[gatesgarth][PATCH 00/18] review request

[gatesgarth][PATCH 00/18] review request

[Anuj Mittal]

Please review these next set of changes for gatesgarth. Builds cleanly
on autobuilder.

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2039

Thanks,

Anuj

The following changes since commit fdae970656cc421c542af9856bc9ae038c61db13:

  build-appliance-image: Update to gatesgarth head revision (2021-03-28 22:33:00 +0100)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib anujm/gatesgarth

Anatol Belski (1):
  glibc: Pull latest 2.32 HEAD

Anton D. Kachalov (1):
  run-postinsts: do not remove postinsts directory.

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.105
  linux-yocto/5.4: update to v5.4.107

Christopher Larson (2):
  buildhistory: add missing vardepsexcludes
  image,populate_sdk_base: move 'func' flag setting for sdk command vars

Dorinda Bassey (1):
  devshell.bbclass: Exceptions displayed within devpyshell

Guillaume Champagne (1):
  image-live.bbclass: optional depends when ROOTFS empty

Khem Raj (1):
  documentation-audit.sh: Fix typo in specifying LICENSE_FLAGS_WHITELIST

Lee Chee Yang (2):
  cve-update-db-native: consider version suffix when update CVE db
  cve-check: CVE_VERSION_SUFFIX to work with patched release

Martin Jansa (1):
  binutils: backport fix for gold with theads enabled from 2.36.0

Michael Trensch (1):
  linux-firmware: Fix packaging

Mikko Rapeli (1):
  openssl: update to 1.1.1k to fix CVE-2021-3450 and CVE-2021-3449

Mingli Yu (1):
  libtool: make sure autoheader run before autoconf

Minjae Kim (1):
  git: fix CVE-2021-21300

Petr Vorel (1):
  scripts/verify-bashisms: Update checkbashisms.pl URL

Richard Purdie (1):
  selftest/wic: Fix dependency issue in rawcopy test

 meta/classes/buildhistory.bbclass             |   3 +
 meta/classes/devshell.bbclass                 |   1 +
 meta/classes/image-live.bbclass               |   2 +-
 meta/classes/image.bbclass                    |   2 +-
 meta/classes/populate_sdk_base.bbclass        |   7 +
 meta/lib/oe/cve_check.py                      |   7 +-
 meta/lib/oeqa/selftest/cases/cve_check.py     |   8 +
 meta/lib/oeqa/selftest/cases/wic.py           |  18 +-
 .../{openssl_1.1.1j.bb => openssl_1.1.1k.bb}  |   2 +-
 meta/recipes-core/glibc/glibc-version.inc     |   2 +-
 meta/recipes-core/glibc/glibc_2.32.bb         |   2 +-
 .../recipes-core/meta/cve-update-db-native.bb |   7 +-
 .../binutils/binutils-2.35.1.inc              |   1 +
 ..._counts_lock-is-initialized-before-u.patch |  41 +++
 meta/recipes-devtools/git/git.inc             |   4 +-
 .../git/git/CVE-2021-21300.patch              | 304 ++++++++++++++++++
 .../libtool/libtool-2.4.6.inc                 |   1 +
 ...-sure-autoheader-run-before-autoconf.patch |  35 ++
 .../run-postinsts/run-postinsts/run-postinsts |  10 +-
 meta/recipes-extended/sudo/sudo.inc           |   2 +
 .../linux-firmware/linux-firmware_20210208.bb |  41 ++-
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 scripts/contrib/documentation-audit.sh        |   2 +-
 scripts/verify-bashisms                       |   2 +-
 26 files changed, 490 insertions(+), 50 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1j.bb => openssl_1.1.1k.bb} (98%)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0001-gold-ensure-file_counts_lock-is-initialized-before-u.patch
 create mode 100644 meta/recipes-devtools/git/git/CVE-2021-21300.patch
 create mode 100644 meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch

-- 
2.30.2

[gatesgarth][PATCH 01/18] glibc: Pull latest 2.32 HEAD

[Anuj Mittal]

From: Anatol Belski <anbelski@linux.microsoft.com>

New commits:

$ git log --format="%h %s" df31c7ca927242d5d4eee97f93a01e23ff47e332..f84949f1c4bbf20e6a1d9a5859cf012cde060ede
f84949f1c4 powerpc64: Workaround sigtramp vdso return call
5e43566f0f nscd: Fix double free in netgroupcache [BZ #27462]

Note also that additionally CVE-2021-3326 has been whitelisted as it was
already present in the previous state.

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-core/glibc/glibc-version.inc | 2 +-
 meta/recipes-core/glibc/glibc_2.32.bb     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 586b2e207e..84d199bb1d 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.32/master"
 PV = "2.32"
-SRCREV_glibc ?= "760e1d287825fa91d4d5a0cc921340c740d803e2"
+SRCREV_glibc ?= "44b395932961a29825da4ad025124a6760858d9c"
 SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc_2.32.bb b/meta/recipes-core/glibc/glibc_2.32.bb
index e4fe9b87b5..03aea52508 100644
--- a/meta/recipes-core/glibc/glibc_2.32.bb
+++ b/meta/recipes-core/glibc/glibc_2.32.bb
@@ -2,7 +2,7 @@ require glibc.inc
 require glibc-version.inc
 
 # whitelist CVE's with fixes in latest release/2.32/master branch
-CVE_CHECK_WHITELIST += "CVE-2019-25013 CVE-2020-10029 CVE-2020-27618"
+CVE_CHECK_WHITELIST += "CVE-2019-25013 CVE-2020-10029 CVE-2020-27618 CVE-2021-27645 CVE-2021-3326"
 
 DEPENDS += "gperf-native bison-native make-native"
 
-- 
2.30.2

[gatesgarth][PATCH 02/18] binutils: backport fix for gold with theads enabled from 2.36.0

[Anuj Mittal]

From: Martin Jansa <Martin.Jansa@gmail.com>

* building chromium with gold and threads triggers this issue:
  [1/2] SOLINK ./libcbe.so
  FAILED: libcbe.so libcbe.so.TOC
  python "../../git/src/build/toolchain/gcc_solink_wrapper.py" --readelf="readelf" --nm="nm" --sofile="./libcbe.so" --tocfile="./libcbe.so.TOC" --output="./libcbe.so" -- i686-oe-linux-g++  -m32 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong  -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security  --sysroot=chromium/84.0.4147.89-4-r41.1/recipe-sysroot -shared -Wl,-soname="libcbe.so" -fPIC -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now -Wl,-z,defs -Wl,--as-needed -fuse-ld=gold -Wl,--threads -Wl,--thread-count=4 -m32 -Wl,-O2 -Wl,--gc-sections -rdynamic --sysroot=../../recipe-sysroot -L../../recipe-sysroot/lib -L../../recipe-sysroot/usr/lib -Lchromium/84.0.4147.89-4-r41.1/recipe-sysroot -o "./libcbe.so" @"./libcbe.so.rsp"
  collect2: fatal error: ld terminated with signal 11 [Segmentation fault]
  compilation terminated.

* removing threads/thread-count is one possible work around, but then
  the use of gold for performance makes even less sense, that's why
  chromium from meta-browser uses LLD by default:
  https://github.com/OSSystems/meta-browser/commit/15228b01903d4ca801916e55c7618fa5a71019b7
  https://lld.llvm.org/#performance
  but lets backport this as other recipes might also reproduce this
  issue

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../binutils/binutils-2.35.1.inc              |  1 +
 ..._counts_lock-is-initialized-before-u.patch | 41 +++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0001-gold-ensure-file_counts_lock-is-initialized-before-u.patch

diff --git a/meta/recipes-devtools/binutils/binutils-2.35.1.inc b/meta/recipes-devtools/binutils/binutils-2.35.1.inc
index 775af2b8f2..6290d5b191 100644
--- a/meta/recipes-devtools/binutils/binutils-2.35.1.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.35.1.inc
@@ -44,5 +44,6 @@ SRC_URI = "\
      file://0017-gas-improve-reproducibility-for-stabs-debugging-data.patch \
      file://0001-aarch64-Return-an-error-on-conditional-branch-to-an-.patch \
      file://CVE-2020-35448.patch \
+     file://0001-gold-ensure-file_counts_lock-is-initialized-before-u.patch \
 "
 S  = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0001-gold-ensure-file_counts_lock-is-initialized-before-u.patch b/meta/recipes-devtools/binutils/binutils/0001-gold-ensure-file_counts_lock-is-initialized-before-u.patch
new file mode 100644
index 0000000000..f46415f440
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0001-gold-ensure-file_counts_lock-is-initialized-before-u.patch
@@ -0,0 +1,41 @@
+From de24fc96bf24fca470a9ca13176ad9ad9cc4d5a9 Mon Sep 17 00:00:00 2001
+From: Nick Gasson <nick.gasson@arm.com>
+Date: Mon, 2 Nov 2020 12:02:05 +0800
+Subject: [PATCH] gold: ensure file_counts_lock is initialized before using
+
+Since upgrading to binutils 2.35 I've been experiencing random memory
+corruption related crashes with ld.gold --threads. It's caused by
+multiple threads concurrently pushing elements onto the shared
+std::vector in File_read::record_file_read(). This vector is supposed to
+be protected by file_counts_lock, but that is initialized lazily and
+might be NULL when File_read::open() is called, in which case
+Hold_optional_lock silently skips locking it.
+
+Fix by calling the initialize() method before attempting to acquire the
+lock, the same as other places that use file_counts_lock.
+
+	PR 26827
+	* fileread.cc (File_read::open): Ensure file_counts_lock is
+	initialized.
+	* testsuite/Makefile.am (check_PROGRAMS): Add a test that passes
+	-Wl,--threads.
+	* testsuite/Makefile.in: Regenerate.
+
+Upstream-Status: Backport [af61e84fd2d from 2.36.0]
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ gold/fileread.cc | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/gold/fileread.cc b/gold/fileread.cc
+index f5ca719360d..0b5228e2afd 100644
+--- a/gold/fileread.cc
++++ b/gold/fileread.cc
+@@ -212,6 +212,7 @@ File_read::open(const Task* task, const std::string& name)
+       gold_debug(DEBUG_FILES, "Attempt to open %s succeeded",
+ 		 this->name_.c_str());
+       this->token_.add_writer(task);
++      file_counts_initialize_lock.initialize();
+       Hold_optional_lock hl(file_counts_lock);
+       record_file_read(this->name_);
+     }
-- 
2.30.2

