Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-961_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-960_default.lock.xml
bedrock-devops
(repo not present)
judo-devops
(repo not present)
---------------------------
Commit: 8ed6052
---------------------------
BEDROCK-203: update device-id-cert-tools version
Updated device-id-cert-tools to latest main revision. Added
note about new TOKEN_SERVER_PORT environment variable.
This change is required to bring in recent IAM support added
to device-id-cert-tools.
The optional variable TOKEN_SERVER_PORT allows a custom token server
port to be set in the latest device-id-cert-tools version. This
allows multiple token servers to be run simultaneously, eg for
simultaneous prod and staging API access.
Example service file for prod instance (will use default
certmgmt.TOKEN_SERVER_PORT):
DEVICE_PARAMS=/etc/certmgmt/did-certmgmt-params-prod.json
CLOUD_ENV=staging
EXTRAARGS=--proxy socks5h://10.1.0.1:9443
Example service file for staging instance (will use specified port
18082):
DEVICE_PARAMS=/etc/certmgmt/did-certmgmt-params-staging.json
CLOUD_ENV=staging
EXTRAARGS=--proxy socks5h://10.1.0.1:9443
TOKEN_SERVER_PORT=18082
tas-devops
(repo not present)
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-960_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-959_default.lock.xml
bedrock-devops
(repo not present)
judo-auto-test
---------------------------
Commit: b538f7c
---------------------------
CSNMR-6014: Update channels and params to match updated API spec
judo-cfg-agents
---------------------------
Commit: 6fc259b
---------------------------
CSNMR-5658: Update cfg-agents to match updates to async api spec
* Update license_source to licenseSource to match new spec
* Update environment_source to environmentSource to match new spec
* Update query properties to match api specs
* Update query matching logic as camelCase properties no longer map 1-to-1 onto the snake_case object names
* make connected_device_info camelCase
* make access_point camelCase in test
* make network info camelCase
judo-devops
(repo not present)
judo-rest-api
---------------------------
Commit: 9cc63a4
---------------------------
CSNMR-5658: Update license_source to licenseSource to match api spec update
judo-web-ui
---------------------------
Commit: 825d67d
---------------------------
CSNMR-5658: Update api spec change in v0 UI
The message topic {groupId}/event/cfg/hw/gnss/logging has been changed
to {groupId}/event/cfg/gnss/logging.
---------------------------
Commit: d7675f6
---------------------------
CSNMR-5935: Update Judo web UI to 0.34.0
The recipe files are renamed with the new version and the Artifactory
checksums are updated to match the new zip files.
This version of the web UI has changes in the api specs to match what
was changed in Judo.
The v0 web UI SRCREV is updated to bring in api spec changes for v0.
---------------------------
Commit: 876cf67
---------------------------
CSNMR-5658: python3-judo-rest-api: Update SRCREV
---------------------------
Commit: 7862d44
---------------------------
CSNMR-5658: update judo-cfg-agent SRCREV
mqtt-api
---------------------------
Commit: 94c7618
---------------------------
CSNMR-5968: Update environment_name to environmentName to match updated api spec
tas-devops
(repo not present)
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-959_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-958_default.lock.xml
bedrock-devops
(repo not present)
judo-devops
(repo not present)
tas-devops
(repo not present)
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-958_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-957_default.lock.xml
bedrock-devops
(repo not present)
judo-devops
(repo not present)
manifest-judo
---------------------------
Commit: 4a0c178
---------------------------
CSNMR-5658: Revert last commit to use main branches again
This moves meta-judo and meta-judo-proprietary back to main
branches. With several changes to the asyncapi there may be
a few features not working in the web UI which will get fixed
shortly for main builds.
---------------------------
Commit: 8a91efd
---------------------------
CSNMR-5658: judo-rest-api: update SRCREV
---------------------------
Commit: ea3ef38
---------------------------
CSNMR-5658: judo-api-spec: update SRCREV
---------------------------
Commit: a765405
---------------------------
CSNMR-5658: python3-mqtt-api: update SRCREV
---------------------------
Commit: 7327b09
---------------------------
CSNMR-5658: python3-judo-cfg-agents: update SRCREV
---------------------------
Commit: 84d4270
---------------------------
CSNMR-5658: python3-cfg-mgr: update SRCREV
tas-devops
(repo not present)
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-957_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-956_default.lock.xml
bedrock-devops
(repo not present)
judo-design-docs
---------------------------
Commit: 18f3f96
---------------------------
CSNMR-5192: Add Gen-1.5/1.6 system diagrams
The Gen-2 system is not really relevant today, so replace it with
Gen-1.5 and Gen-1.6 system block diagrams and stop showing Gen-2.
The infrastructure case has been combined with the stand-alone user
case.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: ac6e887
---------------------------
CSNMR-5162: Start removing MCU documentation
The MCU has been removed from the hardware.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: b766910
---------------------------
CSNMR-5162: intro: Updates high level block diagrams
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 06c86c1
---------------------------
CSNMR-5162: example-rst: Fix to work with plantuml-2026.05
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: f59a21d
---------------------------
CSNMR-5162: Update README file
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 9116eef
---------------------------
.gitignore: Ignore PNG files in arch dir
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
judo-devops
(repo not present)
---------------------------
Commit: 1b67e9c
---------------------------
BEDROCK-202: distro: Update version
Now that wrynose LTS branch has been created (heading to 1.0.0), the
version number on main branch well be heading toward 2.0.0.
The code name has also been updated to `bohr` on main (following
alphabetical progression of names of famous physicists).
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
tas-devops
(repo not present)
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-956_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-955_default.lock.xml
bedrock-devops
(repo not present)
judo-devops
(repo not present)
tas-devops
(repo not present)
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-955_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-952_default.lock.xml
bedrock-devops
(repo not present)
cfg-mgr
---------------------------
Commit: 73dd5f3
---------------------------
CSNMR-5658: Update operation names to match spec
judo-api-specs
---------------------------
Commit: ea39be2
---------------------------
CSNMR-5658: Bump API version
---------------------------
Commit: f7f2e39
---------------------------
CSNMR-5658: add reply to all operations with replies
---------------------------
Commit: 3d14d6d
---------------------------
CSNMR-5658: add compatibility anyOfs to sys.yml
---------------------------
Commit: 41fc026
---------------------------
CSNMR-5658: make connected_device_info camelCase
---------------------------
Commit: c1516dd
---------------------------
CSNMR-5658: change event_system_cmd_reset address
---------------------------
Commit: 8dc8ab1
---------------------------
CSNMR-5658: change ctrl_system_cmd_reset address
---------------------------
Commit: 195f911
---------------------------
CSNMR-5658: change ctrl_ota_agent_cmd address
---------------------------
Commit: a7cf80f
---------------------------
CSNMR-5658: change ctrl_check_for_update address
---------------------------
Commit: 3a54b13
---------------------------
CSNMR-5658: rename event_system_reset channel
---------------------------
Commit: a8ccf0b
---------------------------
CSNMR-5658: rename cfg_system_cmd_reset channel
---------------------------
Commit: 2098d25
---------------------------
CSNMR-5658: rename ctrl_sys_snapshot channel
---------------------------
Commit: cdaf71b
---------------------------
CSNMR-5658: rename cfg_ota_agent_cmd channel
---------------------------
Commit: aa10ef0
---------------------------
CSNMR-5658: rename cfg_check_for_update channel
---------------------------
Commit: d57c90d
---------------------------
CSNMR-5658: add compatibility anyOfs to licensing.yml
---------------------------
Commit: 8b5ec8e
---------------------------
CSNMR-5658: make licensing.yml properties camelCase
---------------------------
Commit: d26c231
---------------------------
CSNMR-5658: rename remove_licenses channel
---------------------------
Commit: b24d01b
---------------------------
CSNMR-5658: rename refresh_licenses channel
---------------------------
Commit: a49989b
---------------------------
CSNMR-5658: make environment_name camelCase
---------------------------
Commit: c18118f
---------------------------
CSNMR-5658: change cfg_set_cloud_env address
---------------------------
Commit: b7f1faa
---------------------------
CSNMR-5658: rename cfg_cmd_set_cloud_env channel
---------------------------
Commit: 038d7c3
---------------------------
CSNMR-5658: add compatibility anyOfs to cellular.yml
---------------------------
Commit: 81f18f7
---------------------------
CSNMR-5658: make pin_provided and sim_pin_enabled camelCase
---------------------------
Commit: 89daa6a
---------------------------
CSNMR-5658: change ctrl_cellular_cmd_modem address
---------------------------
Commit: 9d531d2
---------------------------
CSNMR-5658: rename event_cellular_cfg channel
---------------------------
Commit: c09cd18
---------------------------
CSNMR-5658: rename cfg_cellular_cmd channel
---------------------------
Commit: 036dc3e
---------------------------
CSNMR-5658: add compatibility anyOf to uhf.yml
---------------------------
Commit: e93af09
---------------------------
CSNMR-5658: rename cfg_uhf_cmd channel
---------------------------
Commit: 813c8a7
---------------------------
CSNMR-5658: rename payload_event_uhf_cfg channel
---------------------------
Commit: 034fe7d
---------------------------
CSNMR-5658: add compatiblity anyOf to uhg diag enums
---------------------------
Commit: ef3f01a
---------------------------
CSNMR-5658: add compatibility anyOf to net diag enums
---------------------------
Commit: e4cfb41
---------------------------
CSNMR-5658: added note about ctrl_net_diag_connectivity status reply
---------------------------
Commit: 1e076ec
---------------------------
CSNMR-5658: change ctrl_net_diag_connectivity address
---------------------------
Commit: a58f6a7
---------------------------
CSNMR-5658: rename net diag cfg event channel
---------------------------
Commit: bcf730e
---------------------------
CSNMR-5658: rename net diag event channel
---------------------------
Commit: c07f92d
---------------------------
CSNMR-5658: add compatibility anyOf to gnss mgr enums
---------------------------
Commit: aa7eecb
---------------------------
CSNMR-5658: change event_gnss_logging address
---------------------------
Commit: d1c464f
---------------------------
CSNMR-5658: rename event_gnss_logging_cfg to event_gnss_logging
---------------------------
Commit: 794eb5f
---------------------------
CSNMR-5658: rename event_machine_type_cfg to event_machine_type
---------------------------
Commit: 5f28d21
---------------------------
CSNMR-5658: add compatibility anyOf to gnss licenses enum
---------------------------
Commit: 2a17bba
---------------------------
CSNMR-5658: add compatibility anyOf to gnss diags
---------------------------
Commit: cd4c6c2
---------------------------
CSNMR-5658: add anyOf compatibility to cell diags enums
---------------------------
Commit: d97e29e
---------------------------
CSNMR-5658: make all network info properties camelCase
---------------------------
Commit: 6dd3e0f
---------------------------
CSNMR-5658: rename cellular diagnostics channels
---------------------------
Commit: dafdc8f
---------------------------
CSNMR-5658: update can.yml addresses to correct format
---------------------------
Commit: c4a2718
---------------------------
CSNMR-5658: rename cfg_can_setup to event_can_setup
---------------------------
Commit: c50d17b
---------------------------
CSNMR-5658: add string type anyOf to 80211.yml
---------------------------
Commit: 67b5eef
---------------------------
CSNMR-5658: rename property access_points to accessPoints
---------------------------
Commit: 1445d2c
---------------------------
CSNMR-5658: change event_80211_access_points to event_80211_cmd_radio
Renamed event_80211_access_points to event_80211_cmd_radio and reworded
descriptions and titles to be generic for any of the 3 commands.
This brings the 80211_cmd_radio API into the ctrl/event pattern.
Activate and deactivate should eventually respond under event_80211_cmd_radio
as well.
---------------------------
Commit: 7b1389b
---------------------------
CSNMR-5658: change cfg_80211_cmd to ctrl_80211_cmd
---------------------------
Commit: 23526f9
---------------------------
CSNMR-5658: change event_80211_cfg to event_80211_setup_radio
---------------------------
Commit: dc54805
---------------------------
CSNMR-5658: add version modified to 80211 diags
---------------------------
Commit: 88ab9d1
---------------------------
CSNMR-5658: add anyOf to 80211 diags enums
Combined 80211 diags enums with generic string type.
This is now a syntax convention to get backward compatibility.
---------------------------
Commit: 5f6ba9a
---------------------------
CSNMR-5658: add anyOf to statusCode and state enums
Added anyOf with string type to statusCode and state enums.
This allows the validator to pass additions from earlier/later
api spec versions.
judo-cfg-agents
---------------------------
Commit: bab274b
---------------------------
CSNMR-5658: Remove tests for invalid command types
Invalid command types are no longer possible as the command type field
(in messages that have it) is no longer strictly validated against the
enumeration of expected values.
---------------------------
Commit: f878d03
---------------------------
CSNMR-5658: Update operation names to match spec
judo-devops
(repo not present)
judo-rest-api
---------------------------
Commit: 425cfe4
---------------------------
CSNMR-5658: Update operation names to match spec
manifest-judo
---------------------------
Commit: 157cc69
---------------------------
CSNMR-5658: Hold back MQTT API changes
This change must be reverted when Matogen have updated the web UI.
---------------------------
Commit: d0abc87
---------------------------
manifest: Add devops git repos
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
mqtt-api
---------------------------
Commit: 90ed8b0
---------------------------
CSNMR-5658: Remove tests for invalid enum values
Invalid enum values are no longer possible as the value is no longer
strictly validated against the enumeration of expected values.
---------------------------
Commit: 399acfd
---------------------------
CSNMR-5658: Update operation names to match spec
---------------------------
Commit: a04a081
---------------------------
ctlevt_uhf_setup: Fix line endings
The line endings should be LF, not CRLF.
---------------------------
Commit: 35ee8e4
---------------------------
ctlevt_machine_type: Fix line endings
The line endings should be LF, not CRLF.
tas-devops
(repo not present)
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-952_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-951_default.lock.xml
judo-auto-test
---------------------------
Commit: 5e33897
---------------------------
CSNMR-5999 fntest_lib improvements
- Add debug to log listen response from
ping_host requests
- Add generate unique request_id to ping_host
method. This ensures the data for the correct
request is returned for a listen
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-951_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-947_default.lock.xml
cfg-mgr
---------------------------
Commit: 92fcdb3
---------------------------
Fix initial config restore when Zenoh stores an empty payload
Zero-byte persisted cfg files can happen after factory reset but are not
valid JSON. Treat empty or whitespace-only Zenoh state as missing so
BaseCfgEvent uses get_default_config instead of failing in json.loads.
judo-cfg-agents
---------------------------
Commit: 4636380
---------------------------
cfg-mgr: update srcrev hash
---------------------------
Commit: 199816e
---------------------------
CSNMR-4856: Map NM NONE to offline for internetStatus
API spec dropped 'none' in favor of 'offline', celldiags_agent still
emitted 'none' when a WWAN connection was activating. Normalize
ConnectivityState.NONE to offline so event_cellular_network_info passes
schema validation.
judo-rest-api
---------------------------
Commit: 836cb0e
---------------------------
cfg-mgr: update srcrev hash
---------------------------
Commit: bb20a9d
---------------------------
BEDROCK-202: conf: Drop whinlatter from layer compat
Since whinlatter is not a LTS release, there's no need to support it.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: e7235a8
---------------------------
python3-judo-rest-api: update srcrev hash
---------------------------
Commit: cb8ea98
---------------------------
python3-judo-cfg-agents: update srcrev hash
---------------------------
Commit: aa5a130
---------------------------
python3-zenoh-mqtt-bridge: update srcrev hash
---------------------------
Commit: 0c40f9a
---------------------------
python3-cfg-mgr: update srcrev hash
zenoh-mqtt-bridge
---------------------------
Commit: 5b72257
---------------------------
cfg-mgr: update srcrev hash
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-947_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-946_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-946_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-945_default.lock.xml
judo-api-specs
---------------------------
Commit: e9f9a7e
---------------------------
CSNMR-5968: add cfg/event copy-paste template
Added a template-cfg-event.yml with copy-pasteable sections
that adhere to the api conventions.
This is for use if people want it to catch the niggly bits
of the API conventions easily.
---------------------------
Commit: fa6836d
---------------------------
CSNMR-5968: judo-api-spec: update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-945_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-944_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-944_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-943_default.lock.xml
judo-api-specs
---------------------------
Commit: ec8f527
---------------------------
CSNMR-5687: Change the name of radioState to radioConfigOn to better represent what the value represents
---------------------------
Commit: 19f5563
---------------------------
CSNMR-4904: improve UHF API documentation.
Added more verbose descriptions and applicable modes to the UHF api
decsriptions.
Some fields were missing units, and users may need some reminders about
when different fields should be provided.
judo-cfg-agents
---------------------------
Commit: 204d325
---------------------------
CSNMR-5687: Add back radioState variable as a mirror of radioConfigOn to allow backwards compatiblity
---------------------------
Commit: 6d0b711
---------------------------
CSNMR-5687: Ensure that the configured on state matches the detected value or report a state error
---------------------------
Commit: 3ddd0fe
---------------------------
CSNMR-5687: Update variable tracking the configured radio state from radioState to radioConfigOn
---------------------------
Commit: 491542d
---------------------------
CSNMR-5948: Change default signal bars to 0 instead of 5
* The previous default for rssi, 0, is a high value, equivalent to 5 bars. However, when we cannot retrieve diagnostic data about the interface, a better default is 0 bars instead. Setting the default rssi value to the bar 1 threshold achieves this
---------------------------
Commit: 184dd58
---------------------------
CSNMR-5687: judo-api-spec_git: Update SRCREV
---------------------------
Commit: ded20e0
---------------------------
CSNMR-4904: judo-api-specs: update SRCREV
---------------------------
Commit: c00c4f4
---------------------------
CSNMR-5970: Update SRCREV: rust-gnss:
Update rust-gnss to latest SRCREV with the following change:
Update GNSS device handler `event_device_sys_snapshot` (zsnap)
handling.
---------------------------
Commit: c1711c9
---------------------------
CSNMR-5687: python3-judo-cfg-agents_git: Update SRCREV
---------------------------
Commit: 002e241
---------------------------
CSNMR-5948: python3-judo-cfg-agents_git: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-943_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-940_default.lock.xml
judo-api-specs
---------------------------
Commit: ec11b5a
---------------------------
CSNMR-5553: Fix tag on 802.11 operational state
---------------------------
Commit: c8f40dc
---------------------------
CSNMR-5948: judo-api-spec_git: Update SRCREV
---------------------------
Commit: dda55bd
---------------------------
CSNMR-5625: judo-rest-api: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-940_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-939_default.lock.xml
judo-api-specs
---------------------------
Commit: abd67c4
---------------------------
CSNMR-5311: rework base.yml definitions
Added enum definitions that were missing, reworked some command
message wording and removed API contract descriptions from status.
The status message docs were already long and the high level behaviour
is now being documented elsewhere so I took it out and made the
description only about the properties.
---------------------------
Commit: 609627c
---------------------------
CSNMR-5311: judo-api-spec: update SRCREV
---------------------------
Commit: 5aa1565
---------------------------
CSNMR-5290: judo-systemd-env: Expose variant pretty name
This changeset exposes the variant "pretty name" (the contents of
the /mfg/model file) via the systemd environment.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-939_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-938_default.lock.xml
judo-api-specs
---------------------------
Commit: 9a1da36
---------------------------
CSNMR-4856: bump version number
---------------------------
Commit: d8e5031
---------------------------
CSNMR-4856: remove csfb preferred enums from registrationState
---------------------------
Commit: 89ee49a
---------------------------
CSNMR-4856: remove any networkTechnology enum string
---------------------------
Commit: 357f6f3
---------------------------
CSNMR-4856: change internetStatus none to offline
---------------------------
Commit: d2eb8a1
---------------------------
CSNMR-4856: Define Cellular diagnostics fields
Add definitions and corrections to the Cellular API documentation.
Changes include:
* Clarification of internetStatus values (limited, portal, etc.).
* Defining time scope for data_usage fields (current vs. total).
* Descriptions for modem lock states (unlockRequired).
* Definitions for networkTechnology values.
* Definitions for registrationState values.
This commit includes updates to cellular.yml and cellular-diagnostics.yml.
---------------------------
Commit: 0740666
---------------------------
CSNMR-5290: system_properties: Remove suffix from modelPrettyName
The modelPrettyName field now only contains the first part of the
full model name stored in `/mfg/model` (e.g. MP1086), and the
(new) variantPrettyName field contains the full model name
(e.g. MP1086-500).
judo-cfg-agents
---------------------------
Commit: b86e018
---------------------------
CSNMR-4856: cellular_interface: Report "offline" state instead of "none"
The "none" value for internet status is no longer valid, and offline
is the closest valid value.
---------------------------
Commit: 23fad0b
---------------------------
CSNMR-5290: Publish both shortened and full model name
Publishing the shortened model name (e.g. MP1086, MP1087) as well as
the full model name (e.g. MP1086-450, MP1086-500) allows CTCT to use
the shortened model name (published as modelPrettyName) as the
"device type" value they use internally, while still publishing the
original value of modelPrettyName as variantPrettyName.
This changeset also simplifies the retrieval of the shortened model
name by extracting it directly from the systemd environment rather
than getting it from a message published by another agent.
---------------------------
Commit: 9a3d0ab
---------------------------
CSNMR-4856: judo-api-spec: update SRCREV
---------------------------
Commit: b4ce3b4
---------------------------
CSNMR-4856: judo-cfg-agents: update SRCREV
---------------------------
Commit: 3a7946f
---------------------------
CSNMR-5290: python3-judo-cfg-agents: update SRCREV
---------------------------
Commit: d0d9ce1
---------------------------
CSNMR-5290: python3-mqtt-api: update SRCREV
mqtt-api
---------------------------
Commit: 6d2c83d
---------------------------
CSNMR-5683: allow MFG API to set provisioning env
Added an argument --staging to the set device serial number MFG API
command that switches between prod and staging credentials.
Given that everything needed to swap between prod and staging flows from
the cloud params file, it is nice to have a switch. We will use prod by
default unless in a testing situation.
---------------------------
Commit: 7fa826b
---------------------------
CSNMR-5683: update MFG API for new certmgmt
Updated the certmgmt library structure for constants and cli calls.
---------------------------
Commit: 8379019
---------------------------
CSNMR-5683: update device-id-cert-tools in mqtt-api
---------------------------
Commit: d1f93ef
---------------------------
CSNMR-5290: Update tests for variantPrettyName system properties field
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-938_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-936_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 881daaf
---------------------------
Bugfix: Set asyncio and pytest version
* Without this change, the unit tests will throw errors about the
older .get_running_loop()/.get_event_loop()
---------------------------
Commit: 453d7f8
---------------------------
Bugfix: judo-cfg-agents: Adjust SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-936_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-935_default.lock.xml
judo-radio-utils
---------------------------
Commit: a4b8e14
---------------------------
SUMO-353: WiFi CW-Add README, fix error, add --help examples
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-935_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-934_default.lock.xml
---------------------------
Commit: 79f73d9
---------------------------
CSNMR-5056: Remove tcpdump from prod image
The tcpdump utility is only used in dev images, so this changeset
moves it from the packagegroup-judo-base-network package group (which
is installed on all images) to the packagegroup-judo-base-network-tools
package group (which is only installed on dev images).
This changeset also adds an explicit dependency on tcpdump to the
log-network-traffic recipe, as this package uses tcpdump to log
network traffic. The log-network-traffic package is currently only
installed on dev images, so tcpdump should be available anyway,
but the explicit dependency is more self-documenting.
---------------------------
Commit: 43762d3
---------------------------
CSNMR-5056: Include Bedrock debug package in Judo debug package
The Bedrock debug package contains the strace and gdbserver packages,
so including the Bedrock debug package in the Judo debug package
(which is only included in the dev image/bundle) avoids duplicating
the inclusion of these packages and makes the package groups easier
to maintain.
---------------------------
Commit: e0f88da
---------------------------
CSNMR-3764: Disable root login via serial console
Allowing serial console logins is a security risk, and now that the
platform is stable enough to not require serial port logins on a
regular basis, this can be disabled.
It is still possible for developers to allow serial port login on
their devices by accessing their device via SSH and setting the
admin user password using `sudo passwd judo`. When the admin user
password is set this way, it will persist across reboots unless
the `/etc` overlay is cleared by removing the
`/cfg/.overlay-etc/upper` directory or resetting the device to
defaults.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-934_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-933_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-933_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-932_default.lock.xml
cfg-mgr
---------------------------
Commit: 7043bbb
---------------------------
CSNMR-5553: Add key params to the BaseAsyncMonitorEmitter
judo-api-specs
---------------------------
Commit: 71876a9
---------------------------
CSNMR-5553: Add operational state api message
judo-cfg-agents
---------------------------
Commit: cd031d5
---------------------------
CSNMR-5553: Add operational state monitor to IEEE80211 agent
* Monitor both ap and sta interfaces for wifi and halow and report on their individual statuses
* For station, report operational state based on if an ip address is assigned and available to the interface
* For access point, report operational state based on if the host is reported as up and available
---------------------------
Commit: 263b76b
---------------------------
CSNMR-5553: judo-api-spec: Update SRCREV
---------------------------
Commit: f65e4fc
---------------------------
CSNMR-5553: python3-cfg-mgr_git: Update SRCREV
---------------------------
Commit: 86b3dfa
---------------------------
CSNMR-5553: python3-judo-cfg-agents_git: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-932_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-931_default.lock.xml
cellular-utils
---------------------------
Commit: 8fe66d1
---------------------------
CSNMR-5826: Retry modem init after FAILED state with Reset()
If waiting for the modem state timesout with a failed state, issue a
single reset and wait again before failing. This is done to cover the
case where the modem enters a failed state and doesn't recover
automatically causing our cellular stack to go down with it. This is a
last case try before failing out completely and covers a similar case on
SNM941 product where the modem needs a reset every once in a while.
---------------------------
Commit: c0fd238
---------------------------
CSNMR-5826: Add switch_primary_sim_slot
Added a high-level SIM switch flow on top of the SetPrimarySimSlot to
make SIM changes safer. This adds some defensive code that waits for the
modem to re-enumerate, leave its INITIALIZING state, and wait to
reattach its SIM/bearer proxies before returning. This makes SIM
switching operations safer for cellular_agents as the flow ensures the
modem is in a 'ready' state before doing operations to it.
---------------------------
Commit: 4100f9a
---------------------------
CSNMR-5826: Wait for modem readiness before D-Bus
Added defensive code around the modem object that waits for the modem
state to be in the 'ready' state before trying to get or populate its
D-Bus interfaces. This helps make SIM switching transitions, and early
boot operations smoother, as its child D-Bus interfaces might not be
initialized yet, causing errors in upstream consumers like
cellular_agent.
---------------------------
Commit: 330c90d
---------------------------
CSNMR-5826: Use well-known NM connection names
Replaced ICCID based NetworkManager connection names with fixed
well-known names for user sim and internal LDR sim. This simplifies
connection names and allows reuse of the user sim connection profile
across multiple different SIM cards. Also refactored helpers to
centralize updating and deleting connection profiles.
---------------------------
Commit: 7eb2d0d
---------------------------
CSNMR-5826: cellular-utils: Remove LDR Script
The LDR script is now folded into the cellular_agent in judo-cfg-agents.
This allows cellular_agent to have full control of the modem and
centralizes main operations under one agent. The LDR funtionality is
unchanged, simply moved to a new area.
judo-api-specs
---------------------------
Commit: 1246ad5
---------------------------
CSNMR-5826: Add Internal SIM Connected Message
LDR script needs a flag to know when the user sim connected on previous
boot. Adding this as an internal API message that gets published when
the user sim connects. This API is not exposed to the user and is only
meant to be used by the LDR script. This allows all cellular related
information to come from Zenoh data store as a single source of truth.
judo-cfg-agents
---------------------------
Commit: 395a0fc
---------------------------
CSNMR-5826: Move LDR into cellular_agent
Moved LDR flow into cellular_agent so that the agent owns the process of
configuring and bringing the modem online. This also centralizes modem
related scripts and usage, especially around applying Zenoh persistent
config, intensive LDR SIM switching operations, and enable/disable
states.
---------------------------
Commit: ee11f75
---------------------------
CSNMR-5826: pyproject.toml: update cellular_utils srcrev
---------------------------
Commit: 2264532
---------------------------
CSNMR-5826: Simplify CellularAgent with Well-Known Names
Changed NetworkManager config file names to match the SIM card they are
configuring instead of using ICCID names. This removes loops waiting for
the modem to expose the SIM ICCID values and simplifies the user SIM
flow.
---------------------------
Commit: 7c4d4eb
---------------------------
CSNMR-5826: python3-cellular-utils update srcrev hash
---------------------------
Commit: 6bf16e2
---------------------------
CSNMR-5826: judo-api-spec: update srcrev hash
---------------------------
Commit: f4ff3e8
---------------------------
CSNMR-5826: Remove LDR and Config Services
---------------------------
Commit: 11686de
---------------------------
CSNMR-5826: zenoh: add event/internal to NVM
Added an internal LDR flag that is set when the user SIM connects to the
internet. This is an internal API not exposed to the user and used by
the cfg-agent that needs to persist across reboots. Added the
event/internal to persistent memory.
---------------------------
Commit: 0f35fa2
---------------------------
python3-cellular-utils: use externalsrc if set
---------------------------
Commit: 6dd1af9
---------------------------
CSNMR-5826: Move NM connections to /run
---------------------------
Commit: eee9d2d
---------------------------
CSNMR-5826: python3-judo-cfg-agents: update srcrev hash
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-931_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-930_default.lock.xml
---------------------------
Commit: 456dee6
---------------------------
CSNMR-5980: Update web UI to 0.32.0
The web UI recipes are renamed to bring in the new version. The Artifactory
checksums are updated to match.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-930_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-929_default.lock.xml
bedrock-design-docs
---------------------------
Commit: d8c71b7
---------------------------
BEDROCK-186: Remove references to poky
The poky combo git repo has been deprecated and should no longer be
used or referenced.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
judo-api-specs
---------------------------
Commit: eaa9667
---------------------------
CSNMR-5970: fix event sys_snapshot examples
Fix zsnap sys_snapshot event `event_device_sys_snapshot`
examples to use the correct base_event_status fields.
judo-design-docs
---------------------------
Commit: 16667d3
---------------------------
CSNMR-5921: Fix inline Dockerfile/Containerfile rendering
---------------------------
Commit: 174c25c
---------------------------
CSNMR-5970: judo-api-specs: Update SRCREV: fix event_device_sys_snapshot
Update SRCREV for event_device_sys_snapshot Judo API compliancy.
mqtt-api
---------------------------
Commit: 3276e9a
---------------------------
SUMO-229: add MFG API control of halow TX filter
Added halow-uhf-rf-path-ctl based control of the halow TX filter
and uhf/halow sharing circuit to MFG API.
We need this on the line. It duplicates some calls from the RX filter
command in order to get more specific naming.
---------------------------
Commit: 9915230
---------------------------
SUMO-230: add MFG API command to set Halow RX filter
Added calls to halow-uhf-rf-path-ctl to make a MFG API tool for
setting Halow RX filter state.
Filters are named in terms of reference designator to be easily
readable with the test spec and schematic.
---------------------------
Commit: 2022391
---------------------------
SUMO-464: add disable before MFG API phoenix break response
Added a call to set mode: DISABLED on phoenix before going for a
break response.
This kills any phoenix-handler processes the the uhf agent may
have running, and ensures that the phoenix radio is in a mode
that can respond to breaks.
Now that phoenix rssi involves a config publish, it is no longer
guranteed that the radio is in command mode or that the uhf cfg
agent is dormant.
---------------------------
Commit: b45ba93
---------------------------
SUMO-466: add MFG API command for phoenix rssi
Added a command get_phoenix_rssi to mp1010-mfg-api.py. Added classes
SetupUhfCfgEvent and UhfDiagsEvent to the API controller.
We need to read phoenix CW strength on the line. Currently phoenix-handler
publishes diags directly as opposed to using the metadata file, so going
through the uhf cfg-agent is easiest.
Phoenix needs to be set back to disabled after the rssi because run mode
stops the board from responding to breaks (which is our serial port test).
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-929_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-928_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-928_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-927_default.lock.xml
judo-api-specs
---------------------------
Commit: d5d3de8
---------------------------
CSNMR-5791: Update API spec so all installed apps are put into persistent zenoh store
* Adjust event_appfs_cfg to ensure cfg message is retained over reboot
* Adjust AppFS API configuration status, and descriptions/wording
* Add extra cfg fields to cfg_appfs payload, and examples
judo-cfg-agents
---------------------------
Commit: 1653a17
---------------------------
CSNMR-5791: Implement AppFS manager and configuration agent
* Separate CAN bridge and Utils.py files for readability.
* Add in auto tests for Agent, Manager, CAN Bridge and Utils.
* Add podman to cfg-agents dependency.
* Runs these applications as rootless containers, with
reduced privileges.
* Add in default enablements for conatiners (CAN, ethernet
serial)
* Updating application that is running will be stored as a
pending update.
* Uses operational state to show status, separate to diagnostics.
* Listens to reset to defaults, will clear out everything on
'factory' reset. No behaviour for normal reset to defaults.
* CAN bridge always setup and torn down between container sessions,
will keep network interfaces relatively clean.
* Uses basic package verification, still needs to incorporate
signing.
* Saves installed applications and per-app configurations in
Zenoh persistent data store.
* Operational state reports out OPERATIONAL only if all apps
started without issue and podman socket is active.
* Uses thread worker for Lifecycle commands, and factory reset.
judo-design-docs
---------------------------
Commit: 689c062
---------------------------
CSNMR-5921: Update and refactor Judo design docs for AppFS contract
* Appfs refactor, explain use case and workflow.
* Added UML diagrams for development processes.
* Added new architecture diagram for how system looks.
* Change AHA links to one single link of all requirements.
---------------------------
Commit: 1683e76
---------------------------
CSNMR-5254: Add eth_2we_2 to WAN_IFACE for masquerade
CSNMR-4191 turned eth_2we_2 into a DHCP-client uplink with RouteMetric=0
but did not update the firewall zones. Because eth_2we_2 was still in
LAN_IFACE, the postrouting masquerade rule never fired for traffic
exiting that interface, so downstream-connected devices (EC520, TD540,
etc.) could not reach the internet when 2WE_2 was the active uplink.
Move eth_2we_2 to WAN_IFACE so postrouting masquerades correctly. The
static 192.168.23.1/24 address on this port is preserved; inbound
unsolicited traffic to it is now subject to standard WAN treatment
(established/related only).
---------------------------
Commit: 900a65f
---------------------------
CSNMR-5791: judo-api-spec: Adjust SRCREV
---------------------------
Commit: 2b6853b
---------------------------
CSNMR-5791: Adjust podman graphroot location for root/rootless users
* Add podman .conf files so that the graphroot storage location is rw-able
---------------------------
Commit: 116f925
---------------------------
CSNMR-5791: Enable linger for 'judo' user via adminuser.bbappend
* This is needed for rootless containers to keep systemd --user
services running when ssh sessions close.
* Add 'judo' user to dialout group, to enable use of serial devices
outside and inside rootless containers.
---------------------------
Commit: b2714c0
---------------------------
CSNMR-5791: judo-cfg-agents: Adjust SRCREV, Add Appfs Agent
* Introduce python podman package dependency
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-927_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-926_default.lock.xml
judo-api-specs
---------------------------
Commit: 7b91bc8
---------------------------
CSNMR-5414: Fix sys_snapshot event
ctrl_sys_snapshot --> event_device_sys_snapshot
to be Judo API compliant.
state --> status using common base_event_status
state=register --> status=IN_PROGRESS
state=complete --> status=SUCCESS_COMMAND_EXECUTED
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-926_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-925_default.lock.xml
cfg-mgr
---------------------------
Commit: bb96811
---------------------------
CSNMR-5963: Lower logging level for license validator messages to avoid clobbering logs
judo-auto-test
---------------------------
Commit: 49319c5
---------------------------
CSNMR-5896 Manufacturing topics changed in mqtt_constants.py
---------------------------
Commit: eddd619
---------------------------
CSNMR-4570: Add default route metric for halow0-sta
* The set metric, 800, will prioritize wifi and cell connections over halow if both are available
---------------------------
Commit: f315c2b
---------------------------
CSNMR-4570: Add default route metric for wifi0-sta
* The set metric, 600, will prioritize wifi connections over cell/halow connections if both are present and set as default (cell defaults to 700 metric)
* The metric will still be higher than wired interfaces, prioritizing wired connections over wireless
---------------------------
Commit: 894ad87
---------------------------
CSNMR-5963: python3-cfg-mgr_git: Update SRCREV
yocto-docs
---------------------------
Commit: d7376cca6
---------------------------
contributor-guide: fix type "maintainance" to "maintenance"
Correct "maintainance" typo in recipe-style-guide.rst.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c7166b77d
---------------------------
migration-guide: add release notes for 5.3.4
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 39ef57628
---------------------------
migration-guide: add release notes for 4.0.35
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 4b6e84394
---------------------------
release-note-6.0: update several section
update several section to align with
https://downloads.yoctoproject.org/releases/yocto/yocto-6.0/RELEASENOTES
remove fixed known issue, add another on going known issue.
update for sbom-cve-check, spdx and DISTRO_FEATURES changes.
reorder new variable section.
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 4d51b6dd4
---------------------------
release-note-6.0: update downloads section
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: a490142fd
---------------------------
ref-manual/variables: document the 'dynamic layer' concept
This patch documents the "dynamic layer" concept for BBFILES_DYNAMIC.
While not previously in the manual, this is an informal convention
widely used in major layers such as meta-intel, meta-ti, and meta-freescale
to name directories containing conditional content.
[YOCTO #15713]
Signed-off-by: Minwoo Choi <mw.choi@telica.co.kr>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 65088fb1f
---------------------------
overview-manual: add a few more basic Git commands
To the Git basic commands section, add:
- git grep
- git clean
- git reset
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 1d5f0fea4
---------------------------
overview-manual: fix "checkout" versus "check out"
As with "setup" versus "set up", the pedants at grammarist.com explain
that "checkout" is used as a noun or adjective, while the
corresponding verb is two words, "check out."
https://grammarist.com/spelling/checkout-check-out/
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 72f7bd71e
---------------------------
ref-manual: replace "naive" with "simple"
Replace the word "naive" as it potentially comes across as a bit
patronizing.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ffd69f111
---------------------------
What I Wish I'd KNown: Various pedantic cleanups
Tweaks:
- Update "Software Overview" link to go to "Technical Overview"
- use proper capitalization for "Git" when referring to the product
- numerous grammar adjustments to basic skills list
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 801f71945
---------------------------
"Transitioning ..." doc: Various pedantic cleanups
Tweaks:
- grammer adjustments
- hyphenation
- monospace font for layer and file names
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: aaea33345
---------------------------
Quick Build guide: Various pedantic cleanups
Tweaks:
- remove unnecessary capitalization
- add appropriate hyphenation
- insert missing word "to"
- fix incorrect link to point to raspberrypi5,
not beaglebone
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: e33ead9d2
---------------------------
YP Quick Build: use "set up" as a verb
Pedantically speaking, the difference between "setup" and "set up" is
explained here:
https://grammarist.com/spelling/set-up-vs-setup/
- "setup" is one word when used as a noun
- "set up" is two words when it functions as a verb
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 94ebe744d
---------------------------
YP Quick Build: delete extraneous periods in list
Delete inconsistent periods in software versions list so it doesn't
look weird.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 7a9247175
---------------------------
yp-intro.rst: add link to "buildbot"
When referring to buildbot, add a link to its home page.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 5b4ffc020
---------------------------
yp-intro.rst: delete really old references
There seems to be be little value in continuing to point readers to
two references, one almost a decade old, the other almost 15 years
old, especially in the middle of a guide that ostensibly is part of
the introductory material.
Signed-off-by: Robert P. J. Day <robday@acresecurity.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0143b5865
---------------------------
index.rst: update "Software Overview" to "Technical Overview"
Fix the title and link so it goes directly to the
Technical Overview.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0360de719
---------------------------
ref-manual: variables: add hyphen to "space separated" and "auto generated"
So we're consistent with the rest of the docs.
Fixes: c34bfa05cc10 ("ref-manual/variables.rst: document the SPDX_PACKAGE_URLS variable")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 28ee5d89a
---------------------------
ref-manual: variables: add hyphen to "space separated"
So we're consistent with the rest of the docs.
Fixes: c7925d14afd2 ("ref-manual/variables.rst: document the SPDX_GIT_PURL_MAPPINGS variable")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: cb58cebf6
---------------------------
ref-manual: fragments: fix style inconsistencies
Remove spurious whitespace before end-of-sentence dot.
Align conjugation at the start of each item in the list.
Fixes: 51162cd20d7a ("ref-manual: document the sbom-cve-check class, fragment, and variables")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 2971c98e9
---------------------------
ref-manual: fix "include to" grammar for UKI_DEVICETREE
Fix grammar, we should say "include in smth" instead of "include to
smth".
Fixes: 542a5f454cee ("ref-manual/variables.rst: document the UKI_DEVICETREE variable")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: e7151ef31
---------------------------
ref-manual: classes: add missing "task" after create_recipe_sbom
create_recipe_sbom is a task and since we don't document it yet, it can
be quite confusing without explicitly saying it's a task (also the
wording is odd by prefixing the word with "the").
Specify create_recipe_sbom is a task.
Fixes: 51162cd20d7a ("ref-manual: document the sbom-cve-check class, fragment, and variables")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 8093dbc4e
---------------------------
migration-guides: release-notes-6.0: fix typo in documentation changes
The list contains multiple version*s* so fix the missing s suffix of the
plural form.
Fixes: 8a29e23d144e ("migration-guides: update 6.0 (Wrynose) release notes")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f1700e0f3
---------------------------
migration-guide: migration-6.0: fix typos in cve-check removal
s/annonated/annotated/
Replace "add back" with "bring back" which (to my ears/eyes) sounds
better.
Fixes: 8572a9e780f2 ("migration-guides/migration-6.0.rst: add migration notes on cve-check removal")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 93dbd9ba7
---------------------------
migration-guides: migration-6.0: fix grammar and missing word
Replace "previous" with "previously" so it makes sense.
Add missing "inherited" to specify how to build an image recipe "with
this class".
Fixes: 8a29e23d144e ("migration-guides: update 6.0 (Wrynose) release notes")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 3d94a97e0
---------------------------
migration-guides: migration-6.0: reword meta-poky templates removal
"Duplicating themselves but mostly similar" is an oxymoron.
The second part of the diff fixes syntax by removing "there are" after
"between".
Fixes: 8a29e23d144e ("migration-guides: update 6.0 (Wrynose) release notes")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f904bc0fb
---------------------------
ref-manual: classes: fix https:// prefix missing in anonymous reference
By failing to prefix the URL with https://, it makes the anonymous
reference a link relative to the "parent link". In other words, it
renders the link as
https://docs.yoctoproject.org/wrynose/ref-manual/github.com/bootlin/sbom-cve-check
instead of https://github.com/bootlin/sbom-cve-check.
Add https:// prefix to the URI so it's properly handled.
Fixes: 51162cd20d7a ("ref-manual: document the sbom-cve-check class, fragment, and variables")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f26010466
---------------------------
migration-guides: fix https:// prefix missing in anonymous reference
By failing to prefix the URL with https://, it makes the anonymous
reference a link relative to the "parent link". In other words, it
renders the link as
https://docs.yoctoproject.org/wrynose/migration-guides/dashboard.yoctoproject.org/releases.json
instead of https://dashboard.yoctoproject.org/releases.json.
Add https:// prefix to the URI so it's properly handled.
Fixes: 8a29e23d144e ("migration-guides: update 6.0 (Wrynose) release notes")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-925_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-924_default.lock.xml
judo-radio-utils
---------------------------
Commit: 621f17a
---------------------------
SUMO-352: Fix errors, arg bounds checking, error responses, and review findings
---------------------------
Commit: d06cbdc
---------------------------
SUMO-352: Fix default binary images for Halow module
---------------------------
Commit: 4fb224f
---------------------------
SUMO-352: Add Halow antenna sharing setup
---------------------------
Commit: f2c2501
---------------------------
SUMO-352: Add firmware upload progress
---------------------------
Commit: f122c65
---------------------------
SUMO-352: Simplified how the scripts work
---------------------------
Commit: c69b499
---------------------------
SUMO-352: Get Halow EVK complaince scripts to work on Sumo
---------------------------
Commit: ecdcbc7
---------------------------
SUMO-282 First stab at Halow CW tool
The code has been tested with an Ubuntu box talking to a dev board.
Then, the code was adapted to running on a Sumo, and the bedrock file system
layout, by moving some files around, and changing the import statements.
The code has been tested on a Judo to at least make sure that the imports
are working correctly, etc. But, for a full test of the script, we are
waiting for the Sumo hardware.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-924_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-923_default.lock.xml
manifest-judo
---------------------------
Commit: ced3d12
---------------------------
docker: Ensure ARTIFACTORY creds are passed into container
Moving ARTIFACTORY_WEBUI_USR and ARTIFACTORY_WEBUI_TOK
out of the docker-compose.bamboo.yml file and added to
the docker-compose.yml file. This is passed into build
and build-ci containers.
The run-build.sh script was also not passing the variables for all
containers.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 571d7fc
---------------------------
initrd: Update hostname lookup table for ci rpis
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 645337d
---------------------------
CSNMR-5938: Remove temurin-jdk-17 recipe
We no longer need it.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: a2a2366
---------------------------
CSNMR-5938: Add bamboo user to plugdev group
In order for `bamboo` user to be able to use the `usbsdmux` tool
(without root perms), it needs to belong to the `plugdev` group.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: e3c9f76
---------------------------
CSNMR-5938: Update bamboo-agent
Trimble E-Tools is upgrading Bamboo and starting on May 16, bamboo
agents must use Java 21 or they will no longer work.
This also changes where we fetch the bamboo agent since the E-Tools
server refuses to allow us to download older versions of the files.
Downloading from a specific URI multiple times does not gaurantee the
exact same file (hash changes which will break Yocto builds).
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 7985893
---------------------------
CSNMR-5938: temurin-jdk-21: Update to latest version
Update from 21.0.6+7 to 21.0.11+10.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: a856704
---------------------------
CSNMR-5938: judo-web-ui: Move artifactory check to bbclass
Multiple recipes will need to check that the artifactory credentials are
setup in the environment, so move that to a bbclass to avoid duplication
of the implementation.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: b82f795
---------------------------
CSNMR-5931: packagegroup-judo-ci-base: Add usbsdmux to image
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 531ec8b
---------------------------
CSNMR-5931: Add python3-usbsdmux recipe
The python3-usbsdmux_25.08.bb recipe file was copied from
https://github.com/labgrid-project/meta-labgrid to avoid pulling in the
meta-labgrid layer just for a single recipe.
In the future, we could use the meta-labgrid layer if there are other
things we want to leverage from there, but we don't need anything else
right now.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 6ddf90c
---------------------------
CSNMR-5931: ci udev: Add 90-rpi-ci-gpio.rules file
The bamboo agent needs to be able to control the gpio lines on the ci
rpi device, so just make the gpio device files R/W for all users and
groups. There's no need to restrict who on the rpi device can control
the gpio pin.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-923_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-922_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-922_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-921_default.lock.xml
judo-api-specs
---------------------------
Commit: d257ecc
---------------------------
SUMO-631: add "rtc" to MFG API module presence test enum
Added "rtc" to req_mfg_module_presence_test enum.
This is to support a basic I2C functionality check on the line.
---------------------------
Commit: 64185aa
---------------------------
SUMO-617: add MFG API for bgapi base serial port test
Added req|resp_mfg_ble_bgapi_command APIs to manufacturing.yml.
---------------------------
Commit: f57bf2d
---------------------------
SUMO-627: add gnss_pps_cpu to MFG API wait gpio
judo-cfg-agents
---------------------------
Commit: 1dd4d60
---------------------------
SUMO-617: add MFG API serial port test for ble bgapi
Added a serial port test (system.hello()) the MFG API that works with
the bgapi firmware on the Lyra24P.
The system.hello() call sends 4x bytes over serial and expects a specific
4x bytes back. With this exercise we can check that the serial port is
functional without coupling in more hardware/software.
---------------------------
Commit: 43c0166
---------------------------
SUMO-631: add MFG API support for RTC presence test
Added "rtc" module and expected sys path to the device.
We need a way to prove the I2C interface is working on the line.
---------------------------
Commit: bb3dbf5
---------------------------
SUMO-225: make mfg_mode run on default mqtt lock state
Removed enable_external_mqtt command from the system control agent
response to mfg mode being set.
Now that the default state of mqtt lock is to be locked, when setting
mfg_mode on the device we reboot ourselves. Using the locked state in
the client prevents the reboot and is the long term plan anyway.
The manufacturing API client is set up to use mqtts/port 8883 already,
just need to set some default args.
---------------------------
Commit: c40cf2d
---------------------------
SUMO-627: add GNSS_PPS_CPU to MFG API wait gpio
---------------------------
Commit: 71713e8
---------------------------
SUMO-225: update judo-api-specs SRCREV
---------------------------
Commit: 78cc1d8
---------------------------
SUMO-225: update mqtt-api, judo-cfg-agents SRCREV
mqtt-api
---------------------------
Commit: b4b1048
---------------------------
SUMO-617: add lyra24p_serial_interface_test to MFG API
Added a new lyra24p_serial_interface_test command to mp1010_mfg_api.py
and ble_bgapi_command request class to the controller.
The naming pivots to lyra24p here because BEI already have firmware
commands with that naming. The plan is to keep it or change all at
once to "ble" with a separate commit.
---------------------------
Commit: c41fd48
---------------------------
SUMO-631: add rtc option to MFG API module presence test
Added rtc option to module presence test.
This will support a RTC I2C functionality check for the line.
---------------------------
Commit: 7503e58
---------------------------
SUMO-622: add Lyra24P carrier wave transmit command to MFG API
Added a call to our bgapi test script mp10xx-bt-test.py to allow CW transmit
on the line.
---------------------------
Commit: 1b79c91
---------------------------
SUMO-620: add SWD Lyra24P programming tools to MFG API
Added simplicity commander flash commands for trimble and standard si
compliance bootloader/firmware files.
The line needs a way to swap between trimble and compliance firmware on
the sumo main board fixture.
---------------------------
Commit: 14f99ee
---------------------------
SUMO-617: add Lyra24P debug interface test to MFG API
Added the Simplicity commander cli device info command to MFG API.
We want simple interface tests before exercising this interface for
more complicated things, eg flashing firmware.
---------------------------
Commit: 2fa8ceb
---------------------------
SUMO-627: add gnss_pss_cpu wait GPIO to MFG API
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-921_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-920_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-920_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-919_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-919_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-918_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-918_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-917_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 19fc358
---------------------------
CSNMR-5743: Add data logging in MS
Add Support for data logging in the external MS by tying the
MS and BD logging settings together. Configuring logging in the
v0 page will work on both receivers.
judo-hs-sign
---------------------------
Commit: fd28112
---------------------------
SUMO-450: Add Sumo secure-boot OTP images
Verified the images here match the 'golden' SD-cards used to
program the Sumo EVT-build units.
---------------------------
Commit: ec9546d
---------------------------
SUMO-628: Revert GNSS PPS to a GPIO
Manufacturing line expects to be able to test the PPS signal from
Stella as a GPIO, remove the PPS driver/configuration from the
DeviceTree so it will go back to being a GPIO.
Leave the actual PPS configuration to whenever that becomes a
feature we need to work on, and can update the manufacturing
testing then.
---------------------------
Commit: 026dded
---------------------------
CSNMR-5743: judo-cfg-agents: Update SRCREV Add data logging to MS
Update SRCREV for adding data logging in MS.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-917_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-916_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-916_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-915_default.lock.xml
judo-api-specs
---------------------------
Commit: dfc124c
---------------------------
CSNMR-5916: Update entitlement enum list
judo-cfg-agents
---------------------------
Commit: beef950
---------------------------
CSNMR-5916: Add new High GSOF feature id and implement check in gnss mgr
* This entitlement enables high gsof messages without requiring a lease
---------------------------
Commit: 39a1dbf
---------------------------
CSNMR-5916: judo-api-spec_git: Update SRCREV
---------------------------
Commit: bcf2a15
---------------------------
CSNMR-5916: python3-judo-cfg-agents_git: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-915_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-914_default.lock.xml
judo-api-specs
---------------------------
Commit: c877aa3
---------------------------
CSNMR-5789: Enable logging of IMU data
Enable GNSS logging of sensor data.
judo-cfg-agents
---------------------------
Commit: b1a2dc4
---------------------------
CSNMR-5789: Add log sensor data
Add log sensor data capability to GNSS logging.
judo-web-ui
---------------------------
Commit: 8ea5a32
---------------------------
CSNMR-5789: Add log sensor data
Add log sensor data capability to GNSS logging
---------------------------
Commit: fdad2d1
---------------------------
CSNMR-5789: judo-web-ui: Update SRCREV Add log sensor data
Add log sensor data capability to GNSS logging.
---------------------------
Commit: 91acd56
---------------------------
CSNMR-5789: judo-cfg-agents: Update SRCREV Add log sensor data
Add log sensor data to GNSS logging.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-914_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-913_default.lock.xml
judo-auto-test
---------------------------
Commit: 8782c32
---------------------------
CSNMR-5860 Correlate publish_and_verify with device refId
- Generate a UUID refId per call, merge refId into
the JSON publish, poll the subscribe topic until
a message matches refId then assert
SUCCESS_CONFIG_APPLIED; fail on timeout or bad
status.
judo-rest-api
---------------------------
Commit: 091350d
---------------------------
CSNMR-5625: Disable patch service when there is no developer entitlement
Add entitlement_status.py to check for entitlements. This sends a message
to query for a developer entitlement. The class receives a response and returns
the value to the caller. A corresponding test_entitlement_status.py unit test
is added.
The file patch_service.py is modified to check for a developer
entitlement when the patch service is called. If the entitlement
is missing, a 403 is returned.
Since both the websocket and patch_service need zenoh services, the ZenohHandler
class is moved to its own file and dependencies in other files are updated.
In websocket.py the WebZenohHandler is replaced with ZenohHandler because of
this change to use common code.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-913_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-912_default.lock.xml
judo-rest-api
---------------------------
Commit: c9fac28
---------------------------
CSNMR-5915: Harden rest-api DB startup when schema is incomplete
Verify required tables exist in the rest-api database at startup; if any
are missing, recreate the database and apply defaults. This addresses a
rare crash we saw—possibly after reset-to-defaults removed the DB and
creation was interrupted, leaving an incomplete schema.
Add try/except around the startup path so a bad DB state does not take
down the whole judo-rest-api process.
Individual REST endpoints were left unchanged: once the DB is valid they
should not hit this failure mode, and endpoint errors would not crash the
service the way startup failures would.
---------------------------
Commit: 635433b
---------------------------
CSNMR-5915: judo-rest-api: Update SRCREV
---------------------------
Commit: ca81afd
---------------------------
SUMO-622: put lyra24p cw tools in all bluetooth builds
Removed the compliance distro condidtion on installing bluetooth-lyra24-cw.
This tool is needed on the line.
---------------------------
Commit: d711c5d
---------------------------
SUMO-234: add Sumo pcb-info symlinks to /mfg/pcb-info
---------------------------
Commit: d86d29b
---------------------------
SUMO-230: update mqtt-api SRCREV
---------------------------
Commit: 76106e0
---------------------------
SUMO-622: add absolute paths for trident compliance test.env
Added modifications to the base test.env file to add absolute paths
to the xapi docs.
With the old path, you had to run the script from the bluetooth-cw
directory or the path would be broken. Working with this tool inside
a general script is easier if you can call from anywhere.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-912_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-911_default.lock.xml
scabbard-judo
---------------------------
Commit: 4ea0729
---------------------------
bugfix/CSNMR-5914 Fixed Valgrind warnings and errors by fixing some variable initialization problems
sword
---------------------------
Commit: ad39b24
---------------------------
CRFW-153 : remove the 0 check
---------------------------
Commit: 095beba
---------------------------
CRFW-153 ensure invalid length in trailer is flagged
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-911_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-909_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 3cd775e
---------------------------
CSNMR-5575: Fix refId in GNSS MachineType
Move refId out of 'cfg' in GNSS MachineType config event
so that Judo API compliant.
manifest-judo
---------------------------
Commit: a5d7d82
---------------------------
CSNMR-5925: Update branches to create on smoke/
Create new bamboo plan when `smoke/` branch name is
uploaded to bitbucket
Signed-off-by: Brady Hill <brady_hill@trimble.com>
---------------------------
Commit: af87d60
---------------------------
CSNMR-5925: Add sourceable helper for skipping job
- require_smoke_or_release_branch: exits 0 unless
the triggering branch (bamboo_planRepository_branchName)
starts with `smoke/` or `release/`.
- require_test_core_image: exits 0 unless TEST_CORE_IMAGE
is exactly "true". Any other value, including unset,
causes the job to skip.
Both helpers exit the parent shell with status 0 so Bamboo
marks the job as successful (skipped, not failed). Variables
are read with `:-` defaults so the helper is safe under
`set -u` (used by upload-firmware-bundle).
Signed-off-by: Brady Hill <brady_hill@trimble.com>
---------------------------
Commit: 5fb2d6c
---------------------------
CSNMR-5575: judo-cfg-agents: Update SRCREV Fix refId
Fix refId in machine type cfg event to be Judo API compliant.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-909_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-908_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-908_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-907_default.lock.xml
mqtt-api
---------------------------
Commit: 24fc8cd
---------------------------
SUMO-464: add phoenix break response command to MFG API.
---------------------------
Commit: e58e29c
---------------------------
SUMO-226: add nUHF_PWR_FAULT to MFG wait gpio
---------------------------
Commit: cbf4dec
---------------------------
SUMO-234: add psu and sim boards to MFG API SN set
---------------------------
Commit: 1f74569
---------------------------
SUMO-239: add set red led command to MFG API
---------------------------
Commit: 9f4b0ae
---------------------------
SUMO-231: add WIFI_BLE_SW toggle to MFG API
---------------------------
Commit: a8dd02e
---------------------------
SUMO-464: add UHF_PWR_EN set command to MFG API
Added set_uhf_pwr_en to MFG API for Sumo phoenix support.
---------------------------
Commit: 412a0de
---------------------------
SUMO-230: implement combined set_gpio MFG API
Removed references to old set_tr49_vcc_en, set_ext_tcxo and
set_green_led apis and added new set_gpio api.
The generalised set gpio api reduces bloat at the api spec
and agent layers. The outward facing MFG API commands are
unchanged to keep the intuitive argument names and avoid
changes to the test spec/fixture code.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-907_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-906_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-906_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-904_default.lock.xml
judo-api-specs
---------------------------
Commit: 0bb08be
---------------------------
CSNMR-5638: Move urlPrefix and proxy to history array in service/summary
In net-diagnostics.yml the event_net_diag_service_summary channel is changed
so that the urlPrefix and proxy fields are moved into the history array.
This gives better visibility on each request because agents can use a
different url and proxy on each request.
It is expected that clients such as the web UI are only printing this
structure to view, so the change will not require adjustments on the
client.
---------------------------
Commit: 7951f0b
---------------------------
SUMO-231: add WIFI_BLE_SW to set gpio enum
---------------------------
Commit: cab356e
---------------------------
SUMO-226: add uhf_pwr_fault to wait GPIO labels
---------------------------
Commit: 4a69bad
---------------------------
SUMO-234: add psu and sim boards to MFG API SN set
---------------------------
Commit: fe1e646
---------------------------
SUMO-239: add LED signals to MFG API set gpio
---------------------------
Commit: c9ad0ce
---------------------------
SUMO-464: add UHF_PWR_EN to MFG API set gpio
---------------------------
Commit: c82f59a
---------------------------
SUMO-230: combine MFG API set gpio api specs
Combined API specs for set_green_led, set_tr49_vcc_en and set_ext_tcxo
into a generic set_gpio api spec.
These set gpio commands are largely identical in requirements and
function. Sumo is going to add many new gpio commands which will
make copy paste bloat with the current pattern.
Using net names directly in the enum instead of making labels means we
don't need a mapping variable in the agent (which would need to updated
every time we add a net). Net names are also the names the CM has
documentation for (schematics) and is familiar with.
judo-cfg-agents
---------------------------
Commit: 4f1290b
---------------------------
CSNMR-5638: Move urlPrefix and proxy to history in service/summary
In diags-agent/service_connectivity.py the urlPrefix and proxy fields
are moved into the history array to match the updated asyncapi spec.
This gives better visibility on each request because agents can use a
different url and proxy on each request.
---------------------------
Commit: 6069ff7
---------------------------
SUMO-226: add nUHF_PWR_FAULT to MFG API wait gpio
---------------------------
Commit: 07c0e5f
---------------------------
SUMO-230: combine MFG API gpioset commands into set_gpio
Combined set_ext_tcxo, set_tr49_vcc_en and set_green_led into a single
processor/handler pair. Added a service active check and extensible
prereqs variable for per-gpio requirements.
Sumo will add many more set gpio commands creating a general handler
/processor will save bloat. A service active check was added to provide
some feedback if a request is made for a gpio that does not exist (eg
a gpio only present on one MP device). This is sufficient handling for
the mfg devs.
---------------------------
Commit: 2a75574
---------------------------
CSNMR-5638: judo-api-specs: Update SRCREV
---------------------------
Commit: 9413765
---------------------------
CSNMR-5638: judo-cfg-agents: Update SRCREV
sword
---------------------------
Commit: ac300fe
---------------------------
CRFW-149 fix buffer overflow issue, inc sword buffer to match suhf_driver
---------------------------
Commit: 3ce6277
---------------------------
CRFW-149 remove redundant packet length check in sword.c
---------------------------
Commit: bace0bb
---------------------------
CRFW-149 ensure to check lengths, consistantly before copying
---------------------------
Commit: 8647b3c
---------------------------
Changes requested by reviewers
---------------------------
Commit: 0286921
---------------------------
Made changes on advice from copilot to stop overwriting stack and fix valgrind errors of using uninitialised data
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-904_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-903_default.lock.xml
judo-auto-test
---------------------------
Commit: 1bb0cab
---------------------------
CSNMR-5662 Implement HW 802.11 Radios
---------------------------
Commit: 617d679
---------------------------
CSNMR-5801: judo-api-spec: Update SRCREV, .inc; judo-web-ui: Update SRCREV
---------------------------
Commit: 610f6bc
---------------------------
CSNMR-5791: Adjust podman storage configuration to use the overlay fs instead of vfs(podman default)
---------------------------
Commit: 9ebe27f
---------------------------
CSNMR-5791: Create podman python3 package for use in AppFS Agent
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-903_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-902_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-902_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-901_default.lock.xml
bitbake
---------------------------
Commit: a2dd9be78
---------------------------
fetch2/crate: use CDN endpoint for version checking if possible
If the crate host is crates.io then we can fetch the index for the crate
from index.crates.io instead of hitting the API. This is the
recommended way to do automated checks and means we don't break the data
access policy[1] by not setting an explicit User-Agent.
[1] https://crates.io/data-access
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d1f775f26
---------------------------
fetch2/crate: use CDN for fetching crates
This avoids the 1 req/sec that the API has.
Reference: https://github.com/rust-lang/crates.io/issues/13482
Reference: https://blog.rust-lang.org/2024/03/11/crates-io-download-changes/
Signed-off-by: Johan Anderholm <johanam@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
cfg-mgr
---------------------------
Commit: 0ef7020
---------------------------
CSNMR-5897: Add key parameters to default config
For agents that manage parameterised topics, need those parameters
for generating a valid 'default config'.
judo-cfg-agents
---------------------------
Commit: a3ce80e
---------------------------
CSNMR-5897: update cfg-mgr revision to test against
---------------------------
Commit: fed098a
---------------------------
Bugfix: ieee80211_diags: standardise error logging
Include stdout and stderr from all failed commands, and log them
all at error level.
---------------------------
Commit: 0f3fe6c
---------------------------
Bugfix: ieee80211_diags: Compile regexes before use
Compiled regexes are much more efficient to use.
---------------------------
Commit: 23571ba
---------------------------
CSNMR-5897: ieee80211_diags: Assume disabled if no config found
Prior to this fix, if no config is found the agent would attempt
to publish a diag with `mode="no mode found"` which would
generate a `ValidationError`, crashing the whole ieee80211 agent.
manifest-judo
---------------------------
Commit: a5afece
---------------------------
manifest: Update bitbake git hash
There are two commits on the 2.18 branch of bitbake that we need to
avoid wget 403 errors when fetching crates from crates.io.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 8c22ce4
---------------------------
Bugfix: Disable mosquitto debug logs
Mosquitto logs every message in/out of the broker, including every
periodic message sent e.g.
```
1777950332: Received PUBLISH from auto-A289EBCD-FD25-3872-9A6B-8F30FB6458BA (d0, q0, r1, m0, 'MP1010/event/diag/uhf/info', ... (271 bytes))
1777950332: Sending PUBLISH to zenoh-mqtt-bridge.py (d0, q0, r0, m0, 'MP1010/event/diag/uhf/info', ... (271 bytes))
1777950333: Received PUBLISH from auto-414964F3-06DB-E876-76BB-B0D4533FD882 (d0, q0, r1, m0, 'MP1010/event/diag/gnss/data/primary', ... (208 bytes))
```
The paylods get omitted (to keep the messages to a sensible
length) making the log messages of very little value.
Disable debug logs by enabling every other log type individually.
Fixes the previous attempts at reducing log-spam from CSNMR-5320.
---------------------------
Commit: c877d76
---------------------------
CSNMR-5826: Move NM connections to tmpfs
This allows NetworkManager to come up in disabled/uninitialized state
until Zenoh applies its persistent config. The core logic for creating
config files is driven off of cellular_agent.
---------------------------
Commit: 00742ee
---------------------------
CSNMR-5826: Disable Global NM state On Boot
Created a default NetworkManager.state file that disables cellular on
early boot. This allows NetworkManager to remain disabled until cellular
related services (like Zenoh) initialize and publish cell's persistent
config.
---------------------------
Commit: b4f7321
---------------------------
CSNMR-5897: cfg-mgr & cfg-agents: SRCREV update
Fix issues with ieee80211 agent failing to restore default state
if no persistent state found.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-901_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-900_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-900_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-899_default.lock.xml
manifest-judo
---------------------------
Commit: 762eaca
---------------------------
CSNMR-5913: Harden firmware upload script for CI
A transient network glitch during the presigned URL
fetch or S3 PUT could failed the build with no retry.
Changes:
- Add set -euo pipefail.
- Retry presigned URL and S3 PUT on transient errors
- Use --fail-with-body so HTTP errors abort the run
while still surfacing the response body.
- Add --connect-timeout and --max-time on the S3 PUT
to avoid hung uploads.
- Parse responses with jq -e and type checks so a
missing/invalid presigned_url fails immediately.
- Switch payload file to mktemp with an EXIT trap so
it is cleaned up even on early exit.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-899_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-898_default.lock.xml
judo-rest-api
---------------------------
Commit: a523e1d
---------------------------
CSNMR-5801: Add route in for '/appfs/upload' and zenoh API event reporting
* Uses similar process as what is implemented in FW upgrade route.
judo-web-ui
---------------------------
Commit: 36c1022
---------------------------
CSNMR-5801: Adjust v0 page to have AppFS install form
* Add some minor .js to show 'Uploading...' and
'Installing...'.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-898_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-897_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 6ad21a6
---------------------------
CSNMR-5908: Disable Halow in default configuration
manifest-judo
---------------------------
Commit: 1091406
---------------------------
CSNMR-5910: Adjust Release notes so assigning OTA is a part of the standard release process.
* Have OTA batch assigning mentioned as a part of the official
release process, separate to the smoketest.
* Adjust wording for clarification, and make process easier to
understand.
---------------------------
Commit: 2178ed3
---------------------------
CSNMR-5908: judo-cfg-agents_git: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-897_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-896_default.lock.xml
bitbake
---------------------------
Commit: 33581c84f
---------------------------
bitbake: Update version to 2.18.0
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b508e646b
---------------------------
utils: Add filter_string function
There are cases where we would like the filter functionality but
don't want to read the data from a variable. Add a new function,
filter_string to allow this, basically separating filter() into
two functions.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cfd3af465
---------------------------
default-registry: Add wrynose
Add the new release
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6acd48497
---------------------------
bitbake-setup: Add the conditional script stanza
This ensures that the main function is only executed if
the module is executed in the top-level environment.
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1557c502a
---------------------------
taskdata: add_tasks: use sets to dedup from debug output
When packages appear multiple times it gets hard to make any sense of
the list display. Using sets does the job for us.
Signed-off-by: Yann Dirson <yann.dirson@vates.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 3c20c0a4d
---------------------------
utils: goh1_file: deal with false positives from is_zipfile
This function is known https://github.com/python/cpython/issues/72680 for
false-positives. With python 3.13.5 there is one with
https://vault.almalinux.org/10.0/CRB/x86_64_v2/os/Packages/jdom2-2.0.6.1-8.el10.noarch.rpm
The double "is_zipfile = False" is redundant but likely more clear.
Signed-off-by: Yann Dirson <yann.dirson@vates.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 23a91cb15
---------------------------
fetch2/git: fix HEAD and branch ref when subpath is used
When subpath is set the checkout code uses read-tree + checkout-index,
but never updates HEAD. It stays on whatever branch the clone defaulted
to instead of pointing to the requested revision.
Fix by pointing HEAD at the correct revision after checkout-index, and
creating the branch ref when branch= is specified. Also remove the
warning note in the documentation that described this limitation.
Signed-off-by: Mark-Pk Tsai <mark-pk.tsai@mediatek.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 1ffccdeaa
---------------------------
runqueue: Fix comment typos
Fix comment typos in RunQueueData.prepare
Signed-off-by: Yann Dirson <yann.dirson@vates.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: de7c87ae8
---------------------------
doc: set_versions.py: change strategy for the default page
A problem can happen with the current code: if the current stable release
is made EOL before the development branch is made the current stable,
then we only have LTS releases displayed.
Change the logic to _always_ display the latest non-dev branch as the
default page, even if EOL.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 5d722b5d6
---------------------------
tests/fetch: Avoid using git protocol in tests
Two of the tests were still using git protocol to access git services.
For the submodule test, the upstream repo has been updated.
In the other case, we need to pass the correct command to the manual
git commandline, we can't use a recipe url that previously just happened
to work.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7fd4d9d10
---------------------------
doc: bitbake-user-manual-metadata: fix indentation consistency
We've decided bullet lists should be started by a dash followed by two
whitespaces and the other lines in the bullet list should be indented
at that level, that is with three whitespaces compared to the parent
block. This only has two while the rest of the file has three, so let's
add the missing whitespace. This is cosmetic in the sources only, it
doesn't change the output.
Fixes: 6bc65e6402a7 ("documentation: bitbake: add file-checksums to varflags section")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a3b66c4c2
---------------------------
doc: bitbake-user-manual-metadata: fix indentation consistency
We've decided code-blocks should be indented by three whitespaces
compared to the parent block and this only had two, so let's add the
missing whitespace. This is cosmetic in the sources only, it doesn't
change the output.
Fixes: 3b9d7bea915d ("parse/ast: add support for 'built-in' fragments")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 13ee2e78e
---------------------------
doc: bitbake-user-manual-metadata: fix syntax for code-block in addfragments
OE_FRAGMENTS was meant as a code-block and thus needs two colons, a
newline and an increased indent for it to work, however we were missing
the second colon.
Let's fix that oversight.
Fixes: 3b9d7bea915d ("parse/ast: add support for 'built-in' fragments")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7c42f89fb
---------------------------
doc/bitbake-user-manual-fetching: add warning on the Git subpath parameter
[YOCTO #15558]
Add a warning on the subpath option which has an unexpected behavior
with regards to how the HEAD is updated in the checked out repository.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 92238d267
---------------------------
bitbake-setup: ensure args.setup_dir is an absolute path
This fixes another corner case:
'bitbake-setup update --setup-dir ./relative/path'
Normally setup-dir is deduced from bitbake environment, but when
it is passed in on the command line as a relative path, and there
is something to update, new bblayer.conf is created with relative
paths in it, causing breakage.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a160b4cc0
---------------------------
bitbake-setup: make DL_DIR in site.conf overridable by env
Use '?=' instead of '=' when writing DL_DIR to site.conf, so an
exported DL_DIR can be reused across environments.
This keeps a default value while allowing environment-based cache
configuration in mixed workflows (e.g. container/host).
Signed-off-by: Zhangfei Gao <zhangfei.gao@linaro.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fc589ec6f
---------------------------
Prevent loading unnecessary resources from layerindex-web
When I was using `bitbake-layers layerindex-fetch ...` I noticed it being quite
slow. Upon further investigation, I found that the call to `load_layerindex()`
inside layerindexlib was called with the deafult `load` argument.
The deafault was set to ['layerDependencies', 'recipes', 'machines', 'distros']
where the `layerindex-fetch` effectively requires only ['layerDependencies'].
So whenever a `layerindex-fetch` is used, we pull for example 'recipes', which
is about 18-20MB in size - it takes time to produce that response by the
layerindex-web and ship over the internet, just to be discarded.
This change addresses the issue by setting a "sane" default (empty `load` list)
and sets a correct, explicit `load` list whenever it's needed (e.g. toaster)
by the caller.
Lastly, there seems to be an error when the cooker index is loaded in the
process with the `load='layerDependencies'`, that's incorrect, as the
implementation expects also a list, so that's corrected as well.
Signed-off-by: Piotr Buliński <piotr@qbee.io>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7cf11787e
---------------------------
doc: document new bitbake-setup init and update features
Document the two new options introduced in the setup command:
- --init-vscode / --no-init-vscode (66c26e5f0): generates a
bitbake.code-workspace file for VS Code in the Setup directory,
with layer folders, BitBake extension settings, and file associations.
Default is enabled when the 'code' binary is found on PATH.
- --rebase-conflicts-strategy (60ce61cca): controls the fallback
behaviour when a layer repository cannot be updated in place due
to local modifications or conflicting local commits. Documents both
the 'abort' (default) and 'backup' values.
Also documents the in-place update behaviour of the update command
(fetch via dldir remote + rebase), with a cross-reference to the
unpack_update() section in the fetching chapter.
Also document that the update command is intended to be run from a
shell with the BitBake environment sourced, and why --autostash is not
used (transparency: uncommitted changes are surfaced rather than silently
stashed and re-applied).
Add examples for the four distinct update scenarios, using real output
from an actual update session:
- normal update with local commits rebased and preserved
- update blocked by uncommitted changes, with stash + retry steps
- rebase conflict with manual resolution via the dldir git remote,
including the rebase --continue + re-run sequence
- rebase conflict resolved via --rebase-conflicts-strategy=backup,
showing the real WARNING output and timestamped backup directory name,
with a step-by-step git workflow (cd into the fresh clone, fetch the
backup branch by local path, cherry-pick oldest-first) to recover
commits from the backup, and cleanup instructions (rm -rf the backup,
or remove the VS Code workspace folder via the UI or by re-running
bitbake-setup update after deletion)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9fb6b0011
---------------------------
bitbake-setup: catch unexpected exceptions and show a clean error message
Without a top-level exception handler, any unexpected Python exception
reaches the user as a raw traceback, which is confusing and exposes
implementation details.
Add a try/except block around the main dispatch in main() that:
- catches all unexpected exceptions and logs them as a single ERROR
line, consistent with how other errors are already presented
- re-raises when --debug is active, so the full traceback is still
available for diagnosis
- explicitly re-raises SystemExit and KeyboardInterrupt so sys.exit()
calls and Ctrl-C continue to work normally
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 097bffb5c
---------------------------
tests/setup: add test_update_rebase_conflicts_strategy
Add a dedicated test for the --rebase-conflicts-strategy option introduced in
'bitbake-setup: add --rebase-conflicts-strategy to the update command'.
Three scenarios are covered that are not exercised by the existing
test_setup:
1. Uncommitted tracked-file change (LocalModificationsError), default
'abort' strategy: update must fail with an error that contains
'has uncommitted changes' and the '--rebase-conflicts-strategy=backup'
hint; no backup directory is created.
2. Same uncommitted change, 'backup' strategy: the layer directory is
renamed to a timestamped backup, the layer is re-cloned from
upstream, and the result is clean (upstream content, no local
modifications).
3. Committed local change that conflicts with the next upstream commit
(RebaseError):
a. Default 'abort' strategy: update must fail with an error that
contains 'Merge conflict' and the '--rebase-conflicts-strategy=backup'
hint; no backup directory is created.
b. 'backup' strategy: instead of the hard rebase-conflict failure,
the conflicted directory is backed up and re-cloned successfully.
A small _count_layer_backups() helper is added to the class and reused
across scenarios.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2ee3a195b
---------------------------
bitbake-setup: add --rebase-conflicts-strategy to the update command
When unpack_update() raises LocalModificationsError (uncommitted changes)
or RebaseError (local commits that could not be rebased), the caller now
has a choice of how to handle it, controlled by the new
--rebase-conflicts-strategy option on the 'update' subcommand:
- abort (default): re-raise the error so the update stops with a clear
message that names the affected source and its path. The fetcher has
already aborted the rebase and restored the checkout to its previous
state.
- backup: rename the directory to a timestamped <name>-backup path to
preserve local work, then re-clone from upstream via fetcher.unpack().
Both exception types share a single except clause; the exception message
already describes the specific failure (uncommitted changes vs. failed
rebase with git output), so it is forwarded directly to the warning log.
The strategy is threaded from the CLI argument through build_status()
and update_build() down to checkout_layers().
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 70ff359d2
---------------------------
tests/setup: add test_vscode for VSCode workspace generation
Add test_vscode to BitbakeSetupTest covering the --init-vscode
option introduced in 'bitbake-setup: generate config files for VSCode':
- init --init-vscode creates bitbake.code-workspace with the
expected top-level structure (folders, settings, extensions).
- Folders list conf and each non-symlink git repo in layers/;
all paths are relative.
- Bitbake extension settings (pathToBuildFolder, pathToEnvScript,
disableConfigModification) are set correctly.
- File associations (*.conf, *.inc) and python.analysis.extraPaths /
python.autoComplete.extraPaths are populated.
- init --no-init-vscode does not create a workspace file.
- update after a layer change preserves user-added folders and
settings while updating managed ones.
- update with a corrupt workspace file logs an error and leaves the
file unchanged.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 92fd72194
---------------------------
bitbake-setup: generate config files for VSCode
This change introduces a function to generate a VSCode workspace file
(bitbake.code-workspace). The --init-vscode flag added to bitbake-setup
init defaults to True when the code binary is found on PATH, and can be
passed explicitly to exercise the feature on machines without code (e.g.
when running tests on an autobuilder). Once the workspace file exists,
it is updated automatically on every subsequent run.
This workspace file is preferred over a project-specific
.vscode/settings.json for several reasons:
- It allows for a multi-root workspace, which is ideal for a bitbake
project structure setup with bitbake-setup. This enables including all
layer repositories and the build configuration directory as top-level
folders in the explorer.
- The workspace file can be located at the top level of the setup,
outside of any version-controlled source directory. This avoids
cluttering the git repositories with editor-specific configuration.
- It provides a centralized place for all VSCode settings related to the
project, including those for the bitbake extension, Python language
server, and file associations, ensuring a consistent development
environment for all users of the project.
The Python analysis paths (python.analysis.extraPaths) are configured
with absolute paths. This is a workaround for a limitation in the Pylance
extension, which does not correctly resolve ${workspaceFolder:...}
variables in a multi-root workspace context for import resolution. Using
absolute paths ensures that Pylance can find all necessary modules from
the various layers.
There is room for improvement. Starting a terminal (bitbake or any other)
is cumbersome, as VSCode wants to start it for one of the layers rather
than the build directory.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f33c5d6d2
---------------------------
tests/setup: fix dead check_setupdir_files guards
Two conditions in check_setupdir_files used wrong key names and
so never triggered:
- 'oe-fragment' -> 'oe-fragments' (plural): fragment-existence
assertions were never reached for any variant that has fragments.
- 'bb-environment-passthrough' -> 'bb-env-passthrough-additions':
BB_ENV_PASSTHROUGH_ADDITIONS assertions were never reached for
the gizmo-env-passthrough variant.
Also drop the redundant .keys() call on both guards.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: deefbd24d
---------------------------
tests/setup: cleanup imports
Add missing top-level imports for os, stat, bb and bb.process and remove
the redundant inline 'import os' and 'import stat' that were inside
individual methods.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1bc754c96
---------------------------
bitbake-setup: always restore sys.stdout
While working on the bitbake-setup update with a non destructive fetcher,
I noticed that if the fetcher raises an exception, sys.stdout is not
restored, which can lead to issues in the rest of the code. This change
ensures that sys.stdout is always restored, even if an exception occurs
during the fetch and unpack process.
Showing the full Traceback of the error would be a bit confusing because
it happened in code which is not yet ready for review, but the final
error was:
ValueError: I/O operation on closed file.
and this little change seems to be a reasonable improvement to avoid
such issues.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 85f3ebcce
---------------------------
doc: document the unpack_update() non-destructive git update method
Add a new "The Non-Destructive Update (unpack_update)" section to the
fetching chapter, describing the in-place update mode introduced in
"fetch/git: Add an 'update' unpack mode to the fetchers (git only for now)"
e7d5e156275782948d3346f299780389ab263ab6.
The section covers:
- what unpack_update() does and when to use it vs. unpack()
- the three-step internal process: add/update the dldir remote,
fetch the new upstream revision, rebase local commits on top
- the error conditions: LocalModificationsError (uncommitted changes),
RebaseError (conflicting local commits), and the shallow/stale-dldir
case
- the current limitation that only the Git fetcher supports it
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2d6e21aa9
---------------------------
tests/fetch: remove unused import, fix trailing whitespace
Just cleanup, no functional change.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6c1854832
---------------------------
bitbake-selftest: add GitUnpackUpdateTest
Add a test class that exercises the new unpack_update() code path in the
Git fetcher, ordered from basic building blocks to advanced workflow and
error cases:
test_unpack_update_full_clone
Basic update to a newer upstream revision succeeds and the working
tree reflects the new content.
test_unpack_update_dldir_remote_setup
The "dldir" remote pointing to ud.clonedir is created during the
initial unpack and is present for subsequent update calls.
test_unpack_update_ff_with_local_changes
Full workflow: after a normal unpack the "dldir" remote is verified,
a local commit is added, download() brings updated_rev into the
clonedir, and unpack_update() fetches from dldir and rebases the
local commit fast forward on top. The commit graph (HEAD^ ==
updated_rev) and both file contents are asserted.
test_unpack_update_already_at_target_revision
Calling unpack_update() when the checkout is already at SRCREV is
a no-op: it succeeds and the working tree is left unchanged.
test_unpack_update_with_untracked_file
The status check uses --untracked-files=no so untracked files are
invisible to it; the update succeeds and the untracked file survives
the rebase unchanged.
test_unpack_update_with_staged_changes
Staged (but not committed) changes are detected by
"git status --untracked-files=no --porcelain" and block the update;
LocalModificationsError is raised so the caller can fall back to
backup + re-fetch.
test_unpack_update_with_modified_tracked_file
An unstaged modification to a tracked file is detected by
"git status --untracked-files=no --porcelain" and blocks the
update; LocalModificationsError is raised.
test_unpack_update_conflict_raises_rebase_error
A local commit that conflicts with the incoming upstream change
raises RebaseError; the repository is left in a clean state with
no pending rebase (rebase --abort was called).
test_unpack_update_untracked_file_overwritten_by_upstream
An untracked file that would be overwritten by an incoming upstream
commit causes git to refuse the rebase; RebaseError is raised and
the repository is not left in a mid-rebase state. Two sub-cases
are covered: a top-level file clash and a clash inside a
subdirectory (xxx/somefile).
test_unpack_update_shallow_clone_fails
Shallow clones do not carry enough history; UnpackError is raised.
test_unpack_update_stale_dldir_remote
When the clonedir has been removed after the initial unpack the
dldir remote no longer resolves; UnpackError is raised so the
caller can fall back to a full re-fetch.
test_fetch_unpack_update_toplevel_api
The public Fetch.unpack_update(root) API (used by callers such as
bitbake-setup) dispatches correctly end-to-end through to the Git
fetcher.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f8faab22d
---------------------------
fetch2: add LocalModificationsError and RebaseError exceptions
When unpack_update() detects either of two blocking conditions, it now
raises a dedicated exception subclass of UnpackError instead of a
generic UnpackError:
- LocalModificationsError: for uncommitted changes in the working tree
that prevent the update. Includes git status output and instructs
the user to commit, stash or discard changes.
- RebaseError: for local commits that could not be rebased onto the
new upstream revision. Includes the git rebase output and a hint
that the 'dldir' remote points to the local download cache and may
be used to resolve conflicts manually.
Both exceptions take (repodir, url, git_output) as arguments, build
the full user-facing message in __init__, and preserve the is-a
relationship with UnpackError so existing callers are not broken.
The fetch and rebase operations are also split into separate
try/except blocks so that a failure to fetch from dldir raises a
plain UnpackError while a failed rebase raises RebaseError.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e8b383071
---------------------------
bitbake-setup: Sort and format imports
The ruff linting tool reported 2 problems:
I001 Import block is un-sorted or un-formatted
E402 Module level import not at top of file
An exception is made for sys.path modifications needed to
find the modules.
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 700568f18
---------------------------
bitbake-setup: Maintain exception chain
Chain the exceptions so that it is easier to trace the exception
back to its root cause. This resolves B904 linting issues from
flake8-bugbear.
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 02082312c
---------------------------
bitbake-setup: Fix linting error related to membership
The pycodestyle E713 recommends that negative tests for membership
use `foo not in bar` instead of `not foo in bar`.
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 03283f09f
---------------------------
bitbake-setup: Remove unused parser_settings_list
The ruff lint tool detected an used variable:
F841 Local variable `parser_settings_list` is assigned to but never used
The list_settings function gets invoked through the parent command's
settings_func function. This means that creating this variable is
unnecessary.
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 836653608
---------------------------
bitbake-setup: Remove unused Namespace import
The ruff lint tool reported that Namespace was not used:
F401 `argparse.Namespace` imported but unused
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6c293b4a0
---------------------------
bitbake-setup: Replace f-string without placeholders
The ruff lint tool reported an f-string that didn't include any
placeholders:
F541 f-string without any placeholders
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1fb803e08
---------------------------
bitbake-setup: Remove unused stdout variable
The ruff lint tool reported that stdout was never used:
F841 Local variable `stdout` is assigned to but never used
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ee4fc97b6
---------------------------
bitbake-setup: Remove extraneous variable from str.format()
The invocation of str.format() supplied an extra parameter that
was not being referenced in the string.
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0ac8ea456
---------------------------
doc: add warning notes on the disabled NPM fetcher
Add warning notes in bitbake-user-manual-fetching.rst and
bitbake-user-manual-ref-variables.rst regarding the disabled NPM
fetcher.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 64fda8cb8
---------------------------
fetch/git: Update packing commands to match modern git
We are using a git command, "git pack-redundant" which is due to be removed
from git. There is discussion about bitbake's usage here:
https://lore.kernel.org/git/CANYiYbHOczhRoJkOofFNQ6VA3BiyOF=QjffFBDvLn43Ts8B67w@mail.gmail.com/T/#t
As mentioned, we should switch to use git repack -adk. We need the k option
since we do need to keep unreachable object to retain history.
As per the manuals, we still need to run prune-packed to remove loose
objects which are now in the pack files.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 05a0ca339
---------------------------
toaster: Update fixtures for wrynose release
Update the fixtures for toaster to add wrynose. Update the tests to
match.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e827db50d
---------------------------
progressbar/knotty: Allow mixing log messages and progress bars
If we try and print a log message in the middle of progress bar, the display
can be corrupted. Add a clear() method to progress bars allowing them to be
removed for the log message, then reprinted using update().
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 112bddd8f
---------------------------
data: Add exception details if build_dependencies catches one
Without this information, you'll only get messages like this, which don't
indicate what might be wrong:
WARNING: ….bb: Exception during build_dependencies for do_patch:00:17
WARNING: ….bb: Error during finalise of ….bb
ERROR: ParseError in None: Not all recipes parsed, parser thread killed/died? Exiting.
ERROR: Parsing halted due to errors, see error messages above
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a70c33679
---------------------------
bitbake-setup: share sstate by default between builds
Nowadays sharing sstate must also include sharing the hash equivalency
information and thus, managing a hash equivalency server. There are
two ways to do it:
- starting/stopping the server outside the bitbake invocations, and
guaranteeing that it's available when bitbake is invoked.
- using bitbake's built-in start/stop code which launches a server
before a build starts and stops it when a build is finished; essentially
this is a private server, using a database private to a build directory
(by default).
I couldn't come up with a good way to do the first option in bitbake-setup:
it needs to be invisible to users, they should not have to run special commands
and they should not wonder why there is a mysterious background process.
It's not impossible to auto-start a shared server, but that will quickly
run into synchronization issues: if one server is being started, another
should not be started at the same time. If one server is shutting down
(e.g. after an inactivity timeout), another starting server should wait
until it frees the socket, and block all bitbake invocations on that.
Memory resident bitbake does this in lib/bb/server/process.py with a lot of
complexity, and I don't think it should be added to the hash server as well.
On the other hand, hash equivalency database is sqlite-driven, and sqlite
documentation reassures that sharing it between different simultaneous
processes is okay: nothing will get lost or corrupted: https://sqlite.org/faq.html#q5
I've confirmed this by running simultaneous builds that way: nothing
unusual happened, and sstate was shared as it's supposed to.
There's a new setting that turns off this behavior for situations
where the server and sstate are managed externally.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 59b927fd1
---------------------------
bitbake-setup: use non-destructive 'update' mode of the git fetcher
This allows removing the git hook that prohibited making commits
in repositories under layers/, significantly improving user experience.
bitbake-setup logic is adjusted to account for:
- if a git checkout is being replaced with a local symlink,
that checkout is moved to a backup location, regardless of whether
it has local changes or not
The tests are modified so that:
- the check for layer backups is run earlier, and check that
backups happen when they're supposed to (which should be just once).
- the test that previously checked that local commits are rejected
is adjusted to check that such a commit is accepted, and layer
is updated from remote without creating a backup directory.
- a test is added to force a rebase conflict on update, and
check that it indeed happens. We can think of better ways
to handle rebase conflicts in bitbake-setup later on; right now
it simply stops at that point.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
judo-bd992-fw
---------------------------
Commit: 17a31a0
---------------------------
CSNMR-5907: update BD images for stella
Update BD images for stella to 6.60-0.36
Stella Checksum: 0xACCE144A
manifest-judo
---------------------------
Commit: f0035ad
---------------------------
CSNMR-5846: Update upstream meta layer git hashes
Locking down upstream meta layers to updated commits that have generated
a successful CI build.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: c88f408
---------------------------
CSNMR-5846: conf: Add missing spaces after VAR:append
The variables in question here have values which are space separated
lists. When using the `:append` mechanism, these need to explicitly
include the space to avoid potentially being concatenated to the
previous value in the list.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 7eabfcc
---------------------------
Revert "Freeze meta-bedrock hash to current main"
This reverts commit 1f2157b3a2def8cd1c69c7c4a72a0ad58b1cfe8b.
Judo layers have been updated to use the new WIC path, so we
no longer need to lock bedrock to a specific commit.
---------------------------
Commit: 8eb10af8
---------------------------
scripts/runfvp: fix silent failure when FVP is missing
Print an error message if the FVP binary cannot be found, instead of
failing silently.
Signed-off-by: Roger Knecht <roger.knecht@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 6e1cea02
---------------------------
arm/generate_capsule_json_multiple: Fix --selected_components default behavior
When --selected_components is not specified, the script should include
all components as documented in the help text. However, the current
implementation skips all components when the parameter is empty,
resulting in an error.
Fix the filtering logic to only apply when --selected_components is
explicitly provided with values.
Signed-off-by: Kevin Hao <kexin.hao@windriver.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 3b7f4ccf
---------------------------
CI: remove meta-virtualization references
Now that Xen has been removed, clean up the remaining references to
the meta-virtualization layer.
This was done as a separate commit to make reverting easier in the
future in case we need to add back meta-virtualization for some other
builds.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 5ad64ce7
---------------------------
CI: remove Xen jobs
We originally added Xen builds to our CI to exercise Xen on Arm. Now
that the Yocto autobuilder has jobs that test Xen on qemuarm/qemuarm64
we no longer need the builds in meta-arm as they don't provide any more
coverage.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 01abd473
---------------------------
arm-bsp/docs: corstone1000: Drop A320 reboot workaround note
Remove the user-guide warning and rebuild steps for the
disable_module_autoloading workaround on Corstone-1000 with Cortex-A320.
With the NPU reset issue fixed, this workaround is no longer
needed.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 23189561
---------------------------
arm-bsp/trusted-firmware-m: corstone1000: Drive NPU reset via ext sys ctrl
- Derive host base addresses from offsets and add ext sys reset bitfields
- Deassert CPUWAIT with a bitmask
- Enable ext sys boot handling for Corstone1000 with Cortex-A320
- Add the new downstream TF‑M patches to the recipe
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: d987a594
---------------------------
wic: move to files/wic
Signed-off-by: Jose Quaresma <jose.quaresma@oss.qualcomm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 7d5317af
---------------------------
arm-bsp/docs:corstone1000: Update systemready-patch refs
- Replace `systemready-patch` with `iot-platform-assets` in the guide.
- Update the Corstone-1000 asset paths and U85 kas command examples.
Align the user guide with the renamed asset repository, avoiding
stale commands and broken paths.
Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: cab9d2db
---------------------------
arm-bsp/edk2-firmware: remove 202408
Nothing in meta-arm-bsp is using this version anymore. Drop it and the
related patches.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 116c26c8
---------------------------
arm-bsp/sbsa-ref: workaround CPU topology warning
To workaround the CPU topology issue with edk2-firmware, we can specify
the number of processors being used, which seems to setup the CPU
topology mask correctly (and thus no errors). With this addressed, we
can use the latest edk2 firmware, which allows us to use the latest TF-A
version.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: ed7a9378
---------------------------
arm-bsp: remove rdv1
rdv1 has been EOLed, and requires keeping around some recipes because
of its removal. Also, the FVP is x86 only, thus limiting CI.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 4257c985
---------------------------
arm-bsp: remove sgi575
sgi575 has been EOLed, and requires keeping around some recipes because
of its removal. Also, the FVP is x86 only, thus limiting CI.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: efbc6b61
---------------------------
arm-bsp/rdv2: add support
Add support for Neoverse Reference Design version 2
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 6dfff7d3
---------------------------
arm-bsp/rdn2: add support
Add support for Neoverse Reference Design N2
Use the rdinfra sources to get it booting
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 9003bdc6
---------------------------
arm-bsp/rdv1: add support
Add support for Neoverse Reference Design version 1
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 166d6d79
---------------------------
arm/fvps: rename rdv3-r1
Rename rdv3-r1 to be more consistent with other machines and match
documentation/website.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 45f2311d
---------------------------
Revert "arm/execstack: remove, no longer needed"
Some of the soon-to-be-added FVPs have the execute issue still. So,
re-add this until it can be resolved. Also, address S issue that
changed upstream between the original removal and now.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: ae3532c2
---------------------------
CI: use core-image-base for faster boot
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: f0811288
---------------------------
arm-bsp/docs: corstone1000: switch Ethos-U85 test flow to test_teflon
Update the Corstone-1000 user guide to reflect the current Ethos-U85
test and workaround flow.
As the Corstone-1000 software stack moves to the in-tree ethosu
driver, switch the Ethos-U85 test instructions from delegate_runner to
Mesa's test_teflon application. Also update the guide to use the
renamed ethos-u85-test kas fragment and to apply the Mesa patch needed
to package test_teflon into the image.
Also replace the disable_module_autoloading kas fragment in the A320
workaround instructions with the disable-ethosu patch, to align with
the workaround flow used in systemready-patch.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 41fbac9b
---------------------------
arm-bsp/docs: corstone1000: document Cortex-A320 SMP support
Corstone-1000 with Cortex-A320 FVP now supports SMP, so update the
documentation to reflect the current status.
Update the user guide to state that SMP is supported on Corstone-1000 with
Cortex-A35 FVP and on Corstone-1000 with Cortex-A320 FVP.
Add the Cortex-A320 multicore build and run commands.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 6df28b9c
---------------------------
arm-bsp/corstone1000-a320: Drop meta-ethos dependency
Corstone1000 with Cortex A320 now uses the in-tree ethosu driver, so the
external meta-ethos layer (and its meta-sca dependency) is no longer needed.
Remove meta-ethos and meta-sca from the Corstone-1000 A320 kas
config, drop the layer dependency on meta-ethos, and stop
installing arm-npu-ethosu. Update the Corstone-1000
change log to reflect the removed layers.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 2c81c14c
---------------------------
arm-bsp/u-boot: cs1k: Align Ethos-U85 DT with in-tree driver
Align the Corstone1000 Ethos-U85 device tree to match the upstream
bindings used by the in-tree Ethos-U DRM accel driver.
- Rework the Corstone1000 U-Boot patch to replace the legacy arm,ethosu-direct
node with an upstream-style Ethos-U85 node (arm,ethos-u85), add the
required clocks/clock-names, and switch the SRAM description to
mmio-sram.
- Drop meta-ethos specific properties (reserved-memory/dma-ranges,
/region-cfgs/mem-config) from the U-Boot DT.
- Enable required kernel options for the in-tree driver and SRAM provider:
- CONFIG_SRAM
- CONFIG_DRM
- CONFIG_DRM_ACCEL
- CONFIG_DRM_ACCEL_ARM_ETHOSU
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: c2258d46
---------------------------
arm-bsp/corstone1000: Add linux-yocto 6.19 kernel recipe
linux-yocto does not currently ship a 6.19 recipe, so add a
meta-arm-bsp linux-yocto_6.19.bb that tracks linux-yocto-dev v6.19/base.
Pin SRCREV_machine to fixed revision to keep builds reproducible.
Update Corstone-1000 to prefer linux-yocto 6.19 and align
the user guide pointers accordingly.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 4414e4d2
---------------------------
arm-bsp/u-boot:cs1k: Split Cortex-a320 device tree
The U-Boot maintainers rejected the previous patch [1] for two primary
reasons:
1. The Cortex-A320 changes should be considered a separate platform
2. The NPU node bindings do not match those in the Linux kernel
The former is handled by this commit. The latter point has not been
resolved, hence marking the newly added patch as Inappropriate. This is
simply the first step in resolving the comments.
[1] https://lore.kernel.org/all/20251127154752.589691-1-frazer.carsley@arm.com
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 73cde0a9
---------------------------
arm-bsp/u-boot:cs1k: Rework CONFIG_OF_UPSTREAM patch
Rework the patch that enables the OF_UPSTREAM config option to split
off the extra device tree nodes into their own dtsi files, making it
easier to combine them in different ways. The rest of the patches have
changed only so that they can be applied cleanly.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 1778b36d
---------------------------
arm-bsp/tf-m:cs1k: modified mcuboot to use GPT library
Corstone1000 used to use its own implementation of a GPT parser for use
in a capsule update. The patches in this commit replace what exists with
the generic GPT library, as well as other minor self-explanatory fixes.
The wic file has undergone two changes as a result of this:
1. The partition type GUID of each of the four partitions that can be
updated by a capsule update must match the GUID of each capsule. This
allows for the existing partition to be matched with its updated
image. Different machines (e.g. MPS3 vs FVP) have different GUIDs for
these images hence the need for separate files.
2. The second bank has been removed from provisioning. Because the
library supports dynamic creation of partitions, the second bank no
longer needs to be provisioned at build time. However, a small
reserved partition is still created above the 32KiB mark to force
wic to size the disk as 64KiB and write this into the GPT header
for the library to read on initialisation.
Finally, the size of bl1_1 is reduced by one of the patches in this
commit, so this is also reflected in the recipe.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 5fc4c29d
---------------------------
arm-bsp/tf-m:cs1k: Add GPT library
The patches added in this commit add a generic GPT library for use in
flash devices. Corstone1000 could use these to manage partitions during
a firmware update.
The patches are all backports from trusted-firmware-m (TF-M) main
branch and can be removed if Corstone1000 upgrades when the next version
of TF-M is released.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 7b687574
---------------------------
arm/optee: add UPSTREAM_CHECK_COMMITS for git recipes
Seeing UNKNOWN_BROKEN in the OP-TEE git recipes. Add
UPSTREAM_CHECK_COMMITS to address this issue.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: eb14d855
---------------------------
arm/scp-firmware: add git recipe
Split off the main portion of the SCP firmware recipe into an include
file and create a git versioned recipe. This allows for building and
testing the latest sources.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 0d6405b2
---------------------------
arm/fvps: update to newer versions
New versions of the FVPs have been released. Update the recipes to use
them. License SHA changes caused by 3rd party software versions used
being modified and white space changes.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: e9b1f3bb
---------------------------
arm/fvp-base-a-aem: update to 11.31.28
Massive layout changes inside the FVP tarball. The files are not
located in *_FVP anymore, including the license files, which were in 2
locations in previous releases. The tarball changed from
Linux64/Linux64_armv8l to Linux_x86/Linux_armv8. It hchanged extention
from tgz to tar.gz
Also, adding skip of dev-so, due to libstdc++.so and libsystemc.so being
symlinks and fvps being a binary.
NOTE: the license file changes are due to version bumps for sdl, ffmpeg,
libvpx, and python. The license changes in the managements utilities
was version changes in clang and golang, and removal of wxWidgets,
libstdc++-6.dll, libgcc_s_seh-1.dll, and libwinpthread-1.dll
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 37d31f41
---------------------------
arm-bsp/trusted-firmware-m: corstone1000: Remove FVP requirement for TF-M multicore
To improve portability, testing coverage, and future platform enablement.
- Replace FVP-only multicore checks with platform-generic checks.
- Add the corresponding TF-M patch to the Corstone-1000 recipe.
Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 79cea5a0
---------------------------
arm-bsp/trusted-firmware-a: corstone1000: Remove FVP requirement for TF-A multicore
To improve portability, testing coverage, and future platform enablement.
- Replace FVP-only multicore guards with platform-generic guards.
- Add the corresponding TF-A patch to the Corstone-1000 recipe.
Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 4eb08a85
---------------------------
arm-bsp: corstone1000: Make multicore configuration platform-agnostic
To improve portability, testing coverage, and future platform enablement.
- Gate multicore on `MACHINE_FEATURES += "corstone1000_smp"`.
- Change recipe overrides from `:corstone1000-fvp` to `:corstone1000`.
- Update the Corstone-1000 multicore kas/doc references.
Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 990f2fa7
---------------------------
arm/edk2-basetools-native: build C host tools (GenFfs, GenFv)
The recipe previously only copied the Python BaseTools into the native
sysroot, which was sufficient for capsule signing but not for Firmware
Volume (FV) creation. Downstream recipes that build UEFI capsule
update images for embedded platforms need GenFfs and GenFv to assemble
FV images - a key component of the UEFI Capsule Update format used for
system firmware updates.
Add the brotli submodule source (build-time dependency of both tools),
build the C BaseTools (Common, BrotliCompress, GenFfs, GenFv) and
install the binaries into ${bindir} together with GenerateCapsule.py
and the Common Python library so that capsule-generating recipes can
consume them from the native sysroot.
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 2dc3478
---------------------------
Fix bundle name for CI feature branches
When building feature branches on Bamboo, the branch name was not being
included in the rauc bundle images so the .raucb filenames were not
consistent with the wic.xz filenames.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 387c00d
---------------------------
CSNMR-5846: mosquitto: Run ExecStartPre commands as root
Upstream has changed the mosquitto service to run the mosquitto broker
as the `mosquitto` user instead of as `root`.
As a consequence, the `ExecStartPre=` commands are also run as the
`mosquitto` user, which causes them to fail with permissions errors and
causing the broker to fail to start.
Prefixing the command path with `+` causes the command to be run with
full privileges.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 52cb5e3
---------------------------
Add missing spaces after VAR:append
The variables in question here have values which are space separated
lists. When using the `:append` mechanism, these need to explicitly
include the space to avoid potentially being concatenated to the
previous value in the list.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 67fe6bf
---------------------------
Remove lighttpd from recovery to avoid unneeded installation
lighttpd is removed from the RDEPENDS in the recovery package group
since it was forcing lighttpd to be installed in downstream
projects even though they chose nginx instead.
This causes nginx to be the default webserver for the bedrock
recovery mode. There currently is no web UI page defined. A page will
be added later.
Signed-off-by: Russell Jurgensen <russell_jurgensen@trimble.com>
---------------------------
Commit: 84b7659
---------------------------
Move the wic folder to files/wic to match upstream changes
This fixes a build error that occurs with the message:
"wic need to be moved to files/wic within the layer to be
found/used"
Moved the wic include file to be inlined. Now that wic files
are in files/wic folder, the recipe was not finding
the .inc file. It would need extra recipe rules created for it
and probably move the file to a different location. Inlining
seems to be a cleaner solution.
Signed-off-by: Russell Jurgensen <russell_jurgensen@trimble.com>
---------------------------
Commit: 78c5e12
---------------------------
gh/actions: Use checkout action to v6
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d53d9e8
---------------------------
CSNMR-5846: mosquitto-config: Fix perms for move_key.sh
Upstream has upgraded mosquitto and as part of that, then have changed
it to run as the mosquitto user instead of as root.
This caused the `move_key.sh` script to fail due to permissions issues
which in turn caused the mosquitto broker to fail to start, which
further caused the judo API's to fail to start and badness ensued.
Changing the permissions of the installed script to 755 will allow the
script to be run by any user (whether that user can perform all of the
operations needed is another issue).
Additionally, we really need to run the command as root, so we need to
prefix the command path with `+` which causes the command to be run with
full privileges.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: a5fe1ee
---------------------------
CSNMR-5846: Configure static user/group ids
When yocto builds are run, some recipes need to create new user and
groups for the target images, which may not be consistent from build to
build.
Using the `staticids` functionality of Yocto ensures that all user and
group ids are consistent via GID and UID lookup tables that are
committed to git. A build time error is generated if a new UID/GID is
introduced which is not in the `files/passwd` or `files/group` lookup
files. The lookup files where seeded from files copied off a device
running a recent main build.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 0a4f33b
---------------------------
CSNMR-5846: systemd: Add missing space when setting PACKAGECONFIG
When using the `VAR:append = " <val>"` mechanism, a space must be
included before the value. If the space is not present, then the <val>
being added gets concatenated with previously defined value, e.g. ending
up with `<prev_val><val>` instead of the desired value of `<prev_val>
<val>`.
In this case, we were getting the following error:
ERROR: systemd-1_259.5-r0 do_configure: QA Issue: systemd: invalid \
PACKAGECONFIG(s): opensslserial-getty-generator [invalid-packageconfig]
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 132c7f7
---------------------------
CSNMR-5846: mosquitto: Drop linker.syms patch
Patch is no longer needed because upstream has added what we need in
the 2.1.2 version of mosquitto.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: f95e0d9
---------------------------
CSNMR-5907: Update stella configuration
Update stella configuration firmware image to 6.60-0.36
---------------------------
Commit: a083923
---------------------------
CSNMR-5846: Add missing spaces after VAR:append
The variables in question here have values which are space separated
lists. When using the `:append` mechanism, these need to explicitly
include the space to avoid potentially being concatenated to the
previous value in the list.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: cebbe67
---------------------------
CSNMR-5846: Move wic directory into files directory
Upstream has changed where it searches for WKS files.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 2c55ee5
---------------------------
CSNMR-5907: update SRCREV
Update SRCREV for stella 6.60-0.32 BD firmware image repo.
---------------------------
Commit: 76700b6eaf
---------------------------
gphoto2: Fix build with clang-22
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ef548c3982
---------------------------
networkmanager: DISTRO_FEATURES_BACKFILL_CONSIDERED -> DISTRO_FEATURES_OPTED_OUT
Variable DISTRO_FEATURES_BACKFILL_CONSIDERED has been renamed
to DISTRO_FEATURES_OPTED_OUT.
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: fa612d7971
---------------------------
libspdm: update SRCREV to final 3.8.2 release
The initial 3.8.2 tag pointing at 5cf0acb8 ("Update version for 3.8.2
release") was actually a pre-release and that tag has since moved.
Now that 3.8.2 has offically been released we can update the SRCREV.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0c9cb5fb09
---------------------------
opensc: ship missed installed file
Fix packing of missed installed file:
| ERROR: opensc-0.27.1-r0 do_package: QA Issue: opensc: Files/directories were installed but not shipped in any package:
| /usr/share/p11-kit
| /usr/share/p11-kit/modules
| /usr/share/p11-kit/modules/opensc.module
| Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
| opensc: 3 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f2d723ce08
---------------------------
python3-pyfuse3: new recipe
Add a recipe for pyfuse3 - a python package providing high-level bindings
to libfuse3.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 07d6722816
---------------------------
libsoup-2.4: fix several CVEs
Fix CVE-2026-1539,CVE-2026-1761,CVE-2026-1801,CVE-2026-2443,
CVE-2026-2369,CVE-2026-1760,CVE-2025-14523,CVE-2025-32049,CVE-2026-1467
Refer:
CVE-2026-1801 https://gitlab.gnome.org/GNOME/libsoup/-/issues/481
CVE-2026-1761 https://gitlab.gnome.org/GNOME/libsoup/-/issues/493
CVE-2026-2443 https://gitlab.gnome.org/GNOME/libsoup/-/issues/487
CVE-2026-1539 https://gitlab.gnome.org/GNOME/libsoup/-/issues/489
CVE-2026-2369 https://gitlab.gnome.org/GNOME/libsoup/-/issues/498
CVE-2026-1760 https://gitlab.gnome.org/GNOME/libsoup/-/issues/475
CVE-2025-14523 https://gitlab.gnome.org/GNOME/libsoup/-/issues/472
CVE-2025-32049 https://gitlab.gnome.org/GNOME/libsoup/-/issues/390
CVE-2026-1467 https://gitlab.gnome.org/GNOME/libsoup/-/issues/488
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 740f9f71dd
---------------------------
webkitgtk3 update 2.50.5 -> 2.50.6
This is a bug fix release.
Changelog: https://www.webkitgtk.org/2026/03/12/webkitgtk2.50.6-released.html
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 44d5012a7c
---------------------------
ceres-solver: Improve the build configuration
* Add a PACKAGECONFIG for glog. If it is disabled, then miniglog, which
is provided by ceres-solver, will be used instead.
* Disable CUDA and gflags. They are not expected to be found, but this
makes it explicit.
* Disable building tests and examples as they are not used anyway.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cc814c9fd1
---------------------------
wireplumber: update 0.5.13 -> 0.5.14
WirePlumber 0.5.14
~~~~~~~~~~~~~~~~~~
Additions & Enhancements:
- Added per-device default volume configuration via the
``device.routes.default-{source,sink}-volume`` property, allowing device-specific volume
defaults (e.g. a comfortable default for internal speakers or no attenuation for HDMI) (!772)
- Added Lua 5.5 support; the bundled Lua subproject wrap has also been updated to 5.5.0
(!775, !788)
- Enhanced libcamera monitor to load camera nodes locally within the WirePlumber
process instead of the PipeWire daemon, eliminating race conditions that could occur
during initial enumeration and hotplug events (!790)
- Enhanced Bluetooth loopback nodes to always be created when a device supports both
A2DP and HSP/HFP profiles, simplifying the logic and making the BT profile autoswitch
setting take effect immediately without requiring device reconnection (!782)
- Enhanced Bluetooth loopback nodes to use ``target.object`` property instead of smart
filters, fixing issues that prevented users from setting them as default nodes and
also allowing smart filters to be used with them (#898; !792)
- Enhanced Bluetooth profile autoswitch logic with further robustness improvements,
including better headset profile detection using profile name patterns and resolving
race conditions by running profile switching after ``device/apply-profile`` in a
dedicated event hook (#926, #923; !776, !777, !808)
- Enhanced wpctl ``set-default`` command to accept virtual nodes (e.g.
``Audio/Source/Virtual``) in addition to regular device nodes (#896; !787)
- Improved stream linking to make the full graph rescan optional when linkable items
change, saving CPU on low-end systems and reducing audio startup latency when
connecting multiple streams in quick succession (!800)
- Allowed installation of systemd service units without libsystemd being present,
useful for distributions like Alpine Linux that allow systemd service subpackages
(!793)
- Allowed the ``mincore`` syscall in the WirePlumber systemd sandbox, required for
Mesa/EGL (e.g. for the libcamera GPUISP pipeline)
- Allowed passing ``WIREPLUMBER_CONFIG_DIR`` via the ``wp-uninstalled`` script,
useful for passing additional configuration paths in an uninstalled environment (!801)
Fixes:
- Removed Bluetooth sink loopback node, which was causing issues with KDE and GNOME (!794)
- Fixed default audio source selection to never automatically use ``Audio/Sink`` nodes
as the default source unless explicitly selected by the user (#886; !781)
- Fixed crash in ``state-stream`` when the Format parameter has a Choice for the
number of channels (#903; !795)
- Fixed BAP Bluetooth device set channel properties, where ``audio.position`` was
incorrectly serialized as a pointer address instead of the channel array (!786)
- Fixed memory leaks in ``wp_interest_event_hook_get_matching_event_types`` and in
the Lua ``LocalModule()`` implementation (!784, !810)
- Fixed HFP HF stream media class being incorrectly assigned due to
``api.bluez5.internal=true`` being set on HFP HF streams (!809)
- Fixed Lua 5.4 compatibility in ``state-stream`` script
- Updated translations: Bulgarian, Georgian, Kazakh, Swedish
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: be77fde6f6
---------------------------
pipewire: update 1.6.2 -> 1.6.3
- remove backport patch
PipeWire 1.6.3 (2026-04-09)
Highlights
- Fix some RAOP compatibility regressions.
- Fix segfault in the mixer in some cases.
- Most nodes now produce and consume MIDI1 again and avoid
conversions to and from UMP.
- Various small fixes and improvements.
PipeWire
- Fix regression with sample rate changes. (#5207)
- Fix a potential integer overflow in the memory mapping.
Modules
- Align RTP timestamps to make RAOP work on more devices. (#5167)
- Avoid crashes in RTP streams because of concurrent event
emmission.
- Avoid invalid fd usage in native-protocol with special crafted
messages.
- Fix properties and params enumeration in filter-chain (#5202).
SPA
- Fix compilation with -Werror=discarded-qualifiers
- Avoid OOB read in mix matrix. (#5176)
- Avoid loading plugins from absolute paths that are not in the
search path.
- Avoid MIDI conversions to and from UMP. (#5183)
Bluetooth
- Backport some fixes and avoid some crashes.
JACK
- Make sure timebase callback is never called with 0 frames.
- Increase the notify queue to avoid losing notifications.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 335045d3fb
---------------------------
kernel-selftest: add missing sources if mm is enabled
Some headers come from 'mm' (in the top source directory, i.e. the root of
Linux's sources), as in the exampels below:
Makefile:LOCAL_HDRS += $(selfdir)/mm/local_config.h $(top_srcdir)/mm/gup_test.h
cow.c:#include "../../../../mm/gup_test.h"
gup_longterm.c:#include "../../../../mm/gup_test.h"
gup_test.c:#include <mm/gup_test.h>
hmm-tests.c:#include <mm/gup_test.h>
uffd-unit-tests.c:#include "../../../../mm/gup_test.h"
Add this directory to KERNEL_SELFTEST_SRC if 'mm' PACKAGECONFIG is enabled.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 06ddb535df
---------------------------
kernel-selftest: fix mm selftests dependencies
Add numa (numactl), as required by rmap, migration, and others.
Add liburing, otherwise some tests would be disabled.
Moreover, liburing's availability is checked in a shell script executed
prior to the compilation of the individual test cases. This script,
however, does not read CFLAGS.
Backport a fix [1] from mainline to address this issue.
[1] https://github.com/torvalds/linux/commit/7f532d19c8be76ad2fcd7ab6b0c9eb618f70966b
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a407a3e533
---------------------------
kernel-selftest: drop libhugetlbfs
The support of libhugetlbfs was removed from mainline Linux a while ago,
since v6.1 [1].
Since libhugetlbfs was the main reason to remove 'mm' selftests for some
specific architectures, the respective operations should only remove bpf.
Update the recipe to remove libhugetlbfs as a dependency of mm, and thus
unblock this test category for some targets.
[1] https://github.com/torvalds/linux/commit/6f83d6c74ea5a5b267be85206822da280cae110a
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: fcae7611c1
---------------------------
kernel-selftest: rename vm selftests to mm
Since v6.10 [1], this category of selftests was renamed
to 'mm'.
Update the recipe accordingly.
I left a mention to the previous name (i.e., 'vm') just in case.
[1]: https://github.com/torvalds/linux/commit/baa489fabd01596d5426d6e112b34ba5fb59ab82
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5305a97026
---------------------------
xrdp: upgrade 0.10.5 -> 0.10.6
Mark fixed CVEs explicitly patched,because NVD tracks them without version info.
Changelog:
Security fixes:
CVE-2026-32105
CVE-2026-32107
CVE-2026-32623
CVE-2026-32624
CVE-2026-33145
CVE-2026-33516
CVE-2026-33689
CVE-2026-35512
New features:
Support for xorgxrdp bug fixes
Bug fixes:
Honour pass_shell_as_env setting only if user sets a shell
We no longer try to create a NULL authentication file when using VNC over UDS
Problems with the Brazilian ABNT2 keyboard mapping have been corrected
A 'file exists' error when installing xrdp over an existing installation has been addressed
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d696debe79
---------------------------
xdg-desktop-portal: upgrade 1.20.3 -> 1.20.4
Fixes CVE-2026-40354: https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.20.4
Also mark the CVE explicitly patched, as it is tracked without version info
at this time.
The project now has a dependency on libglnx, which by default it tries to download
from the internet during configuring. To avoid that error, this dependency is added to the SRC_URI.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9375394805
---------------------------
wolfssl: mark fixed CVEs as patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-5188
https://nvd.nist.gov/vuln/detail/CVE-2026-5392
https://nvd.nist.gov/vuln/detail/CVE-2026-5393
https://nvd.nist.gov/vuln/detail/CVE-2026-5447
https://nvd.nist.gov/vuln/detail/CVE-2026-5448
https://nvd.nist.gov/vuln/detail/CVE-2026-5460
https://nvd.nist.gov/vuln/detail/CVE-2026-5466
https://nvd.nist.gov/vuln/detail/CVE-2026-5479
https://nvd.nist.gov/vuln/detail/CVE-2026-5500
All of these CVEs are fixed in the current recipe version, however
NVD tracks them without version. Each NVD advisory references the
corresponding fix, and each of them are contained in 5.9.1.
Mark all of them as patched explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1be9c09e23
---------------------------
python3-pillow: upgrade 12.1.1 -> 12.2.0
Contains fix for CVE-2026-40192
License-update: Copyright holder's name is spelled out fully instead of using abbreviation.
Changelog: https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 468ee626f8
---------------------------
python3-grpcio: ignore CVE-2026-33186
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33186
The vulnerability only affects the Go implememtation of the library,
not the Python one. Ignore this CVE due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: aef8bc3422
---------------------------
protobuf, python3-protobuf: ignore CVE-2026-6409
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-6409
The vulnerability impacts only the PHP library component, not the
cpp/python one. Ignore this CVE due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 09050325e6
---------------------------
openjpeg: patch CVE-2026-6192
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-6192
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e88f57539e
---------------------------
ngtcp2: upgrade 1.22.0 -> 1.22.1
Contains fix for CVE-2026-40170 (which is tracked without version
by NVD, so also mark explicitly as patched).
Changelog: https://github.com/ngtcp2/ngtcp2/releases/tag/v1.22.1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: eb7dba674e
---------------------------
minizip: backport fix for the missing header
Minizip release v1.3.2 is missing required ints.h header that
causes build failure on components using it:
| ../../../../../recipe-sysroot/usr/include/minizip/ioapi.h:74:10: fatal error: ints.h: No such file or directory
| 74 | #include "ints.h"
| | ^~~~~~~~
Backport fix from https://github.com/madler/zlib/commit/cb14dc9ade3759352417a300e6c2ed73268f1d97
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d31f07340f
---------------------------
monkey: patch CVEs
These patches are about a number of CVEs files against the application:
CVE-2025-63649, CVE-2025-63650, CVE-2025-63651, CVE-2025-63652, CVE-2025-63653, CVE-2025-63655,
CVE-2025-63656, CVE-2025-63657 and CVE-2025-63658.
These patches are taken from a pull request[1] that is referenced in the relevant bug report[2].
The patches don't target specific CVEs on separately, but they fix a number of CVEs altogether.
Based on upstream analysis (in the linked issue) a number of these CVEs are duplicates of each
other and/or not exploitable. The valid CVEs are fixed by these patches.
I haven't added specific CVE info to the patches, one hand because of the above, it is hard to
separate the patches by CVE, and secondarily because NVD tracks these CVEs with incorrect version
info: NVD considers 1.8.6 fully fixed, even though the patches are only in the master branch,
untagged at this time. After updating the recipe to 1.8.6+, the vulnerabilites will disappear
from the CVE report due to this.
[1]: https://github.com/monkey/monkey/pull/434
[2]: https://github.com/monkey/monkey/issues/426
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 22277ca3a3
---------------------------
monkey: upgrade 1.8.4 -> 1.8.7
Shortlog:
https://github.com/monkey/monkey/compare/v1.8.4...v1.8.7
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 799eb058e2
---------------------------
gimp: update 3.2.0 -> 3.2.4
- add patches to fix compilation
- add runtime dependency for python3-pycairo
Overview of Changes from GIMP 3.2.2 to GIMP 3.2.4
=================================================
Core:
- The "edit-fill-*" actions will now behave accordingly on specific
cases. E.g. it will skip layers which can't be filled (content-lock
layers and link layers) and it will fill the expected way
non-rasterized text and vector layers.
- Images opened through command lines are not considered stray images
anymore on exit when run without a GUI (scripts, etc.).
- We improved the support of the process temporary folder, so that we
can avoid clashes when several users run GIMP on a same computer.
Furthermore the temporary folder is now deleted at startup (unless
it is not empty, which it should be).
- XCF opened as layers will now always create new layers named as in
the source XCF, even if the source XCF had only a single layer.
- The "layers-resize" now only works on raster layers.
- The "Layers to Image Size" and "Resize Layer to Selection" actions
will only work on raster layers too.
Tool
- Text tool:
* When editing text, prioritize our global actions when a
shortcut matches, before sending the hit keys to the IME (Input
Method Engine). Otherwise some IME may consume our keys and block
custom shortcuts (e.g. Alt+key events are often used to trigger
special characters on macOS or Windows and may block core
actions).
* Prevent font size jumping to 0 when using shortcuts on selected
text.
- Selection tools: when moving a floating layer or selection,
temporarily disable the marching ants outline. Among other reasons,
it improves performance.
- Select by Color tool: optimized processing when working in Intersect
mode.
- Crop tool: non-raster layers are not rasterized anymore.
- Text tool: on-canvas GUI is now properly positioned when rotating
the canvas.
Plug-Ins:
- Improve import of: APNG, PAA, PNG, DDS, PSP, PNM, PSD, JIF, PVR
texture, TIM, XWD, SFW, ORA.
- Improved PDF export.
- file-compressor: improved error messaging.
- New Windows WIA scanner plug-in, replacing the now deprecated TWAIN
scanner plug-in (which is not shipped in our Windows packages
anymore as it depends on dropped 32-bit Windows platform).
- Script-Fu: several deprecated functions now cleaned out from
scripts.
- Filmstrip: the created image will now have the dirty flag set.
API:
- libgimp/PDB:
* libgimp/PDB functions gimp_context_set_line_width_unit() and
gimp_vector_layer_set_stroke_width_unit() now accept pixel as input unit.
* Improved error handling in gimp_temp_file().
* New function: gimp_resources_loaded()
- libgimp:
* A function gimp_env_exit() was added, but same as gimp_env_init(),
it is not declared in public headers and should never be used by
plug-ins. It is considered private.
* gimp_quit() function is deprecated.
- PDB:
* (gimp-quit) procedure (without libgimp wrapper) is deprecated.
Translations:
- New Lao translation.
Build:
- Many build warnings are being cleaned out.
- New jobs are being set up with -Werror progressively as we weed out
existing build warnings.
- The issue bot will now run and create reports when specific jobs
fail.
- New rules to generate Markdown versions of our man pages for the
website.
Overview of Changes from GIMP 3.2.0 to GIMP 3.2.2
=================================================
Core:
- We removed support for a separate folder for loading 32-bit binaries
on 64-bit Windows. This was being used for core plug-ins for the
TWAIN plug-in only.
- Various fixes related to the new non-destructive layer types, or to
non-destructive layer effects.
- More robust handling of Procreate and SwatchBooker palettes.
- Fix scaling paths when importing SVG as paths.
- We now support reading the documentation being installed in the user
config directory in the `help/` subdirectory.
- Histogram dialog: the unique color count feature now takes into
account any selection.
Graphical User Interface:
- Theme fixes.
- Various text fixed for better localization.
- Display the "Tab" shortcut for the "Hide Docks" action, even though
it is not a real global shortcut (it only works on the canvas).
- Metadata Rotation import dialog: you can now click the preview for
Original and Rotated images in the Metadata Rotation Import Dialog,
and have it open the image rotated as shown in the preview.
Plug-Ins:
- Tile: carry over the source image's profile to the newly created
image.
- Improve support of: FITS, TIM, PAA, ICNS, PVR, SFW, JIF, PSP, PSD
Translations:
- Serbian Cyrillic now has upstream support in InnoSetup (in their
"Unofficial" list still, which means it is less verified). Our
installer now has Serbian Cyrillic localization too.
Build:
- NM environment variable is now used in priority for the `nm` tool
used for the build. This check is stored from configure-time
environment.
- Windows x86 32-bit pipeline has now been decommissioned from our CI.
This implies that 32-bit builds won't be available anymore in our
Windows installer, just as was already the case on the Windows Store.
- Meson build:
* New boolean option -Dtwain-unmaintained: this puts our TWAIN
plug-in behind a disabled-by-default flag, because this plug-in
only made sense in 32-bit. The next step will be to replace it by
a WIA plug-in.
* Option -Dwin32-32bits-dll-folder removed.
- GIMP can now be built fully without patches on macOS. The in-house
macOS build is slowly moving to become our main CI for this OS and
for making the release DMGs.
- Snap: enable MIDI (Alsa) support.
- AppImage: enable "Send by email".
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4152a23426
---------------------------
pytesseract: replace deprecated md5sum with sha256sum
SRC_URI[md5sum] has been deprecated and replace it with
SRC_URI[sha256sum] for proper integrity verification.
Signed-off-by: Haiqing Bai <haiqing.bai@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7f49deaf7e
---------------------------
libraw: mark CVE-2026-20911 and CVE-2026-21413 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-20911
https://nvd.nist.gov/vuln/detail/CVE-2026-21413
Both CVEs are tracked with incorrect version info: NVD indicates that
0.22.1 is explicitly vulnerable, but the fixes are actually included
in this release.
Relevant commits:
CVE-2026-20911: https://github.com/LibRaw/LibRaw/commit/5357bb5fc67ac616838fb84de67260d45987489b
CVE-2026-21413: https://github.com/LibRaw/LibRaw/commit/75ed2c12a35b765b3b6ad695cc1f044f19efe644
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: de5f93f95d
---------------------------
libgphoto2: patch CVE-2026-40341
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40341
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 420e5aec46
---------------------------
libgphoto2: patch CVE-2026-40340
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40340
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2e3be1dddc
---------------------------
libgphoto2: patch CVE-2026-40339
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40339
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f22e17508e
---------------------------
libgphoto2: patch CVE-2026-40338
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40338
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 078f26b084
---------------------------
libgphoto2: patch CVE-2026-40336
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40336
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f735ea20b1
---------------------------
libgphoto2: patch CVE-2026-40335
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40335
Backport the patch that is referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ce3fa8ad2a
---------------------------
libgphoto2: patch CVE-2026-40334
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40334
Backport the patch that is referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 754e02c668
---------------------------
libgphoto2: patch CVE-2026-40333
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-40333
Backport the patch referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 24d9844515
---------------------------
gphoto2: upgrade 2.5.28 -> 2.5.32
Drop patches that were merged in this release.
Changelog:
- --get-exif , --get-all-exif added
- --reverse modifier option added for fileoperations commands
- kill -USR2 can now stop --capture-movie
- updated translations
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f896922914
---------------------------
libcoap: upgrade 4.3.5a -> 4.3.5b
Contains fix fox CVE-2026-29013
Shortlog:
https://github.com/obgm/libcoap/compare/v4.3.5a...v4.3.5b
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c0a8cec24e
---------------------------
lcms: patch CVE-2026-41254
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-41254
Backport the patches referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2b1e34f0f5
---------------------------
jq: patch CVE-2026-39979
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-39979
Backport the patch that is referenced by the NVD advisory.y
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8d399af333
---------------------------
jq: patch CVE-2026-33948
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33948
Backport the patch that is referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 525e18ce21
---------------------------
jq: patch CVE-2026-33947
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33947
Backport the patch that is referenced by the NVD report.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e94ab85126
---------------------------
jq: patch CVE-2026-32316
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-32316
Backport the patch that is referenced by the NVD advisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6fb954e736
---------------------------
fio: upgrade 3.41 -> 3.42
Contains fix for CVE-2026-30656. Also mark this CVE as patched
explicitly, as NVD tracks it without version info.
Drop patches that are included in this release.
Changelog:
https://github.com/axboe/fio/releases/tag/fio-3.42
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
fio
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7bf89d06a4
---------------------------
libdvdread: use https for fetching code
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ae92a2993c
---------------------------
libdvdcss: use https for fetching code
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b50fbdd66b
---------------------------
libdvdnav: use https for fetching code
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5f254f737c
---------------------------
enca: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b620c1f7a6
---------------------------
libkcapi: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7d0bd988bb
---------------------------
highway: Update to latest tip of trunk
This brings fixes to build with clang-22 and C23 support
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 626ce67c53
---------------------------
dlt-daemon: fix sign-conversion warning in dlt_timer_conn_types array type
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9707426b83
---------------------------
liboauth2: Add knob for code coverage
Keep the knob disabled by default, as it will need
c runtime to provide profiling runtime, which is not
compiled into compiler-rt by default. So it ends up
with build failures e.g.
| aarch64-yoe-linux-ld.lld: error: cannot open /mnt/b/yoe/master/kas-build/tmp/work/cortexa72-yoe-linux/liboauth2/2.2.0/recipe-sysroot/usr/lib/clang/22.1.3/lib/aarch64-yoe-linux/libclang_rt.profile.a: No such file or directory
| aarch64-yoe-linux-clang: error: linker command failed with exit code 1 (use -v to see invocation)
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ee394862b9
---------------------------
sdbus-c++-libsystemd: Upgrade to 259.5
It matches OE-core and has musl support upstream
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2a1772dbc8
---------------------------
libcppconnman: Upgrade to 1.0.0
It has one change over last release
https://github.com/amarula/libcppconnman/commit/84fa99d3ba0908ff9debd9191c4eddabf08079d4
Fixes build errors e.g.
| CMake Error at cmake/VersionFromGit.cmake:59 (message):
| [VersionFromGit] Failed to execute Git: fatal: No names found, cannot
| describe anything.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 93286ad8b7
---------------------------
xfce4-screensaver: add dependencies libpam and systemd
The meson_options.txt sets authentication-scheme to 'pam' and
session-manager to 'systemd' by default, which requires libpam
and systemd at build time. Add them to DEPENDS to fix the
configuration failures:
../sources/xfce4-screensaver-4.20.2/meson.build:167:20: ERROR: C shared or static library 'pam' not found
../sources/xfce4-screensaver-4.20.2/meson.build:265:26: ERROR: Dependency "libsystemd" not found, tried pkgconfig
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 70144adc98
---------------------------
drbd-utils: upgrade 9.30.0 -> 9.34.0
Changes:
- Drop 0001-Fix-build-with-gcc-15.patch (merged upstream).
- Add 0001-fix-the-hardcoded-legacy-helper-path.patch: replace the
hardcoded "/lib/drbd" path in add_lib_drbd_to_path() with the
build-configured DRBD_LEGACY_LIB_DIR derived from LIBDIR
- Remove sed fixup for the now-absent ocf.ra@.service.
- Install new upstream 50-drbd.preset into systemd system-preset
Signed-off-by: Haiqing Bai <haiqing.bai@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 574aa17a02
---------------------------
libtoml11: Fix build with C23 and clang
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3e04c621c4
---------------------------
magic-enum: Upgrade to latest
It has fixes for C23 and Clang-22 added also fixes/workarounds for
libstdc++-14 combinations with different versions of gcc and clang.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c1765cd254
---------------------------
streamripper: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 515a0ba30d
---------------------------
composefs: Fix incompatible pointer type qualifier mismatches
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d4e052c45e
---------------------------
poco: upgrade 1.15.1 -> 1.15.2
Remove explicit libatomic code from recipe as upstream has implemented
it in cmake. Tested build with all 4 qemu<arch> machines.
Release notes [1]:
Release 1.15.2 (2026-04-16)
===========================
Summary of Changes:
This release focuses on security hardening and bug fixes. Key changes include
TLS 1.3 support for NetSSL_Win, building Crypto and NetSSL with
OPENSSL_NO_DEPRECATED, removal of deprecated non-EVP OpenSSL code (breaking
change), significant multipart parsing performance improvements, Prometheus
thread/CPU metrics, GNU Hurd platform support, and numerous bug fixes across
networking, cryptography, and data handling. All bundled third-party libraries
have been updated to their latest releases.
Breaking Changes:
- GH #4602 OpenSSL: Remove deprecated non EVP code
Security Fixes:
- PR #5306 chore(dependencies): refresh bundled third-party libraries
- GH #5296 Crypto and NetSSL_OpenSSL should build with OPENSSL_NO_DEPRECATED defined
- GH #5278 NetSSL_Win does not support TLS 1.3
Bundled Third-Party Library Upgrades:
- libpng 1.6.55 -> 1.6.57 - security fixes
- libharu (hpdf) 2.4.5 -> 2.4.6 - security (TTF fixes) + memory alloc / Windows build fixes
- SQLite 3.51.2 -> 3.53.0 - WAL-reset database corruption fix, query planner improvements
- Quill 11.0.2 -> 11.1.0 - thread-local context fix, nullptr checks, backend poll hooks
Features and Enhancements:
- PR #5305 enh(Foundation): auto-disable FastLogger on unsupported platforms
- PR #5303 enh: bump macOS deployment target to 15.0 (Sequoia)
- PR #5300 chore(PropertyConfigurationFile): use '=' as default separator
- PR #5298 Foundation: Fix sign-compare warnings in StreamConverter
- PR #5294 Link with atomic library on architectures that need it
- GH #5292 enh: reduce binary size growth since 1.14.2
- GH #5291 Component Install Support
- PR #5286 fix(cmake,DNSSD): build fixes and cmake dependency resolution
- GH #5280 Remove WinDriver.cpp files
- GH #5275 Prometheus: add memory and thread metrics
- GH #5266 PropertyFileConfiguration: add include file capability
- GH #5250 Poco::Net::Context::addCertificateAuthority() could include a call to SSL_CTX_load_verify_locations()
- GH #4846 NetSSL/Crypto: Replace deprecated OpenSSL features
Bug Fixes and Improvements:
- PR #5309 fix(Redis,XML,CppParser): replace dynamic_cast with static_cast for hidden visibility
- GH #5308 Net: SocketProactor reports success on TCP write after non-blocking connect refusal
- PR #5304 fix(MongoDB): suppress false topology change notifications on heartbeat
- PR #5293 Port library to GNU Hurd
- GH #5288 Fuzzing Issue in MailMessage
- GH #5287 Fuzzing Issue in DateTime
- PR #5284 fix(Redis): use shared_ptr for NotificationCenter, harden AsyncNotificationCenter::stop()
- PR #5283 fix(ApacheConnector,Foundation): fix compile warnings with GCC 15
- GH #5269 Pipe close deadlocks on
- PR #5264 fix(Data): Robust date/time parsing in SQLite/PostgreSQL extractor
- GH #5263 X509Certificate validFrom method throws exception for timestamps ending with Z
- GH #4883 SecureSocketImpl::shutdown() regression since 1.14.0
- GH #4772 InvalidCertificateHandler onInvalidCertificate wrong exception
- GH #4118 Poco Multipart parsing is 10x slower than its Boost/beat or restinio equivalent
- GH #1097 Process::isRunning returns true for defunct tagged process
[1] https://github.com/pocoproject/poco/blob/poco-1.15.2-release/CHANGELOG
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a38bcc23f7
---------------------------
mpd: Fix systemd user unit installation
systemd_system_unitdir was accidentally used as the destination for
the user systemd unit, which means it overwrites the system unit.
Correct it to systemd_user_unitdir to fix starting with the system
unit.
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 750982ed27
---------------------------
fswebcam: Add RRECOMMENDS ttf-dejavu-sans
Add a recommendation for a sans serif font to print text on images. But
fswebcam works fine without a font to save only plain images.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ee20c1a573
---------------------------
libraqm: New recipe for a library for complex text layout
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: be9f029b6c
---------------------------
gd: Support PACKAGECONFIG
Some recipes (like fswebcam) need gd with support of fontconfig to really
work. Otherwise font selection is not that easy.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2df018ea4b
---------------------------
dlt-daemon: fix missing application description
Running "dlt-example-user 'test'",
Check "dlt-control -j localhost", will not get application description:
APID:LOG-
Expected:
APID:LOG- Test Application for Logging
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2b16c16389
---------------------------
packagegroup-meta-python: Enable python3-pyatspi conditional upon GI data
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 268b24cf14
---------------------------
packagegroup-meta-oe: Make pcp and remmina depend upon x11 distro feature
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d7386465ee
---------------------------
xrdp: Guard ptests with x11 distro feature
xrdp only builds when x11 is enabled, make it consistent
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0c5517ff10
---------------------------
hiawatha: Upgrade to 12.1 release
- HTTP/2 support added via the nghttp2 library
(credits to Heiko Zimmermann) — noted as experimental, so
testing carefully before enabling on production servers is
recommended.
- mbed TLS updated from 4.0.0 to 4.1.0.
- ssi-cgi removed — the release notes suggest using
Hiawatha's XSLT support as a more advanced alternative.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dd3221a5e7
---------------------------
taisei: Fix build with glibc 2.43 + c23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ec5480d068
---------------------------
eog: Update to 49.3
Turn color management into packageconfig knob which is turned
off by default as it needs x11 support.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 975376f1c7
---------------------------
ruli: Delete -ansi and -pedantic from compiler commandline
The build fails because ruli is compiled with -ansi
(which implies C89/C90), but glibc's memchr macro
uses _Generic, a C11 feature. Clang treats this as
an error via -Werror,-Wc11-extensions.
Fixes build with glibc 2.43+
| ruli_conf.c:86:12: error: '_Generic' is a C11 extension [-Werror,-Wc11-extensions]
| 86 | if (!memchr(inbuf, '\0', LOAD_SEARCH_LIST_INBUFSZ))
| | ^
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e1f95af4ba
---------------------------
meta-oe/recipes: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e488423e25
---------------------------
audiofile: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Drop enforcing -std=c++14 as thats no longer needed
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0581dcc49b
---------------------------
sthttpd: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6b90623439
---------------------------
dante,openflow,linux-atm: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9954723208
---------------------------
ruli: disable C23 support to fix build
Avoid potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2571280d86
---------------------------
dhcp-relay: disable C23 support to fix configure check
Set ac_cv_prog_cc_c23=no to prevent autoconf from detecting C23
compiler support, avoiding potential build failures as the package
is not yet fully ported to support C23 standard.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 930d936313
---------------------------
libvarlink: Fix build with C23 support in glibc
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0d39d65c0e
---------------------------
systemd-netlogd: Upgrade to 1.4.5 release
Fix build on 32-bit with 64-bit time_t
Fix build with C23 on
For full details:
https://github.com/systemd/systemd-netlogd/releases/tag/v1.4.5
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0556ca04c6
---------------------------
libcanberra: Upgrade to 0.30-20
* Revert "Disable tdb feature on loong64 for bootstrapping"
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bf0e9419c5
---------------------------
cheese: Require x11 distro feature
libcanberra needs to be compiled with gtk3 and x11 support
otherwise cheese fails to find libcanberra-gtk3 package which
makes it hard depend upon x11
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: de9e6be749
---------------------------
xfdesktop: Add missing DEPENDS on libyaml
The build fails like this:
Run-time dependency yaml-0.1 found: NO (tried pkgconfig)
../sources/xfdesktop-4.20.1/meson.build:63:10: ERROR: Dependency "yaml-0.1" not found, tried pkgconfig
Fix the failure by adding the missing dependency.
Signed-off-by: Calvin Owens <calvin@wbinvd.org>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 07a51dfa4e
---------------------------
gedit: Use gitsm in SRC_URI for new gdlib submodule
Upstream now uses a submodule for gdlib, so the build attempts to clone
the submodule over the network and fails. Fix by cloning the submodule
via SRC_URI.
Signed-off-by: Calvin Owens <calvin@wbinvd.org>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d09f50438f
---------------------------
lshw: Fix binmerge
In case $sbindir = $bindir we have to pass this setting to make.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f23c00b163
---------------------------
jsoncpp: add ptest support
Add ptest support for jsoncpp to enable automated testing of the
JSON C++ library functionality.
Note:
- Tested on: WRLinux master-wr (based on meta-openembedded master)
- jsoncpp version: 1.9.7
- Unable to test on pure upstream due to poky/meta-oe branch mismatch
Test Result:
root@qemux86-64:~# ptest-runner jsoncpp
START: ptest-runner
2026-04-15T14:04
BEGIN: /usr/lib64/jsoncpp/ptest
PASS: jsoncpp_readerwriter
PASS: jsoncpp_readerwriter_json_checker
PASS: jsoncpp_test
DURATION: 122
END: /usr/lib64/jsoncpp/ptest
2026-04-15T14:06
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Zeming LIU <zeming.liu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2f1a9776c7
---------------------------
rocksdb: packageconfig knob for set static library option
Adding PACKAGECONFIG knob for enable/disable the static library option
it is just a follow-up changes of previous commit
https://git.openembedded.org/meta-openembedded/commit/?id=233079a41caded6b68972317f01dc09435ba1ae0
and also this changes are already accepted and integrated in kirkstone branch.
Signed-off-by: Zahir Hussain <zahir.basha@kpit.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f34a878ee2
---------------------------
python3-moteus: Upgrade 0.3.99 -> 0.3.100
Upgrade to release 0.3.100:
- python: Fix compatibility with older python versions
- Add configurable faults for position or velocity tracking error
- Work around a linker warning with newer gcc
- tview: Suppress warnings about importing Axes3D
- moteus_gui: Include registernoop.py in our generated wheel
- Replace setup.py with pyproject.toml for Python package builds
- Use ::isfinite for Arduino compatibility
- Implement support for the RLS Orbis encoder over SPI
Fixes:
WARNING: python3-moteus-0.3.100-r0 do_check_backend: QA Issue:
inherits setuptools3 but has pyproject.toml with setuptools.build_meta,
use the correct class [pep517-backend]
License-Update: Use PKG-INFO
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 50d807b18b
---------------------------
python3-soupsieve: Upgrade 2.8.2 -> 2.8.3
Upgrade to release 2.8.3:
- FIX: Fix inefficient attribute pattern.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b94206dc56
---------------------------
python3-huey: Upgrade 2.6.0 -> 3.0.0
Upgrade to release 3.0.0:
- Add chord() (map -> reduce) and group() (map) primitives.
- Add timeout (using SIGALRM for process and gevent.Timeout for
greenlet) to control task running time. For threads, unfortunately,
there's no good mechanism so instead APIs for cooperatively
checking timeout are provided on the Task instance.
- Add simple fixed-window rate_limit() for tasks.
- Add Result.is_ready() method for checking result readiness.
- New option for low-latency result fetching, available for RedisHuey.
To use, pass notify_result=True when initializing your Huey instance.
- Add new incr(key, amount=1) to storage API for atomic increment
primitive. This is used by chord().
- Add new wait_result() method to storage APIs for efficiently waiting
for a result to become ready. The default implementation uses the
exponential backoff from the previous implementation of a blocking
Result.get() - so no changes are needed. However if you have a custom
storage implementation, this provides a mechanism for pub/sub or
other notification of result readiness.
- Remove Python 2.x compatibility.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 18a7b38f73
---------------------------
python3-uvicorn: Upgrade 0.42.0 -> 0.44.0
Upgrade to release 0.44.0:
- Implement websocket keepalive pings for websockets-sansio
From 0.43.0:
- Emit http.disconnect ASGI receive() event on server shutting down
for streaming responses
- Use native context parameter for create_task on Python 3.11+
- Drop cast in ASGI types
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 85ed0b926c
---------------------------
onboard: upgrade 1.4.3-9 -> 1.4.4-1
1.ChangeLog
https://github.com/onboard-osk/onboard/releases/tag/1.4.4-1
2.Remove 0001-pypredict-lm-Define-error-API-if-platform-does-not-h.patch as error has been solved in 1.4.4-1.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 17a8c0d634
---------------------------
xdg-user-dirs: upgrade 0.19 -> 0.20
Build system change from autotools to meson.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 629cdd168e
---------------------------
leancrypto: upgrade 1.7.1 -> 1.7.2
ChangeLog:
https://github.com/smuellerDD/leancrypto/releases/tag/v1.7.2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d5bdddcd95
---------------------------
htop: upgrade 3.4.1 -> 3.5.0
1.ChangeLog
https://github.com/htop-dev/htop/blob/main/ChangeLog
2.Use --with-libunwind instead of --enable-unwind
3.Update 0001-configure.ac-Remove-usr-include-libnl3.patch for 3.5.0
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 29305b3295
---------------------------
python3-mlcommons-loadgen: upgrade 5.1.2 -> 6.0.14
Update source-date-epoch.patch for 6.0.14
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7d34df5102
---------------------------
iperf3: upgrade 3.20 -> 3.21
1.ChangeLog:
https://github.com/esnet/iperf/releases/tag/3.21
2.LIC_FILES_CHKSUM Changed as Copyright Year change from 2025 to 2026.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0fecdd0b59
---------------------------
libhugetlbfs: add RISC-V to COMPATIBLE_HOSTS
A preliminar effort to support RISC-V was added in v2.23:
a529598 Introduce basic riscv64 support [1]
Following the guidelines in libhugetlbfs's HOWTO, here are the outputs
of some commands in qemuriscv64:
root@qemuriscv64:~# grep -i huge /proc/filesystems
nodev hugetlbfs
root@qemuriscv64:~# hugeadm --pool-list
Size Minimum Current Maximum Default
65536 0 0 0
2097152 0 0 0 *
root@qemuriscv64:~# hugeadm --pool-pages-min 2MB:10 --add-temp-swap
root@qemuriscv64:~# hugeadm --pool-list
Size Minimum Current Maximum Default
65536 0 0 0
2097152 10 10 10 *
root@qemuriscv64:~# hugeadm --pool-pages-min 2MB:-5
root@qemuriscv64:~# hugeadm --pool-list
Size Minimum Current Maximum Default
65536 0 0 0
2097152 5 5 10 *
Regarding toolchains, libhugetlbfs for RISC-V builds fine with both
clang and gcc.
[1]: https://github.com/libhugetlbfs/libhugetlbfs/commit/a529598dd256c79799d5e43e6d79146ca15f1c16
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d2e6069771
---------------------------
gthumb: Upgrade to 3.12.10
exiv2 is hard dependency now.
webservices option and hence soup2 dependency is removed
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ea3df4e2c6
---------------------------
mosquitto: install default mosquitto.conf for systemd compatibility
The upgrade to mosquitto 2.1.2 follows an upstream change where the
default configuration file is only installed as
${sysconfdir}/mosquitto/mosquitto.conf.example.
However, the shipped systemd service explicitly starts mosquitto using
${sysconfdir}/mosquitto/mosquitto.conf. If this file is not present, the
daemon exits immediately and the service fails to start.
Install the default mosquitto.conf alongside the example file, using the
upstream-provided configuration, to match the expectations of the
service unit and ensure the service starts correctly by default, as done
with the 2.0.22 version.
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6b29351885
---------------------------
coremark: add missing license file for LicenseRef-EEMBC-AUA
Add the license text file to resolve the do_populate_lic QA issue.
This allows the build to verify the custom license identifier.
Signed-off-by: Ashwin Prabhakar <ashwin.prabhakar@qti.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d0cdd0805a
---------------------------
CoreMark: Add CoreMark to benchmark CPU performance
Add support for CoreMark benchmark in recipes-benchmark. This
package can be used to benchmark CPU performance in SOC's Application
processor core.
Signed-off-by: Ashwin Prabhakar <ashwin.prabhakar@qti.qualcomm.com>
coremark: append LDFLAGS to TARGET_CC_ARCH to fix QA issue
Signed-off-by: Ashwin Prabhakar <ashwin.prabhakar@qti.qualcomm.com>
coremark: update to Apache-2.0 and LicenseRef-EEMBC-AUA
Update the project license to Apache-2.0 combined with the
EEMBC Acceptable Usage Agreement (AUA) as requested by the maintainer.
This ensures compliance with EEMBC's updated licensing requirements
for CoreMark.
Signed-off-by: Ashwin Prabhakar <ashwin.prabhakar@qti.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b171aba911
---------------------------
xterm: upgrade 407 -> 408
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 15a56e9d95
---------------------------
stunnel: upgrade 5.77 -> 5.78
License-Update: Copyright year updated to 2026
fix-openssl-no-des.patch
refreshed for 5.78
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 22854e60c4
---------------------------
python3-zopeinterface: upgrade 8.2 -> 8.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e0fc1b6d29
---------------------------
python3-virtualenv: upgrade 21.2.0 -> 21.2.1
Changelog:
===========
- Upgrade embedded pip/setuptools/wheel
- Enhance upgrade workflow: age check, dedup, issue tracking
- fix(create): use commonpath for correct path validation
- ci(workflows): add zizmor security auditing
- Add current and previous maintainers
- fix(ci): restore git credentials for release and upgrade jobs
- Fix broken Installation link in README
- fix: use terminal width for help formatting instead of hardcoded 240
- fix(nushell): surface actionable hint in deactivate error output
- ci: fix setup-uv warnings and drop brew@3.9
- fix(ci): fix pre-release push and release note generation
- fix(ci): check out repo in publish job for gh release notes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e8272fb33d
---------------------------
python3-tox: upgrade 4.52.0 -> 4.52.1
Changelog:
==========
- use normalize_isa for architecture factor matching
- fix(pip): invalidate install cache on resolution env var changes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bd948393d9
---------------------------
python3-soundcard: upgrade 0.4.5 -> 0.4.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: df1c485e18
---------------------------
python3-smbus2: upgrade 0.6.0 -> 0.6.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 00ee8e3bff
---------------------------
python3-rich: upgrade 14.3.3 -> 15.0.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 18d1c54c72
---------------------------
python3-python-multipart: upgrade 0.0.24 -> 0.0.26
Changelog:
===========
- Skip preamble before the first multipart boundary more efficiently
- Silently discard epilogue data after the closing multipart boundary
- Add MIME content type info to File
- Handle CTE values case-insensitively
- Remove custom FormParser classes
- Add UPLOAD_DELETE_TMP to FormParser config
- Emit field_end for trailing bare field names on finalize
- Handle multipart headers case-insensitively
- Apply Apache-2.0 properly
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 845d15ae2a
---------------------------
python3-pytest-httpx: upgrade 0.36.0 -> 0.36.2
License-Update: Copyright year updated to 2026.
Fixed:
Document how to ignore query parameters while matching on URL.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 02e82f58c2
---------------------------
python3-pymodbus: upgrade 3.12.1 -> 3.13.0
Changelog:
============
- Correct missing types.
- Altherma heat pump control, with Home Assistant and updating server.
- SimDevice, use_bit_address allows different addressing for BITS.
- Remove 3.5char frame time check.
- Fixed Modbus*Context.
- Fix bug in ModbusDeviceContext.
- Fix log level in examples
- Fix CSS lookup for simulator server
- Fix usage docs in examples: add missing option --baudrate
- Doc:Finalice server/simulator narrative
- Fix codespell bug.
- Datastores uses SimData/SimDevice.
- Doc on how to convert to SimData/SimDevice.
- Fix Read Fifo Query RTU Frame Size
- Update server documentation (datstore).
- Update server examples to use SimData/SimDevice.
- Add server.async_get/setValues.
- Solve codeql caching problem.
- Remove unused methods in datastore.
- Remove datastore get/setValues (async_get/set exist)
- Revert "Combine ModbusSparseDataBlock with ModbusSequentialDataBlock."
- Combine ModbusSparseDataBlock with ModbusSequentialDataBlock.
- Remove RemoteDeviceContext datastore.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e249a4e8df
---------------------------
python3-pyais: upgrade 2.20.1 -> 3.0.0
Changelog:
===========
- ~35% faster compared to v2
- breaking Changes
removed bitarray dependency. Replaced with a custom bit_vector
renamed AISSentence.bit_array to AISSentence.bv
renamed Payload.from_bitarray() to Payload.from_vector()
renamed Payload.to_bitarray() to Payload.to_bytes()
changed overflow encoding behavior
deprecated NonPrintableCharacterException
dropped support for Python 3.9
- removed bitarray as an external dependency
- improved performance through a custom bit vector implementation
- optimized single-fragment message assembly
- NOTE: If you are not ready to migrate, v2 continues to receive bugfixes on the legacy branch
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d61051de6b
---------------------------
python3-platformdirs: upgrade 4.9.4 -> 4.9.6
fix:
use double quotes for tag variable expansion
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8bf9ef4452
---------------------------
python3-inline-snapshot: upgrade 0.32.5 -> 0.32.6
Fix:
- Pydantic models, attrs and dataclasses with NewType-typed fields now generate
correct snapshots that wrap the field value with the NewType constructor (e.g.
Something(some_id=SomeID(1)) instead of Something(some_id=1)). This could only
be fixed for Python >= 3.10.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 85617f68bf
---------------------------
python3-imgtool: upgrade 2.3.0 -> 2.4.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ab0b7e4e59
---------------------------
python3-greenlet: upgrade 3.3.2 -> 3.4.0
Changelog:
==========
- Publish binary wheels for RiscV 64.
- Fix multiple rare crash paths during interpreter shutdown.
- Note that this now relies on the atexit module, and introduces subtle API
changes during interpreter shutdown (for example, getcurrent is no longer
available once the atexit callback fires).
- Address the results of an automated code audit performed by Daniel Diniz.
This includes several minor correctness changes that theoretically could have
been crashing bugs, but typically only in very rare circumstances.
- Fix several race conditions that could arise in free-threaded builds when
using greenlet objects from multiple threads, some of which could lead to
assertion failures or interpreter crashes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e799080b87
---------------------------
python3-google-auth: upgrade 2.48.0 -> 2.49.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6157dd3159
---------------------------
python3-git-pw: upgrade 2.7.1 -> 2.8.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 79ea9d58cd
---------------------------
python3-gevent: upgrade 25.9.1 -> 26.4.0
Changelog:
===========
- Make gevent.ssl stop reusing exception instances, as this could appear to
cause a memory leak if there are many short reads or writes.
- Fix Greenlet.dead returning true for an active greenlet during early
bootstrap.
- Fix some potential GIL-related crashes during interpreter shutdown by
avoiding acquiring the GIL in libev callbacks when the interpreter is
finalizing.
- Support for Python 3.9 has been removed.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c115689120
---------------------------
ostree: upgrade 2025.7 -> 2026.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d244f85aa0
---------------------------
nano: upgrade 8.7.1 -> 9.0
Changelog:
============
- When the cursor almost goes offscreen to the right, all lines are
now scrolled sideways together, by just the amount needed to keep
the cursor in view. Use --solosidescroll or 'set solosidescroll'
to get back the old, jerky, single-line horizontal scrolling.
- The viewport can be scrolled sideways (in steps of one tabsize)
with M-< and M->. See 'man nanorc' if M-< and M-> should switch
between buffers (as they did earlier).
- M-Left, M-Right, M-Up, and M-Down have become rebindable.
- Stopping the recording of a macro immediately after starting it
cancels the recording and leaves an existing macro in place.
- Feature toggles no longer break a chain of ^K cuts or M-6 copies,
except the M-K cut-from-cursor toggle.
- With --mouse and --indicator, one can click in the scrollbar area
to roughly navigate within the buffer.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 38402132a9
---------------------------
mpich: upgrade 5.0.0 -> 5.0.1
Changelog:
==========
- Fix bad cast in release-gather collectives that caused data loss
issues on Big-Endian 64b arches (s390x)
- Fix issue with canceling MPI_ANY_SOURCE receive requests
- Fix configuration issue when C++ compiler does not support complex types
- Fix function signature issue in Hydra PBS support
- Fix crash in MPI_Allreduce with MPI_LOGICAL type
- Fix potential crash in multi-nic libfabric initialization
- Fix memory leaks in Level Zero and PMIx support
- Fix bug in CMA code when GPU support is enabled
- Fix potential shared memory collision between multiple singleton
processes on the same node
- Add large count and other necessary aliases to ROMIO to avoid
accidental profiling of internal MPI function usage
- Add missing error checks in rndv and colletive composition code
- Improve autogen.sh error message when autotools are too old
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e5546d6d09
---------------------------
libsodium: upgrade 1.0.21 -> 1.0.22
0001-Fix-compilation-with-GCC-on-aarch64.patch
removed since it's included in 1.0.22
Changelog:
============
- Post-quantum key encapsulation is now available. ML-KEM768, the
NIST-standardized lattice-based KEM, is accessible through the
'crypto_kem_mlkem768_*()' functions.
- X-Wing, a hybrid KEM combining ML-KEM768 with X25519 for protection
against both classical and quantum adversaries, is available through the
'crypto_kem_*()' functions. X-Wing is the recommended KEM for most
applications.
- SHA-3 hash functions are now available as 'crypto_hash_sha3256_*()'
and 'crypto_hash_sha3512_*()', with both one-shot and streaming APIs.
- Performance: NEON optimizations for Argon2 on ARM platforms.
- Performance: SHA3 (Keccak1600) now leverages ARM SHA3 instructions when
available on ARM platforms.
- Performance: WebAssembly SIMD implementations of Argon2 have been added.
- Emscripten: LTO is now disabled. With Emscripten 4, LTO produced
WebAssembly modules with functions that ran significantly slower than
without it.
- Emscripten: a new option allows compilation with SIMD support.
- Emscripten: native ESM module generation is now supported.
- JavaScript sumo builds now allow up to 80 MiB memory usage, so that
'crypto_pwhash' with the interactive settings can be used in pure
JavaScript, not just WebAssembly.
- XOF state alignment has been relaxed.
- 'crypto_core_keccak1600_state' has been added.
- Export missing 'crypto_ipcrypt_nd_keygen()' helper function.
- 'crypto_auth_hmacsha256_init' and 'crypto_auth_hmacsha512_init' now
accept NULL key pointers (with a zero key length), for consistency with
other '_init' functions.
- apple-xcframework: headers are now in a Clibsodium subdirectory
to prevent module.modulemap collisions with other xcframeworks.
- Fixed compilation with GCC on aarch64 and gcc 4.x.
- On aarch64, aes256-gcm is now enabled even when not using clang,
including MSVC.
- Added compatibility with Visual Studio 2026 when toolsets do not
define PlatformToolsetVersion.
- Libsodium can be directly used as a dependency in a Zig project.
- Performance of MSVC builds has been improved.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 541345b393
---------------------------
libgedit-gfls: upgrade 0.4.0 -> 0.4.1
Changelog:
===========
- Fix a unit test on big-endian architectures.
- Translation updates.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 946243ec05
---------------------------
imagemagick: upgrade 7.1.2-18 -> 7.1.2-19
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 68f73e67d8
---------------------------
graphviz: upgrade 14.1.4 -> 14.1.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a2366fee7d
---------------------------
gnome-online-accounts: upgrade 3.58.0 -> 3.58.1
* Bugs fixed:
- !391 google: Use #ifdef for GOA_GOOGLE_FILES_ENABLED
* Translation updates:
- Serbian
- Slovak
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cb7da084bc
---------------------------
glaze: upgrade 7.3.0 -> 7.3.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f2df8812c4
---------------------------
geoclue: upgrade 2.8.0 -> 2.8.1
Fixes:
- Accept NMEA GGA sentences with 11 or more parts (needed 14 or more
previously)
- Use async D-bus 'Set' methods to set client properties in libgeoclue to
improve robustness
- Do not change Client Location property on updates which are below threshold
to avoid leaking location to D-bus
- Ignore wired WPA interfaces when finding an interface for WiFi scanning
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 485e91f5f4
---------------------------
babl: upgrade 0.1.124 -> 0.1.126
It is now possible to build with MSVC.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c3461d98fb
---------------------------
b4: upgrade 0.15.1 -> 0.15.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f266b3db88
---------------------------
atftp: upgrade 0.8.0 -> 0.8.1
License-Update: update LICENSE from https://www.gnu.org/licenses/
Changelog:
=============
- merge README* to single README.md
- Merge pull request #2 from feckert/pr/20250902-build-fixes
- Fix fortify abort when LTO is enabled
- Fix uninitialized buffer data.
- Enable listening on IPv6
- test.sh: redirect stderr to /dev/null when counting lines
- Declare variable D as local in stop_and_clean
- Fix pthread_t format warning for fprintf
- Fix incompatible-pointer-types for pcre2_substring_list_free
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4e07ea136a
---------------------------
webkitgtk3: fix escaping in CVE_PRODUCT
The CPE parsing in oe-core's cve_check.py now handles escapes correctly[1]
so we don't need to escape in CVE_PRODUCT.
[1] oe-core 3c73dafd03b ("cve_check: Improve escaping of special characters in CPE 2.3")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8093eeb036
---------------------------
xerces-c: fix escaping in CVE_PRODUCT
The CPE parsing in oe-core's cve_check.py now handles escapes correctly[1]
so we don't need to escape in CVE_PRODUCT.
[1] oe-core 3c73dafd03b ("cve_check: Improve escaping of special characters in CPE 2.3")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 58b1309892
---------------------------
dracut: upgrade 109 -> 110
Drop upstream 0002-fix-broken-symlink-in-dracut-config-examples.patch
Changelog: https://github.com/dracut-ng/dracut-ng/releases/tag/110
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 44a29c54f9
---------------------------
openct: Drop this recipe
1.Drop openct as it is unmaintained upstream.
2.Remove openct in meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 647d2b6e70
---------------------------
parole: fix do_compile failure
Fix build failure:
/build/tmp/work/x86-64-v3-poky-linux/parole/4.18.2/recipe-sysroot-native/usr/bin/x86_64-poky-linux/x86_64-poky-linux-ld: parole-conf.o: undefined reference to symbol 'xfce_rc_close'
/build/tmp/work/x86-64-v3-poky-linux/parole/4.18.2/recipe-sysroot-native/usr/bin/x86_64-poky-linux/x86_64-poky-linux-ld: /build/tmp/work/x86-64-v3-poky-linux/parole/4.18.2/recipe-sysroot/usr/lib/libxfce4util.so.7: error adding symbols: DSO missing from command line
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f70eb0ec00
---------------------------
libxfce4ui: add wayland PACKAGECONFIG
Add wayland PACKAGECONFIG and add wayland and x11 dependency
explicitly
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: fa2a8fd7a4
---------------------------
thunar: remove x11 from REQUIRED_DISTRO_FEATURES
We add x11 into REQUIRED_DISTRO_FEATURES since xfce4-panel requires it,
now, xfce4-panel not require x11, so remove x11 from
REQUIRED_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5434650e26
---------------------------
xfce4-panel: Remove x11 from REQUIRED_DISTRO_FEATURES
Dependency on libwnck3 is moved into PACKAGECONFIG, so we can remove x11
from REQUIRED_DISTRO_FEATURES, set ANY_OF_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0c62131dda
---------------------------
xfce4-pulseaudio-plugin: remove x11 from REQUIRED_DISTRO_FEATURES
We add x11 into REQUIRED_DISTRO_FEATURES because one of the dependency
pavucontrol requires x11, now, pavucontrol doesn't require x11, so
remove x11 from REQUIRED_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3c3e80d39d
---------------------------
pavucontrol: remove x11 from REQUIRED_DISTRO_FEATURES
We add x11 into REQUIRED_DISTRO_FEATURES because one of the dependency
gtkmm4 require x11, now, gtkmm4 don't require x11, so remove x11 from
REQUIRED_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 081a8b15b8
---------------------------
gtkmm4: remove x11 from REQUIRED_DISTRO_FEATURES
We add x11 into REQUIRED_DISTRO_FEATURES because one of the dependency
atkmm requires x11, refer [1], remove atkmm from dependency, and remove
x11 from REQUIRED_DISTRO_FEATURES
[1] https://gitlab.gnome.org/GNOME/gtkmm/-/commit/0fc81d346f50bfc30f6fb78afe6a15331c5a8790
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bc788c6649
---------------------------
xdg-dbus-proxy: upgrade 0.1.6 -> 0.1.7
Contains fix for CVE-2026-34080. Since it is tracked without version info
by NVD, mark it explicitily as patched.
Drop the patch that is included in this release.
While here, also add the recipe to the ptest list - it's a fast one,
runs under a second.
Changelog:
- Drop the autotools build system
- Unbreak the CI
- Prevent a crash on disconnect
- Fix building with glibc >= 2.43
- Fix the eavesdrop filtering to prevent message interception
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 054e388728
---------------------------
wolfssl: upgrade 5.9.0 -> 5.9.1
Contains many CVE fixes.
Changelog: https://github.com/wolfSSL/wolfssl/releases/tag/v5.9.1-stable
There are a number of fixed CVEs in this version that are tracked without
version by NVD - mark them as patched explicitly.
Ptests passed:
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b5d466f731
---------------------------
ntp: Fix build with -std=gnu23
Backport a patch from openLDAP to fix the configure errors with clang-22 -std=gnu23
Fix another issue by dropping C89 signatures in favor of C99 function prototypes
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d13ec66639
---------------------------
python3-django: upgrade 5.2.12 -> 5.2.13
Contains fixes for CVE-2026-3902, CVE-2026-4277, CVE-2026-4292,
CVE-2026-33033 and CVE-2026-33034.
Changelog: https://docs.djangoproject.com/en/6.0/releases/5.2.13/
Ptests passed successfully:
Ran 18163 tests in 457.705s
OK (skipped=1389, expected failures=5)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a408ffedd8
---------------------------
python3-django: upgrade 6.0.3 -> 6.0.4
Contains fixes for CVE-2026-3902, CVE-2026-4277, CVE-2026-4292,
CVE-2026-33033 and CVE-2026-33034.
Changelog: https://docs.djangoproject.com/en/6.0/releases/6.0.4/
Ptests passed successfully:
Ran 18691 tests in 149.800s
OK (skipped=1397, expected failures=5)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b483760dba
---------------------------
nodejs: mark CVE-2026-21710 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-21710
The CVE is fixed in the current recipe version[1], but NVD tracks it
without verison info.
Mark it as patched in the recipe.
[1]: https://github.com/nodejs/node/blob/v22.x/doc/changelogs/CHANGELOG_V22.md
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4c8dec585a
---------------------------
minio: ignore irrelevant CVEs
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33419
https://nvd.nist.gov/vuln/detail/CVE-2026-34204
These CVEs were filed against minio server, but this recipe is for minio
client tools, which is a related, but different project.
Ignore these CVEs.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7355320e12
---------------------------
libraw: mark fixed CVEs patched
These CVEs have been fixed already in the current version, however
NVD tracks them with incorrect version information.
Commits that fix them:
CVE-2026-20884: https://github.com/LibRaw/LibRaw/commit/aa4458eb511daeae90676c1ce5c587106e4aaec1
CVE-2026-24450: https://github.com/LibRaw/LibRaw/commit/c911c9b9edffa5fab99f828d0fee6dd2d0f6105f
These commits were identified from the changelog of this version[1], which mentions the
Talos ID of the vulnerabilities (and the Talos ID is mentioned in the NVD reports[2][3]).
[1]: https://github.com/LibRaw/LibRaw/releases/tag/0.22.1
[2]: https://nvd.nist.gov/vuln/detail/CVE-2026-24450
[3]: https://nvd.nist.gov/vuln/detail/CVE-2026-20884
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 15b3c0f141
---------------------------
flatpak: upgrade 1.17.3 -> 1.17.6
Contains fixes for CVE-2026-34078 and CVE-2026-34079
Add explicit CVE_STATUS tags for these CVEs, because they are tracked
without version info by NVD at this time.
Changelog:
17.6:
Bug fixes:
- Fix the remaining regression for Chromium based browsers by not leaking file
descriptors down to wrapped command
- Fix a regression when installing extra-data without a runtime, which is the
case for openh264
- Fix the remaining regression for Epiphany by ignoring unusable sandbox-expose
paths for sub-sandboxes in the portal
- Fix the installed tests by allowing to add a new ref to an existing temporary
ostree repo
- Avoid closing fds 0/1/2 when they are used as a bad argument to flatpak-run,
and reduce duplication in handling file descriptor arguments
Enhancements:
- Disable auto-pin in flatpak-repair to preserve the pin state across
re-installs
- Small improvements for the tests
17.5:
Bug fixes:
- Fix regressions caused by the sandbox escape security fix, which impact some
browsers, browser-based apps and Steam (#6577, #6569, #6576, #6574)
Enhancements:
- Expand test coverage of flatpak-run features used by flatpak-portal (#6573)
17.4:
Security fixes:
- Fix a complete sandbox escape which leads to host file access and code
execution in the host context (CVE-2026-34078)
- Prevent arbitrary file deletion on the host filesystem (CVE-2026-34079)
- Prevent arbitrary read-access to files in the system-helper context
(GHSA-2fxp-43j9-pwvc)
- Prevent orphaning cross-user pull operations (GHSA-89xm-3m96-w3jg)
Enhancements:
- Enable ntsync unconditionally
- Automatic branch following for extensions to ensure that "no-autodownload"
extensions stay functional after an update that requires a new branch
- Translation updates: eo, kk, sr, zh_CN
Bug fixes:
- Prevent CPR sequence from showing up in the terminal
- Fix a crash for apps/runtimes with multiarch permission
- Fixes for Coverity warnings
- Add test-preinstall.sh to the test matrix source
- Fix a test message to refer to "systemd-localed" instead of "located"
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 85f7185fec
---------------------------
ez-ipupdate: add CVE tag to CVE-fixing patch
An already existing patch fixes a CVE (CVE-2004-0980), but it
since the patch didn't have the CVE tag, the cve checker did not
pick it up.
Rectify this ommission.
CVE details: https://nvd.nist.gov/vuln/detail/CVE-2004-0980
The same patch is used by Gentoo to mitigate this issue.
Gentoo CVE advisory: https://security.gentoo.org/glsa/200411-20
Linked Gentoo bug, containing this patch: https://bugs.gentoo.org/69658
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: af73e716bc
---------------------------
corosync: patch CVE-2026-35092
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-35092
Pick the patch that mentions the CVE ID explicitly (the same commit
was identified by Debian also[1])
[1]: https://security-tracker.debian.org/tracker/CVE-2026-35092
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 701b22fda3
---------------------------
corosync: patch CVE-2026-35091
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-35091
Pick the patch that mentions the CVE ID explicitly (it was identified
by Debian also as the fix[1])
[1]: https://security-tracker.debian.org/tracker/CVE-2026-35091
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f58d124eb5
---------------------------
tbb: Fix build with LLD linker
fixes
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'ITT_DoOneTimeInitialization' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'TBB_runtime_interface_version' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'get_memcpy_largest_cachelinesize' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'get_memcpy_largest_cache_size' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'get_mem_ops_method' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'init_mem_ops_method' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'irc__get_msg' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'irc__print' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'override_mem_ops_method' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'set_memcpy_largest_cachelinesize' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'set_memcpy_largest_cache_size' failed: symbol not defined
| aarch64-yoe-linux-clang: error: linker command failed with exit code 1 (use -v to see invocation)
| [45/49] Linking CXX shared library clang_22.1_cxx11_64_release/libtbb.so.12.17
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b65b0206b5
---------------------------
keyutils: Fix build with lld linker
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3551db3839
---------------------------
python3-blivet: upgrade 3.12.1 -> 3.13.2
Changelog:
https://github.com/storaged-project/blivet/releases
1. Drop 0008-use-oe-variable-to-replace-hardcoded-dir.patch and add
do_install:append to manually install D-Bus and systemd files:
Upstream commit 0f0fd84d [1] removed data_files from setup.py and
moved their installation to a Makefile target (install-dbus), but
OE uses setuptools3_legacy which only runs setup.py install and
does not invoke the Makefile.
2. Add missing RDEPENDS:
- python3-dasbus: upstream replaced the internal safe_dbus module
with the external dasbus library [2].
- python3-pygobject: was always required (gi.repository for
libblockdev) but missing from old recipe.
- util-linux: blivet directly calls lsblk, mount, umount and
blockdev via subprocess.
[1] https://github.com/storaged-project/blivet/commit/0f0fd84d
[2] https://github.com/storaged-project/blivet/commit/1e7c5409
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 96a803a50d
---------------------------
tailscale: upgrade 1.84.3 -> 1.94.2
-Update tailscale recipe to version 1.94.2
-Regenerate go module dependencies and license checksums
-Export GOFLAGS with build tags so do_update_modules discovers all dependencies
-Manually verify and complete Unknown license entries
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 174ab7dff1
---------------------------
atop: Fix binmerge
In case $sbindir = $bindir we have to pass this setting to make install.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 22e23418d2
---------------------------
atop: Add packages atop-acctd and atop-gpud
For some users these programmes might be useful.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a2d9a9be5f
---------------------------
ltrace: Upgrade to 0.8.1 and clang build errors
Drop the upstream applied patches
Add patches to fix build with clang-22
Bump PE to account for version going from 7.x to 0.8
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9583c6c401
---------------------------
netperf: Fix build with std=gnu23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 90609e9751
---------------------------
libwebsockets: Add missing dep on libcap when ssl is enabled
Disable tests, they do not build in cross-build environment
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 476b8eb5eb
---------------------------
log4c: convert K&R function declarations to ANSI C prototypes
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f76f6ebdd1
---------------------------
dlt-daemon: Fix build with clang-22
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dd885c12e4
---------------------------
samba: upgrade 4.19.9 -> 4.23.5
Samba has a new build-time dependency, libquic[1]. The repository
builds an out-of-tree kernel module and a regular userspace library
with the same build script, however the Makefile seems to be fairly
hostile to cross-compilation. The Samba tarball also vendors the
same with their own build script - for now, this venodred version is used.
There are some efforts that the kernel part is mainlined[2], once it
happens it should be possible to easily remove this from the recipe.
pyldb was removed from RDEPENDS, as it seems that samba now builds its
own version of it.
Patches updated, unneeded patches dropped. Some patches contained a
considerable amount of whitespace changes - those were trimmed for
the ease of rebasing.
Changelog:
https://gitlab.com/samba-team/samba/-/blob/samba-4.23.5/WHATSNEW.txt?ref_type=tags
(Switch to other branches to see earlier changelogs)
[1]: https://github.com/lxin/quic/
[2]: https://github.com/lxin/net-next/commits/quic/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dd14e74e49
---------------------------
minizip: upgrade 1.3.1 -> 1.3.2
License-Update: "Version 1.1, February 14h, 2010" removed
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7eed950126
---------------------------
libtar: Fix build with clang-22 -std=gnu23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0bdda372d4
---------------------------
cyrus-sasl: Fix build with std=gnu23
clang has dropped K&R style with std=c23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a8e0bd4d84
---------------------------
audit: fix build with autoconf-2.73
On hosts with gcc-13 it was trying to use -std=gnu23 and failing
with unrecognized command-line option (gnu23 needs gcc-14 and newer)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: da03a64bd7
---------------------------
dovecot: Fix checksum mismatch
Update the sha256sum to match the current upstream archive.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 92637ef9eb
---------------------------
dlt-daemon: disable DLT_USE_IPv6
There is a bug when DLT_USE_IPv6 enabled, refer [1]. This make
dlt-adaptor-udp.service startup failed with error "Bind: Invalid
argument". Disable DLT_USE_IPv6 to workaround the issue
[1] https://github.com/COVESA/dlt-daemon/issues/849
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 563b91e5ca
---------------------------
dlt-daemon: fix wrong CONFIGURATION_FILES_DIR
The not aligned value of CONFIGURATION_FILES_DIR makes the configuration
file install path is different with the default configuration file path
from where the application to read, then make the service dlt/dlt-system
not works well.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 389cf85390
---------------------------
python3-pytest-runner: remove using pkg_resources
The python3 setuptools 82 dropped pkg_resources module by now.
To avoid the failure "No module named 'pkg_resources'", replace the
functions from this module with other functions from modules
packaging and importlib.metadata.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: abf8a5cfec
---------------------------
php: upgrade 8.5.4 -> 8.5.5
This is a bug fix release.
Changelog: https://www.php.net/ChangeLog-8.php#8.5.5
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 73b3a1a53b
---------------------------
python3-pytest-codspeed: upgrade 3.0.0 -> 4.3.0
Remove explicit python3-hatchling-native from DEPENDS since it is
automatically added when inheriting python_hatchling.
Add python3-cffi-native to DEPENDS since v4.0.0 introduced
CodSpeedHQ/instrument-hooks which uses cffi FFI bindings at
build time.
Changelog:
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v4.3.0
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v4.2.0
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v4.1.1
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v4.1.0
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v4.0.0
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v3.2.0
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v3.1.2
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v3.1.1
https://github.com/CodSpeedHQ/pytest-codspeed/releases/tag/v3.1.0
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7ef73b7db8
---------------------------
freeradius: Update to latest on 3.2 release
Drop backports which are already in this SHA update
Add -DTLS_STORAGE_CLASS=__thread via cflags
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dd96b8a81e
---------------------------
Revert "refpolicy-targeted: Added sepolicy for adb service"
This reverts commit 00616ccdaf0ce9e54ac7c75fabdb2d8f079c7578.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b9399b33ef
---------------------------
Revert "refpolicy-targeted: Add sepolicy for adb service"
This reverts commit 801addc52851b88b335d2349f6f7787b8200c95c.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ecd5f090e8
---------------------------
libvarlink: add new recipe
Varlink C library and command line tool.
Remove unuseful vim integration.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d8726e8917
---------------------------
mjansson-mdns: add new recipe
Public domain mDNS/DNS-SD library in C
Add github namespace to recipe name and handle it in CVE_PRODUCT because
there already is a different mdns recipe in meta-openembedded.
Example application is built but not installed.
This is good to verify that current toolchain is copatible with headers.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e820a14e07
---------------------------
ttyd: add new recipe
ttyd is a simple command-line tool for sharing terminal over the web.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7c62c49ef4
---------------------------
crow: add new recipe
Crow is a C++ framework for creating HTTP or Websocket web services.
Disable tests as they are using CPM (Cmake Dependency Manager), which
would be downloading the test dependencies in configuration step.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 69b6ae56b7
---------------------------
ostree: Fix build with C23/glibc-2.43
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7127c15a01
---------------------------
python3-yappi: Upgrade 1.7.3 -> 1.7.6
Upgrade to release 1.7.6:
- Fix VERSION file missing from source distribution (sdist)
>From 1.7.5:
- Fix callgrind export producing duplicate entries for top-level
functions
- Fix various edge cases
- Add limit parameter to print_all
- Fix file reading to use UTF-8 encoding
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 79bff37b73
---------------------------
python3-charset-normalizer: Upgrade 3.4.6 -> 3.4.7
Upgrade to release 3.4.7:
- Pre-built optimized version using mypy[c] v1.20.
- Relax setuptools constraint to setuptools>=68,<82.1.
- Correctly remove SIG remnant in utf-7 decoded string.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: eb59d62c00
---------------------------
python3-aiofiles: Upgrade 24.1.0 -> 25.1.0
Upgrade to release 25.1.0:
- Switch to uv + add Python v3.14 support.
- Add ruff formatter and linter.
- Drop Python 3.8 support. If you require it, use version 24.1.0.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6b88305138
---------------------------
netplan upgrade 1.1.2 -> 1.2.1
ChangeLog:
https://github.com/canonical/netplan/releases/tag/1.2
https://github.com/canonical/netplan/releases/tag/1.2.1
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7e24f2b5a8
---------------------------
python3-gpiod: update to v2.4.2
Bug-fix release addressing a buffer overflow bug discovered during an
AI-augmented security audit as well as another minor issue with
unnecessarily duplicated code.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f2c5f3fadc
---------------------------
libgpiod: update to v2.2.4
Bug-fix release addressing several issues discovered during an
AI-augmented security audit. The most severe bug was found in the C
extension code of the python bindings - which also get an update - but
there were some memory leaks and integer overflow bugs in the core C
library as well as in tools and DBus daemon.
Full changelog:
Bug fixes:
- fix buffer over-read bugs when translating uAPI structs to library types
- fix variable and argument types where necessary
- sanitize values returned by the kernel to avoid potential buffer overflows
- fix memory leaks in gpio-tools
- add missing return value checks in gpio-tools
- fix period parsing in gpio-tools
- use correct loop counter in error path in gpio-manager
Improvements:
- make tests work with newer coreutils by removing cases checking tools'
behavior on SIGINT which stopped working due to changes in behavior of the
timeout tool
Also: drop the patch that's now upstream from the recipe.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ffb7d752ff
---------------------------
upower: upgrade 1.91.1 -> 1.91.2
Changelog:
===========
- Feature: Skip the systemd inhibitor when performing CriticalPowerAction
- Feature: Introduce "Auto" CriticalPowerAction using systemd-logind Sleep()
- Fix: Test CanPowerOff() availability before calling PowerOff()
- Fix: Add charge limit support for systems providing only charge_control_end_threshold
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 56e3346fa0
---------------------------
swagger-ui: upgrade 5.32.1 -> 5.32.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8b19fe181e
---------------------------
spectre-meltdown-checker: upgrade 0.46 -> 26.26.0404682
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5420abfbc4
---------------------------
rtorrent: upgrade 0.16.8 -> 0.16.9
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d8c310aa52
---------------------------
python3-werkzeug: upgrade 3.1.7 -> 3.1.8
Request.host and get_host return the empty string if the header is missing or has invalid characters.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 36111dde1a
---------------------------
python3-tzdata: upgrade 2025.3 -> 2026.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ad83f5541f
---------------------------
python3-types-psutil: upgrade 7.2.2.20260130 -> 7.2.2.20260408
Changelog:
===========
- Use dashes instead of underscores for METADATA.toml field names
- Update most test/lint dependencies
- Update mypy to 1.20.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 11a2e0a7b4
---------------------------
python3-sqlalchemy: upgrade 2.0.48 -> 2.0.49
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f3cad077fc
---------------------------
python3-snagboot: upgrade 2.6 -> 2.6.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 882dc303c9
---------------------------
python3-sentry-sdk: upgrade 2.56.0 -> 2.57.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1813d9138c
---------------------------
python3-regex: upgrade 2026.3.32 -> 2026.4.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: edb96b0670
---------------------------
python3-python-multipart: upgrade 0.0.22 -> 0.0.24
Changelog:
============
- Validate chunk_size in parse_form()
- Remove unused trust_x_headers parameter and X-File-Name fallback
- Return processed length from QuerystringParser._internal_write
- Cleanup metadata dunders from __init__.py
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b5fb673c18
---------------------------
python3-pandas: upgrade 3.0.1 -> 3.0.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 58e071451f
---------------------------
python3-orjson: upgrade 3.11.7 -> 3.11.8
Build and compatibility improvements.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b3d1987115
---------------------------
python3-marshmallow: upgrade 4.2.3 -> 4.3.0
Changelog:
=============
- Add pre_load and post_load parameters to marshmallow.fields.Field for field-level pre- and post-processing
- Typing: improvements to marshmallow.validate
- marshmallow.validate.URL and marshmallow.validate.Email accept Internationalized Domain Names (IDNs)
marshmallow.validate.Email also correctly rejects IDN domains with leading/trailing hyphens.
- Typing: Fix typing of nested in marshmallow.fields.Nested
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 36cbd5f66f
---------------------------
python3-icecream: upgrade 2.1.10 -> 2.2.0
Changelog:
============
- Improved: Fixes Japanese character encoding issues.
- Added: noColor option for configureOutput, which disables
colored output. It is set to False by default.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bae411b616
---------------------------
python3-google-auth-oauthlib: upgrade 1.3.0 -> 1.3.1
Changelog:
============
- Allow Protobuf 7.x
- Require Python 3.9
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3f6557a279
---------------------------
python3-fastapi: upgrade 0.135.2 -> 0.135.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 355e8fcf2a
---------------------------
python3-faker: upgrade 40.12.0 -> 40.13.0
Fix: Ensure deterministic locale selection in multi-locale mode.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 644e0bc7af
---------------------------
python3-eventlet: upgrade 0.40.4 -> 0.41.0
Changelog:
============
* Switch to 3.14 for testing
* Drop 3.9 support
* More visible deprecation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cbd1da1f64
---------------------------
python3-cmake: upgrade 4.3.0 -> 4.3.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 041704b01c
---------------------------
python3-bitarray: upgrade 3.8.0 -> 3.8.1
Changelog:
==========
* fixed critial findings in C Extension Analysis Report
* add tests, in particular 'devel/test_capi.py'
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2ff5277aac
---------------------------
python3-asyncinotify: upgrade 4.4.0 -> 4.4.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c1f4f04b15
---------------------------
nbdkit: upgrade 1.47.5 -> 1.47.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 13f7a66c6d
---------------------------
mstpd: upgrade 0.1.1 -> 0.2.0
Changelog:
============
- README.md: update IRC channel location
- ctl_socket_server: require root for changing configuration
- mstp: validate admin port path costs
- mstp: do not allow changing Bridge Hello Time
- mstp: do not overflow calculated root path costs
- mstp: increase maxHops limit to 100
- README.md: add packaging status
- README.md: update FID/MSTI limits
- README.md: clarify IVL/SVL and MSTI support in linux
- packet: set socket priority to TC_PRIO_CONTROL
- TCSM: fix infinite recursion for MSTI per-tree ports
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e1f754198e
---------------------------
libtorrent: upgrade 0.16.8 -> 0.16.9
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 227dc3f381
---------------------------
libsdl3: upgrade 3.4.2 -> 3.4.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dfe6b82cc1
---------------------------
libsdl3-image: upgrade 3.4.0 -> 3.4.2
Changelog:
===========
- Non-animated images can now be loaded as single frame animations
- Fixed animated WebP frame composition
- Fixed potential buffer overflow in tRNS handling
- Fixed out of bounds read in XCF image loader (CVE-2026-35444)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9a4ee804f5
---------------------------
libsdl2-image: upgrade 2.8.8 -> 2.8.10
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7787315708
---------------------------
libcbor: upgrade 0.13.0 -> 0.14.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 92356431b9
---------------------------
libburn: upgrade 1.5.6 -> 1.5.8
0001-Bug-fix-Faulty-signal-handler-prototype-spoiled-comp.patch
removed since it's included in 1.5.8
Changelog:
=============
* Bug fix: burn_offst_source_new() parameter "size" rolled over at 2 exp 31
* Bug fix: ATA and SATA drives under sg did not register their SCSI address
tuple
* Bug fix: WAVE files with unsuitable audio format were read as raw audio file.
* New API calls use and return off_t sizes instead of int or uint32_t
* Augmented struct burn_toc_entry by new off_t block addresses and counters
* New struct burn_progress_v2 and API call burn_drive_get_status_v2()
* New API call burn_disc_track_lba_nwa_v2()
* New API calls burn_disc_get_sectors_v2(), burn_session_get_sectors_v2(),
burn_track_get_sectors_v2()
* New API call burn_get_read_capacity_v2()
* New API call burn_drive_release_v2()
* New API call burn_write_opts_set_perform_opc_v2
* New cdrskin option --audio_not_raw
* New cdrskin options --perform_opc and --perform_opc_growisofs
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a0ba941017
---------------------------
gtk-layer-shell: upgrade 0.10.0 -> 0.10.1
Changelog:
==========
- Fix: unmap when surface is immediately requested to close after opening
- Fix: time out after 1 second of waiting for configure
- Fix: edge cases around montiros changing while being mapped
- gtk-priv: rename ast.py -> c_ast.py to avoid name collision with std lib
- Compat: bump supported GTK to v3.24.52
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 968b2a5f90
---------------------------
glaze: upgrade 7.2.2 -> 7.3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0cb4d92f4d
---------------------------
feh: upgrade 3.11.3 -> 3.12.1
Changelog:
==========
* Update tests to reflect the %f/%F changes implemented in v3.12
* Disallow %f and %n format specifiers in --action and --info strings;
abort with an error message if those are encountered. Use %F and %N
instead. Rationale: %f and %n do not escape shell-specific syntax and
are thus a security risk when passing untrusted file names to feh. %F and
%N, which have been available since v2.3 (Feb 2012), do escape
shell-specific syntax. Migration path: Replace %f (or '%f') and %n (or
'%n') with %F and %N (without '') in --action and --info commands.
* Fix formatting in man page for groff 1.23.0+
* Do not skip URLs when '--sort mtime' or similar are used
* Define '_GNU_SOURCE' macro for mkstemps usage (if enabled)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5e2c613667
---------------------------
cryptsetup: upgrade 2.8.4 -> 2.8.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f81a7251f3
---------------------------
catch2: upgrade 3.13.0 -> 3.14.0
Fixes
======
- Added missing <cstdint> includes.
- Fixed suppression of empty variadic macro arguments warning on Clang <19.
- Fixed catch_discover_tests failing during PRE_TEST discovery if a target does
not have discoverable tests.
- Fixed build of the main library failing with CATCH_CONFIG_PREFIX_ALL defined.
- JUnit reporter outputs single failed (errored/skipped) assertion per test
case.
Improvements =============
- The default implementation of --list-tags and --list-listeners has a quiet
variant.
- Suppressed the new Clang warning about __COUNTER__ usage.
- Line-wrapping counts utf-8 codepoints instead of bytes.
- Combining character sequences are still miscounted, but Catch2 does not aim
to fully support Unicode.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7187db36cc
---------------------------
bolt: upgrade 0.9.10 -> 0.9.11
Changelog:
Updated NHI PCI IDs: added Maple Ridge, ADL, TGL-H, RPL, MTL, and AMD Strix Point USB4 Routers.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2966646af2
---------------------------
protobuf-c: upgrade 1.5.1 to 1.5.2
Changes[1]:
* Chase compatibility issues with Google protobuf 30.0-rc1 by @edmonds in https://github.com/protobuf-c/protobuf-c/pull/762
* protoc-gen-c: Explicitly construct strings where needed for protobuf 30.x by @edmonds in https://github.com/protobuf-c/protobuf-c/pull/768
Remove protobuf-30.patch, this patch already included in 1.5.2
[1] https://github.com/protobuf-c/protobuf-c/compare/v1.5.1...v1.5.2
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ed33569f82
---------------------------
jq: Use Git to fetch the code
There is a bug (see https://github.com/jqlang/jq/issues/434), which
results in an empty version being used if autoreconf is run on the jq
sources when using a release tar ball. The incorrect assumption is that
autoreconf is only used when fetching the code using Git.
The empty version results in an incorrect libjq.pc file being created
where the version is not set, which results in, e.g.,
`pkgconf --libs 'libjq > 1.6'` failing even if version 1.8.1 of jq is
actually installed.
Switch to fetching the code using Git to workaround the bug.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: eb16f0631e
---------------------------
layer.conf: add bcc into NON_MULTILIB_RECIPES
Here is the setting in bcc recipe:
COMPATIBLE_HOST = "(x86_64.*|aarch64.*|powerpc64.*|riscv64.*)-linux"
bcc only support 64 bit arch, so add it into NON_MULTILIB_RECIPES
to avoid expanding lib32- variant
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cbd72087e6
---------------------------
fluentbit: upgrade 4.2.3.1 -> 5.0.2
Patches have been refreshed to apply to the new version.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7eb5d48aed
---------------------------
python3-ckzg: upgrade 2.1.1 -> 2.1.7
1.Changelog:
https://github.com/ethereum/c-kzg-4844/releases/tag/v2.1.7
2.Remove python-ckzg-0001-Let-override-CC.patch as it was merged upstream
3.Remove python-ckzg-0002-Disable-Werror.patch as it was dropped in the Fedora package
https://src.fedoraproject.org/rpms/python-ckzg/blob/rawhide/f/python-ckzg.spec
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8d37aa1b42
---------------------------
poco: add config for fastlogger
It is a new feature in 1.15.0, enabled upstream by default.
It is part of Foundation library.
So this makes it possible to disable it.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a322194016
---------------------------
poco: fix powerpc build
Add patch which was also submitted upstream to quill.
Poco should get it when they update quill component.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c90f012855
---------------------------
networkmanager: Do not ship initrd specific services into rootfs
Those systemd services were added in 1.54 upstream
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2089
According the comments we can see they are meant for the inird
other than using for rootfs. They will conflict with the main
services and can lead to potentially confusing error messages.
So remove them for now to avoid the following issue.
>$systemd-analyze --man=false verify \
> /lib/systemd/system/NetworkManager-wait-online-initrd.service
Failed to put bus name to hashmap: File exists
NetworkManager-initrd.service: Two services allocated for the \
same bus name org.freedesktop.NetworkManager, refusing operation.
Test:
PASS: bitbake core-image-minimal
PASS: runqemu qemux86-64
PASS: systemd-analyze --man=false verify \
/lib/systemd/system/NetworkManager.service
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b177ff1454
---------------------------
libcanberra: disable gtk-doc
gkt-doc build uses the deprecated gtkdoc-mktmpl tool, which was dropped by upstream
in version 1.26 of gtk-doc and fails if 'api-documentation' is in DISTRO_FEATURES.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9aed335934
---------------------------
sanlock: upgrade 4.2.0 -> 5.1.0
Change SRC_URI to https://codeberg.org/sanlock/sanlock.git as sanlock source moved to it.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d477f7e360
---------------------------
python3-tox: upgrade 4.49.0 -> 4.52.0
Changelog:
https://tox.wiki/en/latest/changelog.html
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5cd2bb6427
---------------------------
python3-setuptools-git-versioning: upgrade 2.1.0 -> 3.0.1
Changelog:
https://setuptools-git-versioning.readthedocs.io/en/v3.0.1/changelog/3.0.x.html
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a3b6a0c84d
---------------------------
python3-legacy-cgi: upgrade 2.6.2 -> 2.6.4
Add do_install function to resolve following issue.
python3-legacy-cgi-2.6.4-r0 do_package_qa: QA Issue: /usr/lib/python3.14/site-packages/.pc/0001-cgi.py-fixup-interpreter-according-to-OE.patch/cgi.py contained in package python3-legacy-cgi requires /usr/local/bin/python, but no providers found in RDEPENDS:python3-legacy-cgi? [file-rdeps]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 998888c826
---------------------------
python3-pyatspi: upgrade 2.46.1 -> 2.58.2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: fa1fd093ac
---------------------------
ettercap: 0.8.4-> 0.8.4.1
1. Changelog
https://github.com/Ettercap/ettercap/releases/tag/v0.8.4.1
2. Remove following patches as they were merged upstream
CVE-2026-3606.patch
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6ccd072ec1
---------------------------
spdm-emu: use SkipRecipe instead of fatal error for unsupported architectures
Current code fails to parse meta-oe layer for machine with unsupported
architecture.
This is too restrictive as it requires downstream layers to play tricks
with masking the recipe. Usual way is to skip the recipe instead.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cd7b52861d
---------------------------
python3-djangorestframework: upgrade 3.16.1 -> 3.17.1
Changelog:
https://www.django-rest-framework.org/community/release-notes/#deprecation-policy
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a1efbb73c6
---------------------------
python3-croniter: upgrade 6.0.0 -> 6.2.2
Changelog:
https://github.com/pallets-eco/croniter/blob/main/CHANGELOG.rst
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 94102dd836
---------------------------
python3-cucumber-tag-expressions: upgrade 6.2.0 -> 9.1.0
1. Changelog
https://github.com/cucumber/tag-expressions/blob/main/CHANGELOG.md
2. LIC_FILES_CHKSUM changed as line of License info changed in PKG-INFO file.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: aec06eecb4
---------------------------
uutils-coreutils: upgrade 0.7.0 -> 0.8.0
See release notes at https://github.com/uutils/coreutils/releases/tag/0.8.0
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d793c367e0
---------------------------
Revert "python3-stopit: add missing run-time dependencies"
This reverts commit 812f091414b34dbebe4a3990c9039cbaadc4dd71.
The runtime dependency on python3-setuptools is no longer needed
since the patch 0001-Drop-the-deprecated-pkg_resources.patch
replaced the pkg_resources usage with importlib.metadata, which
is part of the Python 3.8+ standard library. Keeping this RDEPENDS
pulls in an unnecessary dependency on the target system.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 733b6fc2c6
---------------------------
python3-stopit: Fixed the deprecated pkg_resources issue
pkg_resources is deprecated as an API. The pkg_resources package
has been removed from setuptools, so the way of obtaining the
version needs to be replaced with importlib.metadata module.
Signed-off-by: Bai, Haiqing <Haiqing.Bai@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1bdc3c1c6d
---------------------------
thunar-shares-plugin: Depend on X11 distro feature
it depends on thunar-> thunar-panel, which currently depends on libwnck3 which
only works on x11, thunar technically can replace it with libxfce4windowing
but its not done yet.
fixes
WARNING: Nothing PROVIDES 'thunar' (but /home/ubuntu/yoe/sources/meta-openembedded/meta-xfce/recipes-thunar-plugins/shares/thunar-shares-plugin_0.5.0.bb DEPENDS on or otherwise requires it)
thunar was skipped: using DISTRO 'yoe', which is missing required DISTRO_FEATURES: 'x11'
WARNING: Nothing RPROVIDES 'thunar-shares-plugin-dev' (but /home/ubuntu/yoe/sources/meta-openembedded/meta-xfce/recipes-thunar-plugins/shares/thunar-shares-plugin_0.5.0.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'thunar-shares-plugin-dev'
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Changqing Li <changqing.li@windriver.com>
---------------------------
Commit: d3f9a64e7b
---------------------------
multipath-tools: Add kernel-module as RRECOMMENDS
Service multipathd depends on kernel module dm_multipath,
so add it as RRECOMMENDS.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e39c811dc2
---------------------------
linux-atm: Add kernel-module as RRECOMMENDS
Runtime command line atmtcp depends on kernel module atmtcp,
so add it as RRECOMMENDS.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c789281ecf
---------------------------
tinyproxy: patch CVE-2026-3945
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3945
Backport the patches which are references by the NVD avisory.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d8c66c4428
---------------------------
tinyproxy: upgrade 1.11.2 -> 1.11.3
Drop patch that was merged upstream.
Shortlog: https://github.com/tinyproxy/tinyproxy/compare/1.11.2...1.11.3
Ptests passed successfully:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T15:25
BEGIN: /usr/lib/tinyproxy/ptest
starting web server... done. listening on 127.0.0.3:32123
starting tinyproxy... done (listening on 127.0.0.2:12321)
waiting for 1 seconds. 1 done
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
signaling tinyproxy to reload config...ok
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
checking bogus request... ok, got expected error code 400
testing connection to filtered domain... ok, got expected error code 403
requesting connect method to denied port... ok, got expected error code 403
testing unavailable backend... ok, got expected error code 502
0 errors
killing tinyproxy... ok
killing webserver... ok
done
PASS: run_tests.sh
DURATION: 2
END: /usr/lib/tinyproxy/ptest
2026-04-06T15:25
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6a15ff3e9e
---------------------------
wolfssl: ignore fixed CVEs
These CVEs are tracked without a version by NVD, but all of them
have been fixed in the current recipe version.
The relevant fixes (from the NVD reports):
CVE-2026-0819: https://github.com/wolfSSL/wolfssl/commit/2d3941056b6b961828947a2f159200df7f7d1cb2
CVE-2026-2646: https://github.com/wolfSSL/wolfssl/commit/7245ad02bb1a41235d923288fd640d40c1ecb2ea
and https://github.com/wolfSSL/wolfssl/commit/67abcc6f2d0cc45f918325c4ae6fe2b8d5bc8f72
CVE-2026-3503: https://github.com/wolfSSL/wolfssl/commit/cc2fdda54cd6387e554b444eb2844fa840bd9d5d
CVE-2026-3548: https://github.com/wolfSSL/wolfssl/commit/84ca4a05fac9c6c055a514f05880c448ecbbed56
and https://github.com/wolfSSL/wolfssl/commit/b3f08f33b845d2d6bb523f0f38d191ca25635e1c
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e32b974754
---------------------------
strongswan: mark CVE-2026-25075 as patched
The CVE is fixed in the current version already, however
NVD tracks it without version - suppress the report explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4ee0103733
---------------------------
python3-aiohttp: mark fixed CVEs are patched
All these CVEs have been fixed already, the relevant NVD
reports mention it explicitly that 3.13.4 is fixed, along
with referencing the commit that fixes the respective
vulnerabilities. However each of these are tracked without
version info by NVD -.-
Due to this, mark them explicitly as patched.
Relevant reports:
https://nvd.nist.gov/vuln/detail/CVE-2026-22815
https://nvd.nist.gov/vuln/detail/CVE-2026-34513
https://nvd.nist.gov/vuln/detail/CVE-2026-34514
https://nvd.nist.gov/vuln/detail/CVE-2026-34515
https://nvd.nist.gov/vuln/detail/CVE-2026-34516
https://nvd.nist.gov/vuln/detail/CVE-2026-34517
https://nvd.nist.gov/vuln/detail/CVE-2026-34518
https://nvd.nist.gov/vuln/detail/CVE-2026-34519
https://nvd.nist.gov/vuln/detail/CVE-2026-34520
https://nvd.nist.gov/vuln/detail/CVE-2026-34525
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 844f87dd10
---------------------------
python3-aiohttp: upgrade 3.13.4 -> 3.13.5
Changelog:
Skipped the duplicate singleton header check in lax mode (the default for response
parsing). In strict mode (request parsing, or -X dev), all RFC 9110 singletons
are still enforced.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 22a31ea701
---------------------------
nodejs: ignore fixed CVEs
All these CVEs are fixed in v22.22.2[1], except for CVE-2026-21712,
which does not affect v22 series, because it was introduced in a
later version[2]. All these CVEs are tracked without version info
by NVD at the time of creating this patch.
[1]: https://github.com/nodejs/node/blob/v22.x/doc/changelogs/CHANGELOG_V22.md
[2]: https://nodejs.org/en/blog/vulnerability/march-2026-security-releases
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: fe1b038cd8
---------------------------
mbedtls: upgrade 3.6.5 -> 3.6.6
Contains fixes for CVE-2026-25833, CVE-2026-25834, CVE-2026-25835,
CVE-2026-34872, CVE-2026-34873, CVE-2026-34874 and CVE-2026-34875.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.6
Ptests passed successfully:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T14:04
BEGIN: /usr/lib/mbedtls/ptest
PASS: test_suite_aes.cbc
PASS: test_suite_aes.cfb
PASS: test_suite_aes.ctr
...
PASS: test_suite_version
PASS: test_suite_x509parse
PASS: test_suite_x509write
DURATION: 24
END: /usr/lib/mbedtls/ptest
2026-04-06T14:04
STOP: ptest-runner
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 05f47c9374
---------------------------
mbedtls: drop recipe for v2
It has been unmaintained/EOL for over a year - there is
a recipe for a newer, still supported version.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 357f65dd13
---------------------------
libraw: upgrade 0.21.4 -> 0.22.1
Contains fixes for CVE-2026-5318[1] and CVE-2026-5318[2] (both are tracked without
a version by NVD, so they are explicitly marked as patched)
License-update: copyright year bump
Changelog: https://github.com/LibRaw/LibRaw/blob/0.22-stable/Changelog.txt
[1]: https://github.com/LibRaw/LibRaw/commit/5357bb5fc67ac616838fb84de67260d45987489b
[2]: https://github.com/LibRaw/LibRaw/commit/2468614a9cbcab6b75ca279ab60cac62156f7aeb
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 082c108e6e
---------------------------
leancrypto: upgrade 1.7.0 -> 1.7.1
Contains fix for CVE-2026-34610 (which is however tracked without
a version by NVD, so it is marked as patched explicitly)
Changelog:
- Offer a means to select the AES-C constant time / S-Box
implementation via lc_init API
- use the AES-C constant time implementation by default - it is
about 3 times slower than the AES-C S-Box implementation, but
more secure. As the leancrypto library is about secure by default,
the CT implementation is just right. Furthermore, if a caller
wants to have the faster AES-C S-Box, he can call
lc_init(LC_INIT_AES_SBOX) at the beginning.
- X.509: fix security issue (CVE-2026-34610)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a0531bc55a
---------------------------
giflib: mark CVE-2026-23868 patched
The fix[1] that is referenced by the NVD advisory is
already included in the current recipe version.
[1]: https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 21f792ff63
---------------------------
freeipmi: mark CVE-2026-33554 patched
The CVE is tracked by NVD without version info. It's description
confirms that it is fixed in version 1.6.17.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e99441755f
---------------------------
dovecot: ignore already fixed CVEs
The following CVEs are fixed in the current version already,
however they are tracked without version info.
Upstream has confirmed[1] that these vulnerabilities are fixed,
and Debian has also identified the relevant commits:
CVE-2025-30189: https://security-tracker.debian.org/tracker/CVE-2025-30189
CVE-2026-0394: https://security-tracker.debian.org/tracker/CVE-2026-0394
CVE-2026-24031: https://security-tracker.debian.org/tracker/CVE-2026-24031
CVE-2026-27855: https://security-tracker.debian.org/tracker/CVE-2026-27855
CVE-2026-27860: https://security-tracker.debian.org/tracker/CVE-2026-27860
[1]: https://seclists.org/fulldisclosure/2026/Mar/13
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 34628ad546
---------------------------
botan: mark CVE-2026-32877 and CVE-2026-32883 patched
Both CVEs were fixed in version 3.11.0, however NVD tracks them
without version/CPE info.
Relevant commits:
CVE-2026-32877: https://github.com/randombit/botan/commit/798a332e11949afa8b004564bb9031e66c1a4d13
CVE-2026-32883: https://github.com/randombit/botan/commit/6ecc62a4e36937d036df8c8eda6a85708abb8c37
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e50cf01385
---------------------------
botan: upgrade 3.11.0 -> 3.11.1
Contains fixes for CVE-2026-35580 and CVE-2026-35582
Changelog: https://botan.randombit.net/news.html#version-3-11-1-2026-03-31
-CVE-2026-35580: Resolve certificate verification bypass bug introduced in 3.11.0
-CVE-2026-35582: Resolve TLS 1.3 client authentication bypass
-Add optimized Argon2 implementation using AVX512
-Add optimized and constant-time Twofish implementation using AVX512/GFNI
-Add optimized and constant-time SEED implementation using AVX512/GFNI
-Add optimized and constant-time Whirlpool implementations using AVX2 and AVX512
-Add SSSE3/NEON and AVX2 optimized codepaths for CTR
-Add constant time implementations of Camellia, ARIA, SEED and SM4 using
AES-NI or ARMv8 AES instructions to implement sbox lookups
-Improve performance of the AVX512 implementation of SHA-512 especially for Clang
-Optimizations for the IDEA modular multiplication
-Fix various minor TLS conformance issues flagged by TLS-Anvil
-Fix bug in Ed25519 where an invalid signature checked with PK_Verifier
might cause a later valid signature to be rejected.
-Fix a bug in handling of ECDSA DER-encode signatures where an invalid
signature checked with PK_Verifier might cause a later valid signature to be rejected.
-Fix a problem introduced in 3.11.0 which could cause crashes on processors without
SSSE3 support, particularly when compiled by GCC.
-Fix various new warnings from clang-tidy 22
-Fix a compilation error introduced in 3.11.0 which prevented using ffi
unless bcrypt was also enabled.
-Avoid a macro collision with Microsoft headers that could cause a compilation
problem in amalgamation mode.
-Enable explicit_bzero, getentropy, getrandom on Hurd
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 39adc57e17
---------------------------
webmin: upgrade 2.621 -> 2.630
Changelog: https://github.com/webmin/webmin/releases/tag/2.630
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f3da39cf75
---------------------------
libgphoto2: Fix c23 build errors
Fixes errors e.g.
error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
131 | dot = strrchr(filename, '.');
| ^ ~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
They are latent and brought to fore with autoconf 2.73 which switches
defaults to use -std=gnu23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1d12cee712
---------------------------
ez-ipupdate: Update to 3.0.11b8
Drop upstreamed patches
Add a patch to fix C23 build break
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b7245e15b9
---------------------------
python3-pyroute2: add missing rdepend of python3-unittest
Without it, it will throw "ModuleNotFoundError: No module named
'unittest'" from pyroute2/netlink/rtnl/iprsocket.py" line 6.
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 95eab24c06
---------------------------
libavif: use system libxml2 for building apps
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 659cdaf182
---------------------------
libavif: enable libyuv support
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1d277a568d
---------------------------
libavif: add PACKAGECONFIG for apps
- This allows to build avifdec,avifenc and avifgainmaputil
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e2caf97fb4
---------------------------
libavif: add gdk-pixbuf support for av1 image format
This commit adds a PACKAGECONFIG to build the av1 gdk-pixbuf-loader/thumbnailer
and enables it by default.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3bf2847bb8
---------------------------
krb5: Fix build with autotools 2.73
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6206971292
---------------------------
libavif: update 1.3.0 -> 1.4.1
- add missing dependencies
- add PACKAGECONFIG for aom,svt-av1
1.4.1 - 2026-03-20
Changed since 1.4.0
Fix build with CMake 3.22
Update aom.cmd/LocalAom.cmake: v3.13.2
Update libxml2.cmd/LocalLibXml2.cmake: v2.15.2
Update libyuv.cmd/LocalLibyuv.cmake: 6067afde5 (1922)
Support long path names in Windows
Fix cicp management and memory leaks in avifgainmaputil #3102.
Removed since 1.4.0
Remove experimental status for the following options of avifenc: --progressive, --layered and --scaling-mode, and the extraLayerCount option of avifEncoder.
1.4.0 - 2026-03-04
Added since 1.3.0
Allow avifenc to read png or jpeg files through stdin using --stdin-format.
Support some Sample Transform schemes as defined in the version 1.2 of the AVIF specification.
Add an optional argument to the --depth flag of avifenc used to enable a bit depth extension scheme in the encoded file.
Add support for converting jpeg files with Apple style gain maps.
Add support for PNG cICP chunk when decoding PNG files. If a PNG file contains a cICP chunk and other color information chunks, such as iCCP (ICC profile), the other chunks are ignored as per the PNG Specification Third Edition Section 4.3.
Support reading Sample-Transform-based 16-bit AVIF files when avifDecoder::imageContentToDecode & AVIF_IMAGE_CONTENT_SAMPLE_TRANSFORMS is not zero.
Support Sample Transform derived image items with grid input image items.
Add --sato flag to avifdec to enable Sample Transforms support at decoding.
Add --grid option to avifgainmaputil.
Apply clean aperture crop, rotation and mirror when decoding to PNG or JPEG. Remove orientation information from Exif if present.
Add avif::RGBImageCleanup to the C++ API.
Changed since 1.3.0
Set avifDecoder::image->depth to the same value after avifDecoderParse() as after avifDecoderNextImage() when the file to decode contains a 'sato' derived image item.
avifdec only enables Sample Transform decoding when --depth is set to 16.
Update dav1d.cmd/dav1d_android.sh/LocalDav1d.cmake: 1.5.3
Update googletest.cmd/LocalGTest.cmake: v1.17.0
Update libgav1.cmd: v0.20.0
Update libjpeg.cmd/LocalJpeg.cmake: 3.1.3
Update libyuv.cmd/LocalLibyuv.cmake: deeb764bb (1922)
Update libsharpyuv.cmd/LocalLibsharpyuv.cmake: v1.6.0
Update libxml2.cmd/LocalLibXml2.cmake: v2.15.1
Update aom.cmd/LocalAom.cmake: v3.13.1
Update LocalAvm.cmake: research-v13.0.0
Update rav1e.cmd/LocalRav1e.cmake: cargo-c v0.10.20, corrosion v0.6.1, rav1e v0.8.1
Update svt.cmd/svt.sh/LocalSvt.cmake: v4.0.1
Update zlibpng.cmd/LocalZlibpng.cmake: libpng 1.6.55, zlib 1.3.2
Fix grayscale conversion when changing the bit depth.
Bump cmake_minimum_required from 3.13 to 3.22
Associate transformative properties with alpha auxiliary image items.
Always forward the CICP color primaries, transfer characteristics, and matrix coefficients to the AV1 encoder, which writes them in the Sequence Header OBU, for compatibility with libraries that wrongly ignore the colr box.
Use a "quality to quantizer (QP)" mapping formula designed for AOM_TUNE_IQ.
Set tuning before applying the user-provided specific aom codec options.
Use AOM_TUNE_PSNR by default when encoding alpha with libaom because AOM_TUNE_SSIM causes ringing for alpha.
Use AOM_TUNE_IQ by default when encoding still non-RGB color samples with libaom v3.13.0 or later.
Converting an image containing a gain map using avifenc with the --grid flag now also splits the gain map into a grid.
In avifenc, set Exif orientation to 1 (no transformation) when converting JPEGs to AVIF.
Use all-intra encoding for a layered image if the total number of layers is 2 and the quality of the first layer is very low (q <= 10).
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: eb5c84436d
---------------------------
bmap-writer: upgrade 1.0.3 -> 1.0.4
Add PACKAGECONFIG for libkcapi to optionally enable kernel crypto API support.
Changelog: https://github.com/embetrix/bmap-writer/releases/tag/1.0.4
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 36f046bbb2
---------------------------
pkcs11-provider: upgrade 1.1 -> 1.2
Changelog: https://github.com/openssl-projects/pkcs11-provider/releases/tag/v1.2.0
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4c9cbe2bf1
---------------------------
opensc: upgrade 0.26.1 -> 0.27.1
Changelog: https://github.com/OpenSC/OpenSC/releases/tag/0.27.1
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c0ca15c04b
---------------------------
fastfetch: Remove directx-headers dependency
The directx-headers dependency is no longer required and got removed
from CMakeLists.txt
Signed-off-by: Tafil Avdyli <tafil@tafhub.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a1a3c1fac7
---------------------------
python3-icu: enable building -native and nativesdk- variants
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8f5c021ddb
---------------------------
python3-configargparse: upgrade 1.7.3 -> 1.7.5
Changelog: Slightly simplified PyPI deployment workflow via setuptools-scm
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6bc36f105c
---------------------------
dlt-daemon: update patch to fix dlt-daemon crash issue
A wrong type conversion makes dlt-daemon crash, update the patch to fix
it
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 584fec0f74
---------------------------
ebtables: Use update alternatives for "ebtables"
The ebtables utility can be provided by both ebtables and iptables
packages. Set higher priority for the version provided by iptables
to prefer it.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ff39bfa81e
---------------------------
python3-ujson: upgrade 5.11.0 -> 5.12.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2a4bed73a9
---------------------------
python3-ninja: fix ninja_syntax import and version for setuptools build
Fixes issues introduced in commit 16a72067f5 ("python3-ninja: upgrade
1.11.1.1 -> 1.13.0").
Upstream's __init__.py uses a relative import:
from .ninja_syntax import Writer, escape, expand
This requires ninja_syntax.py to be present inside the ninja package
directory. Upstream relies on CMake (via scikit-build-core) to copy
ninja_syntax.py from ninja-upstream/misc/ into the package during
build [1]. Since the OE recipe replaces scikit-build-core with
setuptools (no-scikit-build.patch), CMake is not invoked and this
copy does not happen, causing ImportError at runtime.
Similarly, upstream uses scikit-build-core's generate feature to
create _version.py from the SCM version. With setuptools, this
does not happen automatically, so generate it in do_configure.
[1] https://github.com/scikit-build/ninja-python-distributions/commit/f3b4a786be
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9546a4e07d
---------------------------
libnet-ssleay-perl: upgrade 1.94 -> 1.96
1.Changelog:
https://metacpan.org/dist/Net-SSLeay/changes
2.Remove following patches as merged upstream
0001-tests-Address-another-formatting-difference-in-OpenSSL-3.4.1.patch
0001-test-32_x509_get_cert_info-allow-single-colon.patch
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4ba9f5459d
---------------------------
libtsm: upgrade 4.4.2 -> 4.4.3
Changelog:
https://github.com/kmscon/libtsm/releases/tag/v4.4.3
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dadc302a67
---------------------------
vsftpd: Fix multilib install conflicts
Fix following error when multilib is used:
Running transaction test
Error: Transaction test error:
file /etc/pam.d/vsftpd conflicts between attempted installs of vsftpd-3.0.5-r0.x86_64_v3 and lib32-vsftpd-3.0.5-r0.core2_32
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 22ebe68668
---------------------------
thunar: upgrade 4.21.4 -> 4.21.5
Changelog:
============
- Popup menu at tab label on keybord activated
- Add keyboard support for context menu on terminal
- Add keyboard support for history menu on back and forward buttons
- Add keyboard support for context menu on toolbar
- Popup menu on tree view item for keyboard activated
- Popup menu at focused widget on keyboard activated
- Disable overlay scrolling by default (#367)
- Wrap long filenames in error dialogs (#1412)
- Limit filname length for create/rename (#1812)
- Add fallback for backdrop highlight color
- Properties dialog - add separator for fs data
- Show filesystem type in preferences
- At tooltips to 'Capacity' and 'Usage' (#1806)
- Show as well 'usable' size in 'Capacity' row (#1806)
- Differ between total and usable fs space (#1806)
- Add help text for URL arguments
- Call xfconf_shutdown before exit
- Store pending column size changes on close (#1318)
- Use GtkTreeModelFilter for tree view side pane (#1460)
- Tree-view pane: Fix wrong selection on open new window
- Prevent shortcuts view focus lost (#1675)
- Add 'grab_focus' parameter to 'set directory' calls (#1675)
- Expose drag-drop-mode in preferences
- Init media_fs_uuids on startup
- Never ask twice on replace/overwrite (#1794)
- Fix translations for XML file (#1790)
- Improve statusbar loading text (#1787)
- Detect CDROM media changes using ID_FD_UUID udev property
- Add %d to strings to fix some transl. (#939)
- Pass current dir to catfish (#1785)
- Ignore G_IO_ERROR_NOT_SUPPORTED (#1782)
- Show selection busy information on statusbar
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9f1cc39d7b
---------------------------
thingsboard-gateway: upgrade 3.8.2 -> 3.8.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8db28a60e3
---------------------------
sip: upgrade 6.15.2 -> 6.15.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9cb34d8bf0
---------------------------
setxkbmap: upgrade 1.3.4 -> 1.3.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: db8bd24b0d
---------------------------
python3-werkzeug: upgrade 3.1.6 -> 3.1.7
Changelog:
==========
- parse_list_header preserves partially quoted items, discards empty items, and
returns empty for unclosed quoted values.
- WWWAuthenticate.to_header does not produce a trailing space when there are no
parameters.
- Transfer-Encoding is parsed as a set.
- Request.host, get_host, and host_is_trusted validate the characters of the
value. An empty value is no longer allowed. A Unix socket server address is
ignored. The trusted_list argument to host_is_trusted is optional.
- Fix multipart form parser handling of newline at boundary.
- Response.make_conditional sets the Accept-Ranges header even if it is not a
satisfiable range request.
- merge_slashes merges any number of consecutive slashes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: affabbd410
---------------------------
python3-tomli: upgrade 2.4.0 -> 2.4.1
Changelog:
Limit number of parts of a TOML key to address quadratic time complexity
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: acbd14a284
---------------------------
python3-sentry-sdk: upgrade 2.55.0 -> 2.56.0
Changelog:
=========
- (asgi) Add option to disable suppressing chained exceptions
- (logging) Separate ignore lists for events/breadcrumbs and sentry logs
- Set exception info on streaming span when applicable
- Patch AsyncStream.close() and AsyncMessageStream.close() to finish spans
- Patch Stream.close() and MessageStream.close() to finish spans
- (starlette) Catch Jinja2Templates ImportError
- Add note on AI PRs to CONTRIBUTING.md
- Pin GitHub Actions to full-length commit SHAs
- Add -latest alias for each integration test suite
- Use date-based branch names for toxgen PRs
- Update test matrix with new releases (03/19)
- Add client report tests for span streaming
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 29c2c9ef99
---------------------------
python3-regex: upgrade 2026.2.28 -> 2026.3.32
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 05538fe024
---------------------------
python3-redis: upgrade 7.3.0 -> 7.4.0
Changelog:
==========
- Fix AttributeError in cluster metrics recording when connection is None or
ClusterNode object instance is used to extract the connection info (#3999)
- Fixing security concern in repr methods for ConnectionPools - passwords might
leak in plain text logs (#3998)
- Refactored connection count and SCH metric collection (#4001)
- Refactored health check logic for MultiDBClient (#3994)
- Expose basic Otel classes and functions to be importable through
redis.observability to match the examples in the readthedocs
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d6564e6271
---------------------------
python3-pyais: upgrade 2.20.0 -> 2.20.1
this release reduces the supply chain attack surface
- pins dependencies
- pins workflows
- adds a SHA256 hash sum for deployed artifacts
- migrates to PyPI trusted publishing
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0640d09636
---------------------------
python3-marshmallow: upgrade 4.2.2 -> 4.2.3
Changelog:
===========
- Make marshmallow.fields.Number and marshmallow.fields.Mapping abstract base
classes to prevent using them within Schemas
- Allow required to be set on marshmallow.fields.Contant
- Fix marshmallow.validate.OneOf emitting extra pairs when labels outnumber
choices
- Fix behavior when passing a dot-delimited attribute name to partial for a key
with data_key set
- Fix Enum field by-name lookup to only return actual members
- marshmallow.fields.DateTime with format="timestamp_ms" properly rejects bool
values
- Fix typing of error_essages argument to marshmallow.fields.Field
- Add ipaddress.* to marshmallow.Schema.TYPE_MAPPING
-
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 72d7137691
---------------------------
python3-ipython: upgrade 9.11.0 -> 9.12.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d06649721b
---------------------------
python3-gunicorn: upgrade 25.1.0 -> 25.3.0
Bug Fixes
==========
- HTTP/2 ASGI Body Duplication: Fix request body being received twice in HTTP/2
ASGI requests, causing JSON parsing errors with "Extra data" messages (#3558)
- ASGI Chunked EOF Handling: Add finish() method to callback parser to handle
chunked encoding edge case where connection closes before final CRLF after
zero-chunk
- HTTP/2 Documentation: Fix http_protocols examples to use comma-separated
string instead of list syntax (#3561)
- Chunked Encoding: Reject chunk extensions containing bare CR bytes per RFC
9112 (#3556)
- Request Line Limit: Fix --limit-request-line 0 to mean unlimited as
documented, instead of using default maximum. Works with both Python and fast
C parser. (#3563)
- uWSGI Async Workers: Fix InvalidUWSGIHeader: incomplete header error when
using gevent or gthread workers with uwsgi protocol behind nginx.
- FileWrapper Iterator Protocol: Add __iter__ and __next__ methods to
FileWrapper for full PEP 3333 compliance. Previously only supported old-style
__getitem__ iteration which broke code explicitly using iter() or next().
Security =============
- ASGI Parser Header Validation: Add security checks per RFC 9110/9112:
- Reject duplicate Content-Length headers
- Reject requests with both Content-Length and Transfer-Encoding
- Reject chunked transfer encoding in HTTP/1.0
- Reject stacked chunked encoding
- Validate Transfer-Encoding values
- Strict chunk size validation
Changes ==========
- Fast HTTP Parser: Update to gunicorn_h1c >= 0.6.3 for asgi_headers property
and InvalidChunkExtension validation for bare CR rejection
- ASGI PROXY Protocol: Add PROXY protocol v1/v2 support to callback parser
- Docker Images: Update to Python 3.14
New Features ============
- Fast HTTP Parser (gunicorn_h1c 0.6.0): Integrate new exception types and
limit parameters from gunicorn_h1c 0.6.0 for both WSGI and ASGI workers
- Requires gunicorn_h1c >= 0.6.0 for http_parser='fast'
- Falls back to Python parser in auto mode if version not met
- Proper HTTP status codes for limit errors (414, 431)
Performance ============
- ASGI HTTP Parser Optimizations: Improve ASGI worker HTTP parsing performance
- Callback-based parsing with direct bytearray buffer operations
- Use bytearray.find() directly instead of converting to bytes first
- Use index-based iteration for header parsing instead of list.pop(0) (O(1) vs
O(n))
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cac0e06488
---------------------------
python3-fsspec: upgrade 2026.2.0 -> 2026.3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3ea6e07b22
---------------------------
python3-fastapi: upgrade 0.135.1 -> 0.135.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 757773916e
---------------------------
python3-faker: upgrade 40.11.0 -> 40.12.0
Changelog:
Add address providers for ar_DZ and fr_DZ locale
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5e61a6311d
---------------------------
python3-eth-utils: upgrade 5.3.1 -> 6.0.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1b047a663d
---------------------------
python3-eth-typing: upgrade 5.2.1 -> 6.0.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0dd89fb71e
---------------------------
python3-eth-hash: upgrade 0.7.1 -> 0.8.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b4a70a9373
---------------------------
python3-dateparser: upgrade 1.3.0 -> 1.4.0
Security fixes:
=================
- Remove import-time loading of timezone offset data from pickle to prevent
unsafe deserialization from packaged data
- Replace eval() use when parsing no_word_spacing with strict boolean
parsing to prevent code execution from locale metadata (#1056)
New features:
=============
- Add support for expressions like "N {interval} from now" in English (#1271)
- Add support for the en-US locale (#1222)
Fixes:
========
- Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying with a
year-biased DATE_ORDER (#1298)
- Fix parsing word-number relative phrases such as "two days later" (#1316)
- Allow md5hash to work in FIPS environments (#1267)
Improvements:
=============
- Add Bosnian Cyrillic (ijekavica) date translations (#1293)
- Add a new browser-based demo to the project documentation (#1306)
- Update installation documentation to replace setup.py install guidance
- Add a project security policy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8e3de212f4
---------------------------
python3-cmake: upgrade 4.2.3 -> 4.3.0
Changelog:
docs: mention Windows ARM in README
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 12dc91d96d
---------------------------
python3-bleak: upgrade 3.0.0 -> 3.0.1
Changelog:
Fixed AttributeError in start_notify() and stop_notify() on Android.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ebc50b2c43
---------------------------
python3-anyio: upgrade 4.12.1 -> 4.13.0
Changelog:
===========
- Dropped support for Python 3.9
- Added a ttl parameter to the anyio.functools.lru_cache wrapper
- Widened the type annotations of file I/O streams to accept IO[bytes] instead
of just BinaryIO
- Fixed anyio.Path not being compatible with Python 3.15 due to the removal of
pathlib.Path.is_reserved() and the addition of pathlib.Path.__vfspath__()
- Fixed the BrokenResourceError raised by the asyncio SocketStream not having
the original exception as its cause
- Fixed the TypeError raised when using "func" as a parameter name in
pytest.mark.parametrize when using the pytest plugin
- Fixed the pytest plugin not running tests that had the anyio marker added
programmatically via pytest_collection_modifyitems
- Fixed cancellation exceptions leaking from a CancelScope on asyncio when they
are contained in an exception group alongside non-cancellation exceptions
- Fixed Condition.wait() not passing on a notification when the task is
cancelled but already received a notification
- Fixed inverted condition in the process pool shutdown phase which would cause
still-running pooled processes not to be terminated
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: edc7885462
---------------------------
python3-aiohttp: upgrade 3.13.3 -> 3.13.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f020cd67ed
---------------------------
parallel: upgrade 20260222 -> 20260322
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bd0446e5d0
---------------------------
ngtcp2: upgrade 1.21.0 -> 1.22.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 636842dbfb
---------------------------
libwebsockets: upgrade 4.5.7 -> 4.5.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 02a16d38ab
---------------------------
libharu: upgrade 2.4.5 -> 2.4.6
Changelog:
===========
- TTF security fixes
- Fix #334 - HPDF_FAILD_TO_ALLOC_MEM missing
- Compatibility with Higher version of Delphi
- Remove restriction on user password to be different from owner password
- Fix various typos
- Fix Build error for Win32 (x86) due to modifier mismatch #350
- CMakeLists.txt: install docs and bindings to DOCDIR
- Adapt CMake scripts for WebAssembly compilation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7e2bda1d70
---------------------------
libgedit-gfls: upgrade 0.3.1 -> 0.4.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 46fe4fd123
---------------------------
jsoncons: upgrade 1.5.0 -> 1.6.0
Changelog:
============
- Git PR #673: Fix warning for non clang builds on linux
- Git Issue #675: std::chrono conversion does not compile with libc++
- Git PR #679: Fix double colon in url generator
- Git PR #680: Added missing space after "found" in maximum_validator
- Git PR #685: optimize semantic_tag::noesc write_string
- Git PR #687: jmespath: allow rhs_expression in a keyvalue - expression
- Git PR #688,#689: jmespath: where possible without losing information,
- store the result of ceil and floor as basic_json integer values
- rather than double values.
- Added toon-format extension
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 47730c10df
---------------------------
glaze: upgrade 7.2.1 -> 7.2.2
Improvements
=============
error_on_missing_array_elements option
Glaze vs Boost.Beast HTTP server benchmarks and optimizations
custom optional support
Add clang-cl CI workflow
Make REST router more like a map and allow overwriting routes
Fixes
======
YAML fix for generic_u64 and generic_i64
format_context to support specifying YAML in opts format field
glz::patch support for all glz::generic_ types
Avoid erroring on nullable value types
Fix GNU-style flag passing to MSVC frontend
Nullable value write skipping
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4da6be16f3
---------------------------
gegl: upgrade 0.4.68 -> 0.4.70
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a67b57ba80
---------------------------
gedit: upgrade 49.0 -> 50.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 68ec52dafd
---------------------------
fastfetch: upgrade 2.60.0 -> 2.61.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8a92f95a89
---------------------------
debootstrap: upgrade 1.0.142 -> 1.0.143
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0d360f35db
---------------------------
ctags: upgrade 6.2.20260322.0 -> 6.2.20260329.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d8f72725a0
---------------------------
b4: upgrade 0.15.0 -> 0.15.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 480588a35f
---------------------------
audit: upgrade 4.1.3 -> 4.1.4
0001-Fixed-swig-host-contamination-issue.patch
refreshed for 4.1.4
Changelog:
===========
- Update syscalls and io_uring tables for the 7.0 kernel
- Code cleanups
- Avoid blocking auditd while handling disk space alerts
- Tighten auditctl permission checks and rule deletion handling
- Fix ausearch and auparse parsing for several newer record types
- Prevent queue resize races in audisp and oversize records in af_unix
- Fix memory safety issues in auparse and the audisp filter plugin
- Improve reliability of audisp-remote, auplugin, and the ids plugin
- Fix stats collection and parsing in the audisp-statsd plugin
- Refresh ausearch and aureport man pages
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cf480608a7
---------------------------
nss: upgrade 3.121 -> 3.122
Changelog: https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_122.html
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ddfd1cadb2
---------------------------
giflib: upgrade 5.2.2 -> 6.1.2
Drop patch that was merged upstream.
License update: a copyright line was removed. The license is still MIT.
Changes:
Version 6.1.2
=============
Code Fixes
----------
* Fix for low-severity CVE-2026-23868 affecting gifponge, giftool, and gifbuild,
but not the core library - library clients need not be alarned.
Version 6.1.1
=============
This release bumps the major version, but only one entry point -
EGifSpew() - has changed signature and behavior (in order to be able
to pass out a detailed error code). The internal error
codes in the E_GIF_ERR series have changed value so none of them
collides with GIF_ERROR.
This code has been systematically audited and hardened wuth
ChatGPT-5.2. The only library fixes reported by users or found by
robot were for some memory leaks that could only triggered by severely
malformed GIFs. Other bugs are edge-case failures in the CLI tools.
The gif2rbg CLI tool has been moved to the "obsolete" bin, because its
only deployment case in 2026 is as a piñata at fuzzer parties.
Warning: the CLI tools in the obsolete category will soon be removed
from the distribution entirely. The maintainer is tired of fielding
junk bugs filed against them by would-be coup-counters who found yet
another edge case, and the rest of the world doesn't need noisy CVEs
that aren't actually DoS or security issues for giflib clients.
Code Fixes
----------
* Fix for CVE-2021-40633.
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #171 ImageMagick required to build giflib on non-Darwin Platforms
* Fix SF bug #172 Incorrect object files in shared libutil on darwin
* Fix SF bug #173 installation of manual pages and html documentation
* Fix SF bug #175 Memory leaks in gifecho.c's main() and in gifalloc.c's GifMakeMapObject
* Fix SF bug #177 wrong pointer used in giftool getbool
* Fix SF bug #179 Path Traversal vulnerability
* Fix SF bug #180: -Wformat-truncation likely pointing out an actual bug
* Fix SF bug #182 out‐of‐bounds writes in Icon2Gif
* Fix SF bug #184 uninitialized buffer in DumpScreen2RGB
* Fix SF bug #185 integer overflow in gifbg.c
* Fix SF bug #186 integer overflow in Icon2Gif
* Fix SF bug #187: CVE-2025-31344
* Fix SF bug #170 Tests failing on Ubuntu Noble, giftext buffer overflow
* Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap
* Fix SF bug #162 detected memory leaks in GifMakeSavedImage giflib/gifalloc.c
* Fix SF bug #161 detected memory leaks in EGifOpenFileHandle giflib/egif_lib.c
* Fix SF bug #142 ABI break public symbol GifQuantizeBuffer
Other bugs that duplicate these have breen addressesed by these fixes
* SF bug #156 EGifSpew leaks SavedImages (and more); won't fix, caller
might want to write a GIF, modify the in-memory data, then write
again.
Tests
-----
Test suite now emits TAP (Test Anything Protocol).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5f963367e9
---------------------------
canopenterm: Update to intermediate version 2.01
- Intermediate release to be able to use a proper version tag
in the Yocto recipe.
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5b4e266ef5
---------------------------
canopenterm: update to version 2.00
- Switched to a new versioning scheme: 1.0.13 -> 2.00
- Reworked CAN interface handling by migrating to the CANvenient abstraction layer
- Improved/updated auto-completion using isocline
- Various bug fixes
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 269bae787f
---------------------------
canvenient: update to version 1.01
- Add versioning
- New version to be able to use a proper version tag
in the Yocto recipe
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e43a6cf3c3
---------------------------
networkmanager: remove (another) obsolete CLAGS extension
The incompatible pointer warning/error has been fixed upstream[1],
no need for custom CFLAGS for this anymore.
[1]: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/43bcfbcdf5e255544adee3d02d0e98efa088c5d3
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 50c5b6a117
---------------------------
networkmanager: remove obsolete CLAGS extension
Compilation with musl has been fixed by upstream[1], no need for custom
CFLAGS for this anymore.
[1]: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/d38b5d92ee66b0243fd5ea6d8fdf58a456e3a5f4
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a307e2fa5d
---------------------------
zabbix: ignore multiple CVEs
CVE-2026-23919: Has been fixed since version 7.0.19[1], mark it as patched
CVE-2026-23920: Has been fixed since version 7.0.22[2], mark it as patched
CVE-2026-23921: Has been fixed since version 7.0.22[3], mark it as patched
CVE-2026-23923: The vulnerable code isn't present in 7.0 yet, it is specific
to 7.4 versions. Compare the fix[4] in 7.4, which is changes code that doesn't
exist in the recipe version. Ignore this CVE due to this.
[1]: https://support.zabbix.com/browse/ZBX-27638
[2]: https://support.zabbix.com/browse/ZBX-27639
[3]: https://support.zabbix.com/browse/ZBX-27640
[4]: https://github.com/zabbix/zabbix/commit/043c28c2083bf8ea596966f2b6b51a26de7deca3
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e003ec73d9
---------------------------
zabbix: upgrade 7.0.23 -> 7.0.24
Changelog:
- reverted the custom-on-fail discard value behavior so that it now correctly
discards the value instead of resetting the error state and recalculating dependent items
- added possibility to switch SSO user on internal login failures
- improved trigger-related postprocessing after configuration cache sync
- fixed graph rendering for items using throttling
- updated man page and help message for zabbix_js
- improved Device status mapping and added trigger for Meraki template
- updated maximum supported TimescaleDB version to 2.25
- fixed script macros expanding via Zabbix proxy during autoregistration
- fixed dependent item error message clearing in preprocessing
- fixed incorrect filter being applied when switching subfilters in multiple tabs
in Data collection->Hosts->Items, Monitoring->Hosts->Graphs
- fixed regexp runtime error when processing log* items with unspecified encoding
by sanitizing invalid UTF-8
- fixed inability to delete host, user, or template groups when accordingly hosts,
users, or templates belonging to them were previously deleted in parallel requests
- improved Teams Workflow webhook to use ALERT.SENDTO macro
- fixed redirect link when deleting host or template from item or item prototype list
- fixed snmp cache housekeeping not to interrupt scheduling
- fixed system.run not terminating commands correctly on Zabbix agent 2
- fixed showing some selected value by default for Map navigation tree
widget if listener does not exist
- fixed multiple event generation not to generate changelog entries on new events
- fixed compilation of Zabbix agent on HP-UX 11.23 (ia64)
- fixed "daylight saving time" error for scheduled reports
- fixed inability to return "not supported" via user parameters
- fixed discovery uniqueness criteria bug
- updated documentation links for Create template group and Create host group
- fixed checkboxes "SSL verify peer" and "SSL verify host" not being selected
when corresponding label is clicked in media type form
- fixed message box display bug in Monitoring problems page
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 615ee730f5
---------------------------
zabbix: Fix multilib pkg check error
Fix following error when multilib is used.
configure: WARNING: using cross tools not prefixed with host triplet
checking pkg-config is at least version 0.9.0... yes
configure: error: cannot find pkg-config package for libpcre
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 13dac80c6f
---------------------------
freeradius: fix radiusd startup failure due to missing openssl legacy provider
Radiusd fails to start because the openssl legacy provider is no longer
built by default[1]:
$ radiusd -C -X
FreeRADIUS Version 3.2.8
[snip]
(TLS) Failed loading legacy provider
Add PACKAGECONFIG[legacy-openssl] to enable openssl legacy provider
support. When disabled, pass --enable-fips-workaround to configure
instead.
Backport two patches to fix the --enable-fips-workaround option.
[1] https://git.openembedded.org/openembedded-core/commit/?id=a150c3580f7f4962152444272c0fe07cfdb72df5
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4ce91ada09
---------------------------
strongswan: upgrade 6.0.4 -> 6.0.5
Beside other fixes, it contains a remediation for CVE-2026-25075
Changelog: https://github.com/strongswan/strongswan/releases/tag/6.0.5
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 192a27f231
---------------------------
tigervnc: upgrade 1.16.0 -> 1.16.2
Contains fix for CVE-2026-34352.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4b4c770ce5
---------------------------
freeipmi: upgrade 1.6.16 -> 1.6.17
Changes:
o Fix exploitable buffer overflows in the following ipmi-oem commands:
- ipmi-oem dell get-last-post-code
- ipmi-oem supermicro extra-firmware-info
- ipmi-oem wistron read-proprietary-string
o Support --proxy in ipmiconsole.
o Fix mem-leak within libfreeipmi locate api.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b18b9d0c0f
---------------------------
netcf: remove recipe
It isn't maintained anymore and requires workarounds when gnulib is
updated.
It was only used by libvirt and with the upstream [1] and meta-virt
changes to not require it anymore, this can be dropped.
[1] https://gitlab.com/libvirt/libvirt/-/commit/35d5b26aa433bd33f4b33be3dbb67313357f97f9
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9c7e2aa21b
---------------------------
tftp-hpa: upgrade 5.2 -> 5.3
* Use git instead of tarball in SRC_URI.
* Update configuration options.
* Clean up and refresh local patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bc543c673a
---------------------------
pidgin: drop obsolete CVE_STATUS
The CVE is now tracked with a version by NVD, it is not needed
to ignore it explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 65e935d2a2
---------------------------
gattlib: drop obsolete CVE_STATUS
The CVE is now tracked by NVD with a version that is earlier than
the recipe, the vulnerability doesn't show up in the CVE report
anymore.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 90d7c90075
---------------------------
python3-nltk: upgrade 3.9.3 -> 3.9.4
Changes:
* Support Python 3.14
* Fix bug in Levenshtein distance when substitution_cost > 2
* Fix bug in Treebank detokeniser re quote ordering
* Fix bug in Jaro similarity for empty strings
* Several security enhancements
* Fix GHSA-rf74-v2fm-23pw: unbounded recursion in JSONTaggedDecoder
* Implement TextTiling vocabulary introduction method (Hearst 1997)
* Fix ALINE feature matrix errors and add comprehensive tests
* Support multiple VerbNet versions, fix longid/shortid regex for VerbNet ids
* Let downloader fallback to md5 when sha256 is unavailable
* Several other minor bugfixes and code cleanups
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6eb5b0ec14
---------------------------
python3-pyjwt: drop obsolete CVE_STATUS
This CVE is disputed, and it is now tracked with an old version
of the application, it doesn't show up in the CVE report anymore.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e541808b6f
---------------------------
kmscon: bump version to 9.3.3
Changes:
- zlib is now a mandatory dependency
- freetype support added
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0c78085b36
---------------------------
dovecot: upgrade 2.4.2 -> 2.4.3
Drop patch which is included in this release, and add a patch that
adapts a lua api call to the lua version that is used in OE.
License-Change: the unicode license text has been updated, there should
be no material change. However while examining these changes, I noticed
that some parts of the code are covered by licenses not mentined in the
recipe. It should reflect all licenses now.
Tis version contains fixes fox CVE-2025-59028, CVE-2025-59031, CVE-2026-24031,
CVE-2026-27859, CVE-2026-27860, CVE-2026-27857, CVE-2026-27856 and CVE-2026-27855
Changelog: https://github.com/dovecot/core/blob/main/NEWS
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 96fdcdd16a
---------------------------
libtorrent-rasterbar: upgrade 2.0.11 -> 2.0.12
1.Changelog
https://github.com/arvidn/libtorrent/releases/tag/v2.0.12
2. Add 0001-Fix-Python3-site-packages-path-to-fix-package-QA-Iss.patch to fix package QA Issue:
libtorrent-rasterbar-2.0.12-r0 do_package: QA Issue: libtorrent-rasterbar: Files/directories were installed but not shipped in any package:
/lib/python3.14/site-packages/libtorrent.so
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 61a9e3d396
---------------------------
libfaketime: upgrade 0.9.11 -> 0.9.12
Since 0.9.11:
- Improved macOS compatibility (@usertam)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dcf125525a
---------------------------
glibmm-2.68: upgrade 2.86.0 -> 2.88.0
NEWS:
https://gitlab.gnome.org/GNOME/glibmm/-/blob/2.88.0/NEWS
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3797a82fee
---------------------------
gjs: upgrade 1.84.1 -> 1.84.2
Version 1.84.2
--------------
- Closed bugs and merge requests:
* GtkNotebook.pages GListModel is inaccessible from GJS [#686, !992, Philip
Chimento]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7e4c318f16
---------------------------
kmsxx: update SRCREV
Update SRCREV to pick the latest changes for kmsxx
Signed-off-by: Swamil Jain <s-jain1@ti.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8223f44b19
---------------------------
libtimezonemap: port to libsoup3
Backport patch to make libtimezonemap port to libsoup3
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 792434a6ac
---------------------------
libgdata: remove unmaintained recipe
This recipe is unmaintained now, and gvfs already disable google
option, so remove this recipe.
[1] https://gitlab.gnome.org/GNOME/gvfs/-/merge_requests/266
[2] https://gitlab.gnome.org/Archive/libgdata/-/merge_requests/49
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d123c39d09
---------------------------
gvfs: drop google option
drop google option to remove dependency on libsoup-2.4, refer upstream
commit [1], and disable google option explicitly
[1] https://gitlab.gnome.org/GNOME/gvfs/-/merge_requests/266
[2] https://gitlab.gnome.org/Archive/libgdata/-/merge_requests/49
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 274be7aad5
---------------------------
strongswan: update PACKAGECONFIG soup
Refer [1], this can fix do_configure failure:
| checking for libsoup-3.0... no
| configure: error: Package requirements (libsoup-3.0) were not met:
|
| Package 'libsoup-3.0' not found
[1] https://github.com/strongswan/strongswan/commit/6ddabf52d5f335147601c7c2797da21820efafb8
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 27d096d984
---------------------------
python3-ecdsa: Upgrade 0.19.1 -> 0.19.2
Changlog:
https://github.com/tlsfuzzer/python-ecdsa/releases/tag/python-ecdsa-0.19.2
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4f37dfeafe
---------------------------
flatbuffers: Convert confusing append to override syntax
While in this case `SYSROOT_PREPROCESS_FUNCS:class-target +=` wouldn't
result in any unwanted override, there is no guarantee there won't be a
change, which would be hidden by this override. To avoid any surprises
in the future let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d20fbcbaae
---------------------------
pcsc-lite: Convert confusing append to override syntax
While in this case `RPROVIDES:${PN}:class-native +=` wouldn't
result in any unwanted override, there is no guarantee there won't be a
change, which would be hidden by this override. To avoid any surprises
in the future let's use `:append:class-native =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 85bcf27db8
---------------------------
syzkaller: Fix appends overriding values
Those LIC_FILES_CHKSUM:class-native(sdk) were actually overriding the
rest of LIC_FILES_CHKSUM.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 480015c97c
---------------------------
syzkaller: Drop qemu-system-native dependency
Either I am missing something or it isn't needed in the build time and
should maybe be a RRECOMMENDS:${PN}?
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Cc: Stefan Wiehler <me@sephalon.net>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 57b0ba8a45
---------------------------
graphviz: Fix append overriding value
It actually overrides value of FILES:${PN} instead of appending.
In this case SDKPATHNATIVE is the prefix so everything was still
working, but let's convert it to a proper conditional append.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 84c2a636e7
---------------------------
postgresql: Fix append overriding value
`EXTRA_OECONF:sh4 += "--disable-spinlocks"` was supposed to simply
disable unsupported spinlocks, but was also overriding other
configuration defined in EXTRA_OECONF above.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a29ae990b4
---------------------------
libgusb: Convert confusing append to assignment
While in this case override caused by `EXTRA_OEMESON:class-native +=` is
desirable, the `+=` can be confusing. Let's avoid that and use explicit
assignment.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a4b25c01a5
---------------------------
postfix: Convert confusing appends to override syntax
While in this case `RDEPENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 87c5669a28
---------------------------
pipewire: Convert confusing appends to override syntax
While in this case `RRECOMMENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ba2baacadf
---------------------------
accountsservice: Convert confusing append to override syntax
While in this case `EXTRA_OEMESON:libc-musl +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:libc-musl =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c777ee6ce7
---------------------------
aufs-util: Convert confusing append to override syntax
While in this case `RRECOMMENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4f2cc704e5
---------------------------
gnome-bluetooth3: Fix RRECOMMENS typo
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 01a34fa1cc
---------------------------
meta-python: Convert confusing appends to override syntax
While in this case `RDEPENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 343f5a7a75
---------------------------
Add recipe: isocline 1.0.9
Isocline is a pure C library that can be used as an alternative to the GNU readline library.
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d1f51bbd0a
---------------------------
python3-fastapi-cli: upgrade 0.0.20 -> 0.0.24
Changelog
https://github.com/fastapi/fastapi-cli/releases/tag/0.0.24
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 204537dd38
---------------------------
xfce4-session: Make gdk-pixbuf-csource available
Fixes the below error during do_configure:
../sources/xfce4-session-4.21.1/meson.build:50:21: ERROR: Program '/usr/bin/gdk-pixbuf-csource' not found or not executable
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 44d6b2efa5
---------------------------
nmap: make python3 RDEPENDS conditional on ndiff
When ndiff was disabled by default in 51e070301e ("nmap: disable
ndiff"), the python3 RDEPENDS were left unconditional on the main
package. This causes python3-difflib, python3-asyncio and python3-xml
to be pulled into every image that includes nmap, even though ndiff is
not built and the core nmap binary (C++) does not need Python.
Gate the RDEPENDS behind the ndiff PACKAGECONFIG so that Python is only
required when ndiff is actually enabled.
Signed-off-by: Paolo Barbolini <paolo.barbolini@m4ss.net>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 95446dcf8f
---------------------------
grpc: upgrade 1.78.1 -> 1.80.0
License-Update: Re-scope secondary licenses [1]
Release information [2]:
This is release 1.80.0 (glimmering) of gRPC Core.
Core
* [ssl] Implement TLS private key signer in Python. (#41701)
* [TLS Credentials]: Private Key Offload Implementation. (#41606)
* Fix max sockaddr struct size on OpenBSD. (#40454)
* [core] Enable EventEngine for Python by default, and EventEngine fork support in Python and Ruby. (#41432)
* [TLS Credentials]: Create InMemoryCertificateProvider to update certificates independently. (#41484)
* [Ruby] Build/test ruby 4.0 and build native gems with Ruby 4.0 support. (#41324)
* [EventEngine] Remove an incorrect std::move in DNSServiceResolver constructor. (#41502)
* [RR and WRR] enable change to connect from a random index. (#41472)
* [xds] Implement gRFC A101. (#41051)
C++
* [C++] Add SNI override option to C++ channel credentials options API. (#41460)
[1] https://github.com/grpc/grpc/commit/fb53717dfa6b264e7f930bb5e9a7e5c86a31ed9e
[2] https://github.com/grpc/grpc/releases/tag/v1.80.0
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5d9711d7c3
---------------------------
xdg-desktop-portal-gnome: update 49.0 -> 50.0
Changes in 50.0
=================
- Make the Clipboard portal return errors instead of succeeding
- Fix a bug in the Print portal where it was accidentally closing fd 0
- Translation updates
Changes in 50.rc
=================
- Translation updates
Changes in 50.beta
=================
- Update libgxdp
- Remove ellipse from the app chooser list header
- Fix a memory leak in the Print portal implementation
- Fix icon size in the Dynamic Launcher portal
- Various fixes in the Remote Desktop portal
- Fix monitor identification in VMs
- Fix an issue with mismatching GVariant type unwrapping
- Translation updates
Changes in 50.alpha
=================
- Fix a potential source of crashes in the ScreenCast portal code
- Properly send the Global Shortcut activation token to the portal frontend
- Update libgxdp to override GTK settings
- Use a GNOME OS based CI template
- Translation updates
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 39c56aba24
---------------------------
gnome-software: update 49.2 -> 50.0
Version 50.0
~~~~~~~~~~~~
Released: 2026-03-13
This is a stable release with updated translations:
* Danish (Alan Mortensen)
* English (United Kingdom) (Bruce Cowan)
* Japanese (小山田 純 - Oyamada Jun)
* Occitan (post 1500) (Quentin PAGÈS)
* Polish (Victoria)
* Portuguese (Hugo Carvalho)
Version 50~rc
~~~~~~~~~~~~~
Released: 2026-02-27
This is an unstable release with the following changes:
* Remember window size between app restarts
* Updates page could be sometimes hidden after resume from suspend
* Allow remove also Flatpak remotes from system installation
* Correct check for add-ons when app's ID changed
* Improve socket permissions checks for Flatpak apps
This release also updates translations:
* Basque (Asier Saratsua Garmendia)
* Catalan (Jordi Mas, Victor Dargallo)
* Chinese (China) (luming zh)
* Czech (Daniel Rusek)
* Finnish (Jiri Grönroos)
* French (Lucien Ouoba, Guillaume Bernard)
* Galician (Fran Diéguez)
* German (Christian Kirbach)
* Greek, Modern (1453-) (Efstathios Iosifidis)
* Hungarian (Balázs Úr)
* Interlingua (International Auxiliary Language Association) (Emilio Sepúlveda)
* Italian (Davide Ferracin)
* Japanese (Makoto Sakaguchi)
* Kazakh (Baurzhan Muftakhidinov)
* Korean (Seong-ho Cho)
* Spanish (Daniel Mustieles)
* Swedish (Anders Jonsson)
* Turkish (Sabri Ünal)
Version 50~beta
~~~~~~~~~~~~~~~
Released: 2026-01-30
This is an unstable release with the following changes:
* Show install and uninstall progress of an add-on
* Use lower thread priority when running in background
* Fix possible crash on session permission change
* Fix possible crash after XbSilo rebuild
This release also updates translations:
* Bulgarian (twlvnn kraftwerk)
* Georgian (Ekaterine Papava)
* Hebrew (Yaron Shahrabani)
* Indonesian (Andika Triwidada)
* Kazakh (Baurzhan Muftakhidinov)
* Lithuanian (Aurimas Aurimas Černius)
* Portuguese (Brazil) (Juliano de Souza Camargo)
* Romanian (Antonio Marin)
* Russian (Artur S0)
* Slovenian (Martin)
* Uighur (Abduqadir Abliz)
* Ukrainian (Yuri Chornoivan)
Version 50~alpha
~~~~~~~~~~~~~~~~
Released: 2026-01-15
This is an unstable release with the following changes:
* Improve display of long repository names
* Clarify warning about removing data when uninstalling an app
* Fix minor UI issues when scrolling using gestures on a touchpad
* Don’t show firmware warning on Installed Updates page
* Several fixes to update history on rpm-ostree systems
* Improve notifying the user about newly installed trivial flatpak app updates
* Improve display of keyboard shortcuts
* Split rpm-ostree changelogs by app
* Display error toasts in the repositories dialog when something goes wrong
This release also updates translations:
* Catalan (Victor Dargallo)
* Indonesian (Andika Triwidada)
* Japanese (Makoto Sakaguchi)
* Kazakh (Baurzhan Muftakhidinov)
* Portuguese (Hugo Carvalho)
* Portuguese (Brazil) (Juliano de Souza Camargo)
* Russian (Artur S0)
* Slovenian (Martin)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ba1fd62faa
---------------------------
ostree: drop soup2 option
* libsoup-2.4 is deprecated, and some recipes already stop support of
soup2, soup2 and soup3 cannot be used together
* ostree upstream already stop test of soup2, refer [1]
* Remove unnecessary comments, PACKAGECONFIG for ptest already set in bb
[1] https://github.com/ostreedev/ostree/pull/3531
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 35970473be
---------------------------
surf: upgrade to latest commit
* upgrade to latest commit
* latest commit support soup3 by default, refer [1]
[1] https://git.suckless.org/surf/commit/7f1156f9b0977a72e523e031cf67a4946cfee9b2.html
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e3579ff0f6
---------------------------
yelp: drop soup2 option
libsoup-2.4 is deprecated, and other recipes already stop support of
soup2, soup2 and soup3 cannot be used together, and the latest version
of yelp also drop option webkit2gtk-4-0
[1] https://gitlab.gnome.org/GNOME/yelp/-/commit/1b0ccdae25d0a788a2b44960db7273f2d1dacb4d
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e2bdd9cee2
---------------------------
dialog: 1.3-20250116 -> 1.3-20260107
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e5c5731771
---------------------------
thunar-shares-plugin: add missing HOMEPAGE
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e6fbb6330b
---------------------------
bpftrace: Upgrade to 0.25.1 release
* This version works with llvm 22+
* Use system libbpf
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c358831993
---------------------------
bcc: Upgrade to 0.36.1
* Drop upstreamed patches
* Backport clang-22 fix
* Disable git lfs
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 28f7c9cf68
---------------------------
libbpf: Upgrade to 1.7.0 release
User space-side features
* bpf_map__set_exclusive_program() and bpf_map__exclusive_program() APIs for exclusive map creation;
* bpf_program__assoc_struct_ops() and bpf_prog_assoc_struct_ops() APIs to associate a non-struct_ops BPF program with a struct_ops map;
* btf__permute() API to rearrange BTF types in-place according to a provided mapping;
* BTF type lookup optimization: binary search for btf__find_by_name() and btf__find_by_name_kind();
* btf__add_btf() now accepts split BTF sources;
* fsession support (SEC("fsession+") / SEC("fsession.s+"));
* BPF_F_CPU and BPF_F_ALL_CPUS flags support for per-CPU map operations;
* arena globals are moved to the end of the arena mmap region if kernel supports it;
* support for LLVM-generated indirect jump tables (BPF ISA v4) via .jumptables ELF section and BPF_MAP_TYPE_INSN_ARRAY maps;
* avoid expensive kallsyms parsing when kprobe.session target is an exact function match;
* new dont_enable option in struct bpf_perf_event_opts to suppress perf event auto-enablement;
BPF-side features
* USDT SIB (Scale-Index-Base) addressing support;
* dynptr helper signatures (bpf_dynptr_from_mem, bpf_dynptr_read, bpf_dynptr_write, bpf_dynptr_data) widened from 32-bit to 64-bit size/offset parameters;
Bug fixes
* As usual, a number of bug fixes included, see full commit log for details.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e79ff35fbe
---------------------------
include-what-you-use: Upgrade to 0.26
This works with clang-22
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 81e1926faf
---------------------------
nginx: upgrade 1.29.6 -> 1.29.7
Changes:
*) Security: a buffer overflow might occur while handling a COPY or MOVE
request in a location with "alias", allowing an attacker to modify
the source or destination path outside of the document root
(CVE-2026-27654).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module on 32-bit platforms might cause a worker process
crash, or might have potential other impact (CVE-2026-27784).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash, or might have
potential other impact (CVE-2026-32647).
*) Security: a segmentation fault might occur in a worker process if the
CRAM-MD5 or APOP authentication methods were used and authentication
retry was enabled (CVE-2026-27651).
*) Security: an attacker might use PTR DNS records to inject data in
auth_http requests, as well as in the XCLIENT command in the backend
SMTP connection (CVE-2026-28753).
*) Security: SSL handshake might succeed despite OCSP rejecting a client
certificate in the stream module (CVE-2026-28755).
*) Feature: the "multipath" parameter of the "listen" directive.
*) Feature: the "local" parameter of the "keepalive" directive in the
"upstream" block.
*) Change: now the "keepalive" directive in the "upstream" block is
enabled by default.
*) Change: now ngx_http_proxy_module supports keepalive by default; the
default value for "proxy_http_version" is "1.1"; the "Connection"
proxy header is not sent by default anymore.
*) Bugfix: an invalid HTTP/2 request might be sent after switching to
the next upstream if buffered body was used in the
ngx_http_grpc_module.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 34b3d0f491
---------------------------
nginx: upgrade 1.28.2 -> 1.28.3
Changes:
*) Security: a buffer overflow might occur while handling a COPY or MOVE
request in a location with "alias", allowing an attacker to modify
the source or destination path outside of the document root
(CVE-2026-27654).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module on 32-bit platforms might cause a worker process
crash, or might have potential other impact (CVE-2026-27784).
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash, or might have
potential other impact (CVE-2026-32647).
*) Security: a segmentation fault might occur in a worker process if the
CRAM-MD5 or APOP authentication methods were used and authentication
retry was enabled (CVE-2026-27651).
*) Security: an attacker might use PTR DNS records to inject data in
auth_http requests, as well as in the XCLIENT command in the backend
SMTP connection (CVE-2026-28753).
*) Security: SSL handshake might succeed despite OCSP rejecting a client
certificate in the stream module (CVE-2026-28755).
*) Change: now nginx limits the size and rate of QUIC stateless reset
packets.
*) Bugfix: receiving a QUIC packet by a wrong worker process could cause
the connection to terminate.
*) Bugfix: in the ngx_http_mp4_module.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9912799983
---------------------------
packagegroup-meta-oe: Remove protobuf-ptest from packagegroup-meta-oe-ptest-packages
ptests in protobuf are disabled due to pkgconfig -> pkgconf regression
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 866d0d78d5
---------------------------
nautilus: update 49.4 -> 49.5
Major Changes in 49.5
=====================
* Bugfixes:
- Avoid unnecessary delay before enabling Skip button (parzival)
- Fix crash when searching in Starred (Shivam)
* Translation updates (GNOME Translation Project contributors)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4297ffcc78
---------------------------
xdg-dbus-proxy: fix issue with glibc >= 2.43
Add a backport patch to fix an issue with glibc >= 2.43
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 99531e79e7
---------------------------
flatpak: update 1.17.2 -> 1.17.3
Enhancements:
* Improve check for --filesystem paths pointing to a parent folder (#6473)
* Fail if non-interactive and multiple refs, remotes or installations match
(#5754)
* Default to text auth on WSL (#6491)
* Add build instructions for Ubuntu 24.04 (#6498)
* Show a better message when there are no refs to update (#6521)
* Silence AppStream refresh output on non-interactive runs (#6521)
* Translation updates: pt_BR (#6483), sl (#6468, #6475), sv (#6514), tr (#6528),
zh_CN (#6469, #6477)
Bug fixes:
* Map the font-dirs.xml file more selectively (#6450)
* Change const pointers. This fixes build issues with glibc 2.43. (#6490)
* Add custom type flatpak_home_t for ~/.local/share/flatpak for SELinux (#6437)
* Fix build warnings when compiling with -Wanalyzer-null-argument and with
-Wanalyzer-null-dereference (#6527)
* Use raw string for regular expression in the flatpak-bisect script (#6519)
Internal changes:
* Set the `FLATPAK_TRIGGERSDIR` environment variable when running
installed tests. This fixes a regression with autopkg tests in
Debian. (#6444)
* Add translator comments for some translatable strings (#6462)
* Fix typos in translatable strings (#6463)
* Fix lots of typos in code comments (#6482)
* Remove an unused function (#6529)
* Update two strings (#6464)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c3c094cf8d
---------------------------
mypaint-brushes-1.0: remove recipe
It was only required for gimp, which now uses mypaint-brushes v2
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5d46cfae3a
---------------------------
gimp: fix RDEPENDS
This prevents the wrong mypaint-brushes package from being installed
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5a8f86eeef
---------------------------
graphviz: upgrade 14.1.3 -> 14.1.4
Changelog:
==========
- Enable ascii plugin to be built using autotools.
- Processing 'concentrate=true' graphs no longer crashes Graphviz. Processing of
'concentrate=true' graphs still often errors out.
License_Update: Change Eclipse Public License from version 1.0 to 2.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6b5936f19a
---------------------------
ostree: upgrade 2024.10 -> 2025.7
Due to upstream commit [1], drop ostree-finalize-staged.path
[1] https://github.com/ostreedev/ostree/commit/2b9912e9f9210a3fa8396485a91224620b2138bc
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: becb5f51ef
---------------------------
dlt-daemon: fix do_install failure
Fix do_install failure:
sed: can't read ../dlt-daemon/3.0.0/image/usr/lib/pkgconfig/automotive-dlt.pc: No such file or directory
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 801addc528
---------------------------
refpolicy-targeted: Add sepolicy for adb service
- Fix adb pull/push operations.
- Fix interactive shell execution.
Signed-off-by: Abhilasha Manna <amanna@qti.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 79201ef95e
---------------------------
openvpn: fix ptest
The openvpn 2.7.0 upgrade refactored
tests/unit_tests/openvpn/Makefile.am, changing how test_binaries is
defined. This caused autoreconf to generate Makefiles where
buildtest-TESTS and runtest-TESTS no longer have rule bodies, breaking
the existing ptest recipe which relied on these targets for compilation
and execution. The fix replaces these internal automake targets with
stable interfaces: check-am for compilation and direct binary execution
on target.
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f9a520a6bc
---------------------------
gnome-online-accounts: update 3.55.1 -> 3.58.0
This fixes gvfs build if online-accounts is enabled
| Dependency goa-1.0 found: NO. Found 3.55.1 but need: '> 3.57.0'
| Found CMake: NO
| Run-time dependency goa-1.0 found: NO
|
| ../sources/gvfs-1.60.0/meson.build:371:12: ERROR: Dependency lookup for goa-1.0 with method 'pkgconfig' failed: Invalid version, need 'goa-1.0' ['> 3.57.0'] found '3.55.1'.
Overview of changes in 3.58.0
=============================
* Bugs fixed:
- #453 SMTP server without password cannot be configured (Milan Crha)
- Remove unneeded SMTP password escaping
- !384 build: Disable google provider Files feature (Ondrej Holy)
- !385 MS365: Fix mail address and name (Jan-Michael Brummer)
- !386 Google: Set mail name to presentation identity (Jan-Michael Brummer)
* Translation updates:
- Arabic (Ahmed Najmawi)
- Basque (Asier Saratsua Garmendia)
- Catalan (Victor Dargallo, Jordi Mas)
- Chinese (China) (luming zh)
- Czech (Daniel Rusek)
- Danish (Ask Hjorth Larsen)
- English (United Kingdom) (Bruce Cowan)
- Finnish (Jiri Grönroos)
- French (Lucien Ouoba)
- Galician (Fran Diéguez)
- German (Jürgen Benvenuti)
- Greek, Modern (1453-) (Efstathios Iosifidis)
- Hebrew (Yaron Shahrabani)
- Hungarian (Balázs Úr)
- Japanese (小山田 純 - Oyamada Jun)
- Kazakh (Baurzhan Muftakhidinov)
- Korean (Seong-ho Cho)
- Lithuanian (Aurimas Aurimas Černius)
- Persian (Danial Behzadi)
- Polish (Victoria)
- Portuguese (Hugo Carvalho)
- Romanian (Antonio Marin)
- Russian (Artur S0)
- Spanish (Daniel Mustieles)
- Swedish (Anders Jonsson)
- Turkish (Sabri Ünal)
- Uighur (Abduqadir Abliz)
Overview of changes in 3.57.1
=============================
* Bugs fixed:
- #335 Default Microsoft 365 client is unverified
- #442 Unclear which part of "IMAP+SMTP" account test failed
- #450 adding nextcloud account which has a subfolder does not work
- !368 Microsoft 365: Make use of email for id (Jan-Michael Brummer)
- !374 goadaemon: Handle broken account configs
- !378 goadaemon: Allow manage system notifications
- !379 goamsgraphprovider: bump credentials generation
- !377 goaprovider: Allow to disable, instead of enable, selected providers
* Translation updates:
- Bulgarian (Alexander Alexandrov Shopov)
- Georgian (Ekaterine Papava)
- Indonesian (Andika Triwidada)
- Italian (Nathan Giovannini)
- Kazakh (Baurzhan Muftakhidinov)
- Norwegian Bokmål (Kjartan Maraas)
- Occitan (post 1500) (Quentin PAGÈS)
- Portuguese (Brazil) (Juliano de Souza Camargo)
- Slovenian (Martin)
- Ukrainian (Yuri Chornoivan)
Overview of changes in 3.57.0
=============================
* Changes:
- build: bump glib requirement to 2.84
* Bugs fixed:
- #417 Support for saving a Kerberos password to the keychain after the first
login
- #436 changing expired kerberos password is not supported.
