_if! { +-cfg_if! { - if #[cfg(any(target_os = "linux", target_os = "emscripten"))] { -+ if #[cfg(any(all(target_os = "linux", not(target_env = "musl")), target_os = "emscripten"))] { - use libc::open64 as open; - } else { - use libc::open; +- use libc::open64 as open; +- } else { +- use libc::open; +- } +-} +- + // SAFETY: path must be null terminated, FD must be manually closed. + pub unsafe fn open_readonly(path: &str) -> Result<libc::c_int, Error> { + debug_assert_eq!(path.as_bytes().last(), Some(&0)); + loop { +- let fd = open(path.as_ptr() as *const _, libc::O_RDONLY | libc::O_CLOEXEC); ++ let fd = libc::open(path.as_ptr() as *const _, libc::O_RDONLY | libc::O_CLOEXEC); + if fd >= 0 { + return Ok(fd); + } diff --git a/poky/meta/recipes-devtools/rust/libstd-rs_1.67.1.bb b/poky/meta/recipes-devtools/rust/libstd-rs_1.68.1.bb index f4e5abc0cc..f4e5abc0cc 100644 --- a/poky/meta/recipes-devtools/rust/libstd-rs_1.67.1.bb +++ b/poky/meta/recipes-devtools/rust/libstd-rs_1.68.1.bb diff --git a/poky/meta/recipes-devtools/rust/rust-cross-canadian_1.67.1.bb b/poky/meta/recipes-devtools/rust/rust-cross-canadian_1.68.1.bb index 55865238ab..55865238ab 100644 --- a/poky/meta/recipes-devtools/rust/rust-cross-canadian_1.67.1.bb +++ b/poky/meta/recipes-devtools/rust/rust-cross-canadian_1.68.1.bb diff --git a/poky/meta/recipes-devtools/rust/rust-llvm_1.67.1.bb b/poky/meta/recipes-devtools/rust/rust-llvm_1.68.1.bb index 4da11da8ef..6304070deb 100644 --- a/poky/meta/recipes-devtools/rust/rust-llvm_1.67.1.bb +++ b/poky/meta/recipes-devtools/rust/rust-llvm_1.68.1.bb @@ -49,14 +49,12 @@ EXTRA_OECMAKE = " \ -DCMAKE_INSTALL_PREFIX:PATH=${libdir}/llvm-rust \ " EXTRA_OECMAKE:append:class-target = "\ - -DCMAKE_CROSSCOMPILING:BOOL=ON \ -DLLVM_BUILD_TOOLS=OFF \ -DLLVM_TABLEGEN=${STAGING_LIBDIR_NATIVE}/llvm-rust/bin/llvm-tblgen \ -DLLVM_CONFIG_PATH=${STAGING_LIBDIR_NATIVE}/llvm-rust/bin/llvm-config \ " EXTRA_OECMAKE:append:class-nativesdk = "\ - -DCMAKE_CROSSCOMPILING:BOOL=ON \ -DLLVM_BUILD_TOOLS=OFF \ -DLLVM_TABLEGEN=${STAGING_LIBDIR_NATIVE}/llvm-rust/bin/llvm-tblgen \ -DLLVM_CONFIG_PATH=${STAGING_LIBDIR_NATIVE}/llvm-rust/bin/llvm-config \ diff --git a/poky/meta/recipes-devtools/rust/rust-snapshot.inc b/poky/meta/recipes-devtools/rust/rust-snapshot.inc index d5317279db..cb49d8e7c3 100644 --- a/poky/meta/recipes-devtools/rust/rust-snapshot.inc +++ b/poky/meta/recipes-devtools/rust/rust-snapshot.inc @@ -4,51 +4,51 @@ ## The exact (previous) version that has been used is specified in the source tarball. ## The version is replicated here. -SNAPSHOT_VERSION = "1.66.1" +SNAPSHOT_VERSION = "1.67.1" -SRC_URI[cargo-snapshot-aarch64.sha256sum] = "61736a6ec61a4eaa9a7b3f219d9f8166ae97c1acd54b5e904c15fb8caff06250" -SRC_URI[rust-std-snapshot-aarch64.sha256sum] = "9d96ba6a5a255339cd04af079d906753d56c85503c727279c227d24bd4987e24" -SRC_URI[rustc-snapshot-aarch64.sha256sum] = "b4d842594ba11a84712c2d1bbf7f7945cfcc2485c72861a23b488fefba5c6a45" +SRC_URI[cargo-snapshot-aarch64.sha256sum] = "b04e33d9beb3cd97501399c17ca297f0adc12a7c0ea16351b8821fc9228de477" +SRC_URI[rust-std-snapshot-aarch64.sha256sum] = "35027409400faaaa38ea2855b92dea6b553b2e656dff735da730f67ac02e57e6" +SRC_URI[rustc-snapshot-aarch64.sha256sum] = "053ccc4ab81ea9c16906205c2b653a93b5b44fe4f67f9e45153a2687b7efb65a" -SRC_URI[cargo-snapshot-i686.sha256sum] = "fb0c1aa922c4e41fead9d35090769309cb45648d6f77ccbe8d2ba125a75cc2af" -SRC_URI[rust-std-snapshot-i686.sha256sum] = "b32cbbb9002f8a20b302823a2ff122a91f077b5e1a7bc1340de690ded86bf10b" -SRC_URI[rustc-snapshot-i686.sha256sum] = "e2ab464f43d6319ddb9796cbfacd444dc40f3d0e7503d672c23ecbe0daf11e1c" +SRC_URI[cargo-snapshot-i686.sha256sum] = "36db46e19e8573ea113c38d88f66def5fad848721b3c6dd69361f197b7a02f80" +SRC_URI[rust-std-snapshot-i686.sha256sum] = "aab2d7aa76793e78c9c8810e93ed8978f6422843b1277e9c60337b0f943a4409" +SRC_URI[rustc-snapshot-i686.sha256sum] = "0c77fde6daa80825f8cb81a5525c99db238a3ab4f0b226470964062e74603dd6" -SRC_URI[cargo-snapshot-mips.sha256sum] = "0f03d6d35b6044dc81a4d5eb9bd42c9d1e8c0e85363f960ff921ebe46294ae45" -SRC_URI[rust-std-snapshot-mips.sha256sum] = "e6029b4cec5d6c06c34a0dbec614fa252fdc8cf31013d6e561112cf90f742568" -SRC_URI[rustc-snapshot-mips.sha256sum] = "64ad92525ae1f018e08c055d7892e0fc613437bde8cf614b1c2a8986488290e7" +SRC_URI[cargo-snapshot-mips.sha256sum] = "06778d8aedd8e7850f0175483efa015cc2eeb69e6027e3d94352d89d2a510fc5" +SRC_URI[rust-std-snapshot-mips.sha256sum] = "048b3da190212b742f7a052618b57683dc96ee2b6c25fc7f5ae751143cb79bad" +SRC_URI[rustc-snapshot-mips.sha256sum] = "d3b7501acdfda6e4e9d8ee64d9de716579791d567c66f1273e601a55c2e23ca8" -SRC_URI[cargo-snapshot-mipsel.sha256sum] = "74d757a456d2fbb418c253db203c0bb3f71d797e4ab3e2804b6c594a18e0f199" -SRC_URI[rust-std-snapshot-mipsel.sha256sum] = "8bfa3d6079c6df049978fe61b1ccaf992aecd006e23df2439ecfc883bd8bc31b" -SRC_URI[rustc-snapshot-mipsel.sha256sum] = "f2674d60ce52c49048e9823af57aae24bb6722e8998783819ec884222caeccf3" +SRC_URI[cargo-snapshot-mipsel.sha256sum] = "7bf800ddd0ee6b69bb66fb7cdf12ae045db025fdb866e00c62b63a1eb99f7d64" +SRC_URI[rust-std-snapshot-mipsel.sha256sum] = "94410897626546dde806a114299c3c32abb6b4b294af5daea5c4d136751fe063" +SRC_URI[rustc-snapshot-mipsel.sha256sum] = "eb34b5d901807e1e47fb6ac686571f21b2a80ad831583485872c9e9c59291776" -SRC_URI[cargo-snapshot-powerpc.sha256sum] = "f771fa4294c8e0d5d0e58129fe9d4e0913566dd43523b6f0af19a08004004df8" -SRC_URI[rust-std-snapshot-powerpc.sha256sum] = "417b12a9bf090d694514937cd8c321ed625f155248f63c0de8207b17fa4b35b1" -SRC_URI[rustc-snapshot-powerpc.sha256sum] = "ff16d02c100086175b9fbcfff4d3705fb4f5b58a6506ec7667dc86c56b8bb3c7" +SRC_URI[cargo-snapshot-powerpc.sha256sum] = "b134c63817805f59821024d377196f2821ae53f88d0a4a2ebdbd8152433984b0" +SRC_URI[rust-std-snapshot-powerpc.sha256sum] = "26efe78c09ed36da34