[gatesgarth][PATCH 03/18] git: fix CVE-2021-21300

[Anuj Mittal]

From: Minjae Kim <flowergom@gmail.com>

checkout: fix bug that makes checkout follow symlinks in leading path

Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592]
CVE: CVE-2021-21300
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-devtools/git/git.inc             |   4 +-
 .../git/git/CVE-2021-21300.patch              | 304 ++++++++++++++++++
 2 files changed, 307 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-devtools/git/git/CVE-2021-21300.patch

diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc
index 586a305b27..3e78254eec 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -8,7 +8,9 @@ PROVIDES_append_class-native = " git-replacement-native"
 
 SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
            ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
-           file://fixsort.patch"
+           file://fixsort.patch \
+	   file://CVE-2021-21300.patch \
+"
 
 S = "${WORKDIR}/git-${PV}"
 
diff --git a/meta/recipes-devtools/git/git/CVE-2021-21300.patch b/meta/recipes-devtools/git/git/CVE-2021-21300.patch
new file mode 100644
index 0000000000..390570fe78
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2021-21300.patch
@@ -0,0 +1,304 @@
+From ba07d31bd2140190c4d8c197c9b8a503544b4c29 Mon Sep 17 00:00:00 2001
+From: Minjae Kim <flowrgom@gmail.com>
+Date: Sat, 27 Mar 2021 14:05:56 +0900
+Subject: [PATCH] checkout: fix bug that makes checkout follow symlinks in
+ leading path
+
+Before checking out a file, we have to confirm that all of its leading
+components are real existing directories. And to reduce the number of
+lstat() calls in this process, we cache the last leading path known to
+contain only directories. However, when a path collision occurs (e.g.
+when checking out case-sensitive files in case-insensitive file
+systems), a cached path might have its file type changed on disk,
+leaving the cache on an invalid state. Normally, this doesn't bring
+any bad consequences as we usually check out files in index order, and
+therefore, by the time the cached path becomes outdated, we no longer
+need it anyway (because all files in that directory would have already
+been written).
+
+But, there are some users of the checkout machinery that do not always
+follow the index order. In particular: checkout-index writes the paths
+in the same order that they appear on the CLI (or stdin); and the
+delayed checkout feature -- used when a long-running filter process
+replies with "status=delayed" -- postpones the checkout of some entries,
+thus modifying the checkout order.
+
+When we have to check out an out-of-order entry and the lstat() cache is
+invalid (due to a previous path collision), checkout_entry() may end up
+using the invalid data and thrusting that the leading components are
+real directories when, in reality, they are not. In the best case
+scenario, where the directory was replaced by a regular file, the user
+will get an error: "fatal: unable to create file 'foo/bar': Not a
+directory". But if the directory was replaced by a symlink, checkout
+could actually end up following the symlink and writing the file at a
+wrong place, even outside the repository. Since delayed checkout is
+affected by this bug, it could be used by an attacker to write
+arbitrary files during the clone of a maliciously crafted repository.
+
+Some candidate solutions considered were to disable the lstat() cache
+during unordered checkouts or sort the entries before passing them to
+the checkout machinery. But both ideas include some performance penalty
+and they don't future-proof the code against new unordered use cases.
+
+Instead, we now manually reset the lstat cache whenever we successfully
+remove a directory. Note: We are not even checking whether the directory
+was the same as the lstat cache points to because we might face a
+scenario where the paths refer to the same location but differ due to
+case folding, precomposed UTF-8 issues, or the presence of `..`
+components in the path. Two regression tests, with case-collisions and
+utf8-collisions, are also added for both checkout-index and delayed
+checkout.
+
+Note: to make the previously mentioned clone attack unfeasible, it would
+be sufficient to reset the lstat cache only after the remove_subtree()
+call inside checkout_entry(). This is the place where we would remove a
+directory whose path collides with the path of another entry that we are
+currently trying to check out (possibly a symlink). However, in the
+interest of a thorough fix that does not leave Git open to
+similar-but-not-identical attack vectors, we decided to intercept
+all `rmdir()` calls in one fell swoop.
+
+This addresses CVE-2021-21300.
+
+Co-authored-by: Johannes Schindelin <johannes.schindelin@gmx.de>
+Signed-off-by: Matheus Tavares <matheus.bernardino@usp.br>
+
+Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592]
+CVE: CVE-2021-21300
+Signed-off-by: Minjae Kim <flowergom@gmail.com>
+---
+ cache.h                         |  1 +
+ compat/mingw.c                  |  2 ++
+ git-compat-util.h               |  5 +++++
+ symlinks.c                      | 24 ++++++++++++++++++++
+ t/t0021-conversion.sh           | 39 ++++++++++++++++++++++++++++++++
+ t/t0021/rot13-filter.pl         | 21 ++++++++++++++---
+ t/t2006-checkout-index-basic.sh | 40 +++++++++++++++++++++++++++++++++
+ 7 files changed, 129 insertions(+), 3 deletions(-)
+
+diff --git a/cache.h b/cache.h
+index 6544264..64226c3 100644
+--- a/cache.h
++++ b/cache.h
+@@ -1733,6 +1733,7 @@ int has_symlink_leading_path(const char *name, int len);
+ int threaded_has_symlink_leading_path(struct cache_def *, const char *, int);
+ int check_leading_path(const char *name, int len);
+ int has_dirs_only_path(const char *name, int len, int prefix_len);
++extern void invalidate_lstat_cache(void);
+ void schedule_dir_for_removal(const char *name, int len);
+ void remove_scheduled_dirs(void);
+ 
+diff --git a/compat/mingw.c b/compat/mingw.c
+index 8ee0b64..be2b88e 100644
+--- a/compat/mingw.c
++++ b/compat/mingw.c
+@@ -364,6 +364,8 @@ int mingw_rmdir(const char *pathname)
+ 	       ask_yes_no_if_possible("Deletion of directory '%s' failed. "
+ 			"Should I try again?", pathname))
+ 	       ret = _wrmdir(wpathname);
++	if (!ret)
++		invalidate_lstat_cache();
+ 	return ret;
+ }
+ 
+diff --git a/git-compat-util.h b/git-compat-util.h
+index 5637114..d983853 100644
+--- a/git-compat-util.h
++++ b/git-compat-util.h
+@@ -345,6 +345,11 @@ static inline int noop_core_config(const char *var, const char *value, void *cb)
+ #define platform_core_config noop_core_config
+ #endif
+ 
++int lstat_cache_aware_rmdir(const char *path);
++#if !defined(__MINGW32__) && !defined(_MSC_VER)
++#define rmdir lstat_cache_aware_rmdir
++#endif
++
+ #ifndef has_dos_drive_prefix
+ static inline int git_has_dos_drive_prefix(const char *path)
+ {
+diff --git a/symlinks.c b/symlinks.c
+index 69d458a..7dbb6b2 100644
+--- a/symlinks.c
++++ b/symlinks.c
+@@ -267,6 +267,13 @@ int has_dirs_only_path(const char *name, int len, int prefix_len)
+  */
+ static int threaded_has_dirs_only_path(struct cache_def *cache, const char *name, int len, int prefix_len)
+ {
++	/*
++	 * Note: this function is used by the checkout machinery, which also
++	 * takes care to properly reset the cache when it performs an operation
++	 * that would leave the cache outdated. If this function starts caching
++	 * anything else besides FL_DIR, remember to also invalidate the cache
++	 * when creating or deleting paths that might be in the cache.
++	 */
+ 	return lstat_cache(cache, name, len,
+ 			   FL_DIR|FL_FULLPATH, prefix_len) &
+ 		FL_DIR;
+@@ -321,3 +328,20 @@ void remove_scheduled_dirs(void)
+ {
+ 	do_remove_scheduled_dirs(0);
+ }
++
++void invalidate_lstat_cache(void)
++{
++	reset_lstat_cache(&default_cache);
++}
++
++#undef rmdir
++int lstat_cache_aware_rmdir(const char *path)
++{
++	/* Any change in this function must be made also in `mingw_rmdir()` */
++	int ret = rmdir(path);
++
++	if (!ret)
++		invalidate_lstat_cache();
++
++	return ret;
++}
+diff --git a/t/t0021-conversion.sh b/t/t0021-conversion.sh
+index 4bfffa9..c42f51e 100755
+--- a/t/t0021-conversion.sh
++++ b/t/t0021-conversion.sh
+@@ -957,4 +957,43 @@ test_expect_success PERL 'invalid file in delayed checkout' '
+ 	grep "error: external filter .* signaled that .unfiltered. is now available although it has not been delayed earlier" git-stderr.log
+ '
+ 
++for mode in 'case' 'utf-8'
++do
++	case "$mode" in
++	case)	dir='A' symlink='a' mode_prereq='CASE_INSENSITIVE_FS' ;;
++	utf-8)
++		dir=$(printf "\141\314\210") symlink=$(printf "\303\244")
++		mode_prereq='UTF8_NFD_TO_NFC' ;;
++	esac
++
++	test_expect_success PERL,SYMLINKS,$mode_prereq \
++	"delayed checkout with $mode-collision don't write to the wrong place" '
++		test_config_global filter.delay.process \
++			"\"$TEST_ROOT/rot13-filter.pl\" --always-delay delayed.log clean smudge delay" &&
++		test_config_global filter.delay.required true &&
++		git init $mode-collision &&
++		(
++			cd $mode-collision &&
++			mkdir target-dir &&
++			empty_oid=$(printf "" | git hash-object -w --stdin) &&
++			symlink_oid=$(printf "%s" "$PWD/target-dir" | git hash-object -w --stdin) &&
++			attr_oid=$(echo "$dir/z filter=delay" | git hash-object -w --stdin) &&
++			cat >objs <<-EOF &&
++			100644 blob $empty_oid	$dir/x
++			100644 blob $empty_oid	$dir/y
++			100644 blob $empty_oid	$dir/z
++			120000 blob $symlink_oid	$symlink
++			100644 blob $attr_oid	.gitattributes
++			EOF
++			git update-index --index-info <objs &&
++			git commit -m "test commit"
++		) &&
++		git clone $mode-collision $mode-collision-cloned &&
++		# Make sure z was really delayed
++		grep "IN: smudge $dir/z .* \\[DELAYED\\]" $mode-collision-cloned/delayed.log &&
++		# Should not create $dir/z at $symlink/z
++		test_path_is_missing $mode-collision/target-dir/z
++	'
++done
++
+ test_done
+diff --git a/t/t0021/rot13-filter.pl b/t/t0021/rot13-filter.pl
+index cd32a82..7bb9376 100644
+--- a/t/t0021/rot13-filter.pl
++++ b/t/t0021/rot13-filter.pl
+@@ -2,9 +2,15 @@
+ # Example implementation for the Git filter protocol version 2
+ # See Documentation/gitattributes.txt, section "Filter Protocol"
+ #
+-# The first argument defines a debug log file that the script write to.
+-# All remaining arguments define a list of supported protocol
+-# capabilities ("clean", "smudge", etc).
++# Usage: rot13-filter.pl [--always-delay] <log path> <capabilities>
++#
++# Log path defines a debug log file that the script writes to. The
++# subsequent arguments define a list of supported protocol capabilities
++# ("clean", "smudge", etc).
++#
++# When --always-delay is given all pathnames with the "can-delay" flag
++# that don't appear on the list bellow are delayed with a count of 1
++# (see more below).
+ #
+ # This implementation supports special test cases:
+ # (1) If data with the pathname "clean-write-fail.r" is processed with
+@@ -53,6 +59,13 @@ sub gitperllib {
+ use Git::Packet;
+ 
+ my $MAX_PACKET_CONTENT_SIZE = 65516;
++
++my $always_delay = 0;
++if ( $ARGV[0] eq '--always-delay' ) {
++	$always_delay = 1;
++	shift @ARGV;
++}
++
+ my $log_file                = shift @ARGV;
+ my @capabilities            = @ARGV;
+ 
+@@ -134,6 +147,8 @@ sub rot13 {
+ 			if ( $buffer eq "can-delay=1" ) {
+ 				if ( exists $DELAY{$pathname} and $DELAY{$pathname}{"requested"} == 0 ) {
+ 					$DELAY{$pathname}{"requested"} = 1;
++				} elsif ( !exists $DELAY{$pathname} and $always_delay ) {
++					$DELAY{$pathname} = { "requested" => 1, "count" => 1 };
+ 				}
+ 			} elsif ($buffer =~ /^(ref|treeish|blob)=/) {
+ 				print $debug " $buffer";
+diff --git a/t/t2006-checkout-index-basic.sh b/t/t2006-checkout-index-basic.sh
+index 57cbdfe..f223a02 100755
+--- a/t/t2006-checkout-index-basic.sh
++++ b/t/t2006-checkout-index-basic.sh
+@@ -21,4 +21,44 @@ test_expect_success 'checkout-index -h in broken repository' '
+ 	test_i18ngrep "[Uu]sage" broken/usage
+ '
+ 
++for mode in 'case' 'utf-8'
++do
++	case "$mode" in
++	case)	dir='A' symlink='a' mode_prereq='CASE_INSENSITIVE_FS' ;;
++	utf-8)
++		dir=$(printf "\141\314\210") symlink=$(printf "\303\244")
++		mode_prereq='UTF8_NFD_TO_NFC' ;;
++	esac
++
++	test_expect_success SYMLINKS,$mode_prereq \
++	"checkout-index with $mode-collision don't write to the wrong place" '
++		git init $mode-collision &&
++		(
++			cd $mode-collision &&
++			mkdir target-dir &&
++			empty_obj_hex=$(git hash-object -w --stdin </dev/null) &&
++			symlink_hex=$(printf "%s" "$PWD/target-dir" | git hash-object -w --stdin) &&
++			cat >objs <<-EOF &&
++			100644 blob ${empty_obj_hex}	${dir}/x
++			100644 blob ${empty_obj_hex}	${dir}/y
++			100644 blob ${empty_obj_hex}	${dir}/z
++			120000 blob ${symlink_hex}	${symlink}
++			EOF
++			git update-index --index-info <objs &&
++			# Note: the order is important here to exercise the
++			# case where the file at ${dir} has its type changed by
++			# the time Git tries to check out ${dir}/z.
++			#
++			# Also, we use core.precomposeUnicode=false because we
++			# want Git to treat the UTF-8 paths transparently on
++			# Mac OS, matching what is in the index.
++			#
++			git -c core.precomposeUnicode=false checkout-index -f \
++				${dir}/x ${dir}/y ${symlink} ${dir}/z &&
++			# Should not create ${dir}/z at ${symlink}/z
++			test_path_is_missing target-dir/z
++		)
++	'
++done
++
+ test_done
+-- 
+2.17.1
+
-- 
2.30.2

