From patchwork Thu Jun 22 15:31:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26206 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1F5D4EB64DB for ; Thu, 22 Jun 2023 15:31:58 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web10.14555.1687447917361104864 for ; Thu, 22 Jun 2023 08:31:57 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=yAG0ceRY; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-666edfc50deso594143b3a.0 for ; Thu, 22 Jun 2023 08:31:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447916; x=1690039916; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=X44c0lU8WD31WBBk6iQraOqnpQpWrEi8/YBVaslMFP0=; b=yAG0ceRYWuRV0rmgO2MOyClPIfZ4yw5agzce1p/CyOeB2vZDAM1kZfgBRsXKc+0PRH y1L9CPwLDxKgDprqkTFITD8bBjFvLGCAx6KmujeZ/zQRNMUCm2mk6CjKoWKVzjf/QVd2 69Vs1R4e2iiZ1qQgsKIHIqT93skJmHVXaedbAK+u9bu2L+nXEX0MlhN0XJgEhFtzTaty wyeMag8T4bX145M7nHP9+PSuwrW7Zm/6LGAkQ59H3CyAQXhFsDoZBhPZd348N/Aav1jV /rx1K7DpgiO83ErWdx0BOniotVV+8cCA3YktZfg76wcGI0qbIR8aTJbJkhkHBGjyslsd KdpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447916; x=1690039916; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=X44c0lU8WD31WBBk6iQraOqnpQpWrEi8/YBVaslMFP0=; b=J1N8s42qo7rQxE42Tmh1nlYytvtEEffV/ZRhhW6Hxl3vKUXURY1aYNU5fUsI03sU1+ u0eAjYdEq43pORYqykVN8jiVko4cJXaX0xg+9HYPZ5zQnsAgy1duaVwJDJ1ztEkd9foj 8nHTiTsdl2lOtUs21GfaNaP3cG4IObYAX+8PIxUMYnda645Hw38MFQi7vn/yxxoUcPaJ K6a+BmqwBLwTtwo24+XchqTURqr2MAehcHqyFHmiPRObwVjk0EO6FDA8pNAZPBmj8lTI uCxJ5avMTqt6LQJiSlQqB0m+uG/o5Blfr8FUGRrBRffW1FVrp8H6B8SnGH9A0QWmBvkJ wO3w== X-Gm-Message-State: AC+VfDyXODCe2puX4DqAMsHyi1jGXTRQx9LQrkcD4odh4NdsqdVhSV01 g9umfGkk2y0psnV8y+G1o9ctxDTQhh/y+cViWmI= X-Google-Smtp-Source: ACHHUZ77l30iUl66gTTNdN4K2f1Y+noczXBQQ6nqy4kIZH/j9URZ4Xq0S8VqpY9GYLBBUpfv37WU+g== X-Received: by 2002:a05:6a00:301c:b0:655:89f1:2db3 with SMTP id ay28-20020a056a00301c00b0065589f12db3mr36385621pfb.3.1687447915659; Thu, 22 Jun 2023 08:31:55 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.31.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:31:55 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 01/14] cups: Fix CVE-2023-32324 Date: Thu, 22 Jun 2023 05:31:30 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:31:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183248 From: Sanjay Chitroda OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. References: https://nvd.nist.gov/vuln/detail/CVE-2023-32324 https://security-tracker.debian.org/tracker/CVE-2023-32324 Upstream Patch: https://github.com/OpenPrinting/cups/commit/fd8bc2d32589 Signed-off-by: Sanjay Chitroda Signed-off-by: Steve Sakoman --- meta/recipes-extended/cups/cups.inc | 1 + .../cups/cups/CVE-2023-32324.patch | 36 +++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32324.patch diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc index 21c56e1430..d6e7d95800 100644 --- a/meta/recipes-extended/cups/cups.inc +++ b/meta/recipes-extended/cups/cups.inc @@ -14,6 +14,7 @@ SRC_URI = "https://github.com/apple/cups/releases/download/v${PV}/${BP}-source.t file://0003-cups_1.4.6.bb-Fix-build-on-ppc64.patch \ file://0004-cups-fix-multilib-install-file-conflicts.patch\ file://CVE-2022-26691.patch \ + file://CVE-2023-32324.patch \ " UPSTREAM_CHECK_URI = "https://github.com/apple/cups/releases" diff --git a/meta/recipes-extended/cups/cups/CVE-2023-32324.patch b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch new file mode 100644 index 0000000000..40b89c9899 --- /dev/null +++ b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch @@ -0,0 +1,36 @@ +From 07cbffd11107eed3aaf1c64e35552aec20f792da Mon Sep 17 00:00:00 2001 +From: Zdenek Dohnal +Date: Thu, 1 Jun 2023 12:04:00 +0200 +Subject: [PATCH] cups/string.c: Return if `size` is 0 (fixes CVE-2023-32324) + +CVE: CVE-2023-32324 +Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/fd8bc2d32589] + +(cherry picked from commit fd8bc2d32589d1fd91fe1c0521be2a7c0462109e) +Signed-off-by: Sanjay Chitroda +--- + cups/string.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/cups/string.c b/cups/string.c +index 93cdad19..6ef58515 100644 +--- a/cups/string.c ++++ b/cups/string.c +@@ -1,6 +1,7 @@ + /* + * String functions for CUPS. + * ++ * Copyright © 2023 by OpenPrinting. + * Copyright © 2007-2019 by Apple Inc. + * Copyright © 1997-2007 by Easy Software Products. + * +@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */ + size_t srclen; /* Length of source string */ + + ++ if (size == 0) ++ return (0); ++ + /* + * Figure out how much room is needed... + */ From patchwork Thu Jun 22 15:31:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26213 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2CD57EB64DC for ; Thu, 22 Jun 2023 15:32:08 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web11.14620.1687447918361253188 for ; Thu, 22 Jun 2023 08:31:58 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=NUfQzfk+; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-6686c74183cso4682886b3a.1 for ; Thu, 22 Jun 2023 08:31:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447917; x=1690039917; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=O1h1CIURTmlNiYZ0eutmJzlOWuaQRwPKhdJdS96c12g=; b=NUfQzfk+jnj1NFYh4TE1wng29wnOv9qiSLvRWk/WraX4HmX6KmYX0tYsqtdNyRwD98 ZOeqAPbdotdLlZoO3sx4s+pYobP3nNLzQgErDlrwIqRYyaUOz4UOqi6z8JnI2GrS5eb4 4yCS8t4agdC3o9/yGerfg/zKjrI5l1ERVPqisyFixorTsD7NQZ5h+78xFnNbxke1+hVB gbAHbCPh/wuHHkhQN/HgaJAIXd/VpzLEBllHW2wPzfqGPJRbB8jF4QVbwrQenP7/O9QG jcij8+UMdd9Gjd6yMIinN0EBSYuy9CYn9csz74sJf1TvkNgSqgIZZMMMKu9gvfB6sqZ1 1LIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447917; x=1690039917; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O1h1CIURTmlNiYZ0eutmJzlOWuaQRwPKhdJdS96c12g=; b=k5VnpitDYLdLWRTb/UMHHSl27qCf3IL1Qn60FSqIIHgoeWbZDkzqQcEdY5eyM73Efd 7jKlwfZIDPH0t0YdCC/ZkSdB610aecEVAv9wStVUt/IVdAHdHUn2YeNvvyDlydAbBIl4 cXp+Zk/foPNB6ADPgCjVox54lKOYpDHsuZNBUhX6ryHGQzmwxnZ0m28y63LJgMu+ZE+x tszjPijLki51tvACfi0Y8w3jS6UJNPi7TNxtTMy8OEbrjI/Bqhniy5sRU0L8dZITZRpn unWQPD5cBD+uSRDTm5pf3Eom9fhTfM7JUeEpizWm6o39r4S7JFWbmmMi2xBjeAWMIpPD R8sA== X-Gm-Message-State: AC+VfDwUYrBA04GAvwwhRJ7NXHkBxghpQL13NPaRXwMULxbjn2DOswPT HlaRRG2i3XOLLtfaXMRCAFVf6vFl9Cfrpg82Rxc= X-Google-Smtp-Source: ACHHUZ4iXSuhohLT6ZKK7omN9Fe4JICRKp6SncmL+ToyQz8s9f1VtMkam8p9/1K6f6Q06dB5m0lmow== X-Received: by 2002:a05:6a00:22c4:b0:667:525c:de3b with SMTP id f4-20020a056a0022c400b00667525cde3bmr21409761pfj.31.1687447917285; Thu, 22 Jun 2023 08:31:57 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.31.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:31:56 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 02/14] openssl: CVE-2023-2650 Possible DoS translating ASN.1 object identifiers Date: Thu, 22 Jun 2023 05:31:31 -1000 Message-Id: <8a9d188b4d838bbbf8aab14fad1ee5aaadb86621.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183249 From: Hitendra Prajapati Upstream-Status: Backport from https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098 Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- .../openssl/openssl/CVE-2023-2650.patch | 122 ++++++++++++++++++ .../openssl/openssl_1.1.1t.bb | 1 + 2 files changed, 123 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch new file mode 100644 index 0000000000..ef344dda7f --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch @@ -0,0 +1,122 @@ +From 9e209944b35cf82368071f160a744b6178f9b098 Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Fri, 12 May 2023 10:00:13 +0200 +Subject: [PATCH] Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will + translate + +OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical +numeric text form. For gigantic sub-identifiers, this would take a very +long time, the time complexity being O(n^2) where n is the size of that +sub-identifier. + +To mitigate this, a restriction on the size that OBJ_obj2txt() will +translate to canonical numeric text form is added, based on RFC 2578 +(STD 58), which says this: + +> 3.5. OBJECT IDENTIFIER values +> +> An OBJECT IDENTIFIER value is an ordered list of non-negative numbers. +> For the SMIv2, each number in the list is referred to as a sub-identifier, +> there are at most 128 sub-identifiers in a value, and each sub-identifier +> has a maximum value of 2^32-1 (4294967295 decimal). + +Fixes otc/security#96 +Fixes CVE-2023-2650 + +Reviewed-by: Matt Caswell +Reviewed-by: Tomas Mraz + +Upstream-Status: Backport [https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098] +CVE: CVE-2023-2650 +Signed-off-by: Hitendra Prajapati +--- + CHANGES | 28 +++++++++++++++++++++++++++- + NEWS | 2 ++ + crypto/objects/obj_dat.c | 19 +++++++++++++++++++ + 3 files changed, 48 insertions(+), 1 deletion(-) + +diff --git a/CHANGES b/CHANGES +index 1eaaf4e..f2cf38f 100644 +--- a/CHANGES ++++ b/CHANGES +@@ -7,7 +7,33 @@ + https://github.com/openssl/openssl/commits/ and pick the appropriate + release branch. + +- Changes between 1.1.1s and 1.1.1t [7 Feb 2023] ++ Changes between 1.1.1t and 1.1.1u [xx XXX xxxx] ++ ++ *) Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic ++ OBJECT IDENTIFIER sub-identifiers to canonical numeric text form. ++ ++ OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical ++ numeric text form. For gigantic sub-identifiers, this would take a very ++ long time, the time complexity being