- #437 Provided Files URI does not override undiscovered endpoint
- #439 DAV client rejects 204 status in OPTIONS request handler
- #445 Include emblem-default-symbolic.svg
- #448 Connecting a Runbox CardDAV/CalDAV account hangs/freezes after sign in
- !355 i81n: fix translatable string
- !360 goaimapsmptprovider: fix accounts without SMTP or authentication-less
SMTP
- !364 build: only install icons for the goabackend build
- !365 build: don't require goabackend to build documentation
- !366 ci: test the build without gtk4
- !370 DAV-client: Added short path for SOGo
* Translation updates:
- Bulgarian (twlvnn kraftwerk)
- Chinese (China) (luming zh)
- Czech (Daniel Rusek)
- English (United Kingdom) (Bruce Cowan)
- Esperanto (Kristjan SCHMIDT)
- Friulian (Fabio Tomat)
- Georgian (Ekaterine Papava)
- German (Froschi)
- Greek, Modern (1453-) (Efstathios Iosifidis)
- Persian (Danial Behzadi)
- Portuguese (Hugo Carvalho)
- Romanian (Antonio Marin)
- Serbian (Милош Поповић)
- Slovenian (Martin)
- Turkish (Sabri Ünal)
- Uighur (Abduqadir Abliz)
- Ukrainian (Yuri Chornoivan)
Overview of changes in 3.56.0
=============================
* Changes:
- !353 Code style and logging cleanups
* Translation updates:
- Basque (Asier Saratsua Garmendia)
- Catalan (Jordi Mas i Hernandez)
- Chinese (China) (luming zh)
- Danish (Ask Hjorth Larsen)
- Dutch (Nathan Follens)
- Esperanto (Kristjan SCHMIDT)
- French (Julien Humbert)
- Georgian (Ekaterine Papava)
- Korean (Seong-ho Cho)
- Lithuanian (Aurimas Aurimas Černius)
- Occitan (post 1500) (Quentin PAGÈS)
- Portuguese (Brazil) (Juliano de Souza Camargo)
- Spanish (Daniel Mustieles)
- Swedish (Anders Jonsson)
- Turkish (Sabri Ünal)
- Ukrainian (Yuri Chornoivan)
Overview of changes in 3.55.2
=============================
* Bugs fixed:
- !352 goaoauth2provider: improve error handling for auth/token endpoints
* Translation updates:
- Czech (Daniel Rusek)
- Dutch (Nathan Follens)
- Galician (Fran Diéguez)
- Hebrew (Yaron Shahrabani)
- Hungarian (Balázs Úr)
- Japanese (Makoto Sakaguchi)
- Persian (Danial Behzadi)
- Polish (Piotr Drąg)
- Russian (Artur S0)
- Slovak (Dušan Kazik)
- Thai (Aefgh Threenine)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d3df624668
---------------------------
ptest-packagelists-meta-oe: Remove protobuf and xmlsec1
These tests are disabled in recipe, re-add them here once that is fixed
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Ross Burton <ross.burton@arm.com>
---------------------------
Commit: 7a24822d70
---------------------------
python3-py7zr: remove python3-pyzstd
This dependency was replaced with the standard compression.zstd module
in 1.1.0[1].
[1] https://github.com/miurahr/py7zr/commit/ccf0def15e4542ffc24e2a6f00570622ed04a0c9
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2454812275
---------------------------
localsearch: update 3.9.0 -> 3.11.0
- rework reproducibility patch
- disable functional_tests to avoid python3-dbusmock-native dependency
- add PACKAGECONFIG for libzip and enable by default
NEW in 3.11.0 - 2026-03-15
==========================
* Memory leak fixes
* Stability fixes
* Fixes to tv series/season extraction from video files
Translations: ca, da, en_GB, pl
Notable changes since 3.10.0:
* Default configuration change, the user home directory will now be indexed
recursively as a whole, instead of XDG folders
* Major change in handling of removable devices. When enabled, removable
devices will get a `.localsearch3` folder with a self-contained database
for the removable device indexed data, instead of being included in the
main database in the user home folder. The setting default remains off.
* The set of dependencies was modernized and sanitized. GExiv2 is now used
for more metadata, libzip is now used for bundled files.
NEW in 3.11.rc - 2026-03-03
===========================
* Reliability improvements to the test suite
Translations: es, hu, ko, ne, oc, pt
NEW in 3.11.beta - 2026-02-18
=============================
* Fixes for possible buffer overflows and NULL pointer dereferences
in MP3 extractor
* Fix seccomp jail in database helper process for removable devices
* Replace libgsf with libzip for ZIP content handling
* Improve reliability of the test suite in slow scenarios (e.g. CI)
Translations: bg, ca, cs, el, eu, fa, fr, gl, he, ka, kk, lt, pt_BR, ro, ru,
sl, sv, tr, ug, uk, zh_CN
NEW in 3.11.alpha - 2026-01-05
==============================
* Default configuration change, the user home directory will now be indexed
recursively as a whole, instead of XDG folders
* Major change in handling of removable devices. When enabled, removable
devices will get a `.localsearch3` folder with a self-contained database
for the removable device indexed data, instead of being included in the
main database in the user home folder. The setting default remains off.
* Improved handling of indexed folder changes found on restart
* Improved handling of indexing cancellation in deleted folders
* Improved handling of BTRFS filesystems
* Dropped libexif dependency, EXIF data is now extracted through gexiv2
* Dropped libpiptcdata dependency, IPTC data is now extracted through
gexiv2
* Consistency improvements to extracted metadata
* Fixes to SHSTK handling in the sandboxed process
* Further extended test coverage
Translations: ca, el, fur, id, oc, sr, sr@latin
NEW in 3.10.1 - 2025-10-13
==========================
* Improvements to the handling of corrupted databases
* Avoid session startup issues if database initialization takes long
* Handle compressed Abiword documents
* Memory usage improvements indexing WEBP files
* Support gexiv2 >= 0.16
* Unify metadata extraction deadline mechanisms
* Test suite improvements
Translations: bg, ca, es, kab, pt, ro, tr, ug
NEW in 3.10.0 - 2025-09-14
==========================
* Fixes to handling of configuration changes
* Improvements to the test suite
Translations: da, en_GB, eo, es, eu, fa, he, hu, ka, ko, lt, nl, pt_BR, ru, sv, tr, uk, zh_CN
Notable changes since 3.9.0:
* A number of behavioral settings has been deprecated
* Webp file format now has a metadata extractor
NEW in 3.10.rc - 2025-09-01
===========================
* Webp file format now has a metadata extractor
* Indexer refactors and cleanups
Translations: ca, cs, gl, pl, sl
NEW in 3.10.beta - 2025-08-03
=============================
* Fix service files with -Ddomain-ontology option
* Fixes for Alpine and similar distributions without merged /usr
NEW in 3.10.alpha - 2025-07-01
==============================
* Systemd integration improvements
* A number of behavioral settings has been deprecated
* Fixes handling /var/home directories
* Many improvements to the command line tool
* The tracker:available property is again set on all graphs, for
indexed folders
* Fixes handling XML documents
* Fixes for possible crashes handling large PDF files
* Fixes for coverity warnings
* Code cleanups and refactors
Translations: be, ca, uz
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0662fc89e4
---------------------------
webkitgtk3: fix compile failed on qemuarm
$ echo 'MACHINE = "qemuarm"' >> conf/local.conf
$ bitbake webkitgtk3
...
| {standard input}:43622: Error: symbol `op_instanceof_return_location' is already defined
| {standard input}:43623: Error: symbol `.Lop_instanceof_return_location' is already defined
| {standard input}:44352: Error: symbol `op_instanceof_return_location_wide16' is already defined
| {standard input}:44353: Error: symbol `.Lop_instanceof_return_location_wide16' is already defined
| {standard input}:45090: Error: symbol `op_instanceof_return_location_wide32' is already defined
| {standard input}:45091: Error: symbol `.Lop_instanceof_return_location_wide32' is already defined
...
Drop 0001-Fix-32bit-arm.patch which conflicts with upstream solution [1]
[1] https://github.com/WebKit/WebKit/commit/fcaa289f6015595a638eb96b9f728eaaa7b13ab8
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 11d5900ee6
---------------------------
tree: upgrade 2.3.1 -> 2.3.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3f9a07871a
---------------------------
tinysparql: upgrade 3.10.1 -> 3.11.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: df2d72f147
---------------------------
tecla: upgrade 49.0 -> 50.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ab7159e7e4
---------------------------
swagger-ui: upgrade 5.32.0 -> 5.32.1
Bugfixes:
=========
- invalidate models components cache based on location
- style: use container queries for responsive design
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9bcba5654d
---------------------------
sip: upgrade 6.15.1 -> 6.15.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ff8d823990
---------------------------
rtorrent: upgrade 0.16.7 -> 0.16.8
Changelog:
===========
- Added dns cache
- Fix crash on double scrape request
- Use callback in DnsBuffer result and catch EINTR in Listen
- Fixed various SCGI issues
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5e96701ccc
---------------------------
qcbor: upgrade 1.6 -> 1.6.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 95b76c2f88
---------------------------
python3-virtualenv: upgrade 20.36.1 -> 21.2.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6489eee14b
---------------------------
python3-uvicorn: upgrade 0.41.0 -> 0.42.0
Changelog:
===========
- Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies
- Escape brackets and backslash in httptools HEADER_RE regex
- Fix multiple issues in websockets sans-io implementation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 923ce0e77e
---------------------------
python3-uswid: upgrade 0.5.2 -> 0.6.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a875a17506
---------------------------
python3-starlette: upgrade 0.52.1 -> 1.0.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f6dc162375
---------------------------
python3-simpleeval: upgrade 1.0.3 -> 1.0.7
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8f6946ae76
---------------------------
python3-sentry-sdk: upgrade 1.45.1 -> 2.55.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 25c7e97c8d
---------------------------
python3-rich-toolkit: upgrade 0.15.1 -> 0.19.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5a3ec34c97
---------------------------
python3-pytest-env: upgrade 1.5.0 -> 1.6.0
Changelog:
===========
- Add permissions to workflows
- Add SECURITY.md to .github/
- Add missing .github config files
- Standardize .github files to .yaml suffix
- Fix verbose source attribution when falling back to INI en
- feat(env): preserve existing env values
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 25009e9407
---------------------------
python3-pytest-cov: upgrade 7.0.0 -> 7.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b0ffe6916f
---------------------------
python3-pre-commit: upgrade 4.3.0 -> 4.5.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e8899fd7e4
---------------------------
python3-pint: upgrade 0.25.2 -> 0.25.3
Changelog:
==============
- 'GenericPlainRegistry.parse_expression' now correctly returns a dimensionless
Quantity when taking a float, int, or NaN
- Replace MIP with scipy in 'Quantity.to_preferred'
- New unit formatting modifier added ('^') to format unit with negative
exponents
- Add atomic unit of electric field gradient
('atomic_unit_of_electric_field_gradient', 'a_u_efg')
- Defer expensive loading of dask.array
- Add support for numpy's 'vdot', 'inner', 'outer', 'linalg.outer', 'matvec',
'vecmat', 'tensordot', and 'linalg.tensordot'
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 014d806fa5
---------------------------
python3-pikepdf: upgrade 10.3.0 -> 10.5.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 77b8a0afd6
---------------------------
python3-myst-parser: upgrade 4.0.1 -> 5.0.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: dc606f7071
---------------------------
python3-mpmath: upgrade 1.4.0 -> 1.4.1
Changelog:
============
- Fix test_hexadecimal_with_libc_bulk()
- Keep available deprecated aliases for mpc/mpf_log()
- Use version_file option of setuptools-scm to keep version info
- Add workaround for test on s390x
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 06a26a7707
---------------------------
python3-mdit-py-plugins: upgrade 0.4.2 -> 0.5.0
Changelog:
==========
- Add plugin & tests to render subscripts
- Drop Python 3.9
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 749b7c0116
---------------------------
python3-kiwisolver: upgrade 1.4.9 -> 1.5.0
License-Update: Copyright year updated to 2026
Changelog:
==========
- add support for CMakeLists
- implement more move constructor in the C++ code
- add C++ tests
- add support for GraalPy
- add RiscV support
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 807c44e99e
---------------------------
python3-inline-snapshot: upgrade 0.32.4 -> 0.32.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2964f80710
---------------------------
python3-importlib-metadata: upgrade 8.7.1 -> 9.0.0
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 330bb64346
---------------------------
python3-imageio: upgrade 2.37.2 -> 2.37.3
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 907622615b
---------------------------
python3-identify: upgrade 2.6.17 -> 2.6.18
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6c44c7d271
---------------------------
python3-icu: upgrade 2.16.1 -> 2.16.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3ef22a8783
---------------------------
python3-google-auth-oauthlib: upgrade 1.2.3 -> 1.3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 176a96f6fb
---------------------------
python3-filelock: upgrade 3.25.0 -> 3.25.2
Changelog:
==========
- fix(unix): suppress EIO on close in Docker bind mounts
- docs(logo): add branded project logo
- fix(win): restore best-effort lock file cleanup on release
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5871948af0
---------------------------
python3-faker: upgrade 40.8.0 -> 40.11.0
Changelog:
=============
- Add major Swiss banks to de_CH bank provider.
- Fix: mixed-gender names in es_MX locale.
- Fix pt_PT postalcode format in address provider.
- Fix mutable default providers.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2f10352e4a
---------------------------
python3-coverage: upgrade 7.13.4 -> 7.13.5
Changelog:
==========
- Fix: issue 2138 describes a memory leak that happened when repeatedly using
the Coverage API with in-memory data. This is now fixed.
- Fix: the markdown-formatted coverage report didn't fully escape special
characters in file paths (issue 2141). This would be very unlikely to cause a
problem, but now it's done properly
- Fix: the C extension wouldn't build on VS2019, but now it does
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f2cfe8d069
---------------------------
python3-cbor2: upgrade 5.8.0 -> 5.9.0
Changelog:
=========
- Added the max_depth decoder parameter to limit the maximum allowed nesting
level of containers, with a default value of 400 levels (CVE-2026-26209)
- Changed the default read_size from 4096 to 1 for backwards compatibility. The
buffered reads introduced in 5.8.0 could cause issues when code needs to
access the stream position after decoding. Users can opt-in to faster decoding
by passing read_size=4096 when they don't need to access the stream directly
after decoding. Added a direct read path for read_size=1 to avoid buffer
management overhead.
- Fixed C encoder not respecting string referencing when encoding string-type
datetimes (tag 0)
- Fixed a missed check for an exception in the C implementation of
CBOREncoder.encode_shared()
- Fixed two reference/memory leaks in the C extension's long string decoder
- Fixed C decoder ignoring the str_errors setting when decoding strings, and
improved string decoding performance by using stack allocation for small
strings and eliminating unnecessary conditionals. Benchmarks show 9-17% faster
deserialization.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3490811436
---------------------------
python3-bleak: upgrade 2.1.1 -> 3.0.0
Changelog:
============
- Added adapter attribute to bleak.args.bluez.BlueZClientArgs and
bleak.args.bluez.BlueZScannerArgs.
- Added bluez keyword argument to BleakClient.
- Added new bleak.args.bluez.BlueZClientArgs class.
- Added bleak.exc.BleakGATTProtocolError and
bleak.exc.BleakGATTProtocolErrorCode classes.
- Added type hints and documentation for use_cached kwarg for read_gatt_char()
and read_gatt_descriptor() methods in BleakClient.
- Added support for "use_cached" kwarg to read_gatt_char() and
read_gatt_descriptor() methods in BlueZ backend.
- Deprecated adapter keyword argument in BleakScanner and BleakClient.
- Changed GATT read and write methods to raise BleakGATTProtocolError when a
GATT protocol error occurs.
- Changed start/stop scanning on CoreBluetooth so that the isScanning property
is not checked anymore.
- Changed BleakClient.write_gatt_descriptor() to raise ValueError when
attempting to write to the descriptor 0x2902 (Client Characteristic
Configuration Descriptor, CCCD). Use start_notify() and stop_notify() instead.
- Fixed occasional EOFError when disconnecting in BlueZ backend.
- Fixed a potential deadlock when turning off Bluetooth manually while starting
scanning on CoreBluetooth.
- Fixed reading descriptors 0x2900, 0x2902 and 0x2903 on CoreBluetooth backend.
- Fixed cyclic references problem in CoreBluetooth backend causing memory
leaks.
- Fixed typehint for BleakScanner.__aexit__().
- Removed undocumented/deprecated device keyword argument from
BleakScannerBlueZDBus and BleakClientBlueZDBus.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: af3f94a0ca
---------------------------
python3-bitstring: upgrade 4.3.1 -> 4.4.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6fb096996f
---------------------------
python3-astroid: upgrade 4.1.1 -> 4.1.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 673ba5164f
---------------------------
python3-apiflask: upgrade 3.0.0 -> 3.1.0
Changelog:
===========
- Support pagination with Pydantic
- Fix @app.output(Schema(many=True)) is not array type in OpenAPI doc
- Support upload file model
- Fix type checking for view function return types
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7d6ed20da3
---------------------------
python3-aenum: upgrade 3.1.16 -> 3.1.17
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b089df410f
---------------------------
openldap: upgrade 2.6.12 -> 2.6.13
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7d24a476de
---------------------------
ndctl: upgrade v83 -> v84
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0fa5048df9
---------------------------
lldpd: upgrade 1.0.20 -> 1.0.21
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ce6e1191f4
---------------------------
libtorrent: upgrade 0.16.7 -> 0.16.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cea5bea96f
---------------------------
libio-compress-perl: upgrade 2.218 -> 2.219
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e4f12e6638
---------------------------
libgsf: upgrade 1.14.55 -> 1.14.56
Changelog:
===========
* Fix problems with ole files using codepage 1200 (unicode).
* Restore check for ole cycles accidentally removed in fixing
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 6bcc44f923
---------------------------
libdaq: upgrade 3.0.25 -> 3.0.27
Changelog:
==========
- libdaq: add a ChangeLog.md file to track changes
- pcap: add basic rewind feature upon reaching EOF (excluding stdin and pcapng)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7c5ec1fa02
---------------------------
iwd: upgrade 3.11 -> 3.12
Changelog:
===========
- Fix issue with handling expiration of PMKSA.
- Fix issue with handling uninitialized buffer and PMKID.
- Fix issue with checking for PKCS#8 key parser in unit tests.
- Fix issue with using -std=c23 compiler setting.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f355b76315
---------------------------
gparted: upgrade 1.8.0 -> 1.8.1
Changelog:
============
* Implement blkid false detection of whole disk ZFS workaround
* Replace use of new[]ed char buffer with vector
* Implement blkid false detection of whole disk ZFS workaround
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bb4da74359
---------------------------
gnome-text-editor: upgrade 49.1 -> 50.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5026df1271
---------------------------
gnome-system-monitor: upgrade 49.1 -> 50.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 015a8115b5
---------------------------
gnome-backgrounds: upgrade 48.0 -> 50.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5fad219b46
---------------------------
glaze: upgrade 7.1.1 -> 7.2.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2a9069fee3
---------------------------
gegl: upgrade 0.4.66 -> 0.4.68
0001-gegl-Add-gegl-arm.def-file.patch
removed since it's included in 0.4.68
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a3537fbd73
---------------------------
gdm: upgrade 49.2 -> 50.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ba77ab0b53
---------------------------
fuse3: upgrade 3.18.1 -> 3.18.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f79f90de06
---------------------------
dash: upgrade 0.5.13.1 -> 0.5.13.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 485d35a7b0
---------------------------
ctags: upgrade 6.2.20260308.0 -> 6.2.20260322.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1fc0a5afd4
---------------------------
bubblewrap: upgrade 0.11.0 -> 0.11.1
Bug fixes:
=========
* Reset disposition of 'SIGCHLD', restoring normal subprocess management
if bwrap was run from a process that was ignoring that signal,
such as Erlang or volumeicon
* Don't ignore '--userns 0', '--userns2 0' or '--pidns 0' if used
Note that using a fd number >= 3 for these purposes is still
preferred, to avoid confusion with the stdin, stdout, stderr
that will be inherited by the command inside the container.
* Fix grammar in an error message
* Fix a broken link in the documentation
Internal changes:
==================
* Enable user namespaces in Github Actions configuration, fixing a CI
regression with newer Ubuntu
* Clarify comments
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a5d660669c
---------------------------
botan: upgrade 3.10.0 -> 3.11.0
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8a3a5d7bf9
---------------------------
bmap-writer: upgrade 1.0.2 -> 1.0.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3d39cb921b
---------------------------
babl: upgrade 0.1.122 -> 0.1.124
Changelog:
- DisplayP3 pre-defined colorspace, build and sanity improvements for CI and
windows.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4060dcda65
---------------------------
b4: upgrade 0.14.3 -> 0.15.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4b837bd3d8
---------------------------
libchamplain: include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 88c2664425
---------------------------
libgedit-gtksourceview: include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bfef8f2ed1
---------------------------
gnome-chess: upgrade 48.0 -> 50.0
Also include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2463c71c9a
---------------------------
libwacom: upgrade 2.8.0 -> 2.18.0
Also include tag in SRC_URI and add libevdev in dependency list.
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3c6900a396
---------------------------
webp-pixbuf-loader: include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 27d837e716
---------------------------
ufs-utils: bump SRCREV and include tag in SRC_URI
Drop patch which is now merged upstream
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4d6e99582d
---------------------------
fatcat: include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4218eaf6f1
---------------------------
f2fs-tools: include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: bff4185f62
---------------------------
e2tools: include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b75ca7c2b0
---------------------------
xdg-desktop-portal-gtk: include tag in SRC_URI
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 69ebcb8fb8
---------------------------
freerdp3: upgrade 3.24.1 -> 3.24.2
https://github.com/FreeRDP/FreeRDP/releases/tag/3.24.2
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3e196afff4
---------------------------
libde265: upgrade 1.0.17 -> 1.0.18
https://github.com/strukturag/libde265/releases/tag/v1.0.18
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ceb2c899fd
---------------------------
mpd: upgrade 0.24.6 -> 0.24.9
https://github.com/MusicPlayerDaemon/MPD/blob/v0.24.9/NEWS
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8028f542e4
---------------------------
openct: Fix openct.service warning
Fix following system unsafe warning
/usr/lib/systemd/system/openct.service:10: Unit uses KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update the service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b5bb24b356
---------------------------
spdm-utils: Upgrade to tip of trunk
Needed to fix build with rust 1.94+
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Alistair Francis <alistair.francis@wdc.com>
---------------------------
Commit: d0f83b6df2
---------------------------
librust-cxx: Fix update_crates command in crates.inc
Update comment to use correct recipe name
(librust-cxx instead of cxx).
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3d731a94dc
---------------------------
sd: Add sd recipe
sd is a fast, intuitive, and user-friendly alternative to sed, written in Rust.
Add recipe for the latest release (1.1.0).
- Uses a simple and readable search-and-replace syntax, reducing the complexity
of sed commands.
- Fully supports regular expressions, Unicode, and preserves line endings.
- Faster, safer, and easier to use than traditional sed for common text
manipulation tasks.
More information: https://github.com/chmln/sd
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7d1d00858a
---------------------------
libwnck3: upgrade 43.2 -> 43.3
Version 43.3
============
* Fix clang warnings. (!66, !68)
* Fix regression with class group and application names. (#166)
Drop ef0e40d59c32d7ebeb94d242436e3144cefc174a.patch,
already included in 43.3.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8bea89d3a9
---------------------------
gvfs: upgrade 1.58.2 -> 1.60.0
Major changes in 1.60.0
=======================
* CVE-2026-28296: ftp: Reject paths with CR/LF in g_vfs_ftp_file_new_from_ftp (Ondrej Holy)
* monitor: Do not load monitors when GIO_USE_VFS=local (Ondrej Holy)
Major changes in 1.59.90
========================
* client: Fix use-after-free when creating async proxy failed (Ondrej Holy)
* udisks2: Emit changed signals from update_all() (Ondrej Holy)
* daemon: Fix race on subscribers list when on thread (Ondrej Holy)
* ftp: Validate fe_size when parsing symlink target (Ondrej Holy)
* ftp: Check localtime() return value before use (Ondrej Holy)
* CVE-2026-28295: ftp: Use control connection address for PASV data (Ondrej Holy)
* CVE-2026-28296: ftp: Reject paths containing CR/LF characters (Ondrej Holy)
* gphoto2: Use g_try_realloc() instead of g_realloc() (Ondrej Holy)
* cdda: Reject path traversal in mount URI host (Ondrej Holy)
* client: Fail when URI has invalid UTF-8 chars (Ondrej Holy)
* udisks2: Fix memory corruption with duplicate mount paths (Alessandro Astone)
* build: Update GOA dependency to > 3.57.0 (Jan-Michael Brummer)
* Some other fixes (correctmost, Ondrej Holy)
Major changes in 1.59.1
=======================
* mtp: replace Android extension checks with capability checks (Raul Tambre)
* cdda: Fix duration of last track for some media (Bastien Nocera)
* dav: Add X-OC-Mtime header on push to preserve last modified time (Lawrence Murray)
* udisks2: Use hash tables in the volume monitor to improve performance (Milan Crha)
* onedrive: Check for identity instead of presentation identity (Jan-Michael Brummer)
* build: Disable google option and mark as deprecated (Jeremy Bícha, Ondrej Holy)
* Fix various memory leaks (Milan Crha)
* Some other fixes (wangrong, Jan-Michael Brummer, Simon Poirier)
* Translation updates (GNOME Translation Project contributors)
Major changes in 1.58.4
=======================
* Re-release of 1.58.3 due to incorrect release tag; no code changes.
Major changes in 1.58.3
=======================
* CVE-2026-28296: ftp: Reject paths with CR/LF in g_vfs_ftp_file_new_from_ftp (Ondrej Holy)
* monitor: Do not load monitors when GIO_USE_VFS=local (Ondrej Holy)
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 80fa33d26d
---------------------------
metacity: upgrade 3.56.0 -> 3.58.1
Version 3.58.1
==============
- Use pkg-config to get systemd user unit dir.
- Updated translations.
Version 3.58.0
==============
- Add keybindings to move window between monitors. (!40)
- Updated translations.
Version 3.57.1
==============
- Drop zentiy dependency.
- Add systemd service.
- Updated translations.
drop 0001-drop-zenity-detection.patch
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 92fa6c0f86
---------------------------
Luajit: Update to latest on v2.1 branch
License-Update: copyright year updated
Apply missing SRCREV update
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d03b346047
---------------------------
openvpn: Upgrade to 2.7.0
Release notes:
https://community.openvpn.net/ReleaseHistory#openvpn-270-released-11-february-2026
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d32cd27eaa
---------------------------
nodejs: upgrade 22.22.1 -> 22.22.2
This is the March 2026 security release.
2 high severity issues.
5 medium severity issues.
2 low severity issues.
High priority fixes:
CVE-2026-21637
CVE-2026-21710
Medium priority fixes:
CVE-2026-21711 (affects only nodejs v25)
CVE-2026-21712 (affects only nodejs v24 & v25)
CVE-2026-21713
CVE-2026-21714
CVE-2026-21717
Low priority fixes:
CVE-2026-21715
CVE-2026-21716
https://nodejs.org/en/blog/vulnerability/march-2026-security-releases
Changelog: https://github.com/nodejs/node/releases/tag/v22.22.2
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9fb95d3d7e
---------------------------
libspdm & spdm-emu: update arch map
It fails to run `bitbake -p` for qemuppc64 with errors:
ERROR: /path_to/meta-oe/recipes-security/spdm-emu/spdm-emu_git.bb:
unsupported architecture 'powerpc64le'
ERROR: /path_to/meta-oe/recipes-support/libspdm/libspdm_3.8.2.bb:
unsupported architecture 'powerpc64le'
Add qemuppc64 default TARGET_ARCH to the arch map.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c1867c52ae
---------------------------
bpftrace: remove ptest subpackage for powerpc64
bpftrace-ptest requires bpftool which is not compatible with powerpc64.
So remove sub-package bpftrace-ptest for powerpc64 & powerpc64le.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 79f39ce6c6
---------------------------
hiawatha: Fix checksum mismatch again
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 078ef7e0c9
---------------------------
python3-pykickstart: upgrade 3.63 -> 3.69
Ptests passed successfully:
Testsuite summary
TOTAL: 506
PASS: 506
SKIP: 0
XFAIL: 0
FAIL: 0
XPASS: 0
ERROR: 0
Changelog:
3.69:
Makefile: Drop coverage-report.log
Add Fedora 45 support
tests: Use pytest-cov to support coverage of parallel tests from pytest-xdist
workflows: Use latest released py3.14 and py3.12
test: Use pytest-xdist to run tests in parallel
tests: Use ThreadingHTTPServer and threads for load and include tests
tests: Mark helper classes as not tests
bootc: Add bootc command to the RHEL10 handler
rdp: Add rdp support to the RHEL10 handler
raid: Update RHEL10 handler to match rhel10-branch
Fix handling filesystem labels with spaces
3.68:
commands: bootc: remove 'experimental' warning
rhsm: Add Flatpak registry option for RHEL10
3.67:
drop python3-build dependency
Add Fedora 44 support
workflows: use py3.14rc1
tests: use pytest module instead of unittest
spec: Add python3-pytest to BuildRequires
3.66:
workflows: Use py3.14 beta.4
pylint: Ignore files in .git
pyproject: Bump setuptools to 77 or later
Makefile: Stop running setup.py directly
3.65:
workflows: Add python 3.14 to the test matrix
Add support for RDP
Deprecate VNC
docs: Fix chapter numbering after adding certificate
3.64:
workflow: Add python 3.13 testing
tests: Remove unused import of constants
realm: Clean up documentation
Add support for new bootc kickstart command
Update documentation for clearpart --initlabel option.
Update the %certificate section documentation
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f2d565781e
---------------------------
python3-scrypt: upgrade 0.8.27 -> 0.9.4
License-Update: Copyright year bump
Shortlog:
https://github.com/holgern/py-scrypt/compare/v0.8.27...v0.9.4
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 8694997b2c
---------------------------
python3-txdbus: add missing RDEPENDS
This module depends on python3-six, otherwise it errors out:
>>> from txdbus.interface import DBusInterface, Method, Signal
Traceback (most recent call last):
File "<python-input-1>", line 1, in <module>
from txdbus.interface import DBusInterface, Method, Signal
File "/usr/lib/python3.14/site-packages/txdbus/interface.py", line 8, in <module>
import six
ModuleNotFoundError: No module named 'six'
Add the missing dependency.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a2daf1bf09
---------------------------
python3-zopeinterface: upgrade 7.1.1 -> 8.2
Drop obsolete patch.
An important change is that this version supports Python 3.14.
License-Update: switch to license file instead of PKG-INFO file. The license
itself hasn't changed.
Changelog:
https://github.com/zopefoundation/zope.interface/blob/master/CHANGES.rst
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 5cfa1275ec
---------------------------
imagemagick: upgrade 7.1.2-17 -> 7.1.2-18
Bug- and security-fix release. Shortlog:
https://github.com/ImageMagick/ImageMagick/compare/7.1.2-17...7.1.2-18
Also remove the obsolete CVE_STATUS assignments - all of these have been corrected
at NVD, and they are tracked with a version/CPE that mirror the real vulnerability
state of the recipe.
While at it, also corrected the reason for the remaining CVE_STATUS assignments.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ea89aba402
---------------------------
freerdp: upgrade 2.11.7 -> 2.11.8
Dropped 0001-Fix-const-qualifier-error.patch
* error no longer reproducible with clang
Dropped 0001-Fixed-compilation-warnings-in-ainput-channel.patch
* changes merged upstream[1]
Dropped 0001-Fixed-compilation-warnings.patch
* changes merged upstream[2]
Added 0001-Fix-compilation-error.patch to fix error:
| /yocto/bitbake-builds/poky-master/build/tmp/work/x86-64-v3-poky-linux/freerdp/2.11.8/sources/freerdp-2.11.8/winpr/libwinpr/utils/collections/Queue.c: In function 'Queue_EnsureCapacity':
| /yocto/bitbake-builds/poky-master/build/tmp/work/x86-64-v3-poky-linux/freerdp/2.11.8/sources/freerdp-2.11.8/winpr/libwinpr/utils/collections/Queue.c:169:30: error: assignment to 'void **' from incompatible pointer type 'uintptr_t *' {aka 'long unsigned int *'} [-Wincompatible-pointer-types]
| 169 | queue->array = newArray;
| |
Release Notes:
https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.8
Ptests passed:
START: ptest-runner
2026-03-24T19:06
BEGIN: /usr/lib/freerdp/ptest
PASS: TestClient TestClientRdpFile
...
PASS: TestWtsApi TestWtsApiWaitSystemEvent
DURATION: 180
END: /usr/lib/freerdp/ptest
2026-03-24T19:09
STOP: ptest-runner
TOTAL: 1 FAIL: 0
[1] https://github.com/FreeRDP/FreeRDP/commit/5b2b53b15c9af46b85c4ef0007e7fb59d7608289
[2] https://github.com/FreeRDP/FreeRDP/commit/d2b6771c748e54e659d5f1243a92e499c3beaa36
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4840ec3594
---------------------------
freerdp3: upgrade 3.24.0 -> 3.24.1
https://github.com/FreeRDP/FreeRDP/releases/tag/3.24.1
Ptests passed:
START: ptest-runner
2026-03-24T19:10
BEGIN: /usr/lib/freerdp3/ptest
PASS: TestSynchInit
...
PASS: TestClientCmdLine
DURATION: 114
END: /usr/lib/freerdp3/ptest
2026-03-24T19:11
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 29f5413561
---------------------------
poco: upgrade 1.5.0 -> 1.5.1
* refresh patches
* remove workaround for cppunit-dev needed only in 1.15.0
Release Notes [1]:
This is a bugfix and maintenance release that also introduces a few new
features.
Security Fixes:
* CVE-2026-32776 (NULL function pointer dereference)
* CVE-2026-32777 (infinite loop)
* CVE-2026-32778 (NULL dereference on OOM retry)
[1] https://github.com/pocoproject/poco/releases/tag/poco-1.15.1-release
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ff7df48cac
---------------------------
canopenterm: Disable pinning lua to expect c89
Fixes build with latest lua
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 1af5024f28
---------------------------
libgpiod-1: Inherit python3targetconfig
Inherit python3targetconfig so that cross python3-config is used instead
of native.
This fixes the below error when building on a 64 bit host for a 32 bit
target:
| In file included from /workspaces/yocto/build/tmp/work/core2-32-poky-linux/libgpiod/1.6.5/recipe-sysroot-native/usr/include/python3.14/Python.h:72,
| from ../../../sources/libgpiod-1.6.5/bindings/python/gpiodmodule.c:8:
| /workspaces/yocto/build/tmp/work/core2-32-poky-linux/libgpiod/1.6.5/recipe-sysroot-native/usr/include/python3.14/pyport.h:429:2: error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| 429 | #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| | ^~~~~
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f3a7f4cee0
---------------------------
xfce-polkit: fix link failure by adding missing gtk+-3.0 dependency
After libxfce4ui upgrade to 4.21.x, its pkgconfig moves gtk+-3.0
to Requires.private, so the linker no longer automatically pulls in
libgtk-3. This causes an undefined reference to 'gtk_combo_box_set_model'
when linking xfce-polkit.
Add patch for explicit PKG_CHECK_MODULES for gtk+-3.0 in configure.ac and wire
GTK3_CFLAGS/GTK3_LIBS into src/Makefile.am.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b94c5bcfaa
---------------------------
xfce4-datetime-setter: fix link failure due to missing libxfce4util dependency
After libxfce4ui upgrade to 4.21.x, its pkgconfig sets
libxfce4util as Requires.private, so the linker no longer
automatically pulls in libxfce4util. This causes an undefined
reference to 'xfce_textdomain' when linking xfce4-datetime-settings.
Add patch for libxfce4util-1.0 and common_deps (gtk+-3.0 etc.) as explicit
dependencies in xfce/meson.build.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 37a9b4baf8
---------------------------
xfwm4: backport patch to add missing libxfce4util build flags
When libxfce4ui is upgrade to 4.21.x, pkgconfig sets private flags by
default and no longer exposes libxfce4util flags. This causes build
failures in xfwm4 settings-dialogs due to missing CFLAGS and LIBS.
Backport upstream fix to add LIBXFCE4UTIL_CFLAGS and
LIBXFCE4UTIL_LIBS to settings-dialogs/Makefile.am.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: f53ab756f2
---------------------------
xfce4-datetime-plugin: fix build with xfce4-panel 4.21.x
xfce4-panel 4.21.x added include guards to libxfce4panel sub-headers,
requiring consumers to include <libxfce4panel/libxfce4panel.h> instead
of individual headers like <libxfce4panel/xfce-panel-plugin.h>.
Since there is no new upstream release with this fix, add
-DLIBXFCE4PANEL_COMPILATION to CFLAGS as a workaround to bypass the
include guard check.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 387e7256bc
---------------------------
xfdesktop: switch to meson build system
Switch from autotools to meson build system. The upstream 4.20.1 source
already ships a meson.build.
libxfce4ui 4.21.7 moved libxfce4util-1.0 from Requires to
Requires.private in its pkg-config file, so pkg-config --libs
libxfce4ui-2 no longer emits -lxfce4util. This causes DSO missing
link errors for autotools consumers that use libxfce4util symbols
but rely on libxfce4ui to pull in the link dependency. The meson
build correctly declares libxfce4util in its own dependencies,
avoiding this issue.
Add PACKAGECONFIG[tests] (disabled by default)
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 124ba3a3c0
---------------------------
xfconf: upgrade 4.20.0 -> 4.21.2
4.21.2 (2026-03-16)
======
- Destroy GDBusProxy and GDBusConnection on library shutdown
- Make xfconf_init()/xfconf_shutdown() multithread-safe
- Emit signals on the thread that "owns" the channel or binding
- Revert "Make libxfconf multithread-safe"
4.21.1 (2026-03-13)
======
- Make libxfconf multithread-safe
- I18n: Update po/LINGUAS list
- build: Fix typo in optimization level
- README.md: Add uninstall info
- Update README after switchover to meson
- Update also .gitlab-ci.yml
- Remove autotools build
- common: Fix -Wlogical-op warning
- meson-build: Use configure_file() to generate GNU visibility files
- I18n: Update po/LINGUAS list
- Translation Updates:
Arabic, Estonian, Georgian, Occitan (post 1500), Polish, Slovenian,
Thai, Uyghur, Vietnamese
4.21.0 (2025-03-23)
======
- build: Automate copyright year management
- meson-build: Add missing function checks
- meson-build: Use SPDX license expression
- meson-build: Add tests option
- meson-build: Use 'pkgconfig_define' in dep.get_variable()
- meson-build: Use 'dependencies' in cc.alignment()
- meson-build: Update debug/optimization flag management
- meson-build: Add missing gir prefixes
- meson-build: Use path builder and fs instead of literal '/'
- Add meson build
- tests: Always cleanup xfconfd process
- tests: Enable t-list-channels test
- tests: Fix test failure because of xfconfd not running
- Migrate to xdt-gen-visibility and xdt-check-abi
- channel: Complete and harmonize docs of get_string_list()/get_arrayv()
- channel: Warn in case of failure in get_string_list()
- channel: Fix get_arrayv() return value
- Translation Updates:
Albanian, Slovak
https://gitlab.xfce.org/xfce/xfconf/-/blob/xfconf-4.21.2/NEWS?ref_type=tags
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 847e7186f2
---------------------------
thunar: upgrade 4.20.7 -> 4.21.4
Changelog:
https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.21.4
https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.21.3
https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.21.2
https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.21.1
https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.21.0
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 33b4fd62d7
---------------------------
tumbler: upgrade 4.20.1 -> 4.21.1
Changelog:
https://gitlab.xfce.org/xfce/tumbler/-/tags/tumbler-4.21.1
https://gitlab.xfce.org/xfce/tumbler/-/tags/tumbler-4.21.0
Backport patch for handle case where no plugins gracefully.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d32bc22f9d
---------------------------
xfce4-settings: upgrade 4.20.1 -> 4.21.1
Changelog:
https://gitlab.xfce.org/xfce/xfce4-settings/-/blob/master/NEWS
Backport patch to avoid add full path in generated headers.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9608cd4ca4
---------------------------
xfce4-panel: upgrade 4.20.1 -> 4.21.1
Changelog:
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.21.1
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.21.0
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.20.7
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.20.6
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.20.5
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.20.4
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.20.3
https://gitlab.xfce.org/xfce/xfce4-panel/-/tags/xfce4-panel-4.20.2
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 73dc5bc22d
---------------------------
xfce4-session: upgrade 4.20.3 -> 4.21.1
Changelog:
https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.21.1
https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.21.0
https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.20.4
Refresh patch to algined with meson build.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e6f07da735
---------------------------
xfce4-power-manager: upgrade 4.20.0 -> 4.21.1
ChangeLog:
https://gitlab.xfce.org/xfce/xfce4-power-manager/-/blob/xfce4-power-manager-4.21.1/NEWS?ref_type=tags
Add patch to fix absolute buildpath in generated enum files.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: ce095be128
---------------------------
xfce4-appfinder: upgrade 4.20.0 -> 4.21.0
4.21.0 (2025-03-23)
======
- Replace deprecated exo with libxfce4ui 4.21.0
- Remove manual registration of resources
- meson: Add missing file to EXTRA_DIST
- Hide dash from list view when comment is empty
- build: Automate copyright year management
- meson: Check for headers
- Fix potential dereference of NULL
- Add support to Meson
- Translation Updates:
Albanian, Basque, Catalan, Danish, Greek, Hungarian, Romanian, Slovak
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: da508968af
---------------------------
garcon: upgrade 4.20.0 -> 4.21.0
4.21.0 (2025-03-23)
======
- build: Automate copyright year management
- build: Define xfce4 min version >= 4.18
- Replace deprecated exo with libxfce4ui 4.21.0
- meson-build: Add tests option
- meson-build: Use SPDX license expression
- meson-build: Update debug/optimization flag management
- autotools-build: Fix EXTRA_DIST redefinition
- Add meson build
- Set up GNU symbol visibility
- garcon: Remove include guard from private header
- garcon: Don't install garcon-marshal.h
- Translation Updates:
Albanian, Amharic, Arabic, Armenian, Armenian (Armenia), Asturian,
Basque, Belarusian, Bengali, Bulgarian, Catalan, Chinese (China),
Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish,
Dutch, Eastern Armenian, English (Australia), English (United
Kingdom), Esperanto, Estonian, Finnish, French, Galician, Georgian,
German, Greek, Hebrew, Hindi, Hungarian, Icelandic, Indonesian,
Interlingue, Italian, Japanese, Kabyle, Kazakh, Korean, Lithuanian,
Malay, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500),
Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian,
Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian,
Uyghur, Welsh
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d53cf72483
---------------------------
libxfce4ui: upgrade 4.20.2 -> 4.21.7
ChangeLog:
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.7
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.6
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.5
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.4
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.3
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.2
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.1
https://gitlab.xfce.org/xfce/libxfce4ui/-/tags/libxfce4ui-4.21.0
Backport upstream patch to fix full buildpath in headers issues.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7880b21891
---------------------------
pcp: use HOSTTOOLS_DIR variable instead of TMPDIR/hosttools
This is a bit cleaner, and means a few less places that would need
updating in case the TMPDIR bitbake variable gets renamed at some
point in the future:
https://lore.kernel.org/openembedded-core/6aba349f497903351a0cd8d06708e94119bd5d05.camel@pbarker.dev/
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a835cf9a2a
---------------------------
fluentbit: improve path munging in debug source files
Just remapping TMPDIR to TARGET_DBGSRC_DIR results in the files that
end up in the -src package containing lines such as
#line 196 "/usr/src/debug/fluentbit/4.0.1//work/cortexa76-oe-linux/fluentbit/4.0.1/sources/fluentbit-4.0.1/lib/cmetrics/src/cmt_decode_prometheus.l"
#line 1561 "/usr/src/debug/fluentbit/4.0.1//work/cortexa76-oe-linux/fluentbit/4.0.1/build/lib/cmetrics/cmt_decode_prometheus_parser.c"
By instead remapping both B and S, we strip more of the irrelevant
part of WORKDIR, and one ends up with line directives in the -src
package that actually match the source files' location in that
package:
#line 196 "/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus.l"
#line 1561 "/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/cmt_decode_prometheus_parser.c"
$ find packages-split/fluentbit-src/ -name cmt_decode_prometheus*.[cl] | sort
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/cmt_decode_prometheus_lexer.c
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/cmt_decode_prometheus_parser.c
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus.c
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus.l
packages-split/fluentbit-src/usr/src/debug/fluentbit/4.0.1/lib/cmetrics/src/cmt_decode_prometheus_remote_write.c
and that also matches the remapping that the compiler is instructed to
do via the -ffile-prefix-map mechanism.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0ad13811e5
---------------------------
mbedtls: Update HOMEPAGE
Mbed OS has reached its ends of life in 2024 [1], the annoucement also
includes the change of the Mbed TLS homepage. This commit updates the
HOMEPAGE variable in the mbedtls recipe to reflect the new URL.
Additionally, the BUGTRACKER variable is added, as it is a required
field [2].
[1] https://os.mbed.com/blog/entry/Important-Update-on-Mbed/
[2] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#required-variables
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 23debff58a
---------------------------
xmlsec1: disable ptests for now
oe-core just moved from pkgconfig to pkgconf, which has broken the
ptest buikd due to how fragile the compilation was.
This will be revisited to build the tests properly, but for now simply
disable the ptests.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 77ea4610d8
---------------------------
protobuf: disable ptests for now
oe-core just moved from pkgconfig to pkgconf, which has broken the
ptest buikd due to how fragile the compilation was.
This will be revisited to build the tests properly, but for now simply
disable the ptests.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 4fe575d155
---------------------------
postgresql: add ptest support
Add ptest infrastructure to run the PostgreSQL standard regression test
suite (pg_regress) on the target system.
Test logs:
root@qemux86-64:~# ptest-runner postgresql
START: ptest-runner
2026-03-24T02:42
BEGIN: /usr/lib64/postgresql/ptest
.....
**if all pass **
PASS: - event_trigger_login 1901 ms
PASS: - fast_default 9459 ms
PASS: - tablespace 16542 ms
PASS: all tests passed
**if have fail**
FAIL: create_type 1763 ms
PASS: create_schema 2123 ms
PASS: - tablespace 23226 ms
FAIL: some tests failed
waiting for server to shut down.... done
server stopped
DURATION: 853
END: /usr/lib64/postgresql/ptest
2026-03-24T02:56
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c4c6915cba
---------------------------
libsdl3-mixer: add tag=release-${PV}
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a36cf132dd
---------------------------
leancrypto: Upgrade to 1.7.0
- Fix absolute paths in debug info for reproducible builds ( Thanks Gyorgy for suggestion)
- Drop upstreamed patch
- Changelog - https://github.com/smuellerDD/leancrypto/releases/tag/v1.7.0
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: d0632021f7
---------------------------
libsdl3-mixer: Keep opus support off by default
opusfile comes from meta-multimedia and meta-oe does
not depend on it, for keeping layer compatible, it
must be kept disabled
Fixes YP Compatible checks
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Markus Volk <f_l_k@t-online.de>
---------------------------
Commit: 84b2e83ab0
---------------------------
wolfssl: upgrade 5.8.4 -> 5.9.0
Conatins many CVE fixes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.9.0-stable
Dropped CVE_STATUS for version 5.8.4 specific CVE conflicts.
Ptests:
START: ptest-runner
2026-03-23T10:28
BEGIN: /usr/lib/wolfssl/ptest
Wolfssl ptest logs are stored in /tmp/wolfss_temp.Y7VEJ2/ptest.log
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl
DURATION: 130
END: /usr/lib/wolfssl/ptest
2026-03-23T10:30
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 969b6221bd
---------------------------
python3-black: upgrade 26.3.0 -> 26.3.1
Includes fix for CVE-2026-32274.
Changelog:
https://github.com/psf/black/releases/tag/26.3.1
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: cec3e0fd96
---------------------------
lldpd: fix xml PACKAGECONFIG dependency
The xml PACKAGECONFIG entry uses libxm2, which is a typo and not a
valid dependency in OE.
Replace it with libxml2 so enabling PACKAGECONFIG:xml pulls in the
correct provider.
Signed-off-by: Aviv Daum <aviv.daum@gmail.com>
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e71ef5a4a1
---------------------------
jsoncpp: upgrade 1.9.6 -> 1.9.7
Added tag to SRC_URI.
Release information [1]:
1.9.7: Bugfixes, build system cleanups
What's Changed
* Fixes PreventInSourceBuilds.cmake to work with add_subdirectory by @morbo84 in #1383
* json_value.cpp bug in the edges of uint/int by @YaalLek in #1519
* Release 1.9.6 and move versions to 1.9.7 by @baylesj in #1566
* Fixed work secure_allocator on old compiers by @TsynkPavel in #1478
* Fix flag -DJSONCPP_USE_SECURE_MEMORY:BOOL=TRUE by @tfc in #1567
* fix(build): remove check_required_components for meson build by @chenrui333 in #1570
* the cgi module was removed from Python3.13 by @a-detiste in #1578
* Fix name of static library when targeting MinGW. by @mmuetzel in #1579
* Fix comparison warnings caused by 54fc4e2 by @JensMertelmeyer in #1575
* Drop pre-C++11 alternatives by @BillyDonahue in #1593
* feat: support std::string_view in Value API by @evalon32 in #1584
* Added Value::findType with String key by @SwintonStreet in #1574
* Set up for Bazel module builds. by @bcsgh in #1597
* Add a BUILD.bazel file for //example. by @bcsgh in #1602
* Fix "include what you use" issue by @victorvianna in #1625
* Make the build configuration under Bazel more correct. by @bcsgh in #1600
* Add Bazel tests by @bcsgh in #1601
* Return false in Reader::readValue when stack limit is exceeded by @xuhdev in #1619
* Remove deprecated/removed clang-tidy key AnalyzeTemporaryDtors (#1614) by @bmagistro in #1615
* [docs] Consuming JSONCpp via Conan package manager by @uilianries in #1622
* Cleanup README.md, fix broken link. by @baylesj in #1633
* Add gcovr.cfg to fix CI coverage merge errors by @baylesj in #1635
* Remove build directory exclusion from gcovr config by @baylesj in #1640
* Add test for allowDroppedNullPlaceholders by @baylesj in #1648
* Prevent test colision when running in parallel via RESOURCE_LOCK by @marty1885 in #1637
* fixup project version updater by @baylesj in #1649
* Update README with project status and focus by @baylesj in #1639
* Adding a cmake option to exclude the jsoncpp files from install. by @nv-jdeligiannis in #1596
* Change stack depth limit to 256 by @baylesj in #1657
* Fix uninitialized CMake variable in version.in by @baylesj in #1658
* Fix CMake deprecation warning for compatibility with CMake < 3.10 by @baylesj in #1659
* Scope JSON_DLL_BUILD to shared lib target only by @baylesj in #1660
* Fix number parsing failing under non-C locales by @baylesj in #1662
* Reject unescaped control characters in JSON strings by @baylesj in #1663
* Fix MSAN issue in #1626 by @baylesj in #1654
* Fix string_view ABI mismatch between library and consumers by @baylesj in #1661
* Revert "Fix number parsing failing under non-C locales" by @baylesj in #1664
* Fix use-after-free in Reader::parse(std::istream&) by @baylesj in #1665
* Update bazel config for 9.x by @keith in #1655
[1] https://github.com/open-source-parsers/jsoncpp/releases/tag/1.9.7
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7dd437eb03
---------------------------
python3-protobuf: upgrade 6.33.5 -> 6.33.6
Release information [1] does not list python changes, but we should
match protobuf (C++) recipe version.
[1] https://github.com/protocolbuffers/protobuf/releases/tag/v33.6
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 7d22831770
---------------------------
lvm2: upgrade 2.03.38 -> 2.03.39
Added tag to SRC_URI.
Release notes [1]:
Add lvmlockd compare and write, index man pages, and a lot of fixes.
* Add atomic leases using Compare and Write (CAW) to lvmlockd.
* Add lvm-index(7), lvm-categories(7) and lvm-args(7) man pages.
* Use temporary activations for integrity, writecache, thin and VDO pool conv
preventing interference.
* Fix `vgreduce --removemissing --force` infinite loop for raid/mirror snapshot.
* Improve RAID LV health report to distinguish 'refresh needed' from 'repair needed'.
* Support `--interval +N` to delay first poll in pvmove and lvpoll.
* Show active cache mode in kernel table line with `lvs -o kernel_cache_mode`.
* Reject lvreduce of CoW snapshot COW store when it would truncate exception data.
* Skip filesystem resize handling for CoW snapshot COW store LVs in lvresize.
* Fix vgsplit to not fail on no active LV on a PV being split to an existing VG.
* Preserve file desciptors with CLOEXEC opened in library constructors.
* Add lvmpolld 'cmd' log keyword to enable verbose lvpoll output.
* Add `activate_lv_temporary()` to consolidate `LV_TEMPORARY` and sync handling.
* Add missing sync in `add_mirror_log()` and `activate_and_wipe_lv_list()`.
* Fix cachevol cmeta/cdata device offsets.
* Fix pofile generation to include SOURCES2 binaries and update xgettext options.
[1] https://github.com/lvmteam/lvm2/releases/tag/v2_03_39
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a5cf65f55f
---------------------------
frr: upgrade 10.5.2 -> 10.5.3
ChangeLog:
https://github.com/FRRouting/frr/releases/tag/frr-10.5.3
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 752aad0e32
---------------------------
netcf: Fix build with newer autotools and gnulib
Newer gnulib use python implementation by default if it
finds py3 on the system. However, netcf is old package
and its not expecting python implementation, therefore
make the shell implementation be used.
REALLOC_N is gone in latest gnulib so house a local
macro
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a47c3a26f3
---------------------------
gnulib: Copy hidden files to staging area as well
newer gnulib-tool wrappers try to run a sibling Python
launcher file, .gnulib-tool.py, when Python 3 is available.
In current gnulib, that file is a real part of the tree,
and gnulib-tool will exec "$prog.py" in that mode
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 01134021ff
---------------------------
ntopng: Upgrade to 6.6
Fix build with Lua 5.5
Add fixes to build with ndpi 5.0
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 27282053cd
---------------------------
xfsprogs: upgrade 6.6.0 -> 6.18.0
ChangeLog:
https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/tree/doc/CHANGES?h=v6.18.0
* Drop PACKAGECONFIG[blkid] as libblkid is now a hard requirement.
* Refresh local patches.
* Remove usrmerge workaround.
* Remove the following patches as the issues have been fixed upstream:
0001-support-usrmerge.patch
0005-Replace-off64_t-stat64-with-off_t-stat.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a9821a1a42
---------------------------
cmocka: upgrade 1.1.8 -> 2.0.2
License-Update: Rename COPYING to LICENSE, no text content changed.
ChangeLog:
https://gitlab.com/cmocka/cmocka/-/blob/cmocka-2.0.2/CHANGELOG.md
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: fdc07c4469
---------------------------
mdns: Upgrade 2881.0.25 -> 2881.80.4.0.1
Add new patch to fix breakage from Apple Wireless Direct Link support on
macOS.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b6777aa320
---------------------------
thin-provisioning-tools: SRC_URI update + Update 1.1.0 -> 1.3.1
* https://github.com/jthornber/thin-provisioning-tools#project-hosting says:
The upstream repository has been moved to device-mapper-utils[1], an
organization established to collect utilities for various device mapper
targets. While the original repository remains mirrored, we recommend
cloning from the new location[2] for better long-term maintenance.
[1]: https://github.com/device-mapper-utils/
[2]: https://github.com/device-mapper-utils/thin-provisioning-tools
* 0001-Define-more-ioctl-codes-on-riscv32gc-unknown-linux-g.patch got merged
upstream in rust-lang/libc.
* dependency rio got dropped in 1.3.0
* The new patch disable-cargo-metadata enables the feature of devicemapper,
because the build fails otherwise.
* On 32 bit architectures, the new patch dms-no-layout-check disables checks
from bindgen they always fail.
From thin-provisioning-tools-1.3.1/CHANGES:
v1.3.1
======
- Improve thin_ls performance using the optimized approach from thin_check
v1.3.0
======
- Improve thin_check performance with an optimized I/O strategy and more
memory-efficient data structures.
- Rewrite AsyncIoEngine using tokio IoUring, removing the rio dependency
- Enhance thin_check with edge-case fixes, including space map boundary checks
- Update thin_explore to use ratatui, replacing the archived tui crate
v1.2.2
=======
- Fix command line parsing for era_invalidate --metadata-snapshot
v1.2.1
=======
- Fix incorrect number of data blocks in thin_shrink's output superblock
v1.2.0
=======
- Remove atty and safemem dependencies due to security concerns
- Remove unused threaded btree walk code
- Change BTreeWalker constructor to take IoEngine by reference for simplicity
(breaking change)
- Update fixedbitset and few other dependencies with required code changes
Cc: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b1ea104d04
---------------------------
libsdl3-mixer: add recipe
libsdl3-mixer has initially released
- binaries in wavpack-bin are only needed at runtime but cmake checks
for them during compilation and fails because they are (presumably
intentionally) not present in the target sysroot. Workround this issue
by touching the necessary files to please cmake.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: a874710f1a
---------------------------
fluidsynth: update 2.4.8 -> 2.5.3
- update dependency: libsdl2 -> libsdl3
- fetch code for gcem and signalsmith-audio-basics at do_fetch
- update license file checksum [https://github.com/FluidSynth/fluidsynth/commit/db42fa333baf1cb7c60556ab75ad1e592c850f68]
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 79ef81c1b5
---------------------------
hiawatha: Fix checksum mismatch
Update the sha256sum to match the current upstream archive.
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9dad25fbca
---------------------------
leancrypto: add initial recipe
Cryptographic library that exclusively contains
Quantum resistant cryptographic algorithms. It is lean has minimal dependencies,
supports stack-only operation and provides optimized implementations for
ML-KEM (Kyber), ML-DSA (Dilithium), SLH-DSA (Sphincs+) and many more
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 89d12606c6
---------------------------
tepl: Add tag parameter to SRC_URI
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: e75f2943a7
---------------------------
libgedit-gfls: Add tag parameter to SRC_URI
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: aee9d873f7
---------------------------
protobuf: Upgrade to 6.33.6
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: c40024aa11
---------------------------
xdg-dbus-proxy: add ptests
Adds ptest support for xdg-dbus-proxy.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 69e42c4fbd
---------------------------
python3-charset-normalizer: Upgrade to 3.4.6
Fix build with setuptools > 82.0.0 as well
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: b883bd25cd
---------------------------
wtmpdb: add DEBUG_PREFIX_MAP to LDFLAGS to fix qa error
Fixes qa error:
ERROR: wtmpdb-0.11.0-r0 do_package_qa: QA Issue: File /usr/bin/.debug/wtmpdb in package wtmpdb-dbg contains reference to TMPDIR [buildpaths]
ERROR: wtmpdb-0.11.0-r0 do_package_qa: QA Issue: File /usr/lib/.debug/libwtmpdb.so.0.11.0 in package wtmpdb-dbg contains reference to TMPDIR [buildpaths]
ERROR: wtmpdb-0.11.0-r0 do_package_qa: QA Issue: File /usr/lib/security/.debug/pam_wtmpdb.so in package wtmpdb-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bc155291f1
---------------------------
mosquitto: upgrade 2.0.22 -> 2.1.2
License-Update: Change license to EPL-2.0 OR BSD-3-Clause
Clarify license in LICENSE.txt: https://github.com/eclipse-mosquitto/mosquitto/commit/f466e454e016825220e8494bd6264a5736ed1112
Updated NOTICE.md: https://github.com/eclipse-mosquitto/mosquitto/commit/827c803cb8d6376891548b856a1faa3f0ab5
Removed patch included in this release
Update PACKAGECONFIG/cmake options:
- manpages: -DDOCUMENTATION → -DWITH_DOCS (the CMake option was renamed in 2.1.x)
- ssl: removed -DWITH_EC=ON/-DWITH_EC=OFF; the WITH_EC option was dropped in 2.1.x
since Elliptic Curve support is now always included with TLS
- websockets — adapt websockets to properly use with picohttpparser
- persist-sqlite - for persistence support in the broker, have sqlite3 dependency
- ctrl-shell: mosquitto_ctrl interactive shell, have libedit dependency
Disable `DWITH_ADNS` option because it required Argon2, which is not part of
meta-oe layer
Disable `DWITH_TESTS` option because mosquitto start using GoogleTest
and we hit a common Yocto + CMake + GoogleTest problem
Improve shipped package to modern version
Changelog:
v2.1.2:
https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.2/ChangeLog.txtgT
Broker:
- Forbid running with `persistence true` and with a persistence plugin at the
same time.
Build:
- Build fixes for OpenBSD. Closes #3474.
- Add missing libedit to docker builds. Closes #3476.
- Fix static/shared linking of libwebsockets under cmake.
v2.1.1:
https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.1/ChangeLog.txt
v2.1.0:
https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.0/ChangeLog.txt
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9857c47f2a
---------------------------
sthttpd: remove obsolete CVE_STATUS
The CVE is now tracked with the correct version info by NVD.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6ec8ca6773
---------------------------
python3-lief: drop obsolete CVE_STATUS
The CVE is now tracked with correct version info by NVD.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 03fbb8fd04
---------------------------
python3-pyjwt: drop obsolete CVE_STATUS
This CVE is now tracked with the correct version info by NVD.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c88ce655c0
---------------------------
libssh: drop obsolete CVE_STATUS variables
Since adding these statuses NVD corrected their DB, and now both CVEs are
tracked with the correct version.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ba323d198f
---------------------------
bpftool: add missing build dependency
Add openssl as a dependency. Fixes compilation error:
| sign.c:16:10: fatal error: openssl/opensslv.h: No such file or directory
| 16 | #include <openssl/opensslv.h>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 53d24f293f
---------------------------
gnome-system-monitor: add DEBUG_PREFIX_MAP to LDFLAGS to fix qa error
Fixes:
ERROR: gnome-system-monitor-49.1-r0 do_package_qa: QA Issue: File /usr/bin/.debug/gnome-system-monitor in package gnome-system-monitor-dbg contains reference to TMPDIR [buildpaths]
ERROR: gnome-system-monitor-49.1-r0 do_package_qa: QA Issue: File /usr/libexec/gnome-system-monitor/.debug/gsm-taskset in package gnome-system-monitor-dbg contains reference to TMPDIR [buildpaths]
ERROR: gnome-system-monitor-49.1-r0 do_package_qa: QA Issue: File /usr/libexec/gnome-system-monitor/.debug/gsm-renice in package gnome-system-monitor-dbg contains reference to TMPDIR [buildpaths]
ERROR: gnome-system-monitor-49.1-r0 do_package_qa: QA Issue: File /usr/libexec/gnome-system-monitor/.debug/gsm-kill in package gnome-system-monitor-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1b8080375d
---------------------------
transmission: upgrade 4.1.0 -> 4.1.1
Also disable running clang-tidy on the code. On one hand the cmake script is trying to run
the target version of it, and on the other hand it is not needed for compiling it,
it is intended for upstream developers.
Changelog: https://github.com/transmission/transmission/releases/tag/4.1.1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f362808d35
---------------------------
imsettings: upgrade 1.8.10 -> 1.8.11
Fixes building with glibc 2.43
Shortlog:
Reset gtk-im-module in gsettings to use the wayland module instead gtk4
Ensure collecting proper information on even Wayland session
Fix unexpected D-Bus session lifetime
Fix "assignment discards 'const' qualifier from pointer target type"
Show few more information in log
Drop cinnamon backend
Disable imsettings for Cinnamon
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8b55b6620b
---------------------------
xfce4-screensaver: upgrade 4.18.4 -> 4.20.2
Changelog:
https://gitlab.xfce.org/apps/xfce4-screensaver/-/tags/xfce4-screensaver-4.20.2
https://gitlab.xfce.org/apps/xfce4-screensaver/-/tags/xfce4-screensaver-4.20.1
https://gitlab.xfce.org/apps/xfce4-screensaver/-/tags/xfce4-screensaver-4.20.0
Removed the patch which is no need, when changed to meson.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c068e3ac7f
---------------------------
xfce4-whiskermenu-plugin: upgrade 2.10.0 -> 2.10.1
2.10.1
======
- Fix meson to make minsize an optimized build
- Bring settings dialog to front if already shown
- Translation Updates:
Asturian, Esperanto, Georgian, Kazakh, Korean, Occitan (post 1500),
Slovenian, Spanish, Thai
https://gitlab.xfce.org/panel-plugins/xfce4-whiskermenu-plugin/-/tags/xfce4-whiskermenu-plugin-2.10.1
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f2b39ccb23
---------------------------
xfce4-sensors-plugin: upgrade 1.4.5 -> 1.5.0
1.5.0
======
Meson has been added as a build system in this release, and the
associated archive has been generated by 'meson dist'. Although
autotools has been retained for the time being and can still be used
via 'autogen.sh', meson is now the preferred build system, and
autotools will be removed in a future release.
- Update README after switchover to meson
- build: Automate copyright year management
- Add meson build
- autotools-build: xfce4-sensors.1.in -> xfce4-sensors.1
- autotools-build: Remove spec files
- autotools-build: Make libxfce4sensors internal
- autotools-build: Don't build libxfce4_pp
- Fix libxfce4panel include
- Translation Updates:
Albanian, Greek, Portuguese (Brazil)
https://gitlab.xfce.org/panel-plugins/xfce4-sensors-plugin/-/tags/xfce4-sensors-plugin-1.5.0
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 44b91f69d3
---------------------------
ristretto: upgrade 0.13.3 -> 0.14.0
Changelog:
https://gitlab.xfce.org/apps/ristretto/-/tags/ristretto-0.14.0
https://gitlab.xfce.org/apps/ristretto/-/tags/ristretto-0.13.4
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 35cdeea49e
---------------------------
mousepad: upgrade 0.6.1 -> 0.7.0
ChangeLog:
https://gitlab.xfce.org/apps/mousepad/-/tags/mousepad-0.7.0
https://gitlab.xfce.org/apps/mousepad/-/tags/mousepad-0.6.5
https://gitlab.xfce.org/apps/mousepad/-/tags/mousepad-0.6.4
https://gitlab.xfce.org/apps/mousepad/-/tags/mousepad-0.6.3
https://gitlab.xfce.org/apps/mousepad/-/tags/mousepad-0.6.2
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cae2de026f
---------------------------
xfce4-panel-profiles: upgrade 1.0.15 -> 1.1.1
1.1.1
======
- build: Allow skip checking runtime dependencies
- Parameterize version and copyright year in man page
- Bump version in configure
https://gitlab.xfce.org/apps/xfce4-panel-profiles/-/tags/xfce4-panel-profiles-1.1.1
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2979a73277
---------------------------
xfce4-notifyd: upgrade 0.9.4 -> 0.9.7
Changelog:
https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.7
https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.6
https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.5
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: babd776431
---------------------------
xfce4-taskmanager: upgrade 1.5.8 -> 1.6.0
1.6.0
======
Meson has been added as a build system in this release, and the
associated archive has been generated by 'meson dist'. Although
autotools has been retained for the time being and can still be used
via 'autogen.sh', meson is now the preferred build system, and
autotools will be removed in a future release.
- Update README after switchover to meson
- process-window: Fix wrong use of g_signal_emit_by_name()
- Fix process window being destroyed when status icon is visible
- Remove manual registration of resources
- Unify gresource files
- Add support to Meson
- build: Add missing dep flags
- Translation Updates:
Catalan, Croatian, Hungarian, Occitan (post 1500), Polish, Russian
https://gitlab.xfce.org/apps/xfce4-taskmanager/-/tags/xfce4-taskmanager-1.6.0
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3353464b52
---------------------------
xfce4-terminal: upgrade 1.1.4 -> 1.2.0
Changelog:
https://gitlab.xfce.org/apps/xfce4-terminal/-/tags/xfce4-terminal-1.2.0
https://gitlab.xfce.org/apps/xfce4-terminal/-/tags/xfce4-terminal-1.1.5
Backport 2 patches for fix build issue.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: aff71b5ce3
---------------------------
liblc3: add DEBUG_PREFIX_MAP to LDFLAGS to fix qa error
Fixes:
ERROR: liblc3-1.0.4-r0 do_package_qa: QA Issue: File /usr/lib/.debug/liblc3.so.1 in package liblc3-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0fa0257275
---------------------------
sysdig: upgrade 0.28.0 -> 0.39.0
Upgrade sysdig to solve build failure after upgrading valijson to 1.1.0.
1.Changelog
https://github.com/draios/sysdig/releases/tag/0.39.0
2.Update 0001-cmake-Pass-PROBE_NAME-via-CFLAGS.patch for 0.39.0
3.Remove following patches as merged upstream
0001-Add-cstdint-for-uintXX_t-types.patch
0001-libsinsp-fix-build-with-gcc-15.patch
4.Add 0001-Avoid-duplicate-operations-of-add_library.patch to fix do_configure errors
-- Existing strlcat found, will *not* use local definition
CMake Error at falcosecurity-libs/userspace/libscap/CMakeLists.txt:64 (add_library):
add_library cannot create target "scap_error" because another target with
the same name already exists. The existing target is a static library
5.Add CMAKE option -DBUILD_SYSDIG_MODERN_BPF=OFF to fix bpf header file not found issue
sysdig/0.39.0/recipe-sysroot/usr/include/bits/syscall.h:23:10: fatal error: 'bits/syscall-32.h' file not found
| 23 | #include <bits/syscall-32.h>
6.Add do_configure:prepend() function and CFLAGS/CXXFLAGS to fix header file not found issue
sysdig/0.39.0/sources/sysdig-0.39.0/falcosecurity-libs/userspace/libscap/engine/kmod/scap_kmod.c:30:10: fatal error: driver_config.h: No such file or directory
| 30 | #include <driver_config.h>
7.Add do_compile:append() function to fix do_package QA Issue
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b69a0bb503
---------------------------
fwupd-efi: upgrade 1.7 -> 1.8
Also include tag in the SRC_URI
Release Notes:
https://github.com/fwupd/fwupd-efi/releases/tag/1.8
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f5901568b3
---------------------------
gedit: upgrade 46.2 -> 49.0
Switched to fetch from git, because the related tarball is not available
(yet?) in the gnome download server.
Dropped patch that became unnecessary.
Changelog:
News in 49.0, 2026-01-03
------------------------
* Metainfo data: add more infos to fix Flathub warnings.
* Cleanup: remove BuildStream and Snap from build-aux/ (outdated).
* Translation updates.
News in 49.alpha2, 2025-11-17
-----------------------------
User-visible changes:
* Add a max-file-size setting for document loading, fixing the common problem
with very large files.
* New symbolic app icon (to have a square one).
* Statusbar: fix a bug with the language button popover.
Under the hood changes:
* Fix a compilation warning.
* Statusbar:
- Move some features of GeditStatusbar to libgedit-tepl as TeplStatusbar.
- GeditWindowStatus: new internal class to offload some work that was done in
GeditWindow, to avoid a god class.
- *.ui -> code.
Other:
* Translation updates.
* Tools: generate-html-list-of-plugins-description.sh script (output HTML
content that is put on the website instead of generating a Markdown file
located in the git repository).
News in 49.alpha1, 2025-09-05
-----------------------------
User-visible changes:
* gedit icon: take an older version for small sizes. The older version looks
nicer.
* Code Comment/Uncomment plugin: some bugs have been fixed, and the behavior can
be slightly different in some situations. A new user manual page has also been
written.
* Setup allowed GDK backends to disable Wayland. Only the X11 backend is allowed
on Linux (so it relies on XWayland when running the application on a Wayland
session). It fixes some bugs, especially for the Word Completion plugin.
Under the hood changes:
* Tools: add generate-c-plugin, to generate the boilerplate C code for a new
plugin.
* Code Comment/Uncomment plugin: rewrite it in C, and have the bulk of the
implementation in libgedit-tepl.
* Port to new GtkSourceEncoding API.
* GeditTab refactorings:
- Extract gedit-tab-utils.c.
- Start to extract GeditTabLoader (private class).
* Various other code refactorings.
Developer documentation:
* Improve the developer documentation, and start to write the
“Gedit Development Guidelines”.
* Improve API docs of the Activatable classes.
Other:
* Metainfo data: add a donation URL.
* Translation updates.
News in 48.2, 2025-04-14
------------------------
* Update links to new website domain name: https://gedit-text-editor.org/
* It is no longer possible to implement plugins in Python.
* New features:
- Reset All button in the preferences dialog.
- In the Spell Checker plugin: be able to configure the default language used
for the spell-checking in new documents.
* Code refactorings:
- In GeditWindow and GeditPreferencesDialog.
- Don't use the g_slice_*() functions (deprecated).
- In the Spell Checker plugin.
* MS Windows: change default font to Consolas.
* macOS: install an icon (work by LI Daobing).
* Metainfo: improve it (work by Daniel Rusek).
* Some updates to the user manual.
* Improve the devel documentation.
* Translation updates.
News in 48.1, 2024-12-07
------------------------
This is _not_ a bug-fix release, it contains other changes. The current plan is
to release gedit 49.0 at the same time as GNOME 49.0, to come back to the same
numbers as GNOME, but with more frequent releases like this one.
* Removed plugins: External Tools, Snippets, Python Console.
* Text Size plugin: rewrite in C.
* Remove the background-pattern feature (with the grid).
* Fix bug on Wayland to unmaximize the window.
* Code refactorings.
* Fix compilation warning.
* Translation updates.
News in 48.0, 2024-09-14
------------------------
New features:
* Full support of light/dark GTK theme variants. Configuration is done in the
Preferences dialog -> Font & Colors.
Visible changes:
* Add missing tooltips to some buttons (Sabri Ünal).
* The Text Size plugin has been moved from gedit-plugins to this repository, and
is now enabled by default.
* Remove Quick Open plugin.
* Mark some plugins as "buggy plugins": External Tools and Snippets.
Bug fixes:
* Fix some warning messages that appeared at runtime.
* Fix a crash.
For Microsoft Windows:
* Add Portable Executable resource icon, to associate an icon with the
executable (Hernan Martinez, gwillems and Sébastien Wilmet).
* Make gedit work without patches for MINGW-packages.
Misc:
* Some code refactorings.
* Update the user manual for the new feature ("Change the color scheme" page).
* Side panel: adapt to latest libgedit-tepl API.
* Bottom panel: port to TeplPanel.
* Build instructions: Meson refactorings.
* Translation updates (GNOME Translation Project contributors).
-- Sébastien Wilmet (main contributor and reviewer).
News in 47.0, 2024-04-27 (stable version)
-----------------------------------------
Web presence:
* New website for gedit: https://gedit-technology.github.io/apps/gedit/
* Update URLs for gedit-technology.net -> https://gedit-technology.github.io/
* Start to migrate away from wiki.gnome.org.
Branding:
* Restore the previous app icons and logo.
New features:
* Experimental: add light/dark GTK theme variant configuration (as a hidden
GSettings key for now).
Removed features:
* Localization (l10n): all the translations are disabled, gedit is available in
English only because some underlying modules are not on l10n.gnome.org or
equivalent.
* In the preferences dialog, remove the toolbar to install/uninstall color
schemes. Third-party color schemes are still supported, but the XML file(s)
need to be copied into the right directory by another means, see:
https://gedit-technology.github.io/developer-docs/extra/libgedit-gtksourceview/style-schemes.html
or also the gedit user help documentation.
Under-the-hood changes:
* Adapt the code for libgedit-gtksourceview API changes.
* Adapt the code for the Tepl -> libgedit-tepl module rename.
* Code refactorings, various improvements and bug fixes.
* Continue to reduce usage of *.ui files, write code instead.
* Use newer GLib API at some places.
* Add -Wshadow to the CFLAGS and fix the corresponding warnings.
For plugins:
* Some API changes (see the page documenting the API breaks).
* Improve the API documentation.
Misc:
* Rename *.appdata.xml to *.metainfo.xml and do some updates to that file.
* Update documentation for contributors.
* Links to some third-party plugins.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0f254f6b0f
---------------------------
agent-proxy: Ensure that OE cflags are passed properly to build
Current builds were extracting the relevance from LDFLAGS, which is
not the right thing to do. cflags carry the right elements to ensure
reproducibility with OE, so ensure its respected by makefile
Fixes
WARNING: agent-proxy-1.97-r0 do_package_qa: QA Issue: File /usr/bin/.debug/agent-proxy in package agent-proxy-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 347474c362
---------------------------
memstat: Pass OE environment CFLAGS to makefile
Helps with reproducible builds
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4938f15e42
---------------------------
tunctl: Make cflags weak in makefile
ensures it used flags from OE env
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 73d3cb2e36
---------------------------
libgedit-gtksourceview: Upgrade to 299.6.0
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 80f7258e6f
---------------------------
libgedit-gfls: Add recipe
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8cf23fff14
---------------------------
tepl: Upgrade to 6.14.0
Add missing dependencies
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 62d8c7ee7d
---------------------------
ndpi: Upgrade to 5.0 release
Drop downstream cross compile patch, the relevant code is removed in new version
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a917abe8e4
---------------------------
python3-xstatic-font-awesome: Upgrade to 6.2.1.2
License-Update: Updated to use LICENSE.txt for anchoring the check
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b368ce1790
---------------------------
qad: add patch to build with glibc 2.43
As the subject says. Fixes compilation error:
| ../sources/qad-0.0+git/src/server.c:212:22: error: initialization discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
| 212 | char *pLastSlash = strrchr(url, '/');
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 635c7328f9
---------------------------
phytool: Update to latest
Changelog:
- Add man pages and adjust Makefile for man pages
- Avoid %#x printf pattern
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b820ffae7f
---------------------------
phytool: Refactor recipe
This commit fixes a few issues with the phytool recipe:
- Missing "_git" suffix in the recipe name, as required by [1];
- Missing description, homepage, and bugtracker metadata [2]';
- Missing section metadata, which is improved package management [3];
- As defined by [4], the SRCREV should be defined after the SRC_URI.
[1] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#recipe-naming-conventions
[2] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#required-variables
[3] https://docs.yoctoproject.org/ref-manual/variables.html#term-SECTION
[4] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#recipe-ordering
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1e8706e728
---------------------------
networkd-dispatcher: Refactor recipe
This commit fixes the below issues with the networkd-dispatcher recipe:
- Add the missing required variables defined in [1]:
- HOMEPAGE
- BUGTRACKER
- Add the SECTION variable allowing improved package management [2]
- Drop SYSTEMD_PACKAGES PN as this is already handled by systemd
bbclass [3]
- Inherit allarch as the recipe does not create any architecture
dependent files
- Change the recipe ordering so that [4] is respected
- Add tag parameter for the git fetch, as recommended by [5]
[1] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#required-variables
[2] https://docs.yoctoproject.org/dev/ref-manual/variables.html#term-SECTION
[3] https://docs.yoctoproject.org/dev/ref-manual/variables.html#term-SYSTEMD_PACKAGES
[4] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#variable-ordering
[5] https://docs.yoctoproject.org/dev/migration-guides/migration-5.3.html#bitbake-git-fetcher-tag-parameter
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e3361a6687
---------------------------
conserver: Add recipe for remote console server
The patches are required to build with detached build directory and
cross-compiling.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 52213f71f0
---------------------------
open-vm-tools: backport patch to build with glibc 2.43
As the subject says.
Fixes error:
| ../../../sources/open-vm-tools-13.0.10/open-vm-tools/lib/hgfs/hgfsEscape.c: In function 'HgfsAddEscapeCharacter':
| ../../../sources/open-vm-tools-13.0.10/open-vm-tools/lib/hgfs/hgfsEscape.c:201:15: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
| 201 | illegal = strchr(HGFS_ILLEGAL_CHARS, bufIn[escapeContext->processedOffset]);
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fdfa50cf77
---------------------------
spectre-meltdown-checker: Update 0.46 -> git
The git repo gained some bugfixes, esp. for arm32. But there was no release
since mid 2023. So, use the git repo.
a20641f fix: handle non-numeric ARM CPU architecture values
d550ea8 fix: harmless 'dmesg: write error' that could happen on some systems
8e33a1d fix: set cpu_* vars to a default value
68b4617 update: fwdb from v345+i20251110+4df2 to v347+i20251110+615b, 2 microcode changes
9fed5ce update: fwdb from v344+i20250811+1523 to v345+i20251110+4df2, 45 microcode changes
72bce72 chore: really fix autoupdate workflow to avoid useless PRs
5f18e67 chore: fix autoupdate workflow
a8466b7 fix CVE-2017-5715 reporting when IBRS_FW is enabled
b99be23 update: fwdb from v296+i20240514+988c to v344+i20250811+1523, 128 microcode changes
ee4cfd0 chore: add autoupdate workflow for fwdb
c2c60e0 chore: fix recent shellcheck warnings
bae43d8 Replace head -1 by head -n1
34c6095 fix: Linux 6.9+ changed some config options names (#490)
e806e4b chore: docker compose v2
388d44e Fix Retpoline detection for Linux 6.9+ (issue #490)
bd0c7c9 fix: typo introduced by #483, fixes #486
d70e4c2 fwdb: update to v296+i20240514+988c
4e29fb5 fix: ucode_platformid_mask is hexa (fixes #485)
0f2edb1 feat: blacklist some more microcodes (fixes #475)
8ac2539 fix: microcode check now supports pf_mask (fixes #482)
97f4d5f feat(reptar): add detection and mitigation of Reptar
9b7b09a fix(inception): continued mitigation detection
c94811e fix(inception): Zen1/2 results based on kernel mitigations
3e67047 feat(inception): README
ecee757 feat(inception): kernel checks + sbpb support detection
fb6933d feat(inception): Zen1/2 IBPB and SMT checks
dc6921a feat(inception): handle sysfs interface
3167762 feat(inception): start supporting AMD inception
44223c5 fix: bsd: kernel version detection
dbe208f enh: downfall: detect kernel mitigation without sysfs
aca4e2a enh: move root warning to the bottom
c1c1ac4 feat(downfall): detection of the kernel mitigation relying on dmesg
ba0daa6 feat: downfall: add kernel soft mitigation support check
227c0aa feat(downfall): add downfall checks
8ba3751 fwdb: update to latest Intel ucode versions
d013c0a doc: add kernel src as additional ucode version source
cbe8ba1 fix: inteldb: cpuid 0x00090660 and 0x000A0680
9c2587b enh: when CPUID can't be read, built it by ourselves
2a5ddc8 feat: add Intel known affected processors DB
2ef6c1c enh: factorize file download func
3c22401 chore: update disclaimer and FAQ
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a03763295e
---------------------------
wowlan-udev: set S to UNPACKDIR
Since there are no sources being fetched, set S to UNPACKDIR to fix:
| WARNING: wowlan-udev-1.0-r0 do_unpack: wowlan-udev: the directory
| ${UNPACKDIR}/${BP} ... pointed to by the S variable doesn't exist
| - please set S within the recipe to point to where the source has
| been unpacked to.
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 82046d3b24
---------------------------
pipewire: Backport two patches to build with glibc 2.43
This avoids the following error:
In file included from spa/plugins/alsa/acp/compat.c:26:
spa/plugins/alsa/acp/compat.h: In function 'pa_path_get_filename':
spa/plugins/alsa/acp/compat.h:437:13: error: assignment discards
'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
437 | if ((fn = strrchr(p, PA_PATH_SEP_CHAR)))
| ^
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ede40e0d90
---------------------------
minicoredumper: backport patch to build with glibc 2.43
As the subject says.
Fixes compilation error:
| ../../../sources/minicoredumper-2.0.7/src/coreinject/main.c: In function 'inject_data':
| ../../../sources/minicoredumper-2.0.7/src/coreinject/main.c:248:11: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
| 248 | p = strrchr(b_fname, '/');
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d52f508569
---------------------------
liboauth2: Backport a patch to build with glibc 2.43
Also remove PV. There is no need to set PV since the version is in the
recipe file name.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6667c2c762
---------------------------
cjose: Remove PV
There is no need to set PV since the version is in the recipe file name.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b26a0ad219
---------------------------
python3-pychromecast: upgrade 14.0.9 -> 14.0.10
Beside the below changelog, it also allows compiling with the latest Setuptools.
Drop patches which became obsolete.
Changes:
- Ensure cec info is none if not supported
- Add some fast pre-commit checks
- Switch to ruff for checks and formatting
- add D24f-J09 to const.py
- Update const.py to include Lenovo Smart Display 10
- Avoid logging graceful disconnect as error
- Fix datetime deprecation
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b837662
---------------------------
ci: Switch to using https for fetching OE/YP git repos
git protocol is broken, and anyway https is preferred way to clone from
these git sources.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 83a8efc
---------------------------
wic: Templates need to be moved to files/wic within the layer to be found/used
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 9286d2c
---------------------------
rpi-base: Rename MACHINE_FEATURES_BACKFILL_CONSIDERED to MACHINE_FEATURES_OPTED_OUT
OE-Core 6.0+ release has renamed this variable
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 0ec0619
---------------------------
layer.conf: Drop whinlatter release series
https://github.com/agherzan/meta-raspberrypi/pull/1584 was first change
specific for wrynose (other than CI change), drop whinlatter to avoid
someone accidentally using master branch with older weston-14 and
getting crashes.
Separate whinlatter branch was now created.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
---------------------------
Commit: 4cb76d1
---------------------------
extra-build-config.md: Remove outdated `kernel_configure_variable` references
The referenced `kernel_configure_variable` statements were removed in PR #227.
Signed-off-by: Trevor M <45127883+tream2001@users.noreply.github.com>
---------------------------
Commit: 6de8362
---------------------------
weston: Drop patch for 64bit plane IDs
This patch is not needed with weston 15+
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 3f2a6f5
---------------------------
rauc.inc: add a PACKAGECONFIG for mtd
Using `nor` as a slot's type is a very basic use-case and RAUC requires
mtd-utils (flash_erase/flashcp) at runtime to support this.
Add a new PACKAGECONFIG to support this which can be enabled via
DISTRO/MACHINE configs or via .bbappend.
Fixes #428
Signed-off-by: Awais B <awais.b@rufilla.com>
---------------------------
Commit: a93ee53
---------------------------
README.rst: add a note on the layer's release cycle
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: a6bae57
---------------------------
README.rst: split target configuration from bundle building
This was mixed in the same chapter and could easily be overlooked, since
the heading just noted "Adding the RAUC Update Service to Your Device".
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 2d3ae17
---------------------------
README.rst: move host tool chapter after target integration
Using RAUC manually as a host tool is less important than integrating it
for the target.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 29ba56c
---------------------------
README.rst: simplify and align host tool chapter
* add missing 'the' to heading
* remove useless 'if you intend'
* point out 'manually' usage of the RAUC tool
* shorten and align wording
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 71fd8c5
---------------------------
README.rst: add verity format to example
Recent bundles should not be build without, if possible.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: ad75e7c
---------------------------
README.rst: improve wording for rauc-conf.bbappend instructions
It's not sufficient to just set FILESEXTRAPATHS, you'd also need the
system.conf file itself. Also the keyring is installed this way for most
use cases.
Reword 'RAUC update file' to 'RAUC system configuration' which is more
appropriate.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: e52fc58
---------------------------
README:rst: drop redundant "Patches" chapter
This mainly replicates the information from the "Contributing" chapter.
Move the Maintainers note there.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 9fc8efa
---------------------------
README.rst: clarify some aspects for backporting
* 'changes' is too broad, we don't intend to backport all new features
* allow 'backport' in backport notes, too (e.g. when not doing a pure
cherry pick
* replace 'poky releases' by 'Yocto releases'
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 4ae3611
---------------------------
README.rst: simplify (layer) dependencies
* Shorten the description
* drop 'bitbake', which of course is required, but not a layer.
* clarify the casync requirements and scope
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 2a81e68
---------------------------
README.rst: rewrite introduction text
Better outline the purpose of RAUC and this layer.
Add note on host and target side integration.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 94fa925
---------------------------
README.rst: drop generic 'Adding the rauc Layer..' chapter
This is basic Yocto/OE knowledge that is not worth being replicated in
each individual layer.
While at it, drop the section numbers, since we don't intend to write a
whole book here.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: f71522e
---------------------------
README.rst: fix rauc-hawkbit-updater section heading
This plural form originates from when the section described
rauc-hawkbit, too.
Fixes: 1a9a22d8 ("rauc-hawkbit: remove recipe and references")
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 8bd1bc4
---------------------------
README.rst: minor wording and typo fixes
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: f508901
---------------------------
README.rst: fix markup syntax
This should be shown as 'code', not as 'italic'.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 0466327
---------------------------
rauc: fix git development version
The SRCREV pointed to the commit hash from the stable-1.15 branch, while
the branch= parameter pointed to the 'master' branch which will let the
fetcher fail:
| ERROR: rauc-1.15.2+git-r0 do_fetch: Fetcher failure: Unable to find revision 4fb7c798d6ae412344fb8f8d310d773046af3441 in branch master even from upstream
Fix this by pointing to the latest master commit instead (which also
includes the fix for CVE-2026-34155).
Since master has no direct history in common with 1.15.2, change the PV
to '1.15.1+git'.
Fixes 9033f35b ("rauc: update to v1.15.2")
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 9033f35
---------------------------
rauc: update to v1.15.2
This release fixes CVE-2026-34155 "Improper Signing of Plain Bundles
Exceeding 2 GiB".
See https://github.com/rauc/rauc/security/advisories/GHSA-6hj7-q844-m2hx
for details.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 3adaa7e6
---------------------------
CI/CD Auto-Merger: cicd.master.202604230400
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2025.01: SRCREV_uboot
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging-rt_6.12: SRCREV_ARM32
linux-ti-staging_6.12: SRCREV
linux-ti-staging_6.18: SRCREV
Changelogs:
u-boot-ti-staging_2025.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=7b9dedb046eb6a720997f61582c7b13da1b5b9f0..19795f63be7ee27e38b6e800ff6c88a2feaae13f
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=2549829cc194ffd9e38b755d2e10c7fc4cd971eb..ee3048ee0822c35312379b6e24b5c80e9a845110
linux-ti-staging-rt_6.12: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=a3bc6dc973a99822f0707b1c9ba06b56bf142076..62fdc7890cde3197051743120ff44162b7356cc5
linux-ti-staging_6.12: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=da3c0f0a33ac00f7138c695a16d90301cf7ec02b..c52c5589aab8c376f975b1feb7b8746b7b6624bd
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=c214492085504176b9c252a7175e4e60b4b442af..fa14abf25646c5814b997836539dbb859d6a669f
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 5e0dffe2
---------------------------
machine: Fix UBOOT_CONFIG setting for tie-test-builds
It was pointed out that j722s-evm-k3r5 was incorrectly setup and would
not build correctly out of the box. This is due to the fact that we set
both UBOOT_MACHINE and UBOOT_CONFIG by default. This was a mistake.
While looking into this newish feature I also found that another
platform was using a prepend, when it really should just be setting the
value for tie-test-builds.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: f3081d9c
---------------------------
u-boot-ti-mainline: Update to version: v2026.04
Updated the value(s) for:
u-boot-ti-mainline: PV,SRCREV_uboot
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 27615406
---------------------------
conf: machine: j784s4: Move ti-eth-fw-j784s4 to EVM conf
The `ti-eth-fw-j784s4` firmware is added in the generic J784s4 SoC
include, which is therefore used for all the J784s4-based machines.
That firmware seems to be developed specifically for the EVM, as it
takes control of pins used for the Ethernet board setup on the EVM. On
non-EVM boards, like the Aquila-AM69, those signals are used for other
functions, so enabling the firmware in the SoC include is too broad
and breaks functionality.
Move the machine-essential recommend from the SoC include
to the EVM configuration.
Signed-off-by: Franz Schnyder <franz.schnyder@toradex.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 1a17ddb1
---------------------------
check_yocto_rules: Add new exclude file
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 00102868
---------------------------
mesa-pvr: Add patch for gallium fix due to LLVM 22
Add patch for gallium fix due to LLVM 22.
Signed-off-by: Antonios Christidis <a-christidis@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 705e9d2b
---------------------------
k3: use ttyS2 as the primary console
The ordering of parameters in SERIAL_CONSOLES matters. The first value
is picked as the KERNEL_CONSOLE and used as the console definition for
grub as of:
9dc647e5 (k3: set console parameter to KERNEL_CONSOLE, 2026-03-18)
Ideally this will be split out into a separate board configuration
parameter in the future, as there are already some board specific
overrides right now.
Signed-off-by: Randolph Sapp <rs@ti.com>
Acked-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: f3425992
---------------------------
wic: move wks files into files/wic/
Move our wks files into files/wic/ per [1].
[1] https://git.openembedded.org/openembedded-core/commit/?id=07e410600c41103098b670f12abe87f64419a624
Signed-off-by: Denys Dmytriyenko (TI) <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 3db8ddf7
---------------------------
CI/CD Auto-Merger: cicd.master.202603261656
Updated the value(s) for:
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=a46241db71e383bb6dda103ecad12b13e7af3c38..2549829cc194ffd9e38b755d2e10c7fc4cd971eb
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=c164e381f6bc1a72b527f0bf3a6b1fc9af06517f..c214492085504176b9c252a7175e4e60b4b442af
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 7640ce6a
---------------------------
am62lxx-evm: fix fitImage address for 128MiB
This patch modifies the load addresses for the kernel fitImage to
provide out-of-box support for 128MiB DDR sizes on AM62l.
The current fitImage uses 0x88000000 as the DTB load address which is
beyond the 128MiB boundary while the kernel load address of 0x82000000
conflicts with U-Boot's SPL load address which causes problems when
enabling falcon mode on the device.
Signed-off-by: Anshul Dalal <anshuld@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 764817c2
---------------------------
conf: Enable dynamic tpm-layer support for LUKS
Add BBFILES_DYNAMIC registration for 'tpm-layer' collection to
conditionally include LUKS recipes from dynamic-layers/tpm-layer/
when meta-security/meta-tpm layer is present.
Add tpm-layer to LAYERRECOMMENDS to document the optional
dependency for LUKS functionality.
Update ti-core-initramfs.inc to auto-enable initramfs generation
when DISTRO_FEATURES contains 'luks'.
Signed-off-by: Shiva Tripathi <s-tripathi1@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: bd0e3d7b
---------------------------
initramfs-module-luks-ftpm: Add fTPM support
Add initramfs module to dynamic-layers/tpm-layer providing LUKS2 full
disk encryption with TPM-sealed keys for TI K3 platforms. Keys are
sealed by firmware TPM (fTPM) running in OP-TEE and stored in eMMC
RPMB.
Features:
- First-boot in-place encryption with tpm2_getrandom key generation
- TPM-sealed key storage via persistent handle 0x81080001
- Automatic unlock on subsequent boots
- Space verification ensuring 32MB available for LUKS header
The module is built only when meta-tpm layer is present and gets
included in initramfs only when DISTRO_FEATURES='luks' and
MACHINE_FEATURES='optee-ftpm'
LUKS packages (cryptsetup, tpm2-tools, tpm2-tss, optee-ftpm,
e2fsprogs-*) significantly increase initramfs size beyond the default
131072 limit. Increase INITRAMFS_MAXSIZE to 200000 to accommodate
these packages.
Signed-off-by: Shiva Tripathi <s-tripathi1@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 6f205ef0
---------------------------
linux-ti-staging: Add LUKS encryption config
Add kernel configuration fragment enabling dm-crypt and crypto
algorithms required for LUKS2 full disk encryption. Config is
applied when DISTRO_FEATURES contains 'luks'.
Includes ARM64 crypto optimizations and fTPM support.
Signed-off-by: Shiva Tripathi <s-tripathi1@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 4c4f4b49
---------------------------
ti-extras: update srcrev for jailhouse
update jailhouse linux and uboot to latest
Signed-off-by: Mahammed Sadik Shaik <s-sadik@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: ed4c7f9e
---------------------------
CI/CD Auto-Merger: cicd.master.202603241800
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
u-boot-ti-staging_2025.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=aaa3d54aaa9e837834fa6b6dd99e9fefdfcf7949..9e9d50ff563f83db86d36b72cd7fb4f487d6b414
u-boot-ti-staging_2025.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=ef2eb76b650415637bd93b0eddfb1e31489117f9..7b9dedb046eb6a720997f61582c7b13da1b5b9f0
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=fa0fe817f5ee1b0542f757abaded245c6e5a1321..c164e381f6bc1a72b527f0bf3a6b1fc9af06517f
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: e00f8d22
---------------------------
weston: Update to 15.0.0
oe-core has bumped the version to 15.0.0 [1]. We need to adjust the
bbappend version to % to better match future version changes.
Additionally, the patch needs to be updated to match the weston code
changes.
[1] https://git.openembedded.org/openembedded-core/commit/?id=a1ed6fddd99171536e23d63a5d5b180019d672ad
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 36901e8b
---------------------------
am65xx-evm-k3r5.conf: Fix defconfig for the main build
A copy/paste error set the wrong defconfig for the main build when
setting up the test build flow.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 2537d1cc
---------------------------
check_yocto_rules: Add new exception
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 60d0643b
---------------------------
conf: machine: am62lxx-evm: Increase max LEB count
The mkfs.ubifs tool was failing with "max_leb_cnt too low (10077 needed)"
error when building tisdk-default-image for am62lxx-evm-rt. Increased
the -c parameter in MKUBIFS_ARGS from 8500 to 12000 to accommodate the
larger filesystem size requirement.
Signed-off-by: Pratham Deshmukh <p-deshmukh@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 2e0704ee
---------------------------
tests: fix FD inheritance in test harness for all vdkr/vpdmn commands
Change VdkrRunner.run() and VpdmnRunner.run() to use Popen with
start_new_session=True, stdin=DEVNULL, and file-based stdout instead
of subprocess.run(capture_output=True). This prevents daemon background
processes from inheriting pipe FDs, which causes communicate() to hang
in CI/test harness environments (e.g., buildbot).
The fix applies to all commands, not just memres start, because any
vdkr command can auto-start the daemon (auto-daemon is enabled by
default).
Also fix test_volume_mount_requires_memres to check both stdout and
stderr for the error message, since stderr is now merged into stdout
by the Popen approach.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 891c00db
---------------------------
vcontainer: detach background-process stdio from memres start caller
The memres start operation spawns long-running background processes
(host-side idle watchdog and Xen domain monitor) that persist beyond
the vrunner.sh script. These processes inherited file descriptors
0/1/2 from the parent shell without redirection.
When invoked through a harness capturing output via pipes—such as
pytest's subprocess.run(..., capture_output=True)—the inherited pipe
write-ends kept the caller's read/communicate() operations blocked
until memres stop executed, potentially for up to 30 minutes
(IDLE_TIMEOUT default).
The fix fully detaches stdio from three background spawners:
- vrunner.sh: Watchdog subshell now redirects stdin from /dev/null,
stdout/stderr to /dev/null, and uses disown
- vrunner-backend-qemu.sh: Adds stdin redirection from /dev/null
to existing log file redirections
- vrunner-backend-xen.sh: Applies same detachment plus disown for
daemon mode; redirects stdin for ephemeral-mode console reader
From: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b02e400b
---------------------------
tests: fix memres start hanging in subprocess.run
memres start spawns background processes (QEMU VM, idle watchdog)
that persist after the vrunner script exits. When invoked via
subprocess.run(capture_output=True), these background processes
inherit the pipe file descriptors, preventing communicate() from
returning until all pipe holders exit — which can be 30+ minutes
(the idle timeout).
Fix by using Popen with:
- stdin=subprocess.DEVNULL (no inherited stdin pipe)
- file-based stdout (no pipe FDs to inherit)
- start_new_session=True (new process group, so wait() only
waits for the parent script, not the background children)
This matches the behavior when running from a shell, where the
daemon processes are fully detached from the caller's FD table.
Applied to both VdkrRunner and VpdmnRunner memres_start methods.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5f512359
---------------------------
tests: add @pytest.mark.memres to daemon-dependent tests
Test classes that depend on vmemres (daemon mode) were not marked,
causing them to run even when filtered with '-m "not memres"'. This
caused timeout failures on CI/buildbot environments where KVM may
not be available and daemon startup exceeds the test timeout.
Mark the following classes with @pytest.mark.memres in both
test_vdkr.py and test_vpdmn.py:
- TestMemresBasic
- TestPortForwarding (vdkr only)
- TestContainerLifecycle
- TestVolumeMounts
- TestSystem
- TestVstorage
- TestRun
- TestAutoStartDaemon (vdkr only)
- TestDynamicPortForwarding (vdkr only)
- TestPortForwardRegistry (vdkr only)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f8bbbf1f
---------------------------
go-distribution: Add CVE_PRODUCT to align with NVD CPE
CVE_PRODUCT has been set to docker:registry to align with the NVD CPE
product namespace for the distribution/registry codebase.
Only a single CPE entry exists in the NVD for this product:
cpe:2.3:a:docker:registry
This ensures CVEs tracked for docker registry are matched for this recipe.
Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6218ce02
---------------------------
systemd: add openssl PACKAGECONFIG for virtualization distro feature
Since libvirt was upgraded to v12.1.0, the new systemd service file
virt-secret-init-encryption.service has been introduced, and it requires
systemd to add openssl to PACKAGECONFIG. Because systemd-creds encrypt
command will be executed in the service file, which depends on openssl
is enabled.
Meanwhile this service was added into the dependency chain of the main service
libvirtd.service, and will be enabled by default by libvirtd service without
any build dependency detection according to the original upstream commit
https://github.com/libvirt/libvirt/commit/97758bc9a0b1fccf8c0009308658f1204b113b89
In systemd oe-core recipe, the openssl PACKAGECONFIG is disabled at default.
Finally the service file virt-secret-init-encryption.service and libvirtd will
be failed as the following error:
> # systemctl status libvirtd -l
* libvirtd.service - libvirt legacy monolithic daemon
Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; preset: enabled)
Active: inactive (dead)
TriggeredBy: * libvirtd.socket
* libvirtd-ro.socket
* libvirtd-admin.socket
Docs: man:libvirtd(8)
https://libvirt.org/
systemd[1]: Dependency failed for libvirt legacy monolithic daemon.
systemd[1]: libvirtd.service: Job libvirtd.service/start failed with result 'dependency'
> # journalctl -xe
A start job for unit virt-secret-init-encryption.service has begun execution.
systemd-creds[1251]: Support for encrypted credentials not available.
systemd[1]: virt-secret-init-encryption.service: Main process exited, code=exited, status=1/FAILURE
The above error info "Support for encrypted credentials not available." comes
from systemd-creds command provided by systemd without HAVE_OPENSSL option at
the source code src/shared/creds-utils.c
Here we enable openssl for systemd when 'virtualization' is in distro feature.
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ba09e837
---------------------------
libvirt: Drop the deprecated workaround
The workaround is not needed anymore as the systemd supporting.
The libvirtd.service Type has been changed from notify to notify-reload,
so the final Type will be 'forking-reload', that's invalid for systemd.
Here we delete it to avoid the following output information:
>/lib/systemd/system/libvirtd.service:29: Failed to parse Type=forking-reload, ignoring: Invalid argument
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 484a57d2
---------------------------
criu: Add CVE_PRODUCT to align with NVD CPE
CVE_PRODUCT has been set to criu:checkpoint/restore_in_userspace to align
with the product naming used in the NVD CPE database for criu.
The slash-containing product token is intentional as NVD references this
project under checkpoint/restore_in_userspace.
Only a single CPE entry exists in the NVD for this product:
cpe:2.3:a:criu:checkpoint/restore_in_userspace
Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 84c856c4
---------------------------
cni: Add CVE_PRODUCT to align with NVD CPE
`CVE_PRODUCT` has been set to `linuxfoundation:container_network_interface linuxfoundation:cni_network_plugins`
to align with the product naming defined in the NVD CPE database for `cni`.
The NVD CPE database contains product variants for this project under:
`cpe:2.3:a:linuxfoundation:container_network_interface`
`cpe:2.3:a:linuxfoundation:cni_network_plugins`
The NVD references for these CPEs confirm that they correspond to the
source code used in our recipe.
Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: e122926e
---------------------------
netavark: remove nmap from ptest RDEPENDS
Since upstream commit dbc920030 ("test: add new test program for
connection checks"), netavark test suite no longer uses ncat (from
nmap). The tests now use a built-in Rust-based connection tester
(netavark-connection-tester) instead. This change was included starting
from v1.16.0, so the nmap dependency is no longer needed.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 115184e6
---------------------------
cdi: add container-device-interface commandline utility
From the upstream description:
The `cdi` command-line tool is a utility for inspecting and interacting with the CDI (Container Device Interface) cache.
It allows developers and system administrators to:
- List CDI Spec files: View all available CDI specification files in the configured directories
- List vendors: Display registered device vendors in the CDI cache
- List device classes: Show available device classes from CDI Specs
- List devices: Enumerate all CDI devices available in the system
- Validate specs: Verify CDI specification files against the JSON schema
- Inject devices: Inject CDI device configurations into OCI runtime specifications
- Monitor cache: Watch for changes in the CDI cache and Spec directories
- Resolve devices: Resolve fully-qualified device names to their configurations
The CLI tool is particularly useful for debugging CDI configurations, validating spec files, and testing device assignments before deploying them in production environments.
Signed-off-by: Koen Kooi <koen.kooi@oss.qualcomm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c83f423b
---------------------------
libvirt-dbus: update to v1.4.1-tip
We drop the inline error supression, since upstream has it in
commit c0fffce
New upstream version installs /usr/lib/sysusers.d/libvirt-dbus.conf
for systemd-sysusers user/group creation. Add the directory to FILES
to fix installed-vs-shipped QA error.
Bumping libvirt-dbus to version v1.4.1-46-gd1c49c2, which comprises the following commits:
d1c49c2 domain: Fix incorrect free of GString variable
c0fffce build: Do not use -Winline
f1d2f64 ci: refresh with latest 'lcitool manifest'
2105c17 Introduce sysusers config file to create libvirtdbus user
0643cd8 ci: refresh with latest 'lcitool manifest'
ded4bc8 ci: refresh with latest 'lcitool manifest'
8f06b76 ci: switch to remote git refs for dependent projects
2fa70fd ci: refresh with lcitool manifest
ea96102 spec: use systemd macros to handle services
d0a5650 spec: use systemd macro to specify path of user unit directory
c281c50 ci: lcitool: Maintain project package deps lists here
193248a rpm: convert license to SPDX format
c8bb8ac meson: bump required libvirt version to 3.1.0
08f7541 events: Remove extra white spaces at the end of line
d37813b Remove GetBlockInfo method from Domain Interface
4a971c4 ci: add Fedora 37 target
58a9f53 ci: upgrade opensuse leap from 153 to 154
24e43b4 ci: refresh with latest lcitool manifest
697ef0b ci: drop unsupported targets
ef9430e HACKING: Use gitlab as main repository
4fbd82e ci: refresh with latest lcitool manifest
8333b9f spec: add systemd-rpm-macros as build dependency
35173fa ci: add Fedora 36
3b070a5 ci: refresh generated files
111fe77 ci: drop unsupported Fedora 34
95ac644 README: update libvirt dbus bindings link
23267d4 ci: Add more target platforms
d62b5b1 ci: Build RPMs on CentOS Stream 8
5232cb9 ci: Refresh generated files
6eb24e9 ci: Drop unsupported targets
d130ab0 ci: Move Coverity job from CentOS 8 to AlmaLinux 8
2757a47 ci: Add AlmaLinux 8
053d238 ci: Drop Travis CI support
3077aa8 Add .gitattributes file
502c8b5 rpm: Drop conditional needed on RHEL 7
b685a89 Fix meson run_command with check param
87b16e9 Implement GetBlockInfo, SetBlockThreshold methods and BlockThreshold signal for Domain Interface
3d64429 Switch to new GitHub repo-lockdown configuration
f4d3863 ci: remove obsolete refresh script and documentation
2b0a513 ci: re-generate containers/gitlab config from manifest
fa892e3 ci: define a CI manifest file
b1bd1d2 gitlab: skip tests on ubuntu 18.04
c7df361 gitlab: remove centos-7 build target
204d341 meson: Fix systemd services install when --prefix was specified
6ef9bb9 ci: refresh centos-stream container
ce6cf93 gitlab: use custom docker:dind image
0c355bb Release of libvirt-dbus 1.4.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 47e38291
---------------------------
ca-certificates: guard bbappend with virtualization DISTRO_FEATURES
The unconditional bbappend to ca-certificates breaks yocto-check-layer
compatibility when the layer is included without 'virtualization' in
DISTRO_FEATURES. Guard both the SRC_URI additions and the do_install
append with a bb.utils.contains check, matching the pattern used by
other bbappends in the layer (busybox, qemu, etc.).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 43fd5f4d
---------------------------
vcontainer-initramfs-create: fix kernel path for multiconfig builds
The kernel was copied from DEPLOY_DIR_IMAGE which resolves to the main
build config's deploy directory — not the multiconfig's. On autobuilder
setups with sstate, this caused the kernel to be missing from the vdkr
blob directory because:
1. The mcdepends (mc:<mc>::virtual/kernel:do_deploy) depended on the
main config's kernel, which may be a different architecture
2. DEPLOY_DIR_IMAGE pointed to the main deploy dir, not the
multiconfig's tmp-vruntime-<arch>/deploy/images/<machine>/
Fix by using MC_DEPLOY (the multiconfig's deploy directory) for the
kernel path, consistent with how initramfs and rootfs are already
copied. Remove the cross-multiconfig mcdepends since the kernel is
built as a transitive dependency of the rootfs image within the same
multiconfig.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b9b7e17e
---------------------------
cockpit-machines: remove autotools inheritance
The commit [1] from openembedded-core, removes the possibility to use
autotools bbclass when the configure script is missing. Because the
cockpit-machines release tarball always ships pre-built assets in dist/,
there is no need to use autotools to build the package.
This commit fixes the following build error:
ERROR: cockpit-machines-346-r0 do_configure: no configure script
found at ./configure
[1]: autotools: require that a configure script exists
SHA: 6d327a39befae44a88a812bdf4acde800dcee57b
Signed-off-by: Tanguy Raufflet <tanguy.raufflet@savoirfairelinux.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d57c511c
---------------------------
libvirt-dbus: disable -Werror=inline to fix build error
The meson.build from libvirt-dbus enables the flag -Winline. Combined
with -Werror from Yocto, this causes a build failure because GCC refuses
to inline g_autoptr_cleanup_generic_gfree() from the glib header
glib-autocleanups.h, as it considers the call unlikely and estimates
code size would grow.
Because the function g_autoptr_cleanup_generic_gfree is defined as
static inline with good reason, this patch disables -Werror=inline for
libvirt-dbus to allow the build to succeed.
Signed-off-by: Tanguy Raufflet <tanguy.raufflet@savoirfairelinux.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4e6c5835
---------------------------
vcontainer: fix registry login and TLS certificate chain
vcontainer-common.sh:
- Fix docker/podman login hanging silently in daemon mode. The login
command requires interactive stdin for the password prompt, which
the non-interactive daemon-send channel cannot provide. Use
daemon-interactive mode (same as vshell/exec -it) which provides
TTY passthrough via the virtio-serial + socat + expect channel.
ca-certificates bbappend:
- Add Let's Encrypt E8 (ECDSA) and R11 (RSA) intermediate certificates
via a ca-certificates bbappend. Certs are fetched at build time from
letsencrypt.org and installed into the standard CA certificate path.
update-ca-certificates incorporates them into the system CA bundle.
- Some registries (e.g., registry.yocto.io) don't send the full
certificate chain, causing TLS verification to fail with Go programs
(Docker, skopeo, podman) even though the root CAs are present.
vdkr-rootfs-image.bb:
- Add ca-certificates to IMAGE_INSTALL
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 168afc83
---------------------------
vcontainer-tarball: fix PACKAGE_ARCH for SPDX do_create_spdx
PACKAGE_ARCH must be "${SDK_ARCH}-${SDKPKGSUFFIX}" (e.g. x86_64-nativesdk)
to match the pattern explicitly listed in SSTATE_ARCHS in
meta/classes-global/sstate.bbclass.
do_create_recipe_spdx writes the static SPDX document under
DEPLOY_DIR_SPDX/${SSTATE_PKGARCH}/static/
where SSTATE_PKGARCH = PACKAGE_ARCH. do_create_spdx then calls
find_jsonld() which searches only the arch directories listed in
SPDX_MULTILIB_SSTATE_ARCHS (derived from SSTATE_ARCHS via
all_multilib_tune_values).
The previous value "${SDK_ARCH}_${SDK_OS}" evaluates to "x86_64_linux"
which is NOT listed in SSTATE_ARCHS, so the static document was written
to a directory never searched, causing the fatal:
ERROR: Could not find a static SPDX document named static-vcontainer-tarball
The correct value "${SDK_ARCH}-${SDKPKGSUFFIX}" evaluates to
"x86_64-nativesdk" which IS listed in SSTATE_ARCHS as the literal
"${SDK_ARCH}-${SDKPKGSUFFIX}" entry, and matches the pattern used by
buildtools-tarball.bb (the reference for host-only SDK tarballs with
TARGET_ARCH = "none" / TARGET_OS = "none").
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
---------------------------
Commit: b59fb87c
---------------------------
alpine-xen-guest-bundle: fix boot with init=/bin/sh
Alpine minirootfs is container-oriented and doesn't include openrc.
The default /sbin/init is a symlink to /sbin/openrc which doesn't
exist, causing a boot loop with:
can't run '/sbin/openrc': No such file or directory
Add init=/bin/sh to the guest kernel cmdline so the guest boots to
a shell prompt instead of failing to find the init system.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4dddf149
---------------------------
wic: move files to files/wic
Move local wic files to the new expected location files/wic, needed after
the wic migration to a standalone project outside oe-core.
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6eacd900
---------------------------
yq: fix do_compile failure caused by CGO_ENABLED="0"
New version of yq need set CGO_ENABLED="0" when compiling,
and this causes do_compile failure for 32 bits target as below:
-buildmode=pie requires external (cgo) linking, but cgo is not enabled
Tool go's internal linker doesn't support PIE for linux 32 bits target,
so -buildmode=pie requires external (cgo) linking on ARM and x86.
To fix this conflict with CGO_ENABLED="0", remove "-buildmode=pie"
from GOBUILDFLAGS.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 327bc413
---------------------------
incus: restrict to x86-64 and aarch64
Incus is only tested and supported on x86-64 and aarch64.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 8c255ebc
---------------------------
incus: add PACKAGECONFIG for VM support
Enable incus VM management with PACKAGECONFIG[vm], which pulls in
qemu, virtiofsd, and ovmf as runtime dependencies.
Usage: PACKAGECONFIG:append:pn-incus = " vm"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 68f0c8fa
---------------------------
incus: add runtime test suite
pexpect-based tests covering:
- Daemon startup via systemd
- incus-admin group creation
- incus admin init --minimal
- Alpine container launch, exec, stop, delete
Run: pytest tests/test_incus_runtime.py -v --machine qemux86-64
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: a05c5786
---------------------------
incus: add container host profile
Add CONTAINER_PROFILE=incus support so incus can be selected as the
container engine for container-image-host:
require conf/distro/include/container-host-incus.conf
MACHINE = "qemux86-64"
bitbake container-image-host
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 77f1e596
---------------------------
incus: add recipe for system container and VM manager
Incus is the community fork of LXD, providing a unified experience
for running and managing system containers and virtual machines.
Built on LXC 6.0 with cowsql for distributed cluster state.
Uses go-mod-discovery with hybrid fetch mode for Go module
dependencies.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d158797f
---------------------------
cowsql: add recipe for distributed SQLite database
Distributed SQLite implementation using the Raft protocol, required
by Incus for cluster database storage.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 37a4e409
---------------------------
raft: add recipe for cowsql consensus protocol library
C implementation of the Raft consensus protocol, required by cowsql
for distributed SQLite used by Incus.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 31baaea4
---------------------------
tests: update k3s multi-node to use kernel cmdline role setup
Update the multi-node test fixture to use kernel cmdline parameters
(k3s.role, k3s.node-ip, k3s.node-name) instead of manual IP
configuration and k3s restart. The k3s-role-setup.service handles
networking and role switching automatically on boot.
- Pass kernel_append to K3sRunner for k3s.role and k3s.node-ip
- Remove manual ip-addr-add and k3s stop/restart from fixture
- Use k3s-get-token helper to extract join token on server
- Agent starts k3s agent manually with extracted token (token
not known at boot time)
- Remove _QEMU_ARCH_CONFIG dict (moved to run-qemu-vm.sh script)
All 10 tests pass: 5 single-node + 5 multi-node.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6b441587
---------------------------
tests, k3s: update test suite and README for multi-node
test_k3s_runtime.py:
- Use run-qemu-vm.sh script for multi-node QEMU launches instead of
inline command building (shared infrastructure with manual testing)
- Resolve script path to absolute for pexpect compatibility
- Accept >= 1 Ready node in single-node test (persistent rootfs state)
README.md:
- Complete rewrite with current build profile workflow
- Document single-node quick start and multi-node cluster setup
- Document kernel cmdline parameters for role-based boot
- Document k3s-get-token helper, packages, and useful commands
- Add automated testing instructions
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1ebc8046
---------------------------
scripts: add QEMU VM launcher and k3s multi-node helper
run-qemu-vm.sh:
- Architecture-aware QEMU launcher (x86-64, arm64)
- Finds native QEMU binary and libraries from build sysroots
- Supports KVM auto-detection, socket networking, custom rootfs
- Reusable by both humans and the pytest test suite
run-k3s-multinode.sh:
- Launches server or agent VMs for k3s multi-node testing
- Passes k3s.role, k3s.server, k3s.token, k3s.node-ip, k3s.node-name
via kernel cmdline for automatic guest-side configuration
- Creates rootfs copy for agent VM (can't share ext4 read-write)
- Prints usage instructions when run without arguments
Usage:
Terminal 1: ./scripts/run-k3s-multinode.sh server
Server VM: k3s-get-token
Terminal 2: ./scripts/run-k3s-multinode.sh agent --token <TOKEN>
Server VM: kubectl get nodes
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d138800d
---------------------------
k3s: add multi-node cluster support with role-based boot
Add infrastructure for booting the same container-image-host image
as either a k3s server or agent, controlled via kernel cmdline
parameters (k3s.role=server|agent).
k3s-role-setup.service / k3s-role-setup.sh:
- Reads k3s.role, k3s.server, k3s.token, k3s.node-name, k3s.node-ip,
k3s.iface from kernel cmdline
- Configures cluster network interface IP via networkd drop-in
- For agent role: masks k3s.service, writes agent environment file,
starts k3s-agent.service
- For server role: masks k3s-agent.service (default)
10-k3s-cluster.network:
- Claims the cluster interface (eth1) via virt_networking bbclass
- Disables DHCP to prevent systemd-networkd from interfering
- Static IP added at boot by role-setup via drop-in
k3s-get-token.sh:
- Helper script to display the server join token
- Waits for token file if k3s is still starting
k3s-agent.service:
- Add EnvironmentFile for /etc/default/k3s-agent (K3S_URL, K3S_TOKEN)
- Add After=k3s-role-setup.service and network-online.target
k3s.service:
- Add After=k3s-role-setup.service
packagegroup-kubernetes.bb:
- k3s-host packagegroup now includes k3s-agent (both roles available)
- Both k3s-host and k3s-node include k3s-net-conf
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d1a4f655
---------------------------
docker: fix contrip -> contrib typo
It has been like this for many years now, so clearly not
causing an issue, but we might as well fix it.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 55f63c8a
---------------------------
tests: fix k3s multi-node test suite
Fix several issues discovered during multi-node testing:
- Find native QEMU binary from build sysroots-components instead of
relying on PATH (qemu-system-native is not in OE build env PATH)
- Set LD_LIBRARY_PATH for native QEMU shared library dependencies
(libSDL2, etc. from native sysroots)
- Add if=virtio to drive parameter so root device appears as /dev/vda
- Add CNI bin dirs to PATH when starting k3s manually (systemd service
has the PATH fix but manual launch does not)
- Wipe server TLS/cred/db state and kubeconfig before restarting with
cluster IPs to avoid stale certificate errors (cert only valid for
DHCP IP, not 192.168.50.1)
- Add --tls-san for cluster IP to server start
- Wipe agent k3s state to avoid "not authorized" from stale tokens
- Remove server-only config.yaml on agent (disable-cloud-controller
flag crashes the agent)
- Set unique --node-name on agent to prevent hostname collision when
both VMs boot from the same image
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 545ecc18
---------------------------
k3s: embed manifests and traefik charts, add server config
Embed system manifests and Helm charts into the k3s binary so that
k3s's deploy.Stage() can extract and process them at runtime with
template variable substitution (e.g., %{SYSTEM_DEFAULT_REGISTRY}%).
Previously, raw manifest files were installed directly to the server
manifests directory, but template variables were not substituted,
causing InvalidImageName errors for system pods. Now manifests are
copied to pkg/deploy/embed/ before Go compilation, matching upstream's
scripts/build workflow.
Traefik ingress controller support is added as a PACKAGECONFIG option
(enabled by default). When enabled, the traefik and traefik-crd Helm
chart tarballs are downloaded during do_fetch and embedded into the
binary at pkg/static/embed/charts/. When disabled, traefik is added
to the disable list in config.yaml.
A default /etc/rancher/k3s/config.yaml is installed that disables the
cloud-controller-manager (not needed for standalone/QEMU environments)
and conditionally disables traefik. The --disable-cloud-controller
flag is removed from k3s.service since it is now in the config file.
To disable traefik:
PACKAGECONFIG:remove:pn-k3s = "traefik"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ac89a0c4
---------------------------
tests: add k3s runtime test suite
Add test_k3s_runtime.py with 10 tests for k3s single-node and
multi-node verification:
Single-node (5 tests):
- Boot, verify k3s binary and service unit
- Start k3s server, wait for node Ready
- Verify 1 node in Ready state
- Deploy a busybox pod, verify Running
- Delete pod, verify cleanup
Multi-node (5 tests):
- Boot 2 VMs via QEMU socket networking
- Verify inter-VM ping on socket network
- Start k3s server on VM1, join agent on VM2
- Verify 2 nodes Ready
- Deploy 2-replica deployment, verify scheduling
Uses architecture-aware QEMU configuration (x86-64 and arm64
supported). Multi-node tests launch QEMU directly (not runqemu)
to support two concurrent VMs. kubectl commands use KUBECONFIG
instead of embedded 'k3s kubectl' which is not available in the
Yocto build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 540f1aee
---------------------------
k3s: fix CNI networking, service PATH, and manifests directory
Several issues prevented k3s from starting and running pods in the
Yocto image:
k3s.service / k3s-agent.service:
- Add /opt/cni/bin and /usr/libexec/cni to PATH so k3s can find
CNI plugin binaries (host-local, flannel, bridge, etc.)
- Create /run/flannel/subnet.env at startup if not present — k3s's
embedded flannel controller expects this file for CNI configuration
- Add --disable-cloud-controller to server — the cloud controller
manager is for cloud provider integration (AWS/GCP) and causes a
timeout loop in standalone/QEMU environments
k3s_git.bb:
- Create /var/lib/rancher/k3s/server/manifests/ directory — k3s
expects this at startup for auto-deploying system components
- Switch CNI config from cni-containerd-net.conf (containerd bridge
with 10.88.0.0/16 subnet) to cni-flannel.conflist which matches
k3s's flannel networking (10.42.0.0/16 via flannel plugin)
cni-flannel.conflist:
- New flannel CNI config that delegates to the flannel plugin with
hairpin mode, forceAddress, and portmap capabilities
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: a4cd368b
---------------------------
k3s-host: set virtual-runc as container runtime
The k3s-host container profile had VIRTUAL-RUNTIME_container_runtime
set to empty, which meant no OCI runtime (runc or crun) was installed.
containerd's RDEPENDS uses this variable to pull in the runtime, so
k3s pods failed with "runc: executable file not found in $PATH".
Set to virtual-runc which is what k3s expects. The k3s-node profile
inherits from k3s-host so it gets the fix too.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4b0789cb
---------------------------
vruntime, vrunner, conftest: fix multiconfig and batch import issues
vruntime.conf:
- Reset all VIRTUAL-RUNTIME_container_* variables to prevent
CONTAINER_PROFILE selections from leaking into vruntime multiconfigs
(e.g., podman profile pulling netavark into vruntime builds)
- Disable ptest for glib-2.0 — its -ptest RDEPENDS chain
(python3-dbusmock -> python3-pygobject -> cairo -> fontconfig)
pulls the entire graphics stack which is masked in vruntime
- OE-core commit 159148f4de2 replaced DISTRO_FEATURES_BACKFILL_CONSIDERED
with DISTRO_FEATURES_OPTED_OUT. The old variable no longer has any
effect, which meant ptest, gobject-introspection-data, wayland, and
other features were no longer being blocked in vruntime builds. This
caused glib-2.0's ptest RDEPENDS to pull in the cairo → fontconfig →
freetype graphics stack, which is masked by the vruntime BBMASK.
- Set PREFERRED_PROVIDER_virtual/runc with strong assignment to
ensure the unified runc recipe is used
vrunner.sh:
- Fix batch import exit code handling: wrap import chain in subshell
and make the images listing best-effort. The previous '&& podman
images' caused false failures when podman images couldn't initialize
its network backend. Using 'exit' was also wrong as the command runs
inside PID 1 init's eval — exit kills init causing kernel panic.
vpdmn-rootfs-image.bb:
- Switch from netavark to CNI networking — netavark's dependency chain
(nmap -> libpcap -> bluez5 -> python3-pygobject -> cairo) cannot be
built under the vruntime BBMASK environment
- Add nsswitch.conf override (files-only backend) to prevent
libnss_systemd segfaults — the vruntime VM uses busybox init with
no systemd running, but libnss_systemd.so is pulled in as a
dependency and segfaults on NSS resolution
vdkr-rootfs-image.bb:
- Document skopeo requirement for batch import
conftest.py:
- Add --k3s-timeout option and k3s/multinode markers for upcoming
K3s test suite
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6ec07384
---------------------------
conf/distro: add build profile configuration fragments
Add includable configuration fragments that replace manual
DISTRO_FEATURES, CONTAINER_PROFILE, and related settings in
local.conf. Fragments are organized as a base + composable deltas:
- meta-virt-host.conf: base for all virtualization work
(virtualization, systemd, seccomp, vmsep, vcontainer, BBMULTICONFIG)
- container-host-{docker,podman,containerd,k3s,k3s-node}.conf:
container engine profiles setting CONTAINER_PROFILE and
profile-specific DISTRO_FEATURES
- xen-host.conf: Xen hypervisor support (xen, vxn distro features,
xen-image-minimal packages)
- meta-virt-dev.conf: QEMU development settings (IMAGE_FSTYPES,
QB_MEM, debug image features)
- container-registry.conf: local dev registry defaults
(insecure localhost:5000)
Profiles are pure deltas and do not auto-include the base to avoid
BitBake duplicate inclusion warnings. Users include meta-virt-host.conf
first, then add profile fragments. The BUILD_PROFILE variable enables
single-line profile switching.
Usage in local.conf:
require conf/distro/include/meta-virt-host.conf
BUILD_PROFILE ?= "podman"
require conf/distro/include/container-host-${BUILD_PROFILE}.conf
Tested with podman, docker, and xen builds.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f829fbfd
---------------------------
containerd: Add CVE_PRODUCT to align with NVD CPE
`CVE_PRODUCT` has been set to `linuxfoundation:containerd` to align
with the product naming defined in the NVD CPE database for
`containerd`.
Only a single CPE entry exists in the NVD for this product:
`cpe:2.3:a:linuxfoundation:containerd`
The NVD references for this CPE confirm that it corresponds to the
source code used in our recipe.
Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b6de3a97
---------------------------
libvirt: disable netcf backend by default
I see a failure in netcf:
| ./bootstrap: .gnulib/gnulib-tool --import --no-changelog --aux-dir build-aux --doc-base doc --lib libgnu --m4-base gnulib/m4/ --source-base gnulib/lib/ --tests-base gnulib/tests --local-dir gl --lgpl=2 --with-tests --makefile-name=gnulib.mk --libtool --import ...
| python3: can't open file '/home/flk/bitbake-builds/poky/build/tmp/work/corei7-64-oe-linux/netcf/0.2.8+git/sources/netcf-0.2.8+git/.gnulib/.gnulib-tool.py': [Errno 2] No such file or directory
| ./bootstrap: gnulib-tool failed
Since the code hasn't been updated in over seven years, and after reading this discussion, perhaps the best solution would be to disable netcf support by default?
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/755CCFUFUW6OTN7CAHB77H7YXQNE5WGG/
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 88e29d1f
---------------------------
ceph, libvirt, openvswitch: marked some CVEs as patched
For ceph, libvirt and openvswitch, 9 CVEs were marked as "unpatched"
whereas they have been patched long ago compared to the versions of
the recipes, because the NVD database does not contain patched version
for those CVEs.
Reviewed-by: Enguerrand de Ribaucourt <enguerrand.de-ribaucourt@savoirfairelinux.com>
Reviewed-by: Erwann Roussy <erwann.roussy@savoirfairelinux.com>
Signed-off-by: Youenn Le Jeune <youenn.lejeune@savoirfairelinux.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 921801ae
---------------------------
runc: fix RUNC_VERSION to match release-1.5 branch
RUNC_VERSION was still set to 1.3.0 from a previous update but the
recipe is now tracking the release-1.5 branch at v1.5.0-rc.1+4.
Update to match the actual upstream version.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ad6a311f
---------------------------
yq: update to 4.52.5, convert to go-mod-vcs
Update yq from 4.45.1 to 4.52.5 and convert from manual vendoring
(20+ individual git SRC_URI entries) to the go-mod-vcs discovery
system using pure hybrid mode (all gomod://).
This makes future updates trivial via:
bitbake yq -c discover_and_generate
Shortlog of notable changes since 4.45.1:
- Add support for YAML 1.1 octal numbers
- Add --header-preprocess flag
- Add bitwise operators (band, bor, bxor, bnot, bsl, bsr)
- Add shuffle operator for arrays
- Add rotate operator for arrays
- Add limit operator
- Add from_props/to_props for Java properties format
- Add from_csv/to_csv improvements
- Add --csv-separator flag
- Improve JSON output formatting
- Improve error messages for invalid expressions
- Fix various edge cases in YAML/JSON/XML/TOML conversions
- Fix memory leaks in large document processing
- Performance improvements for large files
- Updated Go module dependencies
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c5670da6
---------------------------
go-mod-vcs.bbclass: handle pure hybrid mode gracefully
When a recipe uses only gomod:// fetches with no VCS (git://) modules,
GO_MODULE_CACHE_DATA is an empty list. Previously do_create_module_cache
would run with nothing to process and do_sync_go_files would fatal with
"No modules found in cache".
Detect the empty module list and return early with an informational
message in both tasks, allowing pure hybrid recipes (like yq) to
build without workarounds.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c4cf2aa5
---------------------------
lxcfs: update to 6.0.6
Update LXCFS from 5.0.4 to 6.0.6 (LTS branch). Existing patches
apply with offset.
Key changes across the 5.0 to 6.0 series:
6.0.x LTS (2024-2029):
- Switch to fuse3 as default (fuse2 still supported)
- Reworked cgroup2 support with improved delegation
- Improved /proc/cpuinfo virtualization for cgroup2
- Improved /proc/meminfo virtualization accuracy
- Improved /proc/stat CPU time virtualization
- Improved /proc/loadavg virtualization
- Improved /proc/uptime per-container tracking
- Improved /sys/devices/system/cpu virtualization
- Better handling of cgroup v1/v2 hybrid setups
- meson build system improvements
- Various memory leak and race condition fixes
- Multiple security hardening improvements
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 47332ca7
---------------------------
podman-compose: update to 1.5.0
Shortlog of changes since 1.4.0:
- Implement 'up --no-recreate'
- Add support to set --route of podman network create
- Implement environment variable interpolation to YAML dictionary keys
- Properly surface errors from 'push' command
- Hide stack trace shown on YAML parse error by default
- Migrate to PEP 621 project metadata
- Migrate to SPDX identifier for the license
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 80dd6592
---------------------------
seabios: update to 1.17.0
Update SeaBIOS from 1.16.0 to 1.17.0.
Refresh python3.patch for shifted context.
Shortlog of changes since 1.16.0:
- ahci: Fix hangs due to controller reset
- ahci: add controller reset
- ahci: Power ON + ICC_ACTIVE into port setup code
- Add LBA 64bit support for reads beyond 2TB
- detect physical address space size
- move 64bit pci window to end of address space
- limit address space used for pci devices
- pciinit: don't misalign large BARs
- update pci_pad_mem64 handling
- fix smbios blob length overflow
- check for e820 conflict
- usb-hid: Support multiple USB HID devices via linked list
- boot: Force display of boot menu when boot-menu-wait is negative
- esp-scsi: indicate acceptance of MESSAGE IN phase data
- esp-scsi: terminate DMA transfer when ESP data transfer completes
- vbe: implement function 09h (get/set palette data)
- vbe: Add VBE 2.0+ OemData field
- vgabios: Fix generating modes list for static_functionality
- Various stdvga/vgasrc naming and interface cleanups
- kconfig: fix check-lxdialog.sh to work with gcc 14+
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5ccb61a7
---------------------------
go recipes: update to latest upstream releases
Update all active Go library recipes to their latest releases:
- go-md2man: 1.0.10 → 2.0.7 (update GO_IMPORT for v2 module path)
- go-cli: 1.1.0 → 2.27.7 (moved to github.com/urfave/cli/v2)
- go-connections: 0.2.1 → 0.6.0
- go-dbus: 4.0.0 → 5.2.2 (update GO_IMPORT for v5 module path)
- go-distribution: 2.6.0 → 3.0.0 (repo moved to distribution/distribution)
- go-fsnotify: 1.5.1 → 1.9.0
- go-logrus: 0.11.0 → 1.9.4
- go-mux: unversioned → 1.8.1
- go-patricia: 2.2.6 → 2.3.3
- go-systemd: 4 → 22.7.0 (update GO_IMPORT for v22 module path)
- grpc-go: 1.59.0 → 1.79.3
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ce4a0ce9
---------------------------
go recipes: remove dead and archived projects
Remove Go library recipes for projects that are archived, deprecated,
or otherwise dead upstream:
- go-capability: No releases ever published, community moved to
github.com/moby/sys/capability
- go-context: Superseded by Go stdlib context.Context (since Go 1.7)
- go-libtrust: Archived on GitHub, no releases ever published
- go-metalinter: Archived and deprecated since 2019, replaced by
golangci-lint
- go-pty: Archived since 2020, moved to github.com/creack/pty
None of these are referenced as build dependencies by any recipe in
meta-virtualization. External consumers should migrate to the
upstream-recommended replacements.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 8c3735d0
---------------------------
slip4netns: update to v1.3.3
Bumping slirp4netns to version v1.3.3-6-g6be0d53, which comprises the following commits:
b02e000 Revert "CI: temporarily disable release check for PRs"
b0c346d CI: temporarily disable release check for PRs
3d01dce v1.3.3+dev
944fa94 v1.3.3
0422b01 CI: bump up deps
019cd5a bump libslirp to v4.9.1
bf1c767 CI: Enable actions/attest-build-provenance@v2
4523924 v1.3.2+dev
0f13345 v1.3.2
ead6f78 CI: update deps
e859823 bump libslirp to v4.9.0
d1a900b v1.3.1+dev
e5e368c v1.3.1
036c206 CI: bump libslirp to v4.8.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 802806ed
---------------------------
passt: update to 2026_01_20.386b5f5
Bumping passt to version 2026_01_20.386b5f5-48-gbc872d9, which comprises the following commits:
bc872d9 treewide: Spell ASSERT() as assert()
451fb76 vu_common: Move iovec management into vu_collect()
f5391ae vu_handle_tx: Pass actual remaining out_sg capacity to vu_queue_pop()
b9d076d virtio: Pass iovec arrays as separate parameters to vu_queue_pop()
47e56fd pif: Remove unused PIF_NAMELEN
b5e6ef4 doc: Fix formatting of (DEPRECATED) notes in man page
744d6df Makefile: Use $^ to avoid duplication in static checker rules
1b32bfe conf: Parse all forwarding options at the same time
ea239bf conf: Don't defer handling of --dns option
ee0e20e fwd: Always open /proc/net{tcp,tcp6,udp,udp6} in pasta mode
d460ca3 fwd: Unify TCP and UDP forwarding tables
bb2e4dd fwd: Split forwarding table from port scanning state
d30e0b7 Fix misnamed field in struct ctx comments
4fa0076 fwd: Don't initialise unused port bitmaps
d2438ef tcp: Remove stale description of port_to_tap field
0294fae conf, fwd: Make overall forwarding mode local to conf path
831e983 netlink: Allow NULL to be passed as addr parameter to nl_addr_get (again)
251e676 netlink: Return prefix length for IPv6 addresses in nl_addr_get()
045560c iov: Add iov_truncate() helper and use it in vu handlers
994bb76 tcp: Avoid comparison of expressions with different signedness in RTT_SET()
ab77097 tcp: Avoid comparison of expressions with different signedness in tcp_timer_handler()
5766fe8 migrate: Rename v1 address functions to v2 for clarity
71a0d6c vu_common: Always set num_buffers in virtio-net header
685864d clang-tidy: Don't insist on #ifdef over #if defined()
9ee7805 fwd, pif: Replace with pif_sock_l4() with pif_listen()
7d0fe08 tcp: Use flow_foreach_of_type() in tcp_{keepalive,inactivity}
adbf5c1 Add missing includes to headers
d2f7c21 tcp: Send TCP keepalive segments after a period of tap-side inactivity
a681e44 tcp: Extend tcp_send_flag() to send TCP keepalive segments
1820103 tcp: Re-introduce inactivity timeouts based on a clock algorithm
e48ce41 tcp: Remove non-working activity timeout mechanism
eb3babf tcp_vu, udp_vu: Fix comment headers for header length functions
66e5941 Fix build when HAS_GETRANDOM is undefined
8636c73 tcp_vu, udp_vu: Account for virtio net header in minimum frame size
de5b694 tcp_vu: vu_pad() expects l2 length
c320191 conf: Support CIDR notation for -a/--address option
02af38d virtio: Introduce VNET_HLEN macro for virtio net header length
812cdb8 tcp: Move tap header update out of tcp_fill_headers()
bebafa7 udp: Split activity timeouts for UDP flows
036fb87 checksum: add VSX fast path for POWER8/POWER9
af7b81b migrate: Use forward table information to close() listening sockets
768baf4 tcp, tcp_splice: Check for failures of shutdown(2)
3581ded tcp: Eliminate FIN_TIMEOUT
e992b14 tcp: Retransmit FINs like data segments
e3f70c0 tcp_splice: Force TCP RST on abnormal close conditions
cce94e9 tcp: Properly propagate tap-side RST to socket side
07390d1 doc: Add test program verifying socket RST behaviour
69ce8ee tcp: Add error checking for flow_epoll_set() in tcp_flow_migrate_target()
386b5f5 flow: Remove EPOLLFD_ID_INVALID
90287c2 tcp: Register fds with epoll at flow creation
0fbd7af tcp_splice: Register fds with epoll at flow creation
cee7eb0 conf, pasta: Add --splice-only option
4a0d507 flow, fwd: Optimise forwarding rule lookup using epoll ref when possible
fe37028 fwd, tcp, udp: Add forwarding rule to listening socket epoll references
01bcdb9 fwd: Remap ports based directly on forwarding rule
f56a822 flow, fwd: Consult rules table when forwarding a new flow from socket
a0af19f fwd: Generate auto-forward exclusions from socket fd tables
03a9c4b conf, fwd: Check forwarding table for conflicting rules
acb7a30 tcp, udp: Remove old auto-forwarding socket arrays
b223bec fwd, tcp, udp: Set up listening sockets based on forward table
0c611bc ip: Add ipproto_name() function
da49557 fwd: Make space to store listening sockets in forward table
e2633b9 conf, fwd: Record "auto" port forwards in forwarding table
9323ab9 conf: Accurately record ifname and address for outbound forwards
bd52f61 conf, fwd: Keep a table of our port forwarding configuration
016e3d7 inany: Extend inany_ntop() to treat NULL as a fully unspecified address
81c97f6 hooks/pre-push: Use mandoc(1) to get HTML anchors to command-line options
a6d92ca selinux: Enable open permissions on netns directory, operations on container_var_run_t
4296a59 igmp: Remove apparently unneeded suppression
fa765d5 epoll_ctl: Move u64 variant first for safer initialisation
4af3d83 treewide: Fix more pointers which can be const
a54274d tcp, udp: Make {tcp,udp}_listen() return socket fds
d5fd945 tcp, udp, conf: Don't silently ignore listens on unsupported IP versions
c0be730 flow: Introduce flow_epoll_set() to centralize epoll operations
23da651 tcp_splice: Refactor tcp_splice_conn_epoll_events() to per-side computation
e0fdfcc udp_flow: Assign socket to flow inside udp_flow_sock()
ab27852 udp_flow: remove unneeded epoll_ref indirection
cce0470 tcp: cleanup timer creation
5614bdc tcp: remove timer update in tcp_epoll_ctl()
faab79c apparmor: Upgrade ABI version to 4.0, explicitly enable user namespace creation
2be0e79 tcp: Fix rounding issue in check for approximating window to zero
b973f4a treewide: Fix places where we incorrectly indented with spaces
b98a2e8 tcp: Remove some no longer used includes
35f63d2 fwd: Minor cleanup to fwd_nat_from_splice()
facc736 fwd: Remove now-unnecessary handling of unspecified oaddr from splice
edac476 udp_vu: Discard datagrams when RX virtqueue is not usable
9ea9dde fwd, tcp, udp: Consolidate epoll refs for listening sockets
3b55ba8 epoll_ctl: Add missing description for flowside field of epoll_ref
ad5670a tcp: Remove unused tcp_epoll_ref
9437fc2 test: Include sshd-auth in mbuto guest image
ac77d0c test: Handle Operating System Command escapes in terminal output
accc331 treewide: Don't rely on terminator records in ip[46].dns arrays
4a0c1a6 migrate: Don't use terminator element for versions[] array
0bd2e68 util: Be more defensive about buffer overruns in read_file()
2aa6323 apparmor: Allow reading TCP RTO sysctl parameters
2ba9fd5 tcp: Update EPOLL_TYPE_TCP_TIMER fd
6292845 udp: Rename udp_sock_init() to udp_listen() with small cleanups
0f4ba61 tcp: Combine tcp_sock_init_one() and tcp_sock_init() into tcp_listen()
75dcbc3 pasta: Warn, disable matching IP version if not supported, in local mode
d2c5133 selinux: Enable read and watch permissions on netns directory as well
b40f5cd tcp: Use less-than-MSS window on no queued data, or no data sent recently
35fa86a conf, fwd: Move initialisation of auto port scanning out of conf()
5be1a22 tcp: Remove extra space from TCP_INFO debug messages (trivial)
87f1a91 pasta: Clean up waiting pasta child on failures
e6612fe treewide: Introduce passt_exit() helper
d6c5b6e tcp: Suppress new instance of cppcheck bug 14191
d04c480 pif: Correctly set scope_id for guest-side link local addresses
696709d tcp: Correct timer expiry value in trace message
c3f1ba7 tcp_splice, flow: Add socket to epoll set before connect(), drop assert
e8b56a3 fedora: Fix build on Fedora 43, selinux_requires_min not available on Copr builders
c93515c tcp: Skip redundant ACK on partial sendmsg() failure
e0f1330 tcp: Send a duplicate ACK also on complete sendmsg() failure
2b5c906 tcp: Allow exceeding the available sending buffer size in window advertisements
cf1925f tcp: Don't limit window to less-than-MSS values, use zero instead
9139e60 tcp: Acknowledge everything if it looks like bulk traffic, not interactive
28f413d tcp: Don't clear ACK_TO_TAP_DUE if we're advertising a zero-sized window
000601b tcp: Adaptive interval based on RTT for socket-side acknowledgement checks
920a479 tcp: Limit advertised window to available, not total sending buffer size
f423e12 tcp: Change usage factor of sending buffer in tcp_get_sndbuf() to 75%
6305b6c tcp, util: Add function for scaling to linearly interpolated factor, use it
5d83844 iov: Fix coding style of basic (non-IOV_TAIL) parts
0cb8f90 tcp, udp: Pad batched frames for vhost-user modes to 60 bytes (802.3 minimum)
68b0a36 tcp, udp: Pad batched frames to 60 bytes (802.3 minimum) in non-vhost-user modes
b9cd36f udp: Fix coding style for comment to enum udp_iov_idx
e3e8af7 tcp: Fix coding style for comment to enum tcp_iov_parts
1e51971 tap: Pad non-batched frames to 802.3 minimum (60 bytes) if needed
822ce09 test: Update Makefile to avoid failing on missing images
4ddd59b conf: Separate local mode for each IP version, don't enable disabled IP version
834982c vu_common: Clarify prototype of vu_collect()
7c7be67 test: Expand tmux right status bar to fit pass/fail/skipped counter and time
aa809d3 tcp: Enable SO_KEEPALIVE if we see keep-alive segments from container / guest
9e2e381 seccomp: Fix build and operation on 32-bit musl targets
fdbb4ef fwd: Preserve non-standard loopback address when splice forwarding
e3c4c41 tcp: Always populate oaddr field for socket initiated flows
cec1ca8 util: Rename sock_l4_dualstack() to sock_l4_dualstack_any()
653705c tcp, udp: Bind outbound listening sockets by interface instead of address
e77cbf0 tcp, udp: Remove fallback if creating dual stack socket fails
e6f6eb2 util: Fix setting of IPV6_V6ONLY socket option
74e6f12 udp: Move udp_sock_init() special case to its caller
c8d4683 udp: Unify some more inbound/outbound parts of udp_sock_init()
860d3b1 tcp: Merge tcp_ns_sock_init[46]() into tcp_sock_init_one()
3b8b834 util, flow, pif: Simplify sock_l4_sa() interface
b0523f6 inany: Let length of sockaddr_inany be implicit from the family
484dcfa flow: Remove bogus @path field from flowside_sock_args
f37db87 conf: More useful errors for kernels without SO_BINDTODEVICE
0ae7b8c util: Extend sock_probe_mem() to sock_probe_features()
10e850a util: Correct error message on SO_BINDTODEVICE failure
1a83487 tcp: Clamp the retry timeout
3dde0e0 tcp: Update data retransmission timeout
0e8df13 tcp: Resend SYN for inbound connections
ffecfaf util: Introduce read_file() and read_file_integer() function
785214c tcp: Rename "retrans" to "retries"
2002c7d arp/ndp: don't send messages on uninitialized tap interface
391c15a test: Fix IPv6 address/prefix mismatch error
95ab87b spec: use %selinux_requires_min macro, drop overlapping dependencies
be1583f fwd: Don't explicitly exclude reverse-direction TCP ports for UDP
fd3fc8d fwd: Exclude ports based on prior mapping state
bdbdf4e Revert "fwd: Update all port maps before applying exclusions"
2c6590d udp: Use IP_FREEBIND for flow sockets as well as listening sockets
75b8bb9 tcp: Properly remove sockets from epoll loop when connection is closed
a36031a seccomp.sh: Quote tr character ranges to prevent glob expansion
1d16439 contrib/selinux: use regex instead of SELinux template
f6b6118 tcp, udp: Don't exclude ports in {tcp,udp}_port_rebind()
81942a2 fwd: Update all port maps before applying exclusions
942bfdb fwd: Check forwarding mode in fwd_scan_ports_*() rather than caller
06c3dcc fwd: Share port scanning logic between init and timer cases
1754f61 fwd: Move port exclusion handling from procfs_scan_listen() to callers
1bc7d54 fwd: Consolidate scans (not rebinds) in fwd.c
260075b tcp, udp, fwd: Run all port scanning from a single timer
1f2c08b icmp: Remove vestiges of ICMP timer
57446ca passt: Move main event loop processing into passt_worker()
aaa8f34 udp: Use epoll instance management for UDP flows
ca93124 icmp: Use epoll instance management for ICMP flows
dd5302d tcp, flow: Replace per-connection in_epoll flag with an epollid in flow_common
05972c7 util: Move epoll registration out of sock_l4_sa()
965ea66 epoll_ctl: Extract epoll operations
8bfa47a util: Simplify epoll_del() interface to take epollfd directly
3a9dbe0 icmp: let icmp use mac address from flowside structure
ad72098 tap: change signature of function tap_push_l2h()
860a487 tcp: forward external source MAC address through tap interface
627d5f7 udp: forward external source MAC address through tap interface
5d35ac3 flow: add MAC address of LAN local remote hosts to flow
7917155 arp/ndp: send ARP announcement / unsolicited NA when neigbour entry added
e456c02 arp/ndp: respond with true MAC address of LAN local remote hosts
45869d6 fwd: Add cache table for ARP/NDP contents
3c46901 netlink: add subscription on changes in NDP/ARP table
3b9c7f8 Add reverse Christmas tree to CONTRIBUTING.md
7bb150c fwd: Fix misspelling
b2ccb6d test: Fix the escaping issue in memory/passt test
812a7c6 test: Update the threshold value for some perf tests
4fb4c31 tap: Update some function comments for accuracy
8a6def6 passt: Rename EPOLL_EVENTS to NUM_EPOLL_EVENTS
720cc0b Fix the wrong command in CONTRIBUTING.md
6d84c90 test: For missing static checkers, skip rather than failing tests
5149f34 test: Add some missing quoting in exeter runner
898cf50 test: Use ${} consistently in lib/exeter
5da0316 isolation: keep CAP_DAC_OVERRIDE initially
518d8c1 tcp: Clarify logic calculating how much guest data to ack
a947839 tcp: On partial send (incomplete sendmsg()), request a retransmission right away
b145441 tcp: Don't consider FIN flags with mismatching sequence
8efa80b tcp: Completely ignore data segment in CLOSE-WAIT state, log a message
b3217aa tcp: Fix ACK sequence on FIN to tap
2a16cdf test: Add linting of Python test scripts
81fd66a test: Don't delete exetool on make clean
2274c3a cppcheck: Suppress variable scope warnings in dhcpv6()
ee9b236 cppcheck: Suppress a buggy cppcheck warning
065d199 cppcheck: Suppress the suppression of a suppression
b4b3b08 clang-tidy: Suppress redundant expression warning
4d9c35b test: Update passt.mbuto and passt.mem.mbuto
a96a962 netlink: Don't require address to be global, just not link local
7086781 test: Fix printf error when debug is enabled
c54ef9e test: Update README.md
f4729be test: Update mbuto profile to fix the symlink of /bin
de28c20 test: Update lib/term for clearer output when DEBUG is enabled
f07d7b0 test: fix 'make assets' failure as root
e81c692 tap: Drop frames if no client connected
623dbf6 Add --stats option to display event statistics
ad4aae7 netlink: Drop nexthop state flags from routes we duplicate
080f176 Add CONTRIBUTING.md
c66be2c selinux: add missing file contexts for Podman
fd1bcc3 selinux: add container_var_run_t type transition
6f23cb9 dhcp: Fix coding style violations in dhcp() function
1f22fde Improve clarity of comment
e2920e3 Send an initial ARP and NDP request to resolve the guest IP address
142b3d8 Fix --no-icmp description and make it imply --no-ndp
07cb07d Introduce constant MAC_BROADCAST
fc0affc Show debug message whenever we observe a new guest MAC address
6cbcccc tcp: Store the owner connections for flags frames
cd2e886 Reduce tcp_buf_discard size
8d2f8c4 tcp: Don't send FIN segment to guest yet if we have pending unacknowledged data
bde1847 tcp: Fast re-transmit if half-closed, make TAP_FIN_RCVD path consistent
660cd69 tcp: Cast operands of sequence comparison macros to uint32_t before using them
25f9354 tcp: Don't try to transmit right after the peer shrank the window to zero
c62fb08 tcp: Fix closing logic for half-closed connections
e86d480 tcp: Rewind sequence when guest shrinks window to zero
1d502be tcp: Factor sequence rewind for retransmissions into a new function
2e3d93b tcp: FIN flags have to be retransmitted as well
d363fb7 test: Fix the download link for debian-11-generic-ppc64el image
c10d8c9 tcp_vu: Pass virtqueue pointer to tcp_vu_sock_recv()
ed18d4c udp_vu: Pass virtqueue pointer to udp_vu_sock_recv()
6239915 vhost-user: Fix VHOST_USER_GET_QUEUE_NUM to return number of queues
f9ee749 Add missing explicit PSH assignment
83afb88 Fix typo in doc comment
00e3580 test: Explicit specify forwarding ports for pasta in log rotation tests
3c44ef8 test: Allow exeter & podman tests to be parallel executed with BATS
ffe34d2 test: Convert build tests to exeter
a58e60e test: Run static checkers as exeter tests
a283ef4 test: Extend test scripts to allow running exeter tests.
ca38be0 packet: Add support for multi-vector packets
3e43e1a packet: Refactor vhost-user memory region handling
1602aa2 packet: remove unused parameter from PACKET_POOL_DECL()
7ae35a9 packet: remove PACKET_POOL() and PACKET_POOL_P()
2eb845a ndp: use iov_tail rather than pool
76de6f5 icmp: use iov_tail rather than pool
42a108b dhcpv6: use iov_tail rather than pool
3a261fd dhcp: use iov_tail rather than pool
c977d1f arp: use iov_tail rather than pool
7e25351 packet: rename packet_data() to packet_get()
9505908 tap: Convert tap6_handler() to iov_tail
a26c608 tap: Convert tap4_handler() to iov_tail
20cd6d0 ip: Use iov_tail in ipv6_l4hdr()
84a4d3e dhcp: Convert to iov_tail
feb3330 dhcpv6: Use iov_tail in dhcpv6_opt()
c4cad31 dhcpv6: Convert to iov_tail
54f15c6 dhcpv6: Extract sending of NotOnLink status
1932832 dhcpv6: move offset initialization out of dhcpv6_opt()
d2c33f4 tcp: Convert tcp_data_from_tap() to use iov_tail
87cc7ab tcp: Convert tcp_tap_handler() to use iov_tail
d9604f0 udp: Convert to iov_tail
e45bf13 icmp: Convert to iov_tail
f8860bb ndp: Convert to iov_tail
1fc944c arp: Convert to iov_tail
6bada9a packet: Add packet_data()
de469a3 packet: Use iov_tail with packet_add()
720d8fc tap: Use iov_tail with tap_add_packet()
70b9c0c iov: Update IOV_REMOVE_HEADER() and IOV_PEEK_HEADER()
066e6b1 iov: Introduce iov_tail_clone() and iov_drop_header().
ea3dd28 arp: Don't mix incoming and outgoing buffers
eef5bb8 build: Fix errors of TCP_REPAIR_* undeclared
b4fc6cd treewide: Flush pcap and log files, if used, before exiting
309eefd selinux: pasta accesses /etc/resolv.conf
a878286 treewide: By default, don't quit source after migration, keep sockets open
79de81e test: Deal with /bin, /sbin unification in Fedora
3757ea3 style: Add parentheses to function names in comments
9e0423e style: Fix 'Return' comment style
0293c6f fedora: Hide restorecon(8) errors in post-transaction scriptlet
98da8a9 fedora: Add container-selinux as dependency for passt-selinux
754c6d7 flow, repair: Proper error handling for missing passt-repair helper on target
a2088fe fedora: Depend on SELinux tools and policy version, drop circular dependency
d21bcd9 fedora: Call %selinux_modules_* macros only once
081df67 conf: flush stdout before early exit
bcb5596 passt-repair: Fix missing newlines in error messages
2c88349 Correct various function comment headers
515b5ee tap: Avoid bogus missingReturn cppcheck warning in tap_l2_max_len()
e019323 fedora: Separately restore context for /run/user in %posttrans selinux
7aeda16 selinux: Transition to pasta_t in containers
3262c9b iov: Standardize function comment headers
b915375 virtio: Correct and align comment headers
2fd0944 vhost_user: Correct and align function comment headers
2046976 codespell: Correct typos in comments and error message
4234ace test: Display count of skipped tests in status and summary
2d3d69c flow: Fix clang error (clang-analyzer-security.PointerSub)
0f7bf10 ndp: Fix Clang analyzer warning (clang-analyzer-security.PointerSub)
a6b9832 virtio: Fix Clang warning (bugprone-sizeof-expression, cert-arr39-c)
570e7b4 dhcpv6: fix GCC error (unterminated-string-initialization)
8ec1341 flow: close socket fd on error
92d5d68 flow: fix wrong macro name in comments
eea8a76 flow: fix podman issue #26073
587980c udp: Actually discard datagrams we can't forward
f0021f9 fwd: fix doc typo
93394f4 selinux: Add getattr to class udp_socket
11be695 flow: fix podman issue #25959
6a96cd9 util: Fix typo, ASSSERTION -> ASSERTION
ea0a124 passt-repair: Hide bogus gcc warning from -Og
aa1cc89 conf: allow --fd 0
436afc3 udp: Translate offender addresses for ICMP messages
08e617e udp: Rework offender address handling in udp_sock_recverr()
4668e91 treewide: Improve robustness against sockaddrs of unexpected family
9128f6e fwd: Split out helpers for port-independent NAT
2340bbf udp: Propagate errors on listening and brand new sockets
cfc0ee1 udp: Minor re-organisation of udp_sock_recverr()
f107a86 udp: Add udp_pktinfo() helper
0498457 udp: Deal with errors as we go in udp_sock_fwd()
3f99558 udp: Pass socket & flow information direction to error handling functions
1bb8145 udp: Be quieter about errors on UDP receive
baf049f udp: Fix breakage of UDP error handling by PKTINFO support
5024908 conf: Honour --dns-forward for local resolver even with --no-map-gw
bbff365 conf: Split add_dns_resolv() into separate IPv4 and IPv6 versions
59cc89f udp, udp_flow: Track our specific address on socket interfaces
695c623 inany: Improve ASSERT message for bad socket family
f4b0dd8 udp: Use PKTINFO cmsgs to get destination address for received datagrams
6693fa1 tcp_splice: Don't clobber errno before checking for EAGAIN
d3f33f3 tcp_splice: Don't double count bytes read on EINTR
ffbef85 conf: Add missing return in conf_nat(), fix --map-guest-addr none
06ef64c udp_flow: Save 8 bytes in struct udp_flow on 64-bit architectures
9725e79 udp_flow: Don't discard packets that arrive between bind() and connect()
9eb5406 udp: Fold udp_splice_prepare and udp_splice_send into udp_sock_to_sock
bd6a41e udp: Rework udp_listen_sock_data() into udp_sock_fwd()
159beef udp_flow: Take pif and port as explicit parameters to udp_flow_from_sock()
fd844a9 udp: Move UDP_MAX_FRAMES to udp.c
fc6ee68 udp: Merge vhost-user and "buf" listening socket paths
0304dd9 udp: Split spliced forwarding path from udp_buf_reply_sock_data()
5221e17 udp: Parameterize number of datagrams handled by udp_*_reply_sock_data()
3a0881d udp: Don't bother to batch datagrams from "listening" socket
84ab130 udp: Polish udp_vu_sock_info() and remove from vu specific code
1d7bbb1 udp: Make udp_sock_recv() take max number of frames as a parameter
d74b5a7 udp: Use connect()ed sockets for initiating side
a7775e9 udp: support traceroute in direction tap-socket
06784d7 passt-repair: Ensure that read buffer is NULL-terminated
684870a udp: Correct some seccomp filter annotations
76e554d udp: Simplify updates to UDP flow timestamp
8aa2d90 udp: Remove redundant udp_at_sidx() call in udp_tap_handler()
3d41e4d passt-repair: Correct off-by-one error verifying name
dec3d73 migrate, tcp: bind() migrated sockets in repair mode
6bfc60b platform requirements: Add test for address conflicts with TCP_REPAIR
8e32881 platform requirements: Add attributes to die() function
2ed2d59 platform requirements: Fix clang-tidy warning
3de5af6 udp: Improve name of UDP related ICMP sending functions
025a3c2 udp: Don't attempt to forward ICMP socket errors to other sockets
42a854a pasta, passt-repair: Support multiple events per read() in inotify handlers
65cca54 udp: correct source address for ICMP messages
664c588 build: normalize arm targets
77883fb udp: Add helper function for creating connected UDP socket
37d78c9 udp: Always hash socket facing flowsides
f67c488 udp: Better handling of failure to forward from reply socket
269cf6a udp: Share more logic between vu and non-vu reply socket paths
d924b7d udp_vu: Factor things out of udp_vu_reply_sock_data() loop
5a977c2 udp: Simplify checking of epoll event bits
89b203b udp: Common invocation of udp_sock_errs() for vhost-user and "buf" paths
cf4d3f0 packet: Upgrade severity of most packet errors
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0d9ecfc1
---------------------------
openvswitch: update to v3.7.0
We refresh patches for context changes, and pick up the following
commits:
0d4c78e15 github: Update all the actions to prepare for Node.js 24.
c052c469b dpctl: Fix memory leak in ipf-get-status command.
f86caea06 netdev-dpdk: Fix vhost_driver_flags data race in destruct.
71dae047d coverage: Fix data race when reading idx_count in coverage_read().
b5f36a6d6 packets: Validate ND option length in packet_set_nd().
920eb244e ovs-router: Fix locking in ovs_router_rule_add().
dd4d9983a ovs-router: Fix --disable-system-route rules filter.
cd7b495e2 tests: Make routing rules checks more resilient.
a51e47506 github: Fix potential 32-bit package installations.
a7cd823a1 python: Fix discarded const qualifier in json_to_python.
00b013a64 ovsdb: raft: Don't grant a pre-vote to a server that is behind.
95473a95e ovsdb-cluster.at: Test disruptive server with outdated log and term.
f559623f9 netdev-linux: Fix IFLA_IF_NETNSID value.
0a88fdec2 Revert "python: Replace deprecated License with License-Expression (PEP 639).".
028e6268c Prepare for 3.7.1.
bdb95cc19 Set release date for 3.7.0.
c1eef6db4 ovs-router: Don't report internal route priority in json output.
8c6ebf895 bond: Fix next_rebalance offset calculation.
f43bde3d5 rhel: Avoid warning about missing .la with Fedora spec.
37e41460e rhel: Remove kernel mentions from the Fedora spec.
a47cf0e6b rhel: Don't ship network scripts on RHEL 9+ and Fedora 41+.
88f327493 rhel: Don't build network scripts package on RHEL 9+ with Fedora spec.
1d57509ef treewide: Fix discarded-qualifers warnings.
431efcdfc ovsdb-server: Fix relay remotes string check.
6d682ae53 dpif-offload: Move port manager into struct dpif_offload.
d56120f43 ofproto-dpif-xlate: Avoid mirroring on recirculation.
1d6a51917 cirrus: Use FreeBSD release images instead of stable snapshots.
97b3a3507 automake: Don't install the libopenvswitchavx512.
fcf733472 dpif-netdev: Fix per-datapath initialization using once framework.
52e740da7 dpif: Always call dpif_offload_set_config().
dbfe60a32 fedora: Fix package install on Fedora 43.
0062d99d4 ipsec: libreswan: Consider active only when child SA is established.
122e79a49 ipsec: libreswan: Silence warning about overriding auto=route in v5.3.
f3d704541 ipsec: libreswan: Fix warning for obsolete keyingtries in v5.
59c56bcf6 system-ipsec.at: Use natural sorting for SA list.
75ba627dc dpif-offload: Take a reference when dumping a collection.
a56bfa103 rconn: Fix fd leak when close monitor.
b672ea19d dpif-offload: Move provider priority to interface level.
e7d7d33f4 ovs-router: Fix JSON type for user in rules/show.
b63ec0e35 dpdk: Avoid maybe uninitialized for found_value variable.
5057e33f9 dpif-offload: Rename offload provider local functions and structures.
bcec20c86 Prepare for 3.7.0.
e03eac274 ovs-router: Fix potential integer overflow.
708c83f20 ovs-router: Fix JSON object leak in ovs/router/rule/show command.
3200111ba ofproto-dpif: Limit recirc_id to 28 bits for TC compatibility.
a9b1b6b5b netdev-offload-tc: Make sure tcf_id chain doesn't exceed upper limit.
39006533f openflow: Increase number of registers to 32.
9604659d4 tests: Fix QoS tests for tc rounding behavior change.
e6cce559c AUTHORS: Add Felix Moebius.
adc588f96 ovsdb: raft: Reset connections with incorrect cluster/server ids.
67e21fdb1 odp-util: Fixes for the set(nsh) action commit.
b21ba0834 tunnels: Don't unwildcard tunnel fields on write.
63469676d Documentation: Document Assisted-by tag.
68f7a6200 python: dns: Do not treat never accessed responses as expired.
289e9f6ba tests: Add a simple DPDK rte_flow test framework.
90b6e83be tests: Fix NSH decap header test for real Ethernet devices.
b8f6e3eee netdev-offload: Fold netdev-offload APIs and files into dpif-offload.
ca7bcdc70 dpif-offload-dummy: Add flow add/del/get APIs.
7bd1867b6 dpif-offload-dpdk: Abstract rte_flow implementation from dpif-netdev.
476123c12 dpif-offload: Move offload_stats_get() API to dpif-offload.
7f0e09ebf dpif_netdev: Fix nullable memcpy in queue_netdev_flow_put().
c443e63c1 dpif-offload: Add inline flow APIs for userspace datapaths.
ce8027140 netdev-offload: Remove the global netdev-offload API.
35b91ea98 dpif-offload: Move the netdev_any_oor() API to dpif-offload.
3792d6310 netdev_dummy: Remove hardware offload override.
fd3f56d1f dpif-offload-tc: Remove netdev-offload dependency.
e1cabfaff dpif-netlink: Remove entangled hardware offload.
98b20d8b1 dpif-offload: Add flow operations to dpif-offload-tc.
84997680f dpif: Add dpif_get_features() API.
5362e83ba dpif-netdev: Remove indirect DPDK netdev offload API calls.
fec8b4d30 dpif-offload: Add port dump APIs to dpif-offload.
9a4dd063b netdev-offload: Temporarily move thread-related APIs to dpif-netdev.
030b9dc97 dpif-offload: Add operate implementation to dpif-offload.
b6ce8be52 dpif-offload: Add API to find offload implementation type.
fba024678 dpif-netlink: Add API to get offloaded netdev from port_id.
9d61b5277 dpif-netlink: Remove netlink-offload integration.
5746e83cf dpif-offload: Move the tc flow dump netdev APIs to dpif-offload.
c766f57d4 dpif-offload: Add flow dump APIs to dpif-offload.
efdd5bf37 dpif-offload: Move hw_post_process netdev API to dpif.
8bf2658c8 dpif-offload: Move the flow_get_n_flows() netdev-offload API to dpif.
389954013 dpif-offload: Call meter netdev-offload APIs via dpif-offload.
d1d989b05 dpif-offload: Call flow-flush netdev-offload APIs via dpif-offload.
08d8a6692 dpif-offload: Introduce provider debug information API.
5c9b96ed5 dpif-offload: Allow per-port offload provider priority config.
134455376 dpif-offload: Validate mandatory port class callbacks on registration.
a23b2f421 dpif-offload-dpdk: Add port management framework.
2180857f3 dpif-offload-tc: Add port management framework.
dd69c0bca dpif-offload: Add port registration and management APIs.
bd6543466 dpif-offload: Add offload provider set_config API.
dc9724b8f dpif-offload: Move hw-offload configuration to dpif-offload.
a13db17b8 dpif-offload: Allow configuration of offload provider priority.
d9cc25e51 dpif-offload: Add provider for dpdk (rte_flow).
df26a15a4 dpif-offload: Add provider for tc offload.
7eb9ffac5 dpif-offload-provider: Add dpif-offload-provider implementation.
7c2a1c865 AUTHORS: Add yaolingfei.
a2d5d84d6 bridge: Enhancement of the validation for controller parameters.
733083653 python: Replace deprecated License with License-Expression (PEP 639).
c14bfc4b3 ovs-router: Add test for lookup with rules.
e2a241560 ovs-router: Introduce ovs/route/rule/{add, del} commands.
18de57d26 ovs-router: Add 'src=src_ip' parameter in ovs/route/lookup.
160e0dca7 ovs-router: Add 'table=id' parameter in ovs/route/{add, del}.
664494694 ovs-router: Add system test for tables and rules.
5c30756a3 ovs-router: Introduce ovs/route/rule/show command.
5a6a2ebb8 ovs-router: Drop 'local' and add 'user' flag to ovs_router_entry.
884567668 ovs-router: Add 'table=id' parameter in ovs/route/show.
e1c267c38 doc: Fix font formatting in ofproto-tnl-unixctl.man.
dc14e92bc route-table: Introduce multi-table route lookup.
d4798b5e7 ovs-router: Add infrastructure for multi-table routing.
ed0f34a17 dp-packet-gso: Fix segment count helpers sign.
b5e6e609c packets: Rework outer checksum helper for Coverity.
921628ff7 NEWS: Deprecate support for AVX512-optimized features.
c34c21bb0 ovsdb: raft: Actually suppress the disruptive server.
f77513b47 netdev-afxdp: Fix impossible typo.
f06d64b84 extract_ofp_fields: Check the OXM extension field range.
4e44e51d1 tunnel: Avoid matching on df and csum flags.
d0f074dec netdev: Use HW segmentation without outer UDP checksum.
ef762327f dp-packet-gso: Refactor software segmentation code.
d88363024 dp-packet: Optimize outer checksum for nested checksums.
9d9f17af8 dp-packet: Strip tunnel info when unneeded.
f8cd315bd dp-packet-gso: Request UDP checksum when needed.
9943a5977 dpif-netdev: Enhance checksum coverage for tunnels.
9d28a3245 dpif-netdev.at: Add helpers for checksum tests.
8813cc6c0 dpif-netdev.at: Rename checksum offloads tests.
4c83fae88 netdev-dpdk: Fix TSO packet length check for tunnels.
63c08daa9 netdev-dpdk: Enforce mono-segment mbufs.
970d9eb94 netdev-dpdk: Fix rx queue fill level with QoS.
40120c91e classifier: Remove leftover bits of classifier partitioning.
5f12cd410 ovsdb: raft: Discard pre-vote replies during the actual election.
167a16a1a netdev-afxdp: Require kernel v5.4+ and need-wakeup.
875d26158 ofproto-dpif-xlate: Log clarification for dp_hash method.
5ee7057fa dpdk: Update to use v25.11.
6a21414f2 NEWS: Deprecate running user-space with OOT Kernel module.
6b5f3d0b8 dpif-netlink-rtnl: Tighten probe for OOT Kernel tunnels.
4727452c2 NEWS: Deprecate Windows support.
5be77f1ec ovsdb-idl: Fix returning non-existent rows from uuid lookup.
fc406ea5d ovsdb: transaction: Fix logging order of duplicate index rows.
0b29edb5c dns-resolve: Do not treat never accessed responses as expired.
5debc2272 AUTHORS: Add MJ Ponsonby.
7f33eed25 dpif: Maintain upcall_pid, mtu and hash.
3fe7c5d32 dpif-netlink: Fix probing for broken meters on Linux v5.10+.
b4c158d97 dpif-netlink: Fix potential leak of a malformed meters netlink reply.
5148ef286 windows: Fix absolute-header.m4 for newer msys2 appearing as cygwin.
5fdcc4518 netdev: Remove legacy duplex API.
d44849b7a netdev: Fix full duplex capability for 25G ports.
ce0eec8f0 netdev-bsd: Cache features and speed.
3edde97a2 netdev-linux: Fix compatibility with older kernels.
12eb60759 netdev: Fix reported rate for Linux and BSD ports.
de6e3ade7 ipf: Work around thread safety warnings with clang 21.
3fa11d1b0 ipf: Fix potential deadlock with the clean thread on exit.
5d0c98d1c dpif-netlink: Fix memory leak when re-add vport channel.
28ec95972 configure: Disable clang 21 warning for uninitialized const fields.
77203b455 thread: Convert init/destroy lock functions to use non-const arguments.
7fb1f600a treewide: Fix clang 21 thread-safety warnings for init/create/destroy.
fb5871eb2 treewide: Remove OVS_GUARDED from RCU-based structure fields.
9bfe33e12 ssl: Support for SNI extension in clients for ssl/tls.
367ddc098 stream-ssl: Fix missing OPT_SSL_CIPHERSUITES in STREAM_SSL_CASES.
ad0d646a3 odp-execute: Fix null pointer dereference on null nlattr.
1577bfe40 netdev-vport: Free error string from str_to_u8() in tunnel config.
9434a69e0 github: Add a job to build on ubuntu-14.04.
efb2c5581 test-psample: Fix missing field initializer warnings on older GCC.
67e5e1998 test-netlink-policy: Fix missing field initializer warnings on older GCC.
367d59960 test-lib-route-table: Add missing RTPROT_BGP definition.
f83d2e4d5 netlink: Fix build on kernels < 4.1 due to missing RTA_VIA.
7fb51c4fd m4: Don't add -mno-avx512f if compiler doesn't support it.
42d99eb38 ovsdb-idl: Add a way to assert IDL txn as read only.
2e28fe3a5 offload-dpdk: Don't use 24bit value as 32bit.
56db5a267 compiler: Avoid 'returns_nonnull' attribute warnings on older GCC.
396ed84b7 treewide: Fix unused result warnings in NDEBUG builds.
1231108f6 ofproto-dpif.at: Wait for logs in select group tests.
0f8202e60 dpif-netdev: Optimize rwlock in port query API.
719c616a2 AUTHORS: Add Ivan Burnin.
c8d2017e2 checkpatch: Set explicit encoding in do_authors_exist.
8ddc9416d AUTHORS: Add Ihar Hrachyshka.
d2622ad07 tests: Remove unnecessary revalidator/wait's.
49d0be1d3 tests: Revalidate on flow change in tunnel-push-pop.
c9e43f319 tests: Ignore no tunnel port error on vswitch stop.
4f68c1ca2 tests: Don't fail when test path contains 'p2' string.
3b17f003c tests: Gracefully handle EADDRINUSE string from musl.
735967610 tests: Handle duration= with no fractional part.
9bd249369 dpdk: Use DPDK 24.11.3 release.
57d62cfd4 AUTHORS: Add Aleksandr Smirnov.
79db89c4b id_pool: Prevent requested ID range overflows uint32.
af403a464 Documentation: Add section about AI assistants.
2c4596732 appveyor: More robust OpenSSL installation wrt path changes.
ca8d92b9c appveyor: Temporarily move to previous image to unblock CI.
cd2ff530d dpdk: Convert dpdk-lcore-mask to DPDK lcore args.
7bf5a8b83 dpdk: Clean up dpdk option map.
f028ba719 vswitch.xml: Update docs for dpdk-lcore-mask.
310fe3224 netdev-dpdk: Remove workarounds for fixed checksum bugs.
0efebaf86 odp-execute: Fix packet length check for TSO packets.
99cac28f7 netdev-dpdk: Fix IP checksum with net/virtio.
c3e16065b netdev-native-tnl: Fix DF bit not being extracted into tunnel flags.
4fe10a771 MAINTAINERS: Move Russell to emeritus status.
9a2169a3f bond: Do not flag a revalidation when adjusting time.
1a8e0153b cirrus: Only update the main FreeBSD repository.
609526ca2 ovsdb: transaction: Silence dereference after null check warning.
7d691c6ea ovsdb: raft: Silence dereference after null check warning.
faca0cc47 ovsdb: relay: Silence dereference before null check warning.
3a5ea5f28 ovsdb: trigger: Silence dereference after null check warning.
1856bfa4d ovsdb: monitor: Silence dereference after null check warning.
fe90fb3ce ofproto: Fix missing lock when reading oftable->vacancy_up/down.
5deb96425 netdev-offload-dpdk: Fix memory leak for matching fragments.
df3703410 AUTHORS: Add Linda Wang.
b1e295d46 netdev-offload-dpdk: Fix vport hw-offload stat.
e0ee785b1 tests: system-traffic: Fix flaky floating IP test.
6e83dafc4 conntrack: Add support for IPv4 EPRT and EPSV.
8c8d16964 AUTHORS: Add Eli Oliver.
d2f1ca089 checkpatch: Add simple python comment spell checking.
e141dc9ae Set release date for 3.6.0.
3ffb1c401 ipf: Complete l4 checksum before frag out.
00dcc546a Documentation: Use @development-tools on dnf5.
270de5dfb ofproto: Move group-modify to mod_start instead of mod_finish.
f8d457ea2 Prepare for post-3.6.0 (3.6.90).
4a2c90ad8 Prepare for 3.6.0.
eeb7d7d99 checkpatch: Separate out the built-in spelling words.
b5f898cc3 AUTHORS: Add Alexandra Rukomoinikova.
6f2ca3fb2 db-ctl-base: Added filter option in show command.
943f9096e ovs-vsctl: Exit with error if postdb checks report errors.
0add983b3 ovsdb: Use table indexes if available for ovsdb_query().
5c4d60671 dpif: Fix infinite netlink loop in dpif_execute_helper_cb.
50e1e57f8 utilities:gdb: Add GDB function to dump Netlink attributes.
6d4044899 docs: Specify retis dependency on USDT probes.
0d9dc8e9c dpif-netlink: Provide original upcall pid in 'execute' commands.
0d5eece55 mcast-snooping: Properly check MLD packet length.
22732c0e6 tests: Add support for running system tests under retis.
049197282 seq: Fix deadlock with the time_init.
1210864a6 netdev-dpdk: Remove unused macro for TSO offloads.
3d2f64e5d ovsdb-idl: Add new functions to check the column type on the server.
f5819e699 json: Store short arrays in-place.
1de4a08c2 json: Use functions to access json arrays.
9669b50f5 json: Store short strings in-place.
6c48b29f5 json: Always use the json_string() method to access the strings.
41a4a3723 sparse/socket.h: Add AF_BRIDGE definition.
83af8ee6f tests: ipsec: Adjust status checks for upcoming Libreswan 5.3.
83de251fa ipsec: libreswan: Remove old certs before importing new ones.
80d723736 cirrus: Update to FreeBSD 14.3 and 13.5.
609060370 netdev-dpdk: Remove limit on maximum descriptors count.
edecb7404 python: idl: Don't notify the application on _Server database updates.
ab062d3cb netdev-dpdk: Adjust IPv4 checksum capability for vhost-user.
dd443c1a7 netdev-dpdk: Stop relying on vhost-user Tx flags.
b8032fac2 dp-packet: Remove direct access to DPDK offloads.
cf7b86db1 dp-packet: Rework TCP segmentation.
e36793e11 dp-packet: Resolve unknown checksums.
2956a6126 dp-packet: Rework L4 checksum offloads.
3daf04a4c dp-packet: Rework IP checksum offloads.
67abd5154 dp-packet: Rework tunnel offloads.
e2200485c dp-packet: Expand offloads preparation helper.
d29ba0abd dp-packet: Add OVS offloading API.
19ef1b1f0 dp-packet: Remove DPDK specific IP version.
52fdeda11 dp-packet: Remove Linux specific L4 offloads.
a86ae3c86 python: Add uuid/convert references to uuid for Row.__str__.
8ee7ecb8a db-ctl-base: Allow retrieving rows of type OVSDB_TYPE_UUID.
8a1a0ea7c AUTHORS: Add Changliang Wu.
aea473429 lldp: Fix out of bound write in chassisid_to_string.
614029aac conntrack: Allow inner NAT of related fragments.
ca9e67c80 daemon-unix: Handle potential negative values from sysconf().
99af7f379 ovsdb: Fix Coverity leak warning by marking code as unreachable.
2c634482f raft: Fix resource leak from ignored ovsdb_log_write_and_free() error.
b90304bfe ovsdb-server: Fix potential memory leak in parse_options().
d1bd62dae ofproto-dpif-upcall: Check odp_tun_key_from_attr() return value.
88737f02e ofproto-dpif-xlate: Fix memory leak in xlate_generic_encap_action().
8fca3f99c lldp: Fix Coverity warning about resource leak in lldp test.
d28382947 sparse: Define new AVX10 includes added in GCC >= 15.
0e419d1b4 sparse: Add workaround for OpenSSL configuration.
8224cd47f tests: tunnel-push-pop: Fix occasional failure of the drop test.
e99ce7d5d flow: Fix checksum offloads with simple match.
48ce3a5a5 dpdk: Use DPDK 24.11.2 release.
b42f9fde4 netdev-dpdk: Fix possible memory leak in vhost stats.
7e3a0b496 AUTHORS: Add Yang Yang.
60a219300 perf-counter: Enable exclude_guest by default.
2df25f970 util: Remove include of itself.
37848e218 util: Ignore return code from str_to_uint().
e180c431b tests: classifier: Add a stress test for prefixes reconfiguration.
6a61a70fc classifier: Fix race for prefix tree configuration.
9234b9b40 tests: classifier: Fix the rule number check during trie verification.
f7711efc9 ovs-router: Fix potential resource leak in JSON output.
5603b869a netdev-linux: Fix offloads for IPv6 UDP packets.
c852a8c76 netdev-native-tnl: Do not validate already checked checksum.
71f3dd3e9 conntrack: Fix embedded checksums in ICMP errors.
4b00509ea conntrack: Do not validate already checked checksum.
8a7f1292d ipf: Consider checksum only for fragmented packets.
585c8088e dpif-netdev: Enhance checksum coverage.
d49994634 flow: Fix bad IP checksum flag.
261f02ba3 ovs-ctl: Allow to set custom core file size for ovs daemons.
d000ff1cd ovs-router: Add JSON output for 'ovs/route/show' command.
6fc522174 ipsec: libreswan: Fix premature reconciliation of just added tunnels.
1b2eff486 github: Add a permanent workaround for malformed /etc/hosts.
28064e9fa AUTHORS: Add Dmitry Porokh.
421c94ee1 ovsdb: Introduce and use specialized uuid print functions.
94500f9bb tests: Run IPv6 ct fragmentation tests in different zones.
8aa649c7b NEWS: Note that OOT kernel module documentation has been removed.
6bd931716 docs: issues: Update for removal of OOT kernel module.
ef6cfc0a0 docs: configuration: Don't document OOT kernel module wrt connecting bridges.
aea939b24 docs: faucet: Remove references to OOT kernel module.
89e8c1249 docs: general: Remove references to kernel module.
68d742e84 debian: Remove documentation of OOT kernel module.
2b9aca477 docs: debian: Remove references to installing kernel module.
e03ccbce6 docs: backporting-patches: Remove documentation of OOT kernel module.
e0c07a8a7 docs: release: Remove documentation of OOT kernel module.
1015b13f0 ofproto-dpif-xlate: Add a drop action for native tunnel failure.
a53d67bf9 python: idl: Clear rows without losing indexes.
f1f214e5c ipsec: libreswan: Fix detection of loaded IPv6 connections.
e017142d1 python: Add example usage section to README.
79be51b9c python: Populate README with minimal context.
816f30b06 python: Add 'long_description' to 'setup.py'.
3e63999f9 python: Don't leave file handles open.
8fffcfcf6 AUTHORS: Add Martin Morgenstern.
8c9e7631c jsonrpc: Maximize receive buffer size.
ca8c27b7c jsonrpc: Add coverage for incomplete receives.
4443433d2 uuid: Fix a warning about zero byte truncation in the template.
fe53b478f dpdk: Fix main lcore on systems with many cores.
20fd9d480 AUTHORS: Add Vasyl Saienko.
96ee23a21 ovs-vtep: Fix vlan binding.
484208bd1 ipf: Maintain packet zone and direction.
056a37d6d ipf: Don't send expired frags.
effb2bb28 Documentation: Use mail-archive.com URLs for openflow-discuss ML links.
88ee8ae05 Documentation: Update links to DPDK documentation.
1e577cfb2 AUTHORS: Add Jay Ding.
6f33ac632 netdev-dpdk: Fix device info return value check.
ae6b778ab utilities: usdt-scripts: Retry on dp cache miss.
340c574e4 utilities: upcall_monitor: Add extra info to pcap.
c2deabc00 utilities: monitor_upcalls: Print ports from drops.
acd6d21e3 utilities: upcall_monitor: Print port names.
93ccf58a9 utilities: upcall_cost: Refactor port mapping cache.
ca804a7be utilities: upcall_monitor: Allow filtering on result.
c40a7ff9b utilities: upcall_monitor: Monitor dropped upcalls.
441407895 utilities: usdt-scripts: Remove sleep in loop.
9d15da43b ovsdb: raft: Fix cluster break down on leaving with some nodes down.
27315463b ovsdb: raft: Add debug logs for role transition.
cae3ff452 ovsdb: raft: Fix multitasking overrun warning when there is no leader.
1724a293d ofproto: Log bond rebalancing stats once in rebalance run.
ce77927bf ofproto-dpif-xlate: Embed support check in put_drop_action.
50dfd1ce3 AUTHORS: Update email for Ian Stokes.
7f4ee4395 python: Disable check for globals with never reassigned names (F824).
ba675897e ofproto-dpif: Fix spelling in comments and the support field macro.
f141b7c35 checkpatch.py: Don't run subject checks in source-file mode.
6403a49f3 rhel/systemd: Change owner recursively and also on /etc/openvswitch.
f3036be65 utilities: Add long poll statistics to the kernel_delay.py script.
2100a0454 tests: ovsdb-idl: Fix flaky insert and delete tests.
0d21dbc24 python: stream: Fix unlink attempt for ptcp IP address.
0b686a29b ofproto-dpif: Fix dp_hash mapping after select group modification.
3dea4e0fc checkpatch.py: Load multiple codespell dictionaries.
a824a6bb2 ovs-tcpdump: Improve 'mirror-to' option.
2d82a431f tests: Disable rate limiting for tests parsing flow dumps from logs.
15b6c25c8 rtnetlink: Add forward declaration of RTPROT_OVN.
defb8f33f datapath-windows: Fix possible null reference in _MapNlAttrToOvsPktExec
69f0acc9a tests: Fix 'ICMP related with SNAT' test case in offload scenario.
b65f324a7 AUTHORS: Add Dima Chumak.
1898112c8 ofproto: Add JSON output for 'fdb/show' command.
69826ad63 appveyor: Fix python PATH for a new pywin32-309.
0bdca8bf5 tests: system-traffic: Remove unnecessary bash dependency.
472847e69 AUTHORS: Add Frank Wagner.
a68887e1f windows: Fixed MSYS detection in CCCL.
caa2c8c77 github: Get sparse from the official GitHub mirror.
b83d3f51e netdev-offload-dpdk: Clean up vlan_push action function.
008759411 route-table: Rename bridge-related variables/arguments to netdev.
71a9720b7 netdev-offload-tc: Add missing comment from commit 273a4fce951a.
d56a5bacd python: ovsdb-idl: Fix persist_uuid references.
5ee2a3892 python: ovsdb-idl: Handle inserts w/o changes.
7b4d3137a stream-ssl: Remove support for deprecated TLSv1 and TLSv1.1.
19b894162 tunnels: Remove support for deprecated STT and LISP.
410e0f519 ofproto-dpif-xlate: Fix source IP lookup for non-bridge ports.
5292eb50a netdev-offload-tc: Only install recirc flows if the parent is present.
0fb370bdc flow: Explicitly pad tcp_flags for TCP and tp_dst for IGMP.
cb9e21dc3 netdev-offload-dpdk: Support offload of clone push_vlan action.
365c2e504 Set release date for 3.5.0.
fd021c97e tests: Use correct arguments to curl.
ac32bbe2c dpif-netdev: Fix Auto Load Balance debug log.
9f7eb58f7 miniflow_extract: Push ct_tp_{src, dst} for later frags.
c77175824 dpif-netdev: Preserve inner offloads on recirculation.
4baddffd5 ovsdb-server: Do not use filename after free.
b9be72920 netdev-vport: Ignore ipsec_ tunnel option prefix for all tunnels.
ce20ca063 ofproto-dpif-xlate: Fix memory leak in xlate_generic_encap_action().
f7c85a730 ofproto: Fix potential NULL pointer dereference in ofproto_type_xx().
9e784ed6c ofproto: Fix potential null-ptr dereference in meter_insert_rule().
5f6b8faca ofproto-dpif-ipfix: Add NULL check to dpif_ipfix_set_options().
68245b0c4 tests: Fix multiple Coverity warnings in test programs.
de39a5587 ovs-vsctl: Fix missing ovs_scan() return checks.
1936de256 nx-match: Fix potential integer underflow.
f2fac92e3 github: Update fedora image to 41.
35f49a595 documentation: Fix Sphinx program directive.
885e117fd documentation: Fix ovs-flowviz warnings on older Sphinx.
ed133507f fedora: Don't generate network-scripts-openvswitch for ver > 40.
481bc0979 route-table: Allow parsing routes without nexthop.
c5b3ac72d vlog: Add user command to inject log message.
cde106949 sparse: Remove wrappers for some DPDK headers.
f0e6638cf netdev-offload-tc: Fix ignore of dl type mask when installing flows.
8011f9ff9 faq: Update DPDK releases for older branches.
3e100bd93 AUTHORS: Add Markus Linnala.
ec8fe88d7 utilities/bashcomp: Do not run ovs-vsctl when not possible.
2472845c3 general: Use ovs_get_program_version().
ad59bb851 ovs-ctl: Allow to set oom-score for ovs daemons.
ae8dafe6b dpdk: Add ovs-appctl dpdk/get-memzone-stats command.
1594c5086 ofproto-macros.at: Fix hex matching in the strip_recird() macro.
a3c06c309 route-table: Use ofpbuf_use_const() for multipath attributes.
be5b46564 route-table: Fix potential memory leak.
f74777da0 route-table: Avoid potential NULL ptr dereference.
e16db1230 ofp-ct: Add missing struct declaration.
caed64d16 Prepare for post-3.5.0 (3.5.90).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f17c470c
---------------------------
cni: update to v1.3.0
Bumping cni to version v0.8.0-340-g7c27007, which comprises the following commits:
f1cb561 docs: Fix broken link to "Version considerations" in SPEC.md
77b1001 spec: update number of specifically defined terms
Bumping cni-plugins.git to version v1.1.0-395-g6d8f05b8, which comprises the following commits:
6d8f05b8 Bump go version to 1.26
f9f86fdf fix revive linter
b2f23299 Update go.mod to Go 1.25.
adc3e6b5 bridge: include attempted IP address in AddrAdd error message
4161e445 build(deps): bump golangci/golangci-lint-action from 8 to 9
dada84a9 CVE-2025-52881: Bump selinux to 1.13.0
dfb1f9ac fix(test): use shorter veth peer name
ccc8314d vrf: fix route filtering to preserve IPAM-configured routes
8c4a6b3b bandwidth: handle nil bandwidth in CHECK
9b3772e1 portmap: ensure nftables backend only intercept local traffic
Bumping flannel-cni-plugin.git to version v1.9.0-flannel1-12-g09e4c7f, which comprises the following commits:
09e4c7f Bump google.golang.org/grpc from 1.69.0 to 1.79.3
99c8f33 Bump golang from 1.25.6-alpine3.22 to 1.25.7-alpine3.22
a1f477f Bump github.com/onsi/ginkgo/v2 from 2.27.5 to 2.28.1
9d9dbae Bump github.com/onsi/gomega from 1.39.0 to 1.39.1
122c4fd Bump alpine from 3.23.2 to 3.23.3
f5fdb63 Bump golang from 1.25.5-alpine3.22 to 1.25.6-alpine3.22
e70badd Bump github.com/onsi/ginkgo/v2 from 2.27.3 to 2.27.5
b84eef9 Bump github.com/onsi/gomega from 1.38.3 to 1.39.0
a10ad00 Bump alpine from 3.23.0 to 3.23.2
8b6781f Bump github.com/onsi/ginkgo/v2 from 2.27.2 to 2.27.3
be2d572 Bump github.com/onsi/gomega from 1.38.2 to 1.38.3
0940aaf Bump github.com/containernetworking/plugins from 1.8.0 to 1.9.0
521b4f6 Bump alpine from 3.22.2 to 3.23.0
dfcb1ec Bump golang from 1.25.4-alpine3.22 to 1.25.5-alpine3.22
5d45388 Bump golang from 1.24.9-alpine3.22 to 1.25.4-alpine3.22
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4a1de558
---------------------------
virt-what: update to 1.27
Update from 1.21 to 1.27. Notable changes across versions:
- Add detection for Alibaba Cloud (ARM and x86)
- Add detection for AWS (baremetal, KVM, Xen)
- Add detection for Google Cloud
- Add detection for Nutanix AHV
- Add detection for UpCloud
- Add detection for OCI (Oracle Cloud Infrastructure)
- Add detection for bhyve, VMM (OpenBSD)
- Add detection for illumos lx-branded zones
- Add detection for Xen on ARM
- Add detection for ESX on ARM
- Add detection for Hyper-V on ARM
- Add detection for CRI-O and Podman containers
- Add detection for LDOM (Oracle/Sun)
- Add detection for z/VM (IBM)
- Improved QEMU/KVM detection via SMBIOS
- Support for --root-dir option for offline analysis
- Various bug fixes and test suite improvements
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5cf4a121
---------------------------
virt-viewer: update to v11.0-tip
Bumping virt-viewer to version v11.0-100-ge07dbc9, which comprises the following commits:
e07dbc9 remote-viewer: Simplify oVirt username setting
16dab63 remote-viewer: Update govirt requirement
6557319 ovirt: Remove unused declaration ovirt_foreign_menu_get_gtk_menu
093212d Hide the header bar in full-screen mode.
9f3b839 Don't schedule unreveal timer if not active
6fcd5f4 feat: fix kiosk mode previous toolbar grab mouse cursor
17d8b9f Translated using Weblate (Russian)
bbba3d3 rpm: disable -Werror on Fedora / ELN
c596813 Translated using Weblate (Japanese)
29e7778 Translated using Weblate (Spanish)
a5ce69d Translated using Weblate (Chinese (Traditional) (zh_TW))
cd9b430 Translated using Weblate (Telugu)
f4bc61e Add Ctrl+Alt+Shift+Esc key command for logind's SecureAttentionKey
107f60c data: Add x-scheme-handler/vnc to desktop file
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5b10cedb
---------------------------
virt-manager: update to v5.1.0-tip
Bumping virt-manager to version v5.1.0-81-gb2b32ccc7, which comprises the following commits:
b2b32ccc7 tests: properly skip win11 aarch64 test on old osinfo
19f18e9f5 cli: add --boot firmware.enrolled-keys=,firmware.secure-boot=
e5c731787 domain: os: add set_firmware_feature helper
08ec19204 man: virt-install: remove some obscure --boot scearios
3eebb61b7 man: virt-install: change `--boot secure-boot=` docs
09ecf1cfd ci: Install `acl` to get more code coverage
48c9076d5 ci: add `workflow_dispatch` to more workflows
91f506f06 testdriver: add more complete zfs XML
2c87e485e uitests: createvm: add Customize->Add Hardware->TPM case
20d375a04 details: Fix TPM label from `Customize` wizard
23d6f9088 tests: cli: fix aarch64-win11 with latest osinfo-db
d306fb6b2 uitests: Add coverage exclusions
198778dfb uitests: cover NVME disks and controller
98921c4dc uitests: cover USB startup policy
9681c3d43 ui: add USB startup policy mnemonics
b3daef7ef testmock: add --test-options=disable-name-validation
ba532d3ed uitests: relax alert lookup naming
eba62e983 uitests: fix snapshot name validation test
5d7c66378 man: secure-boot: don't mention entrolled-keys
23dd48ae9 cli: add --boot secure-boot option
9ab2918fa virtinst: add support for iommufd
d13271422 virtinst: fix locale when running in flatpak
90e425b59 ui: Show NVMe Controller details
08b547366 virtManager: Add NVMe disk type
97505a9fe virtinst: implement NVMe disk target generation
605b3d807 virtinst: Add NVMe Controller
6f1adcc92 virtinst: Add serial controller option to cli
206e79d50 tests: use Node.path when available
711275b92 tests: handle "collection_path" and "path" for pytest_ignore_collect()
a5a540369 tests: port pytest_ignore_collect() to pathlib
10014e150 addhardware: Add usb as a recommended sound device
606633249 Translated using Weblate (Swedish)
04ab5617a Translated using Weblate (Indonesian)
7fd958770 Translated using Weblate (Estonian)
9a9267470 Translated using Weblate (Turkish)
2af8e00c8 Translated using Weblate (Romanian)
ff0e401ee Translated using Weblate (Chinese (Simplified) (zh_CN))
fe5e1ea17 Translated using Weblate (Portuguese (Brazil))
a91f48faa Translated using Weblate (Portuguese)
0fbc02c6e Translated using Weblate (English (United Kingdom))
0881c9c64 Translated using Weblate (Italian)
4afe2b71e Translated using Weblate (Turkish)
74d5b0f9e Translated using Weblate (Chinese (Simplified) (zh_CN))
cc2bb397e Translated using Weblate (Chinese (Simplified) (zh_CN))
39791b73c Translated using Weblate (Kabyle)
e9bf0bc12 Translated using Weblate (Chinese (Simplified) (zh_CN))
984d20203 Translated using Weblate (Finnish)
d150bab3f Translated using Weblate (German)
43f4c7859 Translated using Weblate (Polish)
7c2bebaee Translated using Weblate (Russian)
f5b56cdec Translated using Weblate (Korean)
904f95291 Translated using Weblate (Swedish)
bc9e5dc15 Translated using Weblate (Spanish)
015fb0b7f Translated using Weblate (Georgian)
3a66f48e2 Translated using Weblate (Ukrainian)
a5553cb91 Translated using Weblate (Romanian)
87298b9c9 Translated using Weblate (Czech)
35ad9057f virtinst: Fix XDG_DATA_HOME handling
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 3eb1c7bf
---------------------------
rootlesskit: update to v3.0.0-alpha.2
Bumping rootlesskit to version v3.0.0-alpha.2-2-ga313ce8, which comprises the following commits:
3135d58 v3.0.0-alpha.2+dev
48a2131 v3.0.0-alpha.2
cc21afb Build(deps): Bump golang.org/x/sys from 0.39.0 to 0.40.0
0c54ba3 Build(deps): Bump github.com/containers/gvisor-tap-vsock
c62a145 fix(testsuite):fix flaky by ensure port is free to use
bac9c12 Build(deps): Bump golang.org/x/sys from 0.38.0 to 0.39.0
e814ea0 Build(deps): Bump github.com/containernetworking/plugins
d95fa30 Build(deps): Bump golang.org/x/sync from 0.18.0 to 0.19.0
45ea529 Build(deps): Bump actions/setup-go from 5 to 6
8b0d41e Build(deps): Bump actions/checkout from 5 to 6
64d4cd5 v3.0.0-alpha.1+dev
7ae0e6b v3.0.0-alpha.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 06cd830b
---------------------------
oath: update to 2.6.14
Update oath-toolkit from 2.6.2 to 2.6.14. Drop patches and
workarounds that are no longer needed:
- 0001-oath-fix-macro-definition-error.patch (file removed upstream)
- EXTRA_AUTORECONF m4 workaround (AM_PATH_XML2 dropped in 2.6.7)
- Stale md5sum checksum
Upstream changes since 2.6.2:
2.6.14 (2026-01-27):
- pam_oath: Support null_usersfile_okay parameter
- Build fixes for glibc 2.43
2.6.13 (2025-07-29):
- liboath/libpskc: Fix _FORTIFY_SOURCE build problem
- liboath: Fix --with-openssl builds
- Git hosting moved from gitlab.com to codeberg.org
2.6.12 (2024-10-03):
- pam_oath: Drop privs for usersfile with ${HOME} (CVE-2024-47191)
- liboath: Don't follow symbolic links for usersfile updates (CVE-2024-47191)
- oathtool: Fix test suite on 32-bit big-endian platforms
- libpskc: Fix linker warning with mold, musl implicit declaration
2.6.11 (2024-01-11):
- liboath: Handle invalid base32 encoded secrets
2.6.10 (2024-01-03):
- Build fixes for Windows and Arch Linux
2.6.9 (2023-07-09):
- Improve compatibility with recent libxmlsec
2.6.8 (2023-07-09):
- libpskc: Fixes for recent libxmlsec releases
- pam_oath: Provide fallback pam_modutil_getpwnam implementation
- liboath: Builds on Windows
2.6.7 (2021-05-01):
- pam_oath: Support variables in usersfile string parameter
- build: Drop AM_PATH_XML2 in favor of pkg-config
2.6.6 (2021-01-20):
- oathtool: Handle HOTP --counter values > 0x7FFFFFFFFFFFFFFF
2.6.5 (2020-12-29):
- oathtool: Support reading KEY and OTP from stdin or filename
2.6.4 (2020-11-11):
- Fix libpskc memory corruption bug
- pam_oath: Fail gracefully for missing users
2.6.3 (2020-11-07):
- oathtool: Support TOTP with hash SHA512
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b801ae39
---------------------------
libvmi: update v0.14.0-tip
We add gettext as a dependency to fix:
ERROR: libvmi-0.14.0+git-r0 do_configure: QA Issue: AM_GNU_GETTEXT used but no inherit gettext [configure-gettext]
ERROR: libvmi-0.14.0+git-r0 do_configure: Fatal QA errors were found, failing task.
ERROR: Logfile of failure stored in: tmp/work/x86-64-v3-poky-linux/libvmi/0.14.0+git/temp/log.do_configure.3722649
ERROR: Task (recipes-extended/libvmi/libvmi_git.bb:do_configure) failed with exit code '1'
NOTE: Tasks Summary: Attempted 3936 tasks of which 3928 didn't need to be rerun and 1 failed.
Bumping libvmi to version v0.10-1148-g82bbee6, which comprises the following commits:
82bbee6 Fix pointer mismatches, which GCC complains about (#1120)
77a677a Add vmi_map_guest_pfns() function (#1118)
b196d72 Remove old debian from ci (#1119)
872ccc6 Fix NtBuildNumber read (#1114)
f02aeb7 implement Windows PTE resolving (#1074)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: dfe43058
---------------------------
libvirt: update to v12.1.0 -tip
We update our python checksum and drop a patch that is no longer needed.
Bumping libvirt to version v12.1.0-107-g9fa6beff05, which comprises the following commits:
9fa6beff05 qemuxmlconftest: Update 's390x' tests using 'virt-4.2' machine type
4537c0b870 qemuMigrationSrcBeginPhase: Don't call 'qemuBlockNodesEnsureActive' with offline VM
59fde80f39 qemuMigrationSrcBeginXML: Don't call 'qemuMigrationSrcBeginPhaseBlockDirtyBitmaps' with offline VM
623844bf2a virsh: migrate: Add support for VIR_MIGRATE_PARAM_MIGRATE_DISKS_TARGET_ZERO
f5fc45efea qemu: migration: Introduce 'VIR_MIGRATE_PARAM_MIGRATE_DISKS_TARGET_ZERO'
6670924a0d virsh: Add support for 'VIR_DOMAIN_BLOCK_COPY_TARGET_ZEROED' as '--dest-is-zero'
aa7d3142aa qemu: Add VIR_DOMAIN_BLOCK_COPY_TARGET_ZEROED flag for virDomainBlockCopy
b7e51e875a qemu: monitor: Add support for 'target-is-zero' option of 'blockdev-mirror'
aba64fc539 qemu: capabilities: Introduce QEMU_CAPS_BLOCKDEV_MIRROR_TARGET_IS_ZERO
f7ae47274a qemuMigrationSrcPerformTunnel: Remove 'migrate_disks' argument
7abfcef53c qemuTranslateSnapshotDiskSourcePool: Use proper error code
d9e2db9445 qemu: conf: Don't use VIR_ERR_INTERNAL_ERROR for config file parsing errors
42ef9a200a qemu: backup: Move setup of VIR_STORAGE_NET_HOST_TRANS_FD to qemuBackupPrepare
231ae15e97 qemuxmlconftest: Add missing test for <readonly> attribute of p9-fs devices
20ecc25b91 qemuBuildFSStr: Properly format 'readonly' attribute
2b03d26471 qemuBuildFSStr: Drop code for VIR_DOMAIN_FS_DRIVER_TYPE_HANDLE
b05fc0eabf qemu: capabilities: Don't advertise support for VIR_DOMAIN_FS_DRIVER_TYPE_HANDLE
df3f46c28c qemu: validate: Reject configs with VIR_DOMAIN_FS_DRIVER_TYPE_HANDLE
954036635a scripts: dtrace2systemtap: Fix argument name extraction regex to avoid '*' in names
95d29b66b4 hyperv: Remove unnecessary hash table size query.
85fdb72ac0 hyperv: use constants for xml namespaces
a561883abf qemu: add automatic port allocation for pull-mode backup NBD servers
36cf50f85b qemu: driver: Setup 'virPortAllocator' for backup NBD server ports
d1c6f0edc1 qemu: conf: add setup for automatic port allocation for pull-mode backup NBD servers
406b7fb0bd tests: Add iommufd fdgroup test
0a83b28795 qemu: Implement iommufd fdgroup
58875a6df6 conf: Add iommufd fdgroup support
fc516031ed qemu: Implement iommufd
c03b8f0804 conf: Introduce domain iommufd element
c1d38e9428 src: Use virHostdevIsPCIDeviceWith* to check for IOMMUFD
d1fb5cf127 qemu: Update qemuDomainNeedsVFIO to ignore PCI hostdev with IOMMUFD
c89b2bf1a8 qemu: Expand call to qemuDomainNeedsVFIO
ffa8020d36 hypervisor: Fix virHostdevNeedsVFIO detection
d0afa0a842 conf: Refactor virHostdevIsPCIDevice
f89e3dbce8 conf: Move and rename virStorageSourceFDTuple object
1a528a4d29 network: Don't enable ip_forward for VIR_NETWORK_FORWARD_OPEN
70b3053057 qemuhotplug: Introduce interface-network-hostdev
685f359eaf qemuhotplugtest: Use fake drivers
605112c584 virnetworkportxml2xmldata: Use different PCI address in plug-hostdev-pci.xml
b01baffbb2 qemuxmlconftest: Separate fake drivers into a separate file
6d6da1cbac tests: Drop WITH_QEMU from qemu specific tests binaries/libraries
cd6a1ba222 networkxmlconftest: s/fail/cleanup/
d9b34ad12b network: Format <ip/> element using virXMLFormatElement()
05cdfcf568 src: Drop NULL check before calling virBufferEscapeString()
54f5032e57 hyperv: Implement virDomainSnapshotGetParent()
1a5f2ad4c8 hyperv: Implement virDomainSnapshotCurrent()/virDomainHasCurrentSnapshot()
09c0b24424 hyperv: implement virDomainSnapshotGetXMLDesc()
00ccf5b2a8 hyperv: implement virDomainListAllSnapshots()/virDomainSnapshotNum()
6abb988fd1 hyperv: Implement domainSnapshotLookupByName()
293bb59e75 viriommufd: Set IOMMU_OPTION_RLIMIT_MODE only when running privileged
1fd9f5a3db qemu: Enable AMD IOMMU XTSUP by default
e1b8853e48 conf: support >255 vcpu w/ amd-iommu xtsup
d47de9e8b9 conf: fix error log for passthrough and xtsup attributes
2842d89706 conf: fix virDomainIOMMUDefEquals for amd_iommu
2e25854933 util: implement virHostCPUGetOnlineBitmap() for FreeBSD
88b5e33b4e rpc: free saved close error in virNetClientDispose
e25b82c5f8 tests: Create fake root dirs later
0b54c9d535 docs: Clarify host-model description in domain capabilities
57e5bb55ce virsh: Add --expand-cpu-features option for domcapabilities
3215fee349 qemu: Implement VIR_CONNECT_GET_DOMAIN_CAPABILITIES_EXPAND_CPU_FEATURES
8aa13d1b16 Introduce EXPAND_CPU_FEATURES flag for domain capabilities
f552faab53 docs: storage: Note that refreshing the storage pool is needed on outside modification
1ee7d7147b util: Move 'virProcessLimitResourceToLabel' into same preprocessor if-block as only caller
97f3fcd294 qemu: monitor: Use 'flat' mode of 'query-block'
3ae6de95f2 qemu: capabilities: Introduce QEMU_CAPS_QUERY_BLOCK_FLAT
e7d959a87f qemucapabilitiestest: Update 'caps_11.0.0_aarch64' to 'v10.2.0-2062-g084a6c6e73"aarch
75edc7ae98 qemucapabilitiestest: Update 'caps_11.0.0_x86_64' to 'v10.2.0-2062-g084a6c6e73"
837463f83f qemu: processShutdownCompletedEvent: Remove inactive VM object after shutdown
89d2948a16 qemu: hotplug: Don't access disk definititon after it was freed after media change
bed561c07a qemuDomainAttachDeviceDiskLive: Remove 'disk' variable
25662b3700 qemu_hotplug: Fix crash when attaching network inteface with hostdev network
2f25afba55 util: extend virHostCPUGetInfo() for FreeBSD
4cb677df95 docs: bhyve: add arm64 guest example
9c304e5cc6 docs: bhyve: fix typo in version number
d760c5c12e docs: bhyve: document NUMA domains configuration
3f3cb3ab51 hyperv: report whether guests have TPM enabled
83621dcb33 qemuhotplugtest: Run "interface-hostdev" test cases only on Linux
f9bb819fc4 qemuhotplugtest: Introduce interface-hostdev test case
662b1f4eb3 virnetdevmock: Mock virNetDevSaveNetConfig() and virNetDevSetNetConfig()
e9798b8397 virpcimock: Create net/ subdir for devices
542230251b virpcimock: Create sriov_totalvfs file and virtfnN symlinks
d8c70c8988 tests: stop mocking virGetUserRuntimeDirectory()
79d97d2b4f tests: point $HOME and $XDG_* into usable fake root directory
f83c0a5e6e consistently use glib g_getenv() instead of libc getenv()
52806b89d6 util: make completely separate functions for WIN32 versions of virGetUser*Directory()
5b1c8c8b86 util: rename virGetUserDirectory(ByUID) to virGetUserHomeDirectory(ByUID)
2dd4298339 remote: reduce scope of userdir in remoteGetUNIXSocketHelper()
86a68ee852 util: reduce scope of rundir in virPidFileConstructPath()
65cd851e57 util: reduce scope/autofree-ify rundir in virDaemonUnixSocketPaths()
331d9fe3ba qemu: support setting default route for passt interfaces inside the guest
acd8e9595f conf/util: fix non-specification of IP route destination address
21c8588683 util: make the route arg to virNetDevIPRouteGetPrefix const
1468f995e7 qemu: only limit IPv4 prefix for slirp
4b5c555e97 qemu: reorganize qemuValidateDomainDeviceDefNetwork()
0ae2dde5a8 qemu: delete passt "repair" socket when appropriate
3ea1550c64 test: Default to ROM type for loader
82b09f105a bhyve: support NUMA configuration for domains
e4b0fdb72f hyperv: implement virDomainDefineXMLFlags()
e62e777d3f hyperv: fix flags passed to virDomainDefParseString()
7aed06b055 hyperv: ensure we don't define multiple domains with the same name
bf27594575 hyperv: improve error message when redefining domain
fa016baf0a util: json: fix memory leak in virJSONValueFromJsonC()
d7b3be8ca3 secret: install service file only if init_script is 'systemd'
03f2672ab4 qemu: Fix IOMMUFD and VFIO security labels
b7483e6558 security: Cleanup hostdev label error logic
75f698c77f security_apparmor: Use g_auto* in AppArmorSetSecurityHostdevLabel
d704458b31 Post-release version bump to 12.2.0
6f0df1af01 Release of libvirt-12.1.0
496cccf47f news: Mention latency histogram support and (managed) save fixes
4a0424e2f3 Translated using Weblate (English (United Kingdom))
39b3b2eb37 fdstream: fix EOF handling when reading data
774241017a fdstream: don't set return value if looping to read more data
656f51dd20 news: document bhyve changes for 12.1.0
b0e57a2b35 NEWS: Document features/improvements/bug fixes I've participated in
2c6fe784ac news: document new hyperv features
4374dbbbf0 qemu_hotplug: enter monitor in order to rollback passed FD
fe782ed334 domain_conf: initialize network hostdev private data
10d5a41231 util: fix use-after-free in virIdentityGetSystem
633ac90d2b vmx: log full .vmx content
3d1e6d92de qemu: Fix job handling when domain dies in post-copy migration
634b40ccab po: Refresh potfile for v12.1.0
dbf3d81d24 Translated using Weblate (Chinese (Simplified) (zh_CN))
82512796fe Translated using Weblate (Spanish)
e943aff795 Translated using Weblate (Spanish)
8a1bd82f50 Translated using Weblate (Spanish)
29a53e39c0 Translated using Weblate (Czech)
92cbb0fcd7 Translated using Weblate (Greek)
f88910b713 Translated using Weblate (Romanian)
e39ce22996 Translated using Weblate (Greek)
b713afcebd Translated using Weblate (Greek)
42eb8b6d0b Translated using Weblate (Swedish)
ce5e429171 Translated using Weblate (Swedish)
d507c85f93 Update translation files
aa48051095 Added translation using Weblate (Chinese (Traditional Han script))
5b6adb61c8 Translated using Weblate (Georgian)
6085f809ad bhyve: Default to ROM type for loader
f051939111 news: Document support for uefi-vars device and firmwares
0151db88c2 virsh: Update for varstore handling
31e40b6229 include: Mention varstore where applicable
bcda5b2efd qemu_command: Use uefi-vars device where appropriate
0ea04024ef tests: Add firmware descriptors for uefi-vars builds
bcbb2667e2 security: Handle varstore file
a32b4a6037 security: Mark ROMs as read only when using AppArmor
5dc97de2c4 qemu: Create and delete varstore file
41fe1199bb qemu: Introduce qemuPrepareNVRAMFileCommon()
0dd118ccee qemu_firmware: Generate varstore path when necessary
df3121d21e qemu: Introduce varstoreDir
da7eb72148 qemu_firmware: Fill in varstore information
fa74aae490 qemu_firmware: Allow matching stateful ROMs
ffe37c6989 qemu_firmware: Use of NVRAM implies stateful firmware
500c010df2 qemu: Fill in varstore element in domcaps
3d6987914b conf: Include varstore element in domcaps
a440ada214 qemu_firmware: Report NVRAM template path for ROMs
cab5b6532d qemu_firmware: Support extended syntax for ROM firmware descriptors
d0c6aa084f qemu_firmware: Consider host-uefi-vars feature in sanity check
91337ee06d qemu_firmware: Split sanity check
83679d7338 qemu_firmware: Parse host-uefi-vars firmware feature
38c4c3f654 tests: Add firmware-auto-efi-enrolled-keys-aarch64
0653a2eae2 tests: Add firmware-auto-efi-varstore-aarch64
d8e0e9c3ce tests: Add firmware-auto-efi-varstore-q35
71d6399068 tests: Add firmware-manual-efi-varstore-aarch64
77b44120c5 tests: Add firmware-manual-efi-varstore-q35
bd35046517 qemu: Validate presence of uefi-vars device
12cdd61383 qemu_capabilities: Introduce QEMU_CAPS_DEVICE_UEFI_VARS
1c2dbdf3ac conf: Update validation to consider varstore element
3feee6d0ab conf: Parse and format varstore element
b5da97c5b9 schema: Introduce osnvram define
ccdff699ac tests: Rename custom JSON firmware descriptors
1504b7f687 conf: Move type=rom default for loader to drivers
375c82a0f8 qemu_firmware: Only set format for custom loader if path is present
a03a820572 docs: Improvement related to firmware selection
38379f59c0 docs: Rename "BIOS bootloader" section to "guest firmware"
4d0c5bc5be hyperv: Add basic domainGetBlockInfo() API implementation
95d8909283 hyperv: Add resource subtype definitions
331a392b96 conf: support windows paths in virDomainDiskByName()
9b5831910f hyperv: add support for secure boot configuration
82ccd68755 hyperv: Clean up unnecessary header includes
c07b4e91e3 qemu: saveimage: Use 'virFileWrapperFd' when loading non-sparse saveimage
0e2ab42778 qemu: driver: Merge 'qemuDomainRestoreInternal' and 'qemuDomainObjRestore'
72a65c6944 qemuSaveImageCreateFd: Handle case when 'virQEMUFileOpenAs' doesn't return a file fd for 'sparse' format
6a2a77b747 virfile: Introduce 'virFileFDIsRegular'
19d684706d qemuMonitorMigrateToFdSet: Drop 'flags' argument
0d3290d152 qemuSaveImageOpen: Remove wrong ATTRIBUTE_NONNULL
e9b931d3e4 virpci: Report an error if virPCIGetVirtualFunctionIndex() fails
edb3350c64 bhyve: implement domainGetVcpuPinInfo
387543c57f bhyve: support vcpu pinning
3ea0a44f7a qemu: Report error aborting stopped postcopy migration
6c2c9e21ac virstorageobj: Make virStoragePoolObjAddVol() report an error on failure
dbdaf22b63 virsh: report "unknown" for autostart when API query fails
da815a6a7b virsh: return failure exit code when UUID fetch fails
f09d02bf0f news: Mention firmwareFeatures element for domaincaps
cf4dfcf795 docs: Document firmwareFeature element for domaincaps
87c072c08b qemu: Fill in firmwareFeature element for domaincaps
928bdc3e67 conf: Add firmwareFeatures element for domaincaps
463322ec48 schema: Add firmwareFeatures element for domaincaps
f335c578d1 tests: fix mocking on macOS
f37e14119c iommufd: fix FD leak in case of error
75db232f90 tests: properly mock VFIO and IOMMU checks
63434db800 qemu: Fill iommufd domain capability
855f8fe9e2 conf: Introduce iommufd enum for domaincaps
5d16bef1a6 qemu_hotplug: Add support to hotplug host device with IOMMUFD
3f7ad3a8a5 qemu_command: Extract building IOMMUFD props to function
300ebf01b8 qemu_hotplug: Remove iommufd object if no longer needed
b21b6dcc72 qemu: Save IOMMUFD state into status XML
f67e4ac4d0 qemu_command: Don't use host property if IOMMUFD is used
4611f227c7 qemu: Convert vfioDeviceFd to qemuFDPassDirect
df59beed37 qemu: Convert IOMMUFD to qemuFDPassDirect
4a80a0468e qemuxmlconftest: Set fake FD for IOMMUFD
15ad45758b qemuxmlconftest: Rename and refactor testSetupHostdevPrivateData
cb23831c02 qemuxmlconftest: Refactor host device preparation
c83b4f367f qemu_process: Refactor qemuProcessOpenVfioFds
d194f362f3 qemu_process: Fix FD leak with multiple host devices using IOMMUFD
7c062bfc4f qemu_domain: Add missing IOMMUFD cleanup
4b176cfc38 conf: Introduce virDomainDefHasPCIHostdevWithIOMMUFD
97eed30948 conf: Introduce virHostdevIsPCIDeviceWithIOMMUFD
3365bff598 util: Use virPCIDevice as argument in virPCIDeviceGetVfioPath
76b720168b qemu_process: Refactor qemuProcessOpenVfioDeviceFd
22c666097c util: Move openning VFIO device to virpci
ff2848827f qemu_process: Refactor qemuProcessOpenIommuFd
c684b83a68 util: Move openning IOMMU device to viriommufd
0c1af67be5 qemu: Move IOMMUFD validation to qemu_validate
4a0ea9bcf1 qemu: Introduce QEMU_CAPS_OBJECT_IOMMUFD
cb33103c4a scripts: avoid matching 'char **' as string for systemtap
5787326541 qemu: Setup disk latency histograms on startup/hotplug/update
b874c944bd Introduce support for disk operation latency histogram collection
ad65b00c13 docs: formatdomain: Reword section about the '<statistics>' element under disk driver
7da1a83914 docs: formatdomain: Fix indentation of docs for <disk><driver><statistics> element
ad4830ce68 qemu: monitor: Add handlers for 'block-latency-histogram-set'
237e49127a Expose latency histograms via 'virConnectGetAllDomainStats'
1c77d396ea qemu: monitor: Extract block latency histogram stats into 'qemuBlockStats'
42a39d703d qemu: process: Rename 'qemuProcessSetupDiskThrottling' to 'qemuProcessSetupDisks'
1789a0f8a3 qemu: Extract disk setup done via QMP into a separate helper
11057abfd1 qemu: Wire up new hyperv host-model mode behavior
380fb89390 conf: Parse hyperv features even for host-model
79b05df9f8 bhyve: improve loader handling on arm64
e23fd0b7fd In virFDStreamRead(), fill buffer from this and next messages
caf74fab50 bhyve: add capability probing for ACPI
fc52d176ce bhyve: do not use deprecated IOAPIC option
eaf1f15173 util: remove duplicate logging of firewall command
53d43ee5da docs: secret: Add documentation of secret encryption feature
eb0b65e07a secret: Add functionality to load and save secrets in encrypted format
bd6c201f9a secret: Rename virSecretObj structure attribute from base64File to secretValueFile
1c86748cf1 secret: Add secret.conf configuration file and parse it
97758bc9a0 secret: Set up default encryption secret key for the virtsecretd service
ffc316e99a util: Add support for GnuTLS decryption
73a52dc108 qemuProcessRefreshDisks: Don't bother to refresh disks on cold boot
536646deaf qemuProcessUpdateVideoRamSize: Remove 'driver' argument and adjust callers
40b7e2a39b qemu: Refactor tray_status handling
b9b9092c9c qemuDomainAttachDiskGeneric: Avoid unneeded disk property refresh after hotplug
bc939353d9 qemuDomainDiskPrivate: Remove unused 'tray' field
8ae3835079 conf: domain: Add VIR_DOMAIN_DISK_TRAY_NONE state for devices without tray
fac54e0d73 qemuDomainDiskInfo: Use proper type for 'io_status'
a94d2b9871 qemuMonitorJSONGetBlockInfo: Don't fail if 'io-status' field gets new values
4666d19617 qemuMonitorJSONHandleMemoryFailure: Simplify error case and value extraction
25922c1fcb qemu: monitor: Add test validating that 'eventHandlers' are properly sorted
6f372d526f qemuMonitorJSONHandleMigrationStatus: Simplify error case
ed94a8336a qemu: Drop 'removable' field from 'qemuDomainDiskInfo'
1292e757c6 qemu: process: Unexport 'qemuProcessRefreshDisks'
5b392ec976 qemuMigrationSrcBegin: Drop disk refresh step
52e09a7875 qemu: Drop 'empty' filed from 'qemuDomainDiskInfo'
56f7dd88d4 qemuProcessRefreshDiskProps: Drop code to remove disk source
074f7fba94 qemu: Remove 'removable' field from 'qemuDomainDiskPrivate'
861be1078e qemuDomainDiskInfo: Drop 'nodename' field
0d3ef7cb71 qemu: Implement support for persistent reservation migration control
b0edb7eb9b qemu: capabilities: Introduce QEMU_CAPS_DEVICE_SCSI_BLOCK_MIGRATE_PR
fb8d697554 qemucapabilitiestest: Update 'caps_11.0.0_aarch64' to 'v10.2.0-1114-gb3abdfa486'
5f5a2b0c8c qemucapabilitiestest: Update 'caps_11.0.0_x86_64' to 'v10.2.0-1114-gb3abdfa486'
06e7fee707 network: add comment to table that it belongs to libvirt
aa802b8723 hyperv: Implement virDomainInterfaceAddresses()
a422ebb178 hyperv: Move MAC parsing into a separate function
7fdc9111d2 virsocketaddr: Introduce virSocketAddrSubnetToPrefix()
fb317b296d datatypes: Declare autofree func for virDomainInterface type
8e377728c5 nwfilter: move shared nwfilter driver functions into nwfilter_tech_driver.c
6e101ad0c7 nwfilter: remove redundant sys/utsname.h include
a82cc0c435 nwfilter: rename generic names to virNWFilter* and CamelCase
7136e9155a docs: add description for USB port matching
f0cdc0fca4 nodedev: add USB port to nodedev XML
b97afe28f5 tests: validate an XML config with USB bus/port set
53e8f30dc8 schema: add USB port attribute
7a888d722c conf: add support for host USB port matching
73677f062f util: implement support for finding host USB devices by port
4b97cdd1a5 util: generalize the host USB device search APIs
93e1f5ee96 virusb test data: add devpath files for port addressing
fc5840b498 qemu: Ignore cmp_legacy CPU flag
afe6e5d260 virsh: Switch cmdDomIfAddr() to vshTable
9373d8da6a qemu_command: Generate granule prop for virtio-iommu
2eea8e3829 qemu_validate: Check whether granule of virtio-iommu is supported
43892d9915 conf: Introduce granule attribute for virtio-iommu
17693931e6 qemu_command: Generate aw_bits prop for virtio-iommu
2fccdda851 conf: Allow aw_bits for virtio-iommu
befdd44bf8 qemu_capabilities: Introduce QEMU_CAPS_VIRTIO_IOMMU_AW_BITS
e1c6e3fef0 conf: Teach virDomainParseMemory() new retval
b4c792313a hyperv: Avoid memleak in hypervDomainDefParsePhysicalDisk
090223d01a src/esx/esx_vi.c: Debug path element comparisons
29aa558642 bhyvexml2xmltest: Avoid leaking driver caps
720f71c1da bhyvexml2argvtest: Avoid leaking firmwareDir
210cae66e0 bhyvexml2argvtest: Don't leak parts of driver config
f0af542077 bhyvexml2argvtest: Avoid leaking driver caps
fcc5910557 bhyvexml2argvmock: Provide virCPUProbeHost()
2f1421d83b bhyve_command: Avoid memleak in bhyveBuildNetArgStr()
df2cb810a3 bhyve_command: Avoid leaking @buf in virBhyveProcessBuildBhyveCmd()
1ce8c35c29 bhyve: Avoid leaking @addrs in bhyveDomainAssignPCIAddresses()
1779a8600f bhyve: Avoid memleak in bhyveParsePassthru()
bf34b90bb4 qemuMigrationDstPrepareAnyBlockDirtyBitmaps: Always consider offered bitmaps
a4f610ff3f qemu: migration: Always offer block dirty bitmaps during migration
0c75fc1747 qemuMigrationDstPrepareAnyBlockDirtyBitmaps: Fix check for existing bitmaps
b2fe3465de qemu: monitor: Detect list of bitmaps from 'qcow2' format specific data
71643c197e qemublocktest: Iterate all nodenames in 'testQemuDetectBitmaps'
864a70114f rpcgen: Pass XDRPROC_T_3ARGS to test_demo.c
2c66b6d72c build: add detection of xdrproc_t arguments count
74fc02d792 tests: qemuxmlconfdata: provide iommufd sample XML and CLI args
7d2f91f9cb qemu: Update Cgroup, namespace, and seclabel for iommufd
2f0999a161 qemu: open iommufd FD from libvirt backend
f623080472 qemu: open VFIO FDs from libvirt backend
f91a07d0c8 qemu: Support per-process memory accounting for iommufd
1043e04e17 qemu: Introduce privateData for hostdevs
fd113055bb qemu: Implement support for associating iommufd to hostdev
203002249b tools: Fix chown syntax in virt-pki-validate.c (dot -> semicolon as owner and group separator)
b9d9ff39d3 qemu: introduce the "virtualization" feature
ca98f39e64 networkxmlconftest: Expect success for "hostdev" case only on Linux
e7c6f06747 ci: regenerate with 'lcitool manifest'
240deda72c tests: Rename networkxml2xmltest to networkxmlconftest
8f5e0903d6 tests: Drop networkxml2conftest
c26c7b1cd3 networkxml2xmltest: Do conf test
ee8381e729 networkxml2xmltest: Sync test cases with networkxml2conftest
369020180a networkxml2xmltest: Store parsed def for future tests
2d6a376ec0 networkxml2xmltest: Dynamically allocate testInfo struct
5b2ed0d137 networkxml2xmltest: Move path generation into testRun()
c24157056f networkxml2xmltest: Introduce testRun()
04034eeb34 networkxml2xmltest: Don't recreate xmlopt object
eff3431dca networkxml2conftest: Allow regenerating more in one run
30baa49454 networkxml2conftest: Allow regenerating hosts file
319bbb5c84 networkxml2conftest: Avoid potential leak
ecb2e06bdf test: wire up networkValidateTests()
4b98a649b3 network: Introduce networkValidateTests()
7c9b883eb3 networkxml2xmltest: Update couple of test cases
d07d7a6842 networkxml2conftest: Fail tests where no dnsmasq would be spawned
82040ddce7 networkxml2conftest: Drop routed-network-no-dns test case
794338569d network: Move decision on dnsmasq need into a separate function
e047ae9ec3 network: Separate private APIs declaration to bridge_driver_priv.h
9d6f5ac1f3 tests: Avoid crossdir inclusion for networkxml2* tests
13889feb14 esx: Switch to creating URLs using virURIFormat
e013d5b5ca esx: Abstract all URL-creation code into one function
38c952d893 esx: Debug URL just before opening with curl
6bb982178b qemuSnapshotUpdateBackingStore: Retry as curent user if qemu-img fails
f1ad521936 virDomainSnapshotDefAssignExternalNames: Improve error message
6bcdf4ee59 qemuSnapshotDiskHasBackingDisk: Use proper 'max_depth' when calling 'virStorageSourceGetMetadata'
452c281aee qemuSnapshotUpdateBackingStore: Remove stale comment
b43aee9cc9 qemuSnapshotDiskHasBackingDisk: Avoid call of virStorageSourceIsSameLocation with NULL argument
65c7369107 qemu: Connect NVMe devices to PCIe bus
27fd2e97b8 Fix printf style used with virDomainIOMMUDef::aw_bits
4009126f17 src: Use device alias when ifname is unset in virDomainInterfaceAddresses()
3a10f435b7 libvirt-domain: Fix documentation of virDomainInterfaceAddresses()
6f07a8e6fc util: Remove @masked argument from virSocketAddrFormatWithPrefix
adcc14e153 qemuDomainSetThrottleGroup: Don't put group name into the 'tunable' event twice
0cd13906dc qemuDomainSetThrottleGroup: Always honour thottle group name passed as argument
fa06437566 qemuDomainSetBlockIoTuneField: Move setting of 'group_name' out of the loop
abcdc9511b qemuDomainSetThrottleGroup: Enforce non-zero 'groupname' string length
27141859f1 qemucapabilitiestest: Add data for the qemu-11.0 dev cycle (aarch64)
2425a570e3 qemucapabilitiestest: Add data for the qemu-11.0 dev cycle (x86_64)
a1476a5afc qemuxmlconftest: Prepare 'fd-memory-numa-topology4' for removal of 'pc-i440fx-5.0'
be58c0eaa2 qemuxmlconftest: Remove specific machine type from 'devices-acpi-index'
f9cec072c4 qemuxmlconftest: Freeze 'cpu-numa-memory-oldstyle' case to qemu-10.2
70d7458186 virnetdevtap: Produce more helpful error message in virNetDevTapCreate()
845210011a esx: Allow connecting to IPv6 server
e0dcf278af bhyve: workaround for the lack of UTC clock on ARM64
7b889af2d2 virt-aa-helper: Ask for no deny rule for readonly disk elements
28482f2630 syntax-check: Introduce sc_prohibit_local_with_subshell rule
2442030856 libvirt-guest.sh.in: Fix logical error in guest_is_on()
8f0cf96b66 libvirt-guests.sh: Declare and assign separately to avoid masking return values
7a0c2fba91 scripts: don't import shutil in meson-warnings.py
50ad6026ad ci: regenerate with 'lcitool manifest'
43358229fe meson: write all warning flags to 'c-warnings.txt'
50640d35ae src: remove some -D defines from compiler args
a643671150 util: Fix max socket calculation
dcffd15520 conf: simplify check for vlan tagging support in virDomainActualNetDefValidate()
91a2d813cb conf: validate that specified interface type supports vlan tags
3190150ebd qemu: use actual/effective vlan when updating OVS-based interface vlan tag
b5a406a768 qemu: update vlan tag of macvtap (direct) passthrough devices during update-device
17976f6b2a qemu: forbid modifying network device portForwards with update-device
2e4abf4479 conf: new function virDomainNetPortForwardIsEqual()
878c5d2fa3 util: fix equivalence of AF_UNSPEC virSocketAddrs
be9885c274 nwfilter: rename ebiptables unit tests and data files
289e4cbc67 domain_logcontext: Don't assume remote driver is always available
5b080bc580 qemucapabilitestest: Add 'caps_10.2.0_aarch64' test data
095e133645 qemucapabilitiesdata: Regenerate 'caps_10.2.0_x86_64' replies
d917bf662b qemu: capabilities: Probe properties of 'scsi-block' and 'scsi-generic' devices
37d51c0d27 qemuSecurityMoveImageMetadata: Move seclabels only to virStorageSource of same type
badb0a8526 Align help text of virt-aa-helper with actual expectated input
05a2ad8321 syntax-check: Introduce sc_prohibit_g_autofree_const rule
adb19c902b network: Drop const for forwardIf in pfAddNatFirewallRules()
973aa66571 hyperv: Drop const for resourceType in hypervDomainAttachSerial()
b3a491284a rpm: disable -Werror on ELN builds
bdcf0c35bb Post-release version bump to 12.1.0
4d93728466 Release of libvirt-12.0.0
0ad017a6de NEWS: Mention shared FS detection race
b84e6d1b31 NEWS: Document features/improvements/bug fixes I've participated in
10a523c62a NEWS: Mention JSON nesting bug and TPM migration quirk with NFS
98329e4f12 Translated using Weblate (Korean)
49b8f0a814 Translated using Weblate (Swedish)
abe668561d Translated using Weblate (Portuguese)
8d5fdea287 news: document bhyve new features for 12.0.0
c44aecc40d Update translation files
0355b2d05a po: Refresh potfile for v12.0.0
e361469ebb Translated using Weblate (Spanish)
981ffc65af Translated using Weblate (Spanish)
80879c113f Translated using Weblate (Spanish)
a1c93eab00 Translated using Weblate (English (United Kingdom))
9ad5974ecb Translated using Weblate (Spanish)
2657b10746 Translated using Weblate (Spanish)
b08fe254d2 Translated using Weblate (Georgian)
c91c477648 Translated using Weblate (Spanish)
e8e555b625 Translated using Weblate (Czech)
855527bab5 Translated using Weblate (Georgian)
20b0880ab6 Translated using Weblate (Czech)
92b77582d4 Translated using Weblate (Swedish)
d557623281 news: Mention improvements and fixes to firmware selection
563a47ea7f qemu_firmware: Allow matching both UEFI and BIOS for ROM loader
9a041e61ec qemu_firmware: Don't skip autoselection for ROM
1b78d647da qemu_firmware: ROM firmware is always in raw format
8d1bfa69b2 tests: Add firmware-manual-efi-tdx
f65ef07dcf tests: Add firmware-manual-efi-sev-snp
0aa3fa2d62 qemu_firmware: Remove NVRAM to loader format copy hack
798528d2b6 qemu_firmware: Take NVRAM format into account when matching
623fc1b4b5 qemu_firmware: Take templateFormat into account when matching
91b6dee6d1 qemu_firmware: Retain user-specified NVRAM format
a92c140956 qemu_firmware: Prefer template format to loader format
ab8efe6fd0 qemu_firmware: Refactor setting NVRAM format
ee4c619b09 qemu_firmware: Simplify handling of legacy paths
3e1c110a4d qemu_firmware: Set templateFormat for custom paths
3acdcd2eb7 qemu_firmware: Introduce qemuFirmwareFillDomainCustom()
9ec9bdc8dc tests: Add firmware-auto-efi-format-mismatch-nvramtemplate
935879fb91 tests: Add firmware-auto-efi-format-nvramtemplate-qcow2
a4f33d7228 tests: Add firmware-auto-efi-format-nvram-raw-nvramtemplate-path
ab92d77339 tests: Add firmware-auto-efi-format-nvram-raw-loader-path
c8536599f2 tests: Add firmware-auto-efi-format-nvram-raw
13ce34e646 tests: Add firmware-manual-efi-nvram-template-nonstandard-legacy-paths
17979f08b9 tests: Add firmware-manual-efi-nvram-template-nonstandard-format
2bd0499294 schemas: Allow templateFormat without template path
876a5d34d4 qemu_firmware: Drop fallback for absent nvramTemplateFormat
3463e543fe qemu_firmware: Ignore stateless/combined when NVRAM is configured
c74adb33e4 domain_validate: Reject ROMs with format other than raw
5bae6e3640 tests: Add firmware-auto-efi-format-loader-qcow2-rom
a5ae34aa74 domain_validate: Reject read/write ROMs
26035762a9 tests: Add firmware-manual-bios-rw
07bcd51bcb tests: Add firmware-auto-bios-rw
46970217a8 domain_validate: Reject NVRAM with read/write firmware
27313799ba tests: Add firmware-manual-efi-rw-nvram
4df091dea4 qemu_firmware: Move copying of nvram.format to loader.format
5b374c5e3f qemu_firmware: Move format=raw compat exception
aaa0db64b4 qemu_firmware: Drop 'nvram' local variable
3f7eea0e17 qemu_firmware: Drop support for kernel descriptors
86a4ede0ec qemu: capabilities: Update 'caps_10.1.0_x86_64+inteltdx' after release
28015f020c qemu: capabilities: Update 'caps_10.2.0_x86_64+mshv' after release
1be917837e qemu: capabilities: Update '10.2' capabilities on x86_64 after release
380764992d qemucapabilitiesdata: Re-generate 'caps_10.2.0_x86_64'
0bdf8188d6 esx_util: Drop extra spacing
6c9d2591c6 esx: URI encode inventory objects twice
ffe74c7c55 esx_util: Introduce esxUtil_EscapeInventoryObject()
871a8f872d qemu: fix locking in qemuProcessHandleMemoryFailure
32749427de network: fix memory leak in leaseshelper.c
d50de61f34 bhyve: report domain capabilities for arm64
1b0c9d21b7 bhyve: tests: add xml2xml arm64 tests
eaeb1712a7 bhyve: tests: prepare for arm64 xml2xml tests
8c971cdce1 bhyve: command: handle arm64 bootloader
24be4b8c0c bhyve: command: make -H and -P args amd64-only
90df4b6795 bhyve: command: handle arm64 console
c3c8c7e8cc bhyve: domain: require ISA controller on x86_64 only
35b99f4994 bhyve: tests: support arch-dependent tests
c957dea309 bhyve: capabilities: fix for arm64
ca3cbae5af virQEMUSaveDataNew: Refactor cleanup
ccf008b85f qemu: snapshot: Check earlier if memory snapshot is possible
ac8d241620 qemuSaveImageCreate: Remove 'driver' argument
a8a62682fd qemuSaveImageCreateFd: Remove 'driver' argument
d4a5183674 qemuMigrationSrcToFile: Remove 'driver' argument
5d0d55f238 qemuMigrationSrcToSparseFile: Remove 'driver' argument
073306b4ad qemuDomainEventEmitJobCompleted: Remove 'driver' argument
256ce775d9 qemuMigrationSrcToLegacyFile: Remove 'driver' argument
c6988fdb2f qemuHotplugAttachDBusVMState: Remove 'driver' argument
a175096c37 qemu: snapshot: Don't overwrite 'ret' in qemuSnapshotCreateActiveExternal
d86259d5a7 docs: bhyve: document virtio-scsi support
790719be6b bhyve: add virtio-scsi support
1001371fba conf: introduce CTL storage type
6df374fefc qemu_validate: Drop VIR_DOMAIN_HYPERV_STIMER dependency on VIR_DOMAIN_HYPERV_VPINDEX
8e9a9f86b0 qemu_validate: Drop VIR_DOMAIN_HYPERV_SYNIC dependency on VIR_DOMAIN_HYPERV_VPINDEX
40f8bed857 libvirt-guests.service: use Type=exec
b3ede6618d tools: check for failure decoding secret base64 value
2d65cdeba8 docs: fix broken UUID example
16804acf14 virjsontest: Add test for nesting depth
b49d41b7e9 util: json: Increase JSON nesting limit when parsing to 300
bfd1a1a885 bhyve: rework capabilities probing
d3735f71ec tests: Remove temporary TZ parsing workaround
a54cafa62b news: Fix indentation
e727c8afad network: Propagate DNS forwarder port into dnsmasq config
72e4efbfa6 network: Introduce port for DNS forwarder
dad8b0fc52 bhyve: bhyvexml2argvtest: fix SLIRP tests
437c135671 docs: drvbhyve: document SLIRP networking
ffa6b2e892 bhyve: implement SLIRP networking
2df30bca10 tests: add capabilities for QEMU v10.1.0 on s390x
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 666602dc
---------------------------
vgabios: remove recipe, drop from xen-tools DEPENDS
vgabios 0.8a depends on dev86-native which was removed in a previous
commit (upstream repo deleted). vgabios is a legacy VGA BIOS from 2008
that has been superseded by SeaBIOS which is already a Xen dependency.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ff4b8783
---------------------------
irqbalance: update to v1.9.5
Bumping irqbalance to version v1.9.5-5-gcd9212f, which comprises the following commits:
8929e4d Reset banned_cpus explicitly for IRQBALANCE_BANNED_CPULIST
2804ba1 Change warnings about un-affine-able irqs to LOG_DEBUG
cf76396 Update configure.ac/meson.build for irqbalance 1.9.5
907b65f meson: force systemd-service installation with a seperate option
4f53f8c Fix irqbalance for Xen virtual event interrupts
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 106a44d9
---------------------------
ipxe: fix build with current toolchain
Update ipxe for compatibility with the current OE toolchain:
- Add coreutils-native to DEPENDS for cksum (used by build system
to generate checksums embedded in binary images)
- Drop syslinux and cdrtools-native from DEPENDS, remove
ISOLINUX_BIN from EXTRA_OEMAKE
- Skip ISO and USB image generation from the ALL target - only ROM
files are needed for Xen HVM and the ISO tools
(genisoimage/xorrisofs) are not compatible with cdrtools' mkisofs
- Drop patches applied upstream: gcc-10 warning fix, golan type
casts, fcommon directive, xenver.h typo, old-style function
definition, C23 reserved words, and unsafe function wrapper
- Refresh ipxe-fix-hostcc-nopie-cflags.patch for new line numbers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0f62ff39
---------------------------
ipxe: update to v2.0.0
Bumping ipxe to version v2.0.0-13-ga0bf3f1cc, which comprises the following commits:
a0bf3f1cc [cloud] Omit uploading empty blocks to EBS snapshots
5921e6b45 [cloud] Add utility to read INT13CON partition in Alibaba Cloud
619b1db1b [bnxt] Update conditions for invoking short commands
c3560072e [cloud] Add utility for importing images to Alibaba Cloud
7b3eb3c86 [undi] Drag in PCI-specific configuration
88d396719 [efi] Add a dummy SBOM PE section
847e09850 [ci] Add a workflow to import images to Google Cloud
013a4a93d [cloud] Specify Google Cloud project explicitly for storage client
e180aa85e [test] Assign unique MAC addresses for test network devices
5edffb26b [ci] Fix family name used for AWS image imports
e9b80ee54 [ci] Add a workflow to import images to AWS EC2
c44d5f96e [cloud] Add ability to upload AMI list to an S3 bucket
33ca177cf [release] Update version number after release
12798ec29 [release] Release version 2.0.0
616506924 [doc] Update change log in preparation for release
94138656d [efi] Do not unconditionally raise back to internal TPL
cbeda2012 [efi] Allow creating an image device handle with no parent device
5a17d8daf [efi] Install protocols onto a dedicated device handle
910d9c5a9 [efi] Allow executing images even with no open network devices
3df8f9c37 [efi] Try all supported autoexec protocols
b677399da [efi] Treat a URI device path as higher priority than a cached DHCP packet
8df45c2f3 [github] Add organization to sponsorship links
608dde2ad [doc] Add contribution guidelines
f7fe2b319 [cachedhcp] Set current working URI to cached DHCP filename
027d0fe24 [ci] Include Secure Boot ISO and USB images in release artifacts
559282d5a [build] Use Markdown consistently within release notes
3680a4ae5 [build] Add support for including a UEFI shim in filesystem images
1fbc3bca7 [efi] Automatically open network device matching loaded image device path
a69afd743 [tftp] Use TFTP server URI only if no other working URI is set
fa993d524 [tls] Transmit a closure alert when closing the connection
4d0b0cd4c [tls] Respond to received closure alerts
efe812637 [cachedhcp] Automatically open network device matching cached DHCPACK
879549da3 [dynui] Allow for duplicate shortcut keys
f00d2079d [doc] Add release process documentation
ad748f0d9 [bnxt] Update link speed definitions
7ce5dbd76 [efi] Allow for the existence of multiple shim lock protocols
596c84ce7 [efi] Support the EFI_PXE_BASE_CODE_TFTP_GET_FILE_SIZE operation
b48965ae5 [xferbuf] Silently discard data written to a void data transfer buffer
3194c8ad0 [xferbuf] Record maximum required size
7948ffe32 [ci] Remove now-redundant "netboot" job
9250a9091 [build] Create util/gensrvimg for building network boot server images
f0ceb70cb [bnxt] Fix memory leak in probe()
a6d393ecc [bnxt] Skip unnecessary calls for VFs
9443f7a2a [tls] Remove current time from client random bytes
1b6d88d64 [ipv6] Obtain MTU setting from NDP
1eb571cef [bnxt] Remove access of deprecated link speed variables
a5e4bb98b [bnxt] Fix typo in function declaration
df5957ccc [bnxt] Fix coding style
9d6831bb0 [bnxt] Correct port index usage
2012ab71d [pxeprefix] Add a minimal iPXE NBP metadata header
47467538f [build] Use little-endian word values in genfsimg
0854850d0 [ci] Add a job to automatically create releases
179366d72 [ci] Remove redundant duplicate creation of version.txt
9e0057a86 [build] Allow for generation of all release information
a82e0b41a [doc] Fix header levels in Markdown files
df2ef86d1 [doc] Update README
53a3365be [doc] Add an initial changelog
8fb90cb40 [build] Allow for construction of a text file containing the version
0cde7ce6d [build] Mark system logger as permitted for UEFI Secure Boot
2184bfdb0 [ci] Create a network bootable files archive as a build artifact
d98278a17 [ci] Include latest iPXE shim in build artifacts
80639a6ca [ci] Use ipxe-builder-utils container for combined BIOS/UEFI images
93fc2123c [ci] Include CA certificate file alongside signed binaries
a956c5fea [ci] Allow for manually triggered workflow runs
21b5bd840 [ci] Add support for building UEFI Secure Boot signed binaries
1d23d5a03 [ci] Schedule Coverity Scan run via GitHub Actions
2161e976c [build] Include USB drivers in the all-drivers build by default
ae8e23a45 [build] Handle all driver list construction via parserom.pl
c9158cb32 [build] Mark Xen HVM files as permitted for UEFI Secure Boot
7caee4489 [ci] Include Linux userspace build artifacts
6dc991d07 [slirp] Disable warnings for uncleanly deprecated libslirp functions
25429d952 [build] Include PCI drivers only in BIOS and UEFI builds
3f12b8b1c [build] Include devicetree drivers in the SBI all-drivers build
81da1a1b6 [dt] Add DT_ROM() and DT_ID() macros
5669c4d52 [build] Include Xen and Hyper-V drivers only in x86 BIOS and UEFI builds
0992d9b56 [build] Include Linux network drivers in the Linux all-drivers build
6e56f7ff2 [linux] Remove unused can_probe field from driver definition
8a1dd5850 [build] Include ISA drivers only in 32-bit BIOS builds
cc4a9df97 [ci] Include Secure Boot build artifacts
cf350b8eb [build] Filter out non-permitted drivers for UEFI Secure Boot
7a2817bbd [build] Drag in Xen and Hyper-V support via network device drivers
99a9e6e43 [build] Construct driver rules for USB devices
e783adcfd [build] Construct driver lists for each bus type
152351219 [build] Allow PCI_ROM() and ISA_ROM() to span multiple lines
4d6c8ab44 [usb] Add USB_ROM() and USB_ID() macros
481e04311 [librm] Work around two errata in the 386's "popal" instruction
cd9b44e57 [syslog] Allow port number to be specified for encrypted syslog server
362b704f8 [ci] Include supported network device list in build artifacts
18fab8dd8 [loong64] Fix error identifier generation for LoongArch64
12b279b4c [ci] Include error identifier list in build artifacts
95e756569 [pci] Ignore invalid subordinate bus numbers
aa06a76eb [ci] Show rolling release publication URL
c18d89570 [efi] Cache identified PCI root bridge I/O protocol handle
30d162ddd [uri] Ensure "##params=" separator is correct
59c67e111 [ci] Run tests on pull requests
5abbcab90 [build] Mark MS-CHAPv2 as permitted for UEFI Secure Boot
9106130f6 [build] Ensure dependencies of version.c are always rebuilt as expected
a565e18f3 [build] Exclude local named config headers from annotation checks
b05a045b4 [ci] Publish rolling release binaries via https://boot.ipxe.org
74e0551ac [ci] Publish rolling release build artifacts with stable URLs
e855c4c64 [ci] Produce combined BIOS/UEFI ISO and USB images
8e10974c8 [ci] Upload a selection of build artifacts from each run
dee71adda [build] Exclude external files from annotation checks
301b1ecf2 [build] Mark compressed image tools as permitted for UEFI Secure Boot
c07fb71a9 [build] Mark FDT management tools as permitted for UEFI Secure Boot
6b17d320d [build] Mark core arm64 files as permitted for UEFI Secure Boot
f1bcd160a [xen] Update to latest stable release headers
8e31ac9fc [build] Mark dummy architecture headers as permitted for UEFI Secure Boot
40c2db9d6 [build] Mark direct kernel loading as forbidden for UEFI Secure Boot
4db03054d [build] Mark GDB stub as forbidden for UEFI Secure Boot
03a906a9f [build] Mark Realtek driver as permitted for UEFI Secure Boot
b7e7f62b8 [efi] Avoid dragging in IPv4, IPv6, and DNS support unconditionally
e31dc79d4 [build] Mark EFI SNP/MNP driver wrappers as permitted for UEFI Secure Boot
641ea020f [prefix] Make unlzma.S compatible with 386 class CPUs
d0ea2b1bb [ci] Use prebuilt containers to build and test iPXE
207c99a47 [build] Allow GITVERSION to be specified as an environment variable
0abef79a2 [build] Do not use "git log" to construct build timestamp
faa42c850 [build] Do not use "git describe" to construct version number
a42a15ae9 [build] Allow for per-architecture sysroots
6eab3dbcd [ci] Update to ubuntu-24.04 GitHub actions runner
05cb93046 [build] Extend default configuration for non-BIOS builds
4157afc12 [usb] Drag in USB commands only when USB support is present
f3abf2b9d [pci] Drag in PCI commands only when PCI support is present
f7f685f8c [build] Canonicalise console type configuration
ce6f574a9 [build] Canonicalise USB configuration
6ad6af198 [build] Canonicalise settings sources configuration
ff80a1758 [build] Sort general configuration in order of approachability
360c0f336 [build] Canonicalise remaining portions of general configuration
d27cf68e0 [build] Canonicalise SAN boot protocol configuration
464916f99 [build] Canonicalise download protocol configuration
f869132d6 [build] Canonicalise network protocol configuration
e72c331aa [build] Canonicalise command list configuration
9f4b9f60f [build] Canonicalise image type configuration
c7403e7e5 [build] Mark more reviewed files as permitted for UEFI Secure Boot
1d5b1d924 [build] Fail Secure Boot builds unless all files are permitted
46510f36a [build] Mark MD4 and MD5 as forbidden for UEFI Secure Boot
adcaaf9b9 [build] Mark known reviewed files as permitted for UEFI Secure Boot
6cccb3bdc [build] Mark core files as permitted for UEFI Secure Boot
1996e214e [build] Check for standalone FILE_LICENCE() and FILE_SECBOOT() declarations
49f700a25 [console] Mark generated keymaps as permitted for Secure Boot
30948987f [build] Mark existing files as explicitly forbidden for Secure Boot
b09af00fa [efi] Mark imported EDK2 headers as permitted for Secure Boot
c5ae9ec99 [efi] Update to current EDK2 headers
e61c636bf [build] Define a mechanism for marking Secure Boot permissibility
9c01c5a5d [neighbour] Treat delayed transmissions as pending operations
2110afb35 [tcp] Report TCP statistics via the "ipstat" command
a8c89276c [malloc] Increase heap size to 4MB
8e557f1ab [tcp] Discard packets that lie immediately before the receive window
ff6d612e7 [neighbour] Add the ability to artificially delay outbound packets
33c832b0d [neighbour] Split out deferred transmission from discovery completion
aabfb8a94 [neighbour] Use discovery protocol field to identify incomplete neighbours
d0e01bb3f [neighbour] Always use network device's own link-layer address
7c39c04a5 [crypto] Allow for zero-length big integer literals
01038893a [test] Update big integer tests to use okx()
383214794 [crypto] Fix identification of non-wrapped elliptic curve identifiers
5aab6b7a3 [crypto] Add ECDSA-based TLS cipher suites
f1e23b53a [test] Add test cases for X.509 certificates with ECDSA signatures
d6eeb9039 [crypto] Add OID-identified algorithms for ECDSA with SHA2 hash family
d14066e92 [crypto] Allow ecPublicKey to be identified as a public-key algorithm
f3147b42a [test] Ensure OID-identified algorithms are present for X.509 tests
aa247f6e3 [x509] Correct debug message
4e3cbeef8 [crypto] Add support for ECDSA signatures
948677fe5 [test] Test verification of constructed signature
cfbf0da93 [crypto] Allow for an explicit representation of point at infinity
af99310f5 [test] Test signature verification independently of signing
3d5cd3d79 [intel] Add PCI ID for I219-V and -LM 24
86c40a8b1 [efi] Retry calls to GetRNG() as needed
fb1188936 [crypto] Generalise rsa_parse_integer() to asn1_enter_unsigned()
c7f129fed [crypto] Allow for addition of arbitrary Weierstrass curve points
1e353ff36 [crypto] Split out Weierstrass point initialisation and finalisation
d3adea838 [crypto] Expose the (prime) group order as an elliptic curve property
80e98dc0d [crypto] Verify that weierstrass_multiply() result is not point at infinity
b362f77bd [test] Allow for elliptic curve tests other than multiplication
e50e30a7f [crypto] Expose the base point as an explicit elliptic curve property
88c3e68df [http] Abort connections after a long period of inactivity
1a789c1da [http] Rename connection retry timer
64f936d5d [crypto] Allow for OID-identified elliptic curve algorithms
e6610b793 [test] Include key matching in existing public-key tests
3e566818f [crypto] Remove obsolete maximum output length method
1ccc320ee [crypto] Construct asymmetric ciphered data using ASN.1 builders
d4258272c [crypto] Construct signatures using ASN.1 builders
8cd963ab9 [crypto] Pass signatures for verification as ASN.1 cursors
c9c028259 [crypto] Restructure handling of ASN.1 bit strings
d73981aec [intel] Add PCI IDs for I225 and I226 chipsets
19dffdc83 [efi] Allow for creating devices with no EFI parent device
dfea3bbfa [pci] Use runtime selectable PCI I/O API for EFI cloud builds
9c1ac48bc [pci] Allow probing permission to vary by range
ff1a17dc7 [pci] Use linker tables for runtime selectable PCI APIs
0cf2f8028 [pci] Allow PCI configuration space access mechanism to vary by range
81496315f [arm] Avoid unaligned accesses for memcpy() and memset()
338347465 [efi] Wrap a selection of runtime services calls
925af2b4d [efi] Allow SAN-booted images to be traced via DEBUG=efi_wrap
0a8e34657 [efi] Add image security database GUID definition
5c135240b [efi] Add Microsoft vendor GUID definition
5154b6fcc [efi] Add storage security command protocol header and GUID definition
27ec3c76a [efi] Update to current EDK2 headers
3a2f75b78 [efi] Mark Arm/ProcessorBind.h as a non-imported header
f0d978d8b [efi] Mark Ip4Config.h as a non-imported header
f9b9ef578 [efi] Mark UgaDraw.h as a non-imported header
c0ac23fc5 [efi] Switch back to VA_START() etc macros for EFIAPI functions
360aa7064 [efi] Skip including the EDK2 ProcessorBind.h header for 32-bit RISC-V
df7f59d47 [pci] Move ECAM pci_can_probe() definition to correct header file
b41bda441 [spcr] Accept alternative type value for a 16550-compatible UART
6d9374e5a [acpi] Allow acpi_ioremap() to map a port I/O address
bd3982b63 [ioapi] Allow iounmap() to be called for port I/O addresses
f2ea97102 [spcr] Use the serial port defined by the ACPI SPCR by default
595ff2403 [spcr] Add support for the ACPI Serial Port Console Redirection table
8fd5e2772 [acpi] Add acpi_ioremap() to map an ACPI-described address
08d4d7fe9 [uart] Make baud rate a property of the UART
a786c8d23 [uart] Support 16550 UARTs accessed via either MMIO or port I/O
f7de1b53d [ioapi] Provide combined MMIO and port I/O accessors
fde35ff00 [pci] Disable decoding while setting a BAR value
606e87ec7 [cloud] Display instance type in AWS EC2
0336e2987 [ena] Leave queue base address empty when creating a low latency queue
0ddd83069 [riscv] Correct page table stride calculation
426c721e3 [librm] Correct page table stride calculation
c8f088d4e [cloud] Display build architecture in AWS EC2
416a2143a [cloud] Remove AWS public image access block only if not already unblocked
ba1846a0d [cloud] Remove AWS public image access block automatically if needed
b2e846821 [ena] Limit receive queue size to work around hardware bugs
846c505ae [ena] Increase transmit queue size to match receive fill level
0ae5e25de [ena] Add memory barrier after writing to on-device memory
c296747d0 [ena] Increase receive fill level
c1badf71c [ena] Add support for low latency transmit queues
0d15d7f0a [ena] Record supported device features
e5e371f48 [ena] Cancel uncompleted transmit buffers on close
dcc5d36ce [ena] Map the on-device memory, if present
510f3e5e1 [ena] Add descriptive messages for any admin queue command failures
3538e9c39 [pci] Record prefetchable memory window for PCI bridges
04a61c413 [ena] Use pci_bar_set() to place device within bridge memory window
94902ae18 [pci] Handle sizing of 64-bit BARs
e80818e4f [tls] Disable renegotiation unless extended master secret is used
57504353f [tls] Refuse to resume sessions with mismatched master secret methods
ab64bc5b8 [tls] Add support for the Extended Master Secret
d6656106e [tls] Generate master secret only after sending Client Key Exchange
4f44f6240 [gve] Rearm interrupts unconditionally on every poll
f5ca1de73 [gve] Use raw DMA addresses in descriptors in DQO-QPL mode
1cc1f1cd4 [gve] Report only packet completions for the transmit ring
d2e1e591a [gve] Use dummy interrupt to trigger completion writeback in DQO mode
c2d7ddd0c [gve] Add missing memory barriers
543829964 [intelxl] Use default dummy MSI-X target address
4224f574d [pci] Map all MSI-X interrupts to a dummy target address by default
ce30ba14f [gve] Select preferred operating mode
74c9fd72c [gve] Add support for out-of-order queues
0d1ddfe42 [gve] Cancel pending transmissions when closing device
cf5349754 [bnxt] Handle link related async events
4508e1023 [gve] Allow for descriptor and completion lengths to vary by mode
20a489253 [gve] Rename GQI-specific data structures and constants
86b322d99 [gve] Allow for out-of-order buffer consumption
b8dd3c384 [gve] Add support for raw DMA addressing
9f554ec9d [gve] Add concept of a queue page list base device address
91db5b68f [gve] Set descriptor and completion ring sizes when creating queues
048a34670 [gve] Add concept of operating mode
610089b98 [gve] Remove separate concept of "packet descriptor"
ee9aea789 [gve] Parse option list returned in device descriptor
6464f2edb [bnxt] Add error recovery support
969ce2c55 [efi] Use current boot option as a fallback for obtaining the boot URI
c10da8b53 [efi] Add ability to extract device path from an EFI load option
5bec2604a [libc] Add wcsnlen()
61b4585e2 [efi] Drag in MNP driver whenever SNP driver is present
a53ec4493 [bnxt] Update CQ doorbell type
8460dc4e8 [dwgpio] Use fdt_reg() to get GPIO port numbers
88ba01176 [fdt] Provide fdt_reg() for unsized single-entry regions
9d4a2ee35 [cmdline] Show commands in alphabetical order
332241238 [digest] Treat inability to acquire an image as a fatal error
6fa901530 [digest] Add "--set" option to store digest value in a setting
f5467d69d [github] Extend sponsorship link
f45782f9f [digest] Add commands for all enabled digest algorithms
2e4e1f7e9 [dwgpio] Add driver for the DesignWare GPIO controller
90fe3a292 [gpio] Add a framework for GPIO controllers
5f10b7455 [fdt] Use phandle as device location
f7a1e9ef8 [dwmac] Show core version in debug messages
01b1028d4 [bnxt] Remove unnecessary test_if macro
6ca7a560a [bnxt] Remove unnecessary I/O macros
be551d420 [serial] Explicitly initialise serial console UART to NULL
a814c4605 [riscv] Place explicitly zero-initialised variables in the .data section
5bda1727b [riscv] Allow for poisoning .bss section before early initialisation
e3a6e9230 [undi] Assume that legacy interrupts are broken for any PCIe device
65b8a6e45 [pxeprefix] Display PCI vendor and device ID in PXE startup banner
fb082bd4c [fdt] Add ability to locate node by phandle
e01e5ff7c [dwusb] Add driver for DesignWare USB3 host controller
6c42ea127 [xhci] Allow for non-PCI xHCI host controllers
eca97c2ee [xhci] Use root hub port number to determine slot type
8a8904aad [efi] Check only the non-extended WaitForKey event
8701863a1 [efi] Allow compiler to perform type checks on EFI_EVENT
1e3fb1b37 [init] Show initialisation function names in debug messages
7ac4b3c6f [efi] Assume that vendor wireless drivers are unusable via SNP
c3376f864 [efi] Drop to external TPL for calls to ConnectController()
c01c3215d [efi] Provide efi_tpl_name() for transcribing TPLs in debug messages
434462a93 [riscv] Ensure coherent DMA allocations do not cross cacheline boundaries
d539a420d [riscv] Support the standard Svpbmt extension for page-based memory types
2aacb346c [riscv] Create coherent DMA mapping of 32-bit address space on demand
0611ddbd1 [riscv] Use 1GB pages for I/O device mappings
c2cdc1d31 [dwmac] Add driver for DesignWare Ethernet MAC
bbabde8ff [riscv] Invalidate data cache on completed RX DMA buffers
634d9abef [riscv] Add optimised TCP/IP checksumming
101ef74a6 [riscv] Provide a DMA API implementation for RISC-V bare-metal systems
22de0c4ed [dma] Use virtual addresses for dma_map()
06083d267 [build] Handle isohybrid with xorrisofs
e223b3251 [riscv] Support explicit cache management operations on I/O buffers
6a75115a7 [riscv] Add support for detecting T-Head vendor extensions
19f1407ad [iobuf] Ensure I/O buffer data sits within unshared cachelines
c21443f0b [uaccess] Allow for coherent DMA mapping of the 32-bit address space
d75d10df1 [riscv] Create coherent DMA mapping for low 4GB of address space
3fd54e4f3 [riscv] Construct invariant portions of page table outside the loop
6bc55d65b [bnxt] Update supported devices array
002062777 [bnxt] Update device descriptions
126366ac4 [bnxt] Remove VLAN stripping logic
4262328c1 [github] Add sponsorship link
54392f0d7 [bnxt] Increase Tx descriptors
e5953ed7e [build] Disable use of common symbols
8df3b9640 [build] Allow for the existence of small-data sections
d3e10ebd3 [legacy] Allocate legacy driver .bss-like segments at probe time
6ea800ab5 [legacy] Rename the global legacy NIC to "legacy_nic"
d0c02e0df [legacy] Allocate extra padding in receive buffers
97f40c5fc [pxe] Use a weak symbol for isapnp_read_port
c33ff76d8 [fdtcon] Add basic support for FDT-based system serial console
9ada09c91 [dwuart] Read input clock frequency from the device tree
0ed1dea7f [uart] Wait for 16550 UART to become idle before modifying LCR
2ce1b185b [serial] Allow platform to specify mechanism for identifying console
5d9f20bbd [dwuart] Add "ns16550a" compatible device ID
d1823eb67 [riscv] Inhibit SBI console when a serial console is active
25fa01822 [riscv] Serialise MMIO accesses with respect to each other
53a3befb6 [dwuart] Add a basic driver for the Synopsys DesignWare UART
cca1cfd49 [uart] Allow for dynamically registered 16550 UARTs
71b4bfb6b [uart] Add support for MMIO-accessible 16550 UARTs
6c8fb4b89 [uart] Allow for the existence of non-16550 UARTs
60e167c00 [uart] Remove ability to use frame formats other than 8n1
5783a10f7 [riscv] Write SBI console output to early UART, if enabled
41e65df19 [riscv] Maximise barrier effects of memory fences
7e96e5f2e [fdt] Allow paths and aliases to be terminated with separator characters
1de3aef78 [bnxt] Remove TX padding
3e8909cf5 [fdtmem] Limit relocation to 32-bit address space
c4a3d438e [dt] Allow for creation of standalone devices
b5fb7353f [ipv4] Add support for classless static routes
e648d23fb [ipv4] Extend routing mechanism to handle non-default routes
96f586466 [ipv4] Add self-tests for IPv4 routing
1ae75a3bd [test] Add infrastructure for test network devices
5b3ebf8b2 [riscv] Support T-Head CPUs using non-standard Memory Attribute Extension
817145fe0 [riscv] Do not set executable bit in early UART page mapping
7df005c4c [riscv] Add fences around early UART writes
88cffd75a [riscv] Zero SATP after any failed attempt to enable paging
bb2011241 [dt] Locate parent node at point of use in dt_ioremap()
1762568ec [fdt] Provide ability to locate the parent device node
d64250918 [fdt] Add tests for device tree creation
3fe321c42 [riscv] Add support for a SiFive-compatible early UART
2e27d772c [riscv] Support mapping early UARTs outside of the identity map
98fdfdd25 [riscv] Add support for writing prefix debug messages direct to a UART
2e8d45aee [riscv] Create macros for writing characters to the debug console
6eb51f1a6 [riscv] Ignore riscv,isa property in favour of direct CSR testing
192cfc3cc [image] Use image name rather than pointer value in all debug messages
eae9a2754 [riscv] Support mapping I/O devices outside of the identity map
6af4a022b [fdtmem] Ignore reservation regions with no fixed addresses
56f5845b3 [riscv] Include carriage returns in libprefix.S debug messages
09140ab2c [memmap] Allow explicit colour selection for memory map debug messages
8d88870da [riscv] Support older SBI implementations
036e43334 [memmap] Rename addr/last fields to min/max for clarity
cd38ed4fa [lkrn] Support initrd construction for RISC-V bare-metal kernels
c713ce5c7 [initrd] Squash and shuffle only initrds within the external heap
4a39b877d [initrd] Split out initrd construction from bzimage.c
11929389e [initrd] Allow for images straddling the top of the reshuffle region
029c7c417 [initrd] Rename bzimage_align() to initrd_align()
9231d8c95 [initrd] Swap initrds entirely in-place via triple reversal
11e01f065 [uheap] Expose external heap region directly
e05604107 [uheap] Prevent allocation of blocks with zero physical addresses
b9095a045 [fdtmem] Allow iPXE to be relocated to the top of the address space
a53456334 [riscv] Speed up memmove() when copying in forwards direction
20d2c0f78 [lkrn] Shut down devices before jumping to kernel entry point
969e8b546 [lkrn] Allow a single initrd to be passed to the booted kernel
9bc559850 [fdt] Allow an initrd to be specified when creating a device tree
c1cd54ad7 [initrd] Move initrd reshuffling to be architecture-independent code
d15a11f3a [image] Use image replacement when executing extracted images
e2f4dba2b [lkrn] Add support for EFI zboot compressed kernel images
ecac4a34c [lkrn] Add basic support for the RISC-V Linux kernel image format
d0c35b682 [bios] Use generic external heap based on the system memory map
140ceeeb0 [riscv] Use generic external heap based on the system memory map
4d560af2b [uheap] Add a generic external heap based on the system memory map
490f1ecad [malloc] Allow heap to specify block and pointer alignments
c6ca3d3af [malloc] Allow for the existence of multiple heaps
83449702e [memmap] Remove now-obsolete get_memmap()
624d76e26 [bios] Use memmap_describe() to find an external heap location
79c30b92a [settings] Use memmap_describe() to construct memory map settings
c8d64ecd8 [bios] Use memmap_describe() to find a relocation address
dbc86458e [comboot] Use memmap_describe() to obtain available memory
d0adf3b4c [multiboot] Use memmap_describe() to construct Multiboot memory map
25ab8f462 [image] Use memmap_describe() to check loadable image segments
a353e7080 [memmap] Use memmap_dump_all() to dump debug memory maps
3812860e3 [bios] Describe umalloc() heap as an in-use memory area
4c4c94ca0 [bios] Update to use the generic system memory map API
3f6ee9573 [fdtmem] Update to use the generic system memory map API
bab3d7671 [memmap] Define an API for managing the system memory map
f6f11c101 [tests] Remove prehistoric umalloc() test code
e0c4cfa81 [fdtmem] Record size of accessible physical address space
64ad1d03c [bios] Rename memmap.c to int15.c
1dd9ac13f [bnxt] Use updated DMA APIs
08edad7ca [bnxt] Return proper error codes in probe
4d39b2dcc [crypto] Remove redundant null pointer check
d1c1e578a [riscv] Add a .pf32 build target for padded parallel flash images
6fd927f92 [riscv] Perform a writability test before applying relocations
4566f5975 [riscv] Avoid potentially overwriting the scratch area during relocation
8e38af800 [riscv] Add a .lkrn build target resembling a Linux kernel binary
17fd67ce0 [riscv] Relocate to a safe physical address on startup
3dfc88158 [riscv] Construct page tables based on link-time virtual addresses
c45dc4a55 [riscv] Allow apply_relocs() to use non-inline relocation records
420e475b1 [riscv] Return accessible physical address space size from enable_paging()
6fe9ce66a [fdtmem] Add ability to parse FDT memory map for a relocation address
2e45106c0 [riscv] Ensure that prefix_virt is aligned on an xlen boundary
95ede670b [riscv] Hold virtual address offset in the thread pointer register
f988ec09e [fdt] Generalise access to "reg" property
3027864f1 [riscv] Use load and store pseudo-instructions where possible
134d76379 [build] Formalise mechanism for accessing absolute symbols
1d58d928f [libc] Display assertion failure message before incrementing counter
8fe3c68b3 [riscv] Add support for disabling 64-bit and 32-bit paging
5b19ddbb3 [riscv] Return virtual address offset from enable_paging()
5e518c744 [riscv] Restore temporarily modified PTE within 32-bit transition code
0279015d0 [uaccess] Generalise librm's virt_offset mechanism for RISC-V
e8a6c2657 [build] Constrain PHYS_CODE() and REAL_CODE() to use i386 registers
12dee2dab [riscv] Add debug printing of hexadecimal values in libprefix.S
72c81419b [riscv] Move prefix system reset code to libprefix.S
764183504 [riscv] Add basic debug progress messages in libprefix.S
9445a9ff4 [riscv] Provide a millicode variant of print_message()
dc9e6f0ed [riscv] Move prefix debug message printing to libprefix.S
b3cbdc86f [riscv] Place prefix debug strings in .rodata
4bef4c806 [riscv] Use compressed relocation records
8f7aa292a [riscv] Place .got and .got.plt in .data
e37e3f17e [riscv] Discard ELF hash tables
70bb5e5e6 [zbin] Allow for constructing compressed dynamic relocation records
98646b9f0 [build] Allow for 32-bit and 64-bit versions of util/zbin
4c11737d5 [riscv] Add support for enabling 32-bit paging
a32f3c2bc [riscv] Add support for enabling 64-bit paging
dad206026 [riscv] Allow for a non-zero link-time address
a4b5dd63c [riscv] Split out runtime relocator to libprefix.S
1534b0a6e [uaccess] Remove redundant virt_to_user() and userptr_t
a169d7359 [uaccess] Reduce scope of included uaccess.h header
05ad7833c [image] Make image data read-only to most consumers
cd803ff2e [image] Add the concept of a static image
330391001 [image] Move embedded images from .rodata to .data
2d9a6369d [test] Separate read-only and writable CMS test images
b6f9e4bab [uaccess] Remove redundant copy_from_user() and copy_to_user()
a69c42dd9 [image] Clear recorded replacement image immediately after consuming
9962c0a58 [bofm] Remove userptr_t from BOFM table parsing and updating
080072384 [bofm] Allow BOFM tests to be run without a BOFM-capable device driver
4e909cc2b [build] Remove some long-obsolete unused header files
6c9dc063f [peerdist] Remove never-used peerdist_msg_blk() macro
54c4217bd [peerdist] Remove userptr_t from PeerDist content information parsing
837b77293 [xferbuf] Simplify and generalise data transfer buffers
43fc51629 [prefix] Remove userptr_t from command line image construction
c9fb94dba [comboot] Remove userptr_t from COM32 API implementation
f001e61a6 [comboot] Remove userptr_t from COMBOOT API implementation
ef9711958 [comboot] Remove userptr_t from COMBOOT image parsing
0b45db397 [uaccess] Remove redundant UNULL definition
6ccb6bcfc [bzimage] Remove userptr_t from bzImage parsing
412ad5601 [initrd] Use physical addresses for calculations on initrd locations
ef3827cf1 [bzimage] Use image name in debug messages
083e273bb [efi] Add ability to reboot to firmware setup menu
7eaa2daf6 [reboot] Generalise warm reboot indicator to a flags bitmask
ba2135d0f [multiboot] Remove userptr_t from Multiboot and ELF image parsing
c8c5cd685 [multiboot] Use image name in Multiboot and ELF debug messages
3befb5eb5 [linux] Enable compiler warnings when building the linux_api.o object
024439f33 [linux] Add missing return statement to linux_poll()
bd4ca67cf [build] Disable gcc unterminated-string-initializer warnings
15c1111c7 [build] Remove unsafe disable function wrapper from legacy NIC drivers
7741756af [build] Prevent the use of reserved words in C23
b816b816a [build] Fix old-style function definition
58e6729cb [build] Fix typo in xenver.h header guard
4c8bf666f [pnm] Remove userptr_t from PNM image parsing
d29651dde [png] Remove userptr_t from PNG image parsing
76a17b098 [fbcon] Avoid redrawing unchanged characters when scrolling
aa3cc56ab [fbcon] Remove userptr_t from framebuffer console drivers
4cca1cadf [efi] Remove userptr_t from EFI PE image parsing
338cebfee [pxe] Remove userptr_t from PXE file API implementation
8b3b4f245 [pxe] Remove userptr_t from PXE API call dispatcher
c1b558f59 [cmdline] Remove userptr_t from "digest" command
0edbc4c08 [nbi] Remove userptr_t from NBI image parsing
3cb33435f [sdi] Remove userptr_t from SDI image parsing
d7c94c4aa [pxe] Remove userptr_t from PXE NBP image parsing
2f11f466e [block] Remove userptr_t from block device abstraction
2742ed5d7 [uaccess] Remove now-obsolete memchr_user()
4f4f6c33e [script] Remove userptr_t from script image parsing
8923a216b [ucode] Remove userptr_t from microcode image parsing
605cff4c8 [ucode] Remove userptr_t from microcode update mechanism
f18c1472e [thunderx] Replace uses of userptr_t with direct pointer dereferences
8ac03b4a7 [exanic] Replace uses of userptr_t with direct pointer dereferences
e8ffe2cd6 [uaccess] Remove trivial uses of userptr_t
945df9b42 [gve] Replace uses of userptr_t with direct pointer dereferences
839540cb9 [umalloc] Remove userptr_t from user memory allocations
0bf0f8716 [smbios] Remove userptr_t from SMBIOS structure parsing
0b3fc48fe [acpi] Remove userptr_t from ACPI table parsing
c059b3417 [deflate] Remove userptr_t from decompression code
b89a34b07 [image] Remove userptr_t from image definition
e98b84f1b [crypto] Remove userptr_t from CMS verification and decryption
3f8937d2f [crypto] Remove userptr_t from ASN.1 parsers
04d0b2fdf [uaccess] Remove redundant read_user()
050df80bb [uaccess] Replace real_to_user() with real_to_virt()
8c31270a2 [uaccess] Remove user_to_phys() and phys_to_user()
4535548cb [uaccess] Remove redundant user_to_virt()
89fe78868 [uaccess] Remove redundant memcpy_user() and related string functions
ef0384918 [uaccess] Remove redundant userptr_add() and userptr_diff()
b65f67d44 [uaccess] Change userptr_t to be a pointer type
71174e19d [uaccess] Add explicit casts to and from userptr_t where needed
63d27c631 [uaccess] Rename userptr_sub() to userptr_diff()
453acba7d [time] Use currticks() to provide the null system time
423cdbeb3 [riscv] Map DEL to backspace on the SBI debug console
1291dc39f [cgem] Add a driver for the Cadence GEM NIC
0c482060d [undi] Work around broken ASUSTeK KNPA-U16 server PXE ROM
758a50486 [efi] Inhibit calls to Shutdown() for wireless SNP devices
b07cc851f [netdevice] Add the concept of an insomniac network device
c88ebf2ac [efi] Allow for custom methods for disconnecting existing drivers
eeec6442d [dt] Provide dt_ioremap() to map device registers
99322fd3b [fdt] Add fdt_cells() to read cell-based properties such as "reg"
2c406ec0b [netdevice] Add missing bus type identifier for devicetree devices
424839c58 [crypto] Allow for explicit control of external trust sources
37e9f785b [dt] Add basic concept of a devicetree bus
d462aeb0c [fdt] Remove concept of a device tree cursor
b1125007c [fdt] Add basic tests for reading values from a flattened device tree
db4934617 [fdt] Avoid temporarily modifying path during path lookup
c887de208 [fdt] Provide fdt_strings() to read string list properties
69af6f0c3 [fdt] Allow for trailing slashes in path lookups
96dfaa7e7 [crypto] Switch to using python-asn1crypto instead of python-asn1
7e64e9b67 [fdt] Populate boot arguments in constructed device tree
d85344888 [fdt] Identify free space (if any) at end of parsed tree
0a48bb321 [x509] Ensure certificate remains valid during x509_append()
a289b4b8c [tls] Support fragmentation of transmitted records
f115cfcf9 [tls] Send an empty client certificate chain if we have no certificate
5818529f3 [iobuf] Limit automatic I/O buffer alignment to page size
7fe467a46 [tls] Encrypt data in place to reduce memory usage
d92551a32 [xfer] Use xfer_alloc_iob() for transmit I/O buffers on stream sockets
3937c893a [isa] Disable legacy ISA device probing by default
4a7f64bf4 [efi] Allow for fact that SNP device may be removed by executed image
18dbd05ed [efi] Check correct return value from efi_pxe_find()
4bcaa3d38 [efi] Disconnect existing drivers on a per-protocol basis
7737fec5c [efi] Define an attachment priority order for EFI drivers
be3322475 [efi] Show all drivers claiming support for a handle in debug messages
ea5762d9d [efi] Return success from Stop() if driver is already stopped
7adce3a13 [efi] Add various well-known GUIDs encountered in WiFi boot
b20f506a7 [efi] Install a device tree for the booted OS, if available
761f43ce1 [fdt] Provide the ability to create a device tree for a booted OS
666929e31 [efi] Create a copy of the system flattened device tree, if present
3860313dd [fdt] Allow for parsing device trees where the length is known in advance
2399c7998 [fdt] Allow for the existence of multiple device trees
09fbebc08 [fdt] Add the "fdt" command
cfd93465e [fdt] Add the concept of an FDT image
98f86b4d0 [efi] Add support for installing EFI configuration tables
f0caf90a7 [efi] Add flattened device tree header and GUID definitions
ec8c5a5fb [efi] Add ACPI and SMBIOS tables as well-known GUIDs
0b606221c [undi] Ensure forward progress is made even if UNDI IRQ is stuck
4134280bc [pxeprefix] Ensure that UNDI IRQ is disabled before starting iPXE
e8365f7a5 [pxeprefix] Work around missing type values from PXENV_UNDI_GET_NIC_TYPE
32a940821 [efi] Allow use of typed pointers for efi_open() et al
37897fbd4 [efi] Eliminate uses of HandleProtocol()
bac318743 [efi] Use efi_open() for all ephemeral protocol opens
5a5e2a1da [efi] Use efi_open_unsafe() for all explicitly unsafe protocol opens
9dd30f11f [efi] Use efi_open_by_driver() for all by-driver protocol opens
4561a0376 [efi] Use efi_open_by_child() for all by-child protocol opens
358db1561 [efi] Create safe wrappers for OpenProtocol() and CloseProtocol()
48d168012 [efi] Remove the efipci_open() and efipci_close() wrappers
328388532 [efi] Avoid function name near-collision
331bbf507 [efi] Remove spurious close of SNP device parent's device path
8249bbc09 [efi] Use driver name only from driver binding handles in debug messages
02ecb23d1 [efi] Get veto candidate driver name via either component name protocol
756e3907f [efi] Get veto candidate driver name from image handle
be5bf0aa7 [efi] Show image address range in veto debug messages
5d64469a9 [efi] Prefer driver name to device path for debug messages
7cda3dbf9 [efi] Attempt to retrieve driver name from image handle for debug messages
1a602c92a [efi] Allow wrapping the global boot services table in situ
f68c8b09e [efi] Fix debug wrappers for CloseEvent() and CheckEvent()
37ea181d8 [efi] Ignore path separator characters in virtual filenames
6e4196baf [efi] Prescroll the display after a failed wrapped ExitBootServices() call
8ea8411f0 [efi] Add EFI_RNG_PROTOCOL_GUID as a well-known GUID
42a29d568 [crypto] Update cmsdetach to work with python-asn1 version 3.0.0
829e2d1f2 [rng] Restore state of IRQ 8 and PIE when disabling entropy gathering
8840de409 [pic8259] Return previous state when enabling or disabling IRQs
d1133956d [contrib] Update bochsrc.txt to work with current versions
ddc2d928d [efi] Accept and trust CA certificates in the TlsCaCertificates variable
aa49ce5b1 [efi] Add TLS authentication header and GUID definitions
2a901a33d [efi] Add EFI_GLOBAL_VARIABLE as a well-known GUID
da3024d25 [cpio] Allow for the construction of pure directories
d6ee9a924 [cpio] Fix calculation of name lengths in CPIO headers
5f3ecbde5 [crypto] Support extracting certificates from EFI signature list images
26a8fed71 [crypto] Allow for parsing of DER data separate from DER images
011c778f0 [efi] Allow efi_guid_ntoa() to be used in non-EFI builds
8706ae36d [efi] Add EFI_SIGNATURE_LIST header and GUID definitions
a3ede1078 [efi] Update to current EDK2 headers
32d706a9f [build] Use -fshort-wchar when building EFI host utilities
82fac5162 [efi] Mark UsbHostController.h as a non-imported header
be3a78eaf [lkrnprefix] Support a longer version string
12ea8c407 [cpio] Allow for construction of parent directories as needed
e7595fe88 [menu] Allow a post-activity timeout to be defined
ccd620054 [crypto] Start up RBG on demand if needed
b35300fc6 [efi] Increase download timeout for autoexec.ipxe
8e6b914c5 [crypto] Support direct reduction only for Montgomery constant R^2 mod N
5056e8ad9 [crypto] Expose shifted out bit from big integer shifts
bd90abf48 [bnxt] Allocate TX rings with firmware input
77cc3ed10 [malloc] Ensure free memory blocks remain aligned
6f076efa6 [malloc] Clean up debug messages
c85de315a [crypto] Add definitions and tests for the NIST P-384 elliptic curve
bc5f3dbe3 [crypto] Add definitions and tests for the NIST P-256 elliptic curve
be9ce4907 [crypto] Add support for Weierstrass elliptic curve point multiplication
66b5d1ec8 [crypto] Add a generic implementation of a Montgomery ladder
c2f21a218 [test] Add generic tests for elliptic curve point multiplication
c9291bc5c [tls] Allow for NIST elliptic curve point formats
df7ec3176 [crypto] Generalise elliptic curve key exchange to ecdhe_key()
cc38d7dd3 [crypto] Add bigint_ntoa() for transcribing big integers
d88eb0a19 [crypto] Extract bigint_reduce_supremum() from bigint_mod_exp()
83ba34076 [crypto] Allow for relaxed Montgomery reduction
c0cbe7c2e [efi] Add EFI_TCG2_PROTOCOL header and GUID definition
8816ddcd9 [efi] Update to current EDK2 headers
97079553b [crypto] Calculate inverse of modulus on demand in bigint_montgomery()
24db39fb2 [gve] Run startup process only while device is open
5202f8334 [crypto] Remove obsolete bigint_mod_multiply()
83ac98ce2 [crypto] Use Montgomery reduction for modular exponentiation
4f7dd7fbb [crypto] Add bigint_montgomery() to perform Montgomery reduction
96f385d7a [crypto] Use inverse size as effective size for bigint_mod_invert()
7c2e68cc8 [crypto] Eliminate temporary working space for bigint_mod_invert()
9cbf5c4f8 [crypto] Eliminate temporary working space for bigint_reduce()
167a08f08 [crypto] Expose carry flag from big integer addition and subtraction
da6da6eb3 [crypto] Add bigint_msb_is_set() to clarify code
e9a23a5b3 [efi] Ensure local drives are connected when attempting a SAN boot
8fc11d8a4 [build] Allow for per-architecture cross-compilation prefixes
19f44d299 [riscv] Check if seed CSR is accessible from S-mode
e0e102ee2 [sbi] Add support for running as a RISC-V SBI payload
7ccd08dbf [build] Allow default platform to vary by architecture
d9c0d26e1 [pci] Provide a null PCI API for platforms with no PCI bus
06a933000 [riscv] Add missing volatile qualifiers on timer and seed CSR accesses
be0c9788a [riscv] Add support for the seed CSR as an entropy source
cd54e7c84 [riscv] Add support for RDTIME as a timer source
b0a8eabbf [riscv] Add support for checking CPU extensions reported via device tree
74710b831 [fdt] Add ability to parse unsigned integer properties
cc45ca372 [pci] Drag in PCI settings mechanism only when PCI support is present
abfa7c3ab [uaccess] Rename UACCESS_EFI to UACCESS_FLAT
33d80b1cd [smbios] Provide a null SMBIOS API for platforms with no concept of SMBIOS
21940425c [riscv] Add support for reboot and power off via SBI
b23204b38 [riscv] Add support for the SBI debug console
fa1c24d14 [crypto] Add bigint_mod_invert() to calculate inverse modulo a power of two
c69f9589c [usb] Expose USB device descriptor and strings via settings
c219b5d8a [usb] Add "usbscan" command for iterating over USB devices
2bf16c6ff [crypto] Separate out bigint_reduce() from bigint_mod_multiply()
f78c5a763 [crypto] Use architecture-independent bigint_is_set()
7e0bf4ec5 [crypto] Rename bigint_rol()/bigint_ror() to bigint_shl()/bigint_shr()
3f4f84392 [crypto] Eliminate temporary carry space for big integer multiplication
8844a3d54 [arm] Support building as a Linux userspace binary for AArch32
e0282688c [arm] Check PMCCNTR availability before use for profiling
5f7c6bd95 [profile] Standardise return type of profile_timestamp()
3def13265 [crypto] Use constant-time big integer multiplication
59d123658 [gve] Allocate all possible event counters
9bb206863 [efi] Remove redundant EFI_BOOT_FILE definitions
c215048dd [riscv] Add support for the RISC-V CPU architecture
68db9a3cb [linux] Allow a sysroot to be specified via SYSROOT=...