[gatesgarth][PATCH 04/18] openssl: update to 1.1.1k to fix CVE-2021-3450 and CVE-2021-3449

[Anuj Mittal]

From: Mikko Rapeli <mikko.rapeli@bmw.de>

Only security issues fixed in this release according to
https://www.openssl.org/news/cl111.txt

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../openssl/{openssl_1.1.1j.bb => openssl_1.1.1k.bb}            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1j.bb => openssl_1.1.1k.bb} (98%)

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1j.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb
similarity index 98%
rename from meta/recipes-connectivity/openssl/openssl_1.1.1j.bb
rename to meta/recipes-connectivity/openssl/openssl_1.1.1k.bb
index f054d2fdba..5f281197c9 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1j.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb
@@ -23,7 +23,7 @@ SRC_URI_append_class-nativesdk = " \
            file://environment.d-openssl.sh \
            "
 
-SRC_URI[sha256sum] = "aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf"
+SRC_URI[sha256sum] = "892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5"
 
 inherit lib_package multilib_header multilib_script ptest
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
-- 
2.30.2

[gatesgarth][PATCH 05/18] linux-yocto/5.4: update to v5.4.105

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    ce615a08404c Linux 5.4.105
    d17cf4cb1928 nvme-pci: add quirks for Lexar 256GB SSD
    1d08ff846484 nvme-pci: mark Seagate Nytro XM1440 as QUIRK_NO_NS_DESC_LIST.
    9106a7844efb HID: i2c-hid: Add I2C_HID_QUIRK_NO_IRQ_AFTER_RESET for ITE8568 EC on Voyo Winpad A15
    b5e10e9b3047 mmc: sdhci-of-dwcmshc: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN
    21f3fb36b5a2 drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
    1d113893ff9d misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
    9f1f09887551 PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
    f40fdcb7ca29 ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140
    242be7cddd25 ACPI: video: Add DMI quirk for GIGABYTE GB-BXBT-2807
    86c8848d680a media: cx23885: add more quirks for reset DMA on some AMD IOMMU
    fd476c6d4e1a HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter
    ef9fa6bb8582 platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016
    3a8eb20cb87b platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices
    e3a3a69da177 platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag
    b734af305c78 platform/x86: acer-wmi: Add new force_caps module parameter
    025180244251 platform/x86: acer-wmi: Cleanup accelerometer device handling
    37b4324cb78e platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines
    200e14759da5 mwifiex: pcie: skip cancel_work_sync() on reset failure path
    c699a89d385c iommu/amd: Fix sleeping in atomic in increase_address_space()
    fa56bf637eac ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region parameter handling
    f27765adb3f6 dm table: fix zoned iterate_devices based device capability checks
    06ef17b88676 dm table: fix DAX iterate_devices based device capability checks
    b8aedc65db40 dm table: fix iterate_devices based device capability checks
    c1f5fc082beb net: dsa: add GRO support via gro_cells
    84d5d3c9d3fb Linux 5.4.104
    d859388ea25a r8169: fix resuming from suspend on RTL8105e if machine runs on battery
    1fba84f3c491 rsxx: Return -EFAULT if copy_to_user() fails
    77a81b10f894 ftrace: Have recordmcount use w8 to read relp->r_info in arm64_is_fake_mcount
    9a20e5782d2d ALSA: hda: intel-nhlt: verify config type
    86b3b62b81c5 IB/mlx5: Add missing error code
    809ef2660c1b RDMA/rxe: Fix missing kconfig dependency on CRYPTO
    26a1af33c9cd ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits
    6827415290ab usbip: tools: fix build error for multiple definition
    078170924d84 crypto - shash: reduce minimum alignment of shash_desc structure
    1f8884d04480 arm64: ptrace: Fix seccomp of traced syscall -1 (NO_SYSCALL)
    9e15b43fdaf3 drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie
    b367201430dd dm verity: fix FEC for RS roots unaligned to block size
    1a4182923144 dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size
    52a643680165 PM: runtime: Update device status before letting suppliers suspend
    e49baccfe299 btrfs: fix warning when creating a directory with smack enabled
    a87911c26a1c btrfs: unlock extents in btrfs_zero_range in case of quota reservation errors
    91bc3296bffb btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata
    8674c1a72a69 btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl
    0c740d2b8c61 btrfs: fix raid6 qstripe kmap
    909a8d2b1e7b btrfs: raid56: simplify tracking of Q stripe presence
    15726df8c09a tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality()
    6d71cbc91104 tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality()

