[OE-core][dunfell 00/12] Patch review

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back
by end of day Wednesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1224

The following changes since commit 7ce425fa1295a9dca48f8474be58db3ac8aa540d:

  glibc: Secruity fix for CVE-2020-6096 (2020-07-27 12:15:56 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
  gnutls: upgrade 3.6.13 -> 3.6.14

Andrei Gherzan (2):
  initscripts: Fix various shellcheck warnings in populate-volatile.sh
  initscripts: Fix populate-volatile.sh bug when file/dir exists

Changqing Li (2):
  layer.conf: fix adwaita-icon-theme signature change problem
  gtk-icon-cache.bbclass: add features_check

Konrad Weihmann (1):
  cve-update: handle baseMetricV2 as optional

Lee Chee Yang (1):
  checklayer: check layer in BBLAYERS before test

Matt Madison (1):
  cogl-1.0: correct X11 dependencies

Steve Sakoman (1):
  glib-networking: upgrade 2.62.3 to 2.62.4

Viktor Rosendahl (1):
  boost: backport fix to make async_pipes work with asio

Yi Zhao (1):
  bind: upgrade 9.11.19 -> 9.11.21

zhengruoqin (1):
  gnutls: Fix krb5 code license to GPLv2.1+ to match the LICENSE file.

 meta/classes/gtk-icon-cache.bbclass           |  5 ++
 meta/conf/layer.conf                          |  2 +
 .../bind/{bind_9.11.19.bb => bind_9.11.21.bb} |  2 +-
 ...ng_2.62.3.bb => glib-networking_2.62.4.bb} |  4 +-
 .../initscripts-1.0/populate-volatile.sh      | 80 ++++++++---------
 .../recipes-core/meta/cve-update-db-native.bb | 13 ++-
 meta/recipes-graphics/cogl/cogl-1.0.inc       |  2 +-
 .../0001-added-typedef-executor_type.patch    | 54 +++++++++++
 meta/recipes-support/boost/boost_1.72.0.bb    |  1 +
 ...se-to-GPLv2.1-to-keep-with-LICENSE-f.patch | 90 +++++++++++++++++++
 .../{gnutls_3.6.13.bb => gnutls_3.6.14.bb}    |  4 +-
 scripts/lib/checklayer/__init__.py            | 14 +++
 scripts/yocto-check-layer                     |  9 +-
 13 files changed, 229 insertions(+), 51 deletions(-)
 rename meta/recipes-connectivity/bind/{bind_9.11.19.bb => bind_9.11.21.bb} (98%)
 rename meta/recipes-core/glib-networking/{glib-networking_2.62.3.bb => glib-networking_2.62.4.bb} (88%)
 create mode 100644 meta/recipes-support/boost/boost/0001-added-typedef-executor_type.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch
 rename meta/recipes-support/gnutls/{gnutls_3.6.13.bb => gnutls_3.6.14.bb} (92%)

-- 
2.17.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back
by end of day Wednesday.

The following changes since commit 553a96644957ca6ad0f13b75a6e3a596357d1d52:

  linux-yocto/5.4: update to v5.4.57 (2020-08-13 04:47:52 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Adrian Bunk (1):
  librsvg: Upgrade 2.40.20 -> 2.40.21

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.58
  linux-yocto/5.4: perf cs-etm: Move definition of 'traceid_list' global
    variable from header file

Changqing Li (1):
  libffi: fix multilib header conflict

Chen Qi (1):
  fribidi: extend CVE_PRODUCT to include fribidi

Lee Chee Yang (2):
  ghostscript: update to 9.52
  perl: fix CVE-2020-12723

Mikko Rapeli (2):
  alsa-topology-conf: use ${datadir} in do_install()
  alsa-ucm-conf: use ${datadir} in do_install()

Richard Purdie (1):
  selftest/tinfoil: Increase wait event timeout

Vasyl Vavrychuk (1):
  runqemu: Check gtk or sdl option is passed together with gl or gl-es
    options.

Wang Mingyu (1):
  xserver-xorg: upgrade 1.20.7 -> 1.20.8

 meta/lib/oeqa/selftest/cases/tinfoil.py       |   5 +-
 .../perl/files/CVE-2020-12723.patch           | 302 ++++++++++++++++++
 meta/recipes-devtools/perl/perl_5.30.1.bb     |   1 +
 .../do-not-check-local-libpng-source.patch    |  37 +--
 .../ghostscript/CVE-2019-14869-0001.patch     |  70 ----
 .../ghostscript/ghostscript/aarch64/objarch.h |  40 ---
 .../ghostscript/ghostscript/arm/objarch.h     |  40 ---
 .../ghostscript/ghostscript/armeb/objarch.h   |  40 ---
 .../ghostscript-9.02-genarch.patch            |  38 ---
 .../ghostscript/ghostscript/i586/objarch.h    |  41 ---
 .../ghostscript/ghostscript/i686              |   1 -
 .../ghostscript/microblaze/objarch.h          |  40 ---
 .../ghostscript/microblazeel/objarch.h        |  40 ---
 .../ghostscript/mipsarchn32eb/objarch.h       |  40 ---
 .../ghostscript/mipsarchn32el/objarch.h       |  40 ---
 .../ghostscript/mipsarchn64eb/objarch.h       |  40 ---
 .../ghostscript/mipsarchn64el/objarch.h       |  40 ---
 .../ghostscript/mipsarcho32eb/objarch.h       |  40 ---
 .../ghostscript/mipsarcho32el/objarch.h       |  40 ---
 .../ghostscript/ghostscript/nios2/objarch.h   |  40 ---
 .../ghostscript/ghostscript/powerpc/objarch.h |  40 ---
 .../ghostscript/powerpc64/objarch.h           |  40 ---
 .../ghostscript/powerpc64le/objarch.h         |  40 ---
 .../ghostscript/ghostscript/x86-64/objarch.h  |  40 ---
 ...hostscript_9.50.bb => ghostscript_9.52.bb} |  27 +-
 ...{librsvg_2.40.20.bb => librsvg_2.40.21.bb} |   3 +-
 ...-xorg_1.20.7.bb => xserver-xorg_1.20.8.bb} |   4 +-
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../alsa/alsa-topology-conf_1.2.1.bb          |   4 +-
 .../alsa/alsa-ucm-conf_1.2.1.2.bb             |   6 +-
 meta/recipes-support/fribidi/fribidi_1.0.9.bb |   2 +-
 meta/recipes-support/libffi/libffi_3.3.bb     |   2 +-
 scripts/runqemu                               |   3 +-
 35 files changed, 361 insertions(+), 861 deletions(-)
 create mode 100644 meta/recipes-devtools/perl/files/CVE-2020-12723.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14869-0001.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/aarch64/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/arm/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/armeb/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/ghostscript-9.02-genarch.patch
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/i586/objarch.h
 delete mode 120000 meta/recipes-extended/ghostscript/ghostscript/i686
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/microblaze/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/microblazeel/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/mipsarchn32eb/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/mipsarchn32el/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/mipsarchn64eb/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/mipsarchn64el/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/mipsarcho32eb/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/mipsarcho32el/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/nios2/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/powerpc/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/powerpc64/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/powerpc64le/objarch.h
 delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/x86-64/objarch.h
 rename meta/recipes-extended/ghostscript/{ghostscript_9.50.bb => ghostscript_9.52.bb} (87%)
 rename meta/recipes-gnome/librsvg/{librsvg_2.40.20.bb => librsvg_2.40.21.bb} (92%)
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_1.20.7.bb => xserver-xorg_1.20.8.bb} (89%)

-- 
2.17.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back
by end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1560

The following changes since commit 8d54034bb8e522f9827ec6422b32cbd4e5bf1346:

  sqlite3: fix CVE-2020-13632 (2020-11-05 04:07:15 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
  linux-firmware: upgrade 20200817 -> 20201022

Chee Yang Lee (1):
  ruby: fix CVE-2020-25613

Khem Raj (1):
  qemuboot.bbclass: Fix a typo

Max Krummenacher (2):
  linux-firmware: package marvel sdio 8997 firmware
  linux-firmware: package nvidia firmware

Maxime Roussin-Bélanger (1):
  meta: fix some unresponsive homepages and bugtracker links

Mingli Yu (1):
  update_udev_hwdb: clean hwdb.bin

Neil Armstrong (1):
  linux-firmware: add Amlogic VDEC firmware package

Steve Sakoman (2):
  netbase: update SRC_URI to reflect new file name
  netbase: bump PE to purge bogus hash equivalence from autobuilder

Yongxin Liu (2):
  grub: fix several CVEs in grub 2.04
  grub: clean up CVE patches

 meta/classes/qemuboot.bbclass                 |    2 +-
 ...308-calloc-Use-calloc-at-most-places.patch | 1863 +++++++++++++++++
 ...low-checking-primitives-where-we-do-.patch | 1330 ++++++++++++
 ...se-after-free-when-redefining-a-func.patch |  117 ++
 ...er-overflows-in-initrd-size-handling.patch |  177 ++
 ...-we-always-have-an-overflow-checking.patch |  246 +++
 ...dd-LVM-cache-logical-volume-handling.patch |  287 +++
 ...e-arithmetic-primitives-that-check-f.patch |   94 +
 ...used-fields-from-grub_script_functio.patch |   37 +
 meta/recipes-bsp/grub/grub2.inc               |    8 +
 meta/recipes-bsp/v86d/v86d_0.1.10.bb          |    2 +-
 .../recipes-connectivity/bind/bind_9.11.22.bb |    2 +-
 meta/recipes-connectivity/iw/iw_5.4.bb        |    2 +-
 meta/recipes-core/netbase/netbase_6.1.bb      |    9 +-
 meta/recipes-core/readline/readline.inc       |    2 +-
 meta/recipes-core/util-linux/util-linux.inc   |    4 +-
 meta/recipes-devtools/chrpath/chrpath_0.16.bb |    3 +-
 meta/recipes-devtools/ninja/ninja_1.10.0.bb   |    2 +-
 .../ruby/ruby/CVE-2020-25613.patch            |   40 +
 meta/recipes-devtools/ruby/ruby_2.7.1.bb      |    1 +
 meta/recipes-extended/lsb/lsb-release_1.4.bb  |    2 +-
 .../recipes-extended/minicom/minicom_2.7.1.bb |    2 +-
 meta/recipes-extended/pbzip2/pbzip2_1.1.13.bb |    2 +-
 meta/recipes-extended/which/which_2.21.bb     |    2 +-
 meta/recipes-gnome/gnome/gconf_3.2.6.bb       |    2 +-
 meta/recipes-gnome/gtk-doc/gtk-doc_1.32.bb    |    3 +-
 meta/recipes-kernel/kmod/kmod.inc             |    2 +-
 ...20200817.bb => linux-firmware_20201022.bb} |   51 +-
 .../wireless-regdb_2020.04.29.bb              |    2 +-
 .../libvorbis/libvorbis_1.3.6.bb              |    4 +-
 .../settings-daemon/settings-daemon_0.0.2.bb  |    2 +-
 meta/recipes-support/atk/atk_2.34.1.bb        |    5 +-
 .../bash-completion/bash-completion_2.10.bb   |    4 +-
 meta/recipes-support/npth/npth_1.6.bb         |    4 +-
 scripts/postinst-intercepts/update_udev_hwdb  |    1 +
 35 files changed, 4279 insertions(+), 37 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14308-calloc-Use-calloc-at-most-places.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch
 create mode 100644 meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch
 create mode 100644 meta/recipes-bsp/grub/files/lvm-Add-LVM-cache-logical-volume-handling.patch
 create mode 100644 meta/recipes-bsp/grub/files/safemath-Add-some-arithmetic-primitives-that-check-f.patch
 create mode 100644 meta/recipes-bsp/grub/files/script-Remove-unused-fields-from-grub_script_functio.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2020-25613.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20200817.bb => linux-firmware_20201022.bb} (95%)