O(n^2) where n is the size of that ++ sub-identifier. (CVE-2023-2650) ++ ++ To mitigitate this, `OBJ_obj2txt()` will only translate an OBJECT ++ IDENTIFIER to canonical numeric text form if the size of that OBJECT ++ IDENTIFIER is 586 bytes or less, and fail otherwise. ++ ++ The basis for this restriction is RFC 2578 (STD 58), section 3.5. OBJECT ++ IDENTIFIER values, which stipulates that OBJECT IDENTIFIERS may have at ++ most 128 sub-identifiers, and that the maximum value that each sub- ++ identifier may have is 2^32-1 (4294967295 decimal). ++ ++ For each byte of every sub-identifier, only the 7 lower bits are part of ++ the value, so the maximum amount of bytes that an OBJECT IDENTIFIER with ++ these restrictions may occupy is 32 * 128 / 7, which is approximately 586 ++ bytes. ++ ++ Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 ++ ++Changes between 1.1.1s and 1.1.1t [7 Feb 2023] + + *) Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention + that it does not enable policy checking. Thanks to +diff --git a/NEWS b/NEWS +index a86220a..41922c4 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,8 @@ + + Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023] + ++ o Mitigate for very slow `OBJ_obj2txt()` performance with gigantic ++ OBJECT IDENTIFIER sub-identities. (CVE-2023-2650) + o Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466) + o Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) + o Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215) +diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c +index 7e8de72..d699915 100644 +--- a/crypto/objects/obj_dat.c ++++ b/crypto/objects/obj_dat.c +@@ -428,6 +428,25 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) + first = 1; + bl = NULL; + ++ /* ++ * RFC 2578 (STD 58) says this about OBJECT IDENTIFIERs: ++ * ++ * > 3.5. OBJECT IDENTIFIER values ++ * > ++ * > An OBJECT IDENTIFIER value is an ordered list of non-negative ++ * > numbers. For the SMIv2, each number in the list is referred to as a ++ * > sub-identifier, there are at most 128 sub-identifiers in a value, ++ * > and each sub-identifier has a maximum value of 2^32-1 (4294967295 ++ * > decimal). ++ * ++ * So a legitimate OID according to this RFC is at most (32 * 128 / 7), ++ * i.e. 586 bytes long. ++ * ++ * Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 ++ */ ++ if (len > 586) ++ goto err; ++ + while (len > 0) { + l = 0; + use_bn = 0; +-- +2.25.1 + diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb index 46875b525c..75fc3c5c1a 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb @@ -21,6 +21,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://CVE-2023-0464.patch \ file://CVE-2023-0465.patch \ file://CVE-2023-0466.patch \ + file://CVE-2023-2650.patch \ " SRC_URI_append_class-nativesdk = " \ From patchwork Thu Jun 22 15:31:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26208 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FB78EB64D8 for ; Thu, 22 Jun 2023 15:32:08 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web11.14622.1687447920153589872 for ; Thu, 22 Jun 2023 08:32:00 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=h/THFz6F; spf=softfail (domain: sakoman.com, ip: 209.85.215.179, mailfrom: steve@sakoman.com) Received: by mail-pg1-f179.google.com with SMTP id 41be03b00d2f7-52cb8e5e9f5so564830a12.0 for ; Thu, 22 Jun 2023 08:32:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447919; x=1690039919; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZMVe4KGel3CgGezSb221m9/phemN/qDE6k+51SEcmlY=; b=h/THFz6FHNKrpncB+WoZ1iR2cQoPq0yAyCG30lFi2MIOZrfDsZOh3SoWC0wV9HzRVe HJHHZT4df47fppH1rlF2DrVwtfnIvkWUu1p8NnfvSiaLVPpLjbnhuHhuiUk+TmMmp58A 7YQ9gXoj4OW7scJT78PXkecXuzeCgVDNBsrcSIcUTVA9ksz/r3skAzBuWJSrQgyBuIZC Dgk6yxY0Yh4Gope0vTzg1OhXEdFOiL7DIo8OXSzDOYUZYn4wVfQWoiD5ERxPSWEAY9hs Voy4qbaN5fnvJ5fC7pCzsgOXypJ6Cf4JR5HmmTGKHJY5/K4cr1efOsHCHB78p2VuSJKj Ui+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447919; x=1690039919; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZMVe4KGel3CgGezSb221m9/phemN/qDE6k+51SEcmlY=; b=Rs7Fv079jOkahEryW3zoILY8Z/csvttPvETVYeTyIDRxkiaICWb9Qjs6OG+r4CE8Jc QEYfLDe6ahVW431mw9AmTVgNzsRNW87feT9G1YQ5boLQkbllBelxYamwx88/eiCz4pk4 quWqpG2eR4J9aN0kOEcu4OoLA+W8IR4u7xVaqZjJ8VDGRhwHPpszvVuUKDKpY6XLYqkq EGjrK2OujOz6AtJd59suXh+u0RyF8u3igKs+hPo9w16L9jfnpRUt+cfl8SVt1FVoZjeG CMqTEJKdVCMjha1mlXt5zH/uwFe6lCgR+v4IiA5MXzo/xy8Rim1Xed9lOg9HsYpZr+W6 /iXw== X-Gm-Message-State: AC+VfDwH40arefyXXWrPGQj2aWGSchaZNpShQ5l3gnbS6MhSWYyFOLLh aaBIJpuXzLhBR+f2KmufTxQ1vSXY2L8D2aNmrzs= X-Google-Smtp-Source: ACHHUZ5IeNxzadZ2oVAjjgSRZFAKc99T8HLsGGDBqui89GwWook7zP9RpAJOUUE3Z+znlXeM8Yr3Zg== X-Received: by 2002:a05:6a20:442a:b0:100:ba96:e5e7 with SMTP id ce42-20020a056a20442a00b00100ba96e5e7mr28514483pzb.18.1687447918816; Thu, 22 Jun 2023 08:31:58 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.31.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:31:58 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 03/14] cve-update-nvd2-native: new CVE database fetcher Date: Thu, 22 Jun 2023 05:31:32 -1000 Message-Id: <191e2c6d7009999f049a0cf8460259f8f91a829d.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183250 From: Marta Rybczynska Add new fetcher for the NVD database using the 2.0 API [1]. The implementation changes as little as possible, keeping the current database format (but using a different database file for the transition period), with a notable exception of not using the META table. Minor changes that could be visible: - the database starts in 1999 instead of 2002 - the complete fetch is longer (30 minutes typically) [1] https://nvd.nist.gov/developers/vulnerabilities Signed-off-by: Marta Rybczynska Signed-off-by: Alexandre Belloni (cherry picked from commit fb62c4c3dbca4e58f7ce6cf29d4b630a06411a97) Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 4 +- .../meta/cve-update-nvd2-native.bb | 333 ++++++++++++++++++ 2 files changed, 335 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-core/meta/cve-update-nvd2-native.bb diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 05b9cb47dc..b0ccefc84d 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -26,7 +26,7 @@ CVE_PRODUCT ??= "${BPN}" CVE_VERSION ??= "${PV}" CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK" -CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db" +CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock" CVE_CHECK_LOG ?= "${T}/cve.log" @@ -154,7 +154,7 @@ python do_cve_check () { } addtask cve_check before do_build -do_cve_check[depends] = "cve-update-db-native:do_fetch" +do_cve_check[depends] = "cve-update-nvd2-native:do_fetch" do_cve_check[nostamp] = "1" python cve_check_cleanup () { diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb new file mode 100644 index 0000000000..1c14481c21 --- /dev/null +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -0,0 +1,333 @@ +SUMMARY = "Updates the NVD CVE database" +LICENSE = "MIT" + +# Important note: +# This product uses the NVD API but is not endorsed or certified by the NVD. + +INHIBIT_DEFAULT_DEPS = "1" + +inherit native + +deltask do_unpack +deltask do_patch +deltask do_configure +deltask do_compile +deltask do_install +deltask do_populate_sysroot + +NVDCVE_URL ?= "https://services.nvd.nist.gov/rest/json/cves/2.0" + +# CVE database update interval, in seconds. By default: once a day (24*60*60). +# Use 0 to force the update +# Use a negative value to skip the update +CVE_DB_UPDATE_INTERVAL ?= "86400" + +# Timeout for blocking socket operations, such as the connection attempt. +CVE_SOCKET_TIMEOUT ?= "60" + +CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" + +CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" + +python () { + if not bb.data.inherits_class("cve-check", d): + raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") +} + +python do_fetch() { + """ + Update NVD database with API 2.0 + """ + import bb.utils + import bb.progress + import shutil + + bb.utils.export_proxies(d) + + db_file = d.getVar("CVE_CHECK_DB_FILE") + db_dir = os.path.dirname(db_file) + db_tmp_file = d.getVar("CVE_DB_TEMP_FILE") + + cleanup_db_download(db_file, db_tmp_file) + # By default let's update the whole database (since time 0) + database_time = 0 + + # The NVD database changes once a day, so no need to update more frequently + # Allow the user to force-update + try: + import time + update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL")) + if update_interval < 0: + bb.note("CVE database update skipped") + return + if time.time() - os.path.getmtime(db_file) < update_interval: + bb.note("CVE database recently updated, skipping") + return + database_time = os.path.getmtime(db_file) + + except OSError: + pass + + bb.utils.mkdirhier(db_dir) + if os.path.exists(db_file): + shutil.copy2(db_file, db_tmp_file) + + if update_db_file(db_tmp_file, d, database_time) == True: + # Update downloaded correctly, can swap files + shutil.move(db_tmp_file, db_file) + else: + # Update failed, do not modify the database + bb.warn("CVE database update failed") + os.remove(db_tmp_file) +} + +do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" +do_fetch[file-checksums] = "" +do_fetch[vardeps] = "" + +def cleanup_db_download(db_file, db_tmp_file): + """ + Cleanup the