964c0d023cf9aa404766ab790a94d9becd373b8879cb5a" +SRC_URI[rustc-snapshot-powerpc.sha256sum] = "8f6212756d152f6876a6456f4d3f93ef8b4b7e5c93b96fe515cb8183c0612d7b" -SRC_URI[cargo-snapshot-powerpc64.sha256sum] = "9a933d39e6b028e73db9cc0959af84128824e0b11554e3a0171cad7635a343c7" -SRC_URI[rust-std-snapshot-powerpc64.sha256sum] = "7074c4ea9fcc683ceb0adcca6ba07544a1d91f0e5d2a4cf14c81eb14316ebf35" -SRC_URI[rustc-snapshot-powerpc64.sha256sum] = "f5bff79d517e2f721839462881331bdc1b8323a434f4ebe0529f93213adb2a24" +SRC_URI[cargo-snapshot-powerpc64.sha256sum] = "2cd84deb15ed16fc4a1d8a9de45577ba4d9f245de4f7efb3dc6611eec437eef3" +SRC_URI[rust-std-snapshot-powerpc64.sha256sum] = "135f5e6ab6d8f077a14521d387d3f31831abdb840ca4e6a15b6f0d0d5b7dbc81" +SRC_URI[rustc-snapshot-powerpc64.sha256sum] = "bdb08b549df5d7a421637efb0be00211b5ca9cf1e4214d66eb762b92e0f9b3fe" -SRC_URI[cargo-snapshot-powerpc64le.sha256sum] = "29fa2e003f4bf3e37a3fb506d5b7ab19eb6412b5966d865e082b354637d5d84a" -SRC_URI[rust-std-snapshot-powerpc64le.sha256sum] = "4c64a09be872b5832b50d681fbe29691b6a5d3e23ee5535020fa22b8b453c770" -SRC_URI[rustc-snapshot-powerpc64le.sha256sum] = "3b4322b519b0f7fbcf88511b2061be1499921517d810d7696be58a16467d4589" +SRC_URI[cargo-snapshot-powerpc64le.sha256sum] = "fbad853a30437653f09001d0de797823dfa32d537163841bec1792c3267f5eab" +SRC_URI[rust-std-snapshot-powerpc64le.sha256sum] = "364c47ed22e4268edf238d221c40007d7d8792a66ca325d3937596a9c911ea48" +SRC_URI[rustc-snapshot-powerpc64le.sha256sum] = "4a2368996acd1741200d720674101323fa951dfa580b64c8b2e9fdc09bb22534" -SRC_URI[cargo-snapshot-riscv64gc.sha256sum] = "f362cf575fde92f988d5b1fe19fd463a1905d8d2a3844168034df49b1dffb10b" -SRC_URI[rust-std-snapshot-riscv64gc.sha256sum] = "776eff6f451845e88224714ee6da7819e34f01b7625bf927394c2b91e5c8243c" -SRC_URI[rustc-snapshot-riscv64gc.sha256sum] = "84bea70d3acb6af04ae4c0f49f904bba4e2644b92c5996aacbafd7610dd0e147" +SRC_URI[cargo-snapshot-riscv64gc.sha256sum] = "3381af9ba39068b9c5e62536125a3abb582aef15932f63cd4f90df0cccb05ac7" +SRC_URI[rust-std-snapshot-riscv64gc.sha256sum] = "63a7e6a6c889a3d01bb3c66a3def3e41963511ea52e13906669da5b29b2fd9da" +SRC_URI[rustc-snapshot-riscv64gc.sha256sum] = "916d204d727f485abbadeef914ee881cf61fa3c167741a9ed29c9f4042c99e25" -SRC_URI[cargo-snapshot-s390x.sha256sum] = "f69ea091fa1ee4871a46cb9fa1da5b81fa2980687f3bedbc4677a4a82f8da0c0" -SRC_URI[rust-std-snapshot-s390x.sha256sum] = "51d1567e1d28e43c2165886f5a4955dcdaa41aa5ddcec5fb08200491fd1f6062" -SRC_URI[rustc-snapshot-s390x.sha256sum] = "25a047db8ec0627bb7054eafe6edca6ce4c473b30d6766b30cbff1c536d0673b" +SRC_URI[cargo-snapshot-s390x.sha256sum] = "78d7c2714015ecb7283b417cb265d4d604379d0720aab5f611ca1c113987c283" +SRC_URI[rust-std-snapshot-s390x.sha256sum] = "04573298d9e815c1e8c47a2f9548ea55d4a2afc538eceaa6a704d44a5e1f7e3e" +SRC_URI[rustc-snapshot-s390x.sha256sum] = "e786d34e10069dc00774fe53bca092e537e96db6c9d5258a8b0221e4fa5a2caf" -SRC_URI[cargo-snapshot-x86_64.sha256sum] = "a636f83eb2327a66f484b9592ab305c6642df16fc80d0d1cb727e766a60da904" -SRC_URI[rust-std-snapshot-x86_64.sha256sum] = "c5e2c9b160bd8d99514f13cfbc0e42a722fd9ca14e6aaca4b9b77731a7a48377" -SRC_URI[rustc-snapshot-x86_64.sha256sum] = "242855e2626860aede6957dc56481cc02acf8cad12fa5bbbcbd93f9c51f0b3ad" +SRC_URI[cargo-snapshot-x86_64.sha256sum] = "e744dad75de8419e7fea530c29bd56cf931b4d4de62eb4bd442bfac7b54e61ed" +SRC_URI[rust-std-snapshot-x86_64.sha256sum] = "f4dc8468dfc1dbd86f865b10f06e0e4b4e76f5a3a1cc27317a520ab1660844e9" +SRC_URI[rustc-snapshot-x86_64.sha256sum] = "e27ec0c6d1a2b2b38e5258904c3741ddb246bff5715aa95e595f818aa77f7bee" -SRC_URI[rust-std-snapshot-i586.sha256sum] = "90eb8e2490283930e682b79842d664d4867414563353d53dafc47eccf44aea17" +SRC_URI[rust-std-snapshot-i586.sha256sum] = "22cbbf0b22d9b0894cfbd6e1dd6b95b71c7ad02cee4e477d375dcf81af8d1337" -SRC_URI[rust-std-snapshot-sparc64.sha256sum] = "3aee03fa61c28bb242023efb09a22e38a76b075cc72bcad9894560be8b28a927" +SRC_URI[rust-std-snapshot-sparc64.sha256sum] = "addf0b0beb1966787e599f32849f18c28d5cb65515272b7d9608d4a1dddee2e7" SRC_URI += " \ ${RUST_DIST_SERVER}/dist/${RUST_STD_SNAPSHOT}.tar.xz;name=rust-std-snapshot-${RUST_BUILD_ARCH};subdir=rust-snapshot-components \ diff --git a/poky/meta/recipes-devtools/rust/rust-source.inc b/poky/meta/recipes-devtools/rust/rust-source.inc index 942978e6bf..c8f5a5a9c4 100644 --- a/poky/meta/recipes-devtools/rust/rust-source.inc +++ b/poky/meta/recipes-devtools/rust/rust-source.inc @@ -7,7 +7,7 @@ SRC_URI += "https://static.rust-lang.org/dist/rustc-${RUST_VERSION}-src.tar.xz;n file://0001-Do-not-use-LFS64-on-linux-with-musl.patch;patchdir=${RUSTSRC} \ file://zlib-off64_t.patch;patchdir=${RUSTSRC} \ " -SRC_URI[rust.sha256sum] = "77e0615011f887d9533d5374bf9c15c590c3caf32bbb035b392d1c2ae502a682" +SRC_URI[rust.sha256sum] = "5b8ea94085b65e75c1fa6310e2f90bd706fa80bfcb3544fe26f4037b911d9fb2" RUSTSRC = "${WORKDIR}/rustc-${RUST_VERSION}-src" diff --git a/poky/meta/recipes-devtools/rust/rust_1.67.1.bb b/poky/meta/recipes-devtools/rust/rust_1.68.1.bb index f4c6d9511d..83f9bec68a 100644 --- a/poky/meta/recipes-devtools/rust/rust_1.67.1.bb +++ b/poky/meta/recipes-devtools/rust/rust_1.68.1.bb @@ -200,7 +200,7 @@ rust_runx () { # Copy the natively built llvm-config into the target so we can run it. Horrible, # but works! - if [ ${RUST_ALTERNATE_EXE_PATH_NATIVE} != ${RUST_ALTERNATE_EXE_PATH} ]; then + if [ ${RUST_ALTERNATE_EXE_PATH_NATIVE} != ${RUST_ALTERNATE_EXE_PATH} -a ! -f ${RUST_ALTERNATE_EXE_PATH} ]; then mkdir -p `dirname ${RUST_ALTERNATE_EXE_PATH}` cp ${RUST_ALTERNATE_EXE_PATH_NATIVE} ${RUST_ALTERNATE_EXE_PATH} chrpath -d ${RUST_ALTERNATE_EXE_PATH} @@ -221,17 +221,6 @@ FILES:${PN} += "${libdir}/*.so" FILES:${PN}-dev = "" do_compile () { - rust_runx build --stage 2 -} - -do_compile:append:class-target () { - rust_runx build --stage 2 src/tools/clippy - rust_runx build --stage 2 src/tools/rustfmt -} - -do_compile:append:class-nativesdk () { - rust_runx build --stage 2 src/tools/clippy - rust_runx build --stage 2 src/tools/rustfmt } ALLOW_EMPTY:${PN} = "1" @@ -256,6 +245,8 @@ rust_do_install() { rust_do_install:class-nativesdk() { export PSEUDO_UNLOAD=1 rust_runx install + rust_runx install clippy + rust_runx install rustfmt unset PSEUDO_UNLOAD install -d ${D}${bindir} @@ -274,6 +265,8 @@ EXTRA_TOOLS ?