Add two new recipes from the CentOS Automotive SIG
boot-time-analysis-tools project to enable boot time profiling
and measurement.
boot-time-analysis-tools:
Python-based toolset for collecting, analyzing and visualizing system
boot timing data from the systemd journal. Provides the 'boot_timings'
CLI utility which queries D-Bus and the systemd journal to produce
structured boot time reports. Depends on python3-dbus and python3-systemd
for runtime journal and D-Bus access.
cntvct-log:
Userspace C utility built with Meson that logs ARM CNTVCT_EL0 virtual
counter timestamps to correlate hardware-level timing with systemd boot
events. Installs cntvct@.service as a systemd template unit (disabled
by default) for on-demand per-instance activation. The service preset
file (98-cntvct-log.preset) is installed for system-preset-based enablement.
Both recipes fetch from the same upstream git repository:
https://gitlab.com/CentOS/automotive/src/boot-time-analysis-tools
Signed-off-by: Chitti Babu Theegala <ctheegal@qti.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
* Set a hard limit of 99999 on '?' placeholders (CVE-2026-14739)
* Fix out-of-bounds read in preparse of SQL that starts with a comment (CVE-2026-14740)
* Fix code injection via Profile DSN attribute or DBI_PROFILE variable (CVE-2026-14380)
* Update dbipport.h to Devel::PPPort-3.73
* Require Test::More 0.96 (tests will otherwise fail on pristine perl-5.12)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Update cxx crate from 1.0.194 to 1.0.197.
Changes in this update:
v1.0.195:
- Fix use of uninitialized value in let_cxx_string! on panic
inside initialization expression
v1.0.196:
- Migrate to Rust 2024 edition
v1.0.197:
- Restore RefUnwindSafe for let_cxx_string in async contexts
- Use link_deps in Cargo bazel metadata
Assisted-by: Kiro CLI 2.12.0 (AI assistant)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
FEX-2607 formats std::byte spans via fmt::join, which its pinned bundled
fmt 12.1.0 supports but oe-core's fmt 12.2.0 rejects, breaking do_compile:
fmt/base.h: error: implicit instantiation of undefined template
'fmt::detail::type_is_unformattable_for<fmt::join_view<...std::byte*...>, char>'
ninja: build stopped: subcommand failed.
The recipe already dropped fmt from DEPENDS to build the bundled copy, but
FEX only falls back to External/fmt when find_package(fmt) fails. fmt-native
is still pulled in as a transitive native dependency, and OE's
CMAKE_FIND_ROOT_PATH includes the native sysroot for packages, so
find_package(fmt) resolves against recipe-sysroot-native and the target
compile picks up the incompatible fmt 12.2.0 headers.
Set CMAKE_DISABLE_FIND_PACKAGE_fmt=ON so find_package(fmt) reports not-found
and FEX builds the bundled fmt 12.1.0.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Bump the FEX srcrev to the FEX-2607 tag and resync the vendored externals
to that release's submodule pointers: drop jemalloc (non-glibc) and
robin-map, which upstream replaced with rpmalloc and unordered_dense.
Additional build fixes required by this release:
- Disable FEX's internal ccache (-DENABLE_CCACHE=OFF); it collides with
OE's ccache class and double-wraps the compiler.
- Build fmt from the bundled External/fmt submodule instead of the system
copy. FEX-2607 formats std::byte spans via fmt::join, which its pinned
fmt 12.1.0 supports but oe-core's newer fmt 12.2.0 rejects.
- Stop FEX from stripping binaries at link time so OE can split out debug
information and the already-stripped QA check passes.
Built for qemuarm64.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- New API function: can_find_interfaces_mask()
License-Update: update year in copyright
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The native tools include compilation of zip_writter, where it include
gtest/gtest_prod.h. So native build need to depend on gtest-native.
Signed-off-by: Claus Stovgaard <claus@stovgaard.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
apitrace's CLI bakes APITRACE_PYTHON_EXECUTABLE, defined unconditionally
to ${Python3_EXECUTABLE} - the absolute path of the python CMake found at
configure time.