download space from possible failed downloads + """ + + # Clean up the updates done on the main file + # Remove it only if a journal file exists - it means a complete re-download + if os.path.exists("{0}-journal".format(db_file)): + # If a journal is present the last update might have been interrupted. In that case, + # just wipe any leftovers and force the DB to be recreated. + os.remove("{0}-journal".format(db_file)) + + if os.path.exists(db_file): + os.remove(db_file) + + # Clean-up the temporary file downloads, we can remove both journal + # and the temporary database + if os.path.exists("{0}-journal".format(db_tmp_file)): + # If a journal is present the last update might have been interrupted. In that case, + # just wipe any leftovers and force the DB to be recreated. + os.remove("{0}-journal".format(db_tmp_file)) + + if os.path.exists(db_tmp_file): + os.remove(db_tmp_file) + +def nvd_request_next(url, api_key, args): + """ + Request next part of the NVD dabase + """ + + import urllib.request + import urllib.parse + import gzip + + headers = {} + if api_key: + headers['apiKey'] = api_key + + data = urllib.parse.urlencode(args) + + full_request = url + '?' + data + + for attempt in range(3): + try: + r = urllib.request.urlopen(full_request) + + if (r.headers['content-encoding'] == 'gzip'): + buf = r.read() + raw_data = gzip.decompress(buf) + else: + raw_data = r.read().decode("utf-8") + + r.close() + + except UnicodeDecodeError: + # Received garbage, retry + bb.debug(2, "CVE database: received malformed data, retrying (request: %s)" %(full_request)) + pass + except http.client.IncompleteRead: + # Read incomplete, let's try again + bb.debug(2, "CVE database: received incomplete data, retrying (request: %s)" %(full_request)) + pass + else: + return raw_data + else: + # We failed at all attempts + return None + +def update_db_file(db_tmp_file, d, database_time): + """ + Update the given database file + """ + import bb.utils, bb.progress + import datetime + import sqlite3 + import json + + # Connect to database + conn = sqlite3.connect(db_tmp_file) + initialize_db(conn) + + req_args = {'startIndex' : 0} + + # The maximum range for time is 120 days + # Force a complete update if our range is longer + if (database_time != 0): + database_date = datetime.datetime.combine(datetime.date.fromtimestamp(database_time), datetime.time()) + today_date = datetime.datetime.combine(datetime.date.today(), datetime.time()) + delta = today_date - database_date + if delta.days < 120: + bb.debug(2, "CVE database: performing partial update") + req_args['lastModStartDate'] = database_date.isoformat() + req_args['lastModEndDate'] = today_date.isoformat() + else: + bb.note("CVE database: file too old, forcing a full update") + + with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f: + + bb.debug(2, "Updating entries") + index = 0 + url = d.getVar("NVDCVE_URL") + while True: + req_args['startIndex'] = index + raw_data = nvd_request_next(url, None, req_args) + if raw_data is None: + # We haven't managed to download data + return False + + data = json.loads(raw_data) + + index = data["startIndex"] + total = data["totalResults"] + per_page = data["resultsPerPage"] + + for cve in data["vulnerabilities"]: + update_db(conn, cve) + + index += per_page + ph.update((float(index) / (total+1)) * 100) + if index >= total: + break + + # Recommended by NVD + time.sleep(6) + + # Update success, set the date to cve_check file. + cve_f.write('CVE database update : %s\n\n' % datetime.date.today()) + + conn.commit() + conn.close() + return True + +def initialize_db(conn): + with conn: + c = conn.cursor() + + c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") + + c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ + SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") + + c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \ + VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ + VERSION_END TEXT, OPERATOR_END TEXT)") + c.execute("CREATE INDEX IF NOT EXISTS PRODUCT_ID_IDX on PRODUCTS(ID);") + + c.close() + +def parse_node_and_insert(conn, node, cveId): + + def cpe_generator(): + for cpe in node.get('cpeMatch', ()): + if not cpe['vulnerable']: + return + cpe23 = cpe.get('criteria') + if not cpe23: + return + cpe23 = cpe23.split(':') + if len(cpe23) < 6: + return + vendor = cpe23[3] + product = cpe23[4] + version = cpe23[5] + + if cpe23[6] == '*' or cpe23[6] == '-': + version_suffix = "" + else: + version_suffix = "_" + cpe23[6] + + if version != '*' and version != '-': + # Version is defined, this is a '=' match + yield [cveId, vendor, product, version + version_suffix, '=', '', ''] + elif version == '-': + # no version information is available + yield [cveId, vendor, product, version, '', '', ''] + else: + # Parse start version, end version and operators + op_start = '' + op_end = '' + v_start = '' + v_end = '' + + if 'versionStartIncluding' in cpe: + op_start = '>=' + v_start = cpe['versionStartIncluding'] + + if 'versionStartExcluding' in cpe: + op_start = '>' + v_start = cpe['versionStartExcluding'] + + if 'versionEndIncluding' in cpe: + op_end = '<=' + v_end = cpe['versionEndIncluding'] + + if 'versionEndExcluding' in cpe: + op_end = '<' + v_end = cpe['versionEndExcluding'] + + if op_start or op_end or v_start or v_end: + yield [cveId, vendor, product, v_start, op_start, v_end, op_end] + else: + # This is no version information, expressed differently. + # Save processing by representing as -. + yield [cveId, vendor, product, '-', '', '', ''] + + conn.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()).close() + +def update_db(conn, elt): + """ + Update a single entry in the on-disk database + """ + + accessVector = None + cveId = elt['cve']['id'] + if elt['cve']['vulnStatus'] == "Rejected": + return + cveDesc = "" + for desc in elt['cve']['descriptions']: + if desc['lang'] == 'en': + cveDesc = desc['value'] + date = elt['cve']['lastModified'] + try: + accessVector = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['accessVector'] + cvssv2 = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['baseScore'] + except KeyError: + cvssv2 = 0.0 + try: + accessVector = accessVector or elt['impact']['baseMetricV3']['cvssV3']['attackVector'] + cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore'] + except KeyError: + accessVector = accessVector or "UNKNOWN" + cvssv3 = 0.0 + + conn.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", + [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close() + + try: + configurations = elt['cve']['configurations'][0]['nodes'] + for config in configurations: + parse_node_and_insert(conn, config, cveId) + except KeyError: + bb.debug(2, "Entry without a configuration") + +do_fetch[nostamp] = "1" + +EXCLUDE_FROM_WORLD = "1" From patchwork Thu Jun 22 15:31:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26209 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2E4A1C3DA40 for ; Thu, 22 Jun 2023 15:32:08 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web11.14624.1687447921501273324 for ; Thu, 22 Jun 2023 08:32:01 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Ejaxruad; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-666e916b880so3623863b3a.2 for ; Thu, 22 Jun 2023 08:32:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447920; x=1690039920; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=9zE7/k6UOpzU7Prh6v5VTlEkrPU7F9FVM/PA67J5gdI=; b=EjaxruadOlXSx64Kp16B07J1nLlF2jIDbwPPFwvh8Refxj/QqT4C1FedA/x1ZQ872i pwaPyZ/p3v6F0aagt0glKm5GjMWo3NN2S3jVxUOFOxTez+zPdmiIhk7RfAwwe7mOnCAG AaYQ7aE5gGQhHcEfYHt419+B0U96Z3mU1CyoeYUVYrvgnrpIv0caKIsicx0VtvGoD5ti WDVv7cWjkw7G296Nlgor5eGve7TAu38gtxAhq/iOnwHBLb3EAaYdTYnb8SeUurlDH4Wh NYnq7YyrlJCXGhH6rZkd8OWC0JyVqr1weELHipf5Eh9daMdvscqqiIWZEK+t38GjuVq1 t9Kg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447920; x=1690039920; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9zE7/k6UOpzU7Prh6v5VTlEkrPU7F9FVM/PA67J5gdI=; b=bGVhND/hPgyzOTHVpmjA+aroGPYg6i2C4z3OKquppzNdtmjBEbiHNkmz38vJYE7K1W hf2lEyCdg/AOnkZnmzvFNR2QaILXxnj4KO3TBwdmPLEnBNT7gEmROdFvipLPztFJQhPr werlx+bpQmH+/1BGbt81MZsRW78qpIJQg84en8zEbCES/nZiPbsCWMbZRWHu9nlmxEcO KIxPruST5qik/NpGuO5L61C4ygmYA5Kd3vz+Wzi3yWZCvT1KAMEM6xFNaxaY1FRXsf2I RfXXKtbuJqzpUNZm7U8RZC0LA9shJ1GvvIpg2LnCmsZfeToUgdka2goCl/xgyRdTM3y6 ESfA== X-Gm-Message-State: AC+VfDzSpe6jzOxxP/o/RNxRYQzxCyNnLtLekOYiFKV+WT2RkqUaAoGY 5t2NULbJzrjf9QlQe9YavphfebzEZ7Y8dCdat0c= X-Google-Smtp-Source: ACHHUZ5ub2o00qpTGxpfKH6DCphv2a0+gvT4QjXhZrg5EDwVjw0jzqP4dbS1nWmLIQm6i+TGdS+XJA== X-Received: by 2002:a05:6a00:2e97:b0:66a:613f:87e1 with SMTP id fd23-20020a056a002e9700b0066a613f87e1mr1647045pfb.8.1687447920479; Thu, 22 Jun 2023 08:32:00 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.31.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:00 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 04/14] cve-update-nvd2-native: added the missing http import Date: Thu, 22 Jun 2023 05:31:33 -1000 Message-Id: <787acb1cbc22c0f3bd0cc163c527cc7a98007f26.