* [OE-core][nanbield 01/12] shadow: Fix for CVE-2023-4641
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 02/12] tiff: Backport fixes for CVE-2023-6277 Steve Sakoman
` (10 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Xiangyu Chen <xiangyu.chen@windriver.com>
shadow-utils: possible password leak during passwd(1) change
CVE: CVE-2023-4641
Upstream-Status: Backport
[https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904]
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7942df17d9dfcf690106b8b86506d496e6251327)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../shadow/files/CVE-2023-4641.patch | 147 ++++++++++++++++++
meta/recipes-extended/shadow/shadow.inc | 1 +
2 files changed, 148 insertions(+)
create mode 100644 meta/recipes-extended/shadow/files/CVE-2023-4641.patch
diff --git a/meta/recipes-extended/shadow/files/CVE-2023-4641.patch b/meta/recipes-extended/shadow/files/CVE-2023-4641.patch
new file mode 100644
index 0000000000..1fabfe928e
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/CVE-2023-4641.patch
@@ -0,0 +1,147 @@
+From 25dbe2ce166a13322b7536ff2f738786ea2e61e7 Mon Sep 17 00:00:00 2001
+From: Alejandro Colomar <alx@kernel.org>
+Date: Sat, 10 Jun 2023 16:20:05 +0200
+Subject: [PATCH] gpasswd(1): Fix password leak
+
+How to trigger this password leak?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+When gpasswd(1) asks for the new password, it asks twice (as is usual
+for confirming the new password). Each of those 2 password prompts
+uses agetpass() to get the password. If the second agetpass() fails,
+the first password, which has been copied into the 'static' buffer
+'pass' via STRFCPY(), wasn't being zeroed.
+
+agetpass() is defined in <./libmisc/agetpass.c> (around line 91), and
+can fail for any of the following reasons:
+
+- malloc(3) or readpassphrase(3) failure.
+
+ These are going to be difficult to trigger. Maybe getting the system
+ to the limits of memory utilization at that exact point, so that the
+ next malloc(3) gets ENOMEM, and possibly even the OOM is triggered.
+ About readpassphrase(3), ENFILE and EINTR seem the only plausible
+ ones, and EINTR probably requires privilege or being the same user;
+ but I wouldn't discard ENFILE so easily, if a process starts opening
+ files.
+
+- The password is longer than PASS_MAX.
+
+ The is plausible with physical access. However, at that point, a
+ keylogger will be a much simpler attack.
+
+And, the attacker must be able to know when the second password is being
+introduced, which is not going to be easy.
+
+How to read the password after the leak?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Provoking the leak yourself at the right point by entering a very long
+password is easy, and inspecting the process stack at that point should
+be doable. Try to find some consistent patterns.
+
+Then, search for those patterns in free memory, right after the victim
+leaks their password.
+
+Once you get the leak, a program should read all the free memory
+searching for patterns that gpasswd(1) leaves nearby the leaked
+password.
+
+On 6/10/23 03:14, Seth Arnold wrote:
+> An attacker process wouldn't be able to use malloc(3) for this task.
+> There's a handful of tools available for userspace to allocate memory:
+>
+> - brk / sbrk
+> - mmap MAP_ANONYMOUS
+> - mmap /dev/zero
+> - mmap some other file
+> - shm_open
+> - shmget
+>
+> Most of these return only pages of zeros to a process. Using mmap of an
+> existing file, you can get some of the contents of the file demand-loaded
+> into the memory space on the first use.
+>
+> The MAP_UNINITIALIZED flag only works if the kernel was compiled with
+> CONFIG_MMAP_ALLOW_UNINITIALIZED. This is rare.
+>
+> malloc(3) doesn't zero memory, to our collective frustration, but all the
+> garbage in the allocations is from previous allocations in the current
+> process. It isn't leftover from other processes.
+>
+> The avenues available for reading the memory:
+> - /dev/mem and /dev/kmem (requires root, not available with Secure Boot)
+> - /proc/pid/mem (requires ptrace privileges, mediated by YAMA)
+> - ptrace (requires ptrace privileges, mediated by YAMA)
+> - causing memory to be swapped to disk, and then inspecting the swap
+>
+> These all require a certain amount of privileges.
+
+How to fix it?
+~~~~~~~~~~~~~~
+
+memzero(), which internally calls explicit_bzero(3), or whatever
+alternative the system provides with a slightly different name, will
+make sure that the buffer is zeroed in memory, and optimizations are not
+allowed to impede this zeroing.
+
+This is not really 100% effective, since compilers may place copies of
+the string somewhere hidden in the stack. Those copies won't get zeroed
+by explicit_bzero(3). However, that's arguably a compiler bug, since
+compilers should make everything possible to avoid optimizing strings
+that are later passed to explicit_bzero(3). But we all know that
+sometimes it's impossible to have perfect knowledge in the compiler, so
+this is plausible. Nevertheless, there's nothing we can do against such
+issues, except minimizing the time such passwords are stored in plain
+text.
+
+Security concerns
+~~~~~~~~~~~~~~~~~
+
+We believe this isn't easy to exploit. Nevertheless, and since the fix
+is trivial, this fix should probably be applied soon, and backported to
+all supported distributions, to prevent someone else having more
+imagination than us to find a way.
+
+Affected versions
+~~~~~~~~~~~~~~~~~
+
+All. Bug introduced in shadow 19990709. That's the second commit in
+the git history.