670810bed [efi] Use standard va_args macros instead of VA_START() etc
1d43e535f [test] Add tests for 64-bit logical and arithmetic shifts
c85ad1246 [efi] Centralise definition of efi_cpu_nap()
5de5d4626 [libc] Centralise architecture-independent portions of setjmp.h
a1830ff43 [cloud] Add ability to delete old AMI images
49f9e036f [cloud] Add family and architecture tags to AWS snapshots and images
f88761ef4 [ena] Change reported operating system type to "iPXE"
2b8200757 [gdb] Allow CPU architectures to omit support for GDB
804f35cb5 [build] Centralise dummy architecture-specific headers
c7f2e7551 [aqc1xx] Add support for Marvell AQtion Ethernet controller
7f75d320f [etherfabric] Fix use of uninitialised variable in falcon_xaui_link_ok()
301644ab4 [test] Add CMS decryption self-tests
5e69cf08d [crypto] Allow cms_decrypt() to be called on unregistered images
72316b820 [image] Add the "imgdecrypt" command
486b15b3c [crypto] Support decryption of images via CMS envelopes
49404bfea [image] Split image_strip_suffix() out from image_extract()
748cab774 [crypto] Add cmsdetach script for detaching encrypted data from CMS messages
b053ba198 [test] Update CMS self-test terminology
4b4a362f0 [crypto] Allow for extraction of ASN.1 algorithm parameters
bdb5b4aef [crypto] Hold CMS message as a single ASN.1 object
46937a9df [crypto] Remove the concept of a public-key algorithm reusable context
acbabdb33 [tls] Group client and server state in TLS connection structure
c9cac76a5 [tls] Group transmit and receive state in TLS connection structure
be2784649 [gve] Add missing error codes in EUNIQ() list of potential errors
ab5743efc [contrib] Remove obsolete rom-o-matic code
633f4f362 [test] Generalise public-key algorithm tests and use okx()
53f089b72 [crypto] Pass asymmetric keys as ASN.1 cursors
950f6b586 [efi] Allow discovery of PCI bus:dev.fn address ranges
7c82ff0b6 [pci] Separate permission to probe buses from bus:dev.fn range discovery
9d9465b14 [crypto] Fix debug name for empty certificate chain validators
97635eb71 [crypto] Generalise cms_signature to cms_message
998edc6ec [crypto] Add OID-identified algorithms for AES ciphers
3b4d0cb55 [crypto] Pass image as parameter to CMS functions
96fb7a0a9 [crypto] Allow passing a NULL certificate store to x509_find() et al
d85590b65 [crypto] Centralise mechanisms for identifying X.509 certificates
59e2b03e6 [crypto] Extend asn1_enter() to handle partial object cursors
0e73b48f7 [crypto] Clarify ASN.1 cursor invalidation behaviour
309ac8fd2 [crypto] Do not return an error when skipping the final ASN.1 object
a064d3976 [cpuid] Allow hypervisor CPUID leaves to be accessed as settings
121d96b90 [cpuid] Allow reading hypervisor CPUID leaves
c117e6a48 [smbios] Allow reading an entire SMBIOS data structure as a setting
60d682409 [smbios] Avoid reading beyond end of constructed SMBIOS setting
0dc8933f6 [cloud] Add utility to read INT13CON partition in Google Compute Engine
d2d194bc6 [gve] Increase number of receive buffers to reduce packet loss
c7b76e3ad [gve] Add driver for Google Virtual Ethernet NIC
5a9f476d4 [cloud] Add utility for importing images to Google Compute Engine
b66e27d9b [ipv6] Expose router address for DHCPv6 leased addresses
77acf6b41 [ipv4] Support small subnets with no directed broadcast address
821bb326f [hci] Remove the generalised widget user interface abstraction
162cc51b6 [form] Reimplement the "login" user interface
f417f0b6a [form] Add support for dynamically created interactive forms
1c3c5e2b2 [dynui] Add concept of a secret user interface item
039019039 [dynui] Allow for multiple flags on a user interface item
c8e50bb0f [dynui] Generalise mechanisms for looking up user interface items
5719cde83 [dynui] Generalise the concept of a menu to a dynamic user interface
122777f78 [hci] Allow tab key to be used to cycle through UI elements
76e0933d7 [hci] Rename "item" command's first parameter from "label" to "name"
bf98eae5d [hci] Split out msg() and alert() from settings UI code
bb4a10696 [hci] Draw all widgets on the standard screen
e965f179e [libc] Add stpcpy()
dc118c536 [hci] Provide a general concept of a text widget set
d7e58c5a8 [test] Add test cases for editable strings
b01781a2b [hci] Fix semantics of replace_string() to match code comments
cb95b5b37 [efi] Veto the Dhcp6Dxe driver on all platforms
40b511244 [hci] Use dynamically allocated buffers for editable strings
27ecc36c0 [efi] Do not attempt to download autoexec.ipxe without a valid base URI
59f27d693 [netdevice] Add "linktype" setting
165995b7e [efi] Restructure handling of autoexec.ipxe script
b940d5423 [cachedhcp] Allow cached DHCPACK to apply to temporary network devices
b66f6025f [efi] Add the ability to create a temporary MNP network device
b52b4a46d [efi] Allow for allocating EFI devices from arbitrary handles
764e34f15 [http] Add error table entry for HTTP 404 Not Found error
afae88178 [tftp] Add error table entry for TFTP "file not found" error code
43deab89c [efi] Add error table entry for local filesystem EFI_NOT_FOUND error
19f39bc07 [efi] Report local file errors during download, rather than on opening
f39b48d5f [image] Allow opaque URI component to provide image name
37850e0e8 [build] Fix build failures with random versions of gcc
9bbe77669 [efi] Extract basic network settings from loaded image device path
170bbfd48 [efi] Add efi_path_mac() to parse a MAC address from an EFI device path
dcad73ca5 [efi] Add support for driving EFI_MANAGED_NETWORK_PROTOCOL devices
da5188f3e [efi] Allow for drivers to be located via child handles
ca483a196 [efi] Add helper functions for service binding protocols
a15ce0018 [efi] Match chainloaded device by uppermost matching handle
390bce951 [efi] Set current working URI from our own device path URI, if present
1a84facf1 [efi] Add efi_path_uri() to parse a URI from an EFI device path
88c2a01e1 [settings] Expose current working URI and directory URI via settings
926816c58 [efi] Pad transmit buffer length to work around vendor driver bugs
c11734eee [golan] Use ETH_HLEN for inline header size
fa4bda617 [build] Fix building on older versions of gcc
bac967d51 [snp] Allocate additional padding for receive buffers
17882e76a [ucode] Add support for updating x86 microcode
1344e13a0 [bios] Provide a multiprocessor API for BIOS
a67f913d6 [librm] Add support for installing a startup IPI handler
89bb926a0 [efi] Provide a multiprocessor API for EFI
1ab4d3079 [mp] Define an API for multiprocessor functions
df2f23e33 [efi] Update to current EDK2 headers
226531ed3 [ci] Update action versions to silence GitHub warnings
06e229590 [efi] Do not report return status from efi_block_local()
24a855f1f [block] Allow SAN boot device to be identified by filesystem label
62b6d3633 [block] Allow SAN boot device to be identified by an extra filename
cea22d76e [block] Allow SAN boot device to be identified by UUID
c4471e340 [efi] Add efi_path_guid() utility function
636ccb4ca [block] Allow for additional SAN boot parameters alongside filename
b1c13cc43 [efi] Allow booting from local disks via the "sanboot" command
8da22a59e [block] Allow for iteration over SAN device list in drive number order
37edfea72 [efi] Generalise block device boot to support arbitrary EFI handles
eb720d222 [efi] Use file system protocol to check for SAN boot filename existence
75c790448 [block] Use drive number as debug message stream ID
1b23d4de2 [efi] Use long forms of device paths in debug messages
7cd73884e [parseopt] Add parse_uuid() for parsing UUID command-line arguments
0eb8fbd0b [settings] Add parsing for UUID and GUID settings types
da7b26628 [uuid] Add uuid_aton() to parse a UUID from a string
182ee9093 [efi] Work around broken boot services table manipulation by UEFI shim
43e385091 [eap] Add support for the MS-CHAPv2 authentication method
25ffcd79b [eap] Allow MD5-Challenge authentication method to be disabled
834f319f8 [eap] Add progress debug messages
ee6185dcf [efi] Ignore new LoongArch PC-relative relocations and relaxations
e5f3ba0ca [drivers] Sort PCI_ROM() entries numerically
582132fe3 [crypto] Force inlining of trivial wrapper functions
075292cc2 [crypto] Add implementation of MS-CHAPv2 authentication
929f06a76 [crypto] Allow for multiple cross-signed certificate download attempts
943d75b55 [crypto] Add x509_is_self_signed() helper function
3e721e0c0 [crypto] Add x509_truncate() to truncate a certificate chain
e10dfe5dc [list] Add list_for_each_entry_safe_continue()
88b291d64 [list] Add list_is_head_entry()
94b39fbe9 [build] Fix build failures with older versions of gcc
0f5abd8b1 [libc] Allow build_assert() failures to be ignored via NO_WERROR=1
a846c4ccf [bnxt] Add support for BCM957608
e7ae51b0d [crypto] Add implementation of the DES cipher
af4583b21 [test] Remove dummy initialisation vector for ECB-mode AES tests
36a27b22b [crypto] Fix stray references to AES
0cc0f4744 [tls] Tidy up error handling flow in tls_send_plaintext()
65d69d33d [efi] Fix hang during ExitBootServices()
963ec1c4f [tls] Add ECDHE cipher suites
8f6a9399b [tls] Make key exchange algorithms selectable via build configuration
a881a2606 [crypto] Add X25519 OID-identified algorithm and TLS named curve
b234226db [tls] Add support for Ephemeral Elliptic Curve Diffie-Hellman key exchange
8e2469c86 [tls] Split out Diffie-Hellman parameter signature verification
989dbe0bc [tls] Generate key material after sending ClientKeyExchange
6f70e8be8 [tls] Restructure construction of ClientHello message
17135c83f [crypto] Add an abstraction of an elliptic curve
27398f136 [crypto] Check for all-zeros result from X25519 key exchange
de8a0821c [bnxt] Add support for additional chip IDs
2eea04c02 [crypto] Add X25519 key exchange algorithm
908174ec7 [loong64] Replace broken big integer arithmetic implementations
bac13ba1f [crypto] Add bigint_swap() to conditionally swap big integers
13e390d54 [crypto] Add bigint_copy() as a convenient wrapper macro
26d3ef062 [crypto] Allow multiplicand and multiplier to differ in size
4b7d9a6af [libc] Replace linker_assert() with build_assert()
6d29415c8 [libc] Make static_assert() available via assert.h
6ca597eee [build] Fix building with newer binutils
e66552eee [build] Remove unnecessary ".text" directives
08fcb0e8f [eap] Add support for the MD5-Challenge authentication type
c6226f104 [eap] Add support for sending an EAP identity
0abb3e85e [eap] Ignore any received EAP responses
4ed7a5718 [build] Reduce scope of wildcard .gitignore rules
fa6221323 [smbios] Support scanning for the 64-bit SMBIOS3 entry point
119c415ee [intel] Add PCI ID for I219-LM (23)
9e92c3989 [efi] Add potentially missing relocation types
3fc1b407d [efi] Fix Coverity warning about unintended sign extension
0958e0146 [efi] Add relocation types generated by clang
337880dea [build] Use SOURCE_DATE_EPOCH for FAT serial number if it exists
f22879ca9 [efi] Allow compiling elf2efi with clang
98dd25a3b [efi] Avoid modifying PE/COFF debug filename
a147245f1 [efi] Extend PE header size to cover space up to first section
c3dd3168c [efi] Fix dependency list construction in EDK2 header import script
b829b1750 [efi] Maximise image base address
03ff1bb99 [efi] Do not assume canonical PE section ordering
18582a05f [efi] Treat 16-bit sections as hidden in hybrid binaries
6714b20ea [efi] Place PE debug information in a hidden section
b37d89db9 [efi] Fix recorded overall size of headers in NT optional header
cc858acd3 [efi] Write out PE header only after writing sections
b30a0987e [efi] Use load memory address as file offset for hybrid binaries
3d8a61465 [efi] Mark PE images as large address aware
a9e89787d [efi] Set NXCOMPAT bit in PE header
678a60f61 [efi] Treat writable sections as data sections
8c8ead253 [efi] Update to current EDK2 headers
77b07ea4f [cloud] Add utility script to read iPXE output from INT13CON partition
d8f9c221e [cloud] Add ability to overwrite existing AMI images
595b1796f [eapol] Limit number of EAPoL-Start packets transmitted per attempt
1bd01b761 [eapol] Delay EAPoL-Start while waiting for EAP to complete
5524bb983 [pci] Require discovery of a PCI device when determining usable PCI APIs
36e1a559a [pci] Check that ECAM configuration space is within reachable memory
1f3a37e34 [pci] Cache ECAM mapping errors
74ec00a9f [pci] Handle non-zero starting bus in ECAM allocations
f88320313 [pci] Force completion of ECAM configuration space writes
115707c0e [iphone] Add missing va_start()/va_end() around reused argument list
ff0f86048 [libc] Use wall clock time as seed for the (non-cryptographic) RNG
8b14652e5 [eapol] Send EAPoL-Start packets to trigger EAP authentication
56cc61a16 [eap] Define a supplicant model for EAP and EAPoL
cac3a584d [fcoe] Use driver-private data to hold FCoE port structure
8cbf24819 [vmware] Use driver-private data to hold GuestInfo settings block
8b1d34bad [ipv6] Use driver-private data to hold link-local IPv6 settings block
cc1e27e52 [lldp] Use driver-private data to hold LLDP settings block
ae4e85bde [netdevice] Allocate private data for each network upper-layer driver
eeb7cd56e [netdevice] Remove netdev_priv() helper function
0aa2e4ec9 [librm] Use explicit operand size when pushing a label address
9e99a55b3 [virtio] Fix implementation of vpm_ioread32()
c1834f323 [dhcp] Request NTP server option
d5c08f78b [ntp] Define NTP server setting
c30b71ee9 [console] Restore compatibility with "--key" values in existing scripts
f3036fc21 [linux] Set a default MAC address for tap devices
59d065c9a [linux] Fix error control flow in af_packet_nic_probe()
48ae5d536 [linux] Fix error control flow in tap_probe()
6701d91c5 [netdevice] Stop link block timer when device is closed
b5b60ea33 [interface] Fix debug message values for temporary interfaces
824441069 [build] Inhibit more linker warnings about an implied executable stack
daa9e54ab [build] Silence the "creating blib.a" message
3ef4f7e2e [console] Avoid overlap between special keys and Unicode characters
cc07ed7c7 [console] Avoid overlap between remapping flags and character values
6f57d9193 [build] Use separate code segment if supported by linker
e17568ad0 [build] Inhibit linker warnings about an implied executable stack
2524a6055 [build] Avoid using multiple target patterns in pattern rules
280942a92 [loong64] Add support for building EFI binaries
6d98e0ca4 [loong64] Add CPU sleeping API for EFI LoongArch64
0c67a3632 [loong64] Add I/O API for LoongArch64
c57887bfc [ioapi] Centralise definitions for dummy PIO
18af66970 [arm] Add missing arch/arm/core source directory
cfe65aa82 [arm] Remove redundant inclusion of io.h
ae435cb4c [efi] Process veto objects in reverse order of enumeration
f8a0d1c0b [efi] Check for protocols opened by vetoed driver and image handles
f0b102550 [efi] Unload vetoed drivers by image handle rather than driver handle
c832580f1 [efi] Pass more detailed driver information to veto methods
9a118322a [efi] Show manufacturer in veto debug output
2689a6e77 [efi] Always poll for TX completions
4fa4052c7 [efi] Provide read-only access to EFI variables via settings mechanism
25a3d3aca [efi] Veto the VMware UefiPxeBcDxe driver
8ab9bdca4 [efi] Include protocol interface address in debug output
12776acce [efi] Add UefiPxeBcDxe module GUID
367e022b5 [efi] Add HttpBootDxe module GUID
b9a60fb0b [efi] Add new IScsiDxe module GUID
a64764d10 [efi] Add HTTP header and GUID definitions
bc75bbaf1 [efi] Add DNS headers and GUID definitions
e7adf5701 [efi] Add Ip4Config2 header and GUID definition
92ab2de3a [efi] Add IPv6 versions of existing IPv4 headers and GUID definitions
3184ff74e [efi] Update to current EDK2 headers
9cb0a4b8e [efi] Disable static assertions in EFI headers on non-EFI platforms
b0093571f [crypto] Add support for PKCS#8 private key format
6a7f560e6 [efi] Implement "shim" as a dummy command on non-EFI platforms
5b4318143 [efi] Support versions of shim that perform SBAT verification
d2e1601cf [efi] Separate GetMemoryMap() wrapper from shim unlocker
95b8338f0 [efi] Add "shim" command
28184b7c2 [efi] Add support for executing images via a shim
3c214f046 [efi] Add definitions for the UEFI shim lock protocol
ce2200d5f [efi] Add efi_asprintf() and efi_vasprintf()
c4a8d9038 [image] Generalise concept of selected image
79d85e29a [efi] Attempt to detect EFI images that fail Secure Boot verification
d27cd8196 [ci] Work around Ubuntu packaging metadata issues
03eea19c1 [efi] Allow currently selected image to be opened as "grub*.efi"
0bb0aea87 [efi] Allow currently executing image to be opened via virtual filesystem
f9beb20e9 [image] Allow for images to be hidden from lists of all images
f93e6b712 [efi] Show original filenames in debug messages
22cc65535 [efi] Allow downloaded images to take precedence over constructed files
bd1369744 [efi] Allow for sections to be excluded from the generated PE file
9fb28080d [efi] Allow elf2efi to be used for hybrid binaries
1e4c3789e [efi] Shrink size of data directory in PE header
0d04635ef [efi] Remove redundant zero padding in PE header
1d1cf74a5 [tls] Handle fragmented handshake records
aa368ba52 [tls] Pass I/O buffer to received record handlers
2c6a15d2a [tls] Clean up change cipher spec record handling
09e8a1540 [efi] Claim fixed device paths by uninstalling device path protocol
bf25e23d0 [intel] Add workaround for I210 reset hardware bugs
8f1c12011 [dhcp] Unregister ProxyDHCP and PXEBS settings on a successful DHCPACK
54fcb7c29 [efi] Use image name instead of pointer value in debug messages
9e1f7a365 [image] Always unregister currently executing image
e51e7bbad [image] Consistently use for_each_image() to iterate over images
523788ccd [intelx] Add PCI IDs for Intel 82599 10GBASE-T NIC
96bb6ba44 [params] Allow for arbitrary HTTP request headers to be specified
33cb56cf1 [params] Rename "form parameter" to "request parameter"
60531ff6e [http] Use POST method only if the form parameter list is non-empty
04e60a278 [efi] Omit EFI_LOAD_FILE2_PROTOCOL for a zero-length initrd
471599dc7 [efi] Split out EFI_RNG_PROTOCOL as a separate entropy source
7d71cf318 [rng] Allow for entropy sources that fail during startup tests
6625e49ce [tables] Allow any lvalue to be used as a table iterator
9f17d1116 [rng] Allow entropy source to be selected at runtime
2733c4763 [iscsi] Limit maximum transfer size to MaxBurstLength
cff857461 [rng] Add RDRAND as an entropy source
6a004be0c [efi] Support the initrd autodetection mechanism in newer Linux kernels
cf9ad00af [efi] Fix debug message when reading from EFI virtual files
76a286530 [image] Check delimiters when parsing command-line key-value arguments
3c83843e1 [rng] Check for several functioning RTC interrupts
be8ecaf80 [eisa] Check for system board presence before probing for slots
62a1d5c0f [loong64] Add initial support for LoongArch64
84cb77439 [test] Include build architecture in test suite banner
bfa5262f0 [ci] Cache downloaded packages for GitHub actions
ef0a6f479 [ioapi] Move PAGE_SHIFT to bits/io.h
c6901792f [build] Allow for per-architecture unprefixed constant operand modifier
a2bed4393 [xen] Allow for platforms that have no Xen support
7cc305f7b [efi] Enable NET_PROTO_LLDP by default
dc16de320 [lldp] Add support for the Link Layer Discovery Protocol
6c0335adf [ci] Update to ubuntu-22.04 GitHub actions runner
8450fa4a7 [dhcp] Ignore DHCPNAK unless originating from the selected DHCP server
4e456d992 [efi] Do not attempt to drive PCI bridge devices
d405a0bd8 [util] Add support for LoongArch64 binaries
49c13e81b [ci] Update to actions/checkout@v3 to silence GitHub warnings
8b645eea1 [xen] Update to current Xen headers
6f250be27 [efi] Allow autoexec script to be located alongside iPXE binary
b6304f298 [realtek] Explicitly disable VLAN offload
aa85c2918 [efi] Update to current EDK2 headers
66a2ff442 [tests] Verify ability to sleep the CPU
3bcd0d327 [dhcp] Add IANA-defined values for all current EFI client architectures
4bb521a8c [efi] Accept a command line passed to an iPXE image via LoadOptions
b9be45401 [la64] Import LoongArch64 ProcessorBind.h from EDK2 headers
e3d543437 [efi] Update to current EDK2 headers
137ca5d87 [efi] Mark ConsoleControl.h as a non-imported header
900379594 [efi] Remove deleted directories from EDK2 header import script
91944c634 [efi] Allow for whitespace before #include in imported EDK2 header files
dac41fc4e [efi] Detect SPDX licence identifiers in imported EDK2 headers
5220bdc52 [legal] Add missing FILE_LICENCE declaration to efi_path.c
38f54fb41 [legal] Add support for the BSD-2-Clause-Patent licence
5bf8b1152 [efi] Build util/efirom as a host-only binary
2d180ce23 [tcp] Update maximum window size to 2MB
4bffe0f0d [pxe] Discard queued PXE UDP packets when under memory pressure
c5426cdaa [golan] Add new PCI ID for NVIDIA BlueField-3 network device
e72670ad7 [pxe] Avoid drawing menu items on bottom row of screen
68734b9a4 [efi] Bind to only the topmost instance of the SNP or NII protocols
2fef0c541 [efi] Extend efi_locate_device() to allow searching up the device path
1cd0a248c [efi] Add efi_path_prev() utility function
204d39222 [efi] Add efi_path_terminate() utility function
fcfb70bfb [arm] Inhibit linker warnings about an implied executable stack
c5e1f007a [arm] Use -mfloat-abi=soft only for EFI builds
9de6c45dd [arm] Use -fno-short-enums for all 32-bit ARM builds
8f59911b2 [arm] Support building as a Linux userspace binary for AArch64
2061d658b [dhcp] Simplify platform-specific client architecture definitions
2ef5f5e05 [build] Move -Ulinux to common Makefile
475c0dfa8 [linux] Centralise the linker script for Linux binaries
a99e435c8 [efi] Do not rely on ProcessorBind.h when building host binaries
6b977d125 [ena] Allocate an unused Asynchronous Event Notification Queue (AENQ)
08740220b [netdevice] Ensure consistent interpretation of "netX" device name
2dcef4b7a [efi] Create VLAN autoboot device automatically
f07630c74 [vlan] Support automatic VLAN device creation
5a2fa6040 [autoboot] Include VLAN tag in filter for identifying autoboot device
c4c03e5be [netdevice] Allow duplicate MAC addresses
47af48012 [netdevice] Separate concept of scope ID from network device name index
ab1954638 [efi] Disable receive filters to work around buggy UNDI drivers
7147532c3 [cachedhcp] Retain cached DHCPACK after startup if not already consumed
60b5532cf [cachedhcp] Include VLAN tag in filter for applying cached DHCPACK
b9571ca12 [efi] Add efi_path_vlan() utility function
099e4d39b [efi] Expose efi_path_next() utility function
0f3ace92c [efi] Allow passing a NULL device path to path utility functions
d879c8e4d [efi] Provide VLAN configuration protocol
5e62b4bc6 [vlan] Allow external code to identify VLAN priority as well as tag
b0ded89e9 [build] Disable dangling pointer checking for GCC
54c4c1d40 [build] Disable array bounds checking for GCC
563bff472 [intel] Add PCI ID for I219-V and -LM 16,17
2ae535532 [pci] Backup and restore standard config space across PCIe FLR
ca2be7e09 [pci] Allow PCI config space backup to be limited by maximum offset
688646fe6 [tls] Add GCM cipher suites
f5c829b6f [tests] Verify ability to perform in-place encryption and decryption
4acded7e5 [crypto] Support in-place decryption for GCM ciphers
63fdd9b58 [tests] Verify ability to reset cipher initialisation vector
63577207a [crypto] Ensure relevant GCM cipher state is cleared by cipher_setiv()
7256a6eb2 [tls] Allow handshake digest algorithm to be specified by cipher suite
51ecc0549 [tls] Always send maximum supported version in ClientHello
54d83e92f [tls] Add support for AEAD ciphers
186306d61 [tls] Treat invalid block padding as zero length padding
634a86093 [tls] Allow for arbitrary-length initialisation vectors
c453b4c28 [tls] Add MAC length as a cipher suite parameter
b6eef1485 [tls] Abstract out concept of a TLS authentication header
6a360ebfd [tls] Ensure cipher alignment size is respected
30243ad73 [crypto] Add concept of cipher alignment size
d1bc872a2 [tls] Formalise notions of fixed and record initialisation vectors
f8565a655 [tls] Remove support for TLSv1.0
7b60a4875 [efi] Clear DMA-coherent buffers before mapping
f48b01cb0 [bzimage] Fix parsing of "vga=..." when not at end of command line
8fce26730 [crypto] Add block cipher Galois/Counter mode of operation
da81214ce [crypto] Add concept of authentication tag to cipher algorithms
0c383bf00 [crypto] Add concept of additional data to cipher algorithms
8e478e648 [crypto] Allow initialisation vector length to vary from cipher blocksize
52f72d298 [crypto] Expose null crypto algorithm methods for reuse
2c7824273 [tls] Add support for DHE variants of the existing cipher suites
6b2c94d3a [tls] Add support for Ephemeral Diffie-Hellman key exchange
ea33ea33c [tls] Add key exchange mechanism to definition of cipher suite
80c45c5c7 [tls] Record ServerKeyExchange record, if provided
028aac99a [tls] Generate pre-master secret at point of sending ClientKeyExchange
1a7317e7d [tls] Generate master secret at point of sending ClientKeyExchange
18b861024 [crypto] Add Ephemeral Diffie-Hellman key exchange algorithm
007d3cb80 [crypto] Simplify internal HMAC API
88419b608 [test] Add HMAC self-tests
081b3eefc [ena] Assign memory BAR if left empty by BIOS
3aa6b79c8 [pci] Add minimal PCI bridge driver
649176cd6 [pci] Select PCI I/O API at runtime for cloud images
9448ac544 [bios] Allow pcibios_discover() to return an empty range
be667ba94 [pci] Add support for the Enhanced Configuration Access Mechanism (ECAM)
ff228f745 [pci] Generalise pci_num_bus() to pci_discover()
56b30364c [pci] Check for wraparound in callers of pci_find_next()
8fc3c26ea [pci] Allow pci_find_next() to return non-zero PCI segments
6459e3b7b [linux] Add missing PROVIDE_PCIAPI_INLINE() macros
8f5fc1614 [ipv6] Ignore SLAAC on prefixes with an incompatible prefix length
bc19aeca5 [ipv6] Fix mask calculation when prefix length is not a multiple of 8
131daf1aa [test] Validate constructed IPv6 routing table entries
a80124456 [ena] Increase receive ring size to 128 entries
3b81a4e25 [ena] Provide a host information page
9f81e97af [ena] Specify the unused completion queue MSI-X vector as 0xffffffff
6d2cead46 [ena] Allow for out-of-order completions
856ffe000 [ena] Limit submission queue fill level to completion queue size
c5af41a6f [intelxl] Explicitly request a single queue pair for virtual functions
04879352c [intelxl] Allow for admin commands that trigger a VF reset
491c075f7 [intelxl] Negotiate virtual function API version 1.1
b52ea2084 [intelxl] Show virtual function packet statistics for debugging
cad1cc6b4 [intelxl] Add driver for Intel 100 Gigabit Ethernet NICs
6871a7de7 [intelxl] Use admin queue to set port MAC address and maximum frame size
727b034f1 [intelxl] Use admin queue to get port MAC address
06467ee70 [intelxl] Defer fetching MAC address until after opening admin queue
d6e36a2d7 [intelxl] Set maximum frame size to 9728 bytes as per datasheet
99242bbe2 [intelxl] Always issue "clear PXE mode" admin queue command
faf26bf8b [intelxl] Allow expected admin queue command errors to be silenced
f0ea19b23 [intelxl] Increase data buffer size to 4kB
fb69d1400 [intelxl] Separate virtual function driver definitions
c220b93f3 [intelxl] Reuse admin command descriptor and buffer for VF responses
67f8878e1 [intelxl] Handle admin events via a callback
9e46ffa92 [intelxl] Rename 8086:1889 PCI ID to "iavf"
ef7066755 [intelxl] Increase receive descriptor ring size to 64 entries
9f5b9e3ab [intelxl] Negotiate API version for virtual function via admin queue
b4216fa50 [intelxl] Use non-zero MSI-X vector for virtual function interrupts
1b61c2118 [intelxl] Fix invocation of intelxlvf_admin_queues()
a202de385 [intelxl] Use function-level reset instead of PFGEN_CTRL.PFSWR
0965cec53 [pci] Generalise function-level reset mechanism
9dfcdc04c [intelxl] Update list of PCI IDs
d8014b180 [intelxl] Include admin command response data buffer in debug output
319caeaa7 [intelxl] Identify rings consistently in debug messages
814aef68c [intelxl] Add missing padding bytes to receive queue context
725f0370f [intelxl] Fix bit width of function number in PFFUNC_RID register
5d3fad5c1 [intelxl] Fix retrieval of switch configuration via admin queue
d3c8944d5 [acpi] Expose system MAC address via ${sysmac} setting
d72c8fdc9 [cachedhcp] Allow cached DHCPACK to override a temporary MAC address
87f1796f1 [ecm] Treat ACPI MAC address as being a non-permanent MAC address
70995397e [cloud] Allow aws-import script to run on Python 3.6
f58b5109f [acpi] Support the "_RTXMAC_" format for ACPI-based MAC addresses
614c3f43a [acpi] Add MAC address extraction self-tests
1e1b9593e [linux] Add stub phys_to_user() implementation
27825e555 [acpi] Allow for the possibility of overriding ACPI tables at link time
dd3547543 [efi] Support Unicode character output via framebuffer console
ba93c9134 [fbcon] Support Unicode character output
2ff3385e0 [efi] Support Unicode character output via text console
7e9631b60 [utf8] Add UTF-8 accumulation self-tests
3cd3a7326 [utf8] Add ability to accumulate Unicode characters from UTF-8 bytes
2acdc9299 [dns] Always start DNS queries using the first configured DNS server
bc5c612f7 [console] Include mappings for AltGr-Shift-<key>
304333dac [console] Support changing keyboard map at runtime
674963e2a [settings] Always process all settings applicators
11e17991d [console] Ensure that US keyboard map appears at start of linker table
252cff5e9 [xsigo] Avoid storing unused uninitialised fields in gateway address
04288974f [pci] Ensure that pci_read_config() initialises all fields
5d22307c4 [image] Do not clear current working URI when executing embedded image
419b2e71d [console] Fix definition of unreachability for remapped keys
4a37b0500 [console] Add Swedish "se" keymap
5aee6b81d [build] Avoid invoking genkeymap.py via Perl
510f9de0a [console] Ensure that all ASCII characters are reachable in all keymaps
429d4beb8 [console] Remove "az" keymap
a7a79ab12 [console] Fix unreachable characters in "mt" keymap
164db2cc6 [console] Fix unreachable characters in "il" keymap
c7d781929 [console] Treat dead keys as producing their ASCII equivalents
e1cedbc0d [console] Support AltGr to access ASCII characters via remapping
f2a59d597 [console] Centralise handling of key modifiers
871dd236d [console] Allow for named keyboard mappings
115032159 [tables] Add ability to declare static table start and end markers
0bbd89678 [console] Handle remapping of scancode 86
3f05a82fe [console] Update genkeymap to work with current databases
0979b3a11 [efi] Support keyboard remapping via the EFI console
eb92ba0a4 [usb] Handle upper/lower case and Ctrl-<key> after applying remapping
468980db2 [usb] Support keyboard remapping via the native USB keyboard driver
fa708015e [console] Avoid attempting to remap numeric keypad on BIOS console
f51a62bc3 [console] Generalise bios_keymap() as key_remap()
64113751c [efi] Enable IMAGE_GZIP by default for AArch64
bc35b24e3 [prefix] Fix use of writable code segment on 486 and earlier CPUs
6ba671acd [efi] Attempt to fetch autoexec script via TFTP
ec746c000 [efi] Allow for autoexec scripts that are not located in a filesystem
e814d3390 [uri] Allow for relative URIs that include colons within the path
f4f9adf61 [efi] Include Secure Boot Advanced Targeting (SBAT) metadata
fbbdc3926 [build] Ensure version.%.o is always rebuilt as expected
53a5de364 [doc] Update user-visible ipxe.org URIs to use HTTPS
91c77e259 [efi] Do not align VirtualSize for .reloc and .debug sections
f43c2fd69 [settings] Support formatting UUIDs as little-endian GUIDs
9062544f6 [efi] Disable EFI watchdog timer when shutting down to boot an OS
562c74e1e [efi] Run ExitBootServices shutdown hook at TPL_NOTIFY
0f4cc4b5a [build] Include EFI system partition table entry in isohybrid images
a046da21a [efi] Raise TPL during driver unload entry point
3ad27fbe7 [intel] Add PCI ID for Intel X553 0x15e4
b6045a8cb [efi] Modify global system table when wrapping a loaded image
51612b6e6 [efi] Do not attempt to use console output after ExitBootServices()
236299baa [xhci] Avoid DMA during shutdown if firmware has disabled bus mastering
1844aacc8 [uri] Retain original encodings for path, query, and fragment fields
85eb961bf [xhci] Allow for permanent failure of the command mechanism
f24a2794e [virtio] Update driver to use DMA API
2265a6519 [readline] Extend maximum read line length to 1024 characters
05a76acc6 [ecm] Use ACPI-provided system-specific MAC address if present
91e147213 [ecm] Expose USB vendor/device information to ecm_fetch_mac()
0cc4c42f0 [acpi] Allow for extraction of a MAC address from the DSDT/SSDT
02ec659b7 [acpi] Generalise DSDT/SSDT data extraction logic
e09e1142a [efi] Record cached ProxyDHCPOFFER and PXEBSACK, if present
db6310c3e [efi] Use zero for PCI vendor/device IDs when no applicable ID exists
b33cc1efe [build] Fix genfsimg to work with FATDIR with space
4d180be51 [cloud] Retry DHCP aggressively in AWS EC2
c64dfff0a [efi] Match signtool expectations for file alignment
8d08300ad [libc] Allow for externally-defined LITTLE_ENDIAN and BIG_ENDIAN constants
2690f7309 [uri] Make URI schemes case-insensitive
4aa037582 [rdc] Add driver for RDC R6040 embedded NIC
5622575c5 [realtek] Work around hardware bug on RTL8211B
0688114ea [cloud] Show ifstat output after a failed boot attempt
9b6ad2d88 [peerdist] Assume that most recently discovered peer can be reused
51c88a4a6 [build] Fix building on broken versions of GNU binutils
bf4ccd426 [build] Ensure build ID is deterministic
3c040ad38 [efi] Veto the Itautec Ip4ConfigDxe driver
3dd1989ac [libc] Match standard prototype for putchar()
52300ccf9 [base64] Include terminating NUL within base64 character array
92807f575 [rndis] Fix size of reserved fields
065dce8d5 [ath5k] Avoid returning uninitialised data on EEPROM read errors
f3f568e38 [crypto] Add memory output constraints for big-integer inline assembly
74c54461c [build] Use SOURCE_DATE_EPOCH for isohybrid MBR ID if it exists
0d68d7151 [build] Use SOURCE_DATE_EPOCH for .iso timestamps if it exists
e5f025517 [efi] Provide an "initrd.magic" file for use by UEFI kernels
ef9953b71 [efi] Allow for non-image-backed virtual files
bfca3db41 [cpio] Split out bzImage initrd CPIO header construction
fc8bd4ba1 [x509] Use case-insensitive comparison for certificate names
661093054 [libc] Add strncasecmp()
059c4dc68 [bnxt] Use hexadecimal values in PCI_ROM entries
adb2ed907 [intel] Add PCI ID for I219-V and -LM 10 to 15
d7bc9e9d6 [image] Support archive image formats independently of "imgextract" command
62f732207 [image] Propagate trust flag to extracted archive images
191f8825c [image] Allow single-member archive images to be executed transparently
a6a8bb1a9 [undi] Read TSC only when profiling
05fcf1a2f [rng] Check for TSC support before using RTC entropy source
13c1abe10 [prefix] Specify i486 architecture for LZMA decompressor
866fa1ce7 [gzip] Add support for gzip archive images
d093683d9 [zlib] Add support for zlib archive images
5c9c8d2b9 [image] Add "imgextract" command for extracting archive images
de4f31cdc [image] Provide image_set_len() utility function
106f4c539 [cloud] Allow multiple images to be imported simultaneously
1dfc05622 [cloud] Attempt to include CPUID_SETTINGS only for x86 builds
438513f6f [cloud] Autodetect CPU architecture from AMI disk image
6dad316e6 [cloud] Use a sortable default AMI name
e994237c0 [cloud] Add ability to generate Dokuwiki table of AMI images
323af9ee8 [settings] Add --timeout option to "read" command
b2501dd12 [readline] Add an optional timeout to readline_history()
56f7d44fd [efi] Show ACPI address space descriptor ranges in debug messages
3efdbef2f [efi] Always map full length of coherent DMA buffer allocation
e4afaa224 [build] Fix genfsimg to build ISO with long filenames
614d99eba [xen] Avoid infinite loop on allocation failure in xenstore_response()
85d179f2c [xen] Support scatter-gather to allow for jumbo frames
8ca43ccbc [int13] Do not report INT 13 extension support for emulated floppies
3ae83222c [cloud] Enable "poweroff" command in cloud images
78749542f [netdevice] Ensure driver transmit() and poll() will not be re-entered
0be8491b7 [pci] Avoid scanning nonexistent buses when using PCIAPI_DIRECT
c0346dbb4 [intel] Add additional PCI device ID to table
94245624e [efi] Mark PE .reloc and .debug sections as discardable
f1e9e2b06 [efi] Align EFI image sections by page size
1cc875651 [efi] Discard .pci_devlist.* sections for EFI images
1192edf39 [dhcp] Handle DHCPNAK by returning to discovery state
7c8fc2cae [linux] Fail at link time if building slirp.linux without libslirp
65bd5c05d [linux] Do not assume that stat() works on sysfs files
1c4917b6a [linux] Validate length of ACPI table read from sysfs
50d13907c [linux] Place -lslirp at end of linker search list
69ecab263 [linux] Use fstat() rather than statx()
2a2909cd1 [linux] Use generic sysfs mechanism to read SMBIOS table
681600680 [linux] Use generic sysfs mechanism to read ACPI tables
5c8a9905c [linux] Add a generic function for reading files from sysfs
976839ae4 [linux] Free cached ACPI tables on shutdown
3a5840012 [dns] Reduce debug verbosity for DNS server list
7b963310a [linux] Allow arbitrary settings to be applied to Linux devices
8055d5c48 [linux] Add missing pci_num_bus() stub
3b8aff94b [build] Fix building on older versions of gcc
2b5d3f582 [slirp] Add libslirp driver for Linux
916ebef19 [build] Allow __asmcall to be used as a type attribute
c09b62797 [linux] Provide ACPI settings via /sys/firmware/acpi/tables
9776f6ece [acpi] Allow for platforms that provide ACPI tables individually
d175936b7 [acpi] Eliminate redundant acpi_find_rsdt() in acpi_sx()
0956fb52c [acpi] Use a fixed colour for debug messages
f309d7a7b [linux] Use host glibc system call wrappers
040cdd0c6 [linux] Add a prefix to all symbols to avoid future name collisions
16d95227a [bitops] Provide an explicit operand size for bit test instructions
b76281a88 [efi] Compress EFI ROM images
900f1f98d [librm] Test for FXSAVE/FXRSTOR instruction support
e63b8c330 [librm] Add missing __asmcall on init_idt()
22bb29eab [prefix] Add a generic raw image prefix
8446a439b [initrd] Allow for zero-length initrd files
4039b54ba [cloud] Do not enable serial console on EFI platforms
cd3de55ea [efi] Record cached DHCPACK from loaded image's device handle, if present
d562339fc [efi] Defer autoboot link-layer address and autoexec script probing
e39cd79a0 [efi] Split out autoexec script portions of efi_autoboot.c
057674bb1 [pxe] Split out platform-independent portions of cachedhcp.c
19d0fab40 [ath5k] Add missing AR5K_EEPROM_READ in ath5k_eeprom_read_turbo_modes
fa012dd02 [cloud] Enable IPv6 and HTTPS in cloud boot images
d16535aa4 [cloud] Add utility for importing images to AWS EC2
1b99ba2a9 [build] Work around stray sections introduced by some binutils versions
83516ba7f [cloud] Use PCIAPI_DIRECT for cloud images
004924336 [ena] Switch to two-phase reset mechanism
c160fb259 [build] Use .balign directive instead of .align
b539e9a7e [build] Remove support for building with the Intel C compiler
df16df2c8 [build] Report detailed errors when unable to find a usable mkisofs
d79f504c0 [ci] Disable redundant scheduled execution of Coverity Scan
831f17f66 [ci] Disable Travis CI
1259580dd [ci] Add GitHub action for Coverity Scan
eeca29a1e [ci] Add GitHub action for build testing
e8393c372 [build] Work around distros that use -fcf-protection=full by default
e80299c56 [build] Work around -fPIE patched versions of gcc on all architectures
bfb72ec23 [build] Avoid spurious "make clean" when building for the first time
885c6d6e9 [efi] Fix erroneous comparison of a pointer against userptr_t
5bdb75c9d [contrib] Update bochsrc.txt to work with current versions
1af0fe04f [hermon] Add support for ConnectX-3 based cards
0c94659a8 [autoboot] Avoid closing and immediately reopening network device
6f1cb791e [hermon] Avoid parsing length field on completion errors
8747241b3 [hermon] Make hermon_dump_xxx() functions no-ops on non-debug builds
410566cef [hermon] Minimise reset time
7b2b35981 [hermon] Throttle debug output when sensing port type
299c671f5 [hermon] Add a debug notice when initialization is complete
8b07c88df [hermon] Add support for port management event
d948ac6c6 [hermon] Adjust Ethernet work queue size
e62c3e351 [hermon] Use reset value suitable for ConnectX-3
2e3d5909e [hermon] Clean up whitespace in hermon.c
79031fee2 [iscsi] Update link to iBFT reference manual
def46cf34 [hermon] Limit link poll frequency in DOWN state
ba20ba427 [build] Avoid using awk to format build ID as hexadecimal
3a2411b43 [build] Avoid using sha1sum when calculating build ID
82dbca493 [build] Allow BIOS linker script to be used with FreeBSD linker
1fea8ce06 [build] Check for broken elftoolchain version of objcopy
fe52f8e8b [build] Avoid modifying load addresses when stripping .zinfo section
d8dc06fbf [build] Replace random build ID with a deterministic one
bc4979e2c [build] Use $(shell ...) to invoke BUILD_ID_CMD
9d000c9fd [build] Use SOURCE_DATE_EPOCH if it exists
6c91eebd0 [build] Use recursive deletion for "make clean"
5e260c73f [build] Avoid shell brace expansion in "make clean"
f034ae59f [build] Allow elf2efi.c to build on FreeBSD
25b675c3d [build] Ensure that isolinux.bin is modifiable
9557497e7 [build] Add syslinux search locations used on FreeBSD
f4fcd000a [build] Drop timestamps from .a file
43d72d008 [hermon] Perform clean MPT unmap on device shutdown
699b9f1d1 [hermon] Use Ethernet MAC as eIPoIB local EMAC
6cb12ee2b [hermon] Increase polling rate for command completions
7d32225b5 [hermon] Add event queue debug functions
7c40227e1 [hermon] Increase command timeout from 2 to 10 seconds
cd126c41b [hermon] Add assorted debug error messages
ce45c8dc2 [hermon] Show "issuing command" messages only at DBGLVL_EXTRA
a2893dc18 [hermon] Reorganize PCI ROM list and document well-known product names
0e788c8ed [golan] Backport typo fix in nodnic_prm.h: s/HERMON/NODNIC/
36a892a7c [arbel] Clean up whitespace in MT25218_PRM.h header
414c842f0 [hermon] Clean up whitespace in MT25408_PRM.h header
a08244ecc [efi] Use EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL if available
8488c989c [image] Implicitly trust first embedded image
b9de7e6ed [infiniband] Require drivers to specify the number of ports
4f9fbe6c1 [efi] Fix misleading debug message
f4c3a0147 [ifmgmt] Make "ifstat" show the link-layer protocol for each netdev
42db0bd04 [cmdline] Expose "iflinkwait" as a command
ade4d2b4f [efi] Fix use of uninitialised variable
a3f1e8fb6 [efi] Automatically load "/autoexec.ipxe" when booted from a filesystem
989a7a803 [image] Provide image_memory()
ffc41ae9d [travis] Update to current default build environment
68469d1b1 [build] Report a meaningful error message if isolinux.bin is missing
7c3d186a1 [build] Check that mkisofs equivalent supports the required options
8ef22d819 [tftp] Allow for profiling of client and server turnaround times
b99477b3f [image] Add the "imgmem" command
99ac69b8a [image] Provide image_set_data()
ae73fb5aa [build] Allow an initrd script to be provided via genfsimg
34f51a0dc [build] Fail gracefully when no input files are given to genfsimg
05d7591a7 [build] Use explicit disk geometry for generated FAT filesystem images
a2a6618d4 [build] Fix genfsimg incompatibility with dash shell
565ca3eab [build] Set volume name "iPXE" on FAT filesystem images
117353815 [build] Allow genfsimg to be used on third party UEFI binaries
3a9621a6f [ipv6] Defer router discovery timeout while link is blocked
9a341203d [dhcp] Allow for links that remained blocked for up to three minutes
9c2e8bad1 [eap] Treat an EAP Request-Identity as indicating a blocked link
274ad6901 [eapol] Replace EAPoL code
860620459 [dhcp] Continue transmitting DHCPDISCOVER while link is blocked
0fb37a48a [build] Include xorrisofs as a viable mkisofs equivalent
8e3826aa1 [build] Inhibit spurious array bounds warning on some versions of gcc
a5fb41873 [isa] Add missing #include <config/isa.h>
79c0173d6 [build] Create util/genfsimg for building filesystem-based images
c42f31bc8 [xhci] Avoid false positive Coverity warning
5aa389593 [efi] Leave asynchronous USB endpoints open until device is removed
7ce3b8405 [xhci] Show meaningful error messages after command failures
017b345d5 [xhci] Fail attempts to issue concurrent commands
988d2c13c [efi] Use segment and bus number to identify PCI root bridge I/O protocol
dced22d6d [smbios] Add support for the 64-bit SMBIOS3 entry point
485f8ce55 [efi] Allow for longer device paths in debug messages
da491eaae [sfc] Update email addresses
68f1914aa [x509] Clarify debug message for an untrusted X.509 issuer
ce841946d [golan] Add new PCI IDs
47098d7cb [efi] Allow EFI_USB_IO_PROTOCOL interfaces to be nullified and leaked
6769a7c3c [efi] Skip interface uninstallation during shutdown
fb91542f2 [efi] Nullify interfaces unconditionally on error and shutdown paths
f47a45ea2 [iphone] Add iPhone tethering driver
f43a8f8b9 [crypto] Allow private key to be specified as a TLS connection parameter
6a8664d9e [tls] Include root of trust within definition of TLS session
3475f9162 [x509] Make root of trust a reference-counted structure
e3eedb0be [efi] Avoid using potentially uninitialised driver name in veto checks
39f529349 [x509] Record root of trust used when validating a certificate
6e92d6213 [ocsp] Remove dummy OCSP certificate root
be47c2c72 [http] Hide HTTP transport-layer filter implementation details
1b112e9d1 [asn1] Define ASN1_SHORT() for constructing short tagged values
e4b6328c8 [asn1] Rename ASN1_OID_CURSOR to ASN1_CURSOR
e33f52108 [asn1] Add constant for UTF-8 string tag
25b53afa5 [tls] Allow provision of a client certificate chain
2b6b02ee7 [tls] Use intf_insert() to add TLS to an interface
09fe2bbd3 [interface] Provide intf_insert() to insert a filter interface
cb0ba2f82 [interface] Ignore any attempts to plug in the null interface
b6e2ea03b [efi] Veto the HP XhciDxe Driver
63625b43e [efi] Allow vetoing of drivers that cannot be unloaded
354c252ee [efi] Provide manufacturer and driver names to all veto checking methods
be49380f5 [efi] Split out dbg_efi_opener() as a standalone function
13a6d1729 [xhci] Update driver to use DMA API
6e01b74a8 [dma] Provide dma_umalloc() for allocating large DMA-coherent buffers
a8442750e [efi] Avoid requesting zero-length DMA mappings
a2e5cf1a3 [netdevice] Fix misleading comment on netdev_rx()
9ff61ab28 [netdevice] Do not attempt to unmap a null I/O buffer
8d337ecda [dma] Move I/O buffer DMA operations to iobuf.h
70e6e8324 [dma] Record DMA device as part of DMA mapping if needed
cf12a4170 [dma] Modify DMA API to simplify calculation of medial addresses
24ef74377 [intelxl] Configure DMA mask as 64-bit
9e280aecb [intel] Configure DMA mask as 64-bit
0b5467b65 [efi] Report correct error when failing to unload a vetoed driver
1295b4acf [efi] Allow initialisation via SNP interface even while claimed
03314e8da [intelxl] Update driver to use DMA API
76a7bfe93 [intelxl] Read PCI bus:dev.fn number from PFFUNC_RID register
b6eb17cbd [intelxl] Read MAC address from PRTPM_SA[HL] instead of PRTGL_SA[HL]
e10a40d41 [efi] Avoid dropping below TPL as at entry to iPXE
062711f1c [intel] Use physical addresses in debug messages
810dc5d6c [realtek] Use physical addresses in debug messages
fc5cf18da [efi] Use casts rather than virt_to_bus() for UNDI buffer addresses
83b8c0e21 [efi] Do not populate media header length in PXE transmit CPB
5439329c9 [intel] Update driver to use DMA API
0e2622090 [efi] Rename efi_blacklist to efi_veto
580d9b00d [realtek] Update driver to use DMA API
38a54bd3b [efi] Provide DMA operations for EFI PCI devices
dda03c884 [dma] Define a DMA API to allow for non-flat device address spaces
be1c87b72 [malloc] Rename malloc_dma() to malloc_phys()
36dde9b0b [efi] Retain a long-lived reference to the EFI_PCI_IO_PROTOCOL instance
f560e7b70 [realtek] Reset NIC when closing interface if using legacy mode
9b25f6e5c [efi] Fall back to assuming identity mapping of MMIO address space
16873703d [efi] Avoid dragging in USB subsystem via efi_usb_path()
e5e2f3fba [efi] Fix memory copy length used in efi_nullify_name2()
5b41b9a80 [efi] Nullify interfaces and leak memory on uninstallation failure
86c6c79fc [efi] Allow block devices to provide their own EFI device paths
a2e44077c [infiniband] Allow SRP device to be described using an EFI device path
bf051a76e [fcp] Allow Fibre Channel device to be described using an EFI device path
e6f9054d1 [iscsi] Allow iSCSI device to be described using an EFI device path
334f0074b [efi] Show block device ACPI table contents only at DBGLVL_EXTRA
04cb17de5 [aoe] Allow AoE device to be described using an EFI device path
2d49ce6f0 [efi] Provide utility function to concatenate device paths
6154b1fb2 [efi] Split efi_netdev_path() out to a separate function
b50ad5f09 [http] Allow HTTP connection to be described using an EFI device path
f2c826179 [efi] Provide efi_uri_path() to construct a URI device path
1e8648f61 [usbblk] Allow USB block device to be described using an EFI device path
87e39a9c9 [efi] Split efi_usb_path() out to a separate function
2091288ea [efi] Define an interface operation to describe using an EFI device path
2bf0fd39c [efi] Split device path functions out to efi_path.c
bcf858c56 [efi] Provide EFI_INTF_OP for EFI-only interface operations
c504c1d69 [interface] Allow for the definition of an unused interface operation
49fd66a8c [build] Provide a testable platform macro alongside -DPLATFORM
6ccd5239b [ipv6] Reduce time spent waiting for router discovery
0c25daad3 [efi] Enable NET_PROTO_IPV6 by default
388d65708 [lacp] Ignore (and do not echo) trailing padding on received packets
3d4378991 [lacp] Detect and ignore erroneously looped back LACP packets
02748d0a5 [efi] Defer local download process until file has been opened
6d680bdec [usbblk] Add support for USB mass storage devices
88288407a [usb] Move usbio driver to end of USB driver list
e30c26d01 [usb] Allow endpoints to be refilled to a specified upper limit
ebf016608 [usb] Allow device halt to be cleared independently of host controller
c70b3e04e [efi] Always enable recursion when calling ConnectController()
fbb5989fd [efi] Connect controllers after loading an EFI driver
eede697ec [ncm] Treat a zero divisor as indicating no alignment requirements
022014171 [efi] Fix reporting of USB supported languages array
02280dc64 [efi] Avoid integer underflow on malformed USB string descriptors
7c6fdf57e [usb] Avoid integer underflow on malformed string descriptors
7151fa3ff [efi] Allow DEBUG=efi_wrap to be used independently of a loaded image
8344803c9 [efi] Disconnect controllers before uninstalling EFI_USB_IO_PROTOCOL
8eb19a178 [usb] Show debug message on device removal
627b0ba2a [efi] Report any USB errors as EFI_USB_ERR_SYSTEM
fbb776f2f [efi] Leave USB endpoint descriptors in existence until device is removed
f42ba772c [usb] Reset control endpoints immediately after failure
27e886c67 [efi] Use address offset as reported by EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL
eecb75ba4 [pci] Update drivers to use pci_ioremap()
371af4eef [pci] Define pci_ioremap() for mapping PCI bus addresses
ccfffc797 [efi] Provide a single implementation of efipci_root_close()
fe6993419 [efi] Show memory map returned by wrapped calls to GetMemoryMap
e08ad61bf [efi] Add debug wrappers for all boot services functions of interest
4bd064de2 [build] Fix building on older versions of gcc
ef2c844d0 [efi] Attempt NII initialisation both with and without cable detection
c63e61df7 [efi] Use device path to locate filesystem from which we were loaded
fd47fa8fe [efi] Match EDK2 numbering for USB ports
70b1a641c [comboot] Fix stack pointer retrieval after COM32 binary returns
b76052335 [efi] Check the status code from AllocatePool()
a08ee6e72 [cmdline] Add "--timeout" parameter to "ifconf" command
145311c62 [intelx] Added PCI_ROM entry for Intel x553/x557-AT and x553 (SFP+) NICs
afaf4272b [intel] Set INTEL_NO_PHY_RST on i218v
c4d1ae0fc [intel] Add INTEL_NO_PHY_RST for I218LM
8bc85ec6f [deflate] Fix typo in comment describing length codes
8d243e65c [build] Fix a GNUism that FreeBSD's sed(1) cannot deal with
ee2dc525b [wpa] Fix erroneous debug message in wpa_derive_ptk
0de5e6014 [libc] Fix memcmp() to return proper values
6ec33b8d6 [pcbios] Take alignment into account when checking for available space
45a0ca6de [pcbios] Fix "out of memory" detection when expanding bottom area
cede0c5ba [libgcc] Change __divmoddi4 from int64 [unknown] to int64_t
4277942ac [build] Fix default target in sdsk image
366206517 [dns] Use all configured DNS servers
a95a2eafc [xfer] Remove address family from definition of a socket opener
78ca890c3 [sfc] Add PCI ID for Solarflare SFC9120 and Solarflare SFC9140
1832f8a9b [efi] Claim SNP devices early in efi_download_start()
b6eecb182 [efi] Ensure NUL byte is at lowest address within stack cookie
fcdd9c098 [efi] Distribute available entropy within stack cookie
f7ddda435 [libc] Add bit-rotation functions for unsigned long values
98d49e460 [efi] Avoid setting direction flag on EFI platforms
2f032c84a [libc] Provide an unoptimised generic_memcpy_reverse()
d2fb317fe [crypto] Avoid temporarily setting direction flag in bigint_is_geq()
586b72373 [usb] Leave port enabled after a failed device registration
f727ed8a1 [axge] Reapply USB device configuration when opening network device
0f5d23433 [xhci] Increase link state settling delay to 100ms
e87760183 [usb] Avoid unnecessary calls to usb_hub_set_drvdata()
18d4be8aa [xhci] Set link state to RxDetect after disabling USB3 root hub port
761ed4365 [usb] Do not attempt to disable USB3 hub ports
8ff5babb4 [usb] Add missing usb_recycle() for completed hub interrupt transfers
5d6fb7282 [usb] Clear device endpoint halt before resetting host endpoint
d5874c9f2 [axge] Handle non-gigabit link speeds
2ae5d4338 [efi] Raise TPL during driver entry point
a87537d44 [efi] Detect and disable seriously broken EFI_RNG_PROTOCOL implementations
decee20ec [build] Disable position-independent code for ARM64 EFI builds
8a1d66c7a [golan] Add explicit type casts for nodnic_queue_pair_type
28cf9806d [intel] Avoid spurious compiler warning on GCC 10
f982a7129 [build] Be explicit about -fcommon compiler directive
3f637d746 [ocsp] Accept SHA1 certID responses even if SHA1 is not enabled
a61b27b97 [efi] Enable stack protection where possible
8830f2f35 [parseopt] Treat empty integer strings in user input as invalid
200029701 [util] Treat empty integer strings as invalid
770a7bd43 [snp] Retry initialisation if link is reported as down
7f2006a9a [crypto] Disable MD5 as an OID-identifiable algorithm by default
bb74f0051 [crypto] Ensure that test code drags in required ASN.1 object identifiers
bd7a5e4b9 [crypto] Allow algorithms to be included without being OID-identifiable
dc785b0fb [tls] Default to supporting only TLSv1.1 or above
2dac11eb1 [tls] Allow a minimum TLS protocol version to be specified
9ee70fb95 [efi] Attempt to connect our driver directly if ConnectController fails
6a6def775 [uri] Avoid appearing to access final byte of a potentially empty string
ac28bbb7e [efi] Work around UEFI specification bug in LoadImage for SAN boot
18d2162f6 [efi] Work around UEFI specification bug in LoadImage
d68befef1 [png] Fix potential integer overflow
ebff21a51 [bnxt] Add driver support for Broadcom NetXtreme-E Adapters
bdf0e029a [efi] Disambiguate errors returned by ConnectController
efc1ae5ab [int13con] Create log partition only when CONSOLE_INT13 is enabled
49319f1bc [bios] Define macros for constructing partition table entries
e3ca21107 [iscsi] Eliminate variable-length stack allocation in URI parsing
e2e29e7ae [iscsi] Eliminate variable-length stack allocations in CHAP handlers
446e8f14e [settings] Eliminate variable-length stack allocation
0a7432191 [slam] Allow for the possibility of IPv6 multicast addresses
c5306bcfa [slam] Eliminate variable-length stack allocation
6248ac396 [infiniband] Eliminate variable-length stack allocation
c625681ca [tftp] Eliminate unnecessary variable-length stack allocation
18dc73d27 [travis] Ensure that most recent tag is always available
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6dbc49a6
---------------------------
fuse-overlayfs: update to v1.16
Bumping fuse-overlayfs to version v1.16-17-g51108ae, which comprises the following commits:
be604bb man: regenerate
a030601 man: uniformly apply bold attributes
9da0832 man: restore hard word wrapping
da57ec7 man: reformat additions from e58fb12
a1ef9a0 man: rephrase description and other parts
93b3f7e man: refactor fuse-overlayfs.1.md
fe0525a Plugin test
e58fb12 Manpage updates for xino and ino32_t
1f60815 st_ino needs to be unique for all inodes on a device
b2e4dc1 Minor cleanups
eb988de Dockerfile: use ubuntu:<LTS>-<yyyyMMdd> for reproducibility
f3db78e configure.ac: new development release
9ad6545 NEWS: tag 1.16
0f7e9bb Containerfile.cross: update deps
4266f68 main: fix incorrect directory entries due to unstable iteration order
0ea1677 configure.ac: prepare new release cycle
c5f3ef1 NEWS: tag 1.15
6a1040f main: lookup upperdir only for created directories
d5b2cec main: fix layer lookup in make_ovl_node
b88a093 main: use hash_remove instead of hash_delete
ce8d185 lib: update hash module from gnulib
27cabd5 main: Allow escaped colons in directory paths
b31d82f main: use parsed upper layer directory
02a3582 refactor: Remove unnecessary upperdir realpath
5e7f7d7 github: update checkout action
4761dd0 github: update uraimo action
fc6a2b9 github: update upload-artifact action
e1aae5a github: enable unprivileged user namespaces
efb6149 Update AC_INIT to 1.15-dev
6bbd62b main: use extended override xattr
8d33894 github: update run-on-arch-action
cf8269b github: update ubuntu version
af77bb6 tests: bump fedora version
e107b0b Remove unsupported option "lazytime"
33cb788 NEWS: tag 1.14
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 63d12d2a
---------------------------
diod: fix build with lua 5.5 and gcc 15
Bump the lua max-version check from 5.5 to 5.6 in the pkg-config
patch to allow lua 5.5.0 from OE-core.
Add -Wno-error=discarded-qualifiers to CFLAGS to work around gcc 15
being stricter about const qualifiers in strchr return values. The
upstream code uses -Werror which makes this fatal.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 067a6eb0
---------------------------
diod: update to v1.1.0
Bumping diod to version v1.1.0-22-ga8c55f0, which comprises the following commits:
2e67f42 diodcli: drop unused variable
71aa8e9 MAINTAINERS.md: add file
4d0b2e9 diodcli: add issue reference comments
2dc8a32 libdiod: simplify qid.type initialization
b8aee49 libnpfs: improve qid trace formatting
c7951da libnpfs: decode dentries in Rreaddir trace
de73632 libnpfs: print ... when trace buffer overflows
9cfed43 libpnfs: fix inconsistent whitespace
583f453 libnpfs: reduce protocol trace truncation
b5294cb libnpfs: simplify Npsrv->logmsg() signature
43cc75a testsuite: fix allsquash mkdir test on alpine
10a39c8 testsuite: fix alpine stat -f portability
768e61d testsuite: fix umount option portability
662e24c testsuite: fix alpine compilation issue
221e0ec sharness: use doas(8) if sudo(8) is unavailable
2813a8f sharness: set SUDO to preserve environment
9029fbf diod: fix alpine AF_UNIX getnameinfo failure
c2f5ede diodcli: fix alpine compilation issue
c3b4602 protocol.md: fix document links
3d6b0a5 update README.md for 1.1.0
5692025 scripts: add missing debian dependency
9caed75 NEWS.md: add release notes for 1.1.0
df149d7 add script to generate release notes
f63991e testsuite: fix test output typo
93d454c reorganize project metadata
b2e5c85 testsuite: temporarily disable security XATTR test
a7032c1 diodcli: fix compliation issue on aarch64
9597b2d git: drop check in tests/kern
840ae1c .gitignore: remove ancient paths
32117dd testsuite: drop third party tests
f24b4ae testsuite: drop duplicate mode test
0ad5a8a testsuite: drop duplicate fsync test
1f53fb1 testsuite: migrate atomic create test to sharness
2ac320c testsuite: migrate create test to sharness
7514217 testsuite: migrate xattr tests to sharness
2e00434 testsuite: migrate flock tests to sharness
de0f09f testsuite: drop duplicate rename test
e3acbbb testsuite: migrate sgid dir test to sharness
e5111ab testsuite: drop unused suppl groups test program
c895daa testsuite: drop duplicate stat test
c335d42 testsuite: migrate pathwalk test to sharness
1eb3281 testsuite: drop duplicate statfs test
5a3ae78 testsuite: update mount options
fdc1ae5 mount.diod(8): update mount options
11fdb15 mount.diod: use access=client as the default
a3b561f diod(8): add SECURITY description
30fee89 testsuite: convert POSIX ACL test to sharness
f9bb613 testsuite: fix POSIX ACL test
7d3c5d6 demote diodload to an internal test program
27413d3 dioddate: drop old command
8706fac diodcli(8): add date subcommand
73def41 diodcli: add date subcommand
1bbc8b2 diodshowmount: drop old command
48f389c diodcli(8): add showmount subcommand
13e94a7 diodcli: add showmount subcommand
bccd37a diodls: drop old command
a3d1cbb testsuite: use diodcli ls
94c8317 diodcli(8): add ls subcommand
7a3f980 diodcli: add ls subcommand
1b5f569 diodcli(8): fix typo
ddab136 diodcli(8): add man page, drop diodcat man page
df54c93 diodcat: drop redundant utility
d6d0413 testsuite: use diodcli read instead of diodcat
c46d515 sharness: export DIOD_SOCKET in diod_start()
8c9d633 diodcli: use "ctl" as the default aname
dc69a6b diodcli: add --trace option
f0c0588 diodcli: use DIOD_SOCKET, if set
04618a0 diodcli: make test-only subcommands invisible
b9d469f diodcli: drop sysgetattr subcommand
1e00d19 diodcli: drop sysstat subcommand
61435aa libnpclient: add NPC_TRACE flag
7b73c7e diodcli: rename from npclient test program
6e12930 scripts: update install-deps-deb.sh
916e583 diodrun: call setsid() in client fork
9c43728 libdiod: clean up inconsistent tab use
d56a2ea fix typo in sharness scripts
f346d9e testsuite: add self-hosting test
a77bf99 drop diod.conf, auto.diod
a6a077e mount.diod: rename from diodmount
6e24298 diod.spec: drop RPM spec file
385b92f testsuite: cover mount helper
09c5b5e diodmount(8): update v9fs mount options
7fab3f0 diodmount: allow more control over mount options
9f88bb2 libnpfs: fix access denied message
bd947a2 diod: drop incorrect assertion
479491a libnpclient: implement npc_rename()
e6962ba libnpclient: drop NPC_MULTI_RPC
9be4457 testsuite: drop old tests
2707b09 github: add new test dependencies
64b01bb testsuite: add dbench, postmark, scrub, rsync tests
d4cf855 testsuite: cover v9fs + diod in multiuser mode
faa533e testsuite: cover v9fs + diod in allsquash mode
4073d64 testsuite: cover v9fs + diod in runasuser mode
4370f1b testsuite: define built-in prerequisites
658e4e2 testsuite: add diodrun --socketpair
c83538d testsuite: add method argument to test_under_diod
c44ccd0 libnpfs: fix unallocated free error
5578a90 drop extra comment from test script
f33018a mergify: disable temporary PR branches
dc28dc9 ci: run tests with minimal config
23bfc25 ci: get test results on failure
5e41034 testsuite: remove old "user" test
5ba9c81 testsuite: add t0006-npclient-issues.t
242aa01 testsuite: add t0005-npclient-xattr.t
a683d14 testsuite: add t0004-npclient-basic.t
e43267e testsuite: add sharness test_under_diod()
6150ba0 testsuite: make tattach look like other test progs
a3b5f32 testsuite: relocate tattachmt test program
18a45fb testsuite: make tflush look like other test progs
2298152 testsuite: relocate tflush test program
d658828 testsuite: add npclient test program
19fb16b testsuite: add diodrun test program
c600bb8 ci: allow the nobody user into home directory
3e72fe4 testsuite: add t0003-basic-multiuser.t
0f90992 testsuite: add t0002-basic-allsquash.t
d3bf2a1 testsuite: add t0001-basic-runasuser.t
59a8192 testsuite: create t1000-valgrind from old test
d521172 testsuite: add diod-specific helper script
ad63d49 diod: add --version option
9dfac9e testsuite: add sudo prereq
b530c74 testsuite: add sharness test driver
66585b0 Fix autogen if autoconf-archive > 2023.02.20 (#142)
07326e2 diod: Implement Trenameat and Tunlinkat
4aa71a2 libnpfs: Fix assert failure when receiving R-type messages
b91d74b diod: Fix uint32 overflow when Tread/Twrite count > UINT32_MAX-IOHDRSZ
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1de5afc4
---------------------------
dev86: remove recipe for deleted upstream project
The upstream repository (github.com/jbruchon/dev86) has been deleted.
dev86 provided 8086 assembler tools (as86/ld86/bcc) used only for
building rombios, which has been disabled in Xen in the previous
commit. No other recipe depends on dev86.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: faadeac0
---------------------------
xen: drop dev86 dependency and disable rombios
dev86 (as86/ld86/bcc) was only needed to build rombios, the legacy
BIOS for HVM guests. The upstream repository (jbruchon/dev86) has
been deleted from GitHub.
SeaBIOS is already in DEPENDS and is the modern replacement — no Xen
HVM guest uses rombios in practice. Disable rombios explicitly and
remove the dev86-native dependency.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 81536a6d
---------------------------
cloud-init: update to 26.1
Bumping cloud-init to version 26.1-7-g0052a66df, which comprises the following commits:
0052a66df fix(bsd): correct the _ROOT_TMPDIR path for *BSD system (#6794)
724e085ad fix(azure): catch import error as reportable (#6714)
5c685d629 WSL: Subprocess cmd.exe with /U to output UTF-16LE (#6717)
7132625c6 feat(util): fail early when hostname is not resolvable in is_resolvable (#6772)
4db78c97a feat(azure): introduce experimental skip_ready_report for Azure (#6771)
a2209a9e1 test: apt tests need to wait_for_cloud_init on potentially slow VMs
76df57457 test: use rmadison form devscripts to determine hello pkg version
8bf356753 Release 26.1 (#6776)
36736c30e test: update hello package tested using rmadison (#6774)
da854b999 test: add details about failing package status to aid in debug (#6775)
3ad28be2f test: rust-coreutils date command breaks if positional args before options (#6773)
9d8943431 ci: resolute rust-based gpg-sq rejects short GPG keyids (#6710)
e8a9170bc chore: fix pytest hypothesis-jsonschema warnings (#6761)
080ddb433 chore: silence deprecation warning for strptime (#6762)
dd7e41727 ci: disable daily jobs on fork branches
e80c0899a ci: reorder gh actions jobs
52ef4d17d chore: silence crypt warnings
402ae54a3 test: fix pytest.raises error text warnings
e171b68ab chore: make jsonschema remote retrieval explicit
656565558 test: fix mocker warnings during tests
b990f8d28 chore: fix untyped-defs (#6760)
2f8566cc8 test: provide snap commands to trigger wait semaphore on jammy (#6759)
bb2f6b9ef doc: fix various conventions (#6757)
180feb270 chore: move conftest to test directory (#6758)
9416e6639 doc: replace Red Hat bugzilla with Red Hat jira (#6751)
e2aa5010a doc: fix YAML indentation and wording in examples (#6750)
fd2f115fc ci: restrict build-package upload-artifact and test to cloud-init-base
a452a6650 ci: bddeb only create symlink to cloud-init-base for testing
4e3a920ea ci: update PR actions to test questing and runs-on to ubuntu-latest (#6753)
417da89f1 ci: feature values should be read from client under test (#6738)
67d8e2375 ci: use branches inclusion instead of branches-ignore exclusion (#6741)
92a9858f7 doc: fix mermaid diagram (#6743)
de5c45185 chore: remove unused pylint suppressions (#6726)
944c5c975 chore: remove unmaintained python tools (#6724)
9a3b627e9 docs: correct network-config filename in NoCloud heading (#6735)
090026a3d fix: do not write meson version twice in version.py (#6729)
961fc8490 doc: make doc hierarchy more focused (#6694)
72809f804 fix: DNS resolution performance regression during local stage (#6707)
afd0c6c5e chore: pin full SHA commits for all workflows (#6711)
580b21bd3 fix(azure): round duration field in FinishReportingEvent to four decimal places (#6709)
567cfe896 ci: install missing distro-info-data dependency to test devel series resolute (#6701)
26c7d38de fix: datasource initialization order in stages (#6700)
402038314 docs: security company policy updates (#6677)
8c4c59a05 ci: add shared workflow for lxd_container integration tests
8a5234705 doc: clarify CLA check (#6692)
9c2faf8ef feat(dhcp): enable --debug option for dhcpcd (#6693)
feaf14716 doc: clarify verbose language (#6688)
78f6f15ec fix: migrate from ntp client package installed from ntp to ntpsec (#6684)
b7b625627 chore(stages): enable type checking (#6672)
d9834a30c fix: respect SSH key options for the root user (#6585)
0686791aa fix: cloud-init clean --logs should not remove non-files (#6568)
d2bf88393 fix(cloudstack): Improve domain-name DHCP lease lookup (Cloudstack) (#6554)
f0659039b doc: document socket protocol change
9e6151a26 ci: retain system packages for TICS workflow due to virtualenv version errors
306d66cf6 ci: run and source pylint tox target used by TICS checkers
54a58e6d0 ci: add actionlint.yml ignores
328031893 ci: export python path to GITHUB_ENV from tox venv
5531de252 feat(lxd): add s390x virtio-ports detection for LXD (#6597)
e7f970b5f test: pytestified test_cc_growpart.py (#6625)
ac729abb9 ci: add reviewdog workflow lint for github actions (#6662)
fb44d8d9f docs: fix broken external documentation links (#6664)
f8a7c8c4c ci: fix cross-distro test failures, various maintenance (#6663)
2d4519d49 feat: support Tilaa cloud (#6658)
5803e8448 docs: fix broken documentation links (#6660)
9934bbec9 ci: typo duplicated run declaration in tics workflow (#6661)
6901be5d7 ci: quote workflow names to avoid invalid YAML (#6659)
064019ec0 test: add gh workflow for tiobe TICS static analysis reporting (#6654)
449552508 chore: type cloudinit/sources/__init__.py (#6647)
7af9d0a62 fix(ec2): check elastic NICs for metadata server first (#6651)
974646e6f feat(azure): add vm_id to KVP telemetry event keys (#6551)
4810cc646 ci: exercise TMPDIR now that it works (#6652)
7cc31f585 chore: rename workflow files for organization
6880d3497 ci: reword action and workflow names for clarity
78da9db19 ci: add Python 3.15
e02b739fc fix: Pass interface string to get_newest_lease() (#6648)
b5080b987 test: Skip Azure openssl tests on non-Linux
3139e9437 test: skip Linux-specific test on non-Linux
e346b5104 test: use realpath for tmp directories
4e45baa3a fix: ensure mount type is used if passed
818a261ad test: Replace 'echo -n' with 'printf'
d8d5a477e test: ensure symlinks are resolved in certain tests
528a712d5 test: add a socket fixtures and mocks
ec10d36d3 test: hardcode passlib usage in Azure test
45c755567 test: mock chown to account for distro grp differences
2024036f6 test: bring back fake tmpdir creation
c3bf2079f test: ensure we don't actually rename ntp.conf in test
3d7b54525 fix: ensure timestamp timezone encoded correctly in status.py
1ae202766 test: ensure TMPDIR parents exist
70b8771c9 fix: don't traceback when using BSD date
ec44db261 fix(azure): ensure ephemeral networking uses primary NIC (#6556)
a19f958c7 chore: drop dscheck maas (#6638)
fad68ab5c chore: enable type checking cloudinit/distros/__init__.py (#6646)
85c463890 chore: use curl instead of wget (#6610)
9813bb84f fix(distros/freebsd): set home_dir to /home (#6637)
07173578c chore: Remove multiple entries in spec file (#6599)
07922ae05 chore: add scheduled job for py3-fast (#6634)
3067c2561 tests: convert test_cc_rsyslog.py to pytest (#6622)
0400ac624 chore(mypy): check sysconfig now that it passes (#6635)
f83187388 chore: update pin and silence a valid mypy warning (#6633)
851dc9ae0 tests: convert test_cc_power_state_change.py to pytest (#6624)
b117d244b fix: install lxd snap only when snap list lxd reports absent (#6626)
5efa2c631 feat(cloudstack): fetch vm password using url_helper instead of wget (#6593)
7f84ece2a chore: sync gh workflow/shellcheck-debian-scripts.yml to main
df0c1036c feat(reporting): report duration on finish events (#6552)
aa1794941 feat(scaleway): add AZ and region fields to DataSourceScaleway (#6616)
0f09ed190 refactor(scaleway): remove private_ip handling (#6617)
fcb98b034 chore: drop support for Python 3.8 (#6607)
e6955e618 tests: skip azure ssh-keygen unittests when ssh-keygen not installed (#6612)
ff1b0d217 chore: no CLA workflow on downstream ubuntu package branches (#6620)
78a748808 doc(examples): remove datasource configuration (#6609)
d7bc16295 feat(raspberry-pi-os): Disable fallback netcfg + remove apt mirror cfg (#6482)
78c68f593 fix(raspberry-pi-os): adjust systemd network ordering; drop obsolete deps (#6459)
a7c16dff2 chore: fix logs with too few arguments (#6591)
849fb062c docs: eliminate unnecessary information from first development page (#6566)
890756015 feat(net): render vlan, bond, bridge for v1 network state (#6538)
009c0ec1b fix(rhel): Do not override changes in disable-sshd-keygen-if-cloud-init-active.conf (#6587)
583c2ebe5 fix(ssh_util): typo in exception message (#6590)
0cb642727 docs(reference): include openstack bond change (#6581)
e68bb6ea3 fix(network_state): add some missing keys to V2 key filter list (#6555)
baedc33ac test(azure): run pubkey extraction and certificate parsing tests (#6572)
7c684160e fix: support bond names in network_data.json (#6546)
7b400e43b fix(schema): allow accept_ra for bond/bridge/VLAN devices (#6545)
af454f257 test: convert test__init__.py from unit test to pytest (#6537)
62bc0ec17 doc(network v1): fix list of required keys for bond interfaces (#6544)
5e1d8f630 fix(oracle): handle null metadata field in oracle data source (#6549)
ec1a7b023 Add retry logic to 500 errors for reprovision data (#6563)
57685d147 fix(eni.py): correct resultant dns entries in eni file (#6535)
c66d5cf04 fix: distros link in README (#6574)
f3975e401 Fix URL scheme in deprecation message (#6565)
f63bbbfa7 test: fix bug in tmp_path used as a callable for path join operation
3d495284e test: replace unittest.skip decorators with pytest equivalents
cbad4501e fix: typos in cloud-init clean --help (#6559)
3830ed665 test(sources): Convert test_openstack.py from unittest to pytest (#6530)
afe32c023 test(config): Convert test_cc_mcollective.py from unittest to pytest (#6531)
ef7d34807 doc: readthedocs.yaml needs to generate meson_version.py for cloud-init (#6550)
10a0af061 fix: use correct tox testenv in PR template (#6543)
d65c7dfd6 feat(ca_certs): add rocky to supported distros (#6540)
9f971c472 delete openEuler in cc_rh_subscription (#6494)
9e4c9d2fd test: convert test_util.py from unit test to pytest (#6536)
0ffc297bf doc: update specific support docs for sru
979561e8b doc: migrate ubuntu_test_prerelease content into development/testing
5acf5247e test: update regex for rust-coreutils stat -c output using double quotes (#6500)
1b3625140 chore: packages SPEC files provide downstream_version instead of sed
1934004c7 chore: runtime version set by meson build artifact cloudinit.meson_versions
599c1f324 chore: update packages/brpm to avoid dependency on read-version
224eb50a3 chore: update packages/bddeb to avoid dependency on read-version
a88c7002f doc: update meson build example options
bde544c98 test (config): Convert test_apt_conf_v1.py from unittest to pytest (#6520)
586ff7e4d test(distros): Convert test_user_data_normalize.py from unittest to pytest (#6518)
e2ed42256 test: Convert test_schema.py to pytest (#6519)
7b70ce1d0 doc: fix obvious spelling errors (#6506)
9a78efcff test(distros): Convert test_ifconfig.py from unittest to pytest (#6517)
24c395028 test(config): Convert test_cc_ca_certs.py from unittest to pytest (#6516)
9db1cc8ef test(config): Convert test_cc_spacewalk.py from unittest to pytest (#6515)
eb43d8e2d fix: Fix misspelled domain in landscape.canonical.com
1c44cffd8 test: Convert test_alpine.py from unittest to pytest (#6514)
bc966042d test(distros): Convert test_sysconfig.py from unittest to pytest (#6510)
c64fce382 test(distros): Convert test_hostname.py from unittest to pytest (#6511)
92421c1dd test(sources): Convert test_common.py from unittest to pytest (#6512)
28f011422 feat(cc_raspberry_pi): Replace rpi-connect with usb-gadget support (#6466)
94f533587 fix(raspberry-pi-os): keymap handling on Trixie-based images (#6483)
e2715ef78 test: Convert test_resolv.py from unittest to pytest (#6504)
c6a1d1f15 docs(cc_raspberry_pi): Better phrasing of config descriptions (#6488)
83defe9e7 fix: install doc files that were previously installed pre-Meson (#6501)
25e94e7c4 test: add regex to cope with stat link output double/single quotes (#6497)
da47f5f21 feat(bsd): add FreeBSD support to Meson build (#6458)
eb2a559b7 docs(cc_timezone): Replace US/Eastern with America/New_York (#6496)
743d1920a fix: Fix typos again (#6490)
cb12e00e2 Release 25.3 (#6486)
89c956c8c feat(CI): new workflow to shellcheck debian package scripts (#6371)
69521d03f chore(cc_rh_subscription): deprecate hyphenated fields, remove self.log (#6470)
10a5fdc52 feat(eni): support "ip route" if available instead of "route" (#6460)
016abc02a test(distros): Convert test_hosts.py from unittest to pytest (#6481)
4c094b490 fix: preserve special permission bits (#6467)
41c8ae128 test: Convert test_registry.py from unittest to pytest (#6479)
1b0cb0b85 test: fix integration for PROPOSED to run apt update prior to install (#6477)
b04c475f3 feat(schema): add support for the not keyword (#6469)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 08262454
---------------------------
aardvark-dns: update to v1.17.0
Bumping aardvark-dns to version v1.17.0-58-gb36c4cc, which comprises the following commits:
2158073 release v1.17.0
8e8db13 release notes for v1.17.0
809f652 update MSRV to 1.86
188db02 run cargo update
aace910 fix download artifact action
728a48c [skip-ci] Update GitHub Artifact Actions
14aede7 fix(deps): update rust crate clap to ~4.5.51
b0a32c0 rotate key of imgt for meta_task
83f6934 rotate aws creds
e760751 fix(deps): update rust crate tokio to 1.48.0
91421f4 fix(deps): update rust crate clap to ~4.5.48
60cf016 fix(deps): update rust crate libc to 0.2.177
b2ff8a8 Update nameservers when resolv.conf is modified.
7a5c566 chore(deps): update rust crate chrono to 0.4.42
2c95552 fix(deps): update rust crate log to 0.4.28
32deed9 update CI images
071143f rpm: tests require socat instead of ncat now
50d7366 test: replace ncat with socat
e42b343 Packit: fetch copr rpm version from Cargo.toml
1c25e4f bump to v1.17.0-dev
56db1e0 release v1.16.0
2cdc994 release notes for v1.16.0
0c392ba [skip-ci] Update actions/checkout action to v5
5d34b0f fix(deps): update rust crate libc to 0.2.175
254c6d1 test: Remove empty user= directive in dnsmasq.conf to avoid SIGSEGV
b8a6c4c [skip-ci] Update actions/download-artifact action to v5
52cf09a fix(deps): update rust crate tokio to 1.47.1
ef89561 fix(deps): update rust crate tokio to 1.47.0
83b2433 coredns: fix typo in debug message
cdcaf7c coredns: process more than one message per tcp connection
5061851 fix(deps): update rust crate tokio to 1.46.1
fece9be fix(deps): update rust crate tokio to 1.46.0
57e60fa fix new rust 1.88 lint errors
7706847 fix(deps): update rust crate clap to ~4.5.40
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1f93d303
---------------------------
libibverbs: remove obsolete recipe
libibverbs has been superseded by rdma-core in OE-core since 2017.
The only consumer was ceph, which builds with -DWITH_RDMA=OFF making
the dependency unnecessary. Remove the recipe and its vruntime bbmask
entry.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4de71588
---------------------------
ceph: update to v20.3.0 [BROKEN: cmake 4.2 configure hang]
Update ceph to v20.3.0 with the following changes:
- Update SRCREV to c1f7de9e4e6e92622aaff0d2173c65f83bb56e2e
- Update LICENSE to add BSL-1.0 and Zlib (new upstream deps)
- Refresh 0001-delete-install-layout-deb.patch for changed context
- Drop 0001-cepth-node-proxy-specify-entrypoint-executable.patch
(applied upstream)
- Add -DWITH_CATCH2=OFF (new, uses CPM to download at configure time)
- Add -DWITH_BREAKPAD=OFF (new, uses ExternalProject_Add)
- Use ${PYTHON_BASEVERSION} instead of hardcoded python version
- Remove libibverbs from DEPENDS (RDMA is disabled)
- Add CMP0167 patch to use FindBoost instead of Boost cmake config
- Symlink CMakeConfigureLog.yaml to /dev/null to prevent 100GB+ logs
KNOWN BROKEN: cmake 4.2 hangs indefinitely during configure after
processing src/extblkdev. The cmake process spins at 99% CPU with
28MB RSS, never producing CMakeCache.txt. This appears to be a cmake
4.2 regression with large projects (567 CMakeLists.txt files). The
hang is not Boost-related (FindBoost completes successfully) and
occurs with both Ninja and Unix Makefiles generators. Needs
investigation at the cmake/OE-core level.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: e0c1a5dc
---------------------------
umoci: update to v0.6.0
Bumping umoci to version v0.6.0-53-gf5d1219, which comprises the following commits:
f5d1219 keyring: remove asarai@suse.de key
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1f5bcbee
---------------------------
skopeo: update to v1.22.0
Bumping skopeo to version v1.22.0-1-gfd3ba47e, which comprises the following commits:
23dddaad [release-1.22] Bump Skopeo to v1.22.0
0b40dee0 [release-1.22] Update tests for a changed error message
3b6f2539 [release-1.22] Document the default of --retry-times
99298b6a [release-1.22] chore: fix function name in comment
d0289b25 [release-1.22] Bump common 0.67.0, image 5.39.1, storage 1.62.0
dec587b4 Packit: use `post-modifications` hook to update downstream TMT plan
8bd9c541 Bump to 1.21.0
399adc0e Packit: Do not notify on podman-next copr build failure
b7856d6b Support empty sigstore passphrases, for cosign compatibility
db81e690 Make TestSharedCopyOptionsCopyOptions table-driven
fe086dae Use retries in more cases of copying from external registries
8181f14e Makefile: remove stale target
85a14032 Makefile: use hack/test-system.sh for test-system-local
7ae3e0bc Recreate hack/test-system.sh
f3e66b8f chore(deps): update dependency golangci/golangci-lint to v2.6.1
f399e1d0 fix(deps): update github.com/opencontainers/image-spec digest to 26647a4
f23b6fb8 chore(deps): update dependency golangci/golangci-lint to v2.6.0
53f96121 main: Add support for overriding HTTP User-Agent
f9d4a402 fix(deps): update module go.podman.io/common to v0.66.0
ff539443 fix(deps): update module go.podman.io/image/v5 to v5.38.0
7a9cea1b fix(deps): update module go.podman.io/storage to v1.61.0
144e9151 Add missing newline to the output of (skopeo generate-sigstore-key)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6938329a
---------------------------
runc: update to v1.5.0-rc.1
Bumping runc to version v1.5.0-rc.1-4-ge1c1378f, which comprises the following commits:
d5db4a59 CHANGELOG: move "better errors from runc init" to 1.4.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b8968685
---------------------------
podman-tui: update to v1.11.1
Bumping podman-tui to version v0.9.0-662-g84a58100, which comprises the following commits:
84a58100 Bump to v1.11.1
c7873bea Packit fix downstream build
7d30d3d1 Bump github.com/containers/podman/v5 from 5.8.0 to 5.8.1
47773fa5 Bump to v1.11.0
e31488e1 Github action update go version
85541d48 Github action update go version
1e51a67f Remove unused release scripts
4cc3344f Packit for fedora downstream release
14abad8d Running codespell
73cb5a93 Github action for auto draft release
60cfd80d Bump github.com/containers/podman/v5 from 5.7.1 to 5.8.0
f712bf84 Bump golang.org/x/crypto from 0.47.0 to 0.48.0
5a5cff1c Bump golang.org/x/crypto from 0.46.0 to 0.47.0
71957a80 Bump github.com/sirupsen/logrus from 1.9.3 to 1.9.4
ed135a0e Feature - adding UID and GID for volume create dialog
94761cb0 Feature - podman volume import
7992628f Feature - podman volume export
874e9a97 Bump github.com/gdamore/tcell/v2 from 2.13.4 to 2.13.5
c557889c Bump to v1.11.0-dev
d92c0afe Bump to v1.10.0
a19fd028 Fixbug for exec terminal del and delete key input
fad70254 Bats skip tests feature
d5751074 Fixbug for exec terminal enter key input
b95c6ebe Bump github.com/spf13/cobra from 1.10.1 to 1.10.2
784a1937 Bump podman to v5.7.1
f7b35c29 Bump github.com/gdamore/tcell/v2 from 2.12.1 to 2.13.4
3d059e84 Bump golang.org/x/crypto from 0.43.0 to 0.46.0
a0bbf287 Bump github.com/gdamore/tcell/v2 from 2.10.0 to 2.12.1
c10d66bd Bump actions/checkout from 5 to 6
0539d87f Bump github.com/gdamore/tcell/v2 from 2.9.0 to 2.10.0
2dbed834 Update README.md to include docs on running the socket on non systemd distros
a0e1f21d Update install.md to include Nix installation
53b6f897 Bump golang.org/x/crypto from 0.42.0 to 0.43.0
0a5dc08b Bump to v1.10.0-dev
0b3baef6 Bump to v1.9.0
67c9f0ea Bump github.com/navidys/tvxwidgets from 0.4.1 to 0.12.1
170845d0 Bump golang to 1.24.7 - CVE-2025-47910 - CVE-2025-47906
657ef703 Bump github.com/containers/podman/v5 from 5.6.1 to 5.6.2
4155eab6 Doc update - Adding Windows installation via WinGet package manager
7ad6db31 Bump golang.org/x/crypto from 0.41.0 to 0.42.0
20d88eb5 Golang update v1.24.0
4124d737 Windows style use default colors
4a1d5db0 Bump to v1.9.0-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 8e45045c
---------------------------
netavark: update to v1.17.2
Bumping netavark to version v1.17.2-1-g3ea50b5d, which comprises the following commits:
bd7a4644 release v1.17.2
3d75166c release notes for v1.17.2
1fc09bab netlink_route: remove NLM_F_ACK from dump requests
bd47eafc netlink: validate buffer length
16d0c425 netlink: zero out buffer before sending
5e1ff21b netlink: socket read logic
3a74a29a bridge: read mtu from vrf table if set
10ad944c only consult main routing table for default interface
7ffb8ec4 release v1.17.1
0acc3dde release notes for v1.17.1
a815933c bump mozim to v0.3.1
53a710a5 release v1.17.0
35e1f235 release notes for v1.17.0
6cd4a15a sync release notes from v1.16.1
b83903b0 refactor(netlink): Generalize socket for multi-protocol support
0b5a12c4 run cargo update
b50a0439 test-dhcp: use /24 subnet for bridge
ec06f112 update serde and serde_json
d8fd16dd varktables: remove use of private serde type
560b00d2 fix(deps): update rust crate iptables to 0.6.0
fdeb9550 fix(deps): update rust crate clap to ~4.5.51
cd8d1bf7 fix download artifact action
ed733e5d Upgrade to mozim 0.3.0
0d7867ed rotating aws metadata task key
0f3b7905 [skip-ci] Update GitHub Artifact Actions
ddf7e320 rotate aws keys
6cd1b44b fix(deps): update rust crate zbus to 5.12.0
c2313bb3 fix(deps): update rust crate tokio to 1.48.0
80ff3a5a chore(deps): update rust crate tempfile to 3.23.0
cdb8c0a6 fix(deps): update rust crate netlink-packet-core to 0.8.1
09ddeb83 fix(deps): update rust crate hyper-util to 0.1.17
27814a2b fix(deps): update rust crate serde_json to 1.0.144
33a4eeeb chore(deps): update rust crate tempfile to 3.22.0
4aefcbbd update netlink-package-{core, route}
a501d661 fix(deps): update rust crate zbus to 5.11.0
642242b5 feat(dhcp): Send DHCPRELEASE on container teardown
cbc038f1 bump MSRV to 1.86
1db5fd2e update tonic and prost to 0.14
c858457b chore(deps): update rust crate chrono to 0.4.42
0450f4b4 fix(deps): update rust crate log to 0.4.28
4b36d199 fix(deps): update rust crate zbus to 5.10.0
b31bc38f Revert "[skip-ci] Update actions/download-artifact action to v5"
b79bdd73 chore(deps): update rust crate tempfile to 3.21.0
5314be52 Packit: fetch copr rpm version from Cargo.toml
8655e628 bridge: bind ip for aardvark-dns in unmanaged mode if gateway ip is not on the host
4d102f77 fix(deps): update rust crate serde_json to 1.0.143
34397533 feat: Add firewall-reload command for nftables systems
a690ea15 test: coverage for firewalld's StrictForwardPorts configuration feature.
9a306b8a update nftables to v0.6.3
766a7488 fix(deps): update rust crate mozim to 0.2.7
ccd0d48e bump to v1.17.0-dev
99f73d4e release v1.16.0
97ee174d release notes for v1.16.0
ebe61f21 sync release notes from 1.15 branch
38b098ff fix new lint warnings on rust 1.89
e6ef79ef [skip-ci] Update actions/checkout action to v5
9b3e3328 [skip-ci] Update actions/download-artifact action to v5
e5a773ac fix(deps): update rust crate tokio to 1.47.1
6c72a585 fix(deps): update rust crate clap to ~4.5.42
8bc9a2d1 fix(deps): update rust crate serde_json to 1.0.142
6eed183c fix(deps): update rust crate tokio to 1.47.0
9002adc3 fix(deps): update rust crate hyper-util to 0.1.16
f7c38830 exec_netns macro: update comment
dbc92003 test: add new test program for connection checks
c984a9fd add .cargo/config.toml to runs tests via unshare -rn
43e979da fix(deps): update rust crate rand to 0.9.2
2369c96d fix(deps): update rust crate serde_json to 1.0.141
1614fafe fix(deps): update rust crate zbus to 5.9.0
2fee8443 log default route mtu
57e37bbe get_mtu_from_iface_attributes: return error without mtu
fbedef91 make get_default_route_interface return the full LinkMessage
38cbf3a8 bridge: early break out of loop
047ef703 change exec_netns macro to return result
cd4d1ffb Set bridge MTU to match default route.
5c396928 fix(deps): update rust crate zbus to 5.8.0
c40ee944 fix(deps): update rust crate hyper-util to 0.1.15
4c5833d4 fix(deps): update rust crate tokio to 1.46.1
e2d1f6e2 fix(deps): update rust crate tokio to 1.46.0
e5b23f0b fix new rust 1.88 lint errors
083e525c fix(deps): update rust crate clap to ~4.5.40
7e93c15e fix(deps): update rust crate hyper-util to 0.1.14
7105bee1 make more use of NetavarkError
bc1eeda1 drop DhcpProxy error type from NetavarkError
81889849 update nix to v0.30.1
6a08cd64 fix(deps): update rust crate clap to ~4.5.39
204dc49f fix(deps): update rust crate zbus to 5.7.1
060f55dc write bridge sysctl to config file
b67d91b0 extract systemd path check to core_utils
35f1db6b move sysctl code into separate module
1d5ee4e7 wrap sysctl name in error
cdf73024 drop sysctl dependency
f6604ebf update MSRV to v1.83
acd39495 dhcp_proxy: set timeout_sender only if required
769a2ac5 cargo: bump mozim to 0.2.6
b6e12b2f fix(deps): update rust crate hyper-util to 0.1.13
03f12695 Revert "remove search domain from response"
0a6db8de fix(deps): update rust crate tokio to 1.45.1
fca86bbb update netlink-packet-route to v0.23.0
35140070 update nix to v0.30.1
23ba475c remove unused nispor from Cargo.toml
ecb32b3b fix(deps): update rust crate zbus to 5.7.1
c24391b6 fix(deps): update rust crate hyper-util to 0.1.12
a1046af2 rpm: update description
8f6f84d0 bump to v1.16.0-dev
c3828405 fix(deps): update rust crate zbus to 5.7.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 259bedbf
---------------------------
nerdctl: update to v2.2.1
Bumping nerdctl to version v2.2.1, which comprises the following commits:
38507f9b chore: improve the visibility of orphaned containers in logs
7ba0ae28 build(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0
4a8e9d0e build(deps): bump docker/setup-buildx-action from 3.11.1 to 3.12.0
59b65692 update kind (0.31.0)
017436cd update Kubo (0.39.0)
86228374 update soci-snapshotter (0.12.1)
5fb35451 update RootlessKit (2.3.6)
f7e5bc5a update imgcrypt (2.0.2)
32f9ae12 update BuildKit (0.26.3)
3f62767b update CNI plugins (1.9.0)
14b8fa49 update runc (1.4.0)
d46dec33 update containerd (2.2.1)
f5c1822c build(deps): bump github.com/rootless-containers/rootlesskit/v2
300c75fd build(deps): bump github.com/containerd/nydus-snapshotter
a7d9fb0f build(deps): bump github.com/containerd/containerd/v2
aa98f6cb Fix `'C:\\Program Files\\Linux Containers\\kernel' not found`
5db35e0d nerdctl image prune -f means --force, not --filter
bc45754a (feat): Default net.ipv4.ip_unprivileged_port_start to 0 inside containers
e5d183ff Revert "Fix SOCI image convertion regression for 0.12.0 release"
8221594a test: refactor compose_up_linux_test.go to use Tigron
deb3bff4 build(deps): bump github.com/docker/cli in the docker group
b7853787 build(deps): bump actions/cache from 5.0.0 to 5.0.1
7c2a81da docs: add additional nerdtest `Requirement`
a3411d2f build(deps): bump actions/cache from 4.3.0 to 5.0.0
151623b1 --help: fix output
6fd5210f build(deps): bump the golang-x group with 6 updates
d5feed79 build(deps): bump github.com/containernetworking/plugins
a853c646 build(deps): bump github.com/containerd/nydus-snapshotter
025f455c Refactor container_exec_test.go to use Tigron
f4991ec2 fix: support tmpfs long syntax in compose volumes
7e68e602 Refactor container_list_test.go to use Tigron
ec41209c build(deps): bump tonistiigi/xx from 1.8.0 to 1.9.0
d9bfe485 build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2
e6aa885d build(deps): bump github.com/containerd/nydus-snapshotter
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b1a6d274
---------------------------
go-mod-discovery/oe-go-mod-fetcher: add GO_MOD_VCS_EXCLUDE for deleted repos
Some upstream Go module repositories get deleted from GitHub (e.g.,
github.com/vtolstov/go-ioctl). While the Go module proxy still serves
cached archives, VCS mode cannot git clone a deleted repo. This causes
both do_fetch failures and generator verification failures.
Add GO_MOD_VCS_EXCLUDE recipe variable (space-separated module path
prefixes) and corresponding --exclude-module CLI flag. Excluded modules
are filtered out before verification and SRC_URI generation. Recipes
must provide a gomod:// SRC_URI entry for excluded modules as fallback.
Usage in recipe:
SRC_URI += "gomod://example.com/deleted-repo;version=v1.0.0;sha256sum=..."
GO_MOD_VCS_EXCLUDE = "example.com/deleted-repo"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6f733ac6
---------------------------
kubernetes: update to v1.35.2
Bumping kubernetes to version v1.35.2-20-gb6f632ba56e, which comprises the following commits:
b57e146aec7 cmd/kubeadm: ignore EINVAL error during unmount
af6488c9d55 Use localhost image reference in PodObservedGenerationTracking test
61003ad140a drop publishing rules from dependencies.yaml on release branch
b9be60a8c53 start scheduler after creating binding/non-binding slices
659d489e8dd dra: stabilize DeviceBindingConditions BasicFlow by creating without-binding slice first
02115b6ee1f Update CHANGELOG/CHANGELOG-1.35.md for v1.35.2
fdc9d74cbf2 Release commit for Kubernetes v1.35.2
1c0c911c3ca kubeadm: do not add learner member to etcd client endpoints
d05c5065395 Fix flake TestDeviceTaintRule test by adjusting event hanlder status update logic Co-authored-by: Pohly <patrick.ohly@intel.com>
69d9b9ba0c4 Bump images and versions to go 1.25.7 and distroless iptables
2371267d2f2 add dockerized go cache to `make clean`
de51841dbf7 Update CHANGELOG/CHANGELOG-1.35.md for v1.35.1
8fea90b4524 Release commit for Kubernetes v1.35.1
bd399917375 fake client-go: un-deprecate NewSimpleClientset
9bfc5ec55a7 Apparently some EC2 images we use do not have /proc/net/nf_conntrack
33b34518bae test: cleanup from review
9aad4027810 test: Fix KubeProxy CLOSE_WAIT test for IPv6 environments
701cf03e7bb test: Read /proc/net/nf_conntrack instead of using conntrack binary
f12bff04ab6 csi: raise kubelet CSI init backoff to cover ~140s DNS delays
0ac5e229e14 test(ut/dra): add unit test for pod requesting prepared and new claims
fe7f31bdcb1 test(e2e/dra): add test for pod requesting allocated and new claims
261b29aaa2f DRA integration: more pods per node, more parallelism
4885212b5b9 DRA integration: add "uses all resources" test
82b2a9d543f DRA scheduler: fix another root cause of double device allocation
f296d4a9a46 DRA scheduler: fix one root cause of double device allocation
a1f4382971f fix(kubelet): convert V().Error() to V().Info() for verbosity-aware logging
a77bd451173 fix(expansion):Resolve the issue of UTF-8 characters being truncated, resulting in invalid UTF-8
06a4889419e Bump images and versions to go 1.25.6 and distroless iptables
1d79222fd52 kubelet(dra): fix multiple claims handling
0a9d14b01c4 Fix flaky TestApplyCRDuringCRDFinalization test
6d23c3f5403 Fix for preferred dualstack and required dualstack in winkernel proxier.
ecc28f9d84a kubeadm: waiting for etcd learner member to be started before promoting during 'kubeadm join'
72a5892dca9 kubectl: Fix panic in exec terminal size queue
353648793e1 bump go to 1.25.6 for CVE fixes
41e2e598dc9 kubeadm: fix a bug where kubeadm upgrade is failed if the content of the `kubeadm-flags.env` file is `KUBELET_KUBEADM_ARGS=""`
870c561aeea Fixes the flaky test (Issue #132953)
646e656a561 Switch ipvs and winkernel back to more regular forced syncs
69e322920ef mark QuotaMonitor as not running and invalidate monitors list
923cb5be10e Add unit test with CSIDriver.SELinuxMount=false
1f001b78805 Added e2e tests with disabled SELinux
2aeedbd767b Use only enqueuePod to add pods to the controller queue
44b1306e553 Fix policy of Pods with unknown SELinux label
b1c7820806d selinux: add e2e test with a completed pod
7d9af54b956 Add new unit tests
6edce1ddecb Rework unit tests to builder pattern
b84206f5af2 selinux: Do not report conflits with finished pods
9993d83107f refactoring: use a common function to enqueue Pod
802ed9eaa9f add StatefulSetAvailabilityCheck test
04da1f09e5d replace "k8s.io/klog/v2/ktesting" with "k8s.io/kubernetes/test/utils/ktesting"
f8578e8d8b7 schedule pod availability checks at the correct time in StatefulSets
e7c2ecf799f wire now (time) to the availability checks in the StatefulSet controller
c52a5384b91 Fix race condition in DRA health e2e test pod status update
28fffe71c46 kubeadm: always retry Patch() Node API calls
2a663d9a3a2 Disable SchedulerAsyncAPICalls in v1.35 due to performance issues
62b0580535f kubeadm: do not sort extraArgs alpha-numerically
778b9a97713 Update vendored hnslib to v0.1.2
624047b4f31 refactor: Ensure metricIdentifier uses scheme for kind resolution
b9d3560f7ea Fix apiserver_watch_events_sizes metric.
5345aa5a9b4 hack/lib/util.sh: support uutils' `date` command
e63eccd82f1 Update CHANGELOG/CHANGELOG-1.35.md for v1.35.0
66452049f3d Release commit for Kubernetes v1.35.0
ea0dce1df19 CHANGELOG: Update directory for v1.32.11 release
f58f81d9175 local-up-cluster.sh: support more recent containerd like 2.2
04d87a4b6e7 CHANGELOG: Update directory for v1.33.7 release
f887a29fe22 CHANGELOG: Update directory for v1.34.3 release
612122f1d79 CHANGELOG: Update directory for v1.35.0-rc.1 release
91b0dfb7a49 Update CHANGELOG/CHANGELOG-1.35.md for v1.35.0-rc.1
08b536721bb Release commit for Kubernetes v1.35.0-rc.1
8d4237fde8a kubelet: Fix nil panic in podcertificatemanager
2c811fdd3a1 etcd: Update etcd to v3.6.6
dede2886a84 update publishing rules
eae2a1bd5f5 Bump images and versions to go 1.25.5 and distroless iptables
3f42ca14011 downgrade reflector watchlist fallback log to V(4)
91e221b0471 DRA upgrade/downgrade: roll over only after -alpha.0
91368adbb55 Use transformer in consistency checker
76da8d6de02 Add unit tests for Data Consistency Detector
88c20d46a4e [client-go #1415] Embed proper interface in TransformingStore to ensure DeltaFIFO and RealFIFO are implementing it
c6fa10dbb7c add release-1.35 publishing bot rules
03066850f63 remove TestEtcdSupportedVersionLength, no longer relevant
aa54ffa485a fix etcd versions after rotation
4a944d1a3fa add skew -2 version in SupportedEtcdVersion
51f614a1562 ipallocator: handle errors correctly
de1b8e076a3 Fix MAP failure on objects with duplicate list items
76b76c2d523 CHANGELOG: Update directory for v1.35.0-rc.0 release
496077da56d Release commit for Kubernetes v1.35.0-rc.0
f8be8d320f3 drop rules for release-1.31 as it is EOL
7e3e9b6a64b update publishing rules
5302b929ae5 Bump golang.org/x/crypto to v0.45.0
fcdc4e24950 Remove TestWatchStreamSeparation from storage/cacher related tests
3661554f872 Bump images and versions to go 1.25.4 and distroless iptables
dae1dbc1ff1 KEP-5311 - Revert RelaxedServiceNameValidation promote to beta
6bf802807b7 Make unique signerName per pod certificate test
d80e73c0a9f cleanup: removed uncached client plumbing, keeping the sequencing fix for quota validation
c33c0464db3 DRA: Fix flaky integration test
950dfd612b4 test: add test for Ingress Update
ac90e6a809a Fix: Check defaultBackend in allowRelaxedServiceNameValidation
5ed9501d3cc Fallback to live ns lookup on admission if lister cannot find namespace
4cf195304ca CHANGELOG: Update directory for v1.35.0-beta.0 release
3e19cc51601 Address review comments
04eb121d32e Fix failing scheduler_perf test cases that don't set any feature gate
f60f5b24605 Refactor: Contextualize CRDFinalizer to fix goroutine leak
e08c1e4ce35 Fix alpha API warnings for patch version differences
a66c025dc9e test/e2e_node: Update procMount test to use Restricted PSA level
f76d0e5aa48 test/e2e: replace forbidden gomega.BeTrue usage with Eventually(...).Should(Succeed())
216aaf76cba vendor: update vendor and license metadata after replacing BeTrue usage in csi tests
cee5b837da9 Resolve lint restriction on BeTrue by introducing Succeed() with contextual error messages
854e67bb51e KEP 5598: Opportunistic Batching (#135231)
c68b35c4c75 Update vendored dependencies
1ce140d1055 update github.com/opencontainers/selinux to v1.13.0
f33a6e5a925 CHANGELOG: Update directory for v1.32.10 release
ea83385231f CHANGELOG: Update directory for v1.31.14 release
b6e83d29fc6 CHANGELOG: Update directory for v1.33.6 release
4b20e5c3fe3 CHANGELOG: Update directory for v1.34.2 release
71ddb98ae4d Remove image volume e2e test because CI has containerd < 2.1
5ac2ffcc1e3 Enabling NodeDeclaredFeatures in unit tests
0e883083bf9 Add InPlacePodLevelResourcesVerticalScaling declared feature.
10b73f8ef9f Test fixes
21920bb37e9 Test fixes
0f88a9a17e4 verioned_feature_list update
8920eb91077 Unit test for AddPod with PLR resources
66248c262c3 Unit tests for allocation manager
1733d8fc8c8 e2e tests
edc3b77cf8a Kubelet changes and unit tests
11ff4efcdeb Kubelet changes to support IPPR + PodLevelResources
7645eb70e92 Scheduler changes to support pod level resources in place resize
84776abaff4 Modifying validation logic and pod strategy for PodResize to accommodate for Pod Level Resources resize
b8777c32633 Generated files from API changes
efc3126b768 Adding Resources and AllocatedResoures fields to the list of expected fields in PodStatus in admission test
69c1fd72aa0 API changes for Pod Level IPPR related PodStatus fields
6d301342569 Adding InPlacePodLevelResourcesVerticalScaling feature gate
d26b44540e3 move Ensure Secret-Pulled Images feature to beta
805eb885e3e node e2e: add tests for Ensure Secret Image Pulls default policy
0b47a378611 Keep pod in running state and prune past container status from runtime
2f55207dffd Fix volume performance tests with performance constraints
094b1bf0188 fix [sig-node] Container Runtime blackbox test when running a container with a new image [Serial] should be able to pull from private registry with secret [NodeConformance]
2c81b6e8adc fix: replace BeTrue with BeTrueBecause for better failure message
bb822259984 ImagePulledRecord API: don't serialize nulls
99ceb201738 kubelet/image-manager: pulled images records storage version migration
6fd9878056c kubeletconfig: copy ImagePullIntent, ImagePulledRecord to v1beta1
aceb89debc2 KEP-5471: Extend tolerations operators (#134665)
aac951d9022 Add dependency for NodeDeclaredFeatures
97c3f575b98 Refactor validation
2eb1eeeabf0 add disruptive tests
83c5cd5526f Implement restartPod action
fab280950da Add client-go credential plugin to kuberc
d979816a40d Fix e2e test cases for EnvFiles
d82fa1eb98c test: use localhost and HostNetwork for registry, mark test as disruptive
8d0fb17a18f e2e test registry: force IPv4 localhost IP
ad0a3de152c node-conformance-e2e: restart the kubelet after loading credential config
1225ce509e6 scheduler: KEP-5007 add integration tests
368e699ed2e scheduler: KEP-5007 move BindingConditions integration tests to separate file
e88aa1e04d7 Integration tests for setting and clearing NominatedNodeName
9c5959e9de8 Fix failing test for pod group scheduling timeout on Windows
3b3e4dd2c48 fix missing major.minor in golang: upstream version
e6d95a7b381 Promote NominatedNodeNameForExpectation and ClearingNominatedNodeNameAfterBinding feature gates to beta
b5dae0ffaa0 DRA: Update e2e tests for Partitionable Devices
4d29f88c886 DRA: Update integration tests for Partitionable Devices
7861714e6cc DRA: Add validation in resourceslicecontroller for Partitionable Devices
38b5750e33a DRA: Update allocator for Partitionable Devices
c7b277a32e1 KEP 4639: Move ImageVolume to on by default beta
6689fa7b006 DRA: Update ResourceSlice max size tests for Partitionable Devices
93fc7422ee8 DRA: Update validation for Partitionable Devices
ef3f6a25075 Run make update
e73fd4204d8 DRA: Update types for Partitionable Devices
f8ccc4c4d78 dra scheduler plugin: refactor extendeddynamicresources.go for readibility
b9e59e8ea9a test: Add integration tests for peer-aggregated discovery
8f2c0a9a60f kube-apiserver: Enable peer proxy and peer-aggregated discovery
2f5f1749e5d apiserver: Add peer proxy and peer-aggregated discovery support
c72f9f73d92 discovery/aggregated: Add invalidation callback support
6b8f7938889 discovery/aggregated: Add peer-aggregated discovery handler
d6907457723 peerproxy: Refactor into separate files and add exclusion filter
6a07342d37a discovery: Add profile-based content negotiation
3b89deb6b37 util/sort: Add MergePreservingRelativeOrder for topological sorting
3be9af427fa Fix revert conflict
e6574b416fd Revert "Unit test for emulated storage version selection"
e8176f6f9f4 Revert "Don't pick versions that have a replacement as storage version"
2d3e0639230 mark device manager as haelthy before it started for the first time
da9f1d8eed7 dra scheduler plugin: move extended resources functions into separate file
b07c8698b9f test: add retry to getMetricsFromNode
fbe8d4c63cf upgrade go to 1.25.4
1c4cab9dda8 DRA scheduler unit test: fix race with ResourceSlice informer
789f06544de DRA allocator: fix result logging
fc404b6a3d8 Cache DRA state for scoring extended resources
f86a456ea3d Switch kube-proxy/server.go to context-aware logging APIs (HandleErrorWithContext, UntilWithContext)
e986000e6a7 KEP-5607: Allow hostNetwork pods to use user namespaces
54702182c2d graduate PodTopologyLabelsAdmission feature gate to Beta and on by default
d25c5251f94 Fix the DRA extended quota test
bf7dbb129fb DRA: test performance for scoring extended resources
a9dcc8e2c94 Fix sending OnFinish to in-flight async API calls in scheduler
6b764d555f1 test: update MutableCSINodeAllocatableCount tests for the new attacher
da1981248e3 test: update CSI manifests
049cb8558e8 Add integration test for gang scheduling
4a067cc022e Add read Workload permissions to kube-scheduler
c086bdeaa22 Add integration tests for gang queueing
8d67173de0d Implement Gang scheduling in kube-scheduler
5d1f9107ef8 test: fix sed in update-hostpath.sh
a3093a95f26 test: don't remove group snapshot script
54b6ab67479 e2e: Add tests for Workload API
02acdd60574 kubectl: Add Workload to kubectl describe pod
078f462a955 api: Workload API and Pod WorkloadReference generated files
96392746769 api: Create Workload API
9677ac4c0be api: Add WorkloadReference to Pod spec
b6006528e1e Add feature gates
dfaed0586f2 test: skip snapshot-metadata sidedcar in update-hostpath.sh
6da8d6e94d4 remove deprecated Ingress api from describe
edbc32fa602 DRA: implement scoring for extended resources
fc9f02e2541 refactor: rename and suitable docstring
8be985d4fab kubelet: fix concurrent map write error when creating a pod with empty volumes when the LocalStorageCapacityIsolationFSQuotaMonitoring feature-gate is enabled
a02748c1243 kubelet: delay looking up pod image pull credentials until necessary
95a59d0cfb5 DRA scheduler_perf: write JSON where perf-dash expects it
1499524e8e9 E2E node: temporarily disable flaky "pull from private registry"
78a8c2e6a35 mention MutablePVNodeAffinity in the API doc
3882f0cf177 allow PV.Spec.NodeAffinity update
b622363659b add feature gate MutablePVNodeAffinity
ee481b97e0b fix sorting logic after after normalizing errors
71c02338df3 Fix the failing e2e test case in Standalone mode.
a2dfa0fd731 run gofmt to fix formatting issue
6b949e79931 Add integration test for admission controller.
c06297b3298 Add integration test for kube-scheduler plugin.
540ffbd7230 feat(usecase): Introduce IPPR with static CPU policy support to use node declared features framework.
e7a42e8e8e0 feat(admission): Add NodeDeclaredFeatures admission plugin
649d9c532a5 feat(scheduler): Add NodeDeclaredFeatures scheduler plugin.
192d93f7cb9 add e2e tests for static pod and standalone mode
879d81ff062 promote EnvFiles to beta
0976b6ada37 Improve env file syntax
47fb373c317 run update-codegen.sh
a5a2cfdb353 fix(validation-gen): Correct ratcheting for uncorrelated old values
c30b75b0085 feat: Implement node declared features reporting and validation.
3c22291a4b0 autogenerated files from "make update"
e1f181e3632 feat: Add common library for declared feature discovery, inference and matching.
c9327d00b11 feat: Add NodeDeclaredFeatures feature gate and API fields.
801de96635b DRA: ConsumableCapacity update allocating and registry test cases
870062df4f1 adjusts DRA extended resource quota to include devices usages from regular resource claims
66769823160 fixed non-sidecar init container device requests and mappings
4eb0d39bf51 emit more events when the pod resize status changes
481f30bd645 hack/update-conformance-yaml.sh
30965ea3ce6 drop MinimumKubeletVersion for unsupported kubelet versions
da6d15adf6b Fix NPE in CEl accessors of additionalProperties=true objects
030d72959e8 feat(validation-gen): Refactor testscheme and add ratcheting bug tests
499bff4ca46 Revert "controller: duplicate utility method cleanup"
5a7c90fb767 Allow mutable scheduling directives for suspended Jobs
60744fc8b9c DRA device taint eviction: track evicting rules
95279872936 DRA device taint eviction: use NOP queue during simulation
eaee6b6bce0 DRA device taints: add separate feature gate for rules
8d823b65236 add minimum kubelet version for ippr tests
eea7c1403fa [DRA] Add ShareID to kubelet plugin API
3f8444210cb Add e2e tests, metrics and events for podcertificaterequests v1beta1
53df4f9be69 CHANGELOG: Update directory for v1.35.0-alpha.3 release
fbfeb33231f DRA: Add scoring for Prioritized List feature
374baacf92c Check HealthCheckTimeout in updateHealthInfo comparison
a49bc6f2fbb kube-proxy/winkernel: fix stale RemoteEndpoints due to premature clearing of terminatedEndpoints map.
79dc7908ff3 Fix potential dryrun failure when NodeLocalCRISocket reaches GA
7db53119521 feat: Add MutablePodResourcesForSuspendedJobs feature gate
949be1d132b fixed comments due to switch from class name to class for GetDeviceClass
c77a39c06fe Address review comments and fix failing tests
320987ead3a Addressed comments
902c2e0c150 Fix lint errors in dynamicresources_test.go
396a7c1a12a test/e2e/node: add minimum kubelet version to some pod tests
c5b14939253 Add test case for claim creation failure in DRAExtendedResources
ea7561b243a Implement scheduler_resourceclaim_creates_total metrics for DRAExtendedResources
5102591a6b9 Refactor resource claim metrics to use structured labels and add "source" dimension.
9cad3f87876 Introduce kuberc view/set commands under kubectl alpha (#135003)
326b7eaa526 e2e/storage: deflake CSI Mock volume expansion quota validation
18967f53ddd enable commentstart check on adminssion API group
3b0913c8666 fix test case
693f42bfc16 KEP-3619: deleted unused SupplementalGroupsPolicy in e2e/feature
120bcee0578 KE-3619: fix emulation version in unit tests
d12663248d5 KEP-3619: fix removal version for SupplementalGroupsPolicy feature
0aea256ef96 revert of 8f0a6583ca81a64475e69a8b6b4d06bbe0c2ac67
4acafd92452 [DRA] Fix unexpected errors on ResourceClaim strategy update
9ca74a33595 test: register kube features in unit tests
024382658b6 controller/volume/vacprotection: Improve goroutine mgmt
e08d03b1b5c controller/volume/selinuxwarning: Improve goroutine mgmt
1e6ad423bf1 controller/volume/pvprotection: Improve goroutine mgmt
0caae6f7041 controller/volume/pvcprotection: Improve goroutine mgmt
ed74779a0f9 controller/volume/persistentvolume: Improve goroutine mgmt
8eab454e38e controller/volume/expand: Improve goroutine mgmt
27774052abd controller/volume/ephemeral: Improve goroutine mgmt
12205df76de controller/volume/attachdetach: Improve goroutine mgmt
9d4ff6ecf2b controller/tainteviction: Improve goroutine mgmt
d2a443db75e controller/serviceaccount: Improve goroutine mgmt
c641df792b6 controller/resourcequota: Improve goroutine mgmt
d908a470a55 controller/garbagecollector: Improve goroutine mgmt
90f0fd09f20 provision 10G disks for testing pvc instead of 1 byte or 1GB
90d32919ee5 chore: cleanup unneeded imports
2a3f66d3f6b KEP-5284: Implement Constrained Impersonation
8200f9a22c7 add missing apiversion to run_group_snapshot_e2e.sh
3f45a675fc7 DRA integration: test eviction through DeviceTaintRule
bbf8bc766e3 DRA device taints: DeviceTaintRule status
0689b628c7d generated files
f4a453389d2 DRA device taint eviction: configurable number of workers
256591520a5 feat: add OWNERS files for flagz server and api with approvers and reviewers
09dfeeb9881 test: add integration test for /flagz endpoint in scheduler
ba059168c35 test: add integration test for /flagz endpoint in KCM
16db8e2375f feat: add integration test for /flagz kube-apiserver endpoint
2422bc0bb8c feat: Implement structured /flagz endpoint
b3222498fdb added comments, and refactoring to make it explicit and easier to understand.
a181fd2eb81 removed NodeAffinity in the test cases as it is not needed
336a3e92757 Update pkg/scheduler/framework/plugins/nodevolumelimits/csi_manager.go
611b4c1408f Adding batch handling for popping items from RealFIFO
c67937dd352 switched from storing name to storing a pointer to the device class.
c438f8a983c scheduler: Add BindingTimeout args to DynamicResources plugin
a9ff1b19c18 remove deprecated IngressClass api from describe
372328f2814 reverted the inititial device class change
2e479e00f4e refactored the hint function, added test cases
ed62db7acf3 e2e registry: run as pods even in seemingly in-cluster pull tests
a275785bd4f node conformance e2e: log fake registry creds on test failure
fba24a8e715 node-conformance-e2e: finite wait for pod status
5cdb983c2e3 fetch node synchronously on node affinity failure
27a81144b22 Add checkpoint for groupsnapshot data consistency (#134637)
002774c3157 Address review comments
bbbe23dac7c Reapply "prepare DRA kind config for kubeadm v1beta4"
f1bd4f509eb refactor updateUnfinishedWork into separate function to use defer unlock
9113013eb89 Introduce --as-user-extra persistent flag in kubectl (#134378)
82d3c07f0ed test/e2e/apimachinery/watchlist: run WatchList test on most jobs
ca8847149e3 client-go/features: enable WatchListClient for 1.35 release
0639f7f40e0 Allow PSA controller tests to handle failure cases as errors
a079e1ed256 kubeadm: add 'HTTPEndpoints' field to 'ClusterConfiguration.Etcd.ExternalEtcd' that can be used to configure the HTTP endpoints for etcd communication
a92b987b3dc comments
d132afc87ee DRA scheduler_perf: benchmark baseline test cases with different allocators
191ab8d78d8 Integration test verifying that in case a preemptor pod with higher priority arrives while preemption is ongoing, the lower priority preemptor does not get stuck in unschedulable
9640da54524 Verify if pod has ongoing async preemption before evicting pods
3dabd4417d9 KEP-4368: Job Managed By; Promote to GA
c98804b77f3 Fix existing integration tests for NominatedNodeName
81448febcf4 KEP-5278 Clear NominatedNodeName upon scheduling failure
257ff6edcd6 kubelet/app/server_bootstrap_test: fix Test_buildClientCertificateManager
1fc389c43f8 Revert "prepare DRA kind config for kubeadm v1beta4"
cdbe3401431 KEP-3619: remove e2etestskipper in e2e tests for SupplementalGroupsPolicy GA
b3aeead3e22 KEP-3617: Graduate SupplementalGroupsPolicy feature gate to GA and lock to default
9b95eaf5937 Fix pod resize validation when adding non-resizable resources
0631a66d528 address feedback - refactor validateSlice and validateSet to use validateItems
1e8fc543cc7 Fix report health for templated and renamed DRA claims
14f17a3809a addressed review feedback
713b7231d82 Merely check for presence of CSIdriver object
fa31a593b9f Clean up event messages for errors in Portworx in-tree driver
979c4427749 Fix spurious workload rollout due to null creationTimestamp in controller revisions
7d186d870f9 Remove unused and fragile revision hash comparisons
94e085e15ca Add unit test detecting spurious statefulset rollout
a22b3d031fe address feedback
b609d4713c2 added integration test case
7aa849160a8 added queue hint function
3b905ae4b5c added device class add/update events to noderesources plugin when DRAExtendedResource feature is enabled
fe3722dfa9a Address review comments
4bbe8f0cfb1 Add test that verifies scheduler behaviour
b9118183cf1 Fix the boilet plate
39ad8278e23 feat: update DRA to short-circuit on maxSize checks, add a declarative validation test related to this case
eb1a5b6ddfb remove pod resize endpoints from pending eligible endpoints
bdb2e37781a Fix queue to gracefully shutdown
b83a6a83f0f pick the device class created latest, or with name alphabetically sorted earlier
96edaa43d2e Set KubeletCrashLoopBackOffMax feature gate to default enabled for beta.
a3bf2abddb2 Move a comment about ginkgo to code that runs ginkgo
3e33e61968e Enable group snapshot tests
f9ef0049160 E2E framework: start slow tests first
321c1e37c06 Update group snapshot tests to v1beta2
de9138f4fa9 Promote IPPR e2e tests to conformance
c13c5814597 Add given namespace in dryrun=client output of HPA
762b458700b Lock AggregatedDiscoveryRemoveBetaType to true
3eab698884a fixed unit test and integration test failures
363407c500d Re-enable SchedulerAsyncAPICalls feature in v1.35
6dd086536ff DRA E2E: stop labeling tests as ConformanceCandidate
5e0d06082d6 DRA allocator: partial support transition between nodes, fix "is incomplete"
a0e500ace39 Revert "DRA: Allow AllocationMode: All from multi-node resource pools"
30de4235970 Revert "added WithFlaky() to the device plugin test case: supports extended resources together with ResourceClaim"
d3c2115441e Clean NewDefaultKubectlCommandWithArgs for readability
ac9120f6076 Move PluginHandler to separate file
c832203707d pkg/controller/garbagecollector/garbagecollector_test: wrap kubeClient with a client that doesn't support WatchList semantics.
36510ccf56f devicemanager: fix cleanup of healthy and unhealthy devices
12a0c8ce17f DRA extended resource: chain event handlers
d8c66ffb63c Add a global cache to support DRA's extended resource to the device class mapping
34021d451d3 Revert "E2E framework: start slow tests first"
59e075e8d35 Promote PodCertificateRequests to v1beta1
7c47b91ed2c Limit CONNECT proxy response header size
2be8c36dba5 fix: additional nil check for workqueue shutdown
ecbda22ea54 chore: more precise resync comment
a85a9e13aa7 chore: cleanup outdated comment
956964d6e58 fix: register feature gate dependencies
36e6b9075e5 chore: move golang.org/x/time to required
806cf9ef512 style: alphabetic ordering
b68fd5e5336 docs: cleanup docstrings
abf60333adb feat: add feature gate to kube features
c2044c8d390 fix: feature gate min version
0c775eec7ce fix: rate limit route reconciles
9af329151a4 feat: minimal route resync period interval
9e612f107a1 feat: update routes on resync
0b41218ed4f fix: missing update of feature gates
be7e0ddb74b fix: spelling
8ef9e53ce5d fix: check error of AddEventHandler
a5055cc407b feat(ccm): watch based route controller
cff07e75519 E2E framework: start slow tests first
6034321603b dependencies: ginkgo v2.27.2, gomega v1.38.2
308a53dfa6d Add validation options for static pod
264eab46db9 Remove unused delete reactor
acdf891478a add e2e tests
c99145805f1 [DRA] Fix DistinctAttributeConstraint match comparision with value
97587e951b0 oidc: fix jwks metric name in comment
2b0bfbfb8e6 removed unused functionality from run_group_snapshot.sh and prepare for kubeadm v1beta4 config
a3ce49a11ea prepare kms kind config for kubeadm v1beta4
a1ce4bb4686 Check for CSIDriver object before stopping pod scheduling
d17ed9be174 prepare DRA kind config for kubeadm v1beta4
2f0a84af1af Add csidriver lister to CSI scheduler plugin
85d7626d2dc Do not schedule pods if CSI driver is not ready
8b2babcbff6 PSA: fix lint with older policies
d9ddd5c59b0 Allow PSA pass scenarios to be informed by the policy level
e8bd3f629d4 drop UserNamespacesPodSecurityStandards feature gate
f2d075ea655 Address review comments
c69259cb713 DRA device taints: switch to workqueue in controller
e5fcd20a264 DRA device taints: tighten controller test
6ebd853f170 DRA: implementation of none taint effect
75c91867928 generated files
e4dda7b282e DRA device taints: fix DeviceTaintRule + missing slice case
fee14ffca20 DRA API: device taints 1.35
11e3147fdd2 kubelet: add a test to verify that dra plugin enforces timeout
c71e45c7352 Implement a csimanager for managing storage related assets
d4c6e0bfd04 change client go default features to versioned
344df7835cd refactor dra fake grpc server
1951e8dd887 kubelet/config/apiserver_test: expose IsWatchListSemanticsUnSupported on fakePodLW
05f5051be3a kubelet/userns: Print podUID on errors
35423364e2f apiserver/pkg/admission/plugin/policy/test: wrap trackers with ToListWatcherWithWatchListSemantics
5993782d653 dependencies: various minor updates
9e462123d64 client-go/tools/watch/test: wrap the LW with toListWatcherWithUnSupportedWatchListSemantics
ae201951a8a k8s.io/client-go/tools/cache/test: wrap the LW with toListWatcherWithUnSupportedWatchListSemantics
f2257059d7a node: cm: fix linter failures
1055d8541e6 k8s.io/client-go/testing/fixture: does not support WatchList semantics
1ca34bd0d2d apiserver/pkg/storage/cacher/lister_watcher: pass RV for request from the watchlist consistency checker
040516a6e76 fix linter changes
67280d4df99 node: cm: update mocks for contextual logging migration
bd11e52bfc1 Drop locked StrictCostEnforcementForVAP and StrictCostEnforcementForWebhooks feature gates
b3415bfdfe2 kubeadm: added container runtime version check to preflight
d80ac77d985 feat(dra): add k8s:optional for all DV migrated optional fields
cde15e6450c Add ObservedGeneration to CRD conditions
02289d08f6c refactor scheduler_perf test for extended resources by dra to have 10-50 device classes
67143028e78 Add --min-compatibility flag.
05f67d834ab node: cm: migrate container manager to contextual logging
7bbec73192a Add a interface for sharing CSINode objects between scheduler and CAS
d99d3c0b69d refactor ippr tests
c1a95eb7e2f Structured statusz
1d9c646892c fix unit tests for ippr ga
2e543d151b6 DRA device taints: convert unit test to synctest
2e534d6da10 DRA: Allow AllocationMode: All from multi-node resource pools
fda069a5d62 update kal to fix markdown table bug
9cc3a06f0b4 enable duplicate tags for kal and add exceptions
0fac370625b sig-auth: fix KAS options OWNERS
428be46ba25 node conformance e2e: move registry cleanup to ginkgo.DeferCleanup
8d3bc085ce4 DRA integration: refactor helper functions
89f1edd5169 kubelet/image_manager: rename EnsureImageExists arguments at the interface level
01d1cb96793 test: fix flake in DRA DeviceBindingConditions by waiting for reallocation before status update
79df44ca529 scheduler: KEP-5007 allocator test - devices w/wo BindingConditions
7bc354e15d5 kubelet: add metrics for in-memory stored image-pull-related records
ae7c6e8080e kubelet/imageManager: add metrics for MustAttemptImagePull
429a96eda6e kubelet: add metric for the number of stored image-pull-related records
7a9d718cdf5 Benchmark SharedIndexInformer
9b80964efd2 add integration tests for pod replacement during scaling and
b1942ae6b12 [DRA] Add dropDeviceBindingConditionsFields and fix immutable field on DeviceBindingConditions strategy test
df3f5dd493b test(validation): add cases for validating maxItems in status.devices.networkData.ips
2713803c78d feat(dra): migrate NetworkDeviceData.IPs maxItems to declarative validation
a8c9bb1f168 test(validation): add cases for validating maxItems in status allocation requests
0d6d2aa6a58 feat(dra): migrate DeviceAllocationConfiguration.Requests maxItems to declarative validation
91614613170 test(resourceclaim): add unit test for unique DeviceAllocationConfiguration.Requests in status
a553ac0e92a feat(dra): migrate DeviceAllocationConfiguration.Requests uniqueness to declarative validation
a4e8b54dee7 test(validation): add case for handling duplicate request names in ResourceClaim status update
cc0012b4502 Add Declarative validation unit test for duplicate IPs in NetworkDeviceData
9bbf28e2f4e feat(dra): migrate NetworkDeviceData.IPs uniqueness to declarative validation
1d2b87c2e9a updated nodeswap description only
4f647b3f3df removed BlockOwnerDeletion
2a217a9bfd2 promote pod generation tests to conformance
3b72759d1bc Update SVM to Beta
24a53fa6384 add JWKS fetch metrics for jwt authenticator
ad2c6b443dd controller/validatingadmissionpolicystatus: Improve goroutine mgmt
a51285e1f27 controller/servicecidrs: Improve goroutine mgmt
63c15cbe83e controller/resourceclaim: Improve goroutine mgmt
5f423d7ba8d controller/podautoscaler: Improve goroutine mgmt
51ef94c5472 controller/nodelifecycle: Improve goroutine mgmt
34e688eb3dc controller/nodeipam: Improve goroutine mgmt
a265769245a controller/ttlafterfinished: Improve goroutine mgmt
821a3f5affb controller/storageversionmigrator: Improve goroutine mgmt
7240649e4f6 controller/ttl: Improve goroutine mgmt
3ee8c53e537 controller/podgc: Improve goroutine mgmt
1635a139b88 controller/storageversiongc: Improve goroutine mgmt
502186ca933 controller/statefulset: Improve goroutine mgmt
91cf8253a2a controller/replicaset: Improve goroutine mgmt
5f48a52bf86 controller/namespace: Improve goroutine mgmt
cb4ad791023 controller/endpointslicemirroring: Improve goroutine mgmt
cd73e8777b3 controller/endpointslice: Improve goroutine mgmt
ccd35f7c5ee controller/endpoint: Improve goroutine mgmt
d9ba92ba3bb controller/disruption: Improve goroutine mgmt
6e0a4da2f6a controller/deployment: Improve goroutine mgmt
e8b0f274561 controller/daemon: Improve goroutine mgmt
575e9eb64c7 controller/job: Improve goroutine mgmt
7bf52d74d02 controller/cronjob: Improve goroutine mgmt
d1eccb2377c controller/clusterroleaggregation: Improve goroutine mgmt
5f3f39edc12 controller/certificates: Improve goroutine mgmt
3a50f28ff80 controller/bootstrap: Improve goroutine mgmt
c9825b8d279 kubeletplugin: clarify DRAPlugin comment about driver-specific claims
4a991bbbd9c fix unit tests for pod gen GA
e06abce75f1 node: mm-mgr: Refactor to use logger parameter instead of context
d2f780e277f promote ippr to ga
21c832b47dc promote pod generation to GA
9bf2363333d restarting kubelet does not change pod status
842cd0ea777 node conformance e2e: don't recreate test container on an error
135b46974af e2e registry: have SetupRegistry() return registry address
ee777bef916 test/utils: remove GcAuthenticatedRegistry from RegistryList
bb1b23a34ee e2e fake registry: add function docs
fc81e22735a fix Node Conformance Container Runtime test with fake registry
a0e64c21f2f Use fake registry in Node's container runtime image pulling tests
b29fdd1551f Forget pod from scheduler's cache immediately when it's deleted or has DeletionTimestamp set
15029967870 Refactor scheduler event handlers for pods to handle binding event in one place
a42581c7d39 Don't preempt pods with DeletionTimestamp set
37ba7bb454c Address feedbacks
94101ba6e0c Add new method to validate C Identifier
ec8c2246b2c Use k8s-resource-fully-qualified-name format to validate MatchAttribute
2de03899dae Add k8s-resource-fully-qualified-name format in valdiation-gen
4a9a010c537 adding back v1alpha1
68710ce086b add declarative validation test
2e257dffd80 update code-gen for new tags and ignore v1alpha1
8f0a6583ca8 Use eachKey DV in DRA resources.
03e337cfb7a ktesting: support for synctest
aad6cec749b DRA internal API: add JSON tags
679ccee1938 reverting changes that were unrelated to me pr
08b1b1d5a47 Do not log untolerated taint in pod status updates.
9c32e488db1 use tweak pattern
1dd384c44d4 Fixing unit test flakes in pkg/kubelet/winstats TestCollectMetricsData
f82a139dc08 Promote KUBECTL_COMMAND_HEADERS to stable
a3f242676cd Revert "remove failing test that depends on expired credential, remove credential, add TODOs"
973779a398f kubelet/image_manager: add metrics for EnsureImageExists
b1a8d8849ee Update OWNERS to sig-apps owned registry packages (batch & policy)
b72c9e41792 Improve CEL Policy admission test
51beeb26762 dynamic-resource-allocation/client: expose IsWatchListSemanticsUnSupported
4fd41778b87 watchlist: wrap remaining LW with ToListWatcherWithWatchListSemantics
fb228c47048 Fix DRAConsumableCapacity to be able to allocate the same device that previously consumed the counterSet
86bfcd5eec1 oopsie missed two, should fix failing tests
11f9d32a0ea kept sidecar feature to enable default FeatureGate. will clean up in separate effort
a277269159c updating sidecar feature to node conformance
92663144b98 Graduate a few soaked alpha tags to beta
bda0e6a83c5 remove deprecated EndpointSlice api from describe
1e903a4b5a8 DRA: e2e: test extended resources after device plugin uninstall
7b2acb74c07 DRA: fix admit logic for extended resources
1cb45e2a27f DRA: fix scheduling of pods with extended resources
62b23aeb0cf Remove FromName for VAC external tests
b40df46b0ba test/e2e: remove unused v1beta.VolumeAttributesClass field
04fb0931aec test: remove usage of storage v1beta1 APIs
65dcb4ce2cd refactor(kubeadm): including dns addon version to signature
816eee64e80 cpumanager: hack: add golang ci config for contextual logging
fd5b2efa76e node: cpumanager: migrate to contextual logging
2cd69e0d0e6 Rewrite claim with extensions in allocator test
a35785c0331 Drop loopback clients if unused
bbd44717c15 fix: allow job startTime updates on resume from suspended state
d10f4f39503 DRA allocator: Add the requests corresponding to the config FromClass
f8ca585b666 test/images: Update tf-wide-deep container image with Python 3.11 and TensorFlow 2.20.0
36654a9ecbc --no-edit
cff8bc86865 fix the unknown flag: --logtostderr error
b2571fe170a Add WithNodeConformance to KubeletPSI test context
8a6b3caaa0d use union member DV in the DRA
97f9819f7e7 address feedback
f64797580a8 DRA internal API: remove unnecessary types
294ff153426 kubeadm: improve the etcd version mapping
8b87df028d8 avoid Stop() racing with sync()
8b6f98b06ea DRA: lock to default-on
30a6d4b389a Add CSI driver opt-in for service account tokens via secrets field
0e7d42dd456 Clean up OWNERS for all api machinery owned controllers
167ccbc8ec0 Improve cmd tests for kubectl events
fcef697a45a kubelet: add nil check for ContainerStatus in GetContainerStatus
715228f4789 Remove LoadBalancerIPMode feature gate
b5297b18ab2 Remove AllowServiceLBStatusOnNonLB feature gate
c403fd44811 kubeadm: validate the KubeletVersion for cgroups v1
5f083e3b9f5 controller: duplicate utility method cleanup
5d4d6cc980f Test: Add unit test for PreStartContainer
491f7f9ba89 Add a preshutdownhook to cleanup apisever identity lease
c247514f47f Remove year from copyright header boilerplate
f0e88857f7b Return error in case of discovery client failure
8a331a59d13 test: Fix data race on policy refresh interval
78796239cf0 feat(validation): add k8s:optional tag to InterfaceName and HardwareAddress in NetworkDeviceData across all versions
9ba536c2e44 feat: add subfield +k8s:format=k8s-long-name validation for DeviceClass ObjeMeta.Name field
9e5b6ad7488 fix error checks
c764de03dc6 vendor: update system-validators to v1.12.1
724cdb5cf38 feat: migrate off deprecated NewSimpleClientset to NewClientset
1b863d81c92 kubectl: Add support for tracing
9d369f32a3d kubectl: Refactor profiling helpers
1e3a6e18d08 node: e2e: update podresources check post fix of kubernetes#119423
28507d0e921 [test] Add case for existing driver on old csi node
a14230ae82d [test] Validate migration annotation are still applied
1e2817d5890 Avoid no-change lambdas
2061ec2be9d Enable DV for resourceslice
f851bc7ce5a test(validation): add cases HardwareAddress length in ResourceClaim status
833c026435b feat(dra): add k8s:maxLength tag on HardwareAddress in NetworkDeviceData
c3006a9bb96 test(validation): add cases for valid and invalid NetworkDeviceData.InterfaceName length
6fa8cb4a993 feat(dra): add k8s:maxLength on NetworkData.InterfaceName
2b4495f66a0 feat(dra): add k8s:optional on AllocatedDeviceStatus.NetworkData
8124b22f903 feat(validation-gen): add k8s:maxLength tag
e762d9fc441 dra: Use context-aware client-go informer functions
196d3abcd53 CHANGELOG: Update directory for v1.35.0-alpha.2 release
fa59ed7f82e pkg/controller: Use informer.RunWithContext in tests
70ac573619b adopt consistent way to set feature gate based on emulation version for kcm and scheduler test server.
d764e81a66b Revert "Implement validation-gen lint for CI"
7d1500bb1ea feat: Add exceptions for conflicting markers in kube-api-linter
12b5106809d bump kube-api-linter tool to latest and go mod tidy
5fc2f3e5a93 feat: Enable conflicting markers linter to detect mutually exclusive field markers
c49bdda383f kubeadm: remove the GA WaitForAllControlPlaneComponents FG
a99a5c4bdc0 avoid updating when endpoint subsets are merely sorted differently
764918a4ddf remove deprecated CertificateSigningRequests api from describe
3fbd1a17871 etcd: bump etcd to v3.5.24 for k8s v1.32, v1.33, v1.34
7f99d6672f7 etcd: bump etcd sdk to v3.6.5
804708df532 /test: use a different image for hostname override e2e tests
5bfc9aba9f0 Disable unwanted gocritic checks instead of filtering them
9d48e7d2d40 fix missing involvedObject.apiVersion in event
38373335cd1 kubeadm: adjust the etcd version map for release 1.35
81e3dbdc33f Fix DRAConsumableCapacity to schedule more than one devices
8fc99212944 Delete dead code
8346bed9e7a Introduce pod queuing in endpoint/slice controllers
f2a4ffd5b8b Promote ContainerRestartRules to beta
0a301490f61 Fixing k8s.io/kubernetes/pkg/kubelet/kuberuntime unit tests on Windows
4e29dcdf756 remove deadcode HashObject from k8s.io/kubectl/pkg/util
6cb2849928b switch endpointslice hashing from md5 to fnv-1a
edbc0dc2587 switch endpoints hashing from md5 to fnv-1a
dba6c30e964 switch kubelet static pod internal UID to fnv
b3373320daf switch volumemanager reconciler tests to fnv-1a
797d3165191 mark remaining md5 usage TODO and exclude from lint
b0a15b9163c switch storage e2e tests from md5 to sha256
e0df6b178a0 migrate kubeadm static pod hashing to fnv-1a
886fdeefaea forbid new use of md5
448584e1c8b feat: add step field and clarify comment for volume expansion
d54f3b56ed9 Add OWNERS for controller/storageversionmigrator
413c34f3192 Added feature gate and tests
b1c85ef2fe3 golangci-lint: no need to enable deprecatedComment
9902ae73872 apiserver/pkg/storage/cacher/lister_watcher: exposes WatchList semantics
339dba881fe Add synthetic create authz check to pods/exec, pods/attach, pods/portforward
229b33c4409 Address feedbacks
95c42b99515 Fix rebase issues
cf96486aed8 Add format validator for DeviceClass.ExtendedResourceName
adbea00238b Add new format k8s-extended-resource-name
3968f7ec5d6 apis/apps/fuzzer: add missing MaxUnavailable defaulting
efeda8b0fd8 Use fast policy refresh interval for TestParamRef
579579138c9 reformat
b95439f6d1a docs: EphemeralContainerCommon.ResizePolicy: This field cannot be set on ephemeral containers
26bbea8c071 Add RealFIFOOptions struct to provide structured configuration for RealFIFO
6b82a823b1a client-go/clients: improve TestWatchListSemanticsSimple
bd6fb65f833 Reduce fuzz test runs by 10x to avoid timeouts
13511897bda node: e2e: extend wait for resources exported by sample device plugin
c2e1fdeb7ad node: e2e: Ensure device plugin pod is Running/Ready before registration
da80b554a7b DRA API: unify dropped field logic for ResourceClaim and ResourceClaimTemplate
49e4fe9d2ba kubelet: fix kubeletconfig.cgroupDriver in configz
ad2832977c7 fix(kubelet_node_status): remove the node.Spec.Unschedulable check, after remove the register schedulable
dbb3941cfe4 Declarative validation coverage for RoleRef.Name and Subject.Name in RoleBinding#
2e0319181de address feedback
a817e2b923f test(validation): Mark bindingConditions and bindingFailureConditions errors as covered by declarative
ce93309f4c9 test(validation): Add tests for bindingFailureConditions maxItems validation
2a116e29ce6 feat(dra): Add maxItems tag on DeviceRequestAllocationResul.BindingFailureConditions field
2ad5127a793 test(validation): Add tests for bindingConditions maxItems validation
ab08274be10 feat(dra): Add maxItems tag on DeviceRequestAllocationResul.BindingConditions field
9eb7750d7f9 features: bump image gc max age feature to stable
7336f53439b remove usage o ExecProbeTimeout
da77cf84baa pkg/kubelet/watch_base_manager: wraps the LW with WatchList semantics
f8868e9cace client-go/kubernetes_test/clientset_test: intro TestUnSupportWatchListSemantics
f3d1fd23c57 Fix comments and reformat import statements
ba6074dd0b8 Promote HostnameOverride feature gate to beta stage
8f2d7581eb1 client-go/dynamic/dynamicinformer: wrap the LW with WatchList semantics
f6e2ea7b968 build/common.sh: fix support for Rootless Docker
78fcb4475f4 client-go/metadata/metadatainformer: wrap the LW with WatchList semantics
0613fdeccb5 kubeadm: add missing cluster-info context validation
47e9686b4db feat(validation-gen): add +k8s:format=k8s-long-name-caseless declarative validation for DeviceRequestAllocationResult.Driver
0cf91027638 feat: add +k8s:enum declarative validation to ResourceClaim DeviceTolerationOperator and DeviceTaintEffect
44a268e2723 KEP: 5495 - Add deprecation warning for ipvs
d7b83193c42 docs: quote PowerShell completion script path ($HOME may contain spaces)
0f6bc57d118 docs: dot-source kubectl completion script in PowerShell profile
d07b769418d Replace feature label with WithFeatureGate for KubeletPSI test
2072acb3ba5 Add listType=map and listMapekeys on ResourceClaimStatus.Devices
4bd3d17e4aa Allow pointers for list keys
03c7962d175 usernamespace and procmount are tightly coupled. Disable them together
1f803aa314a Use DV for long name validation of spec.devices.requests[%d].firstAvailable[%d].deviceClassName
af173926308 Setting the default feature-gate ExecProbeTimeout value to TRUE
d0a2a0d22e7 e2e: find and fix reuse of test names
51fc3c744a0 bump etcd to v3.5.23 for release v1.31, v1.32, and v1.33
9864c29861e Lock SystemdWatchdog feature gate
6ae916a577c rbac: Remove PolicyRule.Verbs from declarative validation migration
2ea3d3815cd feat(validation-gen): Add declarative validation support for rolebinding(v1,v1alpha1,v1beta1)
4e660cc05b9 feat(validation-gen): Add declarative validation support for ClusterRole(v1,v1alpha1,v1beta1)
70a8babb09e test: move kubelet GC tests to node conformance
41cb2378b42 update publishing rules
f23f716af46 drop support for policyv1beta1.PodDisruptionBudget
5594d94e671 ./hack/update-codegen.sh
f076736206c code-generator/cmd/informer-gen/generators: wrap the LW with WatchList semantics
778ff5d5ab4 update after review
d15b2893341 ./hack/update-codegen.sh
4d9fcfeeca8 client-go/kubernetes_test/fake_client_test: TestDoesClientSupportWatchListSemantics
2fd727bf923 address feedback - comment on declarative defaulting gap w/ DV
c284201b711 generators/fake/generator_fake_for_clientset: intro IsWatchListSemanticsUnSupported
4bb2bd05322 client-go/tools/cache/reflector: supports watchlist.DoesClientNotSupportWatchListSemantics
26cba8ee03d ensure permissions are consistent on dockerized binaries
9d83f71cdec fix validation_test.go to use path normalization
a77f845141a address feedback - remove origin for enum as NotSupported handles this
6e95412c432 address nit
77d87a0e633 fix normalization rule post-rebase
f84423813bd address feedback
9a7dace7347 feat: add +k8s:enum declarative validation to ResourceClaim DeviceAllocationMode
91d135f3445 Include relevant dimensions in pod controller indexing
5b9b8ec732b make localtime mount readonly
1877809f59c cleanup unused rsync related env vars
feeeb4aa19f switch from rsync to cp, drop rsync requirement
e71aa02f96f we no longer need to delete old docker images as we don't build a build-image anymore, we use pre-built kube-cross
ff0a5fff382 cleanup lingering references to kube-build
b3ad67739a8 delete build-image
4eead9306d5 add coverage for pod resize 'read' and 'replace' endpoints
ae3605d1093 mark aggregator test LinuxOnly
bec583bc3dd Enable MutableCSINodeAllocatableCount by default in Beta
8324fc3e034 client-go/metadata/fake: expose IsWatchListSemanticsUnSupported
82e516200a4 client-go/dynamic/fake: expose IsWatchListSemanticsUnSupported
fface8ebfc9 Bump coredns version 1.13.1
c7eb3751b9e Fix volume mount changePermissions test flake
9763935518e Refine: VolumeGroupSnapshot tests
9020a177318 feat: add enum validation for AllocationConfigSource
7825b2fc766 drop go-socks5 from build/tools.go
30c3c990d0e prevent shellcheck warning
563919c6858 don't update _output/bin symlink in dockerized builds
78830afba89 Enable external VolumeGroupSnapshot tests
debe026b211 Fix unit tests to work with explicit depndencies
605f402d44a use relative symlink for output path
54f39033f03 Test status update for all APII versions
36e3a8f2691 Record and require all kube-feature dependencies
20af32e5c11 Stop serving alphas removed in 1.35
33321022f83 Regenerate openapi with unserved 1.35 APIs
bec429cd96f Review fixes
ac5046786e0 DRA API: implement ResourceClaim and ResourceClaimTemplate strategy for DRADeviceTaints
8a43852c35f build: build by running kube-cross directly should leverage a potential KUBE_GIT_VERSION_FILE
2a488616bfa tests/e2e_node: Add test for userNamespaces.idsPerPod
b38d7028075 userns: Return nil manager if feature disabled
0b5aa1d491c userns: Use better defaults if idsPerPod are used
db6a2b2318a kubelet: Don't ignore idsPerPod config
97861325ae3 KEP-4622: node: topomgr: max-allowable-numa-nodes to GA
cccb66bfbc2 test: topologymanager: handle panic in test
00a8ddce91b node: topologymanager: don't leak options in tests
96a9fe5f7b1 update debian-base and setcap
15154374bca Bump images, dependencies and versions to go 1.25.3 and distroless iptables
476824c2a1e [PodLevelResources] Add more comprehensive test cases to kubelet
bf88ae7d737 Fix DisableAllocatorDualWrite dependency on MultiCIDRServiceAllocator
d0f482129da Add stability level in the tags doc.
678b79a173b Properly account APF seats for legacy watches that compute init-events
6f820481d36 bump to go 1.25.3
84b78307e28 fix: the failed unit test
4c8b4347797 DRA: Fix socket binding error in unit tests
6a455c669b5 fix panic for the crd with status subresource but lose openAPIV3Schema fileds
da338ba1fff Warn on use of deprecated PreferClose
3176ef27602 Update TrafficDistribution docs for PreferSame* GA
c6a86d125f2 Merge the two TrafficDistribution integration tests
02926c9563d Update PreferSameTrafficDistribution to GA
b13564a63c3 Belatedly remove references to PreferSameTrafficDistribution being Alpha
7ed61cfde16 chore(kubelet): migrate topologymanager to contextual logging
c48a16ebd8e fix issue
e9f66ea507f fix
dfb02e7581e add TestUpdateStatusWithOldVersion integration case
0554102ab33 test: Add CIDR allocator metrics test with multiple CIDRs
3c2c64a7f65 Add integration test for invalid SAN certificate handling
9292f1e82b6 refactor(resourceclaim): generalize tweakDuplicateRequestName to tweakAddDeviceRequest
2260c9b9837 test(validation): Add unit tests for DeviceAllocationResult.Config maxItems
b3eb152db43 feat(dra): Migrate DeviceAllocationResult.Config maxItems validation to declarative
8c7a338afe8 test(validation): Add tests for status.allocation.devices.results maxItems validation
a05fce7c228 feat(dra): Add maxItems tag on AllocationResult.Results
f70142a6a90 feat(validation-gen): migrate ResourceClaimStatus.Allocation NoModify validation to declarative validation
331ea387696 feat: add +k8s:update tag and associated tests
86d06973197 remove blank line between comments and entry
19311b932fb reorder kube-cross to be under go version and dedupe it from the go version
39d37a1e926 Remove invalid SAN certificate construction
ced2a40b9e9 kubeadm preflight checks: fix host URL construction
1c950080155 Log when automatically disabling dependent features
e669ccda0f4 update build/README.md to reflect removal of rsync/data containers
7d2309f0591 cleanup unused rsync utilities
faa62c8ce61 cleanup KUBE_RSYNC_CONTAINER*, KUBE_DATA_CONTAINER*, DOCKER_MOUNT_ARGS
36526c38158 delete more now-unused shell functions
5a05c062c3c delete now unused kube::build::copy_output and kube::build::build_image
7ed65b466d7 remove defunct comments about updating copy_output
dee429c1659 remove unused scripts
eaeed1a5345 remove calls to kube::build::build_image and kube::build::copy_output
581012fe063 build by running kube-cross directly
52c734f1e6d kubeadm: print errors during control-plane-wait retries
0a05490e08d fix broken gce jobs
19a29de5ec9 style(kuberuntime-container): clean up redundant if branches
4d61ba787d5 test(validation): Add tests for status.ReservedFor maxItems validation
b0a511d3090 feat(dra): Add maxItems tag on ReservedFor field
9ae5039b7f4 e2e: skip the reboot node test case
e8d512d8221 extract build vars setup into reusable function
6c9f2793ef7 Stop mentioning the removed gate CSIDriverRegistry
5362c2858de Remove mentioning of the APISelfSubjectReview gate
3b93755c0c0 client-go/tools/cache/listwatch: intro ToListWatcherWithWatchListSemantics
83eebc22902 fix: Add CIDR filtering and overflow protection to IP allocator
dc686f240be Remove deprecated pod-infra-container-image flag
3f8a5219e2c Enable validation-gen on rbac/v1,v1alpha1,v1beta1
20dafe678bd test: Add failing tests for IP allocator CIDR filtering and overflow protection
d5ae324fb6b don't require build tools to clean
dd3a713f6c4 fix ReplicaSet and Deployment tests for DeploymentReplicaSetTerminatingReplicas FG enablement
2bf467170e7 make update
b0e47a88f74 promote DeploymentReplicaSetTerminatingReplicas to Beta
8b5cf608fd5 Add k8s-label-key format for toleration key
b738e8c3caf fix panic in cron.ParseStandard
7b4d4f72c90 fix lint error
f27346db6c5 update warning to reflect kep changes
4f8757b4c01 Remove flaky HPA deletion assertion in TestMultipleHPAs
d6dec0b345a Revert "Merge pull request #134178 from HirazawaUi/remove-RootlessControlPlane"
400f8eccc55 Remove the --pod-infra-container-image flag from kubeadm
233ad2071ca refactor(serviceaccount-tokens-controller): Change the secret's MutationCache to SecretLister
efda517d93f speed up make clean by narrowing recursive chmod
9c2520b6334 test: mark duplicate device requests as covered by declarative validation
4616d749a3d feat: Improve the robustness of SVM
ebc4768ff3b Increase time out for verifying metrics
861e397b054 Using processStart time to handle execution delays during stress tests
4f7e9ff1efd bump cos-gpu-installer to support cos 121
514b93d7e13 test: add validation test for duplicate DeviceClaimConfiguration requests
ed932547cf5 feat: migrate DeviceClaimConfiguration.Requests to declarative validation
c81fc12900b test: add validation test for duplicate DeviceConstraint.Requests
63f8c0a4fe2 feat: migrate DeviceConstraint.Requests uniqueness to declarative validation
0fa441f962b Promote KEP-5311 (Relaxed validation for Services names) to beta
2341b3bcc86 test: add validation test for duplicate FirstAvailable names
3ad7b189b70 feat: migrate DeviceRequest.FirstAvailable uniqueness to declarative validation
d045a9dd3cd test: add validation test for duplicate device request names
ca9e09b7d30 feat: migrate DeviceClaim.Requests uniqueness to declarative validation
3ec711f91ee cluster/gce/gci: revert PATH change when using custom runc
8e4cd1f3b60 address feedback
d77cb206a09 feat: migrate k8s:format=k8s-long-name-caseless validation on OpaqueDeviceConfiguration.Driver to declarative validation
7f58bb9abdf Regenerate vendor
2fe6220968d Regenerate protobuf
6d8adfe4025 Isolate generated ProtoMessage() methods in build-tagged files
5fb0e16be6f Drop runtime use of gogo packages
caea56f3847 Fix controller setup in storage version unit testcases
cf099f4fc90 Update --chunk-size flag, dropping the beta information
8dc51e11eff improve kubeup env parameters
67c29eaafcd CHANGELOG: Update directory for v1.35.0-alpha.1 release
b8670cbc31c reduce dependencies to apiextension objects
6f51446802f DRA device taints: fix toleration of NoExecute
9702a2dca2b E2E framework: enable data race detection only if needed
5e216ae34d0 Replace HandleCrash and HandleError calls to use context-aware alternatives
7eb7894dada refactor(apiextensions-apiserver): Make APIApproval controller context-aware
f99d0e9759f Mark API server errors as transient in csi raw block driver
2fa703bfb69 address feedback
b4fa5794efa generate
1c0f0add8a5 feat: add +k8s:immutable tag to ResourceClaim.spec and associated tests
dfd7b230b4d feat: make it so that all ShortCircuit validators are run for short circuiting check
10473da4f70 chore: add +k8s:immutable tag implementation and test
c189e9d82f5 Split Endpoints controller and EndpointSlice controller conformance tests
7b7145a5940 Update kubernetes.default endpoints test a bit
e627b3b2bff Move some network conformance tests around.
d46f15bd12f Fix some linter errors before splitting out code
07959fd1680 Remove redundant test of "empty EndpointSlice for Service with no Pods"
ff83235f352 Fix up EndpointSlice conformance test descriptions
dd8d0e65d4e Dedicated package for scheduler interaction with DRA structured types
1fb86743872 Add listType=map and listMapekey=uid for ResourceClaimStatus.ReservedFor
01264d3970b With new changes we will also have a VolumeModifying condition
cb01a28df40 Ensure CSINode is owned by node when installing CSI drivers
13cd40d718b E2E volume: fix restarting of watch
328f9da729d Add current and old nodeIDs in log messages
111fc04e1d3 fix: update pkg/apis/resource validateDeviceRequest to short-circuit on the oneOf check
e62523e1f56 address feedback
fd12fc00c9f fix: remove unnecessary ValidateResourceClaim call from resourclaim ValidateUpdate
4ca286819a9 Add DV for uids in resourceClaim Status
d9fb647515d fix overlapping client CA and requestheader CA validation with proper certificate checking
6965075ebd8 Address feedback: simpliy errormatcher instantiation
6138a68f4e8 fix(validation): Mark covered errors in TestValidateClaim for better clarity
763c01ef68f feat(validation): Add normalization rules for ResourceClaim validation
32e64ec0e9a simplify getNodeAnyway func
c82f2caaa46 DRA E2E: promote CRUD tests to conformance
2b220dffa76 add integration test for endpointslice controller headless services
d03fab555f1 kubectl config set-context: Add -n flag
09ef1e08e96 Fix storage version test flake
f9a893be37b Fix incorrect error messages
d1767c10c01 fix: typo in internalversion printers
ae8ea8994ef feat(validation): Enhance validation tests with normalization rules support
7bbc7228aca run update-codegen.sh
7366031541a feat(dra): Add maxItems validation tags for ResourceClaim fields
4568ac300c1 changelog for 1.34
b2073c3325d reordered changelog for cri api
5b7e96219f8 remove cpuSharesToCPUWeight that is not used any longer
84431876888 Warn when quota request > limit
79678dd3935 feat: add resourcequota WarningsOnCreate request less than limits
100cd47acbc Update SIG Scheduling leads in feature-approvers
1137d51b358 Disable SchedulerAsyncAPICalls feature gate due to a known regression
2ddc9555582 correct metrics function comments
070d4c1846b bump etcd to v3.6.5
7c596722137 Fix in code and integration test that verifies that when victim pod is stuck in binding, preemptor pod remains waiting in unschedulable queue until deletion of the victim pod is completed
e9f61ce511d Move stats updates to getList
4b3e562dc8c client-go/util/watchlist/watch_list: intro DoesClientNotSupportWatchListSemantics
0b0a5974f82 integration test: webhook proxy behavior
26c7846e6dd Use lock-free for unguarded isHidden/isDeprecated fields
52dec274b36 add TODO to migrate when new metrics mature and old metrics are deprecated
7c529f25f4d add apiserver_validation_declarative_validation_panic_total invariant
84ce0f57f27 add test to verify invariants are fully specified
41ae5cdf4b0 check invariant metrics after e2e tests
748510b8ee0 refactor and increase coverage for pod resize tests
e4a34ce343e KEP-4540: StrictCPUReservationOption moved to GA, modified unit tests to reflect this
ae259797903 Use a dedicated delete channel in HPA test
f79fb9e59e0 Fix rebase issues
03da38a8023 feat: add path normalization support to error matcher
f95d531b0ae DRA: CRUD conformance tests
545526cfe09 DRA E2E: only check ResourceClaims in the test namespace
2ac9ff1c1fb test: format unstructured as YAML
a7b720ad5b8 upgrade to cos 121
5af28702540 fix nested map segmentation fault
d71e7e78595 fix typo for `AnonymousAuthConfigurableEndpoints` error
6d3d7553fbe Lock all mutable fields when printing gc node
940a2a7f070 Update hostpathplugin image version in DRA test driver manifest
6e7762ef0ee Update cluster/addons/ip-masq-agent/ip-masq-agent.yaml
b5805f28e72 Update cluster/addons/kube-network-policies/kube-network-policies.yaml
c4c7efc4f95 apply feedback
515b579945a feat(resource): Add maxItems validation for DeviceClass configs
e693da72906 feat(resource): Add maxItems validation for DeviceClass selectors
4986abe0b86 Automated refactoring to use SetFeatureGatesDuringTest
6e574cabdd0 test/e2e_node: mark MirrorPod update tests as [NodeConformance]
d4c5b8817ef Set test feature gates as a group, and auto-disable dependents
46c15a1844a fix typo in comment for namespace validation to appease verify-spelling
2fd76c8ed18 fix: Comment out ipSloppyValidator
51f02aa58a2 fix: Update error origin in ValidateDNS1123Label to use k8s-short-name format
6b11e6433cc run update-codegen to for ReplicationController
0a26ff5cb47 Update CSR DV test to match RC style
2d48dae391e Eliminate public ValidateReplicationControllerName
229c6b13ca7 Validate ReplicationController.metadata.name
7cf99892224 Add ValidateObjectMetaWithOpts() to apimachinery
b00e0f30208 Add cohort support to +k8s:item
975df59fcd5 Add cohort support to +k8s:subfield
efe4d17d15e Add support for validation cohorts
8105dbe5bce Revert "Omit type names of emitted slice elements to appease gofmt"
07991f41f00 Fix: Correct timestamp for node swap metrics
5d067af5e1b Prefactor: Fix some bad tests
7b938513956 Fix ReplicationControl double validation
04d632dd050 fix: Adjust validation for pool names to ensure proper coverage in device requests
c36c927d189 DRA ResourceSlice: nicer log output
af9facf7bad Fix passing runtime.Object to HaveValidResourceVersion check
af9b314fb45 Propagate backoff duration for crashloop backoff.
5ae2372f1b6 Remove a "helper" function that doesn't really help much
0cb916d4dcd Move metrics calculations to getList
fc19fcfb73c improve httpstream handshake error logging
89b975c6d36 Add comments
199c9ac77ab Remove ExpectInvalid()
8b08c8e59ce Remove ExpectRegexpsByPath()
b922fd9db43 Make ErrorMatcher more strict about multi-match
a51fb72c7f4 Simplify tests wrt ratcheting
054ab36c913 Fix field path for embedded fields in root types
9757d8d8efe Document 0 as a special case in RV comparison
84f85712beb feat: Add matcher and conformance tests ensuring that RV is uint128
02a51e3712d DRA ResourceSlice tracker: explain test a bit better, fix -run
c524a5fba28 fix(cordonhelper): Avoid mutating local node before API call
7c24e62d7cb Add additional types for resource version comparison testing
68205ff40c5 DRA scheduler_perf: run with specific allocator implementations
5832c915ace scheduler_perf: apply feature gates in deterministic, alphabetical order
60eeaa6ebda DRA scheduler: add unit test for allocator selection
7f57730ba4a DRA scheduler: fix selection of "incubating" allocator implementation
b5bcac998d0 DRA scheduler: clean up feature gate handling
723d1555a72 test: update CSI sidecar images to latest versions
b0460eedbac Make legacytokentracking controller context aware
37fcfcd29e9 feat: Add conformance tests for all resources for comparable resource version
fe681cfd8f6 update comments
83163d0b4a9 update comments on beta apis
11291fb6c59 update featureflag list
b656027b936 Update MaxUnavailableStatefulSet feature gate to beta
2cef54c1450 feat: Add helper function for client-go to compare resource version
f5e65af1737 add getters for event User and ImpersonatedUser on AuditContext
8a03067211e fix resource claims deallocation for extended resource when pod is completed
2c12d5731e4 fix validation_resourceclaim_test.go with MarkCoveredByDeclarative
9380248ad69 generate
ef2b68388ea add +k8s:maxItems tag logic and tests
b6afe986c62 kubeadm: rework the FetchInitConfigurationFromCluster node flags
03a1a22478b Add declarative validation tests, use tweak pattern, and additional test structure changes
11df50453fc Add maxItems limits to ResourceClaim
212a9c6a60c test/e2e/apimachinery/watchlist: select only wellknown secrets for table test
a20b34aa82e devicemanager: fix golangci-lint errors
bb91913017e Migrate sample-device-lugin to contextual logging
7e27b9c241f change default for failCgroupv1
6a5d0ef4230 gce: fix etcd manifest
1cfc29a179b cluster/addons: update container images to latest versions
574ac5b4978 disruption: remove unused pdb parameter from getExpectedScale method
574b09b7de4 nodelifecycle: fix ComputeZoneState method comment
2b3f1877bee Update NPD to v1.34.0
c4ec18b58a6 pkg/volume: improve code style and readability
b40b67b9cff Deprecate caseless driver name validation and enforce lowercase warnings
7af3377900b Add desired_replicas histogram metric to HPA controller
96349a46088 chore: Move declarative validation featuregates to staging apiserver
06c47136fef implement KEP-5573 by not starting kubelet on cgroup v1 by default
e6e6c6fdfbb Remove unused WithTakeover and WithValidationIdentifier
9a7e2291d1f refactor: Remove Validate(Update)Declaratively and improve error handling
d2ec0308c7f simplify scale subresource testing and document expectations
713cb97a850 test: Add unit tests for metricIdentifier function
2d7dd9164fa Refactor: Centralize declarative validation and migration logic
d559a4afe7f Add configurable tolerance e2e test.
4a76cd84055 Remove configmaps related rules from the kube-controller-manager and kube-scheduler leader election roles
d45a4557c1b Migrate device manager to contextual logging
4347d4be812 Update coredns to v1.12.4
5119b869668 refactor(DRA validation): Add granular controls to ValidateCSIDriverName for declarative validation migration
2c78bc981c2 Introduce API to codify and validate feature gate dependencies
7efc77f493a Apply feedback
7bab54a7c8b emit comment for uniqueness is disabled by k8s:customUnique
059d1794e61 test(validation-gen): Enable uniqueness validation tests for listmap
71797498f9c test(certificates): Add ratcheting test for CSR conditions
3da0a255f7f Enable listmap uniqueness & run codegen
3015e58e40f Improve tests devex for DV tests.
adf0a916930 update autoscaling leads
bd075eb98cb kubeadm: use JoinHostPort in WaitControlPlaneClient
ad8f91fb0f5 Fix error messages in volume path handler
53b81011e25 fix: add +enum tag to resource DeviceAllocatoionMode
8138390e51d feat(certificates): Add k8s:customUnique tag to CertificateSigningRequestStatus
09e96ae3f1d chore(validation-gen): Update output_tests for k8s:customUnique
81e2d211767 feat(validation-gen): Add k8s:customUnique tag for disabling uniqueness validation
6031ff29c14 make containerd download more robust
051b29bde38 Add nil scheme check in GetReference
0010d3992ac kubeadm: ensure waiting for apiserver uses a local client
a96ac3a2766 update publishing rules for 1.33/1.34 to set go1.24.7
2ffc06e09ae Make APIServerLeaseGC controller context-aware
2b110c138ec Add RunWithContext method for debugsocket
a28e452b44f refactor(apiextensions-apiserver): Make NonStructuralSchema controller context-aware
90bd84798c8 refactor(apiextensions-apiserver): Make NamingConditionController fully context-aware
409ad3944f7 added unit test for /statusz endpoints
56eb9a1a960 [126379] [go-client] chore: use WithContext functions: do not use SleepWithContext inside Sleep, use CalculateBackoff inside CalculateBackoffWithContext
dbe4143de68 generate
7019a088c39 Add declarative validation tests for ResourceClaim status
8606fa03dc7 Add declarative validation of ResourceClaim status pool field
e8f243dac2a Add output tests
83cf6358189 Add k8s-long-name-segments format
697113f5f07 Add utility function to errors to allow format composition
273912fb7f6 Improve BenchmarkSerializeObject benchmark
d2e6be440c6 Revert "Merge pull request #133213 from sanposhiho/second-trial-conor"
c1e74a1a982 Promote HPAConfigurableTolerance gate to beta
bc7ea997a0c deflake e2e: ensure pod with sidecars restarts in correct order after node reboot
a87068c685d Clean up gogo dependency tracking
b7567b980b9 Remove non-generated use of gogo dependencies
840aa4722e9 Drop unnecessary gogo dependencies
7930c2db4c0 Fix SELinux e2e tests waiting for "container created" event
48d56644308 update kube-cross image
ac35a0a99a9 Remove some unused bits of verify-golangci-lint.sh
911e46c08b4 fixed the CRD statusResetFields init issue
784b842a44f Remove the --pod-infra-container-image flag from cluster/gce
37592a026be bump gengo
22551e56a65 Fix IPv6 allocator for /64 CIDRs
51c525a1402 [126379] [go-client] chore: use WithContext functions
1e4e6e10c19 Use context.Background() directly in kubeadm polling API calls
c8138546201 Update comments around an old bug workaround
a8a21aaf853 Add hpa object count metric (#134140)
25893cb579a Promote regression-issue-74839 to 1.4
fefcbdcff23 Bump image version
d957c90153a Track connection using IP+port in server to fix conntrack test flakes
ea914d8077f Remove unused WaitForServiceEndpointsNum function
01f7de46f6c Replace deprecated WaitForServiceEndpointsNum call with WaitForEndpointCount
12db1e28dce remove unused file
15b16e0090d Remove RootlessControlPlane feature gate
343a5db9658 DRA E2E node: fix cleanup of tests using separate registrar
89b75e998d3 expand coverage for resource quota and limit ranger tests
4e719939170 Enable SSATags linter to enforce +listType on lists in APIs
883b9e570af Wait the readiness of pods for all the containers generate logs
4275b8b759d Don't limit the number of goroutines dispatched by the API Dispatcher
736f7b9a1b5 update to latest sigs.k8s.io/json
9d5ddd9faca change klog to log volume name instead of entire spec in GetDeviceMountPath
19356ad1182 refactor(cloud-provider): Use WaitForNamedCacheSyncWithContext
f44279647bf refactor: Use WaitForNamedCacheSyncWithContext in core components
9d4b91dbd80 kubeadm: cleanup after ControlPlaneKubeletLocalMode
c3a26a066d8 Bump golangci-lint to 2.4.0
36e3adf318c Add e2e test for MaxUnavailable StatefulSet RollingUpdate (#133717)
9382fa8b70b Remove KUBECTL_OPENAPIV3_PATCH feature gate as the feature is stable
7028ba09dbb fix: duplicated 'the' in comment
d7a2793fa65 bump system-validators to v1.11.1
f8bfcfc8857 Drop utiliptables.NewDualStack()
88d6e6c465a drop automaxprocs hacks now that go 1.25 handles this built in
563d4d651ca bump go language version to 1.25
f8d2df0f74b refactor: skip re-validating for unchanged resource claim specs
9ca4ddf9699 add go.work.sum to dep-approvers file list
c8d3b3fdd33 add go.work to dep-approvers file list
4b0eeeb6184 Make pod-security-admission honor emulation version
7f4ee652eaa Delete temporary ProbeHostPodSecurityStandards feature gate
55419eca7a2 Plumb effective version into admission initializer
67632f8229d Add support for k8s-long-name-caseless format.
17665a39cf5 feat(validation-gen) enable declarative validation for resource.k8s.io DeviceClass
871f87eaec6 e2e_node: test DRA plugin gRPC connection reuse
6d5aece4d81 Ensure keys used in storage and cacher start with resourcePrefix
0b10735cd72 Extract the prepareKey function
709280ef6e7 Test requests send to etcd for all LIST requests
56a4306fed7 kubeadm: graduate ControlPlaneKubeletLocalMode to GA
fa9071302f8 Adding metrics for Maxunavailable feature in StatefulSet (#130951)
f58d1e101ff refactor(controller): Use WithContext variants in cloud node controllers
d12eeb98d0c Replace HandleError with HandleErrorWithContext
69aca29e6de Update kitten base image from agnhost:2.33 to agnhost:2.57 (#133818)
6dbc13fd134 Bump to go1.25.1 based images
af231d2153c Replace WaitForNamedCacheSync with WaitForNamedCacheSyncWithContext in pkg/controller/
eca1cfb259f chore(validation): add validation identifier for declarative validation in ResourceClaim
c0fcb10acfa fix(tests): update fake client initialization and add resource version handling in validation tests
7c45b1aa3b7 refactor: simplify declarative validation tests for ResourceClaim
380c4c222ee feat(validation-gen): Add declarative validation support for ResourceClaim/(v1,v1beta1,v1beta2)
3fc0498d6ec Bump distroless-iptables to v0.7.8
fb184a9ff42 Update pkg/api/testing/OWNERS
c51a8734b12 Update documented metrics list
aefd2effc5e test: automatically lower Ginkgo parallelism when using race detection
479d78851ab feat(apiextensions-apiserver): Add WithContext variant to EstablishingController
7a62519b364 E2E: treat data races in e2e suite as failures
f5cd1a16646 Address tests grouping comment
50ea1f870ea fix incorrect warning whenever headless service is created/updated
92dcd02459f Add helpers for declarative validation tests
74faf1527fd Unify directory protection for recursive requests in storage
cbb7b29bc24 print the current kubectl command encapsulated by kuberc on V(1)
3799b8bf6a7 Add reviewers and approvers to api/testing
1c41cb0550b fix gofmt
842d6d29fc0 test/e2e/node: promote ConfigMap update test to Conformance
1a5e77135b2 Add fine grained metrics to narrow down DV mismatches and panics
4db49d0f4e9 feat(validation): enhance slice validation with declarative options
4074be896bd Record SyncTerminatingPod error and set error status on span when non-nil err returned
f99cb99a1b9 Wait for quota to report used before creating pvc
8817dd65296 Update cmd/kubeadm/app/cmd/upgrade/node.go
91a3a30eb5c Ensure consistent key schema requirements between cacher and etcd3
938b23879a2 test/e2e/node: add [NodeConformance] label to ConfigMap update test
5dac4ee1695 Improve dry-run error messages for clarity
a825c72697e Update agnhost to version 2.57
e39ed4a4b4b scheduler/volumebinding: add test for PVAssumeCache
bbee7b9d6b1 scheduler/volumebinding: rename passive_assume_cache_test.go
4b0eff59c07 scheduler/volumebinding: target AssumeCache UT generic passiveAssumeCache
872981a2055 Rename CLE test directories
1ce12710ec1 refactor(controller): Use context-aware WaitForNamedCacheSync in resourcequota and HPA tests
d2ba13dac92 Add exceptions for existing issues for conditions linter
894d724f98a Enable conditions linter for Kube API Linter
e3b08f98713 Update KAL to latest and add shadow config for new options
af6b3ed1f51 Add support for k8s-label-key
aa0c5960edc Add support for k8s-label-value format.
8fed05c5b78 DRA E2E node: fix test cleanup
b81e87c02f9 fix: use iifname for input interface name matches
5a708a7ff0d scheduler/volumebinding: remove Get[API]{PV,PVC}
ed19492dc2b scheduler/volumebinding: passive assume cache
09ab06b423c Remove container name from container event messages
bbf896c35bb build: automatically choose a suitable base image
4e907fad15d Explicitly set TerminationGracePeriodSeconds for mirror pod
1e742f01ba6 Fix cacher resource prefix not having a "/" at the end in tests
c385a229d4b scheduler/volumebinding: introduce testInformer
1baa7936d89 Fix flaking RunTestDelayedWatchDelivery
eaf87d59077 scheduler/volumebinding: pass testing.T to helper
dce23dac036 scheduler/volumebinding: use subtest
90109b21af7 Wrapper for DeleteLabelValues
455a4376742 node_e2e: fix kubelet configuration setup
c08b9ab3b5c Replace deprecated sets.String with sets.Set for Index type
476325f6e5f Specify the deprecated version of apiserver_storage_objects metric
cbedde7ef50 [client-go] [cli-runtime] [133916]: handle properly config override logic when override provides ClientKey, ClientCertificate: also empty TokenFile if Token is set in ConfigFlags
41307203ba4 Add additional test for root level, ignore mutation lint error
029d314e150 Replace NewIndexerInformerWatcher with NewIndexerInformerWatcherWithLogger
46cc610e6fe Drop PodIndexLabel after the feature GA-ed in 1.32
16fa1501826 scheduler_perf: run garbage collection before measurement
c52e3aafb32 skip creating storages for unserved versions
74cf1db218e sort the device requests in the extended resource claim spec. removed the sortClaim in the unit test.
bb21080626d standardize not found error message of kubectl scale
ecff35e2fb4 deflake e2e tests: set cpu requests to avoid out of cpu
0c0acbc5351 Disable too short scheduler_perf workloads
9f31b009081 scheduler_perf: KUBE_CACHE_MUTATION_DETECTOR=false in docs
4f6598e8a31 Fix tests not using proper resource paths
6e5a5abb86c Fix version bump to follow semantic versioning
97cd1c24085 replace fmt.Printf with fmt.Fprintf
96463c1e9a7 kubeadm: fix the KUBEADM_UPGRADE_DRYRUN_DIR environment variable doesn't work forthe upgrade phase when it writes kubelet config files to disk
9f49e3b9e16 deflake unit test: TestIsConnectionReset
86028eecf2a Add ratcheting of selectableFields
a89a36061c8 fix lint errors
3da372354d6 add fake-registry-server command to agnhost
480fad996d5 kmsv2: run TestKMSv2ProviderKeyIDStaleness in parallel
dfcadb4f896 Replace WaitForNamedCacheSync with WaitForNamedCacheSyncWithContext in pkg/controller/garbagecollector
5e66bb69720 ./hack/update-codegen.sh
fe1aedd0bf7 applyconfiguration-gen: remove "Experimental!" comment as the code has been stable for several releases
c911747f240 applyconfiguration-gen: preserve struct and field comments in generated code
8dafb98e916 Update sample-apiserver and examples
fc091d93d53 Update tests that depend on internal model names
e9daf55b56a Add tests
3fc59ee9a70 stop using util.ToRESTFriendlyName in favor of declared model names
0dd2056045a Update violation exceptions
5647c07179d generate
e910c181cb9 Add model name generator tags
cfbe326e3a2 Enable openapi model name accessor generator
8b63ace66c5 Bump kube-openapi
dd9917ddce8 Fix flaky resource claim metrics test
3df195633a8 Add support for UUID format.
7e6aafe1577 fix intergation test
9e60e3593ec kcm/app: Add proper goroutine management
79f8d1b1c5d fixed bug such that implicit extended resource name can always be used, no matter the explicit extendedResourceName field in device class is set or not.
1ac067ae0e6 Fix tests to to only accesses keys from under resourcePrefix
31e035ec39e Use increaseRV in TestWatchStreamSeparation to imply external RV increase
83273e21b91 DRA scheduler_perf: clean up usage of steady-state pod scheduling
9af3e868102 scheduler_perf: detect testcases with no pods scheduled
3dfcda9afdb Fix minor inconsistencies in scheduler
bf0429ed07c migrate kubelet/certificate to contextual logging
edc8dafc699 Cleanup enabling resource size estimate
5483c52e101 DRA: Fix ConsumableCapacity shceduler perf test (simplified)
05fc3f65d82 CHANGELOG: Update directory for v1.31.13 release
70af7708fcc CHANGELOG: Update directory for v1.34.1 release
d884ed5e97b CHANGELOG: Update directory for v1.33.5 release
6d0138d3f12 modify etcd data for integration test
587f67052dd modify api version hash
7184ac5a733 make v1 resource version first priority in resource
f89e73a3038 CHANGELOG: Update directory for v1.32.9 release
9ca3159e34c Fix fake runtime's image pull
a77fc586c75 Fix negative pod startup duration
bbdd27d91e5 Add tests for unique tag combo & update-codegen
62662e3a08e feat(validation-gen): support unique tag on list
a5b29fa812e refactor(validation-gen): move list-related validators to list.go
81cb5b7df22 DRA: Fix PrioritizedList scheduler perf test
c4d8c9b5440 Re-disable listmap uniqueness (for now)
6fb020b1942 Temporary: Re-enable listmap uniqueness checks
3e15dded75d Pass equiv func to subfield, like item and eachVal
0d5e374da93 Don't ratchet-check inside type functions
b6fdbe4a6ab Emit ratchet check for fields with a type func
229954d1138 Revert "protect against race between deletion and adding finalizers"
e2e7fa17990 switch our usage of expfmt.TextParser
bdfca587f48 update prometheus' client_golang and common packages
2d71a0d72b2 Refactor ItemTagValidator.GetValidations a bit
8f679c74020 Make item validation just use a TagValidator
c047bdf58fe Sort item criteria to match listmap key order
26283acfb14 Clarify that union has field- or item-members
3f068c7c64d Parse path early, clean up getDisplayFields()
77c1ac6320b Improve error reporting in item tag
1f61a8b814d Rename "fields" to "members"
1417e56dffd Break processFieldMemberValidations into 2 funcs
023c026d6fd Add ListSelector in validation Context
3e2e2195ed8 Unions: replace `[2]string` with a type
8130cf82b59 run "hack/update-codegen.sh valid"
348d576c9f7 validation: Use JSON names in paths
f51d57042e5 Update Context comments and fix some usage
9e71a07abf5 Minor validator name-string fix
fd3fcfe121a Add comments to generated code
471256619f6 Put the nfacct e2e test back under the "KubeProxy" label
9b696ff58cd build: also support KUBE_RACE for test binaries
90c9a932d49 fix race condition in kubelet's PodCertsManager
8b50c77eb6d scheduler_perf: measure DRA setup time
bc8ce679984 delete v1.32.0 testdata
d59d48e64a3 Add v1.34.0 API testdata
b276c96ef86 Migrate kubelet/server to contextual logging
1e3c3934cb9 e2e_node kubelet configuration: merge feature gates and system-reserved items
c5882e38fff Fix ClusterIP load balancer disappearing when InternalTrafficPolicy: Local is set.
e3c9c277c33 fix CI failure: update pod image using the same one
55700685bd0 Revert "Add retries to node's crictl test"
801ee441630 Validate kubelet serving cert in local-up-cluster
82eb8bd23a2 Populate memory requests from actuated resources at pod status generation time
8ff5cec2617 scheduler_perf: block after creating ResourceSlices
af6da561dd8 scheduler_perf: reset and stop testing.B metrics
5170982540d chore(kubelet): migrate eviction to contextual logging
39170e2ed63 chore: Clean up duplicate logs
cfeeff7aced chore(kubelet): migrate stats to contextual logging
5ed98e97e1c Remove getLocalNode to fix GracefulNodeShutdown e2e.
b42b96f518f add paths section to scheduler statusz endpoint
06c5eb992e8 DRA kubelet: avoid deadlock when gRPC connection to driver goes idle
6b908c192cc [client-go] [cli-runtime] [133916]: handle properly config override logic when override provides ClientKey, ClientCertificate: use values from overrides when one of the field (file or data) is present in inverrides
d38c1df3f36 chore(kubelet): migrate metrics to contextual logging.
cd343aaf1e3 Fix OWNERS_ALIASES entry for SIG Docs
7aa6cabd634 fix typo for forceDetachTimeoutExpired
fc8907da38d [client-go] [cli-runtime] [133916]: handle properly config override logic when override provides ClientKey, ClientCertificate
8118636321a Close container runtime connections after use
1a0813598b7 Update SVM Discovery checks in response to jpbetz and stlaz
bf851e8bcfa Apply feedback
7d14367f57c Change WaitForNamedCacheSync to WaitForNamedCacheSyncWithContext.
80e6f9e20a2 chore(kubelet): migrate container to contextual logging
f1b28b0d1f7 chore(kubelet): migrate watchdog to contextual logging
98f81fc2910 Remove redundant experimental prefix in wait command
d75d4860e7f kubelet: migrate module `logs` to contextual logging
9c1cf79d74c kubelet: migrate utils to contextual logging
62cadde688c Fix incorrect description of feature PodObservedGenerationTracking
c88f2f3142b Add k8s-long-name, k8s-short-name format validation tags
c8681531abd fix typo for sattsfied
4e200ca00e8 fix: Only warn for unrecognized formats on type=string
cee1ea7225a Update client-go compatibility matrix to include releases up to 1.34
ddb015f023b Resolve confusing use of TooManyRequests error for eviction (#133097)
86e3ad233f7 Revert trapping TERM for podWithCommand
21359d7b1f4 Switch to resourceVersion controller
21ff3c196c2 kubelet/metrics: fix multiple Register call
98c62936230 kubelet/metrics: misc optimization
43c3b03685c Lock AllowOverwriteTerminationGracePeriodSeconds
fbd33bd6b39 hpa: prevent integer overflow in external metrics sum
09548c6bdf3 Move actuated resources state to kuberuntime.Manager
683a76dd159 Enforce that all resources set resourcePrefix
954ac21c6c8 Add Kubelet stress test for pod cleanup when rejection due to `VolumeAttachmentLimitExceeded` (#133357)
3e84e16315a Disable estimating resource size for resources with watch cache disabled
73cf278883a Mark some aliases as deprecated
5f4b4a68249 Bump gengo
7e9b228ff09 apply integration test: fix ordering test flake
07faaec2c42 scheduler-perf: fix data race in createPodsSteadily
c8f8f66e6de Increase termination timeout for `evicted pods should be terminal` test
ef7cee89bf2 add events.events.k8s.io to clusterrole view/edit/node default
8d31237c334 kubelet: poll after reloading logind conf
c7ddceb8cb4 client-go/dynamic/fake: Stop ignoring options
5e59c658d6c Organize enum tests
f971ad76af2 Only pass type args when needed in enum init
fa1f9d444cc apiserver: avoid default toleration seconds data race for all tests
ad9ae3ab9d9 test: fix data race in test/integration/controlplane/transformation
e32adad6570 apiserver: fix PriorityClasses creation data race
a67468717c3 Omit value type from validation rule failures
d6068db62ec CLI: log info about race detection
23362e001c4 build: support -race in binaries
9fb1ef4dd0d fix kubectl exec command in cmd test
da0e7384d5e - Update Nautilus test agnhost images from 2.33 to 2.56 - Update VERSION to 1.8 - Addresses issue #131874 for updating outdated base images
4babdf80264 Fix race in movePodsToActiveOrBackoffQueue
fadb40199f1 Move interfaces: Handle and Plugin and related types from kubernetes/kubernetes to staging repo kube-scheduler
82896feebbd cli-runtime: Return defined error from Builder
f0be916f7a9 Update CNI plugins to v1.8.0
584a9da5940 Use golang protobuf for etcd version monitor
a41de8771af Bump github.com/spf13/cobra v1.10.0
137d56c1c24 add paths section to kubelet statusz endpoint
6ddf6261d44 Update to spf13/pflag to prevent CI break
1fd7f308fc0 ci: remove httpd usage while using agnhost instead
588276255ba Disable collecting stats for resources not setting prefix to prevent error logs
9b47a096f4b Update to CentOS Stream 9 based on reviewer feedback
ea02ce5b603 Update protobindings scripts to drop gogo paths
70cd76c5cf2 DRA e2e node: skipping resource health disabled test
1578267ebef Update volume/iscsi base image from fedora:38 to fedora:42
73127eb86d0 Update volume/nfs base image from centos:7 to centos:8
72847ee1f75 Replace deprecated strings.Title with cases.Title
8a6f1736523 lock DisableAllocatorDualWrite
158e4e82615 generate
b6927088c83 Use consistent documentation of aliases in the API
b159d2ca597 self nominate natasha41575 to be a sig-node reviewer
799312a402c Update pod resize test to accept new cpu.weight conversion.
bf13cd1b81d added resourceClaimModified to bindClaim to decide whether to update assume cache
1ba96db35b5 ./hack/update-codegen.sh
8b0d7efb43d applyconfiguration-gen: add ExtractFrom with subresource support
f1d0c5dbc39 return an error in case nil selectors are passed to matcher functions
81cec6df1d0 Bump to mockery v3
7685612b9c2 refactor(event): simplify conditional logic in event handling for both v1 and eventsv1 APIs
faa0f33b8be remove v1beta3 flowcontrol from rest storage
fd2d2fd66ff Convert `k8s.io/kubelet/pkg/apis/dra` from gogo to protoc
d1946199792 Fix linter
36cf7282814 Drop SizeMemoryBackedVolumes after the feature GA-ed in 1.32
9f8d9432e20 bump gopkg.in/evanphx/json-patch.v4
f3d278e75d1 Fix completion of resource names
233384d4e47 deflake e2e test: Services should implement NodePort and HealthCheckNodePort correctly when ExternalTrafficPolicy changes
d85ce5310de Appease linters
e6ae04e02ca generate
15b29a0fa20 Add +k8s:ifEnabled and +k8s:ifDisabled tags
243f47f3b33 Omit type names of emitted slice elements to appease gofmt
5c955edfe04 Add support variable initialization using any literal type
e8186d06790 Add output tests
8435fbab983 Add +k8s:enumExclude and options support to +k8s:enum
64d9ddcf9dc Add enumExclude support to enum validator
ed170c1c0aa Add constant discovery, ScopeConst and StructLiberal. Remove ScopeAny.
e1218922db0 Add unit tests to isResourceUpdatable
aea27237443 populate pending and ineligible endpoints
e5f4caf62a6 drop spammy xtrace from hack/test scripts
f1d980adf91 separate resource-quota and limit-ranger resize tests
541ff7cd169 DRA: Add configurable health check timeout per device
f336f4c75a0 Close response body after the conn is closed
2608a38d475 Increase port-forward broken connection detection client timeout
2f356d02e29 make update
09e357d31fd Drop StatefulSetAutoDeletePVC after the feature GA-ed in 1.32
bf6a55cd062 e2e: node: address linter errors
9aed0813e66 e2e: node: cpumgr: replace old testsuite
c4f7272f621 e2e: node: cpumgr: keep only scaffolding
37d678e098f e2e: node: cpumgr: remove old sidecar container tests
666dec8c2f6 e2e: node: cpumgr: remove old reserved cpus tests
d98069e22c8 e2e: node: cpumgr: remove old distribute-cpus tests
e2624d0cce4 e2e: node: cpumgr: remove old smt alignment tests
9e6073304fb e2e: node: cpumgr: remove old cfs quota tests
bf9511eda63 Remove GA feature gate ComponentSLIs
c35d5473ddd Remove the otel semantics override
684473af623 Bump cadvisor to 0.53
12a784b46bd cleanup: remove redundant type conversions in podautoscaler
c16d72c4140 e2e: case for multiple volumes reference one PVC
0e6b22b5c80 test: add assertion to check OuterVolumeSpecNames
4abd40f6e3d kubelet: multiple volumes reference one PVC in one Pod
7910cbb8842 kubelet/volumeManager: remove outerVolumeSpecName from ASW
146f0c93453 remove MountedVolume.OuterVolumeSpecNames from logs
52b7d035f96 cache: do not allocate chan for nothing (#133500)
f1ceec70a68 feat(apis/batch): PodFailurePolicyOnPodConditionsPattern.Status can be omitted (#133479)
66fdbe10583 fix using stale pod when evict failed and retry (#133461)
5af2b732bee Change KYAML gate to on-by-default
b9a8dffa51e Fix replicaCount calculation exceeding max int32 (#126979)
7cf39066b34 Remove sleepAfterExecuting param from diskConsumingPod
388046c3ea9 ImageGCTerminatedPodsContainersCleanup e2e node test
c9ccbae0d9e Remove terminated pods eviction code
2cad51f6c0d Add ImageGCTerminatedPodsEviction e2e node test
a59ce54d79f TerminatedPodsEvictionOnDiskPressure e2e node test
df54470e9b8 Test terminated pods are evicted on disk pressure
146357aa395 Evict terminated pods on disk pressure
ad8afd3ab09 add generated files
ff37d8c3394 Drop experimental prefix from kubectl wait command
388aaebbd7b Add HirazawaUi as a reviewer for sig-node
b012e16b47e Remove use of pkg/scheduler/framework.NodeInfo in node_ports.go
731e6def042 Fix the spelling error of grpc in the log
b83e933d6a9 doc comments
6dff95db798 CHANGELOG: Update directory for v1.34.0 release
ac802de9f54 update openapi spec
5a718ca28cb remove stale Godeps filter from rsync
8512862161d cleanup tempdirs on exit in kube::verify::generated
d4e1d134801 add note about not adding to rsync invocations
33a58e4bef5 stop excluding GOPATH from rsync
7a43f8bd273 Omit values from validation rule error expressions
56e2f15c1a8 Show simple values in validation rule errors
00c30b354df Reduce nested conditionals around validation rule errors
d838611d6db api: Remove +listType marker for non-list field
ae2d50cf1a8 Update MAP storage version to use v1beta1.
2dc6f7501ee kubelet: fix error message for EnableNodeLogQuery
3c00c3cb29d Move GetAffinityTerms functions from pkg/scheduler/framework to staging repo
75d04e6c7b6 Add a note about Conflicts return value
83da6f1a87c fix(controller/podautoscaler): do not print panic when .status.lastScaleTime is not set
1c336e3fc6f Fix flaking readyz check in scheduler integration tests
4fa6c70604b hack/logcheck.conf: add several converted packages
63f304708a0 client-go leader-election: structured, contextual logging
46e10103ff0 Take activeQ lock for part of the Update method
a0a43e5f80e Drop CronJobsScheduledAnnotation after the feature GA-ed in 1.32
09954ce369d Drop unused tests, after KEP-2599 graduated to GA
f2bc8bdea5e Drop unused tests, after KEP-3335 graduated to GA
9c8e03a40b2 gofmt cleaner.go
3bf684b4ed0 fix: parsing the patch directly
ac1f9fb73f2 util/sets: benchmark List()
48399b1af14 util/sets: simply List() by using slices.Sort
16d4f9ea1f6 kubeadm: clarify the comments for a few API fields
3b7475c5226 kube-proxy: list available endpoints in /statusz
8a95e8a71ca DRA E2E: clean up class creation for extended resource tests
4a597f50b4b Fix panic in PodResources API test when FeatureGates is nil
7debab65049 Apply feedback
8b0b0df431a Don't run PreEnqueue when pod is activated from backoffQ
8b760704fc6 fix(cleaner.go): exit early on check of CSR issue state
6cefbb65d0f Apply feedback, minor cleanups
2fc66ddaf25 update gofmt
e1c586eb00f Add doc.go, example_test.go and ARCHITECTURE.md to apiserver
3f5b678e980 Update nfacct_linux_test.go
e792dcb8100 Update cri-tools to v1.34.0
accdd9e27e7 Add doc.go and ARCHITECTURE.md to client-go
08bd33e0dc1 clean up outdated in-place pod resize todo
3bdaeea2155 feat: Add discovery check to SVM to ensure migration doesn't get stuck
bb6a0ea6b2c HPA: optimize calculatePodRequests for specific container lookups
94d3dc40b23 kubectl: include container fieldPath in event messages
f6b3f916b1f scheduler_perf: fix data race warning around klog flush
df64d3f8826 Remove rbd image and storage class
f920b064d00 Promote VAC API test to conformance
ebf3d814f4c Fix(cleaner.go): Add GC to handle Approved-Unissued CSRs
770b749436d feat: Require SVM to use RealFIFO
b46a5cceeff Fix missing control plane health check timeout
dec23d58e4c Add remote runtime/image `Close()` API
97a146d47df Refactor error handling: reuse `err` inside closures and avoid re-shadowing
5c8f26f4803 kubectl: fix expose --selector help text
2180b441dd7 gofmt and review feedback
b9d5edd4445 remove stray strailing tabs from gocritic settings
535b4e07e94 enable gocritic deprecatedComment check to help lint for malformed deprecation comments
0b647319c44 hack: more output about running tests
38da6d767db DRA: Fixed ResourceClaim UpdateStatus to wrap with RetryOnConflict to automatically retry in the event of a conflict.
76e5929d1a1 chore: update CronJob casing for create job help
c97f08793cb Fix startup probe worker termination for sidecar containers
d4f8bebda08 Fix label selector parsing for consecutive commas
8d4108bf935 fix: Update unit test to catch actual nil Labels case and fix functionality to handle nil Labels
189d6d726bf fix formatting of deprecation warning in test/e2e/framework.WaitForServiceEndpointsNum
db5dd2fe8f8 update-codegen
2b47e8e5b5a fix deprecation comment in register-gen
668b3fe4afc update-codegen
ef1878c6013 Update `sharedInformerFactoryInterface` context initialization example
80071d16e18 fix deprecation comment in informer fatory generator
fa5792a4664 fix k8s.io/component-base/metrics deprecation formatting
1dd428d4c01 fix deprecation formatting for k8s.io/kubectl/pkg/cmd/config.NewCmdConfigSetAuthInfo
9fabccd24c9 fix deprecation formatting for k8s.io/apimachinery/pkg/api/errors.NewGone
30f4fc9ca38 update-codegen
8c139fbe942 use correct deprecation comment in clientset fake generator
a405844e66d scheduler_perf(fix): correct typos, clarify comments, and minor tweaks
d3ba41467db set default log flush frequency in kube-proxy config validation tests
69b3876fd17 set default flush frequency in kubeletconfiguration tests
f9dcd5f7135 validate that flush frequency must be positive
3995b6cf72b Register apiserver_resource_objects in TestDeleteStoreStats
b77f4f2425a Align metrics hiding with deprecation policy
0b16f0ae3cb Test that auth{z,n} hook clients honor Kubelet's request encoding.
f0e52c1c476 add known example API group suffix to avoid race
cb1d04655fa test-integration: set KUBE_PANIC_WATCH_DECODE_ERROR to false
aa819af85a1 chore: update CoreDNS to v1.12.3
e1dd085ffe2 Add retries to node's crictl test.
7f4462398ab e2e/watchlist: normalize dynamic 'Age' column in Table test to prevent test flake
3eb69eb8522 Fix DaemonSet misscheduled status not updating on node taint changes
39e7b2ce5e4 Migrate pkg/credentialprovider to structured logging
ddffd8e3893 Allow IfNotPresent to be used in node e2e tests Currently the node e2e tests overrides the image pull policy to PullNever, if the policy is not PullAlways.
d4bd007d3b8 adds a list of available HTTP endpoints for the kube-controller-manager component under the /statusz page
ea9d7ff8656 PSI test: add a CPU limit of 500m to cpu-stress-pod
8612c57d216 e2e: node: linter fix
e839adafb7c e2e: node: cpumanager: move shared code in topology manager tests
af53d97786a e2e: node: cpumanager: move specific helpers
d86d798eae4 e2e: node: trivial rename
30ca634386e e2e: node: cpumanager: push utilities in util.go
bb7cff161c5 e2e: node: split utilities to learn machine properties
1a4e289cfac e2e: node: split kubeletconfig utilities
a28eda435f2 Add sig-instrumentation as OWNERS for apiserver/pkg/storage/etcd3/metrics
1ea47202688 Add e2e test for SELinuxMount to CSI drivers
97edb4d5e43 Fix SELinux label comparison
76bbaa9d47a test: Standardize labels for ResourceHealthStatus e2e tests
9a6db5ad0ba remove allocationManager's reference to containerManager
9a8a4a3b440 Add missing cases to SELinuxMount tests
3fc91586a71 Fix metrics test
993ba324cd4 Bump BV to 1.35
29eb19e4228 Address feedback
bd900111a8e Move ContainerRuntimeOptions flags to cmd/kubelet/app/options
ff6f4e1f633 Move kubelet config code to kubeletconfig
30b34fbcca3 Don't read AllocatedResources from PodStatus during admission
dc0343c2f79 Split preemption integration tests to mitigate the timeout
0c91e28360d Clean up service account print and describe
aa59f930b35 Add lock to TestAsyncPreemption to prevent races
c5ef7208373 Fix race in scheduler integration tests
70794c4568e Add newline to fix owners fmt
7242ddd9370 Add jefftree to OWNERS
cf8ab1c3e7c component-base/metrics: add concurrent WithContext unit test
45f61b5bc06 component-base/metrics: store WithContext ctx in a wrapper to avoid race
1d792b00e65 move timeout to only cover the line under test
640dabd58b0 Decouple term and remotecommand packages
a2061e97f45 install appropriate version
50fec6fc577 kubelet/volumeManager: (Get -> Has)PossiblyMountedVolumesForPod
c20b105ac28 kubelet/volumeManager: GetMountedVolumesForPod() returns desired and actually mounted volumes
09131604046 kubelet/volumeManager: verifyVolumesMountedFunc checks both desired and actual
eac9da061dd Bugfix: DeleteOptions decode errors should return 400 instead of 500
62dcfe3bc06 Added WithOrigin within apis/core/validation with adjusted tests
b080dba14ec Add utam0k to SIG Scheduling reviewers
6c56d2fd1bc Replace usage of deprecated ErrWaitTimeout with recommended method across all Pkgs
d959186056f kubeadm: simplify error handling in getAPIEndpointWithRetry
0a987f8f578 ServiceCIDR ValidationAdmissionPolicy for backkwards compatible behavior
81e680e6d98 defaultservicecidr controller no shutdown eventbroadcaster on start
efcf97f98c7 authz tests: delay response in context cancelled scenario
d0816f84f9c feat: increment an internal metric when duplicate validation errors
66f7e30c653 conversion-gen: use custom conversions for slices and maps of pointers
a4763ee3cb8 conversion-gen: add test for custom conversion functions for maps and slices of pointers
f154d43739d conversion-gen: avoid attempting to read or set unexported fields
808f837c310 conversion-gen: add test for conversion of unexported fields
531fdc67e28 Replace deprecated WaitForServiceEndpointsNum
3b0a85170a7 Make kubectl auth reconcile retry on conflict
25fee618fd9 Add helper command for comparing protobuf files
78c9672deb7 migrate tracing tests to use the new otelhttp semantic conventions
6852abc73c4 WIP: Use the tool directive instead of tools.go without sharing dependency
ffa084f8112 kubectl: Fix current-context being written to wrong file
c11759bdbfc golangci: Disable staticcheck QF1008 in hints
391967c7b6a Report actionable error when GC fails due to disk pressure
584eb8464cf Pod Certs: Fix flaking integration test
3a86a4eb0dd fix: fix failed ci
7c1d133dff7 Fix sidecar containers flaky tests
bf088c12ff0 chore(kubelet): migrate images to contextual logging.
b6f6731ab61 chore(kubelet): migrate prober to contextual logging.
065899e95da chore: use ptr.Deref to replace int deref utils
cd4771d7371 fix up types for 1.34 release - remove GA feature gates
925bce297e4 Fix help for set selector
908fb0266de Fix gocritic issues
b04222a41c7 Fix non-existing PCI device hierarchy scenario in TestGetPCIeRootAttributeByPCIBusID
c4e8e8310b8 Fix typo in test case name
64d452d3b61 Fix non-existing PCI device hierarchy example in GoDoc for resolvePCIeRoot(pciBusID)
725b17067a6 Do not remove PVC ClaimRef to fix flaky VAC test
aa077145377 chore(kubelet): migrate userns to contextual logging
ec9f0d55360 chore(kubelet): migrate nodestatus to contextual logging
2b1f38a83b5 chore(kubelet): migrate config to contextual logging.
cc4666cc94b kubectl/logs: Add LogOptions.RunLogsContext
904ba748f12 fix(kubelet-windows): Typo in structured log user display name
086a5add02d test: code coverage increase for kubelet/preemption
a375b0aa367 Ensure CSINode belongs to current node on init
ed07efbc579 Configure JSON content type for generic webhook RESTClient.
5d20dc55bfd chore(kubelet): migrate pluginmanager to contextual logging
ad47298caa6 Fix a typo in fake clientset generator
53e7b175524 Fix CEL library doc string whitespace
ba46831c87a bug: Remove duplicate storage resources update validations
176ee0c2452 bug: Remove duplicate RBAC resources update validations
1dd33c8e6de protect against race between deletion and adding finalizers
49ebabb54e6 verify: additional validation of e2e.test --list-images output
73627dd663b verify: improve output of verify-e2e-images.sh
a352bf8815d Remove redundant MilliValue call in GetRawMetric for podautoscaler, which has no functional impact.
7c1d0c93a2b added changelog for CRI API 1.33
e7d76f37a45 flag: fix nil-ptr panic & typo messages
dd37ad1bc2c metrics: don't record apiserver_request_sli_duration_seconds for dryRun requests
6f1abad18e5 metrics: add dry_run label to apiserver_request_sli_duration_seconds
9f1704dd9a1 pull mounter from dl.k8s.io
e7cfbc6e14a gocritic: simplify bool expression
a79865c0016 Added contribution info to sample-controller README
a325cb42115 try order sandbox by attempt or create time
947de3d0a49 Bump addon manager image to v9.1.8
fe02b543aac Fixes pod status error when it has an error container
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0f795c80
---------------------------
k3s: update to v1.35.2+k3s1
We drop one patch that is no longer needed, and pick up the following
commits:
13563febb4 Update to v1.35.2 (#13707)
b7a5ea520a Bump Traefik to v3.6.9
5505935bd5 Improve resilience of datastore bootstrap reconcile from etcd
6a11814e1e Install binutils-gold only for arm64 builds
971abd7839 Bump kine to v0.14.12
ef3352b33a Fix rootless test to work with -local flag
25fe4279fe Revert "Move to rootlesskit v2 (#13486)"
a3f1ddbc62 Bump rancher/systemd-node version for docker tests
6043b5c5b9 Fix support for E2E commit installs
50fa2d70c2 Update to v1.35.1 (#13637)
3d825d02bd Fix removal of init node
cf8b2aba13 Bump klipper-helm and klipper-lb images
57a9ba0151 Add registry prefix to image-list file (#13602)
2e474257cd Bump metrics-server to v0.8.1
1e853f688f chore: Bump rancher/mirrored-coredns-coredns image version
eb44ad66dc chore: Bump rancher/mirrored-coredns-coredns image version
a2e38967f6 Fix VPN node IP not being applied to kubelet (#13560)
bc8ee0e64d Bump kine for list/watch revision fixes
4044d9a886 Add helper function for including stack trace with error message
24a60f8e70 Handle empty token file as nonexistent
70a776fb46 Add IPv6 loopback to kubelet-serving cert
5d394478f5 Fix filter for wildcards
c9be8a6180 Explicitly close mvcc backend
cfad6a6a67 Bump scorecard checkout to match all other versions
bba659457c Use channel.yaml instead of curling for stable for kubectl install (#13531)
9ccb98edf7 Update install tests with new images, add alma10 (#13489)
05d985ac44 Move to rootlesskit v2 (#13486)
c8ae7d1beb Prevent caching on PR of golangci-lint entries (#13487)
323b952450 Fix restart of control-plane-only nodes attempting to reconcile from local datastore
312c2388cf Update to v1.35.0 (#13523)
69c0aad6c2 Bump etcd to v3.6.7
1869c121ba Add sudo to go coverage in CI
084963abc6 Update Traefik version to v3.6.7
f03b0e91bd Bump to coredns 1.14.0
2efebf2379 Remove download/generate from vulncheck
c6e9ccb101 Fix setup-go cache issues
f028f773d5 Bump kine for NATS conformance fixes
9dfce1de28 Update longhorn version in integration test from v1.4.0 to v1.10.1
89949bc0f6 Add deferred store implimentation
f56a11018f Bump spegel to v0.6.0
179bc20bc7 Bump expr-lang/expr
69bd545420 Fix atomic write in WriteSubnetFile
f35890692e Drop use of deprecated docker reexec package
5326e4845c Bump CNI plugins
e271b600f1 Remove flannel external-ip annotations when disabled
93e5cdc665 Add tests for etcd local reconcile
14d0946392 Fix etcd reconcile with empty TLS dirs
35325987e3 Replace temporary etcd server with raw mvcc store access
17be721d99 Don't enforce use of wg.Go instead of Add/Done
b3b4b64a31 Bump stable to 1.34 and add 1.35
74afe498d0 Fix PR lint checkout depth
344a1bfd1f lint: nested-structs
3816096e46 lint: unnecessary-format,use-errors-new
09484feb7c lint: unhandled-error
05f0cdf080 lint: identical-switch-branches
c45212f932 lint: useless-break
6964eca111 lint: unnecessary-stmt
2b9f2f465c lint: unexported-return
b43f4a90cb lint: unexported-naming
43c58a897c lint: unchecked-type-assertion
44bb326fcc lint: superfluous-else
d2bbcb8ce2 lint: struct-tag
d27b113d58 lint: redefines-builtin-id
986915c381 lint: indent-error-flow
dd97235fc1 lint: import-alias-naming
035a60f295 lint: if-return
7506516bfa lint: exported
c290d10a57 lint: empty-lines
b32993713c lint: duplicated-imports
313966fbee lint: defer,get-return
a005161b4b lint: bool-literal-in-expr
d360faf2b3 lint: bare-return
5c7c49e36d lint: deep-exit
3c0ed0293b lint: comment-spacings
7f1a90166f lint: dot-imports
08918b90a6 lint: use-any
b80668fc2d lint: redundant-build-tag
a9b96775dc lint: file is not properly formatted
2ccbe1f844 Add lint/validate job
e1ef30f0ef Bump golangci-lint for go1.25
5dddbc8a66 Bump actions/cache from 4 to 5 (#13347)
5a793c4cff Bump actions/download-artifact from 6 to 7 (#13346)
26217f45bf Push GA images to staging registry (#13437)
b54634c463 Bump local path provisioner to v0.0.34 (#13426)
14c744d013 Bump coredns to 1.13.2
625139da72 Bump traefik to 3.6.6
4a49c0a04a chore: Bump Local Path Provisioner version (#13387)
591dda9fa6 Fix upgrade test eventually
8e7b3caa5c Allow k3s secrets-encrypt enable on existing clusters
01795824eb Bump rancher/systemd-node to v0.0.7 (SLES 16.0)
519317e02e Use Get, not Head for channel page
25dc06d9a9 Replace legacy ReplicationController with Deployment
4b2777b55f Expand docker upgrade test, sunset E2E upgrade test
cf90ac502d Add firewall section to check-config.sh (#13390)
a6c6cd15c0 Fix panic in test cleanup when client is unset
6840e435cd Fix event strings
2ac57a7e2c Fix prometheus metrics parsing
3943327933 Bump kubernetes v1.35.0 and golang v1.25.5
e060c0b18f Bump actions/upload-artifact from 5 to 6
650fed932d Validate collected files for release
7806fa6b9c Move sha256sum from workflow to script
d3732ec3fc Combine airgap and binary publishing steps
7c6c338e2f Fix release workflow
b27276dc81 Add job to lint all workflows on change
61e248b04c Reduce image pull spew
a5ab12b82c Reuse airgap workflow in release
d0052281a9 Fix arm airgap platforms
4116b53e86 Override DefaultHelmJob at build time (#13351)
c0b1314d15 Bump kine to v0.14.9
463678586d [main] Update to v1.34.3-k3s1 and Go 1.24.11 (#13308)
f223247d63 Pass platform option to `docker save`
b4b33afbde Bump kube-router to v2.6.3-k3s1
764e98cbb4 Bump kine to v0.14.8
613a5e4787 Bump runc to v1.4.0
aaa7fa237b Bump kine and etcd
d337570de1 Fix inconsistent curl flags in tests
c3ca02aa75 Move embed into separate package from executor
d582a0da84 Reorganize flannel consts and fields
d1989567ea Use patch helper for secrets-encryption labels and annotations
1cb80fbe75 Use patch helper for spegel annotations and labels
57210b87cc Use patch helper for node labels and annotations
713cf8fbde Use patch helper for etcd labels and annotations
2b39b6808a Use patch helper for etcd member controller
785cfad963 Use patch helper for etcd snapshot annotation patch
ceebaade3e Add JSON patch helper
efcf8eb7ac Move embedded flannel and vpn config setup into embedded executor
ec3cc04214 Move CNI execution into executor
b7ca944774 Move etcd metrics to separate package
543b6307a6 Define DefaultHelmJobImage in K3s, overriding what helm-controller defaults to. (#13258)
0d39c86b5c Move from ranchertest to mirrored-busybox
cd08e731f6 Fix naming convention for docker test import
572cc8e2bf Consolidate RunCommand between Docker and E2E tests
e3cc61c43c Update kube-router to v2.6.2
8e0676ad46 update busybox image version to 1.37.0 (#13237)
68749aac76 Bump actions/checkout from 5 to 6 (#13256)
96ed4393c1 Remove remaining references to drone
1262649fda update channels to 1.33.6 (#13246)
3de08883f7 Bump opencontainers/selinux
f726966062 Clean tools from runners before tests
74088f5175 Use docker containerd snapshotter for stable image digests
f783052df2 Fix airgap-extra-registry flag
af441c29a0 Add test for sharing imported images by digest
1037dcbff4 Add digests and source labels for imported images
9806524a48 Fix spegel ready checks to give server more time to find a peer
f0d54528d0 Stop waiting on CRI ready if context is cancelled
871094b5c6 Add multus e2e test
913005658c tunnel: handle pod IP reuse (#13212)
ed57fb5e61 Fix windows build os (#13201)
c86b66d05c Add id-token (#13209)
3cdb5f8cf5 Update to v1.34.2-k3s1 and Go 1.24.9 (#13204)
8215b940e3 Bump klipper-helm and helm-controller (#13187)
3530ab5915 Fix tailscale setup in case of an already running configuration
7146e2000e Fix apiserver starting before remote etcd is up
8f781acff4 [main] Add Prime assets upload (#13160)
858b109b92 Fix adding OwnerReferences to Nodes seen from initial list
e438a3c1a0 Bump containerd to v2.1.5
a2663f8884 Bump remotedialer to fix deadlock on connection close
fdc356a9ce Bump runc to v1.3.3
b8f6f958c8 Streamline E2E startup test (#13137)
b9e90d3e51 Don't look at head for upgrade channel (#13130)
2459bf7c84 Bump actions/upload-artifact from 4 to 5 (#13104)
72ca761529 Migrate Docker Image publishing to GitHub Actions
19e8f83d1d Only run arm64 and amd64 test stage on drone tags
e1238095f0 Bump kine to 0.14.6
9e1003029c Bump actions/download-artifact from 5 to 6
602d43081e Migrate dispatch pipeline into GitHub Actions (#13105)
d8790220ff Move node password secrets into dedicated controller
139d64c129 Create node-password secrets with custom Type
d622b18c20 Remove node password file migration code
0d9ef273d8 Remove node addresses from filter when node is deleted
171644cf0c Replace raw ListWatch with NewListWatchFromClient
d50a4a894e Fix invalid replaced versions
92a0b7eec2 Bump helm-controller/klipper-helm
cfcc9ef65e Add docker dualstack test (#13070)
5aca8e24b1 Update dispatch script (#13079)
6381cad10f rootless ports: add support for udp
517df31f65 Fix postgres DB container args for nightly conformance (#13069)
481cd6002a Bump ossf/scorecard-action from 2.4.2 to 2.4.3 (#13026)
65932372c7 Bump github/codeql-action from 3 to 4 (#13065)
989c07f6a2 Bump actions/stale from 10.0.0 to 10.1.0 (#13025)
24dda29fb8 Cleanup wording and decisions on various ADRs (#13068)
0e5bc29d34 Bump kine for idle progress fix
e8e76e3cf3 move to 1.13.1
1511d362a4 Bump coredns to v1.12.4
701cc35b7a Bump kine=v0.14.4, etcd=v3.6.5
6ba8efd7a1 create policy hint only when all variables defined
09762a57df Update flannel, kube-router and cni plugins
ef6d6f4c36 Bump kine for postgres object count fix
89adabb672 Drop calls to rand.Seed
3190f30de8 Update stable channel to v1.33.5+k3s1 (#13017)
7a41cce152 Fix ability to rotate server token to an invalid format
565d50a3b1 Create dynamic-cert-regenerate file in CA cert rotation handler
6edbae331b Fix bootstrap charts
9a6f602c75 Fix handling of vendored dependencies in version script
39d89153da fix: default forward after override imports
59b4a9d738 Bump kine to v0.14.2 for schema fix
09845c9f00 Bump traefik to 3.5.1 (#12948)
d6e84ba2d1 Fix kine metrics registration without --kine-tls
a26fd3ba4d Disable metrics test pending resolution of upstream issue
1026725896 Enable debug logs for embedded mirror e2e
8347597031 Bump spegel to v0.4.0
ade82387f7 Inclusive naming proposal (issue: #12110, Orlin Vasiliev) (#12383)
1e45f1de72 Bump actions/stale from 9.1.0 to 10.0.0 (#12878)
908a0b91dc Fix install script raspi cmdline message (#12842)
3854eb56d4 Run upgrade test in dedicated drone step
5b19165e9e Fix pods readiness tests
a0ce2aaeaf Add sequential split-server test
bfdcc7bcc8 Fix etcd member promotion
626178624f Bump aquasecurity/trivy-action from 0.32.0 to 0.33.1 (#12879)
14e919804d Fix garbled CLI (#12899)
4974fc7c24 Use sync.WaitGroup to avoid exiting before components have shut down
7e028854e7 Fix signal handling when pid 1
274498fb4d Add pkg/signals for signal handler setup
b61d6f3b81 Transfer cluster leadership before removing leader member
659f2a7014 Fix perpetual etcd member removal
a7d3c8559f Fix IPv6 handling for loadbalancer addresses
07d0711e5a Update hardened script for cis-1.11 (#12912)
0136cf2589 Remove NetworkManager check for nm-cloud.service
2f6283a92c chore: Bump Klipper Helm and Helm Controller version
9c6d0eb5cd Bump actions/github-script from 7 to 8 (#12881)
1b98629b2c Bump actions/setup-go from 5 to 6 (#12880)
bdb92296a5 Bump dynamiclistener for secret sync fix
67c23a20e3 Update to v1.34.1 (#12897)
7e253dbf02 Fix netpol fatal error when changing node IP
b3ac144e2d Move data dir into position before creating CNI symlinks
857412ae58 Add 1.34 release channel
a64d872c13 Add opencontainers/runc pin
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 2704c23f
---------------------------
docker-distribution: update to v3.0.0
Bumping distribution to version v3.0.0-157-gbd213792, which comprises the following commits:
33240507 chore: fix typo in comment
33bb5f60 build(deps): bump docker/bake-action from 6 to 7
6b6081e3 build(deps): bump docker/setup-buildx-action from 3 to 4
d56f9dae build(deps): bump docker/metadata-action from 5 to 6
887c2272 build(deps): bump docker/login-action from 3 to 4
d1f8bd9c build(deps): bump github/codeql-action from 4.32.2 to 4.32.5
021b69d5 fix: nil-check scheduler in `proxyingRegistry.Close()`
2957c891 fix: set MD5 on GCS writer before first `Write` call in `putContent`
fca6b9f8 build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0
eba1fb48 vendor: github.com/docker/go-events 605354379745
01a853e4 go.mod: remove outdated comment
2a52e901 vendor: github.com/go-jose/go-jose/v4 v4.1.3
3e841a3d vendor: github.com/spf13/cobra v1.10.2
10e0e8e4 vendor: github.com/bshuster-repo/logrus-logstash-hook v1.1.0
d2398c56 vendor: github.com/klauspost/compress v1.18.4
c4a0bd3f vendor: github.com/opencontainers/image-spec v1.1.1
f18b8d70 fix "prealloc" linting
775d3734 modernize code
abc9debf vendor: github.com/docker/docker-credential-helpers v0.9.5
b4f2af3f fix: sync parent dir to ensure data is reliably stored
5ddf7898 use filepath instead of path
9b79cf51 vendor: golang.org/x/oauth2 v0.35.0
ae7c498d vendor: golang.org/x/time v0.14.0
87a9711c vendor: golang.org/x/crypto v0.48.0, golang.org/x/net v0.50.0
aebf0612 vendor: golang.org/x/text v0.34.0
3e3e1539 vendor: golang.org/x/sys v0.41.0
00464063 vendor: github.com/sirupsen/logrus v1.9.4
f5d656e6 drop support for go1.23
60d2cd5c update to go1.25.7, alpine 3.23
efd7ffb9 Dockerfile: update tonistiigi/xx v1.9.0
f5e1a893 update golangci-lint to v2.9 and fix linting issues
9e377670 build(deps): bump github/codeql-action from 4.31.10 to 4.32.2
abcf7ebe fix: prefer otel variables over hard coded service name
3658dc56 build(deps): bump actions/checkout from 6.0.1 to 6.0.2
a89f0a40 build(deps): bump github/codeql-action from 4.31.3 to 4.31.10
0db7f0ce fix(ci): Fix broken Azure e2e storage tests
31a63333 Add Cloudfleet Container Registry to adopters
33dab393 Expose `useFIPSEndpoint` for S3
75a14d4d Add boolean parsing util
1ad03da6 fix: Logging regression for manifest HEAD requests
a260baf2 build(deps): bump actions/checkout from 6.0.0 to 6.0.1
b256f39b build(deps): bump actions/upload-artifact from 4.6.2 to 6.0.0
f1e4ae3d add return error when list object
d2b3a1fe build(deps): bump actions/checkout from 5.0.1 to 6.0.0
f7d65991 build(deps): bump actions/checkout from 5 to 6
c7da31eb "should" -> "must" regarding redis eviction policy
64f4511a refactor: remove redundant variable declarations in for loops
e0cb1712 build(deps): bump github/codeql-action from 4.30.9 to 4.31.3
ce3fa7fc Fix notification filtering to work with actions when mediatypes is empty
f1323c5b fix(proxy): sanitize challenge URL logs using Redacted()
6f719029 build(deps): bump github/codeql-action from 4.30.8 to 4.30.9
edde36cd feat(registry): Make graceful shutdown test robust
2f1a51dc client: add Accept headers to Exists() HEAD
b1c0fc55 Incorrect warning hint * Fix incorrect (old) warning hint
864a3212 build(deps): bump peter-evans/dockerhub-description from 4 to 5
8a5addfc Update the docs with correct information
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d5ffe93d
---------------------------
oe-go-mod-fetcher: fix pseudo-version tag assignment in SRC_URI
Go's module cache .info files store Origin.Ref as the "nearest tag"
used to derive pseudo-versions (e.g., v0.0.0-20190215142949-d0b11bdaac8a
stores Ref: "refs/tags/v0.3.0"). This ref is NOT a tag pointing to the
pseudo-version's actual commit - it's just metadata about the base version.
The generator was blindly using this ref as tag=v0.3.0;shallow=1 in
SRC_URI entries. BitBake resolves the tag to one specific commit, finds
it doesn't match the rev= parameter, and fails with:
FetchError("The revision the git tag 'v0.3.0' resolved to didn't match
the SRCREV in use...")
This caused multiple SRC_URI entries for the same repo (e.g.,
go.googlesource.com/sys) to all claim tag=v0.3.0 but with different
rev= values - only one could possibly be correct.
Fix by detecting pseudo-versions via parse_pseudo_version_tag() and
clearing the ref_hint so these entries use nobranch=1 without a tag,
falling back to full clone by commit hash. Tagged versions (real
releases) correctly retain their tag= parameter for shallow clones.
The docker-compose .inc files are regenerated with the fix applied.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c5efa4ec
---------------------------
docker-compse: update to v5.1.0
Bumping compose to version v2.26.1-948-ge8c214349, which comprises the following commits:
e8c214349 build(deps): bump github.com/moby/moby/client from 0.2.2 to 0.3.0
0ffb17117 build(deps): bump golang.org/x/sync from 0.19.0 to 0.20.0
eb6afa8d3 build(deps): bump github.com/containerd/containerd/v2
79d4fe3c1 build(deps): bump golang.org/x/sys from 0.41.0 to 0.42.0
d7ec1eca9 update to go1.25.8
ffa8576d9 build(deps): bump github.com/moby/moby/api from 1.53.0 to 1.54.0
4915b775e fix: only pass ConsoleSize to ExecAttach when TTY is enabled
85d6770b7 Fix panic when watch rebuilds without up
81d7d3c60 fix: execute post_start hooks in docker compose run
f9828dfab modernize some code
da691c7cc pkg/compose: un-export consts
fefdc9522 pkg/compose: defaultNetworkSettings: slight refactor
08c32e903 pkg/compose: defaultNetworkSettings: return early for unsupported feature
bdb630fb8 pkg/compose: format layer push progress
3697b128a pkg/compose: format layer pull progress
b285e4897 pkg/compose: remove unused consts
8193d86d2 pkg/bridge: remove uses of go-connections
bfb5511d0 go.mod: bump github.com/moby/moby/api v1.53.0, moby/client v0.2.2
7abaa0661 build(deps): bump go.yaml.in/yaml/v4 from 4.0.0-rc.3 to 4.0.0-rc.4
3b0e8f538 build(deps): bump golang.org/x/sys from 0.40.0 to 0.41.0
af376603c update to go1.25.7
7f8814f4c Fix invalid path error when using OCI artifacts on Windows
af0029afe ci: use bin-image edge tag directly for e2e tests
b76feb66e ci: fix missing dependency on bin-image job
9dc7f1e70 ci: use docker/github-builder to build, sign and push bin image
03205124f ci: use docker/github-builder to build, sign binaries
8b769bad6 pkg/compose: remove dependency on github.com/docker/buildx/driver
671507a8b fix panic
56ab28aef compose: recreate container when mounted image digest changes Until now, mustRecreate logic only checked for divergence in TypeVolume mounts but ignored TypeImage mounts. This inconsistency caused containers to erroneously retain stale images even after the source image was rebuilt. This commit updates ensureImagesExists to resolve image volume sources to their digests using the official reference package. This enables ServiceHash (config hash) to naturally detect underlying image digest changes, triggering recreation via the standard convergence logic. An E2E test case is added to verify this behavior. Fixes #13547
e7d870a10 update to go1.25.6
d5bb3387c Fix potential nil pointer dereference in container event monitoring
d91fc6381 Upgrade GitHub Actions to latest versions
c51b1fea2 replace some uses of strings.Split(N) for strings.Cut
fa7549a85 Dockerfile: update golangci-lint to v2.8.0
a061c1773 fix: emit container status events after network reconnection
c5e7d9158 update to go1.24.12
3783b8ada fsnotify is set in Dockerfile
c428a7711 set fsnotify build tag when building for OSX
04b4a832d chore(lint): add forbidigo rules to enforce t.Context() in tests
27faa3b84 test: replace os.MkdirTemp with t.TempDir()
bcc0401e0 test: replace os.Setenv with t.Setenv()
093205121 test: replace context.Background()/context.TODO() with t.Context()
b92b87dd9 fix: robustly handle large file change batches in watch mode
06e128748 fix: update github.com/moby/term to indirect dependency
d7bdb34ff refactor(attach): remove unused stdin from getContainerStream
79d7a8acd refactor(attach): simplify attachContainerStreams signature
abd99be4f refactor(attach): remove unused detach watcher and keep attach behavior
2672d3421 Improve error handling in attach.go
27bf40357 Bump compose to v2.10.1
c8d687599 Fixed progress UI to adapt to terminal width
2f108ffaa handle healthcheck.disable true in isServiceHealthy
0a07df0e5 build(deps): bump github.com/sirupsen/logrus v1.9.4
02b606ef8 use go-compose instead Signed-off-by: tensorworker <tensorworker@proton.me>
985680294 fix: expand tilde in --env-file paths to user home directory
63ae7eb0f Replace tabbed indentation in sdk.md
f17d0dfc6 build(deps): bump github.com/go-viper/mapstructure/v2
ef14cfcfe build(deps): bump google.golang.org/grpc from 1.77.0 to 1.78.0
b760afaf9 refactor: extract API version constants to dedicated file
a2a5c86f5 build(deps): bump golang.org/x/sys from 0.39.0 to 0.40.0
98e82127b build(deps): bump github.com/containerd/containerd/v2 to v2.2.1
03e19e4a8 go.mod: remove exclude rules
b2c17ff11 build(deps): bump github.com/klauspost/compress to v1.18.2
ec88588cd Removed build warning when no explicit build has been requested.
7d5913403 add service name completion to down command
d95aa57f0 fix: avoid setting timeout when waitTimeout is not positive
ee4c01b66 fix: correctly use errgroup.WithContext
d7a65f53f fix: correct typo in isSwarmEnabled method name
4520bcbaf fix: clean up temporary compose files after conversion
327be1fcd add unit test
59f04b85a remove duplicated version field
b4574c8bd do not strip build metadata
29d6c918c use github.com/docker/docker/api/types/versions for comparing versions and store plugin version obtained by pluginManager in newModelAPI
58403169f Only append RuntimeFlags if docker model CLI version is >= v1.0.6
6aee7f837 gets back runtime flags when configuring models
c89b8a2d6 warn user no service has been selected to build
aec9f5417 check model plugin is successfully loaded and store version
232197d36 build(deps): bump github.com/moby/buildkit from 0.26.2 to 0.26.3
81ba889be build(deps): bump tags.cncf.io/container-device-interface
8e5b25c0f Restored support for BUILDKIT_PROGRESS.
d4c198763 Prevented incorrect progress metrics to break compose display.
1297f97ae prefer aec library over raw ANSI sequences
55cded180 Avoid reassigning err variable
6c043929a Fix missing error handling in setEnvWithDotEnv
275033056 doc: do not mention v2 on README
e22426443 Introduced fsnotify build tag to select watcher implementation
6599f8ad8 add 'configured' event at the end of model configuration phase Currently when using models, the final message is 'confugiring' which could let users think the DMR configuration is still pending
3853ad391 prefer *task for memory efficiency updating tasks
02008a009 Restored image layer download progress details on pull.
4f419e509 build(deps): bump golang.org/x/sync from 0.18.0 to 0.19.0
b62cbed87 Fixed status alignment in progress UI.
aa9a71f37 run finalization synchronously
ac211e6e5 build(deps): bump github.com/docker/cli-docs-tool from 0.10.0 to 0.11.0
778a627b8 Set Go min version to absolute minimum version required
359d2f076 ci: use .go-version file for actions/setup-go
c9e0d83e1 ci: upgrade actions/setup-go from v5 to v6
3e206fdcc build(deps): bump golang.org/x/sys from 0.38.0 to 0.39.0
d12947e9f Fixed broken run --quiet.
0878c59a7 chore: fix grammatical errors and improve clarity in code
c0345e4f4 restore support for COMPOSE_COMPATIBILITY
9fada6cc2 Bumped build images: tonistiigi/xx:1.9.0, crazymax/osxcross:15.5
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c7aaf143
---------------------------
moby: update to docker-v29.3.0
Bumping moby to version docker-v29.3.0-46-g1da6517e1a, which comprises the following commits:
da4a6385e6 client: New: ignore nil-Opt instead of panicking
fd8c58b1dc chore(deps): update docker/buildx-bin docker tag to v0.32.1
4e3929c00c fix "make validate"
ed24fb9f77 client: fix "gosec" linting false positives
571080854b client: go fix
7a2c307dee daemon: fix QF1012: Use fmt.Fprintf(...) instead of WriteString(fmt.Sprintf(...))
2058a7e917 golangci-lint: ignore "G120: Parsing form data without limiting request body" in tests
64cd0966df golangci-lint: ignore "G101: Potential hardcoded credentials' in tests
aecf26ec02 client: go.mod: remove patch version
df294b20dd api: go.mod: remove patch version
44e1ccd0a3 client: add missing doc comments to config, secret, and node types
63fcb9ff6f client: add missing doc comments to container copy types
e0e4afd325 client: add missing doc comments to image tag, build cancel, and info types
a722b68f5c api/types/network: use blackbox testing for ports
91f3ec65e6 api/types/network: Port, PortRange: update godoc for "String()"
19ef53a52f api/types/network: add Port.Port()
4c24542e95 api/types/network: Port,PortRange: don't panic on zero values
d2bfe414bd client/internal/mod: also consider main module
835a376948 client: set default user-agent based on module version
1bb13378c5 client: update examples
6c0524748e vendor: github.com/containerd/containerd v2.2.2
011c4451b4 go.mod: add back replace rules
143022931e Dockerfile: update containerd to v2.2.2
c266b4fe9b update to go1.25.8
2f457226ae hack/test/unit: avoid unbound pkg vars with set -u
588e5adf41 bugfix: handle duplicate exit events via task status
e064824bbf ci: module-replace: ignore Dockerfile for api changes
fe8c9d94c4 vendor: github.com/containerd/ttrpc v1.2.8
5af43607b0 vendor: github.com/moby/moby/client v0.3.0
36771868a6 vendor: github.com/moby/moby/api v1.54.0
4569055e13 Drop replace rules
2fa6029be4 network/connect: Support MacAddress
5db1685516 daemon: add regression test for getSourceMount
71c48150eb gha/labeler: Remove *_test.go from area/testing label
13a8626eeb daemon/devices: Turn RegisterGPUDeviceDrivers into func
561a5a9b36 Use CDI for GPU injection for AMD devices for --gpus
23b30dc35d vendor: update buildkit to v0.28.0
e5a54400b5 chore(deps): update crazy-max/ghaction-github-runtime action to v4
36b2266e75 internal/testutil: drop semconv dependency
5e87fcdc73 Update cloudflare/circl to v1.6.3
17aa4f26e7 client: remove WithAPIVersionNegotiation from example
7bf688478b client, api: add back replace rules
e04bd2649e Rename disk usage properties in v1.54.yamlBackport c07043e36f11c060992fb11b2ca3aa8200c393b4 to api/docs/v1.54.yaml.
5272ef1422 Backport c07043e36f11c060992fb11b2ca3aa8200c393b4 to api/docs/v1.53.yaml.
076100ddcc Backport c07043e36f11c060992fb11b2ca3aa8200c393b4 to api/docs/v1.52.yaml.
c07043e36f Fix /system/df in swagger.yaml.
425bc6efcb integration/image: pull ppc64le and s390x in TestSaveAndLoadPlatform
36a89adc82 integration/capabilities: Switch to debian:trixie-slim
5f63e8548e integration/container: use page-aligned shm size to fix test on ppc64le
f966ff43e3 vendor: github.com/moby/moby/client v0.2.3-rc.1
6e4c253e04 vendor: github.com/moby/moby/api v1.54.0-rc.1
badfa8b3ae Drop replace rules
74ad89c189 api: Cut v1.54
57e197fd21 chore(deps): update github artifact actions
be312cbe79 fix(deps): update module golang.org/x/net to v0.51.0
4e606a0154 gha/vm: Limit to cgroup-related integration packages
1433bee87d image: refresh identity cache entries before expiry
59bf6b30c1 image: add identity cache backend walk and prune expired support
ab58f4fa4a vendor: update buildkit to v0.28.0-rc2
3aef780b0a image: identity unit and integration tests
fae834d543 image: warm identity cache on image changes
2ba7c77be1 image: cache image identity signature lookups
e22eb8cb2d image: move image identity logic to dedicated file
6d133c5ec6 image: add opt-in identity support to image list API
434b8a2a51 chore(deps): update docker/compose-bin docker tag to v5.1.0
dbc13e8e43 fix(deps): update module github.com/containerd/cgroups/v3 to v3.1.3
b6073b1016 fix(deps): update aws-sdk-go-v2 monorepo
205266169b fix(deps): update module github.com/godbus/dbus/v5 to v5.2.2
90b19dc740 fix(deps): update opentelemetry-go monorepo to v1.40.0
40f06bf418 Reapply: daemon/command: add support for sd_notify "reload" notifications
2ac82f44af container/prune: Don't fail early on layer size errors
989e590f52 vendor: update buildkit to v0.28.0-rc1
0e7c8176e8 api/types: add MediaType pseudo-type, and touch-up docs
0d4d067f68 client: fix some comments
2283e0351c daemon/server/httputils/logstream: Write: tidy-up stream handling
b55842c85f daemon/server/httputils/logstream: Write: handle context cancellation
d593a7b427 daemon/server/httputils: move WriteLogStream to its own package
f9a213ffc4 client: Client.Events: prefer json-lines, ndjson over json-seq
41e7a3de0a client: container, service logs: skip "tail" parameter if not needed
35fdcb802c api: improve, fix content-negotiation for /events endpoint
dff0d87430 daemon/server/httputils: contenttype package and MatchAcceptStrict utility
99add78b1f daemon: send systemd READY=1 after API serve loops start
320b010add api/docs: add "platform" param for `GET /image/{name}/json` (API v1.49-v1.53)
927d7d1045 api: swagger: document "platform" param for `GET /image/{name}/json`
71b5e2cc7d daemon: CDI: fix missing error in logs
aa011fc482 daemon: fix spurious "ShouldRestart failed" warning on shutdown
5f3c4002bd daemon: fix "Daemon shutdown complete" log arriving too early
be32017b9d daemon/containerd: don't log warning for stopped containers on startup
a436529bbc libnetwork: nftabler.Cleanup: pass context and make logs more useful
78d8942c66 daemon/logger: cleanup some tests
a2edf4798d client/pkg/streamformatter: refactor
81414a6eb1 client/pkg/streamformatter: use blackbox testing
5f10e5fdfa client/pkg/streamformatter: add TODO for NewLines option
dee810c0dc client/pkg/streamformatter: jsonProgressFormatter: remove unused code
fe6838cf4c client/pkg/streamformatter: optimize appendNewline
71025997bc client/pkg/streamformatter: remove redundant nil check
cf4d504c29 client/pkg/streamformatter: fix faulty TestNewJSONProgressOutput
e3e1167c00 client/pkg/streamformatter: remove redundant cmp-opts in test
21706fb5cd client/pkg/progress: reduce some wrapping
8b4edd73b3 client/pkg/jsonmessage: make DisplayJSONMessages accept a iter.Seq2
eb14c7bfd8 daemon: Daemon.getInspectData: unify platform-specific fields
d71f8560e4 daemon: remove obsolete warning for legacy "overlay"
f96921e5e5 api: lower default minimum API version to v1.40
e2fad779f7 api: restore support for API v1.41, v1.42, and v1.43
225a61e5f0 integration: raise timeout for "vm" tests
9eb56a9225 client/internal: export stream type
e30b1d5495 daemon: Fix DNS config corruption on reload
c5a0bfd9ff client/pkg/jsonmessage: fix typo in godoc
bdede35717 api/types/jsonstream: add sanity-check for Message marshaling
d00882aff2 api/types/jsonstream: prevent panic on nil-Error
02c0f96405 hack/dockerfile: fix tini build with newer CMake versions
254158991a daemon: remove deprecation warning for "windows-dns-proxy" feature flag
9d77f4a0e4 daemon/container: Container.TrySetNetworkMount: use switch
9a9106b71a api/types/swarm: PortConfig: add Compare method
7cfe94a34e daemon/libnetwork/osl: don't chain "WithXXX" for logs
b7a404d94d migrate TestSwarmCAHash to Integration Test
fadc29b86f libnetwork: send neighbor advertisements on restore
21d383fca5 modernize: waitgroup
9e093be715 daemon: Daemon.loadContainers: use WaitGroup.Go
62f1a1772c daemon/internal/metrics: CleanupPlugin: use WaitGroup.Go
cc5d36b2db daemon: Daemon.restore: use WaitGroup.Go
c6ca7d49f9 Revert "daemon/command: don't make notifyReady(), notifyStopping() asynchronous"
5bdfdc0919 Revert "daemon/command: send notifyReady, notifyStopping synchronous"
ddb636c2bd Revert "daemon/command: add support for sd_notify "reload" notifications"
538c494d2b daemon/containerd: singlePlatformImage: remove contentStore arg
a85d62fdfa Makefile: fix DOCKER_LDFLAGS example
34653f13ee daemon/libnetwork: update go:generate import paths
786528f38f integration/daemon: remove stray "import" comment
c59fad9140 fix(deps): update github.com/moby/policy-helpers digest to 824747b
fea88ec7da daemon/internal/metrics: CleanupPlugin: minor cleanup
eda57913fc daemon: NewDaemon: update log that chained "WithField"
f3fae5d18c daemon: Daemon.restore: pass through context to daemon.register
53232b1319 daemon: Daemon.restore: use correct logger
3ba816f747 daemon: Daemon.restartSwarmContainers(): reduce nested if
107724f022 Remove direct dependency on code.cloudfoundry.org/clock
146c702f24 Fix missing error check in ContainerTop on Windows
381ca65f34 vendor: golang.org/x/oauth2 v0.35.0
9db7dfa93b vendor: golang.org/x/tools v0.42.0
fa509b5b4a vendor: golang.org/x/mod v0.33.0
05918ae874 vendor: golang.org/x/net v0.50.0
873288917c vendor: golang.org/x/crypto v0.48.0
a464d5ce05 vendor: golang.org/x/term v0.40.0
c69b6a1ea1 vendor: golang.org/x/text v0.34.0
641cf3c34e vendor: golang.org/x/sys v0.41.0
8e5c906a3c daemon/internal/builder-next: add executorOpts struct
52c122b7f1 Dockerfile: update docker CLI to v29.2.1
39d5be178b builder-next: prevent "invalid IP" used for DNS
9e172b47d4 builder-next: remove some intermediate vars
f758cf5f00 builder-next: close boltdb instances on error
83b04feb86 daemon/volume: cleanup some logs
7fef0b66f6 daemon/volume: don't print warnings for non-volume directories
d9f16785f9 daemon: warn for unmet system requirements after service registration
8ba81896fb daemon: CheckSystem: use sync.OnceValue
b8c6046f74 daemon: allow service registration on Windows with missing system dependencies
5bb55365c5 forwardExtDNS: Don't cancel context then use it
b29dbcf5ca migrate to github.com/pelletier/go-toml/v2
c50290185f vendor: github.com/mistifyio/go-zfs/v4 v4.0.0
52836336a9 daemon/container: Container.Reset: use early return
80bfc74230 daemon/container: Container.Reset: use structured logs
7378207260 daemon/container: Container.Reset: remove "lock" argument
1b9e1c8add daemon: fix getSourceMount to handle multiple mounts at same path
Bumping docker-cli to version v29.2.1-10-gdf016a3a9, which comprises the following commits:
5eb91665d docs: fix typos
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 2ebabffe
---------------------------
crun: update to 1.26
Bumping crun to version 1.26-160-g393509db, which comprises the following commits:
0a3e929f utils: fix memory leak and missing cache in libcrun_initialize_apparmor()
63ce25da container: delete the container on poststart hooks failures
b0847b3e Document error handling
cf27a14b fix(utils): use parent dir fd for bind on long socket paths
aca98960 fix(hooks): log warning when poststop hooks fail
115ac2e6 cgroup: preserve errno on errors in rmdir_all_fd
4db1709f libcrun: check setenv failure
8feac6b9 fix(utils): retry fgetpwent_r() on EINTR
52b7016f pass cgroup2 mount options to the kernel
30426104 tests/podman: exclude --tls-details tests
6e43ff33 tests/podman/run-tests.sh: fix ginkgo args
fa7a5561 tests/podman/run-tests.sh: untangle -skip arg
3a1addc7 fix(python): initialize error variable to NULL in Python bindings
00206a80 channel_fd_pair: fix CPU busy loop when output pipe is blocked
dbd02baa criu: show excerpt from log file on c/r error
34143735 hooks: allow ignoring chdir permission errors for container hooks
11af5b2d crui: simplify criu_check_mem_track error message.