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183251 From: Jan Vermaete Signed-off-by: Jan Vermaete Signed-off-by: Luca Ceresoli (cherry picked from commit 39d2cde7eb922cb0a2cf9402cd8b3ae3b4cc2f62) Signed-off-by: Steve Sakoman --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 1c14481c21..2b585983ac 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -118,6 +118,7 @@ def nvd_request_next(url, api_key, args): import urllib.request import urllib.parse import gzip + import http headers = {} if api_key: From patchwork Thu Jun 22 15:31:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26210 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2E24BEB64DD for ; Thu, 22 Jun 2023 15:32:08 +0000 (UTC) Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by mx.groups.io with SMTP id smtpd.web11.14627.1687447922866304402 for ; Thu, 22 Jun 2023 08:32:02 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=X3ZCIK4I; spf=softfail (domain: sakoman.com, ip: 209.85.210.182, mailfrom: steve@sakoman.com) Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-6686ef86110so3250575b3a.2 for ; Thu, 22 Jun 2023 08:32:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447922; x=1690039922; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GKNtR8DL6Jd5N3l4BnIB0gxZ1rqX4LPcVZTtqzytVG4=; b=X3ZCIK4Iecr1Pnho9VnguOnv+N6ZycwnMPmAk7TJ9DKAkpzRRowLwxGOOmI2fWDqyS A9Ti5jqDyVht7k2wtpbCYHiH3FRiyl042GCiq5Q4pXifmI8rejv9ZNzZxNlIWENDL/Md CuzzBN04jbNAWlNPaG6a4U+js+xus7vBdOOm9YjobmjYih+gco7tM3FdszBvaktR5qfs 9wHevq8ihlylWTSjGbINdWDEih7nvkkZ3EHzvmHhzJHwahZVTS+51zc/Nn82AJWmE+C0 I+wjkgb6ciO7eGoRDOaPYuImEfHs7F8F9twMegWB8W+DLw99bJS6AD9YRNSF9f8BWKqi Sr5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447922; x=1690039922; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GKNtR8DL6Jd5N3l4BnIB0gxZ1rqX4LPcVZTtqzytVG4=; b=EGk2xU2YWPJxKYWzkpT/DZhIscQ9Ccw50HcDgTU0s9yuRdSQxpkT/5C4PN38f1mg8Y Bmo408CZto4TfNYkoSyEJihCX6v7JMRQxhTtmNKm1ScyHxkm6TSHLmWyb4hOdzc6Z6z+ U14oHVWZwYCFwNU7m51XoUeIxSlcHnWothGvokkYTlSyacnfQLEC2yd7EgKbJzpbNFsJ 4TV+AFcDbjlCxFm9NR0AIoIEcXtAWlHZ3BFbJ5V/C2r8iCjNvAp2pv2d96KBoNrv5rqa 4T4Cq209L2ekkFUbR86Yv6QaT+LP0ZbnrbBxTq5bDKwE+hlZWREqxSPaV3ldJAjlXNDk moJA== X-Gm-Message-State: AC+VfDwzEbgtlhjnwHTaNdJRdCdXIwsICrUdLfmJLTgrxfI92Sh1PBCd /K34wlSWfNqil94dKA2FG5gJ3TS1NhNf9eJpPpw= X-Google-Smtp-Source: ACHHUZ7gcS8uVJtfb8Eu4aIDDzvYEUkAnMJyjPIsqUEmcC+aLkg2u0uLwrGyRES/Se2PZXaSOiSvJA== X-Received: by 2002:aa7:8882:0:b0:668:8c3c:3144 with SMTP id z2-20020aa78882000000b006688c3c3144mr10525403pfe.14.1687447921958; Thu, 22 Jun 2023 08:32:01 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:01 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 05/14] uninative: Ensure uninative is enabled in all cases for BuildStarted event Date: Thu, 22 Jun 2023 05:31:34 -1000 Message-Id: <24897c70980f934cf59a28a0d3b6e8fddcb15a7f.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183252 From: Richard Purdie Recent changes in bitbake mean the datastore is not always reset between ConfigParsed and BuildStarted. This means in a fresh buiild, with memory resident bitbake active, uninative may end up disabled. Update the code so the enable code is always run at BuildStarted if needed. Signed-off-by: Richard Purdie (cherry picked from commit db743cc78fe5172bb4a4dac9c1dad4f5aa9e1491) Signed-off-by: Steve Sakoman --- meta/classes/uninative.bbclass | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/classes/uninative.bbclass b/meta/classes/uninative.bbclass index 4412d7c567..2940935dd7 100644 --- a/meta/classes/uninative.bbclass +++ b/meta/classes/uninative.bbclass @@ -34,6 +34,8 @@ python uninative_event_fetchloader() { with open(loaderchksum, "r") as f: readchksum = f.read().strip() if readchksum == chksum: + if "uninative" not in d.getVar("SSTATEPOSTUNPACKFUNCS"): + enable_uninative(d) return import subprocess From patchwork Thu Jun 22 15:31:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26212 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3D8E9C0015E for ; Thu, 22 Jun 2023 15:32:08 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web10.14559.1687447924503414232 for ; Thu, 22 Jun 2023 08:32:04 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=hUsWoV1t; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-666eb03457cso3564109b3a.1 for ; Thu, 22 Jun 2023 08:32:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447923; x=1690039923; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=sdSHAeSLHqSuc84HMqngLiMaqq9QK9gPAFvtYE0SrAs=; b=hUsWoV1tkLxN7rxrrp59aBAbd+DTEIAQt2+vLO/wuTYdjLnCdVSdALKCVFPpJFxdn4 ZMbKx2NH0JIitbaxVkPxS1TekDLqbDXdU0zDRhBOJh2GJFvQhNOnMv1V5pmBEY6fwF5A 9cturf63FRf5LOntXNlDQUxbpd238o/NNN31fCCE/Zg5vuTeYHMucAs6INK8YxfeGRXO s8S1gKSDlYkge/PpCCVGRb5wKRbjD/hB8YwL9YeYrlIrhdwvp6PL4gA6vAjI3weXYooU mzdH3ZrEndjUmt2jhkQcWBML3KS9J7Wwk7/vH5CkVPuPtjNiyQ7kE5vN4ekPILmRZEEF KWwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447923; x=1690039923; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sdSHAeSLHqSuc84HMqngLiMaqq9QK9gPAFvtYE0SrAs=; b=SS/4QOs8LHzGMbwsxlL8lrb1i5oGaPvQhnFaixrI5NUq0ZQhDg90CgyQQNmrTm00tn 9HrCCLGHgi+Reh5caUVVjENRZLWXGaupczNCcNwTdeAjd1VsjM/DcqrtqoHsHxpeIHXn DMmpiQsmiwvphArVAENU8UZyaSR1oiEd7eVtlOsulMxNrbo1K0PjqOerGiyD4VJjt/60 UU2UMX7mduwbFHV0EwhqxxEM1P8QknuXHAankrN6wVfcLxq9BJ//f8N1AneY8p8pUHJX vN4azIk3oloj2DK1UhGsCHcRK5XER/sqhw49fZ5oMs0wZwzn08/hRmfpsME78oJCo90w INcw== X-Gm-Message-State: AC+VfDxvZOzkGpA9slYoyTEJVDHl7eSISkSzhtnAuyYBEWj/ctNzO1TQ FnY2Z15kD3QJhzdNFgAQInjUFxV/MgFzNw6ZEkE= X-Google-Smtp-Source: ACHHUZ5OP37LBafh/Y00PTyABgzHT3vGGsGKXWOb1sd6NSX1wZXw7u3JbEV5pn2N0Osk/jFoj7Dbbg== X-Received: by 2002:a05:6a00:1a10:b0:668:9fb6:b321 with SMTP id g16-20020a056a001a1000b006689fb6b321mr7105237pfv.12.1687447923408; Thu, 22 Jun 2023 08:32:03 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:03 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 06/14] uninative: Upgrade to 3.8.1 to include libgcc Date: Thu, 22 Jun 2023 05:31:35 -1000 Message-Id: <8bb60a90dbd59b22e5ba884804b3cb47df45e97d.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183253 From: Michael Halstead Including libgcc solves issues with libpthread. Signed-off-by: Michael Halstead Signed-off-by: Richard Purdie (cherry picked from commit 36eb46589fb01374d4738a2c376386c68d06aa83) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/yocto-uninative.inc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index 7012db441b..51c0cdee43 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -7,9 +7,9 @@ # UNINATIVE_MAXGLIBCVERSION = "2.36" -UNINATIVE_VERSION = "3.7" +UNINATIVE_VERSION = "3.8.1" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "6a29bcae4b5b716d2d520e18800b33943b65f8a835eac1ff8793fc5ee65b4be6" -UNINATIVE_CHECKSUM[i686] ?= "3f6d52e64996570c716108d49f8108baccf499a283bbefae438c7266b7a93305" -UNINATIVE_CHECKSUM[x86_64] ?= "b110bf2e10fe420f5ca2f3ec55f048ee5f0a54c7e34856a3594e51eb2aea0570" +UNINATIVE_CHECKSUM[aarch64] ?= "3f15d420049b21854bd7a8843da0f42f17064559492c8b752d7a6f998ff5ea65" +UNINATIVE_CHECKSUM[i686] ?= "a6dcf316d738ade2e5e463bd3b33a270b4bfc25bba41770ad5cbdc3b0e24044c" +UNINATIVE_CHECKSUM[x86_64] ?= "5fab9a5c97fc73a21134e5a81f74498cbaecda75d56aab971c934e0b803bcc00" From patchwork Thu Jun 22 15:31:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26211 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3F931C001B3 for ; Thu, 22 Jun 2023 15:32:08 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web11.14630.1687447925927179186 for ; Thu, 22 Jun 2023 08:32:05 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=1wH5jYsx; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-666e3b15370so4342079b3a.0 for ; Thu, 22 Jun 2023 08:32:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447925; x=1690039925; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/NaHbcBvCvIT+6WrEVj2NdOoey6vSFxziytH9H9uJhk=; b=1wH5jYsxNqi1vFk6VqJdF+8ZhMJoLAhtIynPv5bv5nuzeu6ivoarRaQQhgDcqNm0oq YO//Vf8f4I6iY9t+A/gz8ejqj1s4l/oNrB3LzxehFzQppGQGN+d4xqW172XPZ7ubC2FN pPtqUl9dUaBY9NMUgX3REzq5EKrN2wnLkvsveDiOaV/gxm/TP2PjRIcJpihFUUOYltr2 uZq/1kUU9YeNxmV3MamNCCO33oBwVxiUs7GZLvShzLFe52+x4PpwlG8Isnb8UsIs/6KC xuXTuHTv6QvlgnxYOQFOO+z7pW1VtDkxMOm3EbUwaxdnjMTI1MOgzE0Whuek5w7Uf+4l i0fw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447925; x=1690039925; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/NaHbcBvCvIT+6WrEVj2NdOoey6vSFxziytH9H9uJhk=; b=XOXriTlEDk50QW7b0any5K0L2kWDHPqPuQRt5l2zxDltEXtFAnLheq8fbh/UxuiIpH JsJfQ/ANJRLQmX6Y1satOTsMk2UTzG6NRmSKeVbPCjfJIgGBIGSEWO3L+CiEKI5M7bkb LxAypScHL8FvGKrjaBBnk4/YEbgKj2p9kT94CzOyhoJfdKFcYIcbRdCcqjc7dYvF8F1t Ex6v383m8sRW8i1JaPC+Axaji0xi4Uw8EcIPcmQDoaMtfDTs6cvrUjgrIryFR49oZW60 07yQnPk3BQ0Pzg3tsarVgux+dgxo11ErT/oCNbAC4dOQxFMBcpLM7fGYGTk0edGmHs1t VW5w== X-Gm-Message-State: AC+VfDx4KnpLjRiI8lRyO3a3jz5UM+Rvk2B+DmkyRV0/z07QVkXbrX5r Vq4+HDcogvpcMyGqfqsZ25Q1XvtFutINscuU+Vc= X-Google-Smtp-Source: ACHHUZ4NJAS9ngeVNXn6OiVeghqQ34vunJSydwEz3xAAX/JPjfegT1B5xfJHJ70FaZsNqNx1ec5U9g== X-Received: by 2002:a05:6a00:2d8c:b0:668:95c1:b4f7 with SMTP id fb12-20020a056a002d8c00b0066895c1b4f7mr9394940pfb.27.1687447924902; Thu, 22 Jun 2023 08:32:04 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:04 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 07/14] uninative: Upgrade to 3.9 to include glibc 2.37 Date: Thu, 22 Jun 2023 05:31:36 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183254 From: Michael Halstead Update uninative to work with the new glibc 2.37. Signed-off-by: Michael Halstead Signed-off-by: Richard Purdie (cherry picked from commit 360971a6ba562fa0b29bd062b96ede2d3a47fa2e) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/yocto-uninative.inc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index 51c0cdee43..8a5cab5360 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -6,10 +6,10 @@ # to the distro running on the build machine. # -UNINATIVE_MAXGLIBCVERSION = "2.36" -UNINATIVE_VERSION = "3.8.1" +UNINATIVE_MAXGLIBCVERSION = "2.37" +UNINATIVE_VERSION = "3.9" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "3f15d420049b21854bd7a8843da0f42f17064559492c8b752d7a6f998ff5ea65" -UNINATIVE_CHECKSUM[i686] ?