-- 
2.17.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1739

The following changes since commit af4fbea9a1656bdf95d85831cae13cae3a60d5ee:

  patch: fix CVE-2019-20633 (2021-01-04 04:50:23 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (1):
  linux-yocto/5.4: update to v5.4.85

Daniel Ammann (1):
  wic: fix typo

Mikko Rapeli (3):
  glibc: update to 2.31 stable tree head
  glib-2.0: add patch for CVE-2020-35457
  systemd: update from 244.3 to 244.5 stable release

Milan Shah (1):
  oe-pkgdata-util: Added a test to verify oe-pkgdata-util without
    parameters

Ovidiu Panait (1):
  timezone: upgrade to 2020f

Paul Barker (1):
  selftest: Add argument to keep build dir

Richard Purdie (1):
  gcc: Fix mangled patch

Ross Burton (2):
  diffstat: point the license checksum at the license
  ruby: remove tcl DEPENDS

Wang Mingyu (1):
  mobile-broadband-provider-info: upgrade 20190618 ->20201225

 meta/lib/oeqa/selftest/cases/pkgdata.py       |  6 ++
 meta/lib/oeqa/selftest/context.py             | 17 +++-
 .../mobile-broadband-provider-info_git.bb     |  4 +-
 ...econdition-to-avoid-GOptionEntry-lis.patch | 41 ++++++++
 meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb |  1 +
 meta/recipes-core/glibc/glibc-version.inc     |  2 +-
 ...md-boot_244.3.bb => systemd-boot_244.5.bb} |  0
 meta/recipes-core/systemd/systemd.inc         |  2 +-
 .../systemd/systemd/CVE-2020-13776.patch      | 96 -------------------
 ...temd-udev-seclabel-options-crash-fix.patch | 30 ------
 .../{systemd_244.3.bb => systemd_244.5.bb}    |  5 +-
 .../diffstat/diffstat_1.63.bb                 |  4 +-
 ...gcc-Fix-argument-list-too-long-error.patch |  6 +-
 meta/recipes-devtools/ruby/ruby.inc           |  2 +-
 meta/recipes-extended/timezone/timezone.inc   |  6 +-
 .../linux/linux-yocto-rt_5.4.bb               |  6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 ++---
 .../wic/plugins/source/bootimg-partition.py   |  2 +-
 19 files changed, 97 insertions(+), 163 deletions(-)
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch
 rename meta/recipes-core/systemd/{systemd-boot_244.3.bb => systemd-boot_244.5.bb} (100%)
 delete mode 100644 meta/recipes-core/systemd/systemd/CVE-2020-13776.patch
 delete mode 100644 meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch
 rename meta/recipes-core/systemd/{systemd_244.3.bb => systemd_244.5.bb} (99%)

-- 
2.17.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2087

The following changes since commit 2cc9e06807026b86038db88c2175c626feadc0be:

  linux-yocto/5.4: fix arm defconfig warnings (2021-04-22 06:23:22 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (2):
  oeqa: tear down oeqa decorators if one of them raises an exception in
    setup
  meta/lib/oeqa/core/tests/cases/timeout.py: add a testcase for the
    previous fix

Diego Sueiro (1):
  oeqa/selftest/bblayers: Add test case for bitbake-layers
    layerindex-show-depends

Khem Raj (1):
  go: Use dl.google.com for SRC_URI

Konrad Weihmann (1):
  cve-update-db-native: skip on empty cpe23Uri

Marek Vasut (1):
  linux-firmware: Package RSI 911x WiFi firmware

Reto Schneider (2):
  license_image.bbclass: Detect broken symlinks
  license_image.bbclass: Fix symlink to generic license files

Richard Purdie (1):
  yocto-check-layer: Avoid bug when iterating and autoadding
    dependencies

Vinay Kumar (1):
  Binutils: Fix CVE-2021-20197

Zhang Qiang (1):
  kernel.bbclass: Configuration for environment with HOSTCXX

wangmy (1):
  go: update SRC_URI to use https protocol

 meta/classes/kernel.bbclass                   |   2 +
 meta/classes/license_image.bbclass            |  20 +-
 meta/lib/oeqa/core/case.py                    |   9 +-
 meta/lib/oeqa/core/decorator/oetimeout.py     |   5 +-
 meta/lib/oeqa/core/tests/cases/timeout.py     |  13 +
 meta/lib/oeqa/core/tests/test_decorators.py   |   6 +
 meta/lib/oeqa/selftest/cases/bblayers.py      |   5 +
 .../recipes-core/meta/cve-update-db-native.bb |   7 +-
 .../binutils/binutils-2.34.inc                |   1 +
 .../binutils/binutils/CVE-2021-20197.patch    | 572 ++++++++++++++++++
 meta/recipes-devtools/go/go-common.inc        |   2 +-
 .../linux-firmware/linux-firmware_20210208.bb |  11 +
 scripts/yocto-check-layer                     |   3 +
 13 files changed, 646 insertions(+), 10 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch

-- 
2.25.1

[OE-core][dunfell 01/12] Binutils: Fix CVE-2021-20197

[Steve Sakoman]

From: Vinay Kumar <vinay.m.engg@gmail.com>

Source: git://sourceware.org/git/binutils-gdb.git
Tracking -- https://sourceware.org/bugzilla/show_bug.cgi?id=26945

Backported upstream commit d3edaa91d4cf7202ec14342410194841e2f67f12 to
binutils-2.34 source, along with commit id dependencies
(8e03235147a9e774d3ba084e93c2daaa94d1cec, 365f5fb6d0f0da83817431a275e99e6f6babbe04 and 8b69e61d4be276bb862698aaafddc3e779d23c8f).

Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12]

Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../binutils/binutils-2.34.inc                |   1 +
 .../binutils/binutils/CVE-2021-20197.patch    | 572 ++++++++++++++++++
 2 files changed, 573 insertions(+)
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch

