Re: [OE-core][master][kirkstone][PATCH v2] grub2: fix several CVEs

Any comments? Thanks, Yongxin > -Original Message- > From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Yongxin Liu > Sent: Friday, August 5, 2022 10:42 > To: richard.pur...@linuxfoundation.org; st...@sakoman.com; openembedded- > c...@lists.openembe

Re: [OE-core] [PATCH 1/8] package: Switch debug source handling to use prefix map

Series looks good now to me. I think we should upstream the gcc patches as well since its a good change to have everywhere. I am seeing one issue in curl-config now getting buildpaths [1] emitted into it, but it could be clang only problem too, I will look more into it [1] http://sprunge.us/JmSaGG

Re: [OE-core] [PATCH 7/8] gcc: Add a patch to avoid hardcoded paths in libgcc on powerpc

On Tue, Aug 16, 2022 at 1:58 PM Richard Purdie wrote: > > Tweak the powerpc code to just include filenames rather than full paths > to avoid build reproducibility issues. > > Signed-off-by: Richard Purdie > --- > meta/recipes-devtools/gcc/gcc-12.1.inc| 1 + > .../gcc/gcc/hardcoded-paths

Re: [OE-core] [PATCH 1/8] package: Switch debug source handling to use prefix map

Looks like a good series, thanks for your work on this. LGTM. On Tue, Aug 16, 2022 at 1:57 PM Richard Purdie < richard.pur...@linuxfoundation.org> wrote: > Reproducible builds are no longer a configuration option but are required. > We also rely on the prefix mapping capability of the compilers n

[OE-core] [PATCH 8/8] skeleton/service: Ensure debug path handling works as intended

DEBUG_PREFIX_MAP uses ${S} but that wasn't set correctly for this recipe meaning cwd during the build (WORKDIR) was encoded into the binary leading to buildpath warnings in debug symbols. Set S correctly to avoid this issue. Signed-off-by: Richard Purdie --- meta-skeleton/recipes-skeleton/servic

[OE-core] [PATCH 7/8] gcc: Add a patch to avoid hardcoded paths in libgcc on powerpc

Tweak the powerpc code to just include filenames rather than full paths to avoid build reproducibility issues. Signed-off-by: Richard Purdie --- meta/recipes-devtools/gcc/gcc-12.1.inc| 1 + .../gcc/gcc/hardcoded-paths.patch | 19 +++ 2 files changed, 20 inser

[OE-core] [PATCH 6/8] gcc: Resolve relative prefix-map filenames

Add a patch to gcc so that relative paths are handled by -fdebug-prefix-map and friends. In OE we use relative paths in autotools and removing that creates a lot of issues we'd have to fix. This alternative allows us to fix the paths within gcc and improve our debug file coverage (and SPDX manifest

[OE-core] [PATCH 5/8] gcc-cross: Fix relative links

Now that we're using absolute paths to run configure, there are absolute path symlinks within gcc's output. Use our script that fixes these so that the sstate objects work correctly. Signed-off-by: Richard Purdie --- meta/recipes-devtools/gcc/gcc-cross.inc | 1 + 1 file changed, 1 insertion(+)

[OE-core] [PATCH 3/8] bitbake.conf: Handle S and B separately for debug mapping

We don't really need to keep S and B separate for debug source purposes and there shouldn't be source references in WORKDIR that isn't S and B either. Separating these out simplifies the shared-work directory handling for gcc and should also help fix external source usage. Therefore handle S and B

[OE-core] [PATCH 4/8] python3-cython: Update code to match debug path changes

Match the changes to debug prefixes in bitbake.conf. Signed-off-by: Richard Purdie --- .../python/python3-cython_0.29.32.bb | 20 ++- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/meta/recipes-devtools/python/python3-cython_0.29.32.bb b/meta/recipes-dev

[OE-core] [PATCH 2/8] libgcc/gcc-runtime: Improve source reference handling

This code was some of the earliest reproducible build work we did. To correctly handle the encoding of file paths, we used relative build paths to run configure which resulted in relative build paths in the binaries. We now have more modern approaches used elsewhere with the prefix remapping optio