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 589673d5cef12c98a95c83d47d30d6fc35463747)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 638f3df2fb..49e9cf4cbc 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "34ae8b39b6414e1f05fed93966c5ab1db20b6963"
-SRCREV_meta ?= "feeb59687bc0f054af837a5061f8d413ec7c93e9"
+SRCREV_machine ?= "08b34e26f97c0549961710c3b14258910979aff4"
+SRCREV_meta ?= "f67ab86441a7ebe38b5a25126d6eebc2ef6fee99"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.103"
+LINUX_VERSION ?= "5.4.105"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 9dcea7b0ab..2bdaac0f50 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.103"
+LINUX_VERSION ?= "5.4.105"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "ffe71606242ccf95707aae7599805419f14277ff"
-SRCREV_machine ?= "80ade4d43bbcb497d363d44508af69af74a84092"
-SRCREV_meta ?= "feeb59687bc0f054af837a5061f8d413ec7c93e9"
+SRCREV_machine_qemuarm ?= "889b072e7b492ce96a80384f9d3e5412ff8ff839"
+SRCREV_machine ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
+SRCREV_meta ?= "f67ab86441a7ebe38b5a25126d6eebc2ef6fee99"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 64f9789c6c..0c41556566 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "31486fc68d8688908700a68b6655fd50c733d882"
-SRCREV_machine_qemuarm64 ?= "80ade4d43bbcb497d363d44508af69af74a84092"
-SRCREV_machine_qemumips ?= "aec63899e25194c00dbc5f25db8fe6c4461eef21"
-SRCREV_machine_qemuppc ?= "80ade4d43bbcb497d363d44508af69af74a84092"
-SRCREV_machine_qemuriscv64 ?= "80ade4d43bbcb497d363d44508af69af74a84092"
-SRCREV_machine_qemux86 ?= "80ade4d43bbcb497d363d44508af69af74a84092"
-SRCREV_machine_qemux86-64 ?= "80ade4d43bbcb497d363d44508af69af74a84092"
-SRCREV_machine_qemumips64 ?= "c155e91597bd1a1aae557405b5061bb8c2695e5d"
-SRCREV_machine ?= "80ade4d43bbcb497d363d44508af69af74a84092"
-SRCREV_meta ?= "feeb59687bc0f054af837a5061f8d413ec7c93e9"
+SRCREV_machine_qemuarm ?= "65543d1e3cd5140ac0384179e46d881b728b4013"
+SRCREV_machine_qemuarm64 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
+SRCREV_machine_qemumips ?= "182eacc3bb0ee860380decb664e05e6ec94fe003"
+SRCREV_machine_qemuppc ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
+SRCREV_machine_qemuriscv64 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
+SRCREV_machine_qemux86 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
+SRCREV_machine_qemux86-64 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
+SRCREV_machine_qemumips64 ?= "bc21e93c3154523e0f490fed699feb79ab60536b"
+SRCREV_machine ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
+SRCREV_meta ?= "f67ab86441a7ebe38b5a25126d6eebc2ef6fee99"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.103"
+LINUX_VERSION ?= "5.4.105"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.30.2