= "a6dcf316d738ade2e5e463bd3b33a270b4bfc25bba41770ad5cbdc3b0e24044c" -UNINATIVE_CHECKSUM[x86_64] ?= "5fab9a5c97fc73a21134e5a81f74498cbaecda75d56aab971c934e0b803bcc00" +UNINATIVE_CHECKSUM[aarch64] ?= "de35708c95c34573af140da910132c3291ba4fd26ebf7b74b755ada432cdf07b" +UNINATIVE_CHECKSUM[i686] ?= "adac07b08adb88eb26fc7fd87fee0cec9d5be167bf7c5ffd3a549a2a6699c29c" +UNINATIVE_CHECKSUM[x86_64] ?= "3dd82c3fbdb59e87bf091c3eef555a05fae528eeda3083828f76cd4deaceca8b" From patchwork Thu Jun 22 15:31:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26207 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FD4DEB64DA for ; Thu, 22 Jun 2023 15:32:08 +0000 (UTC) Received: from mail-pg1-f178.google.com (mail-pg1-f178.google.com [209.85.215.178]) by mx.groups.io with SMTP id smtpd.web10.14562.1687447927376876778 for ; Thu, 22 Jun 2023 08:32:07 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Kuur8Ekf; spf=softfail (domain: sakoman.com, ip: 209.85.215.178, mailfrom: steve@sakoman.com) Received: by mail-pg1-f178.google.com with SMTP id 41be03b00d2f7-54faf8db79fso3031805a12.0 for ; Thu, 22 Jun 2023 08:32:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447926; x=1690039926; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Y2DXY0rkq/i8yPccomW4TBuIc6WRwOAXTQ7Pnp02RM0=; b=Kuur8Ekf8gDQBlbM0u1VjN5xh4PNCMBoIoGSbonNvvGosrvMuK9vsq3A3c0zb8yQRv r81kURdkSz/JwtTM53+oLHP3eJn6NNPAVFnewF4TImRFF0N4F1hbiLgsAvVkBaK9TQX7 2DgGGnWhp1EOeZB3UaRUUpqgJaJKR8Ou36NrdMzGP8qtMBkL9YNMi0iJmXUG2jMuyPjT zwK11BVgUJD9yYl6mMq+yT+bbNeM7SFmjDEioa/vlip8sNqBBUkdPx1twgIjADeaI4Pt SmszU4Ed2ffLJ0F7W24vJxT7joVmVPZyS/b+C+jKNjPDKvMXzn6LkfegIT/xnOSfNGJV yzAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447926; x=1690039926; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Y2DXY0rkq/i8yPccomW4TBuIc6WRwOAXTQ7Pnp02RM0=; b=MX/Dn1sRmbdax8ysWx5B6m3hHk7PlQCZffeQzuaeA0taFRy1JDf+g5D9+VNThQrQN9 Lu+2NdQUn7TSCXF/6BFzLeVwsYqwhj/mTbP/H6WBUOHZcr9o69bXLaakCCbgihcjmpwU UtQJ6z0eI7DVsWwsfAIqxVDdgn9BvCRUuWyrHPYZELPwhaIQyz+fjvJAo6j48b1rcpkz gul7tCrstcdYnJcpNwEXV5iSIpgaJpmqR8mDBWhsnYlK42oC3q6u25GGBp6P2CpM09v6 2tEapdz1bGobC3+1Mm3aeksl0uNoqS8hgg6jihNyfxpR6gV+4s4hWvXi4FYi7VBDKCTp YdIw== X-Gm-Message-State: AC+VfDw3x5zlTk6lgB1vUYNE3kH7byLXWpELbWjsCTz45NeIs4vNI0tP wcCF3t1SELopeQyghxmqUB8eIUC9bCWTQNgyOoA= X-Google-Smtp-Source: ACHHUZ6a4BlKq6qGRc6Slr0TbUgbhJKgR67TXpNK5dYcTWJPpWnq0dk/k5vTPLMLgce5+gT2oPDToA== X-Received: by 2002:a05:6a21:108d:b0:114:f824:67c with SMTP id nl13-20020a056a21108d00b00114f824067cmr14187714pzb.33.1687447926441; Thu, 22 Jun 2023 08:32:06 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:06 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 08/14] uninative: Upgrade to 3.10 to support gcc 13 Date: Thu, 22 Jun 2023 05:31:37 -1000 Message-Id: <15287d18c18152efcfc56a2ae16efdc42c53d92a.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183255 From: Michael Halstead Signed-off-by: Michael Halstead Signed-off-by: Richard Purdie (cherry picked from commit f811bffb861b23238e8291394bd6e8407f013619) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/yocto-uninative.inc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index 8a5cab5360..f3c05b7e20 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -7,9 +7,9 @@ # UNINATIVE_MAXGLIBCVERSION = "2.37" -UNINATIVE_VERSION = "3.9" +UNINATIVE_VERSION = "3.10" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "de35708c95c34573af140da910132c3291ba4fd26ebf7b74b755ada432cdf07b" -UNINATIVE_CHECKSUM[i686] ?= "adac07b08adb88eb26fc7fd87fee0cec9d5be167bf7c5ffd3a549a2a6699c29c" -UNINATIVE_CHECKSUM[x86_64] ?= "3dd82c3fbdb59e87bf091c3eef555a05fae528eeda3083828f76cd4deaceca8b" +UNINATIVE_CHECKSUM[aarch64] ?= "b11f7dff0ff5e3c971f22e89a105efb0f8d2006fd71d1ea3e5da771e416b0e01" +UNINATIVE_CHECKSUM[i686] ?= "ad7daa7fca7693ca07eea5279f830333530171d357759b380954a25254edd8dd" +UNINATIVE_CHECKSUM[x86_64] ?= "ce8ff7e3247da312fbf84008f415bc1b4d113ac9fe4ec91581e4a20cd8b475d3" From patchwork Thu Jun 22 15:31:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26214 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2E1BFEB64DA for ; Thu, 22 Jun 2023 15:32:18 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web10.14564.1687447928984338877 for ; Thu, 22 Jun 2023 08:32:09 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Cy1IVx8e; spf=softfail (domain: sakoman.com, ip: 209.85.210.178, mailfrom: steve@sakoman.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-666e6ecb52dso3674892b3a.2 for ; Thu, 22 Jun 2023 08:32:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447928; x=1690039928; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TJice8P5kvprZyo7ewSAgpw0rlxG5a0L5Fbl0WpJL+0=; b=Cy1IVx8e5Ornf0GE5/xLPxs+m0KFUr5qC8A7yU4lsZVIS4Eni85nks/+oU7P7KS9DM ExUVOjlPHWZS6TpwJn3i4hQeTHXhwkerA+3hpu6ZC6m5HRWaz416fbWCpmC6vGcUd9Gz OVt/srpD10uRbhSs9FZuuWj1G6QVq70+9Ec0+WvLSxGBn1/pOZeQvKt7gBtwORGtXnr5 Lc0P+GaV0GCX7MUOMExc9xiiGeW72GQRPQ5gvYzuhNfHQcE1+Pl3mKI+Nhc1eIqpI6zQ k87nlPPhyMP88dg3asO+I9WloAws/7Dcsak3y7XKrsF2Oiwq+zbNomA8sKSgXUhFaxDO v+8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447928; x=1690039928; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TJice8P5kvprZyo7ewSAgpw0rlxG5a0L5Fbl0WpJL+0=; b=a7Pqbnjgo1pe4DAjic6zgleN9NtJr/qkCaFADjmyELsCcRmSaxxjnV+OQLLGETbs/D xEk0cAsZ+FQxoYkceKMARBnV8Wzcs1D3Wq2tEAizSnAQrmnRAHoLsqrcDfijoNXtN7Le Tzkd0j8W0jlvdAp5w54Ko3r+8uYRAJV5D4J8FSHLQnn1OpjIMb5GGS7LxrTiHz2eXY55 uIYOH46UDT1vaXEXeXFW752TXIz4l+vtzDo7a5AeaXD4kp/VEtEqo6N28rTcFl8urZIK IDVmnv22mmt7vgZOW5MUZCqVyZfu/bagPXD0nyOe5wR+e+i5t5H3Cgxv3ygoyD1ra3tt r1ZQ== X-Gm-Message-State: AC+VfDwdq8AQ0jVz+TP9yrJk+EeF63rGoBh/J/KKppweFOomMTrrwcTq pCIp8ywwKGDlsk2P+rtNjvNR3VayiUoKIBzJEvo= X-Google-Smtp-Source: ACHHUZ4el5XOH6rQz/za42RoyFKbRfQ2QQybiN4or9k7sQwgQJa5x91T2Vuz4bHXVyLp/SUABnD1zQ== X-Received: by 2002:a05:6a00:198f:b0:657:67be:d1c5 with SMTP id d15-20020a056a00198f00b0065767bed1c5mr15273482pfl.27.1687447927963; Thu, 22 Jun 2023 08:32:07 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:07 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 09/14] uninative: Upgrade to 4.0 to include latest gcc 13.1.1 Date: Thu, 22 Jun 2023 05:31:38 -1000 Message-Id: <0179c939e4abab008d3c3aa9c1c1eb63b78a6e09.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183256 From: Michael Halstead Signed-off-by: Michael Halstead Signed-off-by: Richard Purdie (cherry picked from commit f87becb69e02bdf055dffb633ed4f6d36b36f7a7) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/yocto-uninative.inc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index f3c05b7e20..ad4816a1f3 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -7,9 +7,9 @@ # UNINATIVE_MAXGLIBCVERSION = "2.37" -UNINATIVE_VERSION = "3.10" +UNINATIVE_VERSION = "4.0" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "b11f7dff0ff5e3c971f22e89a105efb0f8d2006fd71d1ea3e5da771e416b0e01" -UNINATIVE_CHECKSUM[i686] ?= "ad7daa7fca7693ca07eea5279f830333530171d357759b380954a25254edd8dd" -UNINATIVE_CHECKSUM[x86_64] ?= "ce8ff7e3247da312fbf84008f415bc1b4d113ac9fe4ec91581e4a20cd8b475d3" +UNINATIVE_CHECKSUM[aarch64] ?= "7baa8418a302df52e00916193b0a04f318356d9d2670c9a2bce3e966efefd738" +UNINATIVE_CHECKSUM[i686] ?= "83114d36883d43a521e280742b9849bf85d039b2f83d8e21d480659babe75ee8" +UNINATIVE_CHECKSUM[x86_64] ?= "fd75b2a1a67a10f6b7d65afb7d0f3e71a63b0038e428f34dfe420bb37716558a" From patchwork Thu Jun 22 15:31:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26215 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3AC2BEB64DD for ; Thu, 22 Jun 2023 15:32:18 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web11.14632.1687447930742434557 for ; Thu, 22 Jun 2023 08:32:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=oyCtNRh7; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-668711086f4so585906b3a.1 for ; Thu, 22 Jun 2023 08:32:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447930; x=1690039930; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=HPc+HrPQKkMRyx3tHmbNlY9FI7P8UdB0sfUhIX19ULs=; b=oyCtNRh7L6EKXAvelNYPDSC6nIBw1LImocyet2PRBLwXMd12vgm+fEibWhIKCK0SQr kCa06AX/jGPAcj4TSMGtix3EjFaDQIBaxr51Fs8MNq0EsUJBMocOvu4BdnZ4tM8JIkIj C8Qy7NPQKAiooZNbpYZjwx1MuoiGZhDYlRTjc/RmA17kA5heJ8eVu/GQ58U7XVzWQE3d 4J811CrRn/uKhuCBIV2JJGnup17g3kKP4ByPk1MgP5GzsBwib59Lpv3Rj4UUAiaERD/Q oB/x+uNVboPITy5RYi1aSLYRmJ3/50HNj13nVaHwdedbz7RvwBA5RzawykgScdtobCIC ZW1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447930; x=1690039930; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HPc+HrPQKkMRyx3tHmbNlY9FI7P8UdB0sfUhIX19ULs=; b=DBsfRc4U99zQKWuMIe/QIwzifZWVJXSOzFpjtIoqKcGP9//NWO5CQd20aT8WhlljZ/ QJy6pn2JimT+ac+0e7hnxDIY+ZkHiwKSEFZQT3+izEEDWtJB/Cgq8HQNhek707VY790I 75LFyqSsdVHeVAKLyzGVWfxsFkp2gPIK7K0Q2mrPiHYZ3ZdRlo4eh3HsrbS9+SCtB458 42Dec31yKa+9ZLDe8j0+q/L9Q8zQo0p2roL4Jt8xrYquLd05Xh2YRzcM9+LRchqr8/qf 2eQcJMzCj9qyD3DYYoEwQwM2CeQK7HROuOPSRIfagK6UqCKkY0kG5WdBTXZ9lMp6HQow KRiw== X-Gm-Message-State: AC+VfDzF/xXP2N/kvrIzm6Q5f5aWWuk600ALi6UZ7WZNaHbWN8uGwhEG KDrrjF/CH8xKZaSYug8Dmdkc+WpYDs2MsztyC4c= X-Google-Smtp-Source: ACHHUZ6zhLaoQZHIaj3yoMYICHCR6NGoc4bq6urf13JlagnMnBoDLjc7PzPmPs89k4bQ/Pzoq8r1Cg== X-Received: by 2002:a05:6a00:2353:b0:666:b22d:c6e0 with SMTP id j19-20020a056a00235300b00666b22dc6e0mr23962187pfj.11.1687447929563; Thu, 22 Jun 2023 08:32:09 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:09 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 10/14] uninative.bbclass: handle read only files outside of patchelf Date: Thu, 22 Jun 2023 05:31:39 -1000 Message-Id: <3680fcbf9ba327aedb32bb4eb647dd56fcccfd51.