[OE-core] [PATCH 1/8] package: Switch debug source handling to use prefix map

Reproducible builds are no longer a configuration option but are required. We also rely on the prefix mapping capability of the compilers now. As such, rewrite the source locating code to use the prefix maps instead of taking a guess about WORKDIR which isn't correct for kernels, gcc, externalsrc

Re: [OE-core] [PATCH 6/6] selftest/bblayers: add a test for creating a layer setup and using it to restore the layers

On Tue, 16 Aug 2022 at 22:29, Richard Purdie wrote: > https://autobuilder.yoctoproject.org/typhoon/#/builders/79/builds/4001/steps/14/logs/stdio > > (and other similar selftest failures) > > I suspect this was due to master-next being force pushed whilst the > build was running. Right, the test

Re: [OE-core] [PATCH 6/6] selftest/bblayers: add a test for creating a layer setup and using it to restore the layers

On Fri, 2022-07-29 at 16:10 +0200, Alexander Kanavin wrote: > This does a basic run-through of the bitbake-layers plugin, and the resulting > json layer config > and the layer setup script that uses it. Only poky is actually fetched by the > script. > > Signed-off-by: Alexander Kanavin > --- >

Re: [OE-core] [PATCH v2 7/7] spirv-tools: Update to 1.3.224.0

Thanks! Alex On Tue, 16 Aug 2022 at 19:30, Khem Raj wrote: > > On Tue, Aug 16, 2022 at 10:03 AM Alexander Kanavin > wrote: > > > > On Tue, 16 Aug 2022 at 18:59, Khem Raj wrote: > > > -SRCREV = "c94501352d545e84c821ce031399e76d1af32d18" > > > +SRCREV = "5e61ea2098220059e89523f1f47b0bcd8c33b89a"

Re: [OE-core] [PATCH v2 7/7] spirv-tools: Update to 1.3.224.0

On Tue, Aug 16, 2022 at 10:03 AM Alexander Kanavin wrote: > > On Tue, 16 Aug 2022 at 18:59, Khem Raj wrote: > > -SRCREV = "c94501352d545e84c821ce031399e76d1af32d18" > > +SRCREV = "5e61ea2098220059e89523f1f47b0bcd8c33b89a" > > Sorry but this does not address my previous feedback. There is no > 1.3

[OE-core] [PATCH] spirv-tools: Remove default copy constructor in header

Fixes build with when clang libc++ runtime is used. Signed-off-by: Khem Raj --- ...ult-copy-constructor-in-header.-4879.patch | 34 +++ .../spir/spirv-tools_1.3.216.0.bb | 4 ++- 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-graph

Re: [OE-core] [PATCH v2 7/7] spirv-tools: Update to 1.3.224.0

On Tue, 16 Aug 2022 at 18:59, Khem Raj wrote: > -SRCREV = "c94501352d545e84c821ce031399e76d1af32d18" > +SRCREV = "5e61ea2098220059e89523f1f47b0bcd8c33b89a" Sorry but this does not address my previous feedback. There is no 1.3.224 version released so this is effectively a random development snapsh

[OE-core] [PATCH v2 7/7] spirv-tools: Update to 1.3.224.0

Fixes build with clang Signed-off-by: Khem Raj --- v2: Drop uprev of vulkan-headers recipe, there was no change .../spir/{spirv-tools_1.3.216.0.bb => spirv-tools_1.3.224.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-graphics/spir/{spirv-tools_1.3.216.0.bb =>

[OE-core] [PATCH 6/7] ltp: Fix sys/mount.h and linux/mount.h conflict

backport needed patches Signed-off-by: Khem Raj --- ...ove-duplicate-include-of-sys-mount.h.patch | 30 ...olve-conflict-in-different-header-fi.patch | 71 +++ ...-lapi-pidfd-adding-pidfd-header-file.patch | 60 meta/recipes-extended/ltp/ltp_20220527.bb

[OE-core] [PATCH 4/7] nfs-utils: Upgrade to 2.6.2

Fix build with clang Package new rpcctl utility into a new package Signed-off-by: Khem Raj --- ...td-Check-for-return-of-stat-function.patch | 34 +++ .../0006-Fix-function-prototypes.patch| 93 +++ ...{nfs-utils_2.6.1.bb => nfs-utils_2.6.2.bb} | 11 ++- 3 files chang