8d0ef603 container: remove dead code in setup_terminal_socketpair
6c5c957e container: fix createRuntime hooks not receiving bundle path
d24d0283 criu: check for criu_check_version error
3ade23f4 plans: install iptables-legacy on CS9
3e41e53b Packit/TMT: re-enable centos-stream-10-x86_64 tests
c46a44a8 restore: fix memory leak
7cec3cb2 build(deps): bump actions/upload-artifact from 6 to 7
4e0e2679 mounts: fix error message argument
be231d3c ci: bump shellcheck to v0.11.0
b36ec403 ci: fix go-md2man installation
35648b9b tests: switch from docker hub to quay for Fedora
5002665f tests/clang-check: install clang-analyzer
bdf9c902 status: drop unnecessary strtoll
11701f43 criu: fix missing umount() in error path
314c2efa utils: refactor set_home_env
aecd620a libcrun: document vfork shared error
04d7a341 cloned_binary: do not close file descriptor twice
3f72f325 ci: simplify codespell job
47c36ca5 linux: do not use errno after success
a278c6d1 linux: drop unnecessary xasprintf result check
3e313388 linux: do not leak error
434d77cb cgroup-systemd: do not use errno after success
335792b1 scheduler: add diagnostic messages for SCHED_DEADLINE
4db170c5 criu: do not ignore errors with ret != -1
036132e2 cgroup: do not clobber errno
1649a4d3 container: do not use bogus errno
2e527065 linux: do not use errno without failure
a0be577a tests/podman: exclude ever failing test case
e38674bc linux: fix copy_from_fd ownership
8fa73419 linux: drop unnecessary code
60d8a60e linux: do not leak error
9a232317 utils: do not use errno after success
d5b20987 container: do not use errno after success
e2c09bfd ci: use git diff --exit-code
f1c6ca6a ci: fix test (check) flake
69d39045 linux: create error from uidgidmap_helper
1492e83c cgroup: fix read_pids_cgroup skipping child cgroups
c5879bab container: make return clearer
a154b398 container: return the error from cgroup_killall
899b9faa seccomp: fix n_plugins calculation
463e277a krun: Rename nitro module to awsnitro
b32f895b container: fix exit code return
a6023b10 container: add missing crun_make_error
52294f84 libcrun: standardize error code after yajl_gen_alloc
59da15f3 container: add missing yajl cleanup
5082e02d container: do not leak error
a83a4cf9 container: improve error handling after libcrun_copy_config_file call
6733e20c linux: use crun_error_wrap
0f367791 container: do not use errno after successful calls
29bb32d8 linux: do not use errno after successful calls
e7ffed11 krun: fix error arguments
34c1e098 krun: avoid redundant crun_error_release() call
dedcdd67 krun: do not release error when *err is uninitialized
671740dd krun: fix error code
1644fb0e container: fix error leak
649d568a krun: fix error return
41a14fe8 krun: Propagate crun log level to libkrun
2bff1297 libcrun: add `krun.` as a potentially unsafe annotation
41941f2c krun: parse annotations for krun.{cpus, ram_mib}
625226de krun: parse annotations for krun.variant
f311dc07 Add handler phase HANDLER_CONFIGURE_BEFORE_USERNS, and move krun setup to it
488f301d linux: check for def->linux
b1a71725 linux: check for [ug]id_mappings before accessing them
df771204 krun: Set exec args when running nitro variant
b78e9868 krun/nitro: Redirect enclave VM output to stdout
bf288342 krun: Remove specific function for nitro config
8e8186b3 hooks: exit immediately if poststart hooks fail
88f55126 AGENTS.md: new file
71077a22 utils: flush gcov data before closing files
3241e671 NEWS: tag 1.26
5bee6a06 utils: handle NULL container passed to libcrun_open_proc_file()
4df0d339 cgroup: rename enter_cgroup_subsystem
6c98db0b tests: add tests for crun custom annotations
29a39ebf tests: add cgroup unit tests for coverage
3ef2a77f tests: add more utils unit tests for coverage
87997df0 tests: add seccomp_notify unit tests for coverage
890fff10 tests: add chroot_realpath unit tests for coverage
440e3b09 tests: add mount_flags.perf unit tests for coverage
869343fb tests: add signals.perf unit tests for coverage
2a3193ab tests: add logger info to checkpoint_restore
72793562 tests: add linux.c integration tests for coverage
1407bb39 tests: add linux.c unit tests for coverage
638266c7 tests: add error handling coverage tests for linux.c
b18734b5 tests: add namespace coverage tests for linux.c
8a26d6ba tests: add comprehensive tests for custom-handler.c
a968a262 tests: add more unit tests for error.c coverage
935eb0c7 tests: improve error logging and add more coverage tests
035f2a07 tests: ignore profiling output in test_simple_delete
b9781954 tests: fix memory-high test to use unified resources
1bbe7e22 tests: add more seccomp tests for coverage
07d6400b tests: add error handling tests for coverage
422f4b87 tests: skip mount-bind-to-rootfs in rootless mode
5cad31a4 tests: improve sd-notify-proxy test error handling
bc91dd35 tests: fix checkpoint/restore tests for stability
f5e6c330 tests: add Linux features tests
58e00a52 tests: add I/O priority tests
ae06b46c tests: add create command tests
1e5f7ec5 tests: add cgroup setup tests
89b124e0 tests: add namespace isolation tests
14dcfea1 tests: add scheduler policy tests
7543b013 tests: add comprehensive OCI lifecycle hook tests
1404ccaa tests: add terminal tests for coverage
5ce5ad6d tests: add comprehensive update command tests
6a3fdc16 tests: add command tests for pause, unpause, kill, list, ps, spec
2959911b tests: skip resources-cpu-weight-systemd when systemd cgroup fails
90d6390c tests: skip bpf-devices-systemd when eBPF installation fails
cfe9a063 tests: fix variable names in test_bpf_devices logger calls
3f73b0f2 tests: add more seccomp tests for coverage
ec0f5cf8 tests: add network device tests for coverage
24f2491c tests: add more BPF device filter tests for coverage
360406d7 tests: add cgroup resources tests for coverage
ba669d8e tests: add cgroup manager env var support
06541b69 tests: add multi-environment coverage script
f9385a6c tests: remove unused Makefile
bab81968 tests: add exit command to init
49e080a1 coverage: add _safe_exit macro to flush gcov data before _exit
26900326 criu: fix error release
2805abde container: fix error release
1b8e2a39 crun.1: add documentation for criu config files
ec7325a3 tests: add tests for criu config set via rpc
17f23ac2 criu: enable setting of RPC config file
de8d3288 krun: do not leak handles on error
0b3c673f build(deps): bump actions/cache from 4 to 5
456dd8e2 build(deps): bump actions/upload-artifact from 5 to 6
d833dac0 libocispec: sync
4798015e build: add tests coverage
b4db5d32 tests: use hide_stderr=True to avoid coverage output interference
bfbb68eb tests: do not call function twice
a1d5168d tests: replace all sys.stderr.write calls with proper logging
11a43732 tests: improve TAP skip reason reporting with specific explanations
0be79fe8 tests: add slow test detection and warnings to TAP output
8e9ef557 tests: enhance TAP error reporting with more diagnostic information
6d4cd432 tests: add writable /tmp tmpfs mount to base test configuration
7ca36e36 tests: remove debug print statements in test_hooks
6607eb2f linux: run createContainer hooks before making root RO
baec9675 libocispec: sync from upstream
c5d5f185 tests: install honggfuzz from sources
d2b00600 linux: handle openat error
b106e250 container: fix error release
156ae065 NEWS: tag 1.25.1
60a9183e build(deps): bump actions/checkout from 5 to 6
332c2188 utils: invalidate proc_fd on open_proc_file
50e9898f utils: use fsopen to open reference to proc
2e86c95a src: move syscall wrappers to new file
c2fa3c6a cgroup-systemd: use open_proc_file to get cgroup path
8e9ae3d4 cgroup: use open_proc_file to get cgroup path
1aeac1e8 linux: use open_proc_file to setup namespaces
0f200e55 linux: use open_proc_file to setup net devices
4be73c6d linux: use open_proc_file to initialize security
30c575e5 utils: use open_proc_file for mark_or_close_fds_ge_than
da40063a linux: use open_proc_file to open current mountns
7172631e linux: use open_proc_file to setup oom score
8822a5e6 linux: use open_proc_file to setup sysctls
b66a8990 linux: use open_proc_file to setup timens_offsets
3f5258a0 linux: use open_proc_file to setup userns mappings
064bbfe4 container: use open_proc_file in resolve_rootfs_path
58856b56 utils: add functions to open files under /proc
d9a0adce NEWS: tag 1.25
d94659a3 podman: disable artifact test
0fc276cc cgroup-systemd: enable all accounting properties to ensure stats are readable
9feec597 libcrun/cgroup: always enable TasksAccounting for systemd
078e2d6d build(deps): bump actions/upload-artifact from 4 to 5
6b12c6a8 Libcrun/container: Fix double allocation of 'err'
b718483c Libcrun/seccomp: fix double allocation of 'err'
65532fc5 build(deps): bump github/codeql-action from 3 to 4
a9187097 Reset the inherited cpu affinity
crun/ocispec: update to
5a0e037 source: fix ByteArrayHandler nested array parsing
03bae1d source: add missing emit_clone() to BasicMapArrayHandler
dbb5155 source: fix invalid else() syntax in byte array generation
692b0b6 source: fix typo in ByteArrayHandler nested array parsing
2acd6dc source: fix mapStringObject clone to copy len and keys
c7ce09d ci: print test-suite.log on test failure
8cff3b9 tests: add test-12 and test-13 for better coverage
16a30ff source: add NULL check to generated clone functions
507cf52 source: fix BasicMapType.emit_clone() to handle NULL maps
2c8d0f8 gitignore: update
a425a84 source: rename doublearray to nested_array
7d7e02c source: add struct-level methods to TypeHandler classes
dc24f9a source: refactor ArrayType using ArraySubtypeHandler classes
fed6acc source: add BooleanPointerType.emit_generate() and emit_json_value()
81ff1fa source: document ObjectType.emit_clone() design decision
d91d34a source: add emit_gen_key_with_check() helper
11b951f source: extract get_compound_children() helper
4ff4117 source: inline c_file_map_str() into make_c_free()
e59b696 source: inline c_file_str() into ArrayType.emit_free()
337925c source: inline trivial wrapper functions
73e8f9e source: inline array functions into ArrayType handler
df11b0a helpers: rename judge_* functions to clearer names
45a1b35 source: skip handler for object type in make_clone()
31824dc source: remove dead code in read_val_generator()
b49928d source: remove dead code in make_c_free()
20de7a4 source: add emit_clone() to MapStringObjectType and BasicMapType
971a65b source: add ArrayType handler for array operations
633c0b5 source: add ObjectType, MapStringObjectType, and BasicMapType handlers
141fa50 source: use TypeHandler in make_c_free() and make_clone()
2fc8679 source: use TypeHandler.emit_parse() in parse_obj_type()
c3686db source: add TypeHandler classes for type-specific C code generation
c174b06 source: remove superfluous else after return
858f199 source: remove dead code in make_clone()
6ae8e2d source: consolidate numeric type conversion with helper function
a23b40c source: apply emit_gen_key() helper to get_obj_arr_obj()
717d035 source: apply YAJL helpers to get_c_epilog_for_array_make_gen()
6dcd043 source: apply YAJL helpers to get_c_json()
a2cc69b source: apply YAJL helpers to get_obj_arr_obj_array()
7f5fcb5 source: apply YAJL helpers to get_map_string_obj()
aa9271c source: add YAJL generation helper functions
3366b93 source: add emit_invalid_type_check() helper for YAJL validation
05ee4de source: add emit_value_error() helper for error wrapping
7a62656 source: add emit_asprintf_error() helper to reduce boilerplate
4d2f6e5 source: add do_read_value() helper to reduce boilerplate
d37383d source: convert parse_obj_type() to multi-line f-strings
39fa66d source: convert make_c_free() to multi-line f-strings
d62a55f source: convert make_c_array_free() to multi-line f-strings
112ab7f source: convert c_file_str() to multi-line f-strings
41596b9 source: convert c_file_map_str() to multi-line f-strings
a2fd73f source: complete get_obj_arr_obj_array() conversion to f-strings
66e333d source: convert get_obj_arr_obj_array() to f-strings (object branch)
47e7dc5 source: convert get_map_string_obj() to multi-line f-strings
ae23175 source: convert parse_obj_type_array() to multi-line f-strings
002af18 source: convert parse_map_string_obj() to multi-line f-strings
e80d362 source: extract check_gen_status() helper pattern
46ce297 source: extract calloc_with_check() helper pattern
cc817ed source: continue null_check_return() pattern extraction
419526a source: extract null_check_return() helper pattern (partial)
064fcbb source: extract free_and_null() helper pattern
7579c03 source: add emit() helper function for code generation
c8a5437 gitignore: update
b355817 runtime-spec: update
819972d image-spec: update
ea4906b Check 'src' before dereferencing
345279c runtime-spec: update from upstream
Bumping runtime-spec to version v1.3.0-11-g6f7b71c, which comprises the following commits:
53abf18 ci: bump golangci-lint to v2.10
90a6479 Fix an error in the docs
4361740 schema: fix definition for array type
04836b1 schema: fix path for uint32 type
c668b01 config-linux: allow empty strings in memory policy nodes field
9d0d4bc version: v1.3.0+dev
9224913 version: release v1.3.0
4df3d11 Mention FreeBSD platform
a257beb Add minimum supported Go version to CI (#1303)
afdbcb8 Add FreeBSD as a platform
75d79ee ci: use oldstable and stable Go versions
9efd9f2 schema/defs-linux.json: fix max for FileMode
09ec668 config-linux,schema: fix FileMode description
Bumping image-spec to version v1.1.1-28-ga4c6ade, which comprises the following commits:
fccd049 Fix: Make the config field optional
b71c0df Add missing backtick
431b3be Update OCI Image Implementations list
02ba6e2 Descriptor size cannot be negative
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 15012558
---------------------------
criu: update to v4.2
** CRIU 4.2 fails to cross-compile with:
No rule to make target '/usr/include/google/protobuf/descriptor.proto'
Upstream commit 7fbf7b2be removed the build-time symlink for
descriptor.proto and replaced it with a Makefile rule that resolves
the path via pkg-config and passes it to protoc. Both the pkg-config
query and the protoc --proto_path are hardcoded to host paths.
This breaks cross-compilation because pkg-config --variable=includedir
returns the raw host path (/usr/include) without applying
PKG_CONFIG_SYSROOT_DIR. The sysroot prefix is only applied to -I
flags from --cflags, not to raw --variable queries.
Add a patch introducing an overridable PROTOBUF_INCLUDEDIR make
variable and pass the sysroot-prefixed path via EXTRA_OEMAKE. Remove
the old do_compile:prepend symlink workaround which no longer applies.
And then we pickup the following changes:
3c7d4fa01 criu: Version 4.2 (CRIUTIBILITY)
0a7e7d09d log: use sizeof(*hdr) instead of sizeof(hdr)
e689d902b criu/log: properly handle truncated length from vsnprintf
6344e8d71 cr-servce: move kerndat_init after log_init
a525b3c32 test/vdso-proxy: handle merged vma-s
ce680fc6c Revert "plugins/amdgpu: Implement parallel restore"
1d08ff8ca coredump: fix handling of num_pages
cb8e1da3f coredump: use compat_nr_pages as fallback
0fa6ff3d1 test/others: add tests for check() with pycriu
567f70ce1 test/others: add test for check() with libcriu
a1dc88502 test/rpc: update errno check
3c841af2c pycriu: use explicit imports for __init__
f7ccb63bd pycriu: set RPC opts for CHECK
9371c4a78 cr-service: refactor RPC opts parsing for check()
72ca94db4 cr-service: refactor logging setup
5966ffe8a cr-service: refactor images_dir path resolution
60a731ab3 cr-service: drop images_dir from setproctitle
ee4100c09 cr-service: refactor images/workdir setup
71a637923 pycriu: set default value for sk_name
d2c46b92b pycriu: better socket error handling
7aad7317b lib/pycriu: changing the default behavior to use the system binary
3f97cfe87 test/libcriu: check setting of RPC config file
2878faa74 libcriu: enable setting of RPC config file
07ad2473f Use command -v instead of which
afcfcd3bf ci: add which dependency in dnf packages
686018147 ci: add wheel and setuptools in dnf packages
d3dfb663b make: don't install external dependencies
f74e68daf ci: verify call order of action-script hooks
f824dc735 ci: consolidate action-script tests
d5c81f810 pycriu: prevent always appending "Unknown" to error messages
540c631dd pycriu: add missing protobuf dependency
a5ae3c184 pycriu: set licence to LGPLv2.1
697c31abe zdtm: shstk: add SHSTK_ENABLE test build option
6fd71b9ee x86/criu: shstk: restore SHSTK via premap loops
abf4a71d9 x86/criu: shstk: add shstk_vma_restore()
02462c19c restorer: shstk: allocate restorer shadow stack
b18c07d8a restorer: shstk: add shstk_min_mmap_addr()
f29cb750d x86/criu: shstk restorer memory accounting functions
3365c7c02 restorer: shstk: add restorer shadow stack stubs
bb9a7202a test/others/rpc: show logs on error
9d072222e test/others/rpc: parse action-script via config
c03c08d1b cr-service: refactor rpc config parsing
dcce9bd0e zdtm: add a test for --allow-uprobes option
f548d3af4 crtools: remove "consult documentation"
aeec40bf0 docs: add documentation for --allow-uprobes
bab72af9a vma: introduce --allow-uprobes option
74bf40fee crit: add VMA_AREA_UPROBES flag
0ff2e0a66 criu-coredump: add VMA_AREA_UPROBES flag
7bf402f6b vma: introduce VMA_AREA_UPROBES flag
520266d89 zdtm: add sk-unix-restore-fs-share test
790b3cf42 ci: run alpine tests on arm64
77553f07d make: prevent redefinition of 'struct sigcontext'
3379c122e page-xfer: fix incompatible pointer type on armv7
7a4b35a91 contributing: update links to mailing list
76394e93a ci: consolidate aarch64 tests on GitHub runners
0a81dc8bb ci/java: update base image from focal to jammy
b25ff1d33 Remove travis-ci leftovers
25f8be0f6 ci: use package-manager dependency install scripts
67751bc11 docs: add developer overviews for AI assistants
91758a68e zdtm: Remove junit_xml leftovers
2d2168fc9 vdso: relax EI_OSABI check to support linux in ELF header
2e26b36d4 pagemap: print page regions in the format `start - end`
7e0da4d97 pagemap: use unsigned long for page counts
afb2e6c3f pagemap: change PagemapEntry.nr_pages to uint64 to support huge mappings
c7395f4cb files: fork helpers without CLONE_FILES | CLONE_FS
a8c5e1171 lsm: use attr/apparmor/current to get apparmor label
80c280610 compel/mips: Relax ELF magic check to support MIPS libraries
053a22a23 pagemap: prevent integer overflow in pagemap_len
a779417a3 zdtm: stop importing junit_xml
254ba3e8c ci: avoid Docker 28 due to regression
4b7398595 criu/sockets: Restrict SO_PASSCRED and SO_PASSSEC to supported families
fa1b39906 zdtm/static/sock_opts00: use unix socket to test SO_PASSCRED and SO_PASSSEC
2ba343010 test/zdtm/static/maps12: fix pointer-to-int cast
dcee5bd6f make: Disable branch-protection for PIE code on ARM64
98f2bd525 ci/vagrant: install vanilla kernel for Fedora Rawhide test
01265cfc6 test/zdtm/static/maps12: add madv guards test
9c0f725a6 criu/mem: dump: note MADV_GUARD pages as VMA_AREA_GUARD VMAs
59b4d662a criu/pie/restorer: add madvise(MADV_GUARD_INSTALL) restore logic
63c702968 criu/{mem, vdso, cr-restore}: introduce VMA_AREA_GUARD fake VMAs
cc047d595 criu/mem: dump: skip MADV_GUARD pages content dump
5843cbf97 criu/mem: refactor should_dump_page helper
42580fcb1 criu/pagemap-cache: pagescan: look for PAGE_IS_GUARD pages
1873e8f50 cr-dump: warn if MADV_GUARD is supported but isn't shown in pagemap
4fc07a8a4 kerndat: add pagemap_scan_guard_pages feature check logic
2bb77daa9 kerndat: add madvise(MADV_GUARD_INSTALL) feature-detection
fce491113 criu/include/mman: define MADV_GUARD_INSTALL
5f94dd71e CI: Consolidate arm64 tests on GitHub runners
c6c6f6f23 zdtm/socket-tcp-closing: fill socket buffers effectivly
d586b30c6 vagrant: fix tar including archive in itself
2762b21e4 vagrant: update image to fedora 42
0d1e280d0 vagrant: fix 'qemu' install
64276874d restore: flush caches during restore
95d5e2e59 compel: flush caches after parasite injection
22c83e3eb images/Makefile: use msg-gen
066bf7bf3 Keep images/google/protobuf directory
21c3b9c00 images/Makefile: fix using $(Q)
7fbf7b2be images: remove symlink for descriptor.proto
455c67739 zdtm: Add ztatic/mnt_ext_file_bind_auto test
e31828ed8 mount: Fix trailing / when a file is bind-mounted
3dc865bc8 test: add static tests for ICMP socket
a80c54484 sk-inet: Add support for checkpoint/restore of ICMP sockets
677a56891 zdtm/netns_sub_sysctl: skip unsupported sysctls
87bd09a0d net/sysctl: make ipv4/ping_group_range work in user namespaces
45d09ae17 net/sysctl: fix broken ipv4_sysctls_op
4f057a6ae net/sysctl: fix missprint in an error message
4c7d42f67 ipc/sysctl: fix CTL_FLAGS_IPC_EACCES_SKIP by making it a flag
922754dff rpc/log: return first error always
a79b33d0c cpuinfo: show error when image is missing
99ba6db89 crtools: do a few minor cleanups
fcbaac059 crtools: simplify check for cpuinfo subcommands
fbfed312e feat: introduce Nix flake
5f18ca1bb test/zdtm/static: add maps11 test for MAP_DROPPABLE/MADV_WIPEONFORK
dfa0ce180 test/zdtm/static/maps02: add MAP_DROPPABLE testcase
4f9dcfb9c pycriu/images/pb2dict: add MAP_DROPPABLE flag
b90cfc1a8 criu/proc_parse: support MAP_DROPPABLE mappings
6476488a5 test/zdtm/static/maps02: add MADV_WIPEONFORK testcase
af5412a43 criu/proc_parse: support MADV_WIPEONFORK/VM_WIPEONFORK
2b8951a9c image: use `protoc` instead of `protoc-c`
1fdff7c7a zdtm: fix check for criu binary
ae1395de1 zdtm.py: add an option to change pycriu import path
7a5b3d1f4 plugins/amdgpu: Update `README.md` and `criu-amdgpu-plugin.txt`
a61116fd9 plugins/amdgpu: Implement parallel restore
e8ba7c103 plugins/amdgpu: Add parallel restore command
1fd1b670c plugins/amdgpu: Add socket operations
e257d0497 pstree: Add `has_children` function
497109eb4 cr-restore: Move `cr_plugin_init` after `fdstore_init`
427c0dc27 criu: Introduce a new device plugin hook for restore
d57d40a5a sk-inet: add MPTCP definition
fddca67cc seize: fix pause devices for frozen containers
366d73a4c make: remove checks and warnings for bsd strlcat and strlcpy
1eaa870cc kerndat: check that hardware breakpoints work
b458a5c1a sk-inet: add message how to disable MPTCP in Go
5a725266a zdtm: add mnt_ro_root test
6b3826a6f zdtm/lib: add "bind" desc option
88cb552f6 mount: restore root mount flags
b6dca3116 aarch64/crtools: fix define for missing constants
5de61a721 net: nftables: avoid restore failure if the CRIU nft table already exist
b9da95b0b s390: Fix FP reg restore after parasite code runs
74799ae02 aarch64: fix build with missing NT_ARM_PAC_ENABLED_KEYS
680584166 cuda: remove redundant goto label
e7aee3c5c cuda: use pr_perror for libc function errors
5ff52326e restore: use the new kernel interface to restore timers
9a1e97966 compel: fix the stack test
daa548bbf criu: Do not print failed message when there is no late stage hook
34226fd24 ci: try GitHub arm runners
a44aa6d98 criu: Version 4.1.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 2e42bda4
---------------------------
cri-tools: update to v1.35.0
Bumping cri-tools to version v1.26.0-1468-g16d56738, which comprises the following commits:
9ddc149f use latest cri client with the logger used from context
224d6cc1 Bump ncipollo/release-action from 1.20.0 to 1.21.0
f224fbcc add context to critest
4dcca56b image ID consistency test
77d610e3 ci: Skip exec tty test on Windows
94684d12 Bump the gomod group across 1 directory with 9 updates
51802bf0 Bump the gomod group with 4 updates
53a26273 Bump crate-ci/typos from 1.43.5 to 1.44.0
02862375 Bump the gomod group with 7 updates
075032cf Bump actions/upload-artifact from 6.0.0 to 7.0.0
3b76ce8d Bump actions/setup-go from 6.2.0 to 6.3.0
b1649021 feat(critest): Add image manager consistency and idempotency tests
b198f503 first iteration of AGENTS.md
8221586a Update golangci-lint to v2.10.1 and fix lint issues
7a737fe9 Bump github.com/onsi/gomega from 1.39.0 to 1.39.1 in the gomod group
9fe1083e Bump the gomod group with 16 updates
d84c3535 Bump crate-ci/typos from 1.43.4 to 1.43.5
ae771321 bump opentelemetry dependencies to latest
bf5ca193 Bump crate-ci/typos from 1.43.3 to 1.43.4
795d23d0 Bump crate-ci/typos from 1.43.2 to 1.43.3
fa820b42 Bump crate-ci/typos from 1.43.1 to 1.43.2
046d82c8 Bump actions/cache from 5.0.2 to 5.0.3
cdfc7c46 Bump crate-ci/typos from 1.42.3 to 1.43.1
779f2d21 Make ginkgo less verbose
3bcc1025 Bump crate-ci/typos from 1.42.2 to 1.42.3
ef1842c0 Bump crate-ci/typos from 1.42.1 to 1.42.2
cac1dfdf Bump actions/checkout from 6.0.1 to 6.0.2
2c34c5c2 Bump crate-ci/typos from 1.42.0 to 1.42.1
b2a9817a Bump actions/cache from 5.0.1 to 5.0.2
0761c49a switch to GA bits of k8s API
be5cd064 Add warning and documentation for crictl rmi multi-tag behavior
4d23a48c Bump actions/cache from 4.3.0 to 5.0.1
efbfa5a1 Bump actions/upload-artifact from 5.0.0 to 6.0.0
39831ffd Bump crate-ci/typos from 1.40.0 to 1.42.0
e9146feb Bump actions/setup-go from 6.1.0 to 6.2.0
55167ff1 Fix CNI installation grep pattern for containerd 1.7
78e6f2de special handling of containerd 1.7 CNI installation
f77dbe18 Update version
567e16a8 Vendor Kubernetes v1.35.0-rc.1
dd16bb7f buf fix: fix panic when no image in container-config
99f10931 Vendor Kubernetes v1.35.0-rc.0
92d5fee7 Bump actions/checkout from 6.0.0 to 6.0.1
60c0f563 fix:sometimes oom test failed
eb170995 Bump crate-ci/typos from 1.39.2 to 1.40.0
9900d2a6 Update Windows test image and fix CRI-O test cleanup
b78116aa Use `latest` gcb-docker-gcloud for building test images
cc2f14ae Bump actions/setup-go from 6.0.0 to 6.1.0
1d2b74ca Bump actions/checkout from 5.0.1 to 6.0.0
b56079fb Update golangci-lint to v2.6.2 and fix lint issues
f11f7e44 Bump actions/checkout from 5.0.0 to 5.0.1
e8f44b14 Bump crate-ci/typos from 1.39.1 to 1.39.2
3a38712d Bump crate-ci/typos from 1.39.0 to 1.39.1
314e94c5 Disable runc integration tests due to AppArmor issue
e07bd2f2 update selinux to v1.13.0 to address cve
8790d077 Update validation.md documentation
38a46a26 Switch to `macos-latest` runner
3931ed0d Update documentation with missing features and fixes
5f13ca55 Remove unused e2e badge
7feb39fe Bump crate-ci/typos from 1.38.1 to 1.39.0
c477e553 Add buffer pooling for JSON operations
5a86e2e3 Optimize marshalMapInOrder with strings.Builder
243bf09d Modernize golang for 1.25
722f0f55 Bump actions/upload-artifact from 4.6.2 to 5.0.0
12e02c53 bump containerd dependency to 1.7 in go.mod
bddc6ada remove unnecessary build step on Windows
7ef3055b Containerd 1.6 is EOL now
25cdc3c2 Remove link to outdated kubic repository
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 59593cba
---------------------------
cri-o: update to v1.35.0
Bumping cri-o to version v1.33.0-522-g8273bca37, which comprises the following commits:
5dd7bb4e3 Add libpathrs version to dependencies
2b23b4810 Add libpathrs-devel to github-actions
8d8d342a1 Add libpathrs-devel to Fedora packages for runc build
d51616f2f fix: prevent panic on closed stopTimeoutChan in StopContainer
71e9babcd fix: handle ErrNotAnImage in RemoveImage for concurrent deletion idempotency
1d19f431c [docs] fix dead nixos link in install.md
73957f24e build(deps): bump the gomod group across 1 directory with 7 updates
e43e31772 Fix metric label cardinality mismatches in CRI stats
1e19a7261 Skip OCI artifact fallback on transient network errors
7eb2cc18e Add EnsureNotContainerImage to prevent container images in artifact store
aed9671d7 Return image ID from PullImage instead of repo digest
a42bdf9de tutorials/CRI-O in kind: fix bash syntax error
1e2e17804 Bump golangci-lint to v2.10.1
c355bea81 Add OpenVEX report generation via govulncheck
9ca8e2c1a Bump go dependencies
020b30892 Fix the bug where cri-o doesn't emit any metrics when all is set.
f1c0c7b6a Feature Request: Make TLS minimum version and cipher suites configurable for CRI-O server
ddb1d632a Update setup-go
1294b3151 Temporarily pin conmon to pass CI. See https://github.com/containers/conmon/pull/629#issuecomment-3872984444 for details.
65b9fcc49 Bump development version to v1.36.0
ecacc4558 Mark v1.32 EOL
75877851a Some minor refactorings of `ociartifact`
d1d77faec Refactor `ociartifact`: extract `datastore` package for artifact data handling
39ff6f590 Refactor `ociartifact` to simplify artifact creation using `NewArtifact` and remove redundant `buildArtifact` logic.
ec12a7d5f bump c/common, c/storage
33f0e88da Disable swap setup on GitHub actions
b414a1f93 Update nixpkgs
0f877a3e1 Update .coderabbit.yaml
d56906b6d Create .coderabbit.yaml
eccac32bd Revert "storage: Preserve knownRepoDigests order in ImageStatus"
4eabb00d3 server: update container state prior to NRI StopContainer event.
0f68aa8d0 test: Add regression test for user namespace cgroup delegation
e826ac15c server: Always include UID/GID mappings for user namespace containers
19d319695 server,nri: pass extended container status to NRI.
03e4dffce build(deps): bump github.com/sigstore/fulcio from 1.8.3 to 1.8.5
8df271a03 server,nri: pass any POSIX rlimits to plugins.
23b10b8da server,nri: pass container user (uid, gids) to plugins.
7822ff1f1 checkpoint: clean up checkpoint dir on error
74af549f5 Remove `filepath-securejoin` replace and bump to 0.5.2
922d3edc8 Refactor container mount setup functions and improve SELinux label handling
396cce5f0 Replace cgmgr.CgroupStats to use cgroups.CgroupStats
d9d10ea4c Rename DiskMetrics and FilesystemMetrics to DiskStats, FilesystemStats for consistency with other structs and cadvisor
9da43ec9c Move disk_metrics to the new stats package.
d2d7d1f2c Rename stats to statsserver
5062a6a94 oci: fix lint
73848ccec runtimehandlerhooks: save whether irq balance enable was done
a96dfe16a server: run post stop hooks before updating container status
fa5afc5b3 refactor(memorystore): remove unused Size() method
4009c44e1 refactor: remove AddExecPID, use StartExecCmd
eeab7a961 fix: make exec start atomic with PID registration
a97e4b982 test: skip tests from kata containers
e8d273b08 test: add integration tests for exec during graceful termination
8df026b11 test: add tests for exec during container lifecycle
35f7a3ca6 feat: allow exec to containers during graceful termination
ec1c67a8c artifacts: fix unqualified search tests
610a868fa artifacts: mock libartifact store
6ca8533aa Drop unqualified-search-registries support for artifacts
c33e3e81b test/nri: update linter deprecation annotation.
174d13446 server,nri: pass any linux RDT constraints to plugins.
25f32e0e6 server,nri: pass any linux net devices to plugins.
db7314ca6 server,nri: pass any linux scheduler attributes to plugins.
9536cf92c server,nri: pass any linux I/O priority to plugins.
b23a7d055 go.{mod,sum}: bump NRI deps to v0.11.0, re-vendor.
04f4754fa Update Golang download URL to use go.dev instead of storage.googleapis.com
4e2f7dbed Ensure `InitLabel` only sets process label when unset
29b33f11e Fix the bug where the ContainersStatuses.Image returned by the GetContainerEvents interface is nil
01b2c74d9 Follow up on PR 9634 to clean up redundant code.
68795ff36 Refactor cgroup manager integration: centralize pod and container cgroup manager retrieval logic with `GetPodAndContainerCgroupManagers` and standardize function naming for consistency.
0b1d77bdd Add exec cgroup for exec CPU affinity
a2a04ad55 Refactor cgroup manager logic: centralize `LibctrManager` and `CrunContainerCgroupManager` in `cgmgr` while replacing duplicates.
c979d5fdd Delegate setting shared CPUs in cgroup to container runtime.
cf4aab91f Update release notes to use cosign bundle format
3cead51f9 Replace json-iterator/go with goccy/go-json
9270ed35b Refactor ociartifact handling to use libartifact types and store
db0840561 go.{mod,sum} bump CDI deps to v1.1.0.
8212e1acd build(deps): bump github.com/sigstore/fulcio from 1.7.1 to 1.8.3
23b69a24b build(deps): bump the gomod group with 10 updates
a7b222899 server: use totalTimeout for infra container stop
9d7aa99d0 OCPBUGS-62150: server: ignore /etc/passwd mount
11e4c1806 build(deps): bump the gomod group across 1 directory with 3 updates
1c09e085d Replace v1 annotation references with v2
5a0973db5 Pin Kubernetes to v0.35.0-rc.0
1a7db25c0 Add container pressure metrics to stats collection
c42cf78c6 Remove SignalContainer functionality and related syscalls
97658ce1a build(deps): bump the gomod group with 7 updates
6bb8a380c Allow containers to use both host network and user namespace
e46ab57b1 build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0
c2ebfbac1 Migrate annotations to Kubernetes-recommended naming conventions
ddfa9d3eb server: skip processing early if we get a nil adjustment from NRI.
eb21f3b71 build(deps): bump the gomod group with compatibility fixes
e03e84aae Fix incomplete config validation on sandbox restoration
35ce440e8 Make AGENTS.md generic and add git workflow nuance
bbe6d7a4e Rename CLAUDE.md to AGENTS.md
e71f96aed dbusmgr: use system dbus when running as UID 0 regardless of rootless detection
9e0b08c1d Add support for "all" in includedPodMetrics and validate its usage
3b932318f Fix the bug where includedPodMetrics are not respected in ListMetricDescriptors
f830100c3 Add CLAUDE.md project context file
3233b94ea refactor: Reduce cyclomatic complexity in sandbox_run
07b0da920 refactor: Reduce cyclomatic complexity in sandbox_run
3dd90b8ab test: add integration tests for container_create_timeout configuration
52efdb362 test: add tests for ContainerCreateTimeout configurability
2d2024a0f Add documentation for container_create_timeout configuration option
7a2427285 Add context timeout to task.Create in runtime_vm.go
18d52e3e0 Make ContainerCreateTimeout configurable at runtime handler level
09625082c Improve returned error text at CreateContainer failure
f76e3f9ea Migrate to container-libs
f6bc16be2 storage: Preserve knownRepoDigests order in ImageStatus
e200c2625 test: Switch more integration tests to use crun
20e6d1b47 Update golangci-lint to v2.6.2 and modernize configuration
f22167af4 Update sigstore/cosign-installer to v4.0.0
99a55c8f5 Fix CVE-2025-58183: Update tar-split to v0.12.2
f49e8eb7b Disable runc integration tests due to AppArmor issue
9ece818fb metrics: add disk IO stats
822ce9db8 spec metrics: always report container_spec_memory_reservation_limit_bytes
e7af6bd9b metrics: add container_start_time_seconds
f470ad448 spec metrics: always report container_spec_memory_reservation_limit_bytes
cf3eb39b7 metrics: add container_start_time_seconds
2d66de376 feat: extend oci runtime to collect and manage disk metrics
069114806 refactor: Reduce cyclomatic complexity in criocli
6ad526c7a metrics: update process metrics tests and refactor stats_linux.go a bit
7fda065ba Extend Disk Metrics for other filesystems
d9694a420 Extended ContainerStats to include disk metrics
8b8028baa feat: Added Disk Metrics
7a179c8a6 refactor: Reduce cyclomatic complexity in container_create
6cbdc99cc Fix `patch-release` job by adding dependencies.yaml
58a1fc0f3 Tests for threads and sockets
cbea27536 Refactor thread metrics
aebf1d561 metrics: correct container metric metadata
76319d61c build(deps): bump the gomod group across 1 directory with 2 updates
927461f48 fix minor typos in README.md
897f1cdf2 Added container process metrics
a3c41c499 container: take state lock when setting spec
fe0a3281d metrics: add container spec metrics
a748f3453 metrics: add container_last_seen
1fb90ef70 build(deps): bump k8s.io/kubelet from 0.35.0-alpha.1 to 0.35.0-alpha.2
5ecd5931b build(deps): bump k8s.io/cri-client
36475303d build(deps): bump the gomod group with 2 updates
ed3fe40bf Add and apply gopls `modernize` linter
fe4306b72 Pin github.com/cyphar/filepath-securejoin to v0.4.1
9a2f002d0 build(deps): bump github.com/cri-o/crio-credential-provider
c2db50755 Close runtime connection on watchdog call
1e357f4d6 build(deps): bump sigs.k8s.io/release-sdk in the gomod group
93f920160 Remove support for `InsecureRegistries` in favor of `registries.conf`
f10344e7c Mark v1.31 as EOL
2ec914d08 Packit: remove unmaintained branches
c76a5286b lint
b10d151c8 remove typo
a760511c1 move log statement after fn call
6e4965b1d Fix lint CI by re-adding `nolints`
68c73a911 Clean up duplicate SignaturePolicyPath logic in image_pull.go
55c749ff4 build(deps): bump golang.org/x/net in the gomod group
ce5edf28b build(deps): bump the gomod group with 2 updates
93121f41b Re-use public credential provider API
a0c3b7723 build(deps): bump the gomod group across 1 directory with 4 updates
d25f3a5d2 Update log formatting in interceptors to use %+v for better readability of structs
ab0176bde HighPerformanceHooks: Nil pointer check for isContainerRequestWholeCPU
172635f02 HighPerformanceHooks: Add housekeeping CPU support for IRQ loadbalancing
7a780e492 Fix Generator initialization to properly initialize envMap
53b7f6bfb Remove github.com/grpc-ecosystem/go-grpc-middleware dependency
43ed9f965 Remove unused code from Makefile
ff5900e74 Switch to go 1.25
d73c82b4d Actions: cancel parallel runs
0b1d84cbc Update nixpkgs
1080c5ea9 Fix lint
cadcf4753 build(deps): bump the gomod group across 1 directory with 3 updates
85da8e038 Re-add the `--enable-fixed-path` removal for gpgme
719a3e65d Remove temporary auth files if used
bc7f61ad4 Update third party dependencies
7a99e1d67 Consume additional pull auth if available
63212c48b temporarily downgrade crun version until container-selinux fix is released
02cd6750a server: Fix network cleanup failures when NetNS path is empty
16246ad1a Fix `ERROR! Invalid callback for stdout specified: debug` by removing stdout_callback
ad1728396 Use ftpmirror.gnu.org instead of ftp.gnu.org because ftp.gnu.org is sometimes too slow.
78c966c13 HighPerformanceHooks: Defer irqSMPAffinityFile rollback
44af57fe0 Revert "Skip [FeatureGate:InPlacePodVerticalScaling]"
79cd6e3f1 Update development version
14abbfc21 build(deps): bump the gomod group across 1 directory with 9 updates
1f1746236 Update dependencies.yaml if required on release cut
03ec73d26 HighPerformanceHooks: Move IRQ balancing to PostStop hook
06c843730 HighPerformanceHooks: Add mock infra for command and system unit tests
1283afcfe HighPerformanceHooks: Make locks atomic for irq SMP affinity
8aeda9682 Update install.md - Add Dep for Ubuntu 24
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f8d46c5e
---------------------------
conmon: update to v2.2.1
Bumping conmon to version v2.2.1-23-g86e8106, which comprises the following commits:
8bc1877 chore(deps): update dependency containernetworking/plugins to v1.9.1
beb8c36 chore(deps): update dependency containers/automation_images to v20260310
5c023cb chore(deps): update dependency opencontainers/runc to v1.4.1
b074dcd tests: fail if runc start failed
db7c945 ci: drop unneeded step of installing bats
497ce1c Update dependency containers/automation_images to v20251211
329b0dd CI: bump dependencies, build runc/crun from source, skip crio-wipe tests
1090e54 RPM spec: modernize spec file
7aa0abd Add the official conmon logo to README.md
ec54d8f Fix FreeBSD 15.0+ SOCK_SEQPACKET message boundary issue
e311cf2 tests: Normalize json before comparing it.
c8cc2c4 Release v2.2.1
2cf4dcd Fix EAGAIN busy-loop in drain_stdio()
f8cc9d6 Add CRI-O critest
5863a7f Fix test for reverted F-sequence behavior
8563b0a Revert PR #592
894e164 Revert PR #629
3bb1a4e Skip test if RUNTIME_BINARY is not runc
93d4e63 Fix k8s-file log format for terminating F-sequence
de539b3 tests: Ensure necessary dependencies are available
27ef050 Release v2.2.0
40eb39e Fix SIGABRT crash in drop_signal_event
437e65a Add an easy cleanup for tests
dbb54d4 [skip-ci] Update actions/checkout action to v6
d436a96 Check memory.events file exists before adding inotify watch
21ffef0 Fix remaining busybox references in tests
15de5b1 Fix inconsistent error messages when runtime fails
8debcb5 Move attach start message after failure check
b2e434f Switch tests from busybox to UBI10 and add consistent terminal size validation
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d77efdfd
---------------------------
containerd: update to v2.2.2
Bumping containerd to version v2.2.2-11-g5957d3334, which comprises the following commits:
a83510103 cri: UpdatePodSandbox should return Unimplemented
ee4179e52 fix(oci): apply absolute symlink resolution to /etc/group
fd061b848 test(oci): use fstest and mock fs for better symlink coverage
5d44d2c22 fix(oci): handle absolute symlinks in rootfs user lookup
00c776f07 update to go1.25.8, test go1.26.1
7e6ecf434 Prepare release notes for v2.2.2
a20dead7c set default config_path in plugin init
fbed68b8f Fix TOCTOU race bug in tar extraction
68855cb0b ci: modprobe xt_comment on almalinux
ef7a8beb3 core/mount: add test for getUnprivilegedMountFlags
07b2cc07e core/mount: fix getUnprivilegedMountFlags iterating over indices instead of values
a5f83d8c2 cri: unpack images with per-layer labels for runtime-specific snapshotters
54101116f add integration test for cni result nil
d44c4384e address comment
f1835270b fix issue where cni del is never executed
5dbf1b915 update golangci-lint to v2.9.0 with go1.26 support
8ec695ebe remove windows/arm from cross build
b9c22a6e3 ci: build/test go1.26.0
6c05047b4 apparmor: explicitly set abi/3.0
09b876a81 integration: Fix TestImageLoad() failure on CI
172ba65b6 cri: Fix image volumes with user namespaces
b4240ef87 update to go1.24.13, go1.25.7
94dbfaea7 ci: bump go 1.24.12, 1.25.6
e46a7a286 set fetch-depth for containerd to 0 for version parsing
1d7908273 core/mount/manager: fix bind mount missing rbind option
3d509bcd3 core/mount/manager: add tests for WithTemporary option
cb3ae2119 fix: sanitize error before gRPC return to prevent credential leak in pod events
533a2552e build(deps): bump google.golang.org/grpc from 1.77.0 to 1.78.0
b120237fb build(deps): bump google.golang.org/grpc from 1.76.0 to 1.77.0
a76eb698a cri: emit warning for concurrent CreateContainer
4be4e5156 Fix nil pointer dereference in container spec memory metrics
3d2e188b1 cri: Use the runtimeHandler parameter in PullImage
633057382 cri: move noisy CDI logs to debug level
8a7409e2e Reinstate image decryption
f6bae1f88 Prepare release notes for v2.2.1
c22cf5d49 cri,nri: pass any linux security profile to plugins.
d7532de75 cri,nri: pass any linux RDT constraints to plugins.
ef36e6181 cri,nri: pass any linux net devices to plugins.
d56faf426 cri,nri: pass any linux scheduler attributes to plugins.
e1824d261 cri,nri: pass any linux I/O priority to plugins.
01d5490ae go.{mod,sum}: bump NRI deps to v0.11.0, re-vendor.
58d23ab63 pkg/tracing: HTTPStatusCodeAttributes: remove use of deprecated SemConv const
05ccbb3a7 cri/nri: short-circuit nil adjustment.
c166a577d go.{mod,sum} bump CDI deps to v1.1.0.
8a5fc8641 go.mod: github.com/containernetworking/plugins v1.9.0
73a08aa00 go.mod: remove exclude rules
cee08c8af build(deps): bump github.com/containerd/zfs/v2 from 2.0.0-rc.0 to 2.0.0
55c93d6fb go.mod: golang.org/x/crypto v0.45.0
aedd29bb4 ci: bump Go 1.24.11, 1.25.5
26628f139 ci: bump Go 1.24.10, 1.25.4
8bb0e9be6 ci(release): set GO_VERSION in Dockerfile
ed19c5420 core/runtime/v2: remove uses of otelgrpc.UnaryClientInterceptor
952237d9b ci: update CIFuzz actions to support Ubuntu 24.04
51582ed27 bump containerd/cgroups to v3.1.2
50d0e4fd4 build(deps): bump github.com/containerd/cgroups/v3 from 3.1.0 to 3.1.1
fb5b818a9 runc: Update runc binary to v1.3.4
e3bf2b80b build(deps): bump github.com/opencontainers/selinux
41a69eb0d core/mount: should not call removeLoop when set autoclear
da8e846f9 .github: skip 5 critest cases in window CI pipeline
c707f771a fix: redact all query parameters in CRI error logs
d154e234b Update the ctr pull defaults when using the transfer service
09364216d Fix transfer unpack defaults on darwin
2055d3c62 Update default differs on darwin
9da97686d Use default writable size in erofs snapshotter for non-Linux hosts
eeb0f889a Update default erofs block size on macOS during erofs diff
678f944dd Revert "Implement io.ReaderAt on docker fetch reader"
8b73c2de3 remotes: fix possible panic from WithMediaTypeKeyPrefix
8eaa0b5cb Prepare release notes for v2.2.0
8885b1b7a Make v2.2.0 the latest release
d77d3bc34 Update releases file
491f77350 Update api version to v1.10.0
1ea370e9e Update platforms version to latest
77644a1b0 Update EROFS snapshotter documentation
8c98030c4 runc: Update runc binary to v1.3.3
715d6f8e4 Update Darwin defaults to useable values
69c855bb5 Prepare release notes for api/v1.10.0
f72025d05 Update GHA runners to use latest images for basic binaries build
acbaa8a99 ci: bump Go 1.24.9, 1.25.3
910171e90 Fix directory permissions
a0d0f0ef6 fix goroutine leak of container Attach
0928a980c build(deps): bump lycheeverse/lychee-action from 2.6.1 to 2.7.0
31132cc91 build(deps): bump github/codeql-action from 4.31.0 to 4.31.2
9ae5468e0 build(deps): bump github.com/intel/goresctrl from 0.9.0 to 0.10.0
565151652 Add size check to referrers response
bda01054f fix: ci TestContainerListStatsWithIdSandboxIdFilter failed because multiple id found
7bf5b92e6 Add Readonly setup to EROFS mount loop handler
ebb52e3fb add missing container process metrics.
18be704f7 add container_threads to metric descriptors
7429a7b75 add container_start_time_seconds
6eef0737b add container_ulimits_soft
4b5f23e8a add oom metrics
a68690c8c add container spec metrics
e65874cfb add miscellaneous metrics
ba524db34 snapshot: check parent's kind before commit
e817edf89 CI: update Fedora to 43
2e0e47c47 Deprecate cgroup v1
189de942c Prepare release notes for v2.2.0-rc.0
db3c5b7b7 Update api version to v1.10.0-rc.0
d9d3c8223 Cleanup load shim info
42336c7de Update referrers interface to support more options
9840ad93e docker: fix addQuery with multiple calls
2d40b7fba build(deps): bump golang.org/x/time in the golang-x group
8ef2cfb7e Improve documentation for mount manager
4c7b94fce api/go.mod: golang.org/x/net v0.38.0
f508730d5 cgroups: bump to v3.1.0
842cb99a5 containerd-shim-runc-v2: monitor OOM event after creation
867728517 build(deps): bump github/codeql-action from 4.30.9 to 4.31.0
a741a44cf build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0
94c2d3853 build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0
c59cc44c0 CI: skip ubuntu-24.04-arm on private repos
04d8ae1d6 Postpone v2.2 deprecation items to v2.3
d939b6af5 Remove rebase validation logic from overlay snapshotter
fbc7848f2 Prepare release notes for api/v1.10.0-rc.0
7b7c5c171 Add rebase capability to erofs
0198b87fc Implement parallel unpack
c9afcc2bc cri: retry stop container if there is connection closed
2042e805b cri/server/podsandbox: disable event subscriber
5b9d871fe Add EROFS mount handler plugin
a418e280a add process metrics
7da6a9c21 add disk and diskIO metrics
2e58d4ccf add network metrics
68beb8191 add memory metrics
63eca8fe9 implement CRI ListMetricDescriptors
1bd3b45ad add cpu metrics
942d7afc6 Implement CRI ListPodSandboxMetrics
24e8734a5 .github: dump kernel message in Vagrant box
8a6e6263f Support arbitary mkfs size (not only in MiB)
3cc411c8b Fix backreference support for mount manager
4f130dbe7 cri: retry stopSandboxContainer if shim connection is closed
679a6d0a7 build(deps): bump github.com/klauspost/compress from 1.18.0 to 1.18.1
0da68e8b4 build(deps): bump github/codeql-action from 4.30.8 to 4.30.9
62845f4a9 Simplify oom event handling for cgroups v2 in shim
0d62c7188 Update loopback test to make initialization more robust
9ae0168c7 Add focus test option to critest
a7d26b35e client: add referrers support to client
9e9620dd6 chore: fix some function names in comment
5386802f8 Default config_path if legacy registry options are not set.
25c3871ba Switch mount manager tests to ext4
55d5d5b50 Add Close method to mount manager
2a8d30117 Set default run platform in ctr
92bc4fadc Update task manager to use mount transformers
2f75989e2 Update erofs to use mount transformers
be9f183f4 Add mount transformers to mount manager
1adaf27c1 Update erofs to compile on Darwin
ee8ae9d56 Update erofs snapshotter to use mount manager
fe02fcc5f docs: update default values for unprivileged port and ICMP settings
ed2e81a78 bugfix:sync parent dir to ensure blob entry is reliably stored
932b65a49 restart:use goroutine to speedup loadShims
5243cdd2d Check expected digest when committing as a sanity check
f2b9ff67f Make dockerPusher more compliant with distribution spec
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 3b9ff919
---------------------------
podman: update to v5.8.1
Bumping libpod to version v5.8.1-1-g9d66b48e1c, which comprises the following commits:
c6077f6457 Bump to v5.8.1
dfe5dae2d6 Release notes for v5.8.1
cf0019e3ed docs: make the --migrate-db more clear
5dcc24d01d update boltdb migrating warning
13deb46d81 libpod: prefer sqlite in getDBState()
0c473eb570 libpod: fix parallel migration issue
9b810aed3a libpod: return full path in sqliteStatePath()
1e99e31575 migrate to oidc
935088fd14 Bump Podman to v5.8.1-dev
37bfeded1f Disable lint to fix CI
07efc23e05 Bump to v5.8.0
482462af7b Final release notes for v5.8.0
dafa2e722c update github.com/containers/gvisor-tap-vsock to v0.8.8
e3d9a7863f Bump Podman to v5.8.0-dev
cf2514451d Bump to v5.8.0-RC1
b2325c1126 Extent timeout on Build Each Commit
72838c8458 Update release notes for v5.8.0-RC1
05135d35fe fix: remove unnecessary -t flag from podman run commands in documentation
e330a9fd83 Add /usr/libexec/podman/qemu-system-arch
949d406ed1 test/system: skip podman volumes with XFS quotas on fedora
3235579b48 cirrus: ensure NOTIFY_SOCKET is properly unset for all tests
faedb9c911 docs: Update filter options and add podman ps documentation
e70bfff716 docs: Deduplicate --filter descriptions
63ea75a599 Deterministically order pod inspect fields
4e3dd47967 bindings: fix handling of env secrets in remote builds
b17e90703c Add perl to make validatepr
86b6c75cef Fix `unless-stopped` restart policy to match Docker behavior
8e93487dcc docs/podman.1: Fix leftover rootless mention
35c602bfbb fix: improve userns validation when joining pods
371b3ecdc1 docs: further tweaks
36b11b43fd docs: improve note about Quadlet TimeoutStartSec
d6c79580f8 [Fixes: #27571] Fix 'shouldResolveWinPaths' returning 'false' on Windows
243b623629 fix(api/compat): typo in the remove secret handle
8423b3bbd0 Clamp rootless rlimits to host on format
58a15f1500 Add ulimits to `podman update` API
0f5b913a7c podman-systemd.unit.5: document /sbin/nologin accounts
484858710c feat(exec): Add --no-session flag for improved performance
790f21d355 quadlet install: multiple quadlets from single file should share app
ed79cdfd6a quadlet: add support for multiple quadlets in a single file
e8c334f3cb chore: fix the inconsistent method names in the comments
2a0b5c3593 docs: Add references to quadlet
479b363020 test/system: Update test to handle new error message from runc 1.3.3
d45377c6c8 Ignore auth header with empty JSON object
d36b61c211 Fixes: #27444, Fix tiny typos in some artifact docs
f1dcf63a91 Fixes #27421 aritfact push and pull with authfile
60bf36386b Bumping timeout for aarch64 machine
87bb060531 Fix remote client rejecting empty --detach-keys string
49a704eb06 Makefile: Drop dead CONTAINER_RUNTIME
5a8dbd1dfb Fixes #27378 Missing network type in events document
dcf7644cbc Update docs/source/markdown/podman-run.1.md.in
28b04a8604 Escape periods in path
8b8390522b Escape RequiresMountsFor value
d5b72d973a Introduce assert-has-key assertion
62f1e1176e Rename misleading assertion name
eeae782945 docs: expand --mount section with detailed type descriptions (#25888)
9d29245500 Fix tmpfs U/chown documentation
415e3fc4c8 [CI:DOCS]Fix minor typo in buildah test
ee88292812 Add system test
b866c3d49d Fix podman build "newer" pull policy
99136fbc4c test/e2e: fix 'block all syscalls' seccomp for runc
f76be2a94d [play_kube] Add validation to container image field
b4202348ad test: Fix PODMAN_BATS_LEAK_CHECK
cc83ebbb3e Fix docs for Volume User= and Group= options
763b7b3821 test/system: fix log timestamp work around
6c1378be44 extract shared TTY handling code into helper function
b847c344f6 test: Fix --hostuser octal UID test flakiness
10187a23af Fixes #27651 - Fix health inspect/ps for rootfs containers with empty healthcheck
2f348b3c19 test/e2e: Skip privileged container test if NoNewPrivs is set
abc9a6ff29 Don't assume v1.41 is the default docker
d93268f286 Bump Compat API version to supported v1.44
dc97c9af7e libpod: fix Volume.Mount() returning empty path for plugin volumes
8eacbd8464 fix: correct env/envFrom precedence in kube play
5ff402aa80 Fix PowerShell `Write-Error` multi-line argument
7036d09c5e fix: generate correct error message if Wix is not installed
9e965498aa Fix interfering escaping of commas and spaces in no_proxy variable
4ea22f1b29 Write DefaultEnvironment proxy values to /etc/systemd/user.conf.d/default-env.conf
0e4dc26c05 Fix test proxyenv/env_test.go for systems that use proxy variables
eb118bafb4 Fix healthcheck argument with spaces split in Docker API (#27818)
3d02daa261 fix: prevent race condition during database initialization by using INSERT OR IGNORE.
b41f2d3a3a Release notes for v5.8.0-RC1 (initial)
96dd0e1ad1 Fix podman run equivalent for HealthStartPeriod
7477ffa9c6 libpod: simplify unnecessary loops
d941f62082 secrets/create: remove pipe check and allow interactive stdin
e1408e5a35 Fix container export emitting incorrect event type.
0747179589 Add AppArmor key to quadlet .container files
f111cedfce fix(logs): enhance timestamp format to include timezone in logs
dac1e82710 fix(logs): add tests for nanosecond precision in log timestamps
d3bda38309 fix(logs): improve timestamp precision in container logs
06fe9b21c1 Fix missing newlines in stderr error messages
17d7be80c9 test/system: remove apk from build
ac22866156 libpod: fix healthchecks not executing every interval on linux
fcaf1300d7 fix: skip execution of probes when initialDelaySeconds is not elapsed
efff41698b test/buildah-bud: skip failed remote test
37e511d216 [v5.8] Bump Buildah to v1.43.0
b320fbcaff Add migration code for BoltDB to SQLite
4fdb90e02c Deterministically order pod inspect fields
7ae6813dfc [v5.8] artifact: Skip AddLocal optimization on WSL
3918d4ca75 [v5.8] Require absolute path for local API
6465c07d21 [v5.8] Add local artifact add API endpoint
bae88e1e5e Add GET /quadlets/{name}/exists
d6023e431f Add DELETE /libpod/quadlets
f2fcc7f09c Add POST /libpod/quadlets
01e0db2931 Add GET /quadlets/{name}/file
36c405582a Bump Podman to v5.7.2-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1eec1b5
---------------------------
genericarm64.conf: increase size limit
More kernel modules, firmware files etc increase
size of initramfs over the current limit. Other options
to reduce initramfs size have been discussed but this
is the acceptable solution for now.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4fa3f79
---------------------------
poky.conf: Add Centos 10 to the sanity tested distros list
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 49cbb01
---------------------------
poky.conf: Add Ubuntu 26.04 to the sanity tested distros list
Add Ubuntu 26.04.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bff5329
---------------------------
poky: Update SANITY_TESTED_DISTROS
The Fedora 39, 40 and 41 workers have been decommissioned, OpenSuSE
Leap 16.0 has been added and OpenSuSE 15.5 decommissioned. Update
the config to match.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 266eed6
---------------------------
poky-tiny.conf: Remove the usbhost distro feature
It has been removed from OE-Core (see commit
a791ca692d08eae1953b6e699562fb0c9e27df7a in openembedded-core).
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e79645f
---------------------------
meta-yocto-bsp: oeqa/selftest/systemd_boot: update for standalone wic
The systemd_boot.Systemdboot.test_efi_systemdboot_images_can_be_built
oe-selftest invokes the wic utility. If wic is removed from oe-core,
how it is invoked would need to be updated. However, updating how it is
invoked will also succeed even if wic continues to be part of oe-core;
it is simply a more elaborate way to invoke wic which works in either
case.
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d1128ad
---------------------------
meta-yocto-bsp/wic: Move to files/wic
To align with the new search paths, move the files to the new location.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1458c91
---------------------------
poky-tiny: Simplify distro features
We can just set DISTRO_FEATURES directly for poky-tiny, it's easy for
users to append to this as needed.
This change also removes "\${DISTRO_FEATURES_USBGADGET}" and
"\${DISTRO_FEATURES_WIFI}" from the distro features, which were present
accidentally as those variables were unset.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 245bb11
---------------------------
poky-tiny: Opt out of all default distro features
For poky-tiny, we want to directly control the list of DISTRO_FEATURES,
with nothing added by default.
The previous list of backfilled distro features (before conversion to
DISTRO_FEATURES_DEFAULTS & DISTRO_FEATURES_OPTED_OUT in oe-core) was:
pulseaudio gobject-introspection-data ldconfig opengl ptest multiarch wayland vulkan
Of these, we want to keep:
ldconfig - for ldconfig & ld.so.conf on target.
multiarch - for multiple architecture support.
ptest - for building tests (as they aren't installed by default).
The others can go to keep poky-tiny as tiny as possible.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3d63585
---------------------------
poky-tiny: Drop use of DISTRO_FEATURES_DEFAULT
DISTRO_FEATURES_DEFAULT is now obsolete, default features will be
appended to DISTRO_FEATURES automatically and you can now use
DISTRO_FEATURES_OPTED_OUT to opt out of any features.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 96085aa
---------------------------
poky: Drop use of DISTRO_FEATURES_DEFAULT
DISTRO_FEATURES_DEFAULT is now obsolete, default features will be
appended to DISTRO_FEATURES automatically and you can now use
DISTRO_FEATURES_OPTED_OUT to opt out of any features.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 854f743
---------------------------
genericarm64.conf: fix qemu testing with testimage.bbclass
genericarm64 machine has supported qemu for a long time but
the default build config failed with testimage.bbclass to boot
and run oeqa runtime tests.
TESTIMAGEDEPENDS needs qemu utilities so that they are correctly
installed to image sysroot. For qemu machines these are set in
testimage.bbclass but remain unset for non-qemu machines like
genericarm64.
TEST_RUNQEMUPARAMS needs snapshot since default genericarm64 image
is a compressed wic.zst.
With these set, default genericarm64 core-image-sato boots correctly
with testimage.bbclass and all oeqa runtime tests pass on an x86_64
build machine:
$ bitbake core-image-sato && bitbake -c testimage core-image-sato
...
SUMMARY:
core-image-sato () - Ran 75 tests in 229.248s
core-image-sato - OK - All required tests passed (successes=24,
skipped=51, failures=0, errors=0)
NOTE: Tasks Summary: Attempted 1558 tasks of which 1556 didn't need to
be rerun and all succeeded.
To boot qemu manually (add "slirp" if tap networking not setup,
and "nographic" if qemu graphics not setup):
$ runqemu snapshot core-image-sato
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2ed5aa3
---------------------------
poky: Fix CentOS Stream 9 distro name
CentOS Stream 9 reports as `centos-9`, not `centosstream-9`.
On our stream9-vk-1 autobuilder worker:
$ ( source /etc/os-release && echo $ID-$VERSION_ID )
centos-9
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ac300ba
---------------------------
meta-poky: remove the default template
It is largely duplicating oe-core's template (with addition of
some poky-specific items and minor differences, see below),
and has issues such as assuming a particular layer layout, and
pre-selecting a particular DISTRO and MACHINE.
Rather than continuing to maintain both templates, let's transition to
the oe-core template as a starting point (when not using bitbake-setup).
To get poky one from oe-core template would need to initialize as usual with
oe-init-build-env, then add the two layers in meta-yocto repo, and set a DISTRO
(both can be done from command line without having to do manual edits).
These are the differences between templates, with my explanation about
why I think they do not need to be reconciled or carried over to oe-core:
diff -uNr meta-poky/conf/templates/default/bblayers.conf.sample ../openembedded-core/meta/conf/templates/default/bblayers.conf.sample
--- meta-poky/conf/templates/default/bblayers.conf.sample 2026-02-17 12:17:55.599510358 +0100
+++ ../openembedded-core/meta/conf/templates/default/bblayers.conf.sample 2026-02-06 14:34:36.078136263 +0100
@@ -1,12 +1,10 @@
-# POKY_BBLAYERS_CONF_VERSION is increased each time build/conf/bblayers.conf
+# LAYER_CONF_VERSION is increased each time build/conf/bblayers.conf
# changes incompatibly
-POKY_BBLAYERS_CONF_VERSION = "2"
+LCONF_VERSION = "7"
BBPATH = "${TOPDIR}"
BBFILES ?= ""
BBLAYERS ?= " \
##OEROOT##/meta \
- ##OEROOT##/../meta-yocto/meta-poky \
- ##OEROOT##/../meta-yocto/meta-yocto-bsp \
"
POKY_BBLAYERS_CONF_VERSION is used in meta-poky/classes/poky-sanity.bbclass to
check against REQUIRED_POKY_BBLAYERS_CONF_VERSION version and auto-rewrite conf/bblayers.conf
(particularly to rename meta-yocto -> meta-poky, which happened in 2016).
If oe-core template is used (or bblayers.conf is generated by bitbake-setup), then poky-sanity code doesn't do anything useful
(or is even executed as it is guarded by presence of POKY_BBLAYERS_CONF_VERSION).
diff -uNr meta-poky/conf/templates/default/conf-summary.txt ../openembedded-core/meta/conf/templates/default/conf-summary.txt
--- meta-poky/conf/templates/default/conf-summary.txt 2026-02-17 12:17:55.599510358 +0100
+++ ../openembedded-core/meta/conf/templates/default/conf-summary.txt 2026-02-06 14:34:36.078136263 +0100
@@ -1 +1 @@
-This is the default build configuration for the Poky reference distribution.
+This is the default build configuration for the openembedded-core layer.
diff -uNr meta-poky/conf/templates/default/local.conf.sample ../openembedded-core/meta/conf/templates/default/local.conf.sample
--- meta-poky/conf/templates/default/local.conf.sample 2026-02-17 12:17:55.599510358 +0100
+++ ../openembedded-core/meta/conf/templates/default/local.conf.sample 2026-02-13 11:35:38.470911235 +0100
@@ -25,14 +25,6 @@
#MACHINE ?= "qemux86"
#MACHINE ?= "qemux86-64"
#
-# There are also the following hardware board target machines included for
-# demonstration purposes:
-#
-#MACHINE ?= "beaglebone-yocto"
-#MACHINE ?= "genericarm64"
-#MACHINE ?= "genericx86"
-#MACHINE ?= "genericx86-64"
-#
# This sets the default machine to be qemux86-64 if no other machine is selected:
MACHINE ??= "qemux86-64"
These are poky-specific machines; oe-core template cannot refer to them. Modern machine
selection should happen with built-in fragments.
@@ -81,20 +73,6 @@
#
#TMPDIR = "${TOPDIR}/tmp"
-#
-# Default policy config
-#
-# The distribution setting controls which policy settings are used as defaults.
-# The default value is fine for general Yocto project use, at least initially.
-# Ultimately when creating custom policy, people will likely end up subclassing
-# these defaults.
-#
-DISTRO ?= "poky"
-# As an example of a subclass there is a "bleeding" edge policy configuration
-# where many versions are set to the absolute latest code from the upstream
-# source control systems. This is just mentioned here as an example, its not
-# useful to most new users.
-# DISTRO ?= "poky-bleeding"
Modern distro selection is done with built-in fragments. Local.conf should not be confusing
users with explicit reference to a DISTRO setting, especially if oe-core does not carry
distro definitions that can be selected.
#
# Package Management configuration
@@ -107,8 +85,8 @@
# - 'package_ipk' for ipk files are used by opkg (a debian style embedded package manager)
# - 'package_rpm' for rpm style packages
# E.g.: PACKAGE_CLASSES ?= "package_rpm package_deb package_ipk"
-# OE-Core defaults to ipkg, whilst Poky defaults to rpm:
-# PACKAGE_CLASSES ?= "package_rpm"
+# We default to ipk (via meta/conf/distro/defaultsetup.conf included in meta/conf/bitbake.conf):
+#PACKAGE_CLASSES ?= "package_ipk"
rpm packaging is a poky-specific tweak; it does not need to be mentioned in oe-core.
#
# SDK target architecture
@@ -158,6 +136,7 @@
# - 'buildstats' collect build statistics
USER_CLASSES ?= "buildstats"
+
#
# Runtime testing of images
#
@@ -225,22 +204,6 @@
#file://.* https://someserver.tld/share/sstate/PATH;downloadfilename=PATH \
#file://.* file:///some/local/dir/sstate/PATH"
-#
-# Yocto Project SState Mirror
-#
-# The Yocto Project has prebuilt artefacts available for its releases, you can enable
-# use of these by uncommenting some of the following lines. This will mean the build uses
-# the network to check for artefacts at the start of builds, which does slow it down
-# initially but it will then speed up the builds by not having to build things if they are
-# present in the cache. It assumes you can download something faster than you can build it
-# which will depend on your network.
-# Note: For this to work you also need hash-equivalence passthrough to the matching server
-# There is a choice between our sstate server directly and a faster content delivery network
-# (CDN) kindly provided by JSDelivr, uncomment one of the SSTATE_MIRRORS lines, not both.
-# Using the CDN rather than the yoctoproject.org address is suggested/preferred.
-#
-#BB_HASHSERVE_UPSTREAM = 'wss://hashserv.yoctoproject.org/ws'
-#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
These settings and this description are already provided in meta/conf/fragments/yocto/sstate-mirror-cdn.conf;
the fragment also drops the outdated note about having a choice between two SSTATE_MIRRORS lines
(as there is no such choice anymore).
#
# Qemu configuration
diff -uNr meta-poky/conf/templates/default/local.conf.sample.extended ../openembedded-core/meta/conf/templates/default/local.conf.sample.extended
--- meta-poky/conf/templates/default/local.conf.sample.extended 2026-02-17 12:17:55.599510358 +0100
+++ ../openembedded-core/meta/conf/templates/default/local.conf.sample.extended 2026-02-06 14:34:36.078136263 +0100
@@ -31,10 +31,11 @@
#do_fetch[number_threads] = "4"
#
-# If you want to get an image based on directfb without x11 alter
-# DISTRO_FEATURES:
-DISTRO_FEATURES:append = " directfb"
-DISTRO_FEATURES:remove = "x11"
+
+#DISTRO_FEATURES = "alsa bluetooth ext2 irda ipv4 ipv6 pcmcia usbgadget usbhost wifi nfs zeroconf pci"
+
+# If you want to get an image based on directfb without x11, Please copy this variable to build/conf/local.conf
+#DISTRO_FEATURES = "alsa bluetooth ext2 irda ipv4 ipv6 pcmcia usbgadget usbhost wifi xattr nfs zeroconf pci 3g directfb"
How to set DISTRO_FEATURES is a matter of several strong opinions, with no consensus yet. Neither of the above
is wrong. directfb is a long-obsolete technology and component.
# ENABLE_BINARY_LOCALE_GENERATION controls the generation of binary locale
# packages at build time using qemu-native. Disabling it (by setting it to 0)
@@ -178,13 +179,13 @@
# implications so they are disabled by default. To enable them,
# un-comment the below as appropriate.
#LICENSE_FLAGS_ACCEPTED = "commercial_gst-fluendo-mp3 \
-# commercial_gst-openmax \
-# commercial_gst-plugins-ugly \
-# commercial_lame \
-# commercial_libmad \
-# commercial_libomxil \
-# commercial_mpeg2dec \
-# commercial_qmmp"
+# commercial_gst-openmax \
+# commercial_gst-plugins-ugly \
+# commercial_lame \
+# commercial_libmad \
+# commercial_libomxil \
+# commercial_mpeg2dec \
+# commercial_qmmp"
Whitespace difference only.
#
@@ -263,7 +264,7 @@
#
# By including the security_flags include file you enable flags
# to the compiler and linker that cause them to generate more secure
-# code.
+# code, this is enabled by default in the poky-lsb distro.
# This does affect compile speed slightly.
#
# Use the following line to enable the security compiler and linker flags to your build
poky-lasb has been removed long ago, and oe-core can't mention it anyway.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: db4d5df
---------------------------
Revert "poky: Remove Fedora 41 from sanity tested distros list"
This reverts commit c7fa63bea78248597798739aa4da49a9f4405b9c.
This was added back to the autobuilder pool.
---------------------------
Commit: d78ac7a
---------------------------
yocto-bsps: update to v6.18.19
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
4aea1dc4cad17 Linux 6.18.19
224404f54036e bpf: drop kthread_exit from noreturn_deny
9fd37b636bc2d drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD
24fda228496c6 mm/damon/core: disallow non-power of two min_region_sz
b0d0903594dd6 io_uring/eventfd: use ctx->rings_rcu for flags checking
7cc4530b3e952 io_uring: ensure ctx->rings is stable for task work flags manipulation
ae3831b44f477 net/tcp-md5: Fix MAC comparison to be constant-time
ce2a263bc57c1 lib/crypto: tests: Depend on library options rather than selecting them
93c0a22fec914 ksmbd: Compare MACs in constant time
4af5dfb8dca3a smb: client: Compare MACs in constant time
97ea8f3bbdaef kbuild: Leave objtool binary around with 'make clean'
ba3bca40f9f25 KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated
0ff26b41c882c KVM: SVM: Add a helper to look up the max physical ID for AVIC
ba28a0dcc41ae KVM: SVM: Limit AVIC physical max index based on configured max_vcpu_ids
b7493f48c3dba KVM: arm64: Eagerly init vgic dist/redist on vgic creation
2a01a93ed2266 KVM: arm64: gic: Set vgic_model before initing private IRQs
8d02bbfb09003 mmc: dw_mmc-rockchip: Fix runtime PM support for internal phase support
5b58ba042e237 mmc: dw_mmc-rockchip: Add memory clock auto-gating support
4c3a860b96e72 drm/gud: fix NULL crtc dereference on display disable
51aa99e59d7f5 drm/gud: rearrange gud_probe() to prepare for function splitting
94b6d0ba4b640 mm: Fix a hmm_range_fault() livelock / starvation problem
fffce2310e688 cxl/acpi: Fix CXL_ACPI and CXL_PMEM Kconfig tristate mismatch
003df94bcc922 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue
b684b420a5bb0 i3c: mipi-i3c-hci: Fix race in DMA ring dequeue
a21d763335886 i3c: mipi-i3c-hci: Add missing TID field to no-op command descriptor
57f99dc660e69 i3c: mipi-i3c-hci: Restart DMA ring correctly after dequeue abort
d986d51a83f5c i3c: mipi-i3c-hci: Consolidate spinlocks
74a4f77bbf786 i3c: mipi-i3c-hci: Factor out DMA mapping from queuing path
478a99a961829 i3c: mipi-i3c-hci: Use ETIMEDOUT instead of ETIME for timeout errors
ad9da7d39cecd iio: proximity: hx9023s: Protect against division by zero in set_samp_freq
05723a2c4b09d iio: proximity: hx9023s: fix assignment order for __counted_by
70b455484a661 iio: imu: inv_icm42600: fix odr switch when turning buffer off
b5a6825579a7c iio: imu: inv_icm42600: fix odr switch to the same value
aae572ddc2857 iio: light: bh1780: fix PM runtime leak on error path
a8714d2d0df4e iio: gyro: mpu3050-i2c: fix pm_runtime error handling
ba19dd366528b iio: imu: adis: Fix NULL pointer dereference in adis_init
42685cf96e282 iio: gyro: mpu3050-core: fix pm_runtime error handling
c7ae426705b01 iio: buffer: Fix wait_queue not being removed
c528dc22d58b7 iio: chemical: bme680: Fix measurement wait duration calculation
7c5edf1025ddb iio: potentiometer: mcp4131: fix double application of wiper shift
b8a26d21c7dba iio: magnetometer: tlv493d: remove erroneous shift in X-axis data
90e978ace5985 iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()
eddba110685f8 iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas()
73dd9acb5b20b iio: frequency: adf4377: Fix duplicated soft reset mask
1b2d9e23452bd iio: dac: ds4424: reject -128 RAW value
014a021075c58 btrfs: abort transaction on failure to update root in the received subvol ioctl
5e1ab71f74a1e btrfs: add missing RCU unlock in error path in try_release_subpage_extent_buffer()
d11aefe654a04 btrfs: fix transaction abort on set received ioctl due to item overflow
9273175bf16c8 btrfs: fix transaction abort on file creation due to name hash collision
bac55dde8efa4 btrfs: fix transaction abort when snapshotting received subvolumes
9b753ece26524 smb: client: fix iface port assignment in parse_server_interfaces
92e64f1852f45 smb: client: fix in-place encryption corruption in SMB2_write()
9509b659ca7eb smb: client: fix atomic open with O_DIRECT & O_SYNC
bfbf1f286f682 lib/bootconfig: check bounds before writing in __xbc_open_brace()
6e736a18cfbd5 lib/bootconfig: fix snprintf truncation check in xbc_node_compose_key_after()
12d2b443b8606 kprobes: Remove unneeded warnings from __arm_kprobe_ftrace()
11712c4eb3840 x86/apic: Disable x2apic on resume if the kernel expects so
9f9157ee67b32 scsi: core: Fix error handling for scsi_alloc_sdev()
d24330cf241f8 lib/bootconfig: fix off-by-one in xbc_verify_tree() unclosed brace error
d2beb819045e4 powerpc64/bpf: fix the address returned by bpf_get_func_ip
2ce9b27946125 powerpc64/bpf: fix kfunc call support
4b89984f72742 powerpc/pseries: Correct MSI allocation tracking
f7eda676386c5 s390/dasd: Copy detected format information to secondary device
fe9cd8c8ee359 s390/dasd: Move quiesce state with pprc swap
950a76e82e05a s390/zcrypt: Enable AUTOSEL_DOM for CCA serialnr sysfs attribute
997967adf10ce sched_ext: Fix enqueue_task_scx() truncation of upper enqueue flags
a35be7a17c7b1 xfs: ensure dquot item is deleted from AIL only after log shutdown
446a1f5bb64ba xfs: fix undersized l_iclog_roundoff values
ca504d2601b3b xfs: fix returned valued from xfs_defer_can_append
2b4492d9ed0f2 xfs: fix integer overflow in bmap intent sort comparator
316cc7b63fd58 cifs: make default value of retrans as zero
50ad880db3013 io_uring/kbuf: check if target buffer list is still legacy on recycle
950bda065b05e qmi_wwan: allow max_mtu above hard_mtu to control rx_urb_size
8738dcc844fff net-shapers: don't free reply skb after genlmsg_reply()
eb613e3d38abb tracing: Fix trace_buf_size= cmdline parameter with sizes >= 2G
18bef795332b0 tracing: Fix enabling multiple events on the kernel command line and bootconfig
9ecea60f132da drm/msm/dpu: Correct the SA8775P intr_underrun/intr_underrun index
38f1640db7f8b drm/amd: Fix a few more NULL pointer dereference in device cleanup
a751a1230533f drm/msm: Fix dma_free_attrs() buffer size
0189bf176dbe6 drm/i915/psr: Repeat Selective Update area alignment
eae4bf4107571 drm/i915: Fix potential overflow of shmem scatterlist length
46275c56e7475 drm/bridge: ti-sn65dsi83: halve horizontal syncs for dual LVDS output
818ebb298a753 drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding
43025c941aced drm/amd: Fix NULL pointer dereference in device cleanup
57579312e0e87 drm/amd: Set num IP blocks to 0 if discovery fails
7885eb335d8f9 drm/amdgpu: Fix use-after-free race in VM acquire
33c3a4db31719 drm/amd/pm: remove invalid gpu_metrics.energy_accumulator on smu v13.0.x
6c58a9fdb0d0e net: dsa: microchip: Fix error path in PTP IRQ setup
8efd5dcd31e22 net: ethernet: arc: emac: quiesce interrupts before requesting IRQ
b70c4e5e71193 net: ncsi: fix skb leak in error paths
ab5ebab966421 net: nexthop: fix percpu use-after-free in remove_nh_grp_entry
3224990fb16a8 net: mctp: fix device leak on probe failure
1d6abf145615d ksmbd: fix use-after-free by using call_rcu() for oplock_info
8f5b1a7cb009a smb: server: fix use-after-free in smb2_open()
dbbd328cf5826 ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close()
146691daf293c memcg: fix slab accounting in refill_obj_stock() trylock path
159aebd20e0e9 slab: distinguish lock and trylock for sheaf_flush_main()
8938a9c60d9ae s390/xor: Fix xor_xc_5() inline assembly
1a34999922ba6 drm/amd/display: Fallback to boot snapshot for dispclk
b9a944d0a1d3a s390/xor: Fix xor_xc_2() inline assembly constraints
87f0349beaaca ata: libata-core: Disable LPM on ST1000DM010-2EP102
a547ffcb9b1d5 s390/stackleak: Fix __stackleak_poison() inline assembly constraint
d0e63feca3808 crypto: ccp - allow callers to use HV-Fixed page API when SEV is disabled
a4d0e2c416db0 pmdomain: bcm: bcm2835-power: Fix broken reset status read
f29b08755103f regulator: pf9453: Respect IRQ trigger settings from firmware
4387b2cc9a630 io_uring/net: reject SEND_VECTORIZED when unsupported
823fb431e4af8 parisc: Check kernel mapping earlier at bootup
6f92a7a8b48a5 arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS faults
396dec23e9024 parisc: Fix initial page table creation for boot
857473efe9341 io_uring/zcrx: use READ_ONCE with user shared RQEs
73a7a34581694 hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read
439b5fb7280a3 arm64: mm: Add PTE_DIRTY back to PAGE_KERNEL* to fix kexec/hibernation
ad8fa5bff53f5 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
6e6e28898e015 parisc: Increase initial mapping to 64 MB with KALLSYMS
5737b279a28b6 pmdomain: rockchip: Fix PD_VCODEC for RK3588
e9b0a6ffe8b95 drm/xe/xe2_hpg: Correct implementation of Wa_16025250150
2ab9f2531d377 batman-adv: Avoid double-rtnl_lock ELP metric worker
a269cbdc442f8 net/tcp-ao: Fix MAC comparison to be constant-time
12db29803c19e tracing: Fix syscall events activation by ensuring refcount hits zero
f6e7c4f406b68 ice: fix retry for AQ command 0x06EE
678d5802556b3 net: mana: Ring doorbell at 4 CQ wraparounds
8bde543d2a5f9 media: dvb-net: fix OOB access in ULE extension header tables
9e16152a7e337 selftests: fix mntns iteration selftests
ace46763b282d pinctrl: cy8c95x0: Don't miss reading the last bank registers
4dd2d9cf563c5 staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie
6d62fa548387e staging: rtl8723bs: properly validate the data in rtw_get_ie_ex()
ea535b9894d77 staging: sm750fb: add missing pci_release_region on error and removal
6b9cb42cfdb36 mm/slab: fix an incorrect check in obj_exts_alloc_size()
ce0aa47c963b8 mm/damon/core: clear walk_control on inactive context in damos_walk()
7c19757394ddf ixgbevf: fix link setup issue
216176bcfd2bd kunit: irq: Ensure timer doesn't fire too frequently
decd9942655db ice: reintroduce retry mechanism for indirect AQ
ca19f8f51064f iomap: reject delalloc mappings during writeback
7bdf00ed75c47 btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies()
f42b4afdd1f89 irqchip/gic-v3-its: Limit number of per-device MSIs to the range the ITS supports
32752c3e81498 device property: Allow secondary lookup in fwnode_get_next_child_node()
019debe5851d7 nfsd: Fix cred ref leak in nfsd_nl_listener_set_doit().
db377ed4ecca4 arm64: gcs: Honour mprotect(PROT_NONE) on shadow stack mappings
584926c26f0b7 bpf: Fix kprobe_multi cookies access in show_fdinfo callback
415aed08de0ee s390/pfault: Fix virtual vs physical address confusion
af65cd1853599 drm/xe/sync: Cleanup partially initialized sync on parse failure
58e6e3d39c286 ipmi:si: Fix check for a misbehaving BMC
19e1931841e44 gpiolib: normalize the return value of gc->get() on behalf of buggy drivers
32cca65189823 drm/i915/alpm: ALPM disable fixes
214b6bde0e941 nouveau/gsp: drop WARN_ON in ACPI probes
9b7855110fd75 ipmi:si: Handle waiting messages when BMC failure detected
bc001cd1a4824 drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used
e6d779654cda6 drm/bridge: samsung-dsim: Fix memory leak in error path
1df500f363bc8 ipmi:si: Use a long timeout when the BMC is misbehaving
68d7fcb6a451c ipmi:si: Don't block module unload if the BMC is messed up
06ef2ba582c68 drm/amd: Disable MES LR compute W/A
b1d10508da559 drm/amdgpu: add upper bound check on user inputs in wait ioctl
762f47e2b8243 drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl
6fff5204d8aa2 drm/amdgpu: add upper bound check on user inputs in signal ioctl
6bfda7ce56e7d cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
4729c7b00a347 kthread: consolidate kthread exit paths to prevent use-after-free
8a259a5c70ddc Revert "ptdesc: remove references to folios from __pagetable_ctor() and pagetable_dtor()"
ae931283b2f37 Revert "tcpm: allow looking for role_sw device in the main node"
21a13db8d449b scsi: hisi_sas: Fix NULL pointer exception during user_scan()
b17211b512cbf scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend
98074e16742ae powerpc, perf: Check that current->mm is alive before getting user callchain
9e84113ea6ec2 i3c: dw-i3c-master: Set SIR_REJECT in DAT on device attach and reattach
2d845604ca4fb time/jiffies: Mark jiffies_64_to_clock_t() notrace
2e8e9aea8cd5a ALSA: usb-audio: Improve Focusrite sample rate filtering
097cd68f46686 ceph: fix memory leaks in ceph_mdsc_build_path()
7335e21830b8d ceph: do not skip the first folio of the next object in writeback
7db008e85a5d1 ceph: fix i_nlink underrun during async unlink
bdf614c81081b libceph: admit message frames only in CEPH_CON_S_OPEN state
ba0a4df8c5635 libceph: Use u32 for non-negative values in ceph_monmap_decode()
69fe5af33fa38 libceph: prevent potential out-of-bounds reads in process_message_header()
fc4d944dbaee9 libceph: reject preamble if control segment is empty
f9da5c1bbac5c libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()
8be8911f59081 ceph: add a bunch of missing ceph_path_info initializers
cae928e3178c7 kprobes: avoid crash when rmmod/insmod after ftrace killed
2754e7b3d6474 tipc: fix divide-by-zero in tipc_sk_filter_connect()
22b05abb17e3c ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start
0e06cc511c61c mmc: core: Avoid bitfield RMW for claim/retune flags
45785772d538b mm/kfence: disable KFENCE upon KASAN HW tags enablement
24743b77cae33 mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index()
63826cf084468 mm/kfence: fix KASAN hardware tag faults during late enablement
6dc0919dc7820 mm/tracing: rss_stat: ensure curr is false from kthread context
e584cb58a2ea7 usb: gadget: f_ncm: Fix net_device lifecycle with device_move
ef7d456d1e887 Revert "usb: gadget: u_ether: add gether_opts for config caching"
05dc0c098ca11 Revert "usb: gadget: f_ncm: align net_device lifecycle with bind/unbind"
d2a08ea03830b Revert "usb: gadget: u_ether: Add auto-cleanup helper for freeing net_device"
56cb551d2a33d Revert "usb: legacy: ncm: Fix NPE in gncm_bind"
8a607bae3a0a4 Revert "usb: gadget: f_ncm: Fix atomic context locking issue"
be5738d19bed2 usb: legacy: ncm: Fix NPE in gncm_bind
e533a44fb1b33 usb: gadget: f_ncm: Fix atomic context locking issue
679d9535aeb15 usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling
b7fed917f84e4 usb: image: mdc800: kill download URB on timeout
513041c71356d usb: gadget: uvc: fix interval_duration calculation
4cc30a5fc8832 usb: mdc800: handle signal and read racing
c0b28a042174c usb: gadget: f_hid: fix SuperSpeed descriptors
0b7d11fd6e742 usb: renesas_usbhs: fix use-after-free in ISR during device removal
67ed312124bb1 usb: class: cdc-wdm: fix reordering issue in read code path
64f3d75633aed USB: core: Limit the length of unkillable synchronous timeouts
6cb7dc91f057d USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts
f7e115af48745 USB: usbcore: Introduce usb_bulk_msg_killable()
ac207d57bbb06 usb: typec: altmode/displayport: set displayport signaling rate in configure message
8c9521a5877e5 usb: roles: get usb role switch from parent only for usb-b-connector
9459b5731cd8b usb: cdc-acm: Restore CAP_BRK functionnality to CH343
82f7b4350b9d9 usb: core: don't power off roothub PHYs if phy_set_mode() fails
1a99da68a5a9c usb: misc: uss720: properly clean up reference in uss720_probe()
69f090f5e7298 usb: dwc3: pci: add support for the Intel Nova Lake -H
a41d3d9202e95 usb: yurex: fix race in probe
cd41e0d1df8fc usb: xhci: Prevent interrupt storm on host controller error (HCE)
c65f1b840ab8c usb: xhci: Fix memory leak in xhci_disable_slot()
8043f1c3c89dd USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed
ba3b951b7f7ae usb/core/quirks: Add Huawei ME906S-device to wakeup quirk
e2554ffa8c252 USB: add QUIRK_NO_BOS for video capture several devices
213e82ccdea58 KVM: arm64: pkvm: Fallback to level-3 mapping on host stage-2 fault
c513bbd7da534 KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC
b058c30cdf7d5 KVM: x86: Introduce KVM_X86_QUIRK_VMCS12_ALLOW_FREEZE_IN_SMM
686c8f16112c8 KVM: arm64: Fix protected mode handling of pages larger than 4kB
e0f582406c3e4 ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA
08da6c7ed70f0 ata: libata-core: Add BRIDGE_OK quirk for QEMU drives
f90768ed813bf rust: str: make NullTerminatedFormatter public
887098159d705 rust: kbuild: allow `unused_features`
dd109e3442817 rust_binder: call set_notification_done() without proc lock
e19afb53f7723 rust_binder: avoid reading the written value in offsets array
20a01f20d1f40 rust_binder: check ownership before using vma
edf685946c4ac rust_binder: fix oneway spam detection
3e89ddbaaea2f net: usb: lan78xx: skip LTM configuration for LAN7850
20ce2bd1c1848 net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect
f62ec1babb2ae net: usb: lan78xx: fix TX byte statistics for small packets
fa41007be691b net: usb: lan78xx: fix silent drop of packets with checksum errors
00293f362712b can: gs_usb: gs_can_open(): always configure bitrates before starting device
3d542cf3c4c85 ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces
4a758e9a1f5ed ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain()
6eaaa67d6998f sched_ext: Remove redundant css_put() in scx_cgroup_init()
86ceaccfdfa16 cgroup: fix race between task migration and iteration
1051eb2f53886 drm/amdgpu: ensure no_hw_access is visible before MMIO
3428dc5520c81 usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks()
678f1212f77bf iio: imu: inv-mpu9150: fix irq ack preventing irq storms
86f00a9e50b4a net: prevent NULL deref in ip[6]tunnel_xmit()
7065d73a78ba7 octeontx2-af: devlink: fix NIX RAS reporter to use RAS interrupt status
c9d6bf8d139a9 octeontx2-af: devlink: fix NIX RAS reporter recovery condition
8ded073fc8cdc net: ethernet: ti: am65-cpsw-nuss: Fix rx_filter value for PTP support
c1d06ccbee468 net: ti: am65-cpsw: move hw timestamping to ndo callback
59489ce60d741 net/mana: Null service_wq on setup error to prevent double destroy
103e4fedb4784 neighbour: restore protocol != 0 check in pneigh update
f7f12d551d611 net: dsa: realtek: Fix LED group port bit for non-zero LED group
95faa1459b83f net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled
84c1adb60fdba perf synthetic-events: Fix stale build ID in module MMAP2 records
529c985da1b27 drm/amdkfd: Unreserve bo if queue update failed
b3b56d60fee16 ASoC: detect empty DMI strings
790851ecc983c ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition
9a3106a81fc3c ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address()
e987bc1d2e8d4 net: bcmgenet: fix broken EEE by converting to phylib-managed state
53480725b1395 page_pool: store detach_time as ktime_t to avoid false-negatives
30e87ade8d678 e1000/e1000e: Fix leak in DMA error cleanup
981e2805e48fc i40e: fix src IP mask checks and memcpy argument names in cloud filter
75e0a631c3a13 iavf: fix incorrect reset handling in callbacks
1b034f2429ce6 iavf: fix PTP use-after-free during reset
98b36857f3584 drivers: net: ice: fix devlink parameters get without irdma
b56c49897bdac nvme-pci: Fix race bug in nvme_poll_irqdisable()
328c551f0cc81 nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set
3cf2d7ca48289 sched: idle: Make skipping governor callbacks more consistent
a422159d766ad perf ftrace: Fix hashmap__new() error checking
f7e52a24e5b76 regulator: pca9450: Correct probed name for PCA9452
55ca06f54f57f regulator: pca9450: Add support for setting debounce settings
ec1427731244d regulator: pca9450: Correct interrupt type
0b6803777c003 perf annotate: Fix hashmap__new() error checking
f5ef97c131655 netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels
05018cd9370f7 netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()
9853d94b82d30 netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path
bc18551c6169e netfilter: x_tables: guard option walkers against 1-byte tail reads
e047f6fbb975f netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop()
de47a88c6b807 netfilter: nf_tables: always walk all pending catchall elements
6d2a95c689057 netfilter: nf_tables: Fix for duplicate device in netdev hooks
8a57deeb25606 net: add xmit recursion limit to tunnel xmit functions
f0679522f8ded amd-xgbe: prevent CRC errors during RX adaptation with AN disabled
cf51e5853398e amd-xgbe: fix link status handling in xgbe_rx_adaptation
925a5ffd99cdd mctp: route: hold key->lock in mctp_flow_prepare_output()
6ac890f1d60ac bonding: fix type confusion in bond_setup_by_slave()
474211fb4a1df bonding: use common function to compute the features
3c5de399a4427 can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value
1ec54187e1aa4 mctp: i2c: fix skb memory leak in receive path
569e6e72c4578 bnxt_en: Fix RSS table size check when changing ethtool channels
35b58d3bc716e serial: caif: hold tty->link reference in ldisc_open and ser_release
ecb4ed7a723f0 net: sfp: improve Huawei MA5671a fixup
ce0b8fd5e3554 ASoC: simple-card-utils: fix graph_util_is_ports0() for DT overlays
7d33e61409454 ASoC: soc-core: flush delayed work before removing DAIs and widgets
a4aa08c820f4f ASoC: soc-core: drop delayed_work_pending() check before flush
b6051f2bdd4bd spi: rockchip-sfc: Fix double-free in remove() callback
0a83d6c9e149a spi: amlogic: spifc-a4: Fix DMA mapping error handling
fc7735caf016a drm/sitronix/st7586: fix bad pixel data due to byte swap
c34ebd7b24ea7 net: spacemit: Fix error handling in emac_tx_mem_map()
045545790fea7 net: spacemit: Fix error handling in emac_alloc_rx_desc_buffers()
d55fa7cd4b19b rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()
0bad9c86edd22 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit
c74557495efb4 net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ
7d7342a18fadc net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ
ce1b19dd0684e net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery
cbd8494fdd6cc net/mlx5: Fix peer miss rules host disabled checks
835778685f157 net/mlx5: Fix crash when moving to switchdev mode
4a7838bebc383 net/mlx5: Fix deadlock between devlink lock and esw->wq
6aaf15f376b0e bonding: handle BOND_LINK_FAIL, BOND_LINK_BACK as valid link states
ab1bcadc7e517 bonding: do not set usable_slaves for broadcast mode
2ee3645e0f3f4 drm/amd/pm: add missing od setting PP_OD_FEATURE_ZERO_FAN_BIT for smu v14
4c32155265b67 drm/amd/pm: add missing od setting PP_OD_FEATURE_ZERO_FAN_BIT for smu v13
6b4a1ff808851 drm/msm/dsi: fix pclk rate calculation for bonded dsi
5f5d956b2ce00 net: dsa: realtek: rtl8365mb: remove ifOutDiscards from rx_packets
98754dda67296 dt-bindings: display/msm: qcom,sm8750-mdss: Fix model typo
676826aeddb57 perf disasm: Fix off-by-one bug in outside check
ce69c1b753746 workqueue: Use POOL_BH instead of WQ_BH when checking pool flags
a39b75c3f4226 btrfs: hold space_info->lock when clearing periodic reclaim ready
8127b5fec0475 xprtrdma: Decrement re_receiving on the early exit paths
2871bb923ff8f drm/msm/dsi: fix hdisplay calculation when programming dsi registers
203c792cb4315 nfs: return EISDIR on nfs3_proc_create if d_alias is a dir
28a72f653832a smb/server: Fix another refcount leak in smb2_open()
f426a493db33d powerpc: 83xx: km83xx: Fix keymile vendor prefix
ba021fb575084 remoteproc: mediatek: Unprepare SCP clock during system suspend
bf39fed5f22cb remoteproc: sysmon: Correct subsys_name_len type in QMI request
b7b634be76582 powerpc/crash: adjust the elfcorehdr size
c171a5f799546 powerpc/kexec/core: use big-endian types for crash variables
d5697cf3b91d8 kexec: Include kernel-end even without crashkernel
b3c074a394c66 powerpc/uaccess: Fix inline assembly for clang build on PPC32
71c57e74baa06 ALSA: usb-audio: Check max frame size for implicit feedback mode, too
31e6595fd1a05 drm/amdgpu/vcn5: Add SMU dpm interface type
716fc40446912 ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0
5faf0ce7d784a scsi: ufs: core: Fix shift out of bounds when MAXQ=32
f4f590c6c9df7 scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace()
87aa0f91ee49e ASoC: cs42l43: Report insert for exotic peripherals
c072370ad67dd ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table
7035ef0f20bab scsi: ses: Fix devices attaching to different hosts
8c61a746f7bb8 ACPI: OSI: Add DMI quirk for Acer Aspire One D255
e03d7bddf0ecc wifi: mac80211: set default WMM parameters on all links
af8f4be3b68ac unshare: fix unshare_fs() handling
6407e8baef0ac ALSA: hda/realtek: Fix speaker pop on Star Labs StarFighter
e978a36f332ed scsi: mpi3mr: Add NULL checks when resetting request and reply queues
379e19e820dd1 fs: init flags_valid before calling vfs_fileattr_get
22e54d67b2f57 scsi: ufs: core: Reset urgent_bkops_lvl to allow runtime PM power mode
55d1e86cb0c90 ACPI: PM: Save NVS memory on Lenovo G70-35
c2e73d8acd056 scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 00e02dc
---------------------------
yocto-bsps: update to v6.18.18
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
3318f10fa289 Linux 6.18.18
6c5e8f16b5e8 ata: libata: cancel pending work after clearing deferred_qc
13bc2772414d apparmor: fix race between freeing data and fs accessing it
af782cc8871e apparmor: fix race on rawdata dereference
623a9d211bbb apparmor: fix differential encoding verification
b60b3f7a35c4 apparmor: fix unprivileged local user can do privileged policy management
7998ab3010d2 apparmor: Fix double free of ns_name in aa_replace_profiles()
5a68e46dfe0c apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
0510d1ba0976 apparmor: fix side-effect bug in match_char() macro usage
d42b2b6bb77c apparmor: fix: limit the number of levels of policy namespaces
7eade846e013 apparmor: replace recursive profile removal with iterative approach
4f0889f2df1a apparmor: fix memory leak in verify_header
0baadb0eece2 apparmor: validate DFA start states are in bounds in unpack_pdb
380ad8b7c65e net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks
04d75529dc0f net/sched: act_gate: snapshot parameters with RCU on replace
93ea7e1363fb Linux 6.18.17
8a185304e42e selftests/bpf: Avoid simplification of crafted bounds test
63b548c86299 bpf: collect only live registers in linked regs
2ce8ece5a78d tracing: Add NULL pointer check to trigger_data_free()
52decf013d53 selftest/arm64: Fix sve2p1_sigill() to hwcap test
d15ba004b321 ata: libata-eh: Fix detection of deferred qc timeouts
98cd8b4d0b83 xdp: produce a warning when calculated tailroom is negative
45a41aecf5e5 net: enetc: use truesize as XDP RxQ info frag_size
f1ac9d19721b i40e: use xdp.frame_sz as XDP RxQ info frag_size
b6176646c36d i40e: fix registering XDP RxQ info
ff7f356cdbb4 xsk: introduce helper to determine rxq->frag_size
2a9e6ecf0e85 xdp: use modulo operation to calculate XDP frag tailroom
cd888c396667 net/sched: act_ife: Fix metalist update behavior
b3b5a037d520 net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop
fbbd2118982c net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled
33dec6f10777 net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled
d3b1c4c70da5 selftests/harness: order TEST_F and XFAIL_ADD constructors
0168443a5db5 kselftest/harness: Use helper to avoid zero-size memset warning
6f95b5952027 net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()
500a50a301ce netfilter: nft_set_pipapo: split gc into unlink and reclaim phase
9154945a6394 netfilter: nf_tables: clone set on flush only
6826131c7674 netfilter: nf_tables: unconditionally bump set->nelems before insertion
6624d1727f3a net: Provide a PREEMPT_RT specific check for netdev_queue::_xmit_lock
c3e8c75fcb2e block: use trylock to avoid lockdep circular dependency in sysfs
6b0e35123ba4 net: stmmac: Defer VLAN HW configuration when interface is down
15e8ef336895 net: stmmac: Fix VLAN HW state restore
8b8b97eaecae net: stmmac: Improve double VLAN handling
d55a39435c20 net: stmmac: Fix error handling in VLAN add and delete paths
edc988613def nfc: rawsock: cancel tx_work before socket teardown
b3fdbc7f59cd nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback
91ff0d8c3464 nfc: nci: complete pending data exchange on device close
9d448bbab724 nfc: nci: free skb on nci_transceive early error paths
a77a5423e9c6 net: devmem: use READ_ONCE/WRITE_ONCE on binding->dev
4596f44d4f5b net_sched: sch_fq: clear q->band_pkt_count[] in fq_reset()
1c46edf20f82 net: nfc: nci: Fix zero-length proprietary notifications
eae2f14ab2ef tcp: secure_seq: add back ports to TS offset
8314944cc3bd net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs
d9d4ed40b3be hwmon: (max6639) fix inverted polarity
de4ea10ae6b4 timekeeping: Fix timex status validation for auxiliary clocks
5a501379a010 nvme: fix memory allocation in nvme_pr_read_keys()
76f327fa4f1b nvme: reject invalid pr_read_keys() num_keys values
05e3f01974d0 drm/xe/reg_sr: Fix leak on xa_store failure
3c8852cff2bb drm/xe/gsc: Fix GSC proxy cleanup on early initialization failure
1c72e7b0b442 i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock"
da09dfc90cb7 drm/sched: Fix kernel-doc warning for drm_sched_job_done()
5649775b3ebf amd-xgbe: fix sleep while atomic on suspend/resume
7e4ad34a8889 net: ipv4: fix ARM64 alignment fault in multipath hash seed
0b5a78260207 ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()
5566a9eeb00e smb/client: fix buffer size for smb311_posix_qinfo in SMB311_posix_query_info()
b751369b03c8 smb/client: fix buffer size for smb311_posix_qinfo in smb2_compound_op()
3eeddb80191f bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim
ba47e3371764 igb: Fix trigger of incorrect irq in igb_xsk_wakeup
2199e190cf6b iavf: fix netdev->max_mtu to respect actual hardware limit
0138d1cdb19f libie: don't unroll if fwlog isn't supported
b9333d41ee03 ice: fix adding AQ LLDP filter for VF
1e077c65e020 xen/acpi-processor: fix _CST detection using undersized evaluation buffer
6ce948fa5459 net/rds: Fix circular locking dependency in rds_tcp_tune
ca795bf1230b indirect_call_wrapper: do not reevaluate function pointer
9612d91f6172 wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()
2831a8c57454 wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211()
f4cdf6b43689 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
fcef983ad888 wifi: wlcore: Fix a locking bug
f98c195052ab wifi: cw1200: Fix locking in error paths
93e00a88951d octeon_ep_vf: avoid compiler and IQ/OQ reordering
04a9f26d63d9 octeon_ep_vf: Relocate counter updates before NAPI
986904ab1613 octeon_ep: avoid compiler and IQ/OQ reordering
142a789a51d5 octeon_ep: Relocate counter updates before NAPI
0ace8027e41f bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded
d95de5acbf9e net: dsa: realtek: rtl8365mb: fix rtl8365mb_phy_ocp_write return value
01f5b85fa0da kunit: tool: copy caller args in run_kernel to prevent mutation
3589cc8f56c1 rust: kunit: fix warning when !CONFIG_PRINTK
7f971dfd4898 drm/xe/configfs: Free ctx_restore_mid_bb in release
303b446f2e8f drm/xe: Do not preempt fence signaling CS instructions
7196a1ff7b9a drm/syncobj: Fix handle <-> fd ioctls with dirty stack
95ed07644b2c wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config
d27f12c3f5e8 can: mcp251x: fix deadlock in error path of mcp251x_open
8215ba7bc99e can: bcm: fix locking for bcm_op runtime updates
d8e38dc605c1 amd-xgbe: fix MAC_TCR_SS register width for 2.5G and 10M speeds
d5947c3d2d14 net: ti: icssg-prueth: Fix ping failure after offload mode setup when link speed is not 1G
7ea92ab075d8 atm: lec: fix null-ptr-deref in lec_arp_clear_vccs
00f42ace446f dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler
6a674e0b19b0 xsk: Fix zero-copy AF_XDP fragment drop
645c6d8376ad xsk: Fix fragment node deletion to prevent buffer leak
2fc623e17854 tcp: give up on stronger sk_rcvbuf checks (for now)
b955350778b8 udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected.
f5fc6fead277 inet: annotate data-races around isk->inet_num
3d8f35e182c8 nvme-multipath: fix leak on try_module_get failure
79cc5a4c311f net: ethernet: ti: am65-cpsw-nuss/cpsw-ale: Fix multicast entry handling in ALE table
f17c1c4acbe2 net: annotate data-races around sk->sk_{data_ready,write_space}
f30b95159a53 nvmet-fcloop: Check remoteport port_state before calling done callback
72d08d283964 netfs: Fix unbuffered/DIO writes to dispatch subrequests in strict sequence
54b3701901af drm/solomon: Fix page start when updating rectangle in page addressing mode
ee8e4b7469b4 e1000e: clear DPG_EN after reset to avoid autonomous power-gating
9e0f09182157 i40e: Fix preempt count leak in napi poll tracepoint
e9669c2d0535 ice: recap the VSI and QoS info after rebuild
4458f9f198f5 idpf: Fix flow rule delete failure due to invalid validation
e7fca8b7fb6f idpf: change IRQ naming to match netdev and ethtool queue numbering
8f742f495ddb idpf: increment completion queue next_to_clean in sw marker wait routine
d146275655bb hwmon: (it87) Check the it87_lock() return value
ea07fcfbba43 pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()
acbcfe2f8e64 pinctrl: meson: amlogic-a4: Fix device node reference leak in aml_dt_node_to_map_pinmux()
6359d2d52c95 pinctrl: generic: move function to amlogic-am4 driver
2c091292ca42 HID: multitouch: new class MT_CLS_EGALAX_P80H84
ade03840f829 module: Remove duplicate freeing of lockdep classes
55aefe1647a6 platform/x86: thinkpad_acpi: Fix errors reading battery thresholds
82f1bb0ad480 pinctrl: qcom: qcs615: Add missing dual edge GPIO IRQ errata flag
53eba152810e pinctrl: equilibrium: fix warning trace on load
2c947684bdaa pinctrl: equilibrium: rename irq_chip function callbacks
9833ed224aad hwmon: (aht10) Fix initialization commands for AHT20
9c1984180260 hwmon: (aht10) Add support for dht20
e159eb852aee nvme: fix admin queue leak on controller reset
038158492979 drm/amd/display: Use GFP_ATOMIC in dc_create_stream_for_sink
a5c070aaf796 Bluetooth: Fix CIS host feature condition
d8a286503553 net: stmmac: remove support for lpi_intr_o
999ff1af649c platform/x86: hp-bioscfg: Support allocations of larger data
0c578e8065c4 ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths
c08ec55617cb ipmi: Fix use-after-free and list corruption on sender error
3c3462e9ae35 ASoC: fsl_xcvr: provide regmap names
227eb258c2cb ASoC: fsl_xcvr: use dev_err_probe() replacing dev_err() + return
3d46af0f8b28 ARM: clean up the memset64() C wrapper
54e841a03606 Revert "netfilter: nft_set_rbtree: validate open interval overlap"
861aa1be41bc kbuild: Split .modinfo out from ELF_DETAILS
bc2110c10128 selftests: mptcp: join: check removing signal+subflow endp
23ec7f54a9d6 selftests: mptcp: join: check RM_ADDR not sent over same subflow
ee6ce81a24a4 selftests: mptcp: more stable simult_flows tests
a64aa7db3939 mptcp: pm: in-kernel: always mark signal+subflow endp as used
19a258d03d08 mptcp: pm: avoid sending RM_ADDR over same subflow
944a333c8e4d scsi: core: Fix refcount leak for tagset_refcnt
86163b98891a smb: client: fix oops due to uninitialised var in smb2_unlink()
2ef0fc3bf49d smb: client: Don't log plaintext credentials in cifs_set_cifscreds
134596a6e4be smb: client: fix broken multichannel with krb5+signing
0786f9422cbf smb: client: fix cifs_pick_channel when channels are equally loaded
5a34959a2ab1 xfs: Fix error pointer dereference
b135cd653d1b xfs: fix xfs_group release bug in xfs_dax_notify_dev_failure
4e8935053ba3 drbd: fix null-pointer dereference on local read error
d1ef3aed4df2 drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()
01ee0bcc2986 Squashfs: check metadata block offset is within range
0524ee56af2c mm: thp: deny THP for files on anonymous inodes
9a5641024fbf scsi: target: Fix recursive locking in __configfs_open_file()
cdd96641b642 tracing: Fix WARN_ON in tracing_buffers_mmap_close
27c13c5bb094 nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().
a6677e23b313 net/sched: ets: fix divide by zero in the offload path
ca1684dd297b arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled
a1850e2aef4d cpufreq: intel_pstate: Fix crash during turbo disable
a6f3e0fa8e86 RDMA/ionic: Fix kernel stack leak in ionic_create_cq()
cfe962216c16 RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()
deee46b37ebd IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
2764dcb3c35d net: phy: register phy led_triggers during probe to avoid AB-BA deadlock
07e0c80e17ef gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL
2b6c942a5266 Bluetooth: purge error queues in socket destructors
cc6d5a3c0a85 wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()
f35ceec54d48 wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration
584279ad9ff1 wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()
ed7d30f90b77 wifi: libertas: fix use-after-free in lbs_free_adapter()
2f8ceeba6706 wifi: radiotap: reject radiotap with unknown bits
bf21bfd63e01 ALSA: hda/realtek: add quirk for Samsung Galaxy Book Flex (NT950QCT-A38A)
36facbc94803 ALSA: hda/realtek: Add quirk for Acer Aspire V3-572G
7eb2d1ce7b45 ALSA: hda/realtek: fix model name typo for Samsung Galaxy Book Flex (NT950QCG-X716)
27338f3360ef ALSA: hda/intel: increase default bdl_pos_adj for Nvidia controllers
1e5753ff4c2e ALSA: usb-audio: Use correct version for UAC3 header validation
be7e624f24df ALSA: doc: usb-audio: Add doc for QUIRK_FLAG_SKIP_IFACE_SETUP
8d70dff4a2e2 ALSA: hda/realtek: Add quirk for HP Pavilion 15-eh1xxx to enable mute LED
5f935f133107 platform/x86: dell-wmi: Add audio/mic mute key codes
bf84193d9130 platform/x86: alienware-wmi-wmax: Add G-Mode support to m18 laptops
5de34126fb2e platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
c42a92d685c4 x86/boot/sev: Move SEV decompressor variables into the .data section
a586788a669b x86/sev: Allow IBPB-on-Entry feature for SNP guests
c7258d2010e6 x86/boot: Handle relative CONFIG_EFI_SBAT_FILE file paths
87aeec43ccb9 perf/x86/intel/uncore: Add per-scheduler IMC CAS count events
f9e9cc320854 x86/efi: defer freeing of boot services memory
aaca71f8562f HID: multitouch: Keep latency normal on deactivate for reactivation gesture
d1edc027a4b0 HID: pidff: Fix condition effect bit clearing
20864e3e41c7 HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them
b9a606417999 can: usb: f81604: handle bulk write errors properly
36ead5744314 can: usb: f81604: handle short interrupt urb messages properly
18eee279e9b5 can: usb: etas_es58x: correctly anchor the urb in the read bulk callback
aa9e0a7fe5ef can: ucan: Fix infinite loop from zero-length messages
f6d80b104f90 can: usb: f81604: correctly anchor the urb in the read bulk callback
1cf469026d4a can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message
c3f1672eaea6 net: usb: pegasus: validate USB endpoints
011684cd1834 net: usb: kalmia: validate USB endpoints
2795fc06e765 net: usb: kaweth: validate USB endpoints
00477cab053d nfc: pn533: properly drop the usb interface reference on disconnect
cfd94642025e media: dvb-core: fix wrong reinitialization of ringbuffer on reopen
3acc627f235a namespace: fix proc mount iteration
a80161c20370 eventpoll: Fix integer overflow in ep_loop_check_proc()
14a1db2486fa net: arcnet: com20020-pci: fix support for 2.5Mbit cards
9498fa25a0b0 drm/i915/dp: Fix pipe BPP clamping due to HDR
99f617ea2ff0 drm/i915/dp: Fail state computation for invalid DSC source input BPP values
b05ed70feb66 LoongArch: Remove some extern variables in source files
079deecc2c9f LoongArch: Handle percpu handler address for ORC unwinder
e7c58045ad8c LoongArch: Remove unnecessary checks for ORC unwinder
e653c0718cf5 mm/slab: use prandom if !allow_spin
d3043852fffa slub: remove CONFIG_SLUB_TINY specific code paths
58aef054b290 hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race
378dff71efdd drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected()
6c80b35076bc PM: sleep: core: Avoid bit field races related to work_in_progress
5ec1d82f00b1 btrfs: zoned: fixup last alloc pointer after extent removal for RAID0/10
4b508c53f3c5 btrfs: define the AUTO_KFREE/AUTO_KVFREE helper macros
d2cfea67b1b9 KVM: x86: Add x2APIC "features" to control EOI broadcast suppression
c6db0f4a1659 PCI: dwc: ep: Fix resizable BAR support for multi-PF configurations
7c0c4b7e84b7 PCI: dwc: Remove duplicate dw_pcie_ep_hide_ext_capability() function
794b08c50128 PCI: dwc: Add new APIs to remove standard and extended Capability
26f9e895616b PCI: Add preceding capability position support in PCI_FIND_NEXT_*_CAP macros
7d610f643b04 ARM: dts: imx53-usbarmory: Replace license text comment with SPDX identifier
f50c91272425 ACPI: APEI: GHES: Disable KASAN instrumentation when compile testing with clang < 18
0a654ac440c1 ACPI: APEI: GHES: Add helper for CPER CXL protocol errors checks
baf4b13a4efc clk: tegra: tegra124-emc: fix device leak on set_rate()
e5bdc2159f8b arm64: dts: rockchip: Fix rk3588 PCIe range mappings
7f8f4acf3926 arm64: dts: rockchip: Fix rk356x PCIe range mappings
e70d5feb10c5 iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode
976c7a3750f7 Input: synaptics_i2c - guard polling restart in resume
9f5158454eae Input: synaptics_i2c - replace use of system_wq with system_dfl_wq
1aa5833f29b8 media: iris: Add missing platform data entries for SM8750
448a7662ae13 media: iris: remove v4l2_m2m_ioctl_{de,en}coder_cmd API usage during STOP handling
2698731d2582 ext4: don't set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O
e56d023da379 ext4: correct the comments place for EXT4_EXT_MAY_ZEROOUT
663efc5aac21 x86/uprobes: Fix XOL allocation failure for 32-bit tasks
f7df71d26b30 unwind_user/x86: Teach FP unwind about start of function
b9537a51b65a unwind_user/x86: Enable frame pointer unwinding on x86
6f553dbbb25d unwind: Implement compat fp unwind
5364f7bbd611 unwind: Simplify unwind_user_next_fp() alignment check
c45026c4135d drm/tegra: dsi: fix device leak on probe
1e88b5f854bd KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()
2dff8966a3a8 media: tegra-video: Fix memory leak in __tegra_channel_try_format()
7fc4b49474c8 accel/rocket: fix unwinding in error path in rocket_probe
17463839162f accel/rocket: fix unwinding in error path in rocket_core_init
b62076e780a2 usb: gadget: f_ncm: align net_device lifecycle with bind/unbind
ca9ca411bbcf usb: gadget: u_ether: Add auto-cleanup helper for freeing net_device
f222eb16d597 usb: gadget: u_ether: add gether_opts for config caching
7bdff9b9b0c6 net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels
ed9c15c7be25 Revert "PCI: dw-rockchip: Enumerate endpoints based on dll_link_up IRQ"
15a66eb1b2c6 PCI: dw-rockchip: Change get_ltssm() to provide L1 Substates info
aad472c928c9 PCI: dwc: Add L1 Substates context to ltssm_status of debugfs
80d3a201d7ad PCI: dw-rockchip: Configure L1SS support
b1f114b7a6fa PCI: dwc: Advertise L1 PM Substates only if driver requests it
53abc9c61361 PCI: j721e: Add config guards for Cadence Host and Endpoint library APIs
ee7f2ce97b08 PCI: j721e: Use devm_clk_get_optional_enabled() to get and enable the clock
f69535b77fa0 memory: mtk-smi: fix device leak on larb probe
b44d090d6ca1 memory: mtk-smi: fix device leaks on common probe
a67540127042 x86/acpi/boot: Correct acpi_is_processor_usable() check again
1b99c0e5b6bd bpf: Improve bounds when tnum has a single possible value
50a4fab0887e bpf: Introduce tnum_step to step through tnum's members
4c03342e5ac5 bpf: Add bitwise tracking for BPF_END
6c10b019785d bpf: Fix race in devmap on PREEMPT_RT
7466ae2aeed4 bpf: Fix race in cpumap on PREEMPT_RT
ecb4e02614b9 PCI: Correct PCI_CAP_EXP_ENDPOINT_SIZEOF_V2 value
878fddc519f7 spi: stm32: fix missing pointer assignment in case of dma chaining
130c436e7149 sched_ext: Fix SCX_EFLAG_INITIALIZED being a no-op flag
4778033781b5 selftests/bpf: Fix OOB read in dmabuf_collector
75d474702b2b bpf: Fix stack-out-of-bounds write in devmap
519b1ad91de5 bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing
11d1d38087e7 ASoC: SDCA: Fix comments for sdca_irq_request()
5413b1c94cfe ALSA: usb: qcom: Correct parameter comment for uaudio_transfer_buffer_setup()
51c8bedb2d08 btrfs: fix compat mask in error messages in btrfs_check_features()
771c1e38385b btrfs: print correct subvol num if active swapfile prevents deletion
136e814d1176 btrfs: fix warning in scrub_verify_one_metadata()
b178561ac38c btrfs: fix objectid value in error message in check_extent_data_ref()
845c0f1ab54e btrfs: fix incorrect key offset in error message in check_dev_extent_item()
5ba7d61b5416 btrfs: fix error message order of parameters in btrfs_delete_delayed_dir_index()
d4f210de01ea btrfs: free pages on error in btrfs_uring_read_extent()
c18c40e081c1 ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put()
73e8bdf14248 drm/amdgpu: Fix error handling in slot reset
5c42d9f8b004 drm/amdgpu: Fix locking bugs in error paths
39ae59e5c1d8 drm/amdgpu: Unlock a mutex before destroying it
1753f5f81ab6 drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings
6f60a783860c PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry
3d64dcc0799c arm64: io: Extract user memory type in ioremap_prot()
835da0da68d0 arm64: io: Rename ioremap_prot() to __ioremap_prot()
00ea0c8696b4 s390/vtime: Fix virtual timer forwarding
d30168b0cbc1 s390/idle: Fix cpu idle exit cpu time accounting
3f89b61dd504 perf: Fix __perf_event_overflow() vs perf_remove_from_context() race
b9db33aafc12 ALSA: usb-audio: Use inclusive terms
9a6693b59843 ALSA: usb-audio: Cap the packet size pre-calculations
4e3ca5f82346 drm/client: Do not destroy NULL modes
869c979f3657 zloop: check for spurious options passed to remove
f6c6a888c8a4 zloop: advertise a volatile write cache
93b64bef8cd4 regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()
bbc104dcfc59 scsi: ufs: core: Move link recovery for hibern8 exit failure to wl_resume
5fc4e150c5ad cxl: Fix race of nvdimm_bus object when creating nvdimm objects
af9bf9889663 cxl: Move devm_cxl_add_nvdimm_bridge() to cxl_pmem.ko
a29e63795063 cgroup/cpuset: Fix incorrect use of cpuset_update_tasks_cpumask() in update_cpumasks_hier()
e540616ec3a5 drm/xe/wa: Steer RMW of MCR registers while building default LRC
3464e7517551 accel/amdxdna: Validate command buffer payload count
1500b31db943 accel/amdxdna: Prevent ubuf size overflow
247cd87f0474 accel/amdxdna: Remove buffer size check when creating command BO
c67ab059953e perf/core: Fix invalid wait context in ctx_sched_in()
9a3bcd2984b8 rseq: Clarify rseq registration rseq_size bound check comment
22a1536b3f5a sched/fair: Fix lag clamp
c1591343440e sched/eevdf: Update se->vprot in reweight_entity()
ee54b5ba72d4 sched/fair: Only set slice protection at pick time
99673934a89f sched/fair: Fix zero_vruntime tracking
423b750d87d2 sched/fair: Introduce and use the vruntime_cmp() and vruntime_op() wrappers for wrapped-signed aritmetics
028084eca169 sched/fair: Rename cfs_rq::avg_vruntime to ::sum_w_vruntime, and helper functions
50890a9a01f3 sched/fair: Rename cfs_rq::avg_load to cfs_rq::sum_weight
50b3d683dcd4 x86/cfi: Fix CFI rewrite for odd alignments
e58f1a9b0677 x86/fred: Correct speculative safety in fred_extint()
ddbbdebeeea8 ALSA: usb-audio: Add QUIRK_FLAG_SKIP_IFACE_SETUP
71f72c5d74a9 ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices
561cefafd79d ALSA: scarlett2: Fix DSP filter control array handling
38072446442c drm/imx: parallel-display: check return value of devm_drm_bridge_add() in imx_pd_probe()
824a7672e354 scsi: pm8001: Fix use-after-free in pm8001_queue_command()
c3598e86c916 scsi: lpfc: Properly set WC for DPP mapping
1883332bf21f irqchip/sifive-plic: Fix frozen interrupt due to affinity setting
183a6264b32e drm/tiny: sharp-memory: fix pointer error dereference
cd2713a37336 drm/fourcc: fix plane order for 10/12/16-bit YCbCr formats
bce3847f7c51 KVM: arm64: Fix ID register initialization for non-protected pKVM guests
7a15a1e3228d KVM: arm64: Hide S1POE from guests when not supported by the host
f8a6eba20edb drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse()
a473c09666f0 debugobject: Make it work with deferred page initialization - again
531f45589787 drm/vmwgfx: Return the correct value in vmw_translate_ptr functions
2633a30eb45b drm/vmwgfx: Fix invalid kref_put callback in vmw_bo_dirty_release
c27dea9f50ed perf/core: Fix refcount bug and potential UAF in perf_mmap
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
openembedded-core
---------------------------
Commit: 4c777220ee
---------------------------
apt: Add CVE_PRODUCT to support product name
- Keep both the older deprecated debian:apt alias and the active
debian:advanced_package_tool identity in CVE_PRODUCT.
- This preserves completeness and avoids missing CVEs in case older
aliases are still used in NVD records.
Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a07763f03d
---------------------------
vim: disable GTK+3 UI by default
Disable the GTK+ UI by default. By having vim be always built with GTK+
by default installing vim results in the entire GTK+/X11 stack being
pulled into images, even if they would otherwise be non-graphical.
Also, real vim users run it in a terminal.
The PACKAGECONFIG remains and can be enabled. Maybe a future improvement
would be to split the recipe into non-X vim and GTK+-based gvim recipes.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 19da07045b
---------------------------
libjpeg-turbo: exclude x.y.9z versions from upstream check
E.g. the current 3.1.90 is a pre-release and shouldn't be considered.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: be6df46792
---------------------------
selftest/runtime_test: Avoid virgl test on opensuse 16.0 for now
Currently this sometimes works but sometimes crashes the Xserver on that
platform. For now, disable it there until someone investiagtes/fixes it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e9f12f6427
---------------------------
gnutls: Add p11-kit for native builds
U-Boot mkeficapsule host tool now uses pkcs11 related gnutls symbols.
If gnutls-native is built without p11-kit support, linking
mkeficapsule will fail.
Enable p11-kit for gnutls-native.
Signed-off-by: Franz Schnyder <franz.schnyder@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d77610e43a
---------------------------
systemd: add osc-context PACKAGECONFIG
Add a new PACKAGECONFIG to give users the choice of whether to
have /etc/profile.d/80-systemd-osc-context.sh file or not.
This is because the /etc/profile.d/80-systemd-osc-context.sh[1] is setting
PS0 with OSC 3008 standard[2]. If a terminal (e.g., minicom) cannot
deal with this OSC 3008 standard, it will just output the whole contents.
This is quite annoying. See example output below:
3008;start=9c578e41-1a0f-4b47-9a87-ab22adebe376;machineid=cc467af9bedc4d98a437e5d744928301;...
Below are steps of how to reproduce the issue with qemu:
1. IMAGE_INSTALL:append = " bash"
2. bitbake core-image-minimal
3. runqemu snapshot kvm nographic qemuparams="-serial pty"
4. minicom -D /dev/pts/X -b 115200 (/dev/pts/X is the one printed in the step 3)
5. [In minicom] type any command or just type "Enter" key
A new PR is also created for systemd upstream:
https://github.com/systemd/systemd/pull/41647
If systemd accepts the PR, we can then use the new option. Otherwise, we'll need
to keep the way it is now.
[1] https://github.com/systemd/systemd/commit/dadbb34919abd3fefeb5b8ccc9794da9398a2503
[2] https://uapi-group.org/specifications/specs/osc_context/
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1f69b88d86
---------------------------
mesa: upgrade 26.0.3 -> 26.0.5
This bumps mesa to 26.0.5, the latest available version.
See https://docs.mesa3d.org/relnotes/26.0.4.html and
https://docs.mesa3d.org/relnotes/26.0.5.html for the Changelog and
checksum.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a95081d461
---------------------------
quilt: remove bzip2 RDEPENDS
quilt has support for compressed patches but for some reason we only
listed bzip2 explicitly, despite it also supporting gzip/xz/lzma/lz/zst.
We don't have any recipes that use compressed patches and there's
nothing special about bzip2, so if a recipe does want to use compressed
patches then it can add the required dependency itself.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e4d49702f2
---------------------------
image_types_wic: Introduce wicenv image type
Now that wic is an external tool, using it outside of the normal Yocto
build workflow will become more common. So, we need a way for users to
specify that they want the .env file used by wic to be placed into
${DEPLOY_DIR_IMAGE}.
With this change, if you intend to use wic externally, you should
specify:
IMAGE_FSTYPES += "wicenv"
As we now have a separate IMAGE_CMD for this, we no longer need to
deploy the .env file in do_rootfs_wicenv.
[YOCTO #16246]
Signed-off-by: Paul Barker <paul@pbarker.dev>
Cc: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5a5162406f
---------------------------
sbom-cve-check-common: print warnings on unpatched CVEs
The now removed cve-check class used to print warnings when CVEs with
status "Unpatched" were found. Add this feature to the
sbom-cve-check class with the same default value (enabled).
For now it only does so when the cvecheck report type is enabled. It may
be possible to do the same for the SPDX report type.
Sample output:
WARNING: core-image-minimal-1.0-r0 do_sbom_cve_check: busybox-1.37.0: Found unpatched CVEs: CVE-2024-58251
WARNING: core-image-minimal-1.0-r0 do_sbom_cve_check: expat-2.7.5: Found unpatched CVEs: CVE-2025-66382, CVE-2026-41080
WARNING: core-image-minimal-1.0-r0 do_sbom_cve_check: glibc-2.43+git: Found unpatched CVEs: CVE-2010-4756, CVE-2026-4046
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 91294d91ef
---------------------------
python3-sbom-cve-check: Update to version 1.3.0
For details on this new release, see:
https://github.com/bootlin/sbom-cve-check/releases/tag/v1.3.0
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2466c63059
---------------------------
python3-python-spdx-model: Upgrade 0.0.4 -> 0.0.5
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bc1e1e4a1b
---------------------------
python3-shacl2code: upgrade 0.0.24 -> 1.0.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4fd2c4a99e
---------------------------
libcxx: fix libunwind collision with musl builds
Commit 75409c60 (rust: enable fully static linking with TCLIBC=musl)
used install-unwind for musl builds which also installs libunwind.so
and libunwind.h, causing a file collision with the libunwind recipe.
Only libunwind.a is needed for Rust static musl linking. Since no
other recipe in oe-core builds LLVM libunwind, compile it
unconditionally for musl and use do_install to install only the
static library.
Reported-by: Ross Burton <ross.burton@arm.com>
Suggested-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e0afc9df70
---------------------------
shadow: Drop 'pointless' patch
As far as I can tell, this patch is a no-op and doens't change the code.
As such, I think it just complicates things and can be removed.
[After testing we found this is working around a pseudo issue where we
were missing an intercept call for __open_2. The correct thing to do is
add that intercept, then we can drop this work around. The workaround
changed the function calls the headers map this into, resulting in ones
pseudo could intercept]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ef0856c183
---------------------------
shadow: Disable tallylog execution
We don't want to be calling tallylog from our native tools, disable it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8ea63d320a
---------------------------
pseudo: Upgrade to 1.9.5
This adds a wrapper for the __open_2 function
This was breaking shadow and the real reason for the open() call changes.
Add the missing wrapper to properly fix this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b2bd1d114f
---------------------------
pseudo: Upgrade to 1.9.4
Update to pull in a full openat2 wrapper which works on Fedora 44.
This update includes the commits:
* Makefile.in: Bump version to 1.9.4
* test: Add renameat2 test cases
* test: Add openat2 test cases
* makewrappers/openat2: Add preserve_path option
* openat2: Implement openat2 wrapper
* ports/linux/guts/renameat2.c: Add comment why this isn't implemented
* Add b4 configuration
* pseudo_setupenvp: Handle malloc failure safely
* pseudo_setupenvp: Allocate space for new env vars if needed
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d1a02bdd24
---------------------------
groff: Fix occasional build race failure
groff-native occasionally fails to build with a build race. Add a
patch which has been submitted upstream (details in the patch).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f036a655c3
---------------------------
combo-layer: Remove the script and its associated files
The combo-layer script has not been used with master of OE-Core since
the poky repository stopped being updated.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e096d9db33
---------------------------
barebox: upgrade 2026.03.1 -> 2026.04.0
Main highlight of this release is the new devboot mechanism, which
allows overriding any combination of kernel, device tree and
initramfs in an existing boot flow with network-hosted files,
simplifying iterative development:
https://www.barebox.org/doc/latest/user/devboot.html
This release also restores compatibility with new TF-A versions acting
as SCMI clock provider, after TF-A v2.14 broke the SCMI v2.0 clock
protocol used by earlier barebox (and Linux <= v6.6).
Release notes: https://lore.kernel.org/barebox/aeI471ZfStpltaM6@pengutronix.de
Migration guide: https://barebox.org/doc/latest/migration-guides/migration-2026.04.0.html
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fd46a0dc06
---------------------------
util-linux: fix CVE-2026-27456
Backport a patch from upstream to fix CVE-2026-27456:
Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use)
vulnerability has been identified in the SUID binary /usr/bin/mount
from util-linux. The mount binary, when setting up loop devices,
validates the source file path with user privileges via fork() +
setuid() + realpath(), but subsequently re-canonicalizes and opens it
with root privileges (euid=0) without verifying that the path has not
been replaced between both operations. Neither O_NOFOLLOW, nor inode
comparison, nor post-open fstat() are employed. This allows a local
unprivileged user to replace the source file with a symlink pointing
to any root-owned file or device during the race window, causing the
SUID binary to open and mount it as root. Exploitation requires an
/etc/fstab entry with user,loop options whose path points to a
directory where the attacker has write permission, and that
/usr/bin/mount has the SUID bit set (the default configuration on
virtually all Linux distributions). The impact is unauthorized read
access to root-protected files and block devices, including backup
images, disk volumes, and any file containing a valid filesystem.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ad6f5d2145
---------------------------
xz: fix CVE-2026-34743
Backport a fix from upstream to resolve CVE-2026-34743:
Prior to version 5.8.3, if lzma_index_decoder() was used to decode an
Index that contained no Records, the resulting lzma_index was left in
a state where where a subsequent lzma_index_append() would allocate
too little memory, and a buffer overflow would occur.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cb3cfe2fa6
---------------------------
xz: mark several CVEs as fixed
- CVE-2024-47611 was fixed in 5.6.3 and is Windows-specific.
- CVE-2025-31115 was fixed in 5.8.1.
- CVE-2025-58058 is specific to the Go xz module, not this recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f82c02848c
---------------------------
systemd: mark several CVEs as fixed
CVE-2019-3815 is specific to RHEL, and CVE-2026-40223 to -40226 have all
been fixed in the stable branch.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6cbf55abe4
---------------------------
bluez5: mark two CVEs as being in the wrong product
CVE-2020-12351 and CVE-2020-12352 ("BleedingTooth") are actually issues
in the Linux kernel, not BlueZ as reported in the CVE.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9a83f0878b
---------------------------
busybox: fix for CVE-2026-26157, CVE-2026-26158
Pick up patch from NVD report.
More details :
[1]: https://nvd.nist.gov/vuln/detail/CVE-2026-26157
[2]: https://nvd.nist.gov/vuln/detail/CVE-2026-26158
Note:
We use patch from busybox mirror that looks trustworthy https://gogs.librecmc.org/OWEALS/busybox.
Suggested-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Ernst Persson <ernst.persson@non.se.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7fe6a1ccc9
---------------------------
ruby: upgrade 4.0.1 -> 4.0.2
Changelog: https://github.com/ruby/ruby/releases/tag/v4.0.2
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 1179c2f419
---------------------------
sstate: Fail on file systems without hard link support
The sstate can only work reliably when the file system has support for hard
links. Previously this error was silenced, now the build fails and the user is
informed about the problem.
Signed-off-by: Michael Arndt <michael@rndt.dev>
CC: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 07652b7159
---------------------------
cve-exclusions: set status for CVE-2025-71145
cvelistV5 tracks hashes instead of versions.
Same hashes are also present in NVD links.
Checking those hashes, fix is already available in linux-yocto.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: ded28ca69b
---------------------------
cve-exclusions: set status for 5 CVEs
Reuse work of Debian researchers and set status for fixed CVEs
accordingly.
* https://security-tracker.debian.org/tracker/CVE-2023-53012
* 6.2-rc5
* https://security-tracker.debian.org/tracker/CVE-2023-53187
* 6.5-rc3
* https://security-tracker.debian.org/tracker/CVE-2024-49854
* 6.12-rc1
* https://security-tracker.debian.org/tracker/CVE-2025-38656
* 6.17-rc1
* https://security-tracker.debian.org/tracker/CVE-2025-68195
* 6.18-rc5
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 18ebfeb5af
---------------------------
devtool-source: set S variable to a sub dir of UNPACKDIR
If a recipe set UNPACKDIR to a directory that is not contained within
WORKDIR, before this modification, this generates the following error:
"S should be set relative to UNPACKDIR."
S should not be updated, otherwise the recipe may not find the extracted
sources. In all recipes, S should reference the UNPACKDIR variable.
There is an exception for the kernel to prevent infinite recursion
when expanding the STAGING_KERNEL_DIR variable.
So, only updates UNPACKDIR to be within the DEVTOOL_TEMPDIR directory.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 15e6ec3ba2
---------------------------
systemd: drop unneeded sysv compat patch
Our systemd is not compatible with sysvinit any more. So drop
this sysv compat patch as it's not needed any more.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: c4ae831812
---------------------------
go: skip recipe instead of throwing fatal error on unknown architectures
Current code means that layer which contains a golang recipe cannot be
even parsed for machine which is not in supported golang architectures.
Skipping the golang recipes instead of throwing fatal error is much
friendlier and let machines without golang support co-exist in a layer
with golang recipes.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 855d1111c3
---------------------------
python3: prefer valid dists when searching for entry points
When bitbake regenerates a sysroot due to upgrades it will remove any
previously installed files but keep the directories. This can result in
site-packages containing:
setuptools/ <-- the actual Python code
setuptools-82.0.0.dist-info <-- empty metadata directory
setuptools-82.0.1.dist-info <-- populated metadata directory
When importlib_metadata.entry_points() iterates the distributions it
will take the list of dists *in on-disk order* and then remove
duplicates. If the empty directory comes first in the unsorted directory
listing then that is the only one that is returned.
This eventually results in mysterious errors from setuptools:
error: invalid command 'egg_info'
Solve this by sorting the distribution list so that valid dists are
first.
[ YOCTO #16235 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 76316c765d
---------------------------
image_types: catch exception if no CONVERSION_CMD is defined
When new conversion type is defined, BitBake assumes
that CONVERSION_CMD: is defined for the type, so it gets
the variable which returns NoneType if it is not defined.
That generates the following exception which may not be clear
for some:
--
ERROR: /../techleef-image.bb: Error executing a python function in <code>:
The stack trace of python calls that resulted in this exception/failure was:
File: '<code>', lineno: 16, function: <module>
0012:__anon_117__.._recipe_populate_sdk_base_bbclass(d)
0013:__anon_427__.._recipe_populate_sdk_base_bbclass(d)
0014:__anon_131__.._recipe_image_bbclass(d)
0015:__anon_187__.._recipe_image_bbclass(d)
*** 0016:__anon_535__.._recipe_image_bbclass(d)
0017:__anon_44__.._recipe_rootfs_ipk_bbclass(d)
0018:__anon_191__.._recipe_siteinfo_bbclass(d)
0019:__anon_17__.._recipe_license_image_bbclass(d)
0020:__anon_206__.._recipe_image_types_wic_bbclass(d)
File: '/../image.bbclass', lineno: 501, function: __anon_535__.._recipe_image_bbclass
0497: if original_type not in alltypes:
0498: rm_tmp_images.add(localdata.expand("${IMAGE_NAME}.${type}"))
0499:
0500: for bt in basetypes[t]:
*** 0501: gen_conversion_cmds(bt)
0502:
0503: localdata.setVar('type', realt)
0504: if t not in alltypes:
0505: rm_tmp_images.add(localdata.expand("${IMAGE_NAME}.${type}"))
File: '/../image.bbclass', lineno: 490, function: gen_conversion_cmds
0486: type = type[8:]
0487: # Create input image first.
0488: gen_conversion_cmds(type)
0489: localdata.setVar('type', type)
*** 0490: cmd = "\t" + localdata.getVar("CONVERSION_CMD:" + ctype)
0491: if cmd not in cmds:
0492: cmds.append(cmd)
0493: vardeps.add('CONVERSION_CMD:' + ctype)
0494: subimage = type + "." + ctype
Exception: TypeError: can only concatenate str (not "NoneType") to str
ERROR: Parsing halted due to errors, see error messages above
--
Fail with human readable error if no CONVERSION_CMD is defined for
any defined subtype.
Signed-off-by: Talel BELHAJ SALEM <bhstalel@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 70de7e952b
---------------------------
create-spdx-3.0: rerun do_create_recipe_spdx on patch changes
Valkyrie patchmetrics from 2026-04-17 is showing two CVEs where patches
were merged the day before (2026-04-16) - inetutils/CVE-2026-32746 and
re2c/CVE-2026-2903.
Root-cause is that the CVE patches are evaluated in task
do_create_recipe_spdx which does not have any dependency on SRC_URI nor
content of the patches, so it is taken from sstate-cache which contains
old (stale) data.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 78192f7d00
---------------------------
oe/spdx30_task: Prevent duplication of sources in hasInput rel
If the debug_sources are already inside the build_inputs, we must not
add them again, otherwise, the source files are going to be referenced
multiple times inside the hasInput relationship.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: df6d882611
---------------------------
oe/spdx30_task: Add status notes to VEX relationship
Without the status note, we are losing the reason why the CVE is
considered vulnerable or fixed.
The information provided in CVE_STATUS is otherwise lost.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0e2c018c75
---------------------------
oe/spdx_common: Remove unused local variables
The deploy_dir_spdx variable is assigned from "DEPLOY_DIR_SPDX", but
never used, so remove it. Same for pn variable.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cd0dcf8bf2
---------------------------
oe/spdx_common: Remove redundant '\d' in RegExp
The \w metacharacter matches word characters.
A word character is a character a-z, A-Z, 0-9, including _
The \d metacharacter matches digits from 0 to 9.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1cf1af6afe
---------------------------
oe/spdx30_tasks: Remove unused local variables
The deploy_dir_spdx variable is assigned from "DEPLOY_DIR_SPDX", but
never used, so remove it. Same for pkgdest and for pkg_arch variables.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 33937a9c4e
---------------------------
oe/spdx30_tasks: Fix return value of get_package_sources_from_debug
Always return a set, never return None, otherwise create_spdx() is
going to fail, since it does not expect debug_sources to be None.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 517103a385
---------------------------
oe/spdx30_tasks: Remove unused license_ref_idx variable
This local variable is never used in the whole code base, so it is
safe to remove it.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d6cb8f4858
---------------------------
oe/sbom30: Fix undeclared variable in import_bitbake_build()
In the error path, deploy_dir_spdx variable was not defined.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0259262439
---------------------------
oe/sbom30: Simplify sorting of license_text_map
In new_license_expression() the code used to sort the license_text_map
dictionary can be simplified.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6cda57345b
---------------------------
oe/sbom30: Remove unneeded oe.sbom30. to reference local symbol
The class OEDocumentExtension is declared within the sbom30.py file.
There is no need to use its full package path to reference it.
Same for get_element_link_id() function.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d9a44e7390
---------------------------
python3: Simplify ptest exclusion list
Makes the exclusion list a bit more readable, avoiding very long sed
expression lines.
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 40b0815dc9
---------------------------
python3: exclude test_timerfd_TFD_TIMER_ABSTIME from ptest
This test tends to fail intermittently, probably when the qemu machine is
a bit too slow.
Fixes [YOCTO #15743]
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fe846d71b6
---------------------------
python3-requests: backport fix for CVE-2026-25645
When unpacking zip files requests uses predictable paths. Backport a fix
to use randomly generated pathnames to mitigate injection attacks.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4967ddba56
---------------------------
glib-networking: backport fix for CVE-2026-2574
CVE-2026-2574:
Affected versions of this package are vulnerable to Out-of-bounds Read
via improper handling of certificate authority data in the OpenSSL
backend. An attacker can cause application crashes and potentially
disclose limited heap memory by enticing a client to connect to a
malicious TLS server that advertises a specially crafted client-CA
list.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4af3b2219b
---------------------------
run-postinsts: Replace which by command -v
The command *which* can be provided by the packages which, debianutils,
busybox, or zsh. But if none of these are installed, the call fails. The
POSIX way to check for a command is `command -v` and suppress the output in
case of success.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ce390c0b32
---------------------------
libxml-parser-perl: patch CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one
heap buffer overflow in st_serial_stack. In the case
(stackptr == stacksize - 1), the stack will NOT be expanded.
Then the new value will be written at location (++stackptr),
which equals stacksize and therefore falls just outside the
allocated buffer. The bug can be observed when parsing an
XML file with very deep element nesting.
References:
https://nvd.nist.gov/vuln/detail/CVE-2006-10003
Signed-off-by: Haiqing Bai <haiqing.bai@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 42115ea98a
---------------------------
binutils: patch CVE-2026-4647
Pick patch per [1].
[1] https://security-tracker.debian.org/tracker/CVE-2026-4647
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aee71e8677
---------------------------
binutils: mark CVE-2025-69652 as fixed
Fix commit [1] mentioned in the NVD report [2] is aleady included in
2.46 even when NVD says <= 2.46
$ git tag --contains 44b79abd0fa12e7947252eb4c6e5d16ed6033e01
binutils-2_46
[1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=44b79abd0fa12e7947252eb4c6e5d16ed6033e01
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-69652
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 037f838039
---------------------------
oeqa/sdk: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d1fb36b3dd
---------------------------
meta/files/layers.example.json: switch to https clone URIs
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2f24b15969
---------------------------
oeqa/selftest/devtool-test-git-gitsm: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Use ";protocol=https" for the parent git submodule and, also, update the
SRCREV to point to a commit where submodules are reference through a
https:// URL instead of a git:// one.
Update the expected output of the archiver test.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5c78db972f
---------------------------
oeqa/selftest/git-submodule-test: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Use ";protocol=https" for the parent git submodule and, also, update the
SRCREV to point to a commit where submodules are reference through a
https:// URL instead of a git:// one.
Update the expected output of the archiver test.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 74dd045496
---------------------------
scripts: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9bab238d26
---------------------------
build-appliance-image: switch SRC_URI to https protocol
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c28d66d7d8
---------------------------
oeqa/selftest/incompatible_lic: add wayland feature check for test needing it
When run with a distro without 'wayland' DISTRO_FEATURES:
2026-04-14 17:42:00,568 - oe-selftest - INFO - FAIL: test_core_image_full_cmdline_weston (incompatible_lic.NoGPL3InImagesTests.test_core_image_full_cmdline_weston)
2026-04-14 17:42:00,568 - oe-selftest - INFO - ----------------------------------------------------------------------
2026-04-14 17:42:00,568 - oe-selftest - INFO - Traceback (most recent call last):
File ".../openembedded-core/meta/lib/oeqa/selftest/cases/incompatible_lic.py", line 153, in test_core_image_full_cmdline_weston
bitbake('core-image-full-cmdline core-image-weston')
~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
AssertionError: Command 'bitbake core-image-full-cmdline core-image-weston' returned non-zero exit status 1:
...
ERROR: Nothing PROVIDES 'core-image-weston'
core-image-weston was skipped: using DISTRO 'nodistro', which is missing required DISTRO_FEATURES: 'wayland'
This is caused by core-image-weston being skipped because it needs the
wayland DISTRO_FEATURES.
Note that this is not seen in testing because nodistro has wayland
enabled by default since
2e1e7c86064 (bitbake.conf: Enable opengl ptest multiarch wayland vulkan in DISTRO_FEATURES by default, 2026-02-21)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c04179776e
---------------------------
virglrenderer: update a merged patch Upstream-Status
0001-c11-use-glibc-s-once_flag-ONCE_FLAG_INIT-when-presen.patch got
merged and is even in the 1.3.0 tag.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d9b69d0a2d
---------------------------
libsoup: mark CVEs which have been resolved upstream
These issues have all been fixed in the 3.6.6 release that we have, but
the CPEs are unversioned. I've contacted NIST to update the database but
until that happens we can mark them as fixed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b55258ae45
---------------------------
libsoup: actually apply patches for CVE-2025-32049 and CVE-2026-1539
The patches were added to SRC_URI before inheriting gnomebase, which
does SRC_URI = "...". This means the patches were never actually part of
SRC_URI, so never applied.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a9cc47107c
---------------------------
vim: update to 9.2.0340 to fix CVEs
CVEs fixed: CVE-2026-34714 and CVE-2026-33412
Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 44e4b74dd0
---------------------------
linux-firmware: upgrade 20260309 -> 20260410
Upgrade the firmware package to latest release. Add qupv3fw
firmware for qcs615 and shikra, add adreno, audio and compute
package for DELL XPS13 9345, add audioreach firmware for Glymur
and arduino monza, add ISH firmware for Intel Wildcat Lake platform,
add lenovo ish firmware for X9-15 2025, X1 Carbon (Gen 14) and
X1 2-in-1 (Gen 11).
Signed-off-by: Vivek Puar <vpuar@qti.qualcomm.com>
Cc: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 83437dd9bf
---------------------------
oeqa/selftest/sstatetests: add wayland feature check for test needing it
When run with a distro without 'wayland' DISTRO_FEATURES:
2026-04-14 17:42:00,568 - oe-selftest - INFO - FAIL: test_sstate_32_64_same_hash (sstatetests.SStateHashSameSigs.test_sstate_32_64_same_hash)
2026-04-14 17:42:00,568 - oe-selftest - INFO - ----------------------------------------------------------------------
2026-04-14 17:42:00,568 - oe-selftest - INFO - Traceback (most recent call last):
File ".../openembedded-core/meta/lib/oeqa/selftest/cases/sstatetests.py", line 407, in test_sstate_32_64_same_hash
self.sstate_hashtest("i686")
~~~~~~~~~~~~~~~~~~~~^^^^^^^^
File ".../openembedded-core/meta/lib/oeqa/core/decorator/__init__.py", line 35, in wrapped_f
return func(*args, **kwargs)
File ".../openembedded-core/meta/lib/oeqa/selftest/cases/sstatetests.py", line 371, in sstate_hashtest
bitbake("core-image-weston -S none")
~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
AssertionError: Command 'bitbake core-image-weston -S none' returned non-zero exit status 1:
...
ERROR: Nothing PROVIDES 'core-image-weston'
core-image-weston was skipped: using DISTRO 'nodistro', which is missing required DISTRO_FEATURES: 'wayland'
This is caused by core-image-weston being skipped because it needs the
wayland DISTRO_FEATURES.
Note that this is not seen in testing because nodistro has wayland
enabled by default since
2e1e7c86064 (bitbake.conf: Enable opengl ptest multiarch wayland vulkan in DISTRO_FEATURES by default, 2026-02-21)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 73ba8b64c3
---------------------------
glib-networking: backport fixes for CVE-2025-60018 and CVE-2025-60019
CVE-2025-60018:
glib-networking's OpenSSL backend fails to properly check the return
value of a call to BIO_write(), resulting in an out of bounds read.
CVE-2205-60019:
glib-networking's OpenSSL backend fails to properly check the return
value of memory allocation routines. An out of memory condition could
potentially result in writing to an invalid memory location.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: dd14ab1318
---------------------------
libinput: backport fixes for CVE-2026-35093 and CVE-2026-35094
Backport the patches from upstream for these CVEs in the Lua plugin.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 091348c4c9
---------------------------
avahi-libnss-mdns: Fix build with LLD linker
Fixes build errors e.g.
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns4_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns6_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns_minimal_gethostbyaddr_r' failed: symbol not defined
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 3d02dee3ad
---------------------------
weston-init: set require-outputs=none to allow startup without connected display
By default, Weston exits at startup if no output connector is reported
as connected by the DRM subsystem. On platforms where displays are
connected after boot via HPD (Hot Plug Detect), this causes the weston
service to be killed during early boot and remain down until manually
restarted.
Setting require-outputs=none in the [core] section instructs Weston to
start and remain running even when no connector is active at boot time.
When a display is subsequently hotplugged and HPD is asserted, Weston
automatically picks up the new connector and brings up the output without
requiring a service restart.
Signed-off-by: Yash Gupta <yash.gupta@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 8e20632253
---------------------------
mtd-utils: Upgrade to 2.3.1
Upgrade to mtd-utils 2.3.1.
Remove all the local patches as they have all landed in 2.3.1.
Details about the 2.3.1 release:
https://lore.kernel.org/linux-mtd/73da3205-694e-422a-ac73-d7bcb054aa1e@sigma-star.at/T/#u
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 9174ccce4b
---------------------------
qemuboot-x86.inc: Allow override of QB_AUDIO_*
This change allows to overwrite the QB_AUDIO_* variables from e.g.
local.conf, to e.g. set the audio driver to "none" or "pipewire".
Suggested-by: van Veen, Stephan <stephan.vanveen@karlstorz.com>
Signed-off-by: Rouven Rastetter <rouven.rastetter.ext@karlstorz.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 108cc2631f
---------------------------
kernel-fit-image: Fix support for initramfs multiconfig
In the transition from kernel-fitimage.bbclass a fix for initramfs
multiconfig was partly reverted, maybe because the default value for
INITRAMFS_DEPLOY_DIR_IMAGE is only set in kernel.bbclass and therefore
not accessible in kernel-fit-image.bbclass.
This fix introduces INITRAMFS_DEPLOY_DIR_IMAGE in kernel-fit-image.bbclass,
so initramfs multiconfig works as expected.
Signed-off-by: Rouven Rastetter <rouven.rastetter.ext@karlstorz.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: bcd3b5e086
---------------------------
alsa-ucm-conf: Add GLYMUR CRD HiFi config
Add UCM2 configs for the Qualcomm GLYMUR CRD Board.
Link: https://github.com/alsa-project/alsa-ucm-conf/commit/41cfa5498ab37b67ae474abc88f08c9ef1bf9cc3
Signed-off-by: Mohammad Rafi Shaik <mohammad.rafi.shaik@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: db89c7fd54
---------------------------
pulseaudio: Fix build with LLD linker
LLD is stricter with version scripts
This is a classic LLD vs GNU ld compatibility issue with
version scripts. LLD is stricter than GNU ld — by default
it treats unmatched version script symbols as hard
errors, whereas GNU ld silently ignores them.
What's happening is that the version script
e.g. map.pa, declares symbols like pa_glib_mainloop_new
under PULSE_0, but those symbols aren't being compiled
into the current library target.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 7b562df41c
---------------------------
bluez: Fix linking with lld linker
Recent upgrades have been breaking with LLD as linker
aarch64-yoe-linux-ld.lld: error: undefined symbol: __stop___debug
>>> referenced by log.c:0 (/usr/src/debug/bluez5/5.86/../sources/bluez-5.86/src/log.c:0)
>>> src/log.o:(__btd_log_init)
>>> referenced by log.c:0 (/usr/src/debug/bluez5/5.86/../sources/bluez-5.86/src/log.c:0)
>>> src/log.o:(__btd_log_init)
This is described in LLD docs as well [1]
[1] https://lld.llvm.org/ELF/start-stop-gc
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 75409c60e9
---------------------------
rust: enable fully static linking with TCLIBC=musl
Fixes [YOCTO #16076]
Rust binaries built with TCLIBC=musl and
-C target-feature=+crt-static were still dynamically linked.
Fix this by addressing three issues:
1) Set crt-static-respected in the generated musl target spec
so rustc honors +crt-static. [1]
2) Add the target sysroot library path to the linker flags so
libunwind.a can be found.
3) Use LLVM libunwind for musl:
- GNU libunwind does not provide static libraries in OE
and lacks required _Unwind_* symbols on some architectures [2]
- libgcc_eh depends on pthread and cannot be used for fully
static linking with musl
- LLVM libunwind provides the required symbols without
additional dependencies
Install LLVM libunwind from libcxx and switch libstd-rs
to depend on libcxx for musl.
Also remove the obsolete DEPENDS:remove:riscv32/riscv64 = "libunwind"
lines added in 2021 when riscv musl support was still being patched.
LLVM libunwind supports both riscv32 and riscv64 - verified locally.
riscv32 support was upstreamed at [3].
Add a selftest to verify that produced binaries are statically linked.
[1] https://github.com/rust-lang/rust/blob/main/compiler/rustc_target/src/spec/mod.rs
[2] https://github.com/libunwind/libunwind/issues/761
[3] https://github.com/llvm/llvm-project/commit/b17d464
Reported-by: Nick Owens <nick.owens@eero.com>
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: efec0447c8
---------------------------
dbus: use ${PN} in pkg_postinst instead of 'dbus'
All pkg_postinst in oe-core where the package name matches the recipe
name use ${PN} already.
We have a bbclass used by some recipes which does:
pkg_postinst:${PN}:append()
which works reasonably well for most of the recipes, except for dbus
where it causes:
WARNING: meta/recipes-core/dbus/dbus_1.16.2.bb:
Variable key pkg_postinst:${PN} (...)
replaces original key pkg_postinst:dbus (...)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 46ff3a8d2c
---------------------------
oe-pkgdata-util: improve lookup-pkg error for RPROVIDES packages
When a package is not found by 'oe-pkgdata-util lookup-pkg', the error
message provides no guidance on what went wrong or where to look.
Improve the error message by checking the runtime-rprovides directory
for the missing package. If the package exists in RPROVIDES:
- If the provider package was generated, suggest looking up the actual
package name instead.
- If the provider package was not generated (e.g. empty package or
disabled by PACKAGECONFIG), inform the user which recipe provides it
and that it was not generated.
This helps users quickly identify the correct package name or
understand why a package is missing from their build.
Before:
ERROR: The following packages could not be found: eglibc
After:
ERROR: eglibc is in the RPROVIDES of glibc (recipe: glibc), try
looking up 'glibc' instead
[YOCTO #16083]
Signed-off-by: Zk47T <zizuzacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: aa1b99d75f
---------------------------
mpg123: set status for CVE-2006-3355
This CVE has only cpe version which is considered invalid:
* cpe:2.3:a:mpg123:mpg123:pre0.59s_r11:*:*:*:*:*:*:*
This means that the fixed version is unknown and thus all versions are
considered to be vulnerable.
Since the vulnerability was fixed in old version 0.59s_r11, mark it as
fixed.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6bb54e8eb4
---------------------------
oeqa/selftest/devtool: add vulkan feature check for test needing it
When run with a distro without 'vulkan' DISTRO_FEATURES:
$ oe-selftest -r devtool.DevtoolUpdateTests.test_devtool_git_submodules
2026-04-14 14:36:57,036 - oe-selftest - INFO - test_devtool_git_submodules (devtool.DevtoolUpdateTests.test_devtool_git_submodules)
vulkan-samples is unavailable:
vulkan-samples was skipped: using DISTRO 'nodistro', which is missing required DISTRO_FEATURES: 'vulkan'
2026-04-14 14:37:13,002 - oe-selftest - INFO - ... ERROR
2026-04-14 14:37:13,002 - oe-selftest - INFO - Traceback (most recent call last):
File "/.../openembedded-core/meta/lib/oeqa/selftest/cases/devtool.py", line 1695, in test_devtool_git_submodules
self.assertIn('gitsm://', src_uri, 'This test expects the %s recipe to be a git recipe with submodules' % recipe)
~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.13/unittest/case.py", line 1171, in assertIn
if member not in container:
^^^^^^^^^^^^^^^^^^^^^^^
TypeError: argument of type 'NoneType' is not iterable
This is caused by vulkan-samples being skipped because it needs the
vulkan DISTRO_FEATURES.
Note that this is not seen in testing because nodistro has vulkan
enabled by default since
2e1e7c86064 (bitbake.conf: Enable opengl ptest multiarch wayland vulkan in DISTRO_FEATURES by default, 2026-02-21)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 37d9a2f489
---------------------------
clang: consolidate sysroot compiler-rt search path patches
Replace patches 0008 and 0033 with a single consolidated patch (0041)
that fixes native build breakage.
The original patches unconditionally changed the runtime library search
base from ResourceDir to SysRoot, which breaks native/standalone builds
where SysRoot is empty (e.g., PGO bootstrap fails to find
libclang_rt.profile.a). The new patch uses SysRoot-based paths only
during cross-compilation and falls back to the upstream default
ResourceDir for native builds.
Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e7c3357e14
---------------------------
ovmf: set status for CVE-2024-1298
cvelistV5 uses full tag name (edk2-stable202405) while NVD uses only
version (202405).
Since NVD CPE is not yet available, cvelistV5 marks it at not patched
yet because the string sorts after the version.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 36b8677039
---------------------------
screen: set status for CVE-2025-46802
This CVE is showing in the new sbom CVE reports.
It is fixed via [1] which is included in:
$git tag --contains d10eb5b2f7eebaa347f09c010bd391373fdd1695
v.5.0.1
[1] https://cgit.git.savannah.gnu.org/cgit/screen.git/commit/?id=d10eb5b2f7eebaa347f09c010bd391373fdd1695
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0716e7461d
---------------------------
tar: set status for CVE-2025-45582
This CVE is disputed by tar maintainers as documented in [1].
The same link is present in NVD and cvelistV5.
Also Debian says "disputed" in [2].
[1] https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html
[2] https://security-tracker.debian.org/tracker/CVE-2025-45582
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bf2a642d4b
---------------------------
xdg-utils: set status for CVE-2025-52968
This CVE has tag "disputed", see [1].
[1] https://github.com/CVEProject/cvelistV5/blob/cve_2026-04-12_1800Z/cves/2025/52xxx/CVE-2025-52968.json#L91
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 77fd853140
---------------------------
xwayland: set status for CVE-2024-21886
Reference [1]:
Introduced in: xorg-server-1.13.0 (2012)
Fixed in: xorg-server-21.1.11 and xwayland-23.2.4
[1] https://lists.x.org/archives/xorg/2024-January/061525.html
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d921469b7a
---------------------------
wic: set CVE_PRODUCT
There are CVEs such as CVE-2008-6713 which have a CPE of *:wic, which
get reported for our wic now that it has been split out to a standalone
tool.
Set CVE_PRODUCT to yoctoproject:wic to avoid this. There are no CVEs for
wic yet, but this is the likely CPE that would be used.
[1] https://nvd.nist.gov/vuln/detail/CVE-2008-6713
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 716d3f6fd9
---------------------------
inetutils: patch CVE-2026-32746
Pick patch [1] as mentioned in [2].
[1] https://cgit.git.savannah.gnu.org/cgit/inetutils.git/commit/?id=6864598a29b652a6b69a958f5cd1318aa2b258af
[2] https://security-tracker.debian.org/tracker/CVE-2026-32746
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0f97501891
---------------------------
kea: upgrade 3.0.2 -> 3.0.3
Solves CVE-2026-3608.
License-Update: copyright years refreshed
Release notes [1]:
Welcome to Kea 3.0.3, a vulnerability release of the stable 3.0 series.
This supersedes the previous release, version 3.0.2.
1. **Vulnerability**: We addressed an issue, which was assigned
CVE-2026-3608, where a large number of bracket pairs in a JSON payload
directed to any endpoint would result in a stack overflow, due to
recursive calls when parsing the JSON [#4275, #4288, #4387]. Since the
exploit does not require the JSON request to have the full syntax of a
valid command, it bypasses RBAC and the command filters on the
High-Availability endpoints.
2. **Security**: A null dereference is now no longer possible when
configuring the Control Agent with a socket that lacks the mandatory
socket-name entry [#4388, #4365].
3. **Permissions**: UNIX sockets are now created as group-writable
[#4398, #4260]. This allows users belonging to the group to send
commands to the UNIX sockets. In particular, it allows Stork 2.4.0 and
above to detect the Kea daemon.
[1] https://downloads.isc.org/isc/kea/3.0.3/Kea-3.0.3-ReleaseNotes.txt
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9ccf2a0a3f
---------------------------
libarchive: upgrade 3.8.6 -> 3.8.7
Solves CVE-2026-5121 (points to [2] per [3]).
Since it's Redhat version-less CVE, add explicit CVE_STATUS.
Release information [1]:
Libarchive 3.8.6 is a security and bugfix release.
Notable fixes:
* CAB: fix NULL pointer dereference during skip (#2900)
* CAB: Fix Heap OOB Write in CAB LZX decoder (#2919)
* cpio: various fixes and improvements (#2899, #2908, #2910, #2939)
* contrib/untar: fix out-of-bounds read (#2903)
* iso9660: fix undefined behavior (#2897)
* iso9660: fix posibble heap buffer overflow on 32-bit systems (#2934)
* libarchive: fix handling of option failures (#2871)
* libarchive: do not continue with truncated numbers (#2911)
* libarchive: lzop and grzip filter support (#2947)
* RAR: fix LZSS window size mismatch after PPMd block (#2898)
[1] https://github.com/libarchive/libarchive/releases/tag/v3.8.7
[2] https://github.com/libarchive/libarchive/pull/2934
[3] https://security-tracker.debian.org/tracker/CVE-2026-5121
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 401624dc02
---------------------------
rsync: update comment about out-of-tree builds
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 59415c5c07
---------------------------
rsync: always use the system zlib
There's nothing gained by adding an option to use the vendored zlib
apart from the chance of accidentally not using it, so remove the
PACKAGECONFIG and just explicitly depend on zlib.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ea4d22bfea
---------------------------
grub: set status for 6 CVEs fixed in 2.14
These CVEs were fixed in 2.14, however Redhat CNA does not fill any
version to CPEs.
References for fixes are in Debian security tracker:
* https://security-tracker.debian.org/tracker/CVE-2025-54770
* https://security-tracker.debian.org/tracker/CVE-2025-54771
* https://security-tracker.debian.org/tracker/CVE-2025-61661
* https://security-tracker.debian.org/tracker/CVE-2025-61662
* https://security-tracker.debian.org/tracker/CVE-2025-61663
* https://security-tracker.debian.org/tracker/CVE-2025-61664
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fa1dd1b421
---------------------------
grub: set status for CVE-2024-49504
Per [1] this is SUSE specific problem.
[1] https://security-tracker.debian.org/tracker/CVE-2024-49504
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6514102e65
---------------------------
openssh: upgrade 10.2p1 -> 10.3p1
Release notes: [1]
Solves CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388
and CVE-2026-35414.
[1] https://www.openssh.org/txt/release-10.3
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2d7dd737ae
---------------------------
bind: upgrade 9.20.20 -> 9.20.22
Solves CVE-2026-1519, CVE-2026-3104, CVE-2026-3119 and CVE-2026-3591.
Release notes 9.20.21: [1]
Release notes 9.20.22: [2]
[1] https://bind9.readthedocs.io/en/stable/changelog.html#bind-9-20-21
[2] https://gitlab.isc.org/isc-projects/bind9/-/blob/bind-9.20/doc/changelog/changelog-9.20.22.rst?ref_type=heads
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 32dffd9a4e
---------------------------
perl: link to the system bzip2 instead of a vendored copy
The perl module Compress-Raw-Bzip2 defaults to using a vendored copy of
the bzip2 sources. We should be building perl against the system bzip2
recipe to avoid potential security issues.
This is a little fiddly in the DEPENDS as bzip2-native is assume-provided
so we need to depend on bzip2-replacement-native for the native build.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bf51522904
---------------------------
perl: link to the system zlib instead of a vendored copy
The perl module Compress-Raw-Zlib defaults to using a vendored copy of
the zlib sources which has a number of CVEs. A newer version of perl
updates this to zlib 1.3.2 to resolve them, but we should be linking to
our zlib recipe instead of the vendored code.
This mitigates CVE-2026-4176 so mark it as not appropriate.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6afc9cce18
---------------------------
re2c: backport fix for CVE-2026-2903
Backport a patch from upstream to fix CVE-2026-2903.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1b0e3fac4b
---------------------------
graphene: ignore CVE-2024-1984
This CVE is for a WordPress theme called Graphene. It's likely that the
CPE for this graphene will be gnome:graphene but this hasn't been
formally documented, so exclude this one CVE for now.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9330d62e35
---------------------------
libexif: upgrade 0.6.25 -> 0.6.26
Release notes [1]:
libexif-0.6.26 (2026-04-14):
* Security issues fixed:
* CVE-2026-40386: An unsigned integer underflow in Fuji and Olympus makernote handling
* CVE-2026-40385: An unsigned integer overflow on 32bit systems in Nikon makernote handling
* CVE-2026-32775: A buffer overwrite via integer underflow in makernote handling
* handle JPEG APP3 marker
* added EXIF_TAG_IMAGE_DEPTH tag
* translations updated: Arabic, German, Spanish, Polish, Romanian,
* Serbian, Swedish, Ukrainian, Chinese
[1] https://github.com/libexif/libexif/releases/tag/v0.6.26
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: be622a8da6
---------------------------
go: set status for CVE-2024-24786
cvelistV5 has wrong CPE:
* "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"
The CVE is actually for golang-google-protobuf as links in the CVE
report prove:
* https://pkg.go.dev/vuln/GO-2024-2611
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8b5f530fc5
---------------------------
strace: PR bump due to reproducibility issues
Change the output and invalidate hash equivalence to avoid reproducibilty
issues in CI after previous issues.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 274ce0c0d7
---------------------------
apr: remove space before the -std=gnu23 from apr_rules.mk
When -std=gnu23 is added to CC_FOR_BUILD it's with additional space
we need to remove the space as well to avoid the difference between
the build where -std=gnu23 was added and removed by sed and wasn't
added at all like in:
https://valkyrie.yocto.io/pub/repro-fail/oe-reproducible-20260414-82oogy25/packages/diff-html/
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e52dbcd912
---------------------------
strace: Fix reproducibility issue
With the updated ax_prog_cc_for_build.m4 CC_FOR_BUILD can include a
" -std=gnu23" option on some hosts. We don't need this on target and
it leads to a reproducibility issue, so remove it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c3a944a85f
---------------------------
systemtap: add option for readline
systemtap will try and use libreadline if it's available which isn't
good for determinism. Add an option, and disable it by default.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a1db482ecd
---------------------------
ovmf: Fix build with GCC 16 and GLIBC 2.43
Backport two patches from master to fix native build with
GCC 16 and GLIBC 2.43
commit 3597306191297b504683b83fe7750e49c6a2e836
Author: Gerd Hoffmann <kraxel@redhat.com>
Date: Thu Jan 29 09:23:32 2026 +0100
BaseTools/StringFuncs: fix gcc 16 warning
StringFuncs.c: In function ‘SplitStringByWhitespace’:
StringFuncs.c:113:15: error: variable ‘Item’ set but not used [-Werror=unused-but-set-variable=]
113 | UINTN Item;
| ^~~~
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Author: Gerd Hoffmann <kraxel@redhat.com>
Date: Mon Dec 8 10:28:50 2025 +0100
BaseTools/EfiRom: fix compiler warning
New warning after updating gcc:
EfiRom.c: In function ‘main’:
EfiRom.c:78:17: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
The assigned value is not used, so fix the warning by just removing it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6b67b56e08
---------------------------
vulkan-samples: Upgrade to latest tip of trunk
- A new sample demonstrating the rasterization order attachment access extension (#1492).
- Broken documentation link to GitHub repo fixed (#1506).
- Vulkan SDK updated to 1.4.341 (#1477).
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5e5875a1c2
---------------------------
webkitgtk: Remove escaping of the plus sign in `CVE_PRODUCT`
The `+` character is now properly escaped by `cve_check.cpe_escape()`
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b0719171eb
---------------------------
gtk+: Remove escaping of the plus sign in `CVE_PRODUCT`
The `+` character is now properly escaped by `cve_check.cpe_escape()`
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b86c5ecdc0
---------------------------
cve_check: do not break old CVE_PRODUCT with escaped +
For now, until all layer are fixed, replace already escaped plus (+)
with a simple + before doing the escaping.
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3c73dafd03
---------------------------
cve_check: Improve escaping of special characters in CPE 2.3
According to the NISTIR 7695 specification [1], multiple characters
require escaping when using formatted strings (e.g., `cpe:2.3:...`),
which use backslash escaping. In "Figure 6-3. ABNF for Formatted String
Binding"", the characters that need escaping are referenced by "escape",
"special", and "punc". More characters must be escaped than just
`\`, `?`, `*`, `:`, and `+`.
Additionally, use `maketrans()` with `translate()`, which is more
efficient than a simple `replace()`.
[1] https://nvlpubs.nist.gov/nistpubs/legacy/ir/nistir7695.pdf
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5311f2a088
---------------------------
xserver-org: update CVE_PRODUCT
In cvelistV5, CVE-2024-21886 uses CPE xorg:xserver ([1]).
Detected because this CVE is shown for xwayland recipe.
[1] https://github.com/CVEProject/cvelistV5/blob/cve_2026-04-12_1800Z/cves/2024/21xxx/CVE-2024-21886.json#L646
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 987cf163b4
---------------------------
libpng: upgrade 1.6.55 -> 1.6.56
Release notes [1]:
* Fixed CVE-2026-33416 (high severity):
Use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`.
(Reported by Halil Oktay and Ryo Shimada;
fixed by Halil Oktay and Cosmin Truta.)
* Fixed CVE-2026-33636 (high severity):
Out-of-bounds read/write in the palette expansion on ARM Neon.
(Reported by Taegu Ha; fixed by Taegu Ha and Cosmin Truta.)
* Fixed uninitialized reads beyond `num_trans` in `trans_alpha` buffers.
(Contributed by Halil Oktay.)
* Fixed stale `info_ptr->palette` after in-place gamma and background
transforms.
* Fixed wrong channel indices in `png_image_read_and_map` RGB_ALPHA path.
(Contributed by Yuelin Wang.)
* Fixed wrong background color in colormap read.
(Contributed by Yuelin Wang.)
* Fixed dead loop in sPLT write.
(Contributed by Yuelin Wang.)
* Added missing null pointer checks in four public API functions.
(Contributed by Yuelin Wang.)
* Validated shift bit depths in `png_set_shift` to prevent infinite loop.
(Contributed by Yuelin Wang.)
* Avoided undefined behavior in library and tests.
* Deprecated the hardly-ever-tested POINTER_INDEXING config option.
* Added negative-stride test coverage for the simplified API.
* Fixed memory leaks and API misuse in oss-fuzz.
(Contributed by Owen Sanzas.)
* Implemented various fixes and improvements in oss-fuzz.
(Contributed by Bob Friesenhahn and Philippe Antoine.)
* Performed various refactorings and cleanups.
[1] https://github.com/pnggroup/libpng/blob/v1.6.56/ANNOUNCE
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3bca1f77c0
---------------------------
apr: remove -std=gnu23 from apr_rules.mk to fix reproducibility
With the updated ax_prog_cc_for_build.m4 from
apr: fix build with autoconf-2.73
it now correctly detects -std=gnu23 usability on host gcc and doesn't
try to use it e.g. with gcc-13 which doesn't support it, but that causes
build reproducibility issue between builds on such hosts as
CC_FOR_BUILD is included in installed /usr/share/build-1/apr_rules.mk
https://valkyrie.yocto.io/pub/repro-fail/oe-reproducible-20260412-a5w4mcrk/packages/diff-html/
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5d457cc016
---------------------------
time: Use upstream applied patches
time project now has a maintainer and has taken bunch of
patches submitted over years, backport the needed ones for
compiling with GCC-15 and Clang.
Current patchset was not adequate for clang and moreover
the applied patches are slightly different than what we are
carrying
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 09a901b987
---------------------------
useradd.bbclass: allow inheriting with only USERADD_DEPENDS set
When a recipe inherits useradd and only sets USERADD_DEPENDS (to depend
on users/groups created by another recipe), without creating any
users/groups itself, the parse-time sanity check incorrectly throws a
fatal error about missing USERADD_PACKAGES.
Skip the USERADD_PACKAGES/USERADD_PARAM validation when USERADD_DEPENDS
is set but USERADD_PACKAGES is not, since the recipe only needs build
dependency tracking, not user/group creation.
Fixes [YOCTO #15863]
Signed-off-by: Zk47T <zizuzacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d75ad04bb8
---------------------------
binutils: Set status for CVE-2025-69649
Set CVE_STATUS for CVE-2025-69649, as this CVE already fixed
with binutils 2.46 version update.
According to the NVD reference [1], the issue is addressed by the upstream commit:
66a3492ce68e1ae45b2489bd9a815c39ea5d7f66
This fix is included in binutils v2.46
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-69649
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 134acaf30f
---------------------------
rsync: Add packageconfig to use system zlib
Enable using system zlib by default, avoid copies
and duplicate builds
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f04b3448cd
---------------------------
gstreamer1.0-plugins-bad: Add fdkaac as a package feature
This adds support for building gstfdkaac, which is the GStreamer element
that wraps the fdk-aac AAC encoding library from Fraunhofer. fdk-aac is
available in meta-multimedia.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a01bd714c1
---------------------------
python3-kirk: upgrade 4.0.0 -> 4.1.0
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8c008f36d7
---------------------------
weston: backport gl-shaders fix to avoid shader compiler crashes
Some GPU shader compilers do not optimize away unused YUV shader
uniforms, even when the associated code paths are unreachable. This can cause
Weston to hit assertion failures at runtime on non-Mesa platforms, despite
working correctly on Mesa-based drivers.
Backport the upstream gl-shaders fix to restore stable behavior across
GPU drivers.
Signed-off-by: Mahesh Angadi <mangadi@qti.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 83b100bf2e
---------------------------
devtool: ide-sdk: use TOOLCHAIN not TCOVERRIDE
Looks like TOOLCHAIN is the correct variable to determine the toolchain
used by a recipe, not TCOVERRIDE.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ae24057e6a
---------------------------
oe-selftest/cpp-example: fix conf file ownership with static UIDs/GIDs
test_devtool_ide_sdk_none_qemu builds an image containing both
cmake-example and meson-example, starts a QEMU instance, then uses
devtool ide-sdk + devtool deploy-target to rebuild and redeploy each
recipe in turn. The test verifies that /etc/<recipe>.conf is owned by
the matching user both before and after each deploy cycle.
The test was failing with:
/etc/meson-example.conf not owned by user meson-example: got cmake-example
Root cause: both recipes call
install -m 0644 -o ${BPN} -g ${BPN} ... ${D}${sysconfdir}/${BPN}.conf
During do_install, pseudo resolves ${BPN} to a UID by looking up
/etc/passwd in the recipe's own isolated RECIPE_SYSROOT. Since the
sysroots are independent, both cmake-example and meson-example each
see themselves as the first --system user and get the same UID (e.g.
100). Both ${D} trees therefore contain files with UID 100. In the
final rootfs cmake-example is allocated UID 100 and meson-example UID
101. Files packaged for meson-example still carry UID 100, so stat
reports them as owned by cmake-example.
A pkg_postinst chown would fix the rootfs, but devtool deploy-target
is a plain tar pipe over SSH with no package-manager involvement - it
never runs pkg_postinst. Whatever UID is embedded in ${D} is what
lands on the target. Not sure how this could be fixed with dynamic UIDs.
A clean solution is to make every recipe sysroot and the final image
agree on the same UIDs from the start, i.e. static IDs.
Fix:
- Enable USERADDEXTENSION = "useradd-staticids" in _write_bb_config so
the test builds with static IDs for the duration of the test.
- Add cmake-example (UID/GID 533) and meson-example (UID/GID 534) to
meta-selftest/files/static-passwd and static-group.
- Expand the comment in cpp-example.inc's do_install to document the
static-ID requirement so future readers understand why the -o/-g
flags work correctly only under useradd-staticids.
- Fix a copy-paste error in the in-test comment (said
"meson-example.conf ... cmake-example user" for the cmake block).
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a42c2beedb
---------------------------
oe-selftest: devtool: use assertRegex to match test output for meson
Replace strict string matching with assertRegex to allow for flexible
whitespace in the "Fail: 0" output from meson tests. This improves test
robustness against formatting changes.
This issue was discovered with scarthgap.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f8ec611e86
---------------------------
oe-selftest: devtool: GDB breakpoint after std::vector is constructed
Change the GDB breakpoint from line 55 to 56 in cpp-example.cpp so that
the std::vector constructor has already executed when GDB stops. This
ensures that inspecting the vector with GDB works as intended also with
older GDB versions (e.g. on scarthgap).
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c4d86d5226
---------------------------
package: update the comment block explaining 'emit_pkgdata'
The comment block mentioned PKGDATA_DIR which is now used
differently.
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f235ffc43c
---------------------------
strace: Fix build with std=gnu23
This does not build on hosts with gcc <= 13 which does not have std=gnu23
dialect option e.g. ubuntu 24.04, especially with clang which does not
default to gnu23 yet like gcc-15, so autoconf 2.73 decided to enforce the
standard with clang which then spills into CC_FOR_BUILD as well without
this patch
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5168f9ade5
---------------------------
bind: Fix build with std=gnu23
This does not build on hosts with gcc <= 13 which does not have std=gnu23
dialect option e.g. ubuntu 24.04, especially with clang which does not
default to gnu23 yet like gcc-15, so autoconf 2.73 decided to enforce the
standard with clang which then spills into CC_FOR_BUILD as well without
this patch
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 88f12c4c3a
---------------------------
sudo: Fix build with std=gnu23
This does not build on hosts with gcc <= 13 which does not have std=gnu23
dialect option e.g. ubuntu 24.04, especially with clang which does not
default to gnu23 yet like gcc-15, so autoconf 2.73 decided to enforce the
standard with clang which then spills into CC_FOR_BUILD as well without
this patch
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a592a30e78
---------------------------
flex: Fix build with autoconf-2.74 and gcc <= 13
GCC 13 or below does not support -std=gnu23 but autoconf enforces
it on compilers which do not have C23 turned on by default
Update the autconf m4 file instead of passing cmdline option
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: be1a7b258b
---------------------------
apr: fix build with autoconf-2.73
On hosts with gcc-13 it was trying to use -std=gnu23 and failing
with unrecognized command-line option (gnu23 needs gcc-14 and newer)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8615b3388b
---------------------------
db: Pin to use C99 std
GCC-15 has switched to using C23 by default, we have been selectively
disabling warnings as errors to get by, however with autoconf 2.72 adding
-std=gnu23 it now gets enabled for every compiler and clang-22 is more
obidient and has dropped support for K&R C completely. db5 code has a lot
of K&R C prototypes and it starts to fail vigorously. We can not keep
working around with out uplifting sources to be compliant with newer C
standard like C23.
Therefore pin the cflags to use C99 standard as this package expects.
Drop the code to disable warnings as errors selectively instead add a
fix for addressing implicit int warnings
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 5a60dca0fb
---------------------------
python3: upgrade 3.14.3 -> 3.14.4
Changelog: https://docs.python.org/3/whatsnew/changelog.html#python-3-14-4-final
Drop patches:
- 0001-gh-144787-tests-Allow-TLS-v1.2-to-be-minimum-version.patch since
it was a backport and is now included in 3.14.4.
- 0001-test_pyrepl-skip-test_pyrepl_eio.patch, the test for which was
determined flaky and dropped upstream in commit 9743d88334ad.
ptests look OK:
|Ran 353 tests in 74.012s
|
|OK (skipped=43)
|
|== Tests result: SUCCESS ==
|
|28 tests skipped:
| test.test_asyncio.test_windows_events
| test.test_asyncio.test_windows_utils test.test_gdb.test_backtrace
| test.test_gdb.test_cfunction test.test_gdb.test_cfunction_full
| test.test_gdb.test_misc test.test_gdb.test_pretty_print
| test_android test_apple test_asdl_parser test_clinic test_devpoll
| test_free_threading test_generated_cases test_idle test_kqueue
| test_launcher test_msvcrt test_startfile test_tcl test_tkinter
| test_ttk test_ttk_textonly test_turtle test_winapi
| test_winconsoleio test_winreg test_wmi
|
|9 tests skipped (resource denied):
| test_curses test_peg_generator test_smtpnet test_socketserver
| test_urllib2net test_urllibnet test_winsound test_xpickle
| test_zipfile64
|
|455 tests OK.
|
|Total duration: 3 min 42 sec
|Total tests: run=46,926 skipped=2,469
|Total test files: run=483/492 skipped=28 resource_denied=9
|Result: SUCCESS
|DURATION: 223
|END: /usr/lib/python3/ptest
|2026-04-09T14:44
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
|root@qemux86-64:~#
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a85255af84
---------------------------
clang/llvm: Upgrade to 22.1.3 release
Brings following fixes
e9846648fd61 [RISCV] Use a vector MemVT when converting store+extractelt into a vector store. (#190107)
c55c1c1140e1 [TargetLowering] Speculative fix for a non-determinism issue between different compilers. (#190219)
151b4a3bafdd [clang-repl] Use canonical types in QualTypeToString (#190528)
0fecbff69a53 [clang] Fix issues with const/pure on varargs function. (#190252)
ae980d3b4df7 [lldb] Iterate over a copy of the ModuleList in SearchFilter (#189009)
307a11d7aa62 [Flang] Fix lowering failure for some constructs inside a CHANGE TEAM (#184342)
cd7f7379a016 [AArch64][llvm] Fix encoding for `stshh` instruction (#189588)
4250a0fc5de9 [RISCV] Fix stackmap shadow trimming NOP size for compressed targets (#189774)
da8a5b950c7d [flang] Update Flang Extension doc to reflect previous change (#188088)
0626016c5b90 [LoongArch] Implement canMergeStoresTo to avoid crash while NoImplicitFloat attribute is set (#188005)
bc44e9b80349 [Hexagon] Use __HVX_IEEE_FP__ to guard protos that need -mhvx-ieee-fp (#184422)
e6e59749af18 [Hexagon] Define __HVX_IEEE_FP__ when -mhvx-ieee-fp is enabled (#183829)
dc9d64aad7a9 [lld][COFF] Restore `lto-embed-bitcode` and `-fembed-bitcode` Bitcode Embedding Features (#188398)
8fef0fb1a2de [clang-repl] Fix C89 incompatible keywords (#189432)
7b6514cd3089 [sanitizer_common] [Darwin] Adopt _dyld_get_dyld_header (#182943)
24b53fbc67d9 [X86] Improve illegal return type handling in FastISel (#186723)
cc87fcfeef54 [AccelTable] Pre-compute entry pool offsets for DW_IDX_parent. NFC (#188915)
561944ebcbd1 [lit] Explicitly unset timer to free thread stack (#188717)
58468775a5e2 [lit] dealloc ApplyResult objects as they're waited on (#188642)
719a040bf13f [lit] Stop holding subprocess objects open in TimeoutHelper (#186712)
b8918e6248a8 [LoongArch] Fix incorrect reciprocal sqrt estimate semantics (#187621)
62b14a88906d [MC,clang] Fix -Wa,--noexecstack not emitting .note.GNU-stack (#187880)
4bae0d33b2a4 [ARM] Fix incorrect post increment from Or (#188036)
d033ffe4eeb4 [ARM] Regenerate vld2.ll test. NFC
5f04300518b5 [AArch64] Use an unknown size for memcpy ops with non-constant sizes. (#187445)
f6198f61b2bd [Hexagon] Fix truncation to boolean vector that need widening (#182528)
240f42d95f51 [Hexagon] Fix 64-bit funnel shift miscompilation with register shift amounts (#183669)
a6cd46b239c7 [Hexagon] Fix B0 macro conflict between hexagon_types.h and termios.h (#184539)
4592b0b6388d [libunwind] Fix building on OpenBSD / FreeBSD aarch64 (#188397)
cf542a3d9c00 [lldb] use the Py_REFCNT() macro instead of directly accessing member (#188161)
d40e60759077 [LoongArch] Fix incorrect indexing of incoming byval arguments in tail call eligibility check (#188006)
b68aafeb0dc1 [clang][AST] Preserve qualifiers in getFullyQualifiedType for AutoType (#187717)
55b442495879 [Clang] Fix a concept subsumption bug when template depths are adjusted (#186735)
7b593cd6c0df Bump version to 22.1.3
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f517389963
---------------------------
ghostscript: Fix build with clang-22
It seems clang can't handle floating-point arithmetic in
static initializers at compile time in this context.
Change the static const double declarations to
use #define macros fixes the problem
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fc25ce383d
---------------------------
openssl: upgrade 3.5.5 -> 3.5.6
Release information [1]:
OpenSSL 3.5.6 is a security patch release. The most severe CVE fixed in this release is Medium.
This release incorporates the following bug fixes and mitigations:
* Fixed incorrect failure handling in RSA KEM RSASVE encapsulation. (CVE-2026-31790)
* Fixed loss of key agreement group tuple structure when the DEFAULT keyword is used in
the server-side configuration of the key-agreement group list. (CVE-2026-2673)
* Fixed potential use-after-free in DANE client code. (CVE-2026-28387)
* Fixed NULL pointer dereference when processing a delta CRL. (CVE-2026-28388)
* Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo. (CVE-2026-28389)
* Fixed possible NULL dereference when processing CMS KeyTransportRecipientInfo. (CVE-2026-28390)
* Fixed heap buffer overflow in hexadecimal conversion. (CVE-2026-31789)
[1] https://github.com/openssl/openssl/blob/openssl-3.5/NEWS.md#major-changes-between-openssl-355-and-openssl-356-7-apr-2026
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: eb68203247
---------------------------
apr-utils: Fix old style function prototype warning with clang
Fixes build with autoconf-2.73 + clang-22
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2f9a3af45b
---------------------------
flex: Keep it at C17 with clang
autoconf 2.73 enforces C23 and adds -std=gnu23 but it leaks it into
CC_FOR_BUILD as well, which bites on systems with GCC < 14 where this
option does not exist.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3311772346
---------------------------
gn: Disable -Werror
With GCC 16 and GLIBC 2.43 on the host, this error is thrown:
/usr/include/c++/16/bits/stl_construct.h:88:9: error: array subscript ‘std::mutex[0]’ is partly outside array bounds of ‘unsigned char [24]’ [-Werror=array-bounds=]
88 | __location->~_Tp();
| ^~~~~~~~~~
Not even the latest version fixes this upstream.
Add --allow-warnings to the python command in do_configure
to disable -Werror during do_compile as a workaround.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a0b4fa9c26
---------------------------
glibc: stable 2.43 branch updates
$ git log --oneline 856c426a753450b8c6861a5b994a564f4fc16d4b..ce1013a197eb4a3b8ff2b07e0672f4d0b976ce7c
ce1013a197 tests: fix tst-rseq with Linux 7.0
60cabd0464 riscv: Resolve calls to memcpy using memcpy-generic in early startup
02ffd413cf elf: Use dl-symbol-redir-ifunc.h instead _dl_strlen
2695314378 elf: parse /proc/self/maps as the last resort to find the gap for tst-link-map-contiguous-ldso
dd9945c0ba resolv: Check hostname for validity (CVE-2026-4438)
5c6fca0c62 resolv: Count records correctly (CVE-2026-4437)
2be6cf2e75 posix: Run tst-wordexp-reuse-mem test
305ce0b588 aarch64: Tests for locking GCS
2ee41ba6ec aarch64: Lock GCS status at startup
fa4a40c7d4 tests: aarch64: fix makefile dependencies for dlopen tests for BTI
9898ea58b5 malloc: Avoid accessing /sys/kernel/mm files
c3ceb93dc4 Add BZ 33904 entry to NEWS
911bd469f8 debug: Fix build with --enable-fortify-source=1 (BZ 33904)
48f5a05a7a nss: Missing checks in __nss_configure_lookup, __nss_database_get (bug 28940)
d6cb7ce0e9 Linux: In getlogin_r, use utmp fallback only for specific errors
140c760d71 nss: Introduce dedicated struct nss_database_for_fork type
Testing Results:
+--------------+--------+--------+------+
| Result | Before | After | Diff |
+--------------+--------+--------+------+
| PASS | 6770 | 6774 | +4 |
| XPASS | 4 | 4 | 0 |
| FAIL | 29 | 28 | -1 |
| XFAIL | 16 | 16 | 0 |
| UNSUPPORTED | 489 | 490 | +1 |
+--------------+--------+--------+------+
Changes in testcases:
+------------------------------------------------------+--------+-------------+
| Testcase | Before | After |
+------------------------------------------------------+--------+-------------+
| elf/tst-tls20 | FAIL | PASS |
| posix/tst-wordexp-reuse-mem | N/A | PASS |
| resolv/tst-resolv-invalid-ptr | N/A | PASS |
| resolv/tst-resolv-dns-section | N/A | PASS |
| nss/tst-nss-malloc-failure-getlogin_r | N/A | UNSUPPORTED |
+------------------------------------------------------+--------+-------------+
Justification:
commit - 2be6cf2e75 posix: Run tst-wordexp-reuse-mem test
Fixes Makefile dependency to ensure the testcase is executed.
Passing new testcase:
+PASS: posix/tst-wordexp-reuse-mem
commit - dd9945c0ba resolv: Check hostname for validity (CVE-2026-4438)
Adds validation for hostname parsing and introduces a regression test.
Passing new testcase:
+PASS: resolv/tst-resolv-invalid-ptr
commit - 5c6fca0c62 resolv: Count records correctly (CVE-2026-4437)
Fixes DNS answer section parsing and adds a regression test.
Passing new testcase:
+PASS: resolv/tst-resolv-dns-section
commit - 48f5a05a7a nss: Missing checks in __nss_configure_lookup, __nss_database_get (bug 28940)
Fixes null pointer dereference and improves NSS handling.
Added testcase:
UNSUPPORTED: nss/tst-nss-malloc-failure-getlogin_r
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ec07921dfa
---------------------------
go: upgrade 1.26.1 -> 1.26.2
Upgrade to latest 1.26.x release [1]:
$ git --no-pager log --oneline go1.26.1..go1.26.2
9c8bf0e72a (tag: go1.26.2) [release-branch.go1.26] go1.26.2
096f21b1c5 [release-branch.go1.26] cmd/go: disallow cgo trust boundary bypass
7cafb4140d [release-branch.go1.26] crypto/tls: prevent deadlock when client sends multiple key update messages
a34b5e4d55 [release-branch.go1.26] archive/tar: limit the number of old GNU sparse format entries
c4b4bd7b3a [release-branch.go1.26] cmd/compile: fix loopbce overflow check logic
3a4577a268 [release-branch.go1.26] cmd/compile: fix mem access overlap detection
ceb4da6626 [release-branch.go1.26] crypto/x509: fix wildcard constraint map case sensitivity
babb1c32c2 [release-branch.go1.26] html/template: properly track JS template literal brace depth across contexts
b6176f459a [release-branch.go1.26] internal/syscall/unix: properly support AT_SYMLINK_NOFOLLOW on Linux
917949cc1d [release-branch.go1.26] net/url: permit colons in the host subcomponent of non-http/https URLs
7b4ed1d7d9 [release-branch.go1.26] crypto/x509: fix signature checking limit
8028a51430 [release-branch.go1.26] crypto/x509: hoist policy pruning out of loop
4ef278779f [release-branch.go1.26] runtime/race: apply LLVM zero-initialization fix
608303dd6e [release-branch.go1.26] cmd/link: skip special symbols for label symbol generation
e27183eff8 [release-branch.go1.26] cmd/compile: fix internal compiler error: bad write barrier type
98d4c11d8f [release-branch.go1.26] cmd/compile: treat all zero-sized values as SSA-able
cce667a91e [release-branch.go1.26] cmd/compile: handle zero-sized values more generally
3206e141fb [release-branch.go1.26] net/url: reattach package doc comment
82b95c14ec [release-branch.go1.26] cmd/compile: ternary rewrite of rewrite should skip, not panic
f14d3a8e91 [release-branch.go1.26] cmd/compile: skip race detector test failure for unsupported VMA
68f42c591d [release-branch.go1.26] cmd/compile: gate instrumentEnterExit on NoRaceFunc check
9fe1db7e7e [release-branch.go1.26] runtime: fix value of ENOSYS on mips from 38 to 89
08edcb8d3f [release-branch.go1.26] test/fixedbugs: remove issue46234 test timeout
895fbaecf5 [release-branch.go1.26] doc: remove template use in godebug.md
26548d4981 [release-branch.go1.26] cmd/fix: pull in CL 755980
12bf7d8cd2 [release-branch.go1.26] builtin: incorporate all feedback into doc string for new
943235a5e5 [release-branch.go1.26] builtin: update new function comment
1a44be4cec [release-branch.go1.26] internal/poll: move rsan to heap on windows
3bf3014fe7 [release-branch.go1.26] test/convert5: skip mipsle
e29f35511d [release-branch.go1.26] cmd/go/internal/cache: update trim timestamp before trimming
2b01132c9f [release-branch.go1.26] runtime/poll: fix race condition in Window's SendFile
ba8c3d07a7 [release-branch.go1.26] net/http: restore accidentally removed package doc
99df9bdb2a [release-branch.go1.26] net: correctly handle non-nil empty cmsg buffer on windows
ace2cf6652 [release-branch.go1.26] cmd/compile/internal/typecheck: simplify tcSliceHeader
1368bc269e [release-branch.go1.26] cmd/compile: fix bloop test
840d86c060 [release-branch.go1.26] runtime: fix printfloat, printcomplex buffer sizes
Fixes CVE-2026-32282, CVE-2026-32289, CVE-2026-33810, CVE-2026-27144,
CVE-2026-27143, CVE-2026-32288, CVE-2026-32283, CVE-2026-27140,
CVE-2026-32280 and CVE-2026-32281.
Release information: [2]
[1] https://github.com/golang/go/compare/go1.26.1...go1.26.2
[2] https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 00de455f8d
---------------------------
classes/cve-check: remove class
It's been long known that the cve-check class in oe-core is not that
usable in the real world, for more details see "Future of CVE scanning
in Yocto"[1]. This mail proposed an alternative direction that included
a CVE scanning tool that can be ran both during the build and afterwards,
so that periodic scans of a previously build image is possible.
Last year, Bootlin wrote sbom-cve-check[2] and I compared this to my
proposal in "Comparing cve-check with sbom-cve-check"[3], concluding
that this is likely the missing piece.
Support for sbom-cve-check has been merged into oe-core, and the
cve-check class is now obsolete. So that we don't have to maintain it for
the four-year lifecycle of the Wrynose release, delete it.
This patch also deletes the database fetcher recipes, and the test cases
that were specific to cve-check. Note that the oe.cve_check library
still exists as this is used by the SPDX classes.
[1] https://lore.kernel.org/openembedded-core/7D6E419E-A7AE-4324-966C-3552C586E452@arm.com/
[2] https://github.com/bootlin/sbom-cve-check
[3] https://lore.kernel.org/openembedded-core/2CD10DD9-FB2A-4B10-B98A-85918EB6B4B7@arm.com/
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 853baa702e
---------------------------
libgcc: Bump PR/HASHEQUIV_HASH_VERSION after reproducibility issues
Simulate a PR bump by changing DESCRIPTION which will force and output
change. PR isn't a good candidate here due to the shared workdir.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aec74f9cd0
---------------------------
classes-global/package: Ensure -src package is handled in signatures
populate_packages() will automatically insert a -src package if
PACKAGE_DEBUG_SPLIT_STYLE is "debug-with-srcpkg", even if there is not
-src package in PACKAGES. However, when the -src package is not in
PACKAGES, it is not accounted for in the task signatures which results
in errors.
[YOCTO #16238]
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 303262b00b
---------------------------
classes/sbom-cve-check: add variable to control the scope of the CVE scan
Unless told otherwise, sbom-cve-check will only report on issues found
in target recipes. Whilst this is the behaviour we want for image-based
scanning, it's not the designed bevhaviour for recipe-based scanning.
Add a new variable SBOM_CVE_CHECK_SCAN_SCOPE that is used as the value
passed with --export-process-native. Default this to "target" so the
normal behaviour is unchanged, but set it to "both" in the
sbom-cve-check-recipe class.
[1] https://sbom-cve-check.readthedocs.io/en/latest/export.html#export-options
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4777db599a
---------------------------
python3-sbom-cve-check: fix the version attribute in the Yocto-style JSON
The type of the version was an integer, but it should be a string.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 13d2a672bc
---------------------------
python3-sbom-cve-check: move from devtools/python to devtools/sbom-cve-check
Move the tool recipe from the catch-all python/ directory to be alongside
the recipes that fetch the databases for the tool.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8ac7c0c349
---------------------------
oeqa: Drop /git/ from our urls
Using /git/ in our urls is rather old school and not the preferred format now.
Update the urls to the preferred form even if the other ones still work.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1ceba42623
---------------------------
selftest/scripts: Update old git protocol references
git protocol accesses to our infrastructure are currently struggling and this
has highlighted a number of places we're making those obsolete access forms.
Update them to use https instead of the git protocol since it is preferred
and more reliable.
The devtool test needed quoting to handle the ';' in the url. The -f option
to devtool also shows a deprecation warning so remove that.
There were internal references to git protocol urls inside the nested git
submodules test report, which means those repos need updating to use
new git revisions.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cedc9209e3
---------------------------
recipetool: Recognise https://git. as git urls
If a url has git. in it, assume it is likely to be a git cloneable url
and should be treated as such.
This allows us to switch from https://git.yoctoproject.org/git/XXX urls to
the preferred https://git.yoctoproject.org/XXX form.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aef83d549e
---------------------------
docbook-xsl-stylesheets: Use str:replace from exslt.org to implement string.subst
Developement for docbook stylesheets has moved to github
there are newer releases available too which include this fix, however
for now nearing 6.0 release this is least intrusive way to move forward
This is needed for building latest samba versions
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3a1cf16b6f
---------------------------
rust: Upgrade 1.94.0 -> 1.94.1
https://blog.rust-lang.org/2026/03/26/1.94.1-release/
Rust Changes:
https://github.com/rust-lang/rust/releases/tag/1.94.1
Cargo Changes:
https://doc.rust-lang.org/nightly/cargo/CHANGELOG.html#cargo-1941-2026-03-26
Fixes: CVE-2026-33055 and CVE-2026-33056
Test results:
No changes
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9b4c689a91
---------------------------
systemd: fix packaging of 'run0'
The 'run0' command was introduced with systemd v256. Its
implementation is in the 'systemd-run' program, with
${bindir}/run0 installed as a symlink to that program.
However, when the upgrade to v256 was done (in commit
89b75b46371d5e9172cb496b461824d8551a2af5), the run0 symlink
wasn't packaged into systemd-extra-utils (where systemd-run
is packaged), introducing a hard RDEPENDS from systemd ->
systemd-extra-utils due to the symlink.
Fix this, and return to the softer RRECOMMENDS dependency
between systemd and systemd-extra-utils, by packaging run0
into systemd-extra-utils.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 84e70cccb7
---------------------------
vim: Fix CVE-2026-33412
Pick patch from [1], also referenced by NVD [2].
The upstream fix escapes newline in SHELL_SPECIAL to prevent command
injection via glob() shell expansion.
[1] https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-33412
Signed-off-by: Ashish Sharma <pahaditechie@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 23dc45429e
---------------------------
gst-examples: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0:
* b2a3b2e: Back to development after 1.28.0
* 6ec50ef: tutorials/android: bump up ndkVersion to 29
* 4f6b36b: gst-examples/webrtc: fix error reported with android NDK 29
* 425d36f: gst-examples: webrtc: Update Rust dependencies
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 44511f6d70
---------------------------
gst-devtools: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 6376a84: modules: dist common files from monorepo root
* 57be895: devtools: dots-viewer: Update Rust dependencies
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0e6dce6f92
---------------------------
gstreamer1.0-rtsp-server: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 6376a84: modules: dist common files from monorepo root
* 012b257: rtspclientsink: don't error out when stream transport
notifies timeout
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* c2ef75a: rtsp-stream: Clear send_thread when it's freed
* 20d3e66: rtsp-client: Lock media when unlinking session medias
* 0882b60: gst: Fix a couple of const correctness bugs around strchr()
usage
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 077428c189
---------------------------
gstreamer1.0-python: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* 539aaa1: python: Caps constructor has a single optional argument
* 18d4781: python: Structure constructor has a single required argument
* 6f21099: python: Add type hints for MapInfo members
* 0df78d0: python: Remove duplicated TestDoubleRange
* d4af24c: python: Add type hint for public fields
* 5f4fe17: python: int|float type is redundant and cause linter issue
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 7694a7d: modules: remove subproject README.md from git
* 6376a84: modules: dist common files from monorepo root
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* c43f2b2: python: Add item type annotation to Iterator class
* 49ca53f: python: Make Gst.Bin iterable
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 54c5640a18
---------------------------
gstreamer1.0-libav: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* be2f846: avviddec: Allow stride changes for some decoders
* f0bfd0c: avviddec: Handle field/order changes in mixed interlace mode
* f717c6e: avviddec: Simplify picture_changed helper function
* 0f77771: gst: fix author name: add missing closing angle bracket
* d125725: gst: also adapt author names in the gst_plugins_cache.json
files
* 92ba6c2: avviddec: Don't increment the AVCodecContext frame counter
* 529e7a6: avauddec: Don't increment the AVCodecContext frame counter
* aa02005: avviddec: Forward any ready video frames on gap events
* 0a6950d: gst-libav: avvidcmp: set colorimetry on AVFrame
* adc82d2: libav: Don't process lines that won't be outputted
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 7694a7d: modules: remove subproject README.md from git
* 6376a84: modules: dist common files from monorepo root
* 60c9be9: avviddec: Simplify conditional code in context handling
* b6fbaaf: avviddec: Improve renegotiation debug message
* d94518f: avviddec: Fix handling of mixed interlaced content
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* 80cd0ee: avviddec: Refcount codec frame associated with video frame
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 252bfdb181
---------------------------
gstreamer1.0-plugins-ugly: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 7694a7d: modules: remove subproject README.md from git
* 6376a84: modules: dist common files from monorepo root
* 8f9c0ad: asfdemux: Error out on files with more than 32 streams
* cb184da: rmdemux: Check if new video fragment overflows the fragment
storage before storing it
* 3bcbda6: rmdemux: Avoid integer overflow when checking if enough data
is available for video fragment
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* 37274be: gst-plugins-ugly: update translations
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 389693bf0c
---------------------------
gstreamer1.0-plugins-bad: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* 99c68cb: meson: Fix libxml2 not building due to wrong option type
* e973899: cudaupload, cudadownload: Fix CUDA/GL interop copy path
* 83b8417: webrtc: sink floating refs of ICE transports
* 887f2bf: ajasink: Only allow 6 / 8 / 16 audio channels
* a74bd95: mpegtspacketizer: Handle clock change/resets without skew
correction
* 956e714: mxfdemux: fix gst_mxf_demux_pad_get_stream_time ()
* 73bc4b8: tsdemux: Fix Continuity Counter handling
* 3795ca5: tsdemux: Simplify initial packet handling
* 150a7e4: mxfdemux: always send a segment before sending eos or
segment-done
* 3fdc449: codectimestamper: Fix latency query handling
* 530a52f: vtdec: Always reset flushing flag in flush()
* 4dfe11e: vtdec: Fix a very slight race in handle_frame() when
flushing
* 0a5e48c: vtdec: Make sure to reset last flow return when flushing
* ae04185: vtdec: Implement drain() to allow reverse playback
* 9e0e66f: webrtcbin: Check the presence of encoding-name fields in
answer caps
* fe28caa: vadisplay: Fix a couple of new const-ness warnings around
strstr() usage
* b88511e: classifiertensordecoder: Fix uninitialized variable compiler
warning
* 9924971: gstplay: fix reference counting
* f721368: v4l2: Add support for AV1 V4l2 decoder
* 0fd06de: vulkan/ios: Fix scaling and resizing with UIView
* 0708627: audiobuffersplit: Correctly calculate adapter start/end
running time for negative rates
* 9ae3903: audiobuffersplit: Use the output segment for output related
calculations
* 1a9c31f: audiobuffersplit: Don't use floating point divisions
unnecessarily
* 5e9ff8c: audiobuffersplit: Log if an input buffer has the discont
flag set or not
* 2ded76c: audiobuffersplit: Send any pending segment before
EOS/SEGMENT_DONE
* 72b9964: audiobuffersplit: Handle SEGMENT_DONE the same way as EOS
* 1f43861: audiobuffersplit: Convert gap events to silence buffers
* 16a2fef: audiobuffersplit: Implement negative rates correctly
* 6c6aba2: mpeghdec: memory leak fix in MPEG-H Audio decoder plugin
* 63e8a3b: vtdec: Don't re-create session if only the framerate changed
* 9e17a28: audiobuffersplit: fix reverse playback
* 59a7e80: vtdec: Add more debug logging
* 321c742: vtdec: Fix race condition when negotiating during playback
* 030cfc1: wayland: Fix CLAMP operation of maxFALL and maxCLL
* 705376e: objectdetectionoverlay: add support for rotated bounding
boxes
* d2aae83: cea608mux: fix overflow when calculating output PTS
* 05d821e: siren: remove trailing space from klass
* 24d4d91: openni2src: remove trailing space from desc
* 2700371: smoothstreaming: remove trailing space from desc
* d5e0ba7: gst-plugins-bad: remove trailing spaces: update
gst_plugins_cache.json
* f7f24fc: zebrastripe: adapt klass to recommendation
* d032f3c: fieldanalysis: adapt klass to recommendation
* 3c06dee: dtls: fix author name: add missing angle brackets
* 0f77771: gst: fix author name: add missing closing angle bracket
* 4506913: gst-plugins: fix author name: correct incomplete or wrong
emails
* d125725: gst: also adapt author names in the gst_plugins_cache.json
files
* c20ae61: videocodectestsink: fix typo in klass
* b463b8f: unixfdsrc: adapt klass "Src" to "Source"
* 8aa4eff: avtpsrc: adapt klass "Src" to "Source"
* e6348c3: rtpsrc: adapt klass "Src" to "Source"
* d21129f: frei0r-src: adapt klass "Src" to "Source"
* 78ce4b2: tsmux: reduce noise for DEBUG log level
* 5b40409: openh264enc: skip drain for baseline profile
* 53a95b2: openh264enc: remove broken drain and simplify handle_frame
* fafeaef: ajasinkcombiner: Only forward the segment events from the
video sinkpad
* 988666b: meson: Add a subproject for providing the LunarG MoltenVK
SDK
* 5084c9b: vulkan: load video function pointers conditionally based on
codec operation
* 011a06b: waylandsink: make gst_wl_window_commit_buffer handle NULL
buffers
* f201683: vtdec: Fix CM memory leak due to incorrect unref
* 930b4aa: zxing: Minimal support for compiling with zxing-cpp 3.x
* 51f45dc: vabasetransform: copy buffer's metadata at copy when import
buffer
* dbefb70: zxing: Fix version check for zxing-cpp 3.0.1
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 7694a7d: modules: remove subproject README.md from git
* 6376a84: modules: dist common files from monorepo root
* 2601491: vtdec: Avoid busy looping when queue length is smaller than
DPB size
* b76fe59: ladspa: Fix macOS detection
* 291e479: meson: Deprecate `system = 'ios'` in cross files, use
subsystem
* 4aa405d: applemedia: Stop using HAVE_IOS, use TARGET_OS_* macros
instead
* b4eaad5: avfdeviceprovider: AVCaptureDevice manufacturer is more
widely available
* 38655e0: applemedia: Enable EAGL support on tvOS too
* 25fbfd3: vtdec: VTRegisterSupplementalVideoDecoderIfAvailable is
widely available
* e833ae2: vtdec: Software decoders are now more widely available
* 082bc62: avfvideosrc: Add support for newer iOS 17+ APIs
* 190153c: vtenc: Fix build with tvOS
* 1c213de: applemedia: Disable avfvideosrc and avfdeviceprovider on
tvOS/watchOS
* 7807e72: vtdec: Check for AV1 and VP9 support once
* 9d8e01f: macos: Stop using HAVE_OSX, use built-in macros instead
* 86b0957: frie0r, ladspa: Stop using G_MODULE_SUFFIX
* 149cc0e: vtdec: Fix GstVideoCodecState leak
* 2f5b70e: asiosink: Fill silence when paused
* ad31d52: applemedia: elements can now be individually registered with
gst-full
* 8074134: h264,h265ccextractor: Fix framerate in initial caps
* 2efd57c: ccconverter: Reset counters on flush-stop
* af04ec5: vkav1dec: fix to set SavedOrderHints properly
* a10695e: v4l2codecs: Add short and long term controls in linux
headers
* 1721252: h265parser: Store raw short/long term RPS sets
* 8788a6c: codecs: h265dec: Parse extended SPS information
* 54994bb: v4l2codecs: Set long and short term RPS controls
* c22cdd5: build: codecs: Add AV1 decoder to the GIR includes
* 81b283e: build: codecs: Small style improvement
* d795915: build: codecparsers: Install some newly introduce API
headers
* 0fd74d0: build: codecparsers: Create a GIR file needed for since
marking
* 3686103: codec: h265decoder: Fix annotation and constify return value
* 1768b12: build: codecs: Add gir dependency to the new GstCodecParsers
gir
* 282fd81: codecparsers: h265/vc1: Add missing namespace to some
defines
* 9579389: codecparsers: Fix annotation warnings reported at GIR
constructions
* 947d59f: doc: codecparsers: Switch to gi-index
* 13b57d5: meson: Explicitly use cpp_std=c++11 for decklink
* 1ff173e: vavp8enc: set color format chroma
* c1ee041: tensordecoders: fix wrong dims_order check
* cbd357d: onnx: set dims_order on GstTensor
* 94c24fe: vtdec: Fix return value in flush()
* e5f8ddf: vtdec: Make sure VT thread won't get stuck after a
downstream error
* a1c2bb8: vtenc: Make sure draining actually drains all frames, port
fixes from vtdec, unify naming
* 3313eab: vtdec: Fix wrong DPB size check in the output loop
* ab5cead: vtdec: Calculate DTS offset correctly
* 673922a: applemedia: Sort sources list, fix indentation
* 1205741: applemedia: Fix broken HAVE_VIDEOTOOLBOX_10_9_6 define
* c1772be: applemedia: Remove outdated HAVE_VIDEOTOOLBOX define
* 8bcac75: applemedia: Get rid of AVFoundation-related defines
* 68c0b40: avfvideosrc: Small fixes to the plugin header
* 1758e23: applemedia: Small simplifications to the vulkan checks
* 561bfde: dvbsuboverlay: Mark parsed byte array as const
* 69a2c1c: dvbsuboverlay: Add missing bounds checks to the parser
everywhere
* cfb98fe: dvbsuboverlay: Avoid integer overflows and unreasonably
large displays/regions
* fcd957d: libs: jpegparser: boundary checks before copying it
* 8a26fa7: h266parser: Validate tile index bounds in picture partition
parsing
* 080ac76: h266parser: Fix APS ID bounds check in APS parsing
* 00a086a: h266parser: Fix out of bounds write when parsing pic_timing
SEI
* 5285725: h265parser: Validate num_decoding_units_minus1 in pic_timing
SEI
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* 6a3b3b6: av1parse: Add the GstAV1ParseStreamFormat enum and helper
functions
* 5b115b5: av1parse: Split the stream format and alignment logic
* 3b7e321: svtav1: fix "Level of parallelism" property type
discrepencies
* 74e26cf: dashsink: test: use playbin3 for DASH playback verification
* b99ef73: dashsink: guard splitmuxsink removal in release_pad during
dispose
* 31a80ef: vulkan: Fix libMoltenVK.dylib not found when installed
* 216d38a: all: GThreadFunc return type fixes
* 9bd09cc: srtpenc: preserve ROC when master key is updated for an
ongoing session
* 7e5161c: av1dec: Enable VIDEO_META and VIDEO_ALIGNMENT for pool
* b72d4cd: av1parse: Fix the consumed typo in _read_leb128
* 47002f8: av1parse: Fix a latent wrong setting of cll in
update_src_caps
* 0426e58: decklinkvideosink: fix element leak in decklink callback
* 16b556c: soundtouch: Only allow up to 192kHz and 16 channels
* 4520fe5: gdppay: Fix null pointer dereference on duplicated caps
event
* cf7ec94: h264parse: Do not update valid DTS and duration
* d850e77: h265parse: Update buffer duration only when it's invalid
* eb67339: vtdec: Store supplemental codec support in a global variable
* fb821c3: onnx: set default pixel-aspect-ratio
* 8e2db48: tflite: set PAR to 1:1 by default
* b5fa0db: vulkan: Clear mutex when GstVulkanImageMemory is freed
* be3a040: h264parser: Fix memory leak in gst_h264_parser_parse_nal()
* 18dd8d6: tsmux: Fix integer overflow in SCTE35 NULL interval
* 95b4388: gst-plugins-bad: update translations
* 07c0ecc: dtls: unregister signal handlers from connection
* e8b7cc0: vp9parse, av1parse: Remove segment clipping to let
downstream handle frame boundaries
* 259d5e7: vtdec: Do not hold the stream lock when pushing out frames
* 72afb2c: nice: Fix leak of nice thread
* 391d843: vulkanvp9dec: Fix case in device-specific factory name
* 09872a7: wasapi2sink: Ignore device errors from default device
* 5d165e6: mxfdemux: reject corrupted index entry
* a277cb4: mxfdemux: add reversed temporal offset bound check
* 384e65b: waylandsink: fix waylandsink crash when call window flush
* 9552c85: wlwindow: fix viewport source outside buffer when play
resolution change stream
* 8320b8d: vtdec: Supplemental VideoToolbox decoders now registered via
vtutil helper
* dea92e8: vkswapper/vksink: Don't advertise unsupported formats
* c8a404b: shm: fix shmsink exit code 1 on clean shutdown
* 5dfb388: wayland: display: Add protection when replacing wl_output
* 0882b60: gst: Fix a couple of const correctness bugs around strchr()
usage
* 5ed6a6d: wasapi2: Log target device information
* b05db6e: sctp: Set number of outgoing & incoming streams to the same
value
* 6e69d47: applemedia/vtdec: handle decoder error status for iOS
* cf067cc: applemedia/vtenc: make sure to NULL terminate the level
string
* 299ffee: vtenc: restart even if VTCompressionSessionCompleteFrames
fails
* a8d3ce8: vtdec: Also reset session when output_callback gets a
kVTVideoDecoderMalfunctionErr
* 63efa3c: waylandsink: Properly reset the tag orientation
* 701194a: nvcodec: Add capability caching to speed up plugin
initialization
* 18851f9: vtdec: Don't leak RGBA64_LE caps during class init
* 327188d: vtdec: Fix incorrect setting of bitfield / flag
* b5af409: vtdec: Invert order of output caps to match our preference
* e265144: macos: Set activation policy in vulkansink (MoltenVK)
* f9cc731: jp2kdecimator: Fix some possible integer overflows in size
checks
* e900fe1: jp2kdecimator: Avoid integer overflows and divisions by zero
on invalid tile configurations
* ad02aae: h264parse: Remove pointless allocation failure handling
* 43a89cd: h264parse: Avoid NULL pointer dereferences when freeing
partially parsed SPS/MVC data
* c2690af: h266parser: Avoid integer overflow when parsing profile /
tier / level
* 845e9cf: av1parse: Avoid signed 32 bit integer overflow when parsing
LEB128 values
* f9d57db: av1parse: Be more explicit about available data when parsing
LEB128 values
* 6e84260: av1parse: Allow G_MAXUINT32 as LEB128 encoded value
* 00d6368: av1parse: Correctly reject LEB128 values where the 8th byte
has the high bit set
* 871ac21: vmncdec: Set cursormask to NULL to prevent double free
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a9d028a319
---------------------------
gstreamer1.0-plugins-good: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* 99c68cb: meson: Fix libxml2 not building due to wrong option type
* 8388e74: qtdemux: Improve debug output around seek event handling
* db3c0c6: qtdemux: Rename last mention of last_stop to position
* 19e3c57: qtdemux: Set the segment position to the start on EOS in
reverse playback mode
* 5c681d2: v4l2: Add v4l2av1dec stateful decoder support
* 6438539: v4l2: update gst plugins cache
* d3c0283: vpxdec: Support downstream pools with alignment requirements
* 0edccca: qtdemux: Don't ignore flow return when pushing queued
buffers downstream
* ff3edfc: qtdemux: Make sure to not output the same samples multiple
times in reverse playback mode
* d415a2b: qtdemux: Push raw audio/video buffers downstream in reverse
order if rate < 0
* e1c1979: wavpackparse: Parse 32 bit sample rate and channel masks
* 74d8469: wavpackparse: Print hexadecimal numbers with leading zeroes
for easier reading
* d296187: wavpackparse: Sync flags with latest wavpack
* 4ad4418: wavpackparse: Include sample type (int / float / dsd) in the
caps
* 6631df5: wavpackparse: Correctly parse and advertise depth vs. width
* f4d6909: wavpackdec: Set OPEN_NORMALIZE flag to normalize floating
point samples into the [-1,1] range
* 7005bb5: wavpackdec: Allow up to 4096 channels and up to maximum
sample rate
* 7514ac2: wavpackdec: Re-create wavpack decoder on caps changes
* 2cda74a: wavpackdec: Output 24 bit samples as actual 24 bit samples
* 69e76ae: wavpackdec: Allocate output buffer via the base class
* 293e350: wavpackdec: Output 18 and 20 bit as their corresponding
formats
* 4d3bdcb: wavpackenc: Extend caps a bit
* c5143e8: wavpackenc: Map buffer readwrite for channel reordering
* 3db67a3: wavpackenc: Add support for S8/S16/S18/S20/S24/S32 and F32
samples
* 4704dfe: wavpack: Update plugin docs cache
* d333aeb: qml6glsrc: Fix rendering of scene with clipped items
* ee8e500: qml6glsrc: Fix scraping of QQuickWindow content
* 2b09aec: rtpsource: Add locking for receive reports table
* eaadb4d: gst-plugins-good: fix author name: Kentaro Fukuchi
* 0f77771: gst: fix author name: add missing closing angle bracket
* e92f814: rtph263pay: fix author name: where not separated by ','
* 4506913: gst-plugins: fix author name: correct incomplete or wrong
emails
* d125725: gst: also adapt author names in the gst_plugins_cache.json
files
* f68c471: rtpptdemux/rtpssrcdemux: adapt klass "Demux" to "Demuxer"
* 75ae4d7: gstrtspsrc: Set new mki in the encoder upon crypto update
* 09635fe: rtspsrc: Memory leak in gst_rtspsrc_close() when
GST_RTSP_EEOF error occurs
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 7694a7d: modules: remove subproject README.md from git
* 6376a84: modules: dist common files from monorepo root
* 291e479: meson: Deprecate `system = 'ios'` in cross files, use
subsystem
* 88febbc: osxaudio: Stop using HAVE_IOS, use TARGET_OS_* macros
instead
* c3b73e9: qtdemux: Fix out-of-bounds read when parsing PlayReady DRM
UUIDs
* b4558a4: rtpqdm2depay: error out if anyone tries to use this element
* 1171ae8: wavparse: Remove pointless duplicated GST_ROUND_UP_2()
* 3564405: wavparse: Use unsigned integers for data sizes
* c73a1f4: wavparse: Use GST_ROUND_UP_2() in two more places instead of
a manual implementation
* 8822ee3: wavparse: Define maximum chunk size in a single place
* 081484e: wavparse: Avoid integer overflow and out-of-bounds read when
parsing adtl chunks
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* 5ee8c64: rtptwcc: fix feedback packet count wrapping at 255
* 216d38a: all: GThreadFunc return type fixes
* 180a877: rtph264depay: fix invalid memory access in
gst_rtp_h264_finish_fragmentation_unit
* d824117: Qt6GLVideoItem: caps update fixed
* d6ed0a0: qtdemux: fix invalid WebVTT timestamps
* b8436bf: wavparse: Avoid overflow in length when setting
ignore-length=true
* 586ff9c: wavparse: Fix parsing of RF64 wave files
* b08a64e: rgvolume: don't apply dBSPL reference level compensation for
LUFS values
* 9ca0bd6: hlsdemux2: fix seekable range for live HLS streams
* 100a0e6: qtdemux: Don't immediately push segment after moov in push
mode for fmp4
* 95919fa: wavenc: Skip writing empty LIST INFO chunk
* e717c43: gst-plugins-good: update translations
* 1ac03ff: qtdemux: fix handling of in-between fragments without tfdt
* 457b197: qtdemux: Preserve Metas and Flags when doing row alignment
* 27a9cc0: qtdemux: Avoid integer overflows when handling transform
matrices
* 1279ec9: qtdemux: Don't store 64 bit integers in 32 bit integers to
avoid overflows
* 0871bb2: qtdemux: Check that big enough stco/stsz are available when
parsing sample tables
* 160bba0: qtdemux: Error out instead of trying to handle a truncated
stts box
* b73c493: audioinvert: fix float truncation in transform_float
* bcc8c6e: qmlglsink: Fix for caps tracking on multiple setCaps calls
* 5ebb94c: qt6: Avoid parsing caps on every buffer
* 49bab9c: qt5: Avoid parsing caps on every buffer
* c4f56c0: rtspsrc: Discard early data in ONVIF mode
* 86e640a: rtspsrc: Fix const-correctness issue around strchr() usage
* 48cefc4: flvmux: fix race condition on caps get and check
* dbd4cb4: qtdemux: Avoid division by zero if 0 audio channels are
signalled
* 10fd1ab: qtdemux: Validate chnl defined layout before using it to
index the layouts array
* 3441881: qtdemux: Avoid out-of-bounds reads and writes of 64 item
audio channel positions array
* dc7ab66: qtdemux: Fix bit pattern check for omitted audio channels
map
* bad6721: qtdemux: Add various integer overflow and bounds checks to
uncompressed video handling
* 8aed48f: flvdemux: Avoid assertions on corrupted streams
* 35a905a: wavparse: Fix integer overflow when checking available
buffer size for reading cues
* 0d819ce: wavparse: Use prepend+reverse instead of append when
building the cues list
* 6db6dd0: matroskademux: Add missing parenthesis when calculating bz2
buffer sizes
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b35d049b4b
---------------------------
gstreamer1.0-plugins-base: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* e2c7b85: input-selector: add pad release stress test
* 6cb0626: input-selector: add test eos for remaining non active pad
* c4f4ad2: typefindfunctions: Promote y4m_typefind
* 62629e5: decodebin3: Ensure input->collection is always coherent
* cad6787: decodebin3: Improve handling collection change on existing
pad
* 7365663: rtp: Add mappings for H266 and AV1 encoding-names
* 3d82e94: base: Fix a couple of new const-ness warnings around
strstr() usage
* 848766d: gl: Fix explicit enabling of EAGL support on iOS
* 47576c7: eagl: Auto-resize when the UIView window is resized
* 4faeb36: audiorate: Handle SEGMENT_DONE the same way as EOS
* 2a7e50c: videodecoder: Handle recovery from temporary reordered
output
* d6fb546: playsink: unref color balance channels with g_object_unref()
* efc09c7: decodebin3: Fix switch to smaller collections
* acbe1ed: rtsp: Validate transport parameter parsing in RFC 2326
* 746553b: glsrcbin: adapt klass "Src" to "Source"
* a02c813: audiodecoder: Only forward gap events immediately if no
frames are pending
* 045b7a0: videodecoder: Move gap event handling into a helper function
* ff28f77: videodecoder: Don't directly forward gap events if the
decoder is not drained
* b1c6307: videofilter: Add VIDEO_ALIGNMENT to downstream pool
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 7694a7d: modules: remove subproject README.md from git
* 6376a84: modules: dist common files from monorepo root
* c6ea1f1: compositor: Do copy_metas also for background frame
* 291e479: meson: Deprecate `system = 'ios'` in cross files, use
subsystem
* d765ba7: eagl: Add support for tvOS
* 507fa0a: gstgl: Fix incorrect usage of G_MODULE_SUFFIX on macOS
* e14eecd: video-converter: Do not transform_metas with 0 width or
height
* 133c200: meson: Fix building of examples/gl/qt/qglwtextureshare
* 377a41d: riff: Correctly check that enough RGB palette data is
available
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* de557ba: glcolorconvert: Fix NULL pointer dereference on buffers
without video meta
* 216d38a: all: GThreadFunc return type fixes
* ecbaac1: rtpbuffer: Add validation for CSRC list length
* 8b1dec6: rtcp: Fix buffer overread in SDES packet parsing
* 3e5ac12: opusenc: Use correct memcpy() size when copying Vorbis
channel positions
* 8b4ea49: video-converter: fix I420/A420/AYUV BGRA/ARGB output on
big-endian
* cad4597: videorate: Fix unrestored caps on backward PTS
* ae535bd: video: fix too small default stride for UYVP with odd widths
* 6c2d5bd: gl: upload: Optimize EGL format check when there is no
context
* 8112ede: gl: upload: Fix linking glupload with restrictive caps
filter
* 5daccd1: gst-plugins-base: update translations
* 69d7aed: compositor: move gst_compositor_init_blend() to element
class_init
* 2f35652: rtsp: gstrtspurl: Parse URL having user without password
* ae8c618: videodecoder: Fix different seqnum error
* 9e4e4a3: audiodecoder: Fix different seqnum error
* 13f2638: base: audioencoder: Remove fixed caps from srcpad
* 9379c4a: exiftag: Unmap buffer if parsing a rational number gives a
zero denominator
* 87c7096: playback: Make sure to check for empty/any caps before
getting the first structure
* add1c1f: parsebin: Remove pointless casts
* 2a437f9: exiftag: Ignore invalid fractions with numerator/denominator
G_MININT
* 9949c53: audio-resampler-neon: read array operand by hand
* d33fc55: subparse: Replace a `g_strv_length()` in a loop header with
more efficient code
* a41cbb4: subparse: Replace regex string matching / replacing with
plain C string parsing
* 3a81eb4: subparse: Fix handling of closing of multi-byte tags
* 12fc1ed: subparse: Avoid NULL-pointer dereferences in mdvdsub parsing
code
* 7617d9e: typefind: Avoid signed 32 bit integer overflow when parsing
AV1 LEB128 values
* b86af52: typefind: Use a byte reader for parsing AV1 bitstreams
* d9c7e28: typefind: Allow G_MAXUINT32 as LEB128 encoded value when
parsing AV1 bitstreams
* 1f78c53: typefind: Remove dead code in AV1 LEB128 parser
* 66044db: exiftag: Use g_malloc() instead of malloc()
* aeef929: exiftag: Add missing bounds check and integer overflow
protections in various places
* e47f697: exiftag: Parse sensitivity value with the correct number of
bits and endianness
* 7f6db3d: subparse: Fix integer overflow when calculating qttext
timestamp
* 5e78c44: audio-resampler-neon: read array operand by hand, part 2
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 17f8143b94
---------------------------
gstreamer1.0: Upgrade 1.28.0 -> 1.28.2
Changes since 1.28.0
* b2a3b2e: Back to development after 1.28.0
* f8b4f2a: input-selector: fix race condition selecting next active pad
* 193b858: input-selector: gracefully handle active pad disappearance
* 52f8be4: input-selector: don't consider pad being released checking
for eos
* c711f7c: input-selector: fix regression receiving eos event
* 3d48df2: input-selector: don't wait for active pad when eos
(active-segment mode)
* 583ae1a: typefindhelper: EOS case explained in more details
* 305fb65: gst: Fix a couple of new const-ness warnings around strstr()
usage
* 88cdc0d: ptpclock: Fix potential out-of-bounds read when parsing
ANNOUNCE messages
* 443fb64: ptpclock: Fix copy-paste mistake in error messages
* c520284: ptpclock: Initialize PTP message to avoid invalid
uninitialized variable warning
* f8f0df1: caps: gst_caps_append_structure should not allow NULL
structure
* d08ede5: aggregator: Various introspection annotations / docs fixes
for vfuncs
* 1a98767: filesink: Add debug category to file write helper
* 1f415d1: filesink: Report write error correctly on Windows
* 1aa6b48: multiqueue: reverse playback: use segment stop position as
start time
* c7e0e43: aggregator: Handle gap event before segment
* 816e87b: bitwriter: Steal owned data in reset_and_get_data()
* 7c2da22: tests: bitwriter: Fix leak in test
* 835da19: modules: Remove NEWS from git which is generated from full
release notes
* 201b14e: modules: remove RELEASE from git, will be generated from
template on dist
* 7694a7d: modules: remove subproject README.md from git
* 6376a84: modules: dist common files from monorepo root
* 291e479: meson: Deprecate `system = 'ios'` in cross files, use
subsystem
* d609133: gstcheck: Disable fork on tvOS and watchOS
* 55bea0a: gstreamer: Stop using deprecated G_MODULE_SUFFIX
* 020a8fd: registry: Skip .dSYM bundles when loading plugins, try 2
* d8b40e3: gst-stats: Also allow ANSI colored logs without 0x in front
of the thread id
* c21305a: gst: Add explanatory comment to call_async implementation
* dcb37e2: Release 1.28.1
* 32113a6: Back to development after 1.28.1
* 216d38a: all: GThreadFunc return type fixes
* e76eebd: registry: Skip recursion into and from .dSYM bundles
* 9a94133: filesink: Fix wrong open() in overwrite mode
* 749cbe0: baseparse: Preserve upstream buffer duration if possible
* f71eb59: bin: iterator is not nullable
* 1b3939b: baseparse: Fix out_buffer leak in frame_free and missing ref
in frame_copy
* 1afd273: gstreamer: update translations
* cf7231d: queue: Fix potential use-after-free in log function
* 43421c2: Release 1.28.2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 63b3efff95
---------------------------
gstreamer1.0: upgrade 1.26.9 -> 1.28.0
0002-tests-add-support-for-install-the-tests.patch
refreshed for 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f3a26ff75c
---------------------------
gstreamer1.0-rtsp-server: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 40acfcedc0
---------------------------
gstreamer1.0-python: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8fdf2f7ad0
---------------------------
gstreamer1.0-plugins-ugly: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 85f5c49d5f
---------------------------
gstreamer1.0-plugins-good: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8cc34a8ae1
---------------------------
gstreamer1.0-plugins-base: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9b57df11ca
---------------------------
gstreamer1.0-plugins-bad: upgrade 1.26.9 -> 1.28.0
* The closedcaption plugin no longer depends on cairo and pango.
* Explicitly disable new plugins that require external dependencies:
* hip
* mpeghdec
* tflite
* tflite-edgetpu
* tflite-vsi
* vmaf
* wpe2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 987851c723
---------------------------
gstreamer1.0-libav: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c3ccac37b0
---------------------------
gst-examples: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f413c1e1c7
---------------------------
gst-devtools: upgrade 1.26.9 -> 1.28.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 42b530581f
---------------------------
grub: update search parameter
Grub would report an error message in boot stage as below:
"error: no such device: ((hd0,gpt1)/EFI/BOOT)/EFI/BOOT/grub.cfg"
Consequently, the root variable is not set, and the intended protection
against cross-device configuration loading (the purpose of the original 2014 commit)
is lost.
The most robust fix is to use the --hint parameter.
This separates the search target from the device hint, avoiding
fragile string concatenation and supporting both prefixed and
non-prefixed $cmdpath formats.
Fixes: 5ce73b6055ac ("grub: add cmdpath to grub configuration file")
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 33e40dccc7
---------------------------
busybox: enable mkfs.vfat via config fragment
Enable busybox’s mkfs.vfat (mkdosfs) implementation using a dedicated
mkdosfs.cfg config fragment.
While dosfstools provides mkfs.vfat and is available through
update-alternatives, it is licensed under GPLv3. Busybox also includes a
lightweight mkfs.vfat implementation that is suitable for minimal images
and systems relying primarily on busybox utilities.
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1406f9523c
---------------------------
busybox: do not build SUID binary without an applet
If the merge of all config snippets leads to a SUID binary without any
applets, do not build and install it to reduce the SUID binaries in the
system.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 47bcb67793
---------------------------
barebox: upgrade v2026.03.0 -> v2026.03.1
CVE-2026-33243 has been fixed in v2026.03.0[0] but introduced
a regression. v2026.03.1 contains a single commit to fix it[1].
Changelog : https://github.com/barebox/barebox/compare/v2026.03.0...v2026.03.1
* FIT: handle hashed-nodes property not being in hashed nodes order
Release: https://github.com/barebox/barebox/releases/tag/v2026.03.1
[0]: https://github.com/barebox/barebox/commit/55f25be5223b662c6888d9d7ef07d28e0348d7db
[1]: https://lore.kernel.org/barebox/abljJRMecNdejSD0@pengutronix.de/
Signed-off-by: Yanis BINARD <yanis.binard@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7588076fc2
---------------------------
groff: upgrade 1.23.0 -> 1.24.0
Upgrade to latest revision of 1.24.0.
- Drop patches included in this release.
- Add patch to fix test-groff not found in cross-compilation.
- Add patch to use SOURCE_DATE_EPOCH in gropdf for reproducible PDF generation.
- COPYING, LICENSES: Refresh GPLv3 text.
Release Note:[https://lists.gnu.org/r/groff/2026-02/msg00149.html]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1d2e858673
---------------------------
webkitgtk: upgrade 2.50.4 -> 2.50.6
================
WebKitGTK 2.50.6
================
What's new in WebKitGTK 2.50.6?
- Fix sample code included in the documentation of the
webkit_user_content_manager_register_script_message_handler()
function.
- Fix MP4 muxing when using GStreamer 1.28.
- Fix WebAudio not resuming correctly after using window.alert()
- Fix WebAudio producing incorrect output in some cases due to
incorrect sample buffer management.
- Fix several crashes and rendering issues.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 965da4d5b5
---------------------------
createrepo-c: upgrade 1.2.2 -> 1.2.3
Full list of changes in this release is available at [0].
[0]: https://github.com/rpm-software-management/createrepo_c/releases/tag/1.2.3
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 36b166eef3
---------------------------
blueprint-compiler: upgrade 0.20.0 -> 0.20.4
Changelog:
git://gitlab.gnome.org/GNOME/blueprint-compiler
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 89b60ec3bb
---------------------------
uki.bbclass: fix ukify arguments assembly
Missing space before --uname ukify option mangles the command line
string when KERNEL_VERSION is set.
Signed-off-by: Pavel Löbl <pavel@loebl.cz>
Reviewed-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 33e52b9e8f
---------------------------
icu: Workaround buildpaths QA check, if TMPDIR is /build/tmp
The file udatatst.c really contains the string /build/tmp. When building
with kas-container the build directory is /build and hence the TMPDIR
becomes /build/tmp. This triggers the QA check *buildpaths*. To work around
this, slightly modify the string in the source code.
% grep -n -C2 /build/tmp source/test/cintltst/udatatst.c
136- char* path=(char*)malloc(sizeof(char) * (strlen(ctest_dataOutDir())
137- + strlen(U_ICUDATA_NAME)
138: + strlen("/build/tmp/..")+1 ) );
139-
140- char *icuDataFilePath = 0;
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f9acaf1c13
---------------------------
initramfs-framework: init: fix kernel cmdline parsing
Fix several issues with double quotes in kernel command line
- Kernel options like 'opt="value"' were breaking the parser,
causing the whole reminder of the command line to be ignored.
The code only supported 'opt="word1 word2..."
- Setting variables without removing quotes in the value
- Setting variables to values with spaces without enclosing
the value with quotes. This caused execution errors evaluating
expressions like:
bootparam_opt=word1 word2
The first fix is particularly needed for people using the kernel
"bootconfig" configuration parameters to add options to the kernel
command line:
CONFIG_BOOT_CONFIG=y
CONFIG_BOOT_CONFIG_EMBED=y
CONFIG_BOOT_CONFIG_EMBED_FILE="additional-bootargs.bootconfig"
This mechanism systematically adds quotes around options
with values, for example:
init="/sbin/preinit"
Without the fix, the wrong init program can be started from the
initramfs and debug messages are ignored when "debug" is
present after "init" in the kernel command line.
For readability and performance sake, also use shell variable operators
instead of "sed" to remove leading and trailing quotes.
Tested both on host and target machines.
With the below kernel command line:
rootwait init="/sbin/preinit" debug root=/dev/mmcblk0p2 console=ttymxc0 dyndbg="file drivers/usb/core/hub.c +pltf" quiet
The following variables are set:
bootparam_rootwait="true"
bootparam_init="/sbin/preinit"
bootparam_root="/dev/mmcblk0p2"
bootparam_debug="true"
bootparam_console="ttymxc0"
bootparam_dyndbg="file drivers/usb/core/hub.c +pltf"
bootparam_quiet="true"
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 83d6cceee9
---------------------------
systemd: backport fix for tpm2 without efi support
See https://github.com/systemd/systemd/pull/41231 or the patch commit
message for details. The regression affects v259.1 to 259.5 as well as
v260.1. Requested a backport to v259 but for now a patch is needed.
Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6f04f85581
---------------------------
autoconf: Raise line length limit for sed/awk
Latest autoconf is splitting long cmd lines in config.status
it generates using sed/awk to have compatibility with
platform like HPUX,Solaris,AIX which is understandable given
autotools try to achieve wider portability, however, this does
mean that in OE builds we might get these newlines added in
places dividing commands including buildpaths in them and the
methods deployed to scrub them from output artifacts will fail
since the string is now on two lines resulting in build QA to
pass but the strings do sneak in affecting reproducibility
one such example is e2tools recipe in meta-filesystems and there
perhaps are more
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b4dc7e415a
---------------------------
recipes: remove redundant autoreconf excludes
With autoconf 2.73 autoreconf is better at not forcibly running aclocal
or autoheader if the relevant files are not managed by those tools.
This means we can remove a number of explicit excludes as they are no
longer needed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c5ddbb307a
---------------------------
autoconf: upgrade to 2.73
man-host-perl.patch and autoreconf-exclude.patch are now upstream.
Remove a hunk from autotest-automake-result-format.patch that has no
purpose.
License-Update: postal address changed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f0a258bdb5
---------------------------
ghostscript: ensure the native compile uses C17
GCC 15.2 defaults to C23:
$ aarch64-poky-linux-gcc --version
aarch64-poky-linux-gcc (GCC) 15.2.0
$ aarch64-poky-linux-gcc -dM -E - </dev/null | grep STDC_VERSION
#define __STDC_VERSION__ 202311L
As of ghostscript 10.06.0 the build is good with C23[1] and our cross
compiler is 15.2, so we can stop adding -std=gnu17 to the target CFLAGS.
However, our buildtools are currently using GCC 14.2 which has the
interesting behaviour that it has a -std=gnu23 option but does not then
actually claim to support C23:
$ gcc --version
gcc (GCC) 14.2.0
$ gcc -std=gnu23 -dM -E - </dev/null | grep STDC_VERSION
#define __STDC_VERSION__ 202000L
This then interacts badly with autoconf 2.73 which tells the compiler to
use C23, breaking stdpre.h which handles a number of different
compilers and C standards.
A bug has been filed with ghostscript[2] to try and handle this this
case in the source, but a workaround is to tell the native compiles to
explicitly use C17.
[1] ghostscript ae9409464 ("Bug 708160: Fix compatibility with C23 compilers")
[2] https://bugs.ghostscript.com/show_bug.cgi?id=709290
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7761a3a5ff
---------------------------
ghostscript: do out-of-tree builds
Upstream said that out-of-tree builds were meant to work, so I found the
few instances where path assumptions were incorrect and enabled it.
This gives us more reliable builds as we can always throw away the build
tree when reconfiguring.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 435d344cbf
---------------------------
native/cross: ar wrapper: don't prepend 'D' when @<file> is used
In some cases bazel-native build calls ar with
@<file> - read options from <file>
syntax, where the ar params are generated in *.param file by
separate bazel action before ar is called.
Unfortunately this intercept breaks that syntax by prepending D like:
$ ./ar-intercept @foo
argv before: ['./ar-intercept', '@foo']
argv after: ['./ar-intercept', 'D@foo']
./ar-intercept: invalid option -- '@'
Usage: ./ar-intercept [emulation options] [-]{dmpqrstx}[abcDfilMNoOPsSTuvV] [--plugin <name>] [member-name] [count] archive-file file...
./ar-intercept -M [<mri-script]
...
or might trigger 'non-deterministic mode requested' error on false positive:
$ ./ar-intercept @Ufo
argv before: ['./ar-intercept', '@Ufo']
ar: non-deterministic mode requested
argv after: ['./ar-intercept', '@Ufo']
./ar-intercept: invalid option -- '@'
Usage: ./ar-intercept [emulation options] [-]{dmpqrstx}[abcDfilMNoOPsSTuvV] [--plugin <name>] [member-name] [count] archive-file file...
./ar-intercept -M [<mri-script]
Don't try to inject D into first line of @<file>, lets assume the caller
uses D already (bazel uses 'rcsD' by default).
* Ar flags for combining object files into archives. If this is not set, it
* defaults to "rcsD".
* TODO(b/37271982): Remove after blaze with ar action_config release
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 35b1bf1098
---------------------------
machine/arch-microblaze: Fix newlib builds
Fix the following errors for newlib libcs:
ld: unrecognized option '--hash-style=sysv'
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2995e9de59
---------------------------
clang: Replace patch with solution merged upstream
Drop 0039-Clang-Rename-OffloadArch-UNUSED-to-UNUSED_-to-avoid-.patch
Backport the equivalent upstream commit and remove the local patch.
https://github.com/llvm/llvm-project/commit/5bc3d1966b2d0b300c338d85bb38e356f0d12a8c
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 995ce6613c
---------------------------
libgcc: Fix license with libgcc-src
Sets the correct license for the libgcc-src package. Note that even
though the package is not in PACKAGES, it is implicitly added when
PACKAGE_DEBUG_SPLIT_STYLE is "debug-with-srcpkg" (the default). This
was likely not noticed sooner because the fix to allow the code to
detect this was relatively recent in 1816c5a5e7 ("lib/package: Check
incompatible licenses at packaging time")
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 099c3db2be
---------------------------
busybox: fix DISTRO_FEATURES detection
Changes to how DISTRO_FEATURES is evaluated meant that busybox was using
a partial DISTRO_FEATURES and thus disabling features it should not be.
This is due to the use of immediate assignments which are evaulated
before the final value is calculated (by anonymous Python in base.bbclass).
Remove entirely DO_IPv4/DO_IPv6 as they're used once, replacing with
inline bb.utils.contains_any().
Remove the immediate assignments to OE_FEATURES/OE_DEL so that they are
evaluated on use. The evaluation is expensive, but it only happens once.
[1] oe-core 159148f4de ("meta: Support opting out of any distro features")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e2518b1eaa
---------------------------
classes/sbom-cve-check-recipe: add recipe-scanning class
Add a second sbom-cve-check class that scans the recipe-SBOM, unlike
sbom-cve-check.bbclass which scans specifically an image's SBOM.
In most cases, image-derived SBOM scanning is preferred as this is able
to analyse the actual content of the image, e.g. reporting just the
kernel issues that have actually been compiled into the image (for
linux-yocto 6.18.19, this reduces the CVE count from 108 to 52).
However, for metrics or other specific purposes it might be useful to
scan a recipe-SPDX, so add a class that can do this.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e1e5c29e4
---------------------------
classes/sbom-cve-check: extract common functionality to a -common.bbclass
Extract the common configuration variables and run_sbom_cve_check() that
actually invokes sbom-cve-check to a separate class, so that other
classes that are not tied to image generation can use the same logic.
No code changes, just movement.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8ad01a9b23
---------------------------
classes/sbom-cve-check: extract the database dependencies to a variable
This tidies up the dependencies, allowing for future tasks that will
need the same dependencies.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 782e8f4852
---------------------------
classes/sbom-cve-check: refactor do_sbom_cve_check
Extract the bulk of the logic to a separate function, so the task just
has to pass a few variables.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 24a3fe9c31
---------------------------
sbom-cve-check-config.inc: move to meta/conf/
This file is used by classes and recipes, so it's best to put it into
conf/ instead of alongside the recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 131e024a66
---------------------------
sbom-cve-check-update-db: Fix unpack removing other databases
Previously, `UNPACKDIR` was set to `${SBOM_CVE_CHECK_DEPLOY_DB_DIR}`,
which points to the `./databases/` directory and may contain multiple
databases. Since `do_unpack` cleans the `${UNPACKDIR}` directory,
`UNPACKDIR` must only contain a single database.
To address this, set `UNPACKDIR` to
`${SBOM_CVE_CHECK_DEPLOY_DB_DIR}/${SBOM_CVE_CHECK_DB_NAME}` and
configure `destsuffix` to an empty string. However, it is currently not
possible to set `BB_GIT_DEFAULT_DESTSUFFIX` to an empty string, so
`destsuffix` is configured through the SRC_URI instead.
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Tested-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 20f7a0447d
---------------------------
sbom-cve-check-update-db: Fix do_populate_lic failure
The `do_populate_lic` task was failing because it runs after `do_patch`,
but the indirect dependency on `do_unpack` was lost when the `do_patch`
task was deleted.
It is safe, and even preferable, to retain the `do_patch` task, as this
allows users to apply patches to their CVE databases.
Follow-up to commit 8ef22ad9e302f86b2da4fa81541a464e95b9ef3c
("sbom-cve-check: Add class for post-build CVE analysis").
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5dcd5df55a
---------------------------
image_types_wic: Simplify search path
Standardise on one location by default for wic/wks files and simplify the
search path accordingly.
wic is now using BBPATH instead of BBLAYERS so this needs to be added to
WICVARS too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1883fcf40a
---------------------------
wic: move canned *wks files
When "wic create ..." is invoked with a bare *wks name (i.e. without the
`.wks` extension), wic calls engine.py:find_canned_images() to find the
fully qualified *wks file. This function searches every directory formed by:
- permutating all BBLAYERS with `/wic`
- permutating all BBLAYERS with `/scripts/lib/wic/canned-wks`
- checking `<scripts_path>/lib/wic/canned-wks`
Where `<scripts_path>` is the directory containing the wic program.
When wic is part of oe-core, the last search path succeeds in finding
the canned *wks files in `<topdir>/scripts/lib/wic/canned-wks` (since
the wic program is found in oe-core's `<topdir>/scripts` directory, and
`<topdir>/scripts` is not a BBLAYER).
However, once wic is removed from oe-core, this algorithm will not find
these bare *wks files in any of the above-mentioned search paths since
the oe-core layer will no longer be the home of the wic program, and the
canned *wks files are not located in any directory relative to BBLAYERS.
Since these *wks files are specific to oe-core's meta layer, they should
stay with this layer. Therefore move the *wks files so they exist in one
of the locations searched relative to oe-core/meta's BBLAYERS.
NOTE: this patch is in preparation for removing wic from oe-core
the wic oe-selftests work fine with this patch being added now
[RP: Updated meta/wic -> meta/files/wic]
Reviewed-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Reviewed-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3bbde62a0d
---------------------------
meta-selftest/wic: Move to files/wic
To align with the new search paths, move the files to the new location.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 07e410600c
---------------------------
sanity: Add check for old wks/wic paths
To allow us to clean up the old wic/wks search paths and standardise, detect the
old locations and show the user a sanity check error if they exist.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5bbe4ba076
---------------------------
image_types_wic: Add files/wic to the search path for wks files
With the move of wic to a standalone tool, "files/wic" makes the most
logical place to look for files in the standard layer structure. Add
this to the search path.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b9e2a2f584
---------------------------
wic: remove to standalone repository
The wic utility will no longer be integrated into the oe-core
repository. However, the wic utility will continue to exist under The
Yocto Project umbrella. This will allow wic to be more easily used
independently of bitbake and oe-core.
The primary repository for standalone wic will be:
https://git.yoctoproject.org/wic
Reviewed-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Reviewed-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2aec21a4e4
---------------------------
selftest/cases/wic.py: remove test_sparse_copy
Delete the wic.Wic2.test_sparse_copy test since it tests code that is
internal to wic itself. Once wic is removed from oe-core it will not be
possible to test this function from this layer.
NOTE: this patch is in preparation for removing wic from oe-core
the wic oe-selftests work fine with this patch being added now
Reviewed-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Reviewed-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 37b355964b
---------------------------
oe-selftest/cases/wic.py: update WicTestCase
The wic oe-selftest defines its own class (WicTestCase) for handling
setup, teardown, and various other pieces needed to run the individual
wic oe-selftests. As part of oe-core, the wic.CLITests do not need
setup and teardown. However, once wic is no longer part of oe-core, the
oe-selftests will need to know where to find wic that comes from a
recipe. Update PATH so wic will be available.
NOTE: this patch is in preparation for removing wic from oe-core
the wic oe-selftests work fine with this patch being added now
AI-Generated: codex/gpt-5.4 (high)
Reviewed-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Reviewed-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a116fc10c2
---------------------------
wic: Update to pull in path changes
Update wic to pull in path changes to support files/wic and a README update.
Switch to the tagged version too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 25ca1cb46d
---------------------------
wic: add recipe
Add a recipe for the external wic utility from
https://git.yoctoproject.org/wic. Add wic to the list of native
wic-tools, and make it a dependency of the image bbclass for wic images.
Add myself as maintainer for this new recipe, as well as the wic-tools
recipe (which did not have a maintainer).
NOTE: this patch is in preparation for removing wic from oe-core
the wic oe-selftests work fine with this patch being added now
Reviewed-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Reviewed-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b8fbec7841
---------------------------
weston-init: add repaint-window=10 to [core] config
Weston's default repaint-window is 7ms. At 60 fps the vsync interval is
~16ms. Under load (multi-surface composition or 4K fullscreen
weston-simple-egl), the compositor cannot complete repaints within this
window, causing up to 50% FPS drops.
Changing repaint-window to 10ms gives the compositor sufficient time to
complete repaints before vblank while retaining a 6ms buffer acquisition
window, improving frame delivery consistency without introducing additional
frame latency.
Signed-off-by: Yash Gupta <ygupt@qti.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a791ca692d
---------------------------
conf/packagegroups: Drop usbhost/usbgadget from DISTRO_FEATURES to MACHINE_FEATURES
Whilst the intention was good, nobody really needs to exclude usbhost/usbgadget from a distro
level any more, it is sufficient to have it as a machine feature which configuraitons
could disable.
At the distro level it just confuses people and looks very dated, so
drop it to a machine feature only.
Instead, for distro level control you could simply now do:
MACHINE_FEATURES:remove = "usbgadget usbhost"
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ec0a7650a4
---------------------------
conf/packagegroups: Drop pcmcia from DISTRO_FEATURES to MACHINE_FEATURES
Whilst the intention was good, nobody really needs to exclude "pcmcia" from a distro
level any more, it is sufficient to have it as a machine feature which configuraitons
could disable.
At the distro level it just confuses people and looks very dated, so
drop it to a machine feature only.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 12b8b7aef5
---------------------------
local.conf.sample.extended: Drop obsolete DISTRO_FEATURES comments
These pieces of config are obsolete and not really what users need any more,
just remove them entirely as they are simply confusing.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2fc87d0fc0
---------------------------
oelib: utils: Fix description of set_difference
Forgot to change the description when copy-pasting from set_intersect().
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4a13747b6e
---------------------------
oelib: utils: Support opting out of all features
If '*' is present as a separate token in DISTRO_FEATURES_OPTED_OUT or
MACHINE_FEATURES_OPTED_OUT, interpret this as opting out of all default
features.
If '*' is part of a larger word, this is not treated specially - 'FOO*'
will not trigger removal of all features.
This is implemented in set_difference() so that the behaviour can be
reused in other similar processing we may need to do in the future.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0548ea4474
---------------------------
bitbake.conf: Document renamed default machine/distro features vars
Adding support for opting out of any machine/distro features has
obsoleted a few variables, add them to BB_RENAMED_VARIABLES so that
users get an error if they try to use the old names.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf8a892d9a
---------------------------
checklayer: Fix current_tune tracking
Previous attempts to fix get_signatures() (see fixes tags below) were
misguided.
SIGGEN_UNIHASHMAP was added by commit 11373def3171
("sstatesig/populate_sdk_ext: Improve unihash cache handling"), and
exists to map taskhashes to unihashes for use by other code.
Importantly, entries in the list are duplicates of entries in
SIGGEN_LOCKEDSIGS_t-* lists but are not split by tune here.
The code in get_signatures() was not updated to handle SIGGEN_UNIHASHMAP
and so was accidentally treating these as additional signatures to check
for conflicts. However, current_tune was stuck at the value of the last
SIGGEN_LOCKEDSIGS_t-* assignment seen, typically x86-64 due to sorting.
So, we got nonsensical errors like the following (split for
readability):
AssertionError: The machines have conflicting signatures for some shared tasks:
x86-64 busybox:do_recipe_qa: 5638e2062f09663bf2536a5f91e8788511aa6c31eac8e173dae1aee49e895945 (beaglebone-yocto, genericarm64, genericx86)
!= ae5900e39ac275822744f241eefc7f0e707e43e03fd3107d82b5190e4a4e6da9 (genericx86-64)
The error only occurred with a hash equivalence server running, since
without one SIGGEN_UNIHASHMAP is empty. It was also non-deterministic -
a task only appears in the unihash map after the hashequiv server has
recorded a mapping for it, which may not happen on the first build after
a metadata change.
After this change, the locked-sigs.inc parser in yocto-check-layer is
still somewhat fragile and we need to be careful with future changes
that modify the locked sigs output. However, we can at least track which
variable we are looking at now :)
Fixes: 225923f3bfec ("checklayer: Really fix regex in get_signatures")
Fixes: a2f7052cf832 ("checklayer: Fix regex in get_signatures")
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bb7c445004
---------------------------
sanity: Require tar 1.35 or later on rhel9-alike distros
tar 1.34 (and possibly earlier versions) is unable to extract tarballs
containing read-only files with xattrs. This was fixed upstream, but
it's unlikely at this point that the fix will be backported to RHEL9
related distros (CentOS Stream 9, AlmaLinux 9, Rocky Linux 9). The issue
affects these distros specifically because they have selinux enabled by
default and this uses xattrs.
The specific failure we've seen is with the /usr/lib/udev/hwdb.bin file
installed by the systemd recipe - this file is chmod 0444. This leads to
the following error, typically during do_image_wic (shortened and split
to make it readable):
subprocess.CalledProcessError: Command
'tar --xattrs --xattrs-include='*' -cf - -S -C .../tmp/work/qemux86_64-poky-linux/core-image-minimal/1.0/rootfs -p . |
tar --xattrs --xattrs-include='*' -xf - -C .../tmp/work/qemux86_64-poky-linux/core-image-minimal/1.0/tmp-wic/rootfs2'
returned non-zero exit status 2.
That error message is likely to confuse users, and the fix is not
obvious. So, error out if tar 1.34 or earlier is present on affected
distros and recommend upgrading or using the buildtools tarball.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 03f76657aa
---------------------------
ptest-packagelists.inc: add missing whitespace for :append
Noticed while reviewing the log, let's fix those before they create
unexpected problems in the future.
Fixes: 388cd4770e04 ("ptest-packagelists: Exclude ptests from musl which are known to fail")
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 25f26861dd
---------------------------
libxcrypt: Use configure knob to disable warnings as errors
Passing Wno-error via environment flags for target and nativesdk
is intended but is not effective due to command line ordering and
as a result some patches have been added to disable particular kind
of warning as error. Given the scenario, warnings as errors should
be disabled for all builds, this makes it portable across hosts and
across compilers ( gcc, clang ) and glibc versions.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a666b8e71e
---------------------------
libxcrypt: Fix build wrt C23 support
latest glibc has better C23 support and exposes this problem
Fixes following errors seen in nativesdk-libxcrypt
| ../sources/libxcrypt-4.5.2/lib/crypt-sm3-yescrypt.c:139:9: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
| 139 | char *hptr = strchr ((const char *) intbuf->retval + 3, '$');
| | ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 6 errors generated.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1bfbecf16d
---------------------------
libtirpc: fix bindresvport build with clang-22/C23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e860b0d879
---------------------------
librepo: add PACKAGECONFIG[sequoia]
Currently, librepo compiled with -DUSE_GPGME=ON (the default setting)
causes dnf5 to fail importing repository keys. A very long writeup
of the issue is linked below. [1]
Add a new PACKAGECONFIG[sequoia] option which sets -DUSE_GPGME=OFF
and adds rpm and rpm-sequoia to the dependency list which ensures
dnf5 works with repository signing.
1: https://github.com/rpm-software-management/dnf5/issues/2539
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f832edabe2
---------------------------
diffstat: change configure.in to use standard autoconf
diffstat uses a fork of autoconf which we don't package, but we need to
autoreconf the configure.in because it has buggy macros. The new version
of autoconf however notices that AC_OUTPUT is being called with invalid
arguments and refuses to run.
Luckily it's easy to use standard autoconf: delete the hand-coded
config_h.in so that autoheader runs, and use the standard form of
AC_OUTPUT to generate the Makefile and config.h.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9a5a053b36
---------------------------
busybox: Pass linker flags via HOSTCC
HOSTCC is used for linking as well but does not use any flags that
we can manipulate to add only during link step, we do depend on
what runtime to link to when using clang for host compiler which is
controlled via BUILD_LDFLAGS, therefore add that option to hostcc
This helps building busybox with TOOLCHAIN_NATIVE is set to clang
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 65664c1879
---------------------------
inetutils: Disable format-security warning as error with clang
GCC treats returns from _() as special since they are checked by
msgfmt-c and it knows this can be ignored, clang however does
not have this construct [1] and with latest clang-22 finds more
warnings and since in OE we turn these warnings into errors the
build fails.
Given that this is an addressed case, let clang not treat these
warnings as errors, we still see the diagnostic we just don't
break the build.
[1] https://lists.gnu.org/archive/html/bug-gnulib/2026-01/msg00093.html
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9c6df56fe1
---------------------------
binutils: mark CVE-2025-69650 and CVE-2025-69651 as disputed
Both CVEs are disputed by third parties. The observed behavior
(double free / invalid pointer free in readelf) only occurred in
pre-release code and did not affect any tagged version [1][2].
CVE_STATUS[CVE-2025-69650] = "disputed: observed behavior only in pre-release code, does not affect any tagged version"
CVE_STATUS[CVE-2025-69651] = "disputed: observed behavior only in pre-release code, does not affect any tagged version"
[1] https://www.cve.org/CVERecord?id=CVE-2025-69650
[2] https://www.cve.org/CVERecord?id=CVE-2025-69651
Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9468e74924
---------------------------
u-boot: Fix CVE-2026-33243
U-Boot and barebox both have the vulnerability (signature verification
with FIT images).
Barebox published an advisory[0] linking to the fixing U-Boot commit.
The commit is on U-Boot v2026.04-rc4 and had to be adjusted for v2026.01.
Removed the check for a non-existent property since it was not
supported in v2026.01.
[0]: https://github.com/barebox/barebox/security/advisories/GHSA-3fvj-q26p-j6h4
Signed-off-by: Yanis BINARD <yanis.binard@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e954a94b5b
---------------------------
mdadm: upgrade 4.4 -> 4.6
Drop backported patch:
- xmalloc.patch
Drop upstreamed patches and patches made obsolete by upstream commits:
- 0001-Fix-the-path-of-corosync-and-dlm-header-files-check.patch [1]
- 0002-Create.c-include-linux-falloc.h-for-FALLOC_FL_ZERO_R.patch [2]
- 0001-Makefile-install-mdcheck.patch [3]
- 0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch [4]
[1] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=5b8560e66ca8f72d008778b5daa1059de48fb73a
[2] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?h=main&id=52bead95d2957437c691891fcdc49bd6afccdd49
[3] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?h=main&id=934d81184880d2231b0d7b3836b12358516ea35c
[4] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?h=main&id=787cc1b60130b8031be59e49d54463c58cd8cf74
Changelog:
https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/tree/CHANGELOG.md?h=mdadm-4.6
Signed-off-by: Maxin John <maxin.john@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f3aa296e13
---------------------------
libcxx: Fix build failure on arm targets
Add needed forward declaration
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5ff5aac9ed
---------------------------
virglrenderer: Fix gallium build with glibc 2.43
Backport a patch from upstream trunk.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c20e47f686
---------------------------
spirv-llvm-translator: Upgrade to 22.1.1
Switch to llvm 22 based release branch
Add tag parameter to SRC_URI
This is a bugfix release on 22.x
Changelog - https://github.com/KhronosGroup/SPIRV-LLVM-Translator/compare/v22.1.0...v22.1.1
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ae0bd9758b
---------------------------
m4: Ensure ISO C23 compliance with clang 22
fixes
| ../../sources/m4-1.4.20/tests/test-float-h.c:39:5: error: use of undeclared identifier 'FLT_IS_IEC_60559'
| 39 | FLT_IS_IEC_60559 /* added in ISO C 23 */
| | ^~~~~~~~~~~~~~~~
| ../../sources/m4-1.4.20/tests/test-float-h.c:60:5: error: use of undeclared identifier 'DBL_IS_IEC_60559'
| 60 | DBL_IS_IEC_60559 /* added in ISO C 23 */
| | ^~~~~~~~~~~~~~~~
| ../../sources/m4-1.4.20/tests/test-float-h.c:81:5: error: use of undeclared identifier 'LDBL_IS_IEC_60559'
| 81 | LDBL_IS_IEC_60559 /* added in ISO C 23 */
| | ^~~~~~~~~~~~~~~~~
| ../../sources/m4-1.4.20/tests/test-float-h.c:284:11: error: use of undeclared identifier 'FLT_IS_IEC_60559'
| 284 | ASSERT (FLT_IS_IEC_60559);
| | ^~~~~~~~~~~~~~~~
| ../../sources/m4-1.4.20/tests/test-float-h.c:383:11: error: use of undeclared identifier 'DBL_IS_IEC_60559'
| 383 | ASSERT (DBL_IS_IEC_60559);
| | ^~~~~~~~~~~~~~~~
| ../../sources/m4-1.4.20/tests/test-float-h.c:479:11: error: use of undeclared identifier 'LDBL_IS_IEC_60559'
| 479 | ASSERT (LDBL_IS_IEC_60559);
| | ^~~~~~~~~~~~~~~~~
| 6 errors generated.
| make: *** [Makefile:8331: test-float-h.o] Error 1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 16ae960569
---------------------------
patchtest/selftest: Update selftest to handle non-zero exit code
Use subprocess.run() instead of subprocess.check_output(),
supbrocess.run() return CompletedProcess instance who provide:
- returncode
- stdout and stderr with stderr=subprocess.STDOUT argument
Update callers of test() to capture the return code returned by patchtest along
with the command output.
Include the command return code in analyze_result() and use it to validate test
for XPASS, XFAIL and XSKIP.
This allows selftest to take the command exit status into account when
analyzing results.
Signed-off-by: Naftaly RALAMBOARIVONY <naftaly.ralamboarivony@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c554c141da
---------------------------
patchtest: return non-zero exit code on test failure
Update patchtest to return a non-zero exit code when a test fails
instead of always exiting successfully.
This enables proper failure detection in selftests and CI pipelines
relying on the command return status.
Signed-off-by: Naftaly RALAMBOARIVONY <naftaly.ralamboarivony@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0cabd82564
---------------------------
fragments/sbom-cve-check: inherit create-spdx
The sbom-cve-check integration is dependent on SPDX being generated, so
add it to INHERIT in this fragment to ensure that it has been.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 054dbd57af
---------------------------
classes/sbom-cve-check: add summary export type
Add an export type for the human-readable summary report.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: abe1192c2d
---------------------------
classes/sbom-cve-check: use named variables when iterating
Little cleanups: unpack when iterating to avoid needing to use indexes,
and only update symlinks if update_link is not None.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bd850310e7
---------------------------
lrzsz: Convert K&R function definitions to ANSI C prototypes
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4d00fed95a
---------------------------
lib: oe: Drop backfill support
We have removed DISTRO_FEATURES_BACKFILL and MACHINE_FEATURES_BACKFILL,
so we no longer need the features_backfill() function.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3194d6868d
---------------------------
meta: Support opting out of any machine features
Add default values to MACHINE_FEATURES using the new
filter_default_features() function.
This change obsoletes the variables MACHINE_FEATURES_BACKFILL and
MACHINE_FEATURES_BACKFILL_CONSIDERED. Instead, all defaults are added
via MACHINE_FEATURES_DEFAULTS and users can opt out of any of these
using MACHINE_FEATURES_OPTED_OUT. Hopefully the variable naming here is
easier for people to understand and remember.
Migration notes:
- MACHINE_FEATURES will now get the default features added
automatically. You will need to review these and add any features you
do not want to use to MACHINE_FEATURES_OPTED_OUT.
- If you previously set MACHINE_FEATURES_BACKFILL_CONSIDERED, use the new
variable MACHINE_FEATURES_OPTED_OUT instead.
- If you previously modified MACHINE_FEATURES_BACKFILL, don't do that.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 159148f4de
---------------------------
meta: Support opting out of any distro features
Add default values to DISTRO_FEATURES using the new
filter_default_features() function.
This change obsoletes the variables DISTRO_FEATURES_BACKFILL and
DISTRO_FEATURES_BACKFILL_CONSIDERED. Instead, all defaults are added via
DISTRO_FEATURES_DEFAULTS and users can opt out of any of these using
DISTRO_FEATURES_OPTED_OUT. Hopefully the variable naming here is easier
for people to understand and remember.
Migration notes:
- If you have previously assigned DISTRO_FEATURES without using
DISTRO_FEATURES_DEFAULT, you will now get the default features added
automatically. You will need to review these and add any features you
do not want to use to DISTRO_FEATURES_OPTED_OUT.
- DISTRO_FEATURES_DEFAULT is now unused, the new variable name is
slighlty different to ensure that it is not accidentally used if a
layer hasn't been modified to adapt to the new naming.
- If you previously set DISTRO_FEATURES_BACKFILL_CONSIDERED, use the new
variable DISTRO_FEATURES_OPTED_OUT instead.
- If you previously modified DISTRO_FEATURES_BACKFILL, don't do that.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 20322406a7
---------------------------
oelib: utils: Support filtering default features
The new library function filter_default_features() allows us to support
opting out of any default features without having to use :remove.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: accea08b52
---------------------------
meta/lib/oe/rootfs.py: assign warn_check regex string to a variable
DNF5 has a hardcoded warning when gpg checks are disabled.
As such, the rpm rootfs.py PkgRootfs class needs to have a
a negative lookahead filter specific for the following warning:
"Warning: skipped OpenPGP checks" if RPM_SIGN_PACKAGES != 1.
This filter is added in the next patch.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 05381ff090
---------------------------
mesa: gallivm: Fix armhf build against LLVM 22
StringMapIterator<bool> became StringMapIterBase<bool, false /* IsConst */>;
Use `auto` to handle either case.
Signed-off-by: Jose Quaresma <jose.quaresma@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1cccd6481f
---------------------------
cmake: upgrade 4.3.0 -> 4.3.1
Release notes are available at [0].
[0]: https://cmake.org/cmake/help/v4.3/release/4.3.html#id2
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6e8313688f
---------------------------
archiver: Don't try to preserve all attributes when copying files
Similar to https://git.openembedded.org/bitbake/commit/?id=2f35dac0c821ab231459922ed98e1b2cc599ca9a
there is a problem in this code when copying from an NFS mount.
We currently use cp -p, which is a shortcut for --preserve=mode,ownership,timestamps.
We shouldn't need to preserve mode/ownership, only timestamps. Update the code
in the same way the bitbake fetcher was fixed for consistency.
This fixes build failures on OpenSUSE 16.0.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 45aed7ebb8
---------------------------
classes/sbom-cve-check: remove references to vex.bbclass
This is effectively a no-op change, as the recommended way to run
sbom-cve-check is with SPDX_INCLUDE_VEX="all", which includes all of the
data in the SPDX that the vex class would have generated.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bee29dc822
---------------------------
rpcbind: Remove IPv6 listener, if ipv6 not in DISTRO_FEATURES
Remove in all systemd socket files all Listen on IPv6 addresses, if IPv6 is
not available. Otherwise systemd warns about "Binding to IPv6 address not
available since kernel does not support IPv6."