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183257 We are seeing autobuilder failures with the latest uninative: patchelf: open: Permission denied See upstream discussion which suggests handling read-only files explicitly outside of patchelf: https://github.com/NixOS/patchelf/pull/89 Signed-off-by: Steve Sakoman --- meta/classes/uninative.bbclass | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/classes/uninative.bbclass b/meta/classes/uninative.bbclass index 2940935dd7..4d4f53ad4d 100644 --- a/meta/classes/uninative.bbclass +++ b/meta/classes/uninative.bbclass @@ -169,5 +169,7 @@ python uninative_changeinterp () { if not elf.isDynamic(): continue + os.chmod(f, s[stat.ST_MODE] | stat.S_IWUSR) subprocess.check_output(("patchelf-uninative", "--set-interpreter", d.getVar("UNINATIVE_LOADER"), f), stderr=subprocess.STDOUT) + os.chmod(f, s[stat.ST_MODE]) } From patchwork Thu Jun 22 15:31:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26219 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 340BCEB64DC for ; Thu, 22 Jun 2023 15:32:18 +0000 (UTC) Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com [209.85.215.182]) by mx.groups.io with SMTP id smtpd.web10.14567.1687447932723798608 for ; Thu, 22 Jun 2023 08:32:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Ntqgc43+; spf=softfail (domain: sakoman.com, ip: 209.85.215.182, mailfrom: steve@sakoman.com) Received: by mail-pg1-f182.google.com with SMTP id 41be03b00d2f7-553a998bca3so4078558a12.2 for ; Thu, 22 Jun 2023 08:32:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447932; x=1690039932; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MDuWe8osTBOoJ2L1ytvZrK/AjPFc0WsFldxoo9/6Cz4=; b=Ntqgc43+GUKqsRknpbmiDO2geProWHmpwj44IR9sdJK7AWkOTIj3ho6NfsyZwKRnRy Y/lPg+m8NR/auxriSS42FEqjqWBT5XOKJZlHH5l6X/sZMvIOPo/nulSjHY0hy5XNvHKI 6eQ9kLcQfkDyvGA9m+agxUju0iv5mxsuvEuluSX3veWrJ7g/Wy9i0IwyHRVI3JoP7wm7 LJ+bq8l92B+rAa2AGZROgR5O/M+aKEPi9Hg7/JpG+LWvRnfAMUW2dmMnpQZa3LFitmj7 0AYZAh7E3HyNbXX6WqGQIyLTsIOqLS/g8wSafVnS+d3SgfmX6s2S8PJKONWceiG4nvkg KQgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447932; x=1690039932; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MDuWe8osTBOoJ2L1ytvZrK/AjPFc0WsFldxoo9/6Cz4=; b=Zpwqus7OrFkIbad0PowjH6Uchmb1IiuuVZffnip3q3W+GpBiUvqWK1DSeSHbPzBXJB hiPPf8kBCgOxSFVeKdr3FEl2y+YEWSsxBUUyA4adzwm7nYgxVxeoV0C1aM85xw2jjmyl esHyU2egwAfzDamSpEdVqUS1JMUrXfz7zbhjI8mNvYDQcOHLn9Pt75ZxEcj/RcVte+Lp hmGjL0xqO8Pb3OLcnc16HFUvqJ6t0Hd2ESw0139hGUXjtLaEkB+QoO2NjeFdk8t9GIQl aU8ux8cmL1NAjLud0SZjjGRql50+Ha07c2YFLwG0LO+2P/keqJgHITlRzey2pHd6rORb P8uw== X-Gm-Message-State: AC+VfDwLy8J1iS8uiNsXcGO7/rYnJrVem1sAEOiogBDWq3XfKRLITuhW zIW0aDCYA2deKQa0Q7UHLm0jupw6bayV8bnjxK4= X-Google-Smtp-Source: ACHHUZ57D9FonJJVbMlX0U/j0L+6oMGXnRgY/rVre65ZBCDm9yIhrdj4bihzESDQ0vESa78rqQ25Sw== X-Received: by 2002:a05:6a20:4328:b0:125:377c:831d with SMTP id h40-20020a056a20432800b00125377c831dmr1769481pzk.3.1687447931415; Thu, 22 Jun 2023 08:32:11 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:10 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 11/14] kernel-fitimage: adding support for Initramfs bundle and u-boot script Date: Thu, 22 Jun 2023 05:31:40 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183258 From: Abdellatif El Khlifi This commit adds Initramfs bundle support to the FIT image in addition to u-boot boot script capability. These new features are selectable. In case of Initramfs, the kernel is configured to be bundled with the rootfs in the same binary (ie: zImage-initramfs-.bin). When the kernel is copied to RAM and executed, it unpacks the Initramfs rootfs. For more information about Initramfs please read: https://www.kernel.org/doc/Documentation/filesystems/ramfs-rootfs-initramfs.txt For more details about the Initramfs bundle and boot script implementation please check the kernel-fitimage.bbclass paragraph in Yocto reference or mega manual. Current limitations: - Initramfs bundle FIT support has been tested on ARM 32-bit - The kernel image type in case of ARM 32-bit is zImage Change-Id: I901bfd899e8d733c5b9a2b6645b1d4748f4b1fda Signed-off-by: Abdellatif El Khlifi Signed-off-by: Richard Purdie Backport of 19fa415c8769a67b52babd80f71d68bf36a21db2 in master branch Signed-off-by: Remi Peuvergne Signed-off-by: Steve Sakoman --- meta/classes/kernel-fitimage.bbclass | 157 +++++++++++++++++++++++---- 1 file changed, 134 insertions(+), 23 deletions(-) diff --git a/meta/classes/kernel-fitimage.bbclass b/meta/classes/kernel-fitimage.bbclass index e0dd215167..3b23138628 100644 --- a/meta/classes/kernel-fitimage.bbclass +++ b/meta/classes/kernel-fitimage.bbclass @@ -1,5 +1,7 @@ inherit kernel-uboot kernel-artifact-names uboot-sign +KERNEL_IMAGETYPE_REPLACEMENT = "" + python __anonymous () { kerneltypes = d.getVar('KERNEL_IMAGETYPES') or "" if 'fitImage' in kerneltypes.split(): @@ -21,6 +23,8 @@ python __anonymous () { else: replacementtype = "zImage" + d.setVar("KERNEL_IMAGETYPE_REPLACEMENT", replacementtype) + # Override KERNEL_IMAGETYPE_FOR_MAKE variable, which is internal # to kernel.bbclass . We have to override it, since we pack zImage # (at least for now) into the fitImage . @@ -45,6 +49,8 @@ python __anonymous () { if d.getVar('UBOOT_SIGN_ENABLE') == "1" and d.getVar('UBOOT_DTB_BINARY'): uboot_pn = d.getVar('PREFERRED_PROVIDER_u-boot') or 'u-boot' d.appendVarFlag('do_assemble_fitimage', 'depends', ' %s:do_populate_sysroot' % uboot_pn) + if d.getVar('INITRAMFS_IMAGE_BUNDLE') == "1": + d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' %s:do_populate_sysroot' % uboot_pn) } # Options for the device tree compiler passed to mkimage '-D' feature: @@ -180,6 +186,43 @@ fitimage_emit_section_dtb() { EOF } +# +# Emit the fitImage ITS u-boot script section +# +# $1 ... .its filename +# $2 ... Image counter +# $3 ... Path to boot script image +fitimage_emit_section_boot_script() { + + bootscr_csum="${FIT_HASH_ALG}" + bootscr_sign_algo="${FIT_SIGN_ALG}" + bootscr_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}" + + cat << EOF >> $1 + bootscr-$2 { + description = "U-boot script"; + data = /incbin/("$3"); + type = "script"; + arch = "${UBOOT_ARCH}"; + compression = "none"; + hash-1 { + algo = "$bootscr_csum"; + }; + }; +EOF + + if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$bootscr_sign_keyname" ] ; then + sed -i '$ d' $1 + cat << EOF >> $1 + signature-1 { + algo = "$bootscr_csum,$bootscr_sign_algo"; + key-name-hint = "$bootscr_sign_keyname"; + }; + }; +EOF + fi +} + # # Emit the fitImage ITS setup section # @@ -250,8 +293,9 @@ EOF # $2 ... Linux kernel ID # $3 ... DTB image name # $4 ... ramdisk ID -# $5 ... config ID -# $6 ... default flag +# $5 ... u-boot script ID +# $6 ... config ID +# $7 ... default flag fitimage_emit_section_config() { conf_csum="${FIT_HASH_ALG}" @@ -267,6 +311,7 @@ fitimage_emit_section_config() { kernel_line="" fdt_line="" ramdisk_line="" + bootscr_line="" setup_line="" default_line="" @@ -289,21 +334,28 @@ fitimage_emit_section_config() { fi if [ -n "${5}" ]; then + conf_desc="${conf_desc}${sep}u-boot script" + sep=", " + bootscr_line="bootscr = \"bootscr-${5}\";" + fi + + if [ -n "${6}" ]; then conf_desc="${conf_desc}${sep}setup" - setup_line="setup = \"setup-${5}\";" + setup_line="setup = \"setup-${6}\";" fi - if [ "${6}" = "1" ]; then + if [ "${7}" = "1" ]; then default_line="default = \"conf-${3}\";" fi cat << EOF >> ${1} ${default_line} conf-${3} { - description = "${6} ${conf_desc}"; + description = "${7} ${conf_desc}"; ${kernel_line} ${fdt_line} ${ramdisk_line} + ${bootscr_line} ${setup_line} hash-1 { algo = "${conf_csum}"; @@ -331,6 +383,11 @@ EOF fi if [ -n "${5}" ]; then + sign_line="${sign_line}${sep}\"bootscr\"" + sep=", " + fi + + if [ -n "${6}" ]; then sign_line="${sign_line}${sep}\"setup\"" fi @@ -363,6 +420,7 @@ fitimage_assemble() { DTBS="" ramdiskcount=${3} setupcount="" + bootscr_id="" rm -f ${1} arch/${ARCH}/boot/${2} fitimage_emit_fit_header ${1} @@ -373,7 +431,22 @@ fitimage_assemble() { fitimage_emit_section_maint ${1} imagestart uboot_prep_kimage - fitimage_emit_section_kernel ${1} "${kernelcount}" linux.bin "${linux_comp}" + + if [ "${INITRAMFS_IMAGE_BUNDLE}" = "1" ]; then + initramfs_bundle_path="arch/"${UBOOT_ARCH}"/boot/"${KERNEL_IMAGETYPE_REPLACEMENT}".initramfs" + if [ -e "${initramfs_bundle_path}" ]; then + + # + # Include the kernel/rootfs bundle. + # + + fitimage_emit_section_kernel ${1} "${kernelcount}" "${initramfs_bundle_path}" "${linux_comp}" + else + bbwarn "${initramfs_bundle_path} not found." + fi + else + fitimage_emit_section_kernel ${1} "${kernelcount}" linux.bin "${linux_comp}" + fi # # Step 2: Prepare a DTB image section @@ -407,7 +480,21 @@ fitimage_assemble() { fi # - # Step 3: Prepare a setup section. (For x86) + # Step 3: Prepare a u-boot script section + # + + if [ -n "${UBOOT_ENV}" ] && [ -d "${STAGING_DIR_HOST}/boot" ]; then + if [ -e "${STAGING_DIR_HOST}/boot/${UBOOT_ENV_BINARY}" ]; then + cp ${STAGING_DIR_HOST}/boot/${UBOOT_ENV_BINARY} ${B} + bootscr_id="${UBOOT_ENV_BINARY}" + fitimage_emit_section_boot_script ${1} "${bootscr_id}" ${UBOOT_ENV_BINARY} + else + bbwarn "${STAGING_DIR_HOST}/boot/${UBOOT_ENV_BINARY} not found." + fi + fi + + # + # Step 4: Prepare a setup section. (For x86) # if [ -e arch/${ARCH}/boot/setup.bin ]; then setupcount=1 @@ -415,9 +502,9 @@ fitimage_assemble() { fi # - # Step 4: Prepare a ramdisk section. + # Step 5: Prepare a ramdisk section. # - if [ "x${ramdiskcount}" = "x1" ] ; then + if [ "x${ramdiskcount}" = "x1" ] && [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then # Find and use the first initramfs image archive type we find for img in cpio.lz4 cpio.lzo cpio.lzma cpio.xz cpio.gz ext2.gz cpio; do initramfs_path="${DEPLOY_DIR_IMAGE}/${INITRAMFS_IMAGE_NAME}.