diff --git a/meta/recipes-devtools/binutils/binutils-2.34.inc b/meta/recipes-devtools/binutils/binutils-2.34.inc
index f557fe970c..a586faf5ab 100644
--- a/meta/recipes-devtools/binutils/binutils-2.34.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.34.inc
@@ -46,5 +46,6 @@ SRC_URI = "\
      file://0001-gas-improve-reproducibility-for-stabs-debugging-data.patch \
      file://CVE-2020-16592.patch \
      file://CVE-2020-16598.patch \
+     file://CVE-2021-20197.patch \
 "
 S  = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch
new file mode 100644
index 0000000000..423814f98d
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch
@@ -0,0 +1,572 @@
+From d3edaa91d4cf7202ec14342410194841e2f67f12 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Fri, 26 Feb 2021 11:30:32 +1030
+Subject: [PATCH v2] Reinstate various pieces backed out from smart_rename changes
+
+In the interests of a stable release various last minute smart_rename
+patches were backed out of the 2.36 branch.  The main reason to
+reinstate some of those backed out changes here is to make necessary
+followup fixes to commit 8e03235147a9 simple cherry-picks from
+mainline.  A secondary reason is that ar -M support isn't fixed for
+pr26945 without this patch.
+
+        PR 26945
+        * ar.c: Don't include libbfd.h.
+        (write_archive): Replace xmalloc+strcpy with xstrdup.
+        * arsup.c (temp_name, real_ofd): New static variables.
+        (ar_open): Use make_tempname and bfd_fdopenw.
+        (ar_save): Adjust to suit ar_open changes.
+        * objcopy.c: Don't include libbfd.h.
+        * rename.c: Rename and reorder variables.
+
+(cherry picked from commit 95b91a043aeaeb546d2fea556d84a2de1e917770)
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12]
+CVE: CVE-2021-20197
+Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
+---
+ bfd/bfd-in2.h      |   2 +
+ bfd/opncls.c       |  33 ++++++++++
+ binutils/ar.c      |  15 +++--
+ binutils/arsup.c   |  37 ++++++++----
+ binutils/bucomm.c  |   4 +-
+ binutils/bucomm.h  |   5 +-
+ binutils/objcopy.c |  37 +++++++-----
+ binutils/rename.c  | 148 +++++++++++----------------------------------
+ 8 files changed, 133 insertions(+), 148 deletions(-)
+
+diff --git a/bfd/bfd-in2.h b/bfd/bfd-in2.h
+index 2e453c50c18..e53f54a8ab7 100644
+--- a/bfd/bfd-in2.h
++++ b/bfd/bfd-in2.h
+@@ -588,6 +588,8 @@ bfd *bfd_openr (const char *filename, const char *target);
+ 
+ bfd *bfd_fdopenr (const char *filename, const char *target, int fd);
+ 
++bfd *bfd_fdopenw (const char *filename, const char *target, int fd);
++
+ bfd *bfd_openstreamr (const char * filename, const char * target,
+     void * stream);
+ 
+diff --git a/bfd/opncls.c b/bfd/opncls.c
+index a03ad51c8fa..f9da97ed710 100644
+--- a/bfd/opncls.c
++++ b/bfd/opncls.c
+@@ -370,6 +370,39 @@ bfd_fdopenr (const char *filename, const char *target, int fd)
+   return bfd_fopen (filename, target, mode, fd);
+ }
+ 
++/*
++FUNCTION
++	bfd_fdopenw
++
++SYNOPSIS
++	bfd *bfd_fdopenw (const char *filename, const char *target, int fd);
++
++DESCRIPTION
++	<<bfd_fdopenw>> is exactly like <<bfd_fdopenr>> with the exception that
++	the resulting BFD is suitable for output.
++*/
++
++bfd *
++bfd_fdopenw (const char *filename, const char *target, int fd)
++{
++  bfd *out = bfd_fdopenr (filename, target, fd);
++
++  if (out != NULL)
++    {
++      if (!bfd_write_p (out))
++	{
++	  close (fd);
++	  _bfd_delete_bfd (out);
++	  out = NULL;
++	  bfd_set_error (bfd_error_invalid_operation);
++	}
++      else
++	out->direction = write_direction;
++    }
++
++  return out;
++}
++
+ /*
+ FUNCTION
+ 	bfd_openstreamr
+diff --git a/binutils/ar.c b/binutils/ar.c
+index 1057db9980e..c33a11e0d70 100644
+--- a/binutils/ar.c
++++ b/binutils/ar.c
+@@ -1195,20 +1195,23 @@ write_archive (bfd *iarch)
+   bfd *obfd;
+   char *old_name, *new_name;
+   bfd *contents_head = iarch->archive_next;
++  int ofd = -1;
+ 
+-  old_name = (char *) xmalloc (strlen (bfd_get_filename (iarch)) + 1);
+-  strcpy (old_name, bfd_get_filename (iarch));
+-  new_name = make_tempname (old_name);
++  old_name = xstrdup (bfd_get_filename (iarch));
++  new_name = make_tempname (old_name, &ofd);
+ 
+   if (new_name == NULL)
+     bfd_fatal (_("could not create temporary file whilst writing archive"));
+ 
+   output_filename = new_name;
+ 
+-  obfd = bfd_openw (new_name, bfd_get_target (iarch));
++  obfd = bfd_fdopenw (new_name, bfd_get_target (iarch), ofd);
+ 
+   if (obfd == NULL)
+-    bfd_fatal (old_name);
++    {
++      close (ofd);
++      bfd_fatal (old_name);
++    }
+ 
+   output_bfd = obfd;
+ 
+@@ -1246,7 +1249,7 @@ write_archive (bfd *iarch)
+   /* We don't care if this fails; we might be creating the archive.  */
+   bfd_close (iarch);
+ 
+-  if (smart_rename (new_name, old_name, 0) != 0)
++  if (smart_rename (new_name, old_name, NULL) != 0)
+     xexit (1);
+   free (old_name);
+   free (new_name);
+diff --git a/binutils/arsup.c b/binutils/arsup.c
+index 00967c972cd..b8ae4f7ec1a 100644
+--- a/binutils/arsup.c
++++ b/binutils/arsup.c
+@@ -42,6 +42,8 @@ extern int deterministic;
+ 
+ static bfd *obfd;
+ static char *real_name;
++static char *temp_name;
++static int real_ofd;
+ static FILE *outfile;
+ 
+ static void
+@@ -149,27 +151,24 @@ maybequit (void)
+ void
+ ar_open (char *name, int t)
+ {
+-  char *tname;
+-  const char *bname = lbasename (name);
+-  real_name = name;
++  real_name = xstrdup (name);
++  temp_name = make_tempname (real_name, &real_ofd);
+ 
+-  /* Prepend tmp- to the beginning, to avoid file-name clashes after
+-     truncation on filesystems with limited namespaces (DOS).  */
+-  if (asprintf (&tname, "%.*stmp-%s", (int) (bname - name), name, bname) == -1)
++  if (temp_name == NULL)
+     {
+-      fprintf (stderr, _("%s: Can't allocate memory for temp name (%s)\n"),
++      fprintf (stderr, _("%s: Can't open temporary file (%s)\n"),
+ 	       program_name, strerror(errno));
+       maybequit ();
+       return;
+     }
+ 
+-  obfd = bfd_openw (tname, NULL);
++  obfd = bfd_fdopenw (temp_name, NULL, real_ofd);
+ 
+   if (!obfd)
+     {
+       fprintf (stderr,
+ 	       _("%s: Can't open output archive %s\n"),
+-	       program_name,  tname);
++	       program_name, temp_name);
+ 
+       maybequit ();
+     }
+@@ -344,16 +343,30 @@ ar_save (void)
+     }
+   else
+     {
+-      char *ofilename = xstrdup (bfd_get_filename (obfd));
++      struct stat target_stat;
+ 
+       if (deterministic > 0)
+         obfd->flags |= BFD_DETERMINISTIC_OUTPUT;
+ 
+       bfd_close (obfd);
+ 
+-      smart_rename (ofilename, real_name, 0);
++      if (stat (real_name, &target_stat) != 0)
++	{
++	  /* The temp file created in ar_open has mode 0600 as per mkstemp.
++	     Create the real empty output file here so smart_rename will
++	     update the mode according to the process umask.  */
++	  obfd = bfd_openw (real_name, NULL);
++	  if (obfd != NULL)
++	    {
++	      bfd_set_format (obfd, bfd_archive);
++	      bfd_close (obfd);
++	    }
++	}
++
++      smart_rename (temp_name, real_name, NULL);
+       obfd = 0;
+-      free (ofilename);
++      free (temp_name);
++      free (real_name);
+     }
+ }
+ 
+diff --git a/binutils/bucomm.c b/binutils/bucomm.c
+index 9e6a02843e6..53244201f89 100644
+--- a/binutils/bucomm.c
++++ b/binutils/bucomm.c
+@@ -532,7 +532,7 @@ template_in_dir (const char *path)
+    as FILENAME.  */
+ 
+ char *
+-make_tempname (const char *filename)
++make_tempname (const char *filename, int *ofd)
+ {
+   char *tmpname = template_in_dir (filename);
+   int fd;
+@@ -550,7 +550,7 @@ make_tempname (const char *filename)
+       free (tmpname);
+       return NULL;
+     }
+-  close (fd);
++  *ofd = fd;
+   return tmpname;
+ }
+ 
+diff --git a/binutils/bucomm.h b/binutils/bucomm.h
+index d8318343f78..2b164e0af68 100644
+--- a/binutils/bucomm.h
++++ b/binutils/bucomm.h
+@@ -51,7 +51,7 @@ int display_info (void);
+ 
+ void print_arelt_descr (FILE *, bfd *, bfd_boolean, bfd_boolean);
+ 
+-char *make_tempname (const char *);
++char *make_tempname (const char *, int *);
+ char *make_tempdir (const char *);
+ 
+ bfd_vma parse_vma (const char *, const char *);
+@@ -71,7 +71,8 @@ extern void print_version (const char *);
+ /* In rename.c.  */
+ extern void set_times (const char *, const struct stat *);
+ 
+-extern int smart_rename (const char *, const char *, int);
++extern int smart_rename (const char *, const char *, struct stat *);
++
+ 
+ /* In libiberty.  */
+ void *xmalloc (size_t);
+diff --git a/binutils/objcopy.c b/binutils/objcopy.c
+index 212e25144e6..5ccbd926610 100644
+--- a/binutils/objcopy.c
++++ b/binutils/objcopy.c
+@@ -3682,7 +3682,7 @@ set_long_section_mode (bfd *output_bfd, bfd *input_bfd, enum long_section_name_h
+ /* The top-level control.  */
+ 
+ static void
+-copy_file (const char *input_filename, const char *output_filename,
++copy_file (const char *input_filename, const char *output_filename, int ofd,
+ 	   const char *input_target,   const char *output_target,
+ 	   const bfd_arch_info_type *input_arch)
+ {
+@@ -3757,9 +3757,14 @@ copy_file (const char *input_filename, const char *output_filename,
+       else
+ 	force_output_target = TRUE;
+ 
+-      obfd = bfd_openw (output_filename, output_target);
++      if (ofd >= 0)
++	obfd = bfd_fdopenw (output_filename, output_target, ofd);
++      else
++	obfd = bfd_openw (output_filename, output_target);
++
+       if (obfd == NULL)
+ 	{
++	  close (ofd);
+ 	  bfd_nonfatal_message (output_filename, NULL, NULL, NULL);
+ 	  status = 1;
+ 	  return;
+@@ -3787,13 +3792,19 @@ copy_file (const char *input_filename, const char *output_filename,
+       if (output_target == NULL)
+ 	output_target = bfd_get_target (ibfd);
+ 
+-      obfd = bfd_openw (output_filename, output_target);
++      if (ofd >= 0)
++	obfd = bfd_fdopenw (output_filename, output_target, ofd);
++      else
++	obfd = bfd_openw (output_filename, output_target);
++
+       if (obfd == NULL)
+  	{
++	  close (ofd);
+  	  bfd_nonfatal_message (output_filename, NULL, NULL, NULL);
+  	  status = 1;
+  	  return;
+  	}
++
+       /* This is a no-op on non-Coff targets.  */
+       set_long_section_mode (obfd, ibfd, long_section_names);
+ 
+@@ -4746,6 +4757,7 @@ strip_main (int argc, char *argv[])
+       int hold_status = status;
+       struct stat statbuf;
+       char *tmpname;
++      int tmpfd = -1;
+ 
+       if (get_file_size (argv[i]) < 1)
+ 	{
+@@ -4760,7 +4772,7 @@ strip_main (int argc, char *argv[])
+ 
+       if (output_file == NULL
+ 	  || filename_cmp (argv[i], output_file) == 0)
+-	tmpname = make_tempname (argv[i]);
++	tmpname = make_tempname (argv[i], &tmpfd);
+       else
+ 	tmpname = output_file;
+ 
+@@ -4773,15 +4785,13 @@ strip_main (int argc, char *argv[])
+ 	}
+ 
+       status = 0;
+-      copy_file (argv[i], tmpname, input_target, output_target, NULL);
++      copy_file (argv[i], tmpname, tmpfd, input_target, output_target, NULL);
+       if (status == 0)
+ 	{
+-	  if (preserve_dates)
+-	    set_times (tmpname, &statbuf);
+ 	  if (output_file != tmpname)
+ 	    status = (smart_rename (tmpname,
+ 				    output_file ? output_file : argv[i],
+-				    preserve_dates) != 0);
++				    preserve_dates ? &statbuf : NULL) != 0);
+ 	  if (status == 0)
+ 	    status = hold_status;
+ 	}
+@@ -4993,7 +5003,7 @@ copy_main (int argc, char *argv[])
+   bfd_boolean formats_info = FALSE;
+   bfd_boolean use_globalize = FALSE;
+   bfd_boolean use_keep_global = FALSE;
+-  int c;
++  int c, tmpfd = -1;
+   struct stat statbuf;
+   const bfd_arch_info_type *input_arch = NULL;
+ 
+@@ -5839,7 +5849,7 @@ copy_main (int argc, char *argv[])
+      are the same, then create a temp and rename the result into the input.  */
+   if (output_filename == NULL
+       || filename_cmp (input_filename, output_filename) == 0)
+-    tmpname = make_tempname (input_filename);
++    tmpname = make_tempname (input_filename, &tmpfd);
+   else
+     tmpname = output_filename;
+ 
+@@ -5847,14 +5857,13 @@ copy_main (int argc, char *argv[])
+     fatal (_("warning: could not create temporary file whilst copying '%s', (error: %s)"),
+ 	   input_filename, strerror (errno));
+ 
+-  copy_file (input_filename, tmpname, input_target, output_target, input_arch);
++  copy_file (input_filename, tmpname, tmpfd, input_target, output_target,
++	     input_arch);
+   if (status == 0)
+     {
+-      if (preserve_dates)
+-	set_times (tmpname, &statbuf);
+       if (tmpname != output_filename)
+ 	status = (smart_rename (tmpname, input_filename,
+-				preserve_dates) != 0);
++				preserve_dates ? &statbuf : NULL) != 0);
+     }
+   else
+     unlink_if_ordinary (tmpname);
+diff --git a/binutils/rename.c b/binutils/rename.c
+index bf3b68d0462..07d44d0f314 100644
+--- a/binutils/rename.c
++++ b/binutils/rename.c
+@@ -24,14 +24,9 @@
+ 
+ #ifdef HAVE_GOOD_UTIME_H
+ #include <utime.h>
+-#else /* ! HAVE_GOOD_UTIME_H */
+-#ifdef HAVE_UTIMES
++#elif defined HAVE_UTIMES
+ #include <sys/time.h>
+-#endif /* HAVE_UTIMES */
+-#endif /* ! HAVE_GOOD_UTIME_H */
+-
+-#if ! defined (_WIN32) || defined (__CYGWIN32__)
+-static int simple_copy (const char *, const char *);
++#endif
+ 
+ /* The number of bytes to copy at once.  */
+ #define COPY_BUF 8192
+@@ -82,7 +77,6 @@ simple_copy (const char *from, const char *to)
+     }
+   return 0;
+ }
+-#endif /* __CYGWIN32__ or not _WIN32 */
+ 
+ /* Set the times of the file DESTINATION to be the same as those in
+    STATBUF.  */
+@@ -91,122 +85,52 @@ void
+ set_times (const char *destination, const struct stat *statbuf)
+ {
+   int result;
+-
+-  {
+ #ifdef HAVE_GOOD_UTIME_H
+-    struct utimbuf tb;
+-
+-    tb.actime = statbuf->st_atime;
+-    tb.modtime = statbuf->st_mtime;
+-    result = utime (destination, &tb);
+-#else /* ! HAVE_GOOD_UTIME_H */
+-#ifndef HAVE_UTIMES
+-    long tb[2];
+-
+-    tb[0] = statbuf->st_atime;
+-    tb[1] = statbuf->st_mtime;
+-    result = utime (destination, tb);
+-#else /* HAVE_UTIMES */
+-    struct timeval tv[2];
+-
+-    tv[0].tv_sec = statbuf->st_atime;
+-    tv[0].tv_usec = 0;
+-    tv[1].tv_sec = statbuf->st_mtime;
+-    tv[1].tv_usec = 0;
+-    result = utimes (destination, tv);
+-#endif /* HAVE_UTIMES */
+-#endif /* ! HAVE_GOOD_UTIME_H */
+-  }
++  struct utimbuf tb;
++
++  tb.actime = statbuf->st_atime;
++  tb.modtime = statbuf->st_mtime;
++  result = utime (destination, &tb);
++#elif defined HAVE_UTIMES
++  struct timeval tv[2];
++
++  tv[0].tv_sec = statbuf->st_atime;
++  tv[0].tv_usec = 0;
++  tv[1].tv_sec = statbuf->st_mtime;
++  tv[1].tv_usec = 0;
++  result = utimes (destination, tv);
++#else
++  long tb[2];
++
++  tb[0] = statbuf->st_atime;
++  tb[1] = statbuf->st_mtime;
++  result = utime (destination, tb);
++#endif
+ 
+   if (result != 0)
+     non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno));
+ }
+ 
+-#ifndef S_ISLNK
+-#ifdef S_IFLNK
+-#define S_ISLNK(m) (((m) & S_IFMT) == S_IFLNK)
+-#else
+-#define S_ISLNK(m) 0
+-#define lstat stat
+-#endif
+-#endif
+-
+-/* Rename FROM to TO, copying if TO is a link.
+-   Return 0 if ok, -1 if error.  */
++/* Copy FROM to TO.  TARGET_STAT has the file status that, if non-NULL,
++   is used to fix up timestamps.  Return 0 if ok, -1 if error.
++   At one time this function renamed files, but file permissions are
++   tricky to update given the number of different schemes used by
++   various systems.  So now we just copy.  */
+ 
+ int
+-smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNUSED)
++smart_rename (const char *from, const char *to,
++	      struct stat *target_stat)
+ {
+-  bfd_boolean exists;
+-  struct stat s;
+-  int ret = 0;
+-
+-  exists = lstat (to, &s) == 0;
+-
+-#if defined (_WIN32) && !defined (__CYGWIN32__)
+-  /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but
+-     fail instead.  Also, chown is not present.  */
++  int ret;
+ 
+-  if (exists)
+-    remove (to);
+-
+-  ret = rename (from, to);
++  ret = simple_copy (from, to);
+   if (ret != 0)
+-    {
+-      /* We have to clean up here.  */
+-      non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
+-      unlink (from);
+-    }
+-#else
+-  /* Use rename only if TO is not a symbolic link and has
+-     only one hard link, and we have permission to write to it.  */
+-  if (! exists
+-      || (!S_ISLNK (s.st_mode)
+-	  && S_ISREG (s.st_mode)
+-	  && (s.st_mode & S_IWUSR)
+-	  && s.st_nlink == 1)
+-      )
+-    {
+-      ret = rename (from, to);
+-      if (ret == 0)
+-	{
+-	  if (exists)
+-	    {
+-	      /* Try to preserve the permission bits and ownership of
+-		 TO.  First get the mode right except for the setuid
+-		 bit.  Then change the ownership.  Then fix the setuid
+-		 bit.  We do the chmod before the chown because if the
+-		 chown succeeds, and we are a normal user, we won't be
+-		 able to do the chmod afterward.  We don't bother to
+-		 fix the setuid bit first because that might introduce
+-		 a fleeting security problem, and because the chown
+-		 will clear the setuid bit anyhow.  We only fix the
+-		 setuid bit if the chown succeeds, because we don't
+-		 want to introduce an unexpected setuid file owned by
+-		 the user running objcopy.  */
+-	      chmod (to, s.st_mode & 0777);
+-	      if (chown (to, s.st_uid, s.st_gid) >= 0)
+-		chmod (to, s.st_mode & 07777);
+-	    }
+-	}
+-      else
+-	{
+-	  /* We have to clean up here.  */
+-	  non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
+-	  unlink (from);
+-	}
+-    }
+-  else
+-    {
+-      ret = simple_copy (from, to);
+-      if (ret != 0)
+-	non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno));
++    non_fatal (_("unable to copy file '%s'; reason: %s"),
++	       to, strerror (errno));
+ 
+-      if (preserve_dates)
+-	set_times (to, &s);
+-      unlink (from);
+-    }
+-#endif /* _WIN32 && !__CYGWIN32__ */
++  if (target_stat != NULL)
++    set_times (to, target_stat);
++  unlink (from);
+ 
+   return ret;
+ }
+-- 
+2.17.1
+
-- 
2.25.1