= "cargo-clippy clippy-driver rustfmt" rust_do_install:class-target() { export PSEUDO_UNLOAD=1 rust_runx install + rust_runx install clippy + rust_runx install rustfmt unset PSEUDO_UNLOAD install -d ${D}${bindir} diff --git a/poky/meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch b/poky/meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch new file mode 100644 index 0000000000..4b96e4316c --- /dev/null +++ b/poky/meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch @@ -0,0 +1,39 @@ +From 77ff5f1be394eb2c786df561ff37dde7f982ec76 Mon Sep 17 00:00:00 2001 +From: Stefano Babic <sbabic@denx.de> +Date: Fri, 28 Jul 2017 13:20:52 +0200 +Subject: [PATCH] Wrong CRC with ASCII CRC for large files + +Due to signedness, the checksum is not computed when filesize is bigger +a 2GB. + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/bug-cpio/2017-07/msg00004.html] +Signed-off-by: Stefano Babic <sbabic@denx.de> +--- + src/copyout.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/copyout.c b/src/copyout.c +index 1f0987a..727aeca 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -34,13 +34,13 @@ + compute and return a checksum for them. */ + + static uint32_t +-read_for_checksum (int in_file_des, int file_size, char *file_name) ++read_for_checksum (int in_file_des, unsigned int file_size, char *file_name) + { + uint32_t crc; + char buf[BUFSIZ]; +- int bytes_left; +- int bytes_read; +- int i; ++ unsigned int bytes_left; ++ unsigned int bytes_read; ++ unsigned int i; + + crc = 0; + +-- +2.7.4 + diff --git a/poky/meta/recipes-extended/cpio/cpio_2.13.bb b/poky/meta/recipes-extended/cpio/cpio_2.13.bb index 3350ba710e..df5e09cae8 100644 --- a/poky/meta/recipes-extended/cpio/cpio_2.13.bb +++ b/poky/meta/recipes-extended/cpio/cpio_2.13.bb @@ -12,6 +12,7 @@ SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \ file://0001-obstack-Fix-a-clang-warning.patch \ file://CVE-2021-38185.patch \ file://0001-Use-__alignof__-with-clang.patch \ + file://0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch \ file://run-ptest \ " diff --git a/poky/meta/recipes-extended/grep/grep_3.9.bb b/poky/meta/recipes-extended/grep/grep_3.10.bb index 3c39a5fb56..33fd64d27e 100644 --- a/poky/meta/recipes-extended/grep/grep_3.9.bb +++ b/poky/meta/recipes-extended/grep/grep_3.10.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464" SRC_URI = "${GNU_MIRROR}/grep/grep-${PV}.tar.xz" -SRC_URI[sha256sum] = "abcd11409ee23d4caf35feb422e53bbac867014cfeed313bb5f488aca170b599" +SRC_URI[sha256sum] = "24efa5b595fb5a7100879b51b8868a0bb87a71c183d02c4c602633b88af6855b" inherit autotools gettext texinfo pkgconfig diff --git a/poky/meta/recipes-extended/screen/screen/signal-permission.patch b/poky/meta/recipes-extended/screen/screen/signal-permission.patch new file mode 100644 index 0000000000..77dc649090 --- /dev/null +++ b/poky/meta/recipes-extended/screen/screen/signal-permission.patch @@ -0,0 +1,40 @@ +From e9ad41bfedb4537a6f0de20f00b27c7739f168f7 Mon Sep 17 00:00:00 2001 +From: Alexander Naumov <alexander_naumov@opensuse.org> +Date: Mon, 30 Jan 2023 17:22:25 +0200 +Subject: fix: missing signal sending permission check on failed query messages + +Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org> + +CVE: CVE-2023-24626 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + src/socket.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/src/socket.c b/src/socket.c +index 147dc54..54d8cb8 100644 +--- a/socket.c ++++ b/socket.c +@@ -1285,11 +1285,16 @@ ReceiveMsg() + else + queryflag = -1; + +- Kill(m.m.command.apid, ++ if (CheckPid(m.m.command.apid)) { ++ Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid); ++ } ++ else { ++ Kill(m.m.command.apid, + (queryflag >= 0) + ? SIGCONT + : SIG_BYE); /* Send SIG_BYE if an error happened */ +- queryflag = -1; ++ queryflag = -1; ++ } + } + break; + case MSG_COMMAND: +-- +cgit v1.1 + diff --git a/poky/meta/recipes-extended/screen/screen_4.9.0.bb b/poky/meta/recipes-extended/screen/screen_4.9.0.bb index 77e8000bf3..235cd8c6cf 100644 --- a/poky/meta/recipes-extended/screen/screen_4.9.0.bb +++ b/poky/meta/recipes-extended/screen/screen_4.9.0.bb @@ -22,6 +22,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \ file://0001-fix-for-multijob-build.patch \ file://0001-Remove-more-compatibility-stuff.patch \ file://0001-configure-Add-needed-system-headers-in-checks.patch \ + file://signal-permission.patch \ " SRC_URI[sha256sum] = "f9335281bb4d1538ed078df78a20c2f39d3af9a4e91c57d084271e0289c730f4" diff --git a/poky/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch b/poky/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch new file mode 100644 index 0000000000..37ba5f3dc2 --- /dev/null +++ b/poky/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch @@ -0,0 +1,41 @@ +commit 670cae834827a8f794e6f7464fa57790d911b63c +Author: SoumyaWind <121475834+SoumyaWind@users.noreply.github.com> +Date: Tue Dec 27 17:40:17 2022 +0530 + + shadow: Fix can not print full login timeout message + + Login timed out message prints only first few bytes when write is immediately followed by exit. + Calling exit from new handler provides enough time to display full message. + +Upstream-Status: Accepted [https://github.com/shadow-maint/shadow/commit/670cae834827a8f794e6f7464fa57790d911b63c] + +diff --git a/src/login.c b/src/login.c +index 116e2cb3..c55f4de0 100644 +--- a/src/login.c ++++ b/src/login.c +@@ -120,6 +120,7 @@ static void get_pam_user (char **ptr_pam_user); + + static void init_env (void); + static void alarm_handler (int); ++static void exit_handler (int); + + /* + * usage - print login command usage and exit +@@ -391,11 +392,16 @@ static void init_env (void) + #endif /* !USE_PAM */ + } + ++static void exit_handler (unused int sig) ++{ ++ _exit (0); ++} + + static void alarm_handler (unused int sig) + { + write (STDERR_FILENO, tmsg, strlen (tmsg)); +- _exit (0); ++ signal(SIGALRM, exit_handler); ++ alarm(2); + } + + #ifdef USE_PAM diff --git a/poky/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch b/poky/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch new file mode 100644 index 0000000000..ac08be515b --- /dev/null +++ b/poky/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch @@ -0,0 +1,65 @@ +From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com> +Date: Fri, 31 Mar 2023 14:46:50 +0200 +Subject: [PATCH] Overhaul valid_field() + +e5905c4b ("Added control character check") introduced checking for +control characters but had the logic inverted, so it rejects all +characters that are not control ones. + +Cast the character to `unsigned char` before passing to the character +checking functions to avoid UB. + +Use strpbrk(3) for the illegal character test and return early. + +Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4] + +Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> +--- + lib/fields.c | 24 ++++++++++-------------- + 1 file changed, 10 insertions(+), 14 deletions(-) + +diff --git a/lib/fields.c b/lib/fields.c +index fb51b582..53929248 100644 +--- a/lib/fields.c ++++ b/lib/fields.c +@@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal) + + /* For each character of field, search if it appears in the list + * of illegal characters. */ ++ if (illegal && NULL != strpbrk (field, illegal)) { ++ return -1; ++ } ++ ++ /* Search if there are non-printable or control characters */ + for (cp = field; '\0' != *cp; cp++) { +- if (strchr (illegal, *cp) != NULL) { ++ unsigned char c = *cp; ++ if (!isprint (c)) { ++ err = 1; ++ } ++ if (iscntrl (c)) { + err = -1; + break; + } + } + +- if (0 == err) { +- /* Search if there are non-printable or control characters */ +- for (cp = field; '\0' != *cp; cp++) { +- if (!isprint (*cp)) { +- err = 1; +- } +- if (!iscntrl (*cp)) { +- err = -1; +- break; +- } +- } +- } +- + return err; + } + +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/shadow/files/CVE-2023-29383.patch b/poky/meta/recipes-extended/shadow/files/CVE-2023-29383.patch new file mode 100644 index 0000000000..f53341d3fc --- /dev/null +++ b/poky/meta/recipes-extended/shadow/files/CVE-2023-29383.patch @@ -0,0 +1,53 @@ +From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001 +From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com> +Date: Thu, 23 Mar 2023 23:39:38 +0000 +Subject: [PATCH] Added control character check + +Added control character check, returning -1 (to "err") if control characters are present. + +CVE: CVE-2023-29383 +Upstream-Status: Backport + +Reference to upstream: +https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d + +Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> +--- + lib/fields.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/lib/fields.c b/lib/fields.c +index 640be931..fb51b582 100644 +--- a/lib/fields.c ++++ b/lib/fields.c +@@ -21,9 +21,9 @@ + * + * The supplied field is scanned for non-printable and other illegal + * characters. +- * + -1 is returned if an illegal character is present. +- * + 1 is returned if no illegal characters are present, but the field +- * contains a non-printable character. ++ * + -1 is returned if an illegal or control character is present. ++ * + 1 is returned if no illegal or control characters are present, ++ * but the field contains a non-printable character. + * + 0 is returned otherwise. + */ + int valid_field (const char *field, const char *illegal) +@@ -45,10 +45,13 @@ int valid_field (const char *field, const char *illegal) + } + + if (0 == err) { +- /* Search if there are some non-printable characters */ ++ /* Search if there are non-printable or control characters */ + for (cp = field; '\0' != *cp; cp++) { + if (!isprint (*cp)) { + err = 1; ++ } ++ if (!iscntrl (*cp)) { ++ err = -1; + break; + } + } +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/shadow/shadow.inc b/poky/meta/recipes-extended/shadow/shadow.inc index 2c70a2d00e..cf05a3af93 100644 --- a/poky/meta/recipes-extended/shadow/shadow.inc +++ b/poky/meta/recipes-extended/shadow/shadow.inc @@ -14,6 +14,9 @@ GITHUB_BASE_URI = "https://github.com/shadow-maint/shadow/releases" SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \ ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ file://useradd \ + file://0001-Fix-can-not-print-full-login.patch \ + file://CVE-2023-29383.patch \ + file://0001-Overhaul-valid_field.patch \ " SRC_URI:append:class-target = " \ diff --git a/poky/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch b/poky/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch new file mode 100644 index 0000000000..b236030108 --- /dev/null +++ b/poky/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch @@ -0,0 +1,145 @@ +xdg-email does not parse mailto uris properly for thunderbird + +When using thunderbird as mailto handler xdg-email translates mailto uris into an 'thunderbird -compose' argument. While to, cc and bcc values are properly enclosed in single quotes this is not the case for subject or body. This breaks functionality and allows to use all thunderbird -compose arguments within a mailto uri, e.g. + +xdg-email 'mailto:test@example.com?subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt' + +translates