[OE-core] [PATCH 5/7] apt: Do not use std::binary_function

This feature is removed from c++17 Signed-off-by: Khem Raj --- ...-init-tables-from-dpkg-configuration.patch | 4 +- ...001-Remove-using-std-binary_function.patch | 87 +++ ...n-dpkg-configure-a-at-the-end-of-our.patch | 4 +- meta/recipes-devtools/apt/apt_2.4.5.bb| 1

[OE-core] [PATCH 3/7] rpm: Remove -Wimplicit-function-declaration warnings

Signed-off-by: Khem Raj --- ...ude-lib-rpmchroot.h-for-rpmChrootOut.patch | 26 +++ meta/recipes-devtools/rpm/rpm_4.17.1.bb | 1 + 2 files changed, 27 insertions(+) create mode 100644 meta/recipes-devtools/rpm/files/0001-rpmscript-Include-lib-rpmchroot.h-for-rpmChrootOut.

[OE-core] [PATCH 2/7] vulkan-samples: Qualify move as std::move

Fixes build with clang Signed-off-by: Khem Raj --- .../0001-Qualify-move-as-std-move.patch | 405 ++ .../vulkan/vulkan-samples_git.bb | 1 + 2 files changed, 406 insertions(+) create mode 100644 meta/recipes-graphics/vulkan/vulkan-samples/0001-Qualify-move-

[OE-core] [PATCH 1/7] boost: Compile out stdlib unary/binary_functions for c++11 and newer

These base classes are deprecated/removed from libcpp15 Signed-off-by: Khem Raj --- ...y-binary_function-base-classes-are-d.patch | 34 +++ meta/recipes-support/boost/boost_1.79.0.bb| 1 + 2 files changed, 35 insertions(+) create mode 100644 meta/recipes-support/boost/boos

Re: [OE-core] [PATCH 5/6] spirv-tools,spirv-headers: Update to 1.3.224.0

sdk-x.y.z versions are released in lockstep across all vulkan components, so I believe there will be a tag eventually. Until then we need to use a smaller version, or just cherry-pick the needed fixes. Alex On Tue, 16 Aug 2022 at 16:59, Khem Raj wrote: > > On Tue, Aug 16, 2022 at 12:39 AM Alexan

Re: [OE-core] [PATCH 5/6] spirv-tools,spirv-headers: Update to 1.3.224.0

On Tue, Aug 16, 2022 at 12:39 AM Alexander Kanavin wrote: > > This version isn't tagged, so where does 1.3.224 come from? Maybe it's > better to leave at 1.3.216+SRCPV? its not tagged but there is branch https://github.com/KhronosGroup/SPIRV-Headers/tree/sdk-1.3.224 I am not sure if they mean fol

Re: [OE-core] [PATCH] distrooverrides.bbclass: use IMAGE_CLASSES

This class functionality isn't limited to images. On Tue, Aug 16, 2022 at 12:54 AM kai wrote: > From: Kai Kang > > Update comment in distrooverrides.bbclass to use IMAGE_CLASSES rather > than globally with INHERIT. > > Signed-off-by: Kai Kang > --- > meta/classes-recipe/distrooverrides.bbclas

[OE-core] Yocto Project Status 16 August 2022 (WW33)

Current Dev Position: YP 4.1 M3 Next Deadline: 22nd August 2022 YP 4.1 M3 Build Next Team Meetings: * Bug Triage meeting Thursday August 18th 7:30 am PDT ( https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09

[OE-core] [[PATCH v2] kernel-fitimage.bbclass: only package unique DTBs

The KERNEL_DEVICETREE and related variables could potentially have a device tree listed multiple times and this works okay for most scenarios. However, when we create FIT entries for these we get duplicate nodes and uboot-mkimage fails with fit-image-initramfs-image.its:219.58-229.19: ERROR (dupli

[OE-core] [meta-oe][kirkstone][PATCH] libcoap: Add recipe

From: Alex Kiernan libcoap implements a lightweight application-protocol for devices that are constrained their resources such as computing power, RF range, memory, bandwith, or network packet sizes. Upstream-Status: Bacport from https://github.com/openembedded/meta-openembedded/commit/1556da890