+
+Fixes: 45c6603cc86c ("[svn-upgrade] Integrating new upstream version, shadow (19990709)")
+
+CVE: CVE-2023-4641
+Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904]
+
+Reported-by: Alejandro Colomar <alx@kernel.org>
+Cc: Serge Hallyn <serge@hallyn.com>
+Cc: Iker Pedrosa <ipedrosa@redhat.com>
+Cc: Seth Arnold <seth.arnold@canonical.com>
+Cc: Christian Brauner <christian@brauner.io>
+Cc: Balint Reczey <rbalint@debian.org>
+Cc: Sam James <sam@gentoo.org>
+Cc: David Runge <dvzrv@archlinux.org>
+Cc: Andreas Jaeger <aj@suse.de>
+Cc: <~hallyn/shadow@lists.sr.ht>
+Signed-off-by: Alejandro Colomar <alx@kernel.org>
+Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
+---
+ src/gpasswd.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/gpasswd.c b/src/gpasswd.c
+index 5983f787..2d8869ef 100644
+--- a/src/gpasswd.c
++++ b/src/gpasswd.c
+@@ -896,6 +896,7 @@ static void change_passwd (struct group *gr)
+ strzero (cp);
+ cp = getpass (_("Re-enter new password: "));
+ if (NULL == cp) {
++ memzero (pass, sizeof pass);
+ exit (1);
+ }
+
+--
+2.34.1
+
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc
index 83e1a84769..ce3ce62715 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -17,6 +17,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \
file://0001-Fix-can-not-print-full-login.patch \
file://CVE-2023-29383.patch \
file://0001-Overhaul-valid_field.patch \
+ file://CVE-2023-4641.patch \
"
SRC_URI:append:class-target = " \
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 02/12] tiff: Backport fixes for CVE-2023-6277
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 01/12] shadow: Fix for CVE-2023-4641 Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 03/12] go: update 1.20.10 -> 1.20.11 Steve Sakoman
` (9 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d115e17ad7775cf5bbfd402e98e61f362ac96efa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...277-Apply-1-suggestion-s-to-1-file-s.patch | 27 +++
...ompare-data-size-of-some-tags-data-2.patch | 36 ++++
...-compare-data-size-of-some-tags-data.patch | 162 ++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 3 +
4 files changed, 228 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-Apply-1-suggestion-s-to-1-file-s.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data-2.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data.patch
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-Apply-1-suggestion-s-to-1-file-s.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-Apply-1-suggestion-s-to-1-file-s.patch
new file mode 100644
index 0000000000..5d15dff1d9
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-Apply-1-suggestion-s-to-1-file-s.patch
@@ -0,0 +1,27 @@
+From e1640519208121f916da1772a5efb6ca28971b86 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Tue, 31 Oct 2023 15:04:37 +0000
+Subject: [PATCH 3/3] Apply 1 suggestion(s) to 1 file(s)
+
+CVE: CVE-2023-6277
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/merge_requests/545]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ libtiff/tif_dirread.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index fe8d6f8..58a4276 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -5306,7 +5306,6 @@ static int EstimateStripByteCounts(TIFF *tif, TIFFDirEntry *dir,
+ {
+ uint64_t space;
+ uint16_t n;
+- filesize = TIFFGetFileSize(tif);
+ if (!(tif->tif_flags & TIFF_BIGTIFF))
+ space = sizeof(TIFFHeaderClassic) + 2 + dircount * 12 + 4;
+ else
+--
+2.43.0
+
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data-2.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data-2.patch
new file mode 100644
index 0000000000..9fc8182fef
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data-2.patch
@@ -0,0 +1,36 @@
+From f500facf7723f1cae725dd288b2daad15e45131c Mon Sep 17 00:00:00 2001
+From: Su_Laus <sulau@freenet.de>
+Date: Mon, 30 Oct 2023 21:21:57 +0100
+Subject: [PATCH 2/3] At image reading, compare data size of some tags / data
+ structures (StripByteCounts, StripOffsets, StripArray, TIFF directory) with
+ file size to prevent provoked out-of-memory attacks.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+See issue #614.
+
+Correct declaration of ‘filesize’ shadows a previous local.
+
+CVE: CVE-2023-6277
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/merge_requests/545]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ libtiff/tif_dirread.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index c52d41f..fe8d6f8 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -5305,7 +5305,6 @@ static int EstimateStripByteCounts(TIFF *tif, TIFFDirEntry *dir,
+ if (td->td_compression != COMPRESSION_NONE)
+ {
+ uint64_t space;
+- uint64_t filesize;
+ uint16_t n;
+ filesize = TIFFGetFileSize(tif);
+ if (!(tif->tif_flags & TIFF_BIGTIFF))
+--
+2.43.0
+
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data.patch
new file mode 100644
index 0000000000..d5854a9059
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data.patch
@@ -0,0 +1,162 @@
+From b33baa5d9c6aac8ce49b5180dd48e39697ab7a11 Mon Sep 17 00:00:00 2001
+From: Su_Laus <sulau@freenet.de>
+Date: Fri, 27 Oct 2023 22:11:10 +0200
+Subject: [PATCH 1/3] At image reading, compare data size of some tags / data
+ structures (StripByteCounts, StripOffsets, StripArray, TIFF directory) with
+ file size to prevent provoked out-of-memory attacks.
+
+See issue #614.