into + +thunderbird -compose to='test@example.com,',subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt + +with working attachment and message. (And, yes, ~ expands to the home directory.) + +Upstream-Status: Submitted [https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205] + +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> + +CVE: CVE-2022-4055 + + +Index: xdg-utils-1.1.3/scripts/xdg-email.in +=================================================================== +--- xdg-utils-1.1.3.orig/scripts/xdg-email.in ++++ xdg-utils-1.1.3/scripts/xdg-email.in +@@ -30,53 +30,6 @@ _USAGE + + #@xdg-utils-common@ + +-run_thunderbird() +-{ +- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY +- THUNDERBIRD="$1" +- MAILTO=$(echo "$2" | sed 's/^mailto://') +- echo "$MAILTO" | grep -qs "^?" +- if [ "$?" = "0" ] ; then +- MAILTO=$(echo "$MAILTO" | sed 's/^?//') +- else +- MAILTO=$(echo "$MAILTO" | sed 's/^/to=/' | sed 's/?/\&/') +- fi +- +- MAILTO=$(echo "$MAILTO" | sed 's/&/\n/g') +- TO=$(/bin/echo -e $(echo "$MAILTO" | grep '^to=' | sed 's/^to=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- CC=$(/bin/echo -e $(echo "$MAILTO" | grep '^cc=' | sed 's/^cc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1) +- BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1) +- +- if [ -z "$TO" ] ; then +- NEWMAILTO= +- else +- NEWMAILTO="to='$TO'" +- fi +- if [ -n "$CC" ] ; then +- NEWMAILTO="${NEWMAILTO},cc='$CC'" +- fi +- if [ -n "$BCC" ] ; then +- NEWMAILTO="${NEWMAILTO},bcc='$BCC'" +- fi +- if [ -n "$SUBJECT" ] ; then +- NEWMAILTO="${NEWMAILTO},$SUBJECT" +- fi +- if [ -n "$BODY" ] ; then +- NEWMAILTO="${NEWMAILTO},$BODY" +- fi +- +- NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//') +- DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\"" +- "$THUNDERBIRD" -compose "$NEWMAILTO" +- if [ $? -eq 0 ]; then +- exit_success +- else +- exit_failure_operation_failed +- fi +-} +- + open_kde() + { + if [ -n "$KDE_SESSION_VERSION" ] && [ "$KDE_SESSION_VERSION" -ge 5 ]; then +@@ -130,15 +83,6 @@ open_kde() + + open_gnome3() + { +- local client +- local desktop +- desktop=`xdg-mime query default "x-scheme-handler/mailto"` +- client=`desktop_file_to_binary "$desktop"` +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + if gio help open 2>/dev/null 1>&2; then + DEBUG 1 "Running gio open \"$1\"" + gio open "$1" +@@ -159,13 +103,6 @@ open_gnome3() + + open_gnome() + { +- local client +- client=`gconftool-2 --get /desktop/gnome/url-handlers/mailto/command | cut -d ' ' -f 1` || "" +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + if gio help open 2>/dev/null 1>&2; then + DEBUG 1 "Running gio open \"$1\"" + gio open "$1" +@@ -231,15 +168,6 @@ open_flatpak() + + open_generic() + { +- local client +- local desktop +- desktop=`xdg-mime query default "x-scheme-handler/mailto"` +- client=`desktop_file_to_binary "$desktop"` +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + xdg-open "$1" + local ret=$? + +@@ -364,21 +292,6 @@ while [ $# -gt 0 ] ; do + shift + ;; + +- --attach) +- if [ -z "$1" ] ; then +- exit_failure_syntax "file argument missing for --attach option" +- fi +- check_input_file "$1" +- file=`readlink -f "$1"` # Normalize path +- if [ -z "$file" ] || [ ! -f "$file" ] ; then +- exit_failure_file_missing "file '$1' does not exist" +- fi +- +- url_encode "$file" +- options="${options}attach=${result}&" +- shift +- ;; +- + -*) + exit_failure_syntax "unexpected option '$parm'" + ;; diff --git a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb index 73acf6b744..4d93180535 100644 --- a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb +++ b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb @@ -21,6 +21,7 @@ SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \ file://0001-Reinstate-xdg-terminal.patch \ file://0001-Don-t-build-the-in-script-manual.patch \ file://1f199813e0eb0246f63b54e9e154970e609575af.patch \ + file://CVE-2022-4055.patch \ " SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff" diff --git a/poky/meta/recipes-extended/xz/xz_5.4.1.bb b/poky/meta/recipes-extended/xz/xz_5.4.2.bb index 71bf4b540a..87f9602bf6 100644 --- a/poky/meta/recipes-extended/xz/xz_5.4.1.bb +++ b/poky/meta/recipes-extended/xz/xz_5.4.2.bb @@ -17,15 +17,15 @@ LICENSE:${PN}-dbg = "GPL-2.0-or-later" LICENSE:${PN}-locale = "GPL-2.0-or-later" LICENSE:liblzma = "PD" -LIC_FILES_CHKSUM = "file://COPYING;md5=97d554a32881fee0aa283d96e47cb24a \ +LIC_FILES_CHKSUM = "file://COPYING;md5=c8ea84ebe7b93cce676b54355dc6b2c0 \ file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \ + file://COPYING.GPLv3;md5=1ebbd3e34237af26da5dc08a4e440464 \ file://COPYING.LGPLv2.1;md5=4fbd65380cdd255951079008b364516c \ file://lib/getopt.c;endline=23;md5=2069b0ee710572c03bb3114e4532cd84 \ " SRC_URI = "https://tukaani.org/xz/xz-${PV}.tar.gz" -SRC_URI[sha256sum] = "e4b0f81582efa155ccf27bb88275254a429d44968e488fc94b806f2a61cd3e22" +SRC_URI[sha256sum] = "87947679abcf77cc509d8d1b474218fd16b72281e2797360e909deaee1ac9d05" UPSTREAM_CHECK_REGEX = "xz-(?P<pver>\d+(\.