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fd22525df0
---------------------------
alsa-ucm-conf: da7213: Add ADC switch in HeadphoneMic2 sequences
Enable and disable the ADC switch in HeadphoneMic2EnableSeq.conf and
HeadphoneMic2DisableSeq.conf to ensure headset microphone audio works
properly on Talos EVK with DA7213 codec.
Without this change, the headset mic path remains muted and capture
does not function.
link: https://github.com/alsa-project/alsa-ucm-conf/commit/8a9581426459e1b423ef87d5ae0fe0a9e21eeaad
Signed-off-by: Le Qi <le.qi@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 929ff2e388
---------------------------
mesa: add missing libdrm dependency for vulkan drivers
Mesa explicitly requires libdrm for any Vulkan driver, see
https://gitlab.freedesktop.org/mesa/mesa/-/blob/mesa-26.0.2/meson.build?ref_type=tags#L1774
https://gitlab.freedesktop.org/mesa/mesa/-/blob/mesa-26.0.2/meson.build?ref_type=tags#L636
https://gitlab.freedesktop.org/mesa/mesa/-/blob/mesa-26.0.2/meson.build?ref_type=tags#L300
but until now we haven't had the dependency when building only Vulkan
drivers. It was brought in by the gallium PACKAGECONFIG, which is by
default in mesa and mesa-gl recipes' PACKAGECONFIG but nothing forbids
us from removing it if we only need Vulkan drivers for some reason.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf44357144
---------------------------
mesa: fix building imagination Vulkan driver
The imagination Vulkan driver requires a precomp-compiler from
mesa-tools-native since we've decoupled libclc from target mesa in
commit ac5e0160df78 ("mesa: depend on mesa-tools-native for less
expensive libclc dependency"). This is achieved by building the
imagination precomp-compiler tool in mesa-tools-native and making use of
it via the libclc PACKAGECONFIG for the Vulkan driver such that
mesa-tools-native dependency (and its imagination precomp-compiler) are
brought in.
Fixes: ac5e0160df78 ("mesa: depend on mesa-tools-native for less expensive libclc dependency")
Reported-by: Ernest Van Hoecke <ernestvanhoecke@gmail.com>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 116f67baa5
---------------------------
mesa: fix missing dependency for libdrm for panfrost tools
mesa-tools-native builds the panfrost tools but if wayland is not in
DISTRO_FEATURES, libdrm dependency is missing and mesa-tools-native will
fail with:
../sources/mesa-26.0.2/src/panfrost/lib/kmod/pan_kmod.c:7:10: fatal error:
xf86drm.h: No such file or directory
7 | #include <xf86drm.h>
| ^~~~~~~~~~~
Note the mesa-26.0.2 in the path. It's simply because the tarball
sources contain this name as root directory, it can be a bit misleading
when looking at mesa-tools-native logs and seeing this error.
Fixes: 937a0931dd07 ("add mesa-tools native-only recipe")
Reported-by: Khem Raj <raj.khem@gmail.com>
Reported-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ee9c74c8b5
---------------------------
gnutls: update patch status
This patch was merged upstream.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 20d4927e4f
---------------------------
u-boot: Fix indentation in do_deploy SPL binary block
Normalize leading whitespace on the 'if [ -n "${SPL_BINARY}" ]' and
matching 'then' lines in do_deploy to be consistent with the surrounding
code. Spaces-only change, no logic change.
Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c3ab994e4b
---------------------------
uki.bbclass: fix UKI_DEVICETREE usage
Set KERNEL_DEVICETREE to empty string with weakest assignment
if machine does not set this. This changes UKI_DEVICETREE
to an empty string by default and fixes genericarm64 uki image builds:
ERROR: ERROR: cannot find /home/builder/src/core/build/tmp/deploy/images/genericarm64/${KERNEL_DEVICETREE}.
Also remove UKI_DEVICETREE setting in wic and uki oeqa selftests since the
class now handles it correctly.
Tested-by: Jon Mason <jon.mason@arm.com>
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c56990178b
---------------------------
python3: Add warning comment before PACKAGECONFIG[freethreading]
The warning comment is really needed. While Python 3.14 supports
free-threading officially, the ecosystem around it does not yet.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 27417b5800
---------------------------
lto.inc: add DEBUG_PREFIX_MAP back to TARGET_LDFLAGS
DEBUG_PREFIX_MAP is appended to TARGET_LDFLAGS in commit [1] for fixing
reproducible issue when LTO is enabled. It is removed in comit [2] since
this commit causes cgo binary not reproducible. But actually, we still
need this DEBUG_PREFIX_MAP in LDFLAGS when LTO enabled. So, only appened
it when LTO is enabled. Refer [3] for the history, with this patch,
patch [4] is also needed for cgo + lto enabled.
[1] https://git.openembedded.org/openembedded-core/commit/?id=fddaecc88979967d0e00e2fafdbaaabec030da9f
[2] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
[3] https://lists.openembedded.org/g/openembedded-core/topic/patch_bitbake_conf_remove/117408334
[4] https://lists.openembedded.org/g/openembedded-core/message/230059
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d19443e28b
---------------------------
lto: disable sqlite3 to fix buildpaths QA failure
With LTO enabled, GCC performs a link-time recompilation pass where
DW_AT_comp_dir is set to the build directory. The -ffile-prefix-map
flags from DEBUG_PREFIX_MAP are not applied to this attribute during
LTO recompilation, leaving a raw TMPDIR path in the split debug
symbols of libsqlite3.so.
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e2e6c55030
---------------------------
meson: Disable exe_wrapper for allarch recipes
Arch-independent recipes should not require execution of programs
compiled for the target during the build, as there shouldn't be anything
compiled for the target.
Removing the dependency on MACHINE_FEATURES for allarch recipes which
use meson fixes several signature conflicts reported by
yocto-check-layer.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 225923f3bf
---------------------------
checklayer: Really fix regex in get_signatures
The previous attempt to fix the regex in get_signatures was only a
partial success. We should just be comparing unihash values, inclusion
of the taskhash value in our comparison adds no benefit. Inclusion of
the task hash also results in invalid bitbake-diffsigs commands being
recommended if there are conflicting signatures.
Fixes: a2f7052cf832 ("checklayer: Fix regex in get_signatures")
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f3a18fd007
---------------------------
insane: appendVarFlags must be preceded by a whitespace
appendVarFlags is not automatically adding a whitespace, user must add a
white space before the value to be added. Current usage may break
INSANE_SKIP:${PN} vardeps flag value by adding QAPATHTEST functions
immediately without a whitespace. e.g. It will become something like
INSANE_SKIP:${PN}package_qa_check_shebang_size
[RP: Simplify string slightly]
Signed-off-by: Shotaro Uchida <suchida@uaudio.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c1e5ed4133
---------------------------
oeqa: replace runltp with kirk
runltp has been removed from ltp and the official tool to invoke ltp
test is kirk.
Message when running runltp:
"INFO: runltp script is deprecated, try kirk
https://github.com/linux-test-project/kirk"
See also:
https://github.com/linux-test-project/ltp/commit/6efd3605dc005c3ed135b463f182174e24bdce1b
The test coverage is the same since the logic there is not touched
but the output is different. The return value from oeqa are the same
as before.
Now it is a json file with the results, which is machine readable
without any extra parsing. Two files are created by test suite
<test>.json and <test>-raw.log
Output example of math.json:
{
"results": [
{
"test_fqn": "abs01",
"status": "pass",
"test": {
"command": "abs01",
"arguments": [],
"log": "abs01 1 TPASS : Test passed\nabs01 2 TPASS : Test passed\nabs01 3 TPASS : Test passed\n",
"retval": [
"0"
],
"duration": 0.002702474594116211,
"failed": 0,
"passed": 3,
"broken": 0,
"skipped": 0,
"warnings": 0,
"result": "pass"
}
}, [...]
],
"stats": {
"runtime": 1.4888691902160645,
"passed": 22,
"failed": 0,
"broken": 0,
"skipped": 0,
"warnings": 0
},
"environment": {
"distribution": "nodistro",
"distribution_version": "nodistro.0",
"kernel": "Linux 6.18.13-yocto-standard #1 SMP PREEMPT_DYNAMIC Tue Mar 3 16:48:55 UTC 2026",
"cmdline": "root=/dev/vda rw ip=192.168.7.2::192.168.7.1:255.255.255.0::eth0:off:8.8.8.8 net.ifnames=0 console=ttyS0 console=ttyS1 oprofile.timer=1 tsc=reliable no_timer_check rcupdate.rcu_expedited=1 swiotlb=0 printk.time=1",
"arch": "x86_64",
"cpu": "unknown",
"swap": "0 kB",
"RAM": "222368 kB"
}
}
Add in configuration file (local.conf)
IMAGE_CLASSES += "testimage"
CORE_IMAGE_EXTRA_INSTALL += "ltp openssh"
TEST_SUITES = "ping ssh ltp"
QB_MEM = <mem size>
QB_CPU_KVM = "-cpu host -smp <cpus>"
QB_SMP = "-smp <cpus>"
QB_KVM = "1"
IMAGE_ROOTFS_EXTRA_SPACE = "2097152"
Tested with different VM sizes and architectures:
qemux86-64 MEM: 4096, CPU: 2 (all ok)
qemux86-64 MEM: 1024, CPU: 1 (all ok)
qemux86-64 MEM: 1024, CPU: 2 (all ok)
qemux86-64 MEM: 1024, CPU: 4 (all ok)
qemuarm64: MEM: 4096, CPU: 1 (all ok)
qemuriscv64: MEM 4096, CPU 4 (all ok)
Then:
bitbake core-image-minimal
bitbake core-image-minimal -c testimage
With these configs we didn't see any testimage failures with kirk and
run completes.
If we revert the ltp disable patches below, the testimage does not fail
but it gives warnings, since the ssh connection gets droped from the DUT
because of the OOM killer. Then in continues with the next testsuite.
* ltp: disable cve failing testcases
* ltp: disable pty testcase
* ltp: disable min_free_kbytes
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Assisted-by: Claude, Anthropic
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c33fd4e50a
---------------------------
python3-kirk: Add version 4.0.0
Kirk application is a fork of runltp-ng and it’s the official LTP
tests executor.
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8ef22ad9e3
---------------------------
sbom-cve-check: Add class for post-build CVE analysis
By default, the sbom-cve-check class generates these export files:
- A JSON in `cve-check` format, named `${IMAGE_NAME}.cve-check.json`
- An SPDX 3.0 SBOM, named `${IMAGE_NAME}.cve-check.spdx.json`.
A user can add or remove export file formats by using the
`SBOM_CVE_CHECK_EXPORT_VARS` variable.
By default, the CVE databases are downloaded using the following
recipes:
- sbom-cve-check-update-cvelist-native.bb
- sbom-cve-check-update-nvd-native.bb
The database fetch and deploy logic is implemented in
sbom-cve-check-update-db.inc. The CVE databases are deployed in
`${DEPLOY_DIR}/sbom-cve-check/databases/`. This can be configured
by the `SBOM_CVE_CHECK_DEPLOY_DB_DIR` variable defined in
meta/recipes-core/meta/sbom-cve-check-config.inc.
The CVE git databases are fetched using the Bitbake fetcher. Currently,
Bitbake fetcher does not support a shallow clone that can be updated.
While `BB_GIT_SHALLOW` exists, it creates multiple tarballs in the
download directory, which is inefficient for updates. For now, the git
database is fully fetched.
The `SRCREV` of the git database is set to a fixed version. A user can
override this by specifying any other version, or `AUTOREV` can be
specified.
To simplify the activation and configuration of sbom-cve-check, a
configuration fragment is provided with recommended default values.
`sbom-cve-check` is configured to run without requiring network access.
The CVE analysis runs only if either the original SBOM changes or the
CVE databases are updated. In the two CVE database-fetching recipes, a
file in the sysroot is written, containing the Git revision of the
fetched CVE database.
`sbom-cve-check` is executed with the generated VEX manifest only if
enabled and if `SPDX_INCLUDE_VEX` is set to a value other than "all".
When `SPDX_INCLUDE_VEX=all`, the SPDX 3.0 file already contains all the
necessary information for CVE analysis, making the VEX manifest
redundant.
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6deace5d66
---------------------------
texinfo: fix texindex awk path on target
The sed command in do_install strips ${HOSTTOOLS_DIR} from the awk
path in texindex, but misses the trailing slash, turning
"${HOSTTOOLS_DIR}/awk" into "/awk" instead of "awk".
This causes a runtime error on target:
/bin/texindex: line 116: /awk: No such file or directory
Add the trailing slash to the sed pattern so the result is the bare
"awk" command, resolved via $PATH at runtime.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ae70829cd0
---------------------------
rust: Fix loongarch unit test with llvm-22
Adjust loongarch assembly test
This generates different code on loongarch32r now.
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 2f92d8c9d7
---------------------------
rust: Fix build with llvm-22
Backport patch to update data layout for amdgpu
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 81d8bf4d0d
---------------------------
nativesdk-clang-glue: Delete do_create_recipe_spdx
Delete this task, it is in SPDX 3.0 implementation
Fixes
ERROR: Task /mnt/b/yoe/master/sources/openembedded-core/meta/recipes-devtools/clang/clang-crosssdk_git.bb:do_create_recipe_spdx has circular dependency on /mnt/b/yoe/master/sources/openembedded-core/meta/recipes-devtools/clang/nativesdk-clang-glue.bb:do_create_recipe_spdx
ERROR: Command execution failed: 1
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Cc: Joshua Watt <JPEWhacker@gmail.com>
---------------------------
Commit: bca1075cd3
---------------------------
llvm: Upgrade to 22.1.2 release
Brings following fixes
* 1ab49a973e21 [clang-format] Fix regression in annotating angles in static_assert (#187966)
* ed9551146fc6 [SLP]Improve reductions for copyables/split nodes
* 8f8b53a0ecb3 [LLD] [ELF] Make -z gcs=always implicitly warn on missing GCS, like force-bti (#186203)
* 8efb87ae5a53 [RISCV] Relax out of range Zibi conditional branches (#186965)
* 94411c9d5684 [SystemZ] Remove custom lowering of f16 IS_FPCLASS (#187532)
* 2e1aea64649d [LoongArch] Ensure .dwo sections do not contain relocations (#187429)
* bef8df8a6041 [clang][AST] Fix assertion in `getFullyQualifiedType` for AutoType (#186105)
* 9fdb8da1c50c [analyzer][docs] Mention that 'expand-macros' won't use clang-format in the future
* 80f11cb923ee release/22.x: Backport workarounds for certain addMatcher overloads ignoring traversal kind
* 8ac0a123a5e8 [PowerPC] Preserve load output chain in vcmpequb combine (#187010)
* 20795d7ebda8 [clang] Backport: use canonical arguments for checking function template constraints
* 160377d62836 [lld][ELF] Fix crash when relaxation pass encounters synthetic sections
* dc8750d91147 [libc++] Fix iostream size ABI break (#185839)
* 3611dc1bf0ac Fix comment in FPR128 test (NFC)
* 34bf276866f5 [AArch64] Ensure FPR128 callee-save stack offsets are aligned (#184314)
* c1c833734cf0 [clang][CUDA] Define _NV_RSQRT_SPECIFIER for glibc-2.42/cuda-13.2 compatibility (#185701)
* b73f72ec9a34 Update ptrtoaddr provenance reference in ReleaseNotes
* 6121df77a781 [clang-tidy] Correctly handle attributes in readability-inconsistent-ifelse-braces (#184095)
* 5315e0b2f0b5 [SystemZ] Limit depth of findCCUse() (#185922)
* 81cf937ba2ac [arm64ec] Fix missing sret return in Arm64EC entry thunks for large struct returns (#185452)
* 4dfb4b6017c4 [FastISel] Lower call instruction with illegal type returned (#180322)
* 92a6627fa8ef [SimplifyCFG] process prof data when remove case in umin (#182261)
* 318adced66e0 [AArch64][llvm] Update Armv9.7-A dependencies (#185034)
* 7a9fd4a550e5 [win][clang] Fix devirtualization of vector deleting destructor call (#183741)
* 7ad5ff138776 Bump version to 22.1.2
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
---------------------------
Commit: 71dea8ec70
---------------------------
spirv-llvm-translation: Upgrade to 22.0
major version of spirv translator should match clang major version
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 484bb48a46
---------------------------
clang: Do not package clang-offload-packager
It has been renamed to llvm-offload-binary and is built
as part of llvm package, in OE we build llvm via its own
recipe and its packaging uses greedy enough regexp to package
it already
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3aba2c0018
---------------------------
clang/llvm: Upgrade to 22.x major release
Includes support for new Intel (Wildcat Lake, Nova Lake with APX and AVX10.2)
Arm (C1 Nano, Pro, Premium, Ultra) processors. It also features performance
optimizations for AMD Zen 4 and Zen 5 architectures.
Integrated Distributed ThinLTO is more mature, with enhancements
like cache support for incremental builds and robust handling of temporary artifacts.
LLDB added first-class WebAssembly debugging support, including breakpoints and variable inspection.
Support for Google Native Client (NaCl) is dropped in this release.
Detailed ChangeLog [1]
[1] https://releases.llvm.org/22.1.0/docs/ReleaseNotes.html
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b50d6debf7
---------------------------
wic: re-implement sector-size support
The previous implementation had the following limitations:
- required the variable WIC_SECTOR_SIZE either be defined in a
configuration file or be defined in a --vars file
- this means that every invocation of "wic ls", "wic cp", or "wic rm"
needed this variable defined (config or --vars)
- required the user to create separate *wks files for every sector size
they wanted to use
- required the user to specify the --mkfs-extraopts by hand to specify the
correct sector size: e.g.
bootloader --ptable gpt
part --fstype vfat --label emptyfat --mkfs-extraopts "-S 4096"
part --fstype ext4 --source rootfs --label rofs-a --mkfs-extraopts "-b 4096"
part --fstype ext4 --source rootfs --use-uuid --mkfs-extraopts "-b 4096"
- it would not be possible to generate images with different sector
sizes in the same build since the configuration and *wks files would
need to change and the build re-run for each size
The new implementation handles the sector-size via a CLI argument, while
preserving the previously implemented variable definitions:
- the sector-size may now be provided on the cmdline to the "wic ls",
"wic cp", "wic rm", and "wic create" commands: default = 512
- this means the configuration and/or --vars file does not need to be
changed in order to perform those operations on images with different
sector sizes
- support is provided implicitly for mkdosfs and ext[234] partitions
- the user no longer needs to know and supply the sector-size magic in
--mkfs-extraopts (thereby clobbering the other defaults)
As before, if the --sector-size command-line argument is not given,
allow the sector-size to be provided via the WIC_SECTOR_SIZE bitbake
variable. The user is warned that this behavior is deprecated. If both
are given, warn the user that the cmdline argument takes precedence.
AI-Generated: codex/gpt-5.1-codex-max
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
- restore environ test case, as it is still supported (but obsolete)
- revised commit message above
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af830fdf3c
---------------------------
libssh2: Fix config options to use STAGING_DIR_HOST
The previous cleanup was a bit too ambitious, add back the configure options
to use STAGING_DIR_HOST since otherwise it will look at the host system and cause
failures if it happens to be partly compatible.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1833a3c485
---------------------------
ltp: disable cve failing testcases
On a qemux86-64 with 1 CPU the following testcases causes an OOM
CVE-2020-36557 and CVE-2018-13405
Test cases triggers memory deadlock kernel panic with CVE-2018-13405
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2c6af8255a
---------------------------
ltp: disable pty testcase
On qemux86-64 with 1 CPU, 4GB causes an OOM on the following
test cases: pty07 and ptem02
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1e359a78e2
---------------------------
ltp: disable min_free_kbytes
It casues OOM regardless of the configuration
There is a bug in ltp, fixed in a newer version
https://github.com/linux-test-project/ltp/commit/355124aea99c7c7d40140c969a53ed892421dee9
min_free_kbytes: Connection to 192.168.7.2 closed by remote host.
NOTE: test_ltp_runltp_cve (ltp.LtpTest.test_ltp_runltp_cve)
NOTE: ... skipped "Test case ltp.LtpTest.test_ltp_runltp_cve depends on ltp.LtpTest.test_ltp_groups but it didn't pass/run."
Test case ltp.LtpTest.test_ltp_runltp_cve depends on ltp.LtpTest.test_ltp_groups but it didn't pass/run.
NOTE: ======================================================================
NOTE: FAIL: test_ltp_groups (ltp.LtpTest.test_ltp_groups)
NOTE: ----------------------------------------------------------------------
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6c7280df18
---------------------------
tcl: skip the mutex-condition-* tests as they're load sensitive
These tests appear to be load-sensitive, so skip them in the ptests.
[ YOCTO #16214 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c7468e70c2
---------------------------
selftest/gdbserver: replace shutil.unpack_archive with tarfile extract
This is a followup to
https://lists.openembedded.org/g/openembedded-core/message/233609
as the same issue happened in a different selftest.
[YOCTO #16195]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8a5b019eec
---------------------------
license.py: Drop visit_Str from SeenVisitor in selftest
ast.Str was deprecated in Python 3.8 and removed in Python 3.14.
In [1], visit_Str was already removed from the LicenseVisitor
subclasses (FlattenVisitor, ListVisitor) in oe/license.py since
bitbake now requires Python 3.8+.
However, the test-only SeenVisitor class in the selftest was
missed at that time and still uses visit_Str/node.s. On Python
3.14, ast.Str is fully removed so visit_Str is never called,
causing test_single_licenses to return [] instead of the
expected license list.
Replace visit_Str/node.s with visit_Constant/node.value in
SeenVisitor.
[1] https://git.openembedded.org/openembedded-core/commit/meta/lib/oe/license.py?id=6d3da37adbcaf5a7a3dade08f9d052571b195249
Fixes [YOCTO #16220]
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e5d77f86e
---------------------------
libsolv: add fix for musl segfaults
By default, musl has a stack size of 128K, while the compress_buf
method uses 256KB of stack space, causing a segfault when the
repopagestore_compress_page method is called.
Pull request: https://github.com/openSUSE/libsolv/pull/612
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 55061de857
---------------------------
python3-pyzstd: remove recipe
There are no users of this in oe-core and Python 3.14 has built-in
support for zstd, so remove the recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ece1f5f1c5
---------------------------
systemd: remove incorrect python3-pyzstd dependency
ukify has never used the pyzstd module. It originally used the zstd
module[1], switched to zstandard[2], and as of systemd 259 will use
the standard compression.zstd if available[3].
Our Python is 3.14 which has comoression.zstd, so we don't need any
dependencies.
[1] systemd 483c9c1b8a ("ukify: try to find the uname string in the linux image if not specified")
[2] systemd fbc6fecf1a ("ukify: switch from zstd to zstandard")
[3] systemd 1e5498e237 ("ukify: prefer compression.zstd when available")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a3c030840b
---------------------------
gobject-introspection: remove redundant build dependencies
This recipe gained a build dependency on _target_ python3-setuptools
recently[1], but this shouldn't be needed. If setuptools is needed for
build, then the correct dependency would be python3-setuptools-native.
The dependency on target python3 is redundant as the python3targetconfig
class pulls this in already.
[1] oe-core 57a5dfd3785 ("gobject-introspection: split tools and giscanner into a separate package")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 12abd0574c
---------------------------
Remove SPDX 2.2 support
Removes SPDX 2.2 support in favor of SPDX 3 support being the only
option. The SPDX 3 data is far superior to SPDX 2.2 and thus more useful
for SBoM uses cases.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9a622a2062
---------------------------
oeqa/selftest: Add tests for source download enrichment
Add two new test methods to SPDX30Check:
test_download_location_defensive_handling:
Builds m4 and verifies that SPDX generation succeeds and any
external references present are properly structured with valid
types and locator strings.
test_version_extraction_patterns:
Builds opkg-utils (a Git-based recipe) and verifies that source
download packages carry the full SHA-1 commit hash as their
software_packageVersion.
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9f1825e74d
---------------------------
spdx30: Add Git version and PURL to source downloads
Enrich Git source download packages in the SPDX 3.0 output with:
- software_packageVersion set to the full SHA-1 commit hash
- software_packageUrl set to a PURL for known Git hosting services
- VCS external reference pointing to the repository URL
The PURL generation recognizes github.com by default and supports
additional hosting services via the SPDX_GIT_PURL_MAPPINGS variable
(format: 'domain:purl_type', e.g. 'gitlab.example.com:pkg:gitlab').
Only Git source downloads are enriched. Non-Git downloads are left
unchanged since their ecosystem PURLs are already set on the recipe
package by SPDX_PACKAGE_URLS from the previous patch.
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c12f3f10b6
---------------------------
spdx30: Add ecosystem PURLs for recipe classes
Add SPDX_PACKAGE_URLS to recipe classes to generate ecosystem-specific
Package URLs for SPDX 3.0 SBOMs. This enables proper package
identification across different packaging ecosystems.
Classes updated:
- cargo_common.bbclass: pkg:cargo PURLs for Rust crates
- cpan.bbclass: pkg:cpan PURLs for Perl modules (with name normalization)
- go-mod.bbclass: pkg:golang PURLs for Go modules
- npm.bbclass: pkg:npm PURLs for Node.js packages (with name normalization)
- pypi.bbclass: pkg:pypi PURLs for Python packages (with name normalization)
The SPDX_PACKAGE_URLS variable is a space-separated list which
create-spdx-3.0 already reads via set_purls() to populate
software_packageUrl and externalIdentifier on recipe packages.
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 43b195bfff
---------------------------
spdx30: Add supplier support for image and SDK SBOMs
Add SPDX_IMAGE_SUPPLIER and SPDX_SDK_SUPPLIER variables that allow
setting a supplier agent on image and SDK SBOM root elements using
the suppliedBy property.
These follow the existing SPDX_PACKAGE_SUPPLIER pattern and use the
standard agent variable system to define supplier information.
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f41f4fe8b3
---------------------------
spdx30: Add configurable file exclusion pattern support
Add SPDX_FILE_EXCLUDE_PATTERNS variable that allows filtering files from
SPDX output by regex matching. The variable accepts a space-separated
list of Python regular expressions; files whose paths match any pattern
(via re.search) are excluded.
When empty (the default), no filtering is applied and all files are
included, preserving existing behavior.
This enables users to reduce SBOM size by excluding files that are not
relevant for compliance (e.g., test files, object files, patches).
Excluded files are tracked in a set returned from add_package_files()
and passed to get_package_sources_from_debug(), which uses the set for
precise cross-checking rather than re-evaluating patterns.
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ec113301d7
---------------------------
mesa: Upgrade to 26.0.3
Release notes:
https://lists.freedesktop.org/archives/mesa-dev/2026-March/226616.html
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2de739708c
---------------------------
gtk4: Upgrade to 4.22.1
Remove the previously added patch, it's already part of 4.22.1.
Added inherit mime, so the QA error is fixed.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8e6c1712ab
---------------------------
expat: upgrade 2.7.4 -> 2.7.5
Release information [1]
Release 2.7.5 Tue March 17 2026
Security fixes:
#1158 CVE-2026-32776 -- Fix NULL function pointer dereference for
empty external parameter entities; it takes use of both
functions XML_ExternalEntityParserCreate and
XML_SetParamEntityParsing for an application to be
vulnerable.
#1161 #1162 CVE-2026-32777 -- Protect from XML_TOK_INSTANCE_START
infinite loop in function entityValueProcessor; it takes
use of both functions XML_ExternalEntityParserCreate and
XML_SetParamEntityParsing for an application to be
vulnerable.
#1163 CVE-2026-32778 -- Fix NULL dereference in function setContext
on retry after an earlier ouf-of-memory condition; it takes
use of function XML_ParserCreateNS or XML_ParserCreate_MM
for an application to be vulnerable.
#1160 Three more unfixed vulnerabilities left
Other changes:
#1146 #1147 Autotools: Fix condition for symbol versioning check, in
particular when compiling with slibtool (not libtool)
#1156 Address Cppcheck >=2.20.0 warnings
#1153 tests: Make test_buffer_can_grow_to_max work for MinGW on
Ubuntu 24.04
#1157 #1159 Version info bumped from 12:2:11 (libexpat*.so.1.11.2)
to 12:3:11 (libexpat*.so.1.11.3); see https://verbump.de/
for what these numbers do
[1] https://github.com/libexpat/libexpat/blob/R_2_7_5/expat/Changes
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 636ea9269c
---------------------------
rust: Fix flaky assertions in oneshot tests
Fixes [YOCTO #16199]
Backport three commits from upstream to fix flaky assertions in oneshot tests
https://github.com/rust-lang/rust/commit/6970849fee93900b6eb28a64cf957157a9fb51b3
https://github.com/rust-lang/rust/commit/dab350a3ed7691201f6752c4375e8e6ab40b58b9
https://github.com/rust-lang/rust/commit/d02743e2fd7433ba2320fc85421a8a5927235b65
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2b55dd12fc
---------------------------
gobject-introspection: disable cache for g-ir-scanner
An intermittent failure occurs in gobject-introspection do_compile:
[snip]
|Traceback (most recent call last):
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/python3.14/shutil.py", line 918, in move
| os.rename(src, real_dst)
| ~~~~~~~~~^^^^^^^^^^^^^^^
|OSError: [Errno 18] Invalid cross-device link: '/tmp/g-ir-scanner-cache-version-89xkkvp4' -> '/folk/hjia/.cache/g-ir-scanner/.cache-version'
|
|During handling of the above exception, another exception occurred:
|
|Traceback (most recent call last):
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/bin/g-ir-scanner", line 134, in <module>
| sys.exit(scanner_main(args))
| ~~~~~~~~~~~~^^^^^^
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/scannermain.py", line 653, in scanner_main
| transformer = create_transformer(namespace, options)
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/scannermain.py", line 446, in create_transformer
| transformer = Transformer(namespace,
| accept_unprefixed=options.accept_unprefixed,
| identifier_filter_cmd=identifier_filter_cmd,
| symbol_filter_cmd=symbol_filter_cmd)
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/transformer.py", line 49, in __init__
| self._cachestore = CacheStore()
| ~~~~~~~~~~^^
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/cachestore.py", line 52, in __init__
| self._check_cache_version()
| ~~~~~~~~~~~~~~~~~~~~~~~~~^^
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/cachestore.py", line 89, in _check_cache_version
| shutil.move(tmp_filename, version)
| ~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/python3.14/shutil.py", line 938, in move
| copy_function(src, real_dst)
| ~~~~~~~~~~~~~^^^^^^^^^^^^^^^
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/python3.14/shutil.py", line 529, in copy2
| copyfile(src, dst, follow_symlinks=follow_symlinks)
| ~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| File "tmp/work/cortexa57-wrs-linux/gobject-introspection/1.86.0/recipe-sysroot-native/usr/lib/python3.14/shutil.py", line 315, in copyfile
| with open(dst, 'wb') as fdst:
| ~~~~^^^^^^^^^^^
|OSError: [Errno 122] Disk quota exceeded
[snip]
In commit [1], it moved the fix to gobject-introspection-data.bbclass, and recipe gobject-introspection
inherits gobject-introspection-data.bbclass.
But commit [2] moved the fix to gobject-introspection.bbclass which recipe gobject-introspection
does not inherits it
Explicitly add the fix back to recipe gobject-introspection
[1] https://git.openembedded.org/openembedded-core/commit/?id=35d5f707f6bb2ce5e9ab908e66e1ea9eeac754b1
[2] https://git.openembedded.org/openembedded-core/commit/?id=49988a49f7c9a19aa2a547d49369996e3e20d452
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a09260982b
---------------------------
weston-init: fix variable expansion typo in weston-start
The variable weston_modules was incorrectly enclosed as {$weston_modules}
instead of ${weston_modules}.
This typo prevents proper bash variable expansion when checking for and
appending Weston module arguments.
This commit corrects the syntax to ensure the modules are properly
evaluated.
Fixes: c8aa0222ce2b ("weston: wrapper for weston modules argument")
Signed-off-by: Khalifa Rouis <khalifa@missingno.tech>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a0e0e2994c
---------------------------
epiphany: upgrade 49.2 -> 49.7
49.7 - March 24, 2026
=====================
This release reverts back to the original adblock filters used before 49.4.
* Bugs fixed:
- #2848 Regression in site compatibility due to adblocking (Michael Catanzaro)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 22d086a8a3
---------------------------
ccache: upgrade 4.13.1 -> 4.13.2
https://ccache.dev/releasenotes.html#_ccache_4_13_2
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b39a11daad
---------------------------
python3-pyzstd: Upgrade 0.17.0 -> 0.19.1
Changelog:https://github.com/Rogdham/pyzstd/blob/master/CHANGELOG.md
Recipe changes:
- Remove 0001-Remove-setuptools-version-limit-of-74.patch (no longer needed)
- Switch from python_setuptools_build_meta to python_hatchling
- Add python3-hatch-vcs-native to DEPENDS
- Remove obsolete do_configure:append:arm:toolchain-clang (setup.py no longer exists)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9048456c7c
---------------------------
python3: add _zstd C extension to python3-compression
Commit 5f34680219 packaged the compression/ directory into
python3-compression, but missed the _zstd C extension which
lives in lib-dynload/ and fell into python3-misc. Add it to
the compression package where it belongs.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d5d34602fb
---------------------------
linux-yocto/6.18: fix genericarm64 config audit warning
Integrating the following commit(s) to linux-yocto/.:
1/1 [
Author: Bruce Ashfield
Email: bruce.ashfield@gmail.com
Subject: genericarm64/serial: change SERIAL_IMX_CONSOLE to =y
Date: Tue, 24 Mar 2026 14:03:28 -0400
With the following upstream commit, this option is no longer
tristate, so we set it to =y instead:
commit 3f8b835a63341163da0400befb3c6e8f6d4085da
Author: Randy Dunlap <rdunlap@infradead.org>
Date: Sat Jan 10 15:26:40 2026 -0800
serial: imx: change SERIAL_IMX_CONSOLE to bool
[ Upstream commit 79527d86ba91c2d9354832d19fd12b3baa66bd10 ]
SERIAL_IMX_CONSOLE is a build option for the imx driver (SERIAL_IMX).
It does not build a separate console driver file, so it can't be built
as a module since it isn't built at all.
Change the Kconfig symbol from tristate to bool and update the help
text accordingly.
Fixes: 0db4f9b91c86 ("tty: serial: imx: enable imx serial console port as module")
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Link: https://patch.msgid.link/20260110232643.3533351-2-rdunlap@infradead.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 18dd6635ba
---------------------------
conf/templates/default/local.conf.sample: Document yocto project sstate mirrors
Add information about using the Yocto Project sstate mirrors to the local.conf
template, enabling using the config fragment.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ffd3bb5357
---------------------------
libffi: remove disable-exec-static-tramp from EXTRA_OECONF
disable-exec-static-tramp is no longer necessary, since such behavior has been
fixed upstream.
Debian/Ubuntu also dropped this flag on version 3.5.2:
https://changelogs.ubuntu.com/changelogs/pool/main/libf/libffi/libffi_3.5.2-3/changelog
Signed-off-by: Alejandro Hernandez <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d383ea37e4
---------------------------
devtool: prevent 'devtool modify -n' from corrupting kernel Git repos
Running 'devtool modify -n' on a kernel recipe that inherits
'kernel-yocto' can unintentionally corrupt an existing Git repo or
worktree.
The work-shared optimization introduced in 3c3a9bae ("devtool/standard.py:
Update devtool modify to copy source from work-shared if its already
downloaded") is not skipped when '--no-extract' ('args.no_extract') is set.
As a result, for kernel builds where STAGING_KERNEL_DIR was already
populated when running 'devtool modify -n', the existing source tree is
overwritten (via oe.path.copyhardlinktree()) with the contents of
STAGING_KERNEL_DIR.
Fix by adding 'and not args.no_extract' to the kernel-yocto guard
condition.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 217ede26d6
---------------------------
tzdata/tzcode-native: upgrade 2025c -> 2026a
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8ca42505ad
---------------------------
selftest/files/static-group: add empower group for systemd
When using systemd as INIT_MANAGER and run reproducible selftest,
we'll get the following error:
ERROR: Nothing PROVIDES 'systemd'
systemd was skipped: Recipe systemd, package systemd: system
groupname "empower" does not have a static ID defined. Add
empower to one of these files: /path/to/build-st/meta-selftest/files/static-group
The 'empower' group was recently introduced in systemd v259. Add it
to files/static-group in meta-selftest layer to aovid the above error.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3ede59101b
---------------------------
nghttp2: upgrade 1.68.0 -> 1.68.1
Fixes CVE-2026-27135.
Release information: [1]
[1] https://github.com/nghttp2/nghttp2/releases/tag/v1.68.1
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 46e1de74f7
---------------------------
icu: upgrade 78.2 -> 78.3
Release notes [1]:
Unicode® ICU 78.3 is a maintenance update on top of ICU 78 and 78.2,
mostly for the CLDR 48.2 bug fixes. In addition, it fixes a C++ code
point iterator bug, and updates to timezone data 2026a.
The next major release of ICU will be ICU 79, planned for October. It
will update to CLDR 49 and Unicode 18.
[1] https://github.com/unicode-org/icu/releases/tag/release-78.3
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bb4128346d
---------------------------
btrfs-tools: upgrade 6.19 -> 6.19.1
Release notes [1]:
* fix balance filter 'usage' that was incorrectly used for ranged usage
* core:
* fix tree-checker vararg format print
* stability fixes
* compiler warning fixes
* other:
* CI updates, action version updates, more build targets
* cleanups, refactoring
* minor documentation updates
[1] https://github.com/kdave/btrfs-progs/releases/tag/v6.19.1
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 15d3a0093e
---------------------------
iw: drop redundant downstream patch
A similar fix has already been applied upstream, making this patch
unnecessary.
Remove the downstream patch to avoid duplication and keep the tree
in sync with upstream.
Upstream commit:
https://kernel.googlesource.com/pub/scm/linux/kernel/git/jberg/iw/+/26e074a04287919a848da997ab71b982ec404ddf%5E%21/#F0
Signed-off-by: Maxin John <maxin.john@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7fe0a66800
---------------------------
libsolv: upgrade 0.7.35-> 0.7.36
1.Changelog
Version 0.7.36
- selected bug fixes:
* respect the "default" attribute in environment optionlist in
the comps parser
* support suse namespace deps in boolean dependencies
- new features:
* support for the Elbrus2000 (e2k) architecture
* support language() suse namespace rewriting
2.Remove 0001-utils-Conside-musl-when-wrapping-qsort_r.patch
as the issue was fixed upstream with this commit:
https://github.com/openSUSE/libsolv/commit/2d0718a4f2001c857d9af24398c68d676a98a3ca
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dda7f56cb8
---------------------------
freetype: upgrade 2.14.2 -> 2.14.3
Changelog [1]:
CHANGES BETWEEN 2.14.2 and 2.14.3 (2026-Mar-22)
I. IMPORTANT BUG FIXES
- A bunch of potential security problems have been found. All users
should update.
II. MISCELLANEOUS
- If configuration option `TT_CONFIG_OPTION_GPOS_KERNING` is active,
GPOS-based kerning could miss some value pairs (bug introduced in
version 2.14.0).
[1] https://gitlab.freedesktop.org/freetype/freetype/-/blob/VER-2-14-3/docs/CHANGES?ref_type=tags
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1f39a7a830
---------------------------
python3: skip test_repl_eio test, fix whitespace
This is failing intermittently on the Autobuilder. Disable it for now.
With this change, we see this in the ptest log:
|PASS: test_simple_addition (test.test_pyrepl.test_unix_console.TestConsole.test_simple_addition)
|PASS: test_wrap (test.test_pyrepl.test_unix_console.TestConsole.test_wrap)
|test_eio_error_handling_in_restore (test.test_pyrepl.test_unix_console.TestUnixConsoleEIOHandling.test_eio_error_handling_in_restore) ... ^[[?2004h^[[?2004l^[[?1h^[=^[[?1l^[k
|SKIP: test_repl_eio (test.test_pyrepl.test_unix_console.TestUnixConsoleEIOHandling.test_repl_eio) 'skipping problematic test'
|PASS: test_gen_colors_keyword_highlighting (test.test_pyrepl.test_utils.TestUtils.test_gen_colors_keyword_highlighting)
Also fix some inconsistent whitespace in the SRC_URI list.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: acf86cc2af
---------------------------
Revert "grub: add patch to use medany for riscv64"
This reverts commit 2d8da77f28ed3fd7a5715fde02715c7d59f6b991.
This patch is still carried by Fedora, but is no longer a problem
anymore in grub 2.14+. See:
https://lists.gnu.org/archive/html/grub-devel/2026-03/msg00044.html
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d519a6188f
---------------------------
linux-yocto-dev: bump to v7.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5a743fe159
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.19)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 3 changes (1 new | 2 updated): - 1 new CVEs: CVE-2026-4606 - 2 updated CVEs: CVE-2024-1394, CVE-2025-7195
Date: Mon, 23 Mar 2026 01:28:23 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 87ddc9a250
---------------------------
linux-yocto/6.18: update to v6.18.19
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
4aea1dc4cad17 Linux 6.18.19
224404f54036e bpf: drop kthread_exit from noreturn_deny
9fd37b636bc2d drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD
24fda228496c6 mm/damon/core: disallow non-power of two min_region_sz
b0d0903594dd6 io_uring/eventfd: use ctx->rings_rcu for flags checking
7cc4530b3e952 io_uring: ensure ctx->rings is stable for task work flags manipulation
ae3831b44f477 net/tcp-md5: Fix MAC comparison to be constant-time
ce2a263bc57c1 lib/crypto: tests: Depend on library options rather than selecting them
93c0a22fec914 ksmbd: Compare MACs in constant time
4af5dfb8dca3a smb: client: Compare MACs in constant time
97ea8f3bbdaef kbuild: Leave objtool binary around with 'make clean'
ba3bca40f9f25 KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated
0ff26b41c882c KVM: SVM: Add a helper to look up the max physical ID for AVIC
ba28a0dcc41ae KVM: SVM: Limit AVIC physical max index based on configured max_vcpu_ids
b7493f48c3dba KVM: arm64: Eagerly init vgic dist/redist on vgic creation
2a01a93ed2266 KVM: arm64: gic: Set vgic_model before initing private IRQs
8d02bbfb09003 mmc: dw_mmc-rockchip: Fix runtime PM support for internal phase support
5b58ba042e237 mmc: dw_mmc-rockchip: Add memory clock auto-gating support
4c3a860b96e72 drm/gud: fix NULL crtc dereference on display disable
51aa99e59d7f5 drm/gud: rearrange gud_probe() to prepare for function splitting
94b6d0ba4b640 mm: Fix a hmm_range_fault() livelock / starvation problem
fffce2310e688 cxl/acpi: Fix CXL_ACPI and CXL_PMEM Kconfig tristate mismatch
003df94bcc922 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue
b684b420a5bb0 i3c: mipi-i3c-hci: Fix race in DMA ring dequeue
a21d763335886 i3c: mipi-i3c-hci: Add missing TID field to no-op command descriptor
57f99dc660e69 i3c: mipi-i3c-hci: Restart DMA ring correctly after dequeue abort
d986d51a83f5c i3c: mipi-i3c-hci: Consolidate spinlocks
74a4f77bbf786 i3c: mipi-i3c-hci: Factor out DMA mapping from queuing path
478a99a961829 i3c: mipi-i3c-hci: Use ETIMEDOUT instead of ETIME for timeout errors
ad9da7d39cecd iio: proximity: hx9023s: Protect against division by zero in set_samp_freq
05723a2c4b09d iio: proximity: hx9023s: fix assignment order for __counted_by
70b455484a661 iio: imu: inv_icm42600: fix odr switch when turning buffer off
b5a6825579a7c iio: imu: inv_icm42600: fix odr switch to the same value
aae572ddc2857 iio: light: bh1780: fix PM runtime leak on error path
a8714d2d0df4e iio: gyro: mpu3050-i2c: fix pm_runtime error handling
ba19dd366528b iio: imu: adis: Fix NULL pointer dereference in adis_init
42685cf96e282 iio: gyro: mpu3050-core: fix pm_runtime error handling
c7ae426705b01 iio: buffer: Fix wait_queue not being removed
c528dc22d58b7 iio: chemical: bme680: Fix measurement wait duration calculation
7c5edf1025ddb iio: potentiometer: mcp4131: fix double application of wiper shift
b8a26d21c7dba iio: magnetometer: tlv493d: remove erroneous shift in X-axis data
90e978ace5985 iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()
eddba110685f8 iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas()
73dd9acb5b20b iio: frequency: adf4377: Fix duplicated soft reset mask
1b2d9e23452bd iio: dac: ds4424: reject -128 RAW value
014a021075c58 btrfs: abort transaction on failure to update root in the received subvol ioctl
5e1ab71f74a1e btrfs: add missing RCU unlock in error path in try_release_subpage_extent_buffer()
d11aefe654a04 btrfs: fix transaction abort on set received ioctl due to item overflow
9273175bf16c8 btrfs: fix transaction abort on file creation due to name hash collision
bac55dde8efa4 btrfs: fix transaction abort when snapshotting received subvolumes
9b753ece26524 smb: client: fix iface port assignment in parse_server_interfaces
92e64f1852f45 smb: client: fix in-place encryption corruption in SMB2_write()
9509b659ca7eb smb: client: fix atomic open with O_DIRECT & O_SYNC
bfbf1f286f682 lib/bootconfig: check bounds before writing in __xbc_open_brace()
6e736a18cfbd5 lib/bootconfig: fix snprintf truncation check in xbc_node_compose_key_after()
12d2b443b8606 kprobes: Remove unneeded warnings from __arm_kprobe_ftrace()
11712c4eb3840 x86/apic: Disable x2apic on resume if the kernel expects so
9f9157ee67b32 scsi: core: Fix error handling for scsi_alloc_sdev()
d24330cf241f8 lib/bootconfig: fix off-by-one in xbc_verify_tree() unclosed brace error
d2beb819045e4 powerpc64/bpf: fix the address returned by bpf_get_func_ip
2ce9b27946125 powerpc64/bpf: fix kfunc call support
4b89984f72742 powerpc/pseries: Correct MSI allocation tracking
f7eda676386c5 s390/dasd: Copy detected format information to secondary device
fe9cd8c8ee359 s390/dasd: Move quiesce state with pprc swap
950a76e82e05a s390/zcrypt: Enable AUTOSEL_DOM for CCA serialnr sysfs attribute
997967adf10ce sched_ext: Fix enqueue_task_scx() truncation of upper enqueue flags
a35be7a17c7b1 xfs: ensure dquot item is deleted from AIL only after log shutdown
446a1f5bb64ba xfs: fix undersized l_iclog_roundoff values
ca504d2601b3b xfs: fix returned valued from xfs_defer_can_append
2b4492d9ed0f2 xfs: fix integer overflow in bmap intent sort comparator
316cc7b63fd58 cifs: make default value of retrans as zero
50ad880db3013 io_uring/kbuf: check if target buffer list is still legacy on recycle
950bda065b05e qmi_wwan: allow max_mtu above hard_mtu to control rx_urb_size
8738dcc844fff net-shapers: don't free reply skb after genlmsg_reply()
eb613e3d38abb tracing: Fix trace_buf_size= cmdline parameter with sizes >= 2G
18bef795332b0 tracing: Fix enabling multiple events on the kernel command line and bootconfig
9ecea60f132da drm/msm/dpu: Correct the SA8775P intr_underrun/intr_underrun index
38f1640db7f8b drm/amd: Fix a few more NULL pointer dereference in device cleanup
a751a1230533f drm/msm: Fix dma_free_attrs() buffer size
0189bf176dbe6 drm/i915/psr: Repeat Selective Update area alignment
eae4bf4107571 drm/i915: Fix potential overflow of shmem scatterlist length
46275c56e7475 drm/bridge: ti-sn65dsi83: halve horizontal syncs for dual LVDS output
818ebb298a753 drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding
43025c941aced drm/amd: Fix NULL pointer dereference in device cleanup
57579312e0e87 drm/amd: Set num IP blocks to 0 if discovery fails
7885eb335d8f9 drm/amdgpu: Fix use-after-free race in VM acquire
33c3a4db31719 drm/amd/pm: remove invalid gpu_metrics.energy_accumulator on smu v13.0.x
6c58a9fdb0d0e net: dsa: microchip: Fix error path in PTP IRQ setup
8efd5dcd31e22 net: ethernet: arc: emac: quiesce interrupts before requesting IRQ
b70c4e5e71193 net: ncsi: fix skb leak in error paths
ab5ebab966421 net: nexthop: fix percpu use-after-free in remove_nh_grp_entry
3224990fb16a8 net: mctp: fix device leak on probe failure
1d6abf145615d ksmbd: fix use-after-free by using call_rcu() for oplock_info
8f5b1a7cb009a smb: server: fix use-after-free in smb2_open()
dbbd328cf5826 ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close()
146691daf293c memcg: fix slab accounting in refill_obj_stock() trylock path
159aebd20e0e9 slab: distinguish lock and trylock for sheaf_flush_main()
8938a9c60d9ae s390/xor: Fix xor_xc_5() inline assembly
1a34999922ba6 drm/amd/display: Fallback to boot snapshot for dispclk
b9a944d0a1d3a s390/xor: Fix xor_xc_2() inline assembly constraints
87f0349beaaca ata: libata-core: Disable LPM on ST1000DM010-2EP102
a547ffcb9b1d5 s390/stackleak: Fix __stackleak_poison() inline assembly constraint
d0e63feca3808 crypto: ccp - allow callers to use HV-Fixed page API when SEV is disabled
a4d0e2c416db0 pmdomain: bcm: bcm2835-power: Fix broken reset status read
f29b08755103f regulator: pf9453: Respect IRQ trigger settings from firmware
4387b2cc9a630 io_uring/net: reject SEND_VECTORIZED when unsupported
823fb431e4af8 parisc: Check kernel mapping earlier at bootup
6f92a7a8b48a5 arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS faults
396dec23e9024 parisc: Fix initial page table creation for boot
857473efe9341 io_uring/zcrx: use READ_ONCE with user shared RQEs
73a7a34581694 hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read
439b5fb7280a3 arm64: mm: Add PTE_DIRTY back to PAGE_KERNEL* to fix kexec/hibernation
ad8fa5bff53f5 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
6e6e28898e015 parisc: Increase initial mapping to 64 MB with KALLSYMS
5737b279a28b6 pmdomain: rockchip: Fix PD_VCODEC for RK3588
e9b0a6ffe8b95 drm/xe/xe2_hpg: Correct implementation of Wa_16025250150
2ab9f2531d377 batman-adv: Avoid double-rtnl_lock ELP metric worker
a269cbdc442f8 net/tcp-ao: Fix MAC comparison to be constant-time
12db29803c19e tracing: Fix syscall events activation by ensuring refcount hits zero
f6e7c4f406b68 ice: fix retry for AQ command 0x06EE
678d5802556b3 net: mana: Ring doorbell at 4 CQ wraparounds
8bde543d2a5f9 media: dvb-net: fix OOB access in ULE extension header tables
9e16152a7e337 selftests: fix mntns iteration selftests
ace46763b282d pinctrl: cy8c95x0: Don't miss reading the last bank registers
4dd2d9cf563c5 staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie
6d62fa548387e staging: rtl8723bs: properly validate the data in rtw_get_ie_ex()
ea535b9894d77 staging: sm750fb: add missing pci_release_region on error and removal
6b9cb42cfdb36 mm/slab: fix an incorrect check in obj_exts_alloc_size()
ce0aa47c963b8 mm/damon/core: clear walk_control on inactive context in damos_walk()
7c19757394ddf ixgbevf: fix link setup issue
216176bcfd2bd kunit: irq: Ensure timer doesn't fire too frequently
decd9942655db ice: reintroduce retry mechanism for indirect AQ
ca19f8f51064f iomap: reject delalloc mappings during writeback
7bdf00ed75c47 btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies()
f42b4afdd1f89 irqchip/gic-v3-its: Limit number of per-device MSIs to the range the ITS supports
32752c3e81498 device property: Allow secondary lookup in fwnode_get_next_child_node()
019debe5851d7 nfsd: Fix cred ref leak in nfsd_nl_listener_set_doit().
db377ed4ecca4 arm64: gcs: Honour mprotect(PROT_NONE) on shadow stack mappings
584926c26f0b7 bpf: Fix kprobe_multi cookies access in show_fdinfo callback
415aed08de0ee s390/pfault: Fix virtual vs physical address confusion
af65cd1853599 drm/xe/sync: Cleanup partially initialized sync on parse failure
58e6e3d39c286 ipmi:si: Fix check for a misbehaving BMC
19e1931841e44 gpiolib: normalize the return value of gc->get() on behalf of buggy drivers
32cca65189823 drm/i915/alpm: ALPM disable fixes
214b6bde0e941 nouveau/gsp: drop WARN_ON in ACPI probes
9b7855110fd75 ipmi:si: Handle waiting messages when BMC failure detected
bc001cd1a4824 drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used
e6d779654cda6 drm/bridge: samsung-dsim: Fix memory leak in error path
1df500f363bc8 ipmi:si: Use a long timeout when the BMC is misbehaving
68d7fcb6a451c ipmi:si: Don't block module unload if the BMC is messed up
06ef2ba582c68 drm/amd: Disable MES LR compute W/A
b1d10508da559 drm/amdgpu: add upper bound check on user inputs in wait ioctl
762f47e2b8243 drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl
6fff5204d8aa2 drm/amdgpu: add upper bound check on user inputs in signal ioctl
6bfda7ce56e7d cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
4729c7b00a347 kthread: consolidate kthread exit paths to prevent use-after-free
8a259a5c70ddc Revert "ptdesc: remove references to folios from __pagetable_ctor() and pagetable_dtor()"
ae931283b2f37 Revert "tcpm: allow looking for role_sw device in the main node"
21a13db8d449b scsi: hisi_sas: Fix NULL pointer exception during user_scan()
b17211b512cbf scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend
98074e16742ae powerpc, perf: Check that current->mm is alive before getting user callchain
9e84113ea6ec2 i3c: dw-i3c-master: Set SIR_REJECT in DAT on device attach and reattach
2d845604ca4fb time/jiffies: Mark jiffies_64_to_clock_t() notrace
2e8e9aea8cd5a ALSA: usb-audio: Improve Focusrite sample rate filtering
097cd68f46686 ceph: fix memory leaks in ceph_mdsc_build_path()
7335e21830b8d ceph: do not skip the first folio of the next object in writeback
7db008e85a5d1 ceph: fix i_nlink underrun during async unlink
bdf614c81081b libceph: admit message frames only in CEPH_CON_S_OPEN state
ba0a4df8c5635 libceph: Use u32 for non-negative values in ceph_monmap_decode()
69fe5af33fa38 libceph: prevent potential out-of-bounds reads in process_message_header()
fc4d944dbaee9 libceph: reject preamble if control segment is empty
f9da5c1bbac5c libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()
8be8911f59081 ceph: add a bunch of missing ceph_path_info initializers
cae928e3178c7 kprobes: avoid crash when rmmod/insmod after ftrace killed
2754e7b3d6474 tipc: fix divide-by-zero in tipc_sk_filter_connect()
22b05abb17e3c ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start
0e06cc511c61c mmc: core: Avoid bitfield RMW for claim/retune flags
45785772d538b mm/kfence: disable KFENCE upon KASAN HW tags enablement
24743b77cae33 mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index()
63826cf084468 mm/kfence: fix KASAN hardware tag faults during late enablement
6dc0919dc7820 mm/tracing: rss_stat: ensure curr is false from kthread context
e584cb58a2ea7 usb: gadget: f_ncm: Fix net_device lifecycle with device_move
ef7d456d1e887 Revert "usb: gadget: u_ether: add gether_opts for config caching"
05dc0c098ca11 Revert "usb: gadget: f_ncm: align net_device lifecycle with bind/unbind"
d2a08ea03830b Revert "usb: gadget: u_ether: Add auto-cleanup helper for freeing net_device"
56cb551d2a33d Revert "usb: legacy: ncm: Fix NPE in gncm_bind"
8a607bae3a0a4 Revert "usb: gadget: f_ncm: Fix atomic context locking issue"
be5738d19bed2 usb: legacy: ncm: Fix NPE in gncm_bind
e533a44fb1b33 usb: gadget: f_ncm: Fix atomic context locking issue
679d9535aeb15 usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling
b7fed917f84e4 usb: image: mdc800: kill download URB on timeout
513041c71356d usb: gadget: uvc: fix interval_duration calculation
4cc30a5fc8832 usb: mdc800: handle signal and read racing
c0b28a042174c usb: gadget: f_hid: fix SuperSpeed descriptors
0b7d11fd6e742 usb: renesas_usbhs: fix use-after-free in ISR during device removal
67ed312124bb1 usb: class: cdc-wdm: fix reordering issue in read code path
64f3d75633aed USB: core: Limit the length of unkillable synchronous timeouts
6cb7dc91f057d USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts
f7e115af48745 USB: usbcore: Introduce usb_bulk_msg_killable()
ac207d57bbb06 usb: typec: altmode/displayport: set displayport signaling rate in configure message
8c9521a5877e5 usb: roles: get usb role switch from parent only for usb-b-connector
9459b5731cd8b usb: cdc-acm: Restore CAP_BRK functionnality to CH343
82f7b4350b9d9 usb: core: don't power off roothub PHYs if phy_set_mode() fails
1a99da68a5a9c usb: misc: uss720: properly clean up reference in uss720_probe()
69f090f5e7298 usb: dwc3: pci: add support for the Intel Nova Lake -H
a41d3d9202e95 usb: yurex: fix race in probe
cd41e0d1df8fc usb: xhci: Prevent interrupt storm on host controller error (HCE)
c65f1b840ab8c usb: xhci: Fix memory leak in xhci_disable_slot()
8043f1c3c89dd USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed
ba3b951b7f7ae usb/core/quirks: Add Huawei ME906S-device to wakeup quirk
e2554ffa8c252 USB: add QUIRK_NO_BOS for video capture several devices
213e82ccdea58 KVM: arm64: pkvm: Fallback to level-3 mapping on host stage-2 fault
c513bbd7da534 KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC
b058c30cdf7d5 KVM: x86: Introduce KVM_X86_QUIRK_VMCS12_ALLOW_FREEZE_IN_SMM
686c8f16112c8 KVM: arm64: Fix protected mode handling of pages larger than 4kB
e0f582406c3e4 ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA
08da6c7ed70f0 ata: libata-core: Add BRIDGE_OK quirk for QEMU drives
f90768ed813bf rust: str: make NullTerminatedFormatter public
887098159d705 rust: kbuild: allow `unused_features`
dd109e3442817 rust_binder: call set_notification_done() without proc lock
e19afb53f7723 rust_binder: avoid reading the written value in offsets array
20a01f20d1f40 rust_binder: check ownership before using vma
edf685946c4ac rust_binder: fix oneway spam detection
3e89ddbaaea2f net: usb: lan78xx: skip LTM configuration for LAN7850
20ce2bd1c1848 net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect
f62ec1babb2ae net: usb: lan78xx: fix TX byte statistics for small packets
fa41007be691b net: usb: lan78xx: fix silent drop of packets with checksum errors
00293f362712b can: gs_usb: gs_can_open(): always configure bitrates before starting device
3d542cf3c4c85 ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces
4a758e9a1f5ed ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain()
6eaaa67d6998f sched_ext: Remove redundant css_put() in scx_cgroup_init()
86ceaccfdfa16 cgroup: fix race between task migration and iteration
1051eb2f53886 drm/amdgpu: ensure no_hw_access is visible before MMIO
3428dc5520c81 usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks()
678f1212f77bf iio: imu: inv-mpu9150: fix irq ack preventing irq storms
86f00a9e50b4a net: prevent NULL deref in ip[6]tunnel_xmit()
7065d73a78ba7 octeontx2-af: devlink: fix NIX RAS reporter to use RAS interrupt status
c9d6bf8d139a9 octeontx2-af: devlink: fix NIX RAS reporter recovery condition
8ded073fc8cdc net: ethernet: ti: am65-cpsw-nuss: Fix rx_filter value for PTP support
c1d06ccbee468 net: ti: am65-cpsw: move hw timestamping to ndo callback
59489ce60d741 net/mana: Null service_wq on setup error to prevent double destroy
103e4fedb4784 neighbour: restore protocol != 0 check in pneigh update
f7f12d551d611 net: dsa: realtek: Fix LED group port bit for non-zero LED group
95faa1459b83f net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled
84c1adb60fdba perf synthetic-events: Fix stale build ID in module MMAP2 records
529c985da1b27 drm/amdkfd: Unreserve bo if queue update failed
b3b56d60fee16 ASoC: detect empty DMI strings
790851ecc983c ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition
9a3106a81fc3c ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address()
e987bc1d2e8d4 net: bcmgenet: fix broken EEE by converting to phylib-managed state
53480725b1395 page_pool: store detach_time as ktime_t to avoid false-negatives
30e87ade8d678 e1000/e1000e: Fix leak in DMA error cleanup
981e2805e48fc i40e: fix src IP mask checks and memcpy argument names in cloud filter
75e0a631c3a13 iavf: fix incorrect reset handling in callbacks
1b034f2429ce6 iavf: fix PTP use-after-free during reset
98b36857f3584 drivers: net: ice: fix devlink parameters get without irdma
b56c49897bdac nvme-pci: Fix race bug in nvme_poll_irqdisable()
328c551f0cc81 nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set
3cf2d7ca48289 sched: idle: Make skipping governor callbacks more consistent
a422159d766ad perf ftrace: Fix hashmap__new() error checking
f7e52a24e5b76 regulator: pca9450: Correct probed name for PCA9452
55ca06f54f57f regulator: pca9450: Add support for setting debounce settings
ec1427731244d regulator: pca9450: Correct interrupt type
0b6803777c003 perf annotate: Fix hashmap__new() error checking
f5ef97c131655 netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels
05018cd9370f7 netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()
9853d94b82d30 netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path
bc18551c6169e netfilter: x_tables: guard option walkers against 1-byte tail reads
e047f6fbb975f netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop()
de47a88c6b807 netfilter: nf_tables: always walk all pending catchall elements
6d2a95c689057 netfilter: nf_tables: Fix for duplicate device in netdev hooks
8a57deeb25606 net: add xmit recursion limit to tunnel xmit functions
f0679522f8ded amd-xgbe: prevent CRC errors during RX adaptation with AN disabled
cf51e5853398e amd-xgbe: fix link status handling in xgbe_rx_adaptation
925a5ffd99cdd mctp: route: hold key->lock in mctp_flow_prepare_output()
6ac890f1d60ac bonding: fix type confusion in bond_setup_by_slave()
474211fb4a1df bonding: use common function to compute the features
3c5de399a4427 can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value
1ec54187e1aa4 mctp: i2c: fix skb memory leak in receive path
569e6e72c4578 bnxt_en: Fix RSS table size check when changing ethtool channels
35b58d3bc716e serial: caif: hold tty->link reference in ldisc_open and ser_release
ecb4ed7a723f0 net: sfp: improve Huawei MA5671a fixup
ce0b8fd5e3554 ASoC: simple-card-utils: fix graph_util_is_ports0() for DT overlays
7d33e61409454 ASoC: soc-core: flush delayed work before removing DAIs and widgets
a4aa08c820f4f ASoC: soc-core: drop delayed_work_pending() check before flush
b6051f2bdd4bd spi: rockchip-sfc: Fix double-free in remove() callback
0a83d6c9e149a spi: amlogic: spifc-a4: Fix DMA mapping error handling
fc7735caf016a drm/sitronix/st7586: fix bad pixel data due to byte swap
c34ebd7b24ea7 net: spacemit: Fix error handling in emac_tx_mem_map()
045545790fea7 net: spacemit: Fix error handling in emac_alloc_rx_desc_buffers()
d55fa7cd4b19b rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()
0bad9c86edd22 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit
c74557495efb4 net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ
7d7342a18fadc net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ
ce1b19dd0684e net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery
cbd8494fdd6cc net/mlx5: Fix peer miss rules host disabled checks
835778685f157 net/mlx5: Fix crash when moving to switchdev mode
4a7838bebc383 net/mlx5: Fix deadlock between devlink lock and esw->wq
6aaf15f376b0e bonding: handle BOND_LINK_FAIL, BOND_LINK_BACK as valid link states
ab1bcadc7e517 bonding: do not set usable_slaves for broadcast mode
2ee3645e0f3f4 drm/amd/pm: add missing od setting PP_OD_FEATURE_ZERO_FAN_BIT for smu v14
4c32155265b67 drm/amd/pm: add missing od setting PP_OD_FEATURE_ZERO_FAN_BIT for smu v13
6b4a1ff808851 drm/msm/dsi: fix pclk rate calculation for bonded dsi
5f5d956b2ce00 net: dsa: realtek: rtl8365mb: remove ifOutDiscards from rx_packets
98754dda67296 dt-bindings: display/msm: qcom,sm8750-mdss: Fix model typo
676826aeddb57 perf disasm: Fix off-by-one bug in outside check
ce69c1b753746 workqueue: Use POOL_BH instead of WQ_BH when checking pool flags
a39b75c3f4226 btrfs: hold space_info->lock when clearing periodic reclaim ready
8127b5fec0475 xprtrdma: Decrement re_receiving on the early exit paths
2871bb923ff8f drm/msm/dsi: fix hdisplay calculation when programming dsi registers
203c792cb4315 nfs: return EISDIR on nfs3_proc_create if d_alias is a dir
28a72f653832a smb/server: Fix another refcount leak in smb2_open()
f426a493db33d powerpc: 83xx: km83xx: Fix keymile vendor prefix
ba021fb575084 remoteproc: mediatek: Unprepare SCP clock during system suspend
bf39fed5f22cb remoteproc: sysmon: Correct subsys_name_len type in QMI request
b7b634be76582 powerpc/crash: adjust the elfcorehdr size
c171a5f799546 powerpc/kexec/core: use big-endian types for crash variables
d5697cf3b91d8 kexec: Include kernel-end even without crashkernel
b3c074a394c66 powerpc/uaccess: Fix inline assembly for clang build on PPC32
71c57e74baa06 ALSA: usb-audio: Check max frame size for implicit feedback mode, too
31e6595fd1a05 drm/amdgpu/vcn5: Add SMU dpm interface type
716fc40446912 ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0
5faf0ce7d784a scsi: ufs: core: Fix shift out of bounds when MAXQ=32
f4f590c6c9df7 scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace()
87aa0f91ee49e ASoC: cs42l43: Report insert for exotic peripherals
c072370ad67dd ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table
7035ef0f20bab scsi: ses: Fix devices attaching to different hosts
8c61a746f7bb8 ACPI: OSI: Add DMI quirk for Acer Aspire One D255
e03d7bddf0ecc wifi: mac80211: set default WMM parameters on all links
af8f4be3b68ac unshare: fix unshare_fs() handling
6407e8baef0ac ALSA: hda/realtek: Fix speaker pop on Star Labs StarFighter
e978a36f332ed scsi: mpi3mr: Add NULL checks when resetting request and reply queues
379e19e820dd1 fs: init flags_valid before calling vfs_fileattr_get
22e54d67b2f57 scsi: ufs: core: Reset urgent_bkops_lvl to allow runtime PM power mode
55d1e86cb0c90 ACPI: PM: Save NVS memory on Lenovo G70-35
c2e73d8acd056 scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2dca7c43a6
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.18)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 9 changes (3 new | 6 updated): - 3 new CVEs: CVE-2026-21570, CVE-2026-25769, CVE-2026-25770 - 6 updated CVEs: CVE-2025-0665, CVE-2025-61662, CVE-2026-25534, CVE-2026-32290, CVE-2026-32292, CVE-2026-32293
Date: Tue, 17 Mar 2026 18:05:17 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 83ab4e2193
---------------------------
linux-yocto/6.18: update to v6.18.18
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
3318f10fa289 Linux 6.18.18
6c5e8f16b5e8 ata: libata: cancel pending work after clearing deferred_qc
13bc2772414d apparmor: fix race between freeing data and fs accessing it
af782cc8871e apparmor: fix race on rawdata dereference
623a9d211bbb apparmor: fix differential encoding verification
b60b3f7a35c4 apparmor: fix unprivileged local user can do privileged policy management
7998ab3010d2 apparmor: Fix double free of ns_name in aa_replace_profiles()
5a68e46dfe0c apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
0510d1ba0976 apparmor: fix side-effect bug in match_char() macro usage
d42b2b6bb77c apparmor: fix: limit the number of levels of policy namespaces
7eade846e013 apparmor: replace recursive profile removal with iterative approach
4f0889f2df1a apparmor: fix memory leak in verify_header
0baadb0eece2 apparmor: validate DFA start states are in bounds in unpack_pdb
380ad8b7c65e net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks
04d75529dc0f net/sched: act_gate: snapshot parameters with RCU on replace
93ea7e1363fb Linux 6.18.17
8a185304e42e selftests/bpf: Avoid simplification of crafted bounds test
63b548c86299 bpf: collect only live registers in linked regs
2ce8ece5a78d tracing: Add NULL pointer check to trigger_data_free()
52decf013d53 selftest/arm64: Fix sve2p1_sigill() to hwcap test
d15ba004b321 ata: libata-eh: Fix detection of deferred qc timeouts
98cd8b4d0b83 xdp: produce a warning when calculated tailroom is negative
45a41aecf5e5 net: enetc: use truesize as XDP RxQ info frag_size
f1ac9d19721b i40e: use xdp.frame_sz as XDP RxQ info frag_size
b6176646c36d i40e: fix registering XDP RxQ info
ff7f356cdbb4 xsk: introduce helper to determine rxq->frag_size
2a9e6ecf0e85 xdp: use modulo operation to calculate XDP frag tailroom
cd888c396667 net/sched: act_ife: Fix metalist update behavior
b3b5a037d520 net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop
fbbd2118982c net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled
33dec6f10777 net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled
d3b1c4c70da5 selftests/harness: order TEST_F and XFAIL_ADD constructors
0168443a5db5 kselftest/harness: Use helper to avoid zero-size memset warning
6f95b5952027 net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()
500a50a301ce netfilter: nft_set_pipapo: split gc into unlink and reclaim phase
9154945a6394 netfilter: nf_tables: clone set on flush only
6826131c7674 netfilter: nf_tables: unconditionally bump set->nelems before insertion
6624d1727f3a net: Provide a PREEMPT_RT specific check for netdev_queue::_xmit_lock
c3e8c75fcb2e block: use trylock to avoid lockdep circular dependency in sysfs
6b0e35123ba4 net: stmmac: Defer VLAN HW configuration when interface is down
15e8ef336895 net: stmmac: Fix VLAN HW state restore
8b8b97eaecae net: stmmac: Improve double VLAN handling
d55a39435c20 net: stmmac: Fix error handling in VLAN add and delete paths
edc988613def nfc: rawsock: cancel tx_work before socket teardown
b3fdbc7f59cd nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback
91ff0d8c3464 nfc: nci: complete pending data exchange on device close
9d448bbab724 nfc: nci: free skb on nci_transceive early error paths
a77a5423e9c6 net: devmem: use READ_ONCE/WRITE_ONCE on binding->dev
4596f44d4f5b net_sched: sch_fq: clear q->band_pkt_count[] in fq_reset()
1c46edf20f82 net: nfc: nci: Fix zero-length proprietary notifications
eae2f14ab2ef tcp: secure_seq: add back ports to TS offset
8314944cc3bd net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs
d9d4ed40b3be hwmon: (max6639) fix inverted polarity
de4ea10ae6b4 timekeeping: Fix timex status validation for auxiliary clocks
5a501379a010 nvme: fix memory allocation in nvme_pr_read_keys()
76f327fa4f1b nvme: reject invalid pr_read_keys() num_keys values
05e3f01974d0 drm/xe/reg_sr: Fix leak on xa_store failure
3c8852cff2bb drm/xe/gsc: Fix GSC proxy cleanup on early initialization failure
1c72e7b0b442 i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock"
da09dfc90cb7 drm/sched: Fix kernel-doc warning for drm_sched_job_done()
5649775b3ebf amd-xgbe: fix sleep while atomic on suspend/resume
7e4ad34a8889 net: ipv4: fix ARM64 alignment fault in multipath hash seed
0b5a78260207 ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()
5566a9eeb00e smb/client: fix buffer size for smb311_posix_qinfo in SMB311_posix_query_info()
b751369b03c8 smb/client: fix buffer size for smb311_posix_qinfo in smb2_compound_op()
3eeddb80191f bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim
ba47e3371764 igb: Fix trigger of incorrect irq in igb_xsk_wakeup
2199e190cf6b iavf: fix netdev->max_mtu to respect actual hardware limit
0138d1cdb19f libie: don't unroll if fwlog isn't supported
b9333d41ee03 ice: fix adding AQ LLDP filter for VF
1e077c65e020 xen/acpi-processor: fix _CST detection using undersized evaluation buffer
6ce948fa5459 net/rds: Fix circular locking dependency in rds_tcp_tune
ca795bf1230b indirect_call_wrapper: do not reevaluate function pointer
9612d91f6172 wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()
2831a8c57454 wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211()
f4cdf6b43689 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
fcef983ad888 wifi: wlcore: Fix a locking bug
f98c195052ab wifi: cw1200: Fix locking in error paths
93e00a88951d octeon_ep_vf: avoid compiler and IQ/OQ reordering
04a9f26d63d9 octeon_ep_vf: Relocate counter updates before NAPI
986904ab1613 octeon_ep: avoid compiler and IQ/OQ reordering
142a789a51d5 octeon_ep: Relocate counter updates before NAPI
0ace8027e41f bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded
d95de5acbf9e net: dsa: realtek: rtl8365mb: fix rtl8365mb_phy_ocp_write return value
01f5b85fa0da kunit: tool: copy caller args in run_kernel to prevent mutation
3589cc8f56c1 rust: kunit: fix warning when !CONFIG_PRINTK
7f971dfd4898 drm/xe/configfs: Free ctx_restore_mid_bb in release
303b446f2e8f drm/xe: Do not preempt fence signaling CS instructions
7196a1ff7b9a drm/syncobj: Fix handle <-> fd ioctls with dirty stack
95ed07644b2c wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config
d27f12c3f5e8 can: mcp251x: fix deadlock in error path of mcp251x_open
8215ba7bc99e can: bcm: fix locking for bcm_op runtime updates
d8e38dc605c1 amd-xgbe: fix MAC_TCR_SS register width for 2.5G and 10M speeds
d5947c3d2d14 net: ti: icssg-prueth: Fix ping failure after offload mode setup when link speed is not 1G
7ea92ab075d8 atm: lec: fix null-ptr-deref in lec_arp_clear_vccs
00f42ace446f dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler
6a674e0b19b0 xsk: Fix zero-copy AF_XDP fragment drop
645c6d8376ad xsk: Fix fragment node deletion to prevent buffer leak
2fc623e17854 tcp: give up on stronger sk_rcvbuf checks (for now)
b955350778b8 udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected.
f5fc6fead277 inet: annotate data-races around isk->inet_num
3d8f35e182c8 nvme-multipath: fix leak on try_module_get failure
79cc5a4c311f net: ethernet: ti: am65-cpsw-nuss/cpsw-ale: Fix multicast entry handling in ALE table
f17c1c4acbe2 net: annotate data-races around sk->sk_{data_ready,write_space}
f30b95159a53 nvmet-fcloop: Check remoteport port_state before calling done callback
72d08d283964 netfs: Fix unbuffered/DIO writes to dispatch subrequests in strict sequence
54b3701901af drm/solomon: Fix page start when updating rectangle in page addressing mode
ee8e4b7469b4 e1000e: clear DPG_EN after reset to avoid autonomous power-gating
9e0f09182157 i40e: Fix preempt count leak in napi poll tracepoint
e9669c2d0535 ice: recap the VSI and QoS info after rebuild
4458f9f198f5 idpf: Fix flow rule delete failure due to invalid validation
e7fca8b7fb6f idpf: change IRQ naming to match netdev and ethtool queue numbering
8f742f495ddb idpf: increment completion queue next_to_clean in sw marker wait routine
d146275655bb hwmon: (it87) Check the it87_lock() return value
ea07fcfbba43 pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()
acbcfe2f8e64 pinctrl: meson: amlogic-a4: Fix device node reference leak in aml_dt_node_to_map_pinmux()
6359d2d52c95 pinctrl: generic: move function to amlogic-am4 driver
2c091292ca42 HID: multitouch: new class MT_CLS_EGALAX_P80H84
ade03840f829 module: Remove duplicate freeing of lockdep classes
55aefe1647a6 platform/x86: thinkpad_acpi: Fix errors reading battery thresholds
82f1bb0ad480 pinctrl: qcom: qcs615: Add missing dual edge GPIO IRQ errata flag
53eba152810e pinctrl: equilibrium: fix warning trace on load
2c947684bdaa pinctrl: equilibrium: rename irq_chip function callbacks
9833ed224aad hwmon: (aht10) Fix initialization commands for AHT20
9c1984180260 hwmon: (aht10) Add support for dht20
e159eb852aee nvme: fix admin queue leak on controller reset
038158492979 drm/amd/display: Use GFP_ATOMIC in dc_create_stream_for_sink
a5c070aaf796 Bluetooth: Fix CIS host feature condition
d8a286503553 net: stmmac: remove support for lpi_intr_o
999ff1af649c platform/x86: hp-bioscfg: Support allocations of larger data
0c578e8065c4 ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths
c08ec55617cb ipmi: Fix use-after-free and list corruption on sender error
3c3462e9ae35 ASoC: fsl_xcvr: provide regmap names
227eb258c2cb ASoC: fsl_xcvr: use dev_err_probe() replacing dev_err() + return
3d46af0f8b28 ARM: clean up the memset64() C wrapper
54e841a03606 Revert "netfilter: nft_set_rbtree: validate open interval overlap"
861aa1be41bc kbuild: Split .modinfo out from ELF_DETAILS
bc2110c10128 selftests: mptcp: join: check removing signal+subflow endp
23ec7f54a9d6 selftests: mptcp: join: check RM_ADDR not sent over same subflow
ee6ce81a24a4 selftests: mptcp: more stable simult_flows tests
a64aa7db3939 mptcp: pm: in-kernel: always mark signal+subflow endp as used
19a258d03d08 mptcp: pm: avoid sending RM_ADDR over same subflow
944a333c8e4d scsi: core: Fix refcount leak for tagset_refcnt
86163b98891a smb: client: fix oops due to uninitialised var in smb2_unlink()
2ef0fc3bf49d smb: client: Don't log plaintext credentials in cifs_set_cifscreds
134596a6e4be smb: client: fix broken multichannel with krb5+signing
0786f9422cbf smb: client: fix cifs_pick_channel when channels are equally loaded
5a34959a2ab1 xfs: Fix error pointer dereference
b135cd653d1b xfs: fix xfs_group release bug in xfs_dax_notify_dev_failure
4e8935053ba3 drbd: fix null-pointer dereference on local read error
d1ef3aed4df2 drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()
01ee0bcc2986 Squashfs: check metadata block offset is within range
0524ee56af2c mm: thp: deny THP for files on anonymous inodes
9a5641024fbf scsi: target: Fix recursive locking in __configfs_open_file()
cdd96641b642 tracing: Fix WARN_ON in tracing_buffers_mmap_close
27c13c5bb094 nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().
a6677e23b313 net/sched: ets: fix divide by zero in the offload path
ca1684dd297b arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled
a1850e2aef4d cpufreq: intel_pstate: Fix crash during turbo disable
a6f3e0fa8e86 RDMA/ionic: Fix kernel stack leak in ionic_create_cq()
cfe962216c16 RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()
deee46b37ebd IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
2764dcb3c35d net: phy: register phy led_triggers during probe to avoid AB-BA deadlock
07e0c80e17ef gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL
2b6c942a5266 Bluetooth: purge error queues in socket destructors
cc6d5a3c0a85 wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()
f35ceec54d48 wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration
584279ad9ff1 wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()
ed7d30f90b77 wifi: libertas: fix use-after-free in lbs_free_adapter()
2f8ceeba6706 wifi: radiotap: reject radiotap with unknown bits
bf21bfd63e01 ALSA: hda/realtek: add quirk for Samsung Galaxy Book Flex (NT950QCT-A38A)
36facbc94803 ALSA: hda/realtek: Add quirk for Acer Aspire V3-572G
7eb2d1ce7b45 ALSA: hda/realtek: fix model name typo for Samsung Galaxy Book Flex (NT950QCG-X716)
27338f3360ef ALSA: hda/intel: increase default bdl_pos_adj for Nvidia controllers
1e5753ff4c2e ALSA: usb-audio: Use correct version for UAC3 header validation
be7e624f24df ALSA: doc: usb-audio: Add doc for QUIRK_FLAG_SKIP_IFACE_SETUP
8d70dff4a2e2 ALSA: hda/realtek: Add quirk for HP Pavilion 15-eh1xxx to enable mute LED
5f935f133107 platform/x86: dell-wmi: Add audio/mic mute key codes
bf84193d9130 platform/x86: alienware-wmi-wmax: Add G-Mode support to m18 laptops
5de34126fb2e platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
c42a92d685c4 x86/boot/sev: Move SEV decompressor variables into the .data section
a586788a669b x86/sev: Allow IBPB-on-Entry feature for SNP guests
c7258d2010e6 x86/boot: Handle relative CONFIG_EFI_SBAT_FILE file paths
87aeec43ccb9 perf/x86/intel/uncore: Add per-scheduler IMC CAS count events
f9e9cc320854 x86/efi: defer freeing of boot services memory
aaca71f8562f HID: multitouch: Keep latency normal on deactivate for reactivation gesture
d1edc027a4b0 HID: pidff: Fix condition effect bit clearing
20864e3e41c7 HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them
b9a606417999 can: usb: f81604: handle bulk write errors properly
36ead5744314 can: usb: f81604: handle short interrupt urb messages properly
18eee279e9b5 can: usb: etas_es58x: correctly anchor the urb in the read bulk callback
aa9e0a7fe5ef can: ucan: Fix infinite loop from zero-length messages
f6d80b104f90 can: usb: f81604: correctly anchor the urb in the read bulk callback
1cf469026d4a can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message
c3f1672eaea6 net: usb: pegasus: validate USB endpoints
011684cd1834 net: usb: kalmia: validate USB endpoints
2795fc06e765 net: usb: kaweth: validate USB endpoints
00477cab053d nfc: pn533: properly drop the usb interface reference on disconnect
cfd94642025e media: dvb-core: fix wrong reinitialization of ringbuffer on reopen
3acc627f235a namespace: fix proc mount iteration
a80161c20370 eventpoll: Fix integer overflow in ep_loop_check_proc()
14a1db2486fa net: arcnet: com20020-pci: fix support for 2.5Mbit cards
9498fa25a0b0 drm/i915/dp: Fix pipe BPP clamping due to HDR
99f617ea2ff0 drm/i915/dp: Fail state computation for invalid DSC source input BPP values
b05ed70feb66 LoongArch: Remove some extern variables in source files
079deecc2c9f LoongArch: Handle percpu handler address for ORC unwinder
e7c58045ad8c LoongArch: Remove unnecessary checks for ORC unwinder
e653c0718cf5 mm/slab: use prandom if !allow_spin
d3043852fffa slub: remove CONFIG_SLUB_TINY specific code paths
58aef054b290 hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race
378dff71efdd drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected()
6c80b35076bc PM: sleep: core: Avoid bit field races related to work_in_progress
5ec1d82f00b1 btrfs: zoned: fixup last alloc pointer after extent removal for RAID0/10
4b508c53f3c5 btrfs: define the AUTO_KFREE/AUTO_KVFREE helper macros
d2cfea67b1b9 KVM: x86: Add x2APIC "features" to control EOI broadcast suppression
c6db0f4a1659 PCI: dwc: ep: Fix resizable BAR support for multi-PF configurations
7c0c4b7e84b7 PCI: dwc: Remove duplicate dw_pcie_ep_hide_ext_capability() function
794b08c50128 PCI: dwc: Add new APIs to remove standard and extended Capability
26f9e895616b PCI: Add preceding capability position support in PCI_FIND_NEXT_*_CAP macros
7d610f643b04 ARM: dts: imx53-usbarmory: Replace license text comment with SPDX identifier
f50c91272425 ACPI: APEI: GHES: Disable KASAN instrumentation when compile testing with clang < 18
0a654ac440c1 ACPI: APEI: GHES: Add helper for CPER CXL protocol errors checks
baf4b13a4efc clk: tegra: tegra124-emc: fix device leak on set_rate()
e5bdc2159f8b arm64: dts: rockchip: Fix rk3588 PCIe range mappings
7f8f4acf3926 arm64: dts: rockchip: Fix rk356x PCIe range mappings
e70d5feb10c5 iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode
976c7a3750f7 Input: synaptics_i2c - guard polling restart in resume
9f5158454eae Input: synaptics_i2c - replace use of system_wq with system_dfl_wq
1aa5833f29b8 media: iris: Add missing platform data entries for SM8750
448a7662ae13 media: iris: remove v4l2_m2m_ioctl_{de,en}coder_cmd API usage during STOP handling
2698731d2582 ext4: don't set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O
e56d023da379 ext4: correct the comments place for EXT4_EXT_MAY_ZEROOUT
663efc5aac21 x86/uprobes: Fix XOL allocation failure for 32-bit tasks
f7df71d26b30 unwind_user/x86: Teach FP unwind about start of function
b9537a51b65a unwind_user/x86: Enable frame pointer unwinding on x86
6f553dbbb25d unwind: Implement compat fp unwind
5364f7bbd611 unwind: Simplify unwind_user_next_fp() alignment check
c45026c4135d drm/tegra: dsi: fix device leak on probe
1e88b5f854bd KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()
2dff8966a3a8 media: tegra-video: Fix memory leak in __tegra_channel_try_format()
7fc4b49474c8 accel/rocket: fix unwinding in error path in rocket_probe
17463839162f accel/rocket: fix unwinding in error path in rocket_core_init
b62076e780a2 usb: gadget: f_ncm: align net_device lifecycle with bind/unbind
ca9ca411bbcf usb: gadget: u_ether: Add auto-cleanup helper for freeing net_device
f222eb16d597 usb: gadget: u_ether: add gether_opts for config caching
7bdff9b9b0c6 net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels
ed9c15c7be25 Revert "PCI: dw-rockchip: Enumerate endpoints based on dll_link_up IRQ"
15a66eb1b2c6 PCI: dw-rockchip: Change get_ltssm() to provide L1 Substates info
aad472c928c9 PCI: dwc: Add L1 Substates context to ltssm_status of debugfs
80d3a201d7ad PCI: dw-rockchip: Configure L1SS support
b1f114b7a6fa PCI: dwc: Advertise L1 PM Substates only if driver requests it
53abc9c61361 PCI: j721e: Add config guards for Cadence Host and Endpoint library APIs
ee7f2ce97b08 PCI: j721e: Use devm_clk_get_optional_enabled() to get and enable the clock
f69535b77fa0 memory: mtk-smi: fix device leak on larb probe
b44d090d6ca1 memory: mtk-smi: fix device leaks on common probe
a67540127042 x86/acpi/boot: Correct acpi_is_processor_usable() check again
1b99c0e5b6bd bpf: Improve bounds when tnum has a single possible value
50a4fab0887e bpf: Introduce tnum_step to step through tnum's members
4c03342e5ac5 bpf: Add bitwise tracking for BPF_END
6c10b019785d bpf: Fix race in devmap on PREEMPT_RT
7466ae2aeed4 bpf: Fix race in cpumap on PREEMPT_RT
ecb4e02614b9 PCI: Correct PCI_CAP_EXP_ENDPOINT_SIZEOF_V2 value
878fddc519f7 spi: stm32: fix missing pointer assignment in case of dma chaining
130c436e7149 sched_ext: Fix SCX_EFLAG_INITIALIZED being a no-op flag
4778033781b5 selftests/bpf: Fix OOB read in dmabuf_collector
75d474702b2b bpf: Fix stack-out-of-bounds write in devmap
519b1ad91de5 bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing
11d1d38087e7 ASoC: SDCA: Fix comments for sdca_irq_request()
5413b1c94cfe ALSA: usb: qcom: Correct parameter comment for uaudio_transfer_buffer_setup()
51c8bedb2d08 btrfs: fix compat mask in error messages in btrfs_check_features()
771c1e38385b btrfs: print correct subvol num if active swapfile prevents deletion
136e814d1176 btrfs: fix warning in scrub_verify_one_metadata()
b178561ac38c btrfs: fix objectid value in error message in check_extent_data_ref()
845c0f1ab54e btrfs: fix incorrect key offset in error message in check_dev_extent_item()
5ba7d61b5416 btrfs: fix error message order of parameters in btrfs_delete_delayed_dir_index()
d4f210de01ea btrfs: free pages on error in btrfs_uring_read_extent()
c18c40e081c1 ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put()
73e8bdf14248 drm/amdgpu: Fix error handling in slot reset
5c42d9f8b004 drm/amdgpu: Fix locking bugs in error paths
39ae59e5c1d8 drm/amdgpu: Unlock a mutex before destroying it
1753f5f81ab6 drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings
6f60a783860c PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry
3d64dcc0799c arm64: io: Extract user memory type in ioremap_prot()
835da0da68d0 arm64: io: Rename ioremap_prot() to __ioremap_prot()
00ea0c8696b4 s390/vtime: Fix virtual timer forwarding
d30168b0cbc1 s390/idle: Fix cpu idle exit cpu time accounting
3f89b61dd504 perf: Fix __perf_event_overflow() vs perf_remove_from_context() race
b9db33aafc12 ALSA: usb-audio: Use inclusive terms
9a6693b59843 ALSA: usb-audio: Cap the packet size pre-calculations
4e3ca5f82346 drm/client: Do not destroy NULL modes
869c979f3657 zloop: check for spurious options passed to remove
f6c6a888c8a4 zloop: advertise a volatile write cache
93b64bef8cd4 regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()
bbc104dcfc59 scsi: ufs: core: Move link recovery for hibern8 exit failure to wl_resume
5fc4e150c5ad cxl: Fix race of nvdimm_bus object when creating nvdimm objects
af9bf9889663 cxl: Move devm_cxl_add_nvdimm_bridge() to cxl_pmem.ko
a29e63795063 cgroup/cpuset: Fix incorrect use of cpuset_update_tasks_cpumask() in update_cpumasks_hier()
e540616ec3a5 drm/xe/wa: Steer RMW of MCR registers while building default LRC
3464e7517551 accel/amdxdna: Validate command buffer payload count
1500b31db943 accel/amdxdna: Prevent ubuf size overflow
247cd87f0474 accel/amdxdna: Remove buffer size check when creating command BO
c67ab059953e perf/core: Fix invalid wait context in ctx_sched_in()
9a3bcd2984b8 rseq: Clarify rseq registration rseq_size bound check comment
22a1536b3f5a sched/fair: Fix lag clamp
c1591343440e sched/eevdf: Update se->vprot in reweight_entity()
ee54b5ba72d4 sched/fair: Only set slice protection at pick time
99673934a89f sched/fair: Fix zero_vruntime tracking
423b750d87d2 sched/fair: Introduce and use the vruntime_cmp() and vruntime_op() wrappers for wrapped-signed aritmetics
028084eca169 sched/fair: Rename cfs_rq::avg_vruntime to ::sum_w_vruntime, and helper functions
50890a9a01f3 sched/fair: Rename cfs_rq::avg_load to cfs_rq::sum_weight
50b3d683dcd4 x86/cfi: Fix CFI rewrite for odd alignments
e58f1a9b0677 x86/fred: Correct speculative safety in fred_extint()
ddbbdebeeea8 ALSA: usb-audio: Add QUIRK_FLAG_SKIP_IFACE_SETUP
71f72c5d74a9 ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices
561cefafd79d ALSA: scarlett2: Fix DSP filter control array handling
38072446442c drm/imx: parallel-display: check return value of devm_drm_bridge_add() in imx_pd_probe()
824a7672e354 scsi: pm8001: Fix use-after-free in pm8001_queue_command()
c3598e86c916 scsi: lpfc: Properly set WC for DPP mapping
1883332bf21f irqchip/sifive-plic: Fix frozen interrupt due to affinity setting
183a6264b32e drm/tiny: sharp-memory: fix pointer error dereference
cd2713a37336 drm/fourcc: fix plane order for 10/12/16-bit YCbCr formats
bce3847f7c51 KVM: arm64: Fix ID register initialization for non-protected pKVM guests
7a15a1e3228d KVM: arm64: Hide S1POE from guests when not supported by the host
f8a6eba20edb drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse()
a473c09666f0 debugobject: Make it work with deferred page initialization - again
531f45589787 drm/vmwgfx: Return the correct value in vmw_translate_ptr functions
2633a30eb45b drm/vmwgfx: Fix invalid kref_put callback in vmw_bo_dirty_release
c27dea9f50ed perf/core: Fix refcount bug and potential UAF in perf_mmap
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fc3191025e
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.16)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 12 changes (4 new | 8 updated): - 4 new CVEs: CVE-2024-14027, CVE-2025-70040, CVE-2025-70060, CVE-2026-3588 - 8 updated CVEs: CVE-2025-69219, CVE-2026-22457, CVE-2026-22460, CVE-2026-27332, CVE-2026-27379, CVE-2026-27382, CVE-2026-27384, CVE-2026-27386
Date: Mon, 9 Mar 2026 16:04:20 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: eee4b6217e
---------------------------
linux-yocto/6.18: update to v6.18.16
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
6258e292d746 Linux 6.18.16
0ac822bf9902 drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v7
f1ba620f9e8d most: core: fix leak on early registration failure
c954666a0707 arm64: Fix sampling the "stable" virtual counter in preemptible section
164f57cd0ac8 xfs: fix copy-paste error in previous fix
ea39bac434c5 drm/i915/wakeref: clean up INTEL_WAKEREF_PUT_* flag macros
b0bc1aaf938d Revert "ACPI: processor: Update cpuidle driver check in __acpi_processor_start()"
b9f13e55168c ALSA: pcm: Revert bufs move in snd_pcm_xfern_frames_ioctl()
6789db2c8e2f NTB: ntb_transport: Fix too small buffer for debugfs_name
358cb7055e03 rust: list: Add unsafe blocks for container_of and safety comments
49ffdc3589d8 tracing: Wake up poll waiters for hist files when removing an event
d4e45ca6db67 tracing: Fix checking of freed trace_event_file for hist files
c71ea5a71233 fgraph: Do not call handlers direct when not using ftrace_ops
5026010110a5 tracing: ring-buffer: Fix to check event length before using
bc77986f3cb7 ring-buffer: Fix possible dereference of uninitialized pointer
c692db813a7e net: nfc: nci: Fix parameter validation for packet data
b1e034af484a drm/amdgpu: keep vga memory on MacBooks with switchable graphics
832f430b6b33 drm/amd/display: Correct logic check error for fastboot
53002567af57 arm64: Force the use of CNTVCT_EL0 in __delay()
0ec0156b3fa6 rust: pin-init: replace clippy `expect` with `allow`
dddc9e67fc45 rust: irq: add `'static` bounds to irq callbacks
a94f096e28bf io_uring/zcrx: fix user_ref race between scrub and refill paths
581a8f0f3338 x86/kexec: Copy ACPI root pointer address from config table
54f463494eb5 gpio: sysfs: fix chip removal with GPIOs exported over sysfs
4ece5eb4836f net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash()
1b1d3c5d58a8 net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle
ffba51100ff6 drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise
ea33c43c2e40 kbuild: rpm-pkg: Disable automatic requires for manual debuginfo package
caa055b579cd ASoC: amd: yc: Add DMI quirk for ASUS Vivobook Pro 15X M6501RR
422adc95ea9a io_uring/cmd_net: fix too strict requirement on ioctl
89f3d2d54135 gpio: nomadik: Add missing IS_ERR() check
7c9ce68192ee cifs: some missing initializations on replay
f1ae40332431 io_uring/zcrx: fix sgtable leak on mapping failures
bcf40ce46665 fbcon: Remove struct fbcon_display.inverse
c61afb99c828 fbdev: ffb: fix corrupted video output on Sun FFB1
69290f2d3999 fbdev: of: display_timing: fix refcount leak in of_get_display_timings()
40c1ff250251 fbdev: vt8500lcdfb: fix missing dma_free_coherent()
11a93180a70b fbcon: check return value of con2fb_acquire_newinfo()
0a08a7fa123c fbdev: Use device_create_with_groups() to fix sysfs groups registration race
861fb0cc95d5 mm: numa_memblks: Identify the accurate NUMA ID of CFMW
e90346a2f1e8 ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()
3d01d8a2cc64 kbuild: rpm-pkg: Fix manual debuginfo generation when using .src.rpm
39824c8ce0c2 kernel: rpm-pkg: Restore find-debuginfo.sh approach to -debuginfo package
0ee1887b524c kbuild: rpm-pkg: Restrict manual debug package creation
972495bc37be kbuild: Fix CC_CAN_LINK detection
f8d02862e520 function_graph: Restore direct mode when callbacks drop to one
e4ff4e3ffcf9 atm: fore200e: fix use-after-free in tasklets during device removal
41023fc00f37 net: intel: fix PCI device ID conflict between i40e and ipw2200
23b82b7a2618 mm/page_alloc: clear page->private in free_pages_prepare()
e116e19c9584 mm/vmscan: fix demotion targets checks in reclaim/demotion
8adaff87db14 procfs: fix possible double mmput() in do_procmap_query()
f64491066c66 mm/page_alloc: skip debug_check_no_{obj,locks}_freed with FPI_TRYLOCK
5eac1322a7b1 mm/hugetlb: restore failed global reservations to subpool
89a9389ad70d drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify
be9c5e7af6b3 drm/amd/display: Increase DCN35 SR enter/exit latency
cc54e0eeee01 io_uring/openclose: fix io_pipe_fixed() slot tracking for specific slots
749b5e65ab69 io_uring/filetable: clamp alloc_hint to the configured alloc range
e18d1a82a62e ceph: fix write storm on fscrypted files
746840c87d76 ceph: do not propagate page array emplacement errors as batch errors
0b9c58126ad1 tracing: Reset last_boot_info if ring buffer is reset
127f9481ea77 tracing: Fix to set write permission to per-cpu buffer_size_kb
316d9fe71fb1 net: macb: Fix tx/rx malfunction after phy link down and up
4cbc8dc736c7 net: ti: icssg-prueth: Add optional dependency on HSR
6d389382ee65 octeontx2-af: CGX: fix bitmap leaks
d8a522085d09 net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean()
938cf039a683 net: ethernet: marvell: skge: remove incorrect conflicting PCI ID
78dd793ae6dc LoongArch: Disable instrumentation for setup_ptwalker()
76a0e30a1cea LoongArch: Guard percpu handler under !CONFIG_PREEMPT_RT
0811b951377e LoongArch: Use %px to print unmodified unwinding address
7a6b754bddd3 LoongArch: Prefer top-down allocation after arch_mem_init()
61a56df2fbaa LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE
353dd9934447 mm/slab: do not access current->mems_allowed_seq if !allow_spin
f843be764204 rust: kbuild: pass `-Zunstable-options` for Rust 1.95.0
2d11f9cff0a7 drm/i915/quirks: Fix device id for QUIRK_EDP_LIMIT_RATE_HBR2 entry
69e59a87bab0 ceph: supply snapshot context in ceph_zero_partial_object()
a2d53aee3fe2 MIPS: rb532: Fix MMIO UART resource registration
3969db6b22e3 cifs: Fix locking usage for tcon fields
80a2e762b217 i2c: imx-lpi2c: fix SMBus block read NACK after byte count
5e227857fcd9 watchdog/softlockup: fix sample ring index wrap in need_counting_irqs()
d14871ce0b40 kcsan, compiler_types: avoid duplicate type issues in BPF Type Format
677490a6bd4c staging: rtl8723bs: fix null dereference in find_network
7e4d88e36e5d mptcp: pm: in-kernel: always set ID as avail when rm endp
2f33f77397dd parisc: kernel: replace kfree() with put_device() in create_tree_node()
bd435f4b7381 PCI: Fix pci_slot_trylock() error handling
627f0ea6537c PCI: Don't claim disabled bridge windows
29739ec197ed net: cpsw_new: Fix potential unregister of netdev that has not been registered yet
299b825716b8 net: cpsw_new: Fix unnecessary netdev unregistration in cpsw_probe() error path
fc58ef30e0a1 drm/amdgpu: Protect GPU register accesses in powergated state in some paths
bfcd6b53e1f4 drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()
d58f8d4dcfb1 tipc: fix RCU dereference race in tipc_aead_users_dec()
ead66f2ed16f mtd: rawnand: pl353: Fix software ECC support
9799f977759e usb: dwc2: fix resume failure if dr_mode is host
2333653ef854 usb: dwc3: gadget: Move vbus draw to workqueue context
76096f156fe9 mux: mmio: fix regmap leak on probe failure
e4010282364f PCI: dwc: Fix msg_atu_index assignment
b355d927109f MIPS: Loongson2ef: Use pcibios_align_resource() to block io range
3b8fa431e035 MIPS: Loongson2ef: Register PCI controller in early stage
222afcca91f3 mm/slab: use unsigned long for orig_size to ensure proper metadata align
29659497e100 mm/slab: avoid allocating slabobj_ext array from its own slab
78d8e2d6352e scsi: ufs: core: Flush exception handling work when RPM level is zero
08c7eadd8a93 perf/arm-cmn: Reject unsupported hardware configurations
500778df9e4c remoteproc: imx_rproc: Fix invalid loaded resource table detection
4c0382b86600 btrfs: continue trimming remaining devices on failure
f4951c56d59c btrfs: zoned: fixup last alloc pointer after extent removal for DUP
72f6529487a3 btrfs: zoned: fixup last alloc pointer after extent removal for RAID1
25afd2a1ee4d btrfs: fix periodic reclaim condition
da86ca15d738 clk: rs9: Reserve 8 struct clk_hw slots for for 9FGV0841
4ce27e86d641 uprobes: Fix incorrect lockdep condition in filter_chain()
956d54e07ca7 arm64: Fix non-atomic __READ_ONCE() with CONFIG_LTO=y
bea1d373098b PCI/IOV: Fix race between SR-IOV enable/disable and hotplug
40f67686a500 Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV"
f86582890bd7 kho: skip memoryless NUMA nodes when reserving scratch areas
fdf605f64f82 crash_dump: fix dm_crypt keys locking and ref leak
36eb314184a0 kexec: derive purgatory entry from symbol
3bdc3766aafb ocfs2: fix reflink preserve cleanup issue
e5a732bfe294 rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()
9f7a5aee9171 compiler-clang.h: require LLVM 19.1.0 or higher for __typeof_unqual__
d83396624fda mm/highmem: fix __kmap_to_page() build error
491f04be585c power: reset: tdx-ec-poweroff: fix restart
bc1492651253 mtd: spinand: Disable continuous read during probe
5a435b0e4609 iio: gyro: itg3200: Fix unchecked return value in read_raw
9b85c8f624b0 powerpc/smp: Add check for kcalloc() failure in parse_thread_groups()
7441d35d14d9 vhost: move vdpa group bound check to vhost_vdpa
dfcbe0195165 tools: Fix bitfield dependency failure
461242507181 arm64: poe: fix stale POR_EL0 values for ptrace
e9051992fd21 dm mpath: make pg_init_delay_msecs settable
b662f91e216f bus: fsl-mc: fix an error handling in fsl_mc_device_add()
ab81f9f3319e io_uring/net: don't continue send bundle if poll was required for retry
bce59008b234 mm/slab: add rcu_barrier() to kvfree_rcu_barrier_on_cache()
f42941d60f01 usb: gadget: tegra-xudc: Add handling for BLCG_COREPLL_PWRDN
1afe45f89d54 mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node
d4a132f121c5 x86/kexec: add a sanity check on previous kernel's ima kexec buffer
1ca6530f07d4 of/kexec: refactor ima_get_kexec_buffer() to use ima_validate_range()
9e1f51c1ad57 ima: verify the previous kernel's IMA buffer lies in addressable RAM
995240f823a3 PCI: Fix bridge window alignment with optional resources
26da747e754c nvmem: Drop OF node reference on nvmem_add_one_cell() failure
2eb988d5c8f8 nfsd: fix return error code for nfsd_map_name_to_[ug]id
6689272b8261 NFSD: fix setting FMODE_NOCMTIME in nfs4_open_delegation
9a6f8cd28bb9 md/bitmap: fix GPF in write_page caused by resize race
b04baa848c05 xfs: check for deleted cursors when revalidating two btrees
2b658d124966 xfs: check return value of xchk_scrub_create_subord
c9ccefacae0d xfs: only call xf{array,blob}_destroy if we have a valid pointer
c2ce8d9a3b98 pinctrl: intel: Add code name documentation
733cbc3aa97e PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions
57536ff0a6bd KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2()
aaaea528d476 rust/drm: Fix Registration::{new,new_foreign_owned}() docs
71cfbc15c91a spmi: apple: Add "apple,t8103-spmi" compatible
18e9cf2259b4 xfs: get rid of the xchk_xfile_*_descr calls
d1a3cc775c6e xfs: fix remote xattr valuelblk check
652d815b856c xfs: fix the xattr scrub to detect freemap/entries array collisions
43f3b1867961 xfs: fix freemap adjustments when adding xattrs to leaf blocks
f31a8334e1c5 xfs: delete attr leaf freemap entries when empty
d54f00547c21 usb: host: tegra: Remove manual wake IRQ disposal
a50006e7ba0e iommu/arm-smmu-v3: Do not set disable_ats unless vSTE is Translate
779e0c250a6b iommu/arm-smmu-v3: Mark EATS_TRANS safe when computing the update sequence
3f73325f4548 iommu/arm-smmu-v3: Mark STE MEV safe when computing the update sequence
efd59553e477 iommu/arm-smmu-v3: Add update_safe bits to fix STE update sequence
a8e88edfd69d iio: accel: adxl380: Avoid reading more entries than present in FIFO
482814921449 PCI/PM: Prevent runtime suspend until devices are fully initialized
d6e866f3a183 arm64: dts: rockchip: Explicitly request UFS reset pin on RK3576
8d8a878ef608 erofs: fix incorrect early exits in volume label handling
041b5163bb9b erofs: fix incorrect early exits for invalid metabox-enabled images
70746336cae6 mfd: omap-usb-host: Fix OF populate on driver rebind
269466027440 mfd: qcom-pm8xxx: Fix OF populate on driver rebind
a1e9e299c0d9 mfd: macsmc: Initialize mutex
89bdcd39ae8b mfd: tps65219: Implement LOCK register handling for TPS65214
9b02e3fec3a7 mfd: core: Add locking around 'mfd_of_node_list'
25056a2fc07f KVM: arm64: nv: Return correct RES0 bits for FGT registers
8722a8fb7ed9 iommu/vt-d: Flush piotlb for SVM and Nested domain
9deaacc8dcad iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode
69c32df23bed media: uvcvideo: Return queued buffers on start_streaming() failure
97330e31ea16 dm: fix excessive blk-crypto operations for invalid keys
f122f2b3ce9d media: verisilicon: AV1: Fix tile info buffer size
457121c01f60 xfs: remove xfs_attr_leaf_hasname
00195330d172 xfs: mark data structures corrupt on EIO and ENODATA
aacb5f183eac PCI: dwc: Skip waiting for L2/L3 Ready if dw_pcie_rp::skip_l23_wait is true
42d9509161d0 phy: fsl-imx8mq-usb: set platform driver data
5e27e7f22978 drm/bridge: anx7625: Fix invalid EDID size
6236c1cd9fdf drm/buddy: Prevent BUG_ON by validating rounded allocation
ca666795bd61 selftests/mm/charge_reserved_hugetlb: drop mount size for hugetlbfs
a39b9928fdfd mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations
e14d5a99b1a6 docs: kdoc: avoid error_count overflows
faccf9c1464a drm: of: drm_of_panel_bridge_remove(): fix device_node leak
77f69aa4deb1 media: iris: Prevent output buffer queuing before stream-on completes
72846441c5f6 media: iris: gen2: Add sanity check for session stop
7cde76db8883 media: iris: gen1: Destroy internal buffers after FW releases
64e88089a294 media: iris: Skip resolution set on first IPSC
45b30f65feeb media: iris: Add buffer to list only after successful allocation
b59ec89f9cdf media: iris: use fallback size when S_FMT is called without width/height
101f2b3cd0b6 media: iris: Fix fps calculation
0cd7ca8e9603 media: iris: Fix ffmpeg corrupted frame error
bd4f8fa21618 Revert "media: iris: Add sanity check for stop streaming"
f3bf86dec1d8 media: venus: vdec: restrict EOS addr quirk to IRIS2 only
fa71c413854b media: venus: vdec: fix error state assignment for zero bytesused
21fde0b4b166 arm64: dts: rockchip: Do not enable hdmi_sound node on Pinebook Pro
428966f1151f drm/tyr: fix register name in error print
1a09db973ac6 rtc: pcf8563: use correct of_node for output clock
dfe2dbe3950f dm-unstripe: fix mapping bug when there are multiple targets in a table
38625191f32f dm-integrity: fix recalculation in bitmap mode
76801c3dfca0 reset: gpio: suppress bind attributes in sysfs
2097ce274bbc drm/i915/psr: Don't enable Panel Replay on sink if globally disabled
4caae8168d1b mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate()
2c89064ecf67 s390/pci: Handle futile config accesses of disabled devices directly
b7bbd20d55ce clk: tegra: tegra124-emc: Fix potential memory leak in tegra124_clk_register_emc()
26b1c59da576 arm64: dts: rockchip: Fix SD card support for RK3576 EVB1
fed39f0d316f media: i2c: ov01a10: Fix digital gain range
4be6112c79b2 media: stm32: dcmipp: byteproc: disable compose for all bayers
49c7d405c6ca media: stm32: dcmipp: bytecap: clear all interrupts upon stream stop
23ad54f2551f media: stm32: dcmipp: avoid naming clock if only one is needed
d13418d75e17 soc: rockchip: grf: Support multiple grf to be handled
833fd7ad595f soc: rockchip: grf: Fix wrong RK3576_IOCGRF_MISC_CON definition
9785b31beb33 clk: clk-apple-nco: Add "apple,t8103-nco" compatible
ef6647586deb bus: omap-ocp2scp: fix OF populate on driver rebind
d464cf1ed900 KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation
b7db9953c2f8 soc: ti: pruss: Fix double free in pruss_clk_mux_setup()
ab1ac24c407e soc: ti: k3-socinfo: Fix regmap leak on probe failure
b1c1a2637ebd dm: clear cloned request bio pointer when last clone bio completes
9e30eb22e03a dm-integrity: fix a typo in the code for write/discard race
e3704ce5d715 platform/x86: ISST: Store and restore all domains data
067d784870ee platform/x86: ISST: Add missing write block check
5ca94abfe5a0 media: staging/ipu7: Fix the loop bound in l2 table alloc
08440d792f97 media: staging/ipu7: Update CDPHY register settings
8603922f08d9 media: staging/ipu7: Call synchronous RPM suspend in probe failure
9a8c3cd8a0bb media: staging/ipu7: Ignore interrupts when device is suspended
364759ccc3fb media: ipu6: Fix RPM reference leak in probe error paths
39b9626b0559 media: ipu6: Fix typo and wrong constant in ipu6-mmu.c
605e9a9471d2 media: dw9714: Fix powerup sequence
fa69b9a87f89 media: i2c: ov5647: use our own mutex for the ctrl lock
e26aba7c0e9e media: ccs: Fix setting initial sub-device state
78d2c1ca071d media: i2c: ov5647: Fix PIXEL_RATE value for VGA mode
1b593da3e54c media: i2c: ov5647: Sensor should report RAW color space
ff90942181d0 media: i2c: ov5647: Correct minimum VBLANK value
8f5082ee1773 media: i2c: ov5647: Correct pixel array offset
8ecb21c20387 media: i2c: ov5647: Initialize subdev before controls
a8ff58cc8c75 media: ccs: Avoid possible division by zero
fade67c88870 media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update()
e5d08efceffc media: i2c: ov01a10: Fix test-pattern disabling
9466dc871c45 media: i2c: ov01a10: Fix passing stream instead of pad to v4l2_subdev_state_get_format()
be04fe430bb0 media: i2c: ov01a10: Add missing v4l2_subdev_cleanup() calls
2195f2be8307 media: i2c: ov01a10: Fix analogue gain range
e148cdc0f122 media: i2c: ov01a10: Fix reported pixel-rate value
8df26a76497f media: i2c: ov01a10: Fix the horizontal flip control
377a77569143 media: i2c/tw9906: Fix potential memory leak in tw9906_probe()
cc7aeed33e4f media: i2c/tw9903: Fix potential memory leak in tw9903_probe()
280da29ff603 media: cx25821: Add missing unmap in snd_cx25821_hw_params()
9544b73cad4e media: cx23885: Add missing unmap in snd_cx23885_hw_params()
1ce8c2a8f050 media: cx88: Add missing unmap in snd_cx88_hw_params()
1d8558a232ec media: radio-keene: fix memory leak in error path
9e3b9d2472b3 media: verisilicon: AV1: Set IDR flag for intra_only frame type
1af2853b4e97 media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init()
fe1c50fadc4e media: amphion: Drop min_queued_buffers assignment
a2ac388aa830 arm64: dts: apple: t8112-j473: Keep the HDMI port powered on
e75e091a331e fs: ensure that internal tmpfs mount gets mount id zero
1acb28123e57 HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()
d5512ce892f7 HID: prodikeys: Check presence of pm->input_ep82
5bbe266272d8 HID: magicmouse: Do not crash on missing msc->input
1d46d07458db HID: hid-pl: handle probe errors
4a1afa32145b pinctrl: meson: amlogic-a4: mark the GPIO controller as sleeping
e3e6e2e4d66e arm64: Disable branch profiling for all arm64 code
969e5e13ff5c KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding
662fae91c30b KVM: x86: Return "unsupported" instead of "invalid" on access to unsupported PV MSR
e28f45102510 powerpc/pseries: Fix MSI-X allocation failure when quota is exceeded
58bd8c5f67a3 arm64: kernel: initialize missing kexec_buf->random field
c053b301a0b2 ARM: omap2: Fix reference count leaks in omap_control_init()
5d83ae6ccdc9 arm64: dts: qcom: sm8750: Fix BAM DMA probing
b965b990c191 arm64: dts: qcom: x1e80100: Add missing TCSR ref clock to the DP PHYs
adae1932f01a media: verisilicon: AV1: Fix tx mode bit setting
93adedf67b07 media: verisilicon: AV1: Fix enable cdef computation
ea316b784fe6 media: chips-media: wave5: Fix Null reference while testing fluster
27cb12b7dc88 media: chips-media: wave5: Fix SError of kernel panic when closed
526816f2e331 media: chips-media: wave5: Fix device cleanup order to prevent kernel panic
cc8071b1bac6 media: chips-media: wave5: Fix kthread worker destruction in polling mode
3a278a55ead5 media: chips-media: wave5: Fix PM runtime usage count underflow
a62ba5aa9ee9 media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove()
b3fc99fe5b25 media: mtk-mdp: Fix error handling in probe function
d659f72af566 media: mediatek: encoder: Fix uninitialized scalar variable issue
e2a45398bba3 media: uvcvideo: Fix support for V4L2_CTRL_FLAG_HAS_WHICH_MIN_MAX
451cc650e40e dm-verity: correctly handle dm_bufio_client_create() failure
2e170d8bb3b3 arm64: dts: qcom: sdm630: Add missing MDSS reset
c2b9214c34f5 phy: qcom: edp: Make the number of clocks flexible
6cc6c73a87c3 PCI: Use resource_set_range() that correctly sets ->end
fcfdf9794afe Revert "PCI: dwc: Don't wait for link up if driver can detect Link Up event"
f956c3c101e2 Revert "PCI: qcom: Enumerate endpoints based on Link up event in 'global_irq' interrupt"
46adbe1c144e Revert "PCI: qcom: Enable MSI interrupts together with Link up if 'Global IRQ' is supported"
d6fecafe7b23 Revert "PCI: qcom: Don't wait for link if we can detect Link Up"
77ac28b38a86 Revert "PCI: dw-rockchip: Don't wait for link since we can detect Link Up"
4cccf815bccc drm/xe: Fix ggtt fb alignment
cdf8bbbd9017 drm/tests: shmem: Hold reservation lock around purge
9cc77691b5fd drm/tests: shmem: Hold reservation lock around madvise
6b953d92f2f2 drm/tests: shmem: Hold reservation lock around vmap/vunmap
595227cf408f drm/tests: shmem: Add clean-up action to unpin pages
496e765b7205 drm/tests: shmem: Swap names of export tests
bfcee87fd175 fpga: dfl: use subsys_initcall to allow built-in drivers to be added
a0eb5f82212b ASoC: SOF: ipc4-control: Keep the payload size up to date
c7bf344a83a1 ASoC: SOF: ipc4-control: Use the correct size for scontrol->ipc_control_data
a704a1a4394b ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls
c5fb5db719c7 ASoC: SOF: ipc4-control: If there is no data do not send bytes update
ab8c0de60f16 drm/panthor: fix for dma-fence safe access rules
a803cfad1f23 arm64: dts: ti: am62p-verdin: Fix SD regulator startup delay
0bcfebb83b54 hfsplus: ensure sb->s_fs_info is always cleaned up
428093cfa8b2 clk: renesas: rzg2l: Select correct div round macro
01dfc5abfa4d clk: renesas: rzg2l: Fix intin variable size
2e4a70f3c309 rpmsg: core: fix race in driver_override_show() and use core helper
f0a83d0a4b7c netfilter: nf_conntrack_h323: fix OOB read in decode_choice()
89764cf44544 dpaa2-switch: validate num_ifs to prevent out-of-bounds write
4cb163e9efca net: consume xmit errors of GSO frames
57957bc7f186 net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query
f72f646a5552 net/mlx5: Fix missing devlink lock in SRIOV enable error path
5226e227271a net/mlx5: E-switch, Clear legacy flag when moving to switchdev
f0ed27a3315f net/mlx5: LAG, disable MPESW in lag_disable_change()
858914d1ad19 net/mlx5: DR, Fix circular locking dependency in dump
bce42728ac48 team: avoid NETDEV_CHANGEMTU event when unregistering slave
54a7013aa13f team: use common function to compute the features
26924d2fdec2 net: add a common function to compute features for upper devices
fa3c2f8d9152 net: mana: Fix double destroy_workqueue on service rescan PCI path
f8a06d562638 dpll: zl3073x: Remove redundant cleanup in devm_dpll_init()
900be42c53cd tcp: re-enable acceptance of FIN packets when RWIN is 0
d3e32e2f3262 RDMA/umem: Fix double dma_buf_unpin in failure path
9d5a97bc71ed erofs: fix interlaced plain identification for encoded extents
d2e7c898cc02 net: usb: pegasus: enable basic endpoint checking
f3e4cceafad2 net: Drop the lock in skb_may_tx_timestamp()
9bc0bca26418 RDMA/efa: Fix typo in efa_alloc_mr()
2b96156c927c RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port
3126a2f98bea netconsole: avoid OOB reads, msg is not nul-terminated
21d341fe514f net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets
e57d397bffab RDMA/core: Fix stale RoCE GIDs during netdev events at registration
d8fc9f972fbd tipc: fix duplicate publication key in tipc_service_insert_publ()
9fc2e95fe541 dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs
b2acd29bd487 dpll: zl3073x: Cache all reference properties in zl3073x_ref
a4b086cc61e6 dpll: zl3073x: Cache reference monitor status
b1e3edf688a8 kcm: fix zero-frag skb in frag_list on partial sendmsg error
854cd32bc74f tls: Fix race condition in tls_sw_cancel_work_tx()
5455a232edea net: do not pass flow_id to set_rps_cpu()
96581749c7c1 Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ
3a954c75b1cd Bluetooth: L2CAP: Fix not checking output MTU is acceptable on L2CAP_ECRED_CONN_REQ
69dd2e85f8e8 Bluetooth: L2CAP: Fix response to L2CAP_ECRED_CONN_REQ
49065204b95b Bluetooth: hci_qca: Cleanup on all setup failures
e981a9392800 Bluetooth: L2CAP: Fix result of L2CAP_ECRED_CONN_RSP when MTU is too short
7010201831df Bluetooth: L2CAP: Fix invalid response to L2CAP_ECRED_RECONF_REQ
25c3e0de3b46 Remove WARN_ALL_UNSEEDED_RANDOM kernel config option
64ccb0aac41c wifi: brcmfmac: Fix potential kernel oops when probe fails
3c87b7e64735 wifi: cfg80211: wext: fix IGTK key ID off-by-one
3e14ba8b95c9 dma-mapping: avoid random addr value print out on error path
ceae058eb707 ksmbd: fix signededness bug in smb_direct_prepare_negotiation()
0315bec883c6 ovpn: tcp - fix packet extraction from stream
8178567c6a97 bnxt_en: Fix deleting of Ntuple filters
079986d6db1f bnxt_en: Fix RSS context delete logic
f27030ac5bef udplite: Fix null-ptr-deref in __udp_enqueue_schedule_skb().
2d74412dfd36 net: ethernet: xscale: Check for PTP support properly
cb8f0a385738 net: phy: qcom: qca807x: normalize return value of gpio_get
9605406cf28f proc: Fix pointer error dereference
f3970be26a30 net: usb: lan78xx: scan all MDIO addresses on LAN7801
fc393af769af net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode
664e9df53226 espintcp: Fix race condition in espintcp_close()
b640188b61e6 psp: use sk->sk_hash in psp_write_headers()
fe89b2f05b85 tcp: fix potential race in tcp_v6_syn_recv_sock()
82c5acb68c63 ipv6: Move ipv6_fl_list from ipv6_pinfo to inet_sock.
59581778792c xfrm: always flush state and policy upon NETDEV_UNREGISTER event
f726b3a57e00 ipmi: ipmb: initialise event handler read bytes
27e70f32aef0 xfrm: skip templates check for packet offload tunnel mode
c7221e7bd8fc xfrm6: fix uninitialized saddr in xfrm6_get_saddr()
5000ce7fcb31 iommu/amd: serialize sequence allocation under concurrent TLB invalidations
a133e3caf844 ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut
2346856b7482 ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access
495d9cb4ed71 rtc: zynqmp: correct frequency value
630ace4d8286 drm/amdgpu: avoid sdma ring reset in sriov
7a7e7bcefdd3 drm/amd/display: Remove conditional for shaper 3DLUT power-on
581ed1a5a957 arm64: hugetlbpage: avoid unused-but-set-parameter warning (gcc-16)
dd6e15658ab5 ALSA: hda/hdmi: Add quirk for TUXEDO IBS14G6
d70d2a8a491e ASoC: amd: amd_sdw: add machine driver quirk for Lenovo models
c19830db30a0 btrfs: replace BUG() with error handling in __btrfs_balance()
6af16f1b8649 ALSA: usb-audio: Add sanity check for OOB writes at silencing
d6e933f29bc0 drm/radeon: Add HAINAN clock adjustment
e341e1821503 spi: spidev: fix lock inversion between spi_lock and buf_lock
91e19be60e08 drm/amd/display: bypass post csc for additional color spaces in dal
e3c0c8384479 drm/amdgpu: Add HAINAN clock adjustment
e949fd266cfa ALSA: usb-audio: Update the number of packets properly at receiving
ef8b0cc691f1 ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 UX3405MA
8c545bcb1dab drm/amdgpu: Adjust usleep_range in fence wait
89232d0db3ca drm/amdgpu: return when ras table checksum is error
dea826897ea3 drm/amd/display: Avoid updating surface with the same surface under MPO
a71819d2cc6f drm/amd/display: Fix system resume lag issue
16b65c8ca316 ALSA: hda/tas2781: Ignore reset check for SPI device
96c5ea9e7a82 regulator: core: Remove regulator supply_name length limit
0be2f54012b4 ASoC: rt721-sdca: Fix issue of fail to detect OMTP jack type
c57b6b4bc339 mshv: clear eventfd counter on irqfd shutdown
8ee9aa80d4f1 drm/amdgpu: Skip vcn poison irq release on VF
dce5da49f65c drm/amd/display: Fix writeback on DCN 3.2+
b7af28b96ddc ARM: 9467/1: mm: Don't use %pK through printk
88c624236ef0 include: uapi: netfilter_bridge.h: Cover for musl libc
dbf5c7121810 ACPI: x86: Force enabling of PWM2 on the Yogabook YB1-X90
5c4e940075bd thermal: int340x: Fix sysfs group leak on DLVR registration failure
c1a0f5f1e5e7 libceph: define and enforce CEPH_MAX_KEY_LEN
5b75c7f24973 ceph: supply snapshot context in ceph_uninline_data()
57633b43a603 fs/ntfs3: avoid calling run_get_entry() when run == NULL in ntfs_read_run_nb_ra()
b014372b6223 ntfs3: fix circular locking dependency in run_unpack_ex
b67fb01429ff fs/ntfs3: drop preallocated clusters for sparse and compressed files
9779a6eaaabd fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
c0b43c45d45f fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata
b0ea441f44ce fs: ntfs3: check return value of indx_find to avoid infinite loop
843dc5c21518 MIPS: Loongson: Make cpumask_of_node() robust against NUMA_NO_NODE
54302ec38da4 iio: magnetometer: Remove IRQF_ONESHOT
af51e8d99df7 iio: Use IRQF_NO_THREAD
12cb0a166dc4 mfd: intel-lpss: Add Intel Nova Lake-S PCI IDs
fcfa64c53586 Revert "mfd: da9052-spi: Change read-mask to write-mask"
2a99af226fbb phy: fsl-imx8mq-usb: disable bind/unbind platform driver feature
c3be09c3c85b phy: mvebu-cp110-utmi: fix dr_mode property read from dts
c3beae1bed61 watchdog: rzv2h_wdt: Discard pm_runtime_put() return value
d6014855a2cb watchdog: imx7ulp_wdt: handle the nowayout option
17de6ad1c32b binder: don't use %pK through printk
5b3350e03667 fix it87_wdt early reboot by reporting running timer
812e5d3bcc1e serial: 8250: 8250_omap.c: Clear DMA RX running status only after DMA termination is done
cbe7f4bc2dc1 serial: 8250: 8250_omap.c: Add support for handling UART error conditions
af48c1a0abe8 staging: rtl8723bs: fix memory leak on failure path
f4fbf2d4750d usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke()
7a8ac86f5133 usb: gadget: f_fs: Fix ioctl error handling
09820593b506 usb: gadget: f_fs: fix DMA-BUF OUT queues
2de2659c206b iio: bmi270_i2c: Add MODULE_DEVICE_TABLE for BMI260/270
e86bc719b061 pinctrl: renesas: rzt2h: Allow .get_direction() for IRQ function GPIOs
d2975604bf1b misc: ti_fpc202: fix a potential memory leak in probe function
b6cfbd470158 misc: eeprom: Fix EWEN/EWDS/ERAL commands for 93xx56 and 93xx66
822019d7516b pinctrl: mediatek: make devm allocations safer and clearer in mtk_eint_do_init()
3842f93e6e29 misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read()
4e033a7215df phy: cadence-torrent: restore parent clock for refclk during resume
4842c8739961 phy: ti: phy-j721e-wiz: restore mux selection during resume
a6e099cda247 dmaengine: stm32-mdma: initialize m2m_hw_period and ccr to fix warnings
bc25f81a3f6e dmaengine: sun6i: Choose appropriate burst length under maxburst
af0b99b2214a most: core: fix resource leak in most_register_interface error paths
f907623616f7 fpga: of-fpga-region: Fail if any bridge is missing
2433adbe30bf usb: typec: ucsi: psy: Fix voltage and current max for non-Fixed PDOs
006470339240 serial: 8250_dw: handle clock enable errors in runtime_resume
31dcb6316e25 staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure
487e455643c0 soundwire: intel_auxdevice: add cs42l45 codec to wake_capable_list
c7ed6e59a58c soundwire: dmi-quirks: add mapping for Avell B.ON (OEM rebranded of NUC15)
e7e5f19998a9 dmaengine: stm32-dma3: use module_platform_driver
59e770749257 9p/xen: protect xen_9pfs_front_free against concurrent calls
80a27fb114f7 m68k: nommu: fix memmove() with differently aligned src and dest for 68000
479937252f44 HID: i2c-hid: Add FocalTech FT8112
534dbb6422f9 clk: microchip: core: correct return value on *_get_parent()
8d35f60ff0dc clk: renesas: rzg2l: Deassert reset on assert timeout
f990244e0f07 clk: amlogic: remove potentially unsafe flags from S4 video clocks
803e99ee0d60 mailbox: sprd: clear delivery flag before handling TX done
c6bc63adddc3 remoteproc: mediatek: Break lock dependency to `prepare_lock`
780185148d85 mailbox: sprd: mask interrupts that are not handled
a60671946d85 mailbox: mchp-ipc-sbi: fix uninitialized symbol and other smatch warnings
cf66aae883a5 mailbox: imx: Skip the suspend flag for i.MX7ULP
2f41bbab5e32 mailbox: pcc: Remove spurious IRQF_ONESHOT usage
95438699c929 mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()
dd6c4b463209 remoteproc: imx_dsp_rproc: Skip RP_MBOX_SUSPEND_SYSTEM when mailbox TX channel is uninitialized
359ca3038b77 tracing: Fix false sharing in hwlat get_sample()
d451a01c5a14 riscv: vector: init vector context with proper vlenb
62b650c4c0ac scsi: ufs: mediatek: Fix page faults in ufs_mtk_clk_scale() trace event
25c429dd1178 vhost: fix caching attributes of MMIO regions by setting them explicitly
59e14a18a7d5 scsi: buslogic: Reduce stack usage
263fe43d8753 hisi_acc_vfio_pci: update status after RAS error
9443fe6d05d1 ata: libata: avoid long timeouts on hot-unplugged SATA DAS
ba5a09630ebb um: Preserve errno within signal handler
7b7516ac611c hisi_acc_vfio_pci: fix the queue parameter anomaly issue
61ad70c6c908 RDMA/rtrs-clt: For conn rejection use actual err number
d527695c1df0 hisi_acc_vfio_pci: resolve duplicate migration states
e9cc097427e8 nfc: nxp-nci: remove interrupt trigger type
529eefdf9842 myri10ge: avoid uninitialized variable use
fb108754550f PCI/bwctrl: Disable BW controller on Intel P45 using a quirk
b8bd9fe67041 PCI: Mark Nvidia GB10 to avoid bus reset
551f16cd696e PCI: Add ACS quirk for Qualcomm Hamoa & Glymur
8d3fc66a008b PCI: Enable ACS after configuring IOMMU for OF platforms
d60ed85b8419 PCI: Fix pci_slot_lock () device locking
cad253d055e2 PCI/AER: Clear stale errors on reporting agents upon probe
a175a7614738 PCI: Mark ASM1164 SATA controller to avoid bus reset
14eae5564053 net/rds: Clear reconnect pending bit
a036d058f5ef vmw_vsock: bypass false-positive Wnonnull warning with gcc-16
c55ba9760662 net: usb: sr9700: remove code to drive nonexistent multicast filter
90ecae0dece4 ptp: ptp_vmclock: add 'VMCLOCK' to ACPI device match
5baf9dc03e84 bnxt_en: Allow ntuple filters for drops
211958e72198 wifi: ath10k: fix lock protection in ath10k_wmi_event_peer_sta_ps_state_chg()
0e12a252ec4b wifi: rtw89: pci: restore LDO setting after device resume
2f4de7738ade net: sfp: add quirk for Lantech 8330-265D
8052d0587fb1 octeontx2-af: Workaround SQM/PSE stalls by disabling sticky
ea3f3de49cb6 Bluetooth: btusb: Add device ID for Realtek RTL8761BU
c87634f7b51f Bluetooth: btusb: Add new VID/PID for RTL8852CE
e1b2d0394c8b Bluetooth: hci_conn: use mod_delayed_work for active mode timeout
113eeb6e2f94 Bluetooth: btusb: Add USB ID 0489:e112 for Realtek 8851BE
a6cbc4f5a6fd Bluetooth: hci_conn: Set link_policy on incoming ACL connections
4a300678ab7c Bluetooth: hci_qca: Fix SSR (SubSystem Restart) fail when BT_EN is pulled up by hw
2d6160de5ff4 Bluetooth: btusb: Add support for MediaTek7920 0489:e158
f7e05f08849f ipv4: fib: Annotate access to struct fib_alias.fa_state.
ebeaa3b24ba5 wifi: rtw89: pci: validate release report content before using for RTL8922DE
9e4da6e3907c wifi: iwlegacy: add missing mutex protection in il3945_store_measurement()
998e57caaa46 wifi: iwlegacy: add missing mutex protection in il4965_store_tx_power()
6b36e5c4741f net: hns3: extend HCLGE_FD_AD_QID to 11 bits
b76eab322b7d ipv4: igmp: annotate data-races around idev->mr_maxdelay
00b36860495b gro: change the BUG_ON() in gro_pull_from_frag0()
afe908432e44 ext4: propagate flags to convert_initialized_extent()
899ef00963ce net/rds: No shortcut out of RDS_CONN_ERROR
4db148f74a99 wifi: rtw89: 8922a: add digital compensation for 2GHz
98a774e2c58d wifi: rtw89: fix unable to receive probe responses under MLO connection
6944aaa804af driver core: faux: stop using static struct device
e1c24d4cd161 wifi: iwlwifi: mld: Fix primary link selection logic
83f0bb907cc8 wifi: iwlwifi: mld: fix chandef start calculation
1d49a42717bd wifi: iwlwifi: fix 22000 series SMEM parsing
ece13ddb9791 wifi: iwlwifi: mvm: check the validity of noa_len
f181a659909f wifi: iwlwifi: mld: Handle rate selection for NAN interface
3d39d78b8d48 PCI: imx6: Add CLKREQ# override to enable REFCLK for i.MX95 PCIe
9650627d0757 net: usb: r8152: fix transmit queue timeout
a72959608698 openrisc: define arch-specific version of nop()
5e13d0a37666 netfilter: xt_tcpmss: check remaining length before reading optlen
29f51913cb77 netfilter: nf_conntrack: Add allow_clash to generic protocol handler
74431472d16e ext4: use reserved metadata blocks when splitting extent on endio
3b3c11f944bd ext4: mark group extend fast-commit ineligible
bf5b60952449 ext4: move ext4_percpu_param_init() before ext4_mb_init()
27a99fa31252 ext4: mark group add fast-commit ineligible
c315d742675a ipv6: exthdrs: annotate data-race over multiple sysctl
58e7c79cf0a3 ipv6: annotate data-races in net/ipv6/route.c
7d4c7533b632 ipv6: annotate data-races over sysctl.flowlabel_reflect
ccaff26fac79 ipv6: annotate data-races in ip6_multipath_hash_{policy,fields}()
08e7ae48e175 wifi: cfg80211: allow only one NAN interface, also in multi radio
8362565a6905 wifi: ath12k: fix mac phy capability parsing
e8ce435b9b1f wifi: ath12k: fix preferred hardware mode calculation
5358df6e61c6 wifi: ath11k: Fix failure to connect to a 6 GHz AP
0e76bc37f192 wifi: ath11k: add pm quirk for Thinkpad Z13/Z16 Gen1
4b4784394099 wifi: rtw89: disable EHT protocol by chip capabilities
4d510f668f0f PCI: dw-rockchip: Disable BAR 0 and BAR 1 for Root Port
717fc84f180d wifi: rtw89: wow: add reason codes for disassociation in WoWLAN mode
fa8301c29079 wifi: rtw89: mac: correct page number for CSI response
ef7fa19809b2 wifi: rtw89: pci: validate sequence number of TX release report
ffbcca93034f wifi: rtw89: Add support for MSI AX1800 Nano (GUAX18N)
e15768e68820 iommu/amd: move wait_on_sem() out of spinlock
3308c7504e09 wifi: libertas: fix WARNING in usb_tx_block
27272429732d rtla: Fix NULL pointer dereference in actions_parse
1260bee01493 wifi: rtw89: fix potential zero beacon interval in beacon tracking
fce7f6f63915 net: wwan: mhi: Add network support for Foxconn T99W760
c7e5d819388e iommu/arm-smmu-v3: Improve CMDQ lock fairness and efficiency
6cdb21e0c9fd dm: remove fake timeout to avoid leak request
8f220e851a00 dm: replace -EEXIST with -EBUSY
6b20fde2f14b wifi: rtw89: regd: 6 GHz power type marks default when inactive
f85d790c3cb7 wifi: rtw88: Fix inadvertent sharing of struct ieee80211_supported_band data
ad9b80ee310e wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band()
6552d7992860 wifi: rtw89: mcc: reset probe counter when receiving beacon
5a7362a3b613 wifi: rtw89: setting TBTT AGG number when mac port initialization
efa0f7fa3a43 wifi: rtw89: ser: enable error IMR after recovering from L1
232418bbe026 wifi: rtw89: 8922a: set random mac if efuse contains zeroes
e1958f4d66a5 wifi: rtw88: rtw8821cu: Add ID for Mercusys MU6H
509becaee568 wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode()
3cf7a584327a wifi: rtw88: fix DTIM period handling when conf->dtim_period is zero
cf0e2c831361 PCI: dwc: Skip PME_Turn_Off broadcast and L2/L3 transition during suspend if link is not up
fe136426e30c jfs: nlink overflow in jfs_rename
974dac536e8c jfs: Add missing set_freezable() for freezable kthread
8e5297128563 ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio
e6645e625480 ALSA: mixer: oss: Add card disconnect checkpoints
572e4274251f ALSA: hda/realtek - Enable mute LEDs on HP ENVY x360 15-es0xxx
2d8f056e9c68 ASoC: fsl: imx-rpmsg: use snd_soc_find_dai_with_mutex() in probe
c3ac651a4f89 spi: geni-qcom: Fix abort sequence execution for serial engine errors
42068f7dd42b ASoC: SOF: Intel: hda: Fix NULL pointer dereference
9da857e6b5fd power: sequencing: fix missing state_lock in pwrseq_power_on() error path
aba5b98c4108 modpost: Amend ppc64 save/restfpr symnames for -Os build
cafea2adb358 ASoC: es8328: Add error unwind in resume
460796f33df7 HID: logitech-hidpp: Add support for Logitech K980
c8cde3ddd12a hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin
5e13b9b341ee hwmon: (f71882fg) Add F81968 support
3fa44a5e3bc7 hwmon: (emc2305) Fix a resource leak in emc2305_of_parse_pwm_child
da684ff541a4 hwmon: (nct6683) Add customer ID for ASRock Z590 Taichi
cabde1dddad3 hwmon: (nct6775) Add ASUS Pro WS WRX90E-SAGE SE
3f0aa5f0794a hwmon: (dell-smm) Add support for Dell OptiPlex 7080
ff0827301718 ASoC: codecs: max98390: Check return value of devm_gpiod_get_optional() in max98390_i2c_probe()
f752cc300fa0 spi: cadence-qspi: Try hard to disable the clocks
cf2a37be899d drm/amdgpu: validate user queue size constraints
25c5065bb676 drm/amd/display: avoid dig reg access timeout on usb4 link training fail
2d02b419ef8d drm/amd/display: Fix GFX12 family constant checks
30ed220ddcb8 spi: spi-mem: Protect dirmap_create() with spi_mem_access_start/end
588faab060c5 ASoC: sunxi: sun50i-dmic: Add missing check for devm_regmap_init_mmio
ffb5fde572e9 gpio: aspeed-sgpio: Change the macro to support deferred probe
62914b5c2955 ALSA: hda/realtek: fix LG Gram Style 14 speakers
06d929be1132 ALSA: hda/conexant: Add headset mic fix for MECHREVO Wujie 15X Pro
a36e053b1680 HID: elecom: Add support for ELECOM HUGE Plus M-HT1MRBK
37914cef17ee media: uvcvideo: Create an ID namespace for streaming output terminals
882974699753 HID: multitouch: add eGalaxTouch EXC3188 support
16790e7e2987 drm/amd/display: Revert "init dispclk from bootup clock for DCN315"
37282c9129fd media: rkisp1: Fix filter mode register configuration
7b4d0fab3ff2 drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release
f1f3e18596e2 drm/atmel-hlcdc: don't reject the commit if the src rect has fractional parts
082271e364a3 drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback
1e89f8a2e8b0 drm/amd/display: Ensure link output is disabled in backend reset for PLL_ON
5f0c5775d4ee drm/amd/display: Disable FEC when powering down encoders
bc8b167f031a PCI: Add Intel Nova Lake audio Device ID
d5262b2ee062 ASoC: soc-acpi-intel-arl-match: change rt722 amp endpoint to aggregated
cfe928c39b48 virt: vbox: uapi: Mark inner unions in packed structs as packed
b856cf4a1550 hyper-v: Mark inner union in hv_kvp_exchg_msg_value as packed
79f42487ed60 drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels
cb8b9a1755fe drm: Account property blob allocations to memcg
662ec0a17b50 drm/amdkfd: Fix GART PTE for non-4K pagesize in svm_migrate_gart_map()
acfc84cfa70a drm/amdkfd: Relax size checking during queue buffer get
6eb9fc7d451c ALSA: usb-audio: presonus s18xx uses little-endian
9745c2561e55 ALSA: hda/realtek: add HP Victus 16-e0xxx mute LED quirk
c626a9b6b7ff media: ipu6: Always close firmware stream
eb7cdb7ab50b media: ipu6: Close firmware streams on streaming enable failure
5d5190cbc4bb media: ipu6: Ensure stream_mutex is acquired when dealing with node list
e913d0d8e26c media: mt9m114: Return -EPROBE_DEFER if no endpoint is found
7bccb94dff56 media: mt9m114: Avoid a reset low spike during probe()
b02bcb378efa media: v4l2-async: Fix error handling on steps after finding a match
2e9d6b58ab81 media: qcom: camss: Do not enable cpas fast ahb clock for SM8550 VFE lite
b7210170b10e media: cx25821: Fix a resource leak in cx25821_dev_setup()
d29f33b2cf98 media: solo6x10: Check for out of bounds chip_id
2011929f0e4c media: pvrusb2: fix URB leak in pvr2_send_request_ex
d484d11030aa media: adv7180: fix frame interval in progressive mode
2f5427d8726b drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()
7c0feaa0026b media: amphion: Clear last_buffer_dequeued flag for DEC_CMD_START
efa59cc2142d cgroup/cpuset: Don't fail cpuset.cpus change in v2
b725955d651d spi: spi-mem: Limit octal DTR constraints to octal DTR situations
677681a41fc9 ASoC: wm8962: Don't report a microphone if it's shorted to ground on plug
669220b2fca6 ASoC: wm8962: Add WM8962_ADC_MONOMIX to "3D Coefficients" mask
a85e45fcff1b drm/xe: Only toggle scheduling in TDR if GuC is running
dc3097ef16e7 drm/amd/display: only power down dig on phy endpoints
2b9e44b3849f drm/amdgpu: Skip loading SDMA_RS64 in VF
409d19050cde HID: multitouch: add quirks for Lenovo Yoga Book 9i
5ed818e9560f HID: pidff: Do not set out of range trigger button
18750cac9b01 HID: apple: Add "SONiX KN85 Keyboard" to the list of non-apple keyboards
e9e477d3197f drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4
486b2909ac28 drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src
f58458249d86 drm/amdgpu: avoid a warning in timedout job handler
c10fe9471f3a drm/amd/display: Fix dsc eDP issue
0b1005d5ca9a drm/amdgpu: add support for HDP IP version 6.1.1
20e248df7341 media: mediatek: vcodec: Don't try to decode 422/444 VP9
b173ba3365ff drm/panel: edp: add BOE NV140WUM-T08 panel
5e702ee8c7f5 media: chips-media: wave5: Process ready frames when CMD_STOP sent to Encoder
b607b5e2c62b media: chips-media: wave5: Fix conditional in start_streaming
98c62dacabbd media: omap3isp: set initial format
7ab5e86088f2 media: omap3isp: isppreview: always clamp in preview_try_format()
dd1bdabe47bc media: omap3isp: isp_video_mbus_to_pix/pix_to_mbus fixes
0290934d30ab drm/v3d: Set DMA segment size to avoid debug warnings
bb09f4584aa2 spi: stm32: fix Overrun issue at < 8bpw
acd80343470e gpio: pca953x: Add support for TCAL6408 TCAL6416
bbc6e7fc432c media: dvb-core: dmxdevfilter must always flush bufs
f88cd8da2d28 ASoC: SOF: ipc4: Support for sending payload along with LARGE_CONFIG_GET
59b888198843 drm/amd/display: Don't disable DPCD mst_en if sink connected
7df6fe98b24d drm/amd/display: Add USB-C DP Alt Mode lane limitation in DCN32
08dca4c8099a spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing
00f77947972e spi-geni-qcom: use xfer->bits_per_word for can_dma()
97872d00da3c spi-geni-qcom: initialize mode related registers to 0
b3d6ca4f27d4 drm/amdkfd: Handle GPU reset and drain retry fault race
0bd968c04acf drm/panel-edp: Add AUO B140QAX01.H panel
79c5cbeba6b0 drm/amd/display: Guard FAMS2 configuration updates
7ad1f6f9476b drm/amd/display: Correct FIXED_VS Link Rate Toggle Condition
0b7f78caeffa drm/amdgpu/ras: Move ras data alloc before bad page check
a25cf4a927a7 drm/amdgpu: fix the calculation of RAS bad page number
276028fd9b60 drm/amdgpu: fix NULL pointer issue buffer funcs
31a1fb32f5eb accel/amdxdna: Fix tail-pointer polling in mailbox_get_msg()
6ca4647a7415 gpu/panel-edp: add AUO panel entry for B140HAN06.4
d380351cbefe drm/xe/xe3_lpg: Apply Wa_16028005424
49355c85b4cd drm/panthor: Always wait after sending a command to an AS
4d2ccdea18b5 drm/display/dp_mst: Add protection against 0 vcpi
86017c455e0a drm/xe/vm: Skip ufence association for CPU address mirror VMA during MAP
e72721081bd1 drm/xe: Covert return of -EBUSY to -ENOMEM in VM bind IOCTL
2583ab12055d drm/xe/ggtt: Use scope-based runtime pm
3db57975e988 parisc: Prevent interrupts during reboot
707a77b9c6fd x86/sev: Use kfree_sensitive() when freeing a SNP message descriptor
45395efdf6a6 soc: imx8m: Fix error handling for clk_prepare_enable()
456775382708 arm64: tegra: smaug: Add usb-role-switch support
6e1486257a2e EDAC/igen6: Add two Intel Amston Lake SoCs support
3a72bf74f50a EDAC/igen6: Add more Intel Panther Lake-H SoCs support
3983ef126e43 Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"
919785992a37 firmware: arm_ffa: Unmap Rx/Tx buffers on init failure
2c99326dc1c7 pstore: ram_core: fix incorrect success return when vmap() fails
db702ef6d914 sched/debug: Fix updating of ppos on server write ops
c075eb0d220d char: tpm: cr50: Remove IRQF_ONESHOT
4fa6bfa6dc2d mailbox: bcm-ferxrm-mailbox: Use default primary handler
aaaa758294fb crypto: hisilicon/qm - move the barrier before writing to the mailbox register
a048eb4e37ea bpftool: Fix dependencies for static build
aee8db5f0486 PCI/MSI: Unmap MSI-X region on error
716f777b6c9b clocksource/drivers/timer-integrator-ap: Add missing Kconfig dependency on OF
bc59d5f3afe4 clocksource/drivers/sh_tmu: Always leave device running after probe
1088d3cb5b5b arm64/ftrace,bpf: Fix partial regs after bpf_prog_run
e1886b473131 perf/core: Fix slow perf_event_task_exit() with LBR callstacks
df02c3ff3be4 bpf: Properly mark live registers for indirect jumps
aae391a79f2a genirq/cpuhotplug: Notify about affinity changes breaking the affinity mask
4c122e8ae149 bpf: Recognize special arithmetic shift in the verifier
c1357b496286 bpf: net_sched: Use the correct destructor kfunc type
50d6fd69388c bpf: crypto: Use the correct destructor kfunc type
c67bbeb87aea gendwarfksyms: Fix build on 32-bit hosts
cf9e5b8b9e31 perf/x86/intel: Add Airmont NP
40497751c3f9 perf/x86/cstate: Add Airmont NP
89571b4a886f perf/x86/msr: Add Airmont NP
501c84f42b89 irqchip/riscv-imsic: Add a CPU pm notifier to restore the IMSIC on exit
bad352600722 bpf: verifier improvement in 32bit shift sign extension pattern
c6a27aa65852 sparc: don't reference obsolete termio struct for TC* constants
6560e1d1fa32 sparc: Synchronize user stack on fork and clone
f15b4e9286c7 block: decouple secure erase size limit from discard size limit
ea53119b1dff blk-mq-sched: unify elevators checking for async requests
40932ac2433e blk-mq-debugfs: add missing debugfs_mutex in blk_mq_debugfs_register_hctxs()
d39d675a4303 xenbus: Use .freeze/.thaw to handle xenbus devices
11d591f1d70e ACPI: battery: fix incorrect charging status when current is zero
baeecf1ac9e8 ACPI: x86: s2idle: Invoke Microsoft _DSM Function 9 (Turn On Display)
da0ce17c9d5c perf/cxlpmu: Replace IRQF_ONESHOT with IRQF_NO_THREAD
8e6ea0b484fa s390/perf: Disable register readout on sampling events
f5b48df92c1c cpufreq: dt-platdev: Block the driver from probing on more QC platforms
e8d10ef5988e rust: cpufreq: always inline functions using build_assert with arguments
24783dd06de8 md raid: fix hang when stopping arrays with metadata through dm-raid
721599e837d3 md-cluster: fix NULL pointer dereference in process_metadata_update
03e42b5f7ad4 alpha: fix user-space corruption during memory compaction
bfc1a95012c4 io_uring/timeout: annotate data race in io_flush_timeouts()
790a984e34f3 powercap: intel_rapl: Add PL4 support for Ice Lake
2a9bf565d6fe ACPICA: Abort AML bytecode execution when executing AML_FATAL_OP
62dfb8ac00a5 ACPI: resource: Add JWIPC JVC9100 to irq1_level_low_skip_override[]
29f60d3d0681 ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4()
25b290624b0e EFI/CPER: don't go past the ARM processor CPER record buffer
136093ba4161 APEI/GHES: ARM processor Error: don't go past allocated memory
6f5d41984ad8 APEI/GHES: ensure that won't go past CPER allocated record
a8419f5f2c5f EFI/CPER: don't dump the entire memory region
142c444a395f ntfs: ->d_compare() must not block
6d61077981cf x86/xen/pvh: Enable PAE mode for 32-bit guest only when CONFIG_X86_PAE is set
c94ede3c436d rnbd-srv: Zero the rsp buffer before using it
fd51d47fcace arm64: Add support for TSV110 Spectre-BHB mitigation
f4ac7292b635 perf/arm-cmn: Support CMN-600AE
8c7fdc39e38a s390/purgatory: Add -Wno-default-const-init-unsafe to KBUILD_CFLAGS
c7671c46dab4 tools/power cpupower: Reset errno before strtoull()
f699251d5a2d s390/boot: Add -Wno-default-const-init-unsafe to KBUILD_CFLAGS
f0729486c907 tools/cpupower: Fix inverted APERF capability check
6287eefaf21e smb: client: prevent races in ->query_interfaces()
2e121c53b581 gfs2: fiemap page fault fix
327de5b59801 smb: client: add proper locking around ses->iface_last_update
be0d85bc660a netfs: when subreq is marked for retry, do not check if it faced an error
66c3be4ac35d btrfs: handle user interrupt properly in btrfs_trim_fs()
4d49275175fd btrfs: fallback to buffered IO if the data profile has duplication
082083c9fbd9 dlm: validate length in dlm_search_rsb_tree
31fefc18096c minix: Add required sanity checking to minix_check_superblock()
75903591f869 dlm: fix recovery pending middle conversion
0e5806ef45f2 i3c: mipi-i3c-hci: Reset RING_OPERATION1 fields during init
a2198bf95a4a i3c: mipi-i3c-hci: Stop reading Extended Capabilities if capability ID is 0
98ddff8a90f8 i3c: master: svc: Initialize 'dev' to NULL in svc_i3c_master_ibi_isr()
67407d6abc95 hfsplus: pretend special inodes as regular files
a2e8c144299c audit: add missing syscalls to read class
c6f2c554dd8b kselftest/kublk: include message in _Static_assert for C11 compatibility
42c32d7571cc fs/buffer: add alert in try_to_free_buffers() for folios without buffers
956b1d8051cf hfsplus: fix volume corruption issue for generic/498
4fed776ca863 audit: add fchmodat2() to change attributes class
54694417d438 hfsplus: fix volume corruption issue for generic/480
f13680f62934 statmount: permission check should return EPERM
f987cbd82eb4 rtc: interface: Alarm race handling should not discard preceding error
e1105da95214 perf test: Fix test case perftool-testsuite_report for s390
68ab096e361d libperf build: Always place libperf includes first
b0ae7a8272bf perf build: Remove NO_LIBCAP that controls nothing
7f686fb319e6 perf vendor events amd: Fix Zen 5 MAB allocation events
13458b3b3df7 perf annotate: Fix BUILD_NONDISTRO=1 missing args->ms conversions to pointer
8943b2c49bd8 tools headers: Go back to include asm-generic/unistd.h for arm64
0abe77dcaca7 perf annotate: Fix memcpy size in arch__grow_instructions()
59a7c3c9c312 perf tests sched: Avoid error in cleanup on loaded machines
ddbf249d9923 perf maps: Fix reference count leak in maps__find_ams()
77c08fedf3f4 perf annotate: Fix args leak of map_symbol
a7819ced00b9 perf cs-etm: Fix decoding for sparse CPU maps
8d0cf138d183 perf tools: Get debug info of DSO properly
82b1f2b0e7ab perf symbol-elf: Fix leak of ELF files with GNU debugdata
055b4bce85bf rtc: max31335: use correct CONFIG symbol in IS_REACHABLE()
46a204477893 libsubcmd: Fix null intersection case in exclude_cmds()
68a9c15032e8 perf callchain: Fix srcline printing with inlines
27c53054d593 perf unwind-libdw: Fix invalid reference counts
62f730d55aac perf build: Raise minimum shellcheck version to 0.7.2
3b14096e0c9f perf test stat tests: Fix for virtualized machines
b7621a279de3 perf test stat: Update test expectations and events
df0dc1b06fb6 Linux 6.18.15
c1f305ac054f netfilter: nf_tables: add .abort_skip_removal flag for set types
2ad6657a787f Linux 6.18.14
bcf08144a20a ata: libata-core: fix cancellation of a port deferred qc work
33abac5b5a53 ata: libata-eh: correctly handle deferred qc timeouts
a488528a7182 drm/amd/display: Add an hdmi_hpd_debounce_delay_ms module
a86c53332a81 net: stmmac: dwmac-loongson: Set clk_csr_i to 100-150MHz
ff763ac97713 drm/amd/display: Clear HDMI HPD pending work only if it is enabled
5566ebcf41ae selftests/bpf: Test bpf_skb_check_mtu(BPF_MTU_CHK_SEGS) when transport_header is not set
73c2a1255f0f io_uring/rsrc: clean up buffer cloning arg validation
b20266f1880b Drivers: hv: vmbus: Use kthread for vmbus interrupts on PREEMPT_RT
4949e32387fe drm/exynos: vidi: fix to avoid directly dereferencing user pointer
b5fc86d753dd drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()
5c8e29b5208b ALSA: hda/realtek: Add quirk for Samsung Galaxy Book3 Pro 360 (NP965QFG)
356a6afadb44 ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314
6cadda9d1921 ALSA: hda/realtek: Add quirk for Gigabyte G5 KF5 (2023)
84dbf4feaa93 ASoC: dt-bindings: asahi-kasei,ak5558: Fix the supply names
1c1148cbebad ASoC: dt-bindings: asahi-kasei,ak4458: Fix the supply names
8562d921e4ee ASoC: dt-bindings: asahi-kasei,ak4458: set unevaluatedProperties:false
a16695e3ac32 dt-bindings: media: qcom,qcs8300-camss: Add missing power supplies
05072d352ed1 dt-bindings: phy: qcom-edp: Add missing clock for X Elite
c20f92521424 SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path
d79b9097a6a2 SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths
888cd7e40adb ata: libata-scsi: avoid Non-NCQ command starvation
410336fc82ac ata: libata-scsi: refactor ata_scsi_translate()
62a16b2e3ce9 ata: pata_ftide010: Fix some DMA timings
3be216fd6f89 ext4: use optimized mballoc scanning regardless of inode format
34c803edc0b3 ext4: always allocate blocks only from groups inode can use
3924aea2c33d ext4: fix dirtyclusters double decrement on fs shutdown
29a07d691d28 ext4: fix e4b bitmap inconsistency reports
12615ab4bfb6 ext4: fix memory leak in ext4_ext_shift_extents()
808f3191498f ext4: drop extent cache when splitting extent fails
c2ee51d684ad ext4: drop extent cache after doing PARTIAL_VALID1 zeroout
5b1f42904533 ext4: don't cache extent during splitting extent
d67c8ecf3d8f ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1
f86ddca5e419 ext4: subdivide EXT4_EXT_DATA_VALID1
561834f6d6f5 MIPS: Work around LLVM bug when gp is used as global register variable
fc086c0ce3db usb: cdns3: fix role switching during resume
557f65399133 drm/amd/display: Use same max plane scaling limits for all 64 bpp formats
9fbb4f14462f ASoC: rockchip: i2s-tdm: Use param rate if not provided by set_sysclk
7e92f716a55b x86/hyperv: Fix error pointer dereference
d7cf2314dd5e btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found
6ca11deb6c94 btrfs: use the correct type to initialize block reserve for delayed refs
55d02a533a8a btrfs: reset block group size class when it becomes empty
74fcfce2a5ee btrfs: reduce block group critical section in btrfs_free_reserved_bytes()
38944f3c5006 btrfs: remove fs_info argument from btrfs_try_granting_tickets()
9b18bf59977f efi: Fix reservation of unaccepted memory table
7098d3743105 gpio: amd-fch: ionly return allowed values from amd_fch_gpio_get()
778f326af79f drm/xe/bo: Redirect faults to dummy page for wedged device
ed945276a76e drm/xe: Make xe_modparam.force_vram_bar_size signed
940b8daa5290 drm/xe/xe2_hpg: Fix handling of Wa_14019988906 & Wa_14019877138
ef074e9bee05 drm/xe/mmio: Avoid double-adjust in 64-bit reads
5ba475d1f341 drm/xe/configfs: Fix 'parameter name omitted' errors
0c42190a2f26 s390/kexec: Make KEXEC_SIG available when CONFIG_MODULES=n
0f93a80eb3fd spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe()
263e28add4f4 drm/amd/display: Fix out-of-bounds stream encoder index v3
8eb62f5adc12 drm/amd/display: Reject cursor plane on DCE when scaled differently than primary
2b36c0c1bcbb drm/amdkfd: Fix watch_id bounds checking in debug address watch v2
96f42087b058 PCI: Validate window resource type in pbus_select_window_for_type()
e37630e34e24 ASoC: codecs: aw88261: Fix erroneous bitmask logic in Awinic init
63680351142e drm/i915/acpi: free _DSM package when no connectors
9a2a5da00277 ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()
a62afa5a595e mshv: fix SRCU protection in irqfd resampler ack handler
ca2eff361786 drm/amdgpu/sdma6: enable queue resets unconditionally
5211aa12e46f drm/amdgpu/sdma5.2: enable queue resets unconditionally
0d8ba96c792f drm/amdgpu/sdma5: enable queue resets unconditionally
3759040d6d7c drm/amdgpu: move reset debug disable handling
2fef8c2ac67e drm/amdgpu: Fix memory leak in amdgpu_ras_init()
9ae85b0c1909 drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges()
d1370ef2ecf7 drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()
aebd195e9305 apparmor: fix aa_label to return state from compount and component match
1d2b2b58fde9 apparmor: fix invalid deref of rawdata when export_binary is unset
80c334acc6d0 apparmor: avoid per-cpu hold underflow in aa_get_buffer
4610d536ff09 apparmor: make label_match return a consistent value
9ef25645775b apparmor: remove apply_modes_to_perms from label_match
9bf1fa150775 apparmor: fix rlimit for posix cpu timers
b2a8011ae874 apparmor: move check for aa_null file to cover all cases
7757757908e0 apparmor: account for in_atomic removal in common_file_perm
f3cb5e58a65d apparmor: drop in_atomic flag in common_mmap, and common_file_perm
1eadeb462ec3 apparmor: fix boolean argument in apparmor_mmap_file
ac8f179e5c9e apparmor: return -ENOMEM in unpack_perms_table upon alloc failure
e027999049c4 apparmor: Fix & Optimize table creation from possibly unaligned memory
23f112bd6144 AppArmor: Allow apparmor to handle unaligned dfa tables
ccb66a3c6c8f apparmor: fix NULL sock in aa_sock_file_perm
fea017a7f6ab apparmor: fix NULL pointer dereference in __unix_needs_revalidation
d80311e398eb net/mlx5e: Use unsigned for mlx5e_get_max_num_channels
4329514c61ab net/mlx5e: Fix deadlocks between devlink and netdev instance locks
54522509cb9a net/mlx5: Fix misidentification of write combining CQE during poll loop
b13e896fc47e net/mlx5: Fix multiport device check over light SFs
fef13c403be3 bonding: alb: fix UAF in rlb_arp_recv during bond up/down
02baf80d1e33 bnge: fix reserving resources from FW
f5a1f13c9e0f eth: fbnic: Advertise supported XDP features.
72726d22786b octeontx2-af: Fix default entries mcam entry action
9be9100774b5 ipv6: icmp: remove obsolete code in icmpv6_xrlim_allow()
66036be40f7f inet: move icmp_global_{credit,stamp} to a separate cache line
2c7384dbfd6a icmp: prevent possible overflow in icmp_global_allow()
d7eaa006c044 eth: fbnic: Add validation for MTU changes
d34f7a8aa9a2 macvlan: observe an RCU grace period in macvlan_common_newlink() error path
2a06576b611e selftests: tc_actions: don't dump 2MB of \0 to stdout
d96b0d661ef0 ping: annotate data-races in ping_lookup()
4e34deebfb88 net: psp: select CONFIG_SKB_EXTENSIONS
5c939ebbd72f bpftool: Fix truncated netlink dumps
71b5fc8e8e17 ipv6: fix a race in ip6_sock_set_v6only()
dbd0af8083dd netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
50422613185d net: remove WARN_ON_ONCE when accessing forward path array
bae53b3baf2f ipvs: do not keep dest_dst if dev is going down
9a6b2ba7367f netfilter: nf_conntrack_h323: don't pass uninitialised l3num value
96815220626b selftests: forwarding: vxlan_bridge_1d_ipv6: fix test failure with br_netfilter enabled
a6187e1d47f3 selftests: forwarding: vxlan_bridge_1d: fix test failure with br_netfilter enabled
fae260fc84e1 net: bridge: mcast: always update mdb_n_entries for vlan contexts
024355273593 net/rds: rds_sendmsg should not discard payload_len
654780dee9ea xen-netback: reject zero-queue configuration from guest
36c28b028efb net: usb: catc: enable basic endpoint checking
f998b2c4bec4 ovpn: tcp - don't deref NULL sk_socket member after tcp_close()
c55ba7501f97 eth: fbnic: set DMA_HINT_L4 for all flows
aa090d2346de eth: fbnic: increase FBNIC_HDR_BYTES_MIN from 128 to 256 bytes
9f441ef91452 eth: fbnic: set FBNIC_QUEUE_RDE_CTL0_EN_HDR_SPLIT on RDE_CTL0
9f9600daaa49 eth: fbnic: Configure RDE settings for pause frame
ca2a44b31c4d bpf: Add a map/btf from a fd array more consistently
eac65c272f3b bpf: Fix a potential use-after-free of BTF object
068708543a85 libbpf: Fix invalid write loop logic in bpf_linker__add_buf()
223cfef4812b fbnic: close fw_log race between users and teardown
37954733984f net: sparx5/lan969x: fix PTP clock max_adj value
03b5051e02f5 ipv6: Fix out-of-bound access in fib6_add_rt2node().
d1410317337c selftests: netconsole: Increase port listening timeout
a0070e9635fd selftests: netconsole: remove log noise due to socat exit
51c32ae7fae1 net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()
2a90d6b83700 net: mscc: ocelot: split xmit into FDMA and register injection paths
6eb26695a4b2 net: mscc: ocelot: extract ocelot_xmit_timestamp() helper
fa79b29cc926 net: sparx5/lan969x: fix DWRR cost max to match hardware register width
b1f23df09e7d net: stmmac: fix oops when split header is enabled
9e9f1263e210 net: stmmac: replace has_xxxx with core_type
ee231568d57d net: stmmac: remove broken PCS code
87b7321ddc7d selftests: net: lib: Fix jq parsing error
dfd9571c31ef selftests: mlxsw: tc_restrictions: Fix test failure with new iproute2
f4edf0c7d216 ovpn: fix VPN TX bytes counting
3e4fbcb4e078 ovpn: fix possible use-after-free in ovpn_net_xmit
6f076ba274e2 ovpn: set sk_user_data before overriding callbacks
63ae78336f40 cpuidle: Skip governor when only one idle state is available
b800728a8aef ACPI: PM: Add unused power resource quirk for THUNDEROBOT ZERO
43fcc84cd971 objpool: fix the overestimation of object pooling metadata size
f6bc23794fa0 selftests/memfd: use IPC semaphore instead of SIGSTOP/SIGCONT
f056c340b739 kbuild: Add objtool to top-level clean target
ba16fb47e897 powercap: intel_rapl_tpmi: Remove FW_BUG from invalid version check
02978747e907 ACPI: CPPC: Fix remaining for_each_possible_cpu() to use online CPUs
78942172d5bf fs/ntfs3: Fix slab-out-of-bounds read in DeleteIndexEntryRoot
4bf3bafb8e06 fs/ntfs3: prevent infinite loops caused by the next valid being the same
5a30cc03bde1 fs/ntfs3: Initialize new folios before use
5e573e778364 io_uring/cancel: de-unionize file and user_data in struct io_cancel_data
a9d157a9bd38 io_uring: delay sqarray static branch disablement
c76647799272 drbd: always set BLK_FEAT_STABLE_WRITES
bda244871179 dmaengine: fsl-edma: don't explicitly disable clocks in .remove()
0832e88bc69f backlight: qcom-wled: Change PM8950 WLED configurations
54540e574092 backlight: qcom-wled: Support ovp values for PMI8994
784936cad37b leds: qcom-lpg: Check the return value of regmap_bulk_write()
4f45047e3bf0 leds: expresswire: Fix chip state breakage
3c7d637bfc3d pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree
e2e367e56bac pinctrl: single: fix refcount leak in pcs_add_gpio_func()
fc356d8c3042 pinctrl: meson: amlogic-a4: Fix device node reference leak in bank helpers
a851ed0ff901 pinctrl: qcom: sm8250-lpass-lpi: Fix i2s2_data_groups definition
7446125afb6d pidfs: return -EREMOTE when PIDFD_GET_INFO is called on another ns
21aff1255d72 mips: LOONGSON32: drop a dangling Kconfig symbol
517d9f2b9630 iio: sca3000: Fix a resource leak in sca3000_probe()
8ae999c410e2 ovl: Fix uninit-value in ovl_fill_real
a5f1f8ebc6e2 pinctrl: equilibrium: Fix device node reference leak in pinbank_init()
18a3ebff869c mcb: fix incorrect sanity check
ab08bb8363b4 nvmem: an8855: drop an unused Kconfig symbol
0c930fcadb2f usb: bdc: fix sleep during atomic
9b8c7a25809e drivers: iio: mpu3050: use dev_err_probe for regulator request
bedc5b06493c mfd: simple-mfd-i2c: Add Delta TN48M CPLD support
5a4923726a16 mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
8e7d8aca8811 Revert "mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms"
38a07194bbcd coresight: tmc-etr: Fix race condition between sysfs and perf mode
dd8b9ba3d970 phy: freescale: imx8qm-hsio: fix NULL pointer dereference
1bec5f283dd5 coresight: etm3x: Fix cpulocked warning on cpuhp
8665e18a707c watchdog: starfive-wdt: Fix PM reference leak in probe error path
a75046f2efad iio: pressure: mprls0025pa: fix pressure calculation
b61512ff73d2 iio: pressure: mprls0025pa: fix scan_type struct
0beeade4823b iio: pressure: mprls0025pa: fix interrupt flag
285af88d5da1 iio: pressure: mprls0025pa: fix SPI CS delay violation
664ffdf34c01 iio: pressure: mprls0025pa: fix spi_transfer struct initialisation
37fb15537cc0 mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms
9c97fcfb7a62 gpib: Fix memory leak in ni_usb_init()
b30ba62cafd8 gpib: Fix error code in ni_usb_write_registers()
5ca0f7b37183 gpib: Fix error code in ibonline()
12679ed78c09 serial: SH_SCI: improve "DMA support" prompt
3f8b835a6334 serial: imx: change SERIAL_IMX_CONSOLE to bool
06162d85f830 staging: greybus: lights: avoid NULL deref
c7f7b55ce2ad usb: typec: ucsi: drop an unused Kconfig symbol
b244fbf3ff82 iio: test: drop dangling symbol in gain-time-scale helpers
ac00f8a0cb15 soundwire: intel_ace2x: add SND_HDA_CORE dependency
621a8bf292ed char: misc: Use IS_ERR() for filp_open() return value
05ce13d78226 phy: rockchip: samsung-hdptx: Pre-compute HDMI PLL config for 461.10125 MHz output
ccc29a067399 dma: dma-axi-dmac: fix HW scatter-gather not looking at the queue
dd1e96fd9f60 dma: dma-axi-dmac: fix SW cyclic transfers
b0ce68420da6 dmaengine: mediatek: uart-apdma: Fix above 4G addressing TX/RX
2f0d9a5d552c interconnect: mediatek: Aggregate bandwidth with saturating add
86e6547ac6c4 interconnect: mediatek: Don't hijack parent device
52e4ac51e3fa clk: zynqmp: pll: Fix zynqmp_clk_divider_determine_rate kerneldoc
d53b019a6003 clk: zynqmp: divider: Fix zynqmp_clk_divider_determine_rate kerneldoc
71e5335fcec0 clk: mediatek: Fix error handling in runtime PM setup
6e5379c3b545 clk: mediatek: Add mfg_eb as parent to mt8196 mfgpll clocks
1debd9ba7eb1 clk: mediatek: Drop __initconst from gates
053490ddace3 clk: zynqmp: divider: convert from divider_round_rate() to divider_determine_rate()
df502559b124 clk: x86: cgu: convert from divider_round_rate() to divider_determine_rate()
ccab4798a64f clk: versaclock3: convert from divider_round_rate() to divider_determine_rate()
c632744ff0af clk: stm32: stm32-core: convert from divider_round_rate_parent() to divider_determine_rate()
29781f258a9f clk: stm32: stm32-core: convert from divider_ro_round_rate() to divider_ro_determine_rate()
141fd6e37278 clk: sprd: div: convert from divider_round_rate() to divider_determine_rate()
aab174973251 clk: sophgo: sg2042-clkgen: convert from divider_round_rate() to divider_determine_rate()
73fbacf47588 clk: nxp: lpc32xx: convert from divider_round_rate() to divider_determine_rate()
7f487ccf58b0 clk: nuvoton: ma35d1-divider: convert from divider_round_rate() to divider_determine_rate()
199625f9734f clk: milbeaut: convert from divider_round_rate() to divider_determine_rate()
c05f9dfa6959 clk: loongson1: convert from divider_round_rate() to divider_determine_rate()
0a5c1dff5115 clk: hisilicon: clkdivider-hi6220: convert from divider_round_rate() to divider_determine_rate()
aa1ed67e5842 clk: bm1880: convert from divider_round_rate() to divider_determine_rate()
d4274c2df180 clk: actions: owl-divider: convert from divider_round_rate() to divider_determine_rate()
bfcc7cc9c36c clk: actions: owl-composite: convert from owl_divider_helper_round_rate() to divider_determine_rate()
aed53da569fb clk: qcom: gfx3d: add parent to parent request map
e5001c92fc86 clk: qcom: dispcc-sm7150: Fix dispcc_mdss_pclk1_clk_src
aeb606d885ef clk: qcom: dispcc-sdm845: Enable parents for pixel clocks
2a01a346d20e clk: qcom: regmap-divider: convert from divider_round_rate() to divider_determine_rate()
22d691c02ad5 clk: qcom: regmap-divider: convert from divider_ro_round_rate() to divider_ro_determine_rate()
cdab39223d57 clk: Move clk_{save,restore}_context() to COMMON_CLK section
4fdbb1e3ffa3 Input: adp5589 - remove a leftover header file
8ed504f525f1 clk: microchip: core: remove duplicate determine_rate on pic32_sclk_ops
0533f1cdb382 clk: rockchip: Fix error pointer check after rockchip_clk_register_gate_link()
0b45cddb7385 clk: qcom: alpha-pll: convert from divider_round_rate() to divider_determine_rate()
87fa98532b45 clk: qcom: gcc-ipq5018: flag sleep clock as critical
b88e84b154b9 clk: qcom: gcc-msm8917: Remove ALWAYS_ON flag from cpp_gdsc
9dbd33356e3d clk: qcom: gcc-msm8953: Remove ALWAYS_ON flag from cpp_gdsc
a9d771adb49a clk: qcom: gcc-glymur: Update the SDCC RCGs to use shared_floor_ops
8d7df9126dad clk: qcom: gcc-qdu1000: Update the SDCC RCGs to use shared_floor_ops
357bdc307c5a clk: qcom: gcc-x1e80100: Update the SDCC RCGs to use shared_floor_ops
16a21335eff9 clk: qcom: gcc-milos: Update the SDCC RCGs to use shared_floor_ops
76d5437ca4d0 clk: qcom: gcc-sdx75: Update the SDCC RCGs to use shared_floor_ops
37babf26bfb5 clk: qcom: gcc-sm4450: Update the SDCC RCGs to use shared_floor_ops
7873e2a407a0 clk: qcom: gcc-sm8750: Update the SDCC RCGs to use shared_floor_ops
527508eb5712 clk: qcom: gcc-sm8450: Update the SDCC RCGs to use shared_floor_ops
1bc262014a14 clk: meson: g12a: Limit the HDMI PLL OD to /4
e82d721b05e0 clk: meson: gxbb: Limit the HDMI PLL OD to /4 on GXL/GXM SoCs
f7b0686119fd clk: qcom: rcg2: compute 2d using duty fraction directly
aa14e7603835 clk: qcom: gcc-sm8650: Use floor ops for SDCC RCGs
b714c1d0bb43 clk: qcom: gcc-sm8550: Use floor ops for SDCC RCGs
e9ed7237b824 clk: spacemit: Respect Kconfig setting when building modules
19eb98a970c9 clk: thead: th1520-ap: Poll for PLL lock and wait for stability
3d4202ee6494 fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()
e76a2f1d40ea fbdev: of_display_timing: Fix device node reference leak in of_get_display_timings()
2cafad617431 Revert "mailbox/pcc: support mailbox management of the shared buffer"
9a10843740d7 remoteproc: imx_dsp_rproc: Only reset carveout memory at RPROC_OFFLINE state
ca8f2551772d tracing: Remove duplicate ENABLE_EVENT_STR and DISABLE_EVENT_STR macros
335dfe4bc636 tracing: Properly process error handling in event_hist_trigger_parse()
47d3fed63866 fs/nfs: Fix readdir slow-start regression
e568088337e5 nvdimm: virtio_pmem: serialize flush requests
25ab5e97d3c5 scsi: csiostor: Fix dereference of null pointer rn
77794465365b scsi: ufs: host: mediatek: Require CONFIG_PM
e5579ebaadc7 scsi: smartpqi: Fix memory leak in pqi_report_phys_luns()
48cb99e74561 pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN
7bc44485182c RDMA/uverbs: Add __GFP_NOWARN to ib_uverbs_unmarshall_recv() kmalloc
f354f16e9698 power: supply: qcom_battmgr: Recognize "LiP" as lithium-polymer
47abfc207ab0 power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler
ac092258d0d6 hisi_acc_vfio_pci: fix VF reset timeout issue
980aa1f8d0dd mtd: spinand: Fix kernel doc
39b74ec0869f mtd: parsers: ofpart: fix OF node refcount leak in parse_fixed_partitions()
eacca1412587 cxl: Fix premature commit_end increment on decoder commit failure
cc66fc9b5cf7 RDMA/core: add rdma_rw_max_sge() helper for SQ sizing
5ae9da022ee3 RDMA/rxe: Fix race condition in QP timer handlers
b2bc649c18fb RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler
bf4454da8b1e RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send
409c2c5508f3 RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE
02f720109fed cxl/core: Fix cxl_dport debugfs EINJ entries
055cd68b8ebb NFS/localio: remove -EAGAIN handling in nfs_local_doio()
1d6933f32b29 NFS/localio: use GFP_NOIO and non-memreclaim workqueue in nfs_local_commit
ae26a4cf2baf NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages
c627769730e9 NFS/localio: Handle short writes by retrying
ec121ad626c3 mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse()
eb0e8003d9a0 crypto: ccp - Send PSP_CMD_TEE_RING_DESTROY when PSP_CMD_TEE_RING_INIT fails
eb5263f3f8e4 crypto: ccp - Factor out ring destroy handling to a helper
10eef0f93238 crypto: ccp - Add an S4 restore flow
b3010ff068fa crypto: ccp - Declare PSP dead if PSP_CMD_TEE_RING_INIT fails
7c28e2789697 platform/x86/amd/pmf: Prevent TEE errors after hibernate
8269e0ee89bd vfio/pci: Lock upstream bridge for vfio_pci_core_disable()
721bd22bcf45 mtd: intel-dg: Fix accessing regions before setting nregions
4d02e3870c88 mtd: rawnand: cadence: Fix return type of CDMA send-and-wait helper
9b0927c9b91b IB/mlx5: Fix port speed query for representors
6d838873da9c RDMA/mlx5: Fix UMR hang in LAG error state unload
71b23ada25b3 tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus()
d9aefb386fdc platform/x86: hp-wmi: fix platform profile values for Omen 16-wf1xxx
eb715133e0ae RDMA/iwcm: Fix workqueue list corruption by removing work_list
5c07aef09a12 RDMA/rxe: Fix double free in rxe_srq_from_init
33e396029002 RDMA/rtrs-srv: fix SG mapping
c0def811ad8d power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed()
64327c46f255 power: supply: bq27xxx: fix wrong errno when bus ops are unsupported
a465a1499222 power: reset: nvmem-reboot-mode: respect cell size for nvmem_cell_write
861dda7a9074 power: supply: sbs-battery: Fix use-after-free in power_supply_changed()
64e15155095f power: supply: rt9455: Fix use-after-free in power_supply_changed()
08e674e9862a power: supply: pm8916_lbc: Fix use-after-free in power_supply_changed()
a8b7117ae3a7 power: supply: pm8916_bms_vm: Fix use-after-free in power_supply_changed()
8c89aade8335 power: supply: goldfish: Fix use-after-free in power_supply_changed()
2841bbb5a35c power: supply: cpcap-battery: Fix use-after-free in power_supply_changed()
03d1e4ee4e6a power: supply: bq25980: Fix use-after-free in power_supply_changed()
4b6fb0b6124f power: supply: bq256xx: Fix use-after-free in power_supply_changed()
f27eb76def5c power: supply: act8945a: Fix use-after-free in power_supply_changed()
709db4b476e2 power: supply: ab8500: Fix use-after-free in power_supply_changed()
9b82bdb9e7c9 cxl/mem: Fix devm_cxl_memdev_edac_release() confusion
51c89a5247bf RDMA/mlx5: Fix ucaps init error flow
8bf968d68ea6 RDMA/hns: Notify ULP of remaining soft-WCs during reset
4994b9be17ff RDMA/hns: Fix RoCEv1 failure due to DSCP
0cbec8b49270 RDMA/hns: Fix WQ_MEM_RECLAIM warning
38e2c5ad6f11 IB/cache: update gid cache on client reregister event
d273d9cedd78 RDMA/rtrs: server: remove dead code
365996a2b14d af_unix: Fix memleak of newsk in unix_stream_connect().
08b10c468962 octeontx2-pf: Unregister devlink on probe failure
8abc12ce2573 net: renesas: rswitch: fix forwarding offload statemachine
1d4f8092bd78 ionic: Rate limit unknown xcvr type messages
a16bea45d758 octeon_ep_vf: ensure dbell BADDR updation
13a61502c1c8 octeon_ep: ensure dbell BADDR updation
1b8e3c8b7443 octeon_ep: disable per ring interrupts
c8c197aaa56b serial: caif: fix use-after-free in caif_serial ldisc_close()
1c9ef28f643c xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path
d8c851cd3245 net: sunhme: Fix sbus regression
69d3f9ee5489 net: atm: fix crash due to unvalidated vcc pointer in sigd_send()
03462247e3b6 smb: client: correct value for smbd_max_fragmented_recv_size
4f9ae386861e procfs: fix missing RCU protection when reading real_parent in do_task_stat()
fdbccddb7e78 net: hns3: fix double free issue for tx spare buffer
9a4d6c37cb12 dpll: zl3073x: Fix output pin phase adjustment sign
072cec234a87 dpll: zl3073x: Cache all output properties in zl3073x_out
9116bb0e0c9f dpll: zl3073x: Split ref, out, and synth logic from core
84b8990f5771 dpll: zl3073x: Store raw register values instead of parsed state
40bcd1fa0e23 dpll: zl3073x: Specify phase adjustment granularity for pins
f399e8af187a dpll: add phase-adjust-gran pin attribute
782368c13f5a PCI: Add ACS quirk for Pericom PI7C9X2G404 switches [12d8:b404]
12b1681793e9 netfilter: nft_set_rbtree: validate open interval overlap
90cbb8561aee netfilter: nft_set_rbtree: validate element belonging to interval
3c40cc71cec7 netfilter: nft_set_rbtree: don't gc elements on insert
89a3f393ab0d netfilter: nft_set_rbtree: remove seqcount_rwlock_t
e4ea5be0b35f netfilter: nft_set_rbtree: use binary search array in get command
36ed9b6e3961 netfilter: nft_set_rbtree: translate rbtree to array for binary search
dad14d22dff1 netfilter: nft_set_rbtree: check for partial overlaps in anonymous sets
40a7afde2f53 netfilter: nft_set_rbtree: fix bogus EEXIST with NLM_F_CREATE with null interval
735ad034f1dc netfilter: nft_counter: fix reset of counters on 32bit archs
6f2d238faff0 netfilter: nft_set_hash: fix get operation on big endian
23901aa6b8a2 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation
870e3e63da8e netfilter: nfnetlink_queue: optimize verdict lookup with hash table
276820278e97 nfc: hci: shdlc: Stop timers and work before freeing context
531c1aec81bf inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
67b75bb0ec55 bonding: only set speed/duplex to unknown, if getting speed failed
9c3398e5b3a9 octeontx2-af: Fix PF driver crash with kexec kernel booting
1fff00261c78 mptcp: fix receive space timestamp initialization
fb7bf00b04a6 mptcp: do not account for OoO in mptcp_rcvbuf_grow()
10a66a44e369 of: unittest: fix possible null-pointer dereferences in of_unittest_property_copy()
b8856aba0fb0 tcp: accecn: handle unexpected AccECN negotiation feedback
2ff45b29f37e tcp: disable RFC3168 fallback identifier for CC modules
69484fd350be tcp: ECT_1_NEGOTIATION and NEEDS_ACCECN identifiers
817780cb3f55 jfs: avoid -Wtautological-constant-out-of-range-compare warning
b4374b0bed10 ucount: check for CAP_SYS_RESOURCE using ns_capable_noaudit()
8fd58e0a0f04 ipc: don't audit capability check in ipc_permissions()
f5efb397c8f9 selftests/mm: fix usage of FORCE_READ() in cow tests
4a0d8d372915 PCI/ACPI: Restrict program_hpx_type2() to AER bits
dbe723b480e4 PCI: Initialize RCB from pci_configure_device()
da289440f04c wifi: ath12k: clear stale link mapping of ahvif->links_map
474e93f4a5aa wifi: ath12k: Fix index decrement when array_len is zero
0e0ca8dbfef9 wifi: ath11k: add usecase firmware handling based on device compatible
134bd7f7e42f wifi: ath10k: sdio: add missing lock protection in ath10k_sdio_fw_crashed_dump()
8fb1dc296378 PCI: Check parent for NULL in of_pci_bus_release_domain_nr()
adc2deacdd81 tcp: tcp_tx_timestamp() must look at the rtx queue
2a9370693b1c PCI: Remove old_size limit from bridge window sizing
b855d9948621 PCI: Stop over-estimating bridge window size
d5de3e34dcb5 PCI: Rewrite bridge window head alignment function
17866f8a0822 fat: avoid parent link count underflow in rmdir
a77e945c528f rust: task: restrict Task::group_leader() to current
bd1d06eaad53 lib/kstrtox: fix kstrtobool() docstring to mention enabled/disabled
d75ec4504a43 nfsd: never defer requests during idmap lookup
b29094276ab2 xdrgen: Remove inclusion of nlm4.h header
b633683dc0d4 xdrgen: Initialize data pointer for zero-length items
59d23891cdba NFS: NFSERR_INVAL is not defined by NFSv2
59409c5958b2 xdrgen: Fix struct prefix for typedef types in program wrappers
1bd726fa8f5c dm: use bio_clone_blkg_association
d2138abc8f0a iommu/vt-d: Clear Present bit before tearing down context entry
821807c167b7 iommu/vt-d: Clear Present bit before tearing down PASID entry
36244dfd3853 iommu/vt-d: Flush cache for PASID table before using it
53336a811485 wifi: rtw89: debug: Fix memory leak in __print_txpwr_map()
e53224783442 PCI: Mark 3ware-9650SA Root Port Extended Tags as broken
feef0143ec5e kallsyms/ftrace: set module buildid in ftrace_mod_address_lookup()
7f4827b24750 module: add helper function for reading module_buildid()
34de49d09775 kallsyms/bpf: rename __bpf_address_lookup() to bpf_address_lookup()
536ffc371b52 netfilter: nf_conncount: fix tracking of connections from localhost
a0cdcacc0d41 netfilter: nft_compat: add more restrictions on netlink attributes
6e5fa7add3e7 netfilter: nf_conncount: increase the connection clean up limit to 64
ab455baa7420 netfilter: nf_conncount: make nf_conncount_gc_list() to disable BH
0d7ccd3d16ad netfilter: nf_tables: reset table validation state on abort
f1f9aea37297 ext4: fast commit: make s_fc_lock reclaim-safe
59f10fa502ee wifi: cfg80211: stop NAN and P2P in cfg80211_leave
6ff2ebfef75f mctp i2c: initialise event handler read bytes
c1116859a7f4 net: mctp-i2c: fix duplicate reception of old data
02bb1500f147 quota: fix livelock between quotactl and freeze_super
7379837c3f9e wifi: ath12k: do WoW offloads only on primary link
5a0b892ac90d wifi: ath9k: add OF dependency to AHB
a44220e4eba3 PCI/P2PDMA: Reset page reference count when page mapping fails
5b1f6531d4a1 PCI/PTM: Fix pcie_ptm_create_debugfs() memory leak
aeddfb00bb83 dm: use READ_ONCE in dm_blk_report_zones
7a3385e97af2 dm: fix unlocked test for dm_suspended_md
5d0a2a2ce94b PCI/portdrv: Fix potential resource leak
1af76378577e PCI: sophgo: Disable L0s and L1 on Sophgo 2044 PCIe Root Ports
ef42c53b7a28 PCI: Do not attempt to set ExtTag for VFs
1938bf90c1dd Documentation: tracing: Add PCI tracepoint documentation
eb9aa9f80104 PCI/P2PDMA: Fix p2pmem_alloc_mmap() warning condition
e19cce88ec4c PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails
2108e783a7cf wifi: cfg80211: Fix use_for flag update on BSS refresh
d072c2c82322 PCI/PM: Avoid redundant delays on D3hot->D3cold
ed0ef3d0c92d Documentation: PCI: endpoint: Fix ntb/vntb copy & paste errors
004288f3b24e PCI: xilinx: Fix INTx IRQ domain leak in error paths
4e8e7080b557 PCI: mediatek: Fix IRQ domain leak when MSI allocation fails
d1878562a41f hwmon: (pmbus/mpq8785) fix VOUT_MODE mismatch during identification
14a38784e09a Revert "hwmon: (ibmpex) fix use-after-free in high/low store"
98c6a053b6d3 spi: tools: Add include folder to .gitignore
81190b2e9d04 ASoC: SDCA: Handle volatile controls correctly
97b513d04e11 ASoC: SDCA: Force some SDCA Controls to be volatile
32606d55ffc1 ASoC: SDCA: Remove outdated todo comment
59be162822e5 accel/amdxdna: Fix incorrect error code returned for failed chain command
feb4bcfd4052 HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients
5a68d2c99c85 accel/amdxdna: Fix memory leak in amdxdna_ubuf_map
b79d31dce49b accel/amdxdna: Stop job scheduling across aie2_release_resource()
f6b4c1d98a7b accel/amdxdna: Hold mm structure across iommu_sva_unbind_device()
e6ff5e9e3900 platform/chrome: cros_ec_lightbar: Fix response size initialization
52b71d025397 ASoC: tegra: Add AHUB writeable_reg for RX holes
a3ce2b030809 mm/slab: fix false lockdep warning in __kfree_rcu_sheaf()
aa27ad4e20e0 drm/xe: Unregister drm device on probe error
c287399b66c0 drm/xe/ptl: Disable DCC on PTL
ede7b0f33c5a evm: Use ordered xattrs list to calculate HMAC in evm_init_hmac()
5332491be2ca media: uvcvideo: Fix allocation for small frame sizes
16dd68310f50 pwm: tiehrpwm: Enable pwmchip's parent device before setting configuration
39c24b19a611 platform/chrome: cros_typec_switch: Don't touch struct fwnode_handle::dev
b7e2bd20e7c8 drm/msm/dp: Avoid division by zero in msm_dp_ctrl_config_msa()
e60e16d406b2 drm/msm/dpu: program correct register for UBWC config on DPU 8.x+
d791b31e7da1 drm/msm/dpu: offset HBB values written to DPU by -13
b573177b314e drm/msm/mdss: correct HBB programmed on UBWC 5.x and 6.x devices
7672af88d307 drm/rockchip: dw_hdmi_qp: Fix RK3576 HPD interrupt handling
fb328aa95c34 drm/hisilicon/hibmc: Adding reset colorbar cfg in dp init.
0922d282f7d3 drm/hisilicon/hibmc: fix no showing problem with loading hibmc manually
84359ed3c53f drm/hisilicon/hibmc: add dp mode valid check
bc950899ef11 drm/hisilicon/hibmc: fix dp probabilistical detect errors after HPD irq
840581b30cde drm/buddy: release free_trees array on buddy mm teardown
f83b92c57686 drm/msm/a2xx: fix pixel shader start on A225
21cf7527de1d media: ccs: Accommodate C-PHY into the calculation
5fab6e1405e1 accel/amdxdna: Fix notifier_wq flushing warning
c0727bcbf09b drm/msm/dsi_phy_14nm: convert from divider_round_rate() to divider_determine_rate()
2b46bb9f88cd drm/msm/dpu: fix CMD panels on DPU 1.x - 3.x
2f803e86ba4f drm/msm/disp: set num_planes to 1 for interleaved YUV formats
35301ca2a83d HID: playstation: Add missing check for input_ff_create_memless
b6a83ad13d25 regulator: core: move supply check earlier in set_machine_constraints()
a6b7308f35cd mei: late_bind: fix struct intel_lb_component_ops kernel-doc
4ef745e4d0d6 drm/msm/dp: Update msm_dp_controller IDs for sa8775p
acfd1dce074f drm/msm/dpu: fix WD timer handling on DPU 8.x
822d9b24de40 drm/msm/dpu: Set vsync source irrespective of mdp top support
dc567a611b16 drm/msm/disp/dpu: add merge3d support for sc7280
8db8fadf1364 drm/amdgpu: Use explicit VCN instance 0 in SR-IOV init
30c6faf91705 drm/amdkfd: Fix signal_eviction_fence() bool return value
083351c6886e drm/amd: Drop "amdgpu kernel modesetting enabled" message
1de71556cbd6 media: chips-media: wave5: Fix memory leak on codec_info allocation failure
77dc0140ea59 ASoC: nau8821: Fixup nau8821_enable_jack_detect()
5a247a84de0b smack: /smack/doi: accept previously used values
cb59ae561995 smack: /smack/doi must be > 0
da3be3289ecf drm/panthor: Evict groups before VM termination
956cc8a74f41 ASoC: SDCA: Allow sample width wild cards in set_usage()
fa3b263c4de3 ALSA: vmaster: Relax __free() variable declarations
ed9acd01e907 ALSA: pcm: Relax __free() variable declarations
082aba8e3aab drm/panel: sw43408: Remove manual invocation of unprepare at remove
5b295f013393 accel/amdxdna: Fix race where send ring appears full due to delayed head update
0b0d8ed13d29 drm/panthor: Fix panthor_gpu_coherency_set()
d8d97352bf5d workqueue: Process rescuer work items one-by-one using a cursor
5ec7110f5ed4 workqueue: Only assign rescuer work when really needed
932c36b81325 workqueue: Factor out assign_rescuer_work()
8c66adcae91b drm/panthor: Make sure we resume the tick when new jobs are submitted
d2f485242e31 drm/panthor: Fix the logic that decides when to stop ticking
ef100b8e257b drm/panthor: Fix immediate ticking on a disabled tick
73f2614637f6 drm/panthor: Fix the group priority rotation logic
693a04f41a54 drm/panthor: Fix the full_tick check
57753f2c64c0 drm/panthor: Recover from panthor_gpu_flush_caches() failures
da9c1afd9991 reset: canaan: k230: drop OF dependency and enable by default
3c0dd95dd520 arm64: dts: qcom: sm6115: Add CX_MEM/DBGC GPU regions
58c0b917fdca arm64: dts: qcom: agatti: Add CX_MEM/DBGC GPU regions
222e45e64bbc arm64: dts: qcom: talos: Drop opp-shared from QUP OPP table
37082c9b418d arm64: dts: qcom: x1e: bus is 40-bits (fix 64GB models)
06557d72ea40 arm64: dts: qcom: sdm845-db845c: specify power for WiFi CH1
39974be66f81 arm64: dts: qcom: sdm845-db845c: drop CS from SPIO0
2d7ea0516f2b arm64: dts: qcom: qrb4210-rb2: Fix UART3 wakeup IRQ storm
33bc5e10165d arm64: dts: amlogic: g12: assign the MMC A signal clock
844317f9b007 arm64: dts: amlogic: g12: assign the MMC B and C signal clocks
0709a0901956 arm64: dts: amlogic: gx: assign the MMC signal clocks
c9bb634897e3 arm64: dts: amlogic: axg: assign the MMC signal clocks
f6e54c1ea7b8 arm64: dts: amlogic: c3: assign the MMC signal clocks
6cc29c714855 hwspinlock: omap: Handle devm_pm_runtime_enable() errors
eeb84c4f4337 soc: qcom: ubwc: add missing include
6906a9889898 arm64: dts: ti: k3-j784s4-j742s2-main-common.dtsi: Refactor watchdog instances for j784s4
8273989e774a arm64: dts: ti: k3-j784s4-main.dtsi: Move c71_3 node to appropriate order
1f71dfc03471 arm64: dts: amlogic: s4: fix mmc clock assignment
5a5ec520e740 arm64: dts: amlogic: s4: assign mmc b clock to 24MHz
85cf4f7c2cf2 arm64: dts: mediatek: mt8183-jacuzzi-pico6: Fix typo in pinmux node
6666c9d54432 arm: dts: lpc32xx: add clocks property to Motor Control PWM device tree node
bcab50ed6e73 arm64: dts: renesas: rzt2h-n2h-evk-common: Use GPIO for SD0 write protect
6e6561231c6c powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling
0f6498077faa soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()
3eeda22d52ff soc: qcom: cmd-db: Use devm_memremap() to fix memory leak in cmd_db_dev_probe
1b39dbd7761d powerpc/uaccess: Move barrier_nospec() out of allow_read_{from/write}_user()
3ce94bf05945 ARM: dts: allwinner: sun5i-a13-utoo-p66: delete "power-gpios" property
db09ba1f9e70 arm64: dts: qcom: msm8994-octagon: Fix Analog Devices vendor prefix of AD7147
9bbee82bacb9 arm64: dts: renesas: r9a09g047e57-smarc: Remove duplicate SW_LCD_EN
480374c75c67 arm64: dts: qcom: x1e80100: Fix USB combo PHYs SS1 and SS2 ref clocks
02d580c9affa arm64: dts: qcom: sdm845-oneplus: Mark l14a regulator as boot-on
7f4d96e12218 arm64: dts: qcom: sdm845-oneplus: Don't keep panel regulator always on
f5b047a23271 arm64: dts: qcom: sdm845-oneplus: Don't mark ts supply boot-on
75a3a27e4f82 arm64: dts: qcom: sdm630: fix gpu_speed_bin size
97ca54da16f4 clk: qcom: Return correct error code in qcom_cc_probe_by_index()
911a473e29c3 arm64: dts: tqma8mpql-mba8mp-ras314: Fix HDMI CEC pad control settings
5a76398d0e03 arm64: dts: tqma8mpql-mba8mpxl: Fix HDMI CEC pad control settings
9fd645784128 firmware: arm_ffa: Correct 32-bit response handling in NOTIFICATION_INFO_GET
f64f4ec804b3 EDAC/i5400: Fix snprintf() limit calculation in calculate_dimm_size()
3efb54e1201b EDAC/i5000: Fix snprintf() size calculation in calculate_dimm_size()
d32e8339e1fd soc: qcom: smem: handle ENOMEM error during probe
4f73486ca822 pstore/ram: fix buffer overflow in persistent_ram_save_old()
119702b71677 selftests/xsk: fix number of Tx frags in invalid packet
b2b172a98713 selftests/xsk: properly handle batch ending in the middle of a packet
8b1a095541c1 selftests/bpf: test_xsk: Split xskxceiver
dcf416eb88ea hwrng: core - use RCU and work_struct to fix race condition
9095671fa240 hwrng: core - Allow runtime disabling of the HW RNG
4869d0e4e48a crypto: starfive - Fix memory leak in starfive_aes_aead_do_one_req()
7752d3634386 bpf: Require frozen map for calculating map hash
5835a077c6f5 bpf: Limit bpf program signature size
45acb60fe59a fs/tests: exec: drop duplicate bprm_stack_limits test vectors
52aeb1e07ec2 sched/rt: Skip currently executing CPU in rto_next_cpu()
909131ad0a00 sched/deadline: Clear the defer params
83550d231155 media: pci: mg4b: Use IRQF_NO_THREAD
352f1bbbd711 mfd: wm8350-core: Use IRQF_ONESHOT
7b0c5dec6a01 rtc: amlogic-a4: Remove IRQF_ONESHOT
5248f7f5b340 usb: typec: fusb302: Remove IRQF_ONESHOT
66839f7c2bd6 EDAC/altera: Remove IRQF_ONESHOT
909dfc310ee5 scsi: efct: Use IRQF_ONESHOT and default primary handler
f5e5bbf56ecf Bluetooth: btintel_pcie: Use IRQF_ONESHOT and default primary handler
680b652b2d08 iommu/amd: Use core's primary handler and set IRQF_ONESHOT
91b6a550472a platform/x86: int0002: Remove IRQF_ONESHOT from request_irq()
0c1876a36544 genirq: Set IRQF_COND_ONESHOT in devm_request_irq().
d7b87adeb0eb bpf: Fix bpf_xdp_store_bytes proto for read-only arg
d7decb572b55 crypto: caam - fix netdev memory leak in dpaa2_caam_probe
d0bac6618e81 crypto: hisilicon/trng - support tfms sharing the device
94fdeeaeb7ce selftests/bpf: Fix kprobe multi stacktrace_ips test
42a155c738b9 x86/fgraph,bpf: Switch kprobe_multi program stack unwind to hw_regs path
9e10486f7993 x86/fgraph: Fix return_to_handler regs.rsp value
243d642ff580 crypto: inside-secure/eip93 - unregister only available algorithm
9a3ace9b010f crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree
4ecbcfb71a50 bpf: Fix verifier_bug_if to account for BPF_CALL
4e0772cded10 bpf: Fix tcx/netkit detach permissions when prog fd isn't given
4b8d1424b32c bpf, sockmap: Fix FIONREAD for sockmap
f274a4540226 bpf, sockmap: Fix incorrect copied_seq calculation
3ed835f6aa18 rqspinlock: Fix TAS fallback lock entry creation
6abdd33a088d hwrng: airoha - set rng quality to 900
46825599fad1 crypto: ccp - narrow scope of snp_range_list
e6a4b3d22221 crypto: ccp - Fix a case where SNP_SHUTDOWN is missed
7530c3595d1e crypto: inside-secure/eip93 - fix kernel panic in driver detach
1bbb1356f6be hrtimer: Fix trace oddity
c77581cdebad selftests/bpf: Fix resource leak in serial_test_wq on attach failure
fdfe75161f6e bpf: Fix memory access flags in helper prototypes
92a8cb1806ad bpf: Preserve id of register in sync_linked_regs()
33d3290333e8 crypto: hisilicon/sgl - fix inconsistent map/unmap direction issue
740e710a6f27 crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware queue unavailable
9f35acf69801 crypto: hisilicon/hpre - support the hpre algorithm fallback
c990abb136b7 crypto: hisilicon - consolidate qp creation and start in hisi_qm_alloc_qps_node
cc7a36b6ac8f crypto: hisilicon/zip - support fallback for zip
3acd2479c770 crypto: hisilicon/qm - centralize the sending locks of each module into qm
23fcfd8c0d1f crypto: hisilicon/qm - enhance the configuration of req_type in queue attributes
2b8b12e3f869 crypto: hisilicon/hpre: extend tag field to 64 bits for better performance
139e24de706e crypto: hisilicon/sec - move backlog management to qp and store sqe in qp for callback
1f269645bb4c crypto: hisilicon/zip - adjust the way to obtain the req in the callback function
c6eb4991a177 crypto: octeontx - fix dma_free_coherent() size
2bdeabe2b647 crypto: cavium - fix dma_free_coherent() size
9029e8db69fb sched: Fix build for modules using set_tsk_need_resched()
8ed7f3c03d04 time/sched_clock: Use ACCESS_PRIVATE() to evaluate hrtimer::function
9b94124cb9c2 ARM: VDSO: Patch out __vdso_clock_getres() if unavailable
26cbfd67fdb5 sched: Export hidden tracepoints to modules
c3cfe342d120 libbpf: Fix OOB read in btf_dump_get_bitfield_value
c2a90d855bea selftests/bpf: veristat: fix printing order in output_stats()
36abc0b2df60 crypto: qat - fix warning on adf_pfvf_pf_proto.c
1838a7507e13 perf/x86/core: Do not set bit width for unavailable counters
7e4c643aa3b2 x86/cpu/amd: Correct the microcode table for Zenbleed
445d35742d86 io_uring/kbuf: fix memory leak if io_buffer_add_list fails
6715560527e3 s390/cio: Fix device lifecycle handling in css_alloc_subchannel()
af5b0854fba0 PM: sleep: wakeirq: harden dev_pm_clear_wake_irq() against races
630f3eca3962 cpufreq: intel_pstate: Enable asym capacity only when CPU SMT is not possible
5cbf75e0f07f perf: arm_spe: Properly set hw.state on failures
c787a235deb3 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()
1141301a7195 PM: wakeup: Handle empty list in wakeup_sources_walk_start()
80d58a8915d7 md: fix return value of mddev_trylock
ec10e3dc9399 md/raid1: fix memory leak in raid1_run()
02455f658db8 Partial revert "x86/xen: fix balloon target initialization for PVH dom0"
f75a5555e004 ublk: Validate SQE128 flag before accessing the cmd
9b03dda1453e ublk: restore auto buf unregister refcount optimization
8344d5da9df7 thermal/of: Fix reference leak in thermal_of_cm_lookup()
769a8a732e82 iomap: fix submission side handling of completion side errors
67bbf2527c1d cpufreq: scmi: Fix device_node reference leak in scmi_cpu_domain_id()
27feb209c2d7 OPP: Return correct value in dev_pm_opp_get_level
095417d6b669 md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout
870b9f15867b md/raid5: fix IO hang with degraded array with llbitmap
5bf494167291 md/raid10: fix any_working flag handling in raid10_sync_request
32c046a506ea md/raid5: fix raid5_run() to return error when log_init() fails
649ddf7e5aa6 thermal: intel: x86_pkg_temp_thermal: Handle invalid temperature
9d589661f21f cpuidle: governors: menu: Always check timers with tick stopped
d733106e7c65 io_uring/sync: validate passed in offset
1d126db2f263 io_uring/eventfd: remove unused ctx->evfd_last_cq_tail member
b24595b86920 ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch()
c1c266e2c1f1 io_uring: use release-acquire ordering for IORING_SETUP_R_DISABLED
cb45bcc97093 xen/virtio: Don't use grant-dma-ops when running as Dom0
68f38f648e4b ACPI: processor: Update cpuidle driver check in __acpi_processor_start()
7cce69596cec rnbd-srv: Fix server side setting of bi_size for special IOs
cbdb9f3adf54 netfs: avoid double increment of retry_count in subreq
e66dcf7bb9c4 smb: client: fix potential UAF and double free in smb2_open_file()
5de1aa0bf3a5 erofs: fix inline data read failure for ztailpacking pclusters
7d4eadee7042 btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation
80e1fda9c084 btrfs: fix block_group_tree dirty_list corruption
00ea0370ba7b btrfs: qgroup: return correct error when deleting qgroup relation item
f957ddc4d8eb btrfs: zoned: don't zone append to conventional zone
9643b3baa46b btrfs: introduce btrfs_bio::async_csum
0981c6b984a1 btrfs: make sure all btrfs_bio::end_io are called in task context
4663160aa2d8 btrfs: remove btrfs_bio::fs_info by extracting it from btrfs_bio::inode
8f7f0e172868 btrfs: headers cleanup to remove unnecessary local includes
e49abde0ffc3 erofs: handle end of filesystem properly for file-backed mounts
728ba4346177 erofs: get rid of raw bi_end_io() usage
ec15eb67fe9d tpm: st33zp24: Fix missing cleanup on get_burstcount() error
1a22048c1117 tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure
8e71414e252c i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()
53f4761ab032 i3c: dw: Initialize spinlock to avoid upsetting lockdep
6d76febba07c gfs2: Fix use-after-free in iomap inline data write path
1d47922b9804 gfs2: Fix slab-use-after-free in qd_put
5480341dc884 gfs2: Retries missing in gfs2_{rename,exchange}
7378340f2e22 i3c: master: Update hot-join flag only on success
5c328675d2a8 fs: add <linux/init_task.h> for 'init_fs'
44e9f5aedfb4 fs: move initializing f_mode before file_ref_init()
c2ed725668f2 device_cgroup: remove branch hint after code refactor
49c201c09b47 i3c: Move device name assignment after i3c_bus_init
d0200c70e317 selftests/resctrl: Fix a division by zero error on Hygon
28397957c75b audit: move the compat_xxx_class[] extern declarations to audit_arch.h
4a4a6e12c9c8 rcu: Fix rcu_read_unlock() deadloop due to softirq
2e6ff6a6fc69 hfsplus: return error when node already exists in hfs_bnode_create
91f08ec6a97b auxdisplay: arm-charlcd: fix release_mem_region() size
205955f29c26 RDMA/umad: Reject negative data_len in ib_umad_write
714c99e1dc8f RDMA/siw: Fix potential NULL pointer dereference in header processing
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9f892aaa55
---------------------------
linux-yocto/6.18: genericarm64: fix configuration audit warning
Integrating the following commit(s) to linux-yocto/.:
1/1 [
Author: Bruce Ashfield
Email: bruce.ashfield@gmail.com
Subject: genericarm64: drop CONFIG_PINCTRL_SM8350_LPASS_LPI
Date: Tue, 3 Mar 2026 11:48:55 -0500
It has been removed upstream:
commit 112d4978099700bcf5e3a4a7e571cf672188f3bc
Author: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Date: Thu Jan 8 11:07:22 2026 +0100
pinctrl: qcom: sm8350-lpass-lpi: Merge with SC7280 to fix I2S2 and SWR TX pins
commit 1fbe3abb449c5ef2178e1c3e3e8b9a43a7a410ac upstream.
Qualcomm SC7280 and SM8350 SoCs have slightly different LPASS audio
blocks (v9.4.5 and v9.2), however the LPASS LPI pin controllers are
exactly the same. The driver for SM8350 has two issues, which can be
fixed by simply moving over to SC7280 driver which has them correct:
1. "i2s2_data_groups" listed twice GPIO12, but should have both GPIO12
and GPIO13,
2. "swr_tx_data_groups" contained GPIO5 for "swr_tx_data2" function, but
that function is also available on GPIO14, thus listing it twice is
not necessary. OTOH, GPIO5 has also "swr_rx_data1", so selecting
swr_rx_data function should not block the TX one.
Fixes: be9f6d56381d ("pinctrl: qcom: sm8350-lpass-lpi: add SM8350 LPASS TLMM")
Cc: stable@vger.kernel.org
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Reviewed-by: Konrad Dybcio <konrad.dybcio@oss.qualcomm.com>
Signed-off-by: Linus Walleij <linusw@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
And is causing an audit warning, so we drop our assignement
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 55f957a232
---------------------------
linux-yocto/6.18: genericarm64: enable additional qcom drivers
Integrating the following commit(s) to linux-yocto/.:
1/2 [
Author: Srinivas Naik Banavathu
Email: snb@qti.qualcomm.com
Subject: genericarm64-pinctrl.cfg: enable CONFIG_PINCTRL_QCS8300
Date: Fri, 20 Feb 2026 15:53:42 +0530
Enable QCS8300 pin controller driver
Signed-off-by: Srinivas Naik Banavathu <snb@qti.qualcomm.com>
Cc: Bruce Ashfield bruce.ashfield@gmail.com
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
2/2 [
Author: Srinivas Naik Banavathu
Email: snb@qti.qualcomm.com
Subject: genericarm64.cfg: enable CONFIG_INTERCONNECT_QCOM_QCS8300
Date: Fri, 20 Feb 2026 15:53:43 +0530
Enable QCS8300 interconnect driver
Signed-off-by: Srinivas Naik Banavathu <snb@qti.qualcomm.com>
Cc: Bruce Ashfield bruce.ashfield@gmail.com
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aa441c5d7c
---------------------------
initscripts: Make SRC_URI arch independent
Avoid making SRC_URI unnecessarily dependent on the target architecture.
The alignment.sh file will only be installed for relevant 32-bit ARM
targets, but there's no benefit to making SRC_URI inclusion conditional.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 36bf9a0fc9
---------------------------
gnutls: Use arch independent search paths
The value of STAGING_LIBDIR depends on baselib, which may be "lib" or
"lib64" depending on the target architecture. To avoid making
PACKAGECONFIG unnecessarily arch-dependent, we can use STAGING_DIR_HOST
as the search prefix for libseccomp & libdl instead.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dc94428980
---------------------------
gettext: Use arch independent search paths
The value of STAGING_LIBDIR depends on baselib, which may be "lib" or
"lib64" depending on the target architecture. To avoid making
PACKAGECONFIG unnecessarily arch-dependent, we can use STAGING_DIR_HOST
as the search prefix for libunistring & ncurses instead.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 35341983fb
---------------------------
flac: Use arch independent search path
The value of STAGING_LIBDIR depends on baselib, which may be "lib" or
"lib64" depending on the target architecture. To avoid making
PACKAGECONFIG unnecessarily arch-dependent, we can use STAGING_DIR_HOST
as the search prefix for libogg instead.
The search prefix is necessary here, removing it completely results in
compilation errors.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6972e64e47
---------------------------
libssh2: Drop arch dependent search paths
The value of STAGING_LIBDIR depends on baselib, which may be "lib" or
"lib64" depending on the target architecture. To avoid making
PACKAGECONFIG unnecessarily arch-dependent, we can use drop the search
prefix for libz and openssl as the configure script is capable of
finding them without this information.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5cdcd68557
---------------------------
ghostscript: Drop arch dependent search paths
The value of STAGING_LIBDIR depends on baselib, which may be "lib" or
"lib64" depending on the target architecture. To avoid making
PACKAGECONFIG unnecessarily arch-dependent, we can use drop the search
prefix for x11 libraries as the configure script is capable of finding
them without this information.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 96cce8a363
---------------------------
curl: Drop arch dependent search paths
Since the creation of the curl recipe in this repo in 2010, the search
path has been specified relative to STAGING_LIBDIR. This causes the a
dependency from the task hash of do_recipe_qa on baselib, which may be
'lib' or 'lib64' depending on the target architecture. This dependency
trips up yocto-check-layer.
Somewhere between the depths of history and today, the need for this
search path has gone away. Simply using '--with-zlib' now works.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a2f7052cf8
---------------------------
checklayer: Fix regex in get_signatures
After commit 11373def3171 ("sstatesig/populate_sdk_ext: Improve unihash
cache handling") in openembedded-core, the locked-sigs.inc file may
contain unihash map entries as well as a list of locked sigs. The
unihash map entries consist of four fields separated by `:` - pn, task,
task hash and unihash. The current regex in get_signatures cannot parse
these correctly, it grabs the first 3 elements into <task> when there
should only be two elements, leading to an error:
Traceback (most recent call last):
File "/srv/pokybuild/yocto-worker/check-layer/build/layers/openembedded-core/scripts/yocto-check-layer", line 252, in <module>
ret = main()
File "/srv/pokybuild/yocto-worker/check-layer/build/layers/openembedded-core/scripts/yocto-check-layer", line 215, in main
td['sigs'], td['tunetasks'] = get_signatures(td['builddir'])
~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^
File "/srv/pokybuild/yocto-worker/check-layer/build/layers/openembedded-core/scripts/lib/checklayer/__init__.py", line 340, in get_signatures
(recipe, task) = s.group('task').split(':')
^^^^^^^^^^^^^^
ValueError: too many values to unpack (expected 2)
Modify the regex so that it doesn't accidentally pick up the third field
of the unihash map entries.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9148a8b3ce
---------------------------
musl: Upgrade to 1.2.6
Drop upstreamed patch for riscv syscall wirings
brings following changes
* 9fa28ece release 1.2.6
* 1347154c vdso: add support for GNU hash tables
* 149d8729 getgr*: validate group member lists from nscd backend
* 19f9aeaa sys/mman.h: add MADV_COLLAPSE from linux v6.1
* 56df2e1f sys/mman.h: add MADV_DONTNEED_LOCKED from linux v6.0
* bb5693fa sys/mman.h: add MADV_POPULATE_(READ|WRITE) from linux v5.14
* 9355c443 loongarch64: add lsx and lasx regset definition
* b5146b83 loongarch64: add fpu and simd context to signal.h
* 38b00812 loongarch64: add new reloc types and NT_LOONGARCH_HW_* into elf.h
* b37d241d fenv: add missing C dummy functions for loongarch64 soft float
* 5c901bb3 update syscalls up to linux 6.19
* 4268281a getifaddr: fix typo ssl to sll
* 5c26c890 mallocng: prevent stray ';' at top-level
* 1b76ff07 s390x: shuffle register usage in __tls_get_offset to avoid r0 as address
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 15760045a2
---------------------------
Revert "insane.bbclass: Move test for invalid PACKAGECONFIGs to do_recipe_qa"
This reverts commit d3325c384a7df54c564cae093659cf7b692629f2.
Moving the QA test for invalid PACKAGECONFIGs to the recipe_qa task
turned out to be a bad idea as that task is expected to be architecture
independent. So move it back to be called from the do_qa_configure()
function.
Also rename test_packageconfig() to
configure_qa_invalid_packageconfig() to match how the test functions for
the package_qa task are named.
Signed-off-by: Peter Kjellerstedt <pkj@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d52d00a3bb
---------------------------
selftest/minidebuginfo: extract files from tar archive using tarfile module
Python 3.14 added security checks around archive extraction, and by
default will refuse to handle symlinks with absolute paths. It's possible
to handle this using 'filter' argument, but it is not always available
in older Python versions on various host distributions we need to support,
so let's extract only the needed files directly using tarfile module.
busybox is itself a symlink to busybox.nosuid, so both are extracted.
[YOCTO #16195]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: de3f351146
---------------------------
vex: rename rootfs CVE manifest JSON to include .vex. suffix
Rename the rootfs CVE manifest output file and its deploy
directory symlink from ${IMAGE_NAME}.json to
${IMAGE_NAME}.vex.json, and from ${IMAGE_LINK_NAME}.json
to ${IMAGE_LINK_NAME}.vex.json.
This avoids ambiguity in the image deploy directory where
other rootfs JSON files exist (e.g. SPDX/SBOM output), making
the VEX origin and purpose explicit in the filename.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 387a697307
---------------------------
python3-chardet: upgrade 5.2.0 -> 6.0.0.post1
Changelog:
https://chardet.readthedocs.io/en/latest/changelog.html
Build system changes:
- Switch from python_setuptools_build_meta to python_hatchling
- Add python3-hatch-vcs-native build dependency
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a247288299
---------------------------
libpam: upgrade 1.7.1 -> 1.7.2
1.Changelog:
https://github.com/linux-pam/linux-pam/releases/tag/v1.7.2
2.Fix do_package QA Issue as default vendordir has been changed
Refer to this commit https://github.com/linux-pam/linux-pam/commit/aea30822e2fa6f87faf2541da140f69dfdfee728
ERROR: libpam-1.7.2-r0 do_package: QA Issue: libpam: Files/directories were installed but not shipped in any package:
/usr/share/pam
/usr/share/pam/environment
/usr/share/pam/security
/usr/share/pam/security/namespace.conf
/usr/share/pam/security/group.conf
/usr/share/pam/security/namespace.init
/usr/share/pam/security/faillock.conf
/usr/share/pam/security/access.conf
/usr/share/pam/security/pam_env.conf
/usr/share/pam/security/pwhistory.conf
/usr/share/pam/security/time.conf
/usr/share/pam/security/limits.conf
Change vendordir to /etc to fix this issue for backward compatibility.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f8e847945c
---------------------------
rt-tests/hwlatdetect: upgrade 2.9 -> 2.10
0001-Makefile-Allow-for-CC-and-AR-to-be-overridden.patch
refreshed for 2.10
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 77af879996
---------------------------
ltp: fix warning in remove_broken_musl_sources
If this was originally intended to be an actual warning, it was not
behaving as such: echo only prints to log.do_patch, so the message ends
up hidden there.
Replace 'echo' by bbverbnote to display the message (as a NOTE) correctly.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f72f9174ec
---------------------------
glib-2.0: upgrade 2.86.4 -> 2.88.0
Deleted patches included in this release.
Refreshed patches and resolved conflicts.
Reworked relocate-modules.patch because of upstream commit which moved
the code we were using into macos specific function, so get the code
back to place we need it.
* https://gitlab.gnome.org/GNOME/glib/-/commit/9adec080ab80787eb53ef4dafaa1561e31731a6a
Release notes with filtered "bugs fixed" and "translation updates":
Overview of changes in GLib 2.88.0, 2026-03-16
Overview of changes in GLib 2.87.5, 2026-03-12
* Brown paper bag release to attempt to fix the dist-job in CI; this caused it to be impossible to build a release archive for 2.87.4
Overview of changes in GLib 2.87.4, 2026-03-12
* Avoid installing broken symlinks as part of the test data for the gdatetime tests (!5054 (merged), work by Alessandro Astone)
* Fix g_file_set_contents() with non-ASCII filenames on Windows (#3873 (closed), work by Lukas K.)
Overview of changes in GLib 2.87.3, 2026-02-25
* Improved support for GNotification on Windows (#3867 (closed), #3869 (closed), work by Oscar Pernia Moreno)
* Fix module lookups via GModule on Cygwin (#3741 (closed), work by Ailin Nemui)
* Fix local timezone lookup with nested symlinks in /etc/localtime (#3816 (closed), work by Alessandro Astone)
* Fix ordering and sequential consistency of gatomic memory barriers on MSVC and fallback GCC code paths (#3829 (closed), #3852 (closed), work by Luca Bacci)
* Fix various integer overflow bugs (#3870 (closed), #3871 (closed), #3872 (closed), CVE-2026-1484, CVE-2026-1485, CVE-2026-1489, work by Marco Trevisan)
* Add GSocketControlMessage subclasses for receiving IP_TOS and IPV6_TCLASS (!4846 (merged), work by Jakub Adam)
* Support polling more than 1024 FDs on macOS (!4953 (merged), work by Ihar Hrachyshka)
* Remove platform-specific backward compatibility from GLib-2.0 as it’s impossible to support (#3839 (closed), !4881 (merged), work by Marco Trevisan)
* Improve introspection annotations for delimiters on g_strsplit_set() (this may require changes in introspection bindings)
* Basic support for building and running some functionality on tvOS and watchOS (!4992 (merged), work by Nirbheek Chauhan)
* Add g_get_monotonic_time() variant with nanosecond precision (!5004 (merged), work by Benjamin Otte)
Overview of changes in GLib 2.87.2, 2026-01-19
* Add initial support for GNotification on Windows (#3857 (closed), work by Oscar Pernia Moreno)
Overview of changes in GLib 2.87.1, 2025-12-30
* Several low-risk CVE fixes (#3827 (closed), #3834 (closed), #3845 (closed))
* Fix return type of gi_callable_info_get_closure_native_address() (#3859 (closed), work by Philip Chimento)
* Tweak thread pool handling for GTask threads to prevent stalls (#3840 (closed), work by Ignazio Pillai)
* Respect NO_COLOR environment variable in log output (!4898 (merged), work by Aaron Andersen)
* Update file system type lists to mark more file system types as system ones and to recognise ntfs3 file systems (!4916 (merged) and #3828 (closed), work by Christian Hergert and Alexander Schwinn)
* Add G_GNUC_FLAG_ENUM attribute to mark enums as flags (!4900 (merged), work by Philip Chimento)
* Add a static CRT constructor and fusion manifest XML for GLib utilities on Windows so that stderr can be unbuffered and streams are flushed on exit (#3733 (closed), work by Luca Bacci)
* Fix G_FILE_MONITOR_WATCH_HARD_LINKS on Windows (#3819 (closed), work by Jehan)
Overview of changes in GLib 2.87.0, 2025-11-03
* Update to Unicode 17.0.0 (!4793 (merged), work by Peng Wu)
* Support runtime extensions to gdbus-codegen tool to allow modifying its output in project-specific ways (!4812 (merged), work by Sebastian Wick)
* Use document portal to open all the URIs for snaps (!4822 (merged), work by Marco Trevisan)
* Add g_markup_parse_context_get_offset() API for getting error locations in XML files (!4879 (merged), work by Matthias Clasen)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a7b79bf6ab
---------------------------
libpcre2: Enabling Ptest support
Install libpcre2 test suite and run it as ptest.
Add tests for POSIX wrapper (pcre2posix_test), core PCRE2 engine (RunTest), and grep utility (RunGrepTest).
pcre2posix_test: Verifies the POSIX wrapper API
RunTest: Executes the core PCRE2 test suite through pcre2test
RunGrepTest: Checks pcre2grep to ensure its grepping style matching works as expected with various patterns and input files.
Signed-off-by: Shaik Moin <moins@kpit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 081bc6fe78
---------------------------
layer.conf: update pkgconfig-native exclusions to pkgconf-native
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e32bf38fab
---------------------------
pkgconfig: remove
We're now using pkgconf, so drop the pkgconfig recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a3320989ca
---------------------------
class/pkgconfig: use pkgconf instead of pkgconfig
The last meaningful change to freedesktop.org pkgconfig was in 2019, but
pkgconf is actively maintained.
Major distributions such as Fedora (and derivates), Debian (ditto), Arch
Linux, Buildroot, and Alpine have all moved to pkgconf already.
There's a subtle behaviour change between pkgconfig and pkgconf, whereas
pkgconfig appends the sysroot to PKG_CONFIG_SYSTEM_INCLUDE_PATH pkgconf
does not, so we need to sysroot-prefix those variables.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4425f6f025
---------------------------
pkgconf: minimise wrapper
There's no need to look at the passed arguments and unset variables, we
want fdo's pkgconfig behaviour when called from the pkg-config wrapper
and this can be done by exporting PKG_CONFIG_FDO_SYSROOT_RULES.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a1f8e2c286
---------------------------
pkgconf: ensure pkgconf-native doesn't try and look on the host
Neuter the native build of pkgconf so that it doesn't default to looking
on the build host for .pc files, to avoid accidental host contamination.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7fd826b886
---------------------------
pkgconf: inherit pkgconfig
pkgconf needs to know the value of PKG_CONFIG_LIBDIR, so it needs to
inherit the pkgconfig class.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2f41668002
---------------------------
systemd: Populate udev-bash-completion before bash-completion
The `inherit bash-completion` places its package at the front of
PACKAGE_BEFORE_PN. So this picks up the udevadm file before
udev-bash-completion is populated. Therefore, u-b-c has to go to the front
of PACKAGE_BEFORE_PN.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a0f5ff27d4
---------------------------
systemd-bootconf: do not modify build directory in do_install
do_install should only modify ${D}, otherwise rerunning the task will
have inconsistent results. In the case of systemd-bootconf, a second run
of do_install without rerunning do_configure (for example after modifying
it in a bbappend) fails altogether, as loader.conf would be missing.
Rather than fixing this up by deleting loader.conf from ${D} instead of
${S} after copying *.conf, clean up systemd-boot-cfg.bbclass not to
store loader.conf at the same location as the individual entries in the
first place, so they can be copied separately. While we're at it, also
change the recipe to make use of the variables defined by the class.
Signed-off-by: Nora Schiffer <nora.schiffer@ew.tq-group.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3b417d97ff
---------------------------
systemd: add detailed debug logging to fdset_new_fill()
Currently, when fdset_new_fill() fails to open /proc/self/fd or
encounters an error while processing individual file descriptors
(such as fcntl or fstat failures), it returns a silent error code.
For debugging rarely reproducible failures it becomes difficult to
know the exact cause of failure
This commit updates the function to use log_debug_errno() for all
error paths and hence provides better visibility into why FD collection
failed, including the path of the problematic FD (via fd_get_path)
and its inode type.
Signed-off-by: AshishKumar Mishra <ashishkumar.mishra@bmwtechworks.in>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6f1d8ffca5
---------------------------
nfs-utils: Add RDEPENDS netbase
The package netbase has to be installed. Otherwise nfs-server.service fails
to start, because /etc/services is missing:
sh[584]: nfsdctl: getaddrinfo of "(null)" failed: Servname not supported for ai_socktype
sh[584]: nfsdctl: Error: Protocol not supported
sh[584]: nfsdctl: Error: Invalid argument
sh[583]: rpc.nfsd: unable to resolve ANYADDR:nfs: Servname not supported for ai_socktype
sh[583]: rpc.nfsd: Unable to request RDMA services: Protocol not supported
sh[583]: rpc.nfsd: unable to set any sockets for nfsd
systemd[1]: nfs-server.service: Main process exited, code=exited, status=1/FAILURE
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c226dc8a41
---------------------------
libsoup: fix CVE-2025-32049/CVE-2026-1539
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/390
https://gitlab.gnome.org/GNOME/libsoup/-/issues/489
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a1ed6fddd9
---------------------------
weston: update to 15.0.0
Announcement:
https://lore.freedesktop.org/wayland-devel/aZbDU-xtVMLhB0wD@xpredator/
Functional changes:
- New Vulkan renderer. A "vulkan" PACKAGECONFIG option has been
added to enable building it, and it is enabled if "vulkan" is
present in DISTRO_FEATURES, similar to how X11 and Wayland are
handled. A post-release change has been backported to fix
building the new backend with X11 or Wayland disabled.
- New Lua shell. A "lua-shell" PACkAGECONFIG option has been added
to enable building it, but it has not been enabled by default to
avoid affecting build times.
- Fullscreen shell and screen-share module marked as deprecated.
Their PACKAGECONFIG options have been updated to still work, but
have not been renamed to avoid breaking working configurations.
- Perfetto support. A "perfetto" PACKAGECONFIG option has been
added to enable building it, but it is not on by default due
to meta-oe being required to build.
- The "client-no-resize" option for the RDP backend has been
replaced with "resizeable/no-resizeable" to match the VNC
backend. The example in weston.ini has been updated.
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 64b6fe9a8e
---------------------------
libxml2: upgrade 2.15.1 -> 2.15.2
1.Changelog
https://gitlab.gnome.org/GNOME/libxml2/-/blob/2.15/NEWS?ref_type=heads
2.Remove following patch as merged upstream
CVE-2026-0990.patch
CVE-2026-0992-01.patch
0001-testlimits-optionally-accept-timeout-input.patch
CVE-2026-0989.patch
CVE-2026-0992-02.patch
CVE-2026-0992-03.patch
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ef2250e7b7
---------------------------
musl-locales: Fix locale-base-sr-sr typo
Package name is locale-base-sr->>rs<<.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 218c0e59de
---------------------------
xkeyboard-config: upgrade 2.46 -> 2.47
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d2e3196c60
---------------------------
taglib: upgrade 2.2 -> 2.2.1
Changelog:
===========
* Support edition, chapter and attachment UIDs in Matroska simple tags.
* Avoid duplicates in Matroska complex property keys.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1cdc4b53bc
---------------------------
stress-ng: upgrade 0.20.00 -> 0.20.01
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 10ff8f762f
---------------------------
squashfs-tools: upgrade 4.7.4 -> 4.7.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4bca12e85d
---------------------------
sqlite3: upgrade 3.51.2 -> 3.51.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6bf3674d8a
---------------------------
seatd: upgrade 0.9.2 -> 0.9.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: df70438654
---------------------------
python3-xmltodict: upgrade 1.0.3 -> 1.0.4
Bug Fixes
unparse: add bytes_errors policy and handle bytes scalars consistently
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f3f6766f15
---------------------------
python3-uv-build: upgrade 0.10.4 -> 0.10.10
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cccbf55c8b
---------------------------
python3-testtools: upgrade 2.8.3 -> 2.8.7
Improvements
------------
* Fix an issue with "iterate_tests", which was recently changes to insist
on accepting an instance of "unittest.TestSuite", breaking some users.
* Improve the type annotations for "testtools.testcase.TestCase.skipTest"
* Correct a URL in the README
* Improve the type annotations for "testtools.testcase.TestCase.assertRaises".
This method will now be typed correctly when called as a method or as a
context manager.
* Fix the type annotations for "testtools.testcase.TestCase.useFixture"
* Clear "force_failure" in "_reset()" so that re-running a test
after an "expectThat" failure can succeed if successful conditions are met again.
* Make "extract_result()" and "DeferredNotFired" public APIs in
"testtools.twistedsupport". These utilities are useful for extracting
results from synchronous Deferreds in tests.
* Add support for "unittest.TestCase.subTest". Failures are reported
individually while the entire test method is still treated as a single test.
* Add "testtools.matchers.test" module providing a test harness for
users who write their own custom matchers.
Changes
-------
* Re-add compat helpers and helper modules that were accidentally removed
in a patch release, breaking API compatibility. These are now deprecated
and will be removed in a future major release.
* "typing-extensions" is no longer required at runtime; it is only needed
for type checking.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4ae95ba851
---------------------------
python3-sphinxcontrib-svg2pdfconverter: upgrade 2.0.0 -> 2.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 68211d2b0c
---------------------------
python3-setuptools: upgrade 82.0.0 -> 82.0.1
Changelog:
=============
- Fix the loading of launcher manifest.xml file.
- Replaced deprecated json.__version__ with fixture in tests.
- Add advice about how to improve predictability when installing sdists
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7a952d1708
---------------------------
python3-pytz: upgrade 2025.2 -> 2026.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7921514864
---------------------------
python3-pyopenssl: upgrade 25.3.0 -> 26.0.0
Changes:
- Added support for using aws-lc instead of OpenSSL.
- Properly raise an error if a DTLS cookie callback returned a cookie longer
than DTLS1_COOKIE_LENGTH bytes. Previously this would result in a
buffer-overflow. Credit to dark_haxor for reporting the issue. CVE-2026-27459
- Added OpenSSL.SSL.Connection.get_group_name to determine which group name was
negotiated.
- Context.set_tlsext_servername_callback now handles exceptions raised in the
callback by calling sys.excepthook and returning a fatal TLS alert.
Previously, exceptions were silently swallowed and the handshake would proceed
as if the callback had succeeded. Credit to Leury Castillo for reporting this
issue. CVE-2026-27448
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5bc170eb7d
---------------------------
python3-pygobject: upgrade 3.54.5 -> 3.56.1
semicolon.patch
removed since it's included in 3.56.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bb6b8f6a4a
---------------------------
python3-numpy: upgrade 2.4.2 -> 2.4.3
Changelog:
============
- MAINT: Prepare 2.4.x for further development
- BUG: Fix some leaks found via LeakSanitizer
- MAINT: Synchronize 2.4.x submodules with main
- TYP: matlib: missing extended precision imports
- BUG: Fix weak hash function in np.isin().
- BUG: fix infinite recursion in np.ma.flatten_structured_array...
- BUG: Fix buffer overrun in CPU baseline validation
- BUG: Fix busdaycalendar's handling of a bool array weekmask....
- BUG: Fix reference leaks and NULL pointer dereferences
- MAINT: fix two minor issues noticed when touching the C API setup
- ENH: Test .kind not .char in np.testing.assert_equal
- BUG: fix type issues in uses if PyDataType macros
- MAINT: Don't use vulture 2.15, it has false positives
- MAINT: update openblas
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d5901c9fa8
---------------------------
nfs-utils: upgrade 2.8.5 -> 2.8.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf91b8b5d4
---------------------------
meson: upgrade 1.10.1 -> 1.10.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b7001ab802
---------------------------
mesa: upgrade 26.0.1 -> 26.0.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b2ab46d898
---------------------------
lzlib: upgrade 1.15 -> 1.16
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 84fd273424
---------------------------
lsof: upgrade 4.99.5 -> 4.99.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2374a77d74
---------------------------
libpciaccess: upgrade 0.18.1 -> 0.19
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: eaf9bf6a57
---------------------------
libgcrypt: upgrade 1.12.0 -> 1.12.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ba6921796c
---------------------------
hwdata: upgrade 0.404 -> 0.405
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9cce70bd39
---------------------------
gsettings-desktop-schemas: upgrade 49.1 -> 50.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 60f893f5a7
---------------------------
fastfloat: upgrade 8.2.3 -> 8.2.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7835963388
---------------------------
ethtool: upgrade 6.15 -> 6.19
avoid_parallel_tests.patch
refreshed for 6.19
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 815a262af4
---------------------------
erofs-utils: upgrade 1.8.10 -> 1.9.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d3adf4ff2b
---------------------------
ell: upgrade 0.82 -> 0.83
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b14266b4c2
---------------------------
e2fsprogs: upgrade 1.47.3 -> 1.47.4
0001-misc-create_inode.c-Fix-for-file-larger-than-2GB.patch
removed since it's inclued in 1.47.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2786f339f3
---------------------------
dpkg: upgrade 1.23.5 -> 1.23.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8ff681ca2e
---------------------------
diffoscope: upgrade 313 -> 314
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 87feb0597c
---------------------------
bind: upgrade 9.20.18 -> 9.20.20
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ca30fe6b92
---------------------------
at-spi2-core: upgrade 2.58.3 -> 2.60.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6a90435fe9
---------------------------
man-pages: upgrade 6.16 -> 6.17
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-896_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-894_default.lock.xml
manifest-judo
---------------------------
Commit: 7051b12
---------------------------
CSNMR-5912: Update LKG to 0.30.1.rel8-2026.2.1
Update LAST_KNOWN_GOOD_JUDOHSPROD to
judo-bundle-full-judo-hs-prod-0.30.1.rel8-2026.2.1
so install-and-test runs use the new LKG bundle.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-894_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-893_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-893_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-892_default.lock.xml
cellular-utils
---------------------------
Commit: 4ba4ca3
---------------------------
CSNMR-5834: Add helper methods to deactivate cell connection
Added helper methods to deactivate cellular connection by bringing the
NetworkManager profiles down, setting autoconnect to off, disabling
NetworkManager wwan radio and powering off the modem at the module
level. This helps ensure that when a disabled command is issued, the
device tears down all cellular related connections and powers down the
module. This is a more robust implementation than issuing a raw Airplane
Mode On command via AT. It also survives reboots and gives a much better
view into the system as all related APIs will display cell as disabled
instead of On and Searching.
cfg-mgr
---------------------------
Commit: 9301ac6
---------------------------
CSNMR-5841: Add license requirements to test and mfg roles
judo-cfg-agents
---------------------------
Commit: ed65cf8
---------------------------
Bugfix: Short timeout waiting for cellular info
The system properties agent waits up to 30s for the info
collector to gather all HW component infos.
Cach of the cellular, trimble_sim and customer_sim collectors were
waiting up to 25s to detect the modem (in theory in parallel),
but that was still exceeding the system_properties timeout,
so cap each of the collectors to only wait up to 2s.
Better to report failure to find the modem, than to timeout and
not report anything...
---------------------------
Commit: 7036d28
---------------------------
Bugfix: Remove print from UHF tests
---------------------------
Commit: 1a57555
---------------------------
Bugfix: device_info: list of components not data
Fix implementation of `device_info` APIs to match the API specs.
- in `device_info`, publish a list named 'components', not
'data'.
- in `component_info`, 'boardSerialNumber' and 'present' are
required fields for all components
---------------------------
Commit: 42c0afe
---------------------------
Bugfix: Add logging for how long component infos take to gather
To aid debugging where the delays in the boot-time are coming
from and why the `system_properties` agent takes so long to
publish.
On my Sumo:
```
$ journalctl -u cfg-agent@system_properties_agent -o cat | grep -e 'Waiting for ' -e 'all HW infos'
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for motherboard info took 0.0s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for wifi info took 0.0s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for halow info took 0.0s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for gnssReceiver info took 0.0s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for gnssInternalAntenna0 info took 0.0s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for customerSim info took 0.10470938682556152s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for trimbleSim info took 0.10678362846374512s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for cellular info took 0.1101691722869873s
INFO:cfg_agents.system_properties_agent.info_collector:Waiting for softuhf info took 1.3200464248657227s
INFO:cfg_agents.system_properties_agent.info_collector:all HW infos collected in 2.65595381899999s, quitting monitor task
```
---------------------------
Commit: bc88124
---------------------------
SUMO-582: Add support for setting Sumo RF-path for UHF
Sumo has various filters and switches for controlling the RF-path
of the phoenix softUHF radio that `phoenix-handler` can configure
for us.
---------------------------
Commit: 6293349
---------------------------
SUMO-582: Add support for configuring Phoenix to UHF agent
---------------------------
Commit: 774a2cd
---------------------------
Bugfix: Add component model declarations
The 'expected' component model can optionally be set statically for
each component, allowing for different info-collector methods to
be used without having to resort to detecting which model of the
component is installed/present.
Set this up as a generic option for all components so we can
add a model (or any other field) to each component as and when
there are multiple variants to handle.
The primary driver of this change was the request to make all
softUHF radios appear under the generic 'softuhf' component and to
simplify the softUHF presense/metadata collection.
---------------------------
Commit: 89e3426
---------------------------
SUMO-582: Refactor UHF agent into separate radio managers
In preparation for adding support for the Phoenix radio, move
the 'radio manager' code for each of the radios into separate
classes.
---------------------------
Commit: 6d41bf5
---------------------------
Bugfix: Add __init__.py to system_properties agent
Without this I get errors on agent startup trying to import
from a directory that 'is not a module'.
Only seems to affect building from EXTERNAL_SRC, and only the
system_properties agent(?).
The issue did consistently/reliably persist through bitbake
`cleansstate`'s on the recipe until I added this fix.
---------------------------
Commit: 457e320
---------------------------
Bugfix: Fix zenoh-pub-asyncapi-example script
The script has been non-functional since the upgrade to AsyncAPI
v3.0.0.
---------------------------
Commit: d0866d0
---------------------------
CSNMR-5834: Disable cell using NM layer
Changed setting Airplane Mode from using raw AT commands to using
NetworkManager/ModemManager commands instead. This helps tear down
cellular connections on the device in a way that leaves the modem in a
disabled state with power level low (equivalent to Airplane Mode). This
also makes it obvious to the user that the modem is disabled via API
commands, removes the "stuck in searching" state, and makes the system
consistent with what is expected in Zenoh.
---------------------------
Commit: 38b923a
---------------------------
CSNMR-5754: Silence pub_not_entitled on cell oper state
Unlicensed unit receives event_cellular_network_info for checking the
operating state of cell. BaseEventHandler default raised
NotImplementedError after check_base_entitlements. Override
pub_not_entitled (like in CellularCmdHandler) so that logs don't
generate NotImplementedError. NoEntitlementException is still raised
when cell is unlicensed.
---------------------------
Commit: 9538eef
---------------------------
CSNMR-5754: Enable cellular Zenoh default and hook on entitlements
Changed the default behavior of Zenoh to publish enabled state if one
does not exist. This allows LDR SIM and first boot to use the modem
without waiting for an enabled state to publish. Licensed devices with
no persisted cfg now replay and apply ENABLED. Unlicensed devices always
apply DISABLED, including when persisted storage still holds an ENABLED
snapshot, so the modem path matches license state. Operational
ERR_LICENSE_ERROR from on_connect is unchanged.
---------------------------
Commit: 52e165f
---------------------------
CSNMR-5841: Seperate Halow and Wifi entitlements
---------------------------
Commit: 0772284
---------------------------
CSNMR-5841: Add setting to enable mfg mode to utilize full entitlements
---------------------------
Commit: dd1487e
---------------------------
SUMO-563: Add phoenix fw-update files to Sumo OS
---------------------------
Commit: 17d2353
---------------------------
CSNMR-5834: update srcrev hash
---------------------------
Commit: 75625ea
---------------------------
CSNMR-5652: Bump version to 0.31 on main
---------------------------
Commit: 6f94b1c
---------------------------
modemmanager: prefer PACKAGECONFIG over debug drop-ins
Enable AT commands (via mmcli --command) instead of patching MM into debug
mode.
Remove the systemd debug patch and suppress-debug drop-in.
---------------------------
Commit: 922656e
---------------------------
Revert "CSNMR-4948: Update ModemManager to version 1.24.2"
meta-openembedded supplies modemmanager and matching libqmi/libmbim;
drop the layer-local recipes added in CSNMR-4948.
This reverts commit c0d82e2b416f635e42b0f9008ef683e4db34a70b.
---------------------------
Commit: 12c7b81
---------------------------
SUMO-582: cfg-agents: SRCREV update for Phoenix support
Add dependencies for the uhf and system_properties agent to only
start after the UHF PSU is enabled.
---------------------------
Commit: 3e1d617
---------------------------
SUMO-563: Add FW update support for Phoenix UHF
---------------------------
Commit: 575e97e
---------------------------
rust-gnss: Update recipe description
---------------------------
Commit: 9000ace
---------------------------
CSNMR-5834: update srcrev hash
---------------------------
Commit: f6d2ed2
---------------------------
CSNMR-5754: update srcrev hash
---------------------------
Commit: 2d10817
---------------------------
CSNMR-5841: Update SRCREV
scabbard-judo
---------------------------
Commit: 14df588
---------------------------
Tidy up get_client_ip to deal with short ip addresses
---------------------------
Commit: a8571ec
---------------------------
Some more suggestions from AI to remove memory leaks
---------------------------
Commit: 8542fad
---------------------------
Fix debug server failed first write
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-892_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-891_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-891_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-890_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-890_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-889_default.lock.xml
judo-auto-test
---------------------------
Commit: 5c40990
---------------------------
CSNMR-5906 Skip wifi ping/config tests
Skip:
test_ping_to_uut_configured_as_wifi_ap,
test_ping_from_uut_configured_as_wifi_sta,
test_wifi_ap_config_persists_through_reboot, and
test_wifi_sta_config_persists_through_reboot due to a known bug.
Jira ticket:
https://jira.trimble.tools/browse/CSNMR-5906
Signed-off-by: Brady Hill <brady_hill@trimble.com>
judo-cfg-agents
---------------------------
Commit: 8190a31
---------------------------
CSNMR-5570: Add refId to UHF cmd responses
UHF command responses are solicited, so they should include the
reference ID of the command which they are associated with.
---------------------------
Commit: 1ac88d9
---------------------------
CSNMR-5570: python3-judo-cfg-agents: update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-889_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-888_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-888_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-887_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 735bf5e
---------------------------
CSNMR-5884: Change environment value to newly added enum
---------------------------
Commit: bf5781b
---------------------------
CSNMR-5884: Adjust SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-887_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-886_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-886_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-885_default.lock.xml
judo-cfg-agents
---------------------------
Commit: cacf643
---------------------------
CSNMR-5893: Change name of device_info 'data' field to 'components'
---------------------------
Commit: e9dd283
---------------------------
CSNMR-5893: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-885_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-883_default.lock.xml
manifest-judo
---------------------------
Commit: 8641797
---------------------------
Revert "SNMR-5879 Disable CI Auto Test"
This reverts commit a098ff81e63b027ea6447f74382caccf69a1e40a.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-883_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-882_default.lock.xml
judo-api-specs
---------------------------
Commit: ced3410
---------------------------
CSNMR-5801: Fix name in OpenAPI spec so AppFS API will be correctly rendered
* Change name of request properties to be uniform snake_case.
judo-cfg-agents
---------------------------
Commit: 91210e3
---------------------------
CSNMR-5880: Add SSH override flag to disable ssh
* Remove this change before release build
---------------------------
Commit: d838d67
---------------------------
CSNMR-5801: Adjust SRCREV
---------------------------
Commit: 3f901cb
---------------------------
CSNMR-5880: Re-enable ssh on-by-default
* Remove before release builds
---------------------------
Commit: 75b65af
---------------------------
CSNMR-5880: Update SRCREV
mqtt-api
---------------------------
Commit: 434c65d
---------------------------
CSNMR-5717: add alwaysOn to MFG API set pps
Added alwaysOn=yes to programmatic interface curl in the MFG API.
This setting is not in our defaults on stella - it was getting set by
bd992-handler. Because the handler is off in mfg mode we need to start
enabling this again.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-882_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-881_default.lock.xml
judo-auto-test
---------------------------
Commit: 8de79dd
---------------------------
Increase STA post-reboot DHCP timeout to 180s
Build #155 shows wifi0_sta needs ~125s after
device-available to obtain a DHCP lease. The
120s budget fell 5s short, failing consistently
across builds #146-#155. Bump to 180s for
adequate headroom.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-881_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-880_default.lock.xml
judo-auto-test
---------------------------
Commit: caab1c9
---------------------------
Fix post-reboot WiFi ping flake with data path poll
Add wait_for_data_path() that polls with single pings
until one round-trips successfully before running the
real 10-ping test. This absorbs the ARP resolution
delay and driver settling time after STA reconnects
post-reboot, eliminating the consistent 1/10 packet
loss that failed the packetLossRate == 0 assertion.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
manifest-judo
---------------------------
Commit: 8025556
---------------------------
Fix --wic option not matching .wic.xz images
WIC_PATTERN had "build" where it needed "image" in the search string.
yocto-docs
---------------------------
Commit: 6b78593be
---------------------------
ref-manual/variables: IMAGE_TYPES: add new wicenv type
Added by commit e4d49702f21f ("image_types_wic: Introduce wicenv
image type") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 50acceb7c
---------------------------
migration-guides/release-notes-6.0.rst: add contributors
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 2189104f5
---------------------------
migration-guides/migration-6.0.rst: mention python3-roman-numerals-py rename
Following faff756e829b ("python3-roman-numerals-py: upgrade 3.1.0 ->
4.1.0") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 8838b84f4
---------------------------
migration-guides/release-notes-6.0.rst: add recipe version changes
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 173e58569
---------------------------
migration-guides/release-notes-6.0.rst: update CVE fixes
Use documentation/tools/gen-cve-release-notes to generate the array.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 40699331b
---------------------------
migration-guides/release-notes-6.0.rst: add license changes
Add license changes between yocto-5.3 and 8751ec834211
("build-appliance-image: Update to whinlatter head revisions") on
OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 96024c091
---------------------------
migration-guides/release-notes-6.0.rst: cover recent changes
Cover changes between 00de455f8d3a ("classes/cve-check: remove class")
and 9a83f0878b6b ("busybox: fix for CVE-2026-26157, CVE-2026-26158") in
OE-Core. There were no changes to BitBake and meta-yocto since the last
update of these release notes.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 8572a9e78
---------------------------
migration-guides/migration-6.0.rst: add migration notes on cve-check removal
The cve-check class was removed with 00de455f8d3a ("classes/cve-check:
remove class") in OE-Core. Add migration notes to migrate from cve-check
to sbom-cve-check.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 780900f86
---------------------------
security-manual/vulnerabilities.rst: refresh the document after cve-check removal
The cve-check class was removed with 00de455f8d3a ("classes/cve-check:
remove class") in OE-Core. The sbom-cve-check class replaces it. And
while it can generate the same report (with the same format), the
vulnerabilities document needed an update to reflect the changes.
Notable differences:
- The output report has a different name (but same format)
- There is also an enriched SPDX report containing the vulnerabilities.
We do not go in details about this one as this is tied to the SPDX
specification, and much more complicated.
- The sbom-cve-check does not produce warnings when Unpatched CVEs are
found.
- The implementation details is removed as this is part of the
sbom-cve-check documentation (add a link to it instead).
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 871a80755
---------------------------
security-manual/vulnerabilities.rst: require Upstream-Status, not recommend
We want the Upstream-Status in any case, even if the status turns to be
something like "oe-specific". So explicitly require it here.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 387e9a310
---------------------------
ref-manual/variables.rst: document the SBOM_CVE_CHECK_SHOW_WARNINGS variable
Added by commit 5a5162406ffe ("sbom-cve-check-common: print warnings
on unpatched CVEs") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: a6ba3c1ee
---------------------------
docs-wide: drop documentation for cve-check and variables
Drop the cve-check class documentation and all variable strictly tied to
the class. The vex class is still there and uses the same namespace to
name its variables, so keep the variables that are still used in the vex
class. The current vulnerabilities document is out-of-date, but
references to cve-check are still removed there for bisectability, and
is rewritten in the next commits.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 9e2e70b7b
---------------------------
ref-manual/system-requirements.rst: add CentOS 10 as a supported distro
The current list of packages for CentOS 9 applies for CentOS 10.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ec2ad8c90
---------------------------
tools/build-docs-container: add CentOS 10 support
No issue building the documentation, and including the packages from the
essential list (INCLUDE_ESSENTIAL_PACKAGES=1).
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 38c468af9
---------------------------
tools/build-docs-container: add missing leap 16.0 in help message
Fixes: e5880b36dfc6 ("ref-manual/system-requirements.rst: add section for openSUSE Leap 16.0")
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 85f6e0ae6
---------------------------
migration-guides/migration-6.0.rst: document the CVE_PRODUCT behavior change
After 9dd9c0038907 ("cve_check: Escape special characters in CPE 2.3
strings") and 3c73dafd03b1 ("cve_check: Improve escaping of special
characters in CPE 2.3") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f806e53f8
---------------------------
migration-guides/release-notes-6.0.rst: add known KVM issue
And link to the bug in question on Bugzilla.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 24e227262
---------------------------
conf.py: add a :yocto_bug: role
Similar to :yocto_bugs: but directly create a hyperlink to the bug
displayed with its identifier. Use as :yocto_bug:`12345`.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 6e187a8cb
---------------------------
dev-manual: "--runonly" should be "--runall"
To properly fetch all the sources as suggested by the docs, one should
use "--runall=fetch".
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b50e8d36b
---------------------------
overview-manual/concepts.rst: fix do_prepare_recipe_sysroot task description
The description incorrectly stated that the sysroots are set up for
use during the packaging phase. In fact, do_prepare_recipe_sysroot
runs before do_configure, and the sysroots are consumed by
do_configure and do_compile.
Refer to do_configure and do_compile as the tasks that consume
prepared sysroots. Briefly describe the role of each sysroot.
Link do_configure, do_compile, and do_populate_sysroot via
:ref: to ease navigation.
Suggested-by: Alexander Kanavin <alex.kanavin@gmail.com>
Suggested-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Dawid Bijak <bijak.dawid@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-880_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-879_default.lock.xml
judo-auto-test
---------------------------
Commit: 4cdaa90
---------------------------
CSNMR-5808 Fix network test
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-879_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-877_default.lock.xml
manifest-judo
---------------------------
Commit: a098ff8
---------------------------
SNMR-5879 Disable CI Auto Test
Disabling CI auto test until all bricked units are brought back
online and proven to work. Then This commit can be dropped.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-877_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-876_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-876_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-875_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-875_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-874_default.lock.xml
judo-api-specs
---------------------------
Commit: 856b02f
---------------------------
CSNMR-5790: Fix untagged added channel
---------------------------
Commit: 2368882
---------------------------
CSNMR-5801: Implement OpenAPI changes to add endpoint for uploading appFS (.tar) files to the device
---------------------------
Commit: 828fe55
---------------------------
device_info: Add required fields to schemas
---------------------------
Commit: 8b02b8a
---------------------------
device_info: More examples and example model info
judo-cfg-agents
---------------------------
Commit: 285db03
---------------------------
CSNMR-4731: Override pub not entitled for can cfg event
* This is a workaround to allow enforcement of role entitlement checks for can cfg event without requiring the refactoring and breaking changes described in earlier PR's
* See: https://bitbucket.trimble.tools/projects/JUDO-SHARED/repos/judo-api-specs/pull-requests/150/overview
* This is required as the current implementation of the can cfg event has multiple cfgs for multiple ports configured via the same channel. Implementing persistent cfgs would require seperate channels
---------------------------
Commit: 906d3c7
---------------------------
CSNMR-5801: Update SRCREV
---------------------------
Commit: a07ae8d
---------------------------
CSNMR-4731: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-874_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-873_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-873_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-871_default.lock.xml
judo-auto-test
---------------------------
Commit: 3fc8e79
---------------------------
CSNMR-5845 NO-MERGE Add test that implements pattern
---------------------------
Commit: 30bb039
---------------------------
CSNMR-5845 expose subscribe/listen/unsubscribe on AbstractDeviceLib
- Expose subscribe_topic, listen_to_topic, and unsubscribe_topic
on AbstractDeviceLib by delegating to MQTTCommand so Robot
suites can subscribe to effect topics before publish_and_verify,
then listen afterward. Clarify subscribe_and_listen docstrings.
- Update Contributing/readme as needed; adjust Robot suites where
publish ordering could drop messages.
manifest-judo
---------------------------
Commit: 104f2df
---------------------------
CSNMR-5851: Update ROOF test Location capability
Replace ROOF(-WCO)? Location regex with
separate Location and SubLocation fields.
Location now matches NZ or WCO, and
SubLocation is set to ROOF.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-871_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-870_default.lock.xml
judo-auto-test
---------------------------
Commit: 74cc2b8
---------------------------
CSNMR-5849 Bugfix Race when setting lease in suite setup
- Fix race in the setupo suite keyword. The race was
caused when setting the gnss lease for the first time
the subscribe and listen gets a stale event and fails
becasue the check for success_config_applied is not
found. The fix was to increase the message limit=2
so that the correct message would be found and validated
judo-cfg-agents
---------------------------
Commit: 37707e5
---------------------------
CSNMR-5591: Remove HD Loops from all machine configurations
Use standard loops for all machine configurations.
For BD krypton, use only the non HD image.
For BD stella, there is only one image.
For all BD, dynamic_model="heavy_equipment".
For MS, there is only image, but different configurations
for dynamic_model:
* dozer : dynamic_model="high_vibrations"
* others : dynamic_model="heavy_equipment"
---------------------------
Commit: 8f2ff32
---------------------------
CSNMR-5591: Delete unused GNSS BD configurations
Delete GNSS BD configurations which are no longer are used.
---------------------------
Commit: 594b983
---------------------------
CSNMR-5591: Update SRCREV
Update GNSS Manager Agent to do the following:
* Remove HD Loops from all machine configurations.
* Use standard loops for all machine configurations.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-870_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-869_default.lock.xml
judo-bd992-fw
---------------------------
Commit: fa047e4
---------------------------
CSNMR-5760: update BD images for stella
Update BD images for stella to 6.60-0.32
Stella Checksum: 0x7F53E286
---------------------------
Commit: 2aa9656
---------------------------
CSNMR-5760: Update stella configuration
Update stella configuration firmware image to 6.60-0.32
---------------------------
Commit: 37ce02f
---------------------------
CSNMR-5760: update SRCREV
Update SRCREV for stella 6.60-0.32 firmware image repo.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-869_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-868_default.lock.xml
judo-ms9xx-fw
---------------------------
Commit: 12dbb81
---------------------------
CSNMR-5660: Update MS9xx firmware image
Update MS9xx firmware image to release 6.50-6.50
---------------------------
Commit: 5a72e21
---------------------------
CSNMR-5660: Update MS configuration files
Update MS configuration files for firmware version 6.50-6.50
---------------------------
Commit: 504e0b4
---------------------------
CSNMR-5691: Update rust-gnss bd992-handler revision
Update rust-gnss bd922-handler to support the following:
* CSNMR-5691: Fix configuration of Data Logging to include AutoDelete (JUDO-213-59)
* CSNMR-5789: Add 'Log Sensor Data' capability to GNSS logging to support
GNSS logging on v0 page
---------------------------
Commit: d75bcf8
---------------------------
CSNMR-5660: Update SRCREV
Update MS firmware version to 5.60-5.60.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-868_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-867_default.lock.xml
judo-api-specs
---------------------------
Commit: 6917e75
---------------------------
CSNMR-5790: Implement API Channels for AppFS manager
* Add new tag for AppFS API commands and configurations
* Add API channels per requirements
judo-auto-test
---------------------------
Commit: d0ef121
---------------------------
Fix MQTT subscribe-before-listen patterns
- systemcntl_lib: hoist subscribe/unsubscribe out of
wait_for_device_available loop to eliminate gaps where
device status events can be missed between iterations;
add qos=1 to match existing subscribe conventions
- cloudenv_lib: add missing subscribe call in
get_cloud_environment; use subscribe_and_listen to
match every other get_* method in the library
Signed-off-by: Brady Hill <brady_hill@trimble.com>
---------------------------
Commit: 2e71cd2
---------------------------
Increase wait_cell_operating_state wait_time
Increase wait_cell_operating_state default wait_time
from 30s to 90s
Signed-off-by: Brady Hill <brady_hill@trimble.com>
manifest-judo
---------------------------
Commit: 1f2157b
---------------------------
Freeze meta-bedrock hash to current main
Upcoming Bedrock changes rely on newer upstream Yocto features
than what is in the current frozen Yocto hashes. So this keeps
the compatible Bedrock version until Judo updates everything.
---------------------------
Commit: 0701c4d
---------------------------
CSNMR-5790: Adjust SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-867_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-866_default.lock.xml
---------------------------
Commit: a15ba9c
---------------------------
CSNMR-5509: Add back license opt out flag to sumo builds
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-866_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-865_default.lock.xml
judo-auto-test
---------------------------
Commit: 31c11da
---------------------------
CSNMR-5596 Update judomqttlibrary installer to support trmblmqttlient
- Update the judomqttlibrary installer to support trmblmqttclient
library
- Update the installer to support paho-mqtt 2.1.0 or greater
- Roll judomqttlibrary to version to 2.0.0
- Add support for Python versions 3.13 and 3.14
---------------------------
Commit: 1649f48
---------------------------
Refactor exception logger in connect
- When the connect ot broker would fail to connect
and and exception for it was caught the logger
logged the event as an exception instead of
a debug, warning, or info. As a result the RF
logs would show it as an ERROR. To fix this the
exception is caught as e and the logger prints
an info message showing the stack.
---------------------------
Commit: 1243229
---------------------------
CSNMR-5569 Update judoautotest install for trmbmqttclient
- Updated the judoautotest install scripts to support
replacing RF MQTTLibrary with trmbmqttclient
---------------------------
Commit: 9d2801f
---------------------------
CSNMR-5569 Refactor RF CI to use trmbmqttclient
- Refactor judomqttlibrary and any RF test cases to
use the new trmbmqttclient library instead of the
RF MQTTLibrary.
- Improve how connections to the broker are made
after a device reboot
yocto-docs
---------------------------
Commit: eb74fdfd9
---------------------------
ref-manual/system-requirements.rst: instruct to install a buildtools tarball for leap 15.6
I noticed that openSUSE Leap 15.6 provide Python 3.6, which is not
supported by BitBake (which requires Python >3.9). Instruct to use a
buildtools tarball, which is how this is done on the Autobuilder.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 144b182d7
---------------------------
ref-manual/system-requirements.rst: make python3-websockets a default host requirement
When configuring the project through bitbake-setup we can choose the
"poky-with-sstate" configuration, which requires the python3-websockets
package.
Add this package as a host requirement (under different names depending
on the distro).
Alma, CentOS, and Rocky have a requirement on the buildtools tarball,
which already contains this package, so we don't need to add it for
them.
On Ubuntu 22.04 and Debian 11, the version of python3-websockets
provided by the distribution is too old compared to what we need [1].
Add a separate set of instructions for these.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 7a95f8900
---------------------------
dev-manual/new-recipe.rst: rework Unpacking Code section
There were recent changes to how Bitbake/OECore unpacks code.
Importantly we no longer need to set S when fetching with the Git or
other fetchers. Rework this section and mention UNPACKDIR/BP.
[YOCTO #16049]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 5cc3b6690
---------------------------
migration-guides/migration-6.0.rst: tidy up the file
Fill in the missing pieces of the file, remove empty sections, and make
the "Support for SysVinit compatibility in systemd was dropped" its own
section as it was alone in "systemd changes".
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 8a29e23d1
---------------------------
migration-guides: update 6.0 (Wrynose) release notes
Update documentation/migration-guides/migration-6.0.rst and
documentation/migration-guides/release-notes-6.0.rst to include
important changes between:
- bitbake: a3ad577439d11 and 5d722b5d65e
- openembedded-core: be8cdcf13a65 and 853baa702e3
- meta-yocto: 0a4ce9dd7fdd and 49cbb01d5252
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 72e6d674a
---------------------------
docs-wide: replace meta-poky/conf/templates/default by oecore's templates
The meta-poky's templates have been removed with [1]. They're intented
to be replaced with the ones from OpenEmbedded-Core.
Replace the occurences of these paths and replace accordingly.
[1]: https://git.yoctoproject.org/meta-yocto/commit/meta-poky/conf?id=ac300baea7314ea3c80f2330b2a993f729f32150
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: dd36ade5e
---------------------------
ref-manual/features.rst: drop usbhost/usbgadget from DISTRO_FEATURES
After commit a791ca692d08 ("conf/packagegroups: Drop usbhost/usbgadget
from DISTRO_FEATURES to MACHINE_FEATURES") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: daf9e613c
---------------------------
ref-manual/features.rst: drop pcmcia from DISTRO_FEATURES
After commit ec0a7650a4fd ("conf/packagegroups: Drop pcmcia from
DISTRO_FEATURES to MACHINE_FEATURES") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 30efdd544
---------------------------
docs-wide: adapt to the new {DISTRO,MACHINE}_FEATURES mechanism
The way DISTRO_FEATURES and MACHINE_FEATURES defaults are provided and
the way you can opt out of it has changed in OE-Core. Adapt the
documentation to these changes, which includes remove some previous
definitions (all the *BACKFILL* variables) and documenting the new
variables.
Note that DISTRO_FEATURES_DEFAULT was also removed. There is a new
DISTRO_FEATURES_DEFAULTS variable and MACHINE_FEATURES_DEFAULTS,
however.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 51162cd20
---------------------------
ref-manual: document the sbom-cve-check class, fragment, and variables
Added by commit 8ef22ad9e302 ("sbom-cve-check: Add class for
post-build CVE analysis") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: bd22f2761
---------------------------
migration-guides/migration-6.0.rst: add note on WIC_SECTOR_SIZE
After b50d6debf7ba ("wic: re-implement sector-size support") in OE-Core,
add a note on the WIC_SECTOR_SIZE variable.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 851f25e27
---------------------------
ref-manual/variables.rst: document the SPDX_INCLUDE_VEX variable
Added by commit b63f6f50458f ("classes/create-spdx-3.0: Add classes")
in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c7925d14a
---------------------------
ref-manual/variables.rst: document the SPDX_GIT_PURL_MAPPINGS variable
Added by commit 9f1825e74d0f ("spdx30: Add Git version and PURL to
source downloads") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c34bfa05c
---------------------------
ref-manual/variables.rst: document the SPDX_PACKAGE_URLS variable
Added by commit 874b2d301d3c ("spdx: Add yocto PURLs") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 4e034d2aa
---------------------------
dev-manual/sbom.rst: add bullet point on recipe SBOM
Added by commit d999ac407c86 ("spdx3: Add recipe SPDX data") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 921e94143
---------------------------
docs-wide: refresh SBOM documentation after SPDX2.2 removal
SPDX2.2 was removed in [1]. Refresh the documentation surrounding SDPX
SBOMs to removed obsolete variables and output files.
[1]: https://git.openembedded.org/openembedded-core/commit/?id=12abd0574c267bade0962ecb39d9e8da8c56842b
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 542a5f454
---------------------------
ref-manual/variables.rst: document the UKI_DEVICETREE variable
Added by commit 56aeb7ff4e23 ("uki.bbclass: make DTB packaging
optional") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 7eee5e7f6
---------------------------
ref-manual/classes.rst: document the KCONFIG_CONFIG_ROOTDIR variable
Added by commit f86282ad2c66 ("cml1: Add the option to choose the
.config root dir") in OE-core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b9bb216a4
---------------------------
ref-manual/classes.rst: document the module-rust class
Added by commit 76fd22f09fab ("module-rust.bbclass: Prepare out-of-tree
rust module compilation") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0cea0cc9d
---------------------------
ref-manual/classes.rst: document the kernel-yocto-rust class
Added by commit 6c90097bebef ("kernel-yocto-rust: enable Rust kernel
support via 'make rustavailable'.") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 89cf4b986
---------------------------
conf.py: define new *_path roles
Defines three new bitbake_path, meta_yocto_path, and oecore_path roles
that can be used to quickly reference a file or directory in one of
those repositories and link to our web interface for the path, e.g.
:oecore_path:`meta/conf/bitbake.conf`.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 4e3b46d00
---------------------------
variables: add precision about special characters in CVE_PRODUCT
Indicate that special characters must not be escaped in CVE_PRODUCT
starting from Wrynose.
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 98234c9d3
---------------------------
sphinx-static/theme_overrides.css: switch to a fixed width documentation
Change the css rules of our theme to have a fixed-width documentation
instead of it taking the full width of the page. I believe this makes it
much more readable compared to having long lines with few line returns,
especially on high-resolution displays. Set the width to 1000px instead
of the previous 800px, which felt slightly too thin.
I think the removed comment here does not make that much sense for us.
It was added by commit 0c1e108bc6c4 ("sphinx: add CSS theme override"),
and I believe is a simply copy and paste of what was is set in the Linux
kernel, added by commit 9abaf979abb2 ("doc-rst: customize RTD theme,
table & full width") [1].