[OE-core][dunfell 02/12] cve-update-db-native: skip on empty cpe23Uri

[Steve Sakoman]

From: Konrad Weihmann <kweihmann@outlook.com>

Recently an entry in the NVD DB appeared that looks like that
{'vulnerable': True, 'cpe_name': []}.
As besides all the vulnerable flag no data is present we would get
a KeyError exception on acccess.
Use get method on dictionary and return if no meta data is present
Also quit if the length of the array after splitting is less than 6

Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 00ce2796d97de2bc376b038d0ea7969088791d34)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 5d9fb59cbc..e86c69803f 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -132,7 +132,12 @@ def parse_node_and_insert(c, node, cveId):
         for cpe in node.get('cpe_match', ()):
             if not cpe['vulnerable']:
                 return
-            cpe23 = cpe['cpe23Uri'].split(':')
+            cpe23 = cpe.get('cpe23Uri')
+            if not cpe23:
+                return
+            cpe23 = cpe23.split(':')
+            if len(cpe23) < 6:
+                return
             vendor = cpe23[3]
             product = cpe23[4]
             version = cpe23[5]
-- 
2.25.1

[OE-core][dunfell 03/12] oeqa/selftest/bblayers: Add test case for bitbake-layers layerindex-show-depends

[Steve Sakoman]

From: Diego Sueiro <diego.sueiro@arm.com>

Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 80090c31164d62a169431ab71c4aaee5475b6f40)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/bblayers.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/bblayers.py b/meta/lib/oeqa/selftest/cases/bblayers.py
index f131d9856c..7d74833f61 100644
--- a/meta/lib/oeqa/selftest/cases/bblayers.py
+++ b/meta/lib/oeqa/selftest/cases/bblayers.py
@@ -12,6 +12,11 @@ from oeqa.selftest.case import OESelftestTestCase
 
 class BitbakeLayers(OESelftestTestCase):
 
+    def test_bitbakelayers_layerindexshowdepends(self):
+        result = runCmd('bitbake-layers layerindex-show-depends meta-poky')
+        find_in_contents = re.search("openembedded-core", result.output)
+        self.assertTrue(find_in_contents, msg = "openembedded-core should have been listed at this step. bitbake-layers layerindex-show-depends meta-poky output: %s" % result.output)
+
     def test_bitbakelayers_showcrossdepends(self):
         result = runCmd('bitbake-layers show-cross-depends')
         self.assertIn('aspell', result.output)
-- 
2.25.1

[OE-core][dunfell 04/12] oeqa: tear down oeqa decorators if one of them raises an exception in setup

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Some of the decorators need proper cleanup, such as OETimeout
which sets a signal handler that needs to be cleared via teardown.
If this is not done then the signal gets called later with unpredictable effects.

This can be seen if there's a test that is skipped via a decorator and sets a timeout
at the same time: the timeout isn't cleared, and is invoked later in a
completely unrelated context. The test case for this is added in the
next commit.