[gatesgarth][PATCH 06/18] linux-yocto/5.4: update to v5.4.107

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    a65e78863443 Linux 5.4.107
    5161cc4350de net: dsa: b53: Support setting learning on port
    ebeefdc3d8ee net: dsa: tag_mtk: fix 802.1ad VLAN egress
    6c3d86e6ffde crypto: x86/aes-ni-xts - use direct calls to and 4-way stride
    ae69c97bb76e crypto: aesni - Use TEST %reg,%reg instead of CMP $0,%reg
    eeb0899e0073 crypto: x86 - Regularize glue function prototypes
    187ae0463653 fuse: fix live lock in fuse_iget()
    28e53acd3065 drm/i915/gvt: Fix vfio_edid issue for BXT/APL
    5a7c72ffb412 drm/i915/gvt: Fix port number for BDW on EDID region setup
    4ab29329668d drm/i915/gvt: Fix virtual display setup for BXT/APL
    e46f72e1f27c drm/i915/gvt: Fix mmio handler break on BXT/APL.
    8cd68991b836 drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang
    50f83ffc58ab btrfs: scrub: Don't check free space before marking a block group RO
    591ea83fd2ce bpf, selftests: Fix up some test_verifier cases for unprivileged
    4e4c85404a23 bpf: Add sanity check for upper ptr_limit
    524471df8fa9 bpf: Simplify alu_limit masking for pointer arithmetic
    2da0540739e4 bpf: Fix off-by-one for area size in creating mask to left
    ea8fb45eaac1 bpf: Prohibit alu ops for pointer types not defining ptr_limit
    010c5bee66bd KVM: arm64: nvhe: Save the SPE context early
    0437de26e28d Linux 5.4.106
    b802b6ef28d6 xen/events: avoid handling the same event on two cpus at the same time
    92aefc62f483 xen/events: don't unmask an event channel when an eoi is pending
    43d0b82bb45c xen/events: reset affinity of 2-level event when tearing it down
    38563c1ff081 KVM: arm64: Reject VM creation when the default IPA size is unsupported
    da2e37b55d4c KVM: arm64: Ensure I-cache isolation between vcpus of a same VM
    4e2156c0d37b nvme: release namespace head reference on error
    eb565f052b3e nvme: unlink head after removing last namespace
    4535fb9ec5fd KVM: arm64: Fix exclusive limit for IPA size
    e28b19ca2aeb x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2
    c0e0ab60d0b1 binfmt_misc: fix possible deadlock in bm_register_write
    106fea9ad246 powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
    907f7f2cf0ff sched/membarrier: fix missing local execution of ipi_sync_rq_state()
    2306580a95b7 zram: fix return value on writeback_store
    29e28a134a49 include/linux/sched/mm.h: use rcu_dereference in in_vfork()
    99f1960cae4f stop_machine: mark helpers __always_inline
    aaf92d0538d2 hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event()
    88c79851b82d arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds
    73aa6f93e1e9 configfs: fix a use-after-free in __configfs_open_file
    babd55002dd4 block: rsxx: fix error return code of rsxx_pci_probe()
    41deefab452a NFSv4.2: fix return value of _nfs4_get_security_label()
    86954a52d829 NFS: Don't gratuitously clear the inode cache when lookup failed
    d29f9aa6a8b2 NFS: Don't revalidate the directory permissions on a lookup failure
    d5a69ed75931 SUNRPC: Set memalloc_nofs_save() for sync tasks
    9c9ea7ac18b2 arm64/mm: Fix pfn_valid() for ZONE_DEVICE based memory
    19bb2a20710d sh_eth: fix TRSCER mask for R7S72100
    c3c1defad2dd staging: comedi: pcl818: Fix endian problem for AI command data
    c5916897a6e1 staging: comedi: pcl711: Fix endian problem for AI command data
    7d8ec7bef320 staging: comedi: me4000: Fix endian problem for AI command data
    e70294943c89 staging: comedi: dmm32at: Fix endian problem for AI command data
    47a2af64eea3 staging: comedi: das800: Fix endian problem for AI command data
    0f2522ec71b6 staging: comedi: das6402: Fix endian problem for AI command data
    e91490b9edb9 staging: comedi: adv_pci1710: Fix endian problem for AI command data
    4d6505edee5a staging: comedi: addi_apci_1500: Fix endian problem for command sample
    f258c1c26f64 staging: comedi: addi_apci_1032: Fix endian problem for COS sample
    e644fc4ab7bb staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan
    8f586a59829b staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd
    9fe42273b2c6 staging: ks7010: prevent buffer overflow in ks_wlan_set_scan()
    ab42f28d5f34 staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data()
    1a866057e970 staging: rtl8712: unterminated string leads to read overflow
    da5abe369b03 staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
    a311b6a7f099 staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan()
    e4b52c7cbaaf misc: fastrpc: restrict user apps from sending kernel RPC messages
    9009b59dfd5f misc/pvpanic: Export module FDT device table
    0a58a400a93b usbip: fix vudc usbip_sockfd_store races leading to gpf
    8a50dda5243e usbip: fix vhci_hcd attach_store() races leading to gpf
    8698133003cf usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
    7b76c7a91bf6 usbip: fix vudc to check for stream socket
    2e24c093e264 usbip: fix vhci_hcd to check for stream socket
    da1be8e07852 usbip: fix stub_dev to check for stream socket
    ec7fb77a37af USB: serial: cp210x: add some more GE USB IDs
    b05ac5bcf623 USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter
    0b7034401f0c USB: serial: ch341: add new Product ID
    5287c3d62e91 USB: serial: io_edgeport: fix memory leak in edge_startup
    c1b20c6fac05 xhci: Fix repeated xhci wake after suspend due to uncleared internal wake state
    3573dea8c17a usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing
    57ab089c09d5 xhci: Improve detection of device initiated wake signal.
    f4f02f9feb4e usb: xhci: do not perform Soft Retry for some xHCI hosts
    45bc1c34b54e usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM
    c9e346234698 USB: usblp: fix a hang in poll() if disconnected
    cc495be17466 usb: dwc3: qcom: Honor wakeup enabled/disabled state
    f030e3c67791 usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement
    014e4b616313 usb: gadget: f_uac1: stop playback on function disable
    117aadfc0616 usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot
    ec7b0ac66539 USB: gadget: u_ether: Fix a configfs return code
    0ae3101f5cf0 Goodix Fingerprint device is not a modem
    b0ea155fa4f7 mmc: cqhci: Fix random crash when remove mmc module/card
    61fadd5f1e4e mmc: core: Fix partition switch time for eMMC
    1cb73c82622c software node: Fix node registration
    3bc266631a9e s390/dasd: fix hanging IO request during DASD driver unbind
    87adc240df30 s390/dasd: fix hanging DASD driver unbind
    12002aa2e7af arm64: kasan: fix page_alloc tagging with DEBUG_VIRTUAL
    47a5d1b63f21 Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities")
    ac85e7d4abb1 ALSA: usb-audio: Apply the control quirk to Plantronics headsets
    b1fe755e51df ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar
    2b7615c97b0e ALSA: hda: Avoid spurious unsol event handling during S3/S4
    bb060148e29f ALSA: hda: Flush pending unsolicited events before suspend
    09cb42025a46 ALSA: hda: Drop the BATCH workaround for AMD controllers
    e1a92ad57b2c ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support
    ff2152beb22c ALSA: hda/hdmi: Cancel pending works before suspend
    dd6d483104bf ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk
    300fba2b4e11 scsi: target: core: Prevent underflow for service actions
    de2cdbcb4f38 scsi: target: core: Add cmd length set before cmd complete
    050e1900d617 scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling
    acf0e7b15f87 sysctl.c: fix underflow value setting risk in vm_table
    508d56e2c5c3 s390/smp: __smp_rescan_cpus() - move cpumask away from stack
    54fc6a56f72a i40e: Fix memory leak in i40e_probe
    f95403013744 PCI: Fix pci_register_io_range() memory leak
    e9be5518af2c kbuild: clamp SUBLEVEL to 255
    e622e01d44e4 PCI: mediatek: Add missing of_node_put() to fix reference leak
    d54c77959ece PCI: xgene-msi: Fix race in installing chained irq handler
    395f24b37fe8 Input: applespi - don't wait for responses to commands indefinitely.
    ad93777a59c7 sparc64: Use arch_validate_flags() to validate ADI flag
    dec0ab3bc3a2 sparc32: Limit memblock allocation to low memory
    f8788ee8544c iommu/amd: Fix performance counter initialization
    d92afe30a665 powerpc/64: Fix stack trace not displaying final frame
    61654b5d079d HID: logitech-dj: add support for the new lightspeed connection iteration
    49e38713faaf powerpc/perf: Record counter overflow always if SAMPLE_IP is unset
    a54c278fcf8b powerpc: improve handling of unrecoverable system reset
    7765b5c2c192 spi: stm32: make spurious and overrun interrupts visible
    507b9bce2113 powerpc/pci: Add ppc_md.discover_phbs()
    26d60799d99b Platform: OLPC: Fix probe error handling
    ccad3c70fcd0 mmc: mediatek: fix race condition between msdc_request_timeout and irq
    edf05afc9be3 mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()'
    c44d966e9020 udf: fix silent AED tagLocation corruption
    5f04f970d579 i2c: rcar: optimize cacheline to minimize HW race condition
    1e1aace4a395 i2c: rcar: faster irq code to minimize HW race condition
    2e24fd30c6f0 net: phy: fix save wrong speed and duplex problem if autoneg is on
    aea71e92b9a0 net: enetc: initialize RFS/RSS memories for unused ports too
    d1f308174a60 net: hns3: fix error mask definition of flow director
    cb36bf447a0c media: rc: compile rc-cec.c into rc-core
    4c0c31572b67 media: v4l: vsp1: Fix bru null pointer access
    f56a82844c1f media: v4l: vsp1: Fix uif null pointer access
    8cdc0900fc80 media: usbtv: Fix deadlock on suspend
    56b9b2c25905 sh_eth: fix TRSCER mask for R7S9210
    bdec0dd95cc8 qxl: Fix uninitialised struct field head.surface_id
    d5fc9c5d64ca s390/crypto: return -EFAULT if copy_to_user() fails
    72ba965bf10d s390/cio: return -EFAULT if copy_to_user() fails
    d2100ef32a8c drm: meson_drv add shutdown function
    72c541cc4552 drm/shmem-helper: Don't remove the offset in vm_area_struct pgoff
    0d574fc463c7 drm/shmem-helper: Check for purged buffers in fault handler
    3b08ea3a548f drm/compat: Clear bounce structures
    cabbd263c8e8 bnxt_en: reliably allocate IRQ table on reset to avoid crash
    dfa176f374ba s390/cio: return -EFAULT if copy_to_user() fails again
    05d11eb7bd9d net: hns3: fix bug when calculating the TCAM table info
    8bbc59bb0556 net: hns3: fix query vlan mask value error for flow director
    4d0273ab0a79 perf traceevent: Ensure read cmdlines are null terminated.
    ef663d149f8e selftests: forwarding: Fix race condition in mirror installation
    fcce3cb62c09 net: stmmac: fix watchdog timeout during suspend/resume stress test
    d31ae9ec5a03 net: stmmac: stop each tx channel independently
    86ea605518d7 ixgbe: fail to create xfrm offload of IPsec tunnel mode SA
    e8b6c1d7ced2 net: qrtr: fix error return code of qrtr_sendmsg()
    d28e783c2003 net: davicom: Fix regulator not turned off on driver removal
    05517de4188b net: davicom: Fix regulator not turned off on failed probe
    11a589205119 net: lapbether: Remove netif_start_queue / netif_stop_queue
    b4800e7a1c9f cipso,calipso: resolve a number of problems with the DOI refcounts
    6d599697e9a8 netdevsim: init u64 stats for 32bit hardware
    8e365b61bda7 net: usb: qmi_wwan: allow qmimux add/del with master up
    392f34cce2b0 net: sched: avoid duplicates in classes dump
    3e66c16388f5 nexthop: Do not flush blackhole nexthops when loopback goes down
    7f101d035deb net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10
    0fbbcf797e9c net/mlx4_en: update moderation when config reset
    78cbd0a4749d net: enetc: don't overwrite the RSS indirection table when initializing
    6547ec428619 Revert "mm, slub: consider rest of partial list if acquire_slab() fails"
    55e6ede3b935 cifs: return proper error code in statfs(2)
    a1ff418d3eda mount: fix mounting of detached mounts onto targets that reside on shared mounts
    59a057a89155 powerpc/603: Fix protection of user pages mapped with PROT_NONE
    da9f2219f66c mt76: dma: do not report truncated frames to mac80211
    95b0a3b09094 ibmvnic: always store valid MAC address
    3e8ab75f3301 samples, bpf: Add missing munmap in xdpsock
    c2c3a85ab01f selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in test_verifier
    57b9f13e8aaa selftests/bpf: No need to drop the packet when there is no geneve opt
    82e85c0e7f34 netfilter: x_tables: gpf inside xt_find_revision()
    f66b8e738140 netfilter: nf_nat: undo erroneous tcp edemux lookup
    3bf899438c12 tcp: add sanity tests to TCP_QUEUE_SEQ
    b7049b6156ce can: tcan4x5x: tcan4x5x_init(): fix initialization - clear MRAM before entering Normal Mode
    a7e187a87e8e can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode
    e0eccdfc5c0e can: flexcan: enable RX FIFO after FRZ/HALT valid
    ca483b872d20 can: flexcan: assert FRZ bit in flexcan_chip_freeze()
    6676e510d1a9 can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership
    718769eb1bbe sh_eth: fix TRSCER mask for SH771x
    8baa52f26b3e net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0
    ca278267d6cd net: check if protocol extracted by virtio_net_hdr_set_proto is correct
    f2d78bbbca42 net: Fix gro aggregation for udp encaps with zero csum
    9be769161192 ath9k: fix transmitting to stations in dynamic SMPS mode
    5555ee33b6cc ethernet: alx: fix order of calls on resume
    dcb95790821b powerpc/pseries: Don't enforce MSI affinity with kdump
    fd1824bf963a uapi: nfnetlink_cthelper.h: fix userspace compilation error