[1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9abaf979abb2
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 7b671218b
---------------------------
migration-guide: add release notes for 5.0.17
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 48c832376
---------------------------
variables.rst: expand explanation of RSUGGESTS
Add that the RSUGGESTS variable would be processed only by a
supporting package manager when installing packages from a
package feed, and add a link to the appropriate section in
the Developers Manual.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-865_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-864_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-864_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-863_default.lock.xml
---------------------------
Commit: f7a68b5
---------------------------
CSNMR-5547: Update webui to 0.30.12
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-863_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-862_default.lock.xml
judo-api-specs
---------------------------
Commit: e04747b
---------------------------
CSNMR-4491: Update device info description to point users to system properties message for entitlement info
---------------------------
Commit: 155db3f
---------------------------
CSNMR-5810: Fix casing for requiredEntitlements and recommendDisplay
judo-cfg-agents
---------------------------
Commit: d5b62fd
---------------------------
CSNMR-5529: Add entitlement check for setting gnss lease
---------------------------
Commit: 19457dc
---------------------------
CSNMR-5810: Fix casing for requiredEntitlements and recommendDisplay
---------------------------
Commit: bd24c40
---------------------------
CSNMR-4491: Update SRCREV
---------------------------
Commit: fb70a24
---------------------------
CSNMR-5819: Update SRCREV
---------------------------
Commit: a9e326a
---------------------------
CSNMR-5529: Update SRCREV
---------------------------
Commit: 934780b
---------------------------
CSNMR-5810: Update SRCREV
---------------------------
Commit: f0bfd6a
---------------------------
CSNMR-5810: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-862_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-861_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-861_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-860_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-860_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-859_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-859_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-858_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-858_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-857_default.lock.xml
judo-auto-test
---------------------------
Commit: 3a8a180
---------------------------
CSNMR-5814 Increase default wait time GNSS Lease expire
- Increase the default GNSS_LEASE_EXPIRE_WAIT_TIMEOUT
from 65 seconds to 70 seconds. This change accounts
for the overhead of setting, expiring, and start/stop
of the BD Handler
---------------------------
Commit: a083ee5
---------------------------
CSNMR-5806 Increase default boot wait time to 180s
- Increase the DEVICE_REBOOT_TIMEOUT_DEFAULT from
130 seconds to 180 seconds. The device boot time
is unstable and is causing timing issues for any
tests that follow a device reboot. The intent of
this change is to bring stability to CI.
- Add value to wait in reboot device method to
wait in betgween the time that the device
shutsdown and we try to connect to MQTT broker
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-857_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-856_default.lock.xml
judo-api-specs
---------------------------
Commit: e689b0b
---------------------------
CSNMR-5144: Add new fields to system properties messages
* Add field listing the required entitlements for the hardware component to function on the device
* Add field that determines whether the component is recommended for display to end-users
judo-auto-test
---------------------------
Commit: c309a64
---------------------------
CSNMR-5807 Improve judomqttlibrary debug messages
- Add classname.methodname to all logger debug
and info messages
judo-cfg-agents
---------------------------
Commit: 3cf302f
---------------------------
CSNMR-5144: Add entitlement info to components in system properities messages
---------------------------
Commit: d7eb1f7
---------------------------
CSNMR-5144: Update SRCREV
---------------------------
Commit: c0b8522
---------------------------
CSNMR-5144: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-856_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-855_default.lock.xml
yocto-docs
---------------------------
Commit: 2c12ec7bf
---------------------------
ref-manual/variables.rst: fix wording in COMPATIBLE_MACHINE note
Fix a typo and a misuse of the word "inherit":
"in a recipe inherits from native" -> "in a native recipe"
And the next sentence also uses "native recipe" so this make more sense.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: e622689c1
---------------------------
sphinx-static/switchers.js.in: add an "Outdated release manuals" entry
To improve discoverability, add an entry to the switcher menu pointing
to the outdated releases pages. With this, this menu can be a starting
point to go any version of the documentation (both supported and
outdated releases).
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 906e7283c
---------------------------
brief-yoctoprojectqs: fix runqemu command
'runqemu qemux86-64' throws a MACHINE assignment conflict because the
machine is already set via the enabled fragment. Additionally, the
default compressed '.zst' image requires the 'snapshot' mode to boot.
Changed the command to 'runqemu snapshot'.
ERROR: A builtin fragment 'machine/qemux86-64' is used while MACHINE has already got an assignment.
ERROR: .zst images are only supported with snapshot mode. You can either use the "snapshot" option or use an uncompressed image
Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 808686cd9
---------------------------
brief-yoctoprojectqs: fix the allow root login command
The 'bitbake-config-build enable-fragment' command requires the full
namespace ('core/yocto/root-login-with-empty-password'). Passing only
'root-login-with-empty-password' fails.
ERROR: Fragment root-login-with-empty-password does not exist; use 'list-fragments' to see the full list.
Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 1500f2b6b
---------------------------
set_versions.py: make active releases unique
In case the new current release is an LTS release, the previous code
would have this release twice in the list of active releases.
De-duplicate items in this list.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 601b191dd
---------------------------
set_versions.py: change strategy for the default page
A problem can happen with the current code: if the current stable release
is made EOL before the development branch is made the current stable,
then we only have LTS releases displayed.
Change the logic to _always_ display the latest non-dev branch as the
default page, even if EOL.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 2da8e6334
---------------------------
ref-manual/variables.rst: correct a reference to STAGING_DIR*
The reference to STAGING_DIR* variables in the description of
DEPENDS was misleading, as it pointed at STAGING_DIR which is
unrelated in this context.
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 15bbfeee8
---------------------------
ref-manual/variables.rst: update STAGING_DIR* descriptions
Slightly reword to emphasize the sysroots' roles during the build.
Drop double back-quote from the uses of '-native' to make it a bit
easier on the eyes.
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: eeb22235d
---------------------------
ref-manual/variables.rst: update RECIPE_SYSROOT* descriptions
Slightly reword to emphasise the order of steps during staging.
Further clarify those variables' relation to STAGING_DIR* variables.
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: a1432f24c
---------------------------
ref-manual/variables.rst: update PKGDATA_DIR's description
Don't refer to it as temporary. Update the default value.
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: cad256411
---------------------------
ref-manual/variables.rst: update COMPONENTS_DIR's description
Make it more evident, that it is first populated by files from
some recipes, and later used as source of those files for the
others (staging and sharing files).
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0ff189fcb
---------------------------
ref-manual/variables.rst: update STAGING_DIR's description
STAGING_DIR is not in direct relation to recipe-sysroot*
directries. Also it does not participate in packaging, but rather
in staging and sharing files among recipes.
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 2b41d175e
---------------------------
docs: ubuntu_essential.sh: explicitly add libcrypt-dev
In latest ubuntu-26.04 build-essential no longer installs libcrypt-dev
But virtual/crypt-native is in ASSUME_PROVIDED and is expected to be
usable for development.
It used to be installed as build-essential -> libc6-dev -> libcrypt-dev,b
ut not anymore since 2.42-7:
25.10 questing with 2.42-0ubuntu3.1:
https://packages.ubuntu.com/questing/libc6-dev
26.04 resolute with 2.43-2ubuntu1:
https://packages.ubuntu.com/resolute/libc6-dev
https://changelogs.ubuntu.com/changelogs/pool/main/g/glibc/glibc_2.43-2ubuntu1/changelog:
...
glibc (2.42-7) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/control.in/libc, debian/rules.d/debhelper.mk: drop libcrypt-dev
dependency from libc6-dev. Thanks to Helmut Grohne for proposing that,
doing an archive rebuild and filling the bug reports.
* debian/control.in/main, debian/sysdeps/linux.mk: enable SystemTap static
probes.
* debian/debhelper.in/libc-dev.NEWS: add a NEWS entry about the removal of
the obsolete termio interface. Closes: #1124068.
* debian/rules.d/debhelper.mk: ensure that linker scripts work even when
/usr is unmerged. Closes: #1120508
* debian/debhelper.in/libc-dev{,-alt}.lintian-overrides,
source/lintian-overrides, rules.d/debhelper.mk, salsa-ci.yml: drop
unpack-message-for-{orig,source} overrides, fixed in lintian 2.128.0.
* debian/control.in/main: drop Rules-Requires-Root: no, this is now the
default.
* debian/libc6.symbols.i386, debian/libc6-i386.symbols.{amd64,x32}: remove
the workaround for GLIBC_ABI_GNU_TLS. Closes: #1122038.
* debian/control.in/{libc,i386}: ensure that libdpkg-perl is fixed wrt
GLIBC_ABI_GNU_TLS.
-- Aurelien Jarno <aurel32@debian.org> Sun, 04 Jan 2026 10:07:24 +0100
...
Without libcrypt-dev installed on host building shadow-native will
fail with:
checking for crypt in -lcrypt... no
configure: error: crypt() not found
and python3-native with:
The necessary bits to build these optional modules were not found:
_crypt
To find the necessary bits, look in configure.ac and config.log.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Acked-by: Quentin Schulz <quentin.schulz@cherry.de>
[AG: sort packages]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ead65d3bd
---------------------------
set_versions.py: use bitbake "dev" version when our series is devbranch
We now have milestone tags which do not correspond to a released
version of bitbake yet, so the intersphinx fetch from bitbake would
fail. This wouldn't happen before as we didn't have tags until a release
was made.
Fix it by checking for our current series, and if equal to the
devbranch, use bitbake version "dev".
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 36ec3e67f
---------------------------
set_versions.py: fix seriesversion for milestone tags
The seriesversion is wrong when we're building on a milestone tag and
would result in:
Traceback (most recent call last):
File "../yocto-docs/documentation/./set_versions.py", line 174, in <module>
previousseries = series[series.index(ourseries)+1:] or [""]
~~~~~~~~~~~~^^^^^^^^^^^
ValueError: list.index(x): x not in list
Remove what's after "_" (including "_").
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: e5880b36d
---------------------------
ref-manual/system-requirements.rst: add section for openSUSE Leap 16.0
Add a section for openSUSE Leap 16.0. Some packages for 15.6 do not
exist for 16.0, so separate the install scripts for each.
The diff between the essential packages for 15.6 and 16.0 is the
following:
make
makeinfo
patch
-python
-python-curses
-python-xml
python3
+python3-GitPython
python3-Jinja2
python3-curses
python3-pexpect
python3-pip
+python3-xml
rpcgen
socat
tar
With the pip3 install command removed for GitPython, as we can now use
the dedicated python3-GitPython package.
The list for the docs and pdf build have not changed.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: dc1fde2ef
---------------------------
tools/build-docs-container: drop support for OpenSUSE Leap 15.5
After bff5329a82ba ("poky: Update SANITY_TESTED_DISTROS") on meta-yocto.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c72135998
---------------------------
tools/build-docs-container: update fedora distros
After bff5329a82ba ("poky: Update SANITY_TESTED_DISTROS") on meta-yocto,
remove fedora 39, 40, 41 and add 43. The current script work fine with
F43.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 043af43fc
---------------------------
tools/build-docs-container: add ubuntu 26.04 support
Added in meta-yocto with 49cbb01d5252 ("poky.conf: Add Ubuntu 26.04 to
the sanity tested distros list"). The current ubuntu install scripts work
fine with this version of Ubuntu.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 511f8481d
---------------------------
ref-manual/system-requirements.rst: update supported releases
Add the newly supported releases that we test on the Autobuilder. The
output is a copy/paste of the command above the list.
After bff5329a82ba ("poky: Update SANITY_TESTED_DISTROS") and
49cbb01d5252 ("poky.conf: Add Ubuntu 26.04 to the sanity tested distros
list") on meta-yocto.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c58a6b4ad
---------------------------
ref-manual/system-requirements: add buildtools note for Alma/CentOS/Rocky 9
These distributions are affected by a bug with tar described in [1]. Add
a note for installing buildtools for these distros as described in the
bug comments.
[1]: https://bugzilla.yoctoproject.org/show_bug.cgi?id=16143
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-855_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-854_default.lock.xml
cellular-utils
---------------------------
Commit: 20847d6
---------------------------
CSNMR-5423: Use consistent DBus object in all cellular objects
Using a consistent DBus object in all cellular objects ensures that
the cellular modem management code is always using the same asyncio
event loop. This is important because awaiting a Future which is
attached to a different loop causes errors in the current version
of the OS, where it didn't in previous versions (something to do
with event loop context being more strict in recent versions of
Python, but I can't find any references to this).
This addresses the issue seen in CSNMR-5423 because this issue was
caused by requesting SIM card information from the cellular modem
config agent multiple times. Without this fix, the agent would
create a new event loop for each command received from the
manufacturing API client.
judo-auto-test
---------------------------
Commit: bba3ef9
---------------------------
CSNMR-5648 Network enable and disable
judo-cfg-agents
---------------------------
Commit: b15529b
---------------------------
FW OTA: Fix exception logging
the `logging.exception()` method automatically retrieves the
exception and does not need it passed in (as that will just cast
it to a string and duplicate the exception name in the logs.
---------------------------
Commit: a989204
---------------------------
SUMO-565: dual token servers
To support the various services being in a mix of the staging and
prod cloud environments, there are now 2 certmgmt token servers,
one serving prod cloud-access-tokens, the other staging tkens.
---------------------------
Commit: 1267d19
---------------------------
SUMO-565: Port licensing agent to new certmgmt methods
---------------------------
Commit: 8222005
---------------------------
SUMO-565: Port connected site agent to new certmgmt methods
---------------------------
Commit: b74e35d
---------------------------
SUMO-565: Port FW OTA agent to new certmgmt methods
Simplify some exception handling/logging using the
`logging.exception()` method.
---------------------------
Commit: 7fe044e
---------------------------
SUMO-565: Add new certmgmt token request methods
Instead of duplicate methods for accessing certificate management
parameters and requesting a cloud access token, centralise all
functionality in common methods.
Additionally convert cloud access token requests to use the new
token server set up by the did-certmgmt service, this prevents
the cfg-agents from inadvertently starting up device provisioning
servers on unprovisioned devices (via the
`certmgmt.device.request_certificate` method which can launch
said provisioning server...)
---------------------------
Commit: a4f2ec5
---------------------------
CSNMR-5423: Use singleton sdbus object
Using a singleton sdbus object ensures that the sdbus interface uses a
consistent asyncio loop context. This solves the issue seen in
CSNMR-5423 as it was caused by attempting to wait for Futures created
in multiple different loop contexts.
---------------------------
Commit: 97d8931
---------------------------
CSNMR-5716: update MFG API run_bd992_handler
Added new reset command, a command argv map and a configurable timeout.
The bd992 handler command for receiver reset now has an extra argument
hence the need for an argv map. The command now also waits for the stella
to reboot. To keep timeout flexible subprocess timeout is now configurable
from the request message.
---------------------------
Commit: ef4b2ee
---------------------------
CSNMR-5716: remove load-nrc start calls from MFG API
Removed start load-nrc processes from halow module presence test and
halow rssi test.
Halow now comes up by default so these calls are unnecessary and
caused failures in the rssi test.
judo-design-docs
---------------------------
Commit: bbe1322
---------------------------
CSNMR-5626: A patch file service to the design documention
A section is added to the web-apps.rst file describing the File
Patch Service.
---------------------------
Commit: fd429d3
---------------------------
SUMO-565: Add staging cloud-access-token server
Patch `device-id-cert-tools` because this is not expected to be
the final fix, and will likely be refactored in a future update.
Starts a second 'staging' token server on port 18082 alongside
the existing 'prod' server on port 18081.
Required as the prod/staging configuration is not device-wide,
e.g. a device using staging licenses and receiving OTA updates
from the prod environment.
---------------------------
Commit: 73b64d0
---------------------------
CSNMR-5423: python3-cellular-utils: update SRCREV
---------------------------
Commit: 2b8db8e
---------------------------
CSNMR-5716: remove pkill hostapd from manufacturing init script
Removed pkill hostapd from manufacturing-init-golden-unit.sh.
If hostapd is not running pkill returns 1, exiting the script. We don't
need to kill hostapd as the script forces a reboot anyway. Documentation
has been added to make sure the reboot stage is reached when running
this script.
---------------------------
Commit: c40857b
---------------------------
CSNMR-5716: add optional reboot to bd992-install-option-key
Added optional --reboot flag to script so that the receiver is not
rebooted by default.
Control over reboot is desired for manufacturing as postponing the
reboot allows multiple keys to be installed and firmware updated
before rebooting for all changes at once. This saves a lot of time.
---------------------------
Commit: 8ee0e6e
---------------------------
CSNMR-5716: increase serial timeout for receiver key install
Increased serial port timeout from 1s to 2.5s in bd992-install-option-key.
Stella has additional overhead on responses due to on-device encryption.
We need to wait longer for a response. 2s works, but for breathing room I
set 2.5s.
---------------------------
Commit: ec28fe1
---------------------------
SUMO-565: cfg-agents: SRCREV update
Move FW-OTA/connected-site/licensing agents to use a common
implementation for retrieving cloud access tokens from certmgmt.
---------------------------
Commit: 16111ac
---------------------------
CSNMR-5423: python3-judo-cfg-agents: update SRCREV
---------------------------
Commit: 57725a7
---------------------------
CSNMR-5509: Add license opt out flag to sumo builds
---------------------------
Commit: dbddb62
---------------------------
CSNMR-5592: Add licensing agent to soft reset
---------------------------
Commit: ec1230a
---------------------------
CSNMR-5716: update SRCREV
mqtt-api
---------------------------
Commit: 0bf1473
---------------------------
CSNMR-5716: update option key requests in MFG API
Moved existing commands to the staging environment and updated
for new Timo options.
---------------------------
Commit: 3e7014c
---------------------------
CSNMR-5716: update MFG API run bd992 handler
Added timeout routing to run_bd992_handler and removed the enable-uart
call.
bd992-handler now enables uart on its own so separate enable is not
needed. The reset command now waits ~45s for stella reboot so we need to
route a configurable timeout.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-854_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-853_default.lock.xml
judo-bd992-fw
---------------------------
Commit: 8ad9968
---------------------------
CSNMR-5646: Update BD992 firmware
Update BD992 firmware 6.50-6.50
---------------------------
Commit: f122167
---------------------------
CSNMR-5646: Update GNSS configuration for BD992 6.50-6.50
Update GNSS configuration files for BD992 6.50-6.50 firmware
version.
---------------------------
Commit: 44e5c26
---------------------------
CSNMR-5646: Update SRCREV
Update bd992-fw-update SRCREV and install BD992 images to OS.
BD992 version 6.50-6.50
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-853_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-852_default.lock.xml
judo-auto-test
---------------------------
Commit: fa113dd
---------------------------
CSNMR-5776 Implement trmbmqttclient library v1.0.0
Robot Framework MQTTLibrary needs to be replaced
because it doesn't support TLS and paho-mqtt 2.1.0
This is the first phase in impelementing TLS
support.
judo_mqttlibrary:
- Matches as close as possible to RF MQTTLibrary so
that existing tests only need to point to the new
library with minimal updates
- Require paho-mqtt>=2.1.0 in project metadata
- Improve library debug to show what class/method the
message came from. Uses bracketed DEBUG_HDR format
[Class.method()]: in library code
- Harden wait-for-device-available (subscribe once,
listen in loop)
- README: logging conventions for class/method names
- Drop support for python 3.8 and 3.9. Add support
for python 3.13.and 3.14
- Make generate_docs.py executable without need to
run in interpreter
judo-cfg-agents
---------------------------
Commit: 76f66e9
---------------------------
CSNMR-5767: Add generic error handling for requesting device certificate
* This is required to avoid crashing the main thread for the agents if the certmgr fails to request the stage certificate
---------------------------
Commit: c80e603
---------------------------
CSNMR-5767: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-852_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-850_default.lock.xml
cfg-mgr
---------------------------
Commit: fec6f7c
---------------------------
CSNMR-5757: Get static copy of current entitlement cache rather than iterating through the volatile dict
* This prevents updates to the cache during an iteration from causing an error
judo-cfg-agents
---------------------------
Commit: c49b1dc
---------------------------
CSNMR-5778: Add test reset level to preserve certs between test resets
---------------------------
Commit: 3c36bae
---------------------------
CSNMR-5778: firmware_ota_agent: Improve logging of status
The status of the firmware was only getting logged when publishing to
the cloud was successful. When publishing fails, the status information
was not logged, thus leaving no indication of the status of the firmware
update in the logs.
Some useful logs where at debug level, when they should have be info or
higher to aid in triaging issues (we do not run in debug level in normal
operation).
Also improve some exception handling so that we can get more info when
things blow up.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 4ba6a8b
---------------------------
CSNMR-5778: Up reconnection attempt time to ten minutes to minimize traffic on device cert from licensing agent
---------------------------
Commit: 7dbf915
---------------------------
CSNMR-5778: Remove extra refresh request on startup made redundant by check-in changes
manifest-judo
---------------------------
Commit: 611e9b1
---------------------------
CSNMR-5778: Update last known good to 0.28.1 build
---------------------------
Commit: 119064e
---------------------------
CSNMR-5757: Update SRCREV
---------------------------
Commit: 1f2e26b
---------------------------
CSNMR-5778: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-850_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-849_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-849_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-847_default.lock.xml
manifest-judo
---------------------------
Commit: 28aa4df
---------------------------
CSNMR-5778: Update last-known-good to the feature branch that cherry-pick the fixes onto the release branch
* This should be updated to 0.28.1 asap -- however, to fixup the ci, this branch has all the same content
Signed-off-by: Brady Hill <brady_hill@trimble.com>
---------------------------
Commit: da2f471
---------------------------
CSNMR-5778: Increase Timeout, Update reset level
- Raise timeout from 30s to 60s for all
MQTT command calls in install_firmware.py
to work around slow device responses.
- Update reset level from "customer" to "test" for LKG install
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-847_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-846_default.lock.xml
---------------------------
Commit: e407700
---------------------------
CSNMR-5374: python3-mqtt-api: update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-846_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-845_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-845_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-844_default.lock.xml
judo-auto-test
---------------------------
Commit: f99a226
---------------------------
CSNMR-5781 Skip licensing tests
- The licensing tests fail because of bug CSNMR-5782
Unable to connect to cell
- Skip the licensing tests until the underlying
bug can be resolved
trimbleradiocomms
---------------------------
Commit: 309612b
---------------------------
trimcomm: Add 5W and 35W RF power levels
These levels are used by the Mikimoto module in the Typhoon radio.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-844_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-843_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-843_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-842_default.lock.xml
judo-auto-test
---------------------------
Commit: 8b7f18c
---------------------------
CSNMR-5779 Skip all cell tests
- There is a bug in cell that causes the modem
to not connect to a tower. Skip all cell tests.
judo-cfg-agents
---------------------------
Commit: 39a7292
---------------------------
CSNMR-5692: Restoring license cache triggers failed status
* Restoring the license cache, while useful to prevent a bad upload from bricking a device, also should not be considered a 'success' state for a license upload, as the intended upload was rejected
judo-rest-api
---------------------------
Commit: d72e3d4
---------------------------
CSNMR-5692: Give more feedback on a local license update to clarify why licensing upload failed
manifest-judo
---------------------------
Commit: 02bd9d8
---------------------------
CSNMR-5770: Fix OS snapshot and cleanup on failure
OS snapshot was not being captured when tests
failed because set -e killed scripts before
reaching the snapshot step.
Changes across all four install-and-test scripts:
- Add pull_dut_os_snapshot to EXIT trap so it
runs regardless of test pass/fail
- Use set -e-safe subshell pattern to capture
exit codes without triggering early exit
- Fix SSH key cleanup skipped on test failure
- Fix trap to use single quotes so $? evaluates
at trap-fire time, not registration time
- Replace pushd/popd with absolute cd paths
- Quote variables in test expressions and source
- Remove redundant inline OS snapshot calls
- Update stale comments
Fix trap handling to pass exit codes
Fix generate_junit_report to accept the exit code as an argument ($1)
instead of relying on $?
Introduce trap_handler functions across all CI scripts that capture $?
before it's overwritten, guard cleanup steps (pull_dut_os_snapshot,
manage_ssh_keys delete) with || true to prevent set -e from aborting
the handler before JUnit report generation.
Move manage-ssh-keys.sh into bamboo-specs/scripts/ alongside other
shared scripts.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
---------------------------
Commit: 0362176
---------------------------
CSNMR-5692: Update SRCREV
---------------------------
Commit: 1c1737d
---------------------------
CSNMR-5692: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-842_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-841_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-841_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-840_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-840_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-839_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-839_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-838_default.lock.xml
judo-auto-test
---------------------------
Commit: 6d9aed3
---------------------------
CSNMR-5758 Reset stuck GNSS Lease before machine_type_cfg suite
- There is a bug CSNMR-5758 where the Topic
MP1010/event/cfg/gnss/lease returns false status for
the GNSS lease saying it is enabled when it is
actually not and it will never update until the
lease is actually enabled. This is a workaround
to force an intial lease set at the start of
test so then the topic can return a valid status.
yocto-docs
---------------------------
Commit: 560bc33c0
---------------------------
migration-guide: add release notes for 5.3.3
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c6bf2dafa
---------------------------
migration-guide: add release notes for 4.0.33 4.0.34
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-838_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-837_default.lock.xml
asyncapi-spec-obj
---------------------------
Commit: 2578817
---------------------------
Support parsing streetlight asyncapi example
To make this package more broadly useful, this changeset adds a test
case which parses the "streetlight" example asyncapi spec from
https://github.com/asyncapi/spec/blob/master/examples/streetlights-mqtt-asyncapi.yml.
This required adding support for version 3.1.0 of the asyncapi
spec, and handling specs which do not include the Judo-specific
x-channel-name extension.
judo-auto-test
---------------------------
Commit: fafa956
---------------------------
CSNMR-5703: Skip reboot test that is failing in CI
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-837_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-836_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-836_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-834_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 23fc13b
---------------------------
CSNMR-5374: system_properties: check rauc install status on startup
judo-design-docs
---------------------------
Commit: f8f6646
---------------------------
CSNMR-5490: add API patterns documentation
Added a description of each API pattern with identifying syntax rules
and high level behaviour when interacting with an external app.
---------------------------
Commit: e46384e
---------------------------
CSNMR-5490: update README.md with correct diagrams dir
judo-radio-utils
---------------------------
Commit: 20c2a4d
---------------------------
CSNMR-5754: Add check-modem-state
This has been implemented as some scripts that can be put into a .tgz file
for upload to a device via the patch system.
The actually .tgz is not included in the repo. See the
check-modem-state/README.md for details on creating the .tgz.
There is a version of the .tgz on the Confluence Howto:
https://confluence.trimble.tools/spaces/CSNMR/pages/1177652488/Patch+System+HowTo
manifest-judo
---------------------------
Commit: d2f6f17
---------------------------
Add JUnit report trap to install_firmware_wrapper
Fix rf-install-and-test-firmware.sh trap registration
that passed $TEST_EXIT_CODE at definition time when
the variable was still empty.
Consolidate all three wrappers to source the shared
generate_junit_report.sh instead of defining the
function inline. Remove the optional argument from
the shared function so it always captures the trap
exit code via $?.
Move JUnit setup block in rf-install-and-test-firmware
above function definitions for consistency.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
---------------------------
Commit: 7a64c99
---------------------------
CSNMR-5483: Update last known good to 0.28 release
mqtt-api
---------------------------
Commit: 1a121b1
---------------------------
CSNMR-5374: Clear update complete flag when status 'none' is received
This changeset explicitly clears the update complete flag when a system
properties message with a software update status of 'none' is received.
This prevents a stale software update status being carried across a
reboot of the connected device.
---------------------------
Commit: c59ada2
---------------------------
CSNMR-5374: Fix default MQTT device ID
The default model number is MP1086 not MP1010.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-834_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-833_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-833_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-832_default.lock.xml
judo-auto-test
---------------------------
Commit: f00a659
---------------------------
CSNMR-5647 Network diagnostic test
manifest-judo
---------------------------
Commit: 585d04b
---------------------------
CSNMR-5722: Reset config before LKG firmware install
The LKG install preserves the /cfg persistent
partition across RAUC updates. Stale or corrupt
agent config files from a previous test cycle
cause ieee80211_agent to crash on boot with a
JSONDecodeError, leaving WiFi non-functional
for all subsequent tests.
Add a system reset (customer level) step via
the cfg/cmd/sys/reset MQTT API before the OTA
install. This resets agent config to defaults
so all agents boot into a clean state.
Also refactor mqtt_wait_for_rpc_completion and
mqtt_publish_and_wait function that handles
both fntest RPC (state/rc on per-request topic)
and event-based (refId + statusCode on shared
topic) completion patterns.
The customer-level system reset triggers a device
reboot, killing the MQTT broker before the response
event can be delivered. Replace mqtt_publish_and_wait
with a simple publish-and-disconnect so the script
proceeds to wait_for_device_available instead of
timing out after 60s.
Add fntest-api and mfg-api enablement step after
at beginning and again after system reset
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-832_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-831_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-831_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-830_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-830_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-829_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-829_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-828_default.lock.xml
manifest-judo
---------------------------
Commit: c07e3c0
---------------------------
MQTT command to clear /var/log before OTA install
Add a clear_var_log.json payload and corresponding MQTT RPC
step in install_firmware.py that wipes /var/log on the DUT
before the OTA service starts. This ensures the OS snapshot
only contains logs from the OTA install and test cycle, not
stale logs from prior runs. Uses find -mindepth 1 -delete to
preserve the directory itself. Also removes numbered step
prefixes from comments to reduce churn on future edits.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-828_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-827_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-827_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-826_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-826_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-824_default.lock.xml
cfg-mgr
---------------------------
Commit: 134f9ad
---------------------------
CSNMR-4816: Remove requirement to pre-load entitlement checks and reduce timeout for licensing
* The queueing of licensing checks at zenoh client connection was slowing down the licensing checks for the system on boot, requiring longer timeouts
* Queueing was needed to avoid a hard lock scenario during a check that prevented licensing checks from succeeding
* This change removes licensing checks from the main client queue, creating a client for licensing interactions specifically that only exists if a licensing check is invoked
* This should reduce overheard for clients that only need to check licensing info for specific clients
judo-auto-test
---------------------------
Commit: ad7a514
---------------------------
CSNMR-4816: Disable tests that delete licenses from device
manifest-judo
---------------------------
Commit: b9197c6
---------------------------
CSNMR-4816: Update last known good to include fix for LMS file schema
* This change is needed to prevent licenses from being wiped from the device on an update to the last known good
* The 0.26.1 branch is the same as the 0.26 branch, with the fix for the schema included
---------------------------
Commit: 3cd57c0
---------------------------
CSNMR-4816: Disable MQTT unlock and ssh access by default
---------------------------
Commit: 99c9da4
---------------------------
CSNMR-5486: Update web UI to 0.30.6
The judo-web-ui recipes are renamed to get the new version. The
Artifactory file hashes are updated after getting new hashes from
test builds.
---------------------------
Commit: 29e3221
---------------------------
CSNMR-4816: Remove licensing checks opt-out by default
---------------------------
Commit: 9e62b79
---------------------------
CSNMR-4816: Update SRCREV
yocto-docs
---------------------------
Commit: 09943cbed
---------------------------
set_versions.py: fix get_latest_tag and milestone tags
Milestone tags have a different format, e.g. 6.0_M1. This was breaking
this algorithm with:
File ".../yocto-docs/documentation/./set_versions.py", line 277, in get_latest_tag
branch_versions = sorted(
[v.replace("yocto-" + release_series[branch] + ".", "")
.replace("yocto-" + release_series[branch], "0") for v in branch_versions],
key=int)
ValueError: invalid literal for int() with base 10: '0_M1'
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 39dac34c7
---------------------------
set_versions.py: skip laverne branch for closest branch
The laverne branch was created but never branched off, which breaks the
algorithm trying to determine the closest branch as it always gets count
0. Skip this branch as it is old and we'll never branch off of it now.
This fixes the following issue:
Branch laverne has count 0
Nearest release branch estimated to be laverne
Traceback (most recent call last):
File "/data/yoctoproject/ws/repos/yocto-docs/documentation/./set_versions.py", line 167, in <module>
bitbakeversion = bitbake_mapping[ourseries]
~~~~~~~~~~~~~~~^^^^^^^^^^^
KeyError: 'laverne'
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 465651641
---------------------------
contributor-guide/submit-changes.rst: Added missing word
Signed-off-by: Yanis BINARD <yanis.binard@smile.fr>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-824_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-822_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-822_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-821_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 3fcb651
---------------------------
CSNMR-5715: Add machine type cfg log message
Machine Type configuration sends should be rare, but has been
difficult to extract from the logs. Add log to help in
debugging GNSS.
---------------------------
Commit: 3320f3a
---------------------------
CSNMR-5715: Remove unused variables
---------------------------
Commit: 66cc16c
---------------------------
CSNMR-5715: Fix gnssMachineConfig 'none' and 'single'
Fix the GNSS Manager to use gnssMachineConfig as the source of truth for if the
ms9xx-handler should be started. To avoid unnecessary restarts, the GNSS Manager
still checks for MS configuration changes; however, the handler will now correctly
stop if gnssMachineConfig is 'none' or 'single'. Only gnssMachineConfig='dual' will
result in the ms9xx-handler starting.
---------------------------
Commit: 516ecfd
---------------------------
CSNMR-5715: Update SRCREV
Fix GNSS Manager Agent to stop ms9xx-handler on gnssMachineConfig="none"
or "single"
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-821_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-820_default.lock.xml
judo-auto-test
---------------------------
Commit: 09093a8
---------------------------
CSNMR-5702-Delete-default-values
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-820_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-819_default.lock.xml
yocto-docs
---------------------------
Commit: dc1574b9f
---------------------------
ref-manual: document the usage of FIT_LOADABLES
Add documentation for the new logic and variables that can be used to
add additional arbitrary loadables to a FIT image.
Signed-off-by: Francesco Valla <francesco@valla.it>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b8502b2ba
---------------------------
ref-manual/dev-manual: document new SPDX variables and capabilities
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
[AG: syntax fixes https://lore.kernel.org/r/DHCKLP69J7YE.1Y7HHPEXU80KI@bootlin.com]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 198df015c
---------------------------
ref-manual/faq.rst: remove the CVS proxy note
Support for the CVS fetcher was removed with 5427500e4f23 ("fetch: Drop
CVS fetcher module") in BitBake. Remove the CVS proxy mention.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ef0c14d9f
---------------------------
docs-wide: add warning on disabled NPM fetcher
The NPM fetcher was disabled with 355cd226e072 ("fetch2/npm/npmsw:
Disable npm and npmsw fetchers due to security concerns") in BitBake.
Add warning notes throughout the documentation to let readers know.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 365945c51
---------------------------
migration-guides: update 6.0 (Wrynose) release notes
Update documentation/migration-guides/migration-6.0.rst and
documentation/migration-guides/release-notes-6.0.rst to include
important changes between:
- bitbake: 8b02d65a6439 and bc8be83aef0a
- openembedded-core: 545e43a7a45b and be8cdcf13a65
- meta-yocto: 632d10b28141 and 2486ce288906
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: a907e04a5
---------------------------
ref-manual/variables.rst: document the SPDX_CONCLUDED_LICENSE variable
Document the SPDX_CONCLUDED_LICENSE variable, added by commit
bb21c6a429a2 ("spdx30_tasks: Add concluded license support with
SPDX_CONCLUDED_LICENSE") in OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 6299419c7
---------------------------
ref-manual/variables.rst: document the LTO variable
Added by 228b5a91516c ("lto: Add global LTO distro policy file") in
OE-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0ecc893dc
---------------------------
ref-manual/variables.rst: SPDX_PACKAGE_URL: add missing parenthesis
Fixes: 108549dae76a ("ref-manual/variables.rst: document SPDX_PACKAGE_URL")
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 392ef512b
---------------------------
ref-manual/variables.rst: document qemuboot variables
Document the variables in qemuboot.bbclass that allow customizing how
the QEMU guest is instantiated.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 79552b4a7
---------------------------
conf.py: define new {oecore,bitbake,meta_yocto}_rev roles
Use the extlinks extension to create new roles to quickly reference a
commit from openembedded-core, bitbake, or meta-yocto.
For example, use as: :oecore_rev:`437e0419608e`.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-819_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-818_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 342c4d0
---------------------------
CSNMR-5249: Set GNSS halow_unit based on model
Currently both MP1086-450 and MP1086-500 units have halow_unit = true in
their bd992-handler .toml files. We need to set halow_true base on the
contents of /mfg/model so that
halow_unit = true for -500
halow_unit = false for -450
For the case of an invalid model or model variant, the BD and MS
handlers will not be started.
---------------------------
Commit: ed729f9
---------------------------
CSNMR-5249: Update SRCREV
GNSS Manager Agent sets halow_unit based on a -500 or -450 part in model.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-818_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-817_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-817_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-816_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-816_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-815_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-815_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-814_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-814_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-813_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-813_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-812_default.lock.xml
judo-auto-test
---------------------------
Commit: 5dea247
---------------------------
Remove Defaults from method docstrings
- Removed the Default value mentions from all
method docstrings. This information is redundant.
When the docs are generated RF automatically
includes the default values of optional params.
Also hardcodeing the values in docstring is error
prone and requires manual update if default values
change.
---------------------------
Commit: 19749dc
---------------------------
CSNMR-5655 Add wait gnss lease expire to Should Be Disabled HF GSOF
- Fixed bug in Should Be Disabled HF GSOF where the code
didn't wait for the Lease to expire. This caused the
check to fail because it is the state change in the lease
that causes the HF GSOF value to enable/disable
---------------------------
Commit: 708c180
---------------------------
CSNMR-5655 Add keywords for lease management
gnss_lib:
- Add new keyword is_gnss_lease_expired. This checks
if the GNSS lease is expired and return true if so
- Add new keyword wait_gnss_lease_expired. This waits
for a given period of time to allow the GNSS lease
to expire.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-812_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-811_default.lock.xml
---------------------------
Commit: 075d041
---------------------------
CSNMR-5685: journald.conf: Set Storage to volatile
When unset, the `Storage=` config defaults to `persistent` which writes
it to disk which is not what we want.
From the release notes for systemd-259:
The default storage mode for the journal is now 'persistent'.
Previously, the default was 'auto', so the presence or lack of
/var/log/journal determined the default storage mode, if no
overriding configuration was provided. The default can be changed
with -Djournal-storage-default=.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-811_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-810_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-810_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-808_default.lock.xml
judo-auto-test
---------------------------
Commit: 74894e3
---------------------------
Add --tag-name for gitBranchManifest
Introduce optional --tag-name (e.g. Bamboo TAG_NAME) so post-install
validation compares UUT system_properties['gitBranchManifest'] to the
manifest string the image actually reports, while assign_build_to_target
still uses --firmware-branch.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
judo-cfg-agents
---------------------------
Commit: 48b7713
---------------------------
CSNMR-5602: Move service connectivity history to /var/log
To allow the diagnostic internet service connectivity history to
be loaded in the mpSnapshot file, the persistent history file is
moved from /data/diagnostics/net_service_statuses to
/var/log/connectivity_history.json.
For existing units to not lose their diagnostic history, a function
is added to move the old file to the new location.
---------------------------
Commit: 0f11347
---------------------------
CSNMR-5602: Only request HEAD for internet connectivity check
In the diags_agent, the file net_connectivity now only requests the
headers for a connectivity endpoint. The request uses less data and
the test for captive portal is simplified.
The unit tests are simplified and some tests were deleted since the
code was simplified.
---------------------------
Commit: f8db46b
---------------------------
CSNMR-5602: Add more test endpoints to the connectivity checker
To aid reliability of internet connectivity checking, the list of
endpoints is changed.
The gradecontrol.net URL is removed because that server is not specifically
designed for lots of hits, and there could be a thundering herd problem
where all units attempt to contact it at once. It would take more planning
to make it work reliably.
The primary endpoint is a Google URL which has shown to provide the smallest
payload. Microsoft, Apple, and Cloudflare URLs are added in order of payload
size.
The code stops at the first successful check, so it should normally
be only the Google endpoint that gets hit.
The Microsoft endpoint was found at
https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/troubleshoot-ncsi-guidance
It can potentially change and the new location would be found in the
Windows registery of a current PC under:
HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet
Look in ActiveWebProbeHost and ActiveWebProbePath under that section
The Cloudflare and Apple endpoints were found by AI suggestion and
recommendations online. If those endpoints become invalid, new URLs
would need to be found.
Since no endpoints require limiting the amount of data they send
back, the header section that requests reduced data is removed
from the request.
---------------------------
Commit: 1151f74
---------------------------
CSNMR-5602: Add service history reporting in the net_connectivity.py file
The NetConnectivity class that reports internet status now also reports
to the service history status. This allows the Service History class to
produce a report about internet connectivity changes that will show
up on the web UI under the Internet Service diagnostic page.
The nice thing is this is the only change needed because the Service
History class is already set up to collect statistics and report them
when it receives these messages.
manifest-judo
---------------------------
Commit: c700c8c
---------------------------
Pass Bamboo TAG_NAME into HS-Prod install jobs for Slash validation
- Export TAG_NAME in judo_firmware_build.yaml for all four install-and-test
jobs (core, radio/GNSS, RF, cell).
- When TAG_NAME is non-empty, append --tag-name to slash run so post-install
checks match DUT gitBranchManifest on release/customized builds; Firmware
Manager still uses BUILD_BRANCH_NAME and BUILD_NUMBER.
Requires judo-auto-test support for --tag-name (manifest_expectation).
---------------------------
Commit: 40e97d0
---------------------------
CSNMR-5651: Do not cache web UI permalink destination paths
Previously the destinations of permalinks could be cached because
they did not match the pattern of URL paths that get No-Cache headers.
This change detects that a permalink is used and produces a
Cache-Control header to avoid caching.
Since the permalink destination paths get used twice, each path is
stored in a variable so that the path can be maintained in one place.
---------------------------
Commit: 247194f
---------------------------
CSNMR-5651: Change web UI permalinks to use temporary redirects
Previously the web server reported a permanent redirect with
status 301 or 308 for permalinks.
Now it reports status 307 to indicated a temporary redirect. This
way the browser will check the original path every time a permalink
is used in case the destination path changes down the road.
---------------------------
Commit: 30f2b7a
---------------------------
CSNMR-5602: Update SRCREV for judo-cfg-agents
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-808_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-807_default.lock.xml
yocto-docs
---------------------------
Commit: 5bfe4f9ae
---------------------------
ref-manual/system-requirements.rst: remove Fedora 41 from supported distros
Fedora 41 has been disabled on the Autobuilder and is being removed from
poky.conf in meta-poky[1].
[1]: https://lore.kernel.org/r/20260319-mathieu-remove-fedora-41-v1-1-996d227abe2e@bootlin.com
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ca057a6b4
---------------------------
recipe-style-guide: Drop obsolete EXTRA_QMAKEVARS_POST ref
The use of the variable ceased already in 2015, since openembedded-core
commit cb89d2b25b4e ("qt4: remove recipes and classes").
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 47411fd29
---------------------------
migration-guides: add release notes for 5.0.16
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
[AG: apply suggestions/fix formatting, see
https://lore.kernel.org/r/DH5U04M8BZDA.18K1BLZXWXIZS@bootlin.com]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: afb874956
---------------------------
migration-guides: add release notes for 5.3.2
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-807_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-806_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-806_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-804_default.lock.xml
manifest-judo
---------------------------
Commit: 74a59e3
---------------------------
Move Aggregate Test Results from Pi to Bedrock Main
Retarget the Aggregate Test Results job to run on Bedrock Main (AMD)
instead of a Pi (ARM). Since Bedrock Main is already inside the AWS
VPC, the SSH tunnel through the jump server is no longer needed —
the script now connects directly to the RDS endpoint. Removes SSH key
management and tunnel plumbing from upload-junit-results-to-dashboard.sh.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-804_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-803_default.lock.xml
---------------------------
Commit: 1290fb3
---------------------------
CSNMR-5605: Update rust-gnss SRCREV
The handler should now wait until the receiver has rebooted after the
firmware upgrade before continuing on.
mqtt-api
---------------------------
Commit: a750b41
---------------------------
CSNMR-5410: fix result print for run_gnss_tracking
---------------------------
Commit: ed28292
---------------------------
CSNMR-5653: move MFG API simulator mode enable to webUI
Changed the programmatic interface URL for simulator mode enable
back to a webUI URL.
There is a new Time/RTC Reset option which simulator mode cannot
work without. This option is in the webUI only today. There is a
FENI ticket open to add Time/RTC Reset to the programmatic interface.
---------------------------
Commit: f241b89
---------------------------
CSNMR-5558: update MFG API installer yubikey list
Removed 3x key SNs and added 1 so that only BEI key params
are checked out.
The removed keys are either lost or were not transferred from Jabil.
Only key params needed for BEI should be included with the MFG API
installer.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-803_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-802_default.lock.xml
---------------------------
Commit: 60c92fc
---------------------------
SUMO-569: Add picocom to devel- images
---------------------------
Commit: 16ec43c
---------------------------
CSNMR-5483: Set main branch to version 0.29
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-802_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-800_default.lock.xml
---------------------------
Commit: f8aea39
---------------------------
CSNMR-2544: python3-mqtt-api: update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-800_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-799_default.lock.xml
manifest-judo
---------------------------
Commit: 734c636
---------------------------
CSNMR-5654: Reinstate BUILD_SDK environment variable
The code which injected this variable into the Build Judo-HS-Prod
Firmware task was removed in 5fe14e45de8d114089b81b275c568a6b672b1ac1,
preventing Bamboo from archiving the SDK.
---------------------------
Commit: f9a6172
---------------------------
get-branch-info.sh: Include repo name on each line
Including the repo name on each line makes it easier to filter the
output to include only a particular user's branches, as each line of
output includes the name of the repo the branch is associated with.
For example, `grep` and `git config` can be used to find branches
which were last committed to by the current user:
BPOWELL@BPOWELL-NZ-DL:~/Code/yocto-judo$ repo forall -c $PWD/scripts/get-branch-info.sh | grep $(git config --get user.email)
manifest-judo | 2026-03-18T08:59:59+13:00 | 3 hours ago | Ben Powell | ben_powell@trimble.com | 2abf26a | origin/feature/CSNMR-2544, feature/CSNMR-2544
meta-judo-proprietary | 2026-03-18T09:28:36+13:00 | 3 hours ago | Ben Powell | ben_powell@trimble.com | 4fda1bb | origin/feature/CSNMR-2544, feature/CSNMR-2544
mqtt-api | 2026-03-18T10:09:40+13:00 | 2 hours ago | Ben Powell | ben_powell@trimble.com | 2a07cd6 | origin/feature/CSNMR-2544, feature/CSNMR-2544
BPOWELL@BPOWELL-NZ-DL:~/Code/yocto-judo$
mqtt-api
---------------------------
Commit: c0e984b
---------------------------
CSNMR-2544: Add UHF tests to monitor console
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-799_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-797_default.lock.xml
bitbake
---------------------------
Commit: e7d5e1562
---------------------------
fetch/git: Add an 'update' unpack mode to the fetchers (git only for now)
We need a way to allow the git fetcher to update data in place rather
than remove and replace. This change adds an unpack_update() function
which can be used in place of the usual unpack() call. This will attempt
to rebase changes on top of the upstream changes. It will raise an error
if any local uncommitted changes are present.
The implementation adds a "dldir" origin to the list of origins in the git
repo which we can then fetch from and update against. This origin may be
of use to users accessing the git repo outside the fetcher too.
unpack_update() should never delete existing data in the way unpack() does
but can error out in many more different ways due to the number of possible
input states.
Currently only git is supported.
The intention is for this to use used by bitbake-setup instead of unpack.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a631efbbd
---------------------------
taskexp_ncurses: update tests for new spdx tasks
Some new tasks have been added to handled SPDX 3.0 [1], changing a bit
the test output: some small changes are needed to account for these
changes.
[1]: https://lore.kernel.org/all/20260220154123.376880-1-JPEWhacker@gmail.com/
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 76b6edbd3
---------------------------
doc/setversions.py: fix an f-string without placeholders
This f-string does not have any placeholders. Turn it into a regular
string.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 02cebba47
---------------------------
doc: generate the releases.rst file
Use the information we gather from releases.json to automatically create
the supported and outdated releases document.
The older releases do not follow the same linking scheme, so add them
statically at the bottom of the file from script.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b55497ab7
---------------------------
doc: build using remote releases.json
Like what was done for yocto-docs[1], build using the remote
releases.json file we can fetch from [2].
The file is downloaded if not present, and not re-downloaded for
subsequent builds. In case of fetch failure, fallback to default values.
[1]: https://git.yoctoproject.org/yocto-docs/commit/?id=5bebe38a808a33fea3deefc21dda39a35d90a7dd
[2]: https://dashboard.yoctoproject.org/releases.json
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2f07c60e5
---------------------------
doc/setversions.py: simplify the get_current_version() function
While this was inspired with yocto-docs' set_versions.py file[1], some
of the logic here can be simplified with early returns.
As a consequence of these early returns, move the print() call showing
the computed version to the conf.py file.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 240ae9a7d
---------------------------
doc: move the Git repo check to the conf.py file
This check can be done earlier when building the documentation, and does
not need any version information. Move it to the beginning of conf.py.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e8ace6e16
---------------------------
fetch/wget: Improve connection error handling
We see occasional connection errors in wget testing of sstate mirrors.
It appears there is a case where http.client.RemoteDisconnected is
returned against getrepsonse() which the current code doesn't handle
well.
Rather than trying to handle very specific error cases, catch any errors
and drop the cached connection in those cases in the do_open() code.
Similarly, try again in a more complete set of error cases (all of
OSError instead of special cases and RemoteDisconnected).
[YOCTO #15945]
The traceback from the logs is included below for reference.
Traceback (most recent call last):
File "/srv/pokybuild/yocto-worker/a-full/build/layers/bitbake/lib/bb/fetch2/wget.py", line 415, in checkstatus
with opener.open(r, timeout=100) as response:
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 519, in open
response = self._open(req, data)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 536, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 496, in _call_chain
result = func(*args)
^^^^^^^^^^^
File "/srv/pokybuild/yocto-worker/a-full/build/layers/bitbake/lib/bb/fetch2/wget.py", line 178, in http_open
return self.do_open(HTTPConnectionCache, req)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/srv/pokybuild/yocto-worker/a-full/build/layers/bitbake/lib/bb/fetch2/wget.py", line 249, in do_open
r = h.getresponse()
^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/http/client.py", line 1374, in getresponse
response.begin()
File "/usr/lib/python3.11/http/client.py", line 318, in begin
version, status, reason = self._read_status()
^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/http/client.py", line 287, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/srv/pokybuild/yocto-worker/a-full/build/layers/bitbake/lib/bb/fetch2/wget.py", line 228, in do_open
h.request(req.get_method(), req.selector, req.data, headers)
File "/usr/lib/python3.11/http/client.py", line 1282, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.11/http/client.py", line 1328, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "/usr/lib/python3.11/http/client.py", line 1277, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "/usr/lib/python3.11/http/client.py", line 1037, in _send_output
self.send(msg)
File "/usr/lib/python3.11/http/client.py", line 998, in send
self.sock.sendall(data)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/srv/pokybuild/yocto-worker/a-full/build/layers/bitbake/lib/bb/fetch2/wget.py", line 415, in checkstatus
with opener.open(r, timeout=100) as response:
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 519, in open
response = self._open(req, data)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 536, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 496, in _call_chain
result = func(*args)
^^^^^^^^^^^
File "/srv/pokybuild/yocto-worker/a-full/build/layers/bitbake/lib/bb/fetch2/wget.py", line 178, in http_open
return self.do_open(HTTPConnectionCache, req)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/srv/pokybuild/yocto-worker/a-full/build/layers/bitbake/lib/bb/fetch2/wget.py", line 246, in do_open
raise urllib.error.URLError(err)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b59bdcf81
---------------------------
tests/fetch: Drop github url from testing
This was introduced as a test for the fix in 6ec70d5d2e330b41b932b0a655b838a5f37df01e
however the way github works has changed in the decade since and this
test is no longer testing what was intended.
The test is failing intermittently on our infrastructure thanks to spam
and IP block throttling restrictions which lead to occasional failures.
At this point it is probably simplest just to drop the url from testing.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ead5e02ad
---------------------------
bitbake-setup: correctly determine latest revision in status/update when it is fixed to a commit id
The code was relying on git fetcher's latest_revision() method,
which works properly if the revision in the json config template
is set to a branch or a tag, but does not work if it is set to
a fixed revision (the method will return the latest revision on the
respective branch, and bitbake-setup will incorrectly determine
that the layer needs to be updated to that revision).
Add a guard to check if the revision is a fixed commit id, and do a
direct revision comparison if so, skipping the fetcher query.
[YOCTO #16190]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: da479ccf5
---------------------------
bitbake-setup: are_layers_changed(): calculate local_revision only once
There's no need to repeatedly do it in the loop, as it doesn't change.
Also reposition 'remotes' and 'changed' variables assignments, as this will aid
the code readability after the following commit.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a01be6f0e
---------------------------
bitbake-setup: ensure that config_id is always an absolute path
If config_id (given on command line in 'init' operation) is provided and
interpreted as a relative path to a local file (by checking for the file
existence), it should be recorded into configuration instance as an absolute path.
Otherwise status/update operations will fail if executed from a different
directory that the template file was in, as they won't be able to find
the file.
Note that the patch context doesn't show where having the absolute path actually matters:
further down in the function, config_id is used to set a 'non-interactive-cmdline-options'
property in configuration instance dictionary. This property is used by status/update
operations.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b54600e37
---------------------------
bitbake-worker: Use Lock from bb.multiprocessing
bitbake-worker relies on multiprocessing using the "fork" method to pass
data to the child process. Starting in Python 3.13 the default changed
to "forkserver", so the bb.multiprocessing context needs to be used in
order to preserve the "fork" method.
Note that bb.multiprocessing is a context, so Lock can't be imported
from it; instead a local alias for Lock must be used
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 35866d559
---------------------------
runqueue.py: make sure we use bb multiprocessing
Otherwise, we see errors like:
|ERROR: An uncaught exception occurred in runqueue
|Traceback (most recent call last):
| File "/srv/pokybuild/yocto-worker/check-layer/build/layers/bitbake/lib/bb/runqueue.py", line 1663, in execute_runqueue
| return self._execute_runqueue()
| ~~~~~~~~~~~~~~~~~~~~~~^^
| File "/srv/pokybuild/yocto-worker/check-layer/build/layers/bitbake/lib/bb/runqueue.py", line 1607, in _execute_runqueue
| retval = self.dump_signatures(dumpsigs)
| File "/srv/pokybuild/yocto-worker/check-layer/build/layers/bitbake/lib/bb/runqueue.py", line 1718, in dump_signatures
| p.start()
| ~~~~~~~^^
| File "/usr/lib64/python3.14/multiprocessing/process.py", line 121, in start
| self._popen = self._Popen(self)
| ~~~~~~~~~~~^^^^^^
| File "/usr/lib64/python3.14/multiprocessing/context.py", line 224, in _Popen
| return _default_context.get_context().Process._Popen(process_obj)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^
| File "/usr/lib64/python3.14/multiprocessing/context.py", line 300, in _Popen
| return Popen(process_obj)
| File "/usr/lib64/python3.14/multiprocessing/popen_forkserver.py", line 35, in __init__
| super().__init__(process_obj)
| ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^
| File "/usr/lib64/python3.14/multiprocessing/popen_fork.py", line 20, in __init__
| self._launch(process_obj)
| ~~~~~~~~~~~~^^^^^^^^^^^^^
| File "/usr/lib64/python3.14/multiprocessing/popen_forkserver.py", line 47, in _launch
| reduction.dump(process_obj, buf)
| ~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
| File "/usr/lib64/python3.14/multiprocessing/reduction.py", line 60, in dump
| ForkingPickler(file, protocol).dump(obj)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^
|_pickle.PicklingError: Can't pickle local object <function CoreRecipeInfo.init_cacheData.<locals>.<lambda> at 0x7f7925667d70>
|when serializing tuple item 0
|when serializing collections.defaultdict reconstructor arguments
|when serializing collections.defaultdict object
|when serializing dict item 'rundeps'
|when serializing bb.cache.CacheData state
|when serializing bb.cache.CacheData object
|when serializing dict item ''
|when serializing dict item 'recipecaches'
|when serializing bb.cooker.BBCooker state
|when serializing bb.cooker.BBCooker object
|when serializing dict item 'cooker'
|when serializing bb.runqueue.RunQueue state
|when serializing bb.runqueue.RunQueue object
|when serializing tuple item 0
|when serializing method reconstructor arguments
|when serializing method object
|when serializing dict item '_target'
|when serializing multiprocessing.context.Process state
|when serializing multiprocessing.context.Process object
Fixes: [YOCTO #16184]
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 48efc36b4
---------------------------
lib/bb/tests/fetch.py: add test case to ensure no FetchData attribute error
When using git:// -> file:// in PREMIRRORS and we have the same url
in SRC_URI twice, we reveal the following error:
AttributeError: 'FetchData' object has no attribute 'shallow'
Add a test case to ensure future changes don't introduce the error
back.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fb1289d0b
---------------------------
fetch2/git.py: fix update_mirror_links
We cannot assume ud has the same fetcher with origud. For example,
if we set map git:// to file:// in PREMIRRORS, ud is using local fetcher
and origud is using git fetcher. In such case, the ud does have the
'shallow' attribute. And we'll see the following error:
Exception: AttributeError: 'FetchData' object has no attribute 'shallow'
Looking at the logic of this function, I think it's the origud's shallow
that should be checked. So the logic becomes: if origud is using shallow
and its full shallow tarball does not exist yet, symlink to ensure it
exists. This should make more sense.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4c3784459
---------------------------
fetch: Add GIT_CONFIG_GLOBAL to FETCH_EXPORT_VARS
Many CI setups rely on the GIT_CONFIG_GLOBAL environment variable to
define project-specific gitconfigs, often to inject credentials using
git's url.<base>.insteadOf configuration.
However, BitBake restricts the environment variables passed to the
fetch task to a fixed list (FETCH_EXPORT_VARS). Because
GIT_CONFIG_GLOBAL is missing from this default list, the variable is
stripped from the environment.
Add GIT_CONFIG_GLOBAL to FETCH_EXPORT_VARS to natively support this
credential injection method (and GIT_CONFIG_GLOBAL in general). This
also eliminates confusion for users who expect the variable to
propagate after adding it to `BB_ENV_PASSTHROUGH_ADDITIONS`, only to
find it has no effect during the fetch task.
Signed-off-by: Florian Schmaus <florian.schmaus@codasip.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6b91f4ff3
---------------------------
doc: bitbake-user-manual-metadata: list known limitations for shell tasks
Javier Tia reported[1] they keep forgetting `[[` conditional isn't
supported and scouring our BugZilla, I found[2] another "bug" where
arithmetic expansion isn't supported either.
Let's add a subsection of the shell tasks with the known limitations.
[1] https://lore.kernel.org/bitbake-devel/20250320003358.977774-1-javier.tia@linaro.org/
[2] https://bugzilla.yoctoproject.org/show_bug.cgi?id=11314
Reported-by: Javier Tia <javier.tia@linaro.org>
Suggested-by: Javier Tia <javier.tia@linaro.org>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 30b88fb06
---------------------------
doc: bitbake-user-manual-metadata: promote inherit_defer directive to subsection
Out of all the directives listed in this document, only inherit_defer is
documented in a subsubsection rather than in a subsection.
Therefore, let's be consistent and make inherit_defer documentation into
a subsection.
Fixes: eb10df5a9619 ("doc: bitbake-user-manual: document inherit_defer")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a3ad57743
---------------------------
correct small number of "Bitbake" to "BitBake"
Use correct spelling of "BitBake" in a few places.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bc8be83ae
---------------------------
doc: bitbake-user-manual-ref-variables: BB_ENV_PASSTHROUGH is not in default BB_ENV_PASSTHROUGH_ADDITIONS (anymore)
BB_ENV_PASSTHROUGH_ADDITIONS variable doesn't contain BB_ENV_PASSTHROUGH
anymore since commit 0a33b560233b ("utils: remove BB_ENV_PASSTHROUGH
from preserved_envvars()") so let's fix this oversight.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Suggested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1f8fa7c25
---------------------------
tinfoil: show close matches when no providers are found
When calling 'bitbake-getvar -r somerecipe FOO', show close matches when
'somerecipe' doesn't exist but close matches are found. This replicates
the behavior of 'bitbake -e'.
Example output:
$ bitbake-getvar -r binutils-cross FOO
Unable to find any recipe file matching "binutils-cross". Close matches:
binutils-cross-aarch64
binutils
util-macros
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2fde7821f
---------------------------
cookerdata: Include "originating" recipe name when parsing
When a bbappend file is parsed, the FILE variable is set to the name of
the actual file being parsed (e.g. the name of the bbappend). Since
PN/PV etc. are derived from FILE, this means that they can be
misleading in the event that bbappend is using wildcards (e.g. PV might
have the value of "%" instead of the actual version number).
In order to allow bbappends to derived the actual information of the
recipe, capture the name of the original recipe being parsed as
__BB_RECIPE_FILE when parsing a new recipe. The value of this variable
doesn't change when parsing .bbappend or .inc file associated with the
recipe
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2408492f9
---------------------------
bitbake-setup: print colored diffs
Define a get_diff_color_param() function that returns the --color value
for diff commands. It function also uses color_enabled() to force showing
color or not in the spawned subprocess (--color=auto would never show color).
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1d0d4a006
---------------------------
doc: fix the switchers menu
Fix the switchers.js script of Bitbake to show what are the supported
versions and be able to switch between them.
The default landing page is the stable branch and shows the BitBake
version along with the corresponding Yocto Project codename. This
hopefully makes it easier to remember the correspondance between the
BitBake version and the Yocto Project version.
This works thanks to a setversions.py script, imported and executed in
conf.py, which is largely inspired from the one in yocto-docs. It reads
the tags from the repository and tries to guess the currently checked
out version of BitBake on which we are.
The "obsolete" warning is now also shown when browsing outdated manuals,
meaning any version not part of activereleases in setversions.py and
"dev"/"next".
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d9700632b
---------------------------
bitbake-setup: improve readability of choices
Bold the configuration names and align the descriptions for improved
readability. For this, define a print_configs() function which should
also help factorizing the code as this is done in multiple places.
If color_enabled() is false, keep the text plain.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 787053384
---------------------------
bitbake-setup: define a color_enabled() helper function
This will be re-used in the next commits to force subprocess commands to
color their outputs, as passing --color=auto in them always render
without coloring.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 47e4a24cb
---------------------------
doc: bitbake-user-manual-ref-variables: update Python re doc link to HTTPS
It's 2026, use HTTPS for the link.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4c2a5d4e1
---------------------------
doc: bitbake-user-manual-ref-variables: update BBMASK example with current meta-ti
meta-ti git repo now has multiple layers in it since kirkstone, so let's
update the examples to match the current state of meta-ti by using
meta-ti-bsp.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ee3b2e0b7
---------------------------
doc: bitbake-user-manual-ref-variables: expand and reorganize BBMASK explanations
The documentation doesn't explain the side-effect of putting a leading
slash, only the trailing slash.
The leading slash is not for making the regular expression match an
absolute path, but to force the match on the directory or file that
exactly starts (and ends if there is a trailing slash) with the
specified string. So let's explain that.
This also explains that this doesn't prevent more than the intended path
to be caught, specifically because it is NOT a regular expression
matching an absolute path.
Because any pattern not starting with a ^ character can match multiple
directories from multiple layers, let's make the usage of
BBFILE_PATTERN_my-layer the recommended one. Keep the rest as hints at
what can happen when not using the variable but reiterate that users
should be really be using that variable.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3831d4813
---------------------------
doc: bitbake-user-manual-ref-variables: have BBMASK directory examples be consistent
It's a bit confusing to have a mix of paths with and without a leading
slash. The behavior is actually different. The next commit will explain
when/why to add a leading slash.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c5311e24c
---------------------------
doc: bitbake-user-manual-ref-variables: clarify BBMASK directory matching
BBMASK matches files in the directories matching the regex, and also in
their respective subdirectories, so make that clear in the wording
leading to the example.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 171aa68fc
---------------------------
utils: is_path_on_nfs: strip not existing path
When the user provide a path that does not exist it fails with:
| stat: cannot read file system information for '/path/to/my/hashserve': No such file or directory
We can strip the non exising part in the path and pass just that to the stat.
Signed-off-by: Jose Quaresma <jose.quaresma@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 563851083
---------------------------
fetch2/svn: Use server certificates going forward
In the past, broken SSL certificates were common on subversion servers. As such,
the subversion fetcher used to ignore these issues.
Cert infrastructure has massively improved since that decision was made and things
like self signed certificates should no longer be common place.
We should follow good security practises and not have this as a default anymore,
remove the --trust-server-cert commandline option by default.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5427500e4
---------------------------
fetch: Drop CVS fetcher module
CVS is extremely dated technology and is not used anywhere significant/public
any more. The existing code is not well maintained and is hard to test without
any public CVS repositories. To be honest, if you're still using CVS you really
shouldn't be.
Remove the fetcher as obsolete and a generally bad idea now.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 99497c131
---------------------------
fetch: Drop osc (OpenSUSE Build Service) fetcher
The OpenSUSE Build Service fetcher was for a specialist niche usecase which never
went into production use as far as I know. At this point it makes sense to remove
it as it is unused and bitrotted.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8e057d54f
---------------------------
fetch: Drop Bazaar/bzr fetcher
Bazaar has been of limited use outside of Launchpad for a while. Most uses
within launchpad now use git. The original bazaar client was also replaced
by breezy, which whilst supporting the bazaar repositories, mostly works with
git as the backend now too.
The existing code has been broken for a while and nobody seems to be using it,
lets remove the obsolete technology.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8b635a400
---------------------------
fetch2/wget: Add debugging for bad file descriptor
We see errors on the autobuilder which imply we migtht be running out of
file descrptors. Add some debugging to try and determine if this really
is the case. For example the garbage collection may not be running quickly
enough to keep up with the code.
Count up the open files from /proc/self/fd, list them and then also try
and run lsof (which might fail if no file descriptors are available).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d9e136baf
---------------------------
bitbake-setup: Add strip to value from settings.conf
If user add "" to dl-dir as DL_DIR, it will show FetchError as following.
raise FetchError("Unable to fetch URL from any source.", u)
bb.fetch2.FetchError: Fetcher failure for URL: 'git://git.openembedded.org/bitbake;protocol=https;rev=master;branch=master;destsuffix=bitbake'. Unable to fetch URL from any source.
But from this log, user can't locate the real reason which is that the path "/aa/bb" is invalid.
So I make this fix, even if user add "" to dl-dir, the dl-dir will be the valid path.
Other settings value also need this fix.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 561c3d19c
---------------------------
default-registry: update fragments choices with descriptions
Give descriptions to the fragment choices to help the user know what to
pick during 'bitbake-setup init'. These descriptions were based on the
descriptions found in the corresponding configuration files in
OE-Core/meta-yocto.
Also while we're at it, s/Distributions/distributions/ as "machines" is
lowercase in "Target machines" above.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2834c4dfa
---------------------------
bin: Hide os.fork() deprecation warning at module level
Add the message filtering directly in the python module where the error
happens, so we do not need to repeat the filter in all consumers. This
will also make sure the filter is applied in any user of createDaemon().
Fixes [YOCTO #16080]
Suggested-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 054171ce0
---------------------------
lib/bb/tests/setup.py: add tests for oe-fragments-one-of
There were no tests of oe-fragments-one-of so modify gizmo-notemplate to
gizmo-notemplate-fragments-one-of, and test both formats for the options
(with or without a description).
In get_setup_path(), if the configuration specified on the command-line
contains fragments, join everything with "-" as this is what will be the
final directory name of the setup. This does not affect other current
variants.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 87be7f97c
---------------------------
bitbake-setup: tests: add a test for getting configs over http
Configs from registry, and configs on local filesystem were tested,
but not configs obtained over http URIs.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af9dd012e
---------------------------
bitbake-layers: layerindex-fetch: Fix branch detection method
Replace fragile parsing of 'git branch' output with the more reliable
'git name-rev --name-only HEAD' command to get the current branch name.
This avoids parsing issues and is the recommended way to get the current branch name.
Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7381f92ef
---------------------------
doc: bitbake-user-manual-intro: improve bbappend file matching doc
The recipe name matching wasn't fully explained and were missing a few
important corner cases such as recipes without a version, or using the %
character outside of the version part of the filename for example.
This adds the last missing bits to cover every append naming scenario
that exist today.
This was derived from lib/bb/cooker.py:get_file_appends().
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a30ac2f54
---------------------------
bitbake-setup: _has_local_modifications fix user case when add/remove/add layer
While develop a registry configuration adding a new layer and then back
to previous configuration without the _has_local_modifications breaks
because the code expects the layer to be in sources-fixed-revisions.json.
This can be reproduced with next steps:
- Call bitbake-setup with configX.
- Remove a LayerY from the configX.
- Call bitbake-setup with configX.
- Add the layerY again to configX.
- Call bitbake-setup with configX (break).
Fixes:
```
File "/workspaces/ls/meta-ls/bitbake/bin/bitbake-setup", line 1137, in <module>
main()
~~~~^^
File "/workspaces/ls/meta-ls/bitbake/bin/bitbake-setup", line 1130, in main
args.func(top_dir, all_settings, args, d)
~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/workspaces/ls/meta-ls/bitbake/bin/bitbake-setup", line 735, in build_update
build_status(top_dir, settings, args, d, update=True)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/workspaces/ls/meta-ls/bitbake/bin/bitbake-setup", line 719, in build_status
update_build(new_upstream_config, confdir, setupdir, layerdir, d,
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
update_bb_conf=args.update_bb_conf)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/workspaces/ls/meta-ls/bitbake/bin/bitbake-setup", line 408, in update_build
sources_fixed_revisions = checkout_layers(layer_config, confdir, layerdir, d)
File "/workspaces/ls/meta-ls/bitbake/bin/bitbake-setup", line 184, in checkout_layers
elif _has_local_modifications(r_name, repodir_path):
~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^
File "/workspaces/ls/meta-ls/bitbake/bin/bitbake-setup", line 143, in _has_local_modifications
rev = fixed_revisions['sources'][r_name]['git-remote']['rev']
~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^
KeyError: 'meta-freescale'
```
Signed-off-by: Anibal Limon <anibal@limonsoftware.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b339d05ad
---------------------------
cooker: use BB_HASHSERVE_DB_DIR for hash server database location
If unset, the existing behavior is preseved.
The use case is sharing the database in bitbake-setup's driven builds
without having to set up/start/stop a common single server shared
between them (this is added to bitbake-setup in the next commit).
Also create the specified directory if it doesn't yet exist.
Add a check that the directory is not on a NFS path, and error out then,
guiding the user to set up a standalone hash equivalency server.
Note: the check runs 'stat' executable with a format string parameter,
ensuring it prints only the filesystem type and nothing else.
Python's standard library does not have a statfs() wrapper,
and using ctypes to call into it would've required delicate,
crash-prone data type definitions, full of magic numbers.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 29f2cee65
---------------------------
bin/bitbake-setup: add descriptions for fragment choices
Make it possible to give fragments descriptions as it can help users
determine which fragments to pick during bitbake-setup init.
It is still possible to provide a list (with no descriptions) for
backwards-compatibility.
Update the documentation accordingly.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 82f594e7f
---------------------------
docs: Fix sources as required
If sources is empty, nothing happens. So let's just not say it's
optional, and let's say the minimum is bitbake source code.
Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: abd7ad5e7
---------------------------
docs: Fix leading text for bitbake-setup init
If we use the default of bitbake-setut init we may not create anything
(as the first default for an empty directory is N).
If user does not chose a number, the script asks again for a number.
Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 726947ec7
---------------------------
bitbake-setup: Change the output to match the terminology in the docs
Make the output to match the terminology used in the documentation for
some terms.
Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c95ddf54d
---------------------------
doc: change some terminology around bitbake-setup
Change some terms to use more specific wording:
Generic Configuration -> Configuration Template
Specific Configuration -> Configuration Instance
Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 142c981db
---------------------------
bitbake-setup: tests: use a tuple for iterating over configurations
This prepares the data for the next commit.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e5577c336
---------------------------
bitbake-setup: tests: avoid repeating the list of config variants
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0301466c7
---------------------------
bitbake-setup: sort configurations before printing a list of them
The order was non-deterministic which did not help finding the
number for the right one in the list.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 18d46a170
---------------------------
bitbake-setup: do not print a premature notice about renaming bitbake configuration
This was done before setting up a new bitbake configuration, so that
it does not write over the old one, comparing the old and the new
bitbake configurations, and taking one of three possible actions:
- no changes, no need to keep a backup;
- changes exist, do not replace existing config
- changes exist, replace existing config.
All three options correctly print the eventual outcome,
so this early print is unnecessary and confusing.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6b4589955
---------------------------
bitbake-setup: use correct registry in status/update
status/update operations should be using the registry
that was used in initializing a setup, but they've
been using the registry from settings. This is now
corrected.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 57087fd1c
---------------------------
bitbake-setup: pass only the registry settting into obtain_config(), not the whole settings
This will help the following commit.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ab06edae8
---------------------------
bitbake-setup: fail if the url is not a json
In those cases when the user enters a URL that points to the html
representation of a json file, and not the actual json file, we can
at least let them know that the URL point to a file which is not a json.
It will help when a user copy and paste a URL from a browser and the
tool cannot parse it as json.
Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e9327cd27
---------------------------
bitbake-setup: ensure 'list' does not write anything into top dir
The goal for the 'list' command is to not leave any files or directories
behind, as it may be issued before the user has decided where to
place the top directory. 'list' redirects the top directory
to a temporary location, but it didn't do the same for the downloads,
which led to the default top directory being polluted with them.
This has now been fixed.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 675e9076a
---------------------------
bitbake-setup: use internal registry if run from git checkout, bitbake repo otherwise
If bitbake-setup is packaged and obtained from pypi, or another package feed
it needs to be able to find standard configurations. It is not impossible
to package configurations into some location inside the package
and add logic to find them, but it is much easier to just fetch the bitbake
repo and use that as a configuration registry. The other benefit is that
such packaged/installed bitbake-setup will not have to be updated in order
to obtain latest configurations: it will simply check the registry and fetch
them as needed, which is the original intent of config registries as repos.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 068eaf5ea
---------------------------
bitbake-setup: correctly deduce top directory from BBPATH environment variable
This fixes running 'bitbake-setup init' in an active bitbake session when
a top dir settings file is absent. In this case, bitbake-setup was trying to make
a whole new top directory under the current directory. It will will now use
the existing top directory, deducing it from BBPATH (similar to status and
update operations), which was always the intent.
The code was relying on an existence of a top directory settings file, which was
always present in earlier prototypes, but is currently created
only when a setting is explicitly written into it. This logic is changed
to use the bitbake-setup's cache directory, which is also explicitly created.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 921e4ce1e
---------------------------
bitbake: also hide os.fork() deprecation warning
Copied from bitbake-server/worker/layers.
This is seen also for bitbake command invocations.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6d28e92ef
---------------------------
doc/bitbake-setup: document "uri" property
The property 'uri' is a simplification of the property 'remotes'. It is
used to provide only one URI.
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6a8350d75
---------------------------
bitbake-setup: use URI shortcut for 'master' configuration
Currently, no source has several remotes. So we can replace their entire
structure 'remote' -> 'origin' -> 'uri' with a shorter one (property 'uri'
only).
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0c6f24efc
---------------------------
layers.schema.json: support 'uri'
The property 'uri', which is a shortcut for 'remotes/origin/uri', is now
supported under 'git-remote'.
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7941a5dc4
---------------------------
bitbake-setup: add inline URI
Most of the time, when we describe a remote, a bitbake-setup source looks like this:
"bitbake": {
"git-remote": {
"remotes": {
"origin": {
"uri": "https://git.openembedded.org/bitbake"
}
},
...
}
}
i.e. an URI with the common name 'origin'. Alternatively, we could simplify this, by
using a shorter structure with the property 'uri' only:
"bitbake": {
"git-remote": {
"uri": "https://git.openembedded.org/bitbake",
...
}
}
These properties can be used together.
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cdd79c176
---------------------------
tests/fetch: Disable npm tests
Since the npm fetcher is disabled, we should skip the npm tests too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 355cd226e
---------------------------
fetch2/npm/npmsw: Disable npm and npmsw fetchers due to security concerns
We've been made aware that are security issues within the npm/npmsw fetchers.
The issue is that the code accepts data like checksums from the upstream
servers, rather than verifying it against local data from the recipes. This
means the upstream servers could feed aritrary data into the build.
There have been maintainance issues on these fetchers for a while and despite
asking in multiple forums, we've been unable to find anyone to help fix the
issues. Until that issue is resolved and we can be convinced the fetcher is
secure and modelling best practices for reproduciblity (inc. mirroring), this
patch disables the fetchers. This has been discussed and agreed by the OE TSC.
Parsing will not show errors but the recipes using these fetchers will not be
available. Recipes will be skipped at parsing and will show an error if a user
tries to build a recipe using them.
The import is local to the function to avoid circular dependencies within
the hashserv selftests.
[YOCTO #16105]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5127faf98
---------------------------
doc: remove problematic '_' in reference that breaks the build
Delete pesky underscore in :ref:`_ref-bbsetup-source-overrides`
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d48c93e13
---------------------------
doc/bitbake-setup: add example of ssh:// uri
For private git repositories, we often need to use the ssh git fetcher;
add a hypothetical example to Generic Configuration Files Reference.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b76e12974
---------------------------
doc: bitbake-user-manual-metadata: expand locating files example for include_all directive
This adds a separate example for the include_all directive which also
highlights that the current directory isn't searched (unlike when using
the include or require directive).
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c2289bac0
---------------------------
doc: bitbake-user-manual-metadata: expand on search paths for include directive
While it is made somewhat explicit in the require and include directive
sections, I believe we should provide an example as to which relative
directory the include/require directives apply to when in a bbappend.
Let's provide some example to make this even clearer as it wasn't what I
thought would happen.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a52015218
---------------------------
doc: bitbake-user-manual-metadata: fix incorrect path in example for locating files
The paths listed in the example are missing an "example" subdirectory to
match the searched paths in the example, let's fix this oversight.
Fixes: 7bd36f6c6d33 ("doc: extend classes and include/require documentation")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: eeb85dd6c
---------------------------
doc: bitbake-user-manual-metadata: add missing highlight for BBPATH and PATH
We typically highlight (via a :term: directive or with double tick
quotes if there's no entry in the glossary or it is inappropriate)
variables, and here it was missed so let's fix that oversight.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 49211d94e
---------------------------
doc: bitbake-user-manual-metadata: specify that current dir won't be searched for include_all
We've forgotten to make it explicit that include_all differs from the
include directive also by the fact it doesn't look for the file
relatively to the file with the include_all directive, so let's make
that clear.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bf45c5492
---------------------------
doc: bitbake-user-manual-metadata: use a cross-reference for addfragments
We use cross-reference links for all but addfragments so let's fix that
inconsistency.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b0d4c193a
---------------------------
doc: bitbake-user-manual-metadata: highlight configuration fragment differently
We typically reserve the monospace font (used when highlighting with two
tick quotes) for inline code examples or non-English words, but
"configuration fragments" is neither. Instead, let's assume the intended
style effect was to highlight the term as a two-word term and only use
single tick quotes to make the text look italic.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0cced087f
---------------------------
doc: bitbake-user-manual-metadata: list (in order) all sharing directives
The Sharing Functionality section has multiple subsections each
representing a way to share code.
Let's list all directives listed in the subsections (we were missing
inherit_defer and include_all) and provide a link for each subsection.
This also fixes the link to INHERIT to point to the subsection where it
is explained instead of to the variable glossary.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1c8ac1459
---------------------------
doc/releases.rst: add whinlatter, move walnascar to EOL
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bffb03a31
---------------------------
doc: bitbake ch 2: use example of nginx to explain DEFAULT_PREFERENCE
At the moment, the section on explaining DEFAULT_PREFERENCE uses an
example of busybox, which does not even use this feature anymore.
Replace this with an example using "nginx", which does.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 58e93b1fa
---------------------------
doc: use monospaced font for visual clarity of options
Use monospaced font for command options, to make it clear when double
dashes are being used.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c396c6b9b
---------------------------
doc: fix a couple minor typos in Chapter 1
Just some verb tense stuff.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8177479e1
---------------------------
gitignore: Ignore bitbake-builds directory
Running `./bin/bitbake-setup init ...` in the bitbake directory with the
default bitbake-setup configuration creates a bitbake-builds directory.
Add this to .gitignore with a wildcard so that any such directory is not
tracked.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c16e7ba20
---------------------------
bitbake-setup: add tests for update scenarios fixed in the previous commit
This adds tests for the issues fixed in the previous commits:
- transitions in sources from remote to local, from local to local and from local to remote
- ensuring that local commits in sources are restricted
- ensuring that source backups do happen when that is expected.
Add a helper function that adds a test configuration with a local source in it.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aa15cc7bd
---------------------------
bitbake-setup: correct several scenarios in layer updates
There were untested scenarios in layer updates which did not work properly.
The most serious of them is updating a remote layer which had user-made local
modifications (e.g. newly made local commits or edited files
without a commit). Bitbake-setup relies on git fetcher's unpack operation
which simply wipes it all out. Yes, the user should've used -L option
to symlink a local clone from elsewhere; this advice doesn't help when their
work is gone.
To address this, a git hook is added that prevents making commits in checkouts
under layers/ that are managed by bitbake-setup. The hook directs users to clone
the layer they'd like to modify separately and then use 'init -L' option.
(note: later on this workflow can be streamlined by converting parts of an existing
setup to local sources, or perhaps ability to 'detach' parts of layers/ from
bitbake-setup's modifications, so that it's not necessary to do a full re-init).
This still does not cover local modifications without making commits, so there's
also a function that checks if such modifications have been
made, and a code that moves the layer into a backup location if the function
returns true. I considered asking the user what to do (similar to bitbake
config handling), but this would've resulted in a half-updated, possibly
broken layer set which ultimately just would be more confusing.
The local modification check is a part of a broader newly added logic block
that handles already existing sources, and in particular addresses yet another
issue: when a local source replaces a git remote or another local source, this
scenario failed with 'file exists' errors (thanks to Anibal Limon for spotting
that). In this case the original symlink is removed first. If the original is a
git checkout, it is backed up if there are local modifications, or simply removed
otherwise.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 77e86f9c8
---------------------------
bitbake-setup: allow empty commits in configuration history repo
This can happen when a user has checked out a different commit
in a component under layers/. 'bitbake-setup update' will reset
to the commit in the configuration, but there will be no changes
to it, and so no difference in the config history repo to be
committed.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e96b97e17
---------------------------
bitbake-setup: ensure paths with timestamps in them are unique
There have been instances where directories with timestamps
in them are created within the same second, and their paths
clash as the timestamp in them is the same for both, as the
timestamp is accurate to 1 second.
This adds a check for the directory existence and then adds
an ever-increasing counter until there's a path that isn't yet
created.
[YOCTO #16121]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ef807662f
---------------------------
doc: document fixed revisions override in bitbake-setup manual
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f23e186a7
---------------------------
bitbake-setup: symlink json with fixed revisions into layers/
This makes the file more visible for users, and allows easier
checks of layers current content against what was checked out
by bitbake-setup (to ensure local modifications aren't wiped out).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 05829df3d
---------------------------
bitbake-setup: in tests, refactor the config writer to allow variable sources
This will be used to make configs that use local sources instead
of git-remotes.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8caad7452
---------------------------
bitbake-setup: extend the tests for local sources with status/update sequence
This checks for both issues fixed in two previous commits.
Split common local source checks into a function and extend it with a call
to status/update checker.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4bded0fc5
---------------------------
bitbake-setup: fix are_layers_changed when use local source
When use local source the git-remote isn't set causing exception because
takes repodir as default value.
Fixes:
```
NOTE: Looking up config ls-master in configuration registry
Traceback (most recent call last):
File "/home/workspaces/ls/bitbake/bin/bitbake-setup", line 1042, in <module>
main()
~~~~^^
File "/home/workspaces/ls/bitbake/bin/bitbake-setup", line 1035, in main
args.func(top_dir, all_settings, args, d)
~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/workspaces/ls/bitbake/bin/bitbake-setup", line 667, in build_update
build_status(top_dir, settings, args, d, update=True)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/workspaces/ls/bitbake/bin/bitbake-setup", line 658, in build_status
if are_layers_changed(current_upstream_config["data"]["sources"], layerdir, d):
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/workspaces/ls/bitbake/bin/bitbake-setup", line 627, in are_layers_changed
changed = changed | _is_git_remote_changed(git_remote, repodir)
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
File "/home/workspaces/ls/bitbake/bin/bitbake-setup", line 601, in _is_git_remote_changed
rev = r_remote['rev']
~~~~~~~~^^^^^^^
TypeError: string indices must be integers, not 'str'
```
Signed-off-by: Anibal Limon <anibal@limonsoftware.com>
Alex: remove the default '' value from get() as None is used otherwise, which is also suitable.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 92bc3b2b5
---------------------------
bitbake-setup: consider overrides when checking whether layers have changed in 'status'/'update'
This was erroneusly not done, and the original layer spec was used.
Make a function out of the code that overlayes overrides onto
the base layer spec, so the code doesn't have to be repeated.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9adb99d0d
---------------------------
bitbake-setup: test after every update that config hasn't changed
This would catch situations where update hasn't run through to
completion even though bitbake-setup finished without error,
such as the one fixed in the previous commit.
Also unset BBPATH from environment so that it doesn't leak out
of the function where it's used. Adjust buildtools test to pass
setup dir explicitly, as it was previously relying on BBPATH being set.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3a9f9d85c
---------------------------
bitbake-setup: consistently add configuration commits at the end of updates
bitbake-setup tracks configuration history under setup directory in config/.
Making commits in there wasn't consistently done in all init/update scenarios
sometimes leaving uncommitted files. Move the commit creation to the end of
update_build() function, ensuring it always happens.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ea760cda2
---------------------------
bitbake-setup: move the local source tests to the end
They are not a part of the main testing sequence, and logically
should not be in the middle of it.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
manifest-judo
---------------------------
Commit: 6426546
---------------------------
CSNMR-5656: Lock down upstream meta layers
Locking down upstream meta layers to commits that have generated a
successful CI build.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 8d0b577
---------------------------
bamboo: Use set -x in scripts for running unit tests
Give us more visibility in the bamboo logs as to what commands are
getting run to aid in debugging failures.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 930a6557
---------------------------
layer.conf: update compatibility to wrynose
The oe-core master branch just switched from whinlatter to wrynose[1] so
follow this change in our layers.
[1] oe-core cd1179544d7 ("layer.conf: Update to wrynose")
Signed-off-by: Ross Burton <ross.burton@arm.com>
---------------------------
Commit: f4118f9b
---------------------------
arm-bsp/trusted-firmware-m: corstone1000: Add AO lock write barrier
Add the corstone1000 patch that inserts a compiler barrier before the
first HOST_AO_LOCK_BITS write in CC_LibInit().
On corstone1000-mps3 with GCC 15.x, TF-M can HardFault on that first
AO lock register update. Adding the barrier avoids the fault.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 3afd7461
---------------------------
arm-bsp/edk2-firmware: fix build on newer hosts
Compiles of edk2-firmware with GCC 15 on the host will fail:
main.c: In function ‘ProcessArgs’:
| main.c:163:42: error: too many arguments to function ‘p->process’; expected 0, have 2
| 163 | (*p->process)( *argv, *(argv+1) );
| | ~^~~~~~~~~~~~ ~~~~~
We actually already had the fix for this, but were doing SRC_URI +=
_before_ the include file did SRC_URI =, so the patch was never applied.
Move the require to the top of the recipe so this ordering problem does
not happen, and fix the line-endings in the patch that never got applied.
[ YOCTO #16116 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: df572b4d
---------------------------
CI: allow hashserver to be specified in environment
If the sstate is being mounted into the container then the hashserver
also needs to be shared, and not stored inside the build tree. Mark
BB_HASHSERVE as being set via an environment variable so the GitLab
runner environment can set the correct location.
This fixes a long-standing problem causing substandard reuse, which now
is detected and causes a warning in oe-core[1].
[1] oe-core 491de0db64a ("sanity.bbclass: warn when sstate is outside of
build dir, but hash equiv database is inside it")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 2f6824dd
---------------------------
CI: remove last traces of TOOLCHAIN_DIR
When the binary toolchain support was removed[1] we no longer used this
variable, but a few instances of it was left behind.
[1] meta-arm 03af0c72f1 ("arm-toolchain: remove external-arm-toolchain")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 6182cec8
---------------------------
arm/qemuarm64-secureboot: get edk2 and trusted-firmware a working
Do the changes necessary to get qemuarm64-secureboot to work with edk2
firmware, and add it to CI. The CI changes needed to make it dynamic
based on edk2.yml or u-boot.yml required moving the relevant parts into
inc files.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 53ccc1ba
---------------------------
arm/qemuarm64: fix edk2 and test it
edk2 has been broken on qemuarm64 for an unknown amount of time. Add it
to CI to prevent this from happening (until edk2 works on
qemuarm64-secureboot).
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 65c98dfe
---------------------------
arm-bsp/sbsa-ref: fix qemu warning
Make the relevant correction for the following warning in qemu:
warning: short-form boolean option 'readonly' deprecated
Please use readonly=on instead
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 0e7aa859
---------------------------
arm-bsp/trusted-firmware-a: remove unnecessary FILESEXTRAPATHS
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 7f7b065c
---------------------------
CI/uefi-secureboot: remove duplicate entry
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: a4a555ef
---------------------------
arm/fvp-corstone-1000-a320: trim Python install instead of using INSANE_SKIP
The INSANE_SKIPs were not sufficient because the chrpath code used in
nativesdk builds still warns, so instead of hiding the warnings fix them
instead: remove the pointless RPATHs in the embedded Python libaries,
and delete the static libraries.
Signed-off-by: Ross Burton <ross.burton@arm.com>
---------------------------
Commit: 8c6b5e41
---------------------------
arm/trusted-services: upgrade in-tree nanopb
Trusted Services uses nanopb 0.4.8 but this imports pkg_resources from
setuptools, which has been deprecated since 2023[1] and was finally
removed in setuptools 82.
This was fixed in nanopb some time ago[2] so upgrade the recipe from
nanopb 0.48 to 0.49.1.
[1] https://setuptools.pypa.io/en/latest/deprecated/pkg_resources.html
[2] https://github.com/nanopb/nanopb/commit/7961a939ebeeb27631c6def44f3452522264c64b
Signed-off-by: Ross Burton <ross.burton@arm.com>
---------------------------
Commit: 8a5b2d5e
---------------------------
arm/trusted-services: update documentation
Change the layout to enhance readability and add TS fTPM related
information.
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 315d4e13
---------------------------
arm/trusted-services: Enable tpm2-tool self tests
Enable execution of the tpm2-tools self-test against the Trusted
Services fTPM SP. The test is integrated into OEQA but is disabled by
default due to its long execution time (over three hours on fvp-base)
and inconsistent results. While individual tests pass when run in
isolation, running the full suite results in failures. Despite this,
it remains the most comprehensive verification currently available.
Testing can be enabled by setting the RUN_TPM2_TESTS variable.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Gyorgy Szing <gyorgy.szint@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 7601b7e0
---------------------------
arm/trusted-services: Enable the fTPM SP
Trusted Services has introduced a Firmware TPM (fTPM) secure partition.
This change enables building and deploying the fTPM SP through meta-arm.
The secure partition is based on the TPM2 reference implementation,
msp-tpm20-ref, which has been patched to use MbedTLS as its
crypto backend and psa-its for non-volatile storage.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 4e94b90c
---------------------------
arm-bsp/corstone1000: Rebase TS patches.
Remove patches merged upstream and rebase remaining patches.
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 0646047f
---------------------------
arm/trusted-services: Update to v1.3.0
Update to latest TS release.
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 2027a7a0
---------------------------
arm/python3-pydevicetree: don't install non-namespaced tests
The wheel includes the tests which are in a non-namespaced module, and
will then conflict with other recipes (such as python3-cryptography) that
also install non-namespaced tests.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 1eec18f8
---------------------------
optee-client: Make include reusable outside of meta-arm
Set FILESEXTRAPATHS so that artifacts that meta-arm injects can still be
found when using the include from a different layer.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: dcc34c19
---------------------------
CI: add LTS versions for testing
Add a CI test for the LTS versions of recipes currently supported.
Use fvp-base, since that provides good coverage and is being used for
the latest version testing.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: b5207f77
---------------------------
arm/trusted-firmware-a: update LTSes
Update the TF-A recipes to the latest stables/LTS versions. Not all of
the versions updated the version of mbedtls being used (and even the
updates didn't update to the latest stable version of mbedtls). We're
using the mbedtls version specified in
docs/getting_started/prerequisites.rst, not the latest available.
Also, update the related fiptools and tf-a-tests (which don't map to the
same releases, but were all verified to be at the latest versions).
No real change in cot-dt2c code, but updating the SHA to the latest.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 46e0a21b
---------------------------
arm/classes: fix quilt-native dependency
quilt-native is required by do_apply_local_src_patches task.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: b00fe886
---------------------------
arm/trusted-firmware-m: workarounds for new(er) toolchains
GCC 15 (and GCC 14, and probably others) are finding new problems in
trusted-firmware m, and these cannot simply be ignored (as they are
fatal build errors). Clear the ld security flags to get around those
issues, backport a couple of patches for fixes that have been addressed
upstream, and create a patch to work around some casting issues in
functions that are removed in newer versions of the code. This
refactoring caused some minor clean up of existing corstone1000 tfm
patches.
Also, use size based optimization for corstone1000. With this, the bl1
is too big to fit into flash. The correct way to solve this would be to
remove TFA_DEBUG, but that causes a rabbit hole of problems related to
heap being enabled or not. This works around the issue until it can be
resolved properly.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 40d015d7
---------------------------
arm/edk2-firmware: Update to 202602
Update edk2, edk2-platforms, and sbsa-acs to the latest versions/SHAs.
A bleeding edge patch from upstream is needed to correct a build race in
antlr, and the latest SHA for edk2-platforms is needed to work around
some compilation issues with ENABLE_TPM in fvp-base.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: c0416d74
---------------------------
arm-toolchains: Update to 15.2
Update the pre-build Arm GNU toolchain to 15.2 (from 13.3)
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 3c92c995
---------------------------
CI: don't testimage core-image-initramfs-boot
A recent change to image dependencies in oe-core master[1] means that
TESTIMAGE_AUTO tries to test more images than before.
Explicitly reset TESTIMAGE_AUTO for core-image-initramfs-boot so that it
doesn't try to testimage an initramfs.
[1] oe-core b75c21fb950 ("image_types_wic.bbclass: add depend on initramfs")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: be647726
---------------------------
arm/trusted-services: clone dependencies under ts source tree
Clone all trusted-services dependencies into the TS source tree under
ts-external/ instead of ${UNPACKDIR}
This alignes the layout with devtool git-submodule handling.
NOTICE: we can't clone in external as TS already contains files there
and it would conflict.
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: d5b265ec
---------------------------
arm-bsp/trusted-firmware-m: fix psa-adac patch paths for corstone1000
Update the corstone1000 variant to apply its psa-adac patches
against the new external/ directory.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: f0cd8c56
---------------------------
arm/trusted-firmware-m: clone dependencies under tfm source tree
Clone all trusted-firmware-m dependencies into the tfm source
tree under external/ instead of ${UNPACKDIR}.
This aligns the layout with devtool git-submodule handling,
ensuring the recipe sees a consistent source tree at build time
and allowing dependencies to be patched via devtool in the same
way as the main tf-m repository.
(reworked to avoid use internal variables for checkout)
to clone tf-m dependencies use hardcoded path for reproductibility
and avoid using BB_GIT_DEFAULT_DESTSUFFIX which may depend on
yocto version.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 1aed8156
---------------------------
CI/musca-b1: use LTS tf-m
We currently don't have coverage for trusted-firmware-m 2.1.x, which is
the LTS. Since musca-b1 and musca-s1 are essentially the same, use b1
for the LTS coverage.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 907645a0
---------------------------
arm*/layer.conf: drop walnascar
walnascar compatibility isn't tested and isn't supported with whinlatter
or later, drop it.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 1e3d3f8b
---------------------------
arm-bsp/sgi575: change target image for CI
For some reason, sgi575 won't boot to shell with
core-image-full-cmdline, but it will with other images. Since we're
going to drop this machine soon (as it has been EOL'ed), modify the
image type for CI to core-image-base (As that one appears to boot
faster).
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 8ef2258e
---------------------------
arm-bsp/linux-yocto: corstone1000: Update to v6.18
* Set Linux kernel preferred version for Corstone-1000 to 6.18
* Update Corstone-1000 user guide.
* Recent kernel versions removed the deprecated CONFIG_LIBCRC32C
Kconfig symbol as part of the CRC library cleanup.
Replace CONFIG_LIBCRC32C with CONFIG_CRC32, which provides the
generic CRC32/CRC32C library support used by in-kernel consumers.
* The ext3 driver was removed historically and ext4 carries
compatibility for ext3 on-disk format.
* Amend External System patch to adhere to Kernel v6.18 RemoteProc
API.
* Add #address-cells and #size-cells parameters to ethosu dts node
No functional change intended.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: ad92b476
---------------------------
Remove meta-arm-systemready
meta-arm-systemready was intended to allow people writing BSPs to run
the SystemReady Architecture Compliance Suite[1] within the Yocto build
environment. However, whilst this seems like a good idea, there are
several problems:
- This layer only supports the IR band and v2 of the ACS. The ACS is now
at v3 and the bands altered, so there is no value in running obsolete
tests.
- Execution of the tests takes a long time, we have integration to run
the tests on a virtual fvp-base machine but execution takes many tens
of hours (our CI times out after 12, on a high-performance worker).
Running the tests in CI, and in particular inside BitBake, isn't
obviously the right thing to do.
- Execution on the tests on real hardware is not trivial, as testimage
has virtual targets as a primary usecase. It is unclear if anyone has
managed to use this layer on physical hardware.
Because of these issues, remove the layer. There are better integration
points for automated ACS testing, and this integration is obsolete.
[1] https://github.com/ARM-software/arm-systemready
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 98b105ce
---------------------------
arm/fvps: reorganize CI into segments
The downloads page for FVPs is broken down into sub-pages for each
"Ecosystem". Organize this file to match that. Also, rename fvp-v3-r1
to "rd" to make more obvious what this refers to.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: d8c879b9
---------------------------
arm/corstone1000-a320: split off FVP into a unique file and add to CI
The corstone1000-a320 FVP is a unique download and should be treated as
such in our CI. Split the relevant parts off, add it to the fvps.yml
file, workaround the staticdev and useless-rpath errors that were
present in the FVP tarball, and the correct depends in the machine
config file.
Also, add this machine to the CI so that any issues can be found with
this unique configuration.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 832ce9bc
---------------------------
CI/fvp: made the default target core-image-full-cmdline
No need to have the full graphics stack for FVP images. Slim the image
down by default.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: f87babe3
---------------------------
lib/fvp: remove FVP buit-in portion of the terminal name
This patch ignores the built-in FVP UART name when setting the terminal
names on tmux.
The rationale is that appending FVP UART name takes a lot of space
making it unusable on complex platforms with many terminals.
Signed-off-by: Filipe Rinaldi <filipe.rinaldi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 8c8e2a5d
---------------------------
arm-bsp/u-boot: Remove v2025.04 recipe
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 7ab5353f
---------------------------
arm-bsp/u-boot:cs1k: Remove broken patch
The removed patch file breaks the U-Boot efi_selftest utility and has
been denied by upstream in any event. All subsequent patches renumbered.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 0a8d300b
---------------------------
arm-bsp/u-boot:cs1k: Upgrade to v2025.10
All patches have been rebased onto the v2025.10 release branch, with the
changes primarily being updating of offsets and surrounding code in each
hunk.
One minor change between v2024.04 and v2025.10 is that a
CONFIG_BOARD_INIT option was added and must be enabled in order to link
in the `board_init()` symbol. As such, the firmware update patch adding
`board_init()` has been modified to enable this option as well.
The patch that enabled OF_UPSTREAM has been modified slightly in order
to incorporate upstream changes between versions: the SMP changes to the
Corstone1000 FVP device tree were incorporated into the Linux kernel so
are no longer needed in the U-Boot specific device tree. As such, the
patch adding A320 support adds these CPU nodes in order to override them
where appropriate.
In the process, signatures are removed from each patch.
Beyond this, the directory in which U-Boot searches for the EFI capsule
CRT file changed from object tree to source tree, so the recipe is
updated to reflect that.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 50f14fa9
---------------------------
arm-bsp/fvp-base: add MMC and 9P to kernel config
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: fbb2c0f7
---------------------------
arm/arm-bsp: optee-examples: drop patch included in 4.9.0
This fixes a build error due to:
patching file Makefile
Hunk #1 FAILED at 12.
1 out of 1 hunk FAILED -- rejects in file Makefile
Patch 0001-Makefile-Avoid-variable-override.patch can be reverse-applied
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 320301be
---------------------------
arm-bsp/external-system: remove redundant DEBUG_PREFIX_MAP fiddling
We have a newer gcc-arm-none-eabi now, so this can be removed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: be599f95
---------------------------
arm-bsp: corstone1000: Swap GIC-600 for GIC-700 for Cortex-A320 variant
Make changes across U-Boot, and OP-TEE OS to swap
the GIC-600 for GIC-700 as the latest version of the FVP
swaps the GIC.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 38d20465
---------------------------
arm/arm-bsp: optee: drop version 4.7.0
Drop support for OP-TEE version 4.7.0 from the layer as
version 4.9.0 is present.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 955cd40e
---------------------------
arm-bsp/corstone1000: move to support OP-TEE version 4.9
Bump Corstone-1000 machine OP-TEE version from 4.7.0
to version 4.9.0.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 4981dca1
---------------------------
arm/arm-bsp: optee: add version 4.9.0
OP-TEE version 4.9.0 has been released on 2026-01-16 [1].
Add OP-TEE recipes to point to version 4.9.0
Link: [1]: https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md#op-tee---version-490-2026-01-16
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Tested-by: Quentin Schulz <quentin.schulz@cherry.de> # xtest on PX30, RK3399, RK3588
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: d9eac47e
---------------------------
arm-bsp/docs:corstone1000: Update copyright and host tool versions
Update Corstone-1000 documentation to reflect 2026 copyright and
current supported host environment.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: c3c97a6b
---------------------------
arm-bsp/trusted-firmware-a: ensure native tools respect BUILD_LDFLAGS
TF-A has a number for variables to control how host binaries are built:
- Our BUILD_CC is HOSTCC; this is set in the recipes
- Our BUILD_CFLAGS is HOSTCCFLAGS; this is not set
- Our BUILD_LDFLAGS has no corresponding variable
However when uninative is enabled we really need to pass BUILD_LDFLAGS
as otherwise there can be link problems:
ld: libcrypto.so: undefined reference to `__isoc23_strtol@GLIBC_2.38'
Patch into the TF-A makefiles support for HOSTLDFLAGS and ensure that we
set all three of the relevant BUILD_ variables.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: de6e6fe7
---------------------------
arm-bsp/docs:corstone1000: Update copyright notice
Update the copyright notice year.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 755287ed
---------------------------
arm-bsp/u-boot: remove upstreamed fvp-base patches
2 of the fvp-base specific u-boot patches were merged in the 2026.01
release. Remove those, as they are no longer necessary.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: f36c9add
---------------------------
Revert "CI: work around xen failures until fixed upstream"
The kernel upgrades are now in oe-core, so we can drop this workaround.
This reverts commit 341a0fd9762012622699aa1431b96a50a65bf16c.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 6aef0d46
---------------------------
arm-bsp/linux-yocto: disable kconfig checking for sbsa-ref and sgi575
The linux-yocto kernel has strict configuration warnings enabled and this
often causes warning, for example with 6.18.3:
[INFO]: the following symbols were not found in the active configuration:
- CONFIG_SND_SOC_ROCKCHIP
- CONFIG_SLIM_QCOM_CTRL
For these machines we're using the upstream defconfig and not a config
file that we're maintaining, so fixing these problems upstream is slower
than one would like.
As we don't maintain the config, we can disable the checker for these
two machines. This is _not_ precedence for disabling the audit for any
machines where we're not simply using the upstream defconfig without any
changes.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 568b3622
---------------------------
arm-bsp/conf:corstone1000: update bl1.bin path
The path changed when the trusted-firmware-m recipe began to inherit
firmware.bbclass.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 514061a3
---------------------------
arm-bsp/docs:corstone1000: update paths
The paths for these files has changed due to the change to the
trusted-firmware-m recipe now using the custom firmware.bbclass.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 604c7e9a
---------------------------
arm/images: ensured consistent firmware deployment
For builds using multiconfig, all of the firmware binaries listed were
being placed in the ${DEPLOYDIR} directly without preserving their
directory hierarchy. This meant that paths to firmware binaries relative
to the ${DEPLOYDIR} differed between builds depending on whether
multiconfig was enabled or not.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: f6c78d27
---------------------------
arm/edk2-firmware: update to edk2-stable202511
Update edk2-firmware and edk2-basetools to the 202511 stable release.
Patches from upstream were needed to get it compiling with clang.
edk2 dropped support for 32bit arm and x86, see
https://edk2.groups.io/g/devel/topic/rfc_remove_ovmf_ia32_and/114152215
Therefore, we're dropping qemuarm edk2 testing and relevant bits
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: a9504082
---------------------------
arm/trusted-firmware-a: add v2.14.0 support
Add support for v2.14.0, and update corstone1000 config and patches to
use it. TF-A seems to have changed their poetry settings from POETRY to
host-poetry (when specifying an alternative location/disabling). So, it
is necessary to modify that for all platforms using COT and v2.14.0
NOTE: sbsa-ref is having issues with fip.bin being too large. So, set
the version to the LTS until that is resolved.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 341a0fd9
---------------------------
CI: work around xen failures until fixed upstream
In master, xen images fail to build as the xt-masquerade module is not
built by the kernel. This has been fixed in the linux-yocto 6.18.3
upgrade but that is not yet merged.
Until it is merged, we can temporarily update the kmeta in our CI.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 955b1d8e
---------------------------
arm/boot-wrapper-aarch64: update to latest commit
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: fbf30c96
---------------------------
arm/machine-summary: remove gn
gn was moved to oe-core. So, we no longer need to track it as part of
the meta-arm CI machine-report
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 0d8f1d5f
---------------------------
arm/opencsd: update to 1.7.1
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 767839df
---------------------------
arm/hafnium: update to 2.14.0
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: ae8bf497
---------------------------
arm/trusted-firmware-m: drop unreferenced patch
Forgot to remove this patch in the previous commit. Removing now.
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 9d3e85c7
---------------------------
docs:corstone1000: Update user guide
- Replace openSUSE Tumbleweed with openSUSE Leap.
- Ensure correct component versions are listed.
- Update changelog and release notes for C25Q4 release.
- Add Positive partial capsule update test.
- Improve user guide for consistency and clarity.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: e8ffad9e
---------------------------
arm-bsp: corstone1000: Enable secure debug on TF-M v2.2.x
Allow TF-M v2.2.2 to boot with Secure Debug enabled on Corstone-1000 and
align the driver implementation with the current psa-adac library.
- Add missing DRBG macros to fix the
"Failed to generate challenge!" error during Secure Debug.
- Fix an unintended platform reset occurring immediately after setting
the debug enable bits in the dcu_en register while in SE LCS.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: d908c2bc
---------------------------
meta-arm-bsp/oeqa: ignore new PCI warnings
The PCI subsystem with 6.18 is now warning on boot:
PCI: OF: of_root node is NULL, cannot create PCI host bridge node
Until this can be root-caused, ignore it.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: 54d84b79
---------------------------
meta-arm/oeqa: ignore initrd warning in qemuarm64-secureboot
With kernel 6.18 the kernel will now warn if it tries to run a command
from a ramdisk but it cannot be found[1]. This happens with the
qemuarm64-secureboot machine (but not qemuarm64) because u-boot appears
to be populating the devicetree with a ramdisk entry:
loading kernel to address 40400000 size 1702a00
1 qfw ready qfw 0 qfw
** Booting bootflow 'qfw' with qfw
## Flattened Device Tree blob at 7e659890
Booting using the fdt blob at 0x7e659890
Working FDT set to 7e659890
Loading Ramdisk to 7bcfd000, end 7d3ffa00 ... OK
Loading Device Tree to 000000007d621000, end 000000007d626534 ... OK
Working FDT set to 7d621000
Starting kernel ...
The kernel tries to mount and boot this ramdisk but fails because it
isn't a valid initrd or initramfs. The boot continues as usual, but this
warning in the logs triggers parselogs.
Until the boot flow is properly resolved, ignore the message.
[1] linux 98aa4d5d242d ("init/main.c: add warning when file specified in rdinit is inaccessible")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---------------------------
Commit: b044647
---------------------------
layer.conf: Add wrynose (yocto 6.0) to compatible layers
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6d818ef
---------------------------
conf/nonclangable: Remove conflicting definition with OE-Core for vulkan-samples
This is different to the setting in OE-Core and is causing failures with
yocto-check-layer. The referenced bug was closed a while ago so the issue
is likely fixed, remove the conflicting definition.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7abda05
---------------------------
conf/nonclangable: Remove conflicting definition with OE-Core for valgrind
This is different to the setting in OE-Core and is causing failures with
yocto-check-layer. The referenced bug was closed a while ago so the issue
is likely fixed, remove the conflicting definition.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ad0dc63
---------------------------
CSNMR-5656: Change layer compat from whinlatter to wrynose
Upstream has changed the LAYERSERIES_CORENAMES from whinlatter to
wrynose on the master branch.
Dropping whinlatter since we do not intend to support that release once
wrynose is released.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: d2d0441
---------------------------
CSNMR-5656: python-zenoh: Update from 1.3.0 to 1.7.2
Need to update to support python-3.14 which is now what is used by
upstream Yocto. Updating is simpler than trying to port 1.3.0 use
python-3.14 since upstream zenoh has already done that work.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: c05a0f1
---------------------------
CSNMR-5656: zenoh-backend-filesystem: Update from 1.3.0 to 1.7.2
1.7.2
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.7.1
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.7.0
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.6.2
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.6.1
What's Changed
New features
* update plugin api by @DenisBiryukov91 in #429
Dependencies
* Sync Cargo.lock with Zenoh
1.5.1
What's Changed
Documentation
* Update adminspace keyexprs format in README by @oteffahi in #379
Dependencies
* Sync Cargo.lock with Zenoh
* chore: pin librocksdb-sys 1.75 compatible version by @diogomatsubara in #407
1.5.0
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.4.0
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.3.4
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.3.3
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.3.2
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
1.3.1
What's Changed
Dependencies
* Sync Cargo.lock with Zenoh
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 335f151
---------------------------
CSNMR-5656: zenoh: Update from 1.3.0 to 1.7.2
1.7.2
What's Changed
New features
* liveliness token support in adminspace by @milyin in #2294
Bug fixes
* Handle wrapping of sequence numbers in advanced pub/sub by @wyfo in #2318
* Use weak session in cancel token callback by @DenisBiryukov91 in #2315
* fixed crash on get @/** by @milyin in #2324
* [ZEN-641] Fix verbatim ke resource matching by @DenisBiryukov91 in #2339
* [ZEN-641] Undeclare key expression on drop by @DenisBiryukov91 in #2341
* Fix bugs in gossip by @OlivierHecart in #2347
Documentation
* Document LivelinessSubscriberBuilder::history by @fuzzypixelz in #2289
Dependencies
* Pin async-lock version by @wyfo in #2330
1.7.1
What's Changed
New features
* expose node current locators by @wyfo in #1966
* Do not report per_link metric without per-link data by @wyfo in #2308
* Reduce contention on stats keys computation by @wyfo in #2305
Bug fixes
* Fix downsampling metric label by @wyfo in #2304
* Fix multicast stats initialization by @wyfo in #2307
* Count payloads stats at routing level by @wyfo in #2310
Dependencies
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2302
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2303
* Pin unzip-n version by @wyfo in #2311
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2309
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2313
1.7.0
What's Changed
Breaking changes
* Turn source info into option instead of a pair of optional id and sn by
@DenisBiryukov91 in #2288
New features
* Reorg lazy shm provider by @yellowhatter in #2221
* [ZEN-688] Query cancellation by @DenisBiryukov91 in #2223
* Bump the version of the crates by @evshary in #2261
* Add Query::source_info method by @DenisBiryukov91 in #2290
* Metrics per key by @wyfo in #2284
* Gzip metrics by default by @wyfo in #2297
Bug fixes
* Bypass commit check if it is unspecified for plugin or host by
@DenisBiryukov91 in #2225
* Fix aggregate subscriber and queryable interests by @DenisBiryukov91
in #2210
* Fix Encoding::with_schema to work correctly with custom encodings by
@DenisBiryukov91 in #2230
* Handle ignored cases in Interest::options by @fuzzypixelz in #2256
* Fix ACL delete egress decision based on cache content by @oteffahi in
#2295
* Fix RX stats being counted twice by @wyfo in #2299
Documentation
* Fix the invalid link of Zenoh-ext. by @evshary in #2287
Dependencies
* chore: pin dependencies for 1.7.5 by @diogomatsubara in #2222
* chore: update petgraph to 0.8.3 by @diogomatsubara in #2218
* Pin 1.75 deps for valgrind check by @DenisBiryukov91 in #2226
* Recreate Cargo.lock by @eclipse-zenoh-bot in #2228
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2236
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2244
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2249
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2250
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2252
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2254
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2257
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2259
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2262
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2265
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2266
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2270
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2271
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2274
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2277
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2286
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2291
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2296
* chore: recreate Cargo.lock by @eclipse-zenoh-bot in #2298
1.6.2
What's Changed
New features
* Take zenoh version from CARGO_PKG_VERSION instead of git tag by
@DenisBiryukov91 in #2203
* Add to_string method and make IConfig Send+Sync by @DenisBiryukov91 in
#2207
* Precommit SHM pages by @yellowhatter in #2175
* Bug fixes
* Fix queryable info update in case of connection loss by
@DenisBiryukov91 in #2205
Documentation
* ci: add job to build docs similar to docs.rs by @diogomatsubara in #2206
1.6.1
What's Changed
New features
* Shm allocators by @yellowhatter in #2117
* implement Error for ZLayoutError by @wyfo in #2132
* add missing error implementations for shared memory by @wyfo in #2134
* use dynamic runtime in plugins by @DenisBiryukov91 in #2013
* rework shm API and implementation by @wyfo in #2136
* Improve scalability by @OlivierHecart in #2174
* expose the EntityGlobalId of the session by @wyfo in #2182
* Add shm infos in adminspace and stats by @OlivierHecart in #2193
Bug fixes
* fix(links): correct IPv6 address parsing for TLS and QUIC locators by
@steils in #2138
* Fix declaration propagation to avoid infinite loop in p2p by
@OlivierHecart in #2140
* fix: narrow SessionState lock guard scope when MatchingListener drop
by @passchaos in #2101
* Fix propagated final interest id by @fuzzypixelz in #2144
* Fix get_interface_names_by_addr implementation for IPv4-mapped IPv6
addresses by @oteffahi in #2149
* fix liveliness query and liveliness subscriber id overlapping by @wyfo
in #2156
* Fix bug leading to reliable messages drop when sent along best effort
messages by @wyfo in #2152
* fix client mode with multiple connect endpoints by @DenisBiryukov91 in
#2158
* Respect liveliness subscriber history when processing token
declarations by @oteffahi in #2160
* Fix declares race condition by @OlivierHecart in #2179
* Fix treatment of complete field for same ke queryable on the same face
by @DenisBiryukov91 in #2135
* Fix multlink reconnect by @DenisBiryukov91 in #2173
* Fix ACL subject matching by @oteffahi in #2141
Documentation
* Fix backend example in docs by @DenisBiryukov91 in #2154
* readme rewrite by @milyin in #2170
* update Rust documentation by @milyin in #2145
* unicast max_links doc update by @milyin in #2190
1.5.1
What's Changed
Breaking changes
* fix: consistently use the snake case by @YuanYuYuan in #2093
Note : In all configuration_control configurations, the "blockfirst"
value is no longer valid and must be replaced by "block_first".
* SHM typed API by @yellowhatter in #2034
New features
* Add put and delete downsampling message types by @DenisBiryukov91 in #2115
Note : In downsampling/messages configuration: "push" is now deprecated
and may not be supported in future versions, use "put" and/or
"delete" instead.
* Implicit SHM optimization by @yellowhatter in #2113
* Optimize SHM metadata storage (adds ~300k msgs\sec) by @yellowhatter
in #2116
Bug fixes
* Fix multicast transports cleanup on Session:close by @oteffahi in #2075
* Fix client and peer queryable distance by @fuzzypixelz in #2073
* Use inline tables for package.metadata.deb.assets by @fuzzypixelz in #2084
* Fix the typos in the configuration. by @evshary in #2091
* Comment-out logging in cleanup (causes logger panic in atexit()) by
@yellowhatter in #2094
* Do not allow links between instances with the same zid by
@DenisBiryukov91 in #2110
Documentation
* README.md: add gpg key installation to Debian instructions by @JEnoch
in #2092
Dependencies
* chore(deps): bump crossbeam-channel from 0.5.14 to 0.5.15 by
@dependabot[bot] in #1985
* chore(deps): bump dependencies for license compatibility by
@YuanYuYuan in #2126
Other changes
* Revert "cache pipeline selection" by @yellowhatter in #2119
1.5.0
What's Changed
Breaking changes
* SHM API improvement: ProtocolID and others... by @yellowhatter in #1975
* [ZEN-587] Make Reply::replier_id() return an EntityGlobalId by
@oteffahi in #2052
New features
* Allow to make get request without payload in the example by @milyin in
#1972
* add missing clone/debug implementations by @wyfo in #1974
* fix RecoveryConfig by @wyfo in #1973
* add internal set_background method to advanced sub by @wyfo in #1976
* Optimize shm watchdog storage by @yellowhatter in #1869
* Improve shm api by @yellowhatter in #1950
* [ZEN-557] do not set zenohid in the config if it is unset, do it in
the runtime builder instead by @DenisBiryukov91 in #1978
* Fix shm api reexports by @yellowhatter in #2003
* Polish shm by @yellowhatter in #2023
* Polish z_pub_shm.rs by @yellowhatter in #2007
* add CongestionControl::BlockFirst by @wyfo in #2014
* Improve error message when opening an empty file by @patrickelectric
in #2006
* Avoid key expression checks in local query handling by @OlivierHecart
in #2035
* Add more options to QoSOverwrite interceptor by @OlivierHecart in #2030
* Make qos/network/key_expr conf field optional by @OlivierHecart in #2049
* stabilize querier and matching status/listener by @DenisBiryukov91
in #2051
* optimize hashmap for integer keys by @wyfo in #2046
* use vector instead of hashmap for routes by @wyfo in #2047
* Add matching listener handler getters by @DenisBiryukov91 in #2059
* Improve interceptors performances by @OlivierHecart in #2053
* Report multicast sessions in Adminspace by @OlivierHecart in #2042
* Support QUIC unreliable datagrams by @fuzzypixelz in #2045
* Add ZID subject property to ACL by @oteffahi in #2015
* Refactor KeyExpr::try_from<&str> and add some tests by @evshary in #2025
* feat: make CongestionControl and Priority hashable by @alokpr in #2060
Bug fixes
* fix Encoding structure to allow to pass custom encoding string by
@milyin in #1964
* Fix bug querying with Target AllComplete on local queryables by
@OlivierHecart in #1998
* Make untimestamped replies ordered by arrival by @OlivierHecart in #1999
* Make untimestamped replies ordered by arrival in monotonic case by
@milyin in #2000
* [ZEN-557] Extract udp socket source address via PKTINFO by
@DenisBiryukov91 in #1980
* Read the gossip autoconnect config from the GossipConf instead of the
ScoutingMulticastConf by @Hugal31 in #2011
* fix handling of port 0 on multicast locator by @wyfo in #1968
* Accept a boolean value for the complete field of storage_manager
config by @evshary in #1991
* Update the zenohd config in the Debian package. by @evshary in #1992
* fix unstable features requirements introduced by #2014 by @wyfo in #2040
* fix IntHashMap::contains_key by @wyfo in #2058
* Fix Session::close timeout while client attempts to reconnect by
@oteffahi in #2012
* Report proper whatami for adminspace entities by @OlivierHecart in #2061
Documentation
* Polish shm (for zshm examle) by @yellowhatter in #2024
* Update README how to avoid an out-of-memory error by @evshary in #1993
Dependencies
* chore: unpin home dependency by @simpleton in #1963
1.4.0
What's Changed
New features
* add Queryable::key_expr() method by @DenisBiryukov91 in #1917
* Derive Debug and Clone for SampleFields by @fuzzypixelz in #1923
* [ZEN-547] Add support for link weights by @DenisBiryukov91 in #1914
* Allow providing a full configuration through --cfg argument (#1935)
by @kydos in #1936
* feat: add hash support for Encoding by @alokpr in #1912
* enumerate IP interface names for WebSocket link by @yellowhatter in #1943
* adminspace: Set proper encoding by @anassinator in #1934
* support DSCP link config by @wyfo in #1937
Bug fixes
* remove todo! from zenoh_backend_traits::config::VolumeConfig::try_from
by @DenisBiryukov91 in #1918
* Properly set Reply::replier_id by @OlivierHecart in #1928
* fix incorrectly set edge weight upon new transport creation by
@DenisBiryukov91 in #1946
* Fix wrong error log in linkstate peers by @OlivierHecart in #1951
Documentation
* Document callback drop on subscriber undeclaration by @fuzzypixelz
in #1590
* Doc: fix SeqNum and SeqNumGenerator documentation (fix #1949) by
@JEnoch in #1952
1.3.4
What's Changed
New features
* deny unknown config fields by @wyfo in #1865
* [ZEN-548]add zids config parameter to qos_overwrite by @wyfo in #1908
* [ZEN-548]allow inserting config list item with its id by @wyfo in #1909
1.3.3
What's Changed
New features
* Bug/fix batching wait regression by @yellowhatter in #1881
* [ZEN-526] Add Bind config option by @OlivierHecart in #1892
* Maintain keyexpr type in interceptors by @fuzzypixelz in #1851
* [ZEN-529], [ZEN-534] Add number of downsampled messages and blocked
bytes to stats by @DenisBiryukov91 in #1873
Bug fixes
* Lowlatency async finalize by @yellowhatter in #1894
1.3.2
What's Changed
Bug fixes
* Revert "Improve batching wait on multifragment messages" by
@yellowhatter in #1875
1.3.1
What's Changed
New features
* Nolocal close by @yellowhatter in #1632
* [ZEN-532] Cache invalidation by @DenisBiryukov91 in #1849
* Improve batching wait on multifragment messages by @yellowhatter in #1843
* add qos overwrite interceptor by @DenisBiryukov91 in #1825
* Cache ACL interceptor results by @DenisBiryukov91 in #1821
* [ZEN-530] Add link protocols subject to interceptors by @oteffahi in #1850
* qos overwriter no longer checks ke of message types that should not be
affected by @DenisBiryukov91 in #1862
* Add new non periodic last sample miss detection mechanism by
@OlivierHecart in #1861
* Add log for better trace by @evshary in #1844
* Make SHM segment cleanup routine more robust by @yellowhatter in #1866
* Add low pass filter by @OlivierHecart in #1868
Bug fixes
* Fix bug with wait_before_close by @OlivierHecart in #1855
* Fix memory leak in shm segment cleanup by @yellowhatter in #1867
* Fix identation in rustdoc comments by @fuzzypixelz in #1874
Documentation
* Fixes #1820 by @Mallets in #1858
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: d8b3e04
---------------------------
CSNMR-5656: zenoh: Drop DDS plugin recipe
We are not using DDS, so instead of porting the plugin to 1.7.2, we will
drop the recipe for now. If/when we need it, we will do the port then.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: dd92498
---------------------------
CSNMR-5656: Change layer compat from whinlatter to wrynose
Upstream has changed the LAYERSERIES_CORENAMES from whinlatter to
wrynose on the master branch.
Dropping whinlatter since we do not intend to support that release once
wrynose is released.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 9dc5938
---------------------------
CSNMR-5656: trimble-optee-fitimage: Fix args to ItsNodeRootKernel
Upstream added a new `mkimage_extra_opts` keyword argument to the
ItsNodeRootKernel class __init__() method. This caused our builds to
fail because we were passing all of the kwargs by position.
Rework how we instantiate the ItsNodeRootKernel class to pass all
keyword arguments using `key=value` wkargs style instead of by position.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: eefb30a
---------------------------
CSNMR-5656: Fix path to SPL binary when signing
The path the SPL binary now depends on config values in ${UBOOT_CONFIG}.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 569ba29
---------------------------
CSNMR-5656: u-boot: Rework recipes to use new UBOOT_CONFIG mechanisms
Upstream oe-core has refactored how UBOOT_CONFIG works.
Without these changes, the bitbake build would fail to respect the
PREFERRED_VERSION of uboot (set to 2024.04) and use 2025.01 or 2026.01
instead which would cause our builds to break. We're not ready to move
2025.01 or 2026.01 yet, so need to stay on 2024.04.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: a0171e0
---------------------------
CSNMR-5656: optee-os: Drop upstreamed patches
These patches have been applied by upstream optee project and we no
longer need to provide them.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 7478c09
---------------------------
CSNMR-5656: Change layer compat from whinlatter to wrynose
Upstream has changed the LAYERSERIES_CORENAMES from whinlatter to
wrynose on the master branch.
Dropping whinlatter since we do not intend to support that release once
wrynose is released.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 6b55bede28
---------------------------
luaposix: Upgrade to 36.3
Fix build with lua 5.5
License-Update: bump copyright years to 2025 [1]
[1] https://github.com/luaposix/luaposix/commit/07cf96f23c10ad01736205e6ca18375a208d05bf
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fdb49727a7
---------------------------
links,links-x11: Upgrade to 3.20
Fix build with glibc 2.43+
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a68f03454b
---------------------------
libfaketime: Upgrade to 0.9.11
Fix build with glibc 2.43+
Changes:
Fixed various cross-platform compile-time issues
Honor nanosecond parameters/fields in relevant system calls
Limited improvements to enhance compatibility with other LD_PRELOAD libraries
Added selected more intercepted system calls
Unset FAKETIME_SHARED automatically for child processes when enabling FAKETIME_FLSHM=1
Disable shared memory for child processes through FAKETIME_DISABLE_SHM=1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a75c2f0b6f
---------------------------
layers: update for wrynose release series
Drop walnascar from supported release series
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5925a61082
---------------------------
pipewire: update 1.6.0 -> 1.6.2
- remove two backport patches
PipeWire 1.6.2 (2026-03-16)
This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.
Highlights
- Fix a potential crash when the wrong memory was freed.
- Fix a optimization with shared memory over some links that could
cause errors later on.
- Fix SOFA filter and default control input in LADSPA and LV2.
- Some other small fixes and improvements.
PipeWire
- Remove an optimization to skip share mem in links, it causes problems
later on. (#5159)
Modules
- Don't try to free invalid memory or close invalid fds when the client
aborted before allocating buffer memory. (#5162)
SPA
- support ACP_IGNORE_DB in udev.
- Use 0x as a prefix for hex values.
- Mark Props as write-only in libcamera.
- Small optimization in the audio mixer.
- Fix initialization of control properties for SOFA and biquads in the
filter-graph. (#5152)
- Fix min/max default values for LADSPA and LV2.
JACK
- Fix jack_port_type_id(). Return values that are compatible with JACK1/2.
Older versions:
PipeWire 1.6.1 (2026-03-09)
This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.
Highlights
- Fix socket activation, which could cause a failure to start PipeWire in
some setups.
- Fix crashes in many JACK apps when nodes/ports are quickly added/removed
such as when there are notifications (like when changing the volume in
KDE).
- Fix playback of encoded formats in pw-cat again.
- Some other smaller fixes and improvements.
Modules
- Fix socket activation. (#5140)
- Remove node.link-group from driver nodes.
SPA
- Fix the libcamera stop sequence.
JACK
- Never return NULL from jack_port_by_id(). (#3512)
GStreamer
- Improve the timestamps on buffers.
Tools
- Fix playback of encoded formats. (#5155)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 216b1c7cb2
---------------------------
libgpiod: fix gpio-tools tests failure with new coreutils
openembedded-core updated to coreutils v9.10 in which commit
8c2461933411 ("timeout: honor ignored signal dispositions") changed the
behavior of timeout. It will no longer propagate SIGINT to background
shell jobs which breaks test-cases for gpio-tools which verify that they
exit correctly after receiving SIGINT. This backports the patch sent
upstream that removed the offending test-cases as we already have a
similar set of tests for SIGTERM.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d875c64da1
---------------------------
wireshark: Add xxhash to DEPENDS
Currently, the build of wireshark fails with
ERROR: wireshark-1_4.6.3-r0 do_package_qa: QA Issue: /usr/lib/libwsutil.so.17.0.0 contained in package wireshark requires libxxhash.so.0()(64bit), but no providers found in RDEPENDS:wireshark? [file-rdeps]
ERROR: wireshark-1_4.6.3-r0 do_package_qa: Fatal QA errors were found, failing task.
ERROR: Logfile of failure stored in: /build/tmp/work/core2-64-poky-linux/wireshark/4.6.3/temp/log.do_package_qa.302606
ERROR: Task (/build/../work/layers-3rdparty/openembedded/meta-networking/recipes-support/wireshark/wireshark_4.6.3.bb:do_package_qa) failed with exit code '1'
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0001e284a9
---------------------------
dlt-daemon: upgrade 2.18.10 to 3.0.0
Changes:
https://github.com/COVESA/dlt-daemon/releases
Remove patches already in 3.0.0:
544.patch
567.patch
0001-CMakeLists-txt-make-DLT_WatchdogSec-can-be-set-by-user.patch
0003-allow-build-with-cmake-4.patch
Add patches to fix build failures
0001-Fix-compile-failure-related-to-gzlog.patch
0001-Fix-kinds-of-build-failure.patch
0001-Fix-build-failures.patch
0001-fix-build-failure-when-systemd-is-enabled.patch
0001-Fix-build-failure-with-glibc-2.43.patch
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cf4788c916
---------------------------
python3-redis: upgrade 5.3.1->7.3.0
Switch build system from setuptools3 to python_hatchling
Changelog:
https://github.com/redis/redis-py/releases
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d62b06c427
---------------------------
python3-paramiko: upgrade 3.5.1->4.0.0
Changelog:
https://www.paramiko.org/changelog.html
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ad2a5ac0a0
---------------------------
android-tools-conf-configfs: make USB gadget IDs configurable
The android-gadget-setup script currently hardcodes the USB vendor ID,
product ID, and configuration string. This makes it difficult for BSP
layers to customize USB gadget identity with platform specific values.
Introduce variables for the vendor ID, product ID, and configuration
string when populating the configfs attributes. This allows machine
or distro specific overrides via `/etc/android-gadget-setup.machine`,
while preserving the existing default values.
Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 62b17d2806
---------------------------
python3-m2crypto: fix do_compile error using clang
erre message:
| INFO:mkpath:creating build/temp.linux-aarch64-cpython-314/src/SWIG
| INFO:spawn:aarch64-yoe-linux-clang -mcpu=cortex-a57+crc --dyld-prefix=/usr -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot -O2 -g -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/sources/m2crypto-0.47.0=/usr/src/debug/python3-m2crypto/0.47.0 -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/sources/m2crypto-0.47.0=/usr/src/debug/python3-m2crypto/0.47.0 -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot= -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot-native= -pipe -fPIC -I/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot/usr/include/python3.14 -I/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/sources/m2crypto-0.47.0/src/SWIG -c src/SWIG/_m2crypto_wrap.c -o build/temp.linux-aarch64-cpython-314/src/SWIG/_m2crypto_wrap.o -DTHREADING -Wno-deprecated-declarations
| src/SWIG/_m2crypto_wrap.c:4455:1: error: unknown type name 'PRAGMA_IGNORE_UNUSED_LABEL'
| 4455 | PRAGMA_IGNORE_UNUSED_LABEL
| | ^
| src/SWIG/_m2crypto_wrap.c:4456:30: error: expected ';' after top level declarator
| 4456 | PRAGMA_WARN_STRICT_PROTOTYPES
| | ^
| | ;
| 2 errors generated.
Add patch 0001-fix-swig-avoid-clang-GNUC-pragma-block-before-_lib.h.patch to avoid clang GNUC pragma block before _lib.h
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 01d347f0bc
---------------------------
opensaf: upgrade 5.22.01 -> 5.26.02
1.Add new patch 0001-To-fix-Werror-discarded-qualifiers-error.patch to fix build error
2.Remove following patches as merged upstream
0001-Fix-build-with-fno-common.patch
0001-include-missing-array-header.patch
0001-include-cstdint-for-uintXX_t-types.patch
0002-Fix-Werror-enum-int-mismatch-with-gcc13.patch
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0270b1c372
---------------------------
fd-find: update 10.3.0 -> 10.4.2
Changes are here:
https://github.com/sharkdp/fd/compare/v10.3.0...v10.4.2
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fd7d73eb8a
---------------------------
libde265: upgrade 1.0.16 -> 1.0.17
Also fix packaging QA errors about staticlibs and dev-so
Release Notes:
https://github.com/strukturag/libde265/releases/tag/v1.0.17
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 260662ca32
---------------------------
libheif: CVE-2026-3949
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3949
Backport the patch that is referenced by the NVD report (in the description)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e673a4cd8e
---------------------------
unixodbc: mark CVE-2024-1013 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-1013
The vulnerability has been patched since 2.3.13[1], however
NVD tracks it without version info.
Due to this, mark it patched explicitly.
[1]: https://github.com/lurcher/unixODBC/commit/249bfcc511e89431b910ce2c62ae0b62bb9cc214
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0abb9a484e
---------------------------
python-pyjwt: upgrade 2.11.0 -> 2.12.1
Contains fix for CVE-2026-32597. Since NVD tracks this CVE
without version info, mark the CVE explicitly patched.
Changes:
2.12.1:
Add typing_extensions dependency for Python < 3.11
2.12.0:
chore(docs): fix docs build
Annotate PyJWKSet.keys for pyright
fix: close HTTPError to prevent ResourceWarning on Python 3.14
chore: remove superfluous constants
chore(tests): enable mypy
Bump actions/download-artifact from 7 to 8
fix: do not store reference to algorithms dict on PyJWK
Use PyJWK algorithm when encoding without explicit algorithm
Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. (CVE-2026-32597)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 96fa70cddf
---------------------------
ettercap: fix typo in CVE ID
The CVE fix is correct, but the CVE ID contains a typo. The correct
ID is CVE-2026-3606.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b81ba45156
---------------------------
exiv2: mark CVE-2026-27631 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-27631
Though NVD indicates that 0.28.8 is still vulnerable, that does
not seem to be the case: the fix that is referenced by the advisory
has been backported[1] to this verison. Due to this, mark this
CVE as patched.
[1]: https://github.com/Exiv2/exiv2/commit/21d129c842212c198dd887dbaafc5ce734e9dfad
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1cad6f53a4
---------------------------
libsodium: mark CVE-2025-69277 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-69277
The vulnerability has been fixed[1] since version 1.0.20, but NVD
tracks it without version info. Mark it patched explicitly.
[1]: https://github.com/jedisct1/libsodium/commit/f2da4cd8cb26599a0285a6ab0c02948e361a674a
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2184766a34
---------------------------
gimp: update 3.0.8 -> 3.2.0
- remove a backport patch
- rework the fix for host systems that dont provide iso-codes
- update mypaint-brushes dependency to 2.x
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e8ba93418e
---------------------------
libwebsockets: upgrade 4.5.2 -> 4.5.7
Update to latest v4.5-stable patch level.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fe64fb0496
---------------------------
ntfs-3g-ntfsprogs: update UPSTREAM_CHECK_GITTAGREGEX
Update UPSTREAM_CHECK_GITTAGREGEX to check the correct latest stable
verison.
Before the patch:
$ devtool latest-version ntfs-3g-ntfsprogs
INFO: Current version: 2022.10.3
INFO: Latest version: 20070925
INFO: Latest version's commit: e859b1b1099d6fb8080f84db7f3790ab2bdc92e4
$ devtool latest-version ntfs-3g-ntfsprogs
INFO: Current version: 2022.10.3
INFO: Latest version: 2022.10.3
INFO: Latest version's commit: 78414d93613532fd82f3a82aba5d4a1c32898781
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 87e26e4769
---------------------------
freerdp3: upgrade 3.23.0 -> 3.24.0
Contains many bugfixes and CVE fixes:
https://github.com/FreeRDP/FreeRDP/releases/tag/3.24.0
Added build option to use internal rc4 and md4 ciphers: this is due
to a recent change in oe-core. OpenSSL's legacy ciphers (like RC4 and MD4)
are now disabled by default (with 'legacy' PACKAGECONFIG), however
FreeRDP3 relies on them.
To ensure that the required ciphers are available, build the
recipe with this ciphers' internal implementations instead of
expecting OpenSSL to support them.
Ptests passed successfully.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9a3f58742f
---------------------------
imagemagick: upgrade 7.1.2-16 -> 7.1.2-17
Contains bugfixes and a couple of CVE fixes:
https://github.com/ImageMagick/ImageMagick/compare/7.1.2-16...7.1.2-17
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5f1c8e7461
---------------------------
glibmm-2.68: upgrade 2.80.0 to 2.86.0
License-Update: Remove obsolete FSF address
NEWS:
https://gitlab.gnome.org/GNOME/glibmm/-/blob/2.86.0/NEWS
[1] https://github.com/GNOME/glibmm/commit/727b086bc5bc29fbbfb3fb90198499364cc65dac
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f9406a6c8e
---------------------------
kronosnet: upgrade 1.31 -> 1.33
Changelog
https://github.com/kronosnet/kronosnet/releases/tag/v1.33
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2735729989
---------------------------
squid: upgrade 7.4 -> 7.5
License-Update: updated to latest GPLv2 text version [1]
Changelog [2]
- Bug 5501: Squid may exit when ACLs decode an invalid URI
- ICP: Fix HttpRequest lifetime for ICP v3 queries
- ICP: Fix validation of packet sizes and URLs
- Do not escape malformed URI twice when sending ICP errors
- ... and some code, CI, and documentation cleanups
[1] https://github.com/squid-cache/squid/commit/765c7f4e7fa45ce87134b4a38ad175db4bda06dd
[2] https://github.com/squid-cache/squid/releases/tag/SQUID_7_5
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a28c68436e
---------------------------
squid: fix UPSTREAM_CHECK_REGEX
Squid tags are in form SQUID_<MAJ>_<MIN>.
This can also be seen in SRC_URI download link.
This change will make "devtool latest-version squid" correctly show 7.5
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0a364d9c82
---------------------------
opengl-es-cts: upgrade 3.2.13.0 -> 3.2.14.0
Upgrade OpenGL ES CTS to the last release, mostly bringing up fixes for
the existing tests.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5a0b443018
---------------------------
vulkan-cts: upgrade 1.4.5.1 -> 1.4.5.2
Upgrade Vulkan CTS, fixing several small issues in the tests.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4a0fb4e6c5
---------------------------
spice-gtk: enable libva-x11 and drop gstreamer1.0-vaapi
OE-Core has dropped gstreamer1.0-vaaapi, breaking spice-gtk. Drop the
dependency and, while we are at it, enable libva as a dependency, making
sure VA-API is enabled.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0530bb6f6c
---------------------------
redis 8: Update licence
Redis 8.0 and later are tri-licensed, the licence options are:
* Redis Source Available License v2
* Server Side Public License v1.0
* GNU Affero GPL v3.0
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3792b7902a
---------------------------
libfido2-initial: new recipe
Use this recipe to break a circular dependency between libfido2 and
systemd when systemd's fido PACKAGECONFIG is enabled. systemd depends
on libfido2, and libfido2 depends on udev provided by systemd. However,
systemd only depends on the headers provided by libfido2 and its pkgconf
data. systemd uses only the datatypes provided, and opportunistically
enables fido support if libfido2 is found.
This recipe provides only the headers and pkgconf data. This is
sufficient to allow systemd to build support for libfido2.
It only works with a related change I've submitted to openembedded core.
Signed-off-by: Dan McGregor <danmcgr@protonmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e585da399f
---------------------------
bpftrace: Update the runtime dependencies
* bash and python3 are only needed by the ptest package.
* xz appears to not be needed at all.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cdb5d4c3e7
---------------------------
python3-tornado: upgrade 6.5.4 -> 6.5.5
Security fixes including CVE-2026-31958
https://www.tornadoweb.org/en/stable/releases/v6.5.5.html
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 701a1df07c
---------------------------
perfetto: Don't copy gn native binary
With the current recipe I am getting
```
gn: error while loading shared libraries: libc++abi.so.1: cannot open shared object file: No such file or directory
```
on my aarch64 machine
This is due to gn having a relative library runpath causing the interpreter not finding the shared libraries
Instead of copying the binary just directly execute it
Additionally remove the unnecessary download of the prebuilt gn binary
Signed-off-by: Willi Ye <zye2@snap.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 00616ccdaf
---------------------------
refpolicy-targeted: Added sepolicy for adb service
- Labeled adb binary
- Moved adb shell from initrc_t to unconfined_t
- meta-selinux does not provide adb domain added policy in meta-oe
instead of refpolicy: SELinuxProject/refpolicy#1085
Signed-off-by: Gargi Misra <gmisra@qti.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 786f3323d7
---------------------------
pipewire: enable aptX Bluetooth codec support
Enable aptX/aptX-HD codec support in PipeWire's Bluetooth A2DP codec.
This allows A2DP streaming with aptX-capable headsets when libfreeaptx
is available.
Signed-off-by: Shuai Zhang <shuai.zhang@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d44ea32dba
---------------------------
libfreeaptx: add aptX/aptX-HD codec library
Add a libfreeaptx recipe (LGPL-2.1+) to provide aptX/aptX-HD codec
support for Bluetooth A2DP audio codec.
Signed-off-by: Shuai Zhang <shuai.zhang@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 001d503fe7
---------------------------
python3-nltk: mark CVE-2026-0846 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0846
It has been fixed in version 3.9.3, however NVD tracks it
without CPE/version info.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 94990de736
---------------------------
python3-grpcio: upgrade 1.76.0 -> 1.78.0
Change build tools from setuptools3 to python_setuptools_build_meta
Add cython depends and change cython requirement from cython==3.1.1 to
cython>=3.1.1. Currently we use cython version 3.2.4
Changelog:
https://github.com/grpc/grpc/releases/tag/v1.78.0
Changes for python:
- aio: fix race condition causing asyncio.run() to hang forever during the shutdown process.
- Migrate to pyproject.toml build system from setup.py builds.
- Log error details when ExecuteBatchError occurs (at DEBUG level).
- Update setuptools min version to 77.0.1.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 04ef8fb242
---------------------------
libsodium: upgrade 1.0.20 -> 1.0.21
License-Update: copyright years refreshed
Removed patch included in this release
Add path to fix compilation with gcc on aarch64
Changelog:
https://github.com/jedisct1/libsodium/releases/tag/1.0.21-RELEASE
Changes:
Version 1.0.21
- security fix for the crypto_core_ed25519_is_valid_point() function
- new crypto_ipcrypt_* functions
- sodium_bin2ip and sodium_ip2bin helper functions
- XOF: the crypto_xof_shake* and crypto_xof_turboshake* functions
Version 1.0.20-stable
- XCFramework: cross-compilation is now forced on Apple Silicon to avoid Rosetta-related build issues
- The Fil-C compiler is supported out of the box
- The CompCert compiler is supported out of the box
- MSVC 2026 (Visual Studio 2026) is now supported
- Zig builds now support FreeBSD targets
- Performance of AES256-GCM and AEGIS on ARM has been improved with some compilers
- Android binaries have been added to the NuGet package
- Windows ARM binaries have been added to the NuGet package
- The Android build script has been improved. The base SDK is now 27c, and the default platform is 21, supporting 16 KB page sizes.
- The library can now be compiled with Zig 0.15 and Zig 0.16
- Zig builds now generate position-independent static libraries by default on targets that support PIC
- arm64e builds have been added to the XCFramework packages
- XCFramework packages are now full builds instead of minimal builds
- MSVC builds have been enabled for ARM64
- iOS 32-bit (armv7/armv7s) support has been removed from the XCFramework build script
- Security: optblockers have been introduced in critical code paths to prevent compilers from introducing unwanted side channels via conditional jumps. This was observed on RISC-V targets with specific compilers and options.
- Security: crypto_core_ed25519_is_valid_point() now properly rejects small-order points that are not in the main subgroup
- ((nonnull)) attributes have been relaxed on some crypto_stream* functions to allow NULL output buffers when the output length is zero
- A cross-compilation issue with old clang versions has been fixed
- JavaScript: support for Cloudflare Workers has been added
- JavaScript: WASM_BIGINT is forcibly disabled to retain compatibility with older runtimes
- A compilation issue with old toolchains on Solaris has been fixed
- crypto_aead_aes256gcm_is_available is exported to JavaScript
- libsodium is now compatible with Emscripten 4.x
- Security: memory fences have been added after MAC verification in AEAD to prevent speculative access to plaintext before authentication is complete
- Assembly files now include .gnu.property notes for proper IBT and Shadow Stack support when building with CET instrumentation.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 510ea4db57
---------------------------
luajit: Update to latest on v2.1 branch
License-Update: copyright year updated
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6e45ada388
---------------------------
atkmm: upgrade 2.28.2 to 2.28.4
NEWS:
https://gitlab.gnome.org/GNOME/atkmm/-/blob/atkmm-2-28/NEWS
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a813457aab
---------------------------
glibmm: upgrade 2.66.7 to 2.66.8
NEWS:
https://gitlab.gnome.org/GNOME/glibmm/-/blob/2.66.8/NEWS
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c407d8669c
---------------------------
capnproto: upgrade 1.0.2 -> 1.4.0
Contains fix for CVE-2026-32239 and CVE-2026-32240
Also, mark these CVEs explicitly patched, because NVD tracks them
without version info at this time.
Shortlog:
https://github.com/capnproto/capnproto/compare/v1.0.2...v1.4.0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 32eb632648
---------------------------
hstr: upgrade 3.1.0 to 3.2.0
Full Changelog:
https://github.com/dvorka/hstr/compare/3.1...v3.2
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 16a72067f5
---------------------------
python3-ninja: upgrade 1.11.1.1 -> 1.13.0
Changelog:
https://github.com/scikit-build/ninja-python-distributions/releases
Upstream commit [1] switched build system from scikit-build to
scikit-build-core, which changed pyproject.toml structure and rewrote
__init__.py. Update patches accordingly:
- no-scikit-build.patch: rewrite for new pyproject.toml structure,
replace scikit-build-core with setuptools, and remove 'readme'
from dynamic fields as setuptools cannot handle the fancy-pypi-readme
plugin.
- run-ninja-from-path.patch: drop. Old version imported skbuild
modules in __init__.py which caused ImportError in OE since
scikit-build is not installed. New version replaced these imports
with stdlib sysconfig, so the patch is no longer needed.
- CMakeLists.txt: drop. This was a stub file added to prevent
scikit-build from failing when it could not find CMakeLists.txt.
Since we now use setuptools which does not require it, the file
can be removed.
[1] https://github.com/scikit-build/ninja-python-distributions/commit/f3b4a786be
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f75f4164fd
---------------------------
python3-gpiod: update to v2.4.1
Bug-fix release addressing a memory leak and a couple minor issues.
We now ship the license file with the dist tarball so update the recipe
to take this into account. While at it: trim the LICENSE value to only
include LGPL-v2.1-or-later as the other two licenses cover tests and
text files.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2c74fbff25
---------------------------
librust-cxx: Add librust-cxx recipe
Add a recipe for the cxx crate, which provides a safe and efficient
bridge for interoperability between Rust and C++ code. It allows
defining the FFI boundary in a shared Rust module and generates
compatible bindings for both languages during the build process.
The crate is implemented in Rust and supports zero-overhead FFI with
common Rust and C++ standard library types.
More information: https://crates.io/crates/cxx
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5610dcfffc
---------------------------
libnice: make crypto library configurable via PACKAGECONFIG
Move gnutls from a hard dependency to a PACKAGECONFIG option defaulting
to gnutls. This allows users to select openssl as an alternative crypto
library by setting PACKAGECONFIG.
Signed-off-by: Nguyen Dat Tho <tho3.nguyen@lge.com>
Signed-off-by: Sujeet Nayak <sujeetnayak1976@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0f18a8f9e0
---------------------------
spawn-fcgi: upgrade 1.6.5 -> 1.6.6
Changelog:
* Use meson instead of autotools and cmake
* Simplify/reduce configure checks and #ifdefs
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 757cf70943
---------------------------
nginx: upgrade 1.29.5 -> 1.29.6
Changelog:
* Feature: session affinity support; the "sticky" directive in the
"upstream" block of the "http" module; the "server" directive supports
the "route" and "drain" parameters.
* Change: now nginx limits the size and rate of QUIC stateless reset
packets.
* Bugfix: receiving a QUIC packet by a wrong worker process could cause the
connection to terminate.
* Bugfix: "[crit] cache file ... contains invalid header" messages might
appear in logs when sending a cached HTTP/2 response.
* Bugfix: proxying to scgi backends might not work when using chunked
transfer encoding and the "scgi_request_buffering" directive.
* Bugfix: in the ngx_http_mp4_module.
* Bugfix: nginx treated a comma as separator in the "Cookie" request header
line when evaluating "$cookie_..." variables.
* Bugfix: in IMAP command literal argument parsing.
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e69af2bc14
---------------------------
webmin: upgrade 2.520 -> 2.621
https://github.com/webmin/webmin/releases/tag/2.600
https://github.com/webmin/webmin/releases/tag/2.610
https://github.com/webmin/webmin/releases/tag/2.620
https://github.com/webmin/webmin/releases/tag/2.621
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7a3ce6a063
---------------------------
python3-cassandra-driver: upgrade 3.29.2 -> 3.29.3
Also, add a patch to be able to build with Setuptools 82.
This patch is oe-specific, but upstream has already merged[1] a
patch that should make it compatible with the latest Setuptools.
It however seems to require multiple patches to apply clean. The
patch in this change is expected to be a short term workaround until
the next version is released.
Changelog:
Features
- Upgraded cython to 3.0.x
- Add support for DSE 6.9.x and HCD releases to CI
- Add execute_concurrent_async and expose execute_concurrent_* in Session
Bug Fixes
- Update geomet to align with requirements.txt
- Connection failure to SNI endpoint when first host is unavailable
- Maintain compatibility with CPython 3.13
Others
- Remove duplicated condition in primary key check
- Remove Python 3.8 which reached EOL on Oct 2024, update cryptography lib to 42
- Remove obsolete urllib2 from ez_setup.py
- Remove stale dependency on sure
- Removed 2.7 Cpython defines
[1]: https://github.com/apache/cassandra-python-driver/pull/1268
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4ac220373b
---------------------------
python3-xstatic: add patch to build w/ Setuptools 82
Setuptools 82 dropped pkg_resources module. It is not used
by the setup script, nevertheless, it is imported, and this
missing module fails compilation.
This patch removes this import.
Upstream started to work on refactoring their setup scripts, so
this patch is not appropriate to them - once/if they release, most
likely this patch can be dropped.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8193a3c0ef
---------------------------
python3-httptools: allow building with latest setuptools
By default this recipe requires Setuptools with strictly version 80.9.0.
oe-core has updated Setuptools to 82.0, and this recipe failed to build.
This patch relaxes the Setuptools version requirements.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9a40804aa8
---------------------------
gd: Add patch to fix compiler error about missing const
Gcc complains about:
| ../../sources/gd-2.3.3/src/gd_filename.c: In function 'ftype':
| ../../sources/gd-2.3.3/src/gd_filename.c:99:9: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
| 99 | ext = strrchr(filename, '.');
| | ^
| cc1: all warnings being treated as errors
Even the newest git master commit does not fix this.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 991ce2b4cb
---------------------------
multimedia/fswebcam: New recipe for a webcam image grabber
Taken from
https://github.com/linux4sam/meta-atmel/blob/master/recipes-multimedia/fswebcam/fswebcam_git.bb
and amended.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5540083053
---------------------------
nftables: build with native python instead of host python
Using old Python on the build host with SetupTools 82 results in an error
message during building:
| error: invalid command 'egg_info'
|
| ERROR Backend subprocess exited when trying to invoke get_requires_for_build_wheel
| WARNING: exit code 1 from a shell command.
To avoid it, use the native Python environment built by OE.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8ceaab26fb
---------------------------
gnome-settings-daemon: add alsa as a mandatory dependency
In case the recipe is compiled without alsa DISTRO_FEATURE,
compilation fails with the following error:
../sources/gnome-settings-daemon-49.1/meson.build:132:0: ERROR: Assert failed: ALSA is not optional on Linux platforms
This change makes alsa a standard non-optional dependency.
Alsa is enabled by default in the upstream meson config, it is
not enabled explicitly in the recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 84d6a691c8
---------------------------
ncdu: New recipe for ncurses disk usage
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d8bc478d9c
---------------------------
python3-html5lib: fix build with setuptools 82
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c823746d7e
---------------------------
ntp: fix build with glibc 2.43
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cce9a3b937
---------------------------
bcc: add missing build dependency
Without xz present, compilation fails with the following error:
| <...>/x86_64-oe-linux-ld: warning: liblzma.so.5, needed by <...>/libbcc.so, not found (try using -rpath or -rpath-link)
| <...>/x86_64-oe-linux-ld: <...>/libbcc.so: undefined reference to `lzma_code@XZ_5.0'
| <...>/x86_64-oe-linux-ld: <...>/libbcc.so: undefined reference to `lzma_end@XZ_5.0'
| <...>/x86_64-oe-linux-ld: <...>/libbcc.so: undefined reference to `lzma_stream_decoder@XZ_5.0'
| collect2: error: ld returned 1 exit status
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9f5c6b28e3
---------------------------
android-tools: add fix for strchr() conformance to C23
Building android-tools v29.0.6.r14 with glibc 2.43 fails due to ISO C23
changes to strchr(). Add a patch to update the affected libunwind sources
to use const pointer types to fix this build failure.
Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c40a15d924
---------------------------
fastfetch: add recipe
fastfetch is a customisable tool for displaying system information in a
terminal.
Signed-off-by: Tafil Avdyli <tafil@tafhub.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4953fd5a87
---------------------------
multimedia/spandsp: Update HOMEPAGE + remove obsolete comment
The domain soft-switch.org is no longer registered. So, switch to the GitHub
page.
It seams Clang had implemented the compile time functions, because the build
of the newer commit with Clang works. So, drop the comment.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: afbc56ae3c
---------------------------
krb5: backport additional fixes to build with glibc 2.43
Building krb5 with glibc 2.43 fails due to ISO C23 changes to strchr() and
related search functions. Backport the upstream fix that updates code to
use correct pointer types and adjusts function signatures accordingly.
Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 65b7f7330e
---------------------------
php: upgrade 8.5.3 -> 8.5.4
This is a bug fix release.
Changelog: https://www.php.net/ChangeLog-8.php#8.5.4
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8b67fc44ff
---------------------------
yavta: update to latest git rev
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6ed795e4fd
---------------------------
v4l-utils: upgrade 1.28.1 -> 1.32.0
ChangeLog:
https://git.linuxtv.org/v4l-utils.git/tree/ChangeLog?h=v4l-utils-1.32.0
License-Update: Remove FSF address[1].
[1] https://git.linuxtv.org/v4l-utils.git/commit/?id=dc81a361e22ce71a454ad63a6ede725b97cc26ce
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 67a35406cb
---------------------------
fltk: upgrade 1.3.9 -> 1.3.11
ChangeLog:
https://github.com/fltk/fltk/releases/tag/release-1.3.10
https://github.com/fltk/fltk/releases/tag/release-1.3.11
Update SRC_URI as the source repository has been moved to github.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e5026ce126
---------------------------
cmocka: upgrade 1.1.7 -> 1.1.8
ChangeLog:
https://gitlab.com/cmocka/cmocka/-/blob/cmocka-1.1.8/ChangeLog
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3a696c4152
---------------------------
gnulib: upgrade 202401 -> 202601
License-Update: Remove statements that are not true any more since
2021-06-04[1].
[1] https://gitweb.git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commit;h=5e1283bb13d74c6619afb71c6a322c648a8cc91e
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3fa1ef9051
---------------------------
gosu: upgrade from 1.17 to 1.19
Upgrade gosu from 1.17 to 1.19.
Add extra tag=${PV} parameter in SRC_URI to ensure we're at the
correct srcrev.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 302d136dd9
---------------------------
libinih: upgrade from 58 to 62
Upgrade libinih from 58 to 62.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3ca4583515
---------------------------
lockfile-progs: upgrade from 0.1.19 to 0.2.0
In this new version, we need to 'rewrite-time' first as
it's a build host tool that is used during the actual build.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 964cd113ad
---------------------------
unixodbc: upgrade from 2.3.12 to 2.3.14
The following two patches are dropped as they have already been
in the new version:
- 0001-exe-Makefile.am-add-CROSS_LAUNCHER-to-run-odbc_confi.patch
- CVE-2024-1013.patch
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3f468ccce0
---------------------------
libcbor: upgrade 0.12.0 -> 0.13.0
Remove patch, the change is already in code.
Changelog:
https://github.com/PJK/libcbor/releases/tag/v0.13.0
Changed:
- Fix small typo in release script
- Fix failing 32 bit tests due to cmocka macro repeating stack pushes
- Set cmake_minimum_required to 3.5
- Fix float_ctrl ctrl assertions failing in debug mode
- Check in vscode setup
- Add CBOR sequences example
- Add riscv64 config to CircleCI
- Add a test for malformed definite maps
- Add [[nodiscard]] support and auto-update to C23 in cmake
- Configure ctest on to export the test results to CircleCI
- Revamp the introduction doc into a more useful crash course
- Add OSX asan/lsan supression config
- Add cbor_copy_definite
- Improve handling and coverage reporting of exhaustive enum switches
- Add references to readme
- Update python deps and related docs
- Link tutorial in readme (and fix embedded RST formatting)
- Add a doc note on lto linking
- Add a doc for the reference count in cbor_array_set().
- Add gh link to docs
- Add #355 to changelog
- Bump version to 0.13.0
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1fa24a2136
---------------------------
conntrack-tools: upgrade 1.4.8 -> 1.4.9
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f2d8476ca2
---------------------------
hiawatha: upgrade 11.8 -> 12.0
Changelog:
* mbed TLS updated to 4.0.0.
* Replaced strcpy() with strlcpy() and sprintf() with snprintf().
* Added OS sandbox.
* Removed DHsize option.
* Known bug: mbed TLS v4.0.0 doesn't compile in Cygwin, so building
a Windows package is not possible.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6d6c0b99d3
---------------------------
rocksdb: upgrade 9.10.0 -> 10.10.1
Remove not exist PACKAGECONFIG option `lite`
Add new PACKAGECONFIG option liburing
Changelog:
v10.10.1
https://github.com/facebook/rocksdb/releases/tag/v10.10.1
Bugs:
- Fixed a bug in best-efforts recovery that causes use-after-free crashes when accessing SST files that were cached during the recovery.
- Fix resumable compaction incorrectly allowing resumption from a truncated range deletion that is not well handled currently.
- Fixed a bug in PosixRandomFileAccess IO uring submission queue ownership & management. Fix eliminates the false positive 'Bad cqe data' IO errors in PosixRandomFileAccess::MultiRead when interleaved with PosixRandomFileAccess::ReadAsync on the same thread.
- Fix Windows VS 2022 build errors.
v10.9.1:
https://github.com/facebook/rocksdb/releases/tag/v10.9.1
v10.8.3:
https://github.com/facebook/rocksdb/releases/tag/v10.8.3
v10.7.5:
https://github.com/facebook/rocksdb/releases/tag/v10.7.5
v10.6.2:
https://github.com/facebook/rocksdb/releases/tag/v10.6.2
v10.5.1:
https://github.com/facebook/rocksdb/releases/tag/v10.5.1
v10.4.2:
https://github.com/facebook/rocksdb/releases/tag/v10.4.2
v10.2.1:
https://github.com/facebook/rocksdb/releases/tag/v10.2.1
v10.1.3:
https://github.com/facebook/rocksdb/releases/tag/v10.1.3
v10.0.1:
https://github.com/facebook/rocksdb/releases/tag/v10.0.1
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fc1549090f
---------------------------
networkmanager: upgrade 1.52.2 -> 1.56.0
Create path to fix `meson` build errors
Add missing dependencies.
Disables man page generation. The build was using xsltproc to try
downloading http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl
from the network, which fails in embedded build environments.
Changelog:
v1.56.0
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.56.0/NEWS?ref_type=tags
Changed:
- Unify the versioning to use everywhere the scheme with the -rcX or -dev
suffixes when appropriate. This affects, for example, the URL and filename
of the release tarball and the version reported by nmcli and the daemon.
As an exception, the C API will continue to use the 90+ scheme for RC versions.
- nmcli now supports viewing and managing WireGuard peers.
- Support reapplying the "sriov.vfs" property as long as
"sriov.total-vfs" is not changed.
- Support reapplying "bond-port.vlans".
- Accept hostnames longer than 64 characters from DNS lookup.
- Make that global-dns configuration overwrites DNS searches and
options from connections, instead of merging all together.
- Add support for a new rd.net.dhcp.client-id option in
nm-initrd-generator.
- Add gsm device-uid setting to restrict the devices the connection applies to.
- Support configuring the HSR protocol version via the
"hsr.protocol-version" property.
- Fix a bug that makes broadband connections auto-connect getting
blocked if the connection tries to reconnect when modem status is
"disconnecting" / "disconnected".
- Treat modem connection not having an operator code available
as a recoverable error.
- Add support for configuring systemd-resolved's DNSSEC option
per-connection via the "connection.dnssec" connection property.
- Support configuring the HSR interlink port via the
"hsr.interlink" property.
- Fix some connection properties not being applied to vpn connections
(connection.mdns, connection.llmnr, connection.dns-over-tls,
connection.mptcp-flags, ipv6.ip6-privacy)
- Update n-acd to always compile with eBPF enabled, as support
for eBPF is now detected at run time.
- Add new MPTCP 'laminar' endpoint type, and set it by default alongside
the 'subflow' one.
- For private connections (the ones that specify a user in the
"connection.permissions" property), verify that the user can access
the 802.1X certificates and keys set in the connection.
- Introduce a libnm function that can be used by VPN plugins to check
user permissions on certificate and keys.
v1.54.0
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.54.0/NEWS?ref_type=tags
Changed:
- Add support for configuring per-device IPv4 forwarding via the
"ipv4.forwarding" connection property.
- Add a new "prefix-delegation" setting containing a "subnet-id"
property that specifies the subnet to choose on the downstream
interface when using IPv6 prefix delegation.
- Support OCI baremetal in nm-cloud-setup
- When activating a WireGuard connection to an IPv6 endpoint, now
NetworkManager creates firewall rules to ensure that the incoming
packets are not dropped by kernel reverse path filtering.
- Add support for configuring the loopback interface in nmtui.
- Most of the properties of ovs-bridge and ovs-port connections can
now be reapplied at runtime without bringing the connection down.
- Add a new "sriov.preserve-on-down" property that controls whether
NetworkManager preserves the SR-IOV parameters set on the device
when the connection is deactivated, or whether it resets them to
their default value.
- Introduce a new "ovs-dpdk.lsc-interrupt" property to configure the
Link State Change (LSC) detection mode for OVS DPDK interfaces.
- The initrd-generator now can parse the NVMe Boot Firmware Table
(NBFT) to configure networking during early boot.
- Add systemd services to provide networking in the initrd.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1e52242e56
---------------------------
libcpr: upgrade 1.13.0 -> 1.14.2
The tag is not on any branch.
Changelog:
1.14.2:
https://github.com/libcpr/cpr/releases/tag/1.14.2
Changed:
- test: don't reflect Content-Length from request
- Fixed curlholder Double Free
- Fix error when running CMake configure multiple times with CPR_BUILD_TESTS, bump CMake min version to 3.18
- fix: replace curl_error_map with switch to fix Static Initialization Order Fiasco
- Updated Bazel Instructions
- Bump actions/upload-artifact from 5 to 6
- Bump actions/checkout from 5 to 6
- Bump jwlawson/actions-setup-cmake from 1.14 to 2.1
v1.14.1:
https://github.com/libcpr/cpr/releases/tag/1.14.1
Changed:
- Fixed SSE Windows string parsing
v1.14.0
https://github.com/libcpr/cpr/releases/tag/1.14.0
Changed:
- fix: Crash when building with /MT in MSVC (double-destructor) #1276
- 1.14.0 Release Preparation - NuGet Release Build Fixes
- Add support for Server Sent Events (SSE)
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 84e05a05d9
---------------------------
nss: upgrade 3.119 -> 3.121
Adapt patch 0007-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch
to new version of the code. Remove code which not exist and adapt to
new code.
Changelog:
v3.121:
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_121.html
Bugs:
- update vendored zlib to v1.3.2.
- Revert the unnecessary changes to intel-gcm-wrap.gyp.
- Use C fallback for AES-GCM on MinGW builds.
- fix ML-KEM PCT.
- Extend NSS Fuzzing docs.
- avoid integer overflow in platform-independent ghash.
- Fix errant whitespace in OISTE Server Root RSA G1 nickname.
- fix build with glibc-2.43 assignment discards ‘const’ qualifier from pointer.
- add gcm.gyp dependency for Solaris SPARC builds.
- Set nssckbi version to 2.84.
- Add e-Szigno TLS Root CA 2023 to NSS.
- allow manual selection of CPU_ARCH=x86_64 and ppc64 in coreconf/Darwin.mk.
- Update cryptofuzz version.
- Paranoia assert.
- Darwin compatibility for intel-aes.S and intel-gcm.S.
- rename intel-{aes,gcm}.s to .S.
- rename C files for platform-specific ghash implementations.
- simplify compilation of platform-specific GCM and GHASH.
- FORWARD_NULL null deref of worker in p7decode.c (sec_pkcs7_decoder_abort_digests).
- Out-of-Bounds Read in ML-DSA Private Key Parsing (zero-length privateKey).
v3.120:
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_120.html
Bugs:
- Fix docs generation bug.
- CID 1678226: Dereferencing null pointer plaintext.data().
- Run PKCS12 fuzz target with –fuzz=tls in CI.
- Allowing RT be started several times.
- move linux decision and build tasks to d2g worker pools.
v3.119.1:
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_119_1.html
Bugs:
- restore coreconf/Darwin.mk behavior for intel archs.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4dc8384995
---------------------------
weechat: upgrade 4.8.1 -> 4.8.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 361c25fc20
---------------------------
uftrace: upgrade 0.18.1 -> 0.19
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3eff6000e4
---------------------------
swagger-ui: upgrade 5.31.2 -> 5.32.0
Changelog:
oas32: add basic OpenAPI 3.2.0 support
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6c508b1fb3
---------------------------
rtorrent: upgrade 0.16.6 -> 0.16.7
Changelog:
============
- Added a buffer that limits/deduplicates active dns requests
- Properly handle libcurl reuse of sockets
- Added SocketManager to handle reuse of uninterested fd's by the kernel
- Removed old work-arounds in epoll and force stricter handling of errors
- Allow disabling of stream buffering for plaintext logs
- Fix some compile warnings
- Fix use after free in UdnsResolver::try_resolve_numeric
- Fix crash in DhtRouter::bootstrap
- Fix key/value pairs in Lua
- Expand '~/' to $HOME in session path.
- dht_add_peer_node is empty, use dht_add_bootstrap_node instead
- Re-send smkx on SIGWINCH to fix arrow keys after terminal reattach
- Allow dht bootstrap nodes to be added when dht is off.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 32a81707a9
---------------------------
python3-wrapt: upgrade 2.1.1 -> 2.1.2
Changelog:
===========
- Building of Python wheels for riscv64 Linux platform had been accidentally
removed from the build configuration. This has now been added back in.
- When a weak function proxy was created for a bound method and the instance it
was bound to was garbage collected, calling the proxy would silently call the
function as unbound instead of raising a ReferenceError.
- When deleting an attribute named __annotations__ on an object proxy, the
attribute was only being deleted from the proxy and not also from the wrapped
object.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 614a18cfeb
---------------------------
python3-whitenoise: upgrade 6.11.0 -> 6.12.0
Changelog:
========
- Drop Python 3.9 support.
- Fix potential unauthorised file access vulnerability in "autorefesh" mode.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 69aeb4598a
---------------------------
python3-wheezy-template: upgrade 3.2.4 -> 3.2.5
Changelog:
Added wheezy.html 3.2.1 as a development dependency.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ac23a9f78e
---------------------------
python3-tqdm: upgrade 4.67.2 -> 4.67.3
Changelog:
fix py3.7 dependencies
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fd40cda1b2
---------------------------
python3-tox: upgrade 4.36.1 -> 4.49.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a3ff8e2027
---------------------------
python3-tabulate: upgrade 0.9.0 -> 0.10.0
Changelog:
===========
- Add support for Python 3.11, 3.12, 3.13, 3.14.
- Drop support for Python 3.7, 3.8, 3.9.
- PRESERVE_STERILITY global is replaced with preserve_sterility function argument.
- New formatting options: headersglobalalign, headersalign, colglobalalign.
- New output format: "colon_grid" (Pandoc grid_tables with alignment)
- Various bug fixes.
- Improved error messages.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6fd6dbec63
---------------------------
python3-sqlalchemy: upgrade 2.0.46 -> 2.0.48
Changelog:
https://docs.sqlalchemy.org/en/21/changelog/changelog_20.html#change-2.0.48
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4d59761490
---------------------------
python3-snagboot: upgrade 2.5 -> 2.6
treewide:
Migrate documentation to readthedocs
Emit more specific error messages for USB permission-based access issues
Add unit tests
snagflash:
Support compressed input files, e.g. *.wic.bz2
Refactor fastboot-uboot logic to factor out common code and improve logging
Automatically detect when oem_run isn't supported by U-Boot, and fallback to ucmd
snagrecover:
Support Renesas RZ/N1 platforms
Support SoC model aliases, and add i.MX8MP alias
Handle relative path prefixes with the -F syntax
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ba180ee148
---------------------------
python3-scikit-build-core: upgrade 0.11.6 -> 0.12.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ab8740596c
---------------------------
python3-robotframework: upgrade 7.3.2 -> 7.4.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b11e4f37b9
---------------------------
python3-regex: upgrade 2026.2.19 -> 2026.2.28
Changelog:
==========
- Replaced atomic operations with mutex on pattern object for free-threaded Python.
- PR #598: Fix race condition in storage caching with atomic operations.
- Replaced use of PyUnicode_GET_LENGTH with PyUnicode_GetLength.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b18308ffad
---------------------------
python3-pytest-env: upgrade 1.2.0 -> 1.5.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f4e786b322
---------------------------
python3-pymisp: upgrade 2.5.32.3 -> 2.5.33.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1b9ecb7c78
---------------------------
python3-pyephem: upgrade 4.2 -> 4.2.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 513344d14c
---------------------------
python3-pyais: upgrade 2.15.0 -> 2.20.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ff7f74b88e
---------------------------
python3-platformdirs: upgrade 4.9.2 -> 4.9.4
Changelog:
============
- Fix test failures on BSD for runtime directory defaults
- Respect XDG_CONFIG_HOME in _get_user_dirs_folder
- Add missing _optionally_create_directory in Android user_log_dir and user_runtime_dir
- Add permissions to workflows
- Move SECURITY.md to .github/SECURITY.md
- Standardize .github files to .yaml suffix
- docs: add project logo to documentation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ae831ade44
---------------------------
python3-pkgconfig: upgrade 1.5.5 -> 1.6.0
Changelog:
============
- Drop support for Python < 3.9, support 3.9 .. 3.14.
- README: clarify pkg-config and pkgconf, #75
- Switch CI from Travis to GitHub Actions; test on all supported Python versions.
- Use src/ layout for project, fixes #36. Also move tests and test data to tests/.
- Replace deprecated distutils with setuptools to make tests work on Python 3.12; fixes #64.
- Fix configure_extension for empty cflags or libs.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 67b858ec99
---------------------------
python3-orjson: upgrade 3.11.6 -> 3.11.7
Changelog:
==============
- Use a faster library to serialize float. Users with byte-exact regression
tests should note positive exponents are now written using a +, e.g.,
1.2e+30 instead of 1.2e30. Both formats are spec-compliant.
- ABI compatibility with CPython 3.15 alpha 5 free-threading.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1698357b41
---------------------------
python3-nanobind: upgrade 2.11.0 -> 2.12.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3e26e7be3c
---------------------------
python3-mmh3: upgrade 5.2.0 -> 5.2.1
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 87a90b48ac
---------------------------
python3-luma-oled: upgrade 3.14.0 -> 3.15.0
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 86f1d18f3f
---------------------------
python3-isort: upgrade 8.0.0 -> 8.0.1
Changelog:
============
- Fix #2461: Added compression to stdlibs for Python 3.14 in isort/stdlibs/py314.py
- Fix unindented comments being corrupted in indented blocks
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9a70c6235c
---------------------------
python3-ipython: upgrade 9.10.0 -> 9.11.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5b8beefb32
---------------------------
python3-inline-snapshot: upgrade 0.30.1 -> 0.32.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 467c80b32d
---------------------------
python3-h5py: upgrade 3.15.0 -> 3.16.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5a9aaa2416
---------------------------
python3-filelock: upgrade 3.24.3 -> 3.25.0
Changelog:
============
- Suppress ValueError in _try_break_stale_lock for corrupted lock files
- Fix ValueError in _acquire_transaction_lock when blocking=False with timeout
- Add permissions to check workflow
- Move SECURITY.md to .github/SECURITY.md
- Standardize .github files to .yaml suffix
- feat(async): add AsyncReadWriteLock
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7bebedee61
---------------------------
python3-fastapi: upgrade 0.133.1 -> 0.135.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 41df7fdb20
---------------------------
python3-faker: upgrade 40.1.2 -> 40.8.0
Changelog:
===========
- Add free email domains to hu_HU locale.
- Improve Polish address grammar: categorize street types and prefixes.
- Add country names to he_IL locale.
- Fix _get_local_timezone() missing return statement.
- Add missing formats and remove duplicates in user_name_formats.
- Add passport and cie for it_IT.
- Add major Greek banks to el_GR bank provider.
- Update internet pt_bR provider (domains, tlds, slugify).
- fix pyfloat TypeError when combining positive=True with max_value.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0cf92875b2
---------------------------
python3-configargparse: upgrade 1.7.1 -> 1.7.3
Changelog:
============
- Fix TOML parser to read all matching sections instead of only the first
- Fix SyntaxError leak from ast.literal_eval in INI-style config parsers
- Fix -- separator, nargs=REMAINDER, and empty value handling
- Fix critical bugs and add Python 3.11+ tomllib support
- Remove dead comment-processing code in default config parser
- Add test status badge to README
- CI, linting, and test improvements
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b9f166eb8d
---------------------------
python3-cmd2: upgrade 3.2.2 -> 3.4.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bc39c58a3d
---------------------------
python3-cmake: upgrade 4.2.1 -> 4.2.3
Changelog:
===========
- fix: drop manylinux1 workaround
- fix: more readable error on missing ccmake
- chore(deps): update clang to 21.1.8.1
- [Bot] Update to OpenSSL 3.5.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4ea186465e
---------------------------
python3-charset-normalizer: upgrade 3.4.4 -> 3.4.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 19da1ac62a
---------------------------
python3-cachetools: upgrade 7.0.0 -> 7.0.4
Changelog:
===========
- Fix and properly document @cachedmethod.cache_key behavior.
- Minor documentation improvements.
- Fix DeprecationWarning when creating an autospec mock with @cachedmethod decorations.
- Provide more efficient clear() implementation for all support Cache classes
- Various test improvements.
- Update Copilot Instructions.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3c6203e895
---------------------------
python3-bumble: upgrade 0.0.225 -> 0.0.226
Changelog:
=============
- Bump bytes from 1.5.0 to 1.11.1 in /rust in the cargo group across 1 directory
- Connecting multiple times to a LE device is working correctly again
- Replace long if-else with match-case
- AVRCP: More delegation and bugfix
- Migrate most enums
- Remove bumble.gap
- Controller: Use new return parameter types and add _send_hci_command_status
- use tomllib from standard library on Python3.11+
- HFP: Fix response handling
- Emulation: Support LE Read features
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8a7b296aef
---------------------------
python3-black: upgrade 26.1.0 -> 26.3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5639fb9a9c
---------------------------
python3-apispec: upgrade 6.9.0 -> 6.10.0
Changelog:
==========
- Support links (#615). Thanks @kingdomOfIT
- MarshmallowPlugin: Handle DateTime fields with the "iso8601" and "rfc822" formats
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: adedb2ccc6
---------------------------
python3-alembic: upgrade 1.18.3 -> 1.18.4
Changelog:
- Reverted the behavior of Operations.add_column() that would automatically
render the "PRIMARY KEY" keyword inline when a Column with primary_key=True is
added.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 66c524b5de
---------------------------
passwdqc: upgrade 2.0.3 -> 2.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b6136de3a9
---------------------------
nbdkit: upgrade 1.47.3 -> 1.47.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cd6887451a
---------------------------
memcached: upgrade 1.6.40 -> 1.6.41
Changelog:
===========
- tests: make slabs-reassign2 test more resilient
- proxy: reduce flakiness in t/proxyunits.t
- proxy: fix off by one in temp string with 250b key
- slabs: fix hang and crash.
- Fix failing proxy*.t tests on some systems like OL8
- Account for absent 'ssl_proto_errors' in stats during SSL tests
- Fix test compatibility on IPv6-only systems.
- Use SSLv23 method when TLSv1.3 is unsupported (e.g., macOS)
- extstore: more compaction write patience
- parser: fix lru command regression
- Fix: avoid null print for slab busy reason
- extstore: testing around rescued compaction items
- extstore: fix compaction checks wrong refcount
- proto: armor against empty commands
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 243f1e97c1
---------------------------
libxmp: upgrade 4.6.3 -> 4.7.0
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 924f84bbb2
---------------------------
libtorrent: upgrade 0.16.6 -> 0.16.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 414e79166c
---------------------------
libsdl3: upgrade 3.4.0 -> 3.4.2
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9ff86991af
---------------------------
libp11: upgrade 0.4.17 -> 0.4.18
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f738b5785b
---------------------------
libio-compress-perl: upgrade 2.217 -> 2.218
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0f8125783c
---------------------------
libdaq: upgrade 3.0.23 -> 3.0.25
Changelog:
api: update dioctl daqSnort latency common changes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 51b90b90a1
---------------------------
libcurses-perl: upgrade 1.45 -> 1.46
Changelog:
- Add BUTTON5 constants: BUTTON5_RELEASED, BUTTON5_PRESSED, BUTTON5_CLICKED,
BUTTON5_DOUBLE_CLICKED, and BUTTON5_TRIPLE_CLICKED.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 909ce63d35
---------------------------
libcompress-raw-zlib-perl: upgrade 2.217 -> 2.222
License-Update:
zlib updated to 1.3.2
Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 74f7001ed5
---------------------------
libcompress-raw-lzma-perl: upgrade 2.217 -> 2.221
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 82417023a3
---------------------------
libcompress-raw-bzip2-perl: upgrade 2.217 -> 2.218
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 330ecdd2ad
---------------------------
jasper: upgrade 4.2.8 -> 4.2.9
Changelog:
- Fixed a bug in the JP2 encoder that caused incorrect handling of
opacity components in some cases.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 89b961c889
---------------------------
imapfilter: upgrade 2.8.3 -> 2.8.5
License-Update: copyright year updated to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0985c5c84e
---------------------------
imagemagick: upgrade 7.1.2-15 -> 7.1.2-16
Changelog:
===========
* client: Fix use-after-free when creating async proxy failed
* daemon: Fix race on subscribers list when on thread
* ftp: Validate fe_size when parsing symlink target
* ftp: Check localtime() return value before use
* CVE-2026-28295: ftp: Use control connection address for PASV data
* CVE-2026-28296: ftp: Reject paths containing CR/LF characters
* gphoto2: Use g_try_realloc() instead of g_realloc()
* cdda: Reject path traversal in mount URI host
* client: Fail when URI has invalid UTF-8 chars
* Some other fixes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e52dfaeb4f
---------------------------
graphviz: upgrade 14.1.2 -> 14.1.3
### Changed
--------------
- Using long node names in combination with the fdp layout algorithm no longer
results in truncated generated names.
- Vertical centering of text within HTML-like table cells has been improved.
- The existing ability to provide a numeric parameter to '-v'
to specify verbosity level are newly documented in 'dot --help'.
### Fixed
------------
- 'gvmap' no longer dereferences a null pointer when reading position-less
graphs.
- 'gvmap' no longer crashes when adding coordinate data.
- 'mm2gv' no longer accepts input matrices with non-'real' element type.
Previously these would be accepted but processed incorrectly leading to
out-of-bounds memory reads and writes.
- The 'Tcldot_Init', 'Tcldot_builtin_Init', and 'Tcldot_SafeInit' symbols in
'tcldot.dll' are externally visible on Windows. #2809
- The 'Tclpathplan_Init' and 'Tclpathplan_SafeInit' symbols in 'tclpathplan.dll'
are externally visible on Windows. #2809
- The Autotools build system more consistently uses '$PYTHON3' instead of
'python3' when invoking Python. This ensures developers are more easily able
to control the Python installation in use from the top level.
- The Autotools build system explicitly links against libglu libraries when
linking against libglut.
- Corrected time formatting in verbose info/debug messages (enabled by -v).
Previously, minutes was missing, showing HH:SS instead of HH:MM:SS.
- Further parts of the network simplex algorithm have been rewritten in a
non-recursive style. This allows processing larger graphs that previously
caused stack overflows. #2782
- Canonicalizing an empty string or a string entirely made up of characters
needing escaping no longer triggers an out-of-bounds memory write. This was a
regression in Graphviz 13.0.1. #2743
- An off-by-one error in the network simplex algorithm has been corrected. This
could have led to suboptimal layout in some edge cases. This was a regression
in Graphviz 13.0.0.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a3966a6b8e
---------------------------
gperftools: upgrade 2.18 -> 2.18.1
Changelog:
fix for compilation failure on PPC.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7a84f78832
---------------------------
glaze: upgrade 7.0.2 -> 7.1.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ea42cd076a
---------------------------
driverctl: upgrade 0.115 -> 0.121
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 13dd3dada8
---------------------------
ctags: upgrade 6.2.20260222.0 -> 6.2.20260308.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4af1af7b4f
---------------------------
castxml: upgrade 0.6.13 -> 0.7.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cf17d746d2
---------------------------
python3-snagboot: enable building -native and nativesdk- variants
It can be useful to include snagboot in the SDK, so allow building
that variant. While I don't see a use case for it during build,
there's no reason not to also allow building the -native variant while
at it.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 87c4aaa3aa
---------------------------
tnftp: Add HOMEPAGE
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 964cbd0107
---------------------------
tmux: upgrade 3.6 -> 3.6a
1. Change log:
https://raw.githubusercontent.com/tmux/tmux/3.6a/CHANGES
2. Change HOMEPAGE to github.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 99e9d4aba1
---------------------------
libssh: upgrade 0.11.3 -> 0.11.4
Signed-off-by: Gijs Peskens <gijs.peskens@munisense.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 70e27af4fc
---------------------------
python3-scikit-build: Upgrade 0.18.1->0.19.0
Changelog:
https://scikit-build.readthedocs.io/en/latest/history.html
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f0603d90c9
---------------------------
mypaint-brushes: add recipe for v2
This recipe is required to build the upcoming gimp-3.2.0 update
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ceb6cf32d0
---------------------------
gtkmm4: add x11 back to REQUIRED_DISTRO_FEATURES
x11 is moved in comit [1], but when DISTRO_FEATURES contains
opengl, but not contains x11, bitbake gtkmm4 reports:
ERROR: Nothing PROVIDES 'atkmm' (but /build/layers/meta-openembedded/meta-oe/recipes-gnome/gtk+/gtkmm4_4.20.0.bb DEPENDS on or otherwise requires it)
atkmm was skipped: one of 'wayland x11' needs to be in DISTRO_FEATURES
[1] https://git.openembedded.org/meta-openembedded/commit/?id=2cd317e9551492a64fddf2fb535333eb7e3f7fef
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2ce0a1d262
---------------------------
thermald: backport support for non-Intel platforms
Backport three upstream patches that refactor thermald to support
non-Intel architectures, including ARM platforms. These commits were
merged upstream after the 2.5.11 release and are required to enable
correct thermal management on non-x86 SoCs.
Also update COMPATIBLE_HOST to allow building thermald on both Intel
and ARM hosts.
Upstream patches:
- Backport from commit 4cf42fc89ccdbcecdcd30b32a7ca8040be55c253
- Backport from commit 857fbdf3e9079cec04bfa5fe7a93a432485b5cab
- Backport from commit 1931a12e7e44b6b85a02a5d8158829eff4b9cc92
Signed-off-by: Priyansh Jain <priyansh.jain@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f71a12fb70
---------------------------
atop: upgrade 2.12.0 -> 2.12.1
Version 2.12.1
Bug solution: tests during append of existing raw log are less strict now.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5dd79230ea
---------------------------
bit7z: upgrade 4.0.9 -> 4.0.11
1. Changelog:
https://github.com/rikyoz/bit7z/releases/tag/v4.0.11
2. Drop following patches as they were merged upstream.
0001-Fix-reinterpret-cast-compiler-errors.patch
0001-Fix-int8_t-storage-in-BitPropVariant-on-Arm-architec.patch
0001-Allow-running-tests-on-target-when-cross-compiling.patch
0001-Allow-specifying-path-to-7z-library-in-tests.patch
0001-Fix-tests-with-musl.patch
3. Adjust Ptest SRCREV to adopt to latest bit7z
SRCREV_filesystem refer to bit7z-4.0.11/cmake/Dependencies.cmake
SRCREV_catch2 refer to bit7z-4.0.11/tests/CMakeLists.txt
SRCHASH_CPM and TAG_CPM refer to bit7z-4.0.11/cmake/Dependencies.cmake
4.cmake/Dependencies.cmake has redefined to check and download CPM_${CPM_DOWNLOAD_VERSION}.cmake file to
CPM_SOURCE_CACHE, so it will show error in do_configure as ./build/cpm_cache/cpm/CPM_0.42.0.cmake is empty
| -- Downloading CPM.cmake to ...bit7z/4.0.11/build/cpm_cache/cpm/CPM_0.42.0.cmake
| CMake Error at cmake/Dependencies.cmake:15 (file):
| file DOWNLOAD cannot compute hash on failed download
|
| from url: "https://github.com/cpm-cmake/CPM.cmake/releases/download/v0.42.0/CPM.cmake"
| status: [6;"Could not resolve hostname"]
So change ${B}/cmake to ${B}/cpm_cache/cpm/ to fix this issue.
./build/cpm_cache/cpm/CPM_0.42.0.cmake
5. Add 0001-cmake-disable-filesystem-gitclone.patch to fix filesystem git clone error
Fix error log as following:
| fatal: unable to access 'https://github.com/rikyoz/filesystem.git/': Could not resolve host: github.com
| Had to git clone more than once: 3 times.
| CMake Error at bit7z/4.0.11/build/_deps/ghc_filesystem-subbuild/ghc_filesystem-populate-prefix/tmp/ghc_filesystem-populate-gitclone.cmake:50 (message):
| Failed to clone repository: 'https://github.com/rikyoz/filesystem.git'
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c0a3c429f1
---------------------------
thunar-plugin.bbclass: add x11 to REQUIRED_DISTRO_FEATURES
thunar requires x11
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 939000f1c3
---------------------------
thunar: add x11 to REQUIRED_DISTRO_FEATURES
thunar depends on xfce4-panel, xfce4-panel requires x11
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 16027d4c7d
---------------------------
gtk-vnc: add x11 to REQUIRED_DISTRO_FEATURES
Fix world build failure:
ERROR: Nothing PROVIDES 'libx11' (but /build/layers/meta-openembedded/meta-gnome/recipes-connectivity/gtk-vnc/gtk-vnc_1.5.0.bb DEPENDS on or otherwise requires it)
libx11 was skipped: using DISTRO 'poky', which is missing required DISTRO_FEATURES: 'x11'
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4cb76735a5
---------------------------
libxfce4ui: update REQUIRED_DISTRO_FEATURES
Refer [1], when DISTRO_FEATURES contains opengl, but not x11, world
build will report:
ERROR: Nothing PROVIDES 'libice' (but /build/layers/meta-openembedded/meta-xfce/recipes-xfce/libxfce4ui/libxfce4ui_4.20.2.bb DEPENDS on or otherwise requires it)
libice was skipped: using DISTRO 'poky', which is missing required DISTRO_FEATURES: 'x11'
[1] https://git.openembedded.org/meta-openembedded/commit/?id=bd206048b6fabe22a67058aaf250a28d00d92135
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bd98b8e5cd
---------------------------
xfce4-panel: add x11 to REQUIRED_DISTRO_FEATURES
xfce4-panel depends on libwnck3, which only support x11
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2608fb9d2d
---------------------------
xfce4-pulseaudio-plugin: require x11 distro feature
When DISTRO_FEATURES contains pulseaudio, but not x11, world build will
report error:
pavucontrol was skipped: using DISTRO 'poky', which is missing required DISTRO_FEATURES: 'x11'
Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'xfce4-pulseaudio-plugin', 'pavucontrol']
Refer [1], conditionally add x11 to REQUIRED_DISTRO_FEATURES
[1] https://git.openembedded.org/meta-openembedded/commit/?id=3a57e5274540a2b4b6d6a1d9808d0c9783f250a7
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: acc562d488
---------------------------
gimp: add x11 to REQUIRED_DISTRO_FEATURES
When DISTRO_FEATURES only contains wayland, but not x11, world build
will report:
ERROR: Nothing PROVIDES 'libxmu' (but /build/layers/meta-openembedded/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb DEPENDS on or otherwise requires it)
libxmu was skipped: using DISTRO 'poky', which is missing required DISTRO_FEATURES: 'x11'
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: aa96ff9526
---------------------------
libwnck3: add x11 to REQUIRED_DISTRO_FEATURES
Refer [1], but when DISTRO_FEATURES only container wayland, but not x11,
do_configure will failed with error:
| ../sources/libwnck-43.2/meson.build:55:8: ERROR: Dependency "x11" not found, tried pkgconfig
| ERROR: meson setup failed
Besides, refer the following source code, seems libwnck3 only support x11.
libwnck/util.c:248: g_warning ("libwnck is designed to work in X11 only, no valid display found");
[1] https://git.openembedded.org/meta-openembedded/commit/?id=abdb05b6b4b31ff40c4219336b7096db014284f1
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cd0431d03a
---------------------------
uutils-coreutils: upgrade 0.6.0 -> 0.7.0
Release notes:
https://github.com/uutils/coreutils/releases/tag/0.7.0
Changes are here:
https://github.com/uutils/coreutils/compare/0.6.0...0.7.0
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b4dd2c4363
---------------------------
modemmanager: fix EXTRA_OEMESON
Do not pass qrtr=false explicitly since recipe enables or disables it
based on the PACKAGECONFIG value. Also, use += with EXTRA_OEMESON.
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d4a6857b40
---------------------------
python3-websocket-client: Upgrade 1.70 -> 1.9.0
Upgrade to release 1.9.0:
- 1.9.0
- Remove Python 3.8 support (EOL), add Python 3.13 (5f25030)
- Remove localhost and 127.0.0.1 from default NO_PROXY list (#994)
- Support IPv6 CIDRs in the no_proxy option (#1033)
- Fix thread safety condition in `teardown()` to improve `run_forever()` (#1015)
- Fix #1024 by chunking data, recursion in on_error callback, thread leak in `_stop_ping_thread()`, avoid implicit None in `recv()` (#1036)
- Avoid bare except clauses for better error handling (#1036)
- Fix async (#983)
- Resolve mypy type errors (#996, #1006, 813d570)
- Test coverage improvements (#1035, #1036)
- flake8 linting improvements (#1034)
- 1.8.0
- Added `on_reconnect` parameter to WebSocketApp to handle callback ambiguity (#972)
- Improve handling of SSLEOFError and use reconnect bool (#961)
- Minor linting and docs CI build upgrades (981c00e, 75ba91a, bec2608)
License-Update: copyright years refreshed
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1e7ca582a6
---------------------------
python3-redis: upgrade 5.2.1 -> 5.3.1
Allow newer PyJWT versions for branch 5.3
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c1c7af9680
---------------------------
python3-xmodem: upgrade 0.4.7 -> 0.5.0
bugfix: retry_limit was never actually triggered during the data transfer phase because errors never accumulated, and
enhancement: replace 3x getc() calls with a single recv() call, reducing timing and failed packets when using fast serial lines without flow control.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8ea57b9143
---------------------------
spdm-emu: add recipe for SPDM emulator
SPDM emulator implementation based on libspdm.
It provides requester and responder tools used for
testing SPDM protocol communication.
Upstream: https://github.com/DMTF/spdm-emu
Signed-off-by: Jino Abraham <jinoabraham26@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2273ed31cf
---------------------------
grpc: upgrade 1.76.0 -> 1.78.1
Removed patch included in this release
Changelogs
v1.78.1:
https://github.com/grpc/grpc/releases/tag/v1.78.1
v1.78.0:
https://github.com/grpc/grpc/releases/tag/v1.78.0
C++:
- adding address_sorting dep in naming test build
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4f28b16edd
---------------------------
zchunk: upgrade 1.5.2 -> 1.5.3
The tag is not on any branch.
Add tag to SRC_URI.
Changelog:
https://github.com/zchunk/zchunk/compare/1.5.2...1.5.3
Changes:
- update to 1.5.3
- rename internal close() functions to close_zck_component to avoid POSIX conflict on AIX
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 43e38ada0f
---------------------------
libmodbus: upgrade 3.1.11 -> 3.1.12
Add 'tag' to SRC_URI
Changelog:
https://github.com/stephane/libmodbus/releases/tag/v3.1.12
Changes:
- Fix FD_SET overflow when socket fd >= FD_SETSIZE.
- Check dest pointer not null and nb in read functions.
- NULL check for src and nb < 1 validation in write functions.
- modbus_reply: don't compute address for FC 0x07/0x11.
- Use O_NONBLOCK instead of deprecated O_NDELAY
- Explicit cast for Coverity CID 416366.
- Document required buffer size of modbus_receive.
- Document macros for error codes corresponding to Modbus exceptions
- Fix example of modbus_rtu_set_serial_mode
- Test filesystem provides symlink in autogen.sh
- Sync API signatures with the documentation.
- Many documentation fixes and typo corrections.
- Add coverage target and helper script.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4e9bdb5256
---------------------------
syslog-ng: upgrade 4.10.2 -> 4.11.0
Changelog:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.11.0
Highlights
- kafka-source(): The new kafka() source can directly fetch log messages from the Apache Kafka message bus using the librdkafka client.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3cd347cb2a
---------------------------
squid: upgrade 7.3 -> 7.4
License-Update: update GPLv2 COPYING document
Some terminology and FSF address changes since the GPLv2
https://github.com/squid-cache/squid/commit/4c5fbc7e8db25352722de4ebe7fe1cab904b62b6
Remove lines from patch, which modify not exist code.
Changelog:
https://github.com/squid-cache/squid/releases/tag/SQUID_7_4
Changes:
- Do not create world-readable directories
- digest_edirectory_auth: Fix LDAPS memory leaks
- snmplib: Improve handling of zero-length ASN OCTET STRINGs
- Debug tls_read_method()/tls_write_method() errors
- ICMP: Harden echo paths, fix overflows, UB, and leaks
- Set SSL_OP_LEGACY_SERVER_CONNECT when peeking at servers
- security_file_certgen: Fix OPENSSL_malloc()/free(3) mismatch
- Detect FreeBSD ports Heimdal package
- Remove SQUID_CHECK_KRB5_HEIMDAL_BROKEN_KRB5_H macro
- Remove SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H macro
- ext_kerberos_ldap_group_acl: Do not prohibit all LDFLAGS
- negotiate_sspi_auth: Respond with ERR when FormatMessage() fails
- ... and some code cleanups
- ... and some CI improvements
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a05464f133
---------------------------
poco: upgrade 1.14.2 -> 1.15.0
Changelog:
https://github.com/pocoproject/poco/releases/tag/poco-1.15.0-release
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5ac7358b85
---------------------------
paho-mqtt-cpp: upgrade 1.5.3 -> 1.6.0
Changelog:
https://github.com/eclipse-paho/paho.mqtt.cpp/releases/tag/v1.6.0
Changes:
- Bumped Paho C submodule to v1.3.16 and updated directory name to externals/paho.mqtt.c
- Some significant performance increases (lower latency) for connect and publish
- Fixed topic_matcher and topic_filter to properly match parent with multi-level ('#') wildcard.
- Slight optimization of topic_filter to do simple string comparison if the filter does not contain wildcards.
- Set a minimum version for Paho C in the CMake file. Report the version found.
- .deb version properly set, and add architecture name to .deb file
- remove const from connect_options_builder 'move' constructor
- fix potential deadlock in thread_queue on capacity increase.
- Incorrect default retain value in a will options constructor
- prevent undefined behaviour on empty topic matching
- Sync reconnect example crashes on first reconnect
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7a367dc9a8
---------------------------
paho-mqtt-c: upgrade 1.3.15 -> 1.3.16
Changelog:
https://github.com/eclipse-paho/paho.mqtt.c/releases/tag/v1.3.16
Changes:
- Bumped minimum CMake to v3.12
- Consolidated "Event" thread signaling object.
- Reduce latency on connect #1430
- Fixed warning in Window build for TCP_NODELAY
- Added a .clang-format file and bash script to run it
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f9f18709bc
---------------------------
libnetfilter-conntrack: upgrade 1.1.0 -> 1.1.1
Changelog:
https://git.netfilter.org/libnetfilter_conntrack/log/?h=libnetfilter_conntrack-1.1.1
Changes:
- libnetfilter_conntrack: bump version to 1.1.1
- src: add support for CTA_TIMESTAMP_EVENT
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 50ac24430d
---------------------------
jansson: upgrade 2.14.1 -> 2.15.0
Removed patch included in this release
Changelog: https://github.com/akheron/jansson/releases/tag/v2.15.0
Features:
- Add support for realloc by adding json_set_alloc_funcs2, json_get_alloc_funcs2
Fixes:
- Optimize serializatio
- Fix docstrings in hashtable.h
Build:
- Use target-based cmake settings
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2979300f99
---------------------------
fluentbit: upgrade 4.2.2 -> 4.2.3.1
The tag is not on any branch.
Changelog:
https://github.com/fluent/fluent-bit/releases?q=4.2.3.1
Changes:
- release: update to 4.2.3
- copyright: update year to 2026
- filter_kubernetes: fix parser annotation leak
- github: scripts: commit_linter: Handle bin prefix for fluent-bit.c
- bin: Handle CONT signal properly under leaks command
- filter_wasm: Handle group metadata
- cmake: kafka: fix OAuth Bearer detection on Windows
- maintenance: update branch and security EOL info
- github: scripts: commit_prefix_check: add config format rules on linter
- readme: update active branch 4.2
- out_opentelemetry: on HTTP/2, read and process gRPC status code
- config_format: cf_yaml: Align the behavior of dirname against POSIX [Backport to 4.2]
- filter_log_to_metrics: fix initialization and exception cleanup
- out_stackdriver: clean up oauth2 cache lifecycle
- filter_kubernetes: Adjust cleanup ordering to avoid use-after-free [4.2 backport]
- in_winevtlog: Add text format for event rendering [Backport to 4.2]
- in_tail: Add skipped_lines counter [Backport to 4.2]
- in_splunk: Implement handling remote addr feature [Backport to 4.2]
- aws: switch AWS Endpoints for European Souvereign Cloud [4.2 backport]
- plugin_proxy: enable event_type specification for proxy plugins (4.2 Backport)
- in_splunk: Plug memory issues [Backport to 4.2]
- dockerfiles: install minimum components and avoiding to use includeRecommended
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fe4c5cadca
---------------------------
asio: upgrade 1.30.2 -> 1.36.0
License-Update: copyright years refreshed
Changelogs:
Asio 1.36.0:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_36_0
- Fixed an issue, introduced in Asio 1.35.0, that prevented the creation of internal threads required for running some asynchronous operations on a thread_pool.
- Fixed co_spawn to adhere to the asynchronous operation requirement for non-reentrant invocation of the completion handler.
- Added the [[noreturn]] attribute to asio::detail::throw_exception.
- Fixed compilation errors in channel<void(error_code)> and concurrent_channel<void(error_code)>.
- Fixed a compilation issue with the Bullseye compiler.
- Fixed an awaitable coroutine compile error with the clang shipped with MSVC.
- Fixed support for platforms that don't define SA_NOCLDWAIT.
- Worked around a warning that occurs when building with _FORTIFY_SOURCE on recent g++.
- Added a documentation note on basic_signal_set async signal safety.
Asio 1.35.0:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_35_0
Asio 1.34.2:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_34_2
Asio 1.34.1:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_34_1
Asio 1.34.0:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_34_0
Asio 1.33.0:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_33_0
Asio 1.32.0:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_32_0
Asio 1.31.0:
https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_31_0
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5bca83cd50
---------------------------
ettercap: patch CVE-2026-3603
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3606
Pick the commit that is marked to solve the related Github
issue[1]. Its commit message also references the CVE ID explicitly.
[1]: https://github.com/Ettercap/ettercap/issues/1297
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1b1c258172
---------------------------
gnome-shell: update 48.3 -> 48.7
48.7
====
* Fix wrong network icon on connectivity loss [Antoine; !3910]
* Sort session list on login screen by display name [Balló; !3920]
* Add extended OSK layouts for German and Austrian [Leonidas; !3923]
* Fix leaving VPN auth helper zombie processes [Michael; !3926]
* Fix freeze on modifier-only layout switch shortcut [Sebastian; !3939]
* Fix glitch in list search results [Florian; !3951]
* Fix swipe gestures behaving erroneously in RTL locales [Florian; !3967]
* Fix misplaced separator in dash after unpinning running app [Raghuveer; !1973]
* Fixed crash [Sebastian; !3933]
* Misc. bug fixes and cleanups [Sebastian, Leonidas, Florian, Jonas,
ClarityStorm, Alessandro, Marco, Adrian, Carlos; !3922, !3925, !3931, !3927,
!3932, !3924, !3937, !3940, !3942, !3946, !3943, !3950, !3708, !3917, !3971]
Contributors:
Leonidas Adaktylos, Alessandro Bono, Michael Catanzaro, ClarityStorm,
Carlos Garnacho, Balló György, Raghuveer Kasaraneni, Sebastian Keller,
Antoine Lassagne, Florian Müllner, Marco Trevisan (Treviño), Adrian Vovk,
Jonas Ådahl
Translators:
Antonio Marin [ro]
48.6
====
* Fix key focus on choice list on login screen [Marco; !3849]
* Fix animation glitch when cancelling overview search [Noam; !3888]
* Also send activation token for notifications without app [Marco; !3891]
* Update keyboard indicator on modifier-only layout switches [Carlos; !3895]
* Improve accessibility of screenshot UI [Lukáš; !3908]
* Improve Hindi bolnagri input with on-screen keyboard [Mike; !3911]
* Do not expire notifications that are about to show [Marco; !3905]
* Misc. bug fixes and cleanups [SimonMaracine, Daniel, Marco; !3894, !3892,
!3907, !3904]
Contributors:
Mike FABIAN, Carlos Garnacho, Noam Raz, SimonMaracine,
Marco Trevisan (Treviño), Lukáš Tyrychtr, Daniel van Vugt
Translators:
Abduqadir Abliz [ug]
48.5
====
* Fix connecting to WPA(2) Enterprise networks [Mitchell; !3834]
* Improve order in which extensions are enabled/disabled [Kyrill; !3835]
* Account for scaling when setting cursor location from ibus [Takao; !3729]
* Do not reset the unlock prompt on every tap [Marco; !3852]
* Improve legacy tray icon support [Marco; !3818]
* Fix misplaced background menu [Jonas; !3863]
* Fix layout of app search results in RTL locales [Khalid; !3851]
* Fix notification banners sometimes getting stuck [everyx; !3861]
* Fixed crashes [Johannes, Daniel, Jonas, Alessandro; !3839, !3809, !3872]
* Plugged leak [Sebastian; !3854]
* Misc. bug fixes and cleanups [Michael, Marco, Philip, Jonas; !3813, !3846,
!3853, !3220, !3850, !3855, !3869]
Contributors:
Khalid Abu Shawarib, Alessandro Astone, Mitchell Augustin, Michael Catanzaro,
Jonas Dreßler, everyx, Takao Fujiwara, Sebastian Keller, Johannes Maibaum,
Marco Trevisan (Treviño), Daniel van Vugt, Philip Withnall, Kyrill Zorin,
Jonas Ådahl
Translators:
Cheng-Chia Tseng [zh_TW], Philipp Kiemle [de], Aefgh Threenine [th],
Jiri Grönroos [fi]
48.4
====
* Fix taking interactive screenshots via D-Bus [Florian; !3803]
* Fix pointer scaling glitches in magnifier [Marco; !475]
* Fix drawing glitch in sliders in RTL locales [Sebastian, Khalid; !3817]
* Misc. bug fixes and cleanups [Marco, Sebastian, Florian, Mike, Jonas; !3785,
!3798, !3799, !3816, !3796, !3750]
Contributors:
Khalid Abu Shawarib, Jonas Dreßler, Mike FABIAN, Sebastian Keller,
Florian Müllner, Marco Trevisan (Treviño)
Translators:
Aefgh Threenine [th]
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ebe36f3a2d
---------------------------
gdm: conflict with dbus-broker
gdm requires dbus-run-session and fails to run
org.freedeskktop.systemd1 if using dbus-broker
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4882932910
---------------------------
nopoll: upgrade 0.4.7.b429 -> 0.4.9.b462
0.4.9
-----
Stable release with bug fixing, support for Debian Buster, Debian Bullseye and Ubuntu Focal
https://github.com/ASPLes/nopoll/blob/master/doc/release-notes/nopoll-0.4.9.txt
0.4.8
-----
Stable release with bug fixing, support for Debian Buster, Debian Bullseye and Ubuntu Focal
https://github.com/ASPLes/nopoll/blob/master/doc/release-notes/nopoll-0.4.8.txt
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a4705e2cab
---------------------------
zabbix: mark CVE-2026-23925 as patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23925
The vulnerability has been fixed since 7.0.18[1], however NVD
tracks this CVE without version information.
[1]: https://github.com/zabbix/zabbix/commit/89dec866ec7f8230b25f06ac000575e3b7bd4025
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 56106a0cfb
---------------------------
zabbix: upgrade 7.0.19 -> 7.0.23
This update contains many bugfixes.
Changelog: https://github.com/zabbix/zabbix/blob/7.0.23/ChangeLog
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: eea3a14193
---------------------------
libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-12474
https://nvd.nist.gov/vuln/detail/CVE-2026-1837
Both CVEs have been fixed in v0.11.2, but NVD tracks these
vulnerabilities without version information.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 39318cebcb
---------------------------
pipewire: Fix socket activation
Backport an upstream PipeWire fix into meta-multimedia to correct
UNIX socket path comparison in is_socket_unix() and to preserve
LISTEN_FDS when using sd_listen_fds().
The previous behavior could mis-detect valid systemd-activated sockets
and break subsequent invocations because LISTEN_FDS was unset, even
though the code path can be executed more than once.
Link: https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/f4e174870eb8cbe60c922d3bf181f3eb2347523c
Signed-off-by: Sairamreddy Bojja <sbojja@qti.qualcomm.com>
Signed-off-by: Mohammad Rafi Shaik <mohammad.rafi.shaik@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 19af995bc1
---------------------------
aom: add bindir to SYSROOT
The cmake files files installed by this recipe check the existence of
the binaries in ${bindir}, and throw a fatal error in case it cannot
find the expexted files.
Due to this, it is not possible to include aom in other cmake project,
because it errors out:
The imported target "AOM::aomdec" references the file
|
| ".../recipe-sysroot/usr/bin/aomdec"
|
| but this file does not exist. Possible reasons include: ...
To avoid this error, incldue the content of bindir in the sysroot.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d4bc3fe962
---------------------------
libheif: upgrade 1.20.2 -> 1.21.2
Changelog:
1.21.2:
- build script for JS/WASM now supports building with JPEG2000
and "ISO23001-17 Uncompressed" support.
- image sequence SAI data now works when using the OpenH264 decoder plugin
1.21.1:
- This patch release only fixes a build error with some GCC versions
because of a missing #include.
1.21.0:
- CVE-2025-68431 fixed
- This release adds full support for reading and writing HEIF image sequences.
- libheif will now encode HEIF image sequences with all included codecs.
- Since HEIF image sequences are very similar to MP4 videos, this new version
is also capable of decoding most MP4 videos (without audio, of course).
- Support for image sequences with alpha channels. For most codecs, the alpha
channel will be stored in a separate, auxiliary, monochrome track. For
ISO/IEC 23001-17 (uncompressed) streams, the alpha channel is stored in
the main video track.
- Support for sequence track edit lists to define the number of sequence
repetitions (without actually repeating the video data).
- New encoder plugin using x264 to write H.264-compressed video streams and images.
- The FFmpeg decoder plugin will now decode both H.265 and H.264.
- Support for HEIF text items and language properties
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 57045ecd65
---------------------------
gvfs: upgrade 1.58.1 -> 1.58.2
Major changes in 1.58.2
=======================
* client: Fix use-after-free when creating async proxy failed (Ondrej Holy)
* daemon: Fix race on subscribers list when on thread (Ondrej Holy)
* ftp: Validate fe_size when parsing symlink target (Ondrej Holy)
* ftp: Check localtime() return value before use (Ondrej Holy)
* CVE-2026-28295: ftp: Use control connection address for PASV data (Ondrej Holy)
* CVE-2026-28296: ftp: Reject paths containing CR/LF characters (Ondrej Holy)
* gphoto2: Use g_try_realloc() instead of g_realloc() (Ondrej Holy)
* cdda: Reject path traversal in mount URI host (Ondrej Holy)
* client: Fail when URI has invalid UTF-8 chars (Ondrej Holy)
* Some other fixes (correctmost, Ondrej Holy)
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 06aea3f734
---------------------------
libwnck3: BPN -> GNOMEBN
The BPN = libwnck is confusing since it should be libwnck3, use GNOMEBN to
replace BPN to make the SRC_URI work.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 53e8f46ff7
---------------------------
redis: remove unneeded CVE_STATUS tags
These CVEs were ignored because they were tracked by NVD using
incorrect version information. Since then this information seems
to be reflected correctly, it is not needed to ignore them explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 81250fb6c3
---------------------------
vlc: ignore CVE-2026-26227 and CVE-2026-26228
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-26227
https://nvd.nist.gov/vuln/detail/CVE-2026-26228
Both vulnerabilities affect only the Android version of VLC, not
the other ones. Because of this, ignore these CVEs.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ec741a75f0
---------------------------
redis: upgrade 8.0.0 -> 8.0.6
License-Update:
- Upstream has removed incorrect gplv3 text from the license (because agplv3
is the correct), which changed the checksum
- The recipe had incorrect license indication. Redis 8 is not BSD licensed,
but depending on the user's choice, it's agplv3 or sspl (or custom redis
license, which is not added to the list)
Changelogs:
8.0.6:
- Security fix: A user can manipulate data read by a connection by
injecting \r\n sequences into a Redis error reply
8.0.5:
Bugfixes:
- HGETEX - potential crash when FIELDS is used and numfields is missing
- Potential crash on HyperLogLog with 2GB+ entries
- Cuckoo filter - Division by zero in Cuckoo filter insertion
- Cuckoo filter - Counter overflow
- Bloom filter - Arbitrary memory read/write with invalid filter
- Bloom filter - Out-of-bounds access with empty chain
- Bloom filter - Restore invalid filter [We thank AWS security for
responsibly disclosing the security bug]
- Top-k - Out-of-bounds access
8.0.4:
Security fixes
- (CVE-2025-49844) A Lua script may lead to remote code execution
- (CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
- (CVE-2025-46818) A Lua script can be executed in the context of another user
- (CVE-2025-46819) LUA out-of-bound read
New Features
- VSIM: new EPSILON argument to specify maximum distance
Bug fixes
- Potential use-after-free after pubsub and Lua defrag
- Potential crash on Lua script defrag
- HINCRBYFLOAT removes field expiration on replica
- Prevent CLIENT UNBLOCK from unblocking CLIENT PAUSE
- Endless client blocking for blocking commands
- Vector sets - RDB format is not compatible with big endian machines
- EVAL crash when error table is empty
- Gracefully handle short read errors for hashes with TTL during full sync
8.0.3:
Security fixes
- (CVE-2025-32023) Fix out-of-bounds write in HyperLogLog commands
- (CVE-2025-48367) Retry accepting other connections even if the accepted connection reports an error
New Features
- VSIM: Add new WITHATTRIBS to return the JSON attribute associated with an element
Bug fixes
- A short read may lead to an exit() on a replica
- db->expires is not defragmented
8.0.2:
Security fixes
- (CVE-2025-27151) redis-check-aof may lead to stack overflow and potential RCE
Bug fixes
- Cron-based timers run twice as fast when active defrag is enabled
Other general improvements
- LOLWUT for Redis 8
8.0.1:
Performance and resource utilization improvements
- Vector sets - faster VSIM FILTER parsing
Bug fixes
- Query Engine - revert default policy search-on-timeout to RETURN
- Query Engine - @__key on FT.AGGREGATE used as reserved field name preventing access to Redis keyspace
- Query Engine - crash when calling FT.CURSOR DEL while retrieving from the CURSOR
Notes
- Fixed wrong text in the license files
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 75e14941ba
---------------------------
exiv2: upgrade 0.28.7 -> 0.28.8
Contains fixes for CVE-2026-27596, CVE-2026-25884 and CVE-2026-27631.
Ptests passed successfully.
Changelog:
Fix leak
CI: update mac runner for 0.28.x branch
Add some new cameras and lenses
Make DataValue::value_ public
fix reading mp4 url box nested in non video/audio track
fix: do not add target exiv2lib if the target already exists
Add size checks to avoid large memory allocations
Fix size calculation in XmpTextValue::size()
Avoid calling std::find or std::string with an invalid range
Backport all changes in .github/workflows from main to 0.28.x
Fix out-of-bounds read in CrwMap::decode0x0805
Fix UBSAN false positive
Upload crash files when fuzzing fails
Remove nightly release
Fix regression in Canon lens detection
fix wrong timescale used to calculate fps
Remove nightly release vestiges
conan: update dependencies
Add Tamron 18-400mm on Nikon D90
Add Ricoh GR IV HDF and Monochrome IDs
Refresh translations
Add build provenance attestation
Add fuzz target for previews
Align some docs to main
Update README.md
add enforce to prevent integer overflow
Add enforce to check for integer overflow
Release Exiv2 version 0.28.8
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0934de7a60
---------------------------
exiftool: upgrade 13.48 -> 13.52
Also fixes CVE-2026-3102
Changelog:
13.52:
- Added a number of new XMP tags written by Adobe software
- Added UTF-16 support for a few different metadata types in which only UCS-2
was previously implemented
- Added a few more Canon FlashModel values and decode FlashModel for the
5DmkII
- Added a new Canon LensType
- Added some missing file attribute bits to two of the new LNK tags
- Decode internal serial number for the 5DmkII
- Decode another OwnerName for the 5DmkII
- Decode some timed GPS for a couple of new DJI drones
- Enable WindowsLongPath by default only if Win32::API is available
- Renamed the Pentax K3III AFInfo tag to AFInfoK3III
13.51:
- Added a new Nikon LensID
- Decode more tags from Windows LNK files
- Decode another LIGOGPSINFO variant
- Decode some new Canon tags
- Decode some new Nikon tags
- Split decoding on Nikon BurstGroupID into separate tags
- Fixed round-off error in GPSDateTime seconds for camm6 metadata in MP4
videos introduced in 13.45
- Fixed bug generating the default-language version of
QuickTime:LocationInformation
13.50:
- Added a few new Sony lenses
- Added a couple of new Canon lenses
- Decode another Samsung trailer tag
- Decode BlackLevels from some Canon CRW files
- Updated Sony maker note decoding for the ILCE-7M5
- Patched potential MacOS security issue
- Fixed -list options so reading image files beforehand doesn't add tags to
the output when running multiple commands using the -execute feature
13.49:
- Decode a couple of new Samsung trailer tags
- Disabled decoding of MenuSettings for the Nikon Z6III firmware 2.0 until the
changes can be worked through in detail
- Fixed problem where Google Photos had problems displaying ExifTool-edited
HEIC MotionPhoto images. Files written by older versions of ExifTool may be
repaired by re-writing with 13.49 or later
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 50e7b3e5ea
---------------------------
python3-protobuf: mark CVE-2026-0994 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994
It is fixed already in the currently used version, however NVD tracks
it without any version info, so it still shows up in CVE reports.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 717d124c2d
---------------------------
freerdp3: upgrade 3.22.0 -> 3.23.0
Contains many CVE and bugfixes.
Changelog: https://github.com/FreeRDP/FreeRDP/releases/tag/3.23.0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4937ed55d8
---------------------------
bcc: Add ARM and AArch64 support to static tracepoints
This resolves USDT probe test failures on ARM64 platforms.
Without these changes, the .note.stapsdt section containing probe
information was missing entirely on ARM64, causing test failures when
attempting to find and attach to USDT probes in the BCC test suite.
Upstream-Status: Submitted [https://github.com/iovisor/bcc/pull/5491]
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cdf9d099b9
---------------------------
bcc: Add riscv syscall prefix detection in C++ API
Fixes issue where bpf.get_syscall_fnname() on riscv64 returns bare syscall
name instead of the prefixed _riscv_sys variant, causing kprobe
attachment failures.
Upstream-Status: Submitted [https://github.com/iovisor/bcc/pull/5490]
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: eed01e5cc0
---------------------------
bcc: Add ARM64 syscall prefix detection in C++ API
Fixes issue where bpf.get_syscall_fnname() on ARM64 returns bare syscall name
instead of the prefixed _arm64_sys variant, causing kprobe attachment failures.
Now detects ARM64 prefix alongside x64 (x64_sys) and generic (sys) prefixes.
Upstream-Status: Submitted [https://github.com/iovisor/bcc/pull/5489]
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: db05f827bb
---------------------------
nodejs: upgrade 22.22.0 -> 22.22.1
License Update: Add sorttable.js under the MIT license - https://github.com/nodejs/node/pull/61348/files
Update minimatch to the Blue Oak Model License - https://github.com/nodejs/node/commit/e72da8c7544727f90b857ba86b8c7755e631fe96
Changelog: https://github.com/nodejs/node/releases/tag/v22.22.1
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6b443c2b7c
---------------------------
emlog: bump to latest revision
Drop the patch that is included in this release.
Actually that is also the changelog since the previous version - there
were no other changes beside the accepted patch.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 40ceaf426d
---------------------------
dropwatch: upgrade 1.5.4 -> 1.5.5
Changes:
- Added abilty to build and run in a docker container
- kas is the default symbol lookup method now
- Fix building without libtool installed
- Misc fixes for kas lookup logic
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 69f1a41a94
---------------------------
curlpp: upgrade to latest revision
The last release was almost a decade ago, but there are quite
a few commits that were added to the project since that.
Instead of waiting for a new release, use the tip of the repository.
Changelog:
https://github.com/jpbarrette/curlpp/compare/v0.8.1...ec1b66e699557cd9d608d322c013a1ebda16bd08
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 37b9749f24
---------------------------
arptables: remove unused checksums
It is fetched from git, so the checksums are not doing anything.
While touching it, switch to the project's own license file instead
of using a generic one from the COMMON_LICENSE_DIR.
The license itself has not changed, still gpl 2.0, only.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9df85b55dc
---------------------------
rdma-core: upgrade 51.0 -> 62.0
v51 series will get support only for about 2 more years, but v62
just started its ~4 years long support cycle.
Drop patches that are included in this release, or were solved on another
way by upstream.
Changelog:
62.0: https://github.com/linux-rdma/rdma-core/releases/tag/v62.0
61.0: https://github.com/linux-rdma/rdma-core/releases/tag/v61.0
60.0: https://github.com/linux-rdma/rdma-core/releases/tag/v60.0
59.0: https://github.com/linux-rdma/rdma-core/releases/tag/v59.0
58.0: https://github.com/linux-rdma/rdma-core/releases/tag/v58.0
57.0: https://github.com/linux-rdma/rdma-core/releases/tag/v57.0
56.0: https://github.com/linux-rdma/rdma-core/releases/tag/v56.0
55.0: https://github.com/linux-rdma/rdma-core/releases/tag/v55.0
54.0: https://github.com/linux-rdma/rdma-core/releases/tag/v54.0
53.0: https://github.com/linux-rdma/rdma-core/releases/tag/v53.0
52.0: https://github.com/linux-rdma/rdma-core/releases/tag/v52.0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2b444cfaa4
---------------------------
tinyproxy: drop obsolete patch
The patch removed manual generation completely from the build scripts,
however upstream has added a configure option in version 1.11.0[1] to
do it in a more gentle way.
Drop the patch, and use the configure option instead.
[1]: https://github.com/tinyproxy/tinyproxy/commit/5ba958829f73ecc02658a46f5b1bba5ffed2281d
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 629bb51b14
---------------------------
tunctl: update patch status
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1bf78542f0
---------------------------
udpcast: update patch status
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: be6b26e92c
---------------------------
wireshark: upgrade 4.6.3 -> 4.6.4
This is a bugfix release. Changes:
- USB HID dissector memory exhaustion. CVE-2026-3201.
- NTS-KE dissector crash. CVE-2026-3202.
- RF4CE Profile dissector crash. CVE-2026-3203.
- Wireshark doesn’t start if Npcap is configured with
"Restrict Npcap driver’s Access to Administrators only"
- PQC signature algorithm not reported in signature_algorithms.
- Unexpected JA4 ALPN values when space characters sent.
- Expert Info seems to have quadratic performance (gets slower and slower)
- IKEv2 EMERGENCY_CALL_NUMBERS Notify payload cannot be decoded.
- TShark and editcap fails with segmentation fault when output format (-F) set to blf.
- Fuzz job crash: fuzz-2026-02-01-12944805400.pcap [Zigbee
Direct Tunneling Zigbee NWK PDUs NULL hash table]
- Wiretap writes pcapng custom options with string values invalidly.
- RDM status in Output Status (GoodOutputB) field incorrectly
decoded in Art-Net PollReply dissector.
- Wiretap writes invalid pcapng Darwin option blocks.
- TDS dissector desynchronizes on RPC DATENTYPE (0x28) due to
incorrect expectation of TYPE_VARLEN (MaxLen)
- Only first HTTP POST is parsed inside SOCKS with "Decode As".
- TShark: Bogus "Dissector bug" messages generated in pipelines
where something after tshark exits before reading all its input.
- New Diameter RAT-Types in TS 29.212 not decoded.
- Malformed packet error on Trigger HE Basic frames.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 154c462c59
---------------------------
ntpsec: upgrade 1.2.2a -> 1.2.4
Upgrade to latest upstream release 1.2.4.
Release notes: https://blog.ntpsec.org/2025/04/18/version-1.2.4.html
Signed-off-by: G B <gitbeam@proton.me>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4c98e54b65
---------------------------
fio: fix musl builds
fio 3.40 added the commit 4175f4dbec5d ("oslib: blkzoned: add
blkzoned_move_zone_wp() helper function") which uses
FALLOC_FL_ZERO_RANGE which in a musl build is undefined without
including its header.
Backport the upstream fix.
Signed-off-by: Max Krummenacher <max.oss.09@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 46ae413c63
---------------------------
rtla: add recipe for real-time linux analysis tool
rtla source code is present in the kernel source tree at tools/tracing/rtla.
There is another build option for rtla to enable bpf bindings, this was
not a quick one to get working and left as a future improvement.
Makefile for rtla has evolved in newer kernels (v6.9). Some fixes needed for
support with older kernels. This commit was tested against 6.18 and 6.8.
Also add rtla to packagegroup-meta-oe-benchmarks.
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d6815efa84
---------------------------
cpupower: keep header files for other packages and package systemd service
When having a DEPENDS against cpupower it need to leave its header files.
Remove that cleanup that has been present since the beginning of the recipe
without any (to me) known reason.
cpupower ship a systemd service and config file in kernel source tree
since kernel 6.16. Package them as a separate package cpupower-systemd to
be installed if wanted.
Add cpupower to packagegroup-meta-oe to be included in builds of all
packages.
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e8be5452b6
---------------------------
pipewire: backport fix for build with glibc-2.43
Fixes:
../sources/pipewire-1.6.0/spa/plugins/support/logger.c:121:5: error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
121 | s = strrchr(file, '/');
| ^ ~~~~~~~~~~~~~~~~~~
1 error generated.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0541742ec0
---------------------------
ngtcp2: add recipe
ngtcp2 project is an effort to implement IETF QUIC protocol
It is a dependency of the new Samba recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 822634e849
---------------------------
nghttp3: add recipe
HTTP/3 library written in C
A new dependency for Samba recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5a7a1a643e
---------------------------
python3-django: upgrade 5.2.11 -> 5.2.12
Ptests passed successfully.
Changelog: https://docs.djangoproject.com/en/6.0/releases/5.2.12/
- Fixed CVE-2026-25673 and CVE-2026-25674
- Fixed NameError when inspecting functions making use of deferred
annotations in Python 3.14.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1960f33a61
---------------------------
python3-django: upgrade 6.0.2 -> 6.0.3
Ptests passed successfully.
Changelog: https://docs.djangoproject.com/en/6.0/releases/6.0.3/
- Fix CVE-2026-25673 and CVE-2026-25674
- Fixed NameError when inspecting functions making use of deferred
annotations in Python 3.14
- Fixed AttributeError when subclassing builtin lookups and neglecting
to override as_sql() to accept any sequence
- Fixed TypeError when deprecation warnings are emitted in environments
importing Django by namespace
- Fixed a visual regression where fieldset legends were misaligned in
the admin.
- Prevented the django.tasks.signals.task_finished signal from writing
extraneous log messages when no exceptions are encountered
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 58a0bbec39
---------------------------
redis: drop recipe for v7.2.12
This version has been EOL since the end of February. There is a recipe
available for v8, which is still supported.
Drop this version.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5899a5e6ff
---------------------------
meta-oe: libcppconnman: add recipe
libcppconnman is a C++ library to control ConnMan via D-Bus. It exposes
simple aync methods to perform all the controls that ConnMan allow via
D-Bus.
Signed-off-by: Andrea Ricchi <andrea.ricchi@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9dff889e43
---------------------------
mariadb: Upgrade 11.4.9 -> 11.4.10
Remove 0001-Remove-x86-specific-loop-in-my_convert.patch as it's fixed
in new version [1].
Remove 0001-MDEV-38029-my_tzinfo-t-fails-for-certain-TZ-values-o.patch
as its logic is included in new version [2].
Release note:
https://mariadb.com/docs/release-notes/community-server/11.4/11.4.10
[1] https://github.com/MariaDB/server/commit/470487c
[2] https://github.com/MariaDB/server/commit/a61a746
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8b9b789542
---------------------------
signing.bbclass: add signing_create_uri_pem helper function
The PKCS#11 provider has a mechanism [1] to support older applications
which have not yet migrated to the OSSL_STORE API [2]. It works by
encoding the 'pkcs11:' URI into a PEM file and passing that to an
application as a file. From the application's perspective it loads the
private key from a file, but OpenSSL will transparently use select the
provider to access it via PKCS#11 instead.
Instead of upstream's Python-based tool [3] (which would pull in
asn1crypto as a dependency), we just generate the ASN.1 for the PEM
using OpenSSL's 'asn1parse -genconf'.
It has been tested with RAUC, U-Boot's mkimage (for signed FITs) and
NXP's CST.
[1] https://github.com/latchset/pkcs11-provider/blob/main/docs/provider-pkcs11.7.md#use-in-older-applications-uris-in-pem-files
[2] https://docs.openssl.org/master/man7/ossl_store/
[3] https://github.com/latchset/pkcs11-provider/blob/main/tools/uri2pem.py
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Fabian Pflug <f.pflug@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f75a2ab194
---------------------------
signing.bbclass: add support for OpenSSL PKCS#11 provider
OpenSSL 4.0 will drop support for engines and use providers instead.
To access SoftHSM and other PKCS#11 modules via the provider API, we
rely on https://github.com/latchset/pkcs11-provider, which is already
available as via pkcs11-provider recipe.
We enable this provider by using a specific OpenSSL config when signing.
This means that recipes inheriting this class can decide whether they
want to use the engine or provider to access the key.
SoftHSM seems to produce broken keys when calling the C_CopyObject, so
disable caching in the provider for now.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Fabian Pflug <f.pflug@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 40a1825c95
---------------------------
signing.bbclass: remove trailing white space
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c427a6dfc0
---------------------------
python3-m2crypto: upgrade 0.46.2 -> 0.47.0
0001-fix-allow-64-bit-time_t-on-32-bit-systems-in-test_is.patch
0002-fix-correct-struct-packing-on-32-bit-with-_TIME_BITS.patch
removed since they're included in 0.47.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
MAIL: wangmy@fujitsu.com
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0bc67b61ca
---------------------------
wowlan-udev: add udev rule to enable WoWLAN magic-packet
On some platforms (for example, QCx6490), XO (Crystal Oscillator) shutdown
is prevented by Wireless Processor Subsystem votes on interconnect
bandwidth and XO unless the WoWLAN magic-packet trigger is enabled. These
votes are released only after running:
iw phy0 wowlan enable magic-packet
Add an udev rule to automatically enable WoWLAN magic-packet support when
a Wi-Fi PHY is registered. This rule is provided via a dedicated
wowlan-udev package and is not enabled by default.
Integrators should include this package only if their platform requires
automatic WoWLAN magic-packet enablement.
Signed-off-by: Miaoqing Pan <miaoqing.pan@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6bce0aedab
---------------------------
python3-can: remove python3-pkg-resources from runtime depends
Due to setuptools removes and deprecates pkg_resources in 82.0.0 [1],
python3-can does not import `pkg_resources` in [2], then python3-pkg-resources
is not necessary for us, remove it from runtime depends
[1] https://setuptools.pypa.io/en/stable/history.html#v82-0-0
[2] https://github.com/hardbyte/python-can/commit/1a3f5e3769aa565ada8c27177a94f7db43d019dc
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: dae627f632
---------------------------
audit: upgrade 4.1.2 -> 4.1.3
ChangeLog:
https://github.com/linux-audit/audit-userspace/releases/tag/v4.1.3
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 874af51714
---------------------------
brotli: update 1.1.0 -> 1.2.0
[1.2.0] - 2025-10-27
SECURITY
python: added Decompressor::can_accept_more_data method and optional output_buffer_limit argument Decompressor::process; that allows mitigation of unexpectedly large output; reported by Charles Chan (https://github.com/charleswhchan)
Added
decoder / encoder: added static initialization to reduce binary size
python: allow limiting decoder output (see SECURITY section)
CLI: brcat alias; allow decoding concatenated brotli streams
kt: pure Kotlin decoder
cgo: support "raw" dictionaries
build: Bazel modules
Removed
java: dropped finalize() for native entities
Fixed
java: in compress pass correct length to native encoder
Improved
build: install man pages
build: updated / fixed / refined Bazel buildfiles
encoder: faster encoding
cgo: link via pkg-config
python: modernize extension / allow multi-phase module initialization
Changed
decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 13b791e31d
---------------------------
hplip: upgrade 3.22.10 -> 3.25.8
Contains fix for CVE-2025-43023, and support for many new printers.
Drop patches that are included in this release (or the underlying problem
was solved on another way)
Changelog: https://developers.hp.com/hp-linux-imaging-and-printing/release_notes
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7125b918bd
---------------------------
nushell: Add nushell recipe
Nushell is a modern, cross-platform shell and programming language.
It is designed to work with structured data rather than plain text, and takes
inspiration from traditional shells like bash, object-based shells like
PowerShell, gradually typed languages such as TypeScript, functional
programming, and systems programming.
Add recipe for the latest release
- Written in Rust
- Combines a full-featured shell with a rich, structured programming language
- Operates on structured data instead of plain text
- Provides clear error messages and strong IDE support
- Designed for modern, cross-platform workflows
More information: https://crates.io/crates/nu
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 42ea269266
---------------------------
librelp: update PACKAGECONFIG setting related to valgrind
The riscv64 is now in COMPATIBLE_HOST of valgrind.
The armv4/armv5/armv6 are not in COMPATIBLE_HOST of valgrind.
Update the settings accordingly.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1e824240fb
---------------------------
rrdtool: takes graph only with x11 or wayland
rrdtool package configuration 'graph' relies on graphical support. Ignore
it if none of x11 org wayland is in the distro features.
Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bb5f304e15
---------------------------
nodejs: fix NEON llhttp ctzll undefined behavior
The NEON SIMD fast path in the bundled llhttp calls
__builtin_ctzll(match_mask) without checking if match_mask is zero.
When all 16 bytes in a NEON register are valid header value characters,
match_mask is 0. Calling __builtin_ctzll(0) is undefined behavior.
GCC at -O2 exploits this by optimizing "if (match_len != 16)" to
always-true, causing HTTP 400 Bad Request for any header value longer
than 16 characters on ARM targets with NEON enabled.
Fix by explicitly checking for match_mask == 0 and setting
match_len = 16. This bug affects both aarch64 and armv7 NEON targets.
The code this patch modifies is generated, so the patch itself isn't
suitable for upstream submission, as the root cause of the error is
in the generator itself. The fix has been merged upstream[1] in
llparse 7.3.1 and is included in llhttp 9.3.1. This patch can be
dropped when nodejs updates its bundled llhttp to >= 9.3.1.
[1]: https://github.com/nodejs/llparse/pull/83
Signed-off-by: Telukula Jeevan Kumar Sahu <j-sahu@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c3e16d369d
---------------------------
python3-identify: Upgrade 2.6.16 -> 2.6.17
Upgrade to release 2.6.17:
- Add support for sconstruct and sconscript extensions
- Add support for 'slnx' file extension
- Add 'escript' file type for Erlang
- Add support for HLSL
- Add jbuilder extension as ruby text files
- Add support for *.diff
- Add support for *.cmd
- Add support for *.entitlements
- Add support for *.xaml
- Add support for uv.lock
- Add support for Fastfile
- Add support for Brewfile
- Add support for xcodebuild file formats
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 74895a2031
---------------------------
python3-yarl: Upgrade 1.22.0 -> 1.23.0
Upgrade to release 1.23.0:
- Added support for pydantic, the :class:~yarl.URL could be used as
a field type in pydantic models seamlessly.
- The CI has been set up to notify Codecov about upload completion
- The in-tree build backend allows the end-users appending
CFLAGS and LDFLAGS by setting respective environment
variables externally.
- The :pep:517 build backend now supports a new config
setting for controlling whether to build the project in-tree
or in a temporary directory. It only affects wheels and is
set up to build in a temporary directory by default. It does
not affect editable wheel builds - they will keep being
built in-tree regardless.
- Starting this version, when building the wheels is happening
in an automatically created temporary directory, the build
backend makes an effort to normalize the respective file
system path to a deterministic source checkout directory.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5de756cffa
---------------------------
python3-rich: Upgrade 14.3.2 -> 14.3.3
Upgrade to release 14.3.3:
- Fixed infinite loop with cells.split_graphemes
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a22fe21c59
---------------------------
ceres-solver: Don't fail if .git/hooks/commit-msg can't be touched
The .git/hooks/commit-msg Git hook may already exist and not be
writable. E.g., in our environment it is a symbolic link to a script in
/usr/share.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7bc5268662
---------------------------
onig: Add CVE_PRODUCT to support product name
- Set CVE_PRODUCT to align with the NVD CPE and ensure correct CVE
reporting.
Signed-off-by: Het Patel <hetpat@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9b69587ecb
---------------------------
open-vm-tools: Add entry to CVE_PRODUCT to support the product name
- Added 'vmware:open_vm_tools' to CVE_PRODUCT to align with the NVD
CPE and ensure accurate CVE reporting.
Signed-off-by: Het Patel <hetpat@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a428ea90c0
---------------------------
abseil-cpp: Add CVE_PRODUCT to support product name
- Set CVE_PRODUCT to align with the NVD CPE and ensure correct CVE
reporting.
Signed-off-by: Het Patel <hetpat@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cc29ac4fea
---------------------------
pangomm: remove x11 from REQUIRED_DISTRO_FEATURES
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2cd317e955
---------------------------
gtkmm4: remove x11 from REQUIRED_DISTRO_FEATURES
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 645c82e60b
---------------------------
tnftp: upgrade 20230507 -> 20260211
1.Changelog:
* tnftp.h: improve <arpa/nameser.h> compat.
* Sync inet_pton.c to lib/libc/inet/inet_pton.c 1.8, via
othersrc/libexec/tnftpd/libnetbsd/inet_pton.c 1.5:
* Lint issues.
* Hex formatting change from bind 9.4.0.
* Sync inet_ntop.c to lib/libc/inet/inet_ntop.c 1.12, via
othersrc/libexec/tnftpd/libnetbsd/inet_ntop.c 1.5:
* Always set errno when returning NULL.
* Sync fgetln.c to tools/compat/fgetln.c 1.12:
* Switch to a version that does not suffer from reporting the
wrong length if the file contains NULs. From OpenBSD.
* Fix -Wformat-overflow issues detected by gcc 11 in fetch.c.
(Also fixed in upstream NetBSD ftp, will be part of next import.)
2. LICENSE checksum has changed as Copyright year changed
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b114f9080d
---------------------------
python3-uefi-firmware: upgrade 1.12 -> 1.13
Changelog:
https://github.com/theopolis/uefi-firmware-parser/releases/tag/v1.13
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8e94c3a2a8
---------------------------
python3-send2trash: upgrade 2.0.0 -> 2.1.0
1.Changelog
https://github.com/arsenetar/send2trash/releases/tag/2.1.0
2.Remove 0001-add-missing-conftest.py.patch as it was merged upstream.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bc5bfbb4ec
---------------------------
python3-uvicorn: upgrade 0.40.0 -> 0.41.0
1.Changelog:
https://github.com/Kludex/uvicorn/releases/tag/0.41.0
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 012b5306a2
---------------------------
python3-wxgtk4: upgrade 4.2.4 -> 4.2.5
Remove customization of ${S} as package name has restored to wxpython-${PV}.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 550fec593a
---------------------------
xdebug: upgrade 3.5.0 -> 3.5.1
Changelog:
https://github.com/xdebug/xdebug/releases/tag/3.5.1
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b4e2194a37
---------------------------
python3-gmpy2: upgrade 2.2.2 -> 2.3.0
1.Changelog:
https://github.com/gmpy2/gmpy2/releases/tag/v2.3.0
2.Add python3-setuptools-scm-native as depend to satisfy require check of setuptools_scm
3.Add 0001-Avoid-do_configure-requires-check-error.patch to fix require check error of setuptools
| ERROR Missing dependencies:
| setuptools_scm[toml]>=6.0
| setuptools<80,>=77
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f66593bab7
---------------------------
live555: set CVE_PRODUCT
live555 is an old project, it has multiple CPEs associated with.
Set the ones in CVE_PRODUCT that are still active.
See CVE db query:
sqlite> select vendor, product, count(*) from products where vendor like '%live555%' or product like '%live555%' group by 1, 2;
live555|liblivemedia|1
live555|live555|7
live555|live555_media_server|2
live555|media_server|1
live555|streaming_media|160
All of them are relevant to this recipe, although media_server hasn't been used since 2007,
that one wasn't set.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 60ff931fe7
---------------------------
pavucontrol: add x11 to REQUIRED_DISTRO_FEATURES
pavucontrol depends on gtkmm4, which require x11, so add x11 to
REQUIRED_DISTRO_FEATURES for pavucontrol, refer [1]
[1] https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=aed20cd843fb00726d7c8da1aa19d238c2f9f195
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7adb1a61d2
---------------------------
btrfsmaintenance: upgrade 0.5 -> 0.5.2
1.Changelog:
fix syntax error in run_task, preventing jobs to start
start scrub jobs sequentially if RAID5 or RAID6 data profile is found
fix btrfsmaintenance-refresh.service description
2.Update 0001-change-sysconfig-path-to-etc-default.patch for 0.5.2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1a9744b3ca
---------------------------
bluealsa: fix QA issue staticdev
When building bluealsa with building static libraries NOT disabled, you
get the following error:
ERROR: bluealsa-4.3.0-r0 do_package_qa: QA Issue: non -staticdev package
contains static .a library: bluealsa path
'/usr/lib/alsa-lib/libasound_module_pcm_bluealsa.a' [staticdev]
ERROR: bluealsa-4.3.0-r0 do_package_qa: QA Issue: non -staticdev package
contains static .a library: bluealsa path
'/usr/lib/alsa-lib/libasound_module_ctl_bluealsa.a' [staticdev]
ERROR: bluealsa-4.3.0-r0 do_package_qa: Fatal QA errors were found,
failing task.
Fix this by explicitly putting these files in the -staticdev package.
Signed-off-by: Matthias Proske <matthias.p@variscite.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d20dff364d
---------------------------
python3-bandit: Upgrade 1.9.3 -> 1.9.4
Upgrade to release 1.9.4:
- chore: fixed some typos in comments
- Fix B613 crash when reading from stdin
- Include filename in nosec 'no failed test' warning
- Fix B615 false positive when revision is set via variable
- Lower version guard in check_ast_node to Python 3.12
- Fix B106 reporting wrong line number on multiline function calls
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a4b7568e50
---------------------------
python3-fastapi: Upgrade 0.128.0 -> 0.133.1
Upgrade to release 0.133.1:
- Add FastAPI Agent Skill.
- Fix all tests are skipped on Windows.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f6eb6e8680
---------------------------
yaml-cpp: upgrade 0.8.0 -> 0.9.0
Changelog:
============
- Increase minimum required CMake version to 3.5, update Googletest to 1.13
- Bazel module builds
- node/convert: Enable the template specialization for std::string_view properly when the library is compiled by MSVC on Windows
- CMake: Allow to disable uninstall
- Update cmakelists to use system googletest if available
- Fix indentation of empty flow sequences
- Add option YAML_ENABLE_PIC
- fix: use C locale by default
- Use FetchContent_MakeAvailable
- fix: parse files with '\r' symbols as line ending correctly
- fix(src): avoid possible infinite loop in LoadAll()
- missing keys should throw InvalidNode, not BadConversion
- fix: prettier floating point numbers
- Optimization of merge memories
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ac02b5a6f3
---------------------------
xterm: upgrade 404 -> 407
License-Update: Copyright year upted to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e19a4f4bd5
---------------------------
wireguard-tools: upgrade 1.0.20250521 -> 1.0.20260223
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 67947560bd
---------------------------
wavemon: upgrade 0.9.6 -> 0.9.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c1318861f1
---------------------------
valkey: upgrade 9.0.2 -> 9.0.3
Security fixes
-----------------
(CVE-2025-67733) RESP Protocol Injection via Lua error_reply
(CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
(CVE-2026-27623) Reset request type after handling empty requests
Bug fixes
------------
Avoids crash during MODULE UNLOAD when ACL rules reference a module command and subcommand
Fix server assert on ACL LOAD when current user loses permission to channels
Fix bug causing no response flush sometimes when IO threads are busy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f10cc4806b
---------------------------
utf8proc: upgrade 2.10.0 -> 2.11.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7194bb5535
---------------------------
upower: upgrade 1.91.0 -> 1.91.1
Changelog:
============
- Fix: a resource leak (!294)
- Fix: a NULL exception caused by a Non-NULL GError pointer
- Fix client API: crashing when printing the error message from a NULL GError pointer
- Fix: ACPI reports -NaN capacity value
- Feature: Skip CriticalPowerAction when performing battery recalibration
- Deprecate: capacity_level and luminosity property
- CI: Add a tartan LLVM static analysis
- Feature: History supports voltage item
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8941d7c480
---------------------------
thingsboard-gateway: upgrade 3.8.0 -> 3.8.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 307d03fa9c
---------------------------
tftpy: upgrade 0.8.6 -> 0.8.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3556286880
---------------------------
swagger-ui: upgrade 5.30.3 -> 5.31.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0ab79a9176
---------------------------
stunnel: upgrade 5.76 -> 5.77
Changelog:
===========
* Security bugfixes
- OpenSSL DLLs updated to version 3.5.5.
* Bugfixes
- Avoid attempting to fetch OCSP stapling for PSK-only
configuration sections.
* Features
- Merged applicable patches from Fedora and Debian:
- Use SOURCE_DATE_EPOCH for reproducible builds.
- Skip the OpenSSL version check when AUTOPKGTEST_TMP is set.
- Enable PrivateTmp in the stunnel.service template.
- Clarify the manual page for the "curves" option.
- Log client IP addresses on TLS errors.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 513dcb0d08
---------------------------
smarty: upgrade 5.7.0 -> 5.8.0
Changelog:
=============
- Document missing inline implementation. Fixed #1152
- Fix static analysis warnings for isDot() and remove deprecated APC support
- Support for Laravel Collections style object chaining
- Regex matches operator
- Add support for Backed Enums
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 23d4ba6b96
---------------------------
ser2net: upgrade 4.6.6 -> 4.6.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 30c229c111
---------------------------
rdfind: upgrade 1.7.0 -> 1.8.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 85efcd8a93
---------------------------
python3-wrapt: upgrade 2.0.1 -> 2.1.1
License-Update: Copyright year updated to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0ee8e25476
---------------------------
python3-typer: upgrade 0.21.1 -> 0.24.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5c076ebf62
---------------------------
python3-typeguard: upgrade 4.5.0 -> 4.5.1
Changelog:
- Fixed iterable unpacking incorrectly calculating the cut-off offset of the
item list when assigning remaining values to the star variable
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: be1e06c6cc
---------------------------
python3-tenacity: upgrade 9.1.2 -> 9.1.4
Changelog:
==========
- Apply formatting to num seconds in before_sleep_log
- Support Python 3.14
- Typing: Accept non-standard logger in helpers logging something
- feat(wait): add wait_exception strategy
- docs: fix syntax error in wait_chain docstring example
- chore: drop Python 3.9 support (EOL)
- Support async sleep for sync fn-to-retry
- Fix retry() annotations with async sleep= function
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 48617f7032
---------------------------
python3-sqlparse: upgrade 0.5.4 -> 0.5.5
Changelog:
==========
* Fix DoS protection to raise SQLParseError instead of silently returning None
when grouping limits are exceeded
* Fix splitting of BEGIN TRANSACTION statements
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e56bce849b
---------------------------
python3-responses: upgrade 0.25.8 -> 0.26.0
Changelog:
===========
* When using 'assert_all_requests_are_fired=True', assertions about
unfired requests are now raised even when an exception occurs in the context manager or
decorated function. Previously, these assertions were suppressed when exceptions occurred.
This new behavior provides valuable debugging context about which mocked requests were
or weren't called.
* Consider the 'Retry-After' header when handling retries
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d239449f83
---------------------------
python3-reportlab: upgrade 4.4.9 -> 4.4.10
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4fe27e1804
---------------------------
python3-regex: upgrade 2026.1.15 -> 2026.2.19
Changelog:
==========
- Added \z as alias of \Z, like in re module.
- Added prefixmatch as alias of match, like in re module.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 525d170581
---------------------------
python3-pytokens: upgrade 0.4.0 -> 0.4.1
Changelog:
===========
- Avoid emitting dedents after an escaped new line
- Add --json support to the CLI
- Fix quiet mode in the CLI
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c47a60b80c
---------------------------
python3-pystemd: upgrade 0.15.1 -> 0.15.3
Changelog:
============
- Fix type invariance causing too strict typing
- Add E2E testing infrastructure using mkosi for running tests in a real systemd environment
- Improve type annotations throughout pystemd, modernizing to Python 3.10+ syntax
- Add AmbientCapabilities to systemd1 KNOWN_UNIT_SIGNATURES
- Improve README.md clarity, spelling, and grammar
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e6e12396bd
---------------------------
python3-pymodbus: upgrade 3.11.4 -> 3.12.1
Changelog:
============
- SimDevice / SimRuntime fixes.
- No inter_frame_time check for baudrate > 38000.
- Fix smaller bugs in test, part 2.
- simulator startup armoring and update 3.x docs
- Fix smaller bugs in test, part 1.
- Update README.rst.
- Coverage limit is 99.95% (to allow a little margin).
- Removed simulator README, due to unused.
- fix: add warning log when using internal default simulator config
- Document simulator entrypoint in README
- Upgrade library versions installed by pip.
- SimData/Device integrate in server.
- Add bind to ModbusUdpClient.
- Solve Zuban problem.
- Fix wrong parameter name in function docstring. Fix set_values does not accept tuple.
- Add context.async_get/setValues with device_id.
- SimData/SimDevice ready for server integration.
- Reactivate pytest coverage.
- No blank issue template.
- Update issue templates
- Fix ReadFifoQueueResponse count
- Limited support for multiple devices on RS485.
- Simulator DataBlock docstring corrections
- fix README.rst and troubleshooting
- Solve DoS vulnerability.
- server handle_local_echo only in comm_params.
- di is for discrete input
- Allow any dev_id, when requesting dev_id 0.
- Allow response transaction_id 0.
- Use relative import.
- ModbusServerContext.device_ids() docstring
- Include ModbusSequentialDataBlock into the documentation
- Fix Modbus TCP protocol ID validation in FramerSocket
- Remove idle_time() from sync client, which anyhow was void.
- Correct check_ci.sh.
- Replace mypy with zuban
- Fix monitoring of functions
- Improve types
- dicts have preserved insertion order since 3.7
- asyncio.iscoroutinefunction() is deprecated
- Remove pypi-alias.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 01168ffb6f
---------------------------
python3-pymisp: upgrade 2.5.32 -> 2.5.32.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 83b6f6fab5
---------------------------
python3-pylint: upgrade 4.0.4 -> 4.0.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0dc1a2f40e
---------------------------
python3-psycopg: upgrade 3.3.2 -> 3.3.3
Changelog:
============
- Retain Error.pgconn when raising a single exception for multiple connection attempt errors
- Return a proper error when server sends ErrorResponse for a Sync after a Parse
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7e096b339c
---------------------------
python3-parse: upgrade 1.20.2 -> 1.21.1
Changelog:
===========
- Fix microsecond precision loss in timestamp parsing
- allow triggering CI manually
- Actually raise exception
- readme: Clarify 'd' type
- Bump actions/checkout from 5 to 6 in the actions-infrastructure group
- Allow grouping char (,_) in decimal format string
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0bbfdd698b
---------------------------
python3-pandas: upgrade 3.0.0 -> 3.0.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 49d16df754
---------------------------
python3-moteus: upgrade 0.3.98 -> 0.3.99
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 680e6f63f0
---------------------------
python3-ipython: upgrade 9.9.0 -> 9.10.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 604b8ac0a0
---------------------------
python3-icu: upgrade 2.16 -> 2.16.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f6e5dd4059
---------------------------
python3-greenlet: upgrade 3.3.1 -> 3.3.2
Changelog:
Fix a crash on Python 3.10 if there are active greenlets during interpreter shutdown.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 263194d7a3
---------------------------
python3-google-auth: upgrade 2.47.0 -> 2.48.0
Features
----------
- honor NO_GCE_CHECK environment variable
- add configurable GCE Metadata Server retries
- add cryptography as required dependency
- Support the mTLS IAM domain for Certificate based Access
Bug Fixes
----------
- resolve circular imports
- Use user_verification=preferred for ReAuth WebAuthn challenge
- removes content-header from AWS IMDS get request
- detect correct auth when ADC env var is set but empty
- replace deprecated utcfromtimestamp
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4eda10a4ed
---------------------------
python3-gcovr: upgrade 8.5 -> 8.6
Changelog:
============
- Drop support for Python 3.9.Add support for Python 3.14.
- To avoid merge errors, add the line number to the name of the unknown function.
- If intermediate files are kept, rename the gcov files before processing them to log the final filename.
- Use the first line after a function definition and not the first line which is hit.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5e59d1806e
---------------------------
python3-fsspec: upgrade 2025.12.0 -> 2026.2.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6f4bcc14d4
---------------------------
python3-filelock: upgrade 3.24.2 -> 3.24.3
Changelog:
==========
- fix(ci): add trailing blank line after changelog entries
- fix(unix): handle ENOENT race on FUSE/NFS during acquire
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 62afcf971e
---------------------------
python3-fastapi: upgrade 0.128.0 -> 0.133.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b293419af6
---------------------------
python3-drgn: upgrade 0.0.33 -> 0.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: eae503c929
---------------------------
python3-dateparser: upgrade 1.2.2 -> 1.3.0
New features:
--------------
- search_dates() can now detect time spans from expressions like "past
- month", "last week", etc. For details, see the "Time Span Detection" section
- and the RETURN_TIME_SPAN, DEFAULT_START_OF_WEEK and
- DEFAULT_DAYS_IN_MONTH settings in the documentation.
Fixes:
--------
- Assume the current year if not specified
- Support expressions like "yesterday +1h"
- English: Support most 2-letter day-of-the-week names
- English: Support "in N weeks' time"
- Finnish: Support dates with "klo"
- Russian: Support compound ordinals
Cleanups and internal improvements:
-------------------------------------
- Fixed year expectation issues in tests.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 45e3541b9a
---------------------------
python3-cssselect2: upgrade 0.8.0 -> 0.9.0
Changelog:
==========
- Drop support of Python 3.9, support 3.14
- Support :host
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a0b58d6ca0
---------------------------
python3-coverage: upgrade 7.13.2 -> 7.13.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d608e61c82
---------------------------
python3-cmd2: upgrade 3.1.0 -> 3.2.2
License-Update: Updated copyright to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f60e9e1624
---------------------------
frr: upgrade 10.5.1 -> 10.5.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 83ca373577
---------------------------
thermald: upgrade to 2.5.11
Upgrade thermald to release 2.5.11.
This update includes the following changes:
- Clang-tidy fixes
- Added support for Wildcat Lake platform
- Fixes for CVE related to symbolic link exploitations
- D-Bus interface fixes
- Removal of power group handling after Thermal Monitor support deprecation
Signed-off-by: Priyansh Jain <priyansh.jain@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4b50ae5383
---------------------------
7zip: upgrade 25.01 -> 26.00
Release notes [1]:
* improved code for ZIP, CPIO, RAR, UFD, QCOW, Compound.
* 7-Zip File Manager: improved sorting order of the file list. It uses
file name as secondary sorting key.
* 7-Zip File Manager: improved Benchmark to support systems with more
than 64 CPU threads.
* the bug was fixed: 7-Zip could not correctly extract TAR archives
containing sparse files.
* some bugs were fixed.
License-Update: copyright years refreshed
[1] https://github.com/ip7z/7zip/releases/tag/26.00
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 321112dd2e
---------------------------
jwt-cpp: Add native class to support
Add also native class to support building the library for the host
system to use it e.g. with the newer dynamic SDK.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f1920a8760
---------------------------
bcu: upgrade 1.1.115 -> 1.1.128
1. Changelog:
Support i.MX952 15x15 EVK with Power group updated.
2. Update 0001-CMakeLists-do-not-use-vendored-libcurl.patch for 1.1.128
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7f55d23e65
---------------------------
ifuse: upgrade 1.1.4 -> 1.2.0
Changes:
- Switch to libfuse 3
- Require libimobiledevice 1.4.0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 58259850fe
---------------------------
owfs: upgrade 3.2p3 -> 3.2p4
Drop patch that's included in this release.
Changelog:
v3.2p4 is mainly a bugfix & cleanup release.
Enhancements
Add support for InfernoEmbedded soft-devices (GH-21)
Bug fixes
Fix bug (GH-55) related to split packet (GH-64)
Fix copy paste bug (474f06d)
Add \r to Http header to satisfy RFC2616 specification (GH-20)
Maintenance
build system cleanup (GH-72, GH-27, GH-16)
Fix missing files in source distribution (GH-70, GH-69)
Fix compilation with GCC10 (GH-62)
Minor fixes
Fix typos (GH-43 GH-23)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 93e33ae809
---------------------------
packagegroups: fix foldername
The correct folder name is "packagegroups", not "packageconfigs".
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b52fbf590f
---------------------------
zfs: upgrade 2.2.8 -> 2.4.1
Changelogs:
https://github.com/openzfs/zfs/releases
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 17866b5617
---------------------------
remmina: upgrade 1.4.36 -> 1.4.43
While touching this recipe, also switch to FreeRDP3 dependency,
which is still maintained, opposed to v2.
Changelogs:
https://gitlab.com/Remmina/Remmina/-/releases
1.4.43:
Add minimal macOS build support
Revert "Added kerberos-config plug"
Fix issue preventing SPICE plugin from being loaded
Do not calculate monitor shift if using freerdp_settings_set_monitor_def_array_sorted
1.4.42:
add option to enforce IPvX preference
Fix ssh x11 forwarding crashing in nixos
Add support for smartcard authentication
Add option to delay floating toolbar popup
Update FreeRDP checks to newer version
Fix typo
Update AppStream metadata !2684
update ffmpeg
Create named SPICE connection
Fix session stuck problem with KeePassXC
default dynamic resolution when supported issue
toolbar disappearance in some multi-monitor situations
Enable AAD support in Flatpak build
Create viewonly mode button on rcw toolbar
Permit css customization in scrolled window mode
src/remmina_ssh.c: zero-initialize RemminaSFTP structs
[plugins/rdp] fix memory leaks
Strip whitespace from quickconnect
[cmake] mark include_directories SYSTEM
[rdp] fix FreeRDP_MonitorLocalShift[XY]
fix various compiler warnings
UI: move view_toggle_button on the left
bug: double free on remmina_string_array_free
run update-translations.sh
Avoid Gettext incorrectly considering c-format
Disable save password prompt on quick connect authentication prompts
fix UB when connecting by link-local address
Added kerberos-tickets plug
Added kerberos-config plug
Fix floating toolbar popup regression in multimonitor
1.4.41:
Update keyboard mapping
Fix segfault that could happen when attempting to save a connection profile
Add ifdef to allow compilation without libssh
Add environment variable to prevent openssl config issue
Update snap to latest FreeRDP version
Toggle sending null or empty password when field is left blank
Add checks to allow FreeRDP2 compatibility
Fix KeyStroke function for SPICE plugin
Raise max length of username field to 300 from 100
Allow use of ssh command line arguments to create ssh connections
Fix use of default_value in remmina_file_get_int
Implement VNC connection timeout
Fix warnings
Prevent crash when pasting an image using RDP if gdk_pixbuf_save_to_buffer fails
Properly save and load color themes !2662
Fix Flatpak crash when moving floating tool bar
Save unlock password when set outside of the preferences menu
Update CMAKE_PREFIX_PATH in snapcraft.yaml
Properly implement keyboard interactive ssh authentication
Made hiding connection profile name on floating toolbar optional
Add a local terminal plugin
Allow Flatpak build to run commands
Allow users to connect to multiple connections or groups of connects at once
Create autostart directory if it does not exist.
Fix autostart directory create for flatpak.
Python Wrapper plugin: Fix typo + add comment for edge-case hinting that the plugin needs to be installed
Several small fixes and improving group connections
1.4.40:
Fix invalid free causing crash with sending keystrokes and clipboard contents
Fix SEGV when removing a non-exitend connection
Adjust floating toolbar to take up less space
Fix issue with multimonitor configuration needed for FreeRDP versions after 3.10.x
Add option to allow ssh-rsa keys to be used for ssh connections
Only set the max width and height to full monitor if using multimonitor
Fix typo
Revert calls back to uint
Fix issue with RDP scaling on connect
Add option to force multimonitor mode
Added the options to start connections in fullscreen mode and/or with dynamic resolution enabled for protocols that support the options
Allow empty passwords to be passed to FreeRDP
Allow import/export of ssh tunnel settings
hide local cursor when showing remote cursor
1.4.39:
Fix bug passing wrong value in SPICE plugin (Breaking compilation on some distributions)
1.4.38:
Add option to automatically copy ssh text when selected
Allow -c to work with www plugin
Don't prompt about closing connections with no connections
Mainly fixing memory leaks and some small bugs
1.4.37:
Implement horizontal smooth scrolling in RDP
Allow -c to work with www plugin
Add ability to lock message panels to one side of the window
fix dangling pointer in ssh_options_get_port invocation
Revert "[REM-2854] Add timeout option to handle VNC disconnects"
Fix OpenSSL include dir
Revert "[REM-3121] Handle GotFrameBufferUpdate on its own thread to prevent freeze"
fix compile warning that is failure with newer gcc versions
Add null check to prevent crash when pasting empty clipbaord
[REM-3086] Remove support for FreeRDP_SupportMonitorLayoutPdu to prevent loss of keyboard with xrdp
Don't rely on padding characters to be present to try decrypting passwords
Add option to immediately close VNC windows when they fail to...
Allow Remmina to use plugins immediately on download without needing a restart
Add plugin api to allow Remmina to display if a profile is...
Fix error message for failed RDP connection
Add more detail to bug report to make certain issues easier to solve
Resize icons to fit flatpak specifications
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2b86f1b03c
---------------------------
vlc: remove broken PACKAGECONFIGs
opencv: VLC fails to compile[1] with opencv 4.
freerdp: this version of VLC requires freerdp v1, however
the layer only provides v2 and v3. (For the next major,
currently in-development release, VLC 4, they have migrated to
freerdp2, thought it also just got EOL)
Due to these, remove these PACKAGECONFIGS< and explicitly
disable these features.
[1]: https://code.videolan.org/videolan/vlc/-/issues/22016
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b648cfc9dd
---------------------------
redis: drop recipe for v6.2.21
This version has been EOL for a year now. There are recipes for two other,
still maintained versions in the layer.
Drop this version.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 91fcee9f10
---------------------------
README.md: fix typos
Correct a couple of typos in the various readme files.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 948b1f751b
---------------------------
python3-autoflake: upgrade 2.3.1 -> 2.3.3
Changelog:
===========
- Update README.md
- Drop Python 3.8
- pre-commit-config: --py39-plus
- github/workflows: add Python 3.13 to the test matrix
- Fix TypeError in is_literal_or_name on unhashable set literals
- Fix IndexError in extract_package_name on malformed import lines
- pre-commit: update hooks and formatting
- github/workflows/upload-to-pypi: oidc
- pyproject: fix packaging
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f3602add3b
---------------------------
python3-asyncinotify: upgrade 4.3.2 -> 4.4.0
Changelog:
Add support for FreeBSD
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: de15d2844d
---------------------------
python3-astroid: upgrade 4.0.3 -> 4.1.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 82672eebc0
---------------------------
python3-asgiref: upgrade 3.11.0 -> 3.11.1
Changelog:
============
- SECURITY FIX CVE-2025-14550
- Fixed a regression in 3.11.0 in "sync_to_async" when wrapping a callable
with an attribute named "context".
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 09cc9579d4
---------------------------
postfix: upgrade 3.10.6 -> 3.10.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 470d42d9d4
---------------------------
pcsc-tools: upgrade 1.7.3 -> 1.7.4
Changelog:
===========
- 282 new ATRs
- pcsc_scan: display what the program expect from the user
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0079965ede
---------------------------
parallel: upgrade 20251122 -> 20260222
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7d09cfdb84
---------------------------
nautilus: upgrade 49.3 -> 49.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7a2ecc36be
---------------------------
nano: upgrade 8.7 -> 8.7.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 74f444bd34
---------------------------
mstpd: upgrade 0.1.0 -> 0.1.1
Changelog:
===========
- mstpctl: add showportparams cmd
- bridge-stp.in: use short-hand arguments for logger command
- bridge-stp.in: support different versions of pidof
- mstpctl-utils-functions.sh: fix shellcheck warnings
- Update bridge_track.c
- netif_utils: fix speeds > 65G
- ifupdown.sh.in: fix new shellcheck warnings
- libnetlink: fix socket file descriptor leak on error paths
- fix compilation for with GCC 15 / C23
- do not leak stack memory via struct holes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7a9fc125a6
---------------------------
mpich: upgrade 4.3.2 -> 5.0.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4c59be8493
---------------------------
mctp: upgrade 2.4 -> 2.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 430ff5e8a9
---------------------------
libspdm: upgrade 3.8.1 -> 3.8.2
Changelog:
============
- os_stub/openssllib: Allow building with older OpenSSL versions
- Ignore MSVC warning when compiling OpenSSL
- Bring fixes from main to 3.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c5e970cb1e
---------------------------
libpanel: upgrade 1.10.3 -> 1.10.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f15907b0c1
---------------------------
libgsf: upgrade 1.14.54 -> 1.14.55
Changelog:
=========
* Reduce stack usage.
* Documentation fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c47bc6df08
---------------------------
libdnet: upgrade 1.18.0 -> 1.18.2
Changelog:
===========
- fix copyright typo
- Fix encoding (iso-8859 -> utf-8) and add GL CI config
- config.h.in: Fix wrong return type
- Update master from devel branch
- Pull in latest development changes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 549e005d20
---------------------------
jwt-cpp: upgrade 0.7.1 -> 0.7.2
Changelog:
===========
- Improve as_date narrowing conversion from C4244 warning
- update trait dependencies to support CMake v4
- Fix linter error
- Update workflows for new GitHub Action Runner Images
- Support passing ssl library key handles to algorithms
- Update CMP0135 to new behaviour
- Fix error in CMake config-file package
- CMake: synchronize cmake_minimum_required from main CMakeLists.txt
- Reduce usage of std::time_t, std::chrono::system_clock::to_time_t and
system_clock::from_time_t in order to get correct dates when working with a
32bit application
- Fix set_expires_in not accepting non-default Period
- AppVeyor Warnings
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 853aecb2f9
---------------------------
imagemagick: upgrade 7.1.2-13 -> 7.1.2-15
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8f1cc0e211
---------------------------
gtksourceview5: upgrade 5.18.0 -> 5.19.0
Changelog:
=========
* Annotations: draw a background behind annotations; align to the right
when they fit (e.g. for diagnostics)
* GObject Introspection: fix nullable and callback destroy annotations
(get_location, get_match_style, scheduler, callbacks)
* Fix gutter text renderer text layout snapshot deprecation
* PHP language: highlight PHP 8.0 attributes and add new keywords
* New language: Cornish
* Translation updates
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 43d33eb4bb
---------------------------
gensio: upgrade 3.0.1 -> 3.0.2
Changelog:
=========
- Fix afskmdm shutdown issues
- Fix a crash if gensio_acc_disable() is called more than once.
- Allow the pcre2 package to be used.
- Fix a locking issue in cm108gpio.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5174bfeacb
---------------------------
feh: upgrade 3.11.2 -> 3.11.3
Changelog:
==========
* Support DOS-style \r\n line breaks when loading filelists. Note that
they will be saved with UNIX-style \n line breaks regardless of input
format. This is intentional.
* Fix --action, --info, --title and similar commands hard-coding the
maximum length of the formatted output to 4095 characters.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8d4b22bf08
---------------------------
ctags: upgrade 6.2.20260125.0 -> 6.2.20260222.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 43109b9265
---------------------------
cmark: upgrade 0.31.1 -> 0.31.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 052eca7394
---------------------------
catch2: upgrade 3.12.0 -> 3.13.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 61f8a5e8e5
---------------------------
byacc: upgrade 20241231 -> 20260126
License-Update: Copyright year updated to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9704626d52
---------------------------
bdwgc: upgrade 8.2.10 -> 8.2.12
License-Update: Copyright year updated to 2025.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0a67fd110b
---------------------------
asyncmqtt: upgrade 10.2.6 -> 10.3.0
Changelog:
=============
- Added Share Name character check.
- Implemented cmake package version checking.
- Fixed broker tool not delivering all retained messages when wildcard
subscription matches multiple topics.
- Added get_qos2_publish_handled_pids(), restore_qos2_publish_handled_pids(),
restore_packets(), and get_stored_packets() to client for convenient.
