Drop removed python/libtool options.
isc/platform.h is no longer installed.
Rewrite reproducibility patch to fix the problem at the source.
License-Update: copyright years
(From OE-Core rev: 8a9a5885995c77774cdafeb09f7522c50750a1e9)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
for non-prime moduli ([CVE-2022-0778])
(From OE-Core rev: 30f054a1e0afaa26d16a411df2a6310104342e63)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: blowfish relicensed under 3-BSD.
Fix up ptests; listing the helper binaries one by one
is not necessary. Unittests are skipped explicitly in run-ptest,
no need to avoid building them. They still take long, but they
can be executed on target if wanted.
(From OE-Core rev: 9f031d936edb69c038639656288c84564434b906)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In commit ceda3238 (meta/meta-selftest/meta-skeleton: Update LICENSE
variable to use SPDX license identifiers) all LICENSE variables were
updated to only use SPDX license identifiers.
This does the same for comments and other variables where it is
appropriate to use the official SPDX license identifiers. There are
still references to, e.g., "GPLv3", but they are then typically in
descriptive text where they refer to the license in a generic sense.
(From OE-Core rev: 165759dced7fbe73b1db2ede67047896071dc6d0)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
Log "quota reached" message when hard quota is reached when accepting a connection.
Add ECS support to the DLZ interface.
A failed view configuration during a named reconfiguration procedure could cause
inconsistencies in BIND internal structures, causing a crash or other unexpected errors.
rndc could crash when interrupted by a signal before receiving a response.
Correctly detect and enable UDP recvmmsg support in all versions of libuv that support it.
(From OE-Core rev: c47caa7c8ca77ff137988deaf2d2a8b381f5a3f8)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Loading the POSIX module after loading others in perl causes errors to get hidden. The
resulting build failures are obtuse and hard to debug. We see this quite often when
we upgrade glibc but not uninative and there are symbol mismatches.
Add a quick test to the start of configure which tests perl operates correct and shows
a much more obvious error if it isn't since the POSIX module doesn't have to reload.
An example of the new error is:
| Can't load 'XXX/buildtools-extended-tarball/1.0-r0/testimage-sdk/XXX/openssl-native/3.0.1-r0/recipe-sysroot-native/usr/lib/perl5/5.34.0/x86_64-linux/auto/POSIX/POSIX.so' for module POSIX:
| XXX/buildtools-extended-tarball/1.0-r0/testimage-sdk/sysroots-uninative/x86_64-linux/lib/libm.so.6: version `GLIBC_2.35' not found
| (required by XXX/buildtools-extended-tarball/1.0-r0/testimage-sdk/XXX/openssl-native/3.0.1-r0/recipe-sysroot-native/usr/lib/perl5/5.34.0/x86_64-linux/auto/POSIX/POSIX.so) at
| XXX/buildtools-extended-tarball/1.0-r0/testimage-sdk/XXX/openssl-native/3.0.1-r0/recipe-sysroot-native/usr/lib/perl5/5.34.0/XSLoader.pm line 111.
| at XXX/buildtools-extended-tarball/1.0-r0/testimage-sdk/XXX/openssl-native/3.0.1-r0/recipe-sysroot-native/usr/lib/perl5/5.34.0/x86_64-linux/POSIX.pm line 24.
which clearly shows the glibc symbol issue.
(From OE-Core rev: 684b656c5e6bf8cb10467c8d0fff1a9eeaf4256f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libpcap looks for DPDK in the same way it looks for DAG. This can poison
the build even if it doesn't find anything. Explicitly disable dpdk.
(From OE-Core rev: be5442f065da40b41d3cd60793341e22654f2681)
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This will allow to use the different DBDIR location, because the /var/lib
could be used as a read-only location.
(From OE-Core rev: 8fe5cff505f4fd942723d6f1526b0461747fc44d)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
OpenSSL 3 added the concept of provider modules which are loaded from
disk. The load path is hard-coded into the library and needs to be
relocated when running natively, so add OPENSSL_MODULES to the wrapper.
(From OE-Core rev: 160ac2f136cb8df829c803848c7c47d707a908ff)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: copyright years
(From OE-Core rev: 4f30b96207efcddfe76d6bf8d4c24f4fb7f80abb)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop patch as issue resolved upstream.
(From OE-Core rev: a8accf2a042f8a8cbba350c6de20152efeddd747)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-lib-fix-ax25.h-include-for-musl.patch is the fix for musl and comes
from upstream.