On the autobuilder that resolves to the launching
venv python /srv/pokybuild/buildbot-venv/bin/python3, which lives under the
worker HOME, so /usr/bin/apitrace trips:
QA Issue: File /usr/bin/apitrace in package apitrace contains reference
to the build host HOME directory [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Two build failures occur with the default clang/lld toolchain (and with
gcc) when compiling android-tools 35.0.2:
1. The bundled fmtlib 10.2.0 validates FMT_STRING() inside a consteval
basic_format_string constructor whose parse path evaluates
"format_str_.remove_prefix(detail::to_unsigned(it - begin()))". Current
C++ frontends reject that iterator subtraction as a non-constant
subexpression:
error: call to consteval function
'fmt::basic_format_string<...>::basic_format_string<FMT_COMPILE_STRING,0>'
is not a constant expression
Define FMT_CONSTEVAL to empty so fmt drops the consteval qualifier and
validates format strings via its runtime path instead.
2. adb's IOVector::coalesce() static_asserts that its Block collection type
is standard-layout. Block holds a std::unique_ptr<char[]>, which is
standard-layout under LLVM libc++ (AOSP's runtime) but not under GNU
libstdc++, so the assertion fails for libstdc++ based toolchains:
packages/modules/adb/types.h:235:27: error: static assertion failed due
to requirement 'std::is_standard_layout<Block>()'
The assertion does not protect the memcpy it guards (which writes into
plain char storage), so drop it.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Clang errors on a direct include of <bmi2intrin.h>
'Never use <bmi2intrin.h> directly; include <immintrin.h> instead.'
hit whenever __BMI2__ is defined.
Backport the upstream fix to include the umbrella <immintrin.h>
header guarded by an x86 check.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
GCC 16 / libstdc++ no longer transitively pulls in cstdint
so reader.h fails to find uintmax_t/intmax_t.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The bundled jitter sub-configure runs a gnulib AC_RUN_IFELSE strcasecmp
test that aborts under cross compilation use the cached result.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
clang names this -Wno-incompatible-pointer-types-discards-qualifiers;
the GCC spelling is an unknown -W option under -Werror,
which broke every configure try_compile (including pthread detection).
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
License-Update: copyright year updated 2000 -> 2020
Update the dmalloc.c license md5 for 5.6.5 and regenerate the patches so
they apply without fuzz (a fatal QA error). Regenerate 150-use_DESTDIR.patch
so DESTDIR also covers the install/installdocs targets; the dmalloc utility
was otherwise installed to the host /usr/bin and failed with permission
denied.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
libabigail 2.10 requires libxxhash >= 0.8.0, so add xxhash to DEPENDS.
Drop 0001-Check-for-correct-fts-module.patch, which is merged in 2.10.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Mercurial 7.x reworked its Makefile to install via pip. Use a
DESTDIR-aware setup.py install instead, add python3-setuptools-scm-native
and pin the version via SETUPTOOLS_SCM_PRETEND_VERSION, and fix the
PYTHON Makefile sed.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Use metacpan instead of cpan
Reference the LICENSE file since there is one.
Licnese remains unchanged - still Artistic or GPL
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This new version works with pcre2. The other dependencies only got sorted.
Now, Octave provides xz compressed tarballs, which are much smaller.
Unfortunately, Octave generates source code files during the build with
multiple variables from the build environment which are end up in the
binaries.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The do_create_v8_qemu_wrapper function depends on target information,
which ends up in the task signature, but the qemu wrapper isn't needed
for native builds. This causes unnecessary rebuilds of nodejs-native.
Delete the task for nodejs-native and don't install the wrapper script
for it.
This issue was previously addressed by b2a950a ("nodejs: inherit qemu
class conditionally"), which was later reverted. This patch addresses
it by removing the unused task from native builds instead of inheriting
qemu conditionally.