+
+CVE: CVE-2023-6277
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/merge_requests/545]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ libtiff/tif_dirread.c | 90 +++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 90 insertions(+)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index 2c49dc6..c52d41f 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -1308,6 +1308,21 @@ TIFFReadDirEntryArrayWithLimit(TIFF *tif, TIFFDirEntry *direntry,
+ datasize = (*count) * typesize;
+ assert((tmsize_t)datasize > 0);
+
++ /* Before allocating a huge amount of memory for corrupted files, check if
++ * size of requested memory is not greater than file size.
++ */
++ uint64_t filesize = TIFFGetFileSize(tif);
++ if (datasize > filesize)
++ {
++ TIFFWarningExtR(tif, "ReadDirEntryArray",
++ "Requested memory size for tag %d (0x%x) %" PRIu32
++ " is greather than filesize %" PRIu64
++ ". Memory not allocated, tag not read",
++ direntry->tdir_tag, direntry->tdir_tag, datasize,
++ filesize);
++ return (TIFFReadDirEntryErrAlloc);
++ }
++
+ if (isMapped(tif) && datasize > (uint64_t)tif->tif_size)
+ return TIFFReadDirEntryErrIo;
+
+@@ -5266,6 +5281,20 @@ static int EstimateStripByteCounts(TIFF *tif, TIFFDirEntry *dir,
+ if (!_TIFFFillStrilesInternal(tif, 0))
+ return -1;
+
++ /* Before allocating a huge amount of memory for corrupted files, check if
++ * size of requested memory is not greater than file size. */
++ uint64_t filesize = TIFFGetFileSize(tif);
++ uint64_t allocsize = (uint64_t)td->td_nstrips * sizeof(uint64_t);
++ if (allocsize > filesize)
++ {
++ TIFFWarningExtR(tif, module,
++ "Requested memory size for StripByteCounts of %" PRIu64
++ " is greather than filesize %" PRIu64
++ ". Memory not allocated",
++ allocsize, filesize);
++ return -1;
++ }
++
+ if (td->td_stripbytecount_p)
+ _TIFFfreeExt(tif, td->td_stripbytecount_p);
+ td->td_stripbytecount_p = (uint64_t *)_TIFFCheckMalloc(
+@@ -5807,6 +5836,20 @@ static uint16_t TIFFFetchDirectory(TIFF *tif, uint64_t diroff,
+ dircount16 = (uint16_t)dircount64;
+ dirsize = 20;
+ }
++ /* Before allocating a huge amount of memory for corrupted files, check
++ * if size of requested memory is not greater than file size. */
++ uint64_t filesize = TIFFGetFileSize(tif);
++ uint64_t allocsize = (uint64_t)dircount16 * dirsize;
++ if (allocsize > filesize)
++ {
++ TIFFWarningExtR(
++ tif, module,
++ "Requested memory size for TIFF directory of %" PRIu64
++ " is greather than filesize %" PRIu64
++ ". Memory not allocated, TIFF directory not read",
++ allocsize, filesize);
++ return 0;
++ }
+ origdir = _TIFFCheckMalloc(tif, dircount16, dirsize,
+ "to read TIFF directory");
+ if (origdir == NULL)
+@@ -5921,6 +5964,20 @@ static uint16_t TIFFFetchDirectory(TIFF *tif, uint64_t diroff,
+ "directories not supported");
+ return 0;
+ }
++ /* Before allocating a huge amount of memory for corrupted files, check
++ * if size of requested memory is not greater than file size. */
++ uint64_t filesize = TIFFGetFileSize(tif);
++ uint64_t allocsize = (uint64_t)dircount16 * dirsize;
++ if (allocsize > filesize)
++ {
++ TIFFWarningExtR(
++ tif, module,
++ "Requested memory size for TIFF directory of %" PRIu64
++ " is greather than filesize %" PRIu64
++ ". Memory not allocated, TIFF directory not read",
++ allocsize, filesize);
++ return 0;
++ }
+ origdir = _TIFFCheckMalloc(tif, dircount16, dirsize,
+ "to read TIFF directory");
+ if (origdir == NULL)
+@@ -5968,6 +6025,8 @@ static uint16_t TIFFFetchDirectory(TIFF *tif, uint64_t diroff,
+ }
+ }
+ }
++ /* No check against filesize needed here because "dir" should have same size
++ * than "origdir" checked above. */
+ dir = (TIFFDirEntry *)_TIFFCheckMalloc(
+ tif, dircount16, sizeof(TIFFDirEntry), "to read TIFF directory");
+ if (dir == 0)
+@@ -7164,6 +7223,20 @@ static int TIFFFetchStripThing(TIFF *tif, TIFFDirEntry *dir, uint32_t nstrips,
+ return (0);
+ }
+
++ /* Before allocating a huge amount of memory for corrupted files, check
++ * if size of requested memory is not greater than file size. */
++ uint64_t filesize = TIFFGetFileSize(tif);
++ uint64_t allocsize = (uint64_t)nstrips * sizeof(uint64_t);
++ if (allocsize > filesize)
++ {
++ TIFFWarningExtR(tif, module,
++ "Requested memory size for StripArray of %" PRIu64
++ " is greather than filesize %" PRIu64
++ ". Memory not allocated",
++ allocsize, filesize);
++ _TIFFfreeExt(tif, data);
++ return (0);
++ }
+ resizeddata = (uint64_t *)_TIFFCheckMalloc(
+ tif, nstrips, sizeof(uint64_t), "for strip array");
+ if (resizeddata == 0)
+@@ -7263,6 +7336,23 @@ static void allocChoppedUpStripArrays(TIFF *tif, uint32_t nstrips,
+ }
+ bytecount = last_offset + last_bytecount - offset;
+
++ /* Before allocating a huge amount of memory for corrupted files, check if
++ * size of StripByteCount and StripOffset tags is not greater than
++ * file size.