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 59ab12f804dda59ecf8954df6ef8024646bcbde7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 49e9cf4cbc..7629229601 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "08b34e26f97c0549961710c3b14258910979aff4"
-SRCREV_meta ?= "f67ab86441a7ebe38b5a25126d6eebc2ef6fee99"
+SRCREV_machine ?= "65bbe689d98a007848008be2c8edeb5fa8066829"
+SRCREV_meta ?= "19738ca97b999a3b150e2d34232bb44b6537348f"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.105"
+LINUX_VERSION ?= "5.4.107"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 2bdaac0f50..2b6e35a69c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.105"
+LINUX_VERSION ?= "5.4.107"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "889b072e7b492ce96a80384f9d3e5412ff8ff839"
-SRCREV_machine ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
-SRCREV_meta ?= "f67ab86441a7ebe38b5a25126d6eebc2ef6fee99"
+SRCREV_machine_qemuarm ?= "ac3cbab1d6692d4a032dfffe0a604f39a634d18a"
+SRCREV_machine ?= "cf76c5c0dc0edd51ae4a75a1f8701a2675e87c72"
+SRCREV_meta ?= "19738ca97b999a3b150e2d34232bb44b6537348f"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 0c41556566..04e64c028b 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "65543d1e3cd5140ac0384179e46d881b728b4013"
-SRCREV_machine_qemuarm64 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
-SRCREV_machine_qemumips ?= "182eacc3bb0ee860380decb664e05e6ec94fe003"
-SRCREV_machine_qemuppc ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
-SRCREV_machine_qemuriscv64 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
-SRCREV_machine_qemux86 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
-SRCREV_machine_qemux86-64 ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
-SRCREV_machine_qemumips64 ?= "bc21e93c3154523e0f490fed699feb79ab60536b"
-SRCREV_machine ?= "96c96e27c3e9f2cdfb957ade03f10070286fff72"
-SRCREV_meta ?= "f67ab86441a7ebe38b5a25126d6eebc2ef6fee99"
+SRCREV_machine_qemuarm ?= "ea4097dbff5a148265018e1a998e02b5a05e3d27"
+SRCREV_machine_qemuarm64 ?= "cf76c5c0dc0edd51ae4a75a1f8701a2675e87c72"
+SRCREV_machine_qemumips ?= "230ca33504faef6f40c5d3b24901aaacb901c9a6"
+SRCREV_machine_qemuppc ?= "cf76c5c0dc0edd51ae4a75a1f8701a2675e87c72"
+SRCREV_machine_qemuriscv64 ?= "cf76c5c0dc0edd51ae4a75a1f8701a2675e87c72"
+SRCREV_machine_qemux86 ?= "cf76c5c0dc0edd51ae4a75a1f8701a2675e87c72"
+SRCREV_machine_qemux86-64 ?= "cf76c5c0dc0edd51ae4a75a1f8701a2675e87c72"
+SRCREV_machine_qemumips64 ?= "84e071a893ef9cea8a8ffbcd233b47a2bc9056b5"
+SRCREV_machine ?= "cf76c5c0dc0edd51ae4a75a1f8701a2675e87c72"
+SRCREV_meta ?= "19738ca97b999a3b150e2d34232bb44b6537348f"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.105"
+LINUX_VERSION ?= "5.4.107"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.30.2

[gatesgarth][PATCH 07/18] cve-update-db-native: consider version suffix when update CVE db

[Anuj Mittal]

From: Lee Chee Yang <chee.yang.lee@intel.com>

some record from NVD can merge or split suffix from version, for
example:
  CVE-2017-15906
  "cpe23Uri" : "cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*"
  "cpe23Uri" : "cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*"

in such case include the suffix into version when update local CVE db.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 13cc68197f81bb7c76fa1abecc5dd720b8bdb8d5)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index cf62e1e32c..b3dc33734d 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -143,9 +143,14 @@ def parse_node_and_insert(c, node, cveId):
             product = cpe23[4]
             version = cpe23[5]
 
+            if cpe23[6] == '*' or cpe23[6] == '-':
+                version_suffix = ""
+            else:
+                version_suffix = "_" + cpe23[6]
+
             if version != '*' and version != '-':
                 # Version is defined, this is a '=' match
-                yield [cveId, vendor, product, version, '=', '', '']
+                yield [cveId, vendor, product, version + version_suffix, '=', '', '']
             elif version == '-':
                 # no version information is available
                 yield [cveId, vendor, product, version, '', '', '']
-- 
2.30.2

[gatesgarth][PATCH 08/18] cve-check: CVE_VERSION_SUFFIX to work with patched release

[Anuj Mittal]

From: Lee Chee Yang <chee.yang.lee@intel.com>

CVE_VERSION_SUFFIX in "patch" to treat version string with suffix "pX"
or "patchX" as patched release.

also update testcases to cover this changes and set CVE_VERSION_SUFFIX
for sudo.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8076815fc2ffc8f632e73527ce2b7d158a29e9ea)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oe/cve_check.py                  | 7 ++++++-
 meta/lib/oeqa/selftest/cases/cve_check.py | 8 ++++++++
 meta/recipes-extended/sudo/sudo.inc       | 2 ++
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index ce755f940a..a1d7c292af 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -11,8 +11,13 @@ _Version = collections.namedtuple(
 class Version():
 
     def __init__(self, version, suffix=None):
+
+        suffixes = ["alphabetical", "patch"]
+
         if str(suffix) == "alphabetical":
             version_pattern =  r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(?P<patch_l>[a-z]))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
+        elif str(suffix) == "patch":
+            version_pattern =  r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(p|patch)(?P<patch_l>[0-9]+))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
         else:
             version_pattern =  r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
         regex = re.compile(r"^\s*" + version_pattern + r"\s*$", re.VERBOSE | re.IGNORECASE)
@@ -23,7 +28,7 @@ class Version():
 
         self._version = _Version(
             release=tuple(int(i) for i in match.group("release").replace("-",".").split(".")),
-            patch_l=match.group("patch_l") if str(suffix) == "alphabetical" and match.group("patch_l") else "",
+            patch_l=match.group("patch_l") if str(suffix) in suffixes and match.group("patch_l") else "",
             pre_l=match.group("pre_l"),
             pre_v=match.group("pre_v")
         )
diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py
index 3f343a2841..d1947baffc 100644
--- a/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -34,3 +34,11 @@ class CVECheck(OESelftestTestCase):
         self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' < '1.0r'")
         result = Version("1.0b","alphabetical") > Version("1.0","alphabetical")
         self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' > '1.0'")
+
+        # consider the trailing "p" and "patch" as patched released when comparing
+        result = Version("1.0","patch") < Version("1.0p1","patch")
+        self.assertTrue( result ,msg="Failed to compare version with suffix '1.0' < '1.0p1'")
+        result = Version("1.0p2","patch") > Version("1.0p1","patch")
+        self.assertTrue( result ,msg="Failed to compare version with suffix '1.0p2' > '1.0p1'")
+        result = Version("1.0_patch2","patch") < Version("1.0_patch3","patch")
+        self.assertTrue( result ,msg="Failed to compare version with suffix '1.0_patch2' < '1.0_patch3'")
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
index 86a18be7e2..8b50f5eee5 100644
--- a/meta/recipes-extended/sudo/sudo.inc
+++ b/meta/recipes-extended/sudo/sudo.inc
@@ -49,3 +49,5 @@ do_compile_prepend () {
 do_install_prepend (){
 	mkdir -p ${D}/${localstatedir}/lib
 }
+
+CVE_VERSION_SUFFIX = "patch"
-- 
2.30.2

[gatesgarth][PATCH 09/18] devshell.bbclass: Exceptions displayed within devpyshell

[Anuj Mittal]

From: Dorinda Bassey <dorindabassey@gmail.com>

If you type something into devpyshell, an exception should be triggered,
but that exception isn't printed out because it is not being flushed out
of the buffer. This patch fixes that issue.

[YOCTO #12156]

Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9f95e82a3b27bfd5177a855326dcad8a5bdf5b2d)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/devshell.bbclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/classes/devshell.bbclass b/meta/classes/devshell.bbclass
index fdf7dc100f..76dd0b42ee 100644
--- a/meta/classes/devshell.bbclass
+++ b/meta/classes/devshell.bbclass
@@ -128,6 +128,7 @@ def devpyshell(d):
                     more = i.runsource(source, "<pyshell>")
                     if not more:
                         buf = []
+                    sys.stderr.flush()
                     prompt(more)
             except KeyboardInterrupt:
                 i.write("\nKeyboardInterrupt\n")
-- 
2.30.2

[gatesgarth][PATCH 10/18] scripts/verify-bashisms: Update checkbashisms.pl URL

[Anuj Mittal]

From: Petr Vorel <petr.vorel@gmail.com>

anonscm.debian.org is not used any more, update the URL.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3c89071a2c19a522c1df5919f500b88339ec6294)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 scripts/verify-bashisms | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/verify-bashisms b/scripts/verify-bashisms
index fb0cc719ea..14d8c298e9 100755
--- a/scripts/verify-bashisms
+++ b/scripts/verify-bashisms
@@ -100,7 +100,7 @@ if __name__=='__main__':
     args = parser.parse_args()
 
     if shutil.which("checkbashisms.pl") is None:
-        print("Cannot find checkbashisms.pl on $PATH, get it from https://anonscm.debian.org/cgit/collab-maint/devscripts.git/plain/scripts/checkbashisms.pl")
+        print("Cannot find checkbashisms.pl on $PATH, get it from https://salsa.debian.org/debian/devscripts/raw/master/scripts/checkbashisms.pl")
         sys.exit(1)
 
     # The order of defining the worker function,
-- 
2.30.2

[gatesgarth][PATCH 11/18] selftest/wic: Fix dependency issue in rawcopy test

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

The current test code contains a subtle race. It is building an ext4,
then trying to reuse that image in a wic build for the same recipe.
Whilst this happened to work, the code is within its rights to clean
up the output before the wic code runs.