${img}" @@ -438,7 +525,7 @@ fitimage_assemble() { fi # - # Step 5: Prepare a configurations section + # Step 6: Prepare a configurations section # fitimage_emit_section_maint ${1} confstart @@ -449,7 +536,7 @@ fitimage_assemble() { if [ "${dtb_ext}" = "dtbo" ]; then fitimage_emit_section_config ${1} "" "${DTB}" "" "" "`expr ${i} = ${dtbcount}`" else - fitimage_emit_section_config ${1} "${kernelcount}" "${DTB}" "${ramdiskcount}" "${setupcount}" "`expr ${i} = ${dtbcount}`" + fitimage_emit_section_config ${1} "${kernelcount}" "${DTB}" "${ramdiskcount}" "${bootscr_id}" "${setupcount}" "`expr ${i} = ${dtbcount}`" fi i=`expr ${i} + 1` done @@ -460,7 +547,7 @@ fitimage_assemble() { fitimage_emit_section_maint ${1} fitend # - # Step 6: Assemble the image + # Step 7: Assemble the image # uboot-mkimage \ ${@'-D "${UBOOT_MKIMAGE_DTCOPTS}"' if len('${UBOOT_MKIMAGE_DTCOPTS}') else ''} \ @@ -468,7 +555,7 @@ fitimage_assemble() { arch/${ARCH}/boot/${2} # - # Step 7: Sign the image and add public key to U-Boot dtb + # Step 8: Sign the image and add public key to U-Boot dtb # if [ "x${UBOOT_SIGN_ENABLE}" = "x1" ] ; then add_key_to_u_boot="" @@ -500,7 +587,11 @@ do_assemble_fitimage_initramfs() { if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage" && \ test -n "${INITRAMFS_IMAGE}" ; then cd ${B} - fitimage_assemble fit-image-${INITRAMFS_IMAGE}.its fitImage-${INITRAMFS_IMAGE} 1 + if [ "${INITRAMFS_IMAGE_BUNDLE}" = "1" ]; then + fitimage_assemble fit-image-${INITRAMFS_IMAGE}.its fitImage "" + else + fitimage_assemble fit-image-${INITRAMFS_IMAGE}.its fitImage-${INITRAMFS_IMAGE} 1 + fi fi } @@ -511,22 +602,32 @@ kernel_do_deploy[vardepsexclude] = "DATETIME" kernel_do_deploy_append() { # Update deploy directory if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage"; then - echo "Copying fit-image.its source file..." - install -m 0644 ${B}/fit-image.its "$deployDir/fitImage-its-${KERNEL_FIT_NAME}.its" - ln -snf fitImage-its-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${KERNEL_FIT_LINK_NAME}" + if [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then + echo "Copying fit-image.its source file..." + install -m 0644 ${B}/fit-image.its "$deployDir/fitImage-its-${KERNEL_FIT_NAME}.its" + if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then + ln -snf fitImage-its-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${KERNEL_FIT_LINK_NAME}" + fi - echo "Copying linux.bin file..." - install -m 0644 ${B}/linux.bin $deployDir/fitImage-linux.bin-${KERNEL_FIT_NAME}.bin - ln -snf fitImage-linux.bin-${KERNEL_FIT_NAME}.bin "$deployDir/fitImage-linux.bin-${KERNEL_FIT_LINK_NAME}" + echo "Copying linux.bin file..." + install -m 0644 ${B}/linux.bin $deployDir/fitImage-linux.bin-${KERNEL_FIT_NAME}.bin + if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then + ln -snf fitImage-linux.bin-${KERNEL_FIT_NAME}.bin "$deployDir/fitImage-linux.bin-${KERNEL_FIT_LINK_NAME}" + fi + fi if [ -n "${INITRAMFS_IMAGE}" ]; then echo "Copying fit-image-${INITRAMFS_IMAGE}.its source file..." install -m 0644 ${B}/fit-image-${INITRAMFS_IMAGE}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its" ln -snf fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}" - echo "Copying fitImage-${INITRAMFS_IMAGE} file..." - install -m 0644 ${B}/arch/${ARCH}/boot/fitImage-${INITRAMFS_IMAGE} "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin" - ln -snf fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}" + if [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then + echo "Copying fitImage-${INITRAMFS_IMAGE} file..." + install -m 0644 ${B}/arch/${ARCH}/boot/fitImage-${INITRAMFS_IMAGE} "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin" + if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then + ln -snf fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}" + fi + fi fi if [ "${UBOOT_SIGN_ENABLE}" = "1" -a -n "${UBOOT_DTB_BINARY}" ] ; then # UBOOT_DTB_IMAGE is a realfile, but we can't use @@ -536,3 +637,13 @@ kernel_do_deploy_append() { fi fi } + +# The function below performs the following in case of initramfs bundles: +# - Removes do_assemble_fitimage. FIT generation is done through +# do_assemble_fitimage_initramfs. do_assemble_fitimage is not needed +# and should not be part of the tasks to be executed. +python () { + d.appendVarFlag('do_compile', 'vardeps', ' INITRAMFS_IMAGE_BUNDLE') + if d.getVar('INITRAMFS_IMAGE_BUNDLE') == "1": + bb.build.deltask('do_assemble_fitimage', d) +} From patchwork Thu Jun 22 15:31:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26218 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 402AAEB64DB for ; Thu, 22 Jun 2023 15:32:18 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.14570.1687447933916729163 for ; Thu, 22 Jun 2023 08:32:13 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=3K8Jjejm; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-666edfc50deso594401b3a.0 for ; Thu, 22 Jun 2023 08:32:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447933; x=1690039933; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DWpUKyisWO/BDExBZU7x6KObQgi1+KnZMJovuuQjF3U=; b=3K8Jjejm46fbekPOKfUz79yVIMqvgnttDgN2ipJhi/um9Z3pru6z0P374AENc7evD0 vH8RO7fXPBpqd0yBG0Er9q3nCG3Nj2lAQIrSj+mYkCkhVtDpXN7jWTMRbChAmOX9/231 xX/m8oYieWC0dclNUOD9PAqfal2mPajnRI/3kHpJclZTZ8alnekjQGzeMKb6D75K8rj5 PHWQiqk/YsHCWLOsvZvPvffKXDTSM7f3HGZKlg3sqiEeHqzRw2is5N55IOjzk0/lH+pn d9jJER6cgBGDUgTiN4an6ZmcjzPFlSC0ZfD1d7nBLxlDrf27nCli1dL9Y+9WiPG6lWKH KXYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447933; x=1690039933; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DWpUKyisWO/BDExBZU7x6KObQgi1+KnZMJovuuQjF3U=; b=Re1KeIALIAciNCcWRyCHzBEosZMftler5P5FkZq1F8PA92DaHQq2OZQAOm7ho3f9b1 8TiaD10srkK2rW+GzU3F66IjI4oJ8kX6r7faqLsy2vAZOc44BILJVM4lw9XD1UCrJQBl f4siBJfFf9+vSzAnzgfj/S7eZu9q2G5PonqpoXNgwgNmiWc4bunmJzebQCpBj0ln5b2v 5JFrn8FC6MCNV0Q00G8UT2Jjx9zlOXQwSLrxt1eWC1yu3nArJpKttRLol5gqxbSh0ZQ1 zjVm8XJlzOEc5a+Y8VOlyldJWOokjYK6h51o4x4dyzXRe/vjCOk0Hnd5RNAfqom1t9Rs fu5Q== X-Gm-Message-State: AC+VfDw+MQJ+I5HJ/HrZk867BqJh7+HWAdMUKegbn12fL1vSvaEsAJbK 6n9WIl5mj/8TpHu3Q0zZunKkSpq2WF9a684PumU= X-Google-Smtp-Source: ACHHUZ5T1WmC4n6913GC4G22fn6bvvW+le4ynDuyl6JBqE+HuLztZvB/symev+7uu2P59EuU/nePaw== X-Received: by 2002:a05:6a00:1305:b0:666:c1ab:d6e5 with SMTP id j5-20020a056a00130500b00666c1abd6e5mr24109352pfu.16.1687447933009; Thu, 22 Jun 2023 08:32:13 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:12 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 12/14] kernel-fitimage: use correct kernel image Date: Thu, 22 Jun 2023 05:31:41 -1000 Message-Id: <8280c089b0df97368476b8bc54ed758e809f42f5.