++ */
++ uint64_t allocsize = (uint64_t)nstrips * sizeof(uint64_t) * 2;
++ uint64_t filesize = TIFFGetFileSize(tif);
++ if (allocsize > filesize)
++ {
++ TIFFWarningExtR(tif, "allocChoppedUpStripArrays",
++ "Requested memory size for StripByteCount and "
++ "StripOffsets %" PRIu64
++ " is greather than filesize %" PRIu64
++ ". Memory not allocated",
++ allocsize, filesize);
++ return;
++ }
++
+ newcounts =
+ (uint64_t *)_TIFFCheckMalloc(tif, nstrips, sizeof(uint64_t),
+ "for chopped \"StripByteCounts\" array");
+--
+2.43.0
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
index 49984f1125..4c472f8ef6 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
@@ -9,6 +9,9 @@ LIC_FILES_CHKSUM = "file://LICENSE.md;md5=a3e32d664d6db1386b4689c8121531c3"
CVE_PRODUCT = "libtiff"
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
+ file://CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data.patch \
+ file://CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data-2.patch \
+ file://CVE-2023-6277-Apply-1-suggestion-s-to-1-file-s.patch \
"
SRC_URI[sha256sum] = "88b3979e6d5c7e32b50d7ec72fb15af724f6ab2cbf7e10880c360a77e4b5d99a"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 03/12] go: update 1.20.10 -> 1.20.11
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 01/12] shadow: Fix for CVE-2023-4641 Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 02/12] tiff: Backport fixes for CVE-2023-6277 Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 04/12] go: update 1.20.11 -> 1.20.12 Steve Sakoman
` (8 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Jose Quaresma <quaresma.jose@gmail.com>
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.10..go1.20.11
1d0d4b149c (tag: go1.20.11) [release-branch.go1.20] go1.20.11
46fb781685 [release-branch.go1.20] path/filepath: fix various issues in parsing Windows paths
998fdce3ae [release-branch.go1.20] net/http: pull http2 underflow fix from x/net/http2
d48639094b [release-branch.go1.20] cmd/link: split text sections for arm 32-bit
c8fdffb790 [release-branch.go1.20] all: tidy dependency versioning after release
[1] https://github.com/golang/go/compare/go1.20.10...go1.20.11
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 09fb378fb9c60c383f0ac068bbe3692f047aa617)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/{go-1.20.10.inc => go-1.20.11.inc} | 2 +-
...binary-native_1.20.10.bb => go-binary-native_1.20.11.bb} | 6 +++---
...oss-canadian_1.20.10.bb => go-cross-canadian_1.20.11.bb} | 0
.../go/{go-cross_1.20.10.bb => go-cross_1.20.11.bb} | 0
.../go/{go-crosssdk_1.20.10.bb => go-crosssdk_1.20.11.bb} | 0
.../go/{go-native_1.20.10.bb => go-native_1.20.11.bb} | 0
.../go/{go-runtime_1.20.10.bb => go-runtime_1.20.11.bb} | 0
meta/recipes-devtools/go/{go_1.20.10.bb => go_1.20.11.bb} | 0
8 files changed, 4 insertions(+), 4 deletions(-)
rename meta/recipes-devtools/go/{go-1.20.10.inc => go-1.20.11.inc} (89%)
rename meta/recipes-devtools/go/{go-binary-native_1.20.10.bb => go-binary-native_1.20.11.bb} (78%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.20.10.bb => go-cross-canadian_1.20.11.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.20.10.bb => go-cross_1.20.11.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.20.10.bb => go-crosssdk_1.20.11.bb} (100%)
rename meta/recipes-devtools/go/{go-native_1.20.10.bb => go-native_1.20.11.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.20.10.bb => go-runtime_1.20.11.bb} (100%)
rename meta/recipes-devtools/go/{go_1.20.10.bb => go_1.20.11.bb} (100%)
diff --git a/meta/recipes-devtools/go/go-1.20.10.inc b/meta/recipes-devtools/go/go-1.20.11.inc
similarity index 89%
rename from meta/recipes-devtools/go/go-1.20.10.inc
rename to meta/recipes-devtools/go/go-1.20.11.inc
index 39509ed986..2f510b1791 100644
--- a/meta/recipes-devtools/go/go-1.20.10.inc
+++ b/meta/recipes-devtools/go/go-1.20.11.inc
@@ -15,4 +15,4 @@ SRC_URI += "\
file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \
"
-SRC_URI[main.sha256sum] = "72d2f51805c47150066c103754c75fddb2c19d48c9219fa33d1e46696c841dbb"
+SRC_URI[main.sha256sum] = "d355c5ae3a8f7763c9ec9dc25153aae373958cbcb60dd09e91a8b56c7621b2fc"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.20.10.bb b/meta/recipes-devtools/go/go-binary-native_1.20.11.bb
similarity index 78%
rename from meta/recipes-devtools/go/go-binary-native_1.20.10.bb
rename to meta/recipes-devtools/go/go-binary-native_1.20.11.bb
index 691670c31e..bf91067971 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.20.10.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.20.11.bb
@@ -9,9 +9,9 @@ PROVIDES = "go-native"
# Checksums available at https://go.dev/dl/
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "80d34f1fd74e382d86c2d6102e0e60d4318461a7c2f457ec1efc4042752d4248"
-SRC_URI[go_linux_arm64.sha256sum] = "fb3c7e15fc4413c5b81eb9f26dbd7cd4faedd5c720b30fa8e2ff77457f74cab6"
-SRC_URI[go_linux_ppc64le.sha256sum] = "ebac6e713810174f9ffd7f48c17c373fbf359d50d8e6233b1dfbbdebd524fd1c"
+SRC_URI[go_linux_amd64.sha256sum] = "ef79a11aa095a08772d2a69e4f152f897c4e96ee297b0dc20264b7dec2961abe"
+SRC_URI[go_linux_arm64.sha256sum] = "7908a49c6ce9d48af9b5ba76ccaa0769da45d8b635259a01065b3739acef4ada"