[OE-core] [kirkstone][PATCH] gnutls: CVE-2022-2509 Double free during gnutls_pkcs7_verify

Source: https://gitlab.com/gnutls/gnutls MR: 120416 Type: Security Fix Disposition: Backport from https://gitlab.com/gnutls/gnutls/-/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2 ChangeID: 703e01956915cf9543fdc47cfd5edb87403294f9 Description: CVE-2022-2509 gnutls: Double free during gn

[OE-core] [dunfell][PATCH] gnutls: CVE-2022-2509 Double free during gnutls_pkcs7_verify

Source: https://gitlab.com/gnutls/gnutls MR: 120421 Type: Security Fix Disposition: Backport from https://gitlab.com/gnutls/gnutls/-/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2 ChangeID: f0c84c6aa8178582ac9838c453dacdf2c7cae0e5 Description: CVE-2022-2509 gnutls: Double free during gn

[OE-core] [dunfell][PATCH] qemu: CVE-2020-27821 heap buffer overflow in msix_table_mmio_write

Source: https://git.qemu.org/?p=qemu.git; MR: 107558 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=4bfb024bc76973d40a359476dc0291f46e435442 ChangeID: c5d25422f43edb7d8728118eb482eba09474ef2c Description: CVE-2020-27821 qemu: heap buffer overflo

[OE-core] [kirkstone][PATCH 3/3] lttng-modules: replace mips compaction fix with upstream change

From: Bruce Ashfield lttng upstream had a different solution to the compaction build isses seen on mips. We switch our patch for a backport of the upstream solution. (From OE-Core rev: 459f746a198a8ae7840d783f5824fc14a44a8488) Signed-off-by: Bruce Ashfield Signed-off-by: Alexandre Belloni Si

[OE-core] [kirkstone][PATCH 2/3] lttng-modules: fix build against mips and v5.19 kernel

From: Bruce Ashfield When building against a v5.19 mips kernel, the following errors were triggered: | lttng-modules-2.13.4/src/probes/../../include/instrumentation/events/compaction.h:105:42: note: expected 'struct compact_control *' but argument is of type 'struct compact_control *' |

[OE-core] [kirkstone][PATCH 1/3] lttng-modules: fix 5.19+ build

From: Bruce Ashfield We need to backport three patches from the lttng upstream tree to fix the build against 5.19+. Obviously we'll drop these once the next lttng-modules release is available. (From OE-Core rev: dce3c772efab4e51a82fb9c8fb74bc614ee3a82e) Signed-off-by: Bruce Ashfield Signed-of

[OE-core][PATCH] shaderc: upgrade 2022.1 -> 2022.2

Signed-off-by: Jose Quaresma --- .../shaderc/{shaderc_2022.1.bb => shaderc_2022.2.bb}| 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-graphics/shaderc/{shaderc_2022.1.bb => shaderc_2022.2.bb} (95%) diff --git a/meta/recipes-graphics/shaderc/shaderc_2022.1.b

[OE-core] [PATCH] distrooverrides.bbclass: use IMAGE_CLASSES

From: Kai Kang Update comment in distrooverrides.bbclass to use IMAGE_CLASSES rather than globally with INHERIT. Signed-off-by: Kai Kang --- meta/classes-recipe/distrooverrides.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes-recipe/distrooverrides.bbcla

Re: [OE-core] [PATCH 5/6] spirv-tools,spirv-headers: Update to 1.3.224.0

This version isn't tagged, so where does 1.3.224 come from? Maybe it's better to leave at 1.3.216+SRCPV? Akex On Tue, 16 Aug 2022 at 05:30, Khem Raj wrote: > > Signed-off-by: Khem Raj > --- > .../{spirv-headers_1.3.216.0.bb => spirv-headers_1.3.224.0.bb} | 0 > .../spir/{spirv-tools_1.3.216.0

Re: [OE-core] [qa-build-notification] QA notification for completed autobuilder build (yocto-4.0.3.rc1)

Hi Everyone, QA for yocto-4.0.3.rc1 is completed. This is the full report for this release: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-testresults-contrib/tree/?h=intel-yocto-testresults === Summary No high milestone defects. No new issue found. Thanks, Jay > -Origina