Avoid this by using separate image targets instead.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 590398080e81fb5e2f81e12b8900858837dfe25f)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/selftest/cases/wic.py | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py
index df2d2d225e..39c6828f59 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -979,14 +979,18 @@ class Wic2(WicTestCase):
     @only_for_arch(['i586', 'i686', 'x86_64'])
     def test_rawcopy_plugin_qemu(self):
         """Test rawcopy plugin in qemu"""
-        # build ext4 and wic images
-        for fstype in ("ext4", "wic"):
-            config = 'IMAGE_FSTYPES = "%s"\nWKS_FILE = "test_rawcopy_plugin.wks.in"\n' % fstype
-            self.append_config(config)
-            self.assertEqual(0, bitbake('core-image-minimal').status)
-            self.remove_config(config)
+        # build ext4 and then use it for a wic image
+        config = 'IMAGE_FSTYPES = "ext4"\n'
+        self.append_config(config)
+        self.assertEqual(0, bitbake('core-image-minimal').status)
+        self.remove_config(config)
 
-        with runqemu('core-image-minimal', ssh=False, image_fstype='wic') as qemu:
+        config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_rawcopy_plugin.wks.in"\n'
+        self.append_config(config)
+        self.assertEqual(0, bitbake('core-image-minimal-mtdutils').status)
+        self.remove_config(config)
+
+        with runqemu('core-image-minimal-mtdutils', ssh=False, image_fstype='wic') as qemu:
             cmd = "grep sda. /proc/partitions  |wc -l"
             status, output = qemu.run_serial(cmd)
             self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
-- 
2.30.2

[gatesgarth][PATCH 12/18] linux-firmware: Fix packaging

[Anuj Mittal]

From: Michael Trensch <mtrensch@hilscher.com>

Upstream directory layout has changed after update in commit 3c2f8b750ab9c53773fb5a9a1a874e475740b4ee, resulting in some package to pull in linux-firmware base package.
This may cause an image size increase of approximately 700MB.

See log.do_packaging:
DEBUG: linux-firmware-bcm43340 contains dangling link /lib/firmware/cypress/cyfmac43340-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm43362 contains dangling link /lib/firmware/cypress/cyfmac43362-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm4339 contains dangling link /lib/firmware/cypress/cyfmac4339-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm43430 contains dangling link /lib/firmware/cypress/cyfmac43430-sdio.clm_blob
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm43430 contains dangling link /lib/firmware/cypress/cyfmac43430-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm43455 contains dangling link /lib/firmware/cypress/cyfmac43455-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm43455 contains dangling link /lib/firmware/cypress/cyfmac43455-sdio.clm_blob
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm4354 contains dangling link /lib/firmware/cypress/cyfmac4354-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm4356 contains dangling link /lib/firmware/cypress/cyfmac4356-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm4356-pcie contains dangling link /lib/firmware/cypress/cyfmac4356-pcie.clm_blob
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm4356-pcie contains dangling link /lib/firmware/cypress/cyfmac4356-pcie.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm43570 contains dangling link /lib/firmware/cypress/cyfmac43570-pcie.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-bcm4373 contains dangling link /lib/firmware/cypress/cyfmac4373-sdio.bin
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0099-0001_2x10.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0099-0001_2x25.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0081-0001_4x10.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0097-0001_8x10.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0099-0001_1x10_1x25.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0097-0001_2x40.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0096-0001_2x10.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0097-0001_4x10_1x40.nffw
DEBUG: target found in linux-firmware
DEBUG: linux-firmware-netronome contains dangling link /lib/firmware/netronome/nic/nic_AMDA0081-0001_1x40.nffw
DEBUG: target found in linux-firmware

Signed-off-by: Michael Trensch <mtrensch@hilscher.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cd273c611b03bd5972da8bf4accaba247f7c9c62)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux-firmware/linux-firmware_20210208.bb | 41 +++++++++++++++----
 1 file changed, 32 insertions(+), 9 deletions(-)

diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
index 59ce4d5124..69672c85f6 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
@@ -492,6 +492,13 @@ FILES_${PN}-netronome = " \
   ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0096*.nffw \
   ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0097*.nffw \
   ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0099*.nffw \
+  ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0058-0011_2x40.nffw \
+  ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0058-0012_2x40.nffw \
+  ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0078-0011_1x100.nffw \
+  ${nonarch_base_libdir}/firmware/netronome/bpf \
+  ${nonarch_base_libdir}/firmware/netronome/flower \
+  ${nonarch_base_libdir}/firmware/netronome/nic \
+  ${nonarch_base_libdir}/firmware/netronome/nic-sriov \
 "
 
 RDEPENDS_${PN}-netronome += "${PN}-netronome-license"
@@ -618,7 +625,9 @@ FILES_${PN}-bcm4329 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4329-sdio.bi
 FILES_${PN}-bcm4330 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4330-sdio.*"
 FILES_${PN}-bcm4334 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4334-sdio.bin"
 FILES_${PN}-bcm4335 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4335-sdio.bin"
-FILES_${PN}-bcm4339 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4339-sdio.bin"
+FILES_${PN}-bcm4339 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4339-sdio.bin \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac4339-sdio.bin \
+"
 FILES_${PN}-bcm43241b0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b0-sdio.bin"
 FILES_${PN}-bcm43241b4 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b4-sdio.bin"
 FILES_${PN}-bcm43241b5 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b5-sdio.bin"
@@ -627,12 +636,18 @@ FILES_${PN}-bcm43143 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43143.bin \
   ${nonarch_base_libdir}/firmware/brcm/brcmfmac43143-sdio.bin \
 "
 FILES_${PN}-bcm43430a0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430a0-sdio.*"
-FILES_${PN}-bcm43455 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43455-sdio.*"
+FILES_${PN}-bcm43455 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43455-sdio.* \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac43455-sdio.* \
+"
 FILES_${PN}-bcm4350c2 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350c2-pcie.bin"
 FILES_${PN}-bcm4350 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350-pcie.bin"
-FILES_${PN}-bcm4356 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-sdio.bin"
+FILES_${PN}-bcm4356 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-sdio.bin \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac4356-sdio.bin \
+"
 FILES_${PN}-bcm43569 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43569.bin"
-FILES_${PN}-bcm43570 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43570-pcie.bin"
+FILES_${PN}-bcm43570 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43570-pcie.bin \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac43570-pcie.bin \
+"
 FILES_${PN}-bcm4358 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4358-pcie.bin"
 FILES_${PN}-bcm43602 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.bin \
   ${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.ap.bin \
@@ -703,13 +718,21 @@ LICENSE_${PN}-cypress-license = "Firmware-cypress"
 FILES_${PN}-cypress-license = "${nonarch_base_libdir}/firmware/LICENCE.cypress"
 
 FILES_${PN}-bcm-0bb4-0306 = "${nonarch_base_libdir}/firmware/brcm/BCM-0bb4-0306.hcd"
-FILES_${PN}-bcm43340 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43340-sdio.*"
-FILES_${PN}-bcm43362 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43362-sdio.*"
-FILES_${PN}-bcm43430 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430-sdio.*"
-FILES_${PN}-bcm4354 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4354-sdio.bin"
-FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pcie.*"
+FILES_${PN}-bcm43340 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43340-sdio.* \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac43340-sdio.*"
+FILES_${PN}-bcm43362 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43362-sdio.* \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac43362-sdio.*"
+FILES_${PN}-bcm43430 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430-sdio.* \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac43430-sdio.*"
+FILES_${PN}-bcm4354 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4354-sdio.bin \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac4354-sdio.bin \
+"
+FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pcie.* \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac4356-pcie.* \
+"
 FILES_${PN}-bcm4373 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.bin \
   ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373.bin \
+  ${nonarch_base_libdir}/firmware/cypress/cyfmac4373-sdio.bin \
 "
 
 LICENSE_${PN}-bcm-0bb4-0306 = "Firmware-cypress"
-- 
2.30.2

[gatesgarth][PATCH 13/18] run-postinsts: do not remove postinsts directory.

[Anuj Mittal]

From: "Anton D. Kachalov" <gmouse@google.com>

When running on the systems having read-only rootfs backed by overlayfs,
removing the whole directory lead to create a special char device file
on the upperdir to reflect directory's removal. Once it is required to
upgrade the whole read-only image that might contain new postinsts scripts,
it will be impossible to run such scripts with a "deletion mark" file
on the overlayfs -- the whole directory will be marked as deleted regardless
new files in it.

Signed-off-by: Anton D. Kachalov <gmouse@google.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1a27b62b225ffeecec47c249a0b86cc54d775add)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../run-postinsts/run-postinsts/run-postinsts          | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts b/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts
index f84a7e18c8..95dccb9cae 100755
--- a/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts
+++ b/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts
@@ -72,12 +72,12 @@ exec_postinst_scriptlets() {
 		else
 			echo "ERROR: postinst $i failed."
 			[ "$POSTINST_LOGGING" = "1" ] && eval echo "ERROR: postinst $i failed." $append_log
-			remove_pi_dir=0
+			remove_rcsd_link=0
 		fi
 	done
 }
 
-remove_pi_dir=1
+remove_rcsd_link=1
 if $pm_installed; then
 	case $pm in
 		"ipk")
@@ -92,9 +92,7 @@ else
 	exec_postinst_scriptlets
 fi
 
-# since all postinstalls executed successfully, remove the postinstalls directory
-# and the rcS.d link
-if [ $remove_pi_dir = 1 ]; then
-	rm -rf $pi_dir
+# since all postinstalls executed successfully, remove the rcS.d link
+if [ $remove_rcsd_link = 1 ]; then
 	remove_rcsd_link
 fi
-- 
2.30.2

[gatesgarth][PATCH 14/18] documentation-audit.sh: Fix typo in specifying LICENSE_FLAGS_WHITELIST

[Anuj Mittal]

From: Khem Raj <raj.khem@gmail.com>

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 410a45639d84a3d69a65133593da32062196dd59)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 scripts/contrib/documentation-audit.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/contrib/documentation-audit.sh b/scripts/contrib/documentation-audit.sh
index 1191f57a8e..f436f9bae0 100755
--- a/scripts/contrib/documentation-audit.sh
+++ b/scripts/contrib/documentation-audit.sh
@@ -27,7 +27,7 @@ fi
 
 echo "REMINDER: you need to build for MACHINE=qemux86 or you won't get useful results"
 echo "REMINDER: you need to set LICENSE_FLAGS_WHITELIST appropriately in local.conf or "
-echo " you'll get false positives.  For example, LICENSE_FLAGS_WHITELIST = \"Commercial\""
+echo " you'll get false positives.  For example, LICENSE_FLAGS_WHITELIST = \"commercial\""
 
 for pkg in `bitbake -s | awk '{ print \$1 }'`; do
 	if [[ "$pkg" == "Loading" || "$pkg" == "Loaded" ||
-- 
2.30.2

[gatesgarth][PATCH 15/18] libtool: make sure autoheader run before autoconf

[Anuj Mittal]

From: Mingli Yu <mingli.yu@windriver.com>

autoheader will update ../libtool-2.4.6/libltdl/config-h.in which
autoconf needs, so there comes a race sometimes as below:
 | configure.ac:45: error: required file 'config-h.in' not found
 | touch '../libtool-2.4.6/libltdl/config-h.in'

So make sure autoheader run before autoconf to avoid this race.