+SRC_URI[go_linux_ppc64le.sha256sum] = "e04676e1aeafe7c415176f330322d43a4be5ea6deb14aca49905bd1449dc7072"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.20.10.bb b/meta/recipes-devtools/go/go-cross-canadian_1.20.11.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.20.10.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.20.11.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.20.10.bb b/meta/recipes-devtools/go/go-cross_1.20.11.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.20.10.bb
rename to meta/recipes-devtools/go/go-cross_1.20.11.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.20.10.bb b/meta/recipes-devtools/go/go-crosssdk_1.20.11.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.20.10.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.20.11.bb
diff --git a/meta/recipes-devtools/go/go-native_1.20.10.bb b/meta/recipes-devtools/go/go-native_1.20.11.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-native_1.20.10.bb
rename to meta/recipes-devtools/go/go-native_1.20.11.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.20.10.bb b/meta/recipes-devtools/go/go-runtime_1.20.11.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.20.10.bb
rename to meta/recipes-devtools/go/go-runtime_1.20.11.bb
diff --git a/meta/recipes-devtools/go/go_1.20.10.bb b/meta/recipes-devtools/go/go_1.20.11.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.20.10.bb
rename to meta/recipes-devtools/go/go_1.20.11.bb
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 04/12] go: update 1.20.11 -> 1.20.12
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (2 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 03/12] go: update 1.20.10 -> 1.20.11 Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 05/12] linux-firmware: Package iwlwifi .pnvm files Steve Sakoman
` (7 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Jose Quaresma <quaresma.jose@gmail.com>
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.11..go1.20.12
97c8ff8d53 (tag: go1.20.12, origin/release-branch.go1.20) [release-branch.go1.20] go1.20.12
6446af942e [release-branch.go1.20] net/http: limit chunked data overhead
77397ffcb2 [release-branch.go1.20] crypto/rand,runtime: revert "switch RtlGenRandom for ProcessPrng"
d77307f855 [release-branch.go1.20] cmd/compile: fix findIndVar so it does not match disjointed loop headers
1bd76576fe [release-branch.go1.20] crypto/rand,runtime: switch RtlGenRandom for ProcessPrng
1b59b017db [release-branch.go1.20] path/filepath: consider \\?\c: as a volume on Windows
46bc33819a [release-branch.go1.20] cmd/go/internal/vcs: error out if the requested repo does not support a secure protocol
e1dc209be8 [release-branch.go1.20] cmd/go/internal/modfetch/codehost: set core.longpaths in Git repos on Windows
[1] https://github.com/golang/go/compare/go1.20.11...go1.20.12
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8515842b5c503b9a8840675d9cbcfe147d25c1d4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/{go-1.20.11.inc => go-1.20.12.inc} | 2 +-
...binary-native_1.20.11.bb => go-binary-native_1.20.12.bb} | 6 +++---
...oss-canadian_1.20.11.bb => go-cross-canadian_1.20.12.bb} | 0
.../go/{go-cross_1.20.11.bb => go-cross_1.20.12.bb} | 0
.../go/{go-crosssdk_1.20.11.bb => go-crosssdk_1.20.12.bb} | 0
.../go/{go-native_1.20.11.bb => go-native_1.20.12.bb} | 0
.../go/{go-runtime_1.20.11.bb => go-runtime_1.20.12.bb} | 0
meta/recipes-devtools/go/{go_1.20.11.bb => go_1.20.12.bb} | 0
8 files changed, 4 insertions(+), 4 deletions(-)
rename meta/recipes-devtools/go/{go-1.20.11.inc => go-1.20.12.inc} (89%)
rename meta/recipes-devtools/go/{go-binary-native_1.20.11.bb => go-binary-native_1.20.12.bb} (78%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.20.11.bb => go-cross-canadian_1.20.12.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.20.11.bb => go-cross_1.20.12.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.20.11.bb => go-crosssdk_1.20.12.bb} (100%)
rename meta/recipes-devtools/go/{go-native_1.20.11.bb => go-native_1.20.12.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.20.11.bb => go-runtime_1.20.12.bb} (100%)
rename meta/recipes-devtools/go/{go_1.20.11.bb => go_1.20.12.bb} (100%)
diff --git a/meta/recipes-devtools/go/go-1.20.11.inc b/meta/recipes-devtools/go/go-1.20.12.inc
similarity index 89%
rename from meta/recipes-devtools/go/go-1.20.11.inc
rename to meta/recipes-devtools/go/go-1.20.12.inc
index 2f510b1791..9be56c6707 100644
--- a/meta/recipes-devtools/go/go-1.20.11.inc
+++ b/meta/recipes-devtools/go/go-1.20.12.inc
@@ -15,4 +15,4 @@ SRC_URI += "\
file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \
"
-SRC_URI[main.sha256sum] = "d355c5ae3a8f7763c9ec9dc25153aae373958cbcb60dd09e91a8b56c7621b2fc"
+SRC_URI[main.sha256sum] = "c5bf934751d31c315c1d0bb5fb02296545fa6d08923566f7a5afec81f2ed27d6"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.20.11.bb b/meta/recipes-devtools/go/go-binary-native_1.20.12.bb
similarity index 78%
rename from meta/recipes-devtools/go/go-binary-native_1.20.11.bb
rename to meta/recipes-devtools/go/go-binary-native_1.20.12.bb
index bf91067971..e555412a19 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.20.11.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.20.12.bb