\d+)+)\.tar" CACHED_CONFIGUREVARS += "gl_cv_posix_shell=/bin/sh" diff --git a/poky/meta/recipes-gnome/gnome/gconf_3.2.6.bb b/poky/meta/recipes-gnome/gnome/gconf_3.2.6.bb index 776f6091aa..e712e4729c 100644 --- a/poky/meta/recipes-gnome/gnome/gconf_3.2.6.bb +++ b/poky/meta/recipes-gnome/gnome/gconf_3.2.6.bb @@ -7,7 +7,7 @@ HOMEPAGE = "https://gitlab.gnome.org/Archive/gconf" LICENSE = "LGPL-2.0-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=55ca817ccb7d5b5b66355690e9abc605" -DEPENDS = "glib-2.0 dbus dbus-glib libxml2 intltool-native" +DEPENDS = "glib-2.0 glib-2.0-native gobject-introspection dbus dbus-glib libxml2 intltool-native" inherit gnomebase gtk-doc gettext gobject-introspection gio-module-cache diff --git a/poky/meta/recipes-gnome/json-glib/json-glib_1.6.6.bb b/poky/meta/recipes-gnome/json-glib/json-glib_1.6.6.bb index 627f389536..9c34fb7f40 100644 --- a/poky/meta/recipes-gnome/json-glib/json-glib_1.6.6.bb +++ b/poky/meta/recipes-gnome/json-glib/json-glib_1.6.6.bb @@ -9,7 +9,7 @@ BUGTRACKER = "https://gitlab.gnome.org/GNOME/json-glib/issues" LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34" -DEPENDS = "glib-2.0" +DEPENDS = "glib-2.0 glib-2.0-native" GNOMEBASEBUILDCLASS = "meson" inherit gnomebase lib_package gobject-introspection gi-docgen gettext ptest-gnome manpages upstream-version-is-even diff --git a/poky/meta/recipes-gnome/libgudev/libgudev_237.bb b/poky/meta/recipes-gnome/libgudev/libgudev_237.bb index 9ce43ce34b..5aa94e58f5 100644 --- a/poky/meta/recipes-gnome/libgudev/libgudev_237.bb +++ b/poky/meta/recipes-gnome/libgudev/libgudev_237.bb @@ -7,7 +7,7 @@ HOMEPAGE = "https://wiki.gnome.org/Projects/libgudev" BUGTRACKER = "https://gitlab.gnome.org/GNOME/libgudev/issues" SRC_URI[archive.sha256sum] = "0d06b21170d20c93e4f0534dbb9b0a8b4f1119ffb00b4031aaeb5b9148b686aa" -DEPENDS = "glib-2.0 udev" +DEPENDS = "glib-2.0 glib-2.0-native udev" RCONFLICTS:${PN} = "systemd (<= 220)" diff --git a/poky/meta/recipes-gnome/libnotify/libnotify_0.8.2.bb b/poky/meta/recipes-gnome/libnotify/libnotify_0.8.2.bb index bbfc217df1..b1656fe0fe 100644 --- a/poky/meta/recipes-gnome/libnotify/libnotify_0.8.2.bb +++ b/poky/meta/recipes-gnome/libnotify/libnotify_0.8.2.bb @@ -9,7 +9,7 @@ SECTION = "libs" LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34" -DEPENDS = "dbus glib-2.0 gdk-pixbuf" +DEPENDS = "dbus glib-2.0 glib-2.0-native gdk-pixbuf" PACKAGECONFIG ?= "" PACKAGECONFIG[tests] = "-Dtests=true,-Dtests=false,gtk+3" diff --git a/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb b/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb index 120ee80b17..9f5b4d0e2d 100644 --- a/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb +++ b/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb @@ -11,8 +11,9 @@ SRC_URI[archive.sha256sum] = "a37bb0e78a419dcbeaa9c7027bcff52f5ec2367c25ec859da3 # Disable neon support by default on ARM-32 platforms because of the # following upstream bug: https://github.com/ebassi/graphene/issues/215 -PACKAGECONFIG ?= "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', 'neon', '', d)}" +PACKAGECONFIG ?= "gobject-types ${@bb.utils.contains('TUNE_FEATURES', 'aarch64', 'neon', '', d)}" +PACKAGECONFIG[gobject-types] = "-Dgobject_types=true,-Dgobject_types=false,glib-2.0" PACKAGECONFIG[neon] = "-Darm_neon=true,-Darm_neon=false," GIR_MESON_ENABLE_FLAG = 'enabled' diff --git a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_7.1.0.bb b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_7.1.0.bb index 4406e15df4..71c92c64ef 100644 --- a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_7.1.0.bb +++ b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_7.1.0.bb @@ -11,6 +11,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b98429b8e8e3c2a67cfef01e99e4893d \ SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BPN}-${PV}.tar.xz" SRC_URI[sha256sum] = "f135a61cd464c9ed6bc9823764c188f276c3850a8dc904628de2a87966b7077b" +DEPENDS += "glib-2.0-native" + inherit meson pkgconfig lib_package gtk-doc gobject-introspection github-releases GIR_MESON_ENABLE_FLAG = 'enabled' diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch new file mode 100644 index 0000000000..fc426daba5 --- /dev/null +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch @@ -0,0 +1,46 @@ +From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan <ofourdan@redhat.com> +Date: Mon, 13 Mar 2023 11:08:47 +0100 +Subject: [PATCH] composite: Fix use-after-free of the COW + +ZDI-CAN-19866/CVE-2023-1393 + +If a client explicitly destroys the compositor overlay window (aka COW), +we would leave a dangling pointer to that window in the CompScreen +structure, which will trigger a use-after-free later. + +Make sure to clear the CompScreen pointer to the COW when the latter gets +destroyed explicitly by the client. + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> +Reviewed-by: Adam Jackson <ajax@redhat.com> + +CVE: CVE-2023-1393 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + composite/compwindow.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/composite/compwindow.c b/composite/compwindow.c +index 4e2494b86..b30da589e 100644 +--- a/composite/compwindow.c ++++ b/composite/compwindow.c +@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin) + ret = (*pScreen->DestroyWindow) (pWin); + cs->DestroyWindow = pScreen->DestroyWindow; + pScreen->DestroyWindow = compDestroyWindow; ++ ++ /* Did we just destroy the overlay window? */ ++ if (pWin == cs->pOverlayWin) ++ cs->pOverlayWin = NULL; ++ + /* compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/ + return ret; + } +-- +2.34.1 + diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb index 212c7d39c2..f0771cc86e 100644 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.7.bb @@ -1,7 +1,8 @@ require xserver-xorg.inc SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ - file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ + file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ + file://0001-composite-Fix-use-after-free-of-the-COW.patch \ " SRC_URI[sha256sum] = "d9c60b2dd0ec52326ca6ab20db0e490b1ff4f566f59ca742d6532e92795877bb" diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc new file mode 100644 index 0000000000..4cc151901b --- /dev/null +++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -0,0 +1,36 @@ +# https://nvd.nist.gov/vuln/detail/CVE-2022-3523 +# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 +# Patched in kernel since v6.1 16ce101db85db694a91380aa4c89b25530871d33 +CVE_CHECK_IGNORE += "CVE-2022-3523" + +# https://nvd.nist.gov/vuln/detail/CVE-2022-3566 +# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 +# Patched in kernel since v6.1 f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57 +CVE_CHECK_IGNORE += "CVE-2022-3566" + +# https://nvd.nist.gov/vuln/detail/CVE-2022-3567 +# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 +# Patched in kernel since v6.1 364f997b5cfe1db0d63a390fe7c801fa2b3115f6 +CVE_CHECK_IGNORE += "CVE-2022-3567" + + +# 2023 + +# https://nvd.nist.gov/vuln/detail/CVE-2022-38457 +# https://nvd.nist.gov/vuln/detail/CVE-2022-40133 +# Both CVE-2022-38457 & CVE-2022-40133 are fixed by the same commit: +# Introduced in version v4.20 e14c02e6b6990e9f6ee18a214a22ac26bae1b25e +# Patched in kernel since v6.2 a309c7194e8a2f8bd4539b9449917913f6c2cd50 +# Backported in version v6.1.7 7ac9578e45b20e3f3c0c8eb71f5417a499a7226a +# See: +# * https://www.linuxkernelcves.com/cves/CVE-2022-38457 +# * https://www.linuxkernelcves.com/cves/CVE-2022-40133 +# * https://lore.kernel.org/all/CAODzB9q3OBD0k6W2bcWrSZo2jC3EvV0PrLyWmO07rxR4nQgkJA@mail.gmail.com/T/ +CVE_CHECK_IGNORE += "CVE-2022-38457 CVE-2022-40133" + +# https://nvd.nist.gov/vuln/detail/CVE-2023-1075 +# Introduced in v4.20 a42055e8d2c30d4decfc13ce943d09c7b9dad221 +# Patched in kernel v6.2 ffe2a22562444720b05bdfeb999c03e810d84cbb +# Backported in version 6.1.11 37c0cdf7e4919e5f76381ac60817b67bcbdacb50 +# 5.15 still has issue, include/net/tls.h:is_tx_ready() would need patch +CVE_CHECK_IGNORE += "CVE-2023-1075" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index 38daab6bbe..29379791f4 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "e1ca9a177aff19013178aa30a8eccb4d7b2b67d7" -SRCREV_meta ?= "441f5fe00073620cec471166cf6e94c4ef9c69b2" +SRCREV_machine ?= "8e0611e36c848a07f9cdd778903c9e51bb90b319" +SRCREV_meta ?= "e4b95ec17228274acb38bf10061448224df3a312" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.103" +LINUX_VERSION ?= "5.15.108" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb index 5f79bc617b..4aaa371d97 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb @@ -2,6 +2,9 @@ KBRANCH ?= "v6.1/standard/preempt-rt/base" require recipes-kernel/linux/linux-yocto.inc +# CVE exclusions +include recipes-kernel/linux/cve-exclusion_6.1.inc + # Skip processing of this recipe if it is not explicitly specified as the # PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying # to build multiple virtual/kernel providers, e.g. as dependency of @@ -11,13 +14,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "8d55a90b757757f76ec124508fd2bcace5d276b5" -SRCREV_meta ?= "1a97a82e62ebf4ef3787768a1f5937e2d2f280ce" +SRCREV_machine ?= "f974a72071f8b481fc4e38517219bc5c503e14f6" +SRCREV_meta ?= "36901b5b298e601fe73dd79aaff8b615a7762013" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA}" -LINUX_VERSION ?= "6.1.20" +LINUX_VERSION ?= "6.1.25" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index eb6af62015..c19c289b97 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.103" +LINUX_VERSION ?= "5.15.108" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "4ae6c9a73f4e6e356186a541e3fcbea4fa6a09f1" -SRCREV_meta ?= "441f5fe00073620cec471166cf6e94c4ef9c69b2" +SRCREV_machine ?= "3d762b85647844790979dd1e17a762003aaa7476" +SRCREV_meta ?= "e4b95ec17228274acb38bf10061448224df3a312" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb index 58357d00c7..5046759061 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb @@ -5,7 +5,10 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "6.1.20" +# CVE exclusions +include recipes-kernel/linux/cve-exclusion_6.1.inc + +LINUX_VERSION ?= "6.1.25" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_meta ?= "1a97a82e62ebf4ef3787768a1f5937e2d2f280ce" +SRCREV_machine ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_meta ?= "36901b5b298e601fe73dd79aaff8b615a7762013" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 41f20c96dd..785944c3cf 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "21687086c27bb112f19b0aac455d800961c0b830" -SRCREV_machine:qemuarm64 ?= "7144f86a73fe2ffe4fe57c9e6cf28d8fc8db4b6a" -SRCREV_machine:qemumips ?= "557c06060cb218ade536fccc66f8f3e755537f31" -SRCREV_machine:qemuppc ?= "db19dbdcdf51b9d2a071dcf180ba9e20b8286e9b" -SRCREV_machine:qemuriscv64 ?= "024d08fb706170a9723e9751e505681f9d4c7ab6" -SRCREV_machine:qemuriscv32 ?= "024d08fb706170a9723e9751e505681f9d4c7ab6" -SRCREV_machine:qemux86 ?= "024d08fb706170a9723e9751e505681f9d4c7ab6" -SRCREV_machine:qemux86-64 ?= "024d08fb706170a9723e9751e505681f9d4c7ab6" -SRCREV_machine:qemumips64 ?= "6f1dbe8c258d49f4dba59827124dfe9aa2c151db" -SRCREV_machine ?= "024d08fb706170a9723e9751e505681f9d4c7ab6" -SRCREV_meta ?= "441f5fe00073620cec471166cf6e94c4ef9c69b2" +SRCREV_machine:qemuarm ?= "80421c525a12141d31bf1592b0d8c176defe3010" +SRCREV_machine:qemuarm64 ?= "9d140dbc3171bf272f51b524edeeb2f22783aca5" +SRCREV_machine:qemumips ?= "b29a8fa62d88db512f1fa5d60e430a851d7e3aaf" +SRCREV_machine:qemuppc ?= "7ee6b7fc4b57933114376cf012218c2ae3d23558" +SRCREV_machine:qemuriscv64 ?= "e8c818cce43dd720c366d831aeb102c20c237652" +SRCREV_machine:qemuriscv32 ?= "e8c818cce43dd720c366d831aeb102c20c237652" +SRCREV_machine:qemux86 ?= "e8c818cce43dd720c366d831aeb102c20c237652" +SRCREV_machine:qemux86-64 ?= "e8c818cce43dd720c366d831aeb102c20c237652" +SRCREV_machine:qemumips64 ?= "5c900befc90365f6daa80989e8de0ccc546ff0f5" +SRCREV_machine ?= "e8c818cce43dd720c366d831aeb102c20c237652" +SRCREV_meta ?= "e4b95ec17228274acb38bf10061448224df3a312" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "8020ae3c051d1c9ec7b7a872e226f9720547649b" +SRCREV_machine:class-devupstream ?= "3299fb36854fdc288bddc2c4d265f8a2e5105944" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.103" +LINUX_VERSION ?