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d8451cbef5906b67756582fdfc44eb01ed3512fc)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../libtool/libtool-2.4.6.inc                 |  1 +
 ...-sure-autoheader-run-before-autoconf.patch | 35 +++++++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch

diff --git a/meta/recipes-devtools/libtool/libtool-2.4.6.inc b/meta/recipes-devtools/libtool/libtool-2.4.6.inc
index 8e17b56d46..19a03d4733 100644
--- a/meta/recipes-devtools/libtool/libtool-2.4.6.inc
+++ b/meta/recipes-devtools/libtool/libtool-2.4.6.inc
@@ -21,6 +21,7 @@ SRC_URI = "${GNU_MIRROR}/libtool/libtool-${PV}.tar.gz \
            file://unwind-opt-parsing.patch \
            file://0001-libtool-Fix-support-for-NIOS2-processor.patch \
            file://0001-libtool-Check-for-static-libs-for-internal-compiler-.patch \
+           file://0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch \
           "
 
 SRC_URI[md5sum] = "addf44b646ddb4e3919805aa88fa7c5e"
diff --git a/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch b/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch
new file mode 100644
index 0000000000..2e9908725e
--- /dev/null
+++ b/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch
@@ -0,0 +1,35 @@
+From dfbbbd359e43e0a55fbea06f2647279ad8761cb9 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@windriver.com>
+Date: Wed, 24 Mar 2021 03:04:13 +0000
+Subject: [PATCH] Makefile.am: make sure autoheader run before autoconf
+
+autoheader will update ../libtool-2.4.6/libltdl/config-h.in which
+autoconf needs, so there comes a race sometimes as below:
+ | configure.ac:45: error: required file 'config-h.in' not found
+ | touch '../libtool-2.4.6/libltdl/config-h.in'
+
+So make sure autoheader run before autoconf to avoid this race.
+
+Upstream-Status: Submitted [libtool-patches@gnu.org maillist]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 4142c90..fe1a9fc 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -365,7 +365,7 @@ lt_configure_deps = $(lt_aclocal_m4) $(lt_aclocal_m4_deps)
+ $(lt_aclocal_m4): $(lt_aclocal_m4_deps)
+ 	$(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(ACLOCAL) -I ../m4
+ 
+-$(lt_configure): $(lt_configure_deps)
++$(lt_configure): $(lt_configure_deps) $(lt_config_h_in)
+ 	$(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(AUTOCONF)
+ 
+ $(lt_config_h_in): $(lt_configure_deps)
+-- 
+2.29.2
+
-- 
2.30.2

[gatesgarth][PATCH 16/18] buildhistory: add missing vardepsexcludes

[Anuj Mittal]

From: Christopher Larson <kergoth@gmail.com>

For POPULATE_SDK_POST_TARGET_COMMAND, POPULATE_SDK_POST_HOST_COMMAND, and SDK_POSTPROCESS_COMMAND, the appropriate entries were added to vardepvalueexclude, but we want them in vardepsexclude as well.

Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 554b17e0bbe5190e4b03121f2ed06f4845012a71)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/buildhistory.bbclass | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/classes/buildhistory.bbclass b/meta/classes/buildhistory.bbclass
index 3a6780da34..726f17a946 100644
--- a/meta/classes/buildhistory.bbclass
+++ b/meta/classes/buildhistory.bbclass
@@ -674,13 +674,16 @@ IMAGE_POSTPROCESS_COMMAND[vardepsexclude] += "buildhistory_get_imageinfo"
 POPULATE_SDK_POST_TARGET_COMMAND_append = " buildhistory_list_installed_sdk_target;"
 POPULATE_SDK_POST_TARGET_COMMAND_append = " buildhistory_get_sdk_installed_target;"
 POPULATE_SDK_POST_TARGET_COMMAND[vardepvalueexclude] .= "| buildhistory_list_installed_sdk_target;| buildhistory_get_sdk_installed_target;"
+POPULATE_SDK_POST_TARGET_COMMAND[vardepsexclude] += "buildhistory_list_installed_sdk_target buildhistory_get_sdk_installed_target"
 
 POPULATE_SDK_POST_HOST_COMMAND_append = " buildhistory_list_installed_sdk_host;"
 POPULATE_SDK_POST_HOST_COMMAND_append = " buildhistory_get_sdk_installed_host;"
 POPULATE_SDK_POST_HOST_COMMAND[vardepvalueexclude] .= "| buildhistory_list_installed_sdk_host;| buildhistory_get_sdk_installed_host;"
+POPULATE_SDK_POST_HOST_COMMAND[vardepsexclude] += "buildhistory_list_installed_sdk_host buildhistory_get_sdk_installed_host"
 
 SDK_POSTPROCESS_COMMAND_append = " buildhistory_get_sdkinfo ; buildhistory_get_extra_sdkinfo; "
 SDK_POSTPROCESS_COMMAND[vardepvalueexclude] .= "| buildhistory_get_sdkinfo ; buildhistory_get_extra_sdkinfo; "
+SDK_POSTPROCESS_COMMAND[vardepsexclude] += "buildhistory_get_sdkinfo buildhistory_get_extra_sdkinfo"
 
 python buildhistory_write_sigs() {
     if not "task" in (d.getVar('BUILDHISTORY_FEATURES') or "").split():
-- 
2.30.2

[gatesgarth][PATCH 17/18] image,populate_sdk_base: move 'func' flag setting for sdk command vars

[Anuj Mittal]

From: Christopher Larson <kergoth@gmail.com>

Setting the 'func' flag on the commands variables ensures that they are parsed
as shell, and therefore that the referenced commands contents are included in
checksums. Doing this only in image.bbclass means that this is missing in
recipes that are not images, but which inherit populate_sdk or populate_sdk_base
directly, so move it to the latter.

[YOCTO #13998]

Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit edc28907ce19a7298059dd388933c58a9c6c28b9)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/image.bbclass             | 2 +-
 meta/classes/populate_sdk_base.bbclass | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 60b07de221..2f1d5cfb46 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -112,7 +112,7 @@ def rootfs_command_variables(d):
             'IMAGE_PREPROCESS_COMMAND','RPM_PREPROCESS_COMMANDS','RPM_POSTPROCESS_COMMANDS','DEB_PREPROCESS_COMMANDS','DEB_POSTPROCESS_COMMANDS']
 
 python () {
-    variables = rootfs_command_variables(d) + sdk_command_variables(d)
+    variables = rootfs_command_variables(d)
     for var in variables:
         if d.getVar(var, False):
             d.setVarFlag(var, 'func', '1')
diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass
index 942d3ec091..635b3a6b80 100644
--- a/meta/classes/populate_sdk_base.bbclass
+++ b/meta/classes/populate_sdk_base.bbclass
@@ -329,6 +329,13 @@ def sdk_variables(d):
 
 do_populate_sdk[vardeps] += "${@sdk_variables(d)}"
 
+python () {
+    variables = sdk_command_variables(d)
+    for var in variables:
+        if d.getVar(var, False):
+            d.setVarFlag(var, 'func', '1')
+}
+
 do_populate_sdk[file-checksums] += "${TOOLCHAIN_SHAR_REL_TMPL}:True \
                                     ${TOOLCHAIN_SHAR_EXT_TMPL}:True"
 
-- 
2.30.2

[gatesgarth][PATCH 18/18] image-live.bbclass: optional depends when ROOTFS empty

[Anuj Mittal]

From: Guillaume Champagne <champagne.guillaume.c@gmail.com>

`ROOTFS` is optional. It can be empty if the live image doesn't require
a rootfs.  In such cases, the build doesn't depend on
`do_image_{LIVE_ROOTFS_TYPE}`.

Signed-off-by: Guillaume Champagne <champagne.guillaume.c@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 96f47c39f1d17f073243913d524bde84add41d8f)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/image-live.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/image-live.bbclass b/meta/classes/image-live.bbclass
index 9ea5ddc312..47c44b4aad 100644
--- a/meta/classes/image-live.bbclass
+++ b/meta/classes/image-live.bbclass
@@ -30,7 +30,7 @@ do_bootimg[depends] += "dosfstools-native:do_populate_sysroot \
                         virtual/kernel:do_deploy \
                         ${MLPREFIX}syslinux:do_populate_sysroot \
                         syslinux-native:do_populate_sysroot \
-                        ${PN}:do_image_${@d.getVar('LIVE_ROOTFS_TYPE').replace('-', '_')} \
+                        ${@'%s:do_image_%s' % (d.getVar('PN'), d.getVar('LIVE_ROOTFS_TYPE').replace('-', '_')) if d.getVar('ROOTFS') else ''} \
                         "
 
 
-- 
2.30.2