@@ -9,9 +9,9 @@ PROVIDES = "go-native"
# Checksums available at https://go.dev/dl/
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "ef79a11aa095a08772d2a69e4f152f897c4e96ee297b0dc20264b7dec2961abe"
-SRC_URI[go_linux_arm64.sha256sum] = "7908a49c6ce9d48af9b5ba76ccaa0769da45d8b635259a01065b3739acef4ada"
-SRC_URI[go_linux_ppc64le.sha256sum] = "e04676e1aeafe7c415176f330322d43a4be5ea6deb14aca49905bd1449dc7072"
+SRC_URI[go_linux_amd64.sha256sum] = "9c5d48c54dd8b0a3b2ef91b0f92a1190aa01f11d26e98033efa64c46a30bba7b"
+SRC_URI[go_linux_arm64.sha256sum] = "8afe8e3fb6972eaa2179ef0a71678c67f26509fab4f0f67c4b00f4cdfa92dc87"
+SRC_URI[go_linux_ppc64le.sha256sum] = "2ae0ec3736216dfbd7b01ff679842dc1bed365e53a024d522645bcffd01c7328"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.20.11.bb b/meta/recipes-devtools/go/go-cross-canadian_1.20.12.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.20.11.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.20.12.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.20.11.bb b/meta/recipes-devtools/go/go-cross_1.20.12.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.20.11.bb
rename to meta/recipes-devtools/go/go-cross_1.20.12.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.20.11.bb b/meta/recipes-devtools/go/go-crosssdk_1.20.12.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.20.11.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.20.12.bb
diff --git a/meta/recipes-devtools/go/go-native_1.20.11.bb b/meta/recipes-devtools/go/go-native_1.20.12.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-native_1.20.11.bb
rename to meta/recipes-devtools/go/go-native_1.20.12.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.20.11.bb b/meta/recipes-devtools/go/go-runtime_1.20.12.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.20.11.bb
rename to meta/recipes-devtools/go/go-runtime_1.20.12.bb
diff --git a/meta/recipes-devtools/go/go_1.20.11.bb b/meta/recipes-devtools/go/go_1.20.12.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.20.11.bb
rename to meta/recipes-devtools/go/go_1.20.12.bb
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 05/12] linux-firmware: Package iwlwifi .pnvm files
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (3 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 04/12] go: update 1.20.11 -> 1.20.12 Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 06/12] linux-firmware: Change bnx2 packaging Steve Sakoman
` (6 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Jason Andryuk <jandryuk@gmail.com>
The iwlwifi uses the .pnvm files for newer AX210+ cards, so package them
into the iwlwifi-misc subpackage.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 056c4de1422ff06745c5669f871a1bb6f5390d01)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../recipes-kernel/linux-firmware/linux-firmware_20231030.bb | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
index c0394b9b3b..b849c086b6 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
@@ -1187,7 +1187,10 @@ FILES:${PN}-iwlwifi-7265d = "${nonarch_base_libdir}/firmware/iwlwifi-7265D-*.u
FILES:${PN}-iwlwifi-8000c = "${nonarch_base_libdir}/firmware/iwlwifi-8000C-*.ucode"
FILES:${PN}-iwlwifi-8265 = "${nonarch_base_libdir}/firmware/iwlwifi-8265-*.ucode"
FILES:${PN}-iwlwifi-9000 = "${nonarch_base_libdir}/firmware/iwlwifi-9000-*.ucode"
-FILES:${PN}-iwlwifi-misc = "${nonarch_base_libdir}/firmware/iwlwifi-*.ucode"
+FILES:${PN}-iwlwifi-misc = " \
+ ${nonarch_base_libdir}/firmware/iwlwifi-*.ucode \
+ ${nonarch_base_libdir}/firmware/iwlwifi-*.pnvm \
+"
RDEPENDS:${PN}-iwlwifi-135-6 = "${PN}-iwlwifi-license"
RDEPENDS:${PN}-iwlwifi-3160-7 = "${PN}-iwlwifi-license"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 06/12] linux-firmware: Change bnx2 packaging
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (4 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 05/12] linux-firmware: Package iwlwifi .pnvm files Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 07/12] linux-firmware: Create bnx2x subpackage Steve Sakoman
` (5 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Jason Andryuk <jandryuk@gmail.com>
The bnx2 module uses both the mips and rv2p files, so package them all
together. Remove -mips from the package name, but add an RPROVIDES for
compatibility.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 46f2b7b3bebc7efdb4199cdfe386dc16c049d8d7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux-firmware/linux-firmware_20231030.bb | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
index b849c086b6..a1229e4827 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
@@ -340,7 +340,7 @@ PACKAGES =+ "${PN}-amphion-vpu-license ${PN}-amphion-vpu \
${PN}-ice-license ${PN}-ice \
${PN}-ice-enhanced-license ${PN}-ice-enhanced \
${PN}-adsp-sst-license ${PN}-adsp-sst \
- ${PN}-bnx2-mips \
+ ${PN}-bnx2 \
${PN}-liquidio \
${PN}-nvidia-license \
${PN}-nvidia-tegra-k1 ${PN}-nvidia-tegra \
@@ -1087,18 +1087,22 @@ RDEPENDS:${PN}-bcm4356-pcie += "${PN}-cypress-license"
LICENSE:${PN}-bcm4373 = "Firmware-cypress"
RDEPENDS:${PN}-bcm4373 += "${PN}-cypress-license"