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f42a08e1aabf1ca57e0c09d69fb69cc717c7f156)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/core/case.py                | 9 +++++++--
 meta/lib/oeqa/core/decorator/oetimeout.py | 5 +++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/meta/lib/oeqa/core/case.py b/meta/lib/oeqa/core/case.py
index aae451fef2..bc4446a938 100644
--- a/meta/lib/oeqa/core/case.py
+++ b/meta/lib/oeqa/core/case.py
@@ -43,8 +43,13 @@ class OETestCase(unittest.TestCase):
         clss.tearDownClassMethod()
 
     def _oeSetUp(self):
-        for d in self.decorators:
-            d.setUpDecorator()
+        try:
+            for d in self.decorators:
+                d.setUpDecorator()
+        except:
+            for d in self.decorators:
+                d.tearDownDecorator()
+            raise
         self.setUpMethod()
 
     def _oeTearDown(self):
diff --git a/meta/lib/oeqa/core/decorator/oetimeout.py b/meta/lib/oeqa/core/decorator/oetimeout.py
index df90d1c798..5e6873ad48 100644
--- a/meta/lib/oeqa/core/decorator/oetimeout.py
+++ b/meta/lib/oeqa/core/decorator/oetimeout.py
@@ -24,5 +24,6 @@ class OETimeout(OETestDecorator):
 
     def tearDownDecorator(self):
         signal.alarm(0)
-        signal.signal(signal.SIGALRM, self.alarmSignal)
-        self.logger.debug("Removed SIGALRM handler")
+        if hasattr(self, 'alarmSignal'):
+            signal.signal(signal.SIGALRM, self.alarmSignal)
+            self.logger.debug("Removed SIGALRM handler")
-- 
2.25.1

[OE-core][dunfell 05/12] meta/lib/oeqa/core/tests/cases/timeout.py: add a testcase for the previous fix

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

This is the sequence that didn't properly operate:

- a test case that skips and isn't executed
- a second test case that is skipped via a dependency decorator, and sets a timeout
- a third test case that takes longer than the timeout from the second
test case

Without the fix, the timeout is not cleared, and the third test case is
erroneously aborted. With the fix, the timeout is cleared and the third
test case is able to complete.

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 54ef07a9aa1af8f41cfb9a4802929c918efc43c8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/core/tests/cases/timeout.py   | 13 +++++++++++++
 meta/lib/oeqa/core/tests/test_decorators.py |  6 ++++++
 2 files changed, 19 insertions(+)

diff --git a/meta/lib/oeqa/core/tests/cases/timeout.py b/meta/lib/oeqa/core/tests/cases/timeout.py
index 5dfecc7b7c..69cf969a67 100644
--- a/meta/lib/oeqa/core/tests/cases/timeout.py
+++ b/meta/lib/oeqa/core/tests/cases/timeout.py
@@ -8,6 +8,7 @@ from time import sleep
 
 from oeqa.core.case import OETestCase
 from oeqa.core.decorator.oetimeout import OETimeout
+from oeqa.core.decorator.depends import OETestDepends
 
 class TimeoutTest(OETestCase):
 
@@ -19,3 +20,15 @@ class TimeoutTest(OETestCase):
     def testTimeoutFail(self):
         sleep(2)
         self.assertTrue(True, msg='How is this possible?')
+
+
+    def testTimeoutSkip(self):
+        self.skipTest("This test needs to be skipped, so that testTimeoutDepends()'s OETestDepends kicks in")
+
+    @OETestDepends(["timeout.TimeoutTest.testTimeoutSkip"])
+    @OETimeout(3)
+    def testTimeoutDepends(self):
+        self.assertTrue(False, msg='How is this possible?')
+
+    def testTimeoutUnrelated(self):
+        sleep(6)
diff --git a/meta/lib/oeqa/core/tests/test_decorators.py b/meta/lib/oeqa/core/tests/test_decorators.py
index b798bf7d33..5095f39948 100755
--- a/meta/lib/oeqa/core/tests/test_decorators.py
+++ b/meta/lib/oeqa/core/tests/test_decorators.py
@@ -133,5 +133,11 @@ class TestTimeoutDecorator(TestBase):
         msg = "OETestTimeout didn't restore SIGALRM"
         self.assertIs(alarm_signal, signal.getsignal(signal.SIGALRM), msg=msg)
 
+    def test_timeout_cancel(self):
+        tests = ['timeout.TimeoutTest.testTimeoutSkip', 'timeout.TimeoutTest.testTimeoutDepends', 'timeout.TimeoutTest.testTimeoutUnrelated']
+        msg = 'Unrelated test failed to complete'
+        tc = self._testLoader(modules=self.modules, tests=tests)
+        self.assertTrue(tc.runTests().wasSuccessful(), msg=msg)
+
 if __name__ == '__main__':
     unittest.main()
-- 
2.25.1

[OE-core][dunfell 06/12] go: update SRC_URI to use https protocol

[Steve Sakoman]

From: wangmy <wangmy@fujitsu.com>

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a1eb731ed3bcb049192550e362b771c3a9ea6eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-common.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
index f18d928c70..39a681a712 100644
--- a/meta/recipes-devtools/go/go-common.inc
+++ b/meta/recipes-devtools/go/go-common.inc
@@ -14,7 +14,7 @@ LICENSE = "BSD-3-Clause"
 
 inherit goarch
 
-SRC_URI = "http://golang.org/dl/go${PV}.src.tar.gz;name=main"
+SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main"
 S = "${WORKDIR}/go"
 B = "${S}"
 UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"
-- 
2.25.1

[OE-core][dunfell 07/12] go: Use dl.google.com for SRC_URI

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

golang.org/dl is resolving to this anyway

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8470e38ac1d9f9bb6d8a4ee43724af452d080057)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-common.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
index 39a681a712..c368b95b69 100644
--- a/meta/recipes-devtools/go/go-common.inc
+++ b/meta/recipes-devtools/go/go-common.inc
@@ -14,7 +14,7 @@ LICENSE = "BSD-3-Clause"
 
 inherit goarch
 
-SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main"
+SRC_URI = "https://dl.google.com/go/go${PV}.src.tar.gz;name=main"
 S = "${WORKDIR}/go"
 B = "${S}"
 UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"
-- 
2.25.1

[OE-core][dunfell 08/12] kernel.bbclass: Configuration for environment with HOSTCXX

[Steve Sakoman]

From: Zhang Qiang <qiang.zhang@windriver.com>

When compiling xilinx-zynq board linux-kernel-dev(v5.8) if
"GCC_PLUGINS=y", The following error will appear:

"HOSTCXX -fPIC scripts/gcc-plugins/arm_ssp_per_task_plugin.o
fatal error: gmp.h: No such file or directory"

the GCC_PLUGINS depend on return result of gcc-plugin.sh execution
however in gcc-plugin.sh use HOSTCC to detect the feature of GNU
extension of gcc, this will result that HOSTCC can compile the file
successfully, but HOSTCXX is used in the actual compilation process.

Signed-off-by: Zhang Qiang <qiang.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/kernel.bbclass | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index 83a574efcd..22b1224d79 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -194,6 +194,8 @@ UBOOT_LOADADDRESS ?= "${UBOOT_ENTRYPOINT}"
 KERNEL_EXTRA_ARGS ?= ""
 
 EXTRA_OEMAKE = " HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" HOSTCPP="${BUILD_CPP}""
+EXTRA_OEMAKE += " HOSTCXX="${BUILD_CXX} ${BUILD_CXXFLAGS} ${BUILD_LDFLAGS}""
+
 KERNEL_ALT_IMAGETYPE ??= ""
 
 copy_initramfs() {
-- 
2.25.1

[OE-core][dunfell 09/12] yocto-check-layer: Avoid bug when iterating and autoadding dependencies

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

If iterating a layer with multiple components and auto-adding dependencies
the tests can break since layers are never removed and order isn't guaranteed
to account for that.

Fix this by resetting the layer list back to the original list each time
before auto-adding the dependencies in each case.

This fixes scanning of meta-openembedded in particular where the sublayers
may not be added in order of minimal dependency.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bf1b467dacf345379cd5d84a1c9b3b0d844d5c91)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 scripts/yocto-check-layer | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/scripts/yocto-check-layer b/scripts/yocto-check-layer
index b7c83c8b54..deba3cb4f8 100755
--- a/scripts/yocto-check-layer
+++ b/scripts/yocto-check-layer
@@ -138,6 +138,9 @@ def main():
                 layer['type'] == LayerType.ERROR_BSP_DISTRO:
             continue
 
+        # Reset to a clean backup copy for each run
+        shutil.copyfile(bblayersconf + '.backup', bblayersconf)
+
         if check_bblayers(bblayersconf, layer['path'], logger):
             logger.info("%s already in %s. To capture initial signatures, layer under test should not present "
                "in BBLAYERS. Please remove %s from BBLAYERS." % (layer['name'], bblayersconf, layer['name']))
-- 
2.25.1

[OE-core][dunfell 10/12] linux-firmware: Package RSI 911x WiFi firmware

[Steve Sakoman]

From: Marek Vasut <marex@denx.de>

The RSI 911x WiFi firmware is already part of the linux-firmware
repository, package it to make it easily available.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cc44b71f6ea68ca0f483d635df7dc7b9905b1593)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux-firmware/linux-firmware_20210208.bb         | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
index 78856cbf66..a751b92a2f 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
@@ -229,6 +229,7 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \
              ${PN}-sd8887 ${PN}-sd8897 ${PN}-sd8997 ${PN}-usb8997 \
              ${PN}-ti-connectivity-license ${PN}-wlcommon ${PN}-wl12xx ${PN}-wl18xx \
              ${PN}-vt6656-license ${PN}-vt6656 \
+             ${PN}-rs9113 ${PN}-rs9116 \
              ${PN}-rtl-license ${PN}-rtl8188 ${PN}-rtl8192cu ${PN}-rtl8192ce ${PN}-rtl8192su ${PN}-rtl8723 ${PN}-rtl8821 \
              ${PN}-rtl8168 \
              ${PN}-cypress-license \
@@ -529,6 +530,16 @@ RDEPENDS_${PN}-nvidia-gpu += "${PN}-nvidia-license"
 RDEPENDS_${PN}-nvidia-tegra += "${PN}-nvidia-license"
 RDEPENDS_${PN}-nvidia-tegra-k1 += "${PN}-nvidia-license"
 
+# For RSI RS911x WiFi
+LICENSE_${PN}-rs9113 = "WHENCE"
+LICENSE_${PN}-rs9116 = "WHENCE"
+
+FILES_${PN}-rs9113 = " ${nonarch_base_libdir}/firmware/rsi/rs9113*.rps "
+FILES_${PN}-rs9116 = " ${nonarch_base_libdir}/firmware/rsi/rs9116*.rps "
+
+RDEPENDS_${PN}-rs9113 += "${PN}-whence-license"
+RDEPENDS_${PN}-rs9116 += "${PN}-whence-license"
+
 # For rtl
 LICENSE_${PN}-rtl8188 = "Firmware-rtlwifi_firmware"
 LICENSE_${PN}-rtl8192cu = "Firmware-rtlwifi_firmware"
-- 
2.25.1

[OE-core][dunfell 11/12] license_image.bbclass: Detect broken symlinks

[Steve Sakoman]

From: Reto Schneider <reto.schneider@husqvarnagroup.com>

Find and report symlinks which point to a non-existing file.

Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 81809a1ffe67aade1b2ed66fe95044ffbf7d3df8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/license_image.bbclass | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/meta/classes/license_image.bbclass b/meta/classes/license_image.bbclass
index a69cc5f065..cfb0606da9 100644
--- a/meta/classes/license_image.bbclass
+++ b/meta/classes/license_image.bbclass
@@ -1,3 +1,5 @@
+ROOTFS_LICENSE_DIR = "${IMAGE_ROOTFS}/usr/share/common-licenses"
+
 python write_package_manifest() {
     # Get list of installed packages
     license_image_dir = d.expand('${LICENSE_DIRECTORY}/${IMAGE_NAME}')
@@ -105,8 +107,7 @@ def write_license_files(d, license_manifest, pkg_dic, rootfs=True):
     copy_lic_manifest = d.getVar('COPY_LIC_MANIFEST')
     copy_lic_dirs = d.getVar('COPY_LIC_DIRS')
     if rootfs and copy_lic_manifest == "1":
-        rootfs_license_dir = os.path.join(d.getVar('IMAGE_ROOTFS'), 
-                                'usr', 'share', 'common-licenses')
+        rootfs_license_dir = d.getVar('ROOTFS_LICENSE_DIR')
         bb.utils.mkdirhier(rootfs_license_dir)
         rootfs_license_manifest = os.path.join(rootfs_license_dir,
                 os.path.split(license_manifest)[1])
@@ -256,3 +257,13 @@ python do_populate_lic_deploy() {
 addtask populate_lic_deploy before do_build after do_image_complete
 do_populate_lic_deploy[recrdeptask] += "do_populate_lic do_deploy"
 
+python license_qa_dead_symlink() {
+    import os
+
+    for root, dirs, files in os.walk(d.getVar('ROOTFS_LICENSE_DIR')):
+        for file in files:
+            full_path = root + "/" + file
+            if os.path.islink(full_path) and not os.path.exists(full_path):
+                bb.error("broken symlink: " + full_path)
+}
+IMAGE_QA_COMMANDS += "license_qa_dead_symlink"
-- 
2.25.1

[OE-core][dunfell 12/12] license_image.bbclass: Fix symlink to generic license files

[Steve Sakoman]

From: Reto Schneider <reto.schneider@husqvarnagroup.com>

Link to the canonical filename of a license as only this one exists.

Fixes commit 670fe71dd18ea675f35581db4a61fda137f8bf00
[license_image.bbclass: use canonical name for license files].

Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 64b1ba978e079c345e1f7fbd1bf44052fc3dd857)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/license_image.bbclass | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/meta/classes/license_image.bbclass b/meta/classes/license_image.bbclass
index cfb0606da9..1396a95f47 100644
--- a/meta/classes/license_image.bbclass
+++ b/meta/classes/license_image.bbclass
@@ -145,12 +145,13 @@ def write_license_files(d, license_manifest, pkg_dic, rootfs=True):
                             continue
 
                         # Make sure we use only canonical name for the license file
-                        rootfs_license = os.path.join(rootfs_license_dir, "generic_%s" % generic_lic)
+                        generic_lic_file = "generic_%s" % generic_lic
+                        rootfs_license = os.path.join(rootfs_license_dir, generic_lic_file)
                         if not os.path.exists(rootfs_license):
                             oe.path.copyhardlink(pkg_license, rootfs_license)
 
                         if not os.path.exists(pkg_rootfs_license):
-                            os.symlink(os.path.join('..', lic), pkg_rootfs_license)
+                            os.symlink(os.path.join('..', generic_lic_file), pkg_rootfs_license)
                     else:
                         if (oe.license.license_ok(canonical_license(d,
                                 lic), bad_licenses) == False or
-- 
2.25.1

Re: [OE-core][dunfell 07/12] go: Use dl.google.com for SRC_URI

[Richard Purdie]

On Fri, 2021-04-30 at 05:33 -1000, Steve Sakoman wrote:
> From: Khem Raj <raj.khem@gmail.com>
> 
> golang.org/dl is resolving to this anyway
> 
> Signed-off-by: Khem Raj <raj.khem@gmail.com>
> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> (cherry picked from commit 8470e38ac1d9f9bb6d8a4ee43724af452d080057)
> Signed-off-by: Steve Sakoman <steve@sakoman.com>
> ---
>  meta/recipes-devtools/go/go-common.inc | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
> index 39a681a712..c368b95b69 100644
> --- a/meta/recipes-devtools/go/go-common.inc
> +++ b/meta/recipes-devtools/go/go-common.inc
> @@ -14,7 +14,7 @@ LICENSE = "BSD-3-Clause"
>  
> 
> 
> 
>  inherit goarch
>  
> 
> 
> 
> -SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main"
> +SRC_URI = "https://dl.google.com/go/go${PV}.src.tar.gz;name=main"
>  S = "${WORKDIR}/go"
>  B = "${S}"
>  UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"


We are seeing autobuilder issues with some go downloads which we may want to
resolve before merging this.

Cheers,

Richard

Re: [OE-core][dunfell 07/12] go: Use dl.google.com for SRC_URI

[Steve Sakoman]

On Fri, Apr 30, 2021 at 5:44 AM Richard Purdie
<richard.purdie@linuxfoundation.org> wrote:
>
> On Fri, 2021-04-30 at 05:33 -1000, Steve Sakoman wrote:
> > From: Khem Raj <raj.khem@gmail.com>
> >
> > golang.org/dl is resolving to this anyway
> >
> > Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> > (cherry picked from commit 8470e38ac1d9f9bb6d8a4ee43724af452d080057)
> > Signed-off-by: Steve Sakoman <steve@sakoman.com>
> > ---
> >  meta/recipes-devtools/go/go-common.inc | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
> > index 39a681a712..c368b95b69 100644
> > --- a/meta/recipes-devtools/go/go-common.inc
> > +++ b/meta/recipes-devtools/go/go-common.inc
> > @@ -14,7 +14,7 @@ LICENSE = "BSD-3-Clause"
> >
> >
> >
> >
> >  inherit goarch
> >
> >
> >
> >
> > -SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main"
> > +SRC_URI = "https://dl.google.com/go/go${PV}.src.tar.gz;name=main"
> >  S = "${WORKDIR}/go"
> >  B = "${S}"
> >  UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"
>
>
> We are seeing autobuilder issues with some go downloads which we may want to
> resolve before merging this.

OK, haven't seen those with dunfell but will drop this patch from the
pull request and monitor master for resolution.

Steve

Re: [OE-core][dunfell 07/12] go: Use dl.google.com for SRC_URI

[Richard Purdie]

On Fri, 2021-04-30 at 05:53 -1000, Steve Sakoman wrote:
> On Fri, Apr 30, 2021 at 5:44 AM Richard Purdie
> <richard.purdie@linuxfoundation.org> wrote:
> > 
> > On Fri, 2021-04-30 at 05:33 -1000, Steve Sakoman wrote:
> > > From: Khem Raj <raj.khem@gmail.com>
> > > 
> > > golang.org/dl is resolving to this anyway
> > > 
> > > Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > > Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> > > (cherry picked from commit 8470e38ac1d9f9bb6d8a4ee43724af452d080057)
> > > Signed-off-by: Steve Sakoman <steve@sakoman.com>
> > > ---
> > >  meta/recipes-devtools/go/go-common.inc | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
> > > index 39a681a712..c368b95b69 100644
> > > --- a/meta/recipes-devtools/go/go-common.inc
> > > +++ b/meta/recipes-devtools/go/go-common.inc
> > > @@ -14,7 +14,7 @@ LICENSE = "BSD-3-Clause"
> > > 
> > > 
> > > 
> > > 
> > >  inherit goarch
> > > 
> > > 
> > > 
> > > 
> > > -SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main"
> > > +SRC_URI = "https://dl.google.com/go/go${PV}.src.tar.gz;name=main"
> > >  S = "${WORKDIR}/go"
> > >  B = "${S}"
> > >  UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"
> > 
> > 
> > We are seeing autobuilder issues with some go downloads which we may want to
> > resolve before merging this.
> 
> OK, haven't seen those with dunfell but will drop this patch from the
> pull request and monitor master for resolution.

It is this and the https change earlier in your series. It could just be
some corrupt files in DL_DIR but I'd be happier we get this resolved there first.

Cheers,

Richard

Re: [OE-core][dunfell 07/12] go: Use dl.google.com for SRC_URI

[Khem Raj]

On 4/30/21 8:58 AM, Richard Purdie wrote:
> On Fri, 2021-04-30 at 05:53 -1000, Steve Sakoman wrote:
>> On Fri, Apr 30, 2021 at 5:44 AM Richard Purdie
>> <richard.purdie@linuxfoundation.org> wrote:
>>>
>>> On Fri, 2021-04-30 at 05:33 -1000, Steve Sakoman wrote:
>>>> From: Khem Raj <raj.khem@gmail.com>
>>>>
>>>> golang.org/dl is resolving to this anyway
>>>>
>>>> Signed-off-by: Khem Raj <raj.khem@gmail.com>
>>>> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
>>>> (cherry picked from commit 8470e38ac1d9f9bb6d8a4ee43724af452d080057)
>>>> Signed-off-by: Steve Sakoman <steve@sakoman.com>
>>>> ---
>>>>   meta/recipes-devtools/go/go-common.inc | 2 +-
>>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
>>>> index 39a681a712..c368b95b69 100644
>>>> --- a/meta/recipes-devtools/go/go-common.inc
>>>> +++ b/meta/recipes-devtools/go/go-common.inc
>>>> @@ -14,7 +14,7 @@ LICENSE = "BSD-3-Clause"
>>>>
>>>>
>>>>
>>>>
>>>>   inherit goarch
>>>>
>>>>
>>>>
>>>>
>>>> -SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main"
>>>> +SRC_URI = "https://dl.google.com/go/go${PV}.src.tar.gz;name=main"
>>>>   S = "${WORKDIR}/go"
>>>>   B = "${S}"
>>>>   UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"
>>>
>>>
>>> We are seeing autobuilder issues with some go downloads which we may want to
>>> resolve before merging this.
>>
>> OK, haven't seen those with dunfell but will drop this patch from the
>> pull request and monitor master for resolution.
> 
> It is this and the https change earlier in your series. It could just be
> some corrupt files in DL_DIR but I'd be happier we get this resolved there first.
> 

https change is still good, but this change perhaps is not required. for 
master/hardknott we will get it fixed once we cleanup downloads mirror.