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===========
* Fix to set VERSION_INFO to create .so.3 instead of .so.11 which will
be reserved for a future 1.10.0 release
* Bugfix: Insufficient verification that responses belong to a
query (CVE-2026-10846). Thanks Pablo Ruiz from 'codecome.ai'
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The patch was creating the file /run/.adb.root with read-write permission for "other",
so any user was able to write to it.
Make the file owned by user adb, and remove permissions for group and other.
Before:
```
root@raspberrypi4-64:~# ls -l /run/.adb.root
-rw-rw-rw- 1 root root 8 Mar 13 15:42 /run/.adb.root
```
After:
```
root@raspberrypi4-64:~# ls -l /run/adb.root
-rw------- 1 adb adb 8 Mar 13 15:35 /run/adb.root
```
Also rename the file from .adbd.root to adbd.root, since hidden files are
not the convention in /run
AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6)
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The android-tools-conf recipe used /sys/class/android_usb/android0/,
an interface exported by the out-of-tree android.c USB gadget driver
that Google carried in Android kernels but never submitted to mainline
Linux. It was never part of any upstream kernel release.
The configfs-based USB gadget framework (CONFIG_USB_CONFIGFS) was
merged into mainline Linux with kernel 3.10 (June 2013) and is the
correct interface for all upstream kernels since then. Additionally,
Google's Generic Kernel Image (GKI) initiative dropped android.c from
Android common kernels starting with kernel 5.10 (Android 12, 2021),
so even custom BSPs targeting modern Android cannot use this interface.
Remove android-tools-conf and rename android-tools-conf-configfs to
android-tools-conf, since the configfs-based implementation is the
only correct one for any modern kernel. Backward compatibility is
preserved via PROVIDES/RPROVIDES retaining the old
android-tools-conf-configfs name.
AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6)
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Upgrade from 29.0.6.r14 to 35.0.2, switching to the Debian
android-platform-tools source package layout which ships Debian-maintained
make fragments and patch series under debian/system/.
The old recipe carried a hand-maintained patch stack on top of a
custom build system (rules_yocto.mk). The new recipe delegates to
Debian's make fragments and applies only the OE-specific patches needed
on top.
Notable upstream changes between 29.0.6 and 35.0.2 (see release notes at
https://developer.android.com/tools/releases/platform-tools):
- adb: libusb is now the default USB backend on Linux (35.0.0)
- adb: receive windowing for better throughput on high-latency links (33.0.3)
- adb: graceful USB interface release on shutdown (35.0.2)
- adb: wireless pairing and incremental APK installation support (30.0.0)
- adb: adb transport-id for safe scripted device waits (30.0.2)
- adb: fix shell exit code when device disconnects (35.0.0)
- fastboot: download speed improvements up to 980MB/s on SuperSpeed+ (35.0.0)
OE-specific changes:
- adbd now drops privileges to a dedicated "adb" system user (matching
Android's production security model); use "adb root" to escalate
- adbd root/unroot/remount support added for non-Android targets
- android-gadget-setup updated to mount functionfs with uid/gid ownership
so the unprivileged adbd can access the FunctionFS endpoints
- Depends on new android-libboringssl recipe for BoringSSL shared libraries
- android-tools-adbd.service uses Type=notify so systemd waits for adbd's
sd_notify READY=1 before proceeding with ExecStartPost
- android-gadget-start now respects ANDROID_GADGET_UDC_DELAY (default 10s
for non-systemd paths); the configfs drop-in sets it to 0 since adbd has
already signalled readiness before ExecStartPost runs, eliminating the
fixed delay on restart
Tested on Raspberry Pi 4B (MACHINE=raspberrypi4-64) with USB-C OTG port,
openembedded-core main branch, meta-openembedded master-next, kernel 6.12:
- adb devices: device enumerated as 18d1:d002
- adb shell: connection as unprivileged adb user
- adb root / adb unroot: privilege escalation and drop
- adb reboot: device reboot via adb
- adb forward: SSH tunnel through ADB verified
- oe-run-native android-tools-native adb / fastboot: native host tools build
Note: adbd only starts when /etc/usb-debugging-enabled exists on the target
(ConditionPathExists in the service file). This is intentional — ADB is
disabled by default for security. Create the file at image build time or
at runtime to enable it.