= "5.15.108" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb index 6f33032c00..c2b0e66fb8 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb @@ -2,6 +2,9 @@ KBRANCH ?= "v6.1/standard/base" require recipes-kernel/linux/linux-yocto.inc +# CVE exclusions +include recipes-kernel/linux/cve-exclusion_6.1.inc + # board specific branches KBRANCH:qemuarm ?= "v6.1/standard/arm-versatile-926ejs" KBRANCH:qemuarm64 ?= "v6.1/standard/qemuarm64" @@ -14,25 +17,25 @@ KBRANCH:qemux86-64 ?= "v6.1/standard/base" KBRANCH:qemuloongarch64 ?= "v6.1/standard/base" KBRANCH:qemumips64 ?= "v6.1/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "fad8850ff15dfbf8fb2e7d71583fc54b809d10ef" -SRCREV_machine:qemuarm64 ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_machine:qemuloongarch64 ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_machine:qemumips ?= "dd663b72efce61f63f0b38403254eb52e6ad9a59" -SRCREV_machine:qemuppc ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_machine:qemuriscv64 ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_machine:qemuriscv32 ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_machine:qemux86 ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_machine:qemux86-64 ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_machine:qemumips64 ?= "587a945baf13cdca2421e280b7b07dead6ad2a77" -SRCREV_machine ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1" -SRCREV_meta ?= "a8881762b53231bb914329cac3c2cf8db8b6779b" +SRCREV_machine:qemuarm ?= "0b80e90b38ae1735c7dab701ca3d0b2447376ccc" +SRCREV_machine:qemuarm64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_machine:qemuloongarch64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_machine:qemumips ?= "db61d7fe3540904fbe77b532ce3e37aeb737524a" +SRCREV_machine:qemuppc ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_machine:qemuriscv64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_machine:qemuriscv32 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_machine:qemux86 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_machine:qemux86-64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_machine:qemumips64 ?= "aacc52b6216955723cebb5bc493a4210357b23b2" +SRCREV_machine ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" +SRCREV_meta ?= "36901b5b298e601fe73dd79aaff8b615a7762013" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "7eaef76fbc4621ced374c85dbc000dd80dc681d7" +SRCREV_machine:class-devupstream ?= "f17b0ab65d17988d5e6d6fe22f708ef3721080bf" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v6.1/base" @@ -40,7 +43,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "6.1.20" +LINUX_VERSION ?= "6.1.25" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.0.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.0.bb index 6df84a6251..c447f2cbe8 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.0.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.0.bb @@ -24,3 +24,5 @@ EXTRA_OEMESON += "\ " inherit meson pkgconfig setuptools3-base upstream-version-is-even + +FILES:${PN} += "${libdir}/gstreamer-1.0" diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb index e52920883a..36c6233b33 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb @@ -38,6 +38,8 @@ DEPENDS += " \ libnotify \ gstreamer1.0 \ gstreamer1.0-plugins-base \ + glib-2.0-native \ + gettext-native \ " PACKAGECONFIG_SOUP ?= "soup3" @@ -70,20 +72,11 @@ PACKAGECONFIG[soup2] = "-DUSE_SOUP2=ON,-DUSE_SOUP2=OFF,libsoup-2.4,,,soup3" PACKAGECONFIG[soup3] = ",,libsoup,,,soup2" PACKAGECONFIG[journald] = "-DENABLE_JOURNALD_LOG=ON,-DENABLE_JOURNALD_LOG=OFF,systemd" -# webkitgtk is full of /usr/bin/env python, particular for generating docs -do_configure[postfuncs] += "setup_python_link" -setup_python_link() { - if [ ! -e ${STAGING_BINDIR_NATIVE}/python ]; then - ln -s `which python3` ${STAGING_BINDIR_NATIVE}/python - fi -} - EXTRA_OECMAKE = " \ -DPORT=GTK \ ${@bb.utils.contains('GI_DATA_ENABLED', 'True', '-DENABLE_INTROSPECTION=ON', '-DENABLE_INTROSPECTION=OFF', d)} \ ${@bb.utils.contains('GIDOCGEN_ENABLED', 'True', '-DENABLE_DOCUMENTATION=ON', '-DENABLE_DOCUMENTATION=OFF', d)} \ -DENABLE_MINIBROWSER=ON \ - -DPYTHON_EXECUTABLE=`which python3` \ -DENABLE_BUBBLEWRAP_SANDBOX=OFF \ -DENABLE_GAMEPAD=OFF \ " diff --git a/poky/meta/recipes-support/atk/at-spi2-core_2.46.0.bb b/poky/meta/recipes-support/atk/at-spi2-core_2.46.0.bb index d9161e1acb..90313467d0 100644 --- a/poky/meta/recipes-support/atk/at-spi2-core_2.46.0.bb +++ b/poky/meta/recipes-support/atk/at-spi2-core_2.46.0.bb @@ -13,7 +13,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz" SRC_URI[sha256sum] = "aa0c86c79f7a8d67bae49a5b7a5ab08430c608cffe6e33bf47a72f41ab03c3d0" -DEPENDS = "dbus glib-2.0 libxml2" +DEPENDS = "dbus glib-2.0 glib-2.0-native libxml2" # For backwards compatibility PROVIDES += "atk at-spi2-atk" diff --git a/poky/meta/recipes-support/libgit2/libgit2_1.6.3.bb b/poky/meta/recipes-support/libgit2/libgit2_1.6.3.bb index 554e18e4da..cab7d7a20a 100644 --- a/poky/meta/recipes-support/libgit2/libgit2_1.6.3.bb +++ b/poky/meta/recipes-support/libgit2/libgit2_1.6.3.bb @@ -13,9 +13,8 @@ S = "${WORKDIR}/git" inherit cmake EXTRA_OECMAKE = "\ - -DBUILD_CLAR=OFF \ + -DBUILD_TESTS=OFF \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \ - -DLIB_INSTALL_DIR=${libdir} \ -DREGEX_BACKEND='pcre2' \ " diff --git a/poky/meta/recipes-support/vte/vte_0.72.0.bb b/poky/meta/recipes-support/vte/vte_0.72.0.bb index c08ac879e1..5eaff99159 100644 --- a/poky/meta/recipes-support/vte/vte_0.72.0.bb +++ b/poky/meta/recipes-support/vte/vte_0.72.0.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = " \ file://COPYING.XTERM;md5=d7fc3a23c16c039afafe2e042030f057 \ " -DEPENDS = "glib-2.0 gtk+3 libpcre2 libxml2-native gperf-native icu" +DEPENDS = "glib-2.0 glib-2.0-native gtk+3 libpcre2 libxml2-native gperf-native icu" GNOMEBASEBUILDCLASS = "meson" GIR_MESON_OPTION = 'gir' |