(From OE-Core rev: 01db27399073804b88a38beb0ecd4c151faf3471)
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
qemu kernel itself is nowdays perfectly capable of setting up
what was passed in via ip=:
[ 1.676847] IP-Config: Complete:
[ 1.677768] device=eth0, hwaddr=52:54:00:12:34:02, ipaddr=192.168.7.2, mask=255.255.255.0, gw=192.168.7.1
[ 1.679933] host=192.168.7.2, domain=, nis-domain=(none)
[ 1.681201] bootserver=255.255.255.255, rootserver=255.255.255.255, rootpath=
[ 1.681203] nameserver0=8.8.8.8
connman-conf only does the same thing again by (badly and incompletely)
parsing those parameters with sed.
(From OE-Core rev: 3c25b89720417a7b1963f0a32c870208a5803950)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
This release is mostly a bug fix release, with fixes to features such as GATT,
SDP, Daemon, and emulator. It also adds a new MGMT Event for Device Found and
Device Lost of Advertisement Monitor.
New build options for sanitizers (lsan, asan, ubsan) are added and it may
require installing additional libraries depending on the distros.
(From OE-Core rev: 49f48ce6c3467e784b817b1cfc7155c2f3ebeb84)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When the date rolled from one year to another, it highlighted a reproducibility
issue in openssl. Patch a workaround for this to avoid autobuilder failures. Help
submitting upstream welcome.
(From OE-Core rev: f8281e290737dba16a46d7ae937c66b3266e0fe8)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Major changes in 3.0.1:
* Fixed invalid handling of X509_verify_cert() internal errors in libssl
([CVE-2021-4044])
* Allow fetching an operation from the provider that owns an unexportable key
as a fallback if that is still allowed by the property query.
Drop patches which were backported.
Add sed to openssl-ptest as the tests use 'sed -u', which isn't supported
by busybox.
Ensure that we package the dummy async engine, needed by the test suite.
(From OE-Core rev: 5cd40648b0ba88cd9905800e748ae98f08c10ac7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some atomic ops for 32-bit ARC processors are implemented in GCC's libatomic.
For example those dealing with 64-bit data (e.g. __atomic_load_8()) as well as
some others. That said it's required to add "-latomic" for successful linkage.
Otherwise error messages like this happen on OpenSSL building for ARC:
------------------------------->8------------------------------
| ...ld: libcrypto.a(libcrypto-lib-threads_pthread.o): in function `CRYPTO_atomic_or':
| .../openssl-3.0.0/crypto/threads_pthread.c:219: undefined reference to `__atomic_is_lock_free'
| ...ld: .../openssl-3.0.0/crypto/threads_pthread.c:219: undefined reference to `__atomic_is_lock_free'
| ...ld: .../openssl-3.0.0/crypto/threads_pthread.c:220: undefined reference to `__atomic_fetch_or_8'
------------------------------->8------------------------------
Fix that by using a special target, which does exactly what's needed.
See [1] and [2] for more details on the matter.
[1] https://github.com/openssl/openssl/commit/cdf2986a70d92668d882eb29737225f1aaafd0f1
[2] https://github.com/openssl/openssl/pull/15640
(From OE-Core rev: f48227a192022c604f8c2ea4fe973c6664861101)
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch from upstream. Specifically, this fixes signature
validation in trusted-firmware-a with OpenSSL 3.
(From OE-Core rev: ac670fd4f543f439efdea26e813a4b5121161289)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In PACKAGES, ${PN} is used so it makes sense for the pkg_postinst variable
override to match that else it causes user confusion.
[YOCTO #14616]
(From OE-Core rev: ae9094d45bbfff377bd542939e12a8451a4959b6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2021-36217 is treated as a duplicate of CVE-2021-3502.
Update the local-ping.patch to mark it resolve both.
(From OE-Core rev: 4d75d6c39f1faeb38191b55f1fa9311b63fcfb29)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 5.15 kernel has removed ipx support, along with the userspace
visible header.
The build error was found for muslc, since it doesn't have a
fallback header, we disable it for both glibc/muslc.
This support wasn't used previously (as it hasn't been very well
maintained in the kernel for several years), so we can simply
disable it in our build and wait for upstream to do a release that
drops the support.
Although the tarball we use for our build (versus git), doesn't
use the autoconf disable flag to turn off the support, it is included
in this patch in case someone is building via git source base.
Upstream-Status: Inappropriate [OE-specific configuration/headers]
(From OE-Core rev: 2d61b061f52cc8dbed82e2d9547e8b52d3ec9e34)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ARMv8 doesn't imply Aarch64, so correct a check that was making that
assumption. This fixes the build on 32-bit ARMv8 targets such as
Cortex-A32.
(From OE-Core rev: 78ae8b02bfbf0d98ae481682179439845d30c797)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alexander Kanavin
wangmy
Khem Raj
Changhyeok Bae
Ross Burton
Peter Kjellerstedt
Richard Purdie
Sean Anderson
Andrej Valek
Tim Orling
Oleksandr Kravchuk
Otavio Salvador
Alexey Brodkin
Chen Qi
Bruce Ashfield