- get_endpoint() can be omitted now.
- Refined reconnect examples.
- Added websocket async_close timeout.
- Added documentation regarding stream reuse restrictions for TLS-related
streams.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 935b8c85a9
---------------------------
abseil-cpp: upgrade 20260107.0 -> 20260107.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ea7946e205
---------------------------
libsdl3-image: update 3.2.6 -> 3.4.0
- Fix license checksum: Copyright year has been changed
- Add support for av1 and jxl
- libavif is in meta-multimedia -> disable av1 by default
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: dbc8163677
---------------------------
tigervnc: Fix do_rootfs Error
Fix the following error:
ERROR: core-image-minimal-1.0-r0 do_rootfs: Postinstall scriptlets of ['tigervnc'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget:${PN} ().
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1dd10406bd
---------------------------
iperf2: Update CVE_PRODUCT
CPEs are registered for iperf_project2:iperf2 in addition to
iperf_project:iperf. By changing CVE_PRODUCT to an appends, this ensures
that both iperf and iperf2 CPEs are used for CVE matching.
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 14d464c150
---------------------------
python3-nltk: upgrade 3.9.2 -> 3.9.3
Contains fix for CVE-2026-14009.
Changelog:
* Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader
* Block path traversal/arbitrary reads in nltk.data for protocol-less refs
* Block path traversal/abs paths in corpus readers and FS pointers
* Validate external StanfordSegmenter JARs using SHA256
* Add optional sandbox enforcement for filestring()
* Maintenance: downloader/zipped models, CI/tooling updates
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d79130035f
---------------------------
freerdp: patch CVE-2026-23532
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23532
The related Github advisory[1] contains a detailed analysis about
the vulnerability. Pick the patch that describes the same
issue in its description.
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fq8c-87hj-7gvr
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: df8905be0f
---------------------------
freerdp: patch CVE-2026-23530
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-23530
The related Github advisory[1] contains an amalysis of the
vulenrability, describing the issue and the root cause also.
Backported the commit that implemented the solution described
in the advisory.
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-r4hv-852m-fq7p
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 64c630c0cb
---------------------------
python3-flask-jwt-extended: Upgrade 4.6.0 -> 4.7.1
Upgrade to release 4.7.1:
- Add controls for verify_sub option in PyJWT
From release 4.7.0:
- Drop support for python 3.7 and 3.8, add 3.13
- Fix documentation around identity needing to be a string
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7895e2db32
---------------------------
python3-flask-pymongo: Upgrade 2.3.0 -> 3.0.1
Upgrade to release 3.0.1:
- Fix link rendering in readme
- Fix handling of _version.py file
From release 3.0.0:
- Support Flask 3.0+ and PyMongo 4.0+.
- Support Python 3.9-3.13.
- Support MongoDB 4.4+.
- Add support for ~flask.json.jsonify().
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9ade3594a1
---------------------------
python3-flask-socketio: Upgrade 5.6.0 -> 5.6.1
Upgrade to release 5.6.1:
- Session fixes for Flask >= 3.1.3
- Update SocketIO constructor documentation
- Switch to the Furo documentation template
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a260bd01ac
---------------------------
python3-flask-cors: Upgrade 5.0.0 -> 6.0.2
Upgrade to release 6.0.2:
- Update license pyproject.toml
From 6.0.1:
- Invert regex sorting to make it correctly match the intent
(sorting by specificity descending)
- Fix README file extension in pyproject.toml
From 6.0.0:
- [CVE-2024-6839] Sort Paths by Regex Specificity
- [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote
- [CVE-2024-6866] Case Sensitive Request Path Matching
License-Update: Use line 6 from PKG-INFO
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fcee74c421
---------------------------
python3-flask-marshmallow: Upgrade 1.3.0 -> 1.4.0
Upgrade to release 1.4.0:
- Add missing commas in error message for validate.FileType
- Support Python 3.10-3.14
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0badc6de53
---------------------------
python3-flask: Upgrade 3.1.2 -> 3.1.3
Upgrade to release 3.1.3:
- The session is marked as accessed for operations that only access
the keys but not the values, such as in and len.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a8151a256d
---------------------------
python3-flask-migrate: Upgrade 4.0.7 -> 4.1.0
Upgrade to release 4.1.0:
- Accept arguments such as --directory in environment variables
- Fix minor typos in documentation
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3eb08d69ef
---------------------------
python3-flask-mail: Upgrade 0.9.1 -> 0.10.0
Upgrade to release 0.10.0:
- Drop support for Python < 3.8.
- Use pyproject.toml for packaging metadata.
- Use flit_core as build backend.
- Apply code formatting and linting tools.
- Add static type annotations.
- Deprecate the __version__ attribute. Use feature detection or
importlib.metadata.version("flask-mail") instead.
- Indicate that the deprecated is_bad_headers will be removed in
the next version.
- Fix the email_dispatched signal to pass the current app as the
sender and message as an argument, rather than the other way around.
- Attachment.data may not be None.
- Attachment.content_type will be detected based on filename and
data and will not be None.
License-Update: Use LICENSE.txt
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: eebcb01ee4
---------------------------
blueprint-compiler: remove recipe
The recipe has been moved to oe-core[1].
[1] https://git.openembedded.org/openembedded-core/commit/?id=4212392ca7ebf890e1e192ddd0e7dbe1f8dabcf2
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9eb1053a39
---------------------------
python3-appdirs:Add HOMEPAGE
Add HOMEPAGE in python3-appdirs.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1571c1a8e5
---------------------------
streamripper: ignore CVE-2020-37065
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-37065
The vulnerability is about a 3rd party Windows-only GUI frontend for
the streamripper library, and not for the CLI application that the
recipe builds. Due to this ignore this CVE.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9cbc4befe5
---------------------------
python3-werkzeug: upgrade 3.1.5 -> 3.1.6
Contains fix for CVE-2026-27199
Changelog: safe_join on Windows does not allow special devices names in multi-segment paths
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b76163f1bb
---------------------------
python3-pillow: upgrade 12.1.0 -> 12.1.1
Contains fix for CVE-2026-25990
Ptests passed successfully:
Testsuite summary
TOTAL: 5024
PASS: 4587
SKIP: 434
XFAIL: 3
FAIL: 0
XPASS: 0
ERROR: 0
Changelog:
Patch libavif for svt-av1 4.0 compatibility
Fix OOB Write with invalid tile extents
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 23ac8a6f36
---------------------------
live555: upgrade 20210824 -> 20260112
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 398fa05aa8
---------------------------
protobuf: ignore CVE-2026-0994
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0994
The vulnerability impacts only the python bindings of protobuf, which
is in a separate recipe (python3-protobuf, where it is patched).
Ignore this CVE in this recipe due to this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 70a90d49b9
---------------------------
polkit: add info about CVE-2016-2568
Details: https://nvd.nist.gov/vuln/detail/CVE-2016-2568
This commit mostly just tries to add some info to this issue, in the
hope that it will save some time for others who try to investigate it.
This CVE most probably will stay open in meta-oe in the foreseeable future,
although it can be mitigated reasonably easily by the users of the layer.
The description of the vulnerability is short enough that it can be
reproduced here: "pkexec, when used with --user nonpriv, allows local
users to escape to the parent session via a crafted TIOCSTI ioctl call,
which pushes characters to the terminal's input buffer."
The general consensus amongst developers/major distros[1][2][3] seems to be that
it should be mitigated on the kernel side, to not allow non-privileged
users to fake input.
To this end, the kernel has introduced a new config in v6.2, called
CONFIG_LEGACY_TIOCSTI - when it is enabled, non-privileged used can
also fake input. It is however by default enabled (and it is also enabled
in the kernels shipped in oe-core, at least at the time of writing this).
Disabling this kernel config is considered to be the mitigation, to allow
input-faking only by privileged users.
[1]: https://security-tracker.debian.org/tracker/CVE-2016-2568
[2]: https://bugzilla.suse.com/show_bug.cgi?id=968674
[3]: https://marc.info/?t=145694748900001&r=1&w=2 / https://marc.info/?l=util-linux-ng&m=145702209921574&w=2
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f059dcebc3
---------------------------
openjpeg: patch CVE-2023-39327
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-39327
Take the patch that is used by OpenSUSE to mitigate this vulnerability.
Upstream seems to be unresponsive to this issue.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1f70d339eb
---------------------------
minidlna: ignore CVE-2024-51442
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-51442
The description of the vulnerability says "attacker [...] execute arbitrary
OS commands via a specially crafted minidlna.conf configuration file".
There is no official fix for this CVE, and upstream seems to be inactive
for the past 3 years.
The reason for ignoring this CVE is that the referenced minidlna.conf
file is in the /etc folder, and the file is not world-writable. Which
means that this vulnerability can be exploited only when someone is
root - but if the attacker is already root, they don't need to resort
to minidlna config-file modifications to execute any command they want.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a4583e0e80
---------------------------
libcdio: mark CVE-2024-36600 fixed
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-36600
The vulnerability is fixed since 2.2.1.rc1[1], and officially
since v2.3.0. However NVD tracks it like v2.3.0 was still vulnerable.
Mark the CVE explicitly patched.
[1]: https://github.com/libcdio/libcdio/blob/master/NEWS.md
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4d6e24106c
---------------------------
gnome-shell: ignore CVE-2021-3982
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-3982
The vulnerability is about a privilege escalation, in case
the host distribution sets CAP_SYS_NICE capability on the
gnome-shell binary.
OE distros don't do that, and due to this this recipe is not
affected by this issue. The CVE is ignored.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9dec2c8aef
---------------------------
gimp: ignore already fixed CVEs
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0797
https://nvd.nist.gov/vuln/detail/CVE-2026-2044
https://nvd.nist.gov/vuln/detail/CVE-2026-2045
https://nvd.nist.gov/vuln/detail/CVE-2026-2047
https://nvd.nist.gov/vuln/detail/CVE-2026-2048
All these CVEs are already fixed in the recipe version, however
NVD tracks them currently without CPE info. Ignore them.
Relevant upstream commits:
CVE-2026-0797: https://gitlab.gnome.org/GNOME/gimp/-/commit/ca449c745d58daa3f4b1ed4c2030d35d401a009d
Note that the commit referenced by NVD is incorrect. This commit
was identified from the relevant upstream Gitlab issue:
https://gitlab.gnome.org/GNOME/gimp/-/issues/15555
CVE-2026-2044: https://gitlab.gnome.org/GNOME/gimp/-/commit/3b5f9ec2b4c03cf4a51a5414f2793844c26747e5
CVE-2026-2045: https://gitlab.gnome.org/GNOME/gimp/-/commit/bb896f67942557658b3fbfc67a1c073775c002c7
CVE-2026-2047: https://gitlab.gnome.org/GNOME/gimp/-/commit/5873e16f80cf4152d25a4c86b08553008a331e90
CVE-2026-2048: https://gitlab.gnome.org/GNOME/gimp/-/commit/fa69ac5ec5692f675de5c50a6df758f7d3e45117
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3cabaa4ee7
---------------------------
freerdp: ignore CVE-2026-22853
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22853
The vulnerable feature was introduced in v3.9.0[1], the
recipe version is not affected. Ignore this CVE.
[1]: https://github.com/FreeRDP/FreeRDP/commit/a4bd5ba8863c0959501d4604159042a311dae85a
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e3fbcd0250
---------------------------
freerdp: patch CVE-2026-22852
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22852
The related github advisory[1] comes with an analysis of the
vulnerability, including pointing to the vulnerable code
snippet. Backported the commit that touched the mentioned
code part in the fixed version, and is in line with the
description of the issue.
Ptests passed successfully.
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3e32683d88
---------------------------
python3-gunicorn: Upgrade 24.1.1 -> 25.1.0
Upgrade to release 25.1.0:
- Control Interface (gunicornc): Add interactive control interface
for managing running Gunicorn instances, similar to birdc for
BIRD routing daemon
- Unix socket-based communication with JSON protocol
- Interactive mode with readline support and command history
- Commands: show all/workers/dirty/config/stats/listeners
- Worker management: worker add/remove/kill, dirty add/remove
- Server control: reload, reopen, shutdown
- New settings: --control-socket, --control-socket-mode,
--no-control-socket
- New CLI tool: gunicornc for connecting to control socket
- Dirty Stash: Add global shared state between workers via dirty.stash
- In-memory key-value store accessible by all workers
- Supports get, set, delete, clear, keys, and has operations
- Useful for sharing state like feature flags, rate limits, or
cached data
- Dirty Binary Protocol: Implement efficient binary protocol for
dirty arbiter IPC using TLV (Type-Length-Value) encoding
- More efficient than JSON for binary data
- Supports all Python types: str, bytes, int, float, bool, None,
list, dict
- Better performance for large payloads
- Dirty TTIN/TTOU Signals: Add dynamic worker scaling for dirty
arbiters
- Send SIGTTIN to increase dirty workers
- Send SIGTTOU to decrease dirty workers
- Respects minimum worker constraints from app configurations
- ASGI Worker: Promoted from beta to stable
- Dirty Arbiters: Now marked as beta feature
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 05308bb72d
---------------------------
python3-isort: Upgrade 7.0.0 -> 8.0.0
Upgrade to release 8.0.0:
- Update CHANGELOG for version 8.0.0
- Fix edge case of __future__ import
- Fix the Plone profile to be compatible with black
- Remove the setuptools plugin
- Turn some warnings into errors in test suite
- chore: replace black with ruff in clean.sh
- feat!: remove old finders flag and legacy finder logic
- Fix whitespace insensitive check triggering on tabs
- Fix line separator detection not considering form feed as white space
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 53636bd5f2
---------------------------
python3-mpmath: Upgrade 1.3.0 -> 1.4.0
Upgrade to release 1.4.0:
- Support underscores as digit separators per PEP 515
- Add rationals converter for mpf's
- Rewrite bernpoly/eulerpoly to avoid dependency on bernoulli(1)
convention
- Support base kwarg for from_str()
- Support randmatrix() for mp.iv and mp contexts
- Added rank() function for matrices
- Add plus flag to select the B_1 sign convention for
bernoulli/bernfrac
- Add mpf.as_integer_ratio() method, support construction of mpf
from Decimal objects
- Expose lower/upper_gamma functions
- Support mpc initialization from string
- Support asinh/acosh/atanh in the fp context
- Support binary/octal/hexadecimal string output
- Support pickling for matrices and mpi
- Support matrix.__array__() dunder method
- Support more number syntaxes
- Run mpmath as a module for interactive work
- Add signed option to to_man_exp()
- Add fp.hypot
- Support inf/nan's in ctx.almosteq()
- Implement mpf.__format__()
- Support conversion from scalar ndarray's
- Support rounding modes in mpf.__format__
- Support '%' presentation type for mpf
- Support gmpy2-like rounding modes in to_str()
- Implement 'a'/'A' formating types for mpf.__format__
- Add mpc.__format__()
- Now mpf.__round__() returns mpf
- Support 'b' (binary) format type for mpf/mpc
- Implement mpf.__floordiv__() and mpf.__divmod__()
- Add parameters for MPContext constructor
- Add MPFR-compatible aliases for rounding modes
- Support negative indexes in matrix
- Better introspection support for decorated functions
- Add moving sofa demo
- Support spherical Bessel functions (jn/yn)
- Add pretty_dps context property to control number of printed digits
- Support thousands separators for formatting of fractional part
- Use PyREPL, as fallback (no IPython)
- Add exp2() and log2()
- Support rounding property for the mp context
- Add Fox H-function with rational A/B parameters (foxh())
- Provide experimental support for free-threading builds
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 172c473caf
---------------------------
libgpiod: update to v2.2.3
Bug-fix release addressing a couple problems in gpio-manager and tests.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e3b6caa4f1
---------------------------
webmin: upgrade 2.501 -> 2.520
Changelog: https://github.com/webmin/webmin/releases/tag/2.520
Changelog: https://github.com/webmin/webmin/releases/tag/2.510
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6ba45c1f94
---------------------------
Revert "libsdl3-image: update 3.2.6 -> 3.4.0"
This reverts commit 0d686b2c5bbe92f4acadb2547b6fc81bf21979de.
---------------------------
Commit: 7bc93734b8
---------------------------
hplip: set CVE_PRODUCT
This recipe gets CVEs with two CPEs: hplip and linux_imaging_and_printing.
Set the CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from PRODUCTs where PRODUCT in ('hplip', 'linux_imaging_and_printing');
CVE-2009-0122|hp|hplip|2.7.7|=||
CVE-2009-0122|hp|hplip|2.8.2|=||
CVE-2015-0839|hp|linux_imaging_and_printing|||3.17.7|<=
CVE-2025-43023|hp|linux_imaging_and_printing|||3.25.2|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 40cef597b4
---------------------------
python3-evdev: Upgrade 1.9.2 -> 1.9.3
Upgrade to release 1.9.3:
- Drop support for Python 3.8 and raise setuptools version to 77.0
- Use an SPDX license
- Fix memory leaks
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 79845f8552
---------------------------
python3-stevedore: Upgrade 5.6.0 -> 5.7.0
Upgrade to release 5.7.0:
- Add typing classifier
- Enable logging related ruff checks to extend the enforced format
rules related to logging.
- Delay string interpolations at logging calls
- Remove reference to tag framework because the framework was
removed.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8c2f53cd0b
---------------------------
pipewire: update 1.4.10 -> 1.6.0
PipeWire 1.6.0 (2026-02-19)
This is is the 1.6 release that is API and ABI compatible with previous
1.4.x releases.
This release contains some of the bigger changes that happened since
the 1.4 release last year, including:
* An LDAC decoder was added for bluetooth.
* SpanDSP for bluetooth packet loss concealment.
* Safe parsing and building of PODs in shared memory.
* Added support for metadata features. This is used to signal that
the sync_timeline metadata supports the RELEASE operation.
* Node commands and events can contain extra user data.
* Support for more compressed format helper functions to create
and parse formats.
* Support for compile time max channels. The max channels was
increased to 128.
* Support for audio channel layouts was added. This makes it possible
to set "audio.layout" = "5.1" instead of the more verbose
audio.position = [ FL, FR, FC, LFE, SL, SR ]
* Support for Capability Params was added. This can be used to
negotiate capabilities on a link before format and buffer
negotiation takes place.
* More HDR colortypes are added.
* Loops now have locking with priority inversion. Most code was adapted
to use the faster locks instead of epoll/eventfd to update shared state.
* Channel position are parsed from EDID data.
* Channel maps are now set on ALSA.
* The resampler now supports configurable window functions such
as blackman and kaiser windows. The phases are now also calculated
with fixed point math, which makes it more accurate.
* Many bluetooth updates and improvements.
* The filter-graph has an ffmpeg and ONNX plugin. The ffmpeg plugin
can run an audio AVFilterGraph. The ONNX plugin can run some models
such as the silero VAD.
* Many AVB updates. Work is ongoing to merge the Milan protocol.
* Support for v0 clients was removed.
* The jack-tunnel module can now autoconnect ports.
* ROC support multitrack layouts now.
* Many RTP updates.
* rlimits can now be set in the config file.
* Thread reset on fork can now be configured. JACK clients expect this
to be disabled.
* node.exclusive is now enforced.
* node.reliable enables reliable transport.
* pw-cat supports sysex and midiclip as well as some more uncompressed
formats. Options were added to set the container and codec formats
as well as list the supported containers, codecs, layouts and channel
names.
* Documentation updates.
Highlights (since the previous 1.5.85 prerelease)
- Fix a 64 channel limit in the channel mixer.
- Fix an fd leak in pulse-server in some error cases.
- Some small fixes and improvements.
PipeWire
- Fix Capability leaks.
- Return an error in pw-stream get-time when not STREAMING.
- Set the current time in the driver position before starting.
Some followers might look at it.
Modules
- Improve default channel handling in module-filter-chain.
- Support source and sink only module-filter-chain.
- Tweak the filter-chain spatializer example gains.
- Handle new snapcast service type. (#5104)
- Implement socket activation without depending on libsystemd.
- Support ipv4 link-local addresses in RAOP and snapcast. (#4830)
- Forward ROC-toolkit logs to pipewire.
SPA
- Improve default channel handling in filter-graph. (#5084)
- Clamp control values to min/max. (#5088)
- Support mode JBL gaming headsets.
- Handle some SOFA errors and add gain option.
- Really handle more than 64 channels in the channelmixer. (#5118)
- Allow removal in ALSA-udev of ignored cards.
pulse-server
- Fix mono mixdown query.
- Expose headset autoswitch message.
- Handle EPROTO errors by disconnecting.
- Handle timeouts in play-sample streams. (#5099)
GStreamer
- Fix crop metadata.
- Fix a race in the buffer release function.
Tools
- Improve format support and detection in pw-cat.
- Add some more options to pw-cat to list supported containers
and formats. (#5117)
Older versions:
PipeWire 1.5.85 (2026-01-19)
This is the fifth and hopefully last 1.6 release candidate that
is API and ABI compatible with previous 1.4.x, 1.2.x and 1.0.x
releases.
Highlights
- Fix errors in older clients that blindly mmap buffer data.
- ALSA channel mapping should work in more cases.
- Fix an overflow in the resampler with some sample rates.
- Device ID negotiation for DMABUF was added.
- The channelmixer can now also downmix most REAR and TOP
channel positions.
- Various small fixes and improvements.
PipeWire
- Avoid doing flushing invoke in pw-stream. (#5010)
- Fix stream time delay calculations in some cases. (#4957)
- Avoid suspending a node when the ports are busy.
Modules
- Mode AVB module updates.
- Remove MAPPABLE flag from memptr data in client-node. This avoids
errors in older clients that blindly map buffers. (#5003)
- Don't leak the filter-chain module in module-parametric-equalizer.
(#5045)
- make it possible to run pulse tunnel sink and source with the same
name. (#5079)
SPA
- The delay filter in filter-graph now has feedback and feedforward
options to make it possible to implement comb and allpass filters.
- The resampler can be compiled with a custom default quality.
- Firewire latency is scaled correctly now. (#4977)
- The mixer will only passthrough dynamic data.
- Fix filter-graph state in audioconvert after flush.
- Set the channel map in ALSA nodes to tell ALSA our channel layout
and avoid wrong channels.
- Fix AVX2 function, make sure they don't run on AVX-only CPUs.
(#5072)
- Fix an overflow and crash when too many phases are used in the
resampler. (#5073)
- Add some more channel downmix positions, mostly REAR and TOP
channels.
pulse-server
- Add a message to enable mono mixdown.
Tools
- Support filenames in raw mode in pw-cat. (#5012)
- Enable clipping in spa-resample.
examples
- Update device ID negotiation examples.
Docs
- Document the resampler properties better.
PipeWire 1.5.84 (2025-11-27)
This is the fourth 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
Changes since the last pre-release:
Highlights
- Capabilities wer added to improve negotiation over links.
- The audio resampler now has a configurable window function to better
tune the resampler quality. A kaiser and blackman window was added
and the default parameters were tuned.
- Various small fixes and improvements.
PipeWire
- Capabilities and PeerCapabilities were added to exchange key/value
pairs between consumer and producer right after a link is made. This
can be used to detect how the negotiation of formats and buffers
should be done.
Modules
- Avoid segfaults in RTP source. (#4970)
- The AVB module has seen some improvements.
Pulse-server
- @NONE@ can now be used to clear the default sink/source.
SPA
- Support longer convolver filenames and also support inline
IRs.
- The audio resampler window function is now selectable and
configurable. A kaiser window and blackman window was added
and the default qualities were tweaked to improve quality.
- The filter-graph convolver latency is now set by default to
something more sensible. (0 by default and N/2 for hilbert).
(#4980)
Bluetooth
- Better xrun and error handling for iso streams.
- The +CNUM reply was fixed.
- The CIEC call status was fixed. (#1744)
- Add BAP context metadata to improve compatibility.
- Improve compatiblity with Creative Zen Hybrid Pro by releasing
transports simultaneously.
PipeWire 1.5.83 (2025-11-06)
This is the third 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
Changes since the last pre-release:
Highlights
- Include the NEWS and updated version number.
PipeWire 1.5.82 (2025-11-06)
This is the second 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
Changes since the last pre-release:
Highlights
- The max channel limit is now a compile time option.
- The SAP and RTP module have seen some robustness improvements.
- Add audio.layout propperty.
- Cleanups to the code here and there.
PipeWire
- Handle Tags more like Latency with a NULL param when no ports are linked
and some sort of (empty) Tag when the ports are linked.
Modules
- Improve the echo-cancel module to keep the streams more aligned
and cause less latency.
- Improve format parsing errors in most modules.
- The RTP module now has extra code for better network robustness, including
cases when network interfaces are not yet up and running, and multicast
sockets are silently kicked out of IGMP groups.
- The direct timestamp mode in the RTP module was effectively broken and is
now fixed.
- Add support for audio.layout.
- Add multichannel support to ROC.
SPA
- Rework the maximum number of channel handling. Because this is a
potential ABI break, it is now a compile time option with new
functions to handle more than the previous 64 channels.
- The 64 channel limit was removed from the noise shaper.
- spa_strbuf is used in more places instead of custom snprintf code.
- The volume ramp code was simplified.
- The driver node now has properties to configure the clock.
- The adapter will try to renegotiate when the driver changes.
- Fix relaxed array parsing with od number of elements. (#4944)
- audio.layout was added to set the channel positions to some
predefined layouts.
- Added more POD choice checks to ensure the right amount of values
are present in the choice.
- Fix __has_attribute usage. (#4962)
- Thread RESET_ON_FORK is now disabled for JACK application so that
forking will preserve any real-time thread priorities, like JACK.
(#4966)
- Fix some compilation issues. (#4960 and #4961).
Pulse-server
- Fix missing subscription events on device port changes.
- Increase min.quantum to 256/48000. (#4875)
GStreamer
- Avoid overflow in clock time calculations.
- Fix renegotiation.
Docs
- Swap the name and id of device.product
PipeWire 1.5.81 (2025-10-16)
This is the first 1.6 release candidate that is API and ABI
compatible with previous 1.4.x, 1.2.x and 1.0.x releases.
In addition to all the changes backported to 1.4.x, this release
also contains some new features:
Highlights
- The link negotiation code was refactored and improved.
Applications now have more options for selecting the default
values and restricting the available options. The default
negotiation code will now attempt to better match the application
suggested values.
- The loop now has support for locking with priority inversion. Most
of the code was updated to use the locks instead of invoke to
get proper concurrent updates with the loop. The Thread loop
functionality of locks, signal and wait was moved to the SPA loop.
This guarantees better real-time behaviour because inter-thread
synchronization does not have to pass eventfd/epoll.
- The control stream parser was rewritten to be safe against concurrent
updates while parsing, which can occur when parsing shared memory.
It also has extra checks to avoid integer overflows and undefined
behaviour.
- MIDI 2.0 clip support was added to the tools.
- Bluetooth ASHA (Audio Streaming for Hearing Aid) support was added.
- The ALSA node setup was tweaked to provide low latency with the ALSA
Firewire driver.
- Better support for explicit sync. It is now possible to negotiate
extra features to know if a consumer will signal the sync objects and
implement a fallback using a reliable transport.
- Many bug fixes and improvements.
PipeWire
- Avoid process calls in disconnect in pw-stream. (#3314)
- Disable PipeWire services for root.
- The link negotiation was refactored and improved. Drivers now
always have a lower priority in deciding the final format.
- Backwards compatibility with the v0 protocol was removed.
- pw-stream and pw-filter will now refuse to queue a buffer that
was not dequeued before.
- Object properties will now be updated on the global as well.
- The priority of config overrides is correct now. (#4816)
- Async links now correctly report 1 extra quantum of latency.
- node.exclusive and the new port.exclusive flag are now enforced
by PipeWire itself.
- A new timer-queue helper was added to schedule timeouts.
- node.terminal and node.physical properties are now copied to the
ports to make it possible to create virtual sources and sinks
for JACK applications.
- Port properties will now be dynamically updated when the node
properties they depend on are updated.
- Passive leaf nodes are now handled better. Now they will also
run when the peer is active. (#4915)
- Reliable transport has been added for output ports. This can be
used in some cases if the producer wants to ensure buffers are
consumed by a consumer. (#4885)
- Context properties now support rlimit.<resource> properties to
configure rlimits. (#4047)
Modules
- Close SyncObj fds.
- module-combine-stream has better Latency reporting.
- The JACK tunnel can now optionally connect ports.
- module-loopback has better Latency reporting.
- A Dolby Surround and Dolby Pro Logic II example filter config
was added.
- Filter-chain can now resample to a specific rate before running the
filters. This is useful when the filter-graph needs to run at a
specific rate.
- Avahi-poll now uses the timer-queue to schedule timeouts.
- Modules are ported to timer-queue instead of using timerfd directly
for non-realtime timers.
SPA
- The loop now has support for locking with priority inversion. Most
of the code was updated to use the locks instead of invoke to
get proper concurrent updates with the loop. The Thread loop
functionality of locks, signal and wait was moved to the SPA loop.
- UMP to Midi 1.0 conversion was improved, some UMP events are now
converted to multiple Midi 1.0 messages. (#4839)
- The POD filter was refactored and improved. It is now possible to
use the default value of the output by specifying an invalid input
default value.
- The POD parser was made safe for concurrent updates of the memory
it is parsing. This is important when the POD is in shared memory
and the parser should not access invalid memory.
- Some hardcoded channel limits were removed and now use the global
channel limit. More things can dynamically adapt to this global
limit. The max number of channels was then bumped to 128.
- The POD builder is safe to use on shared memory now and tries to
avoid many integer overflows.
- Most debug functions are safe to be used on shared memory.
- User specified Commands and Events are now possible.
- The SPA_IO_CLOCK_FLAG_DISCONT was added to spa_io_clock to signal
a discont in the clock due to clock change.
- AC3, DTS, EAC3, TRUEHD and MPEGH now have helper parser functions.
- H265 was added as a video format. (#4674)
- SPA_PARAM_PeerFormats was added to let a port know about its peer
formats in order to better filter possible conversions.
- More color matrices, transfer functions and color primaries.
- The echo-canceler is enabled now.
- Pro-Audio mode now uses 3 periods by default. This lowers the
latency on some drivers (Firewire). The latency of Firewire is
also reported correctly now.
- The ALSA DLL bandwidth is configurable now.
- The resampler now uses fixed point for the phases and is a little
faster when updating adaptive rates.
- The convolver is a little faster by swapping buffers instead of
copying samples.
- Latency and ProcessLatency support was added to filter-graph.
(#4678)
- Audio channel position support was added to filter-graph.
- A new ffmpeg avfilter plugin was added to filter-graph.
- A new ONNX filter was added to filter-graph.
- A debug, pipe, zeroramp and noisegate filter was added to the
filter-graph. (#4745)
- The filter-graph lv2 plugin now supports options and state.
- videoconvert was greatly improved.
- The v4l2 plugin can negotiate DMABUF with modifiers.
- Colorimetry information was added to v4l2 and libcamera.
- Audioconvert can handle empty buffers more efficiently.
- Improve the POD compare functions for Rectangle.
- There is now a SPA_POD_PROP_FLAG_DROP flag to drop the property when
the property is missing from one side.
- A new FEATURE choice was added that is basically a flags choice with
a FLAG_DROP property.
- Metadata features were added. This is a way to negotiate new features
for the metadata. (#4885)
- DSD playback with pw-cat has been improved.
- Compatibility and xrun prevention for the SOF driver has been
improved. (#4489)
- The filter-graph max plugin can now have 8 input channels.
- Buffer Negotiation between the mixer port and the node ports is much
improved. (#4918)
- An offline AEC benchmark was added.
- Channel positions are now read from HDMI ELD when possible.
- Audioconvert and filter-graph now also support properties of Long
and String types.
ACP
- It's possible to disable the pro-audio profile.
- Support for Logitech Z407 PC Speakers was improved.
- Support for Razer BlackShark v3.
- Fix volume rounding down causing mute. (#4890)
Tools
- pw-cat can now play and record MIDI 2.0 Clips, which is the
official format for storing MIDI 2.0 UMP data. pw-midi2play
and pw-midi2record were added as aliases.
- pw-cat can now upload sysex files. The pw-sysex alias was
added for this.
- The pw-link tool now has a -t option to list port latencies.
It also has better monitor support.
- pw-top can now clear the ERR column with the c key.
- pw-cli now keeps the types of the variables it stores and avoid
using wrongly typed variables that can crash things. It can now
also list the available variables.
- pw-dump can now output raw JSON and SPA JSON.
- pw-dump has configurable indentation level.
- pw-mididump can be forced to output MIDI 1.0 messages.
- pw-profiler now uses doubles for extra precision.
- pw-top now marks the async nodes with =.
Bluetooth
- Telephony improvements.
- ASHA support was added.
- Packet loss concealment was added.
- Improved synchronisation between LE Audio streams in the same group.
- Improved LE Audio device compatibility.
- LC3-24kHz voice codec was added (used by Airpods)
- LDAC decoding support added (requires separate decoder library)
Pulse-server
- The SUSPEND event is now correctly generated. fail-on-suspend is
now implemented.
- PA_STREAM_DONT_INHIBIT_AUTO_SUSPEND is now implemented. (#4255)
(#4726)
- RTP streams now have stream.properties for extra configuration.
- Timed out streams are now destroyed instead of lingering. (#4901)
- A new help and pipewire-pulse:list-modules core message was added.
JACK
- Port rename callbacks are now emitted correctly.
- Use safe POD parsing for the control sequences.
V4l2
- The wrapper now avoids a race while initializing PipeWire. (#4859)
GStreamer
- Colorimetry support was added.
- Cursor metadata is now exposed as ROI metadata.
- Many more updates.
Docs
- Document the client-node flow a bit more.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: be28379a19
---------------------------
can-isotp: drop recipe
This out-of-tree kernel module was mainlined in Linux 5.10.
The previous LTS kernel, 5.4 is EOL, and oe-core ships with newer
kernels - there is no need to keep this recipe around.
It also has an explicit SKIP_RECIPE tag, it wasn't tested since
a long time.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c1693752d7
---------------------------
python3-m2crypto: fix python3-m2crypto-native do_configure:prepend()
The recent workaround for https://github.com/swiftlang/swift/issues/69311
breaks python3-m2crypto-native, with error about missing e_os2.h file in
recipe-sysroot-native.
Apply do_configure:prepend to class-target only to fix.
Signed-off-by: Geoff Parker <geoffrey.parker@arthrex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 22c702491a
---------------------------
python3-matplotlib: Fix TMPDIR in debug binaries, [buildaths] errors
Fix errors like:
ERROR: python3-matplotlib-3.10.8-r0 do_package_qa: QA Issue: File
/usr/lib/python3.14/site-packages/matplotlib/backends/.debug/
_backend_agg.cpython-314-arm-linux-gnueabihf.so
in package python3-matplotlib-dbg contains reference to TMPDIR
[buildpaths]
Signed-off-by: Geoff Parker <geoffrey.parker@arthrex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 95e4da06e4
---------------------------
cfengine: upgrade 3.21.0 -> 3.26.0
Changelog: https://github.com/cfengine/core/blob/3.26.0/ChangeLog
License-Update: The project switched from pcre to pcre2. This small
change is incorporated in the license, where the dependencies are listed.
libpcre2 and OpenSSL is now a mandatory dependencies, the corresponding
PACKAGECONFIGs are dropped.
Patch that was incorporated in this release is also dropped.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 68c5fd3d85
---------------------------
cfengine: remove SKIP_RECIPE tag
The recipe compiles fine with OpenSSL 3, compatibility has been added in
version 3.20.
While here, fix some broken PACKAGECONFIGs too.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ced0eeb223
---------------------------
thermald: fix upstream check
Look at the correct URL for new tags and exclude incorrectly tagged [1]
2.15.10 release.
[1] https://github.com/intel/thermal_daemon/issues/504
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7e94be1f7b
---------------------------
thermald: include the correct HOMEPAGE
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6b77c52b0a
---------------------------
thermald: import from meta-intel
thermald now supports ARM platforms [1], so move it out of meta-intel
to allow broader reuse.
This version remains compatible only with x86 but a future recipe
upgrade should fix COMPATIBLE_MACHINE.
[1] thermal_daemon 1931a12e7e ("Add ARM backend and enable ARM platform detection")
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 16fb872ad6
---------------------------
vlc: upgrade 3.0.21 -> 3.0.23
Vlc can be compiled again against modern ffmpeg - the SKIP_RECIPE tag is removed.
Drop patches that became obsolete, because the underlying problems were solved.
Was able to build it successfully with meta-qt5, and also play a video in core-image-sato.
Some (opt-in) PACKAGECONFIGs are broken (not removed as part of this patch):
- freerdp - it requires a too old freerdp codebase
- opencv - it requires a too old opencv codebase
- vdpau - compilation fails (undefined symbol av_vdpau_get_surface_parameters),
not really sure about the reason
Changelog: https://github.com/videolan/vlc/blob/3.0.23/NEWS
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6de011f520
---------------------------
open62541: update to v1.4.16
Important changes from the v1.4.16 patch release notes:
- server: Block transfer of subscriptions between anonymous users
- server: Track transferred subscriptions for correct diagnostics counter update
- client: Don't close the SecureChannel when the servers sends a late async response
- pubsub: Add null check after UA_Array_new in addDataSetReaderConfig
- pubsub: Prevent NULL dereference in UA_DataSetMessage_decodeBinary
- pubsub: Initialize value in UA_NetworkMessage_decodePayload to avoid undefined behavior
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ca43e2b187
---------------------------
python3-flask-socketio: Upgrade 5.3.6 -> 5.6.0
Upgrade to release 5.6.0:
- Use Flask test client's own environ dict if it is available
- Add Python 3.13, 3.14 and pypy-3.11 to CI builds, drop 3.8 and 3.9
- Documentation: Added an example using the init_app() method
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c291a7c266
---------------------------
python3-socketio: Upgrade 5.11.2 -> 5.16.1
Upgrade to release 5.16.1:
- Use configured JSON module in managers
- Admin UI fixes: remove duplicate tasks, report transport upgrades
- Switch to Furo documentation template
- Add Python free-threading to CI
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 00c0a6966c
---------------------------
python3-engineio: Upgrade 4.9.0 -> 4.13.1
Upgrade to release 4.13.1:
- Document that a process can have only one custom JSON module
- Switch to Furo documentation template
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 85fa691790
---------------------------
sessreg: upgrade 1.1.3 -> 1.1.4
Drop 0001-Makefile.am-Error-Fix.patch - the error doesn't seem
to happen anymore.
License-Update: Removed the words "All rights reserved" from Oracle
copyright notices.
Shortlog:
Remove "All rights reserved" from Oracle copyright notices
meson: Add option to build with meson
Add --help and --version options
Improve man page formatting
man pages: fix warnings from `mandoc -T lint` and `groff -rCHECKSTYLE=10`
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 19ae3c84e2
---------------------------
redis: Add redis 8.0.0 recipe
Adding base 8.0.0 recipe for redis without any module configuration.
See https://github.com/redis/redis/tree/8.0.0?tab=readme-ov-file#redis-data-types-processing-engines-and-capabilities
for more details.
Signed-off-by: Eric Meyers <eric.meyers@arthrex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8da0f12830
---------------------------
python3-bumble: Upgrade 0.0.223 -> 0.0.225
Upgrade to release 0.0.225:
- Fix wrong LE event codes
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 97f1988367
---------------------------
python3-astroid: Upgrade 4.0.3 -> 4.1.0
Upgrade to release 4.1.0:
- Add support for equality constraints (``==``, ``!=``) in inference.
- Ensure ``ast.JoinedStr`` nodes are ``Uninferable`` when the
``ast.FormattedValue`` is ``Uninferable``. This prevents
``unexpected-keyword-arg`` messages in Pylint where the
``Uninferable`` string appeared in function arguments that were
constructed dynamically.
- Add support for type constraints (`isinstance(x, y)`) in inference.
- Make `type.__new__()` raise clear errors instead of returning `None`.
- Move object dunder methods from ``FunctionModel`` to ``ObjectModel``
to make them available on all object types, not just functions.
- ``lineno`` and ``end_lineno`` are now available on ``Arguments``.
- Add helper to iterate over all annotations nodes of function
arguments, ``Arguments.get_annotations()``.
- Skip direct parent when determining the ``Decorator`` frame.
- Add simple command line interface for astroid to output generated
AST. Use with ``python -m astroid``.
- Fix incorrect type inference for ``super().method()`` calls that
return ``Self``. Previously, astroid would infer the parent class
type instead of the child class type, causing pylint E1101 false
positives in method chaining scenarios.
- Add missing ``dtype`` and ``casting`` parameters to
``numpy.concatenate`` brain.
- Fix ``random.sample`` inference crash when sequence contains
uninferable elements.
- Fix ``random.sample`` crash when cloning ``ClassDef`` or
``FunctionDef`` nodes.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7578aa0b30
---------------------------
python3-bitstruct: Upgrade 8.21.0 -> 8.22.1
Upgrade to release 8.22.1:
- Fix float16 pack/unpack on big-endian systems
- Compile wheels for Inten macOS and Windows ARM
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 37ddc1b433
---------------------------
python3-telnetlib3: Upgrade 2.0.8- > 2.6.0
Upgrade to release 2.6.0:
- new: TLS support (TELNETS). open_connection() accepts an ssl
parameter (True, or an ssl.SSLContext). create_server() accepts
an ssl parameter (ssl.SSLContext). New CLI options: --ssl,
--ssl-cafile, --ssl-no-verify for telnetlib3-client;
--ssl-certfile, --ssl-keyfile and --tls-auto for telnetlib3-server
- new: the default server shell now displays Ready (secure: TLSv1.3)
for TLS connections (the protocol version shown is negotiated
dynamically).
- bugfix: telnetlib3-client now sets terminal mode to the server's
preference via WILL ECHO and WILL SGA negotiation. Use --raw-mode
to restore legacy raw mode for servers that don't negotiate.
- bugfix: telnetlib3-client declines MUD protocol options (GMCP,
MSDP, MSSP, MSP, MXP, ZMP, AARDWOLF, ATCP) by default. Use
--always-do or --always-will to opt in.
- bugfix: log output "staircase text" in raw terminal mode.
- bugfix: graceful EOF handling - connection close no longer prints
a traceback.
Fixes:
WARNING: python3-telnetlib3-2.6.0-r0 do_check_backend: QA Issue:
inherits setuptools3 but has pyproject.toml with hatchling.build,
use the correct class [pep517-backend]
License-Update: Remove garbage characters from ISC license text
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0ffe63d46d
---------------------------
python3-parso: Upgrade 0.8.5 -> 0.8.6
Upgrade to release 0.8.6:
- Switch the type checker to Zuban. It's faster and now also checks
untyped code.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 920fd295d6
---------------------------
gpiod-sysfs-proxy: update to v0.1.4
This update fixes a couple problems with the proxy daemon but also
addresses local issues with the recipe: modifies the systemd service to
pass attr_timeout=0 for better reliability and updates the test script.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1596998582
---------------------------
python3-multiprocess: new package
Add a recipe for a for of python's multiprocessing package that uses
dill for data marshalling.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d3a8ddcaaa
---------------------------
snapper: update 0.12.2 -> 0.13.0
- Remove 0001-Fix-build-with-boost-1.89.patch. Seems to be fixed
upstream
- Use manpages class
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 87a9e44a8d
---------------------------
dav1d: update 1.5.2 -> 1.5.3
Changes for 1.5.3 'Sonic':
--------------------------
1.5.3 is a minor release of dav1d, focused on RISC-V and maintenance:
- Misc small optimizations
- RISC-V assembly optimizations for ipred, emu_edge and w_mask,
and VLEN 512 for blend functions
- Fix issue with ivf files with 0 frames in tools
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 051eaf06fd
---------------------------
libsdl3: update 3.2.30 -> 3.4.0
- dont explicitly disable xinput support to fix compilation if x11
support is enabled (error: unknown type name 'XIRawEvent')
- add missing dependencies for libxcursor, xtst, xinput
In addition to lots of bug fixes and general system improvements, this release has some major themes of improved interoperability between the 3D GPU API and the 2D rendering API, improved Emscripten support, improved pen handling, and native support for PNG images.
Here is a full list of the API changes since the last release:
General:
Added SDL_CreateAnimatedCursor() to create animated color cursors
Added SDL_HINT_MOUSE_DPI_SCALE_CURSORS to automatically scale cursors based on the display scale
Added SDL_SetWindowProgressState(), SDL_SetWindowProgressValue(), SDL_GetWindowProgressState(), and SDL_GetWindowProgressValue() to show progress in the window's taskbar icon on Windows and Linux
Added GPU device creation properties to enable the GPU API on older hardware if you're not using these features:
SDL_PROP_GPU_DEVICE_CREATE_FEATURE_CLIP_DISTANCE_BOOLEAN
SDL_PROP_GPU_DEVICE_CREATE_FEATURE_DEPTH_CLAMPING_BOOLEAN
SDL_PROP_GPU_DEVICE_CREATE_FEATURE_INDIRECT_DRAW_FIRST_INSTANCE_BOOLEAN
SDL_PROP_GPU_DEVICE_CREATE_FEATURE_ANISOTROPY_BOOLEAN
SDL_PROP_GPU_DEVICE_CREATE_D3D12_ALLOW_FEWER_RESOURCE_SLOTS_BOOLEAN
Added SDL_PROP_GPU_DEVICE_CREATE_VULKAN_OPTIONS_POINTER to enable configuring Vulkan features when creating a GPU device
Added SDL_PROP_GPU_DEVICE_CREATE_VULKAN_REQUIRE_HARDWARE_ACCELERATION_BOOLEAN to allow requiring Vulkan hardware acceleration when creating a GPU device
Added SDL_GetGPUDeviceProperties() to query information from a GPU device:
SDL_PROP_GPU_DEVICE_NAME_STRING
SDL_PROP_GPU_DEVICE_DRIVER_NAME_STRING
SDL_PROP_GPU_DEVICE_DRIVER_VERSION_STRING
SDL_PROP_GPU_DEVICE_DRIVER_INFO_STRING
Added SDL_GetPixelFormatFromGPUTextureFormat() and SDL_GetGPUTextureFormatFromPixelFormat()
Added SDL_CreateGPURenderer() and SDL_GetGPURendererDevice() to create a 2D renderer for use with GPU rendering.
Added SDL_CreateGPURenderState(), SDL_SetGPURenderStateFragmentUniforms(), SDL_SetGPURenderState(), and SDL_DestroyGPURenderState() to use fragment shaders with a GPU 2D renderer
Added SDL_PROP_TEXTURE_CREATE_GPU_TEXTURE_POINTER to create a 2D texture from an existing GPU texture
Added SDL_PROP_TEXTURE_GPU_TEXTURE_POINTER to get the GPU texture from a 2D texture when using the GPU 2D renderer
Added support for YUV textures and HDR colorspaces to the GPU 2D renderer
Added support for textures with palettes, and SDL_GetTexturePalette() and SDL_SetTexturePalette() to interact with them
Added SDL_RenderTexture9GridTiled() to do tiled instead of stretched 9-grid texture rendering
Added SDL_GetDefaultTextureScaleMode() and SDL_SetDefaultTextureScaleMode() to set the texture scale mode for new textures
Added SDL_GetRenderTextureAddressMode() and SDL_SetRenderTextureAddressMode() to change the texture addressing mode
Added SDL_TEXTURE_ADDRESS_WRAP to allow wrapping of textures if the renderer has SDL_PROP_RENDERER_TEXTURE_WRAPPING_BOOLEAN set
The default YUV colorspace is BT.601 limited range, for compatibility with SDL2
Added SDL_SCALEMODE_PIXELART as an improved scaling algorithm for pixel art without introducing blurring
Added SDL_FLIP_HORIZONTAL_AND_VERTICAL to flip a surface both horizontally and vertically
Added SDL_LoadPNG(), SDL_LoadPNG_IO(), SDL_SavePNG(), and SDL_SavePNG_IO() to load and save PNG images
Added SDL_LoadSurface() and SDL_LoadSurface_IO() to detect BMP and PNG formats and load them as surfaces
Added SDL_PROP_SURFACE_ROTATION_FLOAT to indicate the rotation needed to display camera images upright
Added SDL_RotateSurface() to create a rotated copy of a surface
SDL_EVENT_WINDOW_EXPOSED now sets data1 to true if it is sent during live resizing
Added SDL_EVENT_DISPLAY_USABLE_BOUNDS_CHANGED, which is sent when the usable desktop bounds change
Added SDL_EVENT_SCREEN_KEYBOARD_SHOWN, which is sent when the on-screen keyboard has been shown
Added SDL_EVENT_SCREEN_KEYBOARD_HIDDEN, which is sent when the on-screen keyboard has been hidden
Added pinch gesture events: SDL_EVENT_PINCH_BEGIN, SDL_EVENT_PINCH_UPDATE, SDL_EVENT_PINCH_END
SDL_EVENT_AUDIO_DEVICE_ADDED will be sent during initialization for each audio device
SDL_GetCameraPermissionState() returns SDL_CameraPermissionState instead of int
Added SDL_PutAudioStreamDataNoCopy() to do more efficient audio stream processing in some cases
Added SDL_PutAudioStreamPlanarData() to add planar audio data instead of interleaved data to an audio stream
Added SDL_HINT_AUDIO_DEVICE_RAW_STREAM to signal that the OS shouldn't do further audio processing, useful for applications that handle noise canceling, etc.
Added SDL_PROP_AUDIOSTREAM_AUTO_CLEANUP_BOOLEAN to allow streams that persist beyond the audio subsystem lifetime.
Added enhanced support for 8BitDo controllers
Added enhanced support for FlyDigi controllers
Added enhanced support for Hand Held Legend SInput controllers
Added support for wired Nintendo Switch 2 controllers when built with libusb
Added SDL_hid_get_properties() to associate SDL properties with HID devices
Added SDL_PROP_HIDAPI_LIBUSB_DEVICE_HANDLE_POINTER to query the libusb handle from an SDL_hid_device, if it's been opened with libusb
Added SDL_SetRelativeMouseTransform() to add custom mouse input transformation
Added SDL_GetPenDeviceType() to determine whether a pen is on the screen or on a separate touchpad
SDL_HINT_MAIN_CALLBACK_RATE may be set to a floating point callback rate
Added SDL_GetEventDescription() to get an English description of an event, suitable for logging
Added SDL_PROP_IOSTREAM_MEMORY_FREE_FUNC_POINTER to allow custom freeing of the memory used by SDL_IOFromMem() and SDL_IOFromConstMem()
Added SDL_PROP_PROCESS_CREATE_WORKING_DIRECTORY_STRING to set the working directory for new processes
Added verbose log output when the DEBUG_INVOCATION environment variable is set to "1"
Added SDL_AddAtomicU32()
Added SDL_GetSystemPageSize() to get the system page size
Added SDL_ALIGNED() to signal that data should have a specific alignment
Windows:
Added SDL_HINT_RENDER_DIRECT3D11_WARP to enable D3D11 software rasterization
Using SDL_InsertGPUDebugLabel(), SDL_PushGPUDebugGroup(), and SDL_PopGPUDebugGroup() requires WinPixEventRuntime.dll to be in your PATH or in the same directory as your executable
Added SDL_PROP_DISPLAY_WINDOWS_HMONITOR_POINTER so you can query the HMONITOR associated with a display
SDL_HINT_AUDIO_DEVICE_STREAM_ROLE is used by the WASAPI audio driver to set the audio stream category
Added SDL_HINT_AUDIO_DEVICE_RAW_STREAM to signal whether the OS audio driver should do additional signal processing
Added SDL_HINT_WINDOWS_RAW_KEYBOARD_EXCLUDE_HOTKEYS to allow disabling some system hotkeys when in raw input mode
SDL_HINT_WINDOWS_GAMEINPUT is disabled by default
macOS:
Added SDL_HINT_MAC_PRESS_AND_HOLD to control whether holding down a key will repeat the pressed key or open the accents menu
Linux:
Added atomic support for KMSDRM
Added SDL_HINT_KMSDRM_ATOMIC to control whether KMSDRM will use atomic functionality
Added SDL_PROP_DISPLAY_WAYLAND_WL_OUTPUT_POINTER so you can query the wl_output associated with a display
Emscripten:
Added SDL_WINDOW_FILL_DOCUMENT to indicate that windows expand to fill the whole browser window
Added SDL_SetWindowFillDocument() to change whether windows expand to fill the whole browser window
Added SDL_PROP_WINDOW_CREATE_EMSCRIPTEN_CANVAS_ID_STRING to allow setting the SDL canvas ID, and SDL_PROP_WINDOW_EMSCRIPTEN_CANVAS_ID_STRING to query it on existing windows
Added SDL_PROP_WINDOW_CREATE_EMSCRIPTEN_KEYBOARD_ELEMENT_STRING to specify where keyboard input is bound, and SDL_PROP_WINDOW_EMSCRIPTEN_KEYBOARD_ELEMENT_STRING to query it on existing windows
iOS:
SDL now supports window scenes, fixing the warning "CLIENT OF UIKIT REQUIRES UPDATE"
Added SDL_PROP_WINDOW_CREATE_WINDOWSCENE_POINTER to specify the window scene for a window
visionOS:
The default refresh rate has been increased to 90Hz
SDL_SetWindowSize() changes the size of the window on Vision Pro headsets
PlayStation 2:
Added the following hints to control the display parameters: SDL_HINT_PS2_GS_WIDTH, SDL_HINT_PS2_GS_HEIGHT, SDL_HINT_PS2_GS_PROGRESSIVE, SDL_HINT_PS2_GS_MODE
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: eb4dab9818
---------------------------
libsdl2-compat: update 2.32.62 -> 2.32.64
- fix license checkksum: Copyright year has been changed
This is a stable bugfix release, with the following changes:
Fixed surface memory leak in some circumstances
Fixed mouse grab not persisting past window recreation
Fixed picking the correct fullscreen resolution
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0d686b2c5b
---------------------------
libsdl3-image: update 3.2.6 -> 3.4.0
- Fix license checksum: Copyright year has been changed
- Add support for av1 and jxl
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 87f62c8910
---------------------------
postgresql: upgrade 17.7 -> 17.8
License-Update: Update license year to 2026
Refreshed patches for version 17.8
Includes fix for CVE-2026-2003, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006
Release Notes:
https://www.postgresql.org/docs/release/17.8/
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7f3d7b7adb
---------------------------
libjxl: upgrade 0.11.1 -> 0.11.2
- fix tile dimension in low memory rendering pipeline (CVE-2025-12474)
- fix number of channels for gray-to-gray color transform (CVE-2026-1837)
- djxl: reject decoding JXL files if "packed" representation size overflows
size_t
https://github.com/libjxl/libjxl/releases/tag/v0.11.2
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ff397db3d1
---------------------------
dbus-cxx: update 2.6.0 -> 2.6.1
Changelog from upstream:
Some minor fixes for code generation. Qt6 is now properly detected.
Signed-off-by: Frede Hoey Braendstrup <frederikbraendstrup@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e19775fba8
---------------------------
libtoml11: move SRCREV below SRC_URI
According to the recipe style guide, SRCREV should be placed
below SRC_URI.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4e105b2749
---------------------------
libtoml11: add a BBCLASSEXTEND
A native version of libtoml11 may be needed for recipes such
as dnf5 in the future. Add it now.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4eefeb3357
---------------------------
libtoml11: add a cve_product
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4c7aaad52d
---------------------------
libtoml11: Add a bugtracker url
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ce96911f68
---------------------------
libtoml11: check PTEST_ENABLED instead of DISTRO_FEATURES
Checking for PTEST_ENABLED 1 is the preferred method for enabling
and disabling ptests for packages.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6a5cb4697b
---------------------------
libtoml11: use gitsm for SRC_URI
Using gitsm also allows for the revmoval of SRCREV_json and SRCREV_doctest.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2681b16e8a
---------------------------
libtoml11/files/0001-Remove-whitespace-in-operator.patch: change upstream-status
Change "Submitted" in 0001-Remove-whitespace-in-operator.patch to "Backport"
with the appropraite link to the relevant commit hash.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e1d3b9598e
---------------------------
libtoml11/files/run-ptest: cleanup
Shellcheck -oall warnings fixed:
- exit 1 if `cd tests` failes (SC2164)
- Double quote `./${atest}` to prevent globbing and word splitting. (SC2086)
- Check the test exit code directly intead of using $? (SC2181)
Other fixes:
- The shebang sould traditionally be /usr/bin/env sh in case
sh is not located in /bin.
- Do not remove tests.log for every test.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fddb601320
---------------------------
python3-flask-limiter: Add recipe
Rate limiting for flask applications. Add recipe for release 4.1.1:
- Ensure cli commands fail gracefully when cli dependencies
are not installed.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8d589e0705
---------------------------
python3-limits: Add recipe
Rate limiting utilities. Add recipe for release 5.8.0:
- Allow explicit keyword arguments for storage options for
username & password for storages that support it.
- Allow explicitly specifying startup_nodes through keyword
arguments for all redis cluster storages.
- Support IPv6 addresses in cluster locators in storage URI
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 62f73c9b4f
---------------------------
ifenslave: update link to homepage
The old link does not work anymore.
New page found based on other linuxfoundation.org link redirects.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 98576ba53f
---------------------------
bridge-utils: update link to homepage
The old link does not work anymore.
New page found based on other linuxfoundation.org link redirects.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 63e4dfcbc9
---------------------------
cups-filters: update link to homepage
The old link redirects here now.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0b3cc61e2a
---------------------------
thunar: upgrade 4.20.5 -> 4.20.7
Changelog: https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.20.7
Changelog: https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.20.6
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a310ed6fdb
---------------------------
python3-pyperf: Upgrade 2.9.0 -> 2.10.0
Upgrade to release 2.10.0:
- ReadTheDocs: use latest Ubuntu and Python
- Add BSD support for track-memory
- Docs: Update minimum Python version. Add matching badge
- Remove fallbacks for unsupported Python versions (< 3.9)
- Setup Dependabot for Github actions, bump checkout and
setup-python actions
- Recognise CPython as a JIT implementation
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 49b9d21b2e
---------------------------
python3-platformdirs: Upgrade 4.5.1 -> 4.9.2
Upgrade to release 4.9.2:
- docs(platforms): fix RST formatting and TOC hierarchy
- docs: restructure following Diataxis framework
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 05e9b81873
---------------------------
python3-tox: Upgrade 4.27.0 -> 4.36.1
Upgrade to release 4.36.1:
- ci(workflows): add explicit permissions to workflows
- Add architecture documentation
- docs(man): add Unix man page and composable CLI argument
inheritance
- Add new logging section in documentation
- Report TOML parse errors during config discovery instead of
silently ignoring them
- fix(execute): adopt CPython subprocess stream handling
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 08e0930e72
---------------------------
python3-filelock: Upgrade 3.20.3 -> 3.24.2
Upgrade to release 3.24.2:
- docs: restructure using Diataxis framework
- fix(test): resolve flaky write non-starvation test
- fix(rw): close sqlite3 cursors and skip SoftFileLock Windows race
License-Update: Move from Unlicense to MIT
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 83c76a57b0
---------------------------
kmscon: bump version to 9.3.2
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a38acde2a9
---------------------------
python3-lief: Upgrade 0.17.2 -> 0.17.3
Upgrade to release 0.17.3:
- Fix bug with resources
- Fix VA/RVA confusion in the PE's builder
This work was sponsored by GOVCERT.LU.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bd9d6239fd
---------------------------
yelp: add opengl to REQUIRED_DISTRO_FEATURES
webkitgtk3 requires this feature.
Also add wayland as an optional required feature, to match the
requirements of webkitgtk3.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e71b4eae2e
---------------------------
python3-trio: Upgrade 0.32.0 -> 0.33.0
Upgrade to release 0.33.0:
Bugfixes:
- Start supporting Android's new "android" sys.platform.
Deprecations and removals:
- Both trio.testing.RaisesGroup and trio.testing.Matcher have
been deprecated. Pytest alternatives pytest.RaisesGroup and
pytest.RaisesExc (respectively) are considered correct
replacement.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 949c02c02e
---------------------------
python3-langtable: Upgrade 0.0.69 -> 0.0.70
Upgrade to release 0.0.70:
- Add a few dz keyboards
- Add more translations from CLDR
- Get translation changes from CLDR
- Add GS, ady, bqi, isv, kbd, kek, lzz, mww, oka, pi, pms, suz,
Suni, si_ID.UTF-8 zgh_MA.UTF-8
- Add mdf_RU.UTF-8 to RU
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 31b49687df
---------------------------
python3-pyee: Upgrade 13.0.0 -> 13.0.1
Upgrade to release 13.0.1:
- Check for listener's existence before attempting to remove it
- Update pytest configuration to support pytest 9
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d33bd19955
---------------------------
python3-pyrad: Upgrade 2.5.2 -> 2.5.4
Upgrade to release 2.5.4:
- Remove python2 leftovers
- Add support for Ascend-Data-Filter "delete" keyword
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 450dd90aab
---------------------------
python3-typeguard: Upgrade 4.4.4 -> 4.5.0
Upgrade to release 4.5.0:
- Restored the check_argument_types() and check_return_type()
functions that were dropped in v3.0.0, for users who want more
fine-grained control over run-time type checking
- Added support for extra_items in TypedDict, allowing users to
specify the types for the values of "leftover" keys in a typed
dict (keys that weren't explicitly defined in the TypedDict subclass)
- Fixed NameError when evaluating forward references on Python 3.14
- Fixed protocol check incorrectly rejecting inherited classmethods
and staticmethods
- Fixed missing TypeCheckError when checking TypedDict with
Required[...] annotations
- Fixed type aliases (e.g. type Foo = list[int]) not being resolved
during type checking
- Fixed type-checked assignments to a single tuple target
(e.g. x, = ("foo",)) falsely raising TypeCheckedError
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 27edae565f
---------------------------
webkitgtk3: upgrade 2.48.7 -> 2.50.5
Includes fixes for CVE-2025-13502, CVE-2025-13947, CVE-2025-43421,
CVE-2025-43458 and CVE-2025-66287.
Drop libsoup2 support. Even though this particular version still supports
it, this is the last major version that is not libsoup3-only. Starting
with version 2.52 (which is only 3-4 weeks away at the time of writing this
message) upstream is dropping libsoup2 support completely[1].
This is a proactive removal of this feature, the sooner users start the
migration, the better.
Made opengl a mandatory DISTRO_FEATURE: libepoxy requires it, which is both
a direct dependency, and an indirect one from gtk+3.
Changelogs:
https://webkitgtk.org/2026/02/09/webkitgtk2.50.5-released.html
https://webkitgtk.org/2025/12/16/webkitgtk2.50.4-released.html
https://webkitgtk.org/2025/12/04/webkitgtk2.50.3-released.html
https://webkitgtk.org/2025/11/19/webkitgtk2.50.2-released.html
https://webkitgtk.org/2025/10/10/webkitgtk2.50.1-released.html
https://webkitgtk.org/2025/09/17/webkitgtk2.50.0-released.html
[1]: https://webkitgtk.org/2025/10/07/webkitgtk-soup2-deprecation.html
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5b830f4539
---------------------------
wxwidgets: enable webkit PACKAGECONFIG only when opengl is available
The latest version of webkitgtk3 requires opengl DISTRO_FEATURE, so the
webkit PACKAGECONFIG should be enabled only when opengl is available.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4d60ca97ec
---------------------------
ttf-sazanami: fix SRC_URI
The original SRC_URI became inaccessible a while ago. Switch to a working source.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: be6714fb7f
---------------------------
ntfs-3g-ntfsprogs: fix SRC_URI
The SRC_URI has became inaccessible some time ago, falling back to the
Yocto mirror. Instead use the Github mirror.
I ran a diff on the files of this revision and the files of the original
tarball, and the contents were bit-identical.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ac9041ed3e
---------------------------
iwd: update 3.10 -> 3.11
ver 3.11:
Fix issue with interface registration before acquiring name.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6efa5edcf2
---------------------------
hotdoc : Add new recipe
1. Backport following patch to solve build and runtime issue
0001-c_comment_scanner-fix-function-prototypes.patch
0002-avoid-third-party-backports-dependency-on-sufficient.patch
0003-CMake-4-compatibility.patch
2. Add do_configure:prepend() to solve buildpaths QA check
do_package_qa: QA Issue: File /usr/lib/python3.14/site-packages/hotdoc/parsers/cmark.cpython-314-x86_64-linux-gnu.so in package hotdoc contains reference to TMPDIR [buildpaths]
3. Add 0004-Use-flex-with-noline-option-to-prevent.patch to solve buildpaths QA check
do_package_qa:QA Issue: File /usr/src/debug/hotdoc/0.17.4/hotdoc/parsers/c_comment_scanner/scanner.c in package hotdoc-src contains reference to TMPDIR [buildpaths]
4. Add clang as RDEPENDS for following reason
Hotdoc has some Extensions including c-Extension.
The c-Extension needs llvm and clang in runtime as introduced in doc of hotdoc.
https://hotdoc.github.io/c-extension.html#c-extension
"The extension uses Clang to build and walk an AST from the source code"
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e7517b1d4c
---------------------------
python3-dbus-deviation: Add new recipe
Add this new recipe for runtime dependence of hotdoc.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e2c07e4eb9
---------------------------
python3-wheezy-template: Add new recipe
Add this new recipe for runtime dependence of hotdoc.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9afc2b6323
---------------------------
python3-toposort: Add new recipe
Add this new recipe for runtime dependence of hotdoc.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3803910a75
---------------------------
python3-schema: Add new recipe
Add this new recipe for runtime dependence of hotdoc.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d3c431d669
---------------------------
vulkan-cts: upgrade 1.4.5.0 -> 1.4.5.1
Bump Vulkan CTS revision, picking up fixes for sevaral Vulkan tests (and
updating VVS to 0.3.9).
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a68047d226
---------------------------
vk-gl-cts: ensure that the SRCREV is correct
Use tag=${BP} in SRC_URI in order to ensure that the SRCREV is correctly
updated together with the package version.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9437a35434
---------------------------
php: upgrade 8.5.2 -> 8.5.3
This is a bug fix release.
Changelog: https://www.php.net/ChangeLog-8.php#8.5.3
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 81d1e5c9ac
---------------------------
waylandpp: Move wayland-scanner++ to -dev package
wayland-scanner++ is only used during development so it's not usually
required to be installed on the target. wayland-scanner++.pc is already
in the -dev package.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1a6ceb010a
---------------------------
redis: add back DEBUG_PREFIX_MAP to LDFLAGS
Without this redis embeds absoute build paths in the binaries, failing
qa check. These LDFLAGS were recently removed from oe-core[1] - this
change adds it back to this recipe.
The qa error was not showing with redis 6 recipe, so it is added only to
redis 7.
[1]: https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1de433f8bb
---------------------------
valkey: remove TMPDIR truncation in binaries
These seds were added to remove reproducibility QA errors about
TMPDIR being present in the binaries. The root of the problem was
changed LDFLAGS in oe-core, and after adding back these LDFLAGS
to this recipe[1], the QA error is also gone - the binaries require
no changes due to this.
Also remove the INSANE_SKIP, which was most likely fixed by the
same LDFLAGS issue - it doesn't happen anymore.
[1]: https://git.openembedded.org/meta-openembedded/commit/?id=e8981bf43163d2fe90ea28b2952a2443ceaea934
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0332dae9bb
---------------------------
python3-pybind11-json: fix Targets.cmake trying to reference host
The resulting pybind11_jsonTargets.cmake in the dev-package adds an
absolute path to python include directories in the target properties:
set_target_properties(pybind11_json PROPERTIES
INTERFACE_INCLUDE_DIRECTORIES "/usr/include/python3.13;${_IMPORT_PREFIX}/include"
)
The patch removes ${PYTHON_INCLUDE_DIRS} which is set by pybind11 from
set_target_properties to remove the poisonous host path.
Signed-off-by: Tafil Avdyli <tafil@tafhub.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cd0a0f605e
---------------------------
nginx: upgrade 1.29.1 -> 1.29.5
License-Update: copyright year bump.
Changelog:
1.29.5:
- Security: an attacker might inject plain text data in the response
from an SSL backend (CVE-2026-1642).
- Bugfix: use-after-free might occur after switching to the next gRPC
or HTTP/2 backend.
- Bugfix: an invalid HTTP/2 request might be sent after switching to
the next upstream.
- Bugfix: a response with multiple ranges might be larger than the
source response.
- Bugfix: fixed setting HTTP_HOST when proxying to FastCGI, SCGI, and
uwsgi backends.
- Bugfix: fixed warning when compiling with MSVC 2022 x86.
- Change: the logging level of the "ech_required" SSL error has been
lowered from "crit" to "info".
1.29.4:
- Feature: the ngx_http_proxy_module supports HTTP/2.
- Feature: Encrypted ClientHello TLS extension support when using
OpenSSL ECH feature branch; the "ssl_ech_file" directive.
Thanks to Stephen Farrell.
- Change: validation of host and port in the request line, "Host"
header field, and ":authority" pseudo-header field has been changed
to follow RFC 3986.
- Change: now a single LF used as a line terminator in a chunked
request or response body is considered an error.
- Bugfix: when using HTTP/3 with OpenSSL 3.5.1 or newer a segmentation
fault might occur in a worker process; the bug had appeared in
1.29.1.
Thanks to Jan Svojanovsky.
- Bugfix: a segmentation fault might occur in a worker process if the
"try_files" directive and "proxy_pass" with a URI were used.
1.29.3:
- Feature: the "add_header_inherit" and "add_trailer_inherit"
directives.
- Feature: the $request_port and $is_request_port variables.
- Feature: the $ssl_sigalg and $ssl_client_sigalg variables.
- Feature: the "volatile" parameter of the "geo" directive.
- Feature: now certificate compression is available with BoringSSL.
- Bugfix: now certificate compression is disabled with OCSP stapling.
1.29.2
- Feature: now nginx can be built with AWS-LC.
Thanks Samuel Chiang.
- Bugfix: now the "ssl_protocols" directive works in a virtual server
different from the default server when using OpenSSL 1.1.1 or newer.
- Bugfix: SSL handshake always failed when using TLSv1.3 with OpenSSL
and client certificates and resuming a session with a different SNI
value; the bug had appeared in 1.27.4.
- Bugfix: the "ignoring stale global SSL error" alerts might appear in
logs when using QUIC and the "ssl_reject_handshake" directive; the
bug had appeared in 1.29.0.
Thanks to Vladimir Homutov.
- Bugfix: in delta-seconds processing in the "Cache-Control" backend
response header line.
- Bugfix: an XCLIENT command didn't use the xtext encoding.
Thanks to Igor Morgenstern of Aisle Research.
- Bugfix: in SSL certificate caching during reconfiguration.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f2be1069f1
---------------------------
nginx: upgrade 1.28.1 -> 1.28.2
Changelog:
- Security: an attacker might inject plain text data in the response
from an SSL backend (CVE-2026-1642).
- Bugfix: use-after-free might occur after switching to the next gRPC
or HTTP/2 backend.
- Bugfix: fixed warning when compiling with MSVC 2022 x86.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: de20532a75
---------------------------
nodejs: detect NEON correctly for aarch64
The llhttp vendored dependency of nodejs takes advantage of Arm NEON
instructions when they are available, however they are detected by
checking for an outdated CPU feature macro: it checks for __ARM_NEON__,
however it is not defined by new compilers for aarch64, rather they
set __ARM_NEON. The Arm C extension guide[1] refers to __ARM_NEON macro
aswell.
This patch changes the detection to check for both macros when detecting
the availability of NEON instructions.
The code this patch modifies is generated, so the patch itself isn't
suitable for upstream submission, as the root cause of the error is
in the generator itself. A PR has been submitted[2] to the generator
project to rectify this issue.
[1]: https://developer.arm.com/documentation/ihi0053/d/ - pdf, section 6.9
[2]: https://github.com/nodejs/llparse/pull/84
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d3fbcf8700
---------------------------
nodejs: patch incorrect NEON intrinsics
The llhttp dependency of nodejs uses NEON intrinsics when they
are available, however some of these calls are incorrect: they
the call they use don't match the parameters passed, and so
the compilation fail (unless the error is suppressed):
| ../deps/llhttp/src/llhttp.c: In function 'llhttp__internal__run':
| ../deps/llhttp/src/llhttp.c:2645:9: note: use '-flax-vector-conversions' to permit conversions between vectors with differing element types or numbers of subparts
| 2645 | );
| | ^
| ../deps/llhttp/src/llhttp.c:2643:11: error: incompatible type for argument 1 of 'vandq_u16'
| 2643 | vcgeq_u8(input, vdupq_n_u8(' ')),
There is a patch upstream that fixes it (though it is not merged
yet). This patch is a port of that fix.
This allows us to remove the extra CFLAGS also from the recipe that
suppressed this error.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2296bdb6c1
---------------------------
rsyslog: fix incorrect install -d usage in do_install
The rsyslog recipe incorrectly passes the permission mode as a
positional argument to install -d. In this form, the value is treated
as a directory name rather than as a mode, which will create an additional directory
and may result in unexpected behavior during installation.
Use the -m option to ensure the directory is created with the intended
permissions.
Signed-off-by: Mikhail Anikin <mikhail.anikin@solid-run.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bf898320ec
---------------------------
rocksdb: support pkg-config based zstd detection
In Yocto builds, zstd is built via Makefile and does not install
CMake package configuration files. As a result, Findzstd.cmake
fails to detect ZSTD_INCLUDE_DIRS.
Add pkg-config based detection as a fallback to properly locate
zstd headers and libraries.
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: add2d94ab7
---------------------------
nbench-byte: Fix sysinfo generation in parallel build
The project Makefile uses a script (sysinfo.sh) to non-atomically generate
two .c files (sysinfo.c, sysinfoc.c) which are then included in the build.
Since the script always overwrites both .c files, the Makefile should only
invoke it once, not twice in parallel. Otherwise the .c files may be
corrupted and cause random build failures in parallel builds.
Requires at least GNU make 4.3, for Grouped Targets support [1].
[1] https://lists.gnu.org/archive/html/info-gnu/2020-01/msg00004.html
Reviewed-by: Silvio Fricke <silvio.fricke@gin.de>
Signed-off-by: Daniel Klauer <daniel.klauer@gin.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 476b723696
---------------------------
python3-django: upgrade 6.0.1 -> 6.0.2
Some new tests expect the PWD to be writable, however this is not the case
when running the tests in $PTEST_PATH with a non-root user. This patch
makes it writable.
Ptests passed, however there is a flaky test. Upstream has a bug[1]
about it:
Ran 18651 tests in 144.573s
OK (skipped=1396, expected failures=5)
Changes:
Contains fixes for CVE-2025-13473, CVE-2025-14550, CVE-2026-1207,
CVE-2026-1285, CVE-2026-2187 and CVE-2026-1312
[1]: https://code.djangoproject.com/ticket/36770
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8fdf6a64c0
---------------------------
python3-django: upgrade 5.2.9 -> 5.2.11
Dropped patch that is included in this release.
Ptests passed:
Ran 18131 tests in 450.882s
OK (skipped=1389, expected failures=5)
Changelog:
5.2.11:
Contains fixes for CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285,
CVE-2026-1287 and CVE-2026-1312
5.2.10:
* Fixed a bug in Django 5.2 where data exceeding max_length was silently
truncated by QuerySet.bulk_create on PostgreSQL.
* Fixed a bug where management command colorized help (introduced in
Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 12deb70ea8
---------------------------
open-vm-tools: upgrade 13.0.5 -> 13.0.10
ChangeLog:
https://github.com/vmware/open-vm-tools/blob/stable-13.0.10/ReleaseNotes.md
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bc6370efb6
---------------------------
lmdb: upgrade 0.9.31 -> 0.9.35
Drop CVE-2026-22185.patch as it was merged upstream
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 48dc68c366
---------------------------
freerdp: patch CVE-2026-22855
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22855
The related Github advisory[1] describes the problem along with analyzing
where the vulnerability is in the codebase. I looked up the commit that
recently performed the changes from the analysis, and backported it.
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rwp3-g84r-6mx9
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0b61ca3355
---------------------------
freerdp: patch CVE-2026-22854
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22854
Backport the patch that is referenced by the relevant Github
advisory[1].
[1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d4c3fdca5f
---------------------------
nodejs: add missing native nghttp2 and libuv dependencies
In case nghttp2 and/or libuv PACKAGECONFIGs are enabled, nodejs
will build some binaries for the build system also, linking to
native binaries and using headers from the native sysroot.
However in case the dependencies are missing from the native sysroot,
then it falls back to the build system's sysroot, and use the files
that it can find there. If the build system doesn't have nghttp2/libuv
installed, then compilation fails:
libuv:
../tools/executable_wrapper.h:5:10: fatal error: uv.h: No such file or directory
ngtthp2:
<...snip...>/build/tmp/hosttools/ld: cannot find -lnghttp2: No such file or directory
To avoid falling back to the build system's sysroot, add the missing
libuv-native and nghttp2-native dependencies.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f9d3d703ca
---------------------------
drm-framebuffer: new recipe
Signed-off-by: Frede Hoey Braendstrup <frederikbraendstrup@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bd832a8962
---------------------------
opencv: correct FastCV dependencies
The FastCV stub dlopen()'s libfastcvopt.so.1, but if it is not present,
it is not a fatal error for the rest of the plugins. Downgrate RDEPENDS
to RRECOMMENDS. While we are at it, drop the dependency from the
PACKAGECONFIG, it is handled in the python code.
Fixes: b77403017b5e ("opencv: fill in missing FastCV gaps")
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7f621262df
---------------------------
gnome-tweaks: upgrade 40.0 -> 40.10
Drop patch that is included in this release.
Changes (note that there were no intermediate releases):
40.10:
This release includes a fix for the broken GNOME Extensions link and
several translation updates.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bdf3e0387e
---------------------------
gnome-commander: upgrade 1.16.1 -> 1.16.2
Drop patch that's included in this release.
Changes:
- Fix double g_error_free call in remote_close_callback
- Fix build with taglib 2.0
- Set project gnu++11 c++ language version explicitely
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e94e5ec1ee
---------------------------
python3-pychromecast: allow building with newer version of python3-wheel
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fa53982588
---------------------------
python3-sqlalchemy: add python3-greenlet as RDEPENDS as pip check does report this as a missing dependency
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 90cae902ec
---------------------------
python3-mypy: when checking the package in an image `pip check` reports python3-pathspec as a missing dependency
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bb5dfc426c
---------------------------
python3-pytest-env: new recipe.
pytest plugin that allows you to add environment variables.
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: efc80673fd
---------------------------
gnome-desktop: upgrade 44.1 -> 44.4
Changes:
Version 44.4
- Support TryExec for thumbnailers
- Translation updates
Version 44.3
- Fix CI regression for release upload
Version 44.2
- Stop using ratio character for time in the wall-clock
- Fix variable initialization
- General CI cleanups
- Only parse XML files as slideshows
- Translation updates
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d96fec1f6e
---------------------------
netperf: Fix compile error with --enable-intervals
Submitted fix: https://github.com/HewlettPackard/netperf/pull/94
Fix for multiple definition error:
| <snip>/ld: nettest_omni.o:<snip>/src/nettest_omni.c:233: multiple definition of `signal_set'; nettest_bsd.o:<snip>/src/nettest_bsd.c:302: first defined here
| <snip>/ld: nettest_omni.o:<snip>/src/nettest_omni.c:191: multiple definition of `interval_count'; nettest_bsd.o:<snip>/src/nettest_bsd.c:289: first defined here
| <snip>/ld: nettest_omni.o:<snip>/src/nettest_omni.c:233: multiple definition of `signal_set'; nettest_bsd.o:<snip>/src/nettest_bsd.c:302: first defined here
| <snip>/ld: nettest_omni.o:<snip>/src/nettest_omni.c:191: multiple definition of `interval_count'; nettest_bsd.o:<snip>/src/nettest_bsd.c:289: first defined here
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7302c3ef24
---------------------------
obconf: fix SRC_URI
The old SRC_URI has became inaccessible a while ago.
This patch switches to Debian mirror.
The file contents are identical to the previous source,
except for the top level debian folder, which is not present
in the new tarball (but it is mostly useful for Debian
packagers, and not used for compilation).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9209caae62
---------------------------
wireshark: Fix do_compile error
If there is no mate_grammar.c, it will cause exit code 1 by "test -e" as following:
WARNING: exit code 1 from a shell command.
So use "if" instead of "test"
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8837d163ab
---------------------------
glaze: Update to 7.0.2
Changes since 7.0.1:
459946d3 version 7.0.2 bump
8879dd5e two element id optimization (#2264)
ecfc63b4 Committing clang-format changes
e0d153e9 Enum search for when hashing fails (#2263)
fc169a51 enum reflection documentation
3d8354a6 Committing clang-format changes
f3fc73cc Allow to construct a glz::http_server instance using an
asio::io_executor (#2258)
625b6ddd Update README.md
56d20086 Update README.md
d3b51565 Update glaze_DISABLE_SIMD_WHEN_SUPPORTED documentation
77fb1384 Update README.md
f17d17ca Committing clang-format changes
69eed8c2 YAML support (#2243)
5d652476 Update json-schema.md (#2254)
04883eb1 BEVE and CBOR std::expected support (#2253)
8555337e FEATURE: [json] Add special handling for std::expected<void,E>
(#2251)
ddea99c5 Simple float (#2248)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6be7812f7c
---------------------------
glaze: include cmake files in glaze-dev package
The cmake files should be included in the glaze-dev package.
Without this patch, an application using the following
find_package(glaze)
target_link_libraries(myprogram PUBLIC glaze::glaze)
Would fail with the following error (with tmpdir redacted)
CMake Error in deps/vesl/src/Platform/CMakeLists.txt:
Imported target "glaze::glaze" includes non-existent path
"$TMPDIR/recipe-sysroot/usr/share/include"
in its INTERFACE_INCLUDE_DIRECTORIES. Possible reasons include:
* The path was deleted, renamed, or moved to another location.
* An install or uninstall procedure did not complete successfully.
* The installation package was faulty and references files it does not
provide.
Signed-off-by: Frede Hoey Braendstrup <frederikbraendstrup@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8a0162969c
---------------------------
open62541: add historizing PACKAGECONFIG
Release v1.4.15 fixes building without the historizing option.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
---------------------------
Commit: 97ef9cc3b8
---------------------------
open62541: update to v1.4.15
The patch has been applied upstream.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
---------------------------
Commit: 3c81ff5859
---------------------------
transmission: upgrade 4.0.6 -> 4.1.0
1.ChangeLog
https://github.com/transmission/transmission/releases/tag/4.1.0
2. Remove following patches as they were merged upstream
0001-build-bump-CMake-version-to-3.10-4.patch
0001-miniupnpc-bump-CMake-version-to-3.14.patch
0001-build-set-minimum-required-CMake-to-3.5.patch
3. Change LICENSE Checksum as Copyright year has changed.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d0aadb1f35
---------------------------
ettercap: 0.8.3.1-> 0.8.4
1. Changelog
https://github.com/Ettercap/ettercap/releases/tag/v0.8.4
2. Remove following patches as they were merged upstream
0001-sslstrip-Enhance-the-libcurl-version-check-to-consid.patch
0002-allow-build-with-cmake-4.patch
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6a900d8190
---------------------------
pax-utils: upgrade 1.3.3 -> 1.3.10
Update the SRC_URI also, the previous one became inaccessible
a while ago. This is an official mirror[1].
Since the last update the project switched to meson build system.
Changes:
https://github.com/gentoo/pax-utils/compare/v1.3.3...v1.3.10
[1]: https://packages.gentoo.org/packages/app-misc/pax-utils
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 727a216363
---------------------------
packagegroup-meta-oe: add media-types
Also remove the old mime-types recipe, which is the old name
of media-types.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e5cd8b0c37
---------------------------
media-types: fix RPROVIDES
Instead of PROVIDING mime-support, it should RPROVIDE the same package.
It allows adding "mime-support" to IMAGE_INSTALL to get a similar
behavior than before mime-support recipe was split into two differently
named recipes.
Also, rename the recipe's folder to match the recipe name.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1608ba5b9d
---------------------------
mailcap: drop recipe (debian version)
The same recipe is already provided, sourced from Fedora.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: aa9215d831
---------------------------
pipewire: fix runtime dependency when multilib is enabled
Without ${MLPREFIX} in the PACKAGECONFIG runtime field, building the
multilib variant forms a dependency to the non-multilib variant of
certain packages.
Signed-off-by: Jaeyoon Jung <jaeyoon.jung@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9a954a0ed0
---------------------------
python3-marshmallow: Upgrade 4.2.1 -> 4.2.2
Upgrade to release 4.2.2:
- Fix behavior of fields.Contant(None)
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 02768cd67e
---------------------------
python3-dbus-fast: Upgrade 2.44.5 -> 4.0.0
Upgrade to release 4.0.0:
- Chores
- Apt-get update before apt-get install
- Fix unix_fds parameter types
- Wrap lines in docs
- Annotated types for D-Bus signatures
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 23f8119aa7
---------------------------
python3-vector: Upgrade 1.7.0 -> 1.8.0
- chore: rm support for Python 3.9+ bump Numba
- feat: numba on python 3.14
- fix: pass atol, rtol and equal_nan as kwargs to awkward's isclose
method
- docs: copyright should only include the year of creation
- chore: pytest log_level is better than log_cli_level
- chore: test on python 3.14
- chore: test on free-threaded Python
License-Update: Include the year of creation only
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 52d56293d6
---------------------------
python3-pyrad: upgrade 2.4-> 2.5.2
1.ChangeLog
Fix readthedocs
2.Remove following patches as they were merged upstream
use-poetry-core.patch
208.patch
3.Change license checksum as position of License Info has changed in PKG-INFO file.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1b820b98af
---------------------------
valkey: Upgrade 9.0.1 -> 9.0.2
Upgrade to release 9.0.2:
- Avoid memory leak of new argv when HEXPIRE commands target only
non-exiting fields
- Fix HINCRBY and HINCRBYFLOAT to update volatile key tracking
- Avoid empty hash object when HSETEX added no fields
- Fix case-sensitive check for the FNX and FXX arguments in HSETEX
- Prevent assertion in active expiration job after a hash with
volatile fields is overwritten
- Fix HRANDFIELD to return null response when no field could be
found
- Fix HEXPIRE to not delete items when validation rules fail and
expiration is in the past
- Fix how hash is handling overriding of expired fields overwrite
- HSETEX - Always issue keyspace notifications after validation
- Make zero a valid TTL for hash fields during import mode and data
loading
- Trigger prepareCommand on argc change in module command filters
- Restrict TTL from being negative and avoid crash in import-mode
- Fix chained replica crash when doing dual channel replication
- Skip slot cache optimization for AOF client to prevent key
duplication and data corruption
- Fix used_memory_dataset underflow due to miscalculated
used_memory_overhead
- Avoid duplicate calculations of network-bytes-out in slot stats
with copy-avoidance
- Fix XREAD returning error on empty stream with + ID
- Track reply bytes in I/O threads if commandlog-reply-larger-than
is -1
- This makes it possible to mitigate a performance regression in
9.0.1 caused by the related bug fix
Fixes references to TMPDIR [buildpaths] and avoids [already-stripped].
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 800998234a
---------------------------
kmscon: bump version to 9.3.1
- Remove upstreamed patch (commit ID: a1fc510a)
- backspace_sends_delete is now a runtime option as
of commit 0d6d85a8b865cac17529d049ae9a561db782ac59
- The kmscon.conf file in the source is renamed to kms.conf.example
To keep the same behavior as the previous versions, kms.conf.example
is moved to ${sysconfdir}/kmscon/kmscon.conf before running sed.
- The render-engine config option has been removed as of commit
59eef2a154f78101195ad8ff08376e2418e773f0.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 83bf29198b
---------------------------
libtsm: upgrade 4.4.0 -> 4.4.2
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 808e3f9ebc
---------------------------
xorgxrdp: upgrade 0.10.4 -> 0.10.5
Changelog:
==========
- Fix bug in Chrome pointer detection
- CI: Update FreeBSD xrdp dependency
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 08ad9a079e
---------------------------
tree: upgrade 2.2.1 -> 2.3.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c722b24d38
---------------------------
python3-types-psutil: upgrade 7.2.1.20260116 -> 7.2.2.20260130
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6fcbb71032
---------------------------
python3-tqdm: upgrade 4.67.1 -> 4.67.2
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a02df1adbd
---------------------------
python3-rich: upgrade 14.3.1 -> 14.3.2
Changelog:
==========
- Fixed solo ZWJ crash
- Fixed control codes reporting width of 1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 49bf96259e
---------------------------
python3-pikepdf: upgrade 10.2.0 -> 10.3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6a74749569
---------------------------
python3-nanobind: upgrade 2.10.2 -> 2.11.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1b1bae9811
---------------------------
python3-icontract: upgrade 2.7.2 -> 2.7.3
Changelog:
Treat __setstate__ as constructor
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4f1090a998
---------------------------
python3-cachetools: upgrade 6.2.5 -> 7.0.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 267d59ca60
---------------------------
python3-alembic: upgrade 1.18.1 -> 1.18.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e27ed6de73
---------------------------
python3-aiohue: upgrade 4.8.0 -> 4.8.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6c54894209
---------------------------
openldap: upgrade 2.6.10 -> 2.6.12
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 755d7c5449
---------------------------
nbdkit: upgrade 1.47.1 -> 1.47.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9c989a5ea2
---------------------------
libvpx: upgrade 1.15.2 -> 1.16.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ee20888c3f
---------------------------
libspelling: upgrade 0.4.9 -> 0.4.10
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 66afdc82af
---------------------------
libp11: upgrade 0.4.16 -> 0.4.17
Changelog:
============
* Ed25519 and Ed448 support (PKCS#11 v3.2)
* Fixed OPENSSL_NO_EC builds
* Reverted RSA public exponent change from PR #474
* Fixed crash on module initialization failures
* Ignoring trailing newlines in pin-source files
* Initial build fixes for the upcoming OpenSSL 4.x
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c2bf93c8d0
---------------------------
libio-compress-perl: upgrade 2.214 -> 2.217
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3faa41265d
---------------------------
libio-compress-lzma-perl: upgrade 2.214 -> 2.217
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d40d4ddc9c
---------------------------
libcompress-raw-zlib-perl: upgrade 2.214 -> 2.217
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c37e050575
---------------------------
libcompress-raw-lzma-perl: upgrade 2.214 -> 2.217
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1424870f1f
---------------------------
libcompress-raw-bzip2-perl: upgrade 2.214 -> 2.217
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bf0ea3fc28
---------------------------
libcacard: upgrade 2.8.1 -> 2.8.2
Changelog:
==========
- Sort certificates by underlying objects CKA_ID to provide deterministic
object order
- Avoid using uninitialized memory
- Improve test coverage and build scripts
- Improve compatibility with modern compilers (avoid strict warnings)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a216ab3f76
---------------------------
gvfs: upgrade 1.58.0 -> 1.58.1
Major changes in 1.58.1
=======================
* cdda: Fix duration of last track for some media
* build: Fix build when google option is disabled
* Fix various memory leaks
* Some other fixes
* Translation updates
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b2a9e3fefc
---------------------------
gparted: upgrade 1.7.0 -> 1.8.0
Key changes
=============
* Fix crash due to not checking for failure to load icon
* Fix hangs setting FAT label when matches a root folder entry
* Erase file system signatures before all FileSystem copies
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 625a2be8a8
---------------------------
libde265: upgrade 1.0.15 -> 1.0.16
Also included tag in the SRC_URI.
This release fixes some rare decoding errors and some build issues.
Changelog:
https://github.com/strukturag/libde265/compare/v1.0.15...v1.0.16
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: dc3791d2c4
---------------------------
gimp: patch libunwind detection
Gimp 3.0.8's meson file detects the presence of libunwind incorrectly,
making it fail on some platforms (e.g. x86 + musl + clang), even when
libunwind is explicitly disabled:
| <snip>i686-oe-linux-musl-ld: app/core/libappcore.a.p/gimpbacktrace-linux.c.o: in function `gimp_backtrace_get_address_info':
| /usr/src/debug/gimp/3.0.8/../sources/gimp-3.0.8/app/core/gimpbacktrace-linux.c:708:(.text+0xbd7): undefined reference to `_ULx86_init_local'
This backported patch fixes this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d3cdd51235
---------------------------
agent-proxy: Restore DEBUG_PREFIX_MAP in TARGET_LDFLAGS
oe-core has removed DEBUG_PREFIX_MAP from TARGET_LDFLAGS [1], restore
it to fix the below error.
ERROR: agent-proxy-1.97-r0.wr2600 do_package_qa: QA Issue: File /usr/bin/.debug/agent-proxy in package agent-proxy-dbg contains reference to TMPDIR [buildpaths]
ERROR: agent-proxy-1.97-r0.wr2600 do_package_qa: Fatal QA errors were found, failing task.
[1] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a4d79609a4
---------------------------
tunctl: Restore DEBUG_PREFIX_MAP in TARGET_LDFLAGS
oe-core has removed DEBUG_PREFIX_MAP from TARGET_LDFLAGS [1], restore
it to fix the below error.
ERROR: tunctl-1.5-r0.wr2401 do_package_qa: QA Issue: File /usr/sbin/.debug/tunctl in package tunctl-dbg contains reference to TMPDIR [buildpaths]
ERROR: tunctl-1.5-r0.wr2401 do_package_qa: Fatal QA errors were found, failing task.
[1] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 57eca6e20b
---------------------------
memstat: Restore DEBUG_PREFIX_MAP in TARGET_LDFLAGS
oe-core has removed DEBUG_PREFIX_MAP from TARGET_LDFLAGS [1], restore
it to fix the below error.
ERROR: memstat-1.0-r0.wr2401 do_package_qa: QA Issue: File /usr/bin/.debug/memstat in package memstat-dbg contains reference to TMPDIR [buildpaths]
ERROR: memstat-1.0-r0.wr2401 do_package_qa: Fatal QA errors were found, failing task.
[1] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e8981bf431
---------------------------
valkey: Restore DEBUG_PREFIX_MAP in TARGET_LDFLAGS
oe-core has removed DEBUG_PREFIX_MAP from TARGET_LDFLAGS [1], restore
it to fix the below error.
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: QA Issue: File /usr/bin/.debug/valkey-cli in package valkey-dbg contains reference to TMPDIR [buildpaths]
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: QA Issue: File /usr/bin/.debug/valkey-server in package valkey-dbg contains reference to TMPDIR [buildpaths]
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: QA Issue: File /usr/bin/.debug/valkey-benchmark in package valkey-dbg contains reference to TMPDIR [buildpaths]
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: Fatal QA errors were found, failing task.
[1] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6c462c4d55
---------------------------
freerdp3: upgrade 3.20.2 -> 3.22.0
Ptests passed successfully.
Dropped manpages PACKAGECONFIG: when it is enabled, it requires an executable that
is compiled from the project's source, but since it is cross-compiled, it is not
usable. The cmakefile also started to explicitly disable generating this tool
when cross-compiling is enabled.
Since this recipe has no native counterpart, and the manpages can't be generated
in this state, this option was removed.
Changes:
3.22.0:
- Complete overhaul of SDL client
- Introduction of new WINPR_ATTR_NODISCARD macro wrapping compiler or C language
version specific [[nodiscard]] attributes
- Addition of WINPR_ATTR_NODISCARD to (some) public API functions so usage errors
are producing warnings now
- Add some more stringify functions for logging
- CVE fixes: CVE-2026-23948, CVE-2026-24682, CVE-2026-24683, CVE-2026-24676,
CVE-2026-24677, CVE-2026-24678, CVE-2026-24684, CVE-2026-24679,
CVE-2026-24681, CVE-2026-24675, CVE-2026-24491, CVE-2026-24680
- [core,info] fix missing NULL check
- [gateway,tsg] fix TSG_PACKET_RESPONSE parsing
- Allow querying auth identity with kerberos when running as a server
- Sspi krb heimdal
- Tsg fix idleTimeout parsing
- [channels,smartcard] revert 649f7de
- [crypto] deprecate er and der modules
- [channels,rdpei] lock full update, not only parts
- [winpr,platform] add WINPR_ATTR_NODISCARD macro
- Wlog cleanup
- new stringify functions & touch API defines
- Add support for querying SECPKG_ATTR_PACKAGE_INFO to NTLM and Kerberos
- [channels,video] measure times in ns
- [utils] Nodiscard
- Error handling fixes
- [channels,drdynvc] check pointer before reset
- Winpr api def
- [winpr,platform] drop C23 [[nodiscard]]
- [gdi] add additional checks for a valid rdpGdi
- Sdl3 high dpiv2
- peer: Disconnect if Logon() returned FALSE
- [channels,rdpecam] fix PROPERTY_DESCRIPTION parsing
- [channel,rdpsnd] only clean up thread before free
- [channels,rdpei] add RDPINPUT_CONTACT_FLAG_UP
3.21.0:
- CVE fixes: CVE-2026-23530, CVE-2026-23531, CVE-2026-23532, CVE-2026-23533,
CVE-2026-23534, CVE-2026-23732, CVE-2026-23883, CVE-2026-23884
- [client,sdl] fix monitor resolution
- [codec,progressive] fix progressive_rfx_upgrade_block
- Krb cache fix
- Rdpdr improved checks
- Codec advanced length checks
- Glyph fix length checks
- Wlog printf format string checks
- [warnings,format] fix format string warnings
- Double free fixes
- [clang-tidy] clean up code warnings
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ac9cddac40
---------------------------
python3-orjson: use git fetcher; enable ptest
The majority of the ptests require the data/ directory, so
switch to using the git fetcher.
Testsuite summary
TOTAL: 1632
PASS: 1627
SKIP: 5
XFAIL: 0
FAIL: 0
XPASS: 0
ERROR: 0
DURATION: 268
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c6a7350f7c
---------------------------
python3-pendulum: add at v3.2.0
Python datetimes made easy.
* Add patch to not strip .so
* Enable ptests
* Use git fetcher so we have tests/
Testsuite summary
TOTAL: 1835
PASS: 1832
SKIP: 3
XFAIL: 0
FAIL: 0
XPASS: 0
ERROR: 0
DURATION: 102
Dependency for python3-orjson ptest.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8dd259ff4d
---------------------------
python3-time-machine: add at v3.2.0
Travel through time in your tests.
https://time-machine.readthedocs.io/en/latest/
Dependency for python3-pendulum ptests.
Based on the recipe in meta-homeassistant.
Enable ptests.
Use git fetcher so that we have tests/ for ptest.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 73dbdc65fc
---------------------------
python3-tokenize-rt: add at v6.2.0
A wrapper around the stdlib `tokenize` which roundtrips.
Dependency for python3-time-machine ptests.
Use git fetcher so we have tests/ and testing/resources/ for ptest.
Testsuite summary
TOTAL: 45
PASS: 45
SKIP: 0
XFAIL: 0
FAIL: 0
XPASS: 0
ERROR: 0
DURATION: 8
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 64139e703b
---------------------------
python3-faker: add v40.1.2
Faker is a Python package that generates fake data for you. Whether you
need to bootstrap your database, create good-looking XML documents,
fill-in your persistence to stress test it, or anonymize data
taken from a production service, Faker is for you.
* Skip tests/pytest as this causes the 'pytests --automake' parser to fail
for some reason [1] and the handful of tests are of questionable extra value.
Testsuite summary
TOTAL: 2151
PASS: 2146
SKIP: 5
XFAIL: 0
FAIL: 0
XPASS: 0
ERROR: 0
DURATION: 39
Dependency for python3-orjson ptest.
[1] https://gitlab.com/rossburton/python-unittest-automake-output/-/issues/9
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5ccbf5d552
---------------------------
python3-orjson: upgrade 3.10.17 -> 3.11.6
Update python3-orjson-crates.inc
Add patches to fix compilation for arm64/riscv64 by gating x86/x86_64 only
AVX512 feature(s). The approach has thus far been rejected by upstream:
https://github.com/ijl/orjson/pull/609.
Release Notes:
https://github.com/ijl/orjson/blob/master/CHANGELOG.md#3116---2026-01-29
* orjson now includes code licensed under the Mozilla Public License 2.0
(MPL-2.0).
* Drop support for Python 3.9.
* ABI compatibility with CPython 3.15 alpha 5.
* Build now depends on Rust 1.89 or later instead of 1.85.
* Fix sporadic crash serializing deeply nested list of dict.
* Show simple error message instead of traceback when attempting to build
on unsupported Python versions.
* ABI compatibility with CPython 3.15 alpha 1.
* Publish PyPI wheels for 3.14 and manylinux i686, manylinux arm7, manylinux
ppc64le, manylinux s390x.
* Build now requires a C compiler.
* Fix PyPI project metadata when using maturin 1.9.2 or later.
* Fix build using Rust 1.89 on amd64.
* Build now depends on Rust 1.85 or later instead of 1.82.
* Publish PyPI wheels for CPython 3.14.
* Fix str on big-endian architectures. This was introduced in 3.11.0.
* Use a deserialization buffer allocated per request instead of a shared
buffer allocated on import.
* ABI compatibility with CPython 3.14 beta 4.
* Fix incorrect escaping of the vertical tabulation character. This was
introduced in 3.10.17.
Comparing changes:
https://github.com/ijl/orjson/compare/3.10.17...3.11.6
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bfbd962813
---------------------------
nodejs: extend libatomic patch to x86
This patch isn't intended to introduce new behavior, rather it
changes the order of some existing LDFLAGS to fix a workaround that
stopped working at some point in the past.
LDFLAGS:x86 contains libatomic, because linking with this library
is required for this platform.
However when gyp links, it invokes the following (pseudo-)command:
$LD $LDFLAGS $RESOURCES_TO_LINK $EXTRA_LIBS $EXTRA_LDFLAGS
The EXTRA* arguments are coming from the gyp config. Since
LDFLAGS appears very early in the command, libatomic also
appears early amongst the resources, and the linker couldn't
find the relevant symbols when compiled for x86 platform (as
it was processed the very last):
| [...] undefined reference to `__atomic_compare_exchange'
Using this patch the library appears at the end, along with
the other EXTRA_LIBS, after the list of linked resources,
allowing linking to succeed.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5ff9251b94
---------------------------
uutils-coreutils: upgrade 0.5.0 -> 0.6.0
See https://github.com/uutils/coreutils/releases/tag/0.6.0
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 04ce4bf518
---------------------------
vboxguestdrivers: Upgrade to 7.2.6
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0feab39283
---------------------------
abseil-cpp: Set CMAKE_CXX_STANDARD to 17
The compiler defaults to C++ < 17 which causes build failures.
Abseil requires C++17 or higher, so explicitly set CMAKE_CXX_STANDARD=17
to ensure the build uses the correct C++ standard.
Error:
CMake Error at CMake/AbseilDll.cmake:745 (message):
The compiler defaults to or is configured for C++ < 17. C++ >= 17 is
required and Abseil and all libraries that use Abseil must use the same C++
language standard
Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7c54c935cb
---------------------------
xrdp: upgrade 0.10.4.1 -> 0.10.5
Contains fix for CVE-2025-68670.
Drop patch that is included in this release.
Changelog:
Security fixes:
- CVE-2025-68670
New features:
- It is now possible to start the xrdp daemon entirely unprivileged from the service manager.
If you do this certain restrictions will apply. See
https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
- TLS pre-master secrets can now be recorded for packet captures
- Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers
- Alternate shell names can now be passed to startwm.sh in an environment variable for more
system management control
- Updated Xorg paths in sesman.ini to include more recent distros
- Add Slovenian keyboard
- xrdpapi: Add a way to monitor connect/disconnect events
Bug fixes:
- Allow an empty X11 UTF8_STRING to be pasted to the clipboard
- Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server
which did not support the ExtendedDesktopSize encoding
- Fix a regression introduced in v0.10.x related to PAM groups handling
- Inconsistencies with [MS-RDPBCGR] have been addressed
- A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed
- Prevent some possible crashes when the RFX encoder is resized
- Fixes a regression introduced by GFX development which prevented the JPEG encoder from working
correctly
- Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted
unexpectedly
- Do not overwrite a VNC port set by the user when not using sesman
- Fix regression from 0.9.x when freerdp client uses /workarea
- Fixes a crash where a resize is attempted with drdynvc disabled
- getgrouplist() now compiles on MacOS
- Various Coverity warnings have been addressed
- Documentation improvements
Internal changes:
- An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9205d2c95e
---------------------------
python3-pyjwt: upgrade 2.10.1 -> 2.11.0
Changelog: https://github.com/jpadilla/pyjwt/releases/tag/2.11.0
- Fixed type error in comment
- Make note of use of leeway with nbf
- Validate key against allowed types for Algorithm family
- Add iterator for PyJWKSet
- Add iss, issuer type checks
- Improve typing/logic for options in decode, decode_complete; Improve docs
- Map algorithm=None to "none"
- Correct PyJWKClient.get_signing_key_from_jwt annotation
- Fixed doc string typo in _validate_jti() function
- Update SECURITY.md
- Typing fix: use float instead of int for lifespan and timeout
- Fix TYP header documentation
- doc: Document claims sub and jti
- Resolve package build warnings
- Support Python 3.14, and test against PyPy 3.10+
- Fix a SyntaxWarning caused by invalid escape sequences
- Standardize CHANGELOG links to PRs
- Migrate from pep517, which is deprecated, to build
- Fix incorrectly-named test suite function
- Fix Read the Docs builds
- Escalate test suite warnings to errors
- Add pyupgrade as a pre-commit hook
- Simplify the test suite decorators
- Improve coverage config and eliminate unused test suite code
- Build a shared wheel once in the test suite
- Thoroughly test type annotations, and resolve errors
- Fix leeway value in usage documentation
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3988e13c0a
---------------------------
python3-pyjwt: ignore CVE-2025-45768
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-45768
The CVE is disputed: though the vulnerability is there, but it comes
from incorrect configuration of the library by the main application.
Due to this, ignore this CVE.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2865b67e29
---------------------------
proftpd: ignore CVE-2021-47865
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-47865
This CVE was opened based on a 5 years old Github issue[1], and has been made
public recently. The CVE wasn't officially disputed (yet?), but based on
the description and the given PoC the application is working as expected.
The vulnerability description and the PoC basically configures proftpd to
accept maximum x connections, and then when the user tries to open x + 1
concurrent connections, it refuses new connections over the configured limit.
See also discussion in the Github issue.
It seems that it won't be fixed, because there is nothing to fix.
[1]: https://github.com/proftpd/proftpd/issues/1298
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c08c81ae29
---------------------------
ndpi: ignore CVE-2025-25066
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-25066
The vulnerable code was introduced in version 4.12[1], and
the recipe version is not vulnerable yet. Due to this,
ignore this CVE for now, until the recipe is upgraded.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5a74edf28b
---------------------------
libcupsfilters: patch CVE-2025-64503
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-64503
Pick the patch that explicitly refernces the CVE ID in its message.
(The NVD advisory mentions only the cups-filters patch, but
the developer indicated the CVE ID in the libcupsfilters patch also)
Between this recipe version and the patch the project has decided to
eliminate c++ from the project, and use c only. The patch however
is straightforward enough that it could be backported with very small
modifications.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1a31d20cea
---------------------------
libcdio: upgrade 2.2.0 -> 2.3.0
Includes fix for CVE-2024-36600
Changelog: https://github.com/libcdio/libcdio/releases/tag/2.3.0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d92fa873e5
---------------------------
hiawatha: upgrade 11.7 -> 11.8
Drop patches that are included in this release.
Changes:
* mbed TLS updated to 3.6.4.
* Small bugfixes.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 14f88522a1
---------------------------
gimp: mark CVE-2025-15059 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15059
The patch that is referenced by the NVD report has been backported[1]
to the recipe version, and is included already.
[1]: https://gitlab.gnome.org/GNOME/gimp/-/commit/c9eb407485f6c085adf70c8a334f75ea31565c60
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 713739da29
---------------------------
fontforge: patch CVE-2025-15270
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15270
Pick the patch that mentions this vulnerbaility explicitly
in its description.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: dd81ffdb68
---------------------------
ez-ipupdate: patch CVE-2003-0887
Details: https://nvd.nist.gov/vuln/detail/CVE-2003-0887
The vulnerability is about the default (example) configurations,
which place cache files into the /tmp folder, that is world-writeable.
The recommendation would be to place them to a more secure folder.
The recipe however does not install these example configurations,
and as such it is not vulnerable either.
Just to make sure, patch these folders to a non-tmp folder
(and also install that folder, empty).
Some more discussion about the vulnerability:
https://bugzilla.suse.com/show_bug.cgi?id=48161
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e39458314e
---------------------------
exiftool: upgrade 13.46 -> 13.48
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9111684d67
---------------------------
cryptsetup: upgrade 2.8.3 -> 2.8.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 94e431dfa1
---------------------------
babl: upgrade 0.1.120 -> 0.1.122
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ec5cbced92
---------------------------
unicode-ucd: rename license file
After the previous hash update the license file was not renamed,
which causes it to clash in the DL_DIR if it was already downloaded
with the previous hash.
This change renames the file to avoid this clash.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e0839aed46
---------------------------
libsdl2-compat: update 2.32.58 -> 2.32.62
- Starting with [https://github.com/libsdl-org/sdl2-compat/pull/536], it
is possible to compile without x11. Remove x11 from
REQUIRED_DISTRO_FEATURES
Changelog:
2.32.62:
This is a stable bugfix release, with the following changes:
Improved support for GNU/Hurd
Fixed crash if hidapi strings are not available
2.32.60:
This is a stable bugfix release, with the following changes:
Fixed crash at startup in Dwarf Fortress
Fixed crash at startup in Stellaris
Fixed mouse stuttering in Amiberry
Fixed the viewport not being reset when the window is resized
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 19fdc49db3
---------------------------
libx86-1: upgrade 1.1 -> 1.1.1
Bugfix release, mostly with patches applied from other distros.
Also fixes the SRC_URI which became inaccessible over time.
Drop patches that are included in this release.
Shortlog:
https://gitlab.archlinux.org/grawlinson/libx86/-/compare/v1.1...v1.1.1
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ad890c16e8
---------------------------
protobuf: upgrade 6.31.1 -> 6.33.5
* rebase existing patches
* drop mips clang patch as this was fixed upstream via [1] to build only
for platforms supporting it.
* add PV to SRC_URI
* add variables to automatically calculate branch and tag
* fix includedir for utf8_range in ptest compilation
[1] https://github.com/protocolbuffers/protobuf/commit/719f3037032b2e952afe7fc49152cc4be38fa7a3
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5eab3aebe2
---------------------------
python3-protobuf: upgrade 6.33.4 -> 6.33.5
Solves CVE-2026-0994.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3a8beb7eef
---------------------------
media-types: add recipe
This recipe is one of the successors of mime-support, which
provided mailcap and mime.types files. This recipe contains
only the mime.types portion.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 10f3a928ab
---------------------------
mailcap: add recipe
This recipe is one of the successors of the mime-support, which
provided mailcap and mime.types files. This recipe contains
only the mailcap portion.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 25eab2bf01
---------------------------
mime-support: drop recipe
Debian has split this package into two sepatare packages:
media-types and mailcap. This package hasn't been updated
since 2020 (but the other two packages are regularly updated).
Beside this the SRC_URI has been inaccessible since a while also.
Drop this recipe (and substitute it with the up to date packages
in followup patches).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2fafea2aa7
---------------------------
krb5: upgrade 1.21.3 -> 1.22.2
Drop the patches that are included in this release.
License-Update: copyright year bump
Changelog:
1.22.2:
Fix a SPNEGO packet parsing bug which could cause GSS mechanism negotiation failure.
1.22.1:
Fix a vulnerability in GSS MIC verification [CVE-2025-57736]
1.22.0:
User experience
- The libdefaults configuration variable "request_timeout" can be set to limit the
total timeout for KDC requests. When making a KDC request, the client will now
wait indefinitely (or until the request timeout has elapsed) on a KDC which
accepts a TCP connection, without contacting any additional KDCs. Clients will
make fewer DNS queries in some configurations.
- The realm configuration variable "sitename" can be set to cause the client to
query site-specific DNS records when making KDC requests.
Administrator experience
- Principal aliases are supported in the DB2 and LMDB KDB modules and in the
kadmin protocol. (The LDAP KDB module has supported aliases since release 1.7.)
- UNIX domain sockets are supported for the Kerberos and kpasswd protocols.
- systemd socket activation is supported for krb5kdc and kadmind.
Developer experience
- KDB modules can be be implemented in terms of other modules using the new
krb5_db_load_module() function.
- The profile library supports the modification of empty profiles and the copying
of modified profiles, making it possible to construct an in-memory profile and
pass it to krb5_init_context_profile().
- GSS-API applications can pass the GSS_C_CHANNEL_BOUND flag to gss_init_sec_context()
to request strict enforcement of channel bindings by the acceptor.
Protocol evolution
- The PKINIT preauth module supports elliptic curve client certificates, ECDH key
exchange, and the Microsoft paChecksum2 field.
- The IAKERB implementation has been changed to comply with the most recent draft
standard and to support realm discovery.
- Message-Authenticator is supported in the RADIUS implementation used by the OTP
kdcpreauth module.
Code quality
- Removed old-style function declarations, to accomodate compilers which have
removed support for them.
- Added OSS-Fuzz to the project's continuous integration infrastructure.
- Rewrote the GSS per-message token parsing code for improved safety.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8ba0a9e49a
---------------------------
libimobiledevice: upgrade to 1.4.0
Delete patch that's included in this release.
Changelog:
- Add support for MbedTLS
- Add Reverse Proxy implementation
- Add support for wireless pairing (AppleTV)
- Embed 3rd party libraries for ed25519 and SRP6a
- Fixes in idevicedebug
- idevicecrashreport: Allow filtering crash reports by filename
- Add idevicedevmodectl tool
- Fixes for idevicebackup2
- Add property_list_client_get_service_client() and service_get_connection() functions
- Add idevicebtlogger
- Add new idevice_events_subscribe/unsubscribe API
- Move LIBIMOBILEDEVICE_API to public headers
- Add afc_strerror function
- Add libimobiledevice_version() function
- Use libimobiledevice-glue's SHA1 implementation
- Add support for iOS 17+ Personalized Developer Disk image mounting
- Fix compilation on MSVC
- Add idevice_strerror() to interface
- Add new idevice_get_device_version() to interface
- Add os_trace_relay service implementation
- Fixes for idevicesyslog
- afc: Add afc_get_file_info_plist and afc_get_device_info_plist functions
... and several other internal changes
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cb9d043f46
---------------------------
paho-mqtt-c: upgrade 1.3.14 -> 1.3.15
Drop patch to fix gcc15 compatibility - the problem has been solved by upstream.
Changelog:
- Update getaddrinfo options to support IPv6 hostname resolution
- Removed unnecessary _WIN64 conditional checks
- Fixed condition variable timed wait
- Support tls:// prefix
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4323fc8507
---------------------------
libtorrent-rasterbar: upgrade 2.0.10 -> 2.0.11
Changelog: https://github.com/arvidn/libtorrent/releases/tag/v2.0.11
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2b4ea93889
---------------------------
qpdf: upgrade 12.3.0 -> 12.3.2
ChangeLog
https://github.com/qpdf/qpdf/releases/tag/v12.3.2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 785336405d
---------------------------
python3-sqlalchemy: upgrade 2.0.45 -> 2.0.46
1.Changelog:
https://github.com/sqlalchemy/sqlalchemy/releases/tag/rel_2_0_46
2.LICENSE checksum has changed as Copyright year changed:
https://github.com/sqlalchemy/sqlalchemy/commit/997cdf9cadafd0ed54943f35f1add195ab2b31b7
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5f6dbb284a
---------------------------
minizip-ng: 4.0.8 -> 4.0.10
1.Changelog:
https://github.com/zlib-ng/minizip-ng/releases/tag/4.0.10
2.Remove 0001-crypt.h-Remove-register-keyword.patch as it was merged upstream.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6605c61301
---------------------------
python3-pywbem: 1.7.3 -> 1.9.0
Changelog:
https://pywbem.readthedocs.io/en/1.9.0/changes.html
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: dfd6cf901a
---------------------------
fwupd: upgrade 2.0.16 -> 2.0.19
Ptests passed.
Note: plugin_uefi_capsule_splash PACKAGECONFIG is broken, it fails to configure:
| ../sources/fwupd-2.0.16/plugins/uefi-capsule/meson.build:83:4: ERROR: Problem encountered: Error: missing dependency python gobject introspection (python3-gi)
| Error: missing dependency python cairo (python3-cairo)
This doesn't seem to be a regression from this update, was present before the upgrade also.
(The PACKAGECONFIG is disabled by default)
Changelogs:
2.0.19:
This release adds the following features:
Add two commands to fwupdtool to calculate and find CRCs
Allow systems to use the udev event source without using systemd
This release fixes the following bugs:
Always show the correct new firmware version in 'fwupdmgr get-history'
Fix an integer underflow when parsing a malicious PE file
Fix a regression when enumerating the dell-dock status component
Fix the fuzzer timeout when parsing a synaptics-rmi SBL container
Fix updating the Intel GPU FWDATA section
Respect 'fwupdmgr --force' when installing firmware
This release adds support for the following hardware:
Lenovo Sapphire Folio Keyboard
2.0.18:
This release adds the following features:
Add a MOTD message for devices needing reboot after staged updates
Create the reboot-required file when a firmware update requires reboot
Record the system state for each composite emulation
Update USI docking station firmware without requiring a manual replug
This release fixes the following bugs:
Add a MTD device problem if the Intel SPI BIOS lock is set
Allow changing the child name when using PARENT_NAME_PREFIX
Allow UpdateCapsule to work on systems that do not support SecureBoot
Correctly parse the EFI_CAPSULE_RESULT_VARIABLE_HEADER
Fall back to the SMBIOS version for BIOS MTD devices
Fix a crash when trying to record an i2c emulation
Fixed Huddly upgrade problems with major version changes
Fix man page compatibility with apropos and whatis
Fix parsing USB BOS descriptors
Fix up the x86_64-specific capsule flags when deploying UEFI firmware
Improve firmware stream searching speed by a huge amount
Only convert the release uint32_t to device version format for UEFI devices
Only handle SIGINT in fwupdtool when required
Refactor the hypervisor and container detection to be usable from plugins
Set PlatformArchitecture as the CPU architecture for RISC-V machines
Use a sensible timeout when doing qc-s5gen2 HID requests
This release adds support for the following hardware:
HP Portable USB-C 4K HDMI Hub
Lenovo Legion Go 2 (as a HID device)
Synaptics HapticsPad
2.0.17:
This release adds the following features:
Add support for client-side phased update deployment
Add support for post-quantum signatures
Allow clearing the cache dirirectory
Allow fwupdtpmevlog to dump the raw eventlog data
Build a NVMe GUID derived from the serial number
Make fwupdtool extract work with deeply nested images
Parse VSS and FTW variable stores from EFI volumes
Reintroduce the FreeBSD CI target
Support very old versions of UDisks
This release fixes the following bugs:
Add 'fwupdmgr hwids' by exposing another daemon property
Add offline hashes for the Microsoft 20250902 dbx
Add the Framework-specific KEK and db hashes
Allow updating IFD BIOS region via parent MTD
Avoid showing reinstall prompts for composite devices
Clean up the fwupdtool lock file in all cases
Correctly match the correct historical composite component
Do not allow PK or KEK updates when system has a test key installed
Do not allow reinstalling when using ONLY_VERSION_UPGRADE
Do not require AC power to run the installed tests
Do not scan EFI volumes when constructing MTD BIOS devices
Ensure REGION is always set for MTD IFD children
Ensure SCSI instance IDs are valid ASCII values
Fix a critical warning when parsing invalid Jabra firmware
Fix an Ilitek parsing crash found when fuzzing
Fix an inotify race when refreshing metadata
Fix a pending-activation problem with Dell docking stations
Fix a potential hang when creating a chunk array with aligned sizes
Fix MTD emulation recording for PCI-backed devices
Fix the device order when the parent specifies install-parent-first
Fix the FLMSTR layout when reading IFD partitions
Fix the thunderbolt controller rushing to finalize before onlining retimers
Fix writing Intel GPU OptionROM data and OptionROM code
Flush stale events to make the Logitech Rallybar more reliable
Ignore all the Intel GPU MTD devices
Ignore errors when writing the last page of Dell dock firmware
Make an error message more specific
Modify the Dell dock needs-activation flag after updates are installed
Only add one devlink device for each PCI card
Parse the FMAP SBOM area as uSWID when required
Relax the USI dock DMC child device checks for new firmware
Revert back to the flashrom deprecated API as the new API is unusable
Rewrite the fwupdmgr manpage to be more useful
Use higher delay when update status for Logitech peripheral devices
This release adds support for the following hardware:
ASUS CX9406 (touch controller)
Framework Copilot keyboard
Genesys GL352530 and GL352360
Huddly C1
Lexar and Maxio NVMe SSDs
Primax Ryder mouse 2
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 92c8880aa3
---------------------------
nvme-cli: upgrade 2.12 -> 2.16
Changelogs:
https://github.com/linux-nvme/nvme-cli/releases/tag/v2.16
https://github.com/linux-nvme/nvme-cli/releases/tag/v2.15
https://github.com/linux-nvme/nvme-cli/releases/tag/v2.14
https://github.com/linux-nvme/nvme-cli/releases/tag/v2.13
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c7ec976a3c
---------------------------
dediprog-flasher: upgrade 1.14.20 -> 1.14.21
Drop the patches that are included in this release.
Changelog: https://github.com/DediProgSW/SF100Linux/compare/V1.14.20.x...V1.14.21,x
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d30eb4156b
---------------------------
edac-utils: bump to latest revision
Changelog:
Add loongarch64 support
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 35bc104317
---------------------------
iozone3: upgrade 507 -> 508
Changelog:
- Put an end to the (&*% stupid GCC breaking builds for no valid reason.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 444f704d03
---------------------------
fio: upgrade 3.39 -> 3.41
Changelog:
3.41:
- engines/io_uring: remove unnecessary SQ full check
- io_uring: ensure accurate real_file_size setup for full device access with PI enabled
- Fix: parse.c opt_len() to use minimal distance to delimiter to determine option length
- io_u: fix offset calculation in randtrimwrite
- engines/http: fix file name
- engines/http: Add S3 security token support
- io_u: get io_u from io_u_freelist when TD_FSYNCING
- io_uring CQ reap cleanup
- Add 'filetype' option
- handle out-of-order write completions in verify state (Issue #1950)
- engines/http: Add support for range reads
- Makefile: fix man and share install paths on MacOS
- Sprandom
- Fix mandoc warnings
- fio: fix formats under MIPS64/PPC
- sprandom: Fix several issues found in the sprandom implementation
- t/verify-state.c fixes/improvements
3.40:
- t/read-to-pipe-async: fix -DNDEBUG support
- docs: update docs for verify_mode=compare of io_uring_cmd
- dfs: fix fail to load dfs engine
- Fix spelling error in IO uring engine.
- Fix hang on Windows when multiple --client args are present
- Add important info about http_host and file formatting to s3 example
- oslib: blkzoned: add missing blkzoned_move_zone_wp() stub
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 52b76013e8
---------------------------
tigervnc: upgrade 1.15.0 -> 1.16.0
1.ChangeLog
https://github.com/TigerVNC/tigervnc/releases/tag/v1.16.0
2.Update 0002-add-missing-dynamic-library-to-FLTK_LIBRARIES.patch for 1.16.0
3.Update xorg-server to 21.1.21
4.Fix do_install error
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6354dcfaa8
---------------------------
multipath-tools: upgrade 0.12.1 -> 0.12.2
1. Changelog
https://github.com/opensvc/multipath-tools/releases/tag/0.12.2
2. Update 0004-RH-use-rpm-optflags-if-present.patch for 0.12.2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1b4b952b51
---------------------------
freerdp: ignore CVE-2025-68118
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68118
The vulnerability is specific to the usage of Microsoft specific sprintf
implementation. Because of this, ignore this vulnerability.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c0af251f34
---------------------------
wireshark: upgrade 4.2.14 -> 4.6.3
Contains fix for CVE-2025-0962.
Removed CVE-2025-9817.patch because it is included in this release.
Add a patch that allows it building for native: it is looking for iconv.h
header as a new dependency for (optional) zlib-ng support, however it
is not installed in the sysroot for native builds. Add a patch that removes
this hard dependency for native builds.
Changelogs:
https://www.wireshark.org/docs/relnotes/wireshark-4.6.3.html
https://www.wireshark.org/docs/relnotes/wireshark-4.6.2.html
https://www.wireshark.org/docs/relnotes/wireshark-4.6.1.html
https://www.wireshark.org/docs/relnotes/wireshark-4.6.0.html
Overall changelogs (including 4.4 also): https://www.wireshark.org/docs/relnotes/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2ce95a4d88
---------------------------
fbida: upgrade 2.14 -> 2.15
1. Changelog
https://gitlab.com/kraxel/fbida/-/commit/a0d75fbab3ea01bf5b36f813f0ec0d1bfa2db745
2. Drop following patches as they were merged upstream.
fbida-gcc10.patch
0001-meson.build-install-fbgs-shell-script.patch
0001-fbida-Include-missing-sys-types.h.patch
0002-meson.build-add-features-options-for-png-gif-tiff-we.patch
0001-meson.build-make-fbpdf-build-optional.patch
3. Drop 0003-meson.build-do-not-require-xkbcommon.patch as xkbcommon was added as DEPEND.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c276518790
---------------------------
android-tools-conf-configfs: remove this recipe without selinux dependency
For the boards with multiple UDC ports, when compiling with meta-selinux
layer adb funtion will be impacted due to below error. Remove the recipe
under dynamic-layers/selinux/ as it's not required anymore, and ensure
adb work normally on the boards with multiple UDC ports.
ls /sys/class/udc/ > /sys/kernel/config/usb_gadget/adb/UDC
ls: write error: Device or resource busy
Signed-off-by: Shoudi Li <shoudil@qti.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8089168196
---------------------------
Use https when accessing archive.xfce.org
While using devtool to check available versions, I noticed a 301 http error.
Specifically :
$ devtool latest-version libxfce4ui
Resolving archive.xfce.org (archive.xfce.org)... 217.70.191.87
Connecting to archive.xfce.org (archive.xfce.org)|217.70.191.87|:80... connected
.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://archive.xfce.org/src/xfce/libxfce4ui/4.20/ [following]
With this patch, we change to make the SRC_URI an https request.
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f0f02434c8
---------------------------
hdf5: fix shasum, downloadfilename
Fixes: #1023
Upstream seems to have regenerated the archive, as the checksum no
longer matches the one specified in the recipe:
|WARNING: hdf5-2.0.0-r0 do_fetch: Checksum failure encountered with download of https://support.hdfgroup.org/releases/hdf5/v2_0/v2_0_0/downloads/hdf5-2.0.0.tar.gz - will attempt other sources if available
|WARNING: hdf5-2.0.0-r0 do_fetch: Checksum mismatch for local file /buildcache/downloads/hdf5-2.0.0.tar.gz
|Cleaning and trying again.
|WARNING: hdf5-2.0.0-r0 do_fetch: Renaming /buildcache/downloads/hdf5-2.0.0.tar.gz to /buildcache/downloads/hdf5-2.0.0.tar.gz_bad-checksum_a7a8f43e76e825ea22234bc735d5b184e880d305e33e4c9bb93a3912421c9973
|ERROR: hdf5-2.0.0-r0 do_fetch: Checksum failure fetching https://support.hdfgroup.org/releases/hdf5/v2_0/v2_0_0/downloads/hdf5-2.0.0.tar.gz
|ERROR: hdf5-2.0.0-r0 do_fetch: Bitbake Fetcher Error: ChecksumError('Checksum mismatch!\nFile: \'/buildcache/downloads/hdf5-2.0.0.tar.gz\' has sha256 checksum \'a7a8f43e76e825ea22234bc735d5b184e880d305e33e4c9bb93a3912421c9973\' when \'6e45a4213cb11bb5860)
|ERROR: Logfile of failure stored in: /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/hdf5/2.0.0/temp/log.do_fetch.2054297
However, the tarballs look identical. Update the hash and be explicit
about downloadfilename to avoid any mirroring issues. A note has been
left that this measure can be removed with a future upgrade.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b43a9e6897
---------------------------
mutter: fix build without x11 in DISTRO_FEATURES
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 049c89877c
---------------------------
fontforge: patch CVE-2025-15269
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15269
Pick the patch that refers to this vulnerability ID explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5dddc4f520
---------------------------
fontforge: patch CVE-2025-15275
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15275
Pick the patch that mentions this vulnerability ID explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 922de306a6
---------------------------
fontforge: patch CVE-2025-15279
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15279
Pick the patch that mentions this vulnerability ID explicitly.
Also, this patch has caused some regression - pick the patch also
that fixed that regression.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c42dac1f08
---------------------------
fontforge: upgrade 20230101 -> 20251009
Drop patches that are inluded in this release.
libxi has been removed as a dependency, because the project has dropped
the x11 drawing backend, it implements everything in gtk.
Changelog: https://github.com/fontforge/fontforge/releases/tag/20251009
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ee064972a0
---------------------------
liboauth2: Add recipe at 2.2.0
V3: adds fixes for building with clang
V4: removes default PACKAGECONFIG used for testing builds
V5: fixes Upstream-Status in patch
Signed-off-by: Frede Hoey Braendstrup <frederikbraendstrup@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c1f2aeb030
---------------------------
softhsm: upgrade 2.6.1 -> 2.7.0
0001-avoid-unnecessary-check-for-sqlite3-binary.patch
removed since it's included in 2.7.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c8e0deb564
---------------------------
python3-ukkonen: upgrade 1.0.1 -> 1.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 702b08355b
---------------------------
python3-python-multipart: upgrade 0.0.21 -> 0.0.22
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ccc5fd9e78
---------------------------
python3-pytest-html: upgrade 4.1.1 -> 4.2.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e86ca5c544
---------------------------
python3-multidict: upgrade 6.7.0 -> 6.7.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9d39ccf76a
---------------------------
python3-marshmallow: upgrade 4.2.0 -> 4.2.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 95e2afb5e0
---------------------------
python3-icecream: upgrade 2.1.9 -> 2.1.10
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a0f8399ae6
---------------------------
python3-httplib2: upgrade 0.31.1 -> 0.31.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 38d438b403
---------------------------
python3-gunicorn: upgrade 23.0.0 -> 24.1.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b9f1c502bd
---------------------------
python3-greenlet: upgrade 3.3.0 -> 3.3.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5e043092ac
---------------------------
python3-elementpath: upgrade 5.1.0 -> 5.1.1
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b62af48a2d
---------------------------
python3-dill: upgrade 0.4.0 -> 0.4.1
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b13522054b
---------------------------
python3-coverage: upgrade 7.13.1 -> 7.13.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 23f7bc3344
---------------------------
python3-cachetools: upgrade 6.2.4 -> 6.2.5
Licensse-Update: copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7ad9ca5fd8
---------------------------
python3-bandit: upgrade 1.9.2 -> 1.9.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6a610e9f08
---------------------------
libtdb: upgrade 1.4.14 -> 1.4.15
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e9f677ac51
---------------------------
libtalloc: upgrade 2.4.3 -> 2.4.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9801afd278
---------------------------
iotop: upgrade 1.30 -> 1.31
License-Update: Copyright year updated to 1.31
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c2b4809fe8
---------------------------
imagemagick: upgrade 7.1.2-12 -> 7.1.2-13
License-Update: change license url to https://imagemagick.org/license/
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8147911cc0
---------------------------
graphviz: upgrade 14.0.4 -> 14.1.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f74dd7b6e5
---------------------------
gperftools: upgrade 2.16 -> 2.18
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 53f62e7e2e
---------------------------
googlebenchmark: upgrade 1.9.4 -> 1.9.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 55261904d3
---------------------------
exiftool: upgrade 13.45 -> 13.46
Changelog:
=============
- Added a new Pentax LensType
- Decode some new Canon tags
- Renamed a newly added Canon tag
- Improved identification of Canon RF lenses in edited images when an extender
was used
- Changed description of FocalLength35efl to add "35mm Equiv"
- Patched -validate option to recognize DNG 1.7.1 tags
- Patched to remove maker note error/warning when writing files from some
Google phones
- Patched to improve warning for corrupted HEIC files downloaded from
heic.digital, and added ability to delete this garbage when writing
- Fixed minor error when writing some DJI DNG files
- API Changes:
- Added GeoUserTag option
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f2db94640a
---------------------------
ctags: upgrade 6.2.20260118.0 -> 6.2.20260125.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3223f320ce
---------------------------
bindfs: upgrade 1.18.3 -> 1.18.4
Changelog:
==========
- Merged build fix for MacFUSE
- Populate user and group cache eagerly on startup, if the cache is needed
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 112b473a7f
---------------------------
python3-path: Upgrade 17.1.0 -> 17.1.1
Upgrade to release 17.1.1:
- Feed the hobgoblins (delint)
- Supply the types, irrespective of platform
- Ignore the arg type
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 71285e9807
---------------------------
python3-jmespath: Upgrade 1.0.1 -> 1.1.0
Upgrade to release 1.1.0:
- Fix concurrency issue with cache
- Added support for Python 3.12-3.14
- Removed support for Python 3.7-3.8
License-Update: Use file LICENSE
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a960796c9e
---------------------------
openl2tp: Fix do_package_qa Issue
Fix following issue when using customized kernel without kernel-module-l2tp-ppp enabled.
ERROR: openl2tp-1.8-r0 do_package_qa: QA Issue: openl2tp-ptest rdepends on kernel-module-l2tp-ppp, but it isn't a build dependency? [build-deps]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d648916239
---------------------------
openhpi: remove snmp-bc from default packageconfig
Disable snmp_bc plugin build by default as net-snmp no longer supports
DES by default.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f8fcc9ccf5
---------------------------
gimp: update 3.0.6 -> 3.0.8
- remove cve fixes which are included in this release
- remove the fix for bzip2. meson.build was improved so this is not
required anymore
- inherit bash-completion
This releases contains a lot of bugfixes. The below list is not
exhaustive.
Core:
- Font handling improvements:
* Font loading on start massively sped up.
* As an exception, Skia font family (apparently quite common on macOS)
is special-cased because it behaves weirdly and was not working with
current font handling.
* Various other fixes related to font handling.
* We now wait for fonts to be fully loaded before loading any file.
- Command Line Interface:
* Option -i / --no-interface is not shown anymore on `gimp-console`
binary (it can still be used — it does nothing there anyway —, which
allows to use the same sets of option with the GUI binary, and also
so that existing shell scripts don't break).
* Option --show-debug-menu is not hidden anymore for discoverability.
* The `gimp-3.0` executable can now run with --no-interface even when
no display is available (ex: virtual terminal with no window
manager/compositor, containers, etc.). This used to only work with
`gimp-console-3.0` executable.
- Windows:
* output CLI messages to the parent console like Linux and macOS.
* Ctrl+C signals are now correctly handled in the attached console.
* The attached console supports color too.
* Interpreters are run conditionally if running in console.
- macOS: default to "quartz" Input Method for emoji keyboard support.
- Wayland: wait before we get our first surface before listing input
devices to work around a Wayland limitation and GTK bug.
- Default "Search" feature in GTK3 is now disabled in the component
editor in the Channels dockable.
- Several fixes related to Quick Mask handling.
- Fixed some cases where config migration from GIMP 2 to GIMP 3 was
problematic.
- Several buggy undo cases were fixed.
- Several fixes related to pass-through group layers.
- Export will now be properly triggered even if no drawables are
selected (this is not a requirement anymore with GIMP 3 API).
- Path import and export respectively from and to SVG improved.
- Serialize colors in legacy GimpRGB format into a XCF when the XCF
version is older than GIMP 3 for backward compatibility.
Tools:
- Symmetry: fix initial stroke symmetry when using pixmap brushes.
- Move tool: fixed weird position jumps in some cases.
Graphical User Interface:
- Center buttons in overlay dialogs.
- Headerbar's (when titlebar and menubar are merged) button colors
now match our theme.
- Dialogs' header icon and view will now scale based on custom icon
size.
- Resize dialog: Canvas Size fill combo set to insensitive if layers
won't be resized.
- Navigation and Selection editor will now properly match the theme
(in particular, in dark mode, they won't show large bright area).
- Do not show outlines when hovering the absent "Fx" icon anymore,
which was confusing people into making it look like you could click
and interact with this empty area.
Plug-ins:
- Fixes on: OpenRaster export, TIFF import, Map Object, PDF export,
Gradient Flare, ANI export, Script-Fu, DDS export, Fractal Explorer,
PSP import, ICO import, XWD import, PSD import, WebP export, ICNS
import, Gimpressionist, JPEG 2000 import, Busy Dialog.
- Scale entries have been replaced by spin scale widgets in a bunch of
plug-ins.
- Fixed vulnerabilities: ZDI-CAN-28376, ZDI-CAN-28311, ZDI-CAN-28273,
ZDI-CAN-28158, ZDI-CAN-28232, ZDI-CAN-28265, ZDI-CAN-28530,
ZDI-CAN-28248, PSP issue 15732.
- Script-Fu improved to not initialize UI code unnecessarily (and
therefore make it unusable on systems without a display).
API:
- libgimp:
* Fixes where made in libgimp metadata object.
* Make GExiv2Metadata as parent of GimpMetadata visible to
Gobject-Introspection tools (bindings were missing this
information).
* Fixes made on: gimp_drawable_get_thumbnail(),
gimp_drawable_get_sub_thumbnail(), gimp_drawable_filter_new(),
gimp_proc_view_new(), gimp_procedure_set_sensitivity_mask(),
gimp_procedure_dialog_get_spin_scale().
* Remove thumbnail metadata before writing it on export, to make
sure we don't cary on metadata written by other software in
thumbnails.
- libgimpconfig:
* Improve error messaging on config deserialization.
* Fix gimp_config_serialize_value() when serializing file objects.
* New functions: gimp_config_get_xcf_version() and
gimp_config_set_xcf_version().
- libgimpcolor:
* gimp_color_is_perceptually_identical() docs clarified.
- libgimpbase:
* The host config directory is now shown in MSIX.
* The host config directory is now shown in flatpak.
- libgimpwidgets:
* Fixes made on: GimpLabelEntry, gimp_widget_free_native_handle().
- libgimpcolor:
* New function: gimp_cairo_surface_get_buffer()
* Deprecated function: gimp_cairo_surface_create_buffer() in favor
of gimp_cairo_surface_get_buffer().
The function implementation was also changed so that it does not
necessarily return a linear-memory backed buffer anymore (it
might, but developers should not have any expectation about this).
Build:
- Third-party binary plug-in support in the Snap backported from the
original third-party snap.
- Snap package for release is now created and submitted on a release
pipeline.
- Release URLs added to AppStream metadata.
- We do not build GEGL with Matting Levin for Windows builds anymore
because of crashes.
- Flatpak nightly builds will now show a pseudo-release visible with
`flatpak list`, showing proper version information.
- Windows installer now has a dark mode.
- Update changelog on MS Store (MSIX) releases.
- AppImage now ships with full MIDI support.
- Make it clearer that GExiv2 0.15.0 and over are incompatible
(because of API breakage).
- Improve build to ensure that the language list (shown in
Preferences) is localized during compilation. This also means that a
build machine should be set up for localization at build time when
optional language selection is enabled.
- We now require the generic C++14 standard, and not the GNU variant
anymore.
- MSVC support added.
- Various tweaks which used to be required to make packages work as
relocatable builds were dropped since babl and GEGL now have a
relocatable option working also on Linux.
- The `man` page of GIMP binaries was updated.
- The `gimp-console` binary is now shipped in the Flatpak.
- macOS pipeline added in our Gitlab CI.
- Make sure that harfbuzz is built with libgraphite2 shaper on macOS.
- Generate file associations for macOS automatically.
- A Bash completion file was added for `gimp` and `gimp-console`
binaries.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e854d8b7f6
---------------------------
glaze: add recipe at 7.0.1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 48dd13d374
---------------------------
python3-pandas: Upgrade 2.2.3 -> 3.0.0
Upgrade to release 3.0.0:
- Dedicated string data type by default
- Consistent copy/view behaviour with Copy-on-Write (CoW) (a.k.a.
getting rid of the SettingWithCopyWarning)
- New default resolution for datetime-like data
- Initial support for the new pd.col syntax
License-Update: Update license year to 2026
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9769266642
---------------------------
python3-rich: Upgrade 14.2.0 -> 14.3.1
Upgrade to release 14.3.1:
- Fixed characters out of unicode range reporting a cell size if 0
From release 14.3.0:
- IPython now respects when a Console instance is passed to
pretty.install
- Fixed extraneous blank line on non-interactive disabled Progress
- Fixed extra padding on first cell in columns
- Fixed trailing whitespace removed when soft_wrap=True
- Fixed style new-lines when soft_wrap = True and a print style
is set
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 74c3a218fd
---------------------------
net-snmp: Add PACKAGECONFIG for aes
Allows for net-snmp to be build with support for AES-192 and AES-256
Signed-off-by: Benjamin B. Frost <benjamin@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8692164ccb
---------------------------
libgedit-gtksourceview: upgrade 299.2.1 -> 299.4.0
Also update the SRC_URI. The original upstream Github repos have been
deleted. Switched to Gnome servers to fetch the sources from.
Changelog:
299.4.0:
- Remove the background-pattern (with the grid) feature.
- Fix some crashes.
- Fix GI annotation warnings.
- Translation updates.
299.3.0:
Style schemes:
- Remove GtkSourceStyleSchemeChooser interface.
- Add light-only and dark-only kinds.
- Mark classic and tango as light-only kind (so they are unsupported with dark
theme variants).
Syntax highlighting:
- New *.lang file: Nix.
For packagers:
- Build: add the 'tests' option.
Misc:
- Documentation updates and improvements.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bb1f6db52c
---------------------------
libgedit-amtk: upgrade 5.8.0 -> 5.9.0
Also, update the SRC_URI - the original github repos have been deleted completely.
Fetch it from the Gnome servers instead.
Changelog:
* Adopt new versioning scheme (this version is a stable one).
* Move the project to: https://gitlab.gnome.org/World/gedit/libgedit-amtk
* Use GtkImageMenuItem even if deprecated.
* Build: add the 'tests' option.
* Translation updates.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 47efd1f9b8
---------------------------
sblim-sfcc: fix SRC_URI
The old URL is gone - set a working mirror.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fd562c65c6
---------------------------
anthy: fix SRC_URI
The old URL is gone - switch to a working mirror.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d99c82c088
---------------------------
ttf-vlgothic: fix SRC_URI
The old URL is inoperable since a while - switch to Ubuntu's mirror.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a1baa1c027
---------------------------
linux-atm: fix SRC_URI
The original SRC_URI's certificate has expired - change it to a working URL.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6564176004
---------------------------
cjose: Add recipe at 0.6.2.4
Signed-off-by: Frede Hoey Braendstrup <frederikbraendstrup@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0e0b43c4b9
---------------------------
libsigrokdecode: add Python 3.14 support
Refresh a patch to include python-3.14-embed in the configure.ac file,
so that libsigrokdecode (and by extension, libsigrok, sigrok-cli, etc.)
can build.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6d9c1d30e7
---------------------------
python3-geojson: fix build with python 3.14
Backport parts of an upstream PR that enables 3.14 in setup.py.
ptests look OK:
|============================================================================
|Testsuite summary
|# TOTAL: 68
|# PASS: 68
|# SKIP: 0
|# XFAIL: 0
|# FAIL: 0
|# XPASS: 0
|# ERROR: 0
|DURATION: 0
|END: /usr/lib/python3-geojson/ptest
|2026-01-23T18:03
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e0719a3497
---------------------------
libtsm: drop BBCLASSEXTEND = "native nativesdk"
BBCLASSEXTEND = "native nativesdk" isn't needed and is producing
the following warning:
```
WARNING: Nothing PROVIDES 'nativesdk-xkeyboard-config'
(but libtsm_4.4.0.bb DEPENDS on or otherwise requires it). Close matches:
nativesdk-gnu-config
nativesdk-pkgconfig
xkeyboard-config
```
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5aca0a216d
---------------------------
usbids: upgrade 2025.09.15 -> 2025.12.13
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fb974db2c4
---------------------------
python3-pydantic: Upgrade 2.12.4 -> 2.12.5
Upgrade to release 2.12.5:
- Fix pickle error when using model_construct() on a model with
MISSING as a default value
- Several updates to the documentation
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5d40ca9cdf
---------------------------
python3-reportlab: Upgrade 4.4.5 -> 4.4.9
Upgrade to release 4.4.9:
- Remove unwanted debug
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4f5846a280
---------------------------
libnma: remove x11 from REQUIRED_DISTRO_FEATURES
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fa3d891a25
---------------------------
libgtop: fix build without x11
add PACKAGECONFIG for xauth and make it dependent on x11 in DISTRO_FEATURES
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e8dbc52097
---------------------------
net-snmp: remove des from default packageconfig
The DES algorithm is considered weak and outdated. Remove des from
default PACKAGECONFIG to disable it.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e1ee8beb12
---------------------------
xmlsec1: remove des from default packageconfig
The DES algorithm is considered weak and outdated. Remove des from
default PACKAGECONFIG to disable it.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 720b60ac39
---------------------------
onboard: add recipe
Onboard is an onscreen keyboard useful for everybody that cannot use a
hardware keyboard; for example Tablet-PC users or mobility impaired
users. It has been designed with simplicity in mind and can be used
right away without the need of any configuration, as it can read the
keyboard layout from the X server.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ba35086082
---------------------------
pahole: upgrade 1.29 -> 1.31
0001-btf_encoder-Fix-elf_functions-cleanup-on-error.patch
revemoed since it's included in 1.31
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 884a81d886
---------------------------
mcelog: upgrade 208 -> 210
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: dc5132edf7
---------------------------
unicode-ucd: adjust to correct checksum values.
The checksums are wrong and thus this fails to build.
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 834988cae3
---------------------------
mozjs-128: update 128.5.2 -> 128.14.0
- add a patch to fix build with python 3.14
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 33f450b627
---------------------------
gnome-shell: fix build without x11 in DISTRO_FEATURES
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 67430e2a67
---------------------------
gnome-settings-daemon: fix build without x11
xwayland requires x11, build only if x11 is in DISTRO_FEATURES
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b7e757dc8f
---------------------------
gnome-control-center: remove x11 from REQUIRED_DISTRO_FEATURES
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0218bdaaf0
---------------------------
gnome-bluetooth: remove x11 from REQUIRED_DISTRO_FEATURES
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4d7d48aaa3
---------------------------
libde265: dont select sld2 support by default
libsdl2 requires x11 and should not be selected by default anyway
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7e761cb2d1
---------------------------
rygel: add x11 to REQUIRED_DISTRO_FEATURES
x11 is required
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e14371aa26
---------------------------
libcanberra: fix build without x11
gtk3-module and xwayland require x11
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6c1f371ed4
---------------------------
mutter: update 48.5 -> 48.7
48.7
====
* Still constrain fullscreen wayland windows with size limits [Jonas Å.;
!4587]
* Fixed crashes [Jonas, Marco; !4643, !4705]
Contributors:
Marco Trevisan, Jonas Ådahl
48.6
====
* Fix DND actions not working reliably in some X11 clients [Jonas;
#4288]
* Fix presentation timings with commit-timing-v1 [Mario; !4645]
* Fixed crashes [Sebastian, Milan; !4682, !4592]
* Misc. bug fixes and cleanups [Carlos, Raihan; !4697, !4688]
Contributors:
Raihan Ahamed, Milan Crha, Carlos Garnacho, Sebastian Keller,
Mario Kleiner, Jonas Ådahl
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c3754d7d90
---------------------------
minicoredumper: Add HOMEPAGE variable
Add HOMEPAGE variable to minicoredumper recipe.
Signed-off-by: Weisser, Pascal <pascal.weisser.ext@karlstorz.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7c65b0bccb
---------------------------
freerdp: add ptest support
The test suite takes about 50s to execute.
Sample output:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-01-22T12:58
BEGIN: /usr/lib/freerdp/ptest
PASS: TestClient TestClientRdpFile
PASS: TestClient TestClientChannels
PASS: TestClient TestClientCmdLine
[...many lines...]
PASS: TestWtsApi TestWtsApiSessionNotification
PASS: TestWtsApi TestWtsApiShutdownSystem
PASS: TestWtsApi TestWtsApiWaitSystemEvent
DURATION: 48
END: /usr/lib/freerdp/ptest
2026-01-22T12:59
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b7bd06e9b4
---------------------------
pipewire: update 1.4.9 -> 1.4.10
PipeWire 1.4.10 (2026-01-16)
This is a small bugfix release that is API and ABI compatible with
previous 1.x releases.
Highlights
- Fix a regression in restoring volumes on nodes.
- Clean up timed out stream on pulse-server.
- Backport filter-graph channel support.
- More small fixes and improvements.
PipeWire
- Backport the timer queue from 1.5.
modules
- Fix module leak in module-eq. (#5045)
- Fix profiling of multiple drivers when profile.interval.ms is
set. (#5061)
- Allow both sink and source pulse tunnels with the same name.
(#5079)
SPA
- Emit props events in all cases. (#4610)
- Backport some filter-graph changes to make it adapt better to the
number of channels of the stream.
- Fix some port errors in filter-graph. (#4700)
- Avoid a memcpy in the convolver.
- Handle some DBus errors better instead of crashing.
- Fix AVX2 functions and flags. (#5072)
- Limit resampler phases to avoid crashes (#5073)
- Support some more channel downmix positions.
pulse-server
- Clean up timed out streams. (#4901)
- Add message to force mono mixdown.
GStreamer
- Avoid scaling overflow in the clock.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 37f675a8bc
---------------------------
chrony: Ensure /var/lib/chrony belongs to correct user/group
Signed-off-by: Andreas Schulz <andreas.schulz2@karlstorz.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9650622e07
---------------------------
grilo: upgrade 0.3.16 -> 0.3.19
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d5128c8dbc
---------------------------
gpsd: upgrade 3.27.3 -> 3.27.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 12eaeb566b
---------------------------
gnome-text-editor: upgrade 48.3 -> 49.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4c95273fd5
---------------------------
geos: upgrade 3.13.1 -> 3.14.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 838d7e506f
---------------------------
folks: upgrade 0.15.9 -> 0.15.12
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3140029280
---------------------------
evince: upgrade 48.0 -> 48.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 11838942fd
---------------------------
dnsmasq: upgrade 2.91 -> 2.92
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d913f625cc
---------------------------
ctags: upgrade 6.2.20260111.0 -> 6.2.20260118.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f2c2e4d50c
---------------------------
catch2: upgrade 3.8.1 -> 3.12.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0eea1151a2
---------------------------
weechat: upgrade 4.6.0 -> 4.8.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 65eab60c93
---------------------------
wavpack: upgrade 5.8.1 -> 5.9.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 06028612e9
---------------------------
rdfind: upgrade 1.6.0 -> 1.7.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 68a249df75
---------------------------
python3-xmlschema: upgrade 4.3.0 -> 4.3.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e288070514
---------------------------
python3-types-psutil: upgrade 7.2.1.20251231 -> 7.2.1.20260116
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fa3ce8c42a
---------------------------
python3-starlette: upgrade 0.51.0 -> 0.52.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f84f881351
---------------------------
python3-soupsieve: upgrade 2.8.1 -> 2.8.2
License-Update: Copyright year updted to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b9bd8426db
---------------------------
python3-regex: upgrade 2025.11.3 -> 2026.1.15
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 65c850da4f
---------------------------
python3-pymisp: upgrade 2.5.17 -> 2.5.32
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0ee36e8e5a
---------------------------
python3-py7zr: upgrade 1.1.0 -> 1.1.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a462432b6a
---------------------------
python3-protobuf: upgrade 6.33.2 -> 6.33.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2a8b4c695e
---------------------------
python3-moteus: upgrade 0.3.97 -> 0.3.98
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: da80db34b6
---------------------------
python3-identify: upgrade 2.6.15 -> 2.6.16
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2746a0ad19
---------------------------
python3-httplib2: upgrade 0.31.0 -> 0.31.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 70b10d77bb
---------------------------
python3-alembic: upgrade 1.18.0 -> 1.18.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2d21040385
---------------------------
pure-ftpd: upgrade 1.0.52 -> 1.0.53
License-Update: Copyright year updated to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4e8339716a
---------------------------
plocate: upgrade 1.1.23 -> 1.1.24
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b26eda545e
---------------------------
msgraph: upgrade 0.3.3 -> 0.3.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e6cb0aa585
---------------------------
babl: upgrade 0.1.118 -> 0.1.120
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7476295bea
---------------------------
python3-wsproto: Upgrade 1.2.0 -> 1.3.2
Upgrade to release 1.3.2:
- Fix type hints to allow BytesMessage to accept bytes again, as
well as bytearray.
Release 1.3.1:
- Add additional license identifier to pyproject.toml.
- Use Python 3.13 to build the docs to match ReadTheDocs build
environment.
Release 1.3.0:
- Require h11>=0.16 dependency.
- Fix "Upgrade" header value to match RFC.
- Add reason "Switching Protocols" to handshake response.
- Add docs for wsproto.Connection
- Add support for Python 3.12, 3.13, and 3.14.
- Drop support for Python 3.7, 3.8, and 3.9.
- Improve Python typing, specifically bytes vs. bytearray.
- Various linting, styling, and packaging improvements.
Fixes:
WARNING: python3-wsproto-1.3.2-r0 do_check_backend: QA Issue:
inherits setuptools3 but has pyproject.toml with
setuptools.build_meta, use the correct class [pep517-backend]
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a25b352d19
---------------------------
python3-pyperclip: Upgrade 1.9.0 -> 1.11.0
Upgrade to release 1.11.0:
- Mention Wayland in error message
- Update __init__.py
License-Update: Use LICENSE.txt
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 61f918dbbf
---------------------------
python3-bumble: Upgrade 0.0.221 -> 0.0.223
Upgrade to release 0.0.223:
- Add annotation for Heart Rate and Battery Service
- Add test for Heart Rate and Battery Service
- Add support for RTL8761CU
- feat: Add filtering options for usb probe
- Fix GATT TemplateSerivce annotations
- Improve Address type annotations
- Replace send_pdu() with write()
- GATT: Support Multiple Requests
- Correct ATT_MTU in enhanced bearers
- Add HCI Packets annotations and send_sco_sdu
- Return 'invalid handle' for malformed read by type request
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 96a6c18a8c
---------------------------
gtkmm3/gtkmm4: not set BPN
Set BPN in gtkmm3 and gtkmm4 recipes is to inherit gnomebase.bbclass
properly. But it uses variable GNOMEBN rather than BPN for SRC_URI and
S in gnomebase.bbclass now, update in the recipes accordingly.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 461e5620bc
---------------------------
tmon: add a new recipe to generate tmon
tmon is a monitoring and testing tool for Linux kernel thermal
subsystem, it help visualize, tune, and test this complex system.
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: def8784b1d
---------------------------
tinycompress: install compress_ops.h as public header
Add a patch to install compress_ops.h as a public header for
tinycompress, and update the recipe to apply it.
This is required for users that need access to compress_ops from
external components.
Upstream-Status: submitted
Signed-off-by: Pratyush Meduri <mpratyus@qti.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7bbe4a4e20
---------------------------
php: upgrade 8.5.1 -> 8.5.2
This is a bugfix release. Integer underflows, memory leaks, null pointer
dereferences and more.
Changelog: https://www.php.net/ChangeLog-8.php#8.5.2
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d2539548d0
---------------------------
python3-backports-zstd: Delete
It conflicts with standard library with python 3.14+
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5731669e86
---------------------------
tumbler: Split plugins into own packages
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 36d480b9e1
---------------------------
python3-icecream: Upgrade 2.1.8 -> 2.1.9
Upgrade to release 2.1.9:
- Removed support for Python 3.8.
- Fixed issues to improve lists output.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6c439b75a9
---------------------------
python3-tomlkit: Upgrade 0.13.3 -> 0.14.0
Upgrade to release 0.14.0:
- fix: Add DottedKey to a super table gives wrong output
- feat: enhance custom encoders to accept _parent and _sort_keys
parameters
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e102cccecf
---------------------------
python3-pynacl: Upgrade 1.5.0 -> 1.6.2
Upgrade to release 1.6.2:
- Updated libsodium to 1.0.20-stable (2025-12-31 build) to resolve
CVE-2025-69277.
From 1.6.1:
- The MAKE environment variable can now be used to specify the make
binary that should be used in the build process.
From 1.6.0:
- BACKWARDS INCOMPATIBLE: Removed support for Python 3.6 and 3.7.
- Added support for the low level AEAD AES bindings.
- Added support for crypto_core_ed25519_from_uniform.
- Update libsodium to 1.0.20-stable (2025-08-27 build).
- Added support for free-threaded Python 3.14.
- Added support for Windows on ARM wheels.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: df2ac27812
---------------------------
kmscon: Add recipe
Provide sane defaults that do not have dependencies, such as
a dummy and terminal session support and basic fbdev support.
kmsconvt@.service must be added separatly or else
do_rootfs fails with the following error:
```
do_rootfs: Postinstall scriptlets of ['kmscon'] have failed. If the intention
is to defer them to first boot, then please place them into
pkg_postinst_ontarget:${PN} (). Deferring to first boot via 'exit 1' is no
longer supported.
```
Add a small patch to fix a compiling error when using LLVM as the
preferred toolchain.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 200f48d774
---------------------------
libtsm: add recipe for kmscon dependency
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4350c04949
---------------------------
python3-html5lib: Fix build with python 3.14
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 498b49d2a4
---------------------------
python3-lief: mark CVE-2025-15504 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15504
The vulnerability is patched in v0.17.2, however NVD is currently tracking
the CVE without any version info (or more like with out any CPE info)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cc4aa9b9d0
---------------------------
python3-lief: upgrade 0.17.1 -> 0.17.2
Contains fix for CVE-2025-15504
Changelog:
- Differentiate Mach-O FAT magic bytes and Java class
- Fix MinGW compilation for some configuration
- Fix alignment issue when rebuilding PE relocations
- Fix infinite loop when processing v2 dynamic relocation
- Ensure that added DYN ELF sections are properly aligned
- Fix GnuHash null dereference
- Fix strong performance issue when parsing certain Mach-O
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 91f6b85b36
---------------------------
python3-py: ignore CVE-2022-42969
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-42969
Upstream could not reproduce the issue.
The vulnerability has currently the "disputed" flag in the NVD database,
and Github has revoked their related advisory[1].
Ignore this CVE due to this.
[1]: https://github.com/advisories/GHSA-w596-4wvx-j9j6
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ecf359d256
---------------------------
python3-werkzeug: upgrade 3.1.4 -> 3.1.5
Contains fix for CVE-2026-21860
Changelog:
- safe_join on Windows does not allow more special device names,
regardless of extension or surrounding spaces.
- The multipart form parser handles a \r\n sequence at a chunk boundary.
This fixes the previous attempt, which caused incorrect content lengths.
- Fix AttributeError when initializing DebuggedApplication with pin_security=False.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3cd47f72ad
---------------------------
frr: patch CVE-2025-61099..61107
Details:
https://nvd.nist.gov/vuln/detail/CVE-2025-61099
https://nvd.nist.gov/vuln/detail/CVE-2025-61100
https://nvd.nist.gov/vuln/detail/CVE-2025-61101
https://nvd.nist.gov/vuln/detail/CVE-2025-61102
https://nvd.nist.gov/vuln/detail/CVE-2025-61103
https://nvd.nist.gov/vuln/detail/CVE-2025-61104
https://nvd.nist.gov/vuln/detail/CVE-2025-61105
https://nvd.nist.gov/vuln/detail/CVE-2025-61106
https://nvd.nist.gov/vuln/detail/CVE-2025-61107
The NVD advisory refernces a PR[1] that contains only an unfinished, and
ultimately unmerged attempt at the fixes. The actual solution comes from
a different PR[2]. These patches are 3 commits from that PR. The last
commit wasn't backported, because it is just code formatting.
[1]: https://github.com/FRRouting/frr/pull/19480
[2]: https://github.com/FRRouting/frr/pull/19983
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b8b3ab6048
---------------------------
freerdp3: upgrade 3.20.0 -> 3.20.2
Contains fixes for the following vulnerabilities:
CVE-2026-22851, CVE-2026-22852, CVE-2026-22853, CVE-2026-22854,
CVE-2026-22855, CVE-2026-22856, CVE-2026-22857, CVE-2026-22858,
CVE-2026-22859
Changelogs:
https://www.freerdp.com/2026/01/14/3_20_1-release
https://www.freerdp.com/2026/01/14/3_20_2-release
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: dc2c6a514e
---------------------------
raptor2: patch CVE-2024-57822 and CVE-2024-57823
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-57822
https://nvd.nist.gov/vuln/detail/CVE-2024-57823
Pick the patches mentioned in the github issue[1] mentioned
in the NVD advisories (both of them are covered by the same issue)
[1]: https://github.com/dajobe/raptor/issues/70
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 43dbdb9c57
---------------------------
python3-watchdog: Remove obsolete dependencies
Python watchdog has removed all dependencies except optional `pyyaml`
dependency for `watchmedo` utility, like follows [1]:
* pathtools dependency was removed in 1.0.0
* python-argh dependency removed in 2.1.6
* requests was never a dependency
* pyyaml only needed for extras (`watchmedo`) and may not be strictly necessary
[1] https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst
Signed-off-by: Tero Kinnunen <tero.kinnunen@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cc0c4a6e34
---------------------------
python3-black: Upgrade 25.12.0 -> 26.1.0
Upgrade to release 26.1.0:
Introduces the 2026 stable style, stabilizing the following changes:
- always_one_newline_after_import: Always force one blank line after
import statements, except when the line after the import is a
comment or an import statement
- fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner
declarations, such as def foo(): return "mock" # fmt: skip, where
previously the declaration would have been incorrectly collapsed
- fix_module_docstring_detection: Fix module docstrings being
treated as normal strings if preceded by comments
- fix_type_expansion_split: Fix type expansions split in generic
functions
- multiline_string_handling: Make expressions involving multiline
strings more compact
- normalize_cr_newlines: Add \r style newlines to the potential
newlines to normalize file newlines both from and to
- remove_parens_around_except_types: Remove parentheses around
multiple exception types in except and except* without as
- remove_parens_from_assignment_lhs: Remove unnecessary parentheses
from the left-hand side of assignments while preserving magic
trailing commas and intentional multiline formatting
- standardize_type_comments: Format type comments which have zero
or more spaces between # and type: or between type: and value to
# type: (value)
The following change was not in any previous stable release:
- Regenerated the _width_table.py and added tests for the Khmer
language
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 65a66a5dde
---------------------------
python3-pytokens: Add recipe
Add pytokens release 0.4.0:
- Various packaging and dev improvements
- Just avoid using uv
- Move setup.cfg to pyproject.toml
- Use mypyc for compilation
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 525281669b
---------------------------
blueprint-compiler: upgrade 0.18.0 -> 0.19.0
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: cc932562d4
---------------------------
liblognorm: upgrade 2.0.8 -> 2.0.9
- fix build issue on some platforms
- guard compile pragma use
- remove unneeded variable
- fix memory leak when a custom type in rules does not match
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b80cb54dc6
---------------------------
adcli: upgrade 0.9.2 -> 0.9.3.1
1. Add pkgconfig to solve following configure error:
../sources/adcli-0.9.3.1/configure: line 15340: syntax error near unexpected token `LIBSELINUX,'
../sources/adcli-0.9.3.1/configure: line 15340: `PKG_CHECK_MODULES(LIBSELINUX, libselinux, found_libselinux=yes, found_libselinux=no)'
2. Add PACKAGECONFIG[selinux] for new selinux support in 0.9.3.1.
3. Add 0001-configure.ac-Fix-selinux-error-for-cross_compiling.patch to fix SELINUX_MAKEFILE file check in 0.9.3.1.
4. Add --disable-offline-join-support to solve following configure error
configure: error: Couldn't build offline join support, Samba version too old or libnatapi devel package is missing
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a3b7809b38
---------------------------
xdg-desktop-portal-wlr: update 0.7.0 -> 0.8.1
Remove patch that downgraded gbm_bo_create_with_modifiers.
Meanwhile gbm_bo_create_with_modifiers2 should be save to use?
Fix to work with manpages class
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b2766ba3ce
---------------------------
python3-django: add recipe for version 6.0.1
New, non-LTS version.
Release notes: https://github.com/django/django/blob/main/docs/releases/6.0.txt
New features in a nutshell:
- Content Security Policy support
- Template Partials
- Background Tasks
- Adoption of Python's modern email API
Ptest summary:
Ran 18643 tests in 164.287s
OK (skipped=1404, expected failures=5)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2106c5238c
---------------------------
python3-django: consolidate dependencies in .inc file
Django 4.2.x recipe has been deleted, the dependencies that were specific
to version 5.x can be moved to the common .inc file.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 96392e8231
---------------------------
python3-django: add ptest support
Execute the standard, non-selenium tests. The execution is
on the slower side: on my idle machine, KVM enabled it takes
a bit more than 2.5 minutes to execute it (executing tests with
4 threads parallel, 1/core, the default configuration). If the machine is
under load, it easily grows to over 10 minutes.
Added two backported patches for Django 5.2 to fix some tests that
would otherwise fail:
0001-Fix-test_strip_tags-test.patch: tag stripping tests failed due to
changed Python behavior
0001-fix-test_msgfmt_error_including_non_ascii-test.patch: tests were
updated to work with msgfmt 0.25
Most of the skipped tests require some specific database backend
(Postgres, MySQL, Oracle...) or are Selenium tests.
The output is very long (the suite contains way over 15k tests),
so I omit the example output here.
The current summary (for v5.2.9):
Ran 18121 tests in 140.891s
OK (skipped=1394, expected failures=5)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: be4a258073
---------------------------
python3-django: drop recipe for version 4.2
Though the version is not EOL yet, it doesn't support the Python
that comes with oe-core. The last version is supports is 3.12[1],
however oe-core comes with Python 3.13.
[1]: https://docs.djangoproject.com/en/6.0/faq/install/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5f21627f68
---------------------------
python3-tblib: add recipe
Serialization library for Exceptions and Tracebacks.
It is a runtime dependency for python3-django ptests.
The ptests for this recipe run under a second.
Sample output:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-01-15T19:37
BEGIN: /usr/lib/python3-tblib/ptest
PASS: tests/test_issue30.py:test_30
PASS: tests/test_issue65.py:test_65
PASS: tests/test_perf.py:test_perf
[...many passing lines...]
PASS: tests/test_tblib.py:test_parse_traceback
PASS: tests/test_tblib.py:test_large_line_number
PASS: tests/test_tblib.py:test_pytest_integration
============================================================================
Testsuite summary
DURATION: 1
END: /usr/lib/python3-tblib/ptest
2026-01-15T19:37
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 04370ef56c
---------------------------
xdg-user-dirs: Fix packaing location of systemd unit file
systemd_user_unitdir is the right variable to use
Fixes
ERROR: xdg-user-dirs-0.19-r0 do_package: QA Issue: xdg-user-dirs: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/systemd
/usr/lib/systemd/user
/usr/lib/systemd/user/xdg-user-dirs.service
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
xdg-user-dirs: 4 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 27385bb7b2
---------------------------
gnome-settings-daemon: update 48.0 -> 49.1
PACKAGECONFIG for wayland,nm have been removed upstream
PACKAGECONFIG for x11,xwayland have been added upstream
Add a patch to fix reproducibility in gnome-settings-daemon-src
============
Version 49.1
============
- Translation updates
Power:
- Avoid xext dependency
Xsettings:
- Build only if X11 or Xwayland are enabled
============
Version 49.0
============
- Translation updates
Power:
- Avoid polling light sensor if ambient light setting is disabled
=============
Version 49.rc
=============
- Translation updates
- Update to GNOME Session changes
Power:
- Fix check for shell-managed brightness
- Refactor light sensor enablement
A11y-settings:
- Manage Orca lifetime
===============
Version 49.beta
===============
- Translation updates
- Drop dependency on GTK4
- Add xwayland/x11 build options
Power:
- Do not treat all notifications as critical
- Let backlight auto-dimming in control of GNOME Shell
Housekeeping:
- Add new donation reminder notification
==================
Version 49.alpha.1
==================
Keyboard:
- Drop keyboard bell GSettings schema leftovers
================
Version 49.alpha
================
- Translation updates
- Update to GTK4
Power:
- Use new Mutter backlight D-Bus interface
Wacom:
- Drop support to update per-button OLED screens in Wacom
Intuos 4 model with descriptive actions. This tablet model
will still be functional, but the tiny screens besides the
pad buttons will remain blank.
============
Version 48.1
============
- Translation updates
- Cleanups and fixes
Power:
- Ensure the backlight interface signal gets emitted on startup
- Avoid using uninitialized value when restoring brightness
Sharing:
- Fixes to shutdown of sharing services
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c14b2ad4a9
---------------------------
gnome-session: update 47.0.1 -> 49.2
- update dependencies
- inherit manpages mime
- build x11 depending on DISTRO_FEATURES
- rename packageconfig man->manpages to work with manpages class
============
Version 49.0
============
- Translation updates
- Fixed build with musl libc
- Fixed some memory corruption bugs that led to gnome-session-init-worker
crashing on logout
- Fixed a memory leak in gnome-session-init-worker
- Allowed Qt apps to use the Wayland text-input protocol, instead of forcing
them to use the direct ibus integration plugin
=============
Version 49.rc
=============
- Disabled the org.freedesktop.ScreenSaver proxy service on the login screen
- Separated out the systemd-specific code from the gnome-session leader process
into a dedicated executable. This makes it easier to integrate distributions
that use alternative init systems with gnome-session (though note that this
is still a usecase we don't officially support upstream)
- Translation updates
===============
Version 49.beta
===============
- gnome-session is no longer started via a shell script, and instead all of
the necessary setup is done in C.
- gnome-session's builtin service manager has been completely removed. Service
management will now be handled entirely by the operating system's native
service manager (i.e. systemd). See the following blog post for more information:
https://blogs.gnome.org/adrianvovk/2025/06/10/gnome-systemd-dependencies
- The "fail whale" dialog has been removed
- Various unused APIs and interfaces were removed, including:
- The org.gnome.SessionManager.Client and o.g.SM.App D-Bus interfaces
- Various D-Bus APIs related to the service manager
- Various .desktop and .session file keys that were used only by the
builtin service manager
- Fallback sessions, since there's no way to fall back anymore
- The code was significantly refactored
- gnome-session now provides a gnome-session-basic-services.target, that sessions
like the GDM greeter and gnome-initial-setup can use to avoid listing all of
the basic GNOME session services (like all the gnome-settings-daemon plugins)
- The --autostart command line option was removed, and instead kiosk sessions
should set Kiosk=true in their session definition file.
- Updated GNOME's mimetype defaults to drop Evince (which was replaced with Papers)
- Translation updates
==================
Version 49.alpha.1
==================
Fix POTFILES to stop listing deleted files
Stop requiring the gnome-settings-daemon Wacom plugin, which doesn't exist anymore
Ensure that we start localsearch when starting a GNOME session via systemd
Translation updates
==================
Version 49.alpha.0
==================
Removed XSMP
Removed session restore functionality
X11 sessions are disabled by default
Added a default mimeapps list for GNOME's core apps
gsd-xsettings now starts on demand in Wayland
Dropped gnome-dummy session
Allow Inhibit() with no app ID
Unset all LC_* variables that are bound to REGION
Ported fail whale to gtk4
Dropped session selector GUI
Dropped the hardware acceleration check
gnome-session-inhibit: Propagate parent death
gnome-session-inhibit: Fixup terminal handling
Contributors:
Benjamin Berg, Alessandro Bono, Matthias Clasen, gnome-build-meta-bot,
Neal Gompa, Sophie Herold, Javier Jardón, Chris Mayo, Simon McVittie,
Jordan Petridis, Ray Strode, Joan Torres, Adrian Vovk, Chris Williams
Translators:
Марко Костић [sr], Aefgh Threenine [th], A S Alam [pa], Baxrom Raxmatov [uz],
Ekaterine Papava [ka], Martin [sl], Quentin PAGÈS [oc], Vasil Pupkin [be]
============
Version 48.0
============
The gnome-session script no longer re-runs itself as a subprocess
GNOME OS CI was ported to use a CI template
Integrated new CI-based release process
Fix bugs caused by systemd v257's inhibitor behavior changes
Make `gnome-session --version` print to stdout rather than syslog
Translation updates
README updates
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 20a7a38e43
---------------------------
gdm: update 48.0 -> 49.2
- build x11 support depending on DISTRO_FEATURES
- add runtime path for nologin to fix reproducibility
- remove backport patch
- use gtk4
49.2
==========
* Translation updates
* Fixed bug that prevented X11 fallback whenever autologin fails
* Introduced CI tests built around GNOME OS
49.1
==========
* Translation updates
* Hotfixed a bug that leaves gnome-shell in a locked up state
* Fixed implementation of userdb, so we don't list our users when asked about
UID 0 (root)
* Switched safety check that avoids accidentally deleting / and /home from an
assertion to an error, so the check always runs even in production builds
* Fixed bug where gnome-initial-setup's configuration (i.e. input methods)
failed to migrate to the final user session
* Fixed bug where GDM assumed that Wayland is unavailable if Xwayland wasn't
installed on the system
49.0.1
==========
* Follow-up for permissions issue fix, making the fix work in more environments
49.0
==========
* Translation updates
* Fix build failures when built without plymouth support
* Fix permissions issue on the GDM work dir (/var/lib/gdm) that broke settings
persistence
49.rc
==========
* Translation updates
* Fixed a bug in PAM config files, introduced by transition to dynamic users
* Added logic to retry preferred display server (usually Wayland) before falling
back (usually to X11)
* Fixed a bug where Plymouth keeps running if not display is plugged into the
system. This would prevent bootup from completing and would prevent the user
from logging in on a serial console
* Fixed GDM's session file loading logic to search directories in correct
precedence order
* Fix simpledrm device detection to match the kernel's new device naming scheme
* Re-enabled X11 support by default. We found it difficult to cleanly separate
GDM's ability to launch modern X11 sessions (which we intended to keep enabled
in GNOME 49) from the rest of GDM's X11 integration (which we intended to
disable but leave intact for GNOME 49). We still plan to remove GDM's full
X11 integration in a future version, and leave only the ability to launch
modern X11 sessions.
* Worked around a regression introduced by the switch to dynamic users, where
the login screen no longer persists any settings
49.beta
==========
* Translation updates
* Switch to using dynamic users for greeter sessions. This enables systemd-based
session management on the greeter, removes GDM's dependency on dbus-daemon,
and frees us to drop gnome-session's builtin service manager.
* Adapt to changes in gnome-session 49, which dropped the builtin service manager
code and now exclusively relies on systemd for session startup. This means that
GDM now depends on gnome-session 49.
49.alpha.1
==========
* Drop dependency on Wacom g-s-d plugin [Jordan; !301]
* Drop leftover udev rules [Alessandro; !299]
* Fix warning when building without libxdmcp support [Florian; !300]
* Add polkit rules to allow access to smartcards [David, !287]
* Misc [Joan; !298]
Contributors:
Alessandro Astone, David Härdeman, Joan Torres López,
Florian Müllner, Jordan Petridis
Translators:
Takayuki Kusano [ja], Aefgh Threenine [th]
==================
Version 49.alpha.0
==================
- meson: Change x11-support default value to false
- Disable Xorg session by default
- udev: Drop disable_wayland overrides
- Fix build with gcc 15
- Translation updates
Contributors:
Zbigniew Jędrzejewski-Szmek, Florian Müllner, Jordan Petridis,
Ray Strode, Joan Torres, Adrian Vovk, Alynx Zhou
Translators:
Antonio Marin [ro], Baxrom Raxmatov [uz], Cheng-Chia Tseng [zh_TW],
Andi Chandler [en_GB], Peter Mráz [sk], Rūdolfs Mazurs [lv]
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e9624913ed
---------------------------
xfce4-notifyd: upgrade 0.8.2 -> 0.9.4
Changelog: https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.4
Changelog: https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.3
Changelog: https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.2
Changelog: https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.1
Changelog: https://gitlab.xfce.org/apps/xfce4-notifyd/-/tags/xfce4-notifyd-0.9.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 531e60c906
---------------------------
libjxl: allow native build
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b7e2956e40
---------------------------
highway: allow native build
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e8e6a1a829
---------------------------
libcoap: set CVE version suffix
CVE metrics currently report CVE-2025-34468 as open.
CPE is <=4.3.5, while recipe version is 4.3.5a which is a higher
version, however by default cve-check only compares numbers.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3e3f0eac0f
---------------------------
open62541: update to v1.4
Use the latest commit from the 1.4 branch; the last 1.4 release was 3
months ago so it contains important fixes.
- The contents of /usr/share/ are slightly different, so change the path
slightly.
- The new patch fixes the .pc file generation (it also ensures that
there are no references to absolute paths in the .pc file which would
need to be removed again).
- PubSub information model is now enabled by default, add a new option
to disable it (disabling only pubsub isn't enough).
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 121b5f89c8
---------------------------
libbxfce4windowing: switch to meson buildsystem
Motivation for this is to get vapi files created which are required to
e.g. build the budgie desktop
-Add PACKAGECONFIG for x11 and build depending on DISTRO_FEATURES
-Build vala by default
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 24e14063f5
---------------------------
libxfce4windowing: upgrade 4.20.4 -> 4.20.5
Changelog: https://gitlab.xfce.org/xfce/libxfce4windowing/-/tags/libxfce4windowing-4.20.5
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bdff8df409
---------------------------
grpc: Upgrade to 1.76.0
Backport a fix to build with latest gcc and clang
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 60c3b8fb4f
---------------------------
nodejs: Make prune_sources execute at do_patch phase
Fixes:
ERROR: nodejs-22.21.1-r0 do_patch: Applying patch '0001-deps-disable-io_uring-support-in-libuv.patch' on target directory '/build/tmp/work/core2-32-poky-linux/nodejs/22.21.1/sources/node-v22.21.1'
CmdError('quilt --quiltrc /build/tmp/work/core2-32-poky-linux/nodejs/22.21.1/recipe-sysroot-native/etc/quiltrc push', 0, "stdout: Applying patch 0001-deps-disable-io_uring-support-in-libuv.patch
can't find file to patch at input line 27
The sources which related to libuv as deps/uv/ are removed in prune_sources
when depends on libuv.
So postpone prune_sources execute at do_patch phase to fix the gap.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bc312fe13b
---------------------------
adcli: Fix OECONF
Remove "--disable-static" as it's not needed for default option.
./configure --help
--enable-static[=PKGS] build static libraries [default=no]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0bb156371e
---------------------------
nodejs: upgrade 22.21.1 -> 22.22.0
This is the December 2025 security release that the nodejs team released
January 13, 2026.
3 high severity issues.
4 medium severity issues.
1 low severity issue.
High priority fixes:
CVE-2025-55131
CVE-2025-55130
CVE-2025-59465
Medium priority fixes:
CVE-2025-59466
CVE-2025-59464
CVE-2026-21636 *
CVE-2026-21637
Low priority fixes:
CVE-2025-55132
* note that this medium priority CVE only effects Nodejs v25.
https://nodejs.org/en/blog/vulnerability/december-2025-security-releases
Changelog: https://github.com/nodejs/node/releases/tag/v22.22.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 589f461dbf
---------------------------
re2: Upgrade to 2025.11.05 release
Update fixes:
| /home/flk/bitbake-builds/poky/build/tmp/work/corei7-64-poky-linux/re2/2024.03.01/sources/re2-2024.03.01/re2/prog.h:25:1: note: 'memchr' is defined in header '<cstring>'; this is probably fixable by adding '#include <cstring>'
| 24 | #include "re2/sparse_set.h"
| +++ |+#include <cstring>
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5e234700b9
---------------------------
imagemagick: add packageconfigs for raw,jxl,heic
Dont add them by default
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3729c20b69
---------------------------
qpdf: upgrade 12.2.0 -> 12.3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9ced05b9d9
---------------------------
python3-virtualenv: upgrade 20.35.4 -> 20.36.1
Changelog:
==============
- fix: resolve TOCTOU vulnerabilities in app_data and lock directory creation
- fix: Prevent NameError when accessing _DISTUTILS_PATCH during file overwrite
- Upgrade pip and fix 3.15 picking old wheel
- fix: wrong path on migrated venv
- test_too_many_open_files: assert on errno.EMFILE instead of strerror
- fix: update filelock dependency version to 3.20.1 to fix CVE CVE-2025-68146
- fix: resolve EncodingWarning in tox upgrade environment
- Fix Interpreter discovery bug wrt. Microsoft Store shortcut using Latin-1
- Add support for PEP 440 version specifiers in the --python flag.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a724174ae8
---------------------------
python3-tomli: upgrade 2.3.0 -> 2.4.0
Changelog:
===========
- Add TOML v1.1.0 compatibility
- Add binary wheels for Windows arm64
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 67972a72ec
---------------------------
python3-starlette: upgrade 0.50.0 -> 0.51.0
Changelog:
==============
- Add allow_private_network in CORSMiddleware
- Increase warning stacklevel on DeprecationWarning for wsgi module
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 88dc78a457
---------------------------
python3-pywbemtools: upgrade 1.3.0 -> 1.3.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b51cdb7f01
---------------------------
python3-pystemd: upgrade 0.14.0 -> 0.15.1
Changelog:
==========
- Add wait_for_activation parameter to pystemd.run to wait only for service activation without blocking until completion
- Document cwd and wait_for_activation parameters in pystemd.run
- Drop support for Python 3.6-3.10, now requires Python 3.11+
- Add unit property and unit_name to TransientUnitProcess for easy access to the running unit
- Change development tooling to use uv for package management
- Change lint/format stack from black/mypy to ruff/pyrefly
- Add a lot of typing
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 719fba40ee
---------------------------
python3-pymongo: upgrade 4.15.5 -> 4.16.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 950e4abfc9
---------------------------
python3-pyasyncore: upgrade 1.0.4 -> 1.0.5
Changelog:
===========
- Make sure tests/__init__.py is included in sdist
- Fix compatibility with pytest
- Explicitly tag Python 3.14 compatibility
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 355668de1d
---------------------------
python3-pyais: upgrade 2.14.0 -> 2.15.0
Changelog:
AISTracker.update now accepts raw sentences as well as decoded messages
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ceb26ff276
---------------------------
python3-pikepdf: upgrade 10.1.0 -> 10.2.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f6a4aee942
---------------------------
python3-ipython: upgrade 9.8.0 -> 9.9.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 23be3d56d1
---------------------------
python3-alembic: upgrade 1.17.2 -> 1.18.0
License-Update: copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d06825b105
---------------------------
openfortivpn: upgrade 1.24.0 -> 1.24.1
Changelog:
fix regression where the 'plugin' was not passed to pppd
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ec8cdac89c
---------------------------
nautilus: upgrade 49.2 -> 49.3
Changelog:
=========
- Don't waste resources on images with extreme dimensions
- Consider thumbnailing finished at correct time
- Redraw view when screen scale factor changes
- Fix potential outdated view item usage
- Correctly close mime type program chooser dialog
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6a358195b0
---------------------------
libcloudproviders: upgrade 0.3.6 -> 0.4.0
Changelog:
===========
* Add dependencies to the pkg-config file
* Replace gtk-doc with gi-docgen
* Require meson 1.9.0
* Plug tiny memory leaks and reduce memory footprint of the library
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 062fb8ae3d
---------------------------
lcms: upgrade 2.17 -> 2.18
Changelog:
============
- Add an extra check for completeness only.
- Fix a signed integer overflow which could trigger a FPE_INTOVF
- Fix Microsoft'2 MHC2 private tag
- Added projects for XCode 26 & Visual Studio 2026
- Added documentation for PCS illuminants and chromatic adaptation
- Check for a possible out-of-bounds in softproofing transforms when using cmsCreateExtendedTransform
- Fix for a out-of-bound read, issue #522
- Add an extra check for out-of-bounds read when misusing a support function
- avoid divide by zero, special case from spec. notes on CAM02
- Fix CGATS parser bug when number has a "+" sign
- Fix a typo when handling a special case for BPC
- Fixed a loss of precision when Lab16 is used as input color space on integer transforms
- Fixes hypotetical corrupted pointer in non-happy path. Cannot happen in real world
- Fix a theoretical memory leak.
- Add support of localized descriptions in v2 profiles for MacOS
- Mark some tables as const
- Make the param of cmsCreateLab4Profile() to refer to the media white instead of the illuminant
- fix a warning in unit tests
- Remove redundant check. Fixes #497
- Update autotools
- fix plugins soname + add oklab to transicc (experimental)
- meson: ability to disable .so.version libraries
- Fix black point detection when using darker colorant.
- testcms2.c: Fix incorrect string comparisons
- Fix CICp tag size.
- Fix broken linkicc
- meson: Bump minimum Meson version to 0.52 for visibility:hidden
- meson: Disable unused fs import
- Add a guard against a wrong use of flags
- Fix for #469 heap buffer overflow on convert_utf16_to_utf32()
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e182774685
---------------------------
eog: upgrade 47.0 -> 49.1
Changelog:
============
- Fix frequent crashes when with gdk-pixbuf 2.44
- Add image/avif to the MimeType list in the .desktop
- appdata: Add missing developer name
- Set prgname to application ID
- data: Rename appdata to metainfo and use rDNS app id
- metadata: Hide unreachable help URL
- desktop: Add more keywords
- content type to mime type conversion
- Official website has been retired
- org.gnome.eog.desktop should list image/heic as MimeType
- Segfault SIGSEGV when switching images
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3d0353b00e
---------------------------
doxygen: upgrade 1.15.0 -> 1.16.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4493b8fd56
---------------------------
ctags: upgrade 6.2.20260104.0 -> 6.2.20260111.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 38bceffeae
---------------------------
abseil-cpp: upgrade 20250814.1 -> 20260107.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 88ae17fd8f
---------------------------
python3-libevdev: Upgrade 0.12 -> 0.13.1
Add ptest and upgrade to release 0.13.1:
- pyproject.toml: add pytest as dev dependency
- Import Self from type_checking if needed to be compat with 3.9
- CI: run pytest via uv
- CI: test against multiple python versions
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0c94f27fda
---------------------------
python3-huey: Upgrade 2.5.5 -> 2.6.0
Upgrade to release 2.6.0:
- "Modernize" build system to use pyproject.toml and github actions.
Fixes:
WARNING: python3-huey-2.6.0-r0 do_check_backend: QA Issue: inherits
setuptools3 but has pyproject.toml with setuptools.build_meta, use
the correct class [pep517-backend]
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ded508de23
---------------------------
python3-filelock: Upgrade 3.20.2 -> 3.20.3
Upgrade to release 3.20.3:
- Fix TOCTOU symlink vulnerability in SoftFileLock
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7a273013c7
---------------------------
python3-aenum: Upgrade 3.1.15 -> 3.1.16
Upgrade to release 3.1.16:
- standardized handling of negative numbers in flags
- support dictionary-like key access to NamedTuple
- remove newer setup.py option include_package_data
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 50f0473ee1
---------------------------
python3-pylint: Upgrade 4.0.3 -> 4.0.4
Upgrade to release 4.0.4:
- Fixed false positive for ``invalid-name`` where module-level
constants were incorrectly classified as variables when a
class-level attribute with the same name exists.
- Fix a false positive for ``invalid-name`` on an UPPER_CASED
name inside an ``if`` branch that assigns an object.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 66454fe57f
---------------------------
frr: upgrade 10.5.0 -> 10.5.1
ChangeLog:
https://github.com/FRRouting/frr/releases/tag/frr-10.5.1
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 993fc63f43
---------------------------
tumbler: upgrade 4.20.0 -> 4.20.1
Changelog: https://gitlab.xfce.org/xfce/tumbler/-/tags/tumbler-4.20.1
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 764f459fef
---------------------------
xdg-user-dirs: upgrade 0.18 -> 0.19
1. Changelog
Features:
* Add a systemd service to run xdg-user-dirs-update
* Add initial Meson buildsystem support
Bugfixes:
* Fix autopoint invocation
Miscellaneous:
* Updated translations
* Update automake boilerplate
* Update information in README
2. Add pkgconfig to solvo following configure error:
../sources/xdg-user-dirs-0.19/configure: line 9319: syntax error near unexpected token `systemd,'
../sources/xdg-user-dirs-0.19/configure: line 9319: `PKG_CHECK_EXISTS(systemd,'
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6ad8b50af8
---------------------------
python3-google-auth: upgrade 2.45.0 -> 2.47.0
1. Changelog
https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md
2. Drop 0001-make-the-TLS-tests-skip-when-pyopenssl-isn-t-availab.patch as it was merged upstream.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 584e70ca72
---------------------------
gtksourceview*: fix build issue related to S
Source code for gtksourceview will be unpacked to a directory called
'gtksourceview-${PV}'. But as the recipes have added part of PV to the
name of the recipe the default setting of variable S will be wrong.
This is fixed by explicitly setting it.
Fixing issues like:
WARNING: gtksourceview3-3.24.11-r0 do_unpack: gtksourceview3: the directory ${UNPACKDIR}/${BP} (<snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11) pointed to by the S variable doesn't exist - please set S within the recipe to point to where the source has been unpacked to
WARNING: gtksourceview3-3.24.11-r0 do_populate_lic: Could not copy license file <snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11/COPYING to <snip>/gtksourceview3/3.24.11/license-destdir/corei7-64/gtksourceview3/COPYING: [Errno 2] No such file or directory: '<snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11/COPYING'
ERROR: gtksourceview3-3.24.11-r0 do_populate_lic: QA Issue: gtksourceview3: LIC_FILES_CHKSUM points to an invalid file: <snip>/gtksourceview3/3.24.11/sources/gtksourceview3-3.24.11/COPYING [license-checksum]
ERROR: gtksourceview3-3.24.11-r0 do_populate_lic: Fatal QA errors were found, failing task.
WARNING: gtksourceview4-4.8.4-r0 do_unpack: gtksourceview4: the directory ${UNPACKDIR}/${BP} (<snip>/gtksourceview4/sources/gtksourceview4-4.8.4) pointed to by the S variable doesn't exist - please set S within the recipe to point to where the source has been unpacked to
ERROR: gtksourceview4-4.8.4-r0 do_patch: Applying patch '0001-remove-pointless-check.patch' on target directory '<snip>/gtksourceview4/4.8.4/sources/gtksourceview4-4.8.4'
WARNING: gtksourceview5-5.18.0-r0 do_unpack: gtksourceview5: the directory ${UNPACKDIR}/${BP} (<snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0) pointed to by the S variable doesn't exist - please set S within the recipe to point to where the source has been unpacked to
WARNING: gtksourceview5-5.18.0-r0 do_populate_lic: Could not copy license file <snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0/COPYING to <snip>/gtksourceview5/5.18.0/license-destdir/corei7-64/gtksourceview5/COPYING: [Errno 2] No such file or directory: '<snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0/COPYING'
ERROR: gtksourceview5-5.18.0-r0 do_populate_lic: QA Issue: gtksourceview5: LIC_FILES_CHKSUM points to an invalid file: <snip>/gtksourceview5/5.18.0/sources/gtksourceview5-5.18.0/COPYING [license-checksum]
ERROR: gtksourceview5-5.18.0-r0 do_populate_lic: Fatal QA errors were found, failing task.
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e071ea3c65
---------------------------
btop: update 1.4.5 -> 1.4.6
Disable build-testing for now, as this would require 'googletest' dependency
v1.4.6
References | Description | Author(s)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0b2deaab02
---------------------------
acpitool: update SRC_URI
The old SRC_URI stopped working (its certificate expired), and the recipe
defaulted to OE mirrors.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4fdeb484c2
---------------------------
gnome-keyring: set CVE_PRODUCT
The underscores and hyphens in the product name are used randomly in the CVE
database:
sqlite> select * from PRODUCTs where vendor = 'gnome' and product like '%keyr%';
CVE-2012-3466|gnome|gnome-keyring|3.4.0|=||
CVE-2012-3466|gnome|gnome-keyring|3.4.1|=||
CVE-2012-6111|gnome|gnome_keyring|3.2|=||
CVE-2012-6111|gnome|gnome_keyring|3.4|=||
CVE-2018-19358|gnome|gnome-keyring|||3.28.2|<=
CVE-2018-20781|gnome|gnome_keyring|||3.27.2|<
Set CVE_PRODUCT so that both versions are matched.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 29a272744a
---------------------------
xerces-c: set CVE_PRODUCT
The related CVEs are tracked with "xerces-c\+\+" (sic).
See CVE db query:
sqlite> select vendor, product, count(*) from PRODUCTs where product like '%xerces%' group by 1, 2;
apache|xerces-c\+\+|29
apache|xerces-j|2
apache|xerces2_java|3
redhat|xerces|3
Set CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: e0f86a4a7f
---------------------------
lmdb: patch CVE-2026-22185
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22185
Pick the patch that is mentioned as a solution in the related upstream bug[1].
[1]: https://bugs.openldap.org/show_bug.cgi?id=10421
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2a78ad8813
---------------------------
boinc-client: mark CVE-2013-2018 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2013-2018
According to oss-security email[1], version 7.0.45 included
the fixes[2][3][4]
[1]: https://www.openwall.com/lists/oss-security/2013/04/29/11
[2]: https://github.com/BOINC/boinc/commit/6e205de096da83b12ffb2f0183b43e51261eb0c4
[3]: https://github.com/BOINC/boinc/commit/e8d6c33fe158129a5616e18eb84a7a9d44aca15f
[4]: https://github.com/BOINC/boinc/commit/ce3110489bc139b8218252ba1cb0862d69f72ae3
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2f1d7a8597
---------------------------
influxdb: ignore CVE-2024-30896
As mentioned in the comment[1], vulnerability is in
/api/v2/authorizations API which only exists in 2.x, 1.x is not affected.
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30896
[1] https://github.com/influxdata/influxdb/issues/24797#issuecomment-2514690740
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 52c747c540
---------------------------
python3-aiodns: Upgrade 3.6.1 -> 4.0.0
Upgrade to release 4.0.0:
- Added new query_dns() method returning native pycares 5.x
DNSResult types
- Deprecated query() method - still works with backward-compatible
result types
- Deprecated gethostbyname() method - use getaddrinfo() instead
- Added compatibility layer for pycares 4.x result types to ease
migration
- Updated dependencies
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: c18c531c88
---------------------------
python3-pycares: Upgrade 4.11.0 -> 5.0.1
Upgrade to release 5.0.1:
- Use Literal for type
- Use CMake for compiling c-ares
- Move project metadata to pyproject.toml
- Remove gethostbyname
- Remove getsock
- Replace ares_{get,set}servers with ares_{get,set}_servers_csv
- Remove ares_init and ares_mkquery, they are unused
- Make c-ares thread-safety mandatory
- Migrate API to c-ares' dnsrec variants
- Build wheels in parallel
- Update bundled c-ares to v1.34.6
- Make callback a mandatory kwarg-only argument
- Return bytes data for TXT records
- Add support for TLSA, HTTP and URI queries
- Remove event_thread option, make it implicit
- Fix IDNA 2008 test
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4ca56224e6
---------------------------
python3-langtable: Upgrade 0.0.68 -> 0.0.69
Upgrade to release 0.0.69:
- Add Georgian console fonts
- Add Adlm script to SN
- Add dra, Tutg, ath, cmc, Cham, tai
- Remove License classifier (license tag with SPDX license
expression is already there)
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d58da103e1
---------------------------
python3-identify: Upgrade 2.6.13 -> 2.6.15
Upgrade to release 2.6.15:
- Add .piskel extension
- Fix: make PKGBUILD files a superset of .bash
- [pre-commit.ci] pre-commit autoupdate
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9b77eae698
---------------------------
opencv: upgrade 4.12.0 -> 4.13.0
1.Changelogs
https://github.com/opencv/opencv/wiki/OpenCV-Change-Logs#version4130
2.Remove following patches as they have been merged in upstream.
27691.patch
0001-Renamed-templated-BlocksCompensator-feed-method-to-e.patch
3.After upgrading to 4.13.0, WITH_KLEIDICV is ON as default in aarch64,
so build kleidicv along with openCV in aarch64.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f6506e8a65
---------------------------
menulibre: fix do_install failed
Use pip 25.3 to install failed
...
Traceback (most recent call last):
File "menulibre-2.4.0/setup.py", line 245, in <module>
DistUtilsExtra.auto.setup(
~~~~~~~~~~~~~~~~~~~~~~~~~^
name='menulibre',
^^^^^^^^^^^^^^^^^
...<12 lines>...
cmdclass={'install': InstallAndUpdateDataDirectory}
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
)
^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 98, in setup
__requires(attrs, src_all)
~~~~~~~~~~^^^^^^^^^^^^^^^^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 471, in __requires
__add_imports(imports, s, attrs)
~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 405, in __add_imports
if alias.name and __external_mod(cur_module, alias.name, attrs):
~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "recipe-sysroot-native/usr/lib/python3.13/site-packages/DistUtilsExtra/auto.py", line 377, in __external_mod
return 'dist-packages' in mod.__file__ or 'site-packages' in mod.__file__ or \
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: argument of type 'NoneType' is not iterable
...
Refer [1] to correct one line in setup.py
[1] https://github.com/epoptes/epoptes/commit/81be63961a428728601df6f442490638df3bd263
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3b5492f57f
---------------------------
nng: add ptest
Ptest results on genericx86-64 BSP:
$ run-ptest
PASS: compat_block
PASS: compat_bug777
PASS: compat_bus
PASS: compat_cmsg
PASS: compat_device
PASS: compat_iovec
PASS: compat_msg
PASS: compat_options
PASS: compat_pair
PASS: compat_pipeline
PASS: compat_poll
PASS: compat_reqrep
PASS: compat_reqttl
PASS: compat_shutdown
PASS: compat_survey
PASS: compat_surveyttl
PASS: cplusplus_pair
PASS: device
PASS: files
FAIL: httpclient
PASS: httpserver
PASS: inproc
PASS: ipc
PASS: ipcsupp
PASS: multistress
PASS: nonblock
PASS: options
PASS: pipe
PASS: pollfd
PASS: reqctx
PASS: reqstress
PASS: scalability
PASS: synch
PASS: tcp
PASS: tcp6
PASS: tcpsupp
PASS: tls
PASS: ws
PASS: wss
The httpclient case attempts to retrieve the Content-Length field from
HTTP header of http://example.com/, but because the site uses chunked
transfer encoding, the Content-Length field is not present, leading to
an assertion failure.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 31de060b48
---------------------------
boinc-client: set CVE_PRODUCT
The relevant CVEs are tracked with underscore in their name.
See CVE db query:
sqlite> select vendor, product, count(*) from PRODUCTs where product like '%boinc%' group by 1, 2;
berkeley|boinc_client|2
berkeley|boinc_forum|1
universityofcalifornia|boinc_client|165
universityofcalifornia|boinc_server|5
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4da079d7f5
---------------------------
asyncmqtt: set CVE_PRODUCT
The CVEs are tracked with an underscore in the product name:
sqlite> select * from PRODUCTs where product like '%async%mq%';
CVE-2025-65503|redboltz|async_mqtt|10.2.5|=||
This patch sets the correct CVE_PRODUCT.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5d3936d5dd
---------------------------
nginx: ignore CVE-2025-53859 for 1.28.1
Fix is included via commit [1].
[1] https://github.com/nginx/nginx/commit/fbbbf189dadf3bd59c2462af68c16f2c2874d4ee
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 264d8acc92
---------------------------
libsodium: patch CVE-2025-69277
Pick patch per [1].
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-69277
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a1b9e6e4f2
---------------------------
libcanberra: add runtime recommendation for sound-theme-freedesktop
Required to actually play event sounds
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9e55e9f115
---------------------------
nng: upgrade 1.7.3 -> 1.11
ChangeLog:
https://github.com/nanomsg/nng/releases/tag/v1.11
https://github.com/nanomsg/nng/releases/tag/v1.10
https://github.com/nanomsg/nng/releases/tag/v1.9.0
https://github.com/nanomsg/nng/releases/tag/v1.8.0
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 60e60fed31
---------------------------
nanomsg: add ptest
Ptest results:
$ run-ptest
PASS: async_shutdown
PASS: block
PASS: bug328
PASS: bug777
PASS: bus
PASS: cmsg
PASS: device
PASS: device4
PASS: device5
PASS: device6
PASS: device7
PASS: domain
PASS: emfile
PASS: hash
PASS: inproc
PASS: inproc_shutdown
PASS: iovec
PASS: ipc
PASS: ipc_shutdown
PASS: ipc_stress
PASS: list
PASS: msg
PASS: pair
PASS: pipeline
PASS: poll
PASS: prio
PASS: pubsub
PASS: reqrep
PASS: reqttl
PASS: separation
PASS: shutdown
PASS: stats
PASS: survey
PASS: surveyttl
PASS: symbol
PASS: tcp
PASS: tcp_shutdown
PASS: term
PASS: timeo
PASS: trie
PASS: ws
PASS: ws_async_shutdown
PASS: zerocopy
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: fea43ed974
---------------------------
nanomsg: upgrade 1.2.1 -> 1.2.2
ChangeLog:
https://github.com/nanomsg/nanomsg/releases/tag/1.2.2
Drop 0001-allow-build-with-cmake-4.patch as the issue has been fixed
upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b891bc7cac
---------------------------
python3-filelock: add ptest support
The tests take <15s to execute.
Sample output:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-01-09T18:00
BEGIN: /usr/lib/python3-filelock/ptest
PASS: tests/test_async_filelock.py:test_simple[a-str-AsyncUnixFileLock]
PASS: tests/test_async_filelock.py:test_simple[a-str-AsyncSoftFileLock]
PASS: tests/test_async_filelock.py:test_simple[a-PurePath-AsyncUnixFileLock]
PASS: tests/test_async_filelock.py:test_simple[a-PurePath-AsyncSoftFileLock]
PASS: tests/test_async_filelock.py:test_simple[a-Path-AsyncUnixFileLock]
PASS: tests/test_async_filelock.py:test_simple[a-Path-AsyncSoftFileLock]
[...many lines...]
PASS: tests/test_filelock.py:test_mtime_zero_exit_branch[SoftFileLock-TimeoutError]
PASS: tests/test_filelock.py:test_mtime_zero_exit_branch[UnixFileLock-PermissionError]
PASS: tests/test_virtualenv.py:test_virtualenv
============================================================================
Testsuite summary
DURATION: 10
END: /usr/lib/python3-filelock/ptest
2026-01-09T18:00
STOP: ptest-runner
TOTAL: 1 FAIL: 0
(There are 20 Windows-only tests, which are skipped)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9291faa919
---------------------------
python3-send2trash: add ptest support
The tests take less than a second to execute.
The current source distribution is missing a test file,
which I added with a patch. The problem is already solved
by upstream just not tagged yet - the patch can be dropped
with the next update.
Sample output:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-01-09T17:11
BEGIN: /usr/lib/python3-send2trash/ptest
SKIP: tests/test_plat_win.py:tests/test_plat_win.py # SKIP Skipping windows-only tests
PASS: tests/test_plat_other.py:test_trash
PASS: tests/test_plat_other.py:test_multitrash
PASS: tests/test_plat_other.py:test_trash_bytes
PASS: tests/test_plat_other.py:test_trash_unicode
PASS: tests/test_plat_other.py:test_trash_topdir
PASS: tests/test_plat_other.py:test_trash_topdir_fallback
PASS: tests/test_plat_other.py:test_trash_topdir_failure
PASS: tests/test_plat_other.py:test_trash_symlink
PASS: tests/test_script_main.py:test_trash
PASS: tests/test_script_main.py:test_no_args
============================================================================
Testsuite summary
DURATION: 1
END: /usr/lib/python3-send2trash/ptest
2026-01-09T17:11
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0ccf384c90
---------------------------
libcanberra: update 0.30 -> 0.30-19
Lennart Poettering stopped maintaining libcanberra over a decade ago but it is still
maintained by the debian gnome-team.
Most notable improvement is that building the libcanberra-gtk3-module doesn't depend
on gtk2 anymore and thus libcanberra isn't dependent on x11 to build support for gtk3
- fetch source from salsa.debian.org, use git for it
- remove outdated patches
- dont build gtk+ module by default anymore
- simplify packaging
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 56f4b30c99
---------------------------
python3-gcovr: Upgrade 8.3 -> 8.5
Upgrade to release 8.5:
Breaking changes:
- The option --lcov-test-name doesn't accept values with spaces
anymore.
- The option --lcov-format-1.x is deprecated and mapped to
--lcov-format-version=1.x.
- Changes to HTML templates.
New features and notable changes:
- Due to added support for LLVM source based code coverage format
some configuration file keys got changed. The old gcov named
options are still supported but they also affect the LLVM
toolchain.
Bug fixes and small improvements:
- Fix coveralls report if there are several coverage elements per
line.
- Fix not excluded conditions if branches are excluded by comments.
- Fix reported excluded branches in LCOV report.
- Fix exclusion filter --gcov-exclude.
- Add --json-trace-data-source to include the trace data source in
the JSON report independent from --verbose.
- Remove generated gcov files on error and catch additional gcov
error message.
- Change default HTML theme excluded line color.
- Move theme colors to a separate CSS file so they can be overridden
with a simple --html-template-dir directory with only the
style.colors.css file.
- Fix regular expression for detecting a version mismatch between
gcc and gcov.
- Improve logging messages for GCOV execution errors to not print
information twice and add trace messages for gcov execution.
- Fix handling of lines after function specialization.
- Improve performance by changing logging messages (level and lazy
interpolation).
- Fix text report for covered decisions.
- Fix runtime problem introduced with 8.4.
- Fix wrong entries in data source attribute of JSON report.
- Fix nested HTML report without coverage data.
- Add warning if coverage data is empty.
- Add warning if function lines are missing in external generated
GCOV files.
- Extend support for zipped reports. If last suffix is .xz then
LZMA is used to compress the report.
- Fix function exclusion in report generation.
- Do not ignore lines without functions, e.g. from inlined code.
- Ignore all whitespaces instead of only spaces for detection of
noncode lines.
- Add support for temporary merging line coverage objects without
modifying the data model.
- Change internal behavior of --exclude-function-lines to exclude
the line of function definition instead of removing it completely.
- Ensure that all functions have a line coverage element in LCOV
report.
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 988b5182c9
---------------------------
python3-xmlschema: Upgrade 4.2.0 -> 4.3.0
Upgrade to release 4.3.0:
- Add arguments validation for schemas and validation methods (by
validation contexts)
- Add custom XPath parser for find/findall/iterfind APIs on schemas
for match singleton sequence also if position is a number greater
than 1 in predicate expression
- Improve build of XSD elements and groups, using a three-state
built flag for components
- Extend and fix memory tests (Python 3.14+ seems to consume more
memory)
- Drop support for Python 3.9 and add development support for
Python 3.15
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 26ef11eac6
---------------------------
python3-fsspec: Upgrade 2025.5.1 -> 2025.12.0
Upgrade to release 2025.12.0:
- fsspec.parquet to support filters and multiple files
- passing withdirs in aync _glob()
- fix _rm_file/_rm redirection in async
- allow arrowFile to be seekable
- add size attribute to arrowFile
- support py3.14 and drop 3.9
- avoid ruff warning
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bcfeba2a13
---------------------------
python3-typer: Upgrade 0.21.0 -> 0.21.1
Upgrade to release 0.21.1:
- Fix escaping in help text when rich is installed but not used.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3ee544e759
---------------------------
python3-twitter: mark CVE-2012-5825 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2012-5825
The Debian bugtracker[1] indicated that the issue is tracked by
upstream in github[2] (with a difference CVE ID, but same issue),
where the vulnerability was confirmed. Later in the same github issue
the solution is confirmed: the project switched to use the requests
library, which doesn't suffer from this vulnerability.
Due to this mark the CVE as patched.
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692444
[2]: https://github.com/tweepy/tweepy/issues/279
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a5ee234b8c
---------------------------
python3-uvicorn: mark CVE-2020-7694 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-7694
The vulnerability was reported to the project[1], and the commit[2] that
resolved the issue has been part of the project since version 0.11.7.
Mark the CVE as patched due to this.
[1]: https://github.com/Kludex/uvicorn/issues/723
[2]: https://github.com/Kludex/uvicorn/commit/895807f94ea9a8e588605c12076b7d7517cda503
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 93671dd613
---------------------------
python3-reportlab: mark CVE-2020-28463 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-28463
According to Debian[1] it has been fixed since version 3.5.55[2]
Mark is as patched.
[1]: https://security-tracker.debian.org/tracker/CVE-2020-28463
[2]: https://hg.reportlab.com/hg-public/reportlab/rev/7f2231703dc7
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6e936626cb
---------------------------
libcereal: set CVE_PRODUCT
The relevant CVEs are associated with usc:cereal CPE.
See CVE db query:
sqlite> select * from PRODUCTS where PRODUCT like '%cereal%';
CVE-2020-11104|usc|cereal|||1.3.0|<=
CVE-2020-11105|usc|cereal|||1.3.0|<=
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ba92b3d7ac
---------------------------
xfce4-settings: rename libcanberra rrecommends
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 4a81111ba2
---------------------------
gnome-disk-utility: remove outdated patch
Dont remove libcanberra dependency. Meanwhile it can be built without
pulling in gtk2
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: baa3cc3df0
---------------------------
python3-aiohttp: upgrade 3.13.2 -> 3.13.3
Changelog:https://docs.aiohttp.org/en/stable/changes.html
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b14d44612a
---------------------------
fex: uodate 2511 -> 2601
FEX Release FEX-2601
ARM64Emitter
Force NOP padding to be enabled (9e8915e)
Arm64Emitter
Initial work for LoadConstant padding audit (d582356)
BranchOps
Use RIP relocs for direct branch targets (c57df73)
CMake
Move CMakeModules to Data/CMake (651ef64)
Fix mingw if host has libxxhash-dev installed (900c179)
Support overriding version/hash via CMake args (19d3450)
CodeCache
Fix misparenthesized expression in SaveData() (9101e70)
Rebase block entrypoint info (5747d1c)
Make LoadData Thread argument an optional pointer (bc069f2)
Implement automatic cache generation (eb425fe)
Implement runtime cache validation (93f6a8c)
Trigger delayed cache loading for the main executables and its interpreter (71c8436)
Implement cache loading (ec67670)
Common
Use LOCALAPPDATA for GetCacheDirectory on WOW64/ARM64EC (499970d)
Config
Remove stdout from OutputLog (e1c6a91)
Dispatcher
Silence warning on ARM64EC (9a12868)
FEXCore
Cleanup pointers structure (b29a78c)
Fixes circular dependency with thunk callback (5627ddf)
Switch constant emission to default to NoPad (2b4492c)
Revert literal optimization from #4884 (da46d51)
FEXOfflineCompiler
Implement SyscallHandler::LookupExecutableFileSection (5ca549e)
FEXServer
Add protocol interface to request code cache population (805a4c1)
Frontend
Only decode REX if it is at the correct location (c8d72ea)
Also fetch relocations and section bounds when validating (0a18ea8)
ImageTracker
Load AOT images (a3779be)
Load PE relocations when generating code caches (b87bb1d)
Support codemap file generation (c54dfd9)
Track loaded PE images for LookupExecutableFileSection (212a3f4)
Interpreter
Moves around the thread and ELF initialization code (ed1d495)
JIT
Fixes typo (c4258be)
LinuxSyscalls
x32
Fixes fcntl assert (6c06f47)
LookupCache
Fix mistake in nested CacheBlockMapping call (a957f1f)
OpcodeDispatcher
Explicitly calculate flags after _TelemetrySetValue (281981e)
Relocations
Disable 6-byte size optimization in InsertGuestRIPMove (c7eb4c8)
Switch to robin_map to improve lookup perf (4889596)
SHMStats
Avoid ISB usage when stats are disabled (6a49b8c)
Scripts
Have InstallFEX check kernel version (b407688)
Steam
Don't let the FEXServer inherit FEXServerManager's original stdout (53925dc)
Syscalls
Fix DEBUG_STRACE printing (e859109)
Thunks
Vulkan
Update for v1.4.337 (668e027)
Tools
pidof
Fixes FEXpidof after #5097 (7e4e017)
VDSO
Forgot to remove a if check (144c4bf)
WOW64
Lock the JIT context and block suspend during context operations (a25d90d)
WinAPI
Implement Sleep (37b0e9e)
Windows
Improve handling of RWX memory (d592e2a)
Invalidate code in freed memory after the free syscall (cb7de45)
Fix RtlWaitOnAddress signature (f098b41)
Implement _[w]sopen file APIs (f819999)
Introduce ImageTracker for tracking per-loaded-image data (dc764db)
Switch GetSection/ExecutableFilePath to returning full paths (956f97e)
Split out CRT/WinAPI reimplementation (ebdbf58)
WritePriorityMutex
Add some more documentation (9fa8148)
Fix rare case of dropped read waiter wakes (ce9824a)
Misc
[cmake] explicit platform and bit-width checks (dbd802c)
[cmake] more parenthesis cleanups, linker gc module, more same-line stuff (1f6b3d5)
[cmake] refactor: compiler and architecture handling (51f6722)
[cmake] better option descriptions + more consistent language (9c0c969)
Constant audit (fd2ee4e)
_Constant audit (851fbae)
First round of LoadConstant auditing (5bbbe4d)
[cmake] Use a Find module for xxhash (5a47565)
[cmake] do not use uppercase command names (f24f88e)
[cmake] reduce usage of trivial variables (0edf961)
[cmake] prefer end parenthesis on same line, no space after some calls (b41b967)
[cmake] FEXCore: further reduce library redundancy (f153d86)
[cmake] propagate -ISource to all Tools (bd8f6f1)
[cmake] use MINGW builtin rather than custom detection (7cdef04)
Some minor NFC (974ba78)
Guest relocation support (fef1993)
Various trivial fixes for #5106 (296988b)
code-format-helper: Update urllib3 dependency (2e2563a)
github
steamrt4
Additional comments (bf9ab7f)
unittests
ASM
Adds test for flags clobber in TelemetrySetValue (eb27576)
Test 32-bit displacement encoding (d197300)
FEXLinuxTests
Fix gcc build (fedebf4)
Force clang building for tests (62383a1)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 15aca0b2fa
---------------------------
raptor2: set CVE_PRODUCT
All relevant CVEs are files against these CPEs.
See CVE db query (zediious vendor is not relevant):
sqlite> select * from PRODUCTs where PRODUCT like '%raptor%' and vendor <> 'symantec' and product <> 'velociraptor';
CVE-2012-0037|librdf|raptor|||2.0.7|<
CVE-2017-18926|librdf|raptor_rdf_syntax_library|2.0.15|=||
CVE-2020-25713|librdf|raptor_rdf_syntax_library|2.0.15|=||
CVE-2023-49078|zediious|raptor-web|0.4.4|=||
CVE-2024-57822|librdf|raptor_rdf_syntax_library|||2.0.16|<=
CVE-2024-57823|librdf|raptor_rdf_syntax_library|||2.0.16|<=
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 2b499660d0
---------------------------
pavucontrol: update 5.0 -> 6.2
- switch to meson buildsystem
- pavucontrol now requires gtk4 and thus requires gpu acceleration
- remove patch. Meanwhile libcanberra is optional and build doesn't
fail without anymore
- pavucontrol was migrated from intltool to gettext
- add packageconfigs for libcanberra and lynx to have both disabled
by default
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 3a57e52745
---------------------------
xfce4-pulseaudio-plugin: unbreak build with pavucontrol6
'pavucontrol-6' requires gtk4 and thus also needs gpu acceleration
Only recommend to install pavucontrol if it would run
- remove x11 from DISTRO_FEATURES. There's no direct dependency on it
- add PACKAFECONFIG for libcanberra
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ddaf5e0f39
---------------------------
imlib2: upgrade 1.12.5 -> 1.12.6
Changelog:
==========
- Y4M loader: add support for 10-bit 4:4:4
- Y4M loader: add support for 10-bit 4:2:2
- Y4M loader: add example for 8-bit mono
- Y4M loader: add support for 10-bit mono
- Y4M loader: fix support for full-range mono
- Y4M loader: fix support for odd dimensions
- Y4M loader: add support for 12/14/16-bit mono
- test/images: Remove intermediate generated file
- imlib2_view: Set title
- imlib2_view: Scale image when resizing window
- imlib2_view: A couple of fixes to previous commit
- test_load_2: Add new y4m test images
- test_load_2: Add more new y4m test images
- test_load_2: Add more new y4m test images
- autofoo: Use AM_LIBTOOLFLAGS, not LIBTOOLFLAGS
- gradients: Fix rendering of gradients in larger images
- imlib2_conv: Fix constness warning
- gradients: Better gradients with angles
- Compile cleanly with -Wdouble-promotion
- XPM loader: Add missing progress callback on incomplete image data
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a524aaddac
---------------------------
libsdl3: upgrade 3.2.28 -> 3.2.30
Changelog:
https://github.com/libsdl-org/SDL/releases/tag/release-3.2.30
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bedcf6d226
---------------------------
xfce4-session: upgrade 4.20.0 -> 4.20.3
| checking for glib-compile-resources... configure: error: could not find glib-compile-resources.
Fix configure failure by adding to EXTRA_OECONF parameters.
ERROR: xfce4-session-4.20.2-r0 do_package: QA Issue: xfce4-session: Files/directories were installed but not shipped in any package:
/usr/share/xfce4
/usr/share/xfce4/labwc
/usr/share/xfce4/labwc/labwc-environment
/usr/share/xfce4/labwc/labwc-rc.xml
Update FILES to fix QA error.
Changelog: https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.20.3
Changelog: https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.20.2
Changelog: https://gitlab.xfce.org/xfce/xfce4-session/-/tags/xfce4-session-4.20.1
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b92c4e249b
---------------------------
python3-h2: remove ptest execution deadline
Hypothesis Python module applies a 200ms default timeout value on
the tests, that can be violated too easily in qemu without kvm support.
Hypothesis however also has a feature, that in case it is running in a CI
environment, it expects that the host has more load, and it removes this
deadline.
To switch to the CI profile and relax the execution timeouts, this patch
defines the "CI" environment variable in the run-ptest script.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 63ae47a70d
---------------------------
libjxl: Fix build error with arm and musl
Build fails for qemuarm with musl with following error:
/build/tmp/work/cortexa15t2hf-neon-poky-linux-musleabi/libjxl/0.11.1/sources/libjxl-0.11.1/lib/jxl/convolve_separable5.cc
| error: out of range pc-relative fixup value
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 30942cebe8
---------------------------
mozjs-128: Fix build error with arm and musl
Build fails for qemuarm with musl with following error:
mozglue/misc/StackWalk.o: in function `unwind_callback(_Unwind_Context*, void*)':
| /usr/src/debug/mozjs-128/128.5.2/mozglue/misc/StackWalk.cpp:810:(.text._ZL15unwind_callbackP15_Unwind_ContextPv+0x4): undefined reference to `_Unwind_GetIP'
Referenced commit[1] for the fix, also refreshed patches.
[1] https://github.com/OSSystems/meta-browser/commit/bb8662912354dae13634c0ec35c3803c344b1e72
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 38119992d8
---------------------------
python3-bleak: upgrade 2.0.0 -> 2.1.1
1. Changelog:
https://github.com/hbldh/bleak/blob/v2.1.1/CHANGELOG.rst
2. Skip integration tests in ptest
After upgrade to 2.1.1, a new test set integration was added.
https://github.com/hbldh/bleak/tree/v2.1.1/tests/integration
According to the description, the tests need kernel module hci_vhci,
but hci_vhci is disabled in yocto, so skip these tests.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ba6468f7a0
---------------------------
python3-m2crypto: mark CVE-2020-25657 as patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-25657
The commit[1] that fixes the vulnerability has been part of the
package since version 0.39.0
[1]: https://git.sr.ht/~mcepl/m2crypto/commit/84c53958def0f510e92119fca14d74f94215827a
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b46a5452a1
---------------------------
python3-m2crypto: ignore CVE-2009-0127
Details: https://nvd.nist.gov/vuln/detail/CVE-2009-0127
The vulnerability is disputed[1] by upstream:
"There is no vulnerability in M2Crypto. Nowhere in the functions
are the return values of OpenSSL functions interpreted incorrectly.
The functions provide an interface to their users that may be
considered confusing, but is not incorrect, nor it is a vulnerability."
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0127
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8f67ff2a34
---------------------------
tcpdump: upgrade 4.99.5 -> 4.99.6
add-ptest.patch
refreshed for 4.99.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: a778ae59d9
---------------------------
spdlog: upgrade 1.16.0 -> 1.17.0
License-Update: updated contributors.
Changelog:
==========
- Bump bundled {fmt} library to 12.1.0
- Fix the %z formatter (UTC offset):
- Windows: Replaced implementation for better accuracy and speed
- FreeBSD: Fixed incorrect implementation
- Fixed issue where the offset was not displaying as +00:00 when the formatter
was configured to show UTC time.
- Removed unreliable fallback for Unix systems lacking tm_gmtoff. If
compilation fails on such platforms, use SPDLOG_NO_TZ_OFFSET=ON (%z will
display +??:?? instead of compilation error).
- Set CMAKE_BUILD_TYPE only in top-level project
- Change access scope for ANSI target_file_ from private to protected
- Fix UWP detection
- Fix include <fcntl.h> in tcp_client.h to avoid compilation failures
- Tests: Fix unit tests to respect default level names
- Docs: Fix misleading comment in blocking_queue header
- Fix sign-compare warning
- Fix sign conversion warnings in qt_sinks.h
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 08302db298
---------------------------
rtorrent: upgrade 0.16.5 -> 0.16.6
Features
---------
Added timestamp helper commands
Use separate thread for saving session data
Run multiple session save requests in parallel
Changed magnet metadata handling and added 'magnet.path.set'
Optimizations
-------------
Use map rather than vector for Poll tables
Bug Fixes
-----------
Convert IPv4in6 addresses to IPv4 in outgoing handshakes
Force clear bitfield ranges of downloads that get hashed
Use CURLOPT_CLOSESOCKETFUNCTION to properly handle libcurl closing sockets before CURL_POLL_REMOVE
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7db6f31b0f
---------------------------
python3-types-psutil: upgrade 7.1.1.20251122 -> 7.2.1.20251231
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 65ed8861f7
---------------------------
python3-pillow: upgrade 12.0.0 -> 12.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 1b8c883667
---------------------------
python3-nocaselist: upgrade 2.1.0 -> 2.2.0
Changelog:
https://nocaselist.readthedocs.io/en/2.2.0/changes.html
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 6a9c1e9114
---------------------------
python3-nocasedict: upgrade 2.1.0 -> 2.2.0
Changelog:
https://nocasedict.readthedocs.io/en/2.2.0/changes.html
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9206e31273
---------------------------
python3-moteus: upgrade 0.3.96 -> 0.3.97
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 86cabd1603
---------------------------
python3-marshmallow: upgrade 4.1.2 -> 4.2.0
Changelog:
many argument of Nested properly overrides schema instance value.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0997a483e7
---------------------------
nbdkit: upgrade 1.46.0 -> 1.47.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0fbbddd537
---------------------------
libtracefs: upgrade 1.8.2 -> 1.8.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 72a9807f37
---------------------------
libtorrent: upgrade 0.16.5 -> 0.16.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 0991466b1e
---------------------------
libsdl3-image: upgrade 3.2.4 -> 3.2.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d7d45f20ef
---------------------------
libmbim: upgrade 1.33.1 -> 1.34.0
Changelog:
==========
* Build:
** New "-Dmbim_groupname=<name>" meson build option to restrict MBIM kernel
device access to a given Unix group and root. The access check works
in parallel to the "-Dmbim_username" option; passing either check allows
access to the kernel device (eg, logical OR).
* New Intel AT Tunnel service, including the following operations:
* MBIM_CID_INTEL_AT_TUNNEL_AT_COMMAND
* Extended the SMS service:
* MBIM_CID_SMS_CONFIGURATION now supports notifications
* mbimcli:
** New '--sms-query-configuration' and '--sms-query-message-store-status'
actions
** New '--atds-query-rat' and '--atds-query-operators' actions
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 60106a8990
---------------------------
libio-socket-ssl-perl: upgrade 2.095 -> 2.096
Changelog:
- Allow stacking TLS layers with SSL_usebio
This also allows LWP (after patches) to access https site through TLS
enabled proxy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 8142a5dad4
---------------------------
libdbd-sqlite-perl: upgrade 1.76 -> 1.78
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: be1b0daac0
---------------------------
gpsd: upgrade 3.27.2 -> 3.27.3
Changelog:
Fix API major value.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: ebf2be3435
---------------------------
fping: upgrade 5.4 -> 5.5
Changelog:
===========
- New option -J / --json for JSON output. See doc/fping-json.md for
the JSON schema. This feature is still in alpha and the schema
might change in future releases
- The -g, --generate option now also supports IPv6 addresses
- New option --seqmap-timeout to control the time after which sequence
numbers can be used again
- Fix OpenBSD sprintf() warning
- Fix fallback to SO\_TIMESTAMP if SO\_TIMESTAMPNS is not available
- When reading target names from file or standard input, lines longer
than the static buffer are no longer interpreted as more than one line
- Typo fix in error message when SO\_BINDTODEVICE fails
- Options --print-tos and --print-ttl now also work for IPv6, and no
longer require privileges
- Report received ICMPv6 error messages
- Suppress duplicate reports in count mode with -q, --quiet or -Q, --squiet
- Switch to alpine-based multi-stage Docker build to reduce image size
and improve build performance; add OpenContainers-compatible labels
- Print receive ping moved to new functions
- Avoid unsigned overflow when determining the memory size to save
response times on systems where size\_t is the same as unsigned int
- Document the new minimum value for the -p option
- Fix build without IPv6 support
- Fix debug build use of dbg_printf in fping.c
- Remove MacOS-specific test for -I option
- GitHub Actions fixes
- Fix measurement of time for timed reports (-Q) to start after DNS name
resolution.
- Updated autoconf from 2.71 to 2.72
- Updated automake from 1.16.5 to 1.18.1
- Updated libtool from 2.4.6 to 2.5.4
- Implemented verification of autotools tarballs in Github actions.
- Implemented stricter flag value checking (e.g. -c 10xyz is not accepted anymore).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: f0db676880
---------------------------
ddrescue: upgrade 1.29.1 -> 1.30
Changelog:
===========
* Replace pass 5 of copying with a sweeping phase after trimming.
* New option '-N, --no-sweep' to disable reading of skipped areas.
Reassign short name '-N' from option '--no-trim' to '--no-sweep'.
* main.cc. Make '--size=output' use the size of outfile.
(do_rescue): Make '-x 0' extend outfile to size of infile.
* main_common.cc (strtoll_): New function accepting underscores.
* rescuebook.cc (fcopy_non_tried, rcopy_non_tried): Limit pass 2 to
blocks adjacent to a finished block. (Delimit bad area as a whole).
(trim_errors): Trim only edges adjacent to a finished block.
Initial skip size now defaults to (infile_size / 32_768).
Only retrim blocks adjacent to a non-tried or finished block.
(update_rates): Don't force update of a_rate, c_rate, ts.
(Rescuebook): Estimate remaining time from last 60 seconds.
* genbook.cc (format_time), loggers.cc (format_time_dhms): Add years.
* loggers.cc (Event_logger): Add finished_size, a_rate, read errors.
* ddrescuelog.cc: New option '-H, --make-test'.
* ddrescue.texi: Document rescue with lziprecover's recovery record.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: af8315f17b
---------------------------
ctags: upgrade 6.2.20251130.0 -> 6.2.20260104.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 38eaab2241
---------------------------
python3-waitress: add ptest support
It takes <10s to execute.
Some (54) tests are not compatible with musl[1] - due to this the tests are on the problem-list.
Sample output snippet:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-01-07T09:57
BEGIN: /usr/lib/python3-waitress/ptest
PASS: tests.test_adjustments.TestAdjustments.test_bad_port
PASS: tests.test_adjustments.TestAdjustments.test_badvar
PASS: tests.test_adjustments.TestAdjustments.test_default_listen
[...many lines...]
PASS: tests.test_wasyncore.Test_readwrite.test_socketerror_in_disconnected
PASS: tests.test_wasyncore.Test_readwrite.test_socketerror_not_in_disconnected
PASS: tests.test_wasyncore.Test_write.test_gardenpath
PASS: tests.test_wasyncore.Test_write.test_non_reraised
PASS: tests.test_wasyncore.Test_write.test_reraised
============================================================================
Testsuite summary
\# TOTAL: 783
\# PASS: 775
\# SKIP: 8
\# XFAIL: 0
\# FAIL: 0
\# XPASS: 0
\# ERROR: 0
DURATION: 7
END: /usr/lib/python3-waitress/ptest
2026-01-07T09:57
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 096f14d0b9
---------------------------
modemmanager: upgrade 1.22.0 -> 1.24.2
Changelog:
https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/blob/mm-1-24/NEWS
Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bf2fa106d6
---------------------------
libqmi: upgrade 1.34.0 -> 1.38.0
Changelog:
https://gitlab.freedesktop.org/mobile-broadband/libqmi/-/blob/qmi-1-38/NEWS
Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b6ddf00e8c
---------------------------
python3-termcolor: Upgrade 3.2.0 -> 3.3.0
Upgrade to release 3.3.0:
- Add support for italic
- can_colorize: Expect fileno() to raise OSError, as documented
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 312155a7d6
---------------------------
python3-behave: Upgrade 1.3.2 -> 1.3.3
Upgrade to release 1.3.3:
- FIXED: Broke Python 2.7 support
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: d2501971b2
---------------------------
python3-astroid: Upgrade 4.0.2 -> 4.0.3
Upgrade to release 4.0.3:
- Fix inference of IfExp (ternary expression) nodes to avoid
prematurely narrowing results in the face of inference ambiguity.
- Fix base class inference for dataclasses using the PEP 695
typing syntax.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 5ff2ec190a
---------------------------
python3-anyio: Upgrade 4.12.0 -> 4.12.1
Upgrade to release 4.12.1:
- Changed all functions currently raising the private
NoCurrentAsyncBackend exception (since v4.12.0) to instead raise
the public NoEventLoopError exception
- Fixed anyio.functools.lru_cache not working with instance methods
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 7721e7a6fc
---------------------------
python3-bumble: Upgrade 0.0.220.bb -> 0.0.221
Upgrade to release 0.0.221:
- Cancel l2cap connection result future on abort
- Implement extended advertising emulation
- Rust: Fix cargo-all-features to 1.11.0
- L2CAP Enhanced Retransmission mode
- Add some docs about Android and Hardware
- bump pdl dependencies versions
- android-netsim transport enhancements
- Upgrade GitHub Actions for Node 24 compatibility
- Upgrade GitHub Actions to latest versions
- GATT: fix redefinition of GATT_CONTENT_CONTROL_ID_CHARACTERISTIC
- Remove unused imports
- Fix missing type hints on Device.notify_subscribers()
- L2CAP: Enhanced Credit-based Flow Control Mode
- use ruff for linting and import sorting
- hot fix: remove unused import
- Ruff: Add and fix UP rules
- add support for multiple concurrent broadcasts
- Add EATT Support
- Fix some typos and annotations
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 254f1285e8
---------------------------
net-snmp: Update to 5.9.5.2
5.9.5.1:
* Only a version numbering fix.
5.9.5.2:
* Fix an issue with needing limits.h included.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: bc8066fd7f
---------------------------
python3-fastapi: Upgrade 0.124.4 -> 0.128.0
Upgrade to release 0.128.0:
- Drop support for pydantic.v1
- Run performance tests only on Pydantic v2
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 656bbf2c70
---------------------------
python3-networkx: Upgrade 3.6 -> 3.6.1
Upgrade to release 3.6.1:
API Changes
- Add spectral bipartition community finding and greedy bipartition
using node swaps
Enhancements
- Nodelists for from_biadjacency_matrix
- Add spectral bipartition community finding and greedy bipartition
using node swaps
- Fix draw_networkx_nodes with list node_shape and add regression
test
Bug Fixes
- Fix: allow graph subclasses to have additional arguments
Documentation
- DOC: Improve benchmarking readme
- DOC: More details re: RC releases in the release process devdocs
- DOC: clarify difference between G.nodes/G.nodes() and
G.edges/G.edges() in tutorial
- DOC: Add blurb to contributor guide about drawing tests
- DOC: Fix underline lens in docstrings
- Rolling back shortest paths links
Maintenance
- MAINT: Replace string literal with comment
- Bump actions/checkout from 5 to 6 in the actions group
- pin python 3.14 to be version 3.14.0 until dataclasses are fixed
- Blocklist Python 3.14.1
Other
- TST: add tests for unsupported graph types in MST algorithms
- TST: clean up isomorphism tests
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 382e4de7d8
---------------------------
python3-brotli: Upgrade 1.1.0 -> 1.2.0
Upgrade to release 1.2.0:
SECURITY
- python: added Decompressor::can_accept_more_data method and optional
output_buffer_limit argument Decompressor::process;
that allows mitigation of unexpectedly large output;
reported by Charles Chan (https://github.com/charleswhchan)
Added
- decoder/encoder: added static initialization to reduce binary size
- python: allow limiting decoder output (see SECURITY section)
- CLI: brcat alias; allow decoding concatenated brotli streams
- kt: pure Kotlin decoder
- cgo: support "raw" dictionaries
- build: Bazel modules
Removed
- java: dropped finalize() for native entities
Fixed
- java: in compress pass correct length to native encoder
Improved
- build: install man pages
- build: updated / fixed / refined Bazel buildfiles
- encoder: faster encoding
- cgo: link via pkg-config
- python: modernize extension / allow multi-phase module
initialization
Changed
- decoder / encoder: static tables use "small" model (allows 2GiB+
binaries)
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 768a039171
---------------------------
python3-parse-type: Upgrade 0.6.3 -> 0.6.6
Upgrade to release 0.6.6:
- Disable setuptools-scm: Too many side-effects
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: b248542954
---------------------------
python3-pyro5: Upgrade 5.15 -> 5.16
Upgrade to release 5.16:
- project going into super low maintenance mode, I don't plan on
working on it any longer unless nasty bugs are reported.
- properties can now be a streaming generator too
- loopCondition is relayed from start_ns_loop() to its daemon
- removed Python 3.8 and 3.9 from the support list (they are EOL).
Now supported on Python 3.10 or newer.
- docs: clarify @expose on a class not automatically exposing base
class(es).
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---------------------------
Commit: 9720dc6
---------------------------
yocto-builder/entrypoint-build.sh: Remove init configuration
The init configuration is usually taken care of by setting INIT_MANAGER
and systemd is the default since:
https://git.openembedded.org/openembedded-core/commit/?id=0b4061c5d50261f826d0edb4b478d2d305274b7c
so none of this should be needed, hopefully it will fix CI runs which currently fail with:
https://github.com/agherzan/meta-raspberrypi/actions/runs/23234236947/job/67698405693
ERROR: Nothing PROVIDES 'systemd' (but /tmp/tmp.aSbUL7oQb7/openembedded-core/meta/recipes-core/psplash/psplash_git.bb DEPENDS on or otherwise requires it)
systemd was skipped: conflicting distro feature 'sysvinit' (in DISTRO_FEATURES)
NOTE: Runtime target 'psplash' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['psplash', 'systemd']
ERROR: Required build target 'rpi-test-image' has no buildable providers.
Missing or unbuildable dependency chain was: ['rpi-test-image', 'psplash', 'systemd']
Summary: There was 1 WARNING message.
Summary: There were 2 ERROR messages, returning a non-zero exit code.
But I don't see where sysvinit would be getting into DISTRO_FEATURES here.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
---------------------------
Commit: 1e4a992
---------------------------
layer.conf: Update to wrynose release series
Changed in:
https://git.openembedded.org/openembedded-core/commit/?id=cd1179544d74026c99a4938824146cec4f5acfca
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
---------------------------
Commit: 046a238
---------------------------
rpidistro-ffmpeg: upgrade to latest upstream, 7.1.13
Upgrade rpidistro-ffmpeg to the latest upstream, some changes were made
in the recipe to better match the OE recipe of the same version, x264
disabled by default due to cyclic dependency
Signed-off-by: Gijs Peskens <gijs.peskens@munisense.com>
---------------------------
Commit: cc66524
---------------------------
rpidistro-ffmpeg: Fix compilation on Whinlatter
Backport ffmpeg patch fixing assembler syntax
Signed-off-by: Gijs Peskens <gijs.peskens@munisense.com>
---------------------------
Commit: e00b8ea
---------------------------
rpidistro-vlc: Fix compilation on Whinlatter
Various backports (i.e.: taglib), casts, etc. to fix compilation on
Whinlatter against rpidistro-ffmpeg (upstream ffmpeg changes not
backported)
Signed-off-by: Gijs Peskens <gijs.peskens@munisense.com>
---------------------------
Commit: b9d649e
---------------------------
Fix compilation of RPI-Userland on Whinlatter
Imports patch also used in Buildroot
Signed-off-by: Gijs Peskens <gijs.peskens@munisense.com>
---------------------------
Commit: 5e1db9d
---------------------------
openssl-ca.sh: remove unused variable
Signed-off-by: Trevor M <45127883+tream2001@users.noreply.github.com>
---------------------------
Commit: 9d33476
---------------------------
layer.conf: set LAYERSERIES_COMPAT to 'wrynose'
This follows openembedded-core master commit cd117954 ("layer.conf:
Update to wrynose ").
We have a dedicated 'whinlatter' branch and don't intend to test and
maintain compatibility with whinlatter on master. Thus just replace it.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 745cb82
---------------------------
linux-yocto: add needed options for squashfs support
Without CONFIG_MISC_FILESYSTEMS the kernel will lack support for
squashfs even though CONFIG_SQUASHFS is already enabled in the config
fragment, as the CONFIG_SQUASHFS option is only available with
CONFIG_MISC_FILESYSTEMS enabled and will otherwise be silently dropped during
config merging.
Signed-off-by: Daniel Wagenknecht <dwagenknecht@emlix.com>
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: f00fed1
---------------------------
rauc-target.inc: refactor logic for determining "bootloader tool" dependency
When using a custom mechanism for communication with the bootloader,
but still with U-Boot as the actual bootloader, it may be
inappropriate for this to inject an rdepends on u-boot-fw-utils.
So instead of an anonymous python function which unconditionally
appends to RDEPENDS:${PN}, create an overridable variable
RAUC_BOOTLOADER_RDEPENDS which can be set empty or even better to the
package actually providing the userspace side of the custom mechanism.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk>
---------------------------
Commit: b614931
---------------------------
bundle.bbclass: drop obsolete clean before fetch
We have observed occasional errors during do_fetch:
ERROR: bundle-dev-1.0-r0 do_fetch: CalledProcessError(1, ['rm', '-rf', '[..]/build/tmp/work/x86-oe-linux/bruker-bundle-dev/1.0'])
ERROR: Task ([..]/recipes-core/bundles/bundle-dev.bb:do_fetch) failed with exit code '1'
The line in question is probably a remnant of
f8f0589 classes: bundle: move manifest writing to do_unpack
which moved functionality from do_fetch to do_unpack
Signed-off-by: Torben Hohn <torben.hohn@bruker.com>
Signed-off-by: Thomas Albrecht <thomas.albrecht@bruker.com>
---------------------------
Commit: d8d5566
---------------------------
bundle.bbclass: add support for 'emptyfs' image type
This image type[1] is special, since it does not allow providing a
filename.
[1] https://rauc.readthedocs.io/en/latest/reference.html#supported-image-types
Signed-off-by: Lars Schmidt <l.schmidt@pengutronix.de>
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 31b3591
---------------------------
bundle.bbclass: create image type in manifest
This adds the [imagetype] varflag, which allows specifying the explicit
image 'type=' manifest option as supported since RAUC v1.15 [1][2].
Unfortunately, the more intuitive [type] varflag is already leveraged by
the meta-rauc internal recipe-handling heuristic.
The explicit image 'type=' option allows replacing the previously used
filename extension–based detection of the image type, which is then
(together with the slot type) used to select the appropriate slot update
handling method.
[1] https://github.com/rauc/rauc/releases/tag/v1.15
[2] https://rauc.readthedocs.io/en/latest/reference.html#image-sections
Signed-off-by: Lars Schmidt <l.schmidt@pengutronix.de>
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: f2e763d
---------------------------
dt-utils: add udev as runtime dependency for barebox-state
At least barebox-state actually requires udev rules to be available at
runtime since its device resolution relies on udev names and symlinks.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 7f271fe
---------------------------
dt-utils: add PACKAGECONFIG option for barebox-state
This is more for documentation and follow-up runtime dependency
handling.
Note that dt-utils 2023.11 cannot actually be build with
-Dbarebox-state=false due to missing conditionals in meson.build.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: fb86757
---------------------------
dt-utils: switch from autotools to meson
dt-utils supports meson since v2023.08.0 already.
So switch to it instead of using ancient autotools.
The only difference is that the meson-based package doesn't install any
headers, yet. But since dt-utils is rarely used as a library, thus
should be fine for now.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 2343a55
---------------------------
dt-utils: remove .inc remnant from recipe merge
All its content but the file itself wasn't deleted in
ea8eeae4 ("dt-utils: merge .bb with .inc").
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 3d4a466
---------------------------
README.rst: fix typo
Signed-off-by: Fabian Pflug <f.pflug@pengutronix.de>
---------------------------
Commit: d0bac6c
---------------------------
bundle.bbclass: add support for encrypting bundles
Add support for encrypting bundles after creating them. This requires
the usage of the "crypt" bundle format and a recipient certificate for
encrypting the signed bundle manifest. To encrypt the bundle, set
RAUC_ENCRYPTED_CRYPT_BUNDLE to 1 and RAUC_RECIPIENTS_CERT_FILE to the
path of the recipient certificate, as well as the keyring:
RAUC_ENCRYPTED_CRYPT_BUNDLE ?= "1"
RAUC_RECIPIENTS_CERT_FILE ?= "path/to/recipient-certs.pem"
RAUC_KEYRING_FILE ?= "path/to/ca.cert.pem"
The encrypted bundle will be deployed with the prefix "encrypted-" in
the DEPLOY_DIR. Note, that the bundle with the unencrypted manifest is
also still being deployed and can be used for manual encryption for
other recipients as well.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
---------------------------
Commit: c319a46
---------------------------
python3-gbulb: remove recipe
With commit 1a9a22d ("rauc-hawkbit: remove recipe and references")
the only reference we had to the python3-gbulb package went away,
which means we can now safely remove it.
This is a good thing, because the upstream repository was archived
in 2024 and deprecated in favour of PyGObject.
Signed-off-by: Leonard Göhrs <l.goehrs@pengutronix.de>
---------------------------
Commit: a0db357
---------------------------
.github/workflows/build: run yocto-check-layer
This is useful for maintaining layer quality and compatibility according
to Yocto Project compatible requirements.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: d9f66ec
---------------------------
casync: mark as excluded from world builds
casync is no longer actively maintained and is only an optional component
for RAUC.
Exclude it from world builds to avoid pulling in several additional layer
dependencies such as meta-filesystems, meta-networking, meta-oe and
meta-python.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 1a9a22d
---------------------------
rauc-hawkbit: remove recipe and references
Also remove the references in documentation, CI, etc.
The project was mainly intended for demo purposes and has been archived
since 2022.
If you intend to use RAUC with hawkBit, consider using the C-based
rauc-hawkbit-updater project instead [1]. A recipe for it is available
in this layer.
If you still need the Python-based rauc-hawkbit client, please copy the
recipe into your own layer.
[1] https://github.com/rauc/rauc-hawkbit-updater
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: d004ffa
---------------------------
README: replace walnascar build status badge with whinlatter
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: c135de5
---------------------------
.github/workflows/schedule-builds: replace walnascar by whinlatter
walnascar has reached end-of-life. Update the scheduled builds to use
whinlatter, the latest stable Yocto Project release.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 18c253c
---------------------------
drop SRCPV from recipes
SRCPV is deprecated since nanbield and can safely be removed.
https://docs.yoctoproject.org/dev/migration-guides/migration-4.3.html#versioning-changes
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: f74404a
---------------------------
Add SECURITY.md
Document how to report security vulnerabilities.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: b60b073
---------------------------
casync: update to latest master
Note that this adds only two commits to the master branch since the
latest changes in 2022.
The current release is still from 2017, which strongly indicates that
the project is actually dead.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 96d6e24
---------------------------
bundle.bbclass: add support for 'none' type when no file is needed
RAUC has supported omitting the filename when an 'install' slot hook is
used since commit 8a9c9213 ("src: support omitting filename when
'install' slot hook is used"), introduced in RAUC v1.6 [1].
However, this use case has not been supported by bundle.bbclass and
previously required workarounds using dummy files to satisfy file
expectations.
This commit introduces a new 'none' type that:
- Does not require a reference recipe name
- Skips generating dependencies
- Omits the 'filename' field in the manifest
- Avoids copying any image file
This allows cleaner integration when no actual image file is needed.
[1] rauc/rauc@8a9c9213
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Lars Schmidt <l.schmidt@pengutronix.de>
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: 3c09bf5
---------------------------
bundle.bbclass: use bb.fatal for parsing error
It does not make sense to proceed parsing for unparseable manifests.
This also avoids repeated error messages.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: e70bbfe
---------------------------
bundle.bbclass: refactor: move unrelated flags out of image handling
Move processing of 'hooks', 'adaptive', and 'convert' varflags before any
image-specific logic to keep those separated.
This improves readability and maintainability and adds the possibility to
skip image handling in cases where a slot does not contain any image.
Signed-off-by: Lars Schmidt <l.schmidt@pengutronix.de>
---------------------------
Commit: e2686d3
---------------------------
bundle.bbclass: refactor: remove local 'img_fstype' variable
The local variable 'img_fstype' was only used once when constructing the
image fallback variable. Its value is now read directly at the point of use
to simplify the code and improve readability.
Signed-off-by: Lars Schmidt <l.schmidt@pengutronix.de>
---------------------------
Commit: cb113e2
---------------------------
bundle.bbclass: fix vardeps handling for RAUC_BUNDLE_HOOKS
Adding RAUC_BUNDLE_HOOKS to 'vardeps' was made to properly rebuild the
manifest if the hooks configuration in the recipe changes.
However, in the current implementation, the RAUC_BUNDLE_HOOKS variable
is never used itself. It only serves for specifying the [file] and
[hooks] varflags.
But bitbake (at least currently) does not seem to include a variables
varflags into the signature generation. As a result, the added vardep on
RAUC_BUNDLE_HOOKS is completely useless.
Testing showed that explicitly adding the variable with their varflag
works. Thus we use this mechanism instead.
While at it, also move this out of the anonymous python block (which
isn't really required here) to improve parsing.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
---------------------------
Commit: d165fef
---------------------------
linux-yocto: add support for dm-crypt into kernel config
To support encrypted bundles, device mapper crypto support is required.
Add CONFIG_DM_CRYPT=y and CONFIG_CRYPTO_AES=y according to documentation [1].
[1] https://rauc.readthedocs.io/en/latest/integration.html#kernel-configuration
Signed-off-by: Andreas Pretzsch <apr@cn-eng.de>
---------------------------
Commit: 10a5021d
---------------------------
CI/CD Auto-Merger: cicd.master.202603191530
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=a85ebd5c5b216646779b3d34efa09f0a7d818d62..aaa3d54aaa9e837834fa6b6dd99e9fefdfcf7949
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=81a97a3303f8c786014d8644d185a368fba902c5..a46241db71e383bb6dda103ecad12b13e7af3c38
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=d6380d740b3af3be9a9ebbd347b5b0c34cd82e81..fa0fe817f5ee1b0542f757abaded245c6e5a1321
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 5aa1c6ef
---------------------------
meta-beagle: Fix TF-A machine name for badge
BeagleBadge board has been renamed to am62l3-badge
in the new TFA ti-tfa-2.14.y branch [0], so update
recipe TFA_BOARD accordingly.
[0] https://github.com/TexasInstruments/arm-trusted-firmware/commit/d203b8453905178252094416448de009931087e0
Signed-off-by: Judith Mendez <jm@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 9dc647e5
---------------------------
k3: set console parameter to KERNEL_CONSOLE
Set the default value of TI_WKS_BOOTLOADER_APPEND to
"console=${KERNEL_CONSOLE}" to populate the kernel cmdline console
variable for all k3 devices.
Also define SERIAL_CONSOLES for am64xx.inc, since it was previously
overriding TI_WKS_BOOTLOADER_APPEND directly for this functionality.
The KERNEL_CONSOLE variable provided by openembedded-core is a sane
default console parameter automatically populated by the first value in
the SERIAL_CONSOLES variable. Their UKI and EFI flows already use this
variable to ensure the kernel cmdline console value is set to something
machine appropriate.
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 7eaa6ae2
---------------------------
linux-bb.org_6.12: Backport C23 compile fix from linux-stable
A recent change in oe-core [1] to glibc 2.43 has introduced a build
error with 6.12 kernels. Backport a patch [2] from linux-stable to
address this.
[1] https://git.openembedded.org/openembedded-core/commit/?id=f791d6c52870f3571e740ff7818d45bb0a717934
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.12.y&id=3dedeeecd1ae42a751721d83dc21877122cc1795
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 204dbf80
---------------------------
u-boot-bb.org: Add a tick-timer for PocketBeagle
Add a chosen tick-timer in version 2025.10 to boot on PocketBeagle.
Fixes:
CPU : AM335X-GP rev 2.1
Model: TI AM335x PocketBeagle
DRAM: 512 MiB
Core: 155 devices, 16 uclasses, devicetree: separate
Could not initialize timer (err -19)
The patch is based on the following related discussions:
- arm: dts: am335x-*-u-boot: Add chosen tick-timer
https://lists.denx.de/pipermail/u-boot/2026-January/608684.html
- pocketbeagle stuck in boot loop with timer error
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269124
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: ee4b9d90
---------------------------
conf: machine: am62-lp: Package ECAP Capture overlay
Package k3-am62x-sk-ecap-capture.dtbo for AM62 LP SK to
enable ECAP in capture mode.
Signed-off-by: Judith Mendez <jm@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 237d409a
---------------------------
conf: machine: am62a: Fix overlays in KERNEL_DEVICETREE_PREFIX
There have been changes in k3-am62x* overlays due to conflicts
in DT, so update KERNEL_DEVICETREE_PREFIX for AM62A SK appropriately.
Signed-off-by: Judith Mendez <jm@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: df378fdf
---------------------------
ti-extras: Update SRCREV for Jailhouse
Update SRCREV for Jailhouse-enabled U-Boot and Linux kernel
and ti-jailhouse for the bsp-ti-6_18
Changes include:
- u-boot/ti-extras.inc: Update to latest SRCREV
- linux/ti-extras.inc: Update to latest SRCREV
- linux/ti-extras-rt.inc: Update to latest SRCREV
- jailhouse/ti-jailhouse: Update to latest SRCREV
Signed-off-by: Mahammed Sadik Shaik <s-sadik@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 732327f1
---------------------------
layer.conf: Update the layers to support wrynose
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 81cd032c
---------------------------
CI/CD Auto-Merger: cicd.master.202603161800
Updated the value(s) for:
ti-linux-fw: PRUETH_FW_AM65X_SR2_VERSION,TI_LINUX_FW_SRCREV,TI_SYSFW_VERSION
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=58a8a47f9063cfcd9eebcfb2825b99a34ef19b80..a85ebd5c5b216646779b3d34efa09f0a7d818d62
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=e585d2fccbb4c11389ecd9afb00ec5e707267afc..81a97a3303f8c786014d8644d185a368fba902c5
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=f13c6190c45bc24cc6640e39c36304bbc4ff22e7..d6380d740b3af3be9a9ebbd347b5b0c34cd82e81
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 88a85e81
---------------------------
u-boot-ti-staging_2025.01: Backport fix for python3-setuptools change
A recent change in oe-core [1] to bump the python3-setuptools change
introduced a build error with the 2025.01 version of u-boot in binman.
Backport a fix from the master branch of u-boot [2] to address this.
[1] https://git.openembedded.org/openembedded-core/commit/?id=ab6b2bf7b555d3516abea6255b800fe6f9673a69
[2] https://github.com/u-boot/u-boot/commit/538719cb6a77934d069e0e64f264457a59a9ebfc
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: b92d66ad
---------------------------
linux-ti-staging_6.12: Backport C23 compile fix from linux-stable
A recent change in oe-core [1] to glibc 2.43 has introduced a build
error with 6.12 kernels. Backport a patch [2] from linux-stable to
address this.
[1] https://git.openembedded.org/openembedded-core/commit/?id=f791d6c52870f3571e740ff7818d45bb0a717934
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.12.y&id=3dedeeecd1ae42a751721d83dc21877122cc1795
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: a77f6ead
---------------------------
mesa-pvr: fix compilation errors with c23
Pull a fix from mesa/main regarding C23/glibc's definition of once_init
in stdlib.h.
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: c4f9ff1e
---------------------------
recipes-ti: ti-librpmsg-dma: Update branch and disable example build
Switch from scarthgap to main branch for ti-librpmsg-dma library. Also
update SRCREV and add -DBUILD_SIGNAL_CHAIN_BIQUAD_EXAMPLE=OFF to cmake
options to exclude building the sigchain example.
Signed-off-by: Paresh Bhagat <p-bhagat@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 8eaa5cac
---------------------------
ti-jailhouse: Fix buildpaths QA warning and cleanup
Add -ffile-prefix-map flags to KCFLAGS to remove build path
references from kernel module compilation, ensuring reproducible
builds and preventing absolute path leakage in binaries.
inherit module-base kernel-module-split for building kernel modules
move V=1 into EXTRA_OEMAKE and remove overriding do_compile()
This resolves buildpaths QA warnings during packaging.
Signed-off-by: Mahammed Sadik Shaik <s-sadik@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: dbedef73
---------------------------
jailhouse-inmate: Inhibit debug package split
Inmate binaries are bare-metal applications without standard debug
symbols that can be meaningfully split. Inhibit debug package
creation to avoid unnecessary packaging overhead and potential
QA warnings.
Signed-off-by: Mahammed Sadik Shaik <s-sadik@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 6d51093a
---------------------------
jailhouse: Fix JH_RAMFS image path
Update JH_RAMFS_IMAGE references to use correct .cpio
extension instead of .rootfs.cpio to match current image
naming convention
Signed-off-by: Mahammed Sadik Shaik <s-sadik@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 9c336bc8
---------------------------
CI/CD Auto-Merger: cicd.master.202603091800
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=8dedb46bfd7e7bba52cbedfbab10fe4383317b7b..e585d2fccbb4c11389ecd9afb00ec5e707267afc
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=1ae61a325571a4b242dac987edcbff0bf11cbd35..f13c6190c45bc24cc6640e39c36304bbc4ff22e7
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: db4353bc
---------------------------
CI/CD Auto-Merger: cicd.master.202603060742
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=cf4a45b898294c96af02a62b7321c35651b3fa67..58a8a47f9063cfcd9eebcfb2825b99a34ef19b80
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=90e682a353fe494e4058068a02bd8ee9f7a1bbf2..8dedb46bfd7e7bba52cbedfbab10fe4383317b7b
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=30182cf3ac7db7fd66c36870f3fc5db91a32f36c..1ae61a325571a4b242dac987edcbff0bf11cbd35
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: acea5fac
---------------------------
ti-extras: Add Jailhouse support for bsp-ti-6_18
Add Jailhouse-enabled U-Boot and Linux kernel configurations
for the bsp-ti-6_18 release to support AM62xx, AM62Pxx, and
AM62Lxx platforms.
Changes include:
- u-boot/ti-extras.inc: Add ti-u-boot-2026.01-jailhouse branch
- linux/ti-extras.inc: Add ti-linux-6.18.y-jailhouse branch
- linux/ti-extras-rt.inc: Add ti-linux-6.18.y-jailhouse branch
Signed-off-by: Mahammed Sadik Shaik <s-sadik@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: bf93262b
---------------------------
meta-ti: optee: Update SHA in optee_os to integrate timeout increase
optee_os has a driver for AM62L's mailbox. Recently it started timing
out waiting for a response from TIFS. It seems that the timeout we had
given was at the edge of what was acceptable, since unrelated changes to
rest of the boot chain were breaking it. So a patch was sent to optee_os
to fix this by increasing the timeout from 10ms to 1000ms.
Update the optee_os recipe's SHA to integrate this change into the SDK.
Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: de85a85c
---------------------------
CI/CD Auto-Merger: cicd.master.202603050509
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
linux-ti-staging_6.18: SRCREV
Changelogs:
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=8f753312db559c2f1f0867030e5fb36b89f2ea05..30182cf3ac7db7fd66c36870f3fc5db91a32f36c
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 563ffd7e
---------------------------
CI/CD Auto-Merger: cicd.master.202603041808
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=c5eea0af8225334b1babfa750b329200dcee3d2b..cf4a45b898294c96af02a62b7321c35651b3fa67
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=c42989009c209834eb512c065e283c492ec3dd50..90e682a353fe494e4058068a02bd8ee9f7a1bbf2
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=e9ebc825175636714e0ffa113133ef03879748df..8f753312db559c2f1f0867030e5fb36b89f2ea05
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 92c21982
---------------------------
beagle-bsp: unset TI_CORE_INITRAMFS_KERNEL_MODULES
As BB.org kernel comes with own custom defconfig, there are no modules
required to be loaded from initramfs in order to boot the platforms, as
required drivers are built in. Unset the list of such modules to avoid
breakage.
Signed-off-by: Denys Dmytriyenko (TI) <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 59af86a2
---------------------------
beagleplay-ti: use the am62xx.inc
We should inherit the am62xx.inc and just override values as needed.
Signed-off-by: Randolph Sapp <rs@ti.com>
Acked-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: cb50cbab
---------------------------
beagley-ai: add beagley-ai-ti
Split the existing config into a beagley-ai-ti and beagley-ai that
includes it, like the existing beagleplay machine.
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 87f5d17f
---------------------------
meta-beagle: move all beagle board configurations
Move all beagle board configurations to meta-beagle. There are 2 skews
currently:
1. A base TI configuration setting all the default variables required to
use the device with meta-ti-bsp provided packages.
2. An override that uses meta-beagle BSP components. This includes all
the values defined in the TI skew as well as any meta-beagle specific
configuration.
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: e9c04213
---------------------------
CI/CD Auto-Merger: cicd.master.202602271140
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: PV,SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=fc93d06371ec35ef634284748e8263907327d6fd..c5eea0af8225334b1babfa750b329200dcee3d2b
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=cb63a11faef453412da23e72c5e9b6782cf62274..c42989009c209834eb512c065e283c492ec3dd50
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=7e2c5ee21e318f67edb760f67fe16d41b1dc5a1e..e9ebc825175636714e0ffa113133ef03879748df
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 74f14d87
---------------------------
conf: am62dxx-evm: Package k3-am62a7-sk-e3-max-opp overlay
Package k3-am62a7-sk-e3-max-opp.dtbo for AM62D2-EVM to configure C7x DSP
to run at its maximum supported frequency of 1GHz.
Signed-off-by: Paresh Bhagat <p-bhagat@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: c4caa380
---------------------------
optee: Update optee_os to integrate Firewall RNG changes
Recently, a few commits were merged beyond the 4.9.0 tag in optee_os. These
commits refactor some code in SA2UL, and add firewall configurations for RNG in
AM62L. Therefore, to integrate these changes in the SDK, update the optee_os
SHA.
Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 15f5c84e
---------------------------
trusted-firmware-a: Update to 2.14+
Updates trusted-firmware-a to a commit with the LPM patches and removes
them from yocto.
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: e24a5376
---------------------------
ti-img-rogue-driver: Support for unified GPU bindings
New sha brings support for unified GPU bindings.
Signed-off-by: Antonios Christidis <a-christidis@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 135dfe3f
---------------------------
ti-bsp: Make ti-6_18 the default BSP
Our initial testing is nearing completion and 6.18 is ready to be our
default kernel along with 2026.01 uboot.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: ddbc40d2
---------------------------
packagegroup-ti-core-initramfs: Add nfs-utils-mount
When loading an initramfs, the kernel no longer provides functionality
for mounting the rootfs. nfs-utils-mount is the minimal required
packages to provide the needed tooling for the kernel to mount the
rootfs over nfs when using an initramfs.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: cd0391b2
---------------------------
gdbc6x: Tweak lcl_maybe_fortify security setting
A change in oe-core [1] has turned on higher security checks, but gdbc6x
will not build with FORTIFY_SOURCE turned on. Remove that setting to
get it building again.
[1] https://git.openembedded.org/openembedded-core/commit/?id=4c2d64c10a5b0437ab1ea04df22386f0f95124d1
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 03a7ad13
---------------------------
dsptop: Tweak SECURITY_STRINGFORMAT
A change in oe-core [1] has turned on higher security checks, but dsptop
will not build with all of them turned on. Remove a single setting to
get it building again.
[1] https://git.openembedded.org/openembedded-core/commit/?id=4c2d64c10a5b0437ab1ea04df22386f0f95124d1
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 38758c5d
---------------------------
ti-ipc: Set DISABLE_STATIC = ""
As of [1], static libs are disabled by default. But this package relies
on static libs, so we need to allow for building them.
[1] https://git.openembedded.org/openembedded-core/commit/?id=03fc931bfe9ea3fa9f33553e6020cbc067b24291
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: bb64ebf3
---------------------------
ti-rpmsg-char: Set DISABLE_STATIC = ""
As of [1], static libs are disabled by default. But this package relies
on static libs, so we need to allow for building them.
[1] https://git.openembedded.org/openembedded-core/commit/?id=03fc931bfe9ea3fa9f33553e6020cbc067b24291
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: f60581dc
---------------------------
*: Remove unused patches
We have added checking for unused patches in our repo checking tool.
Remove two patch files that it found.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: fdca2e34
---------------------------
CI/CD Auto-Merger: cicd.master-ltsprep.202602191451
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=941e1f7a3b3f683a59a0e51fb78817eb31841430..fc93d06371ec35ef634284748e8263907327d6fd
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=0c5b72a0b975e5e01ed6164cc9547526c680fe95..cb63a11faef453412da23e72c5e9b6782cf62274
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=49a4f3a41af39ec952f7caadb856418e1b734449..7e2c5ee21e318f67edb760f67fe16d41b1dc5a1e
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: a8e59d34
---------------------------
conf: j722s: Add usbdfu tie-test-builds config
Using the new UBOOT_CONFIG flow, enable a mode where additional uboot
configurations can be built along side the main config. In this case,
turning on USBDFU for a board for testing purposes.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 82f15401
---------------------------
trusted-firmware-a: Updates for am62l
Change the branch for am62l to ti-tfa-2.14y and change the TFA_PLATFORM
for am62l.
License-Udpate: am62l branch is now in line with master, so the md5sum
changed to match.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 65ba600b
---------------------------
conf: am64: Add ECDSA key signing
Add support for signing the u-boot files with an ECDSA key.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 135b7041
---------------------------
ti-img-rogue-*: Migrate GPU driver version 25.2 -> 25.3
New recipes for GPU DDK 25.3. Update BSP configuration file to
package driver, which now supports kernel 6.18.
Signed-off-by: Antonios Christidis <a-christidis@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 4107d315
---------------------------
ipc: ti-rpmsg-char: Update library to 0.6.11
update ti-rpmsg-char library to 0.6.11
It brings the below fixes:
dd4783422bf lib: Do not update local endpoint
f26e4a30ca7 example: benchmark: move latencies array to data section.
Signed-off-by: Hari Nagalla <hnagalla@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: ee9f5e1d
---------------------------
CI/CD Auto-Merger: cicd.master-ltsprep.202602181811
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: PV,SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=3c35ffe92dd85b5acfcbf350cd1a6cc829994b20..941e1f7a3b3f683a59a0e51fb78817eb31841430
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=65c7cac7324df20db0cfec1377fc3728018d5808..0c5b72a0b975e5e01ed6164cc9547526c680fe95
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=abdf4e7f1d6d22a2162c91baa1f2a32f8e7adf88..49a4f3a41af39ec952f7caadb856418e1b734449
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 123245b6
---------------------------
conf: Change weak assignment of IMAGE_BOOT_FILES
Rather than using ?= to default the value of IMAGE_BOOT_FILES, instead
use += to add the files we want to the probably empty value.
We ran into an issue where the recent ti-core-initramfs changes used +=
and overrode the ?= in k3.inc, resulting in no boot files being packaged
in the wic boot partition. This addresses the issue by ensuring that we
never have a situation where the required files are not in the final
list.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 1c2398c3
---------------------------
CI/CD Auto-Merger: cicd.master-ltsprep.202602130934
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=dfa62d2a6b9de71dc6fb682882834c9390324c42..3c35ffe92dd85b5acfcbf350cd1a6cc829994b20
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=41842a7ccad599b3b5aa4500de859a0f01583a8c..65c7cac7324df20db0cfec1377fc3728018d5808
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=8210918c3b8678d9781cf982c86757705405bfb3..abdf4e7f1d6d22a2162c91baa1f2a32f8e7adf88
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: dd883791
---------------------------
CI/CD Auto-Merger: cicd.master.202602130100
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
k3conf: SRCREV
Changelogs:
k3conf: https://git.ti.com/cgit/k3conf/k3conf/log/?qt=range&q=4e3a44c4b961831f2de80606942dd0d8eb508eca..c50875c7c4ad112d5e632bea3301e06a0aa8669f
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 8a36d561
---------------------------
optee: Update to 4.9.0 tag
Update optee_os, optee_client, optee_examples and optee_test to the
newer 4.9.0 tag.
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 77de8a11
---------------------------
ti-core-initramfs: Add TI_CORE_INITRAMFS_EXTRA_INSTALL
Add TI_CORE_INITRAMFS_EXTRA_INSTALL variable that another layer can use to
install additional packages/changes into the initramfs. Setting this
variable will also turn on the initramfs even if the platform does not
have kernel modules to include.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 300f2a8d
---------------------------
ti-core-initramfs: Rework logic
Clean up the logic of the new ti-core-initramfs to reduce the impact on
downstream layers.
- Flip the logic in the machine .conf files to track the list of
required kernel modules for that platform, but if the variable is set
to "" then the ti-core-initramfs will not be created.
- Redo the logic of when we require creation/usage of the initramfs to
just platforms that need it (ie that set TI_CORE_INITRAMFS_KERNEL_MODULES).
- Add a big switch to disable the initramfs entirely. In that case, the
user is on their own to make sure that the kernel has everything it
needs to boot either via config fragments to turn on the needed
modules, or by using the TI_CORE_INITRAMFS_KERNEL_MODULES
variable to populate their own initramfs.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: eb0d589b
---------------------------
ti-core-initramfs: pull correct VIRTUAL_RUNTIME components
Pull additional standard VIRTUAL_RUNTIME components to respect Distro
configuration (e.g. systemd/udev, etc.)
This only requires adjusting the size to 128MB.
Signed-off-by: Denys Dmytriyenko (TI) <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 220c16be
---------------------------
recipes-bsp: Remove TI TAD5212 DAC firmware recipe
TAD5212 now uses a dedicated driver instead of the PCM6240 driver,
making the firmware files no longer needed. So remove the recipe and
corresponding changes.
Signed-off-by: Paresh Bhagat <p-bhagat@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 7e27e75a
---------------------------
recipes-bsp: Add TI PCM6240 ADC firmware recipe
Add PCM6240 ADC firmware recipe for am62dxx-evm to support 2 PCM6240
ADC's, each supporting 4 channel recording.