> Cheers,
> 
> Richard
> 
> 
> 
> 
> 

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Wednesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2338

The following changes since commit c96bcf97272f243df14598c84a41097746884b65:

  oeqa/selftest/archiver: Allow tests to ignore empty directories (2021-07-06 04:37:02 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
  bootchart2: update 0.14.8 -> 0.14.9

Chen Qi (1):
  busybox: fix CVE-2021-28831

Khem Raj (1):
  webkitgtk: Upgrade to 2.28.4

Marek Vasut (1):
  update-rc.d: update SRCREV to pull in fix for non-bash shell support

Minjae Kim (1):
  dhcp: fix CVE-2021-25217

Richard Purdie (4):
  webkitgtk: upgrade 2.28.2 -> 2.28.3
  dwarfsrcfiles: Avoid races over debug-link files
  oeqa/selftest/multiprocesslauch: Fix test race
  report-error: Drop pointless inherit

Steve Sakoman (1):
  glibc: update to lastest 2.31 release HEAD

Tim Orling (1):
  python3: upgrade 3.8.10 -> 3.8.11

Zoltán Böszörményi (1):
  tzdata: Allow controlling zoneinfo binary format

 meta/classes/report-error.bbclass             |   2 -
 meta/lib/oeqa/selftest/cases/oelib/utils.py   |   3 +-
 .../dhcp/dhcp/CVE-2021-25217.patch            |  66 ++++
 meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb  |   1 +
 ...ss_gunzip-Fix-DoS-if-gzip-is-corrupt.patch |  51 +++
 meta/recipes-core/busybox/busybox_1.31.1.bb   |   3 +-
 meta/recipes-core/glibc/glibc-version.inc     |   2 +-
 .../update-rc.d/update-rc.d_0.8.bb            |   2 +-
 ...tchart2_0.14.8.bb => bootchart2_0.14.9.bb} |   3 +-
 .../dwarfsrcfiles/files/dwarfsrcfiles.c       |  13 +-
 .../recipes-devtools/python/python3_3.8.11.bb | 362 ++++++++++++++++++
 meta/recipes-extended/timezone/tzdata.bb      |  10 +-
 ...build-errors-due-to-WWc-11-narrowing.patch |  66 ++++
 .../webkit/webkitgtk/CVE-2020-13753.patch     |  15 -
 ...ebkitgtk_2.28.2.bb => webkitgtk_2.28.4.bb} |   5 +-
 15 files changed, 571 insertions(+), 33 deletions(-)
 create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch
 create mode 100644 meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
 rename meta/recipes-devtools/bootchart2/{bootchart2_0.14.8.bb => bootchart2_0.14.9.bb} (99%)
 create mode 100644 meta/recipes-devtools/python/python3_3.8.11.bb
 create mode 100644 meta/recipes-sato/webkit/webkitgtk/0001-clang-11-fix-build-errors-due-to-WWc-11-narrowing.patch
 delete mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2020-13753.patch
 rename meta/recipes-sato/webkit/{webkitgtk_2.28.2.bb => webkitgtk_2.28.4.bb} (97%)

-- 
2.25.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2469

The following changes since commit ce78c16409363741d59a2f787aca66077bec93cd:

  sstate.bbclass: fix error handling when sstate mirrors is ro (2021-08-16 04:41:07 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexandre Belloni (1):
  oeqa/runtime/cases: make date.DateTest.test_date more reliable

Bruce Ashfield (3):
  linux-yocto/5.4: update to v5.4.137
  linux-yocto/5.4: update to v5.4.139
  linux-yocto/5.4: update to v5.4.141

Dmitry Baryshkov (1):
  linux-firmware: add more Qualcomm firmware packages

Dragos-Marian Panait (1):
  util-linux: fix CVE-2021-37600

Khem Raj (1):
  sdk: Enable do_populate_sdk with multilibs

Purushottam Choudhary (1):
  python3: Remove unused python3 recipe

Richard Purdie (1):
  oeqa/selftest/glibc: Handle incorrect encoding issuesin glibc test
    results

Ross Burton (2):
  tar: ignore node-tar CVEs
  ovmf: build natively everywhere

hongxu (1):
  sdk: fix relocate symlink failed

 meta/classes/multilib.bbclass                 |   1 -
 meta/classes/populate_sdk_base.bbclass        |   2 +-
 meta/files/toolchain-shar-relocate.sh         |   2 +-
 meta/lib/oeqa/runtime/cases/date.py           |   9 +-
 meta/lib/oeqa/selftest/cases/glibc.py         |   2 +-
 meta/recipes-core/ovmf/ovmf_git.bb            |   2 +-
 .../util-linux/CVE-2021-37600.patch           |  33 ++
 .../util-linux/util-linux_2.35.1.bb           |   1 +
 .../recipes-devtools/python/python3_3.8.10.bb | 363 ------------------
 meta/recipes-extended/tar/tar_1.32.bb         |   3 +
 .../linux-firmware/linux-firmware_20210511.bb |  17 +-
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 14 files changed, 79 insertions(+), 392 deletions(-)
 create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
 delete mode 100644 meta/recipes-devtools/python/python3_3.8.10.bb

-- 
2.25.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Tuesday.

Passed a-full on auto builder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3096

with the exception of a known intermmitent autobuilder issue on oe-selftest-fedora,
which passed on subsequent retest:

https://autobuilder.yoctoproject.org/typhoon/#/builders/86/builds/3004

The following changes since commit 1ab7aee542589f6b6c76f8515b4230ce870a8678:

  selftest: skip virgl test on fedora 34 entirely (2021-12-23 06:21:37 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
  lib/oe/reproducible: correctly set .git location when recursively
    looking for git repos

Marek Vasut (1):
  weston: Backport patches to always activate the top-level surface

Marta Rybczynska (1):
  grub: fix CVE-2020-14372 and CVE-2020-27779

Richard Purdie (4):
  openssl: Add reproducibility fix
  oeqa/selftest/bbtests: Use YP sources mirror instead of GNU
  oeqa/selftest/tinfoil: Update to use test command
  scripts: Update to use exec_module() instead of load_module()

Steve Sakoman (3):
  libpcre2: update SRC_URI
  selftest: skip virgl test on fedora 35
  asciidoc: properly detect and compare Python versions >= 3.10

Tim Orling (1):
  scripts/buildhistory-diff: drop use of distutils

wangmy (1):
  linux-firmware: upgrade 20211027 -> 20211216

 meta/lib/oe/reproducible.py                   |   2 +-
 meta/lib/oeqa/selftest/cases/bbtests.py       |   2 +-
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +
 meta/lib/oeqa/selftest/cases/tinfoil.py       |   6 +-
 .../grub/files/CVE-2020-14372.patch           |  76 +++
 .../grub/files/CVE-2020-14372_1.patch         | 130 ++++++
 .../grub/files/CVE-2020-14372_2.patch         | 431 ++++++++++++++++++
 .../grub/files/CVE-2020-14372_3.patch         |  57 +++
 .../grub/files/CVE-2020-14372_4.patch         |  52 +++
 .../grub/files/CVE-2020-14372_5.patch         | 158 +++++++
 .../grub/files/CVE-2020-27779.patch           |  70 +++
 .../grub/files/CVE-2020-27779_2.patch         | 105 +++++
 .../grub/files/CVE-2020-27779_3.patch         |  37 ++
 .../grub/files/CVE-2020-27779_4.patch         |  35 ++
 .../grub/files/CVE-2020-27779_5.patch         |  62 +++
 .../grub/files/CVE-2020-27779_6.patch         |  61 +++
 .../grub/files/CVE-2020-27779_7.patch         |  65 +++
 .../grub/files/no-insmod-on-sb.patch          | 107 +++++
 meta/recipes-bsp/grub/grub2.inc               |  14 +
 .../openssl/openssl/reproducibility.patch     |  22 +
 .../openssl/openssl_1.1.1l.bb                 |   1 +
 .../asciidoc/detect-python-version.patch      |  42 ++
 .../asciidoc/asciidoc_8.6.9.bb                |   3 +-
 ...move-no-op-de-activation-of-the-xdg-.patch |  32 ++
 ...name-gain-lose-keyboard-focus-to-act.patch |  57 +++
 ...bed-keyboard-focus-handle-code-when-.patch |  99 ++++
 meta/recipes-graphics/wayland/weston_8.0.0.bb |   3 +
 ...20211027.bb => linux-firmware_20211216.bb} |   4 +-
 .../recipes-support/libpcre/libpcre2_10.34.bb |   2 +-
 scripts/buildhistory-diff                     |   5 -
 scripts/lib/scriptutils.py                    |   7 +-
 scripts/lib/wic/pluginbase.py                 |   8 +-
 32 files changed, 1739 insertions(+), 18 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14372.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14372_1.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14372_2.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14372_3.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14372_4.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-14372_5.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-27779.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-27779_2.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-27779_3.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-27779_4.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-27779_5.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-27779_6.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-27779_7.patch
 create mode 100644 meta/recipes-bsp/grub/files/no-insmod-on-sb.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/reproducibility.patch
 create mode 100644 meta/recipes-extended/asciidoc/asciidoc/detect-python-version.patch
 create mode 100644 meta/recipes-graphics/wayland/weston/0002-desktop-shell-Remove-no-op-de-activation-of-the-xdg-.patch
 create mode 100644 meta/recipes-graphics/wayland/weston/0003-desktop-shell-Rename-gain-lose-keyboard-focus-to-act.patch
 create mode 100644 meta/recipes-graphics/wayland/weston/0004-desktop-shell-Embed-keyboard-focus-handle-code-when-.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20211027.bb => linux-firmware_20211216.bb} (99%)

-- 
2.25.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3790

The following changes since commit 7e056e79a5acce8261cb5124c172cc40ad608b82:

  linux-yocto/5.4: update to v5.4.196 (2022-06-07 08:56:30 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Jose Quaresma (2):
  archiver: use bb.note instead of echo
  archiver: don't use machine variables in shared recipes

Marcel Ziswiler (1):
  alsa-plugins: fix libavtp vs. avtp packageconfig

Martin Jansa (1):
  rootfs.py: close kernel_abi_ver_file

Mingli Yu (1):
  oescripts: change compare logic in OEListPackageconfigTests

Pawan Badganchi (1):
  openssh: Whitelist CVE-2021-36368

Peter Kjellerstedt (1):
  license.bbclass: Bound beginline and endline in copy_license_files()

Rasmus Villemoes (1):
  e2fsprogs: add alternatives handling of lsattr as well

Richard Purdie (2):
  vim: Upgrade 8.2.5034 -> 8.2.5083
  gcc-source: Fix incorrect task dependencies from ${B}

Stefan Wiehler (1):
  kernel-yocto.bbclass: Reset to exiting on non-zero return code at end
    of task