Requires kernel config for USB gadget support (e.g. via a .cfg fragment):
CONFIG_USB_DWC2_DUAL_ROLE=y
CONFIG_USB_GADGET=y
CONFIG_USB_CONFIGFS=y
CONFIG_USB_F_FS=y
CONFIG_USB_CONFIGFS_F_FS=y
Requires in local.conf for RPi4:
RPI_EXTRA_CONFIG = "dtoverlay=dwc2,dr_mode=peripheral"
AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6)
Signed-off-by: Mihajlo Marinkovic <mmarinkovic@snap.com>
Tested-by: Etienne Cordonnier <ecordonnier@snap.com>
Co-authored-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Add a recipe shipping the BoringSSL shared libraries required by
android-tools-adbd. BoringSSL is the TLS/crypto library used by adbd
for ADB authentication.
The libraries are installed under ${libdir}/android/ to avoid conflicting
with the system libcrypto/libssl in the sysroot. A SOVERSION=0 patch is
applied so Yocto's standard .so / .so.0 packaging split works correctly.
An ld.so.conf.d drop-in registers ${libdir}/android so binaries can find
the libraries at runtime.
This recipe is tightly coupled to android-tools: update it together when
upgrading android-tools to a new version.
AI-Generated: Uses GitHub Copilot (Claude Sonnet 4.6)
Signed-off-by: Mihajlo Marinkovic <mmarinkovic@snap.com>
Co-authored-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The commit 33c1e33d23 ("android-tools: remove android-tools 5.x from
meta-oe/recipes-devtools") blindly dropped all recipes from the
android-tools dir. Later commits moved the android-tools recipe and
other related recipes from the SELinux dynamic layer, bumping the
version to 29.x, but somehow the author of the patches didn't notice
that the resulting set of packages doesn't work out of box on any
upstream kernels, as the default android-tools-conf setup scripts use
Android-proprietary way of setting up the USB gadget
(/sys/class/android_usb).
Bring back the android-tools-conf-configs recipe, which uses upstream
mechanism (ConfigFS) to setup the USB gadget for ADB.
Fixes: 33c1e33d23 ("android-tools: remove android-tools 5.x from meta-oe/recipes-devtools")
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
GCC 15 introduced -Wtemplate-body (enabled by default as an error) which
performs stricter name lookup checking inside template bodies. In the
Int64LoweringReducer template class (only compiled for 32-bit targets),
the expression `__ Tuple<Word32, Word32>(...)` is ambiguous in a
dependent context because GCC cannot determine whether `Tuple` after
the `__` macro expansion (`Asm().`) refers to a template member function
or the struct type `Tuple`.
Add the C++ `template` disambiguator keyword to tell the compiler that
`Tuple` is a dependent template name. This is a minimal backport of commit
7772a2df9d0b4db9947dbb902b4aec33c35401c0.
Signed-off-by: Bin Cao <bin.cao.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
===============
- Security update
- Added NewUUID Extra tag
- Added a new Canon RF lens
- Added config_files/novelty.config to the distribution
- Decode tags from the Sony ILCE-7RM6
- Decode a new FujiFilm tag
- Decode a few more DJI protobuf tags
- Decode a new Ricoh Pentax tag
- Issue Error instead of Warning when writing XMP with some problems which
could cause loss of data
- Improved error message when reading wrongly encoded CSV or JSON file
- Enhanced -config option to allow piped input with "-config -"
- Enhanced -validate option to do more strict checking of EXIF-for-XMP tags
- Patched -sort option avoid inconsistent output ordering of same-named tags
- Patched Composite SubSec date/time tags to specify the EXIF group for the
SubSec and OffsetTime tags upon which they are based (avoids non-standard
XMP tags from being incorrectly used here)
- Fixed bug in -diff feature when finding differences for specific tags and a
specified tag was missing from the source file
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>