-# For Broadcom bnx2-mips
+# For Broadcom bnx2
#
# which is a separate case to the other Broadcom firmwares since its
# license is contained in the shared WHENCE file.
-LICENSE:${PN}-bnx2-mips = "WHENCE"
+LICENSE:${PN}-bnx2 = "WHENCE"
LICENSE:${PN}-whence-license = "WHENCE"
-FILES:${PN}-bnx2-mips = "${nonarch_base_libdir}/firmware/bnx2/bnx2-mips-09-6.2.1b.fw"
+FILES:${PN}-bnx2 = " \
+ ${nonarch_base_libdir}/firmware/bnx2/bnx2-mips*.fw \
+ ${nonarch_base_libdir}/firmware/bnx2/bnx2-rv2p*.fw \
+"
FILES:${PN}-whence-license = "${nonarch_base_libdir}/firmware/WHENCE"
-RDEPENDS:${PN}-bnx2-mips += "${PN}-whence-license"
+RDEPENDS:${PN}-bnx2 += "${PN}-whence-license"
+RPROVIDES:${PN}-bnx2 = "${PN}-bnx2-mips"
# For cirrus
LICENSE:${PN}-cirrus = "Firmware-cirrus"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 07/12] linux-firmware: Create bnx2x subpackage
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (5 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 06/12] linux-firmware: Change bnx2 packaging Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 08/12] documentation.conf: fix do_menuconfig description Steve Sakoman
` (4 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Jason Andryuk <jandryuk@gmail.com>
bnx2x is another broadcom ethernet adapter with its own firmware. Place
it into its own subpackage.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 414f71bb692da7ca1899b07ebb689edeb53f8e0d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux-firmware/linux-firmware_20231030.bb | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
index a1229e4827..6667f00612 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb
@@ -341,6 +341,7 @@ PACKAGES =+ "${PN}-amphion-vpu-license ${PN}-amphion-vpu \
${PN}-ice-enhanced-license ${PN}-ice-enhanced \
${PN}-adsp-sst-license ${PN}-adsp-sst \
${PN}-bnx2 \
+ ${PN}-bnx2x \
${PN}-liquidio \
${PN}-nvidia-license \
${PN}-nvidia-tegra-k1 ${PN}-nvidia-tegra \
@@ -1104,6 +1105,12 @@ FILES:${PN}-whence-license = "${nonarch_base_libdir}/firmware/WHENCE"
RDEPENDS:${PN}-bnx2 += "${PN}-whence-license"
RPROVIDES:${PN}-bnx2 = "${PN}-bnx2-mips"
+LICENSE:${PN}-bnx2x = "WHENCE"
+
+FILES:${PN}-bnx2x = "${nonarch_base_libdir}/firmware/bnx2x/bnx2x*.fw"
+
+RDEPENDS:${PN}-bnx2x += "${PN}-whence-license"
+
# For cirrus
LICENSE:${PN}-cirrus = "Firmware-cirrus"
LICENSE:${PN}-cirrus-license = "Firmware-cirrus"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 08/12] documentation.conf: fix do_menuconfig description
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (6 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 07/12] linux-firmware: Create bnx2x subpackage Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 09/12] cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES Steve Sakoman
` (3 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
The current description is only pertinent to the kernel, even though
do_menuconfig task is used by other projects, such as Busybox and
U-Boot.
Replace "for the kernel" by an agnostic alternative (i.e., "in the
compilation directory").
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 52e053bce5e359995ebdaa21d6899f04ad2306a0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/conf/documentation.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf
index d03c497c0e..486c62b6e8 100644
--- a/meta/conf/documentation.conf
+++ b/meta/conf/documentation.conf
@@ -28,7 +28,7 @@ do_kernel_configcheck[doc] = "Validates the kernel configuration for a linux-yoc
do_kernel_configme[doc] = "Assembles the kernel configuration for a linux-yocto style kernel"
do_kernel_link_images[doc] = "Creates a symbolic link in arch/$arch/boot for vmlinux and vmlinuz kernel images"
do_listtasks[doc] = "Lists all defined tasks for a target"
-do_menuconfig[doc] = "Runs 'make menuconfig' for the kernel"
+do_menuconfig[doc] = "Runs 'make menuconfig' in the compilation directory"
do_package[doc] = "Analyzes the content of the holding area and splits it into subsets based on available packages and files"
do_package_index[doc] = "Creates or updates the index in the Package Feed area"
do_package_qa[doc] = "Runs QA checks on packaged files"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 09/12] cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (7 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 08/12] documentation.conf: fix do_menuconfig description Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 10/12] avahi: update URL for new project location Steve Sakoman
` (2 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Zahir Hussain <zahir.basha@kpit.com>
As discussion in [YOCTO #14717] cmake contains a OEToolchainConfig.cmake
file to configure the toolchain correctly in cross-compile build for recipes
using cmake.