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183259 From: Andrej Valek Even if initramfs_bundle_path was used, a wrong compression was reflected in output its template file. Use linux.bin as universal kernel image. The linux.bin file covers both cases because it's beying created from vmlinux. We know, that vmlinux is created inside compressed directory already, so no external compression will be used. Signed-off-by: Andrej Valek Signed-off-by: Walter Schweizer Signed-off-by: Richard Purdie Backport of 27fbbeaf972bb7e2535c1b23375cfa9d66b69db6 in master branch Signed-off-by: Remi Peuvergne Signed-off-by: Steve Sakoman --- meta/classes/kernel-fitimage.bbclass | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/meta/classes/kernel-fitimage.bbclass b/meta/classes/kernel-fitimage.bbclass index 3b23138628..b88d7dbe4b 100644 --- a/meta/classes/kernel-fitimage.bbclass +++ b/meta/classes/kernel-fitimage.bbclass @@ -431,22 +431,7 @@ fitimage_assemble() { fitimage_emit_section_maint ${1} imagestart uboot_prep_kimage - - if [ "${INITRAMFS_IMAGE_BUNDLE}" = "1" ]; then - initramfs_bundle_path="arch/"${UBOOT_ARCH}"/boot/"${KERNEL_IMAGETYPE_REPLACEMENT}".initramfs" - if [ -e "${initramfs_bundle_path}" ]; then - - # - # Include the kernel/rootfs bundle. - # - - fitimage_emit_section_kernel ${1} "${kernelcount}" "${initramfs_bundle_path}" "${linux_comp}" - else - bbwarn "${initramfs_bundle_path} not found." - fi - else - fitimage_emit_section_kernel ${1} "${kernelcount}" linux.bin "${linux_comp}" - fi + fitimage_emit_section_kernel $1 $kernelcount linux.bin "$linux_comp" # # Step 2: Prepare a DTB image section From patchwork Thu Jun 22 15:31:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26217 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 419DAC001B3 for ; Thu, 22 Jun 2023 15:32:18 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web10.14571.1687447935643942691 for ; Thu, 22 Jun 2023 08:32:15 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=xmPnJKC0; spf=softfail (domain: sakoman.com, ip: 209.85.215.179, mailfrom: steve@sakoman.com) Received: by mail-pg1-f179.google.com with SMTP id 41be03b00d2f7-53fbf2c42bfso5769636a12.3 for ; Thu, 22 Jun 2023 08:32:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447935; x=1690039935; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=tkilat2ezKURTJLY7B6LgaXpImKUN6pa/wRD2f+RO0g=; b=xmPnJKC0/YLpbyaiYq0HaNhHmp/ukpskkjJp1UvrGGqpm0GxIP3nbVTUXZ/kUCMeQ2 rHFej2nivwwC1RKvlVqj4JfATy+JRqfhC7XGqB9846NpJN3gzICpci8GMCplb0UpYyW1 sXduMPfsmXlGo3MqkpXZrRkeGejVsW0+Y6nDmvex1C8FUS/Nzn8u7Hrb3tlGhnVDhSDM kyccGdM5saSRuav5kjxucfyUkTT16FS5y5ElN69zcgxEV9X3XV1Q8Ahn6LKMU4pVZuMR rL5K+HfMhD4CBPRBioJKWw3ZDvRowPKc/dmMLHUievKbcH8vqfsZiG0lyao2bGY+9bZ4 RVlg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447935; x=1690039935; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tkilat2ezKURTJLY7B6LgaXpImKUN6pa/wRD2f+RO0g=; b=GAzQKcbFOp155bTzPqqvojM4ZbUD/dKM/+Yvx/lRy9kyFI/yo6oL6oHAHE9ogkl914 J63LD/PKsWl2hL9N48OTTGPMeMyhJrEAj0e5H8LcadsT6RAcEyEdYAtR9y22MYO9jY+2 WR8vd8LUBfVveV6OhswartyIvGI8sCEHRyO8WhvWDGwuiH+BooNSQuefQjGhv3UkxCk1 Xw8CAn+E4ULMF3jXIxKtgO0XqcFuD0HaOFt7ekVBo+Q9IMzhREUmSrTIaPi5D7dTN3f2 35a2t94uLVELwCOe3FWb6LAZBtE4V+ZqgxDWZlBEZaXUEJ/9DVZ1i8gDHKzQVUpWN1uw EKCA== X-Gm-Message-State: AC+VfDxah8PQhKW0/BA/HGDplKzawXY/ea3M2P4jIWYzCHCw1ovOGxtB +QIqgsgFNWpjUZuL4eXYOE12WKzl1nwK9w8N0ls= X-Google-Smtp-Source: ACHHUZ43VGFqcQyHneX5ywCYWjINf5BvPtvmlk15qcN8n/Wz0YSeI+FK6dxnYpqMqIZs6E8L/QsyNg== X-Received: by 2002:a05:6a20:a592:b0:123:9582:e9f2 with SMTP id bc18-20020a056a20a59200b001239582e9f2mr3473258pzb.33.1687447934669; Thu, 22 Jun 2023 08:32:14 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:14 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 13/14] systemd-systemctl: fix instance template WantedBy symlink construction Date: Thu, 22 Jun 2023 05:31:42 -1000 Message-Id: <2751472807edc6d2ccc93b6339e6dc57d4abb2da.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183260 From: Martin Siegumfeldt Fix issue of the below instance template systemd service dependency [Install] WantedBy=svc-wants@%i.service creating the symlink (instance "a" example) /etc/systemd/system/svc-wants@%i.service.wants/svc-wanted-by@a.service which should be /etc/systemd/system/svc-wants@a.service.wants/svc-wanted-by@a.service as implemented by this change. The functionality appears regressed just after "thud" baseline when the logic was refactored from shell script into python (commit 925e30cb104ece7bfa48b78144e758a46dc9ec3f) (From OE-Core rev: 308397f0bb3d6f3d4e9ec2c6a10823184049c9b5) Signed-off-by: Martin Siegumfeldt Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman (cherry picked from commit 372b29c8ad270d4d430c26a4e614976c7029afaf) Signed-off-by: Steve Sakoman --- .../systemd/systemd-systemctl/systemctl | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl b/meta/recipes-core/systemd/systemd-systemctl/systemctl index 6aa2e20465..577c373181 100755 --- a/meta/recipes-core/systemd/systemd-systemctl/systemctl +++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl @@ -182,12 +182,19 @@ class SystemdUnit(): raise SystemdUnitNotFoundError(self.root, unit) - def _process_deps(self, config, service, location, prop, dirstem): + def _process_deps(self, config, service, location, prop, dirstem, instance): systemdir = self.root / SYSCONFDIR / "systemd" / "system" target = ROOT / location.relative_to(self.root) try: for dependent in config.get('Install', prop): + # determine whether or not dependent is a template with an actual + # instance (i.e. a '@%i') + dependent_is_template = re.match(r"[^@]+@(?P[^\.]*)\.", dependent) + if dependent_is_template: + # if so, replace with the actual instance to achieve + # svc-wants@a.service.wants/svc-wanted-by@a.service + dependent = re.sub(dependent_is_template.group('instance'), instance, dependent, 1) wants = systemdir / "{}.{}".format(dependent, dirstem) / service add_link(wants, target) @@ -227,8 +234,8 @@ class SystemdUnit(): else: service = self.unit - self._process_deps(config, service, path, 'WantedBy', 'wants') - self._process_deps(config, service, path, 'RequiredBy', 'requires') + self._process_deps(config, service, path, 'WantedBy', 'wants', instance) + self._process_deps(config, service, path, 'RequiredBy', 'requires', instance) try: for also in config.get('Install', 'Also'): From patchwork Thu Jun 22 15:31:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 26216 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B352C001DB for ; Thu, 22 Jun 2023 15:32:18 +0000 (UTC) Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) by mx.groups.io with SMTP id smtpd.web11.14635.1687447937298855974 for ; Thu, 22 Jun 2023 08:32:17 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=ijvyKF5w; spf=softfail (domain: sakoman.com, ip: 209.85.215.177, mailfrom: steve@sakoman.com) Received: by mail-pg1-f177.google.com with SMTP id 41be03b00d2f7-54fac3b7725so3497881a12.3 for ; Thu, 22 Jun 2023 08:32:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1687447936; x=1690039936; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=wa3GW8WU0oc3nmxKZT4iX/KZqen2LVkPvNuoz0X7wHI=; b=ijvyKF5wyJpcEK45RAsIgz/4q9FxrIUIsDaPvh4KQ+4PTedkINqEnuiav0r2M7sUy2 U5vkKpAE/DmRAXmJdIiVUVKfP1+CM7Q6IpFBliJhMzM2YxPxhHF2/0iKHVF1ibGMuGdD TDicZXlikrJV3aaOKqt3waHmnBtAAM7htFQ7n4jj2MDV/x158rczOCQ0QIjffEUQxhdE MXaRw9iS5P2WcB7MwCsCTc504ungbPehL5zdjh/BwZlhOKIm0CdQPi+qdZn8Yt6j/Qfa P1oUlu/WvUN/ahc6aSQjLf4sROl7sgEFZSjq2bvOodAlO1uqNqAtjghjezoQ8PGeA2Au xE0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687447936; x=1690039936; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wa3GW8WU0oc3nmxKZT4iX/KZqen2LVkPvNuoz0X7wHI=; b=Iwrc6B5Fvyd0LZ04rOo2hPa1ZDNpU5108QlVbImNEawJDMT5x/hoHl2L+chj6ClOwd Rr+7Ncw+tE03pYRTD5tP+xIWz4EPN0RxGCgRAuP7cQAx/iDCjtQVECt8cF8LN4qdEpCa gclUNMduiKJuarca893k1RBWSARLl/YGwqW3OKu8of33At51YzD5ZL6jKZvFmpfy5CtI 4JSJIDIEAHyceonelPywhp4VnZ/XyUfqDIGaMocDDoWmrr19ZPIE+lJrWN8zBVkc1psC U/jAkQM8dLTqG7cPDi06V8rbXUK/xu/7u39nUjNgl/PQMeZUlaM9/bjm3meGftOSuN7I kwMw== X-Gm-Message-State: AC+VfDzRzXAlA8E4XoX+YvNKGCutiwySv4x7j38gaPMNWe+b4Pun6zf8 zX1xLUUtW/axfQI7qwktDCmW1pk2AJiMQQoQtDo= X-Google-Smtp-Source: ACHHUZ4shyIGLVms3vxmq99d7zGH634tXy3jyMf9buUUyGz3F2gQDAtzBXEzk1kT3jU6Wq70bG0ptg== X-Received: by 2002:a05:6a20:258d:b0:10c:7c72:bdf9 with SMTP id k13-20020a056a20258d00b0010c7c72bdf9mr15567930pzd.29.1687447936304; Thu, 22 Jun 2023 08:32:16 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id bm17-20020a056a00321100b0064ccfb73cb8sm4713240pfb.46.2023.06.22.08.32.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jun 2023 08:32:16 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 14/14] systemd-systemctl: support instance expansion in WantedBy Date: Thu, 22 Jun 2023 05:31:43 -1000 Message-Id: <2aa82324d43467e7c8bfbbb59570ee3306264b75.1687446532.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 22 Jun 2023 15:32:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/183261 From: Ian Ray Refactor _process_deps to expand systemd instance specifier "%i" to the template instance. This change expands on prior commit e510222b57 ("systemd-systemctl: fix instance template WantedBy symlink construction") by substituting every "%i" pattern-match with the instance name. The regexp handles the following cases: * svc-wants@%i.service * sys-subsystem-net-devices-%i.device Signed-off-by: Ian Ray Signed-off-by: Alexandre Belloni (cherry picked from commit 9356276137267a29ae2289d796a2940918375308) Signed-off-by: Steve Sakoman --- meta/recipes-core/systemd/systemd-systemctl/systemctl | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl b/meta/recipes-core/systemd/systemd-systemctl/systemctl index 577c373181..b890bdd6f0 100755 --- a/meta/recipes-core/systemd/systemd-systemctl/systemctl +++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl @@ -188,13 +188,8 @@ class SystemdUnit(): target = ROOT / location.relative_to(self.root) try: for dependent in config.get('Install', prop): - # determine whether or not dependent is a template with an actual - # instance (i.e. a '@%i') - dependent_is_template = re.match(r"[^@]+@(?P[^\.]*)\.", dependent) - if dependent_is_template: - # if so, replace with the actual instance to achieve - # svc-wants@a.service.wants/svc-wanted-by@a.service - dependent = re.sub(dependent_is_template.group('instance'), instance, dependent, 1) + # expand any %i to instance (ignoring escape sequence %%) + dependent = re.sub("([^%](%%)*)%i", "\\1{}".format(instance), dependent) wants = systemdir / "{}.{}".format(dependent, dirstem) / service add_link(wants, target)