Steve Sakoman (1):
  cups: fix CVE-2022-26691

 meta/classes/archiver.bbclass                 | 11 +++++--
 meta/classes/kernel-yocto.bbclass             |  8 +++++
 meta/classes/license.bbclass                  |  8 ++---
 meta/lib/oe/rootfs.py                         |  4 ++-
 meta/lib/oeqa/selftest/cases/oescripts.py     |  3 +-
 .../openssh/openssh_8.2p1.bb                  |  7 ++++
 .../e2fsprogs/e2fsprogs_1.45.7.bb             |  5 ++-
 meta/recipes-devtools/gcc/gcc-common.inc      |  2 +-
 meta/recipes-devtools/gcc/gcc-source.inc      |  1 +
 meta/recipes-extended/cups/cups.inc           |  3 +-
 .../cups/cups/CVE-2022-26691.patch            | 33 +++++++++++++++++++
 .../alsa/alsa-plugins_1.2.1.bb                |  2 +-
 meta/recipes-support/vim/vim.inc              |  4 +--
 13 files changed, 76 insertions(+), 15 deletions(-)
 create mode 100644 meta/recipes-extended/cups/cups/CVE-2022-26691.patch

-- 
2.25.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3844

With the exception of a known autobuilder intermittent issue:

https://bugzilla.yoctoproject.org/show_bug.cgi?id=14788

which passed on subsequent retest:

https://autobuilder.yoctoproject.org/typhoon/#/builders/42/builds/5413

The following changes since commit c6f5fb5e7545636ef7948ad1562548b7b64dac35:

  linux-firmware: upgrade 20220509 -> 20220610 (2022-06-20 07:32:00 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ahmed Hossam (1):
  insane.bbclass: host-user-contaminated: Correct per package home path

Alexander Kanavin (1):
  wireless-regdb: upgrade 2022.04.08 -> 2022.06.06

Hitendra Prajapati (3):
  golang: CVE-2022-24675 encoding/pem: fix stack overflow in Decode
  golang: CVE-2021-31525 net/http: panic in ReadRequest and ReadResponse
    when reading a very large header
  grub2: CVE-2021-3981 Incorrect permission in grub.cfg allow
    unprivileged user to read the file content

Joe Slater (1):
  unzip: fix CVE-2021-4217

Marek Vasut (1):
  lttng-modules: Backport Linux 5.18+, 5.15.44+, 5.10.119+ fixes

Marta Rybczynska (2):
  cve-check: add support for Ignored CVEs
  oeqa/selftest/cve_check: add tests for Ignored and partial reports

Martin Jansa (1):
  wic: fix WicError message

Muhammad Hamza (1):
  initramfs-framework: move storage mounts to actual rootfs

Richard Purdie (1):
  unzip: Port debian fixes for two CVEs

 meta/classes/cve-check.bbclass                |  41 ++-
 meta/classes/insane.bbclass                   |   2 +-
 meta/lib/oeqa/selftest/cases/cve_check.py     |  82 ++++++
 .../grub/files/CVE-2021-3981.patch            |  32 +++
 meta/recipes-bsp/grub/grub2.inc               |   1 +
 .../initrdscripts/initramfs-framework/finish  |   9 +
 meta/recipes-devtools/go/go-1.14.inc          |   2 +
 .../go/go-1.14/CVE-2021-31525.patch           |  38 +++
 .../go/go-1.14/CVE-2022-24675.patch           | 271 ++++++++++++++++++
 .../unzip/unzip/CVE-2021-4217.patch           |  67 +++++
 .../unzip/unzip/CVE-2022-0529.patch           |  39 +++
 .../unzip/unzip/CVE-2022-0530.patch           |  33 +++
 meta/recipes-extended/unzip/unzip_6.0.bb      |   3 +
 ...ndom-remove-unused-tracepoints-v5.18.patch |  46 +++
 ...emove-unused-tracepoints-v5.10-v5.15.patch |  45 +++
 ...racepoints-removed-in-stable-kernels.patch |  51 ++++
 .../lttng/lttng-modules_2.11.6.bb             |   3 +
 ....04.08.bb => wireless-regdb_2022.06.06.bb} |   2 +-
 scripts/wic                                   |   2 +-
 19 files changed, 754 insertions(+), 15 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3981.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2021-31525.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-24675.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0017-fix-random-remove-unused-tracepoints-v5.18.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0018-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0019-fix-random-tracepoints-removed-in-stable-kernels.patch
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.04.08.bb => wireless-regdb_2022.06.06.bb} (94%)

-- 
2.25.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4885

The following changes since commit 4f069121ddb99bb6e2f186724cd60ca07f74f503:

  python3: fix packaging of Windows distutils installer stubs (2023-02-04 04:34:20 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.229
  linux-yocto/5.4: update to v5.4.230

Khem Raj (1):
  libtirpc: Check if file exists before operating on it

Niko Mauno (1):
  Fix missing leading whitespace with ':append'

Ranjitsinh Rathod (1):
  libsdl2: Add fix for CVE-2022-4743

Steve Sakoman (4):
  lttng-modules: update 2.11.6 -> 2.11.7
  lttng-modules: update 2.11.7 -> 2.11.8
  lttng-modules: update 2.11.8 -> 2.11.9
  lttng-modules: fix build with 5.4.229 kernel

Thomas Roos (1):
  devtool: fix devtool finish when gitmodules file is empty

Vivek Kumbhar (1):
  go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse*
    functions

Xiaobing Luo (1):
  devtool: Fix _copy_file() TypeError

 meta/classes/externalsrc.bbclass              |   2 +-
 meta/classes/populate_sdk_ext.bbclass         |   2 +-
 meta/recipes-devtools/go/go-1.14.inc          |   1 +
 .../go/go-1.14/CVE-2022-1962.patch            | 357 ++++++++++++++++++
 .../libtirpc/libtirpc_1.2.6.bb                |   2 +-
 .../libsdl2/libsdl2/CVE-2022-4743.patch       |  38 ++
 .../libsdl2/libsdl2_2.0.12.bb                 |   1 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 ...ncpy-equals-destination-size-warning.patch |  42 ---
 ...jtool-Rename-frame.h-objtool.h-v5.10.patch |  88 -----
 ...oints-output-proper-root-owner-for-t.patch | 316 ----------------
 ...rdered-extent-tracepoint-take-btrfs_.patch | 179 ---------
 ...ext4-fast-commit-recovery-path-v5.10.patch |  91 -----
 ...intr-vectoring-info-and-error-code-t.patch | 124 ------
 ...x86-mmu-Add-TDP-MMU-PF-handler-v5.10.patch |  82 ----
 ...Return-unique-RET_PF_-values-if-the-.patch |  71 ----
 ...int-Optimize-using-static_call-v5.10.patch | 155 --------
 ...-fix-include-order-for-older-kernels.patch |  31 --
 .../0011-Add-release-maintainer-script.patch  |  59 ---
 .../0012-Improve-the-release-script.patch     | 173 ---------
 ...fix-ext4-fast-commit-recovery-path-v.patch |  32 --
 ...-fix-include-order-for-older-kernels.patch |  32 --
 ...fix-tracepoint-Optimize-using-static.patch |  46 ---
 ...ion-range-for-trace_find_free_extent.patch |  30 --
 ...ix-jbd2-use-the-correct-print-format.patch | 147 ++++++++
 ...ules_2.11.6.bb => lttng-modules_2.11.9.bb} |  21 +-
 scripts/lib/devtool/standard.py               |   2 +-
 29 files changed, 569 insertions(+), 1591 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-1962.patch
 create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-strncpy-equals-destination-size-warning.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0002-fix-objtool-Rename-frame.h-objtool.h-v5.10.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0003-fix-btrfs-tracepoints-output-proper-root-owner-for-t.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0004-fix-btrfs-make-ordered-extent-tracepoint-take-btrfs_.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0005-fix-ext4-fast-commit-recovery-path-v5.10.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0006-fix-KVM-x86-Add-intr-vectoring-info-and-error-code-t.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0007-fix-kvm-x86-mmu-Add-TDP-MMU-PF-handler-v5.10.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0008-fix-KVM-x86-mmu-Return-unique-RET_PF_-values-if-the-.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0009-fix-tracepoint-Optimize-using-static_call-v5.10.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0010-fix-include-order-for-older-kernels.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0011-Add-release-maintainer-script.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0012-Improve-the-release-script.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0013-fix-backport-of-fix-ext4-fast-commit-recovery-path-v.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0014-Revert-fix-include-order-for-older-kernels.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0015-fix-backport-of-fix-tracepoint-Optimize-using-static.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0016-fix-adjust-version-range-for-trace_find_free_extent.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/fix-jbd2-use-the-correct-print-format.patch
 rename meta/recipes-kernel/lttng/{lttng-modules_2.11.6.bb => lttng-modules_2.11.9.bb} (59%)

-- 
2.25.1

[OE-core][dunfell 00/12] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday, March 22

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6692

The following changes since commit b49b0a3dd74c24f3a011c9c0b5cf8f6530956cfa:

  build-appliance-image: Update to dunfell head revision (2024-03-01 03:19:51 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  wireless-regdb: Upgrade 2023.09.01 -> 2024.01.23

Alexander Kanavin (1):
  linux-firmware: upgrade 20231211 -> 20240220

Alexander Sverdlin (1):
  linux-firmware: upgrade 20231030 -> 20231211

Michael Halstead (1):
  yocto-uninative: Update to 4.4 for glibc 2.39

Vijay Anusuri (1):
  libxml2: Backport fix for CVE-2024-25062

Wang Mingyu (1):
  wireless-regdb: upgrade 2023.05.03 -> 2023.09.01

Yoann Congal (6):
  cve-update-nvd2-native: Fix typo in comment
  cve-update-nvd2-native: Add an age threshold for incremental update
  cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition
  cve-update-nvd2-native: nvd_request_next: Improve comment
  cve-update-nvd2-native: Fix CVE configuration update
  cve-update-nvd2-native: Remove rejected CVE from database

 meta/conf/distro/include/yocto-uninative.inc  | 10 ++---
 .../libxml/libxml2/CVE-2024-25062-pre1.patch  | 38 +++++++++++++++++++
 .../libxml/libxml2/CVE-2024-25062.patch       | 33 ++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |  2 +
 .../meta/cve-update-nvd2-native.bb            | 35 +++++++++++++----
 ...20231030.bb => linux-firmware_20240220.bb} |  7 ++--
 ....05.03.bb => wireless-regdb_2024.01.23.bb} |  4 +-
 7 files changed, 111 insertions(+), 18 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-25062-pre1.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-25062.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20231030.bb => linux-firmware_20240220.bb} (99%)
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.05.03.bb => wireless-regdb_2024.01.23.bb} (88%)

-- 
2.34.1