The variable CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES value updates incorrectly
during do_compile the code. Due to this getting sporadic error like below,
fatal error: stdlib.h: No such file or directory
| 75 | #include_next <stdlib.h>
| | ^~~~~~~~~~
| compilation terminated.
| ninja: build stopped: subcommand failed.
| WARNING: exit code 1 from a shell command.
As cmake already correctly initializes the variable from environment,
So we have to unset it in the toolchain file to avoid overwriting the
variable definition again.
Signed-off-by: aszh07 <mail2szahir@gmail.com>
Signed-off-by: Zahir Hussain <zahir.basha@kpit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5aeada5793af53e8c93940952d4f314474dca4c2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake b/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake
index d6a1e0464c..6434b27371 100644
--- a/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake
+++ b/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake
@@ -18,3 +18,6 @@ file( GLOB toolchain_config_files "${CMAKE_CURRENT_LIST_FILE}.d/*.cmake" )
foreach(config ${toolchain_config_files})
include(${config})
endforeach()
+
+unset(CMAKE_C_IMPLICIT_INCLUDE_DIRECTORIES)
+unset(CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES)
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 10/12] avahi: update URL for new project location
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (8 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 09/12] cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 11/12] zstd: fix LICENSE statement Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 12/12] pseudo: Update to pull in syncfs probe fix Steve Sakoman
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@arm.com>
Avahi has moved to a new parent organisation on GitHub, so update the
URLs to match.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 02caef1567186f250e64ae3ef84fcff33d7323e4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-connectivity/avahi/avahi_0.8.bb | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb
index bfd945c7ae..1f18d4491d 100644
--- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -6,7 +6,7 @@ IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \
configuration from the link-local 169.254.0.0/16 range without the need for a central \
server.'
HOMEPAGE = "http://avahi.org"
-BUGTRACKER = "https://github.com/lathiat/avahi/issues"
+BUGTRACKER = "https://github.com/avahi/avahi/issues"
SECTION = "network"
# major part is under LGPL-2.1-or-later, but several .dtd, .xsl, initscripts and
@@ -37,8 +37,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
file://CVE-2023-38473.patch \
"
-GITHUB_BASE_URI = "https://github.com/lathiat/avahi/releases/"
-SRC_URI[md5sum] = "229c6aa30674fc43c202b22c5f8c2be7"
+GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda"
CVE_STATUS[CVE-2021-26720] = "not-applicable-platform: Issue only affects Debian/SUSE"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 11/12] zstd: fix LICENSE statement
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (9 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 10/12] avahi: update URL for new project location Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
2024-01-11 16:27 ` [OE-core][nanbield 12/12] pseudo: Update to pull in syncfs probe fix Steve Sakoman
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Massimiliano Minella <massimiliano.minella@se.com>
zstd is dual-licensed under BSD _OR_ GPLv2. License wording in the
README for v1.5.5 is misleading, but license headers in the code clearly
state that there is a choice between the two licenses.
Signed-off-by: Massimiliano Minella <massimiliano.minella@se.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 40f85de590c188c9c3985e64a83efaf06b0b4fbc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/zstd/zstd_1.5.5.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/zstd/zstd_1.5.5.bb b/meta/recipes-extended/zstd/zstd_1.5.5.bb
index 5c5fb5e734..2d72af50a4 100644
--- a/meta/recipes-extended/zstd/zstd_1.5.5.bb
+++ b/meta/recipes-extended/zstd/zstd_1.5.5.bb
@@ -5,7 +5,7 @@ It's backed by a very fast entropy stage, provided by Huff0 and FSE library."
HOMEPAGE = "http://www.zstd.net/"
SECTION = "console/utils"
-LICENSE = "BSD-3-Clause & GPL-2.0-only"
+LICENSE = "BSD-3-Clause | GPL-2.0-only"
LIC_FILES_CHKSUM = "file://LICENSE;md5=0822a32f7acdbe013606746641746ee8 \
file://COPYING;md5=39bba7d2cf0ba1036f2a6e2be52fe3f0 \
"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread* [OE-core][nanbield 12/12] pseudo: Update to pull in syncfs probe fix
2024-01-11 16:27 [OE-core][nanbield 00/12] Patch review Steve Sakoman
` (10 preceding siblings ...)
2024-01-11 16:27 ` [OE-core][nanbield 11/12] zstd: fix LICENSE statement Steve Sakoman
@ 2024-01-11 16:27 ` Steve Sakoman
11 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2024-01-11 16:27 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Pulls in the changes:
Eilís 'pidge' Ní Fhlannagáin (1):
subports: Add _GNU_SOURCE for syncfs probe
Richard Purdie (1):
SECURITY.md: Add file
Wu Zhenyu (1):
pseudo.1: Fix a typo
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9aab5be508c0dd88a4d9767f65ba5b6fcd5fb9dd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
index 4a894ebdd0..699cab11c6 100644
--- a/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -14,7 +14,7 @@ SRC_URI:append:class-nativesdk = " \
file://older-glibc-symbols.patch"
SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa"
-SRCREV = "ec6151a2b057109b3f798f151a36690af582e166"
+SRCREV = "a8453eea4d902bbb0e01c786f1cb4a178c3bbee3"
S = "${WORKDIR}/git"
PV = "1.9.0+git"
--
2.34.1
^ permalink raw reply related [flat|nested] 14+ messages in thread