Signed-off-by: Vishnu Singh <v-singh1@ti.com>
Signed-off-by: Paresh Bhagat <p-bhagat@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: a6bf8a8f
---------------------------
CI/CD Auto-Merger: cicd.master-ltsprep.202602111800
Updated the value(s) for:
ti-linux-fw: TI_LINUX_FW_SRCREV,TI_SYSFW_VERSION
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: PV,SRCREV
Changelogs:
ti-linux-fw: https://git.ti.com/cgit/processor-firmware/ti-linux-firmware/log/?qt=range&q=8ec0c42b8ccf2c9e8bebfd7c4e03d93fed555442..dfa62d2a6b9de71dc6fb682882834c9390324c42
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=7db1482473e9a9562061c6f89e6d3cd86a17e616..41842a7ccad599b3b5aa4500de859a0f01583a8c
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=e36172c9eb8513198f33eee06b8cff28c6556e11..8210918c3b8678d9781cf982c86757705405bfb3
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: c0e80f86
---------------------------
u-boot: Update ECDSA signing make option
When the feature was sent to upstream, it was requested to change the
command line option for specifying the key. Adapt to that change and
ensure it still works as is for bsp-ti-6_12.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: c79f7b83
---------------------------
CI/CD Auto-Merger: cicd.master-ltsprep.202602051800
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: PV,SRCREV
Changelogs:
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=0456d31970eeef8678fd20a6683d1acd9fc8da4a..7db1482473e9a9562061c6f89e6d3cd86a17e616
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=33b7bd36f11719837307a92818393608faafbc10..e36172c9eb8513198f33eee06b8cff28c6556e11
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 721c3380
---------------------------
CI/CD Auto-Merger: cicd.master.202602031100
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 634a30e2
---------------------------
conf: am62p: Add ECDSA key signing
Use the new framework to add alternative key signing for the am62p
platform as an example.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 507125ee
---------------------------
u-boot: Add alternative key signing
Provide framework for how to sign the uboot files with different keys
so that customers can see how it is done. We have provided an ECDSA
key and follow on patches will show how to point to it.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 22e889c2
---------------------------
CI/CD Auto-Merger: cicd.master-ltsprep.202602021018
Updated the value(s) for:
u-boot-ti-staging_2025.01: SRCREV_uboot
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging-rt_6.12: SRCREV_ARM32
linux-ti-staging_6.12: SRCREV
linux-ti-staging_6.18: PV,SRCREV
Changelogs:
u-boot-ti-staging_2025.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=42cf2abb5f42b4e8dca8b9df584b816d8a0da7fa..ef2eb76b650415637bd93b0eddfb1e31489117f9
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=127a42c7257a6ffbbd1575ed1cbaa8f5408a44b3..0456d31970eeef8678fd20a6683d1acd9fc8da4a
linux-ti-staging-rt_6.12: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=2bae13c52d344e96fce42ab8209c068d1e67c944..a3bc6dc973a99822f0707b1c9ba06b56bf142076
linux-ti-staging_6.12: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=8843c53f444321e22f1eaeec0478ffc0a6191203..da3c0f0a33ac00f7138c695a16d90301cf7ec02b
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=2d64b9f10d1d9e7cbd041d613b40222c11291f14..33b7bd36f11719837307a92818393608faafbc10
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 8529512d
---------------------------
CI/CD Auto-Merger: cicd.master.202601292132
Updated the value(s) for:
u-boot-ti-staging_2026.01: SRCREV_uboot
Changelogs:
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=c5e6d2ab7eba68cbfb600cdc131c0c375ced2ec9..127a42c7257a6ffbbd1575ed1cbaa8f5408a44b3
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 6da71942
---------------------------
Revert "CI/CD Auto-Merger: cicd.master-ltsprep.202601290100"
This reverts commit bb2c3dcb6c146a4c4e388e95c0a9c4c434b24351.
There is something wrong withour CICD scripts. This should not have
been promoted.
---------------------------
Commit: bb2c3dcb
---------------------------
CI/CD Auto-Merger: cicd.master-ltsprep.202601290100
Updated the value(s) for:
u-boot-ti-staging_2026.01: SRCREV_uboot
linux-ti-staging_6.18: PV,SRCREV
Changelogs:
u-boot-ti-staging_2026.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=c5e6d2ab7eba68cbfb600cdc131c0c375ced2ec9..677076fc270788c97e15cd5fc47b32d8a6bda672
linux-ti-staging_6.18: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=2d64b9f10d1d9e7cbd041d613b40222c11291f14..25e529b290fc89f777503b34100b2c8f5532b66b
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 06144542
---------------------------
optee-ftpm: Adapt to meta-arm change
meta-arm updated optee to 4.9.0 and added logic manage the
tag=xx;nobranch=1 vs branch=master in the SRC_URI for all of the optee
recipes except for optee-ftpm. Set the new variable to the same logic
as the other optee recipes to fix an unpack error.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: a546e95d
---------------------------
linux-ti-staging: Update 6.18 SRCREV
It looks like the ti-linux-6.18.y was force pushed. As we are still in
the process of getting the LTA up and running, we need to update the
SHA.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 69deabbd
---------------------------
conf: am65: Add usbdfu tie-test-builds config
Using the new UBOOT_CONFIG flow, enable a mode where additional uboot
configurations can be built along side the main config. In this case,
turning on USBDFU for a board for testing purposes.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: bd7a32b6
---------------------------
conf: am62: Add usbdfu tie-test-builds configs
Using the new UBOOT_CONFIG flow, enable a mode where additional uboot
configurations can be built along side the main config. In this case,
turning on USBDFU for a board for testing purposes.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 380d3e91
---------------------------
u-boot: Move ti-extras.inc into u-boot-ti.inc
Since the extras stuff should "theoretically" apply to all u-boot
versions, move the include out of each recipe and into the central
include file.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 5470b4f4
---------------------------
ti-gc320-driver: Port module for kernel 6.18
Port the kernel module for gc320 driver to build on linux kernel 6.18.
The overall version of the driver remains the same.
Signed-off-by: Antonios Christidis <a-christidis@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 85c3cc60
---------------------------
u-boot: Adapt to upstream change to UBOOT_CONFIG flow
A recent change to the UBOOT_CONFIG flow in oe-core [1], introduced
support for UBOOT_FRAGMENTS. We need to stop using our internal
UBOOT_CONFIG_FRAGMENTS and start using the new UBOOT_FRAGMENTS.
[1] https://git.openembedded.org/openembedded-core/commit/?id=cd9e7304481b24b27df61c03ad73496d18e4d47c
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: fc26d5dc
---------------------------
CI/CD Auto-Merger: cicd.master.202601171053
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
u-boot-ti-staging_2025.01: SRCREV_uboot
linux-ti-staging-rt_6.12: SRCREV_ARM32
linux-ti-staging_6.12: SRCREV
Changelogs:
u-boot-ti-staging_2025.01: https://git.ti.com/cgit/ti-u-boot/ti-u-boot/log/?qt=range&q=df1fe238230433ba3e5b731356156e145aa90917..42cf2abb5f42b4e8dca8b9df584b816d8a0da7fa
linux-ti-staging-rt_6.12: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=1379a8eb9786e78509f67ff8eac658bde5ddc66d..2bae13c52d344e96fce42ab8209c068d1e67c944
linux-ti-staging_6.12: https://git.ti.com/cgit/ti-linux-kernel/ti-linux-kernel/log/?qt=range&q=15b58b1dcd0e0a79d83740b81da1a1367f6f3f68..8843c53f444321e22f1eaeec0478ffc0a6191203
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 48901ff2
---------------------------
j721e: Disable ti-vxe-vde-driver for 6.18
The ti-vxe-vxd-driver recipe is not building with the 6.18 kernel.
Once a new version that addresses this is available we can turn this
back on.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 4a36d60f
---------------------------
ti-bsp: ti-img-encode-decode: Update SRCREV
V4L2 API has been updated to remove the flags parameter from
v4l2_m2m_buf_copy_metadata in the 6.19 stable kernel release. Driver has
been updated to reflect these changes. Update SRCREV to pull these
changes.
Signed-off-by: Brandon Brnich <b-brnich@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: a051601c
---------------------------
u-boot-ti-mainline: Update to version: v2026.01
Updated the value(s) for:
u-boot-ti-mainline: PV,SRCREV_uboot
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: bdcbe5d6
---------------------------
trusted-firmware-a: Clean up bbappend guard variables
Rather than using shorthand variables for the guard, move to a longer
more explicit naming. This is mostly a cosmetic change, but we might
make a rule for it in the future so that we can check for it.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: ce6dccea
---------------------------
conf: Add support for bsp-ti-6_18 to ti-core-initramfs
With the 6.18 we are moving to using an initramfs to provide non-default
modules for booting. So add that override to the machines that need it.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 54ce94f5
---------------------------
ti-core-initramfs: Shrink size of initramfs
It looks like we were modelling this initramfs off of the wrong example
from poky. This setup produces a much smaller initramfs.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 270b7b64
---------------------------
u-boot-ti: Clean up config looping code
Cleanup a few incorrect issues with the current file naming under the
config looping code.
1) Since binman is creating the tiboot3 files and signing them, when we
are trying to create the named version of the files, we do not want
to link against the spl/uboot-spl.bin file. We need to figure out
what the tiboot3.bin is pointing at and make this named version point
at the same thing.
2) When deploying the tiboot3 files, if we are deploying something that
is a link, then we should point the deployed link to the same named
target. This should help with figuring out what all of the links
actually point to from the build dir instead of running into .bin
file that has lost the audit trail.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
---------------------------
Commit: 3b7aad2f
---------------------------
CI/CD Auto-Merger: cicd.master.202601090100
Updated the value(s) for:
atf: SRCREV_tfa:am62lxx
Signed-off-by: LCPD Automation Script <lcpdbld@list.ti.com>
---------------------------
Commit: 475530ac
---------------------------
layer: bump compatibility to wrynose
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f505ae07
---------------------------
vcontainer-tarball: set S to UNPACKDIR for do_qa_unpack check
The recipe only has file:// SRC_URI entries which unpack directly into
UNPACKDIR, not a ${BP} subdirectory. The new do_qa_unpack QA check in
insane.bbclass warns when S doesn't exist after unpack. Set S explicitly
to satisfy the check.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4162f898
---------------------------
container-dummy-provides: Update to match changes in oe-core
OE-Core made changes to the way dummy providers work, update the
container-dummy-provides to match them. It now needs a hint in layer.conf
to make the core components aware of the presence of the dummy recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 8e609e01
---------------------------
lxc: update to v6.0.6
This fixes the build with recent glibc and picks up the following fixes:
2597434ae Release LXC 6.0.6
d128f134d cmd/lxc-user-nic: prevent OOB read in name_is_in_groupnames
c43aeaaed lxc/network: define netlink uAPI constants for link properties
42b43b31c lxc/network: save/restore physical network interfaces altnames
810f44ba0 lxc/network: optimize netdev_get_mtu
5e68a7a63 meson.build: fix open_how include with glibc-2.43+
540f9e2bc meson.build: fix openat2 include typo, fix with glibc-2.43 +FORTIFY
01b9e35a7 lxc: added support OpenRC init system
885496ccc src/confile: fix values of lxc.cap.keep and lxc.cap.drop
99c3206c7 tests/lxc-attach: ensure no data corruption happens during heavy IO on pts
b964611b3 lxc/{terminal, file_utils}: ensure complete data writes in ptx/peer io handlers
d6ccb9abe github: test io_uring-based event loop
0448c9dd2 build: update Makefile and meson.build
aa4212023 Improve the dbus scope creation error handling
f9e73517e cgfsng: fix reboots when using dbus
2072ea4c7 copy_rdepends: Don't fail on missing source file
c7eac1180 start: Respect lxc.init.groups also in new user namespace
8ed8145d6 start: Remove outdated comment about group dropping
e9921c3d7 build(deps): bump actions/upload-artifact from 5 to 6
97a2e4af5 Added documentation on unprivileged LXC containers
59a30025e added doc for --rbduser
54d323a2d added "--rbduser" option in "lxc-create -B rbd"
a262afb5d Fallback to XDG_RUNTIME_DIR when /run not found
d7068a338 checkonfig: Fixed compatible with toybox/gunzip
4cc343edf Initial changes without testing
bdce7a634 Enumerated all values in array
edc57196f meson: add meson option for running doxygen in build
058be42aa build: Check if P_PIDFD is defined
099089971 Ensure do_lxcapi_unfreeze returns false when getstate errors
f9ff9ea2a build(deps): bump actions/checkout from 5 to 6
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: a707a497
---------------------------
xen: update to RELEASE-4.21.0 -tip
This fixes the build against the lastest glibc, and we get a
few other bug fixes as well:
1c72306b1f domain: move vmtrace_alloc_buffer() invocation in vcpu_create()
999c6fadf7 vpci/msix: check for BARs enabled in vpci_make_msix_hole
8f3b637591 x86/ucode: Support discrete modules being CPIO archives
805e2b8ada x86/pv: Don't assume that INT $imm8 instructions are two bytes long
93614ffa48 x86/MCE: restore CPU vendor reporting to the outside world
e10f3ad869 tools/ocaml: fix 32-bit truncation bug in stub_xc_domain_setmaxmem()
1879637505 tools/sd-notify.h: Include string.h too
76dc2d6071 systemd: fall back to default system-sleep dir without systemd-devel
52356ca655 xenstored: Add newline to error message
4a7d2f18e5 libxl: constify some local variables for building with glibc 2.43
8061625411 tools/xenstored: fix live update
6adc1004f7 libxl: Fix device_add QMP calls with QEMU 9.2 and newer
55bb6db081 xen/cpufreq: fix usages of align_timer() in the on-demand governor
ae0708e940 xen/cpufreq: fix adjusting of sampling window on early exit
4778574053 common/domctl: xsm update for get_domain_state access
615199f05b VT-d: fix off-by-one when handling extra RMRR ranges
a7380f1437 xen: add non-executable stack note uniformly
14db25be36 xen/x86: fix usage of [[:blank:]] with BSD grep
99bd17462d EFI: Fix relocating ESRT for dom0
afaf4e7b50 SUPPORT.md: extend "lifetime"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 8ebf75a1
---------------------------
xen-tools: update to RELEASE-4.21.0 -tip
Bumping xen to version RELEASE-4.21.0-61-g1c72306b1f, which comprises the following commits:
1c72306b1f domain: move vmtrace_alloc_buffer() invocation in vcpu_create()
999c6fadf7 vpci/msix: check for BARs enabled in vpci_make_msix_hole
8f3b637591 x86/ucode: Support discrete modules being CPIO archives
805e2b8ada x86/pv: Don't assume that INT $imm8 instructions are two bytes long
93614ffa48 x86/MCE: restore CPU vendor reporting to the outside world
e10f3ad869 tools/ocaml: fix 32-bit truncation bug in stub_xc_domain_setmaxmem()
1879637505 tools/sd-notify.h: Include string.h too
76dc2d6071 systemd: fall back to default system-sleep dir without systemd-devel
52356ca655 xenstored: Add newline to error message
4a7d2f18e5 libxl: constify some local variables for building with glibc 2.43
8061625411 tools/xenstored: fix live update
6adc1004f7 libxl: Fix device_add QMP calls with QEMU 9.2 and newer
55bb6db081 xen/cpufreq: fix usages of align_timer() in the on-demand governor
ae0708e940 xen/cpufreq: fix adjusting of sampling window on early exit
4778574053 common/domctl: xsm update for get_domain_state access
615199f05b VT-d: fix off-by-one when handling extra RMRR ranges
a7380f1437 xen: add non-executable stack note uniformly
14db25be36 xen/x86: fix usage of [[:blank:]] with BSD grep
99bd17462d EFI: Fix relocating ESRT for dom0
afaf4e7b50 SUPPORT.md: extend "lifetime"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 3f58e364
---------------------------
crun: set CLEANBROKEN to fix configure on rebuild
crun ships a GNUmakefile that aborts with "You must run ./autogen.sh &&
./configure" when make clean is invoked before configure has run. The
autotools_preconfigure prefunc triggers this when rebuilding (e.g. via
multiconfig where sstate hash changes cause reconfiguration).
Set CLEANBROKEN = "1" to skip the make clean in autotools_preconfigure.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: e3902238
---------------------------
container-bundle: add explicit do_fetch dependency on skopeo-native
do_fetch_containers runs as a postfunc of do_fetch and needs skopeo
from the native sysroot. However, DEPENDS only gates
do_prepare_recipe_sysroot which runs after do_fetch, so with a clean
tmp/ directory skopeo-native may not be built when do_fetch runs.
Add an explicit do_fetch[depends] on skopeo-native:do_populate_sysroot
when remote containers are configured so the ordering is correct.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6240456e
---------------------------
container-registry: use FEATURE_PACKAGES for IMAGE_FEATURES validation
Move FEATURE_PACKAGES_container-registry from container-image-host.bb
to meta-virt-container.inc so it is available to all image recipes.
image.bbclass check_image_features() auto-discovers FEATURE_PACKAGES_*
variables as valid image features (line 72), so defining the variable
globally is sufficient — no IMAGE_FEATURES[validitems] needed.
This avoids the signature pollution that IMAGE_FEATURES[validitems]
causes when set globally, while allowing container-registry to be
used as an IMAGE_FEATURES value in any image recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c2eeba33
---------------------------
kernel: skip kcfg search path injection for kernels with kernel-cache
The kcfg sysroot search path (type=kmeta) was being injected
unconditionally, which caused fragment conflicts for linux-yocto kernels
that already have their own kernel-cache meta branch. The injected
search path would roll back fragments to an older set.
Make the injection conditional and fix the root cause:
- kernel_cache_feature() now checks SRC_URI for type=kmeta entries.
Kernels with kernel-cache get short paths (e.g. cfg/container.scc)
that resolve directly via the kernel-cache's search path. Kernels
without kernel-cache get the sysroot-relative ../../ paths as before.
- distro_cond_feature() now passes d.getVar('SRC_URI') instead of an
empty string, so kernel_cache_feature() can actually see whether the
kernel has a kernel-cache.
- SRC_URI append and inject_kcfg_search_path prefunc skip when
type=kmeta is already present.
- Remove unused kernel_cache_cond_feature() which was the original
conditional implementation but was never wired up.
This restores the original design intent from commit 5c212911
("allow conditional use of yocto-cfg-fragments"): kernel-cache is
the first choice for fragment resolution, sysroot is the fallback.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d16110ae
---------------------------
yocto-cfg-fragments: bump to -tip
bc293057 bcm-2xxx-rpi: Fix configuration audit warnings (LEDS, BACKLIGHT)
8ef043d5 kver: bumping to v6.18.16
104a5c9d bcm-2xxx-rpi: Add raspberry pi5 config and add input feature by default
9b173d3a genericarm64: drop CONFIG_PINCTRL_SM8350_LPASS_LPI
0b1ea0e5 genericarm64.cfg: enable CONFIG_INTERCONNECT_QCOM_QCS8300
2fa1b419 genericarm64-pinctrl.cfg: enable CONFIG_PINCTRL_QCS8300
53f6a3a8 kver: bumping to v6.18.13
98a36302 cfgs/nfc: create an intel-nfc-vendor specific feature
6350b56a netfilter.cfg: enable NF_CONNTRACK_SNMP
a425fdd0 pmem.cfg: enable DEV_DAX and DEV_DAX_HMEM
70eeaeff genericarm64.scc: enable TRANSPARENT_HUGEPAGE support
d62a1267 security-arm64.cfg: rename CFI_CLANG to CFI
b925ef94 security-arm64.cfg: correctly enable KASAN
1fdb98a4 security-arm64.cfg: add comment for ARM64_BTI_KERNEL
6d8bf6f0 security.cfg: move RANDOMIZE_MEMORY to x86_64
18fcb6dc arm.scc: move ARM_CPUIDLE to arm only
7e1d9b2b numa_x86_64.scc: move x86_64 config from numa.cfg to numa_x86_64.cfg
e93e999e sound.cfg: split SND_SOC_WM8731 to I2C and SPI variants
5a567776 sound_x86.scc: take over x86 configs from sound.scc
1ae7ce94 genericarm64.cfg: enable MTD NAND ECC support
15d48f71 genericarm64.cfg: enable TI MTD NAND support
40a67254 genericarm64-serial.cfg: set SERIAL_8250_CONSOLE to y
5ee6148e qemu-kvm.cfg: remove extra space
9f780417 firmware.cfg: whitespace fixes
bc221187 genericarm64.cfg: fix CONFIG_PM_DEVFREQ_EVENT
aef69bf3 Revert "genericarm64.scc: enable OP-TEE support"
6f597e1a genericarm64.cfg: enable SCSI support for HiSilicon etc
f1f313cf genericarm64.scc: enable RPMB support
a4565911 genericarm64.scc: enable GNSS support
391566e2 gnss.scc: add feature
d40a455d genericarm64.cfg: enable more bus drivers
20e41104 genericarm64.cfg: enable PCI_PASID support
0b2967f5 genericarm64.scc: enable NFC support
2643b37e nfc-vendor.scc: move Intel configs to nfc-vendor-intel.cfg
b1d00b01 genericarm64.scc: enable RFKILL LED, INPUT and GPIO
92610953 rfkill-extra.scc: add fragment for RFKILL LEDs, input and GPIO support
fc7d5f45 bluetooth.cfg: enable BT_LEDS support
f18ec272 genericarm64.scc: enable HSR
79fa2c17 hsr.scc: add feature for High-availability Seamless Redundancy (HSR & PRP)
1313923a genericarm64.scc: enable Time Sensitive Networking
e190eeff intel-x86.scc: enable hibernation with feature
c941f4ee genericarm64.scc: enable hibernation support
ce5c6d9d hibernation.scc: add feature
83620a7d bluetooth-usb.cfg: enable MediaTek and RealTek support
cf6e1261 bluetooth-hw.cfg: enable BT_MTK
ffdd0769 genericarm64.cfg: enable Microchip PHY support
9e9536d1 features/iommu: remove CONFIG_INTEL_IOMMU_FLOPPY_WA=y
61265288 genericarm64.cfg: enable CONFIG_QCA808X_PHY
8e6a09c7 kver: bumping to v6.18.11
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: e5a04172
---------------------------
container-registry: make IMAGE_FEATURES local to image recipes
Remove the global IMAGE_FEATURES[validitems] registration entirely.
Setting it in layer.conf or a globally-inherited bbclass changes the
varflag value, which gets pulled into the signature of every recipe
that depends on IMAGE_FEATURES — causing yocto-check-layer signature
change failures.
Image recipes that use the container-registry feature already set
IMAGE_FEATURES[validitems] locally (e.g. container-image-host.bb).
Users who want the feature in their own images add the one-liner:
IMAGE_FEATURES[validitems] += "container-registry"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c6b27a6b
---------------------------
qemu-system-native: Tweak whitespace handling
Avoid a yocto-check-layer issue:
qemu-system-native:do_recipe_qa: 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 -> 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614
bitbake-diffsigs --task qemu-system-native do_recipe_qa --signature 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614
NOTE: Reconnecting to bitbake server...
basehash changed from 1b770ad4a9b79d38c928331d17651d3d66a6ebc45822c336d7ab98bfa8ebfd94 to 6bc5e5507534603aa6f6ab862ab27ef9c0b9ffcfaa9922d7ef25cb563fab6ab9
Variable PACKAGECONFIG value changed:
"fdt alsa kvm pie slirp png pixman sdl virglrenderer epoxy {++}" (whitespace changed)
but moving the whitespace into the added option.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 94767826
---------------------------
container-registry: make IMAGE_FEATURES conditional on distro features
Move the container-registry IMAGE_FEATURES[validitems] registration
from layer.conf into meta-virt-container-cfg.bbclass where it can be
gated on DISTRO_FEATURES. The validitems varflag is now only registered
when vcontainer or virtualization is in DISTRO_FEATURES.
layer.conf is parsed before distro features are known, so inline
Python cannot be used there. The bbclass is loaded via USER_CLASSES
(deferred parsing) and already handles container profile configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 09a89703
---------------------------
xen-guest-bundle: drop QA skip for installed-vs-shipped
While we need the buildpaths QA skip due to the 3rd party
nature of some bundles, we don't need the installed-vs-shipped.
There's no reason why a bundled guest isn't packaging all its
files (or deleting them).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: aa18b46a
---------------------------
container-registry: drop container-registry-populate
Somehow we have two similar registry recipes that were developed
from a different pont of view.
We don't need both.
container-registry-index is the mature, QA-compliant version
that also generates the standalone container-registry.sh helper
script.
container-registry-populate is an older, simpler version that
does only the push, so we drop it here
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 21054f23
---------------------------
cockpit-machines: fix source specification and conditionally skip
This recipe can't be built without the main recipe, which is
in meta-oe meta-webserver.
Fix a S assigment, so it'll parse
And then skip if meta-webserver isn't in bblayers (not in
collections).
This will ensure that world builds don't try and pick it up
when processing meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5f6b41e4
---------------------------
example-xen-guest-bundle: require xen and x11 in DISTRO_FEATURES
to match the image recipe from XEN_GUEST_BUNDLES
Fixes:
ERROR: Nothing PROVIDES 'xen-guest-image-minimal'
xen-guest-image-minimal was skipped: using DISTRO 'distro', which is missing required DISTRO_FEATURES: 'xen'
in bitbake world builds
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ebe61f2a
---------------------------
sanity: default virtualization distro check to false
We've terrorized the users of meta-virt for long enough with
the warning about the virtualization distro feature not
being set.
Modern OE has the features_check capability so recipes and
functionality that need the distro feature to be set can
just check it themselves. No need to warn over and over
again.
For now, it just default to off, but the check can be
completely removed in the future (since it does cause some
parse time overhead).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: a1e1a021
---------------------------
xen/4.21: fix arm64 build with the most recent binutils
The upgrade of binutils in OE core broke the xen build on
arm64 due to unsupported instructions.
We cherry-pick a patch from xen master to fix the issue.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: a37eb96a
---------------------------
conf/vruntime: exclude backfill distro features
Block backfill features not needed by container runtime environments.
OE-core's DISTRO_FEATURES_BACKFILL auto-appends these to DISTRO_FEATURES
unless explicitly listed here. Without this, gobject-introspection-data
enables python3-pygobject (which DEPENDS on cairo), and wayland enables
pygobject's cairo PACKAGECONFIG — both are masked in vruntime builds.
We are using:
ISTRO_FEATURES_BACKFILL_CONSIDERED = "pulseaudio gobject-introspection-data opengl ptest multiarch wayland vulkan"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5032403d
---------------------------
xen-tools: update to RELEASE-4.21.0 -tip
Bumping xen to version RELEASE-4.21.0-42-gafaf4e7b50, which comprises the following commits:
afaf4e7b50 SUPPORT.md: extend "lifetime"
056103e7ad xen: Use MFLAGS for silent-mode detection
867b7d3f97 xen/kexec: return error code for unknown hypercalls
d2a6413550 x86/domain: adjust limitation on shared_info allocation below 4G
6228ea8acd xen/mm: allow deferred scrub of physmap populate allocated pages
15cd2b8f1b xen/mm: remove aliasing of PGC_need_scrub over PGC_allocated
39c90c8dee PCI: handle PCI->PCIe bridges as well in free_pdev()
74b26c53d3 x86/EFI: correct symbol table generation with older GNU ld
3f4bf1e876 x86/amd: Fold another DE_CFG edit into amd_init_de_cfg()
8d7a0f8661 build/non-x86: fix symbol lookup in presence of build-id
25db82b062 symbols: don't omit "end" symbols upon mixed code / data aliases
fc024ebf24 symbols: ensure sorting by value yields reproducible outcome
b75f39c692 flask: fix gcov build with gcc14+
8cb60ba236 PCI: handle PCI->PCIe bridges as well in alloc_pdev()
4e3c9c2eca x86/CPU: extend is_forced_cpu_cap()'s "reach"
b3f59203a5 x86/time: deal with negative deltas in get_s_time_fixed()
bc63b09ecc xen/domain: Disallow XENMEM_claim_pages on dying domains
97593f78ea symbols: don't use symbols-dummy
ee66c42166 symbols: re-number intermediate files
3146587dbc x86/spec-ctrl: Fix incomplete IBPB flushing during context switch
41b9ae5d7e x86/shadow: don't overrun trace_emul_write_val
2872cd3121 cirrus-ci: introduce FreeBSD 15.0-RELEASE as "current" version
c692a6786b x86: fix incorrect return value for has_if_pschange_mc
fe0d896902 x86/PVH: mark pvh_setup_mmcfg() __init
82fe260552 xen/mm: move adjustment of claimed pages counters on allocation
b579e832de x86/hvm: be more strict with XENMAPSPACE_gmfn source types
e39831f590 xen/mm: reject XENMEM_claim_pages when using LLC coloring
f805b61268 x86/AMD: avoid REP MOVSB for Zen3/4
11f9427100 vPCI: avoid bogus "overlap in extended cap list" warnings
7ab1f4939a xen/x86: Pass TPM ACPI table to PVH dom0
1cacccbace x86/mm: update log-dirty bitmap when manipulating P2M
7990330478 x86/pod: fix decrease_reservation() clearing of M2P entries
16e22efbde x86/amd: Fix race editing DE_CFG
81e71ef34f x86/amd: Stop updating the Zenbleed mitigation dynamically
ba9142efd7 x86/vhpet: Fix sanitization of legacy IRQ route
747d10b76f x86/msix: fix incorrect refcount decrease in msixtlb
c7e69564e5 x86/ucode: Fix error handling during parallel ucode load
5d002b7470 x86emul/test: correct compiler checking and avoid it when merely cleaning
6adf28094f xen: Fix EFI buildid alignment
653a3dd92a x86emul/test: extend cleaning of generated files
3d966b5f13 kconfig: remove references to docs/misc/kconfig{,-language}.txt files
14ad692e3b update Xen version to 4.21.1-pre
06af9ef229 Update to Xen 4.21
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c850e7dd
---------------------------
xen: update to RELEASE-4.21.0 -tip
Bumping xen to version RELEASE-4.21.0-42-gafaf4e7b50, which comprises the following commits:
afaf4e7b50 SUPPORT.md: extend "lifetime"
056103e7ad xen: Use MFLAGS for silent-mode detection
867b7d3f97 xen/kexec: return error code for unknown hypercalls
d2a6413550 x86/domain: adjust limitation on shared_info allocation below 4G
6228ea8acd xen/mm: allow deferred scrub of physmap populate allocated pages
15cd2b8f1b xen/mm: remove aliasing of PGC_need_scrub over PGC_allocated
39c90c8dee PCI: handle PCI->PCIe bridges as well in free_pdev()
74b26c53d3 x86/EFI: correct symbol table generation with older GNU ld
3f4bf1e876 x86/amd: Fold another DE_CFG edit into amd_init_de_cfg()
8d7a0f8661 build/non-x86: fix symbol lookup in presence of build-id
25db82b062 symbols: don't omit "end" symbols upon mixed code / data aliases
fc024ebf24 symbols: ensure sorting by value yields reproducible outcome
b75f39c692 flask: fix gcov build with gcc14+
8cb60ba236 PCI: handle PCI->PCIe bridges as well in alloc_pdev()
4e3c9c2eca x86/CPU: extend is_forced_cpu_cap()'s "reach"
b3f59203a5 x86/time: deal with negative deltas in get_s_time_fixed()
bc63b09ecc xen/domain: Disallow XENMEM_claim_pages on dying domains
97593f78ea symbols: don't use symbols-dummy
ee66c42166 symbols: re-number intermediate files
3146587dbc x86/spec-ctrl: Fix incomplete IBPB flushing during context switch
41b9ae5d7e x86/shadow: don't overrun trace_emul_write_val
2872cd3121 cirrus-ci: introduce FreeBSD 15.0-RELEASE as "current" version
c692a6786b x86: fix incorrect return value for has_if_pschange_mc
fe0d896902 x86/PVH: mark pvh_setup_mmcfg() __init
82fe260552 xen/mm: move adjustment of claimed pages counters on allocation
b579e832de x86/hvm: be more strict with XENMAPSPACE_gmfn source types
e39831f590 xen/mm: reject XENMEM_claim_pages when using LLC coloring
f805b61268 x86/AMD: avoid REP MOVSB for Zen3/4
11f9427100 vPCI: avoid bogus "overlap in extended cap list" warnings
7ab1f4939a xen/x86: Pass TPM ACPI table to PVH dom0
1cacccbace x86/mm: update log-dirty bitmap when manipulating P2M
7990330478 x86/pod: fix decrease_reservation() clearing of M2P entries
16e22efbde x86/amd: Fix race editing DE_CFG
81e71ef34f x86/amd: Stop updating the Zenbleed mitigation dynamically
ba9142efd7 x86/vhpet: Fix sanitization of legacy IRQ route
747d10b76f x86/msix: fix incorrect refcount decrease in msixtlb
c7e69564e5 x86/ucode: Fix error handling during parallel ucode load
5d002b7470 x86emul/test: correct compiler checking and avoid it when merely cleaning
6adf28094f xen: Fix EFI buildid alignment
653a3dd92a x86emul/test: extend cleaning of generated files
3d966b5f13 kconfig: remove references to docs/misc/kconfig{,-language}.txt files
14ad692e3b update Xen version to 4.21.1-pre
06af9ef229 Update to Xen 4.21
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6aef6e66
---------------------------
image-oci: update oci-iamge-tools + runc instructions
Our runc is now sufficiently far ahead of the oci-image-tools
such that they aren't compatible.
But
They can still be made to work with a runc generated spec.
Update the comments to show a flow that works if using runc
directly is desired.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 139cd8a4
---------------------------
buildah: update to v1.43.0
Bumping buildah to version v1.43.0-1-gbbc4bd12f, which comprises the following commits:
0158b5b31 [release-1.43] Bump Buildah to v1.43.0
f40d38a2f [release-1.43] fix source test
07b8495c8 [release-1.43] Bump common 0.67.0, image 5.39.1, storage 1.62.0
7178b10ac [release-1.43] Bump dest branch in cirrus to 1.43
acca15722 fix(build): make --tag oci-archive:xxx.tar work with simple images
40b5e371e test: do not untar archive into fs when checking file names
45b48af90 tests: use cached images instead of fedoraproject.org
662aa1598 chroot.bats(chroot with overlay root): ensure we can overlay
3877dc97d Run: don't try to encode SystemContext with json
c0cc97255 [release-1.42] Bump Buildah to v1.42.2
307d1a3a4 [release-1.42] Bump runc to v1.3.4
de21106b6 [release-1.42] Bump Buildah to v1.42.1
f0700c546 [release-1.42] bump runc to v1.3.3 - CVE-2025-52881
22cd531e9 RPM: build with sequoia on F43+
1ba41f035 Bump to Buildah v1.42.0
c23bf6bf1 Bump to storage v1.61.0, image v5.38.0, common v0.66.0
858a514ff fix(deps): update module github.com/openshift/imagebuilder to v1.2.19
a0bc52535 fix(deps): update module github.com/openshift/imagebuilder to v1.2.18
4caee77d1 copier: ignore user.overlay.* xattrs
5a849d176 commit: always return the config digest as the image ID
92b342392 fix(deps): update module golang.org/x/crypto to v0.43.0
114aa3d8c fix(deps): update module golang.org/x/sys to v0.37.0
58f0f862b fix(deps): update module github.com/docker/docker to v28.5.1+incompatible
65929b93a fix(deps): update module github.com/moby/buildkit to v0.25.1
31cb2af46 fix(deps): update module github.com/opencontainers/runc to v1.3.2
8efc91385 fix(deps): update module github.com/docker/docker to v28.5.0+incompatible
ceff05295 fix(deps): update module github.com/moby/buildkit to v0.25.0
b7961ac34 fix(deps): update github.com/containers/luksy digest to 2cf5bc9
a654d3534 Make some test files different from each other
82702b493 Revert "fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0"
3748cda03 Also run integration tests with the Sequoia backend
c9c1d764c Allow users to build against podman-sequoia in non-default locations
e3468665b fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0
5bb6d9e48 .cirrus.yml: Test Vendoring bump golang
e3f55fec6 vendor: bump go.podman.io/{common,image,storage} to main
6d0c9ed7e fix(deps): update module golang.org/x/crypto to v0.42.0
fbe61f730 fix(deps): update module github.com/docker/docker to v28.4.0+incompatible
881f14f01 fix(deps): update module github.com/moby/buildkit to v0.24.0
bea03a01d fix(deps): update module github.com/spf13/pflag to v1.0.10
dcb6da097 fix(deps): update module github.com/fsouza/go-dockerclient to v1.12.2
477dd3563 fix(deps): update module github.com/opencontainers/runc to v1.3.1
296a8f3eb fix(deps): update module github.com/opencontainers/cgroups to v0.0.5
1c384c959 fix(deps): update module golang.org/x/sync to v0.17.0
9cd4768bd tests/run.bats: "run masks" test: accept "unreadable" masked directories
a18468f70 Run: create parent directories of mount targets with mode 0755
6e4d1ca83 tests/run.bats: "run masks" test: accept "unreadable" masked directories
af18a2ea6 New VM images
42d6b68db Suppress a linter warning
7aedebdcc modernize: JSON doesn't do "omitempty" structs, so stop asking
802b06979 modernize: use maps.Copy() instead of iterating over a map to copy it
16680a4df modernize: use strings.CutPrefix/SplitSeq/FieldsSeq
ebc9b4049 Update expected/minimum version of Go to 1.24
76c18c897 chroot: use $PATH when finding commands
02e42929f [skip-ci] Update actions/stale action to v10
95591dbc8 Update module github.com/ulikunitz/xz to v0.5.15 [SECURITY]
dd4f9fcd6 Update go.sum
7c0c647d6 New VM images
ac8573525 Update module github.com/openshift/imagebuilder to v1
3acceccf6 Update module github.com/spf13/cobra to v1.10.1
a0a9ac638 Switch common, storage and image to monorepo.
c448438ef Update module github.com/stretchr/testify to v1.11.1
57c9d52c6 Update module go.etcd.io/bbolt to v1.4.3
c4cfbcda8 Handle tagged+digested references when processing --all-platforms
fc8d43482 Update module github.com/stretchr/testify to v1.11.0
b436176d4 Add --transient-store global option
fc748f85a Support "--imagestore" global flags
a20e25136 Commit: don't depend on MountImage(), because .imagestore
13db28cdb Adding mohanboddu as community manager to MAINTAINERS.md
69a50588c Rework how we decide what to filter out of layer diffs
bf2cbe164 Note that we have to build `true` first for the sake of its tests
473656b9d copier.Stat(): return owner UID and GID if available
738fa0d3c copier.Get(): ensure that directory entries end in "/"
9461dd61d copier.Get(): strip user and group names from entries
fd498cbf5 imagebuildah.Executor/StageExecutor: check numeric --from= values
fceb8d9ed Losen the dependency on go-connections/tlsconfig
e78c0ad5a fix(deps): update module golang.org/x/crypto to v0.41.0
b49f0e2a5 fix(deps): update module golang.org/x/term to v0.34.0
494fd9dfa fix(deps): update module github.com/docker/go-connections to v0.6.0
4912cf45d fix(deps): update module golang.org/x/sys to v0.35.0
2ae2ec75b copy: assume a destination with basename "." is a directory
e31b04729 generatePathChecksum: ignore ModTime, AccessTime and ChangeTime
3e92772f6 fix(deps): update module github.com/seccomp/libseccomp-golang to v0.11.1
11e32da8d fix(deps): update module github.com/containers/common to v0.64.1
70d0451b8 History should note unset-label, timestamp, and rewrite-timestamp
7cecaa79e pkg/cli.GenBuildOptions(): don't hardwire optional bools
7cf2b7fb7 fix(deps): update module github.com/containers/image/v5 to v5.36.1
fb6ce9d07 imagebuildah.StageExecutor.Execute: commit more "no instructions" cases
0d1d1a4df fix(deps): update module github.com/containers/storage to v1.59.1
87f60f60c Only suppress "noted" items when not squashing
27c40b3db Reap stray processes
b271aecf4 fix(deps): update github.com/containers/luksy digest to 8fccf78
06207266f fix(deps): update module github.com/docker/docker to v28.3.3+incompatible
f949a49ab Restore the default meaning of `--pull` (should be `always`).
ff07ebc3e Test that pulled up parent directories are excluded at commit
7d302c38d Exclude pulled up parent directories at commit-time
95013b363 copier.Ensure(): also return parent directories
8807a0097 copier.MkdirOptions: add ModTimeNew
e729f60d5 fix(deps): update module github.com/containers/common to v0.64.0
cce5f9c32 Bump to Buildah v1.42.0-dev
8b5354ee8 fix(deps): update module github.com/spf13/pflag to v1.0.7
7a986ebcf CI: make runc tests non-blocking
2df30a83c build,add: add support for corporate proxies
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 506d5af2
---------------------------
xen: update documentation with vxn/containerd integration and runtime tests
README-xen.md:
- Add vxn and containerd integration section describing all execution
paths (containerd, vxn standalone, vdkr/vpdmn, native Docker/Podman)
- Add memory requirements section explaining QB_MEM_VALUE=1024 is
insufficient for vxn/vctr and documenting qemuparams="-m 4096"
- Add runtime tests section with build prerequisites, test commands,
and skip behavior
- Fix x86-64 runqemu command to include qemuparams="-m 4096"
vxn/README.md:
- Add testing section referencing the pytest runtime test suite
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: efccccda
---------------------------
xen: add runtime boot tests for hypervisor, guest bundling, vxn and containerd
New test_xen_runtime.py boots xen-image-minimal via runqemu and verifies:
- Xen hypervisor running (xl list, dmesg, Dom0 memory cap)
- Bundled guest autostart (alpine visible in xl list)
- vxn standalone (vxn run --rm alpine echo hello)
- containerd/vctr integration (ctr pull + vctr run)
Uses pexpect-based XenRunner with module-scoped fixture (boot once,
run all tests). TERM=dumb set after login to suppress terminal UI
from ctr/vxn progress bars. Free memory check skips vxn/vctr tests
gracefully when insufficient Xen memory available.
Also registers 'boot' marker in conftest.py and documents build
prerequisites, test options and skip behavior in README.md.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 90d6712b
---------------------------
vcontainer: fix daemon mode missing shared directory for 9p
DAEMON_SHARE_DIR was referenced in the CA certificate copy and idle
watchdog paths but never assigned, causing 'cp: cannot create regular
file /ca.crt: Permission denied' when starting the daemon.
Create the share directory under DAEMON_SOCKET_DIR and register it
as a 9p mount, matching the path expected by daemon_run().
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6d94266a
---------------------------
xen: add configuration tests and update documentation
Add TestXenImageMinimalX86Config test class verifying:
- QB_CPU_KVM host passthrough for Xen CPUID filtering
- QB_MEM_VALUE override (not QB_MEM which can't override bbclass)
- dom0_mem in both QB_XEN_CMDLINE_EXTRA and WKS syslinux config
- vgabios SAVANNAH_GNU_MIRROR usage
Update Alpine recipe tests for per-arch checksums (name=${ALPINE_ARCH})
and S variable. Add qemux86-64 build and boot section to README-xen.md.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5c891aab
---------------------------
xen: fix x86-64 boot and guest bundling issues
Fix several issues found during x86-64 Xen testing:
- xen-image-minimal: use -cpu host for KVM to avoid Xen CPUID
filtering stripping AVX/AVX2 from x86-64-v3 builds, causing
illegal instruction crashes in Dom0
- xen-image-minimal: use QB_MEM_VALUE (not QB_MEM) to properly
override the hard assignment in qemuboot-xen-defaults.bbclass
- xen-image-minimal: set dom0_mem=512M via QB_XEN_CMDLINE_EXTRA
- qemuboot-xen-x86-64.cfg: add dom0_mem=512M to static syslinux
config so guest autostart has memory available
- vgabios: use ${SAVANNAH_GNU_MIRROR} for reliable downloads
- alpine-xen-guest-bundle: add per-architecture checksums for
aarch64 and x86_64 tarballs, fix S variable warning
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c7346213
---------------------------
vxn: add host-side OCI image cache and fix Docker iptables conflict
Add a host-side OCI image cache at ~/.vxn/images/ for the vdkr/vpdmn
standalone Xen path. Images pulled via skopeo are stored in a
content-addressed layout (refs/ symlinks + store/ OCI dirs) so
subsequent runs hit the cache without network access.
New commands on Xen: pull, images, rmi, tag, inspect, image <subcmd>.
The run path is unchanged — cache integration into hv_prepare_container
is deferred to a follow-up.
Also fix Docker iptables conflict: when docker-moby and vxn-docker-config
coexist on Dom0, Docker's default FORWARD DROP policy blocks DHCP for
Xen DomU vifs on xenbr0. Adding "iptables": false to daemon.json
prevents Docker from modifying iptables since VM-based containers
manage their own network stack.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 035e0dae
---------------------------
vxn: add Docker/Podman integration and CLI frontends
Add vdkr/vpdmn as Dom0 target packages with Xen auto-detection,
native Docker/Podman config sub-packages, and OCI runtime fixes
for Docker compatibility (JSON logging, root.path, kill --all,
monitor PID lifecycle).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: bf5abfe3
---------------------------
vxn: add controlling terminal and clean up interactive output
Use setsid -c to establish a controlling terminal for the container
shell, fixing "can't access tty; job control turned off" and enabling
Ctrl-C signal delivery. Run in a subshell so setsid() succeeds without
forking (PID 1 is already a session leader).
Remove [vxn] diagnostic markers from interactive output now that
terminal mode is working. Suppress mount warning on read-only input
disk.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6fe3f4cd
---------------------------
vxn: fix terminal mode hang and enable interactive container support
The containerd shim's Create RPC hung indefinitely because go-runc
captures the OCI runtime's stdout via a pipe, and cmd.Wait() blocks
until all holders of the pipe's write end close it. The background
monitor subshell inherited this pipe fd and held it open, preventing
the shim from ever proceeding to ReceiveMaster() or calling Start.
Fix by closing inherited stdout/stderr in the terminal-mode monitor
with exec >/dev/null before entering the domain poll loop. Non-terminal
mode is unaffected because the shim configures IO via FIFO dup2, where
cmd.Wait() only waits for process exit.
Additional changes for terminal mode support:
- vxn-sendtty: set PTY to raw mode (cfmakeraw) before sending fd
- vxn-oci-runtime: wait up to 5s for xenconsoled PTY, capture sendtty
return code, write persistent debug file to /root/vxn-tty-debug,
log every runtime invocation, remove stale debug logging
- vxn-init.sh: add [vxn] diagnostic markers for terminal visibility,
suppress kernel console messages early in interactive mode
- vcontainer-preinit.sh: suppress kernel messages in quiet mode
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ba23ccd3
---------------------------
runx, go-build: mark as deprecated in favor of vxn
Update SUMMARY and DESCRIPTION to note that runx is unmaintained
(upstream dormant since 2022) and that vxn provides the same Xen DomU
container functionality with pluggable hypervisor backends. go-build
is the serial FD handler companion to runx and is similarly superseded.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 31367839
---------------------------
linux-yocto: add vxn distro feature and Xen PV kernel config
Add 'vxn' to DISTRO_FEATURES in vruntime.conf to enable Xen PV guest
kernel configuration. When set, linux-yocto_virtualization.inc includes
vxn.cfg which enables Xen PVH frontend drivers and the 9p Xen transport
(NET_9P_XEN). The base 9p stack comes from the existing vcontainer
feature via cfg/container.scc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1e88a57b
---------------------------
xen: add guest bundling infrastructure with cross-install class
Add xen-guest-cross-install.bbclass for bundling Xen guest images into
Dom0 host images at build time. Supports per-guest configuration via
varflags (memory, vcpus, vif, kernel extra), custom config files,
external/pre-built guests, and autostart via /etc/xen/auto/ symlinks.
Also add example-xen-guest-bundle recipe as a template, and simplify
xen-guest-image-minimal by removing the old XEN_GUEST_AUTO_BUNDLE
do_deploy mechanism in favor of the new class-based approach.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 7e8293ee
---------------------------
vcontainer: inject vxn-init.sh into vdkr and vpdmn rootfs images
Install vxn-init.sh alongside the existing init scripts in both vdkr
and vpdmn rootfs images. The Xen backend selects it at boot via the
vcontainer.init=/vxn-init.sh kernel command line parameter. Add
file-checksums tracking so rootfs rebuilds when the script changes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 05b30f9e
---------------------------
vcontainer: add bundle command for OCI runtime bundle creation
Add 'bundle' command to the vcontainer CLI for creating OCI runtime
bundles from container images. Pulls the image via skopeo, extracts
layers into rootfs/, resolves entrypoint/cmd/env from OCI config, and
generates config.json. Supports command override via -- separator.
Only available on the Xen (vxn) backend.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c118bfe7
---------------------------
vcontainer: generalize init scripts for pluggable hypervisor backends
Make preinit and guest init scripts hypervisor-agnostic:
- vcontainer-preinit.sh: add vcontainer.init= cmdline parameter for
init script selection and vcontainer.blk= for block device prefix
(QEMU uses /dev/vda, Xen uses /dev/xvda)
- vdkr-init.sh, vpdmn-init.sh: use NINE_P_TRANSPORT variable for 9p
mount transport (virtio for QEMU, xen for Xen)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5c84f660
---------------------------
vcontainer: add QEMU hypervisor backend and register in recipes
Add vrunner-backend-qemu.sh implementing the hypervisor interface for
QEMU (arch setup, KVM detection, disk/network/9p options, VM lifecycle,
QMP control). Register backend scripts in vcontainer-native and
vcontainer-tarball recipes so they are available in both build-time
and standalone tarball contexts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 9377aede
---------------------------
vxn: add containerd OCI runtime integration
Add shell-based OCI runtime (vxn-oci-runtime) that enables containerd
to manage Xen DomU containers through the standard runc shim. Non-terminal
container output flows back to ctr via the shim's pipe mechanism.
New files:
- vxn-oci-runtime: OCI runtime (create/start/state/kill/delete/features/logs)
- vxn-sendtty.c: SCM_RIGHTS helper for terminal mode PTY passing
- containerd-shim-vxn-v2: PATH trick wrapper for runc shim coexistence
- containerd-config-vxn.toml: CRI config (vxn default, runc fallback)
- vctr: convenience wrapper injecting --runtime io.containerd.vxn.v2
Key design:
- Monitor subprocess uses wait on xl console (not sleep-polling) for
instant reaction when domain dies, then extracts output markers and
writes to stdout (shim pipe -> containerd FIFO -> ctr client)
- cmd_state checks monitor PID liveness (not domain status) to prevent
premature cleanup race that killed monitor before output
- cmd_delete always destroys remnant domains (no --force needed)
- Coexists with runc: /usr/libexec/vxn/shim/runc symlink + PATH trick
Verified: vctr run --rm, vctr run -d, vxn standalone, vxn daemon mode.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: fa4b171a
---------------------------
vxn: add per-container DomU lifecycle and memres persistent DomU
Per-container DomU lifecycle:
- run -d: per-container DomU with daemon loop and PTY-based IPC
- ps: show Running vs Exited(code) via ===STATUS=== PTY query
- exec/stop/rm: send commands to per-container DomU
- logs: retrieve entrypoint output from running DomU
- Entrypoint death detection with configurable grace period
- Graceful error messages for ~25 unsupported commands
- Command quoting fix: word-count+cut preserves internal spaces
Memres (persistent DomU for fast container dispatch):
- vxn memres start/stop/status/list for persistent DomU management
- vxn run auto-dispatches to memres via xl block-attach + RUN_CONTAINER
- Guest daemon loop handles ===RUN_CONTAINER===: mount hot-plugged
xvdb, extract OCI rootfs, chroot exec entrypoint, unmount, report
- Falls back to ephemeral mode when memres is occupied (PING timeout)
- Xen-specific memres list shows xl domains and orphan detection
Tested: vxn memres start + vxn run --rm alpine echo hello +
vxn run --rm hello-world both produce correct output.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: dec4b4df
---------------------------
yocto-builder: require systemd
To avoid check layer issues, and distros without systemd trying
to build this package group, add a check and requirement for
systemd to be defined.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 46450321
---------------------------
vxn: fix non-interactive mode for clean container output
Fix several issues preventing non-interactive mode (vxn --no-daemon run)
from showing clean container output:
- Fix console capture: check DAEMON_MODE instead of DAEMON_SOCKET in Xen
backend so ephemeral runs use xl console capture instead of the daemon
socat bridge (DAEMON_SOCKET is always set, DAEMON_MODE is only "start"
for actual daemon launches)
- Fix race condition: add post-loop marker detection after VM exits,
with 2s delay for xl console to flush its buffer
- Add stdbuf -oL to xl console for line-buffered output
- Suppress mke2fs stdout (was only redirecting stderr)
- Suppress kernel console messages during VM lifecycle in non-verbose mode
- Fix grep -P (Perl regex) for BusyBox compatibility in exit code parsing
- Preserve temp directory on failure for debugging
- Fix hardcoded "QEMU" in error messages to "VM"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 57d267db
---------------------------
vxn: add Xen DomU container runtime with OCI image support
vxn runs OCI containers as Xen DomU guests — the VM IS the container.
No Docker/containerd runs inside the guest; the init script directly
mounts the container rootfs and execs the entrypoint via chroot.
Host-side (Dom0):
- vxn.sh: Docker-like CLI wrapper (sets HYPERVISOR=xen)
- vrunner-backend-xen.sh: Xen xl backend for vrunner
- hv_prepare_container(): pulls OCI images via skopeo,
resolves entrypoint from OCI config using jq on host
- xl create for VM lifecycle (PVH on aarch64, PV on x86_64)
- Bridge networking with iptables DNAT for port forwards
- Console capture via xl console for ephemeral mode
Guest-side (DomU):
- vxn-init.sh: mounts container rootfs from input disk,
extracts OCI layers, execs entrypoint via chroot
- Supports containers with or without /bin/sh
- grep/sed fallback for OCI config parsing (no jq needed)
- Daemon mode with command loop on hvc1
- vcontainer-init-common.sh: hypervisor detection, head -n fix
- vcontainer-preinit.sh: init selection via vcontainer.init=
Build system:
- vxn-initramfs-create.inc: assembles boot blobs from vruntime
multiconfig, injects vxn-init.sh into rootfs squashfs
- vxn_1.0.bb: Dom0 package with scripts + blobs
- nostamp on install/package chain (blobs from DEPLOY_DIR
are untracked by sstate)
- vxn.cfg: Xen PV kernel config fragment
Tested: vxn -it --no-daemon run --rm hello-world
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0fe8c444
---------------------------
xen: document guest import system and add tests
Add 3rd-party guest import section to README-xen.md covering
import types, kernel modes, Alpine example, and how to add
custom import handlers.
Add test_xen_guest_bundle.py with 46 pytest tests covering
bbclass structure, import handlers, kernel modes, license
warning, Alpine recipe, and README content.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 2f3dcd4e
---------------------------
alpine-xen-guest-bundle: new recipe for Alpine Linux Xen guest
Fetches Alpine Linux 3.23 minirootfs tarball and uses the
xen-guest-bundle import system (rootfs_dir type) to create a
128MB ext4 disk image. Packages as an autostarting PV guest
using the shared host kernel.
Install into a Dom0 image with:
IMAGE_INSTALL:append:pn-xen-image-minimal = " alpine-xen-guest-bundle"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 90ed995a
---------------------------
xen-guest-bundle: add guest import system for 3rd-party images
Add extensible import system to convert fetched source formats
(tarballs, qcow2, etc.) into Xen-ready disk images at build time.
Built-in import types:
- rootfs_dir: extracted directory → ext4 via mkfs.ext4 -d
- qcow2: QCOW2 → raw via qemu-img convert
- ext4/raw: copy passthrough
Per-guest varflags control the import:
XEN_GUEST_SOURCE_TYPE[guest] = "rootfs_dir"
XEN_GUEST_SOURCE_FILE[guest] = "alpine-rootfs"
XEN_GUEST_IMAGE_SIZE[guest] = "128"
Also adds three kernel modes for resolve_bundle_kernel():
- (not set): shared host kernel from DEPLOY_DIR_IMAGE
- "path": custom kernel, checks UNPACKDIR then DEPLOY_DIR_IMAGE
- "none": HVM guest, omits kernel= from config
Native tool dependencies and fakeroot are resolved automatically
at parse time. External guests emit a single license warning at
do_compile time (prefunc, not parse-time).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ac150976
---------------------------
xen-guest-bundle: add bbclass for packaging Xen guest bundles
New bbclass that creates installable packages bundling Xen guest
images (rootfs + kernel + config). When installed via IMAGE_INSTALL
into a Dom0 image that inherits xen-guest-cross-install, guests are
automatically deployed by merge_installed_xen_bundles().
Features:
- Parse-time dependency generation from XEN_GUEST_BUNDLES
- Per-guest varflags for memory, vcpus, vif, extra, disk, name
- Custom config file support via XEN_GUEST_CONFIG_FILE varflag
- Explicit rootfs/kernel path overrides for external guests
- Manifest-based packaging for cross-install integration
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f7022507
---------------------------
crun: inherit features_check for REQUIRED_DISTRO_FEATURES
The recipe sets REQUIRED_DISTRO_FEATURES:class-native but never
inherits features_check, so the requirement was silently ignored.
OE-core now has an unhandled-features-check QA test that catches
this and fails the build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 83b284dc
---------------------------
kernel: drop 6.12 .inc and append
6.12 has been removed from OEcore, so we drop our appends
as well.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1be0a5e3
---------------------------
irqbalance: Fix QA error when sysvinit is used
irqbalance: correct to install /etc/default for sysvinit
1.This commit uses option --with-pkgconfdir for sysvinit to correct to install /etc/default
Without this fix, there will show do_package QA Issue when sysvinit is used
ERROR: irqbalance-1.9.4+git-r0 do_package: QA Issue: irqbalance: Files/directories were installed but not shipped in any package:
/usr/etc
/usr/etc/default
/usr/etc/default/irqbalance.env
Previous PACKAGECONFIG[systemd] only works when systemd is used. So making this patch to fix it.
2.Merge DEPENDS for systemd into PACKAGECONFIG[systemd]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 30c5d74d
---------------------------
vcontainer-tarball: remove parse-time banner
The anonymous python function prints a banner unconditionally at
parse time, which means it appears when building any recipe (e.g.
xen-image-minimal), not just vcontainer-tarball. Remove the
parse-time banner since the post-build banner in
do_populate_sdk:append() already provides the same information
and only fires when actually building the tarball.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 2734c371
---------------------------
xen-tools: allow empty libxenmanage package for pre-4.21
libxenmanage was introduced in Xen 4.21, but its packaging was added
to the shared xen-tools.inc. When building older versions (e.g. 4.20),
the library is not produced and the empty package breaks the hard
RDEPENDS from xen-tools, causing do_rootfs failures.
Add ALLOW_EMPTY following the existing pattern used for other
version/arch-conditional packages in this file.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 02773ef2
---------------------------
podman: update to v5.7.1
Bumping libpod to version v5.7.1-5-gec1b7c989f, which comprises the following commits:
2b52342af9 Use explicit download-artifact name and path for win-installer release
36c405582a Bump Podman to v5.7.2-dev
f845d14e94 Bump to v5.7.1
6ecc622841 Final release notes update for v5.7.1
d0558385ec kube play: Fix fd leak when handling symlinks
214f5b2fd9 Update release notes for v5.7.1
678d1b4bfd avoid potential nil ptr deref in image rm
ba6e527289 fix: check err returned by newGenericDecompressor
68022802fc pkg/specgen/generate: Fix adding host devices on FreeBSD
a27cc24f80 Replace FindExecutablePeer with FindHelperBinary
dc7509fe38 [v5.7] Bump common to v0.66.1
7ce2e00ab1 libpod: simplify resolveWorkDir()
e576e002e9 libpod: fix workdir MkdirAll() all check
f348d1bd5b [v5.7] Bump Buildah to v1.42.2, runc to v1.3.4
9538a7d976 rootless_linux.c: use shortcut for system commands
0647387bfe SetupRootless handle case where conmon pid are not valid
118ec04065 preallocate paths in SetupRootless
6a9ce66e5c fix noMoveProcess in SetupRootless
973ab34078 use return error handling in SetupRootless
363665a456 pkg/machine: make mount units hook into local-fs
db82b92d0a docs: fix redoc swagger URL
9257ac4822 Bump Podman to v5.7.1-dev
0370128fc8 Bump to v5.7.0
84c31b8fae Create release notes for v5.7.0
b6b8d23abd hack/bats: port it to use the new remote support
129c344b49 test/system: fix broken podman_runtime
708f7a14f3 test/system: fix artifact test cleanup
e737d75b2f test/system: merge artifact tests into single file
58733d714a test/system: rework artifact created test
372e142252 test/system: remove 701-artifact-created.bats
bfddcb3384 test/system: do not run artifact test in parallel
199254f039 test/system: skip flaky restore test on debian
0c99f623aa test/e2e: try to fix clean up after terminated build flake
ec1efdbdac [v5.7] Packit/TMT: remove podman-next repos from release branches
97ad660c0c [v5.7] fix lint issues with github.com/cyphar/filepath-securejoin
e6deadcc34 [v5.7] Bump to runc v1.3.3 - CVE-2025-52881
cbda92e6b3 rotate aws meta_task keys
3d23aa4a6b rotate aws key
da8d069e6a Bump Podman to v5.7.0-dev
85a6e7f8d7 Bump to v5.7.0-rc3
b7d1f77147 Update release notes for v5.7.0-rc3
fb8644d551 Fix cache misses when pulling WSL machine image
c4357e7112 test: organize search tests with BeforeEach/AfterEach patterns
64fbc2557e test: refactor search_test.go to use helper functions and PodmanExitCleanly
d6f660076b test: Replace external registry deps with mock server in search tests
a59eaccbe2 Add tmt integration plan
bfae53709c Bump bundled krunkit from 1.1.0 to 1.1.1
f12c838fb7 Allow RC Windows Installer to be built
d0b45ff1f0 Allow failures on WSL machine tests
e68cecbb60 Bump Podman to v5.7.0-dev
fa892f1df0 Bump to v5.7.0-rc2
e16a54c6bc Add release notes for v5.7.0-rc2
667757583b Bump bundled krunkit from 0.2.2 to 1.1.0
537a0233ae Fix Windows Installer GH release
829864ba74 Add CreatedAt format option to podman artifact ls
7f780d866b Bump Podman to v5.7.0-dev
03f8a02983 Bump to v5.7.0-rc1
9b5751089b Add release notes for v5.7.0-rc1
61291e8c70 quadlet: add `cat` alias for `print`
c72102d1b2 Bump Buidah to v1.42.0 for Podman v5.7
f957852e4a fix: failing tests
8e013c0012 feat(quadlet: kube): support multiple Yaml entries
9ea18b78fa Warn on boltdb use
339a432dd9 fix artifact inspect issues
9bda788edf feat(cmd): podman kube play support multiple arguments
0ea4eaee70 cmd/podman: add replace flag to quadlet install
ca106301f8 fix: typo in uidmap option doc
0b1e9a76a5 RPM: build with sequoia for F43+
1fbf24b65b feat: add `--format` flag to artifact inspect
538229da90 artifact: added CREATED column to artifact ls Fixes: #27314
bb4fa066b3 fix remote command parameters
43ff7a4c13 Add a test for containers.conf runtime options
f87c8b9cba docs: introduce custom version selector in api.html
f6dd05d9c4 add test for container name without Pod name prefix feature
a27fd9bd89 Allow artifact add to override org.opencontainers.image.title annotation
bc571ae542 Vendor in latest go.podman.io/common
74788a3fe1 fileperms: newer Go 1.13+ octal literal format
1800b34b51 Quadlet build - add support for IgnoreFile key
0a20e22384 Add default runtime flags in config
cfd4cc0932 remove libartifact from podman
b394fe1a87 chore: remove repetitive word in cmd/podman/README.md
098d8efecc add option to remove Pod name prefix in resulting container name
9dbc33bb25 Add a new Windows installer supporting user scope
fa5d6cc103 docs: initialize redoc via JS API
858150288f docs: generate Reference version list from json file
56fee79d3c fix: system prune JSON unmarshalling error in remote client
73e42b3c9c [skip-ci] Update actions/setup-node action to v6
b2aefd4cf9 docs: add missing manifest parameter to build API endpoints
1e713c1a5f Add BuildArg example into documentation
34254cd1d0 Add artifact quadlet unit type support
6d63d165ef Fix flaky sysctl completion by handling /proc/sys errors gracefully
b4d81c0338 Run `make validatepr`
c0a09e7f10 Update docs/source/markdown/podman-systemd.unit.5.md
1656c90c6e Iterate through all machine providers in FindMachineByPort
a1e7e9a46d Add local build API for direct filesystem builds on MacOS and Windows (only WSL)
1f1354c2a4 fix(deps): update module golang.org/x/term to v0.36.0
e3c9fa6ddd Update docs for StopTimeOut
6786f59648 SECURITY.md: point to container-libs
a696f8bccb Update documentation to include BuildArg key
196be4b813 Test for multiple key/val arguments
720e263767 Add BuildArg key to quadlets
aaf957edf9 fix(deps): update module golang.org/x/sys to v0.37.0
d1c43e3ae8 Fixed #27120: Pod Quadlet can configure podman pod stop --time
928a50d228 fix(deps): update module golang.org/x/net to v0.45.0
79ecc1d56b Fix --userns=ns:<path> conflicting with runc 1.1.11+
98cb7b75d9 quadlet: standardize Convert function signatures
b765c91580 Add --replace option to podman artifact add command
3e774ee285 test/system: actually wait for container removal
fdb5ac5e8f test/system: run_podman ? needs quoting
09e535fb46 quadlet: remove unused 'name' parameter from ConvertNetwork and ConvertVolume
4bd6aff4b6 fix: #23915 podman build is not parsing sbom command line arguments
3a98b6dc0e test: Wait for killed container to avoid leak
b415b0ad3e Update pkg/api/server/register_artifacts.go
fb3eaf0c87 [DOCS] Add missing stable swagger API links
72ffd00c5a fix(deps): update module github.com/onsi/ginkgo/v2 to v2.26.0
00309d3955 secret ls: align docs, completion, and tests; fix formatting
6405925f79 Add artifact fallback to podman inspect command
a724fce8aa pkg/api: api list quadlets resource
3c3b805ea7 cmd/podman: --ignore errors flag to artifact rm
090304a054 lint: reenable revive unused-parameter check
88bca78c6e stop service instances
004e6ced76 test: remove outdated skip in podman run check personality support test
3b509022cd fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.9
83e65f91a4 Quadlet - Support template dependency
87b4f842de test: fix "run healthcheck" bindings test
ebde5d1563 cmd: add auto completion for network create --interface-name
e667532110 docs: point Go Report Card badge to v5 module path
ef0a7dd486 pkg/api/handlers/compat: use strings.CutPrefix
f198fe6b13 pkg/machine/wsl: use any instead of interface{}
5824197774 pkg/machine/e2e: remove obsoleted comment
8e55b67410 docs: fix Go Report Card badge to reference current repository
b5de5efb3e cmd/podman/system: fix error handling in renumber and migrate commands
571866775d [compat api] Remove ContainerConfig field
c11941eadb [DOCS] Update volume mount docs for subpath support
feb36e4fe6 Implement TLS API Support
a27929aaaf test/e2e: fmt artifact list with virtual size
32c962a177 Add Podman 6 HLD
9bca0d01d2 Add a design document for Conmon v3
4764b0e403 Add creation timestamp to podman artifacts
4652f5c3c6 docs: clarify that --userns=keep-id runs container as host UID
5ae0e0de3d cmd/podman: added virtual size option in artifact ls
63c40feb8c test: Fix test race in 030-run
f0f05e22c6 cmd/podman: completion for --sysctl in create/run
f26483ba7d fix: standardize casing for cgroups in documentation
15fdbe9442 test: remove hack workaround in 'use plugin in containers'
51f4e614e9 test: remove skip_if_remote from podman run - uidmapping has no /sys/kernel mounts
4b9be9c218 chore(deps): update dependency golangci/golangci-lint to v2.5.0
7c9aa72c55 add containerfile doc link
a0238fb19f libpod: Fill out OnlineCPUs in the FreeBSD stats handler
602ba415c6 libpod: Implement getOnlineCPUs() on FreeBSD
39750faab3 test/system: fix test race in exec leak check
b8258a53dd Update github action to use pull_request_target
b24220b0a2 Revert "test/e2e: try debug potential pasta issue"
ab5e400a9a docs: remove remote limitation note for --build-context option
8d06a9e9f7 fix: Correct typo in chrootdirs option
2702156bd7 pkg/bindings: on terminal attach always wait for stdout to be done
7ff07b6e0c pkg/bindings: use HTTP 101 upgrade request for attach
9e2850d0a8 Add --sign-by-sq-fingerprint to push operations
2f005b67f4 Exercise containers_image_sequoia in CI
070d7c3ad3 Revert "Rewrite the Quadlet documentation."
bb422c8372 Revert "Change the syntax to not depend on jinja2."
fd60d63bf4 Revert "Deduplicate more options."
4ae8e386ef Revert "docs: restore podman-systemd.unit.5"
04af9ae3fc fix(emulation): handle fs.ErrNotExist in registeredBinfmtMisc
80f1d48d44 [skip-ci] Update actions/setup-node action to v5
aa8bbbb1ff [skip-ci] Update actions/github-script action to v8
796be1e4bf troubleshooting: document lsetxattr error
e1c1961d48 [skip-ci] Update actions/checkout action to v5
43a294fa94 vendor: update golang.org/x packages
4417e6269c use maps.Clone() over Copy() when possible
637de6022f libpod/oci_conmon_linux.go: fix false postive in linter
9e4fad8d06 pkg/systemd/quadletL silence one lint warning
78e5a521b0 inline some conditionals
8631032556 run modernize -fix ./...
dc5a791f58 use bytes.SplitSeq where possible
b97525a78d use strings.SplitSeq where possible
4e3e9bfb70 update to go 1.24
8537afca66 test/e2e: fix podman run default mask test with crun 1.24
3bb32d846b test/system: skip noswap memory mounts correctly
52fcdcf64c test/system: skip idmapped mount correctly
bd7aada776 cirrus: update to freebsd 14.3
710e216390 cirrus: fix golangci-lint cache leak
a720139dd8 New VM images 2025-09-10
5b10b51788 Add a directory for design documents
936a01e088 Quadlet build - consider File path that starts with a systemd specifier as absolute
d0be0e9659 Makefile: restore HELPER_BINARIES_DIR
2bed9a40bc fix(deps): update module google.golang.org/protobuf to v1.36.9
c70c0ac13e refactor: Modularize binding build functions
c38babff57 Adding github action to generate a badge for first time contributor
8566ef71c0 fix: set header fields before response status code to prevent missing fields
50a3e3cf8a fix(deps): update module github.com/opencontainers/cgroups to v0.0.5
6c4b98c940 test/e2e: add CVE-2025-9566 regression test
cab3c6de6d docs: restore podman-systemd.unit.5
6756eb3412 Deduplicate more options.
fdeaf2905f Update module github.com/onsi/ginkgo/v2 to v2.25.3
163bdf2df8 quadlet: fix runtime error for invalid Mount value
792bbd2046 [skip-ci] Update actions/labeler action to v6
853dd36da3 Update dependency pytest to v8.4.2
43fbde4e66 kube play: don't follow volume symlinks onto the host
4b66e5a27b Add R! to systemd-tmpfiles script for all /tmp dirs
c2506656c4 spf13/pflag: replace deprecated ParseErrorsWhitelist
ca9c8d104e update module github.com/spf13/pflag to v1.0.10
889a5fd0ac [skip-ci] Update actions/stale action to v10
f22506b74f [skip-ci] Update actions/setup-go action to v6
310f196aea fix(deps): update module github.com/docker/docker to v28.4.0+incompatible
faceb67782 test/buildah-bud: enable one skipped test
dbfddb82cb vendor: update go.podman.io/{common,image,storage}
2c6dadd724 Fix a locking bug in that could cause a double-unlock
5c810ea1c8 Makefile: add SOURCES dep to bin/podman.cross.% target
b62f887fbd Makefile: add proper docs for bin/podman.cross.%
3633cd53e8 Revert "Remove bin/podman.cross Make target"
98072bfcea refactor: modularize build REST API with utility functions
2acf5c0119 libpod: Fix the jailName helper
a250fee0ec libpod: Fix "top" support on FreeBSD
5ba23ccad5 compat: Deduplicate the Linux and FreeBSD containers/stats helpers
a341a4ee24 compat: Add a stub container/stats handler for FreeBSD
9de737bf29 Change the syntax to not depend on jinja2.
c12b1b32bc Rewrite the Quadlet documentation.
247a80db45 test/system: remove distro-integration bats tag
ee45782079 test/system: fix podman load - from URL
20fb712872 test/system: do not connect to github server
59df0782f2 Handle SIGPIPE to prevent machine stuck in Starting state
9b8e785e3c fix(deps): update module github.com/spf13/cobra to v1.10.1
c65fd9a2c2 quadlet: add HttpProxy option for Container sections
26aafb21d2 fix(deps): update module github.com/checkpoint-restore/checkpointctl to v1.4.0
46d757501a do not pass [no]copy as bind mounts options to runtime
4e2a04dedc do not pass volume-opt as bind mounts options to runtime
a98154a978 Switch common, storage and image to monorepo.
c8681b6028 chore(deps): update module github.com/ulikunitz/xz to v0.5.15 [security]
0f477eaaa6 fix(deps): update module github.com/spf13/pflag to v1.0.9
573fd0d7eb fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.8
b9812e3d9e Mention zstandard tarball import support
80348a50d0 chore(deps): update module github.com/go-viper/mapstructure/v2 to v2.4.0 [security]
3d4f8153be fix(deps): update module github.com/onsi/ginkgo/v2 to v2.25.2
3effff42eb tests: Get rid of netcat on the host and use Bash's /dev/tcp
0ff079d320 tests: Replace ncat for socat
9c3652c188 Add support for criu's tcp-close functionality.
e467439ab8 test/e2e: actually start container in startContainer
3a1ce1fb3d fix(deps): update module github.com/stretchr/testify to v1.11.1
8e59c948df test/buildah-bud: skip new failing test
df80fbcab6 test/e2e: remove image diff test skips
b172cf7475 vendor: update buildah to latest main
e76b08394e vendor: update c/{common, image, storage} to latest main
a5a00c1796 Add a release note for 5.6 Rosetta being disabled-by-default
413eea885b fix(deps): update module github.com/stretchr/testify to v1.11.0
2dd3111098 fix(libpod): truncate long hostnames to correct maximum length
18aa78a7e6 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.25.1
877e208820 fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.32
c51c6e58a7 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.25.0
4b835f36b9 fix(deps): update module github.com/coreos/go-systemd/v22 to v22.6.0
249fa21e8a Improve documentation wording
5a2098cf61 windows: do not convert unconfined seccomp path
d267f8a3dd ci: log wsl --version output
40cd207437 Update module github.com/kevinburke/ssh_config to v1.4.0
fa5140771f Update module go.etcd.io/bbolt to v1.4.3
4b5ada39e4 Update release notes on main to reflect v5.6 release
514e686b4c podman events: show network create/remove event with journald
9d47477e82 cirrus: fix podman machine windows only_if condition
2c89069fa8 update tests duo to CRUN#1767 to support both values
cfe4d46d89 Optimize image loading for Podman machines
0a9d5ca75d Skip JSON parsing for non-JSON error responses
be0ad4a7aa [docs] Refactor Artifact API documentation
2e7d6135c6 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.24.0
96d9a00adb docs(run,create): note remote clients support only docker transport
10f9c9a7e8 Configurable GINKGOTIMEOUT in `winmake.ps1`
e1d6dfd2c7 Fixes #26369
46ee62ca6a Fixes: #26353
4690bce8a8 2025 3Q Roadmap Update
c33af3c8dd docs: add missing groups and hgroups descriptors to podman-top documentation
fda74ee619 added system-connection-add options example
68ed0c08e6 fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.7
700351a813 test/buildah-bud/run-buildah-bud-tests: loosen the branch regexp
21f2128d79 added example for custom socket
599c635f9f chore(deps): update dependency golangci/golangci-lint to v2.4.0
6d54a298c9 chore(deps): update docker.io/library/golang docker tag to v1.25
3ca729a2fb fix: Correct small typo foce -> force
f38e32760d feat: Add artifact remove --all option
b0febf3336 Update ADOPTERS.md
5706d2a61e make machine --user-mode-networking docs more clear
4bb4cf62cb [skip-ci] Update actions/checkout action to v5
512e04946c remove outdated dependencies/analyses scripts
5f5519607b contrib: add script and docs to analyze dependency usage
b6b8d05a52 Small changes suggested by markdown linter.
a0e6396c43 Updated with Type descriptions.
9a2dccf4f4 Add a deprecation notice for users of BoltDB
9b62438ede test/buildah-bud: fix checkout to also handle go.mod replace
8633b5edeb Update module golang.org/x/net to v0.43.0
cc465e7227 Updated with badges for Type and no extra line.
930cd25739 Feat: Add log_path support in containers.conf
e14b8acba8 Update vendor dependencies
1d6fda8eda New: initial ADOPTERS.md file.
7247d84fbe Fix typo
a75f74b1d3 Fixes: #26691
2959d9f7ec fix: drop yearly contributor badge
8ef76a6933 [skip-ci] Update actions/download-artifact action to v5
b5fce87237 Manpages: Added --filter flag examples to all the relevant podman manpages
7c95ceae57 Manpages: podman container runlabel added example with --replace
67ec2037c0 Add support for configuring tls verification with machine init
69f8f26d98 pkg/machine/e2e: remove build context skip
b8bba308b0 fix(deps): update common, image, and storage deps
ca3347cc2b doc(podman-system.unit.5.md): clarify user/group
6c27165054 Packit: do not notify on podman-next failures
1001450d77 chore(deps): update dependency golangci/golangci-lint to v2.3.1
32ec523ef6 Makefile: Clarify different `binaries` targets
f96eccb1ac docs: add examples with resource limits and mounts to podman pod create manpage
b7b7839ad3 compat: remove deprecated VirtualSize
a6fa3de870 fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.7
4a7974a7a8 [CI:DOCS] Remove Experimental from Artifacts man pages
0530a564a7 Fix: Improve error message for empty device modes in API requests
5ab92a7499 docs(kube play): clarify --annotation flag only affects containers, not pods
23ebb7d94c feat: add Podman artifact support to Go bindings and remote clients
0666b4ffbf events: add support for label filter with key only
610c4c7710 compat: GET /_ping return Builder-Version: 1
1963c6275e compat: remove GET /system/df BuilderSize
b0e7a2ec9b compat: add shared-size par to GET /images/json
e33d92ce9e docs: add LFX Insights badges
b5d18e873f Fix ancestor filter to support Docker-compatible substring matching
924e03ac97 fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.30
88bb9daeab fix(deps): update module github.com/docker/docker to v28.3.3+incompatible [security]
0740b94fcd fix(deps): update module sigs.k8s.io/yaml to v1.6.0
003a4d44a1 docs: add resource limit examples to podman pod clone manpage
81d6d90195 Improve handling of --publish and incompatible NetNS modes
df2862e72c Consolidate the definition and consumption of --sign* CLI options
426e787beb Fix (podman artifact push --creds)
67927715cf Remove unused CLI options
dd8bc6ccb9 Bump main to v5.7.0-dev
7f2908afcf podman: add --creds and --cert-dir to create/run
31fafad0c1 Update module github.com/mattn/go-sqlite3 to v1.14.29
dcd187946d Skip rather than comment bad diff tests
4395ff1f25 Link to blog post
3ef33653ff compat: RepoTags and RepoDigest return [] and not null
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5ca92e99
---------------------------
container tasks: move network access out of build chain
yocto-check-layer reports an error for any task between do_fetch and
do_build that has network enabled. Two changes fix this:
container-bundle.bbclass: Move do_fetch_containers from a standalone
task into a do_fetch postfunc. When remote containers are configured,
the anonymous function adds extend_recipe_sysroot as a do_fetch
prefunc (so skopeo-native is available) and do_fetch_containers as a
postfunc. Network access during do_fetch is permitted by the QA check.
container-registry-index: Remove do_container_registry_index from the
build dependency chain (drop "before do_build"). Registry push is a
deployment action requiring explicit invocation:
bitbake container-registry-index -c container_registry_index
The default do_build task now prints usage instructions.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: a4625a1f
---------------------------
kernel: inject local search path to fragment processing
Inject the kcfg sysroot root into the scc search path so compound .scc
files (like container.scc) can resolve their include directives.
kernel-yocto.bbclass adds type=kmeta directories to -I includes via
find_kernel_feature_dirs/feat_dirs.
The prefunc replaces the placeholder directory with a symlink to the
kcfg sysroot so that spp can resolve include directives within
scc files that reference other fragments by relative path (e.g.
"include cfg/9p.scc" inside container.scc).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c25486a3
---------------------------
kernel: consolidate kernel configuration options
Move from the meta-virt hosted fragments to common fragments
that are in the kernel-cache.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ccb5d212
---------------------------
yocto-cfg-fragments: update to 6.18-tip
In particular we pick up the consolidated container configuration
options.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: abfb05a3
---------------------------
kernel: drop 6.10, 6.16 and 6.17 support
These kernels are EOL upstream and in OE core. Dropping
their enablement in meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6f53d776
---------------------------
container-yocto-builder: add Yocto build container with systemd
Multi-layer OCI container image that can compile the Yocto Project.
Three layers: systemd-base, build-tools, yocto-extras. Features
CROPS-style dynamic user creation matching /workdir volume owner
UID/GID.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: a71e7b04
---------------------------
container-systemd-base: replace ROOTFS_POSTPROCESS_COMMAND with package
Factor systemd service masking into container-systemd-config package
that installs mask symlinks via do_install. This replaces the
ROOTFS_POSTPROCESS_COMMAND approach which is ignored in multi-layer
OCI mode.
The mask list is customizable via CONTAINER_SYSTEMD_MASK variable.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 56f78049
---------------------------
image-oci-umoci: create usrmerge symlinks in multi-layer mode
ROOTFS_PREPROCESS_COMMAND creates usrmerge symlinks (/bin -> usr/bin,
etc.) during do_rootfs, but multi-layer OCI mode installs packages
to separate layer rootfs directories that bypass this step. Call the
existing create_merged_usr_symlinks function on the first packages
layer to fix this.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: e115569b
---------------------------
moby: update to docker-v29.2.1
One cli patch is refreshed, otherwise, no build changes required.
Bumping moby to version docker-v29.2.1-34-g8abd12c5bb, which comprises the following commits:
7fef0b66f6 daemon/volume: don't print warnings for non-volume directories
d809806f2f daemon/volume: Drop BindOptions for image mounts
8014653ecc fix(deps): update github.com/moby/policy-helpers digest to 77d5435
eb0a1bc455 integration: run more Buildkit tests on Windows
5fc3ea8426 .github: actually use snapshotter in Windows tests
efc2f55cc1 .github: install buildx in Windows CI
5d963f26fe hack/make.ps1: respect $TEST_INTEGRATION_FAIL_FAST
f889c34627 Dockerfile: upgrade Delve to v1.26.0
8f66e0c150 update to go1.25.7
897575142a gha/bin-image: Fix build not running for tags
af18206630 daemon/command: add support for sd_notify "reload" notifications
0e523625f8 daemon/command: send notifyReady, notifyStopping synchronous
236fc46b5a daemon/command: don't make notifyReady(), notifyStopping() asynchronous
ae7e72b626 gha: update OTEL collector to v0.144.0
f478a9212d go.mod: add back replace rules
899446ca81 fix(deps): update module code.cloudfoundry.org/clock to v1.60.0
a1056edad1 golangci-lint: make exclusions more specific, and combine some
8f45db8414 daemon/pkg/registry: use lazyregexp again
3f9885fa1f hack/validate: golangci-lint: rm deprecated --print-resources-usage flag
7648df07ad fix(deps): update module github.com/coreos/go-systemd/v22 to v22.7.0
3a583a570b c8d/system: Fix race between `df` and `prune`
4ec7c53f1f ci: renovate: replace uses of deprecated matchPaths option
3068dc540f chore(deps): update github/codeql-action action to v4
54501c09fc Bump go-tuf from v2.3.1 to v2.4.1
21dd960a73 d/libnetwork: fix (*Controller).getLBIndex panics
420cdd1737 ci: update docker/github-builder to v1
750a2014a5 vendor: update buildkit v0.27.1
b3babf3419 chore(deps): update docker/buildx-bin docker tag to v0.31.1
e396e5a6ea ci: renovate: tweak settings for golang.org/x/
c622002eb9 ci: renovate: group google.golang.org/genproto packages
2796980dbc vendor: github.com/theupdateframework/go-tuf/v2 v2.3.1
d5ddaeddce vendor: github.com/secure-systems-lab/go-securesystemslib v0.10.0
178106be33 daemon: shouldIgnoreExitEventWithLock: fix minor nits
b0e62bdf59 vendor: github.com/moby/policy-helpers eeebf1a0ab2b
d7218ec6c1 daemon/pkg/plugin/v2: use namespace consts
51664a25d7 libn/d/overlay: calculate SPI like older engines
13422acb53 renovate: ignore docker/github-builder-experimental
1200f5e45c daemon: Fix panic in shutdown after daemon init fails
b7b572a3e0 vendor: github.com/moby/moby/client v0.2.2
655828b656 vendor: github.com/moby/moby/api v1.53.0
4fa326fa85 api: Cut v1.53
f9ed31aa95 Drop replace rules
59abc76746 daemon/pkg/opts: remove unused ParseHost
8afb45b42f loadDaemonCliConfig: explicitly set default host
f6c0f41e6d api/pkg/authconfig: reject multiple JSON documents in Decode
62c1a719b3 api/types: use "omitzero" instead of "omitempty" for "netip" fields
9d839a236c chore(deps): update actions/checkout action to v6
7e8adf4d33 ci: renovate: disable for api and client modules
f187929e87 retrigger github action
86fd73d8bc ci: renovate: fix regex escaping
8ff66aa5dc ci: renovate: add comment about Graylog2/go-gelf dependency
c36b44b21a ci: rename renovate.json to renovate.json5
c75070b9b4 chore(deps): update actions/cache action to v5
ab3be3c68b typo: called to caller
5589d5a1ea fix(deps): update module code.cloudfoundry.org/clock to v1.59.0
2cafa78953 vendor: github.com/cloudflare/cfssl v1.6.5
3b5a0c1e4c vendor: github.com/zmap/zlint/v3 v3.5.0
35aa470f73 vendor: github.com/weppos/publicsuffix-go v0.30.0
d5e23b680c daemon: ignore duplicate task exit events in daemon state
7b38ece108 integration: gofumpt
17de27ffc2 daemon: gofumpt
5bde1565a6 client: gofumpt
f3343bf846 api/types: gofumpt
3380c52740 vendor: github.com/klauspost/compress v1.18.3
0a3af47d89 vendor: golang.org/x/tools v0.41.0
2d5c1cdb02 vendor: golang.org/x/mod v0.32.0
818ec93592 vendor: golang.org/x/net v0.49.0
7a12d1bcea vendor: golang.org/x/crypto v0.47.0
d163d3326b vendor: golang.org/x/term v0.39.0
5b62347a5f vendor: golang.org/x/text v0.33.0
dceb87f58b vendor: golang.org/x/sys v0.40.0
4bc3a76891 daemon/command: slight cleanup of normalizeHosts
20c801f9e1 daemon/pkg/opts: export ParseDaemonHost
7f16c4fee0 vendor: github.com/sigstore/rekor v1.5.0
bb43161e2f vendor: google.golang.org/api v0.260.0
b21163a330 vendor: github.com/googleapis/enterprise-certificate-proxy v0.3.9
644af76187 vendor: github.com/googleapis/gax-go/v2 v2.16.0
a39cf56355 vendor: go.uber.org/zap v1.27.1
ca49081e4e vendor: cloud.google.com/go/auth v0.18.0
c7657f8d73 client: ResponseHook: remove error return
2bc7febeb6 client: implement WithResponseHook option
48bbed596e fix(deps): update module google.golang.org/grpc to v1.78.0
b30e701b73 vendor: update github.com/go-openapi dependencies
fd1679ac13 vendor: github.com/sigstore/sigstore v1.10.4
b92173f68a fix(deps): update aws-sdk-go-v2 monorepo
5819d10989 client: deprecate ContainerListOptions.Latest
d9cead55b2 client: deprecate ContainerListOptions.Since, ContainerListOptions.Before
311bfe9cc9 fix(deps): update module github.com/aws/smithy-go to v1.24.0
36b94c251c chore(deps): update tonistiigi/xx docker tag to v1.9.0
1b665b6af6 chore(deps): update lima-vm/lima-actions action to v1.1.0
edcbbba6d4 chore(deps): update docker/buildx-bin docker tag to v0.31.0
686c611b25 chore(deps): update alpine docker tag to v3.23
59083a9057 fix(deps): update module github.com/miekg/dns to v1.1.72
d204cc202e chore(deps): update docker/compose-bin docker tag to v5.0.2
9c2e4d9295 renovate: Always run go mod tidy
8a7e012563 renovate: Ignore go-gelf
695f158716 pkg/homedir: fix broken links to basedir specs
fba5998d26 vendor: update buildkit v0.27.0
e8f088caf7 daemon: rename vars that shadowed imports
2f6011c05f daemon: daemon.registerMountPoints: use switch statement
26e8376a3c api: fix grammar: user defined / user specified -> user-(defined|specified)
a10af4dc68 gha/labeler: Use "all" group for vendor exclusion
96df8d8a1f Add test case for ContainerList Latest option, use table-test
d8e88a964b gha/labeler: Filter out vendor changes
1a75179857 daemon/volume/mounts: extract validation for extra fields
1f93820d1d vendor: github.com/miekg/dns v1.1.70
62cecee324 chore: Update outdated GitHub Actions versions
90c3f80735 go.mod: add back replace rules
86f122af27 Map nvidia --gpus request to CDI device requests
5961616a77 daemon/server/backend: ContainerListOptions: remove unused Latest field
3abbf46a6b daemon/server/backend: ContainerListOptions: remove unused Before and Since
b0c8ff7d0c daemon: Check system requirements in newDaemonCLI
69d67e07fa vendor: github.com/moby/moby/client v0.2.2-rc.2
46ecbe09a9 vendor: github.com/containerd/stargz-snapshotter v0.18.1
bd660c390b api/docs: sync MountType to versioned swagger specs
721cb50a18 api: add MountType to definitions
2018b9e1f3 Use Debug instead of Debugf for device request logging
1b5b00c98c fix grammar: user defined / user specified -> user-(defined|specified)
c1b3202150 integration/volume: Add test for image mount subpath daemon restart
1b427548b1 vendor: github.com/moby/moby/api v1.53.0-rc.2
6dac897ad4 daemon: Check system requirements before initialization
ef5287fb08 migrate TestContainerAPIPostContainerStop to integration
89a04a8354 vendor: update buildkit to v0.27.0-rc2
26d292b3e4 inspect: add API-version gate for image identity
8890f815ca inspect: add signature identity support
0adfe6c856 inspect: add pull identity to track origin registry repo
3540989c71 inspect: add build identity support
7745b7135f api: add swagger definitions for new Identity type
1d4e04bed1 api: add inspect identity base type to expose trusted image origin
bead7d7dd4 fix: goroutine leak in TestRingLogger
0100e94c49 renovate: Group golang/x packages
732379f8c2 renovate: Add git sign off
e521c369e0 renovate: Move to .github
783d2fd8ce Add renovate.json
0408faabd6 vendor: github.com/moby/buildkit faed462a29ea (v0.27.0-rc2-dev)
2c66ddf907 vendor: github.com/moby/buildkit v0.27.0-rc1
cebb12ddaf update to go1.25.6
2fe5e8e04a vendor: github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3
4a0f9759f9 vendor: github.com/jmoiron/sqlx v1.4.0
39e6e582c6 vendor: github.com/spdx/tools-golang v0.5.7
eb31710061 vendor: github.com/prometheus/procfs v0.17.0
3684a9cfc4 vendor: github.com/hashicorp/go-sockaddr v1.0.7
5ff9c6a9fd vendor: google.golang.org/genproto/xxx v0.0.0-20251103181224-f26f9409b101
09251e5855 vendor: github.com/googleapis/enterprise-certificate-proxy v0.3.7
184ee84190 vendor: github.com/containerd/nydus-snapshotter v0.15.10
25aec1f32d vendor: github.com/anchore/go-struct-converter v0.1.0
dc46ee9e1c vendor: github.com/Azure/azure-sdk-for-go/sdk/azcore v1.20.0
c7d9ac59c3 vendor: cloud.google.com/go/auth v0.17.0
54c9a0f6c4 vendor: github.com/aws/aws-sdk-go-v2/config v1.31.20
3ebfc369cb vendor: github.com/aws/aws-sdk-go-v2/credentials v1.18.24
2a87c9af9d vendor: github.com/aws/aws-sdk-go-v2 v1.39.6
18ea00a638 vendor: github.com/aws/smithy-go v1.23.2
6ff97c143b vendor: cloud.google.com/go/compute/metadata v0.9.0
8ff4021564 vendor: github.com/sirupsen/logrus v1.9.4
97ea303372 Dockerfile: update golangci-lint to v2.8.0
9ec65542a0 libnetwork: fix graceful service endpoint removal
e709f27c80 ci: use docker github builder to build bin image
9f2faa5cec client: fix TestWithUserAgent
fadd8dc47c daemon/libnetwork: Fix panic in findHNSEp when IP networks are nil
cb88c6ba10 daemon/volumes: More fs friendly image mount layer names
9ebbf652bd client: do not modify user-provided HTTP client
41d19f6644 api/docs: backport assorted fixes and enhancements to older api versions
f2f622ebf4 internal/testutil/daemon: fix minor linting issues
4bcf9665af vendor: cloud.google.com/go/logging v1.13.1
0d27c51913 hack/validate: only search repo-dir for modules
07e2a782c7 libnet/internal/resolvconf: Parse: improve error message
32d34c472c docs: fix type in comment
06704ef904 client: use stop function to deregister context.AfterFunc
d85c1a258a daemon/server/httputils: remove badParameterError
e529aa7d7c integration/container: TestStats: explicitly check zero-value
0fb55db037 docs: clarify healthcheck behavior
dcb0149ee1 daemon: inline copyAttributes utilty
8a01dc2f90 daemon/cluster/executor/container: rename vars that shadowed
5c637b7209 fix: prevent potential panic in Shutdown when EventsService is nil
22345e3369 docs: improve description of image tag API endpoint
1b9f126ede docs: document healthcheck timeout termination behavior
955897fe21 docs: fix base64 encoding description for secrets and configs
917d66d833 docs: update stats API description for cgroups v2 compatibility
1fd2395cd3 docs: fix reversed descriptions of version.Arch and info.Architecture
ae4c17fdb7 migrate TestAPIImageImportBadSrc to integration test
93afda3670 migrate TestAPINetworkInspectWithScope to integration test
c8aaeea285 ci: run golangci-lint for each Go module
e09afad3cb api/types/network: remove use of "reflect" in test
78c6b01902 api: add root doc.go to prevent fallback to github.com/moby/moby
9176746aba vendor: github.com/tetratelabs/wazero v1.11.0
2a9eb66ddc vendor: github.com/moby/go-archive v0.2.0
7239c72eca remove uses of deprecated go-archive consts
1a12717766 vendor: golang.org/x/oauth2 v0.34.0
595d00cb49 vendor: golang.org/x/tools v0.40.0
d9fa84260a vendor: golang.org/x/mod v0.31.0
98ec249d2b vendor: golang.org/x/net v0.48.0
e229e91247 vendor: golang.org/x/crypto v0.45.0
1a4e4dafe9 vendor: golang.org/x/text v0.32.0
e0795ef3ab vendor: golang.org/x/tools v0.39.0
48e96d4353 vendor: golang.org/x/sync v0.19.0
dccdb1b618 vendor: golang.org/x/sys v0.39.0
7ddc5f609a hack: add nri_no_wasm build tag to static builds
1175dd348e daemon/volume/mounts: Fix tests on Windows
6cbabb04b9 gha: Bump actions/download-artifact to v7
fae334b4c0 vendor: google.golang.org/protobuf v1.36.11
beeacde4b2 Remove restriction on anonymous read-only volumes
8452b64f32 Dockerfile: update containerd binary to v2.2.1 (static binaries and CI only)
b293e73bdb vendor: github.com/containerd/containerd/v2 v2.2.1
01440122f2 vendor: github.com/containerd/nri v0.11.0
32d4f64a65 vendor: github.com/opencontainers/runtime-tools v0.9.1-0.20251114084447-edf4cb3d2116
6766ce7be2 vendor: tags.cncf.io/container-device-interface v1.1.0
2c533f9327 vendor: github.com/containerd/cgroup/v3 v3.1.2
4b4223a8d4 vendor: github.com/opencontainers/runtime-spec v1.3.0
9ae239e654 golangci-lint: iface: ignore identical interfaces in client module
7b74376ff1 client: testRoundTripper: remove unused skipConfigureTransport method
34ee29ceaa client: use errors.New (revive)
e254a9f0f1 client: containerDiskUsageFromLegacyAPI: make switch exhaustive
f39912a30e client: fix some missing error checks in tests (ineffassign)
8f3bfa3f34 client: fix missing import aliases (importas)
0fd5cc134b api/types/jsonstream: Message: fix godoc
6c845ded18 api/types/swarm: ResourceRequirements.MemorySwappiness: fix json tag
f005e1cb73 vendor: update buildkit to d1e5d1a8f771 (master / v0.27.0-dev)
8c0e404f6f vendor: go.opentelemetry.io/contrib/* v0.63.0
c88c8a6547 Dockerfile: update RootlessKit to v2.3.6
307bcec726 vendor: github.com/rootless-containers/rootlesskit/v2 v2.3.6
c6d2d697eb docs: remove mention of DOCKER_CLIENTONLY
81c170a696 Makefile: remove DOCKER_BUILD_GOGC
d5c81b1c01 Makefile: remove unused DOCKER_BUILD_PKGS
3a9a041092 Makefile: remove unused DOCKER_BUILD_OPTS
9dd2936e04 validate/module-replace: Also allow changing ref of the api module
05f9988fc8 hack/vendor/dropreplace: Make the auto-ref pick more reliable
354abbcb92 hack/vendor: Allow to specify ref to dropreplace
4b9e56156d Re-add replace rules
1acc9d3739 vendor: github.com/moby/moby/client v0.2.2-rc.1
3cee1aad22 vendor: github.com/moby/moby/api v1.53.0-rc.1
5070ad8dc1 Drop replace rules
614d9b966f daemon/libnetwork/options: GenerateFromModel: remove redundant check
e1fb5ef4a7 api: update to go1.25.5 and remove version from Makefile
265bdc1a06 validate/module-replace: Ignore client diff if it only removes the replace rule
aef5d996ce use mime-type application/jsonl to align with openapi 3.2
26bb1af7e6 daemon/layer_store: Use named return error for defer
72ce2c3f82 doc: fix module definition
c63bf203bf vendor: github.com/moby/buildkit v0.26.3
1f532963ed golangci-lint: remove unused exclusion rule
9cd41375ce Dockerfile: update golangci-lint to v2.7.2
1f498c5ff0 fix linting issues
366044fc20 vendor: github.com/spf13/cobra v1.10.2
c2073cc7e2 vendor: go.etcd.io/etcd/* v3.6.6
0ae3f972ad daemon: Simplify slices.Contains usage
8802be9eca hack: Restore rootlesskit and tini installers
54a6ec374a Update client MaxAPIVersion to 1.53
1e209e788b Continue to backfill empty PortBindings in API 1.53
2cce7ff87f api/docs: move ImageHistoryResponseItem to definitions (API v1.25-v1.52)
b48be08eb5 project: Update branches/tags and patch releases
51d1974500 daemon/cluster/test: Use `t.Context()`
6c5233e109 modernize: Use `strings.CutSuffix`
71fd582aa2 modernize: Use strings.Builder instead of string concatenation
62ed24a87c modernize: Use slices.Contains
bce14ac5bc reflect: Use `TypeFor` instead of `TypeOf`
3df05205f4 modernize: Use range int
e548a31d28 modernize: Use `min` built-in
39c19d9161 modernize: Use fmt.Appendf
cdce8f4f92 modernize: Use maps.Copy instead of for loops
ff33808a79 modernize: Use strings.Cut instead of strings.Index where possible
a25907b485 modernize: Prefer `strings.SplitSeq` instead of `Split`
c9b0a21bb1 modernize: Use `b.Loop` (introduced in Go 1.24)
37fdb6d775 ci: Remove concurrency setting from golangci-lint config
f44b5abf0e api: deprecate /grpc and /session endpoints
a0bd623959 api: remove docs/v1.53.yaml
53c67be034 daemon/c8d: Log correct error extractOCIErrors
98d196b714 NRI: error on unsupported adjustment
ff553c5069 NRI: make config reloadable
3f938c6091 gha: Bump actions/upload-artifact to v6
3fdde529e7 layer: Clean up init layer if initialization fails
7c7a626e5d NRI: include in API Info response
f6b1488468 Bump API to v1.53
29d5098ffd migrate TestAPINetworkInspectWithScope to integration test
d7a6250b91 layer: Clean up RW layer if mount metadata save fails
10c0fc4de8 NRI: add TestNRIContainerCreateAddMount
a30301b28d NRI: allow plugins to add mounts
52f33797f3 vendor: github.com/opencontainers/runtime-tools v0.9.1-0.20251111083745-e5b454202754
70004549fb layer: Fix orphan creation in registerWithDescriptor
413b4afcba vendor: github.com/tetratelabs/wazero v1.10.1
24bac4495e vendor: github.com/containernetworking/plugins v1.9.0
caaa9c9bb5 simplify swagger generation
ec9315cd4f daemon: clean up dead containers on start
849afcc5be daemon: use WithExtraDialOpts for containerd client connection
8dd2c72fb6 gha/vm: Update lima template locators
c74203adbb gha: Fix PR branch validation
0666108ebf api: move scripts to generate and validate swagger to api module
a97b330c6c Makefile: Add simple dev loop
2a191665b8 daemon/container: Container.BackfillEmptyPBs: prevent nil map
43780fe40c daemon: disallow container port 0
695010ba2e daemon: buildCreateEndpointOptions: fix panic with "publish all"
8cf9e64738 NRI: report container state to plugins
dc1fe0be82 NRI: minor cleanups
322dda3908 NRI: add TestNRIContainerCreateEnvVarMod
b67f0c0449 NRI: add ContainerCreate hook, allow env-var adjustments
565f7dce18 integration-cli: TestUserDefinedNetworkAlias: adjust for API versions
93eb7962dc integration-cli: TestUserDefinedNetworkAlias: replace deprecated utils
83f17f77cf integration-cli: adjust some tests for API-specific event-types
35f1250685 integration-cli: use event-consts in some tests
33eb3b8d78 integration-cli: TestEventsFilterType: remove test for "build" events
99066209a2 libnetwork/options: GenerateFromModel: use generics
14c5cd377d libnetwork/options: GenerateFromModel: reduce reflection
d210449d85 Natively support GRPC on the docker socket
fcb23060fc integration-cli: rewrite some tests depending on intermediate images
751a6f9f33 integration-cli: improve TestBuildNoNamedVolume
5152c7c3ef integration-cli: DockerCLIBuildSuite: use more unique names for images
a39e866aa8 integration-cli: rename var that shadowed package-level const
14906f8023 NRI: use the daemon's logger
282868dabf NRI: instantiate and start/stop NRI adaptation
4941b36883 NRI: import containerd's NRI adaptation package
5ab4a14fe8 gha/vm: update Lima to v2.0.2
cc30833181 integration: increase timeout
a230544000 NRI: add daemon.json/command line options
29560eacda go.mod: add back replace rules
773aca9f5d api, client: add separate LICENSE file
bb713e7fa8 Fix spelling error in comments for names-generator.go
3ac4fd1eba project: add End-of-maintenance date for 25.0
e874083bdb Dockerfile: update compose to v5.0.0
da1e638566 Dockerfile: update cli to v29.1.2
b56d077034 fix: Correct typo in error message
9e72c44dae rm -r hack/dockerfile/install
6f9d1ec3fb update to go1.25.5
81d930f527 gha: update to actions/setup-go@v6
7000f92763 gha: update actions/download-artifact@v6
69963d84f8 gha: update actions/upload-artifact@v5
43ed81ed85 gha: update actions/checkout@v6
4b8f9dd251 vendor: github.com/klauspost/compress v1.18.2
a0e5e0525b Improve description of tmpfs mode
7687298e0a hack/validate/module-replace: relax check
a828af4d8d Dockerfile: Update buildx to 0.30.1
f97f234729 Dockerfile: update runc binary to v1.3.4
b9d18a107a integration: cdi: add TestEtcCDI to verify /etc/cdi is used in rootless mode
a55f610e2a cdi: resolve symlinks
e29eaedf65 cdi: skip scanning non-readable dirs
cd4397b4dc cdi: read XDG_CONFIG_HOME/cdi and XDG_RUNTIME_DIR/cdi for rootless
2e3a23c8ec c8d/inspect: Fix image inspect for incomplete images
69c4ea7aad system: df: fix SharedUsage on non-containerd
8c0751aa4d dockerd-rootless-setuptool.sh: fix `nsenter: no namespace specified`
7517464283 PublishAllPorts: don't crash with nil PortBindings
87583c9029 integration: migrate TestAPIImagesSizeCompatibility to integration test
310aa9241a libnet/pm: log when stopping userland proxy
52fae09ec0 libnet/pms/nat: don't bind IPv6 ports if not supported by port driver
955650b33f gha/test-validate: Reuse the dev image
56e8e43339 Revert "libnet: populateNetworkResourcesOS: updateDNS only if !needResolver"
83f00e9f2b Revert "libnet: rebuildDNS: update the hash file"
14a955db2f Revert "libnet: setupDNS: don't overwrite user-modified resolv.conf"
4219768511 vendor: update to client 0.2.1
ea539d267d client - use tagged api module
c74559df60 gha/validate: Actually dont fail fast
ecf4446e46 gha/validate: Don't fail fast
46ca7f19cd validate/module-replace: Fix check
f745fe7f14 vendor: client/0.2.0
a60bea5412 Drop replace rules
04ab3d562c client: don't downgrade when failing to negotiate
189942570a client: enable API-version negotiation by default
e752ec0f8e client: fix typo in comment
bec7ab7f62 client: TestTLSCloseWriter: test with version negotiation enabled
701f2fdade client: improve mocking responses
ef588715b6 client: add mockPingResponse utility
acb5c5a390 client: mockResponse: prevent sharing body reader
45c9f460b8 client: checkResponseErr: don't read body for HEAD requests
77858fab6e client: ensureBody: also ensure the request is preserved
e51a4306e2 client: ensureReaderClosed: small optimizations
89bd3150e1 client: client.ping(): use fresh request for HEAD -> GET
75520d1f5b client: resolveContainerSpecImage, resolvePluginSpecRemote: early returns
366ea9e9af client: ServiceCreate,ServiceUpdate: don't add empty warnings
e94ed33de1 vendor: github.com/mistifyio/go-zfs/v3 v3.1.0
0389d3b13e vendor: github.com/opencontainers/selinux v1.13.1
bda87b7de8 vendor: golang.org/x/crypto v0.45.0
163cc95aea Add TestGatewayErrorOnNetDisconnect
8f2aa3e0f5 Network disconnect: log rather than error on gateway update
e4a1657762 Check containerd client before using on Windows
a3916290da vendor: golang.org/x/mod v0.30.0
10d68d4399 vendor: golang.org/x/net v0.47.0
633acaa5b3 vendor: golang.org/x/crypto v0.44.0
e4900958c3 vendor: golang.org/x/text v0.31.0
bd79eb0da5 vendor: golang.org/x/tools v0.38.0
421bda22d1 vendor: golang.org/x/sync v0.18.0
3054fdd8b2 vendor: golang.org/x/sys v0.38.0
997837376a vendor: github.com/cloudflare/circl v1.6.1
5a5d5b4c5f integration: add Windows network driver and isolation tests
731ae07e65 Endpint.sbLeave: when deleting container, no new gateway
7639e193ff libnet: setupDNS: don't overwrite user-modified resolv.conf
eb18b398d4 libnet: rebuildDNS: update the hash file
937246a868 libnet: populateNetworkResourcesOS: updateDNS only if !needResolver
85b260fba8 PublishAllPorts: create port mappings for exposed ports
a2de9bb334 Unmap more netip.Addr vars created using AddrFromSlice
2effc1bfd4 inspect: unmap IPv6-mapped IPv4 host address
84a251d039 Allow configured address with no configured subnet
7e14b4d931 Update docker-py in test-docker-py
517ae20be8 .github: collect all the OTEL traces
54d269a3b4 vendor: update buildkit to v0.26.2
442f0115cd docs: update contributing guides for clarity and consistency (#49891)
93825e00e8 migrate TestAPIImagesSaveAndLoad to integration test
ed10b98506 Restore missing nwEndpointsMu.Lock
9fbc9d6e6d integration: migrate TestAPIGetEnabledCORS to integration test
774bb532f1 vendor: update buildkit to v0.26.1
e59d1b4563 libnetwork/drivers/overlay: DiscoverNew: move logic to setKeys, updateKeys
f40b45ca1f libnetwork/drivers/overlay: use structured logs in some places
c9f0314f21 libnetwork: controller.handleKeyChange: slight cleanup of logs
de11467756 daemon/containerd: cleanup registry error-handling
de546caa92 daemon/containerd: translateRegistryError: add early return
029770595d integration-cli: remove TestVolumeCLINoArgs
9ab033cc8a client: TestTLSCloseWriter: assorted cleanups / fixes
96b8f9c8ca Daemon.createContainerOSSpecificSettings - remove redundant param
33032b0454 Daemon.setSecurityOptions: remove redundant param
34925e5be9 Remove Daemon.setHostConfig
22c5c78bfb Move Daemon.registerMountPoints out of Daemon.setHostConfig
48709e502f Split OS-specific container config and volume creation
4434236088 Daemon.setHostConfig - don't set default network mode
e757bbb4ea Move call to Daemon.registerLinks out of Daemon.setHostConfig
92b4902b8d Daemon.registerMountPoints: var 'container' -> 'ctr'
5c9f2e0388 rootless: ignore error when enabling IPv6 forwarding
4622dd0ccc client: Client.buildRequest, jsonEncode improve handling of content
20d65620f9 client: Client.buildRequest: don't set content-header if not set
b17eee7aad Update DOCKERCLI_VERSION to v29.0.1
4e2e2cde7e client: simplify logic for manual vs auto API versions
1731e9e729 Don't try to remove cleared docker_gwbridge endpoint
6857132911 client: client.Ping: allow ForceNegotiate with manual override
8f1134b46d integration/image: migrate TestAPIImagesDelete to the new integration test framework
3e4a3cb03e integration: skip TestBuildWithHugeFile
53764de815 client: make WithAPIVersion, WithAPIVersionFromEnv order-independent
a5c7f3f9c8 client: don't negotiate malformed responses
bcc1db1ce5 client: WithAPIVersion, WithAPIVersionFromEnv: validate well-formedness
83ad5c92f7 client: Client.ping() fix duplicate ping
49c8d77639 vendor: github.com/ishidawataru/sctp v0.0.0-20251114114122-1
611c7dce43 client: export fallbackAPIVersion as MinAPIVersion
4535d63c91 daemon: install OpenCensus-to-OTEL trace bridge
0af2962fdd daemon: reduce use of pointer-slices in backend
53ea70ea46 inte/networking: TestDisableIPv6OnInterface: add '-c1' to ping
47bd247d4d inte/networking: test DNS resolution for non swarm-scoped nws
2e41476a5f libnet: create DNS records on sbJoin (if not agent node)
94e83af71a client: TestImageListWithSharedSize: merge with TestImageList
62589a6961 client: TestTLSCloseWriter: cancel context after test
a5dec0a779 client: make sure context is canceled for ContainerWait tests
76a4381d45 client: TestImageListWithSharedSize slight reformat
9af7fbff2a client: TestImageList: use subtests
391247ce96 daemon: Fix image store choice priority for prior graphdriver state
c5d0e3e6fa daemon: Add TestDetermineImageStoreChoice
17a3357e32 vendor: github.com/moby/buildkit v0.26.0
dae3650dcc client: rename/deprecate WithVersion, WithVersionFromEnv
e5db2380f5 client: rename options.go to client_options.go
5cf1fb3954 hack/validate: Check if replace rules are needed
0f597561e8 hack/test/unit: Fix api and client module testing without replace rules
2729703967 client: fix example in README (align with ExampleNew())
b29990916d client: fix unused imports
47e852f061 image: pull/load/save attestation manifest and signatures with image
16b95ba758 go.mod: add back replace rules
b4f9bd1cb3 c8d/builder-next: Don't force unpack
3874ca5984 vendor: update buildkit to v0.26.0-rc2
d558896fae vendor: github.com/secure-systems-lab/go-securesystemslib v0.9.1
bb07fdcd14 vendor: github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.2
f1d0fe47c9 vendor: github.com/golang-jwt/jwt/v5 v5.3.0
79344e1c9a vendor: github.com/gofrs/flock v0.13.0
d36617d2c1 vendor: github.com/containerd/nydus-snapshotter v0.15.4
1e48c34345 vendor: github.com/containerd/stargz-snapshotter/estargz v0.17.0
c169cc9629 vendor: github.com/google/certificate-transparency-go v1.3.2
940c8d6b71 vendor: cloud.google.com/go v0.121.6
621cee8dbe Dockerfile: update cli to v29.0.0
ce739870fb vendor: github.com/opencontainers/cgroups v0.0.6
7e78088f8f daemon: remove workaround for c8d client connection timeout
f740e0fefa vendor: github.com/containerd/containerd/v2 v2.2.0
1639703e56 vendor: github.com/containernetworking/plugins v1.8.0
e4278c4c54 vendor: github.com/containerd/go-cni v1.1.13
7c798d012a vendor: sigs.k8s.io/yaml v1.6.0
d8f2aa4e3b vendor: github.com/containerd/containerd/api v1.10.0
0a494a7303 vendor: github.com/moby/swarmkit/v2 v2.1.2-0.20251110192100-17b8d222e7dd
a040664176 vendor: github.com/Microsoft/hcsshim v0.14.0-rc.1
e65995d896 vendor: google.golang.org/grpc v1.76.0, google.golang.org/protobuf v1.36.10
65bb1bb21f vendor: go.opentelemetry.io/otel v1.38.0
6b8285f965 libnetwork/discoverapi: use DiscoveryType for enum
7eaf25ee59 vendor: cloud.google.com/go/logging v1.13.0
3f6f3b9ed2 vendor: cloud.google.com/go/compute/metadata v0.8.0
94eb87f4c0 vendor: github.com/klauspost/compress v1.18.1
1621c4e7ad vendor: github.com/prometheus/client_golang v1.23.2
efc3e93b1e vendor: golang.org/x/oauth2 v0.30.0
e773a0cf50 vendor: github.com/vbatts/tar-split v0.12.2
ebcf9bb0c4 vendor: github.com/containerd/cgroups/v3 v3.1.0
7c29edf1b4 hack: remove cpexp package
bb56c4d7e7 daemon: remove some deprecated and unused code
365e588d0f Dockerfile: update containerd binary to v2.2.0 (static binaries and CI only)
c950796596 client: use t.Context in tests
20b831c59a vendor: github.com/moby/moby/client v0.1.0
e0a877b487 vendor: github.com/moby/moby/api v1.52.0
854ccbfcf5 Drop replace rules
15241265dc client, api: update go.mod to go1.24
e8f156110a api/types/plugin: remove deprecated Config.DockerVersion
34fb9de7f3 api/docs: remove links to docs.docker.com from changelog
d192a63467 daemon: Ensure buildkit created container's isolation mode consistent with daemon's config
db71c6a914 api/types/container: make HealthStatus a concrete type
1fd87e9fdf api/types/container: make ContainerState a concrete type
18000fe371 api/types/volume: change ListResponse.Volumes to a non-pointer slice
fe1a505cbf simplify some commit tests, and work around change in CLI behavior
c477a68fb9 TestBuildForceRm: use assert to help debugging failures
b0ab0b4078 TestBridgeIPIsExcludedFromAllocatorPool: don't use deprecated fields
9b7452e903 TestDockerNetworkValidateIP: relax string-matching errors
82a5eec1aa DockerSwarmSuite: relax string-matching errors and output
2e3c523579 TestAttachPausedContainer: relax error-message matching
598618b6f2 TestBuildWithInaccessibleFilesInContext: use sub-tests
7aa036ef2e client: rename CheckpointDelete to CheckpointRemove, and add output struct
e2bdc51508 client: CheckpointCreate: add output struct
da25838fc3 client: CheckpointListResult: rename Checkpoints to Items
fda54735c9 client: move CheckpointAPIClient together with other interfaces
d087d3c057 daemon: close EventsService on shutdown
46090e88e4 daemon/internal/builder-next: Builder.DiskUsage(): use singleflight
fb94e241f5 daemon: disk-usage: fix incorrect key for singleflight
15a048c396 api, client: don't use a pointer-slice for plugins
ed428234bd api: remove / internalize LegacyDiskUsage
71bcd22d6d daemon/server/router/system: simplify constructing response
f5e319c950 daemon/server/router/system: use early return for disk-usage
20870f13c2 daemon: remove intermediate vars when collecting diskUsage
0dcb1fe344 daemon: align build.DiskUsage() with other disk-usages
f1a3387633 daemon/server/backend: align DiskUsage types with api
04de584531 daemon/server/router/system: use shorter names and comments
32319028e5 daemon/server/router/system: slightly rewrite logic for legacy
bd5e6bab1d go.mod: add back replace
34b6fb783d vendor: github.com/moby/moby/client v0.1.0-rc.1
f66f1b451c vendor: github.com/moby/moby/api v1.52.0-rc.1
e8745c2157 Drop replace rules
8db3118ac9 client: remove uses of deprecated NewClientWithOpts
1745075b24 client: DiskUsage: rename fields to match API
dcfcfd33e9 client: cleanup and re-group interfaces
931c347b36 api/types: rename disk usage fields
745c483e42 client: pkg/streamformatter: un-export unused utilities
4c6d0ebc40 Fix disk usage result from legacy response logic
bc3c37098c vendor: github.com/opencontainers/selinux v1.13.0
10f6eeb56d daemon: Refactor image store choice logic
4a3e139e3c daemon/command: NewDaemonRunner: set both stdout and stderr
0678de9c87 cmd/dockerd: main(): remove "onError" func
922cd97491 update to go1.25.4
d6ceff48bf delete redundant/incorrect cmd/dockerd/README.md
d0fbae6e44 gha/vm: Force Lima v1.2.2
0029924181 api/types/system: change legacyDiskUsage to a non-pointer slice
ff019cd853 internal/sliceutil: add Deref utility
e509a7cefe daemon/command: remove `__dummy_command` workaround for completion
6881ae72c7 api/types: use regular slices for disk usage types
c351539358 Dockerfile: test containerd v2.1.5 (linux), v2.0.7 (windows)
37d75fc46c vendor: github.com/containerd/containerd v2.1.5
f76f1fc013 client: Client.ImageSave: close reader on context cancellation
175e4e5048 client: Client.TaskLogs: close reader on context cancellation
d35d8ec81b client: Client.ContainerLogs: close reader on context cancellation
cc9969bfed client: Client.ServiceLogs: close reader on context cancellation
c5aedacb4f client: Client.ContainerExport: close reader on context cancellation
08cd02cab6 client: Client.ImageImport: close reader on context cancellation
849239cedf client: Client.ImageLoad: close reader on context cancellation
be96014740 client: Client.ContainerStats: close reader on context cancellation
d11232bad9 client: add newCancelReadCloser utility
fabdccbe10 api/types: move disk usage structs to per type packages
de9ab07188 client: ExecCreateOptions: change ConsoleSize to a ConsoleSize type
443b548efa client: ExecCreate: rename Tty to TTY
ebc1dfbb64 client: singularize prune methods
52a917d48a gha/bin-image: Fix dco running on non-v tags
39ccd04ca8 api/types/swarm: define type for RegistryAuthSource
39f2dbffa1 vendor: github.com/moby/buildkit v0.25.2
d299e5be83 api/types/swarm: define type for UpdateOrder
b552b8b729 api/types/swarm: define type for FailureAction
47edd80d97 integration-cli: Adjust nofile limits
35f6a78082 Dockerfile: update runc binary to v1.3.3
5ad71c5ddf vendor: github.com/containerd/platforms v1.0.0-rc.2
3a105f4e0c daemon/internal: adjust some build-tags
a69abdd90d api/types/system: add type specific usage fields to `DiskUsage`
2af22d3512 Fix TestHandleMACAddressBC
dc22f2c8bf client: make ImageSaveResult an interface
5c8a9b7b9e client: make TaskLogsResult an interface
7dc9d39ca1 client: make ContainerLogsResult an interface
8d0b09c722 client: make ServiceLogsResult an interface
0257c642c7 client: make ContainerExportResult an interface
5bfc628e97 client: make ImageImportResult an interface
5fc866fbfd client: make ImageLoadResult an interface
1051c7f89e client: Client.ImageLoad: move description of platform parameter
b30eb86b31 go.mod: add back replace rules
668b546d2c docker/save: stable timestamp for blobs/digest dir
31f7f62d6c client/pkg/security: simplify
9b749d7c85 integration-cli: migrate TestAPIStatsContainerNotFound to integration tests
b6dab24a43 dockerd-rootless.sh: restore missing `exit 1`
76b1d304e4 dockerd-rootless.sh: reject DOCKERD_ROOTLESS_ROOTLESSKIT_NET=host
5369540dd2 go.mod: remove "exclude" rules
9b8419f6ed daemon/config: export "min-api-version" through daemon.json
3d772829ba vendor: github.com/moby/moby/client v0.1.0-beta.3
93c273dc11 vendor: github.com/moby/moby/api v1.52.0-beta.4
56bd456694 Drop replace rules
1e56b87f7f hack/vendor: Make dropreplace vendor latest version
73455ce01a client: Remove ImageCreate in favor of ImagePull/ImageImport
fd1593c067 api/container_inspect: Ensure Config is not nil in inspect response
6aea8c2591 Dockerfile: update integration-cli CLI to v25.0.5
4bcd446f03 Deprecate cgroup v1
a087d03e0c client: refactor create network api implementation to wrap options/results
12c9de37e9 api/types: move Version to api/types/system
3d28cb8bbd client: ServerVersionResult: add back legacy fields
ebe464ea45 api/types: remove PushResult type, and move internal
22c037982c API compat: replace nil values when adding fields
19f4c27d81 api/t/network: represent MAC addrs as byte slices
433023a03d Move namesgenerator to internal
d1f70d4f54 client: deprecate NewClientWithOpts in favor of New
137adde33d client: prepare option-structs for multiple platforms
860307c4ea client: refactor ServerVersion to return ServerVersionResult
6c042389a3 client: use sub-tests for ServiceLogs
e8e7f1a500 client: use sub-tests for ContainerLogs
af40d2bfed vendor: cloud.google.com/go/logging v1.12.0
15a1256f21 vendor: genproto v0.0.0-20240903143218-8af14fe29dc1
88cbd467f6 vendor: cloud.google.com/go/compute/metadata v0.7.0
a5c0f152a7 daemon: improve validation for container rename
0eba2989e0 api/types/registry: rename AuthenticateOKBody to AuthResponse
6cf02b5cba client: remove unused import
3c62b06de2 client: fix example, and add runnable example
90e7232c8e Dockerfile: update runc binary to v1.3.2
1cc2ab16ce client/container_copy: Wrap options and result struct
38d703ff6f client/container_update: Wrap options and result
e9f28e2a41 client: refactor NetworkConnect, NetworkDisconnect, NetworkRemove
2d6bf9332b client: un-export NewVersionError, rename to requiresVersion
29ad05b130 client: ContainerWaitResult: use singular for channels
51a0584088 client: ContainerWait: touch-up GoDoc, remove legacy code
bae45f766d api/types/network: define `ConnectRequest` and `DisconnectRequest`
fc97a2ff0d client: Rename ContainerUnPause* to ContainerUnpause*
f8b9396c2c gha/labeler: Fix dependencies
d2e7465293 client: refactor `ContainerRename` to wrap options/result structs
28ed1ef927 client: refactor `ContainerLogs` to wrap result
e46058cbae client: refactor Events, Info, RegistryLogin
749c980d4e client: refactor `ContainerExport` to wrap options/result structs
ec22a1e5b2 client: refactor `ContainerTop` to wrap options and results
c5ddef1122 client: refactor `ContainerList` to wrap result
cf173bc941 client: refactor ContainerWait to use client defined options/results structs
bbaeb9036f client/pkg/jsonmessage: use api message def'ns
848b0452d3 client: VolumesPrune: rename argument for consistency
1985a8979e client: VolumeUpdate: add output struct, and move "version"
faee204c02 client: VolumeRemove: add output struct
1f5c82b9fa client: add option and output structs for various container methods
edbf321ce6 client: remove NegotiateAPIVersion, NegotiateAPIVersionPing
c4aee2a50e client: remove ContainerStatsResult.OSType field
6a2a1dd6cf api/types/container: StatsResponse: add OSType field
8118385ba8 client: ContainerStats: add option, output-structs, remove ContainerStatsOneShot
5df881f3a7 daemon: Daemon.ContainerStats: don't escape HTML in responses
7623979aba daemon: Daemon.ContainerStats: combine some conditions and remove error
95a3880197 daemon: Daemon.ContainerStats: inline getStatJSON closure
f7003ef7de integration-cli: minor cleanups in stats tests
5742b40c87 integration-cli: simplify, improve some stats tests
e690c84bed integration-cli: remove TestAPIStatsNetworkStatsVersioning
155d697010 integration/container: TestStats: use sub-tests
6040a2f686 fix some faulty defers in tests
e410daf8f7 integration-cli: TestContainerAPIStatsWithNetworkDisabled: check result
7439f09cd2 daemon: Daemon.stats: fill-in container ID and Name when collecting
3088c4e192 api/types/container: StatsResponse: cleanup fields and GoDoc
9b795c53a7 client: remove ImageLoadResult.JSON field
ef589ef824 client: fix ImageLoadResult GoDoc
5cf4d68121 daemon: subscribeToContainerStats: return cancel / unsubscribe function
99410827c7 daemon: use errdefs instead of string-matching in some places
4aac139fc0 client/container_exec: Separate structs for Start and Attach
425975313a client: merge ContainerInspectWithRaw with ContainerInspect
58356450fa client: remove redundant closing and draining of response
ddbb503dc7 client: change Raw fields to be json.RawMessage
12123eb592 client: merge ExecInspectResult with ExecInspect
378116a84f client: ImageImportResult: prevent panic on nil reader
0b7b7625c6 client: rename NodeUpdateOptions.Node to NodeUpdateOptions.Spec
875c577711 client: consolidate node options with their methods
832590155c client: ExecCreateResult: define local type with ID field
c6a45784f9 client: VolumeListResult: define local type
687c3d7f42 api/types/jsonstream: define Message type
ae28867804 api/pkg/progress: move to client and daemon/internal
6baf274fa3 api/pkg/streamformatter: move to client and daemon/internal
c246639baa client: rename ImageRemoveResult.Deleted to ImageRemoveResult.Items
fb85d123c1 integration/service: fix tests for updated client
f40e1a7582 api: move types/versions to client/pkg and daemon/internal
c9b3c65f37 vendor: github.com/aws/aws-sdk-go-v2/config@v1.31.15
b3129817a7 vendor: github.com/aws/aws-sdk-go-v2/credentials v1.18.19
1b2015a26f vendor: github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.5
7f7588be22 vendor: github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.11
f82fa7a4b2 vendor: github.com/aws/aws-sdk-go-v2 v1.39.4
529076c7b4 vendor: github.com/aws/smith-go v1.23.1
031f30340b vendor: golang.org/x/net v0.46.0
8afa422f0c vendor: golang.org/x/time v0.14.0
8c88244d7f vendor: golang.org/x/text v0.30.0
8d3ae564e0 vendor: golang.org/x/mod v0.29.0
7563a498f0 vendor: golang.org/x/sys v0.37.0
8fb561ca9a client/container_create: Add `Image` outside of Config
3340c86db9 client/container_create: Rename ContainerName to Name
bd31b8b1c7 client_(attach,commit,create,diff): Wrap result and options
47fd987af2 client: simplify test with mock-responses
3a43b5b559 client: refactor ServiceCreate, ServiceUpdate, SwarmUpdate
0fe6be8c38 client: remove roundTripFunc, bytesBufferClose
b9dd7c0d59 client: tidy-up mock-utilities
a315437e1c client: rename transportFunc -> testRoundTripper
0971a3bcb8 Inspect: API v1.51 compatibility
f733b411a1 client: remove unused hasEndpointSpecificMacAddress utility
5a5d39205c client: rename `ServiceListResult.Services` to `ServiceListResult.Items`
94ab385eb5 client/container_exec: Wrap options and result, rename to Exec
ea0d934ff2 Allow requesting networks with a custom prefix size from the default pools
5c67034952 Dockerfile: upgrade Delve to v1.25.2
5b46429122 client: please the linters
c7fe7136d2 client: gofumpt
909e32b27d client: refactor plugin api client functions to define options/results structs
362e9d088f client/distribution_inspect: Wrap options and result
f09ca78b45 api/types: fix godoc
7ceea4148a client/node: Wrap options and output
8dc5d1e64d api/types: move Ping and swarm.Status to client
6819a9fc1e client/image_tag: Wrap options and result
347693a580 client/image_remove&search: Wrap options and result
b3974f07f5 client/image_list: Wrap options and result
a7f409014f client/image_create&import: Wrap options and result
5cc1e5f800 client/build_cancel: Wrap options and result
51ed1a9a37 client/image_build: Rename output to ImageBuildResult
cd08b79c02 client: refactor service api client functions for defined options/result structs
e3c6dc2a91 client: VolumeInspect: add options struct
8f50d38231 client: SwarmInspect: add options struct
95fac07ccc client/secrets: Wrap results and options
ebc92e015a client: PluginInspectWithRaw: refactor and rename to PluginInspect
8cd377bd9c internal/testutil/daemon: remove "Config" utilities
f5b0ce3988 integration/network: TestServiceWithDefaultAddressPoolInit fix log
2c5e0a008a client: rename ConfigListResult.Configs to ConfigListResult.Items
67cbf36ac9 client: remove VolumeInspectWithRaw, merge with VolumeInspect
5a04a9718d client: rename VolumeListResult.List to VolumeListResult.Items
485b95600a client: NetworkList: wrap result
3fbf5a3bd1 client: NetworkInspect: wrap result and remove NetworkInspectWithRaw
612342198c client: refactor swarm api functions to wrap params/responses
343185cf1a libnetwork: move Network.resolveDriver to Controller
68e1a8805b Dockerfile: test against containerd v2.1.4
ee3cab4158 libnetwork/drivers/overlay: pass context for logger
38ef4fd576 client: refactor task responses
2d69edd28a client/image_(inspect,history,load,save): Wrap return values
35acf347eb hack: disable go telemetry in integration tests
9fe856a5f3 integration-cli: move some tests to integration
62a71a8261 test: migrate test api error not found json
33fc45e5c5 libnetwork: EndpointInterface: cleanup marshal/unmarshal
48c2d8c458 libnetwork: support custom DNS servers in Windows overlay driver
a8950e0192 api/types/container: remove deprecated Config.MacAddress
79912d4c7f daemon: Daemon.getInspectData: move migration code to router
91ce33d4b0 daemon/server/router/container: remove uses of deprecated MacAddress
0030ba21e3 client: ContainerCreate: remove handling of legacy MacAddress
e5864a51ac integration/networking: TestWatchtowerCreate: rewrite with request util
8088de791c integration/networking: TestInspectCfgdMAC: rewrite with request util
b4b0b6f10f integration/container: rewrite with request for MacAddress
4b22807a0f gha/labeler: Exclude client and api modules from dependencies label
abf5679049 client/inspect: Better Raw handling
ee22a50b75 client/config: Use Config instead of Spec as field
f4b06e66e1 client/config: Wrap results and options
42ba5466c7 api: rename `volumes.CreateOptions` to `volumes.CreateRequest`
a2fd724453 client: wrap volume create api options with client options
600edfe55c Move container platform migration logic
3a90dd8b8f Adding support for memory swap settings for services
d4e6d4f697 client/volume: refactor volume options and responses
975e46f726 libnetwork/datastore: small cleanups
10faa629fe libnetwork/drivers/macvlan, ipvlan: assorted minor cleanups
a013147c40 libnetwork/drivers/macvlan: parentHasSingleUser: don't create copy of networks
65296cd0e7 libnetwork/drivers/macvlan, ipvlan: un-embed mutexes
a2f4f09f91 libnetwork/drivers/macvlan, ipvlan: remove unused sync.Once
5276dd8e9a libnetwork/drivers/ipvlan: remove ifaceGateway utility
d481c09fa7 libnetwork/drivers/macvlan, ipvlan: make driver.leave a stub
aec6e7f7b6 libnetwork/drivers/macvlan, ipvlan: remove networkTable, endpointTable
bf7277f8fe libnetwork/drivers/macvlan, ipvlan: remove getSubnetforIPv6, getSubnetforIPv4
a294445345 ibnetwork/drivers/macvlan, ipvlan: align and fix potential panic
17425cff08 libnetwork/drivers/macvlan, ipvlan: driver.Join: don't fetch endpoint twice
3906199019 internal/testutil/request: add ReadJSONResponse utility
ee043729a0 integration/container: Make tests runnable on SELinux enabled daemon
5061d0a74d api/types/swarm: remove deprecated ServiceSpec.Networks field
acda47637c ci: update docker-py to main (v7.2.0-dev)
6da63a3ed5 client: VolumePruneOptions: add "All" option
2d1429c62c introduce ImagePushResponse
e1722eb8d8 daemon/command: disable c8d snapshotter when userns remapping enabled
docker-moby/cli: update to v29.2.1
5eb91665d docs: fix typos
d6c6bbf57 docker-bake.hcl: use default GO_VERSION from Dockerfile
2d5d0842c update to go1.25.7
def41fe65 docs: fix typo in dockerd.md for 'replacement'
58413ca11 Dockerfile: update tonistiigi/xx to v1.9.0
df3e9237d opts: MountOpt: extract utility functions and don't set empty values
d781df8b5 opts: MountOpt: extract validation to a separate function
f35fb0f5a cli/command: TestGetDefaultAuthConfig: cleanup test file
fe1af9206 opts: MountOpt: improve validation of boolean values
5de99e672 opts: MountOpt: improve validation for whitespace in values
9620e4178 opts: MountOpt: improve validation for whitespace in options
e888a6e00 opts: remove outdated comment
bcc14559c opts: MountOpt: relax client-side validation of mount target
defbe23de opts: MountOpt: improve error for empty value
77e02a92e opts: MountOpt: add test-coverage for volume options
2c8bf677f opts: MountOpt: remove duplicate test
7ebc2f7c2 opts: MountOpt: rewrite TestMountOptVolumeNoCopy to a table-test
a850b054a opts: MountOpt: rewrite TestMountOptDefaultEnableReadOnly to a table-test
f3efc27a1 opts: MountOpt: combine error tests into a test-table
9c9ec7358 vendor: github.com/moby/moby/client v0.2.2
bab3e81e1 vendor: github.com/moby/moby/api v1.53.0
e34a3422c templates: make "join" work with non-string slices and map values
771660a17 vendor: github.com/go-viper/mapstructure/v2 v2.5.0
08ed2bc6e cli/command/container: make injecting config.json failures a warning
e9ceb2f5a vendor: golang.org/x/net v0.49.0
faf8a0836 vendor: golang.org/x/term v0.39.0
daa4d4e4a vendor: golang.org/x/text v0.33.0
a4aee9bf5 vendor: golang.org/x/sys v0.40.0
ce489e0db vendor: github.com/klauspost/compress v1.18.3
ef0847596 cli/command/container: ignore "not found" error on cidfile.Close
16bbf5d07 cli/command/container: cidFile.Write: include CID in error message
ed566e723 cli/command/container: createContainer: remove intermediate vars
cfb71de7d cli/command/container: createContainer: remove redundant closure
adfb40ceb cli/command/container: remove outdated TODO
ceea57b46 cli/command/container: copyDockerConfigIntoContainer: close TarWriter
effdf1b45 cli/command/container: rename vars to use correct camelCase
ccbe206a8 cli/command/containerd: parseSecurityOpts: remove redundant sprintf
c8841ac1b vendor: moby/api v1.53.0-rc.2, moby/client v0.2.2-rc.2
7e8457115 update to go1.25.6
86bd884ac docs: Fix daemon.json typo
16873675b vendor: github.com/sirupsen/logrus v1.9.4
b21139c30 internal/jsonstream: TestDisplay use streamformatter
d6cdb71e2 cli/command: RetrieveAuthTokenFromImage: remove redundant conditions
b13b774e2 man: reformat docker-run.1.md to prevent linting warnings
816f4556c internal/registryclient: simplify notFoundError
d61519f99 internal/registryclient: allEndpoints: pass through context
fe3157419 improve validation of "--detach-keys" options
6a93e7803 cli/command: add WithAPIClientOptions option
db762956d login: touch-up error for non-TTY
4b0ec0d4e cli/command: DockerCli: store API-client options as field
f9f2d822b cli/command: make TestSetGoDebug more predictable
391acef40 Improve clarity of environment variables description
a6f8391c9 vendor: github.com/docker/docker-credential-helpers v0.9.5
14cffdbfa gha: run unit-tests in go modules mode, to prevent traversing nested modules
0cd2c1858 vendor: golang.org/x/net v0.48.0
647ab775d vendor: golang.org/x/term v0.38.0
a1799eacd vendor: golang.org/x/text v0.32.0
a78533373 vendor: golang.org/x/sync v0.19.0
e2a368fa4 vendor: golang.org/x/sys v0.39.0
ab5d4d4f8 cli/compose/loader: rewrite with reflect.TypeFor
3ce8f1d80 vendor: github.com/moby/go-archive v0.2.0
8205124d5 cli/command/node: nodeContext: remove uses of reflect
40f052c7e cli/command/container: use reflect IsZero
f28565d17 cli/command/service: replace reflect for gotest.tools assertion
e715dd507 cli/command/volume: remove uses of reflect in test
3811f24f4 cli/connhelper: replace reflect for gotest.tools assertion
a89b2e19f cli/command/formatter: rewrite some tests with gotest.tools
90ae5b813 cli/command: replace reflect for gotest.tools assertion
a0e303a0e opts/swarmopts: add missing build-tag
03dfab401 remove uses of deprecated go-archive consts
dd6d0cd80 vendor: tags.cncf.io/container-device-interface v1.1.0
4743d1d89 Makefile/yamldocs: Don't require TTY
485106679 docs/container: Update dead link
226af6814 cli/command/service: fix API version for memory-swap, memory-swappiness
13759330b cli-plugins/manager: remove legacy system-wide cli-plugin path
302498c33 vendor: github.com/moby/moby/client v0.2.2-rc.1
def847be9 vendor: github.com/moby/moby/api v1.53.0-rc.1
2a903c52d Include NRI in info output
d8351dbe6 Vendor moby/[api|client] from moby master
f7ddc8a7d docs: Update --all flag description to clarify it shows dangling images
4d7a8b0fd build(deps): bump actions/upload-artifact from 5 to 6
0f03c31ab image/list: Fix `dangling=false` handling
1e259062f cli/tree: Remove unused `all` field
09a46645a image/tree: Add golden test
0d88411f1 image/tree: Remove --all flag check for untagged images in non-expanded view
b31598389 image/tree: Fix width calculation for untagged images
150a25b9f image/tree: Extract untagged image name to const
67f5e3413 image: Fix dangling image detection with graphdrivers
2e3425fbd cli/command/container: use consistent casing for dockerCLI arg
de098367d cli/command/container: inline parseWindowsDevice
15de6ce8f vendor: github.com/klauspost/compress v1.18.2
5c406f5ee vendor: github.com/morikuni/aec v1.1.0
a6335c422 docker run, create: don't swallow connection errors during validate
49021ad98 vendor: github.com/spf13/cobra v1.10.2, migrate to go.yaml.in/yaml/v3
6f75c0c8e add TODOs for replacing nat.ParsePortSpecs
9c10a9c9a opts/swarmopts: remove use of nat.ParsePortRange
9dfe779ab internal/test: remove unused FakeStore
c81e05eed add shell completion for "docker stack deploy --compose-file"
d54488531 update to go1.25.5
ba683d8df opts/swarmopts: use sub-tests
dd2be022c gha/e2e: Switch to rc and 29 latest
1abfbf298 vendor: github.com/moby/moby/client v0.2.1
e0d30db11 docs: update buildgc example config to use new buildkit v0.17 options
6a0099bc8 cmd/docker-trust: bump golang.org/x/crypto v0.45.0
c90166ffa cmd/docker-trust: update dependencies
ac5e88612 vendor: golang.org/x/net v0.47.0
3ec414638 vendor: golang.org/x/term v0.37.0
616e93a0c vendor: golang.org/x/text v0.31.0
1202f8a64 vendor: golang.org/x/sync v0.18.0
b67055c96 vendor: golang.org/x/sys v0.38.0
475961583 image/tree: Allow image names to overflow instead of truncating
3099d4716 build(deps): bump actions/checkout from 5 to 6
d84396d4e image ls: allow custom format in cli config
6751cd169 docker version: restore top-level BuildTime to RFC3339Nano
3a842587f chore: update link/linktext to dockerd proxy config
dd2c49382 cli/command/system: Fix missing components in version output
207bf52c2 image/tree: Only show untagged images when --all flag is used
be9e6308f image/tree: Respect NO_COLOR env variable
ed281ddf5 image/list: Print legend only if limiting width
aa5d00a3a image/tree: Don't limit name width if non tty
b66b93130 image/tree: Fix untagged images in non-expanded view
bff56f049 cli/command/system: define struct for formatting version
d787e70a1 cli/connhelper/commandcon: remove warn logs
ebc1995f9 vendor: github.com/moby/moby/api v1.52.0, moby/client v0.1.0
ad96811f1 swarm: Add memory swap support (no stack/compose support)
6ba06b5fb Revert "cli/compose: add schema 3.14 (no changes from 3.13 yet)"
e0716b571 Revert "Add memory swap to swarm"
4b450f113 vendor: github.com/moby/moby/api, moby/client master
1d789e409 cli/command/system: add missing "go:build"
b3824015d vendor: github.com/moby/moby/api v1.52.0-rc.1, moby/client v0.1.0-rc.1
d67291026 vendor.mod: remove replace
41088ed7d vendor: go.opentelemetry.io/auto/sdk v1.2.1
712f569f1 vendor: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0
7736f5e60 vendor: align other otel packages to v1.38.0
d45551dac cli/command: update to semconv v1.37.0, otel v1.38.0
71828f279 Add memory swap to swarm
d0c86d39e cli/compose: add schema 3.14 (no changes from 3.13 yet)
5039eee77 vendor: github.com/moby/moby/api master, moby/client master
cee9ea67f lint: run in go-modules mode
b2aa690b2 scripts/build/binary: remove pkcs11 build tag
c1a53ae7b cmd/docker-trust: remove dependency on cli/internal
06914dd0f make trust-plugin a separate module
c9bb29115 implement `docker trust` as plugin
dd70b43bc chore: update broken link to restrucured docker desktop documentation
f2755b02d update to go1.25.4
880ef756b Fix static build + CGO
0976389e1 vendor: golang.org/x/net v0.46.0, golang.org/x/crypto v0.43.0
c733cb053 vendor: golang.org/x/time v0.14.0
1f77c6f1c vendor: golang.org/x/term v0.36.0
dcce972f4 vendor: golang.org/x/text v0.30.0
b11d143cd vendor: golang.org/x/sync v0.17.0
0c8ce84a6 vendor: golang.org/x/sys v0.37.0
d9f7e4b0c cli/command/service: use enum-consts defined in API
774f1d60a cli/command/service: parse generic resources without protobufs
437ed4c1e Dockerfile: update golangci-lint to v2.6.1
c4a28d0d3 vendor: github.com/go-jose/go-jose/v4 v4.1.3
f8d036512 fix perfsprint (concat-loop) linting
7b624841c update minimum go version to go1.24
82b47c8e5 vendor: github.com/moby/swarmkit/v2 v2.1.1
3a9178813 vendor: github.com/containerd/platforms v1.0.0-rc.2
61d88c951 lint: don't disable modules
9bce085b1 vendor: github.com/mattn/go-runewidth v0.0.19
e0b1ab68f cli/command/container: fix use of generics
e5f46499b image/tree: Fix table header having escape codes when not tty
d5d2ed5ba image/tree: Add test for checking ansi escape output
1a261e3f5 image/tree: Use streams interface
4893a5d5e completion/zsh: Allow multiple volumes of 'volume rm'
700875b66 Plugin may set itself as hidden
ad776d1e1 remove support for client-side docker content trust validation
259df25a9 cli: allManagementSubCommands: improve handling of plugin stubs
aa62a6a97 docs: update link to libnetwork protocol doc
ef16d8230 vendor: github.com/moby/moby/api v1.52.0-beta.4, client v0.1.0-beta.3
6fa590033 image/tree: Remove longest->shortest sort
5836040ec Update golden files
f6feef8fe image/test: Fix `go test` args being used by CLI commands
631f32ee9 images/list: Add print ambiguous warning for tree
c41815f17 image/list: Show collapsed tree by default
5d599e932 e2e: add docker v29-rc
50598d21c skip TestBuildIidFileSquash
cf9e1778d Dockerfile: remove notary
c98d9647d e2e: remove DCT tests
8444c911b vendor: github.com/moby/moby master
7f86de931 docs: deprecated: deprecate cgroup v1
7bdb4df07 cli/command/container: use ImagePull instead of ImageCreate
9e7937746 image/tree: Fix dangling filter condition
8e2943c6c image/tree: Sort image tree by name instead of creation date
8767904ae vendor: github.com/moby/moby/api master, moby/client master
b8b4f54a8 fix typo in TODO comment
65496c555 cli/trust: use local definition for PushResult Aux message
e636a2a06 cli/container_rename: Move to API validation
af255acca vendor: github.com/moby/moby master
053aa376e vendor: github.com/moby/moby/api, moby/moby/client master
83319f09f cli/command/container: use per-stats OSType if present
6ed16a2cc vendor: github.com/moby/moby/api, moby/moby/client master
5007c96b0 cli/command/container: collect(): split windows/unix branches
c467ebafd cli/command/container: calculateCPUPercentWindows minor cleanup
689152a80 cli/command/container: calculateCPUPercentUnix: simplify
e01ce69ff cli/command/container: collect: handle context-cancellation
292001a45 cli/command/container: RunStats: early return for non-streaming
0b1c7bc0f cli/command/container: RunStats: small tweaks on closeChan
d309027d5 cli/command/container: RunStats: gracefully handle io.EOF
15b422b31 cli/command/container: RunStats: handle context-cancellation
832fc66ca cli/command/container: RunStats: simplify stats loop
dad1d367c cli/command/container: move debug logs to call-site
f594a7f09 cli/command/image: remove uses of JSON field
4b498addc cli/command/container: don't depend on result.OSType
4a608069a vendor: github.com/moby/moby/api, moby/moby/client master
153f7f10c telemetry: lock the semconv version of the otel sdk
aef2ef8c7 build(deps): bump actions/upload-artifact from 4 to 5
4afbd6146 implement some ad-hoc mocks for responses
056e31464 vendor: github.com/moby/moby/api, moby/moby/client master
64805c295 image/list: Respect `dangling` filter when not using `--all`
e9a941001 image/list: Hide untagged images without `--all`
4f7c07cfc update local code for updated modules
aeb78091a vendor: github.com/moby/moby/api, moby/moby/client master
563f5fe33 vendor: github.com/moby/moby/api, moby/moby/client master
5ba4c17d7 cli/command/container: Simplify with slices.Contains
d252afa6b cli/command/container: add go1.23 build constraint for range-over-func
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0e1a86ac
---------------------------
podman: improve reproducibility
disable buildvcs to improve reproducibility
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 9a28d5ed
---------------------------
recipes/golang: improve reproducibility
Refer [1], cgo will embeded cgo_ldflags in the intermediary output,
which make content ID will be incfluenced by cgo_ldflags.
'--sysroot=xxx' includes build path, which will make the binary not
reproducible, these recipes can build successfully without --sysroot, so
remove it
[1] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 914b5d23
---------------------------
nerdctl: add -buildmode=pie to avoid textrel QA error
On qemuarm, building nerdctl fails with QA error about textrel.
Add '-buildmode=pie' to fix this issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 9ba68c94
---------------------------
vruntime: add BBMASK to reduce multiconfig parse time
The vruntime multiconfigs (vruntime-aarch64, vruntime-x86-64) trigger
a full BitBake parse of all layers, but only need ~318 recipes to build
the vdkr/vpdmn container runtime stacks. BBMASK set in the vruntime
distro conf only affects parsing for those multiconfigs; the main build
is unaffected.
Add three .inc files, each independently disableable, that mask unused
recipes:
- vruntime-bbmask.inc: meta-virtualization layer (~88 masks covering
virtualization platforms, unused container orchestration/tooling,
and individual go libraries)
- vruntime-bbmask-oe-core.inc: oe-core graphics subdirs, multimedia,
sato, and rt categories
- vruntime-bbmask-meta-oe.inc: meta-oe, meta-networking categories,
plus entire meta-python, meta-filesystems, and meta-webserver layers
Mask patterns were generated from bitbake -g dependency graph analysis
of both aarch64 and x86-64 targets, with all 318 needed PNs (including
-native variants) cross-checked against the patterns. Orphaned bbappend
files in other layers are also masked to prevent parse errors.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d79d3d2a
---------------------------
vcontainer: fix yocto-check-layer mcdepends parse error
Fix yocto-check-layer failure:
ERROR: Multiconfig dependency mc::vruntime-x86-64:vpdmn-initramfs-create:do_deploy
depends on nonexistent multiconfig configuration named configuration vruntime-x86-64
Several recipes and classes declared static mcdepends referencing
vruntime-aarch64 and vruntime-x86-64 multiconfigs. When parsed without
BBMULTICONFIG set (e.g. yocto-check-layer), BitBake validates these and
fails because the referenced multiconfigs don't exist.
Move mcdepends into anonymous python functions and only set them when
the target multiconfig exists in BBMULTICONFIG, following the pattern
established in meta/classes-recipe/kernel-fit-image.bbclass.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ed5b3393
---------------------------
go-mod-vcs: fix do_rm_work permission failure on module cache
go build creates read-only files in the module cache during
do_compile. The previous do_fix_go_mod_permissions task ran before
do_compile, so it could not catch these files, causing do_rm_work
to fail with permission errors.
Replace the standalone task with a do_compile postfunc that fixes
module cache permissions after compilation finishes. This covers
all go-mod-vcs recipes regardless of how they invoke go build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1553125e
---------------------------
docker-registry: add native support
This is required for several of the scripts and capabilities
providing local registry support.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ff406688
---------------------------
container-registry: add tests and documentation for secure registry
Add comprehensive test coverage and documentation for the secure
registry infrastructure.
Tests added:
TestRegistryAuthentication - auth modes (none, home, authfile,
credsfile, env, creds, token) for push and import
TestSecureRegistryTLSOnly - TLS-only mode using running registry
TestSecureRegistryWithAuth - isolated TLS+auth instance on port 5001
TestDockerRegistryConfig - static analysis of bbclass/recipe logic
TestContainerCrossInstallSecure - auto IMAGE_INSTALL verification
TestVcontainerSecureRegistry - script pattern verification for
virtio-9p CA transport, daemon _9p=1, shared folder reads
README.md: Document authentication modes (none, home, authfile,
credsfile, env), secure registry setup, PKI generation, target
integration, and CI/CD examples.
conftest.py: Add --secure-registry pytest option and skip_secure
fixture for tests requiring openssl/htpasswd.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d0410316
---------------------------
image-oci: fix process substitution for dash/busybox compatibility
Replace bash-specific process substitution (< <(find ...)) with
POSIX-compatible piped find | while constructs. Replace $((...))
arithmetic with expr for broader shell compatibility.
This fixes OCI image delta-copy on systems where /bin/sh is dash
or busybox ash rather than bash.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 7297ba3a
---------------------------
vcontainer: add secure registry support with virtio-9p CA transport
Enable vdkr/vcontainer to pull from TLS-secured registries by
transporting the CA certificate via virtio-9p shared folder.
vcontainer-common.sh: Add --secure-registry, --ca-cert, --registry-user,
--registry-password CLI options. Auto-detect bundled CA cert at
registry/ca.crt in the tarball and enable secure mode automatically.
vrunner.sh: Copy CA cert to the virtio-9p shared folder for both
daemon and non-daemon modes. Fix daemon mode missing _9p=1 kernel
cmdline parameter which prevented the init script from mounting the
shared folder.
vdkr-init.sh: Read CA cert from /mnt/share/ca.crt (virtio-9p) instead
of base64-decoding from kernel cmdline (which caused truncation for
large certificates). Install cert to /etc/docker/certs.d/{host}/ca.crt
for Docker TLS verification. Support optional credential passing for
authenticated registries.
vcontainer-tarball.bb: Add script files to SRC_URI for proper file
tracking and rebuild triggers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 52fc4ca7
---------------------------
container-registry: add target image TLS integration
Install CA certificates and registry configuration into target images
so they can pull from the secure registry at runtime.
docker-registry-config.bb: When CONTAINER_REGISTRY_SECURE=1, install
the CA cert to /etc/docker/certs.d/{host}/ca.crt instead of adding
insecure-registries to daemon.json. Translates localhost/127.0.0.1 to
10.0.2.2 for QEMU targets where the host registry is accessed via
slirp networking.
container-oci-registry-config.bb: Same secure mode support for
podman/CRI-O with insecure=false in registries.conf.
container-registry-ca.bb: New recipe that installs the CA certificate
to Docker, podman/CRI-O, and system trust store paths on the target.
container-cross-install.bbclass: Auto-add docker-registry-config or
container-oci-registry-config to IMAGE_INSTALL when
CONTAINER_REGISTRY_SECURE=1, based on the configured container engine.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 092aa819
---------------------------
container-registry: add secure registry infrastructure with TLS and auth
Add opt-in secure registry mode with auto-generated TLS certificates
and htpasswd authentication.
New BitBake variables:
CONTAINER_REGISTRY_SECURE - Enable TLS (HTTPS) for local registry
CONTAINER_REGISTRY_AUTH - Enable htpasswd auth (requires SECURE=1)
CONTAINER_REGISTRY_USERNAME/PASSWORD - Credential configuration
CONTAINER_REGISTRY_CERT_DAYS/CA_DAYS - Certificate validity
CONTAINER_REGISTRY_CERT_SAN - Custom SAN entries
The bbclass validates conflicting settings (AUTH without SECURE) and
provides credential helper functions for skopeo push operations.
PKI infrastructure (CA + server cert with SAN) is auto-generated at
bitbake build time via openssl-native. The generated helper script
supports both TLS-only and TLS+auth modes.
The script now supports environment variable overrides for
CONTAINER_REGISTRY_STORAGE, CONTAINER_REGISTRY_URL, and
CONTAINER_REGISTRY_NAMESPACE, uses per-port PID files to allow
multiple instances, and auto-generates config files when running
from an overridden storage path.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4ed680e3
---------------------------
lxc: restore DEBUG_PREFIX_MAP in TARGET_LDFLAGS for LTO reproducibility
oe-core [1] removed DEBUG_PREFIX_MAP from TARGET_LDFLAGS to avoid passing
prefix-map options via the linker flags. This is fine for most projects
since DEBUG_PREFIX_MAP is also provided via CFLAGS at configure time.
However, lxc enables LTO by default, which causes link-time code generation
to (re)emit debug information during the link step. Without DEBUG_PREFIX_MAP
on the link command line, TMPDIR/WORKDIR paths can leak into DWARF,
triggering the buildpaths QA check and breaking reproducibility.
Append DEBUG_PREFIX_MAP back to TARGET_LDFLAGS for lxc to ensure prefix-map
options are visible during LTO link-time compilation.
[1]
https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: bb7e321f
---------------------------
container-cross-install: add tests and documentation for custom service files
Add pytest tests to verify CONTAINER_SERVICE_FILE varflag support:
TestCustomServiceFileSupport (unit tests, no build required):
- test_bbclass_has_service_file_support
- test_bundle_class_has_service_file_support
- test_service_file_map_syntax
- test_install_custom_service_function
TestCustomServiceFileBoot (boot tests, require built image):
- test_systemd_services_directory_exists
- test_container_services_present
- test_container_service_enabled
- test_custom_service_content
- test_podman_quadlet_directory
Documentation updates:
- docs/container-bundling.md: Add "Custom Service Files" section with
variable format, usage examples for both BUNDLED_CONTAINERS and
container-bundle packages, and example .service/.container files
- tests/README.md: Add test class entries to structure diagram and
"What the Tests Check" table
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: cd5081a5
---------------------------
container-cross-install: add CONTAINER_SERVICE_FILE support
Add support for custom systemd service files (Docker) or Quadlet
container files (Podman) instead of auto-generated ones for container
autostart.
For containers requiring specific startup configuration (ports, volumes,
capabilities, dependencies), users can now provide custom service files
using the CONTAINER_SERVICE_FILE varflag:
CONTAINER_SERVICE_FILE[container-name] = "${UNPACKDIR}/myservice.service"
For BUNDLED_CONTAINERS in image recipes:
SRC_URI += "file://myapp.service"
BUNDLED_CONTAINERS = "myapp-container:docker:autostart"
CONTAINER_SERVICE_FILE[myapp-container] = "${UNPACKDIR}/myapp.service"
For container-bundle packages:
SRC_URI = "file://myapp.service"
CONTAINER_BUNDLES = "myapp-container:autostart"
CONTAINER_SERVICE_FILE[myapp-container] = "${UNPACKDIR}/myapp.service"
Implementation:
- container-cross-install.bbclass: Add get_container_service_file_map()
to build varflag map, install_custom_service() for BUNDLED_CONTAINERS,
and install_custom_service_from_bundle() for bundle packages
- container-bundle.bbclass: Install custom service files to
${datadir}/container-bundles/${runtime}/services/
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b4ad3f9e
---------------------------
image-oci: add host layer type and delta-only copying
Add two enhancements to multi-layer OCI image support:
1. Delta-only copying for directories/files layers:
- directories and files layers now only copy content that doesn't
already exist in the bundle rootfs from earlier layers
- Prevents duplication when a directories layer references paths
that were already populated by a packages layer
- Logs show "delta: N copied, M skipped" for visibility
2. New 'host' layer type for build machine content:
- Copies files from the build machine filesystem (outside Yocto)
- Format: name:host:source_path:dest_path
- Multiple pairs: name:host:src1:dst1+src2:dst2
- Emits warning at parse time about reproducibility impact
- Fatal error if source path doesn't exist
- Use case: deployment-specific config, certificates, keys that
cannot be packaged in recipes
Example:
OCI_LAYERS = "\
base:packages:busybox \
app:directories:/opt/myapp \
certs:host:/etc/ssl/certs/ca.crt:/etc/ssl/certs/ca.crt \
"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: bcddeedc
---------------------------
vcontainer: enable incremental builds by default
Previously, vcontainer recipes had [nostamp] flags that forced all
tasks to rebuild on every bitbake invocation, even when nothing changed.
This was added as a workaround for dependency tracking issues but caused
slow rebuild times.
Changes:
- Make [nostamp] conditional on VCONTAINER_FORCE_BUILD variable
- Default to normal stamp-based caching for faster incremental builds
- file-checksums on do_rootfs still tracks init script changes
- Add VCONTAINER_FORCE_BUILD status to the tarball build banner
To enable the old always-rebuild behavior (for debugging dependency
issues), set in local.conf:
VCONTAINER_FORCE_BUILD = "1"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: ffa5f611
---------------------------
vcontainer-tarball: build all architectures via single bitbake command
Previously, building vcontainer-tarball required multiple bitbake
invocations or complex command lines to build both x86_64 and aarch64
blobs. This was a usability issue.
Changes:
- mcdepends now triggers builds for BOTH architectures automatically
- VCONTAINER_ARCHITECTURES defaults to "x86_64 aarch64" (was auto-detect)
- Add informational banner at parse time showing what will be built
- Fix duplicate sanity check messages when multiconfig is active
Usage is now simply:
bitbake vcontainer-tarball
To build only one architecture, set in local.conf:
VCONTAINER_ARCHITECTURES = "x86_64"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 5063d6f0
---------------------------
vdkr-init: improve Docker daemon startup logging and error handling
Improve debugging capabilities when Docker daemon fails to start:
- Log dockerd output to /var/log/docker.log instead of /dev/null
- Capture docker info exit code and output for diagnostics
- Show docker info error on every 10th iteration while waiting
- Include last docker info output and docker.log tail on failure
- Extend sleep on failure from 2s to 5s for log review
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1d53c867
---------------------------
packagegroups: add container build aggregates
Add packagegroup recipes to simplify building all container-related
artifacts:
- packagegroup-container-images: Build all OCI container images
(recipes inheriting image-oci)
- packagegroup-container-bundles: Build all container bundles
(recipes inheriting container-bundle)
- packagegroup-container-demo: Build all demo containers and bundles
Usage:
bitbake packagegroup-container-images
bitbake packagegroup-container-bundles
bitbake packagegroup-container-demo
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 63c4d741
---------------------------
vcontainer: add host-side idle timeout with QMP shutdown
Implement reliable idle timeout for vmemres daemon mode using
host-side monitoring with QMP-based shutdown, and container-aware
idle detection via virtio-9p shared file.
Host-side changes (vrunner.sh):
- Add -no-reboot flag to QEMU for clean exit semantics
- Spawn background watchdog when daemon starts
- Watchdog monitors activity file timestamp
- Check interval scales to idle timeout (timeout/5, clamped 10-60s)
- Read container status from shared file (guest writes via virtio-9p)
- Only shutdown if no containers are running
- Send QMP "quit" command for graceful shutdown
- Watchdog auto-exits if QEMU dies (no zombie processes)
- Touch activity file in daemon_send() for user activity tracking
Config changes (vcontainer-common.sh):
- Add idle-timeout to build_runner_args() so it's always passed
Guest-side changes (vcontainer-init-common.sh):
- Add watchdog that writes container status to /mnt/share/.containers_running
- Host reads this file instead of socket commands (avoids output corruption)
- Close inherited virtio-serial fd 3 in watchdog subshell to prevent leaks
- Guest-side shutdown logic preserved but disabled (QMP more reliable)
- Handle Yocto read-only-rootfs volatile directories (/var/volatile)
The shared file approach avoids sending container check commands through
the daemon socket, which previously caused output corruption on the
single-stream virtio-serial channel.
The idle timeout is configurable via: vdkr vconfig idle-timeout <secs>
Default: 1800 seconds (30 minutes)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d242468e
---------------------------
vcontainer: consolidate initramfs-create recipes
Update vcontainer-initramfs-create.inc to use the image-based approach:
- Depend on tiny-initramfs-image for cpio.gz (replaces file extraction)
- Depend on rootfs-image for squashfs (unchanged)
- Remove DEPENDS on squashfs-tools-native (no longer extracting files)
Update recipe files to use the consolidated inc:
- vdkr-initramfs-create_1.0.bb
- vpdmn-initramfs-create_1.0.bb
Boot flow remains unchanged:
QEMU boots kernel + tiny initramfs
-> preinit mounts rootfs.img from /dev/vda
-> switch_root into rootfs.img
-> vdkr-init.sh or vpdmn-init.sh runs
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: abf81c8c
---------------------------
vcontainer: add tiny initramfs image infrastructure
Add proper Yocto image recipes for the tiny initramfs used by
vdkr/vpdmn in the switch_root boot flow:
- vcontainer-tiny-initramfs-image.inc: Shared image configuration
- vcontainer-preinit_1.0.bb: Preinit script package (shared)
- vdkr-tiny-initramfs-image.bb: Tiny initramfs for vdkr
- vpdmn-tiny-initramfs-image.bb: Tiny initramfs for vpdmn
The tiny initramfs contains only busybox and a preinit script that:
1. Mounts devtmpfs, proc, sysfs
2. Mounts the squashfs rootfs.img from /dev/vda
3. Creates tmpfs overlay for writes
4. Performs switch_root to the real rootfs
This replaces ad-hoc file extraction with proper image-based builds,
improving reproducibility and maintainability.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 60b7b352
---------------------------
vcontainer-tarball: add nativesdk-expect dependency
Add expect to the vcontainer SDK toolchain for interactive testing
and automation scripts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: d72d1f13
---------------------------
linux-yocto: add iptables legacy kernel config for Docker
Kernel 6.18+ split iptables into legacy/nftables backends. Docker
requires the legacy iptables support, so add the kernel configuration
for the full dependency chain:
- CONFIG_NETFILTER_XTABLES_LEGACY=y
- CONFIG_IP_NF_IPTABLES_LEGACY=m
- CONFIG_IP_NF_FILTER=m
- CONFIG_IP_NF_NAT=m
- CONFIG_IP_NF_TARGET_MASQUERADE=m
Without these, Docker's iptables rules fail to load on 6.18+ kernels.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 729c4bb0
---------------------------
vcontainer: add sanity checks and auto-enable virtfs for QEMU
Fix virtio-9p (virtfs) support for container-cross-install batch
imports which provides ~50x speedup over base64-over-serial.
The issue was that native recipes don't see target DISTRO_FEATURES,
so qemu-system-native wasn't getting virtfs enabled.
Fix by:
- layer.conf: Propagate virtualization to DISTRO_FEATURES_NATIVE when
vcontainer or virtualization is in target DISTRO_FEATURES
- qemu-system-native: Check DISTRO_FEATURES_NATIVE for virtfs enable
- container-cross-install: Prepend native sysroot to PATH so vrunner
finds the QEMU with virtfs support
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0f5344e8
---------------------------
vcontainer: fix runc/crun conflict in multiconfig builds
The vruntime distro is used for multiconfig builds of both vdkr
(Docker/runc) and vpdmn (Podman/crun) images. When CONTAINER_PROFILE
or VIRTUAL-RUNTIME_container_runtime is set, containerd and podman
pull their preferred runtime via RDEPENDS, causing package conflicts.
Fix by having vruntime distro NOT participate in CONTAINER_PROFILE:
- Set VIRTUAL-RUNTIME_container_runtime="" to prevent automatic
runtime selection
- Explicitly install runc in vdkr-rootfs-image.bb
- Explicitly install crun in vpdmn-rootfs-image.bb
This allows both images to be built in the same multiconfig without
conflicts, while standard container-host images continue to use
CONTAINER_PROFILE normally.
Also add kernel-modules to vdkr-rootfs-image for overlay filesystem
support.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: cfab7d38
---------------------------
crun: add RCONFLICTS to prevent runc package conflict
When CRUN_AS_RUNC is enabled (default), crun creates a /usr/bin/runc
symlink that conflicts with the runc package's /usr/bin/runc binary.
Add RCONFLICTS to declare this conflict so package managers prevent
both from being installed simultaneously.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 572bc836
---------------------------
vcontainer: add sanity checks and auto-enable virtfs for QEMU
Add sanity check that warns when vcontainer distro feature is enabled
but BBMULTICONFIG is missing the required vruntime-* multiconfigs.
Add qemu-system-native bbappend to auto-enable virtfs (virtio-9p) when
vcontainer or virtualization distro feature is set. This is required
for the fast batch-import path in container-cross-install.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 76cf4ff5
---------------------------
container-bundles: add multilayer container bundle recipe
Add demo recipe that bundles app-container-multilayer to demonstrate
multi-layer OCI images with container-cross-install.
Usage:
IMAGE_INSTALL:append:pn-container-image-host = " multilayer-container-bundle"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 25acb056
---------------------------
vcontainer: add multi-arch OCI support
Add functions to detect and handle multi-architecture OCI Image Index
format with automatic platform selection during import. Also add
oci-multiarch.bbclass for build-time multi-arch OCI creation.
Runtime support (vcontainer-common.sh):
- is_oci_image_index() - detect multi-arch OCI images
- get_oci_platforms() - list available platforms
- select_platform_manifest() - select manifest for target architecture
- extract_platform_oci() - extract single platform to new OCI dir
- normalize_arch_to_oci/from_oci() - architecture name mapping
- Update vimport to auto-select platform from multi-arch images
Build-time support (oci-multiarch.bbclass):
- Create OCI Image Index from multiconfig builds
- Collect images from vruntime-aarch64, vruntime-x86-64
- Combine blobs and create unified manifest list
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1c902059
---------------------------
container-registry: abstract config and add multi-directory push
Abstract registry configuration for Docker/Podman compatibility and add
multi-directory scanning for easy multi-arch manifest list creation.
- Support both DOCKER_REGISTRY_INSECURE and CONTAINER_REGISTRY_INSECURE
- Add DEPLOY_DIR_IMAGES to scan all machine directories
- Support push by path (single OCI) and push by name (all archs)
- Add environment variable overrides for flexibility
- Single 'push' command now creates multi-arch manifest lists
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1008fa9b
---------------------------
container-cross-install: fix image naming and default runtime
Fix extract_container_info() to properly handle multi-part container names
and add automatic runtime detection based on CONTAINER_PROFILE.
- Fix multi-part name parsing (app-container-multilayer-latest-oci now
correctly becomes app-container-multilayer:latest)
- Add CONTAINER_DEFAULT_RUNTIME from CONTAINER_PROFILE
- Add CONTAINER_IMPORT_TIMEOUT_BASE/PER for dynamic timeout scaling
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 52ac90f1
---------------------------
vcontainer: add virtio-9p fast path for batch imports
Add virtio-9p filesystem support for faster storage output during batch
container imports, replacing slow base64-over-console method.
- Add --timeout option for configurable import timeouts
- Mount virtio-9p share in batch-import mode
- Parse _9p=1 kernel parameter for 9p availability
- Write storage.tar directly to shared filesystem
- Reduces import time from ~600s to ~11s for large containers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 929d1609
---------------------------
image-oci: add layer caching for multi-layer OCI builds
Add layer caching to speed up multi-layer OCI image rebuilds. When
enabled, pre-installed package layers are cached to disk and restored
on subsequent builds, avoiding repeated package installation.
New variables:
- OCI_LAYER_CACHE: Enable/disable caching (default "1")
- OCI_LAYER_CACHE_DIR: Cache location (default ${TOPDIR}/oci-layer-cache/${MACHINE})
Cache key is computed from:
- Layer name and type
- Sorted package list
- Package versions from PKGDATA_DIR
- MACHINE and TUNE_PKGARCH
Cache automatically invalidates when:
- Package versions change
- Layer definition changes
- Architecture changes
Benefits:
- First build: ~10-30s per layer (cache miss, packages installed)
- Subsequent builds: ~1s per layer (cache hit, files copied)
- Shared across recipes with identical layer definitions
Build log shows cache status:
NOTE: OCI Cache HIT: Layer 'base' (be88c180f651416b)
NOTE: OCI: Pre-installed packages for 3 layers (cache: 3 hits, 0 misses)
Also adds comprehensive pytest suite for multi-layer OCI functionality
including tests for 1/2/3 layer modes and cache behavior.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4fd9190b
---------------------------
image-oci: add multi-layer OCI image support with OCI_LAYERS
Add support for creating multi-layer OCI images with explicit layer
definitions via OCI_LAYERS variable. This enables fine-grained control
over container layer composition.
New variables:
- OCI_LAYER_MODE: Set to "multi" for explicit layer definitions
- OCI_LAYERS: Define layers as "name:type:content" entries
- packages: Install specific packages in a layer
- directories: Copy directories from IMAGE_ROOTFS
- files: Copy specific files from IMAGE_ROOTFS
Package installation uses Yocto's package manager classes (RpmPM,
OpkgPM) for consistency with do_rootfs, rather than calling dnf/opkg
directly.
Example usage:
OCI_LAYER_MODE = "multi"
OCI_LAYERS = "\
base:packages:base-files+base-passwd+netbase \
shell:packages:busybox \
app:packages:curl \
"
This creates a 3-layer OCI image with discrete base, shell, and app
layers that can be shared and cached independently.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4ddc9e48
---------------------------
recipes: add multi-layer OCI example recipes
Add example recipes demonstrating multi-layer OCI image building:
alpine-oci-base_3.19.bb:
- Fetches Alpine 3.19 from Docker Hub using container-bundle
- Uses CONTAINER_BUNDLE_DEPLOY for use as OCI_BASE_IMAGE source
- Pinned digest for reproducible builds
app-container-alpine.bb:
- Demonstrates external base image usage
- Layers Yocto packages (busybox) on top of Alpine
- Uses OCI_IMAGE_CMD for Docker-like behavior
app-container-layered.bb:
- Demonstrates local base image usage
- Layers Yocto packages on top of container-base
- Uses OCI_IMAGE_CMD for Docker-like behavior
Both app containers produce 2-layer OCI images where the base layer
is shared, reducing storage and transfer costs.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: fb238ac5
---------------------------
docs: add OCI multi-layer and vshell documentation
Update container-bundling.md with:
- New "OCI Multi-Layer Images" section explaining:
- Single vs multi-layer image differences
- OCI_BASE_IMAGE usage (recipe name or path)
- OCI_IMAGE_CMD vs OCI_IMAGE_ENTRYPOINT behavior
- When to use CMD (base images) vs ENTRYPOINT (wrapper tools)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 98137ae7
---------------------------
vcontainer: add vshell command for VM debug access
Add vshell command to vdkr/vpdmn for interactive shell access to the
QEMU VM where Docker/Podman runs. This is useful for debugging container
issues directly inside the virtual environment.
Usage:
vdkr vmemres start
vdkr vshell
# Now inside VM, can run docker commands directly
docker images
docker inspect <image>
exit
The vshell command requires the memory-resident daemon to be running
(vmemres start). It opens an interactive shell via the daemon's
--daemon-interactive mode.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 9a010bea
---------------------------
container-bundle: add CONTAINER_BUNDLE_DEPLOY for base layer use
Add CONTAINER_BUNDLE_DEPLOY variable to enable dual-use of container-bundle:
1. Target packages (existing): Creates installable packages for target
container storage (Docker/Podman)
2. Base layer source (new): When CONTAINER_BUNDLE_DEPLOY = "1", also
deploys the fetched OCI image to DEPLOY_DIR_IMAGE for use as a base
layer via OCI_BASE_IMAGE
This enables fetching external images (docker.io, quay.io) and using them
as base layers for Yocto-built container images.
Example usage:
# recipes-containers/oci-base-images/alpine-oci-base_3.19.bb
inherit container-bundle
CONTAINER_BUNDLES = "docker.io/library/alpine:3.19"
CONTAINER_DIGESTS[docker.io_library_alpine_3.19] = "sha256:..."
CONTAINER_BUNDLE_DEPLOY = "1"
# Then in your app container recipe:
OCI_BASE_IMAGE = "alpine-oci-base"
IMAGE_INSTALL = "myapp"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: b02a9d60
---------------------------
image-oci: add multi-layer OCI support and CMD default
Add support for multi-layer OCI images, enabling base + app layer builds:
Multi-layer support:
- Add OCI_BASE_IMAGE variable to specify base layer (recipe name or path)
- Add OCI_BASE_IMAGE_TAG for selecting base image tag (default: latest)
- Resolve base image type (recipe/path/remote) at parse time
- Copy base OCI layout before adding new layer via umoci repack
- Fix merged-usr whiteout ordering issue for non-merged-usr base images
(replaces problematic whiteouts with filtered entries to avoid Docker
pull failures when layering merged-usr on traditional layout)
CMD/ENTRYPOINT behavior change:
- Add OCI_IMAGE_CMD variable (default: "/bin/sh")
- Change OCI_IMAGE_ENTRYPOINT default to empty string
- This makes `docker run image /bin/sh` work as expected (like Docker Hub images)
- OCI_IMAGE_ENTRYPOINT_ARGS still works for legacy compatibility
- Fix shlex.split() for proper shell quoting in CMD/ENTRYPOINT values
The multi-layer feature requires umoci backend (default). The sloci backend
only supports single-layer images and will error if OCI_BASE_IMAGE is set.
Example usage:
OCI_BASE_IMAGE = "container-base"
IMAGE_INSTALL = "myapp"
OCI_IMAGE_CMD = "/usr/bin/myapp"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 68320b2c
---------------------------
container-registry: add management commands and documentation
Registry management commands:
- delete <image>:<tag>: Remove tagged images from registry
- gc: Garbage collection with dry-run preview and confirmation
- push <image> --tag: Explicit tags now require image name
(prevents accidentally tagging all images with same version)
Config improvements:
- Copy config to storage directory with baked-in storage path
- Fixes gc which reads config directly (not via env var)
- All registry files now in ${TOPDIR}/container-registry/
Documentation:
- Development Loop workflow (build, push, pull, test)
- Build-time OCI labels (revision, branch, created)
- Complete command reference
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 8b19fa53
---------------------------
image-oci: add build-time metadata labels for traceability
Automatically embed source and build information into OCI images using
standard OCI annotations (opencontainers.org image-spec):
- org.opencontainers.image.revision: git commit SHA
- org.opencontainers.image.ref.name: git branch name
- org.opencontainers.image.created: ISO 8601 build timestamp
- org.opencontainers.image.version: PV (if meaningful)
New variables:
- OCI_IMAGE_REVISION: explicit SHA override (auto-detects from TOPDIR)
- OCI_IMAGE_BRANCH: explicit branch override (auto-detects from TOPDIR)
- OCI_IMAGE_BUILD_DATE: explicit timestamp override (auto-generated)
- OCI_IMAGE_APP_RECIPE: hook for future cross-recipe extraction
Set any variable to "none" to disable that specific label.
This enables 1:1 traceability between container images and source code,
following industry best practices for CI/CD and release management.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1d896819
---------------------------
container-registry: add industry-standard tag strategies
Add comprehensive tag support for registry push operations:
Tag strategies (CONTAINER_REGISTRY_TAG_STRATEGY):
- sha/git: short git commit hash for traceability
- branch: git branch name (sanitized) for dev workflows
- semver: nested SemVer tags (1.2.3 -> 1.2.3, 1.2, 1)
- timestamp: YYYYMMDD-HHMMSS format
- version: single version tag from PV
- latest: the "latest" tag
- arch: append architecture suffix
Helper script enhancements:
- push --tag <tag>: explicit tags (repeatable)
- push --strategy <strategies>: override tag strategy
- push --version <ver>: version for semver strategy
- Baked-in defaults from bitbake variables
- Environment variable overrides supported
This aligns with industry practices:
- Git SHA for CI/CD traceability
- SemVer nested tags for release management
- Branch tags for feature development
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 45a4f2aa
---------------------------
tests: add container registry pytest tests
Add pytest tests for registry functionality:
- test_vdkr_registry.py: vconfig registry, image commands, CLI override
- test_container_registry_script.py: start/stop/push/import/list/tags
- conftest.py: --registry-url, --registry-script options
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f865a238
---------------------------
vdkr: add registry configuration and pull fallback
Add registry support to vdkr:
- vconfig registry command for persistent config
- --registry flag for one-off usage
- Registry-first, Docker Hub fallback for pulls
- Baked-in registry config via CONTAINER_REGISTRY_URL
- Image commands (inspect, history, rmi, images) work without transform
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 87ed625c
---------------------------
container-registry: add local OCI registry infrastructure
Add container registry support for Yocto container workflows:
- container-registry.bbclass with helper functions
- container-registry-index.bb generates helper script with baked paths
- docker-registry-config.bb for Docker daemon on targets
- container-oci-registry-config.bb for Podman/Skopeo/Buildah targets
- IMAGE_FEATURES container-registry for easy target configuration
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 33944038
---------------------------
tests: increase stop command timeouts to 30 seconds
Docker stop has a default 10-second grace period before SIGKILL, so
test timeouts of 10 seconds were insufficient. Increase all stop
timeouts to 30 seconds to account for the grace period plus command
overhead.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: cfd997d1
---------------------------
tests: add --network=host backward compatibility test
Add test_network_host_backward_compat to verify that explicit --network=host
still works with the new bridge networking default. Uses busybox httpd with
configurable port since static port forwards now map host_port -> host_port
on VM (for bridge networking's Docker -p handling).
Also update test docstrings to reflect bridge networking as the new default
and add port 8082 to TEST_PORTS for orphan cleanup.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 3d7bf7da
---------------------------
vcontainer: fix ps -q to suppress port forward display
When using `ps -q` or `ps --quiet`, only container IDs should be output.
The port forward registry display was being included, which broke cleanup
code that expected just container IDs.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f367e1c7
---------------------------
vrunner: update static port forwarding for bridge networking
Update the static port forwarding (used at QEMU startup) to match
the dynamic QMP port forwarding change. With bridge networking:
- QEMU forwards host:port -> VM:port
- Docker's iptables handles VM:port -> container:port
Previously the static port forward went directly to the container
port (host:8080 -> VM:80), which doesn't work with bridge networking
where Docker needs to handle the final hop.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: dd13b2b6
---------------------------
tests: add cleanup for orphan QEMU and stale test state
Add session-scoped autouse fixture that at session start:
1. Kills any QEMU processes holding ports used by tests (8080, 8081,
8888, etc.) - handles orphans from manual testing or crashed runs
2. Cleans up corrupt test state directories (docker-state.img with
"needs journal recovery") to ensure tests start fresh
This ensures tests don't fail due to leftover state from previous
runs or manual testing.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 35193015
---------------------------
recipes: fix multiconfig build comments
Fix the bitbake multiconfig commands in rootfs recipe comments.
The multiconfig names are vruntime-aarch64 and vruntime-x86-64,
not vdkr-*/vpdmn-*.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: aaaef65d
---------------------------
tests: add bridge networking test
Add test_multiple_containers_same_internal_port() to verify the key
benefit of bridge networking: multiple containers can listen on the
same internal port with different host port mappings.
The test runs two nginx containers both listening on port 80 internally,
mapped to host ports 8080 and 8081, and verifies both are accessible.
Also update TestPortForwarding docstring to reflect the change from
host networking to bridge networking.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f2889118
---------------------------
vcontainer: update CLI for bridge networking
Update the CLI wrapper to work with Docker bridge networking:
- qmp_add_hostfwd(): Change QEMU port forward from host_port->guest_port
to host_port->host_port. With bridge networking, Docker's iptables
handles the final hop (VM:host_port -> container:guest_port).
- Default network mode: Remove --network=host default. Docker's bridge
is now the default, giving each container its own IP. Users can still
explicitly use --network=host for legacy behavior.
- Update help text to document the new bridge networking behavior.
Port forwarding flow is now:
Host:8080 -> QEMU -> VM:8080 -> Docker iptables -> Container:80
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6b18259b
---------------------------
vdkr: enable Docker bridge networking
Enable Docker's default bridge network (docker0, 172.17.0.0/16) inside
the QEMU VM to allow multiple containers to listen on the same internal
port with different host port mappings.
Changes:
- Add iptables package to vdkr-rootfs-image for Docker NAT rules
- Change dockerd options in vdkr-init.sh:
- Set --iptables=true (was false)
- Remove --bridge=none to enable default docker0 bridge
This enables the workflow:
vdkr run -d -p 8080:80 --name nginx1 nginx:alpine
vdkr run -d -p 8081:80 --name nginx2 nginx:alpine
# Both work - each container gets its own 172.17.0.x IP
Previously with --network=host (the old default), both containers would
try to bind port 80 on the VM's single IP, causing conflicts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 3c01c9aa
---------------------------
vcontainer-common: fix QMP netdev ID for hostfwd commands
The QEMU netdev is named 'net0', not 'user.0'. Fix the hostfwd_add
and hostfwd_remove commands to use the correct netdev ID.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 6cd8f5c6
---------------------------
vcontainer-common: remove 'local' keywords from case blocks
The 'local' keyword can only be used inside functions, not in the
main script's case blocks. Remove 'local' from variables in the
run, ps, and vmemres case handlers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1370e09b
---------------------------
vcontainer-init: fix idle timeout detection to distinguish EOF from timeout
The read -t command returns different exit codes:
- 0: successful read
- 1: EOF (connection closed)
- >128: timeout (typically 142)
Previously, any empty result was treated as timeout, but when the host
closes the connection after PING/PONG, read returns EOF immediately.
This caused the daemon to shut down right after startup.
Now we capture the exit code and only trigger idle shutdown when
read actually times out (exit code > 128).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 2f75879b
---------------------------
vrunner: fix file descriptor close syntax for coproc
The syntax {SOCAT[0]}<&- is invalid - curly braces are for allocating
new file descriptors, not referencing existing ones. Use eval with
${SOCAT[0]} to properly close the coproc file descriptors.
Fixes: "SOCAT[0]: ambiguous redirect" error when using daemon mode.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 3f0745b4
---------------------------
tests: add tests for auto-start and dynamic port forwarding
Add test coverage for new vmemres features:
TestAutoStartDaemon:
- test_auto_start_on_first_command: Verify daemon auto-starts
- test_no_daemon_flag: Verify --no-daemon uses ephemeral mode
- test_vconfig_auto_daemon: Test auto-daemon config setting
- test_vconfig_idle_timeout: Test idle-timeout config setting
TestDynamicPortForwarding:
- test_dynamic_port_forward_run: Run -d -p adds forward dynamically
- test_port_forward_cleanup_on_stop: Forwards removed on stop
- test_port_forward_cleanup_on_rm: Forwards removed on rm
- test_multiple_dynamic_port_forwards: Multiple containers work
TestPortForwardRegistry:
- test_port_forward_cleared_on_memres_stop: Registry cleared
Also add ensure_busybox() helper to both VdkrRunner and VpdmnRunner.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0ebf4ef7
---------------------------
vcontainer: add dynamic port forwarding via QEMU QMP
Add dynamic port forwarding for containers using QEMU's QMP (QEMU
Machine Protocol). This enables running multiple detached containers
with different port mappings without needing to declare ports upfront.
Key changes:
- vrunner.sh: Add QMP socket (-qmp unix:...) to daemon startup
- vcontainer-common.sh:
* QMP helper functions (qmp_send, qmp_add_hostfwd, qmp_remove_hostfwd)
* Port forward registry (port-forwards.txt) for tracking mappings
* Parse -p, -d, --name flags in run command
* Add port forwards via QMP for detached containers
* Enhanced ps command to show host port forwards
* Cleanup port forwards on stop/rm/vmemres stop
Usage:
vdkr run -d -p 8080:80 nginx # Adds 8080->80 forward
vdkr run -d -p 3000:3000 myapp # Adds 3000->3000 forward
vdkr ps # Shows containers + port forwards
vdkr stop nginx # Removes 8080->80 forward
This solves the problem where auto-started vmemres couldn't handle
multiple containers with different port mappings. QMP allows adding
and removing port forwards at runtime without restarting the daemon.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 9e17cd68
---------------------------
vcontainer: add auto-start daemon with idle timeout
Add automatic daemon startup and idle timeout cleanup for vdkr/vpdmn:
- vmemres daemon auto-starts on first command (no manual start needed)
- Daemon auto-stops after idle timeout (default: 30 minutes)
- --no-daemon flag for ephemeral mode (single-shot QEMU)
- New config keys: idle-timeout, auto-daemon
Changes:
- vcontainer-init-common.sh: Parse idle_timeout from cmdline, add
read -t timeout to daemon loop for auto-shutdown
- vrunner.sh: Add --idle-timeout option, pass to kernel cmdline
- vcontainer-common.sh: Auto-start logic in run_runtime_command(),
--no-daemon flag, config defaults
- container-cross-install.bbclass: Add --no-daemon for explicit
ephemeral mode during Yocto builds
Configuration:
vdkr vconfig idle-timeout 3600 # 1 hour timeout
vdkr vconfig auto-daemon false # Disable auto-start
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 70a9de6c
---------------------------
image-oci: fix symlink loop on image rebuild
Use ln -sfn instead of ln -sf to prevent creating symlinks inside
existing symlink target directories. Without -n, if the convenience
symlink (e.g., container-base-latest-oci) already exists and points
to a directory, ln -sf creates the new symlink inside that directory
rather than replacing it, resulting in a self-referencing symlink.
This manifests as "Too many levels of symbolic links" errors when
container-bundle tries to copy OCI images after a rebuild.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 3a24b69b
---------------------------
tests: fix has_image false positive from substring match
Change has_image() to use 'image inspect' instead of substring search
in 'images' output. The substring approach caused false positives when
images like 'nginx:alpine' were present - searching for 'alpine' would
match and skip pulling 'alpine:latest'.
This fixes TestSaveLoad::test_save_and_load which failed after the
port forwarding test introduced nginx:alpine.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 2af9d5d8
---------------------------
docs: update meta-virt-roadmap
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 7584611e
---------------------------
docs: fix dead references to vdkr-native and obsolete test classes
Update references to reflect the current architecture:
- Change vdkr-native/vpdmn-native to vcontainer-native in comments
- Remove TestContainerCrossTools and TestContainerCrossInitramfs from README
- Fix build command: vdkr-native → vcontainer-tarball
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 7cfd91b8
---------------------------
docs: add container bundling and vdkr/vpdmn documentation
Add comprehensive documentation for the container cross-install system:
- Choosing between BUNDLED_CONTAINERS and container-bundle packages
- Decision guide table for selecting the right approach
- Component relationships (app recipe -> container image -> bundle)
- BUNDLED_CONTAINERS format and examples
- container-bundle.bbclass usage
- Container autostart configuration
- vdkr/vpdmn virtual container runtime usage
- Architecture overview and how it works
- Testing instructions
This provides a single reference for users wanting to bundle containers
into Yocto images at build time.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f93abf86
---------------------------
classes: factor out shared functions to container-common.bbclass
Create container-common.bbclass with shared Python functions used by both
container-bundle.bbclass and container-cross-install.bbclass:
- get_vruntime_multiconfig(d): Maps TARGET_ARCH to multiconfig name
- get_vruntime_machine(d): Maps TARGET_ARCH to MACHINE for deploy path
- get_blob_arch(d): Maps TARGET_ARCH to blob directory name
This removes ~55 lines of duplicated code and ensures consistency between
the two bbclass files.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: e41728ba
---------------------------
vcontainer: default to --network=host for container run
Docker bridge networking is intentionally disabled in vdkr (dockerd runs
with --bridge=none --iptables=false). Rather than requiring users to
explicitly add --network=host to every container run command, make it
the default.
This simplifies port forwarding workflows:
vdkr memres start -p 8080:80
vdkr run -d --rm nginx:alpine # Just works, no --network=host needed
Users can still override with --network=none if they explicitly want
no networking.
Updates help text and examples to reflect the new default.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c03fa452
---------------------------
vcontainer: add SDK-based standalone tarball
Add vcontainer-tarball.bb recipe that creates a relocatable standalone
distribution of vdkr and vpdmn container tools using Yocto SDK infrastructure.
Features:
- Auto-detects available architectures from built blobs
- Custom SDK installer with vcontainer-specific messages
- nativesdk-qemu-vcontainer.bb: minimal QEMU without OpenGL deps
Recipe changes:
- DELETE vdkr-native_1.0.bb (functionality moved to SDK)
- DELETE vpdmn-native_1.0.bb (functionality moved to SDK)
- ADD vcontainer-tarball.bb (SDK tarball recipe)
- ADD toolchain-shar-extract.sh (SDK installer template)
- ADD nativesdk-qemu-vcontainer.bb (minimal QEMU for SDK)
Usage:
MACHINE=qemux86-64 bitbake vcontainer-tarball
./tmp/deploy/sdk/vcontainer-standalone.sh -d /opt/vcontainer -y
source /opt/vcontainer/init-env.sh
vdkr images
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f9f8e294
---------------------------
tests: add port forwarding test for vdkr
Add TestPortForwarding class with test_port_forward_nginx that:
- Starts memres with port forwarding (-p 8080:80)
- Runs nginx with --network=host
- Verifies accessibility from host via curl
Also adds port_forwards parameter to memres_start() in both
VdkrRunner and VpdmnRunner helper classes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 1165c61f
---------------------------
tests: add pytest framework for vdkr and vpdmn
Add pytest-based test suite for testing vdkr and vpdmn CLI tools.
Tests use a separate state directory (~/.vdkr-test/) to avoid
interfering with production images.
Test files:
- conftest.py: Pytest fixtures for VdkrRunner and VpdmnRunner
- test_vdkr.py: Docker CLI tests (images, vimport, vrun, volumes, etc.)
- test_vpdmn.py: Podman CLI tests (mirrors vdkr test coverage)
- memres-test.sh: Helper script for running tests with memres
- pytest.ini: Pytest configuration and markers
Test categories:
- Basic operations: images, info, version
- Import/export: vimport, load, save
- Container execution: vrun, run, exec
- Storage management: system df, vstorage
- Memory resident mode: memres/vmemres start/stop/status
Running tests:
pytest tests/test_vdkr.py -v --vdkr-dir /tmp/vcontainer-standalone
pytest tests/test_vpdmn.py -v --vdkr-dir /tmp/vcontainer-standalone
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c32e1081
---------------------------
container-cross-install: add bbclass for bundling containers into images
This class enables bundling pre-built OCI containers into Yocto images
at build time. It uses vdkr/vpdmn to process containers via QEMU,
producing properly formatted storage that can be merged into the
target rootfs.
Two mechanisms for bundling containers:
1. BUNDLED_CONTAINERS variable (direct specification):
- Set in local.conf or image recipe
- Format: "name:runtime[:autostart][:external]"
- Dependencies auto-generated at parse time
- Example: BUNDLED_CONTAINERS = "container-base:docker:autostart"
2. container-bundle packages (package-based):
- Recipes inherit container-bundle.bbclass to create packages
- Installing packages via IMAGE_INSTALL triggers processing
- merge_installed_bundles() scans installed OCI directories
- Runs vrunner once in batch-import mode for efficiency
Automatic dependency generation for BUNDLED_CONTAINERS:
- Parses entries at recipe parse time via python __anonymous()
- Derives recipe name from OCI dir names (strips -latest-oci/-oci suffix)
- Generates do_rootfs[depends] on recipe:do_image_complete
- Use :external tag to skip dependency for third-party blobs
- Single "bitbake container-image-host" builds containers + image
Usage in image recipe:
inherit container-cross-install
Features:
- Automatic detection of target architecture
- Support for both Docker and Podman runtimes
- Batch import mode for efficiency with multiple containers
- Autostart support via systemd services (Docker) or Quadlet (Podman)
- Integration with vrunner for QEMU-based processing
- Backwards compatible with legacy -latest-oci naming convention
The class processes containers during do_rootfs and merges the
resulting storage into /var/lib/docker or /var/lib/containers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 79d03d53
---------------------------
container-bundle: add package-based container bundling support
This class creates installable packages that bundle pre-processed
container images. When installed via IMAGE_INSTALL, containers are
automatically merged into the target image's container storage.
Component relationships for bundling a local container:
1. Application Recipe (builds the software)
recipes-demo/myapp/myapp_1.0.bb
- Compiles application binaries
- Creates installable package (myapp)
2. Container Image Recipe (creates OCI image containing the app)
recipes-demo/images/myapp-container.bb
- inherit image image-oci
- IMAGE_INSTALL = "myapp"
- Produces: ${DEPLOY_DIR_IMAGE}/myapp-container-latest-oci/
3. Bundle Recipe (packages container images for deployment)
recipes-demo/bundles/my-bundle_1.0.bb
- inherit container-bundle
- CONTAINER_BUNDLES = "myapp-container:autostart"
- Creates installable package with OCI data
Flow: application recipe -> container image recipe -> bundle recipe
-> IMAGE_INSTALL in host image -> container deployed on target
Usage:
inherit container-bundle
CONTAINER_BUNDLES = "myapp-container:autostart redis-container"
CONTAINER_BUNDLES format: source[:autostart-policy]
- source: Container IMAGE recipe name or remote registry URL
- autostart-policy: Optional (autostart, always, unless-stopped, on-failure)
Features:
- Auto-generates dependencies on container image recipes (do_image_complete)
- Supports remote containers via skopeo (requires CONTAINER_DIGESTS)
- Runtime auto-detected from CONTAINER_PROFILE (docker/podman)
- Produces OCI directories and metadata for container-cross-install
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 0cdb5504
---------------------------
vcontainer: add documentation
Add documentation for vcontainer/vdkr/vpdmn:
- README.md: Update layer README with vcontainer distro feature
- recipes-containers/vcontainer/README.md: Comprehensive vdkr/vpdmn
usage documentation including CLI commands, build instructions,
and architecture overview
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 8f6f746b
---------------------------
vcontainer: add vpdmn Podman support
Add vpdmn - Podman CLI wrapper for cross-architecture container operations:
Scripts:
- vpdmn.sh: Podman CLI entry point (vpdmn-x86_64, vpdmn-aarch64)
- vpdmn-init.sh: Podman init script for QEMU guest
Recipes:
- vpdmn-native: Installs vpdmn CLI wrappers
- vpdmn-rootfs-image: Builds Podman rootfs with crun, netavark, skopeo
- vpdmn-initramfs-create: Creates bootable initramfs blob
The vpdmn CLI provides Podman-compatible commands executed inside a
QEMU-emulated environment. Unlike vdkr, Podman is daemonless which
simplifies the guest init process.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 18074e0e
---------------------------
vcontainer: add vdkr Docker support
Add vdkr - Docker CLI wrapper for cross-architecture container operations:
Scripts:
- vdkr.sh: Docker CLI entry point (vdkr-x86_64, vdkr-aarch64)
- vdkr-init.sh: Docker init script for QEMU guest
Recipes:
- vdkr-native: Installs vdkr CLI wrappers
- vdkr-rootfs-image: Builds Docker rootfs with containerd, runc, skopeo
- vdkr-initramfs-create: Creates bootable initramfs blob
The vdkr CLI provides Docker-compatible commands executed inside a
QEMU-emulated environment, enabling cross-architecture container
operations during Yocto builds.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c32db569
---------------------------
vcontainer: add shared infrastructure and runner
Add core vcontainer infrastructure shared by vdkr and vpdmn:
Scripts:
- vrunner.sh: QEMU runner supporting both Docker and Podman runtimes
- vcontainer-common.sh: Shared CLI functions and command handling
- vcontainer-init-common.sh: Shared init script functions for QEMU guest
- vdkr-preinit.sh: Initramfs preinit for switch_root to squashfs overlay
Recipes:
- vcontainer-native: Installs vrunner.sh and shared scripts
- vcontainer-initramfs-create.inc: Shared initramfs build logic
Features:
- Docker/Podman-compatible commands: images, pull, load, save, run, exec
- Memory resident mode for fast command execution
- KVM acceleration when host matches target
- Interactive mode with volume mounts
- Squashfs rootfs with tmpfs overlay
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 4baa3503
---------------------------
vcontainer: add vruntime distro and multiconfigs
Add minimal vruntime distro for building QEMU blob images:
- conf/distro/vruntime.conf: Minimal distro with vcontainer features
- conf/multiconfig/vruntime-aarch64.conf: aarch64 multiconfig
- conf/multiconfig/vruntime-x86-64.conf: x86-64 multiconfig
The vruntime distro provides a minimal environment for building
Docker/Podman rootfs images used by vdkr/vpdmn.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f73b6076
---------------------------
vcontainer: add kernel config fragments for container support
Add kernel configuration fragments required for vdkr/vpdmn:
- 9p.cfg: 9P filesystem for virtio-9p file sharing (volume mounts)
- squashfs.cfg: Squashfs and overlayfs for rootfs images
Only applied when "vcontainer" is in DISTRO_FEATURES.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: aca7bf0b
---------------------------
busybox: add utilities required for container cross-install
Add busybox configuration fragment enabling utilities needed for
container cross-install initramfs:
- base64: Required for transferring container storage from QEMU
to host via serial console
- hexdump, uuencode, split: Additional useful utilities
These utilities are used by the rootfs/runtime/init inside
QEMU to encode container storage data for transfer.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 28d26fd9
---------------------------
lopper: update to -tip
Bumping lopper to latest, which comprises the following commits:
b3ef974 lopper: assists: xlnx_overlay_dt: Remove explicit phandle property configuration
5ee18e1 lopper: assists: xlnx_overlay_dt: Sort imports
15780a1 lopper: assists: xlnx_overlay_dt: Use Lopper logging
9bfadf3 lopper: assists: xlnx_overlay_dt: Refactor to use Lopper tree operations
435a501 openamp: xlnx: add specific checks to ensure reserved mem is ok
3a3df0a lopper_sanity/schema: add /bits/ 64 bit preserved test
cd8a467 lopper/tree: fix /bits/ 64 property output
363b74b lopper:assists:baremetallinker_xlnx: Correct OCM memory mapping in xlnx_memipname
35f96f9 gen_domain_dts: Fix RTC interrupt format for Zephyr
1c11d1c lopper: assists: zephyr: Add Xilinx RTC node for Zephyr
85bf49e gen_domain_dts: Fix back clock_props logic
afa272d openamp: xlnx: enable zephyr RPU DT without domain-access
09ba439 openamp: xlnx: parity with default openamp cases
a279acf lopper: assist: zephyr: for R52 update ranges property
7db8955 gen_domain_dts: Remove mig-7series, ddr4 and lmb_bram from the list of PL memory IPs that need to be removed
e6a1d17 assists: gen_domain_dts: Add tcm lockstep nodes to linux_ignore_ip_list
833d64b lops/sample: add a sample lop file for phandle modifications
c97589b lopper:assist: Define FRL enable macro based on HDMI mode
696a855 lopper:assists:baremetalconfig_xlnx: Fix file handle leak in DtbtoCStruct causing _g.c file corruption
4fa6a81 lopper:assists: Refactor device tree node property access to use propval() method
aa0ba9a openamp: xlnx: xlnx_openamp_get_ddr_elf_load: skip mmio-sram nodes
8080436 assists/yaml_to_dts_expansion: resolve_host_remote: fix err handling path
d8c8022 assists/yaml_to_dts_expansion: openamp_remote_cpu_expand: fix lockstep check
8b39ddf sanity/openamp: reformat test to use internal script
32ab506 assists/domain_access: fix includes
b717e84 assists/yaml_to_dts_expansion: add start/size helper
72a938c assists/yaml_to_dts_expansion: Add cleanups
87e3d3e assists/domain_access: Document case of empty memory description for domain
b3d7642 lopper: move YAML expansion to its own plugin yaml_translation
429834f assists/subsystem: add yaml handling from openamp
7e88aef openamp: remove yaml handling here
6e77a4b assists/domain_access: remove expand calls
84cba90 openamp: xlnx: removed yaml translation routines
3c7947e openamp: xlnx: Add documentation for each routine.
18cb02e lopper: assists: zephyr: Add MMIO SRAM
d7e1875 assists/domain_access: memory: account for empty memory value
cb66e4d openamp: xlnx: refactor for domain access
387d72e assists/domain_access: Only do a re-order for reserved memory
efb5998 yaml-xlate: update handling for domain reserved memory
f395a39 assists/subsystem: reserved_memory_expand: change to follow phandle list convention
f120d7e gen_domain_dts: remove openamp handling
bf70796 baremetallinker_xlnx: update openamp elf ddr routine
61a19eb assists/subsystem: add RPU power domain to domain
419b2b0 lops/xlate-yaml: synchronize interrupt-map phandle definition
3c827f4 lops: drop cdo lops from default loading
b48475e housekeeping: remove unused cdo lops and assists
ad3d848 lopper:assists:baremetalconfig_xlnx: Fix file handle leak in DtbtoCStruct causing _g.c file corruption
892679f lopper/base: tweak comment regex to skip embedded python
6f0ffe0 lopper: correctly label compact (or sparse) nodes in --enhanced mode
06ca2b9 lopper: Use absolute() instead of resolve() to preserve substituted drive letters and avoid Windows path length issues
4117062 lopper_sanity: make results output uniform
8569906 loper/yaml: update to lopper.log and global trace level values
61d252b tree: drop if verbose checks
0ddcc1c lopper/query: convert to lopper.log format
59fc977 loper/base: convert output to lopper.log format
460ca22 assists/extract: convert to lopper log output
608610a assits/domain_access: set finer grained lopper log level
7e75684 assists/compare: convert to lopper.log output
fd630e3 lopper/common_utils: convert remaining print to lopper.log
2330e5f lopper/cdo: use lopper.log instead of print
c0f92ba lopper/main: convert remaining print statments to lopper.log
4cee119 lopper: SDT: convert print statements to lopper.log output
27b0b6a lopper/fdt: convert print statements to lopper log calls
fd17a4f lopper/log: add additional logging levels
abf3aed lopper: convert remaining verbosity checks to lopper.log calls
59d307f lopper: allow .dtsi files to be joined with the SDT
e4c11a0 gpios: add phandle field description
f4bfbbf lopper:assists: Add exception handling for missing clock nodes
50c245d assists: baremetallinker_xlnx: Add support for lpddr memory IP
dd91add baremetal_gentestapp_xlnx: Skip the inclusion of the IP in peripheral test if is-hierarchy is present in the DT node
4f56ad3 lopper: assists: gen_domain_dts: Fix for Zephyr microblaze Kconfig generation alignment and ordering
9303c00 lopper: assist: zephyr: Add support for dma-channels property in AXI-DMA node
873dc86 docs(zephyr): Add comprehensive AMD SoC processor documentation with Sphinx integration
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 03fe48aa
---------------------------
lxc: delete empty lxc state directory
lxc systemd service [1] defines a StateDirectory to ensure that
the /var/lib/lxc directory is automatically created and managed
by systemd during service startup.
Do not create lxc directory at build time for systemd.
[1] https://github.com/lxc/lxc/blob/f9ff9ea2a92653a823edf25e8e28c9dab08b3090/config/init/systemd/lxc.service.in#L16
Signed-off-by: Vishwas Udupa <vudupa@qti.qualcomm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 9d98a3a8
---------------------------
cockpit-machines: add recipe
`cockpit-machines` is a Cockpit plugin used to provide a web interface
to manage virtual machines. Since Cockpit version 242, cockpit-machines
has been moved to a dedicated repository. This package is dependent on
cockpit package from meta-webserver layer.
To test it, access the cockpit-machines UI on the tested target at
`https://127.0.0.1:9090/machines`.
Signed-off-by: Paul Le Guen de Kerneizon <paul.leguendekerneizon@savoirfairelinux.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: 980ef86f
---------------------------
python3-dotenv: add UPSTREAM_CHECK_PYPI_PACKAGE
Add UPSTREAM_CHECK_PYPI_PACKAGE to check the correct latest stable
verison.
Before the patch:
$ devtool latest-version python3-dotenv
INFO: Current version: 1.1.0
INFO: Latest version: 1.0.1
After the patch:
$ devtool latest-version python3-dotenv
INFO: Current version: 1.1.0
INFO: Latest version: 1.2.1
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: f6a438e0
---------------------------
irqbalance: correct to install /etc/default for systemd
Due to upstream commit [Properly embed EnvironmentFile sourced systemd
configs into meson and autonconf][1], introduced 2 configurable directories,
defaults set to: /usr/etc/default.
This commit uses option --with-pkgconfdir to correct to install /etc/default
for systemd as usual
[1] https://github.com/Irqbalance/irqbalance/commit/41cb97c714e6216ab7f10f8aaa51a2548da3acc7
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---------------------------
Commit: c7fa63b
---------------------------
poky: Remove Fedora 41 from sanity tested distros list
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f4d45d0
---------------------------
poky: Update codename whinlatter -> wrynose
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ddd007f
---------------------------
layer.conf: Update wrynose release series
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 31e68c7
---------------------------
oeqa/runtime/parselogs: ignore KV260 USB error on genericarm64
On AMD KV260 the USB 1-1 driver sometimes throws this new warning at boot but
continues and USB stack works so ignore the error:
usb 1-1: device descriptor read/64, error -71
hub 1-1:1.0: USB hub found
hub 1-1:1.0: 5 ports detected
usb 2-1: new SuperSpeed USB device number 2 using xhci-hcd
hub 2-1:1.0: USB hub found
hub 2-1:1.0: 4 ports detected
https://lists.yoctoproject.org/g/automated-testing/message/1525
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b9f474f
---------------------------
oeqa/runtime/parselogs: workaround current TI BeaglePlay warnings
On genericarm64 machine, parselogs test is currently failing
due to these error messages. They don't seem to affect functionality
so ignore them for now.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4e081be
---------------------------
poky: Update after core default changes
These changes were moved into defaultsetup.conf and therefore are no longer
needed here.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3f03fda
---------------------------
yocto-bsp: update to v6.18.13
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
25e0b1c206e3d Linux 6.18.13
df337ba02ca53 f2fs: fix incomplete block usage in compact SSA summaries
855c54f1803e3 f2fs: fix to do sanity check on node footer in {read,write}_end_io
cd2fec912a0f0 f2fs: fix to do sanity check on node footer in __write_node_folio()
715a7a72e4736 USB: serial: option: add Telit FN920C04 RNDIS compositions
f611dafe0ffd3 iommu/arm-smmu-qcom: do not register driver in probe()
0415ae51a40e3 f2fs: optimize f2fs_overwrite_io() for f2fs_iomap_begin
fee27b69dde1a f2fs: fix to avoid mapping wrong physical block for swapfile
97e4f479939e5 f2fs: support non-4KB block size without packed_ssa feature
995030be4ce63 f2fs: fix to avoid UAF in f2fs_write_end_io()
d4a594dd952df f2fs: fix out-of-bounds access in sysfs attribute read/write
bd66b4c487d50 f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes
70cf1e96bde07 f2fs: fix to check sysfs filename w/ gc_pin_file_thresh correctly
fb9f7e52273db f2fs: fix to add gc count stat in f2fs_gc_range
1c008ad0f0d1c fbdev: smscufx: properly copy ioctl memory to kernelspace
3e4cbd1d46c24 fbdev: rivafb: fix divide error in nv3_arb()
98d91080517d4 cpuset: Fix missing adaptation for cpuset_is_populated
eaa9fcf57934c LoongArch: Rework KASAN initialization for PTW-enabled systems
9b671f6f432be mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather
0c74d37343b93 arm64: dts: mediatek: mt8183: Add missing endpoint IDs to display graph
6d66464d1a059 gpiolib: acpi: Fix gpio count with string references
fa4938e0d0d64 io_uring/fdinfo: be a bit nicer when looping a lot of SQEs/CQEs
cab928242853a ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()
00c57e2369386 drm/amd/display: remove assert around dpp_base replacement
8e6f503961709 drm/amd/display: extend delta clamping logic to CM3 LUT helper
f2584f791a103 tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow
7bc40c6f36575 ASoC: cs42l43: Correct handling of 3-pole jack load detection
a8ed5b974a244 platform/x86: panasonic-laptop: Fix sysfs group leak in error path
2ca80dd4bb0e2 ASoC: sof_sdw: Add a quirk for Lenovo laptop using sidecar amps with cs42l43
bb6ff25035da5 platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro
a9584e9e46448 ALSA: hda/realtek: Enable headset mic for Acer Nitro 5
78783e8d588cf ASoC: amd: yc: Add quirk for HP 200 G2a 16
c3b2e922924bf ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9
97528b1622b8f platform/x86: classmate-laptop: Add missing NULL pointer checks
efdb9c8ca3cfb drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used
4b71ad7676564 romfs: check sb_set_blocksize() return value
d2e01e0c5e947 ALSA: hda/realtek - fixed speaker no sound
20bc7062c352f ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel
1bdbcf326474c ALSA: hda/realtek: Add quirk for Inspur S14-G1
b0b2cb84b64a9 gpio: sprd: Change sprd_gpio lock to raw_spin_lock
652667ac1369e ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list
464a50c6b23aa rust: driver: fix broken intra-doc links to example driver types
7d82e965fe0e3 rust: dma: fix broken intra-doc links
68dd6c5ebe799 rust: device: fix broken intra-doc links
31f33b856d232 scsi: qla2xxx: Fix bsg_done() causing double free
2784b1b43af37 Linux 6.18.12
53a76425e0764 Revert "driver core: enforce device_lock for driver_match_device()"
ee4fb138af107 Linux 6.18.11
32f08c3ddd6dd gpio: omap: do not register driver in probe()
116f7bd8160c6 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add
24a253c3aa6d9 PCI: endpoint: Avoid creating sub-groups asynchronously
60b75407c172e drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
ed82e7949f5ca xfs: fix UAF in xchk_btree_check_block_owner
d741534302f71 erofs: fix UAF issue for file-backed mounts w/ directio option
1d6bd6183e723 bus: fsl-mc: fix use-after-free in driver_override_show()
d14e991279831 scsi: qla2xxx: Query FW again before proceeding with login
f04840512438a scsi: qla2xxx: Free sp in error path to fix system crash
c068ebbaf5282 scsi: qla2xxx: Delay module unload while fabric scan in progress
ae49d33bfc08b scsi: qla2xxx: Allow recovery for tape devices
1a9585e4c58d1 scsi: qla2xxx: Validate sp before freeing associated memory
1339455044155 wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon()
46c1d56ad321f hfs: ensure sb->s_fs_info is always cleaned up
4aa45f841413c nilfs2: Fix potential block overflow that cause system hang
52505d7f713bf crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req
e69a7b0a71b65 crypto: virtio - Add spinlock protection with virtqueue notification
2ed27b5a11743 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly
62c89e1992c86 crypto: octeontx - Fix length check to avoid truncation in ucode_load_store
d75207465eed2 crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode
65a0016016e8b ALSA: hda/conexant: Add quirk for HP ZBook Studio G4
be7a9bcee0ca6 Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB
8d76b2488eb3c driver core: enforce device_lock for driver_match_device()
16c8be3d55441 smb: client: let send_done handle a completion without IB_SEND_SIGNALED
6bf260ace7301 smb: client: let smbd_post_send_negotiate_req() use smbd_post_send()
69ce4ae2ab65c smb: client: fix last send credit problem causing disconnects
cca0526ef2344 smb: client: make use of smbdirect_socket.send_io.bcredits
9eff83600edf6 smb: client: use smbdirect_send_batch processing
d059e5fc49755 smb: client: introduce and use smbd_{alloc, free}_send_io()
1f3e8e2c67cbc smb: client: split out smbd_ib_post_send()
8786127068d51 smb: client: port and use the wait_for_credits logic used by server
1fe0f989beb8b smb: client: remove pointless sc->send_io.pending handling in smbd_post_send_iter()
2b08ca3ab6cc5 smb: client: remove pointless sc->recv_io.credits.count rollback
b9ec75aba3c8f smb: client: let smbd_post_send() make use of request->wr
5b69ba9978dd0 smb: client: let recv_done() queue a refill when the peer is low on credits
f664e6e8a8110 smb: client: make use of smbdirect_socket.recv_io.credits.available
24082642654f3 smb: server: let send_done handle a completion without IB_SEND_SIGNALED
85bf0a73831cc smb: server: fix last send credit problem causing disconnects
5ef18a2e66f2f smb: server: make use of smbdirect_socket.send_io.bcredits
cea7afb097b00 smb: server: let recv_done() queue a refill when the peer is low on credits
66c082e3d4651 smb: server: make use of smbdirect_socket.recv_io.credits.available
88cf40f7b5fb4 smb: smbdirect: introduce smbdirect_socket.send_io.bcredits.*
e811e60e1cc79 smb: smbdirect: introduce smbdirect_socket.recv_io.credits.available
cd25e0d809531 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()
e4a8a96a93d08 ksmbd: add chann_lock to protect ksmbd_chann_list xarray
71b5e7c528315 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
c4b9edd559873 smb: client: split cached_fid bitfields to avoid shared-byte RMW races
1658b66fed206 io_uring: allow io-wq workers to exit when unused
f02693a40e407 io_uring/io-wq: add exit-on-idle state
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 70926f5
---------------------------
yocto-bsp: update to v6.18.11
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
ee4fb138af107 Linux 6.18.11
32f08c3ddd6dd gpio: omap: do not register driver in probe()
116f7bd8160c6 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add
24a253c3aa6d9 PCI: endpoint: Avoid creating sub-groups asynchronously
60b75407c172e drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
ed82e7949f5ca xfs: fix UAF in xchk_btree_check_block_owner
d741534302f71 erofs: fix UAF issue for file-backed mounts w/ directio option
1d6bd6183e723 bus: fsl-mc: fix use-after-free in driver_override_show()
d14e991279831 scsi: qla2xxx: Query FW again before proceeding with login
f04840512438a scsi: qla2xxx: Free sp in error path to fix system crash
c068ebbaf5282 scsi: qla2xxx: Delay module unload while fabric scan in progress
ae49d33bfc08b scsi: qla2xxx: Allow recovery for tape devices
1a9585e4c58d1 scsi: qla2xxx: Validate sp before freeing associated memory
1339455044155 wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon()
46c1d56ad321f hfs: ensure sb->s_fs_info is always cleaned up
4aa45f841413c nilfs2: Fix potential block overflow that cause system hang
52505d7f713bf crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req
e69a7b0a71b65 crypto: virtio - Add spinlock protection with virtqueue notification
2ed27b5a11743 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly
62c89e1992c86 crypto: octeontx - Fix length check to avoid truncation in ucode_load_store
d75207465eed2 crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode
65a0016016e8b ALSA: hda/conexant: Add quirk for HP ZBook Studio G4
be7a9bcee0ca6 Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB
8d76b2488eb3c driver core: enforce device_lock for driver_match_device()
16c8be3d55441 smb: client: let send_done handle a completion without IB_SEND_SIGNALED
6bf260ace7301 smb: client: let smbd_post_send_negotiate_req() use smbd_post_send()
69ce4ae2ab65c smb: client: fix last send credit problem causing disconnects
cca0526ef2344 smb: client: make use of smbdirect_socket.send_io.bcredits
9eff83600edf6 smb: client: use smbdirect_send_batch processing
d059e5fc49755 smb: client: introduce and use smbd_{alloc, free}_send_io()
1f3e8e2c67cbc smb: client: split out smbd_ib_post_send()
8786127068d51 smb: client: port and use the wait_for_credits logic used by server
1fe0f989beb8b smb: client: remove pointless sc->send_io.pending handling in smbd_post_send_iter()
2b08ca3ab6cc5 smb: client: remove pointless sc->recv_io.credits.count rollback
b9ec75aba3c8f smb: client: let smbd_post_send() make use of request->wr
5b69ba9978dd0 smb: client: let recv_done() queue a refill when the peer is low on credits
f664e6e8a8110 smb: client: make use of smbdirect_socket.recv_io.credits.available
24082642654f3 smb: server: let send_done handle a completion without IB_SEND_SIGNALED
85bf0a73831cc smb: server: fix last send credit problem causing disconnects
5ef18a2e66f2f smb: server: make use of smbdirect_socket.send_io.bcredits
cea7afb097b00 smb: server: let recv_done() queue a refill when the peer is low on credits
66c082e3d4651 smb: server: make use of smbdirect_socket.recv_io.credits.available
88cf40f7b5fb4 smb: smbdirect: introduce smbdirect_socket.send_io.bcredits.*
e811e60e1cc79 smb: smbdirect: introduce smbdirect_socket.recv_io.credits.available
cd25e0d809531 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()
e4a8a96a93d08 ksmbd: add chann_lock to protect ksmbd_chann_list xarray
71b5e7c528315 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
c4b9edd559873 smb: client: split cached_fid bitfields to avoid shared-byte RMW races
1658b66fed206 io_uring: allow io-wq workers to exit when unused
f02693a40e407 io_uring/io-wq: add exit-on-idle state
41cec610f6906 Linux 6.18.10
31b593fbece63 riscv: Add intermediate cast to 'unsigned long' in __get_user_asm
ecd164120c248 ALSA: usb-audio: Use the right limit for PCM OOB check
24ad4cfac0b8e ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU.
57bac08056787 spi: tegra114: Preserve SPI mode bits in def_command1_reg
b8eec12aa666c spi: tegra: Fix a memory leak in tegra_slink_probe()
2ac3a105e5149 spi: tegra210-quad: Protect curr_xfer check in IRQ handler
d51554dc05695 spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer
3bc293d5b5650 spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer
2d3c0122e9611 spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one
51013068438ac spi: tegra210-quad: Move curr_xfer read inside spinlock
e1777c400b7a9 spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer
b767cf2d4efc8 regulator: spacemit-p1: Fix n_voltages for BUCK and LDO regulators
3f9b508b3eecc i2c: imx: preserve error state in block data length handler
e71e3fa90a151 gpio: loongson-64bit: Fix incorrect NULL check after devm_kcalloc()
279cb9180510f ASoC: amd: fix memory leak in acp3x pdm dma ops
8434b351cd4ea ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update()
01d2fb15f15c1 firmware: cs_dsp: rate-limit log messages in KUnit builds
abd66845227c5 firmware: cs_dsp: Factor out common debugfs string read
b8ad2d53f706a ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF
f3ed399e9aa6f nvme-pci: handle changing device dma map requirements
3c58f6121863c drm/xe/guc: Fix CFI violation in debugfs access.
8b68a45f9722f netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()
32ddd09d1103e hwmon: (occ) Mark occ_init_attribute() as __printf
8abb71d4a1dce drm/xe/pm: Disable D3Cold for BMG only on specific platforms
7c5db0957a230 drm/xe/query: Fix topology query pointer advance
184a84f03b5e6 drm/mgag200: fix mgag200_bmc_stop_scanout()
2e5edb69e5d0e net: gro: fix outer network offset
589a530ae44d0 net: add proper RCU protection to /proc/net/ptype
9f42cb8fafd6d net: ethernet: adi: adin1110: Check return value of devm_gpiod_get_optional() in adin1110_check_spi()
100f3bf914612 drm/amd/display: fix wrong color value mapping on MCM shaper LUT
0031f8829c7fb wifi: iwlwifi: mvm: pause TCM on fast resume
9b9f52f052f49 wifi: iwlwifi: mld: cancel mlo_scan_start_wk
5a2b4b0e9c003 net: enetc: Convert 16-bit register reads to 32-bit for ENETC v4
566ea5769ec27 net: enetc: Convert 16-bit register writes to 32-bit for ENETC v4
f346253e5fd95 net: enetc: Remove CBDR cacheability AXI settings for ENETC v4
d98745c68023f net: enetc: Remove SI/BDR cacheability AXI settings for ENETC v4
c175b1eaf729e tipc: use kfree_sensitive() for session key material
f3931416cbdd0 net: rss: fix reporting RXH_XFRM_NO_CHANGE as input_xfrm for contexts
2718ae6af7445 linkwatch: use __dev_put() in callers to prevent UAF
64cf3016234ce io_uring/zcrx: fix page array leak
fad7334082cd1 net: don't touch dev->stats in BPF redirect paths
8860ddf0e07be hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify()
1b2efc593dca9 net: usb: r8152: fix resume reset deadlock
cdedcd5aa3f3c macvlan: fix error recovery in macvlan_common_newlink()
c9e4daf62ca07 net: sfp: Fix quirk for Ubiquiti U-Fiber Instant SFP module
8553bf2e09828 i40e: drop udp_tunnel_get_rx_info() call from i40e_open()
07bb882485f89 ice: drop udp_tunnel_get_rx_info() call from ndo_open()
7565d4df66b66 ice: Fix PTP NULL pointer dereference during VSI rebuild
ef72678c9df0e ice: PTP: fix missing timestamps on E825 hardware
6801ef140fc33 ice: fix missing TX timestamps interrupts on E825 devices
1b381a638e185 dpaa2-switch: add bounds check for if_id in IRQ handler
4640fa5ad5e1a net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup
293eaad0d6d6b net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup
d028147ae0640 net: liquidio: Initialize netdev pointer before queue setup
155eb99aff292 dpaa2-switch: prevent ZERO_SIZE_PTR dereference when num_ifs is zero
8a672f177ebe1 net/sched: cls_u32: use skb_header_pointer_careful()
9b186feb75267 net: add skb_header_pointer_careful() helper
f8611a7981cd0 hwmon: (dell-smm) Add Dell G15 5510 to fan control whitelist
9ee608a64e37c smb/client: fix memory leak in smb2_open_file()
faff38ebbfe63 platform/x86/intel/tpmi/plr: Make the file domain<n>/status writeable
9029ccfab2ca9 platform/x86: hp-bioscfg: Skip empty attribute names
6c45a5a7e1e3b platform/x86: intel_telemetry: Fix PSS event register mask
f93ae43780b75 platform/x86: toshiba_haps: Fix memory leaks in add/remove routines
245ff08e261ce Revert "drm/amd/display: pause the workload setting in dm"
98bf5bc8cb8cb tracing: Avoid possible signed 64-bit truncation
6dd87f6afe9e9 ALSA: hda/realtek: ALC269 fixup for Lenovo Yoga Book 9i 13IRU8 audio
3228b2eceb6c3 btrfs: reject new transactions if the fs is fully read-only
b4b065a880997 wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice
ccb3c75d57039 btrfs: sync read disk super and set block size
7a1bec39c014e wifi: mac80211: correctly check if CSA is active
990e40fb1d111 btrfs: fix Wmaybe-uninitialized warning in replay_one_buffer()
3835e49e146a4 scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()
108cbf2b7d295 ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU
1d5f2329ab4df io_uring/rw: free potentially allocated iovec on cache put failure
c65a1a72a41e4 riscv: Use 64-bit variable for output in __get_user_asm
4530f4e4d0e6a scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
8a7ef96e6af91 wifi: cfg80211: Fix bitrate calculation overflow for HE rates
36e88bd40a8c0 spi: intel-pci: Add support for Nova Lake SPI serial flash
7178b36de1850 ALSA: usb-audio: Add delay quirk for MOONDROP Moonriver2 Ti
f08f2d2907675 regmap: maple: free entry on mas_store_gfp() failure
7d4c9c448c2b3 spi: hisi-kunpeng: Fixed the wrong debugfs node name in hisi_spi debugfs initialization
66b73d3f2cfc7 ALSA: hda/tas2781: Add newly-released HP laptop
e6ce61e01c9a2 ASoC: tlv320adcx140: Propagate error codes during probe
3ba3d959c17aa ASoC: amd: yc: Fix microphone on ASUS M6500RE
1c90f930e7b41 nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready()
62932d9ed639a ALSA: usb-audio: Prevent excessive number of frames
e810b290922c5 nvme-fc: release admin tagset if init fails
a883080063f97 ASoC: simple-card-utils: Check device node before overwrite direction
61fa85497c7b7 ASoC: davinci-evm: Fix reference leak in davinci_evm_probe
9f665b3c3d9a1 dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()
921903d73967f ASoC: Intel: sof_sdw: Add new quirks for PTL on Dell with CS42L43
74309a4b0ffc7 wifi: mac80211: collect station statistics earlier when disconnect
da1880c7b6b83 HID: Elecom: Add support for ELECOM M-XT3DRBK (018C)
71434e45bf124 HID: logitech: add HID++ support for Logitech MX Anywhere 3S
b1f8285bc8e35 riscv: trace: fix snapshot deadlock with sbi ecall
151589d15ee87 ring-buffer: Avoid softlockup in ring_buffer_resize() during memory free
cd7ff7fd3e4b7 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset
ecb8653a8fe9d HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101)
1e84a807c98a7 HID: Intel-thc-hid: Intel-thc: Add safety check for reading DMA buffer
2124279f1f8c3 HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report()
6e2108daed94e HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list
645671377158f drm/amd/display: Reduce number of arguments of dcn30's CalculatePrefetchSchedule()
eb5d6dedadd66 netfilter: replace -EEXIST with -EBUSY
ddab2d0f93200 PCI: qcom: Remove ASPM L0s support for MSM8996 SoC
3210077ed2648 ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk
5b9bbe3d7bb90 x86/sev: Disable GCOV on noinstr object
75f1f512b1567 ALSA: hda/realtek: Add quirk for Acer Nitro AN517-55
747b9a7d4c712 HID: playstation: Center initial joystick axes to prevent spurious events
7ae5b35148119 HID: intel-ish-hid: Reset enum_devices_done before enumeration
8b44e75379510 riscv: Sanitize syscall table indexing under speculation
28768bd3abf99 btrfs: fix reservation leak in some error paths when inserting inline extent
a206870513cda HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL
ea5ef771f3c26 HID: intel-ish-hid: Update ishtp bus match to support device ID table
6de3a371a8b9f btrfs: do not free data reservation in fallback from inline due to -ENOSPC
70dd3513ed6ac smb/server: fix refcount leak in parse_durable_handle_context()
c2ed4f71e9288 LoongArch: Enable exception fixup for specific ADE subcode
2bb9c8a77df50 io_uring: use GFP_NOWAIT for overflow CQEs on legacy rings
4665e52bde3b1 smb/server: fix refcount leak in smb2_open()
0107b18cd8ac1 md: suspend array while updating raid_disks via sysfs
9531210f348aa LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED
fdda836fcee6f smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe()
f309b2c7df659 block,bfq: fix aux stat accumulation destination
86acdc1791944 platform/x86: dell-lis3lv02d: Add Latitude 5400
ff6892ea544c4 wifi: iwlwifi: Implement settime64 as stub for MVM/MLD PTP
6b7c60feab3c6 net: usb: sr9700: support devices with virtual driver CD
10d3ff7e5812c wifi: mac80211: don't WARN for connections on invalid channels
689a7980e4788 wifi: wlcore: ensure skb headroom before skb_push
e0bd226804f8e wifi: mac80211: ocb: skip rx_no_sta when interface is not joined
abd219fd48b11 tracing: Fix ftrace event field alignments
116ffca92dc4d binderfs: fix ida_alloc_max() upper bound
e9bcfe865188a binder: fix BR_FROZEN_REPLY error log
a6050dedb6f1c binder: fix UAF in binder_netlink_report()
287221c5e0707 rust_binderfs: fix ida_alloc_max() upper bound
685bb05d307ac rust_binder: add additional alignment checks
598fe3ff32e43 rust_binder: correctly handle FDA objects of length zero
13de38aa3ea7a sched/fair: Have SD_SERIALIZE affect newidle balancing
de7cb4282dafc sched/fair: Skip sched_balance_running cmpxchg when balance is not due
3a15c519d2b0f bus: mhi: host: pci_generic: Add Telit FE990B40 modem support
fa2274bb17a4a treewide: Drop pci_save_state() after pci_restore_state()
71c50e60421bb PCI/ERR: Ensure error recoverability at all times
1a893bd719121 hwmon: (gpio-fan) Allow to stop FANs when CONFIG_PM is disabled
37751b6d0b6b5 hwmon: (gpio-fan) Fix set_rpm() return value
4385b2f284354 KVM: Don't clobber irqfd routing type when deassigning irqfd
7a245ef476ffb KVM: selftests: Add -U_FORTIFY_SOURCE to avoid some unpredictable test failures
a82647e1a9499 net: spacemit: k1-emac: fix jumbo frame support
d5b3a66986697 net: cpsw_new: Execute ndo_set_rx_mode callback in a work queue
488009aa62bb1 net: cpsw: Execute ndo_set_rx_mode callback in a work queue
ef763b480a3de nouveau/gsp: fix suspend/resume regression on r570 firmware
a20887d5239a3 nouveau/gsp: use rpc sequence numbers properly.
9cc8caba82c2b nouveau: add a third state to the fini handler.
5f645222eb30c Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem"
7b6a0f121d502 mm, shmem: prevent infinite loop on truncate race
41a7b9ab855c8 gve: Correct ethtool rx_dropped calculation
11f8311f69e4c gve: Fix stats report corruption on queue count change
e9cdd54797dc2 drm/amd: Set minimum version for set_hw_resource_1 on gfx11 to 0x52
d3081353acaa6 cgroup/dmem: avoid pool UAF
5c38604abbfa5 cgroup/dmem: avoid rcu warning when unregister region
c13816e8fa23d cgroup/dmem: fix NULL pointer dereference when setting max
e258ed369c9e0 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
35e6fd0d5bc30 ARM: 9468/1: fix memset64() on big-endian
46dfdb6f7a79d rbd: check for EOD after exclusive lock is ensured to be held
57b36ffc8881d ceph: fix NULL pointer dereference in ceph_mds_auth_match()
e8af57e090790 mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single
cbc03ce3e6ce7 procfs: avoid fetching build ID while holding VMA lock
eb54ce033b344 pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains
11ca03ce17d7d pmdomain: imx8mp-blk-ctrl: Keep usb phy power domain on for system wakeup
5171a3dddf427 pmdomain: imx: gpcv2: Fix the imx8mm gpu hang due to wrong adb400 reset
72129d55be9ce pmdomain: imx8mp-blk-ctrl: Keep gpc power domain on for system wakeup
d72563e402bab pmdomain: qcom: rpmpd: fix off-by-one error in clamping to the highest state
5727ccf9d19ca ALSA: aloop: Fix racy access at PCM trigger
21816bbc8492f platform/x86: intel_telemetry: Fix swapped arrays in PSS output
b5a02290ee3a4 KVM: x86: Explicitly configure supported XSS from {svm,vmx}_set_cpu_caps()
a94b956bb7272 x86/kfence: fix booting on 32bit non-PAE systems
feb603a69f830 x86/vmware: Fix hypercall clobbers
ab200d71553bd nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4bbc647
---------------------------
yocto-bsp: update to v6.18.9
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
adb851edb7078 Linux 6.18.9
0d26aa84ff0b7 mptcp: avoid dup SUB_CLOSED events after disconnect
01b0831d71b6d sched_ext: Fix SCX_KICK_WAIT to work reliably
664e78f2d4ec3 sched_ext: Don't kick CPUs running higher classes
edb9fab1b78c6 net/sched: act_ife: convert comma to semicolon
5b22c6cbabc78 Revert "drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit)"
ab21cf885fb2a libbpf: Fix -Wdiscarded-qualifiers under C23
f749b366b8e79 gpiolib: acpi: Fix potential out-of-boundary left shift
84df65fcfbff1 iommu/tegra241-cmdqv: Reset VCMDQ in tegra241_vcmdq_hw_init_user()
078377b07f8e8 drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule()
ac251d17d8af5 drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove
2d9bff2af0adb drm/amdgpu/gfx12: adjust KGQ reset sequence
d9790cf8bbe80 drm/amdgpu/gfx12: fix wptr reset in KGQ init
4867b512bb7f5 drm/amdgpu/gfx11: adjust KGQ reset sequence
018892bd9a0c0 drm/amdgpu/gfx11: fix wptr reset in KGQ init
75ebd42441702 drm/amdgpu/gfx10: fix wptr reset in KGQ init
9a6d87fbe3f51 drm/amdgpu/soc21: fix xclk for APUs
5f841c308c453 drm/amd/pm: fix smu v14 soft clock frequency setting issue
191e22e5d742e drm/amd/pm: fix smu v13 soft clock frequency setting issue
ca68745e820ec drm/imx/tve: fix probe device leak
31203f5680c3d drm/msm/a6xx: fix bogus hwcg register updates
a4ea228271cd4 drm/tyr: depend on `COMMON_CLK` to fix build error
3e845c46dfe5a drm/xe/xelp: Fix Wa_18022495364
ae8831ee0fb2f drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl()
dd222df5b356e scripts: generate_rust_analyzer: Add compiler_builtins -> core dep
8afa6c4d7abfb scripts: generate_rust_analyzer: fix resolution of #[pin_data] macros
2426867644cc7 scripts: generate_rust_analyzer: compile sysroot with correct edition
ce798a0fe6b79 scripts: generate_rust_analyzer: remove sysroot assertion
595718c74f85b scripts: generate_rust_analyzer: Add pin_init_internal deps
5bfa32ff75b50 scripts: generate_rust_analyzer: Add pin_init -> compiler_builtins dep
e82f822ed1472 rust: sync: refcount: always inline functions using build_assert with arguments
4bb727f4b0614 rust: sync: atomic: Provide stub for `rusttest` 32-bit hosts
625605ac8be50 rust: bits: always inline functions using build_assert with arguments
3d48d59235c49 net: fix segmentation of forwarding fraglist GRO
b23bee8cdb7aa mm/shmem, swap: fix race of truncate and swap entry split
40aed8b856580 mm/memory-failure: teach kill_accessing_process to accept hugetlb tail page pfn
b0020cbd26380 mm, swap: restore swap_space attr aviod kernel panic
4f57516293fda mm/memory-failure: fix missing ->mf_stats count in hugetlb poison
c71fae335dfe7 mm/kfence: randomize the freelist on initialization
629666d20c7dc btrfs: do not strictly require dirty metadata threshold for metadata writepages
b91a84299d72a flex_proportions: make fprop_new_period() hardirq safe
131af3df59b24 selftests: mptcp: join: fix local endp not being tracked
e73aab3337833 selftests: mptcp: check subflow errors in close events
8d4ccc10a77f0 selftests: mptcp: check no dup close events after error
35bb480000cd2 mptcp: only reset subflow errors when propagated
33f971476ffc1 mm/kasan: fix KASAN poisoning in vrealloc()
0ac0e2e64b068 gpio: rockchip: Stop calling pinctrl for set_direction
f69cae1bf44ca ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
68207ceefd71c nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference
e4e15a0a4403c efivarfs: fix error propagation in efivar_entry_get()
14ca9fa020829 scsi: qla2xxx: edif: Fix dma_free_coherent() size
5ba425a7bab31 kbuild: rust: clean libpin_init_internal in mrproper
e4c0a92146ddf gpio: pca953x: mask interrupts in irq shutdown
cb69b0a0c0aaf ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO
98e0bc206a321 scsi: be2iscsi: Fix a memory leak in beiscsi_boot_get_sinfo()
91539cf522ed0 ASoC: fsl: imx-card: Do not force slot width to sample width
8b581837295fc rust: kbuild: give `--config-path` to `rustfmt` in `.rsi` target
50c66cb08070c rust: rbtree: fix documentation typo in CursorMut peek_next method
fe9a1a825b4ae riscv: compat: fix COMPAT_UTS_MACHINE definition
b038874e31fc3 firewire: core: fix race condition against transaction list
a28fce0365e1c perf: sched: Fix perf crash with new is_user_task() helper
112d497809970 pinctrl: qcom: sm8350-lpass-lpi: Merge with SC7280 to fix I2S2 and SWR TX pins
e81d1bc4ea791 pinctrl: meson: mark the GPIO controller as sleeping
e0468c4527a22 pinctrl: lpass-lpi: implement .get_direction() for the GPIO driver
b1f41c1f0bbbe writeback: fix 100% CPU usage when dirtytime_expire_interval is 0
36370892e3111 sched/deadline: Fix 'stuck' dl_server
0bbcb7586bc81 sched/deadline: Document dl_server
32887d8e4bc06 drm/xe/nvm: Fix double-free on aux add failure
02dc6cf6409e5 drm/xe/nvm: Manage nvm aux cleanup with devres
2859fa957a936 drm/xe/configfs: Fix is_bound() pci_dev lifetime
64364ccf491c7 dma/pool: distinguish between missing and exhausted atomic pools
d36c4149ea224 bcache: fix I/O accounting leak in detached_dev_do_request
7b72d76a58e6b bcache: use bio cloning for detached device requests
db6e287bd6e80 bcache: fix improper use of bi_end_io
23f9f9c46edd9 of: reserved_mem: Allow reserved_mem framework detect "cma=" kernel param
14e32032c42fe of/reserved_mem: Simplify the logic of fdt_scan_reserved_mem_reg_nodes()
8d9c5ceff4b53 kbuild: Fix permissions of modules.builtin.modinfo
32d8f998bb8d4 kbuild: rpm-pkg: Generate debuginfo package manually
d4dbada7ac6f3 gpio: brcmstb: correct hwirq to bank map
546e62c3fb29a drm/amd/pm: fix race in power state check before mutex lock
7bec90f605cfb gpio: virtuser: fix UAF in configfs release path
c0ce86d92565b gpiolib: acpi: use BIT_ULL() for u64 mask in address space handler
ecb638fb9a5cc ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion
e67828aeb58d9 drm/xe: Skip address copy for sync-only execs
4d7b7abb525b4 ASoC: soc-acpi-intel-ptl-match: fix name_prefix of rt1320-2
a42bdbcada187 scsi: firewire: sbp-target: Fix overflow in sbp_make_tpg()
aabc36857bd39 wifi: mac80211: correctly decode TTLM with default link map
a4f9a19a266e6 wifi: mac80211: apply advertised TTLM from association response
b8d890f8c3223 wifi: mac80211: parse all TTLM entries
cc3f137d36fda net/mlx5e: Skip ESN replay window setup for IPsec crypto offload
19bb3c68e18cf net/mlx5: Fix vhca_id access call trace use before alloc
fc3da1466af5f net/mlx5: Initialize events outside devlink lock
2614734c4bc67 net/mlx5: fs, Fix inverted cap check in tx flow table root disconnect
335031cacd7e8 net: phy: micrel: fix clk warning when removing the driver
92db64d3546f9 net/mlx5e: don't assume psp tx skbs are ipv6 csum handling
f4bb58e14f042 net: bridge: fix static key check
c3369fc5e6120 nfc: nci: Fix race between rfkill and nci_unregister_device().
92e0483402afc net/mlx5e: Account for netdev stats in ndo_get_stats64
fdf8437016f57 net/mlx5e: TC, delete flows only for existing peers
2df2aad9cf2f4 ice: stop counting UDP csum mismatch as rx_errors
36126ddbe9247 ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues
214aed313f7a5 ixgbe: don't initialize aci lock in ixgbe_recovery_probe()
c721ea2ff5672 ixgbe: fix memory leaks in the ixgbe_recovery_probe() path
bd25b092a06a3 bonding: fix use-after-free due to enslave fail after slave array update
61858cbce6ca4 nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame().
fdb99161cbef2 net: spacemit: Check for netif_carrier_ok() in emac_stats_update()
1f1b9523527df mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()
dce375f4afc34 rocker: fix memory leak in rocker_world_port_post_fini()
cdc4deb9e7be2 net/mlx5: Fix return type mismatch in mlx5_esw_vport_vhca_id()
2c0fb0f60bc15 net: wwan: t7xx: fix potential skb->frags overflow in RX path
500c1237c9a13 ipv6: use the right ifindex when replying to icmpv6 from localhost
0b74c6e132737 net: mvpp2: cls: Fix memory leak in mvpp2_ethtool_cls_rule_ins()
590c8179ffb01 sfc: fix deadlock in RSS config read
bd98324e327e4 bonding: annotate data-races around slave->last_rx
d753f3c3f9d7a octeon_ep: Fix memory leak in octep_device_setup()
f14d881f0a5aa net: bcmasp: fix early exit leak with fixed phy
713ba826ae114 can: gs_usb: gs_usb_receive_bulk_callback(): fix error message
23f40dbda938e net/mlx5: Fix memory leak in esw_acl_ingress_lgcy_setup()
3b63185053788 Bluetooth: MGMT: Fix memory leak in set_ssp_complete
03e8c90c62233 Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work
4081d53864dae can: at91_can: Fix memory leak in at91_can_probe()
e80617a5e1c24 btrfs: zlib: fix the folio leak on S390 hardware acceleration
474f851ec5e2e readdir: require opt-in for d_type flags
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4c156ef
---------------------------
poky: Add Fedora 43 to sanity tested distros list
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f3b63d0
---------------------------
poky: Update after core default changes
These changes were moved into defaultsetup.conf and therefore are no longer
needed here.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2486ce2
---------------------------
yocto-bsp: linux-yocto/6.18: update to v6.18.8
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
d905362ff5b86 Linux 6.18.8
5b0caf3913e72 mm/vma: enforce VMA fork limit on unfaulted,faulted mremap merge too
a4d9dbfc1bab1 mm/vma: fix anon_vma UAF on mremap() faulted, unfaulted merge
9966c8cc987e3 irqchip/renesas-rzv2h: Prevent TINT spurious interrupt during resume
79966baabcfe9 arm64: dts: qcom: talos: Correct UFS clocks ordering
25be3c170ff8e iio: core: add separate lockdep class for info_exist_lock
2dabc85131c84 iio: core: Replace lockdep_set_class() + mutex_init() by combined call
c5dbad55ce02a mm/hugetlb: fix two comments related to huge_pmd_unshare()
918ba220debc4 mm: fix some typos in mm module
908795c02dbc7 Bluetooth: btintel_pcie: Support for S4 (Hibernate)
ab140fc931083 gpio: cdev: Fix resource leaks on errors in gpiolib_cdev_register()
16414341b0dd5 gpio: cdev: Fix resource leaks on errors in lineinfo_changed_notify()
919f27eb24b0e gpio: cdev: Correct return code on memory allocation failure
e7200b0a4b2a5 drm/xe: fix WQ_MEM_RECLAIM passed as max_active to alloc_workqueue()
85d4652f9cdcf drm/xe: Adjust page count tracepoints in shrinker
569ed6a73e927 drm/bridge: synopsys: dw-dp: fix error paths of dw_dp_bind
ce2cca8e27d16 drm/amdgpu: remove frame cntl for gfx v12
07e9373739c63 can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak
d374d715e338d can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak
3b1a593eab941 can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak
a9503ae43256e can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak
68c62b3e53901 can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak
aac95b3dd1c26 net: txgbe: remove the redundant data return in SW-FW mailbox
69b5b028fc130 net: sfp: add potron quirk to the H-COM SPP425H-GAB4 SFP+ Stick
326470b33c28a net: fec: account for VLAN header in frame length calculations
03faa61eb4b9c irqchip/gic-v3-its: Avoid truncating memory addresses
cdb3f95a94f9f perf/x86/intel: Do not enable BTS for guests
f8cf1368e0a54 rxrpc: Fix data-race warning and potential load/store tearing
8a957e6d3d262 rust: irq: always inline functions using build_assert with arguments
ad60902a98181 rust: io: always inline functions using build_assert with arguments
8776dfa846d5c pmdomain:rockchip: Fix init genpd as GENPD_STATE_ON before regulator ready
fd675de6bddf7 pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu
bbcca5a60c88a platform/x86: hp-bioscfg: Fix automatic module loading
9f5fa78d9980f netrom: fix double-free in nr_route_frame()
92e4f11e29b98 uacce: ensure safe queue release with state management
ba29b59d124e7 uacce: implement mremap in uacce_vm_ops to return -EPERM
82821a681d5dc uacce: fix isolate sysfs check condition
bd2393ed77125 uacce: fix cdev handling in the cleanup path
242cbb3df97af s390/boot/vmlinux.lds.S: Ensure bzImage ends with SecureBoot trailer
ea1b2081d594b s390/ap: Fix wrong APQN fill calculation
f1cb33a82818d mei: trace: treat reg parameter as string
f9b059bda4276 intel_th: fix device leak on output open()
3b90d099efa2b tracing: Fix crash on synthetic stacktrace field usage
6602bb4d1338e slimbus: core: fix device reference leak on report present
5f13c946ca449 slimbus: core: fix runtime PM imbalance on report present
b8a2639341951 octeontx2: Fix otx2_dma_map_page() error return code
d1943bc9dc950 ksmbd: smbd: fix dma_unmap_sg() nents
6e32070d29d1a arm64: Set __nocfi on swsusp_arch_resume()
7b5a52cf252a0 arm64/fpsimd: signal: Fix restoration of SVE context
70f7f54566afc arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA
4f39984176e7e arm64/fpsimd: ptrace: Fix SVE writes on !SME systems
31efbcff90884 wifi: rsi: Fix memory corruption due to not set vif driver data size
0adefb6396d7b wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize()
4846b32be324f wifi: ath12k: fix dma_free_coherent() pointer
07f363f305793 wifi: ath10k: fix dma_free_coherent() pointer
448a2071a8438 drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit)
41ec698854781 iommu/io-pgtable-arm: fix size_t signedness bug in unmap path
36be050f21dea mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode
6c4555bfd4383 mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function
dc1a5dd80af1e ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()
31a3eba5c265a ALSA: scarlett2: Fix buffer overflow in config retrieval
29f43e8ec7bf0 ALSA: hda/realtek: Add quirk for Samsung 730QED to fix headphone
873e2360d247e ALSA: ctxfi: Fix potential OOB access in audio mixer handling
59e54709f9a97 iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl
db16e7c52032c iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source
de8755ae2912d iio: chemical: scd4x: fix reported channel endianness
d06a4f6c2b186 iio: adc: pac1934: Fix clamped value in pac1934_reg_snapshot
b6ffc2de37253 iio: adc: exynos_adc: fix OF populate on driver rebind
d890234a91570 iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver
348356c91909f iio: adc: ad9467: fix ad9434 vref mask
ad25bb51203d0 iio: accel: iis328dq: fix gain values
fa322c8bb2ea4 iio: accel: adxl380: fix handling of unavailable "INT1" interrupt
1b68efce6dd48 migrate: correct lock ordering for hugetlb file folios
1093e0a96d168 of: platform: Use default match table for /firmware
7685286dd7a5e of: fix reference count leak in of_alias_scan()
67270881c8cf2 panic: only warn about deprecated panic_print on write access
78822628165f3 leds: led-class: Only Add LED to leds_list when it is fully ready
c9aeb168e88d2 keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal
4040b84ec04a6 x86: make page fault handling disable interrupts properly
e343973fab43c Octeontx2-af: Add proper checks for fwdata
236a657422a56 dpll: Prevent duplicate registrations
6c75fed550800 net/sched: act_ife: avoid possible NULL deref
3b796b1ecfd3b hinic3: Fix netif_queue_set_napi queue_index input parameter error
84ef86aa71204 vsock/virtio: cap TX credit to local buffer size
0aa25bbfd5ea5 vsock/test: fix seqpacket message bounds test
ec0f1b3da8061 vsock/virtio: fix potential underflow in virtio_transport_get_credit()
095ec3482a7d3 net: openvswitch: fix data race in ovs_vport_get_upcall_stats
e22381c1299f7 octeontx2-af: Fix error handling
b658306ce3835 net: pcs: pcs-mtk-lynxi: report in-band capability for 2500Base-X
cccf79f688de9 net: dsa: fix off-by-one in maximum bridge ID determination
05f8f55899289 net: bcmasp: Fix network filter wake for asp-3.0
de97735a40a14 bonding: provide a net pointer to __skb_flow_dissect()
cb32707497d48 selftests: net: amt: wait longer for connection before sending packets
31410a01a86bc be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list
f47c6e5a532cc drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors
fbc8d1a39da9f drm/nouveau: add missing DCB connector types
8fd181dada6ea drm/amdgpu: fix type for wptr in ring backup
c6ec1f665f8f7 drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2)
c85aac064f5c2 drm/amd/pm: Don't clear SI SMC table when setting power limit
91243b926ae96 drm/amd/pm: Fix si_dpm mmCG_THERMAL_INT setting
79a074be9b57e sched/fair: Fix pelt clock sync when entering idle
23c0e4bd93d0b perf: Fix refcount warning on event->mmap_count increment
9d88a79e9018c selftests/ublk: fix garbage output in foreground mode
e2f4eac26f018 selftests/ublk: fix error handling for starting device
814e8643b453d selftests/ublk: fix IO thread idle check
26bf09b6320b8 ublk: fix ublksrv pid handling for pid namespaces
437553d649647 drm/xe: Update wedged.mode only after successful reset policy change
7c49c91121194 drm/xe/pm: Add scope-based cleanup helper for runtime PM
e59924c266a45 drm/xe/migrate: fix job lock assert
9bba27c222e0e drm/xe/uapi: disallow bind queue sharing
54c19e7eb2636 clocksource: Reduce watchdog readout delay limit to prevent false positives
0db865321e63d Octeontx2-pf: Update xdp features
00a39a148d2fb usbnet: limit max_mtu based on device's hard_mtu
e3c1040252e59 ipv6: annotate data-race in ndisc_router_discovery()
7ac345a93af31 mISDN: annotate data-race around dev->work
d7beeb64be5ca net: hns3: fix the HCLGE_FD_AD_NXT_KEY error setting issue
bb90d1799073d net: hns3: fix wrong GENMASK() for HCLGE_FD_AD_COUNTER_NUM_M
5e5dae04ef971 be2net: fix data race in be_get_new_eqd
7539ae6c67a75 idpf: Fix data race in idpf_net_dim
b29f51399626b net: hns3: fix data race in hns3_fetch_stats
1f24dfd556401 net: phy: intel-xway: fix OF node refcount leakage
2ea06ebaa4abd idpf: read lower clock bits inside the time sandwich
87c1dacca197c ice: fix devlink reload call trace
a3d99e2fbf014 ice: add missing ice_deinit_hw() in devlink reinit path
ec0bfc3ed7e7f ice: Fix persistent failure in ice_get_rxfh
68462ecc40ea8 netdevsim: fix a race issue related to the operation on bpf_bound_progs list
9eb4e2396cd7f vsock/test: Do not filter kallsyms by symbol type
902fd1026ca42 drm/imagination: Wait for FW trace update command completion
eb98125fa2b33 drm/mediatek: dpi: Find next bridge during probe
fccaa85ffb73c drm/xe: Disable timestamp WA on VFs
aa29fe8c1d86b drm/xe/vm: fix xe_vm_validation_exec() kernel-doc
bc0812416e089 drm/xe/xe_late_bind_fw: fix enum xe_late_bind_fw_id kernel-doc
a807e4f4f63a5 iommu/amd: Fix error path in amd_iommu_probe_device()
06657690854fa ntb: transport: Fix uninitialized mutex
ecb2c8732680c ALSA: usb: Increase volume range that triggers a warning
aa14451fa5d5f scsi: qla2xxx: Sanitize payload size to prevent member overflow
219f009ebfd1e scsi: core: Wake up the error handler when final completions race against each other
1a0072bd1f1e5 platform/x86/amd: Fix memory leak in wbrf_record()
5f1f79cb90f5e platform/mellanox: Fix SN5640/SN5610 LED platform data
e150008568a5d riscv: suspend: Fix stimecmp update hazard on RV32
c4b55a4c600fa riscv: clocksource: Fix stimecmp update hazard on RV32
82fb54efe7e0f kconfig: fix static linking of nconf
c2d2cf710dc3e regmap: Fix race condition in hwspinlock irqsave routine
f6d6b3f172df1 spi: spi-sprd-adi: Fix double free in probe error path
5d7c7e1fb3ec2 interconnect: debugfs: initialize src_node and dst_node to empty strings
bcb9803aa1db7 iio: adc: ad7606: Fix incorrect type for error return variable
489b88567f24d iio: adc: ad7280a: handle spi_setup() errors in probe()
81ed6e42d6e55 iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection
bdf0bf73006ea io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop
8f7c9dbeaa0be timekeeping: Adjust the leap state for the correct auxiliary timekeeper
2fc23eaea11a7 mm: restore per-memcg proactive reclaim with !CONFIG_NUMA
f723037e2bfe3 mm/rmap: fix two comments related to huge_pmd_unshare()
69c4e241ff135 mm/hugetlb: fix hugetlb_pmd_shared()
193922a23d729 platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro
800b2767905d6 platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names
83eae3692c353 drm, drm/xe: Fix xe userptr in the absence of CONFIG_DEVICE_PRIVATE
3f4ed5e2b8f11 fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in wait_sb_inodes()
ec56b9f1c1b9b comedi: Fix getting range information for subdevices 16 to 255
3fe8abec037f5 x86/kfence: avoid writing L1TF-vulnerable PTEs
930114425065f rxrpc: Fix recvmsg() unconditional requeue
f60ba4a97ae3f slab: fix kmalloc_nolock() context check for PREEMPT_RT
37a63671df78f arm64: dts: rockchip: Configure MCLK for analog sound on NanoPi M5
df546b3311582 arm64: dts: rockchip: Fix headphones widget name on NanoPi M5
7eb3e77873605 arm64: dts: rockchip: fix unit-address for RK3588 NPU's core1 and core2's IOMMU
3569a00f66a87 arm64: dts: rockchip: Fix voltage threshold for volume keys for Pinephone Pro
18d2d227ccd77 arm64: dts: rockchip: remove dangerous max-link-speed from helios64
c8039a60c31dc arm64: dts: rockchip: remove redundant max-link-speed from nanopi-r4s
808d8755fc6e6 ARM: dts: microchip: sama7d65: fix size-cells property for i2c3
5f403d64af721 ARM: dts: microchip: sama7d65: fix the ranges property for flx9
cd3c1f823e213 i2c: spacemit: drop IRQF_ONESHOT flag from IRQ request
24c441f0e24da scsi: xen: scsiback: Fix potential memory leak in scsiback_remove()
a5e4d969392ce scsi: storvsc: Process unsupported MODE_SENSE_10
bfe76b0f9f3e9 Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA
2c61ca3c5bed6 Input: i8042 - add quirks for MECHREVO Wujie 15X Pro
5d5b227c92721 Revert "nfc/nci: Add the inconsistency check between the input data length and count"
3f5ef08f302cc w1: fix redundant counter decrement in w1_attach_slave_device()
e6b2609af21b5 w1: therm: Fix off-by-one buffer overflow in alarms_store
169164fe51b27 comedi: dmm32at: serialize use of paged registers
2501c49306238 serial: Fix not set tty->port race condition
0b7383aceaad1 serial: 8250_pci: Fix broken RS485 for F81504/508/512
f4748bfa3d3e2 wifi: mac80211: don't perform DA check on S1G beacon
9532ff0d0e90f crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec
77f1afd0bb4d5 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag
16ed73c1282d3 net/sched: Enforce that teql can only be used as root qdisc
ed80f605edd6c octeontx2: cn10k: fix RX flowid TCAM mask handling
6a81e2db09691 ipvlan: Make the addrs_lock be per port
32d417497b79e l2tp: avoid one data-race in l2tp_tunnel_del_work()
a635ae2a9fdb8 pwm: max7360: Populate missing .sizeof_wfhw in max7360_pwm_ops
4230e8cd2f1b4 pwm: Ensure ioctl() returns a negative errno on error
0f6e1ff56cd27 veth: fix data race in veth_get_ethtool_stats
9b75dff8446ec fou: Don't allow 0 for FOU_ATTR_IPPROTO.
18da5acb3c03d tools: ynl: Specify --no-line-number in ynl-regen.sh.
5437a279804ce gue: Fix skb memleak with inner IP protocol 0.
392b28d404b74 amd-xgbe: avoid misleading per-packet error log
0c4adb1f391a7 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT
c3edc14da81a8 can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error
4f727c422b7fc net: freescale: ucc_geth: Return early when TBI PHY can't be found
5ebc24f9dbe4f selftests: net: fib-onlink-tests: Convert to use namespaces by default
d4ce79e6dce2a l2tp: Fix memleak in l2tp_udp_encap_recv().
43dee6f7ef1d2 bonding: limit BOND_MODE_8023AD to Ethernet devices
b9f0896f8e229 net: usb: dm9601: remove broken SR9700 support
63ef9b300bd09 vsock/virtio: Coalesce only linear skb
88037973c8ef6 igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue
41d7a27c47b8a igc: fix race condition in TX timestamp read for register 0
a38d2c624639c igc: Restore default Qbv schedule when changing channels
695c909d1815b ice: Fix incorrect timeout ice_release_res()
753171a695b93 ice: Avoid detrimental cleanup for bond during interface stop
0bc8d94bf6694 ice: initialize ring_stats->syncp
c35a0cb145f2c wifi: ath12k: Fix wrong P2P device link id issue
06ac2aa13f701 wifi: ath12k: fix dead lock while flushing management frames
c8e5f49667f5f wifi: ath12k: Fix scan state stuck in ABORTING after cancel_remain_on_channel
1aa6698924595 wifi: ath12k: cancel scan only on active scan vdev
887032ba3ff23 ata: libata: Print features also for ATAPI devices
d5529d36e7646 ata: libata: Add DIPM and HIPM to ata_dev_print_features() early return
93f484d63f873 ata: libata: Add cpr_log to ata_dev_print_features() early return
7fe7e7858b32d ata: libata-sata: Improve link_power_management_supported sysfs attribute
05db73211387f ata: libata: Call ata_dev_config_lpm() for ATAPI devices
62ced8e065787 ata: ahci: Do not read the per port area for unimplemented ports
a57459614aa69 wifi: ath12k: don't force radio frequency check in freq_to_idx()
d395afac28adb pmdomain: qcom: rpmhpd: Add MXC to SC8280XP
0f56c3f23ed56 dt-bindings: power: qcom,rpmpd: Add SC8280XP_MXC_AO
4818f28cd9023 btrfs: fix missing fields in superblock backup with BLOCK_GROUP_TREE
6abad2eb9a1bd Drivers: hv: Always do Hyper-V panic notification in hv_kmsg_dump()
4f6884288e4b7 perf parse-events: Fix evsel allocation failure
83eeeb8c1acb7 arm64: dts: rockchip: Fix wrong register range of rk3576 gpu
2d73b3ed28be1 arm64: dts: qcom: sm8650: Fix compile warnings in USB controller node
0e5ad343afa30 arm64: dts: qcom: sm8550: Fix compile warnings in USB controller node
27357b61522f7 arm64: dts: qcom: sc8280xp: Add missing VDD_MXC links
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 059cde8
---------------------------
meta-yocto-bsp: drop 6.16 bbappend
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0e6b3a9
---------------------------
meta-yocto-bsp: drop 6.12 bbappend
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dd43b32
---------------------------
yocto-bsp: Bump the default kernel to v6.18 for beaglebone
Kevin Hao has the beaglebone working on the 6.18 standard
branches. So we bump the default version to 6.18 for the
upcoming LTS release.
Signed-off-by: Kevin Hao <kexin.hao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: de4abc0
---------------------------
parselogs: ignore panfrost fan error message on genericarm64
Some devices don't have active cooling so this is not
an error:
https://ledge.validation.linaro.org/scheduler/job/125155
panfrost ff9a0000.gpu: [drm:panfrost_devfreq_init [panfrost]] Failed to register cooling device
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d3dd8f6
---------------------------
meta-yocto: add .gitignore file
The contents are a direct copy of the .gitignore in meta-openembedded.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dde0c90
---------------------------
meta-poky: Enable NFS server for linux-yocto-dev
Add the NFS kernel server feature to the linux-yocto-dev configuration
to match the standard linux-yocto setup. This is to fix the OEQA tests
with this error:
- runtime - INFO - test_systemd_failed (systemd.SystemdBasicTests.test_systemd_failed)
- runtime - INFO - ... FAIL
- runtime - INFO - Traceback (most recent call last):
File "/lava-downloads/core-image-full-cmdline/meta/lib/oeqa/core/decorator/__init__.py", line 35, in wrapped_f
return func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/lava-downloads/core-image-full-cmdline/meta/lib/oeqa/runtime/cases/systemd.py", line 100, in test_systemd_failed
output += self.systemctl('status --full --failed')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/lava-downloads/core-image-full-cmdline/meta/lib/oeqa/runtime/cases/systemd.py", line 26, in systemctl
self.assertEqual(status, expected, message)
AssertionError: 3 != 0 : SYSTEMD_BUS_TIMEOUT=240s systemctl status --full --failed
× proc-fs-nfsd.mount - NFSD configuration filesystem
Loaded: loaded (/usr/lib/systemd/system/proc-fs-nfsd.mount; static)
Active: failed (Result: exit-code) since Mon 2025-10-13 15:01:58 UTC; 2 months 4 days ago
Invocation: 14e22af5612e4abaa101f1afcf65a5ce
Where: /proc/fs/nfsd
What: nfsd
Mem peak: 1.2M
CPU: 32ms
genericarm64 mount[347]: mount: /proc/fs/nfsd: unknown filesystem type 'nfsd'.
genericarm64 mount[347]: dmesg(1) may have more information after failed mount system call.
genericarm64 systemd[1]: proc-fs-nfsd.mount: Mount process exited, code=exited, status=32/n/a
genericarm64 systemd[1]: proc-fs-nfsd.mount: Failed with result 'exit-code'.
genericarm64 systemd[1]: Failed to mount NFSD configuration filesystem.
Signed-off-by: Javier Tia <javier.tia@linaro.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c23c19e
---------------------------
poky: Post release version bump so we're after whinlatter
Move master to be a version after whinlatter.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
openembedded-core
---------------------------
Commit: 8061433fcd
---------------------------
spdx: Update to latest bindings
Updates the to bindings generated from version 1.0.0 of shacl2code.
These bindings make some changes to the way extension classes are
generated, add support for context in generate SPDX files, and are about
25% faster and more space efficient than the previous version
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 45019a49f9
---------------------------
spdx: Remove do_collect_spdx_deps task
Removes the do_collect_spdx_deps task. This task was added a long time
ago, and appears to have been added due to a misunderstanding about how
the task graph works. It is not necessary since tasks can directly call
collect_direct_deps() with the appropriate task that they depend on to
get their dependencies.
This should fix several classes of SPDX bug where documents could not be
found because the wrong deps were being looked for due to which tasks
were re-run
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8e8d0becac
---------------------------
spdx3: Use common variable for vardeps
Instead of repeating the vardeps for each SPDX task with the necessary
variables, use a common variable to make it easier to manage
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 96a4b4b18d
---------------------------
spdx: Remove fatal errors for missing providers
When creating images and SDKs, do not error on missing providers. This
allows recipes to use the `nospdx` inherit to prevent SPDX from being
generated, but not result in an error when assembling the final image.
Note that runtime packages generation already ignored missing
providers, so this is changing image and SDK generation to match
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6406240932
---------------------------
spdx30: Remove package VEX
Removes VEX statements from packages. These are no longer necessary
since the VEX data is now attached to the recipes, which significantly
reduces the duplication of the data, and thus the size of the SPDX
output files.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 667a06a9d4
---------------------------
spdx_common: Check for dependent task in task flags
Checks that the task being used to detect dependencies is present in at
least one dependency task flag of the current task. This helps prevent
errors where the wrong task is specified and never found.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0cb75bd7f9
---------------------------
spdx: De-duplicate CreationInfo
De-duplicates CreationInfo objects that are identical (except for ID)
when writing out an SBoM. This significantly reduces the number of
CreationInfo objects that end up in the final document.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e85daf516
---------------------------
spdx30: Include patch file information in VEX
Modifies the SPDX VEX output to include the patches that fix a
particular vulnerability. This is done by adding a `patchedBy`
relationship from the `VexFixedVulnAssessmentRelationship` to the `File`
that provides the fix.
If the file can be located without fetching (e.g. is a file:// in
SRC_URI), the checksum will be included.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ca92ab825c
---------------------------
spdx3: Add is-native property
Adds a custom is-native property to the recipe package to indicate if it
is a native recipe
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1b926c8cf7
---------------------------
spdx3: Add recipe SBoM task
Adds a task that will create the complete recipe-level SBoM for a given
target recipe, following all dependencies. For example:
```
bitbake -c create_recipe_sbom zstd
```
Would produce the complete recipe SBoM for the zstd recipe, include all
build time dependencies (recursively).
The complete SBoM for all (target) recipes can be built with:
```
bitbake meta-world-recipe-sbom
```
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d999ac407c
---------------------------
spdx3: Add recipe SPDX data
Adds a new package to the SPDX output that represents the recipe data
for a given recipe. Importantly, this data contains only things that can
be determined statically from only the recipe, so it doesn't require
fetching or building anything. This means that build time dependencies
and CVE information for recipes can be analyzed without needing to
actually do any builds.
Sadly, license data cannot be included because NO_GENERIC_LICENSE means
that actual license text might only be available after do_fetch
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 13cd668c77
---------------------------
packagegroup-core-tools-profile: add lttng-modules to LTTNGTOOLS
It has removed lttng-modules from lttng-tools's RRECOMMENDS, so add
lttng-modules to LTTNGTOOLS in packagegroup-core-tools-profile.bb to
make its dependent packages unchanged.
[RP: Fix for riscv64 which doesn't support lttng-modules]
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bcc58d4db0
---------------------------
lttng-tools: not rrecommend on lttng-modules
As in the lttng manual [1]:
Most distributions mark the LTTng-modules and LTTng-UST packages as
optional when installing LTTng-tools (which is always required). In
the following sections, we always provide the steps to install all
three, but note that:
* You only need to install LTTng-modules if you intend to use the
Linux kernel LTTng tracer.
* You only need to install LTTng-UST if you intend to use the user
space LTTng tracer.
there should be no force dependency between lttng-tools and
lttng-modules. When set lttng-modules in RRECOMMENDS, it always forces
to build lttng-modules whether it is required or not.
Compare to rpm spec [2] and debian conf [3], there are no any dependency
between them too.
So remove the RRECOMMENDS setting.
[1]: https://lttng.org/docs/v2.14/#doc-installing-lttng
[2]: https://rpmfind.net/linux/RPM/fedora/updates/testing/43/aarch64/Packages/l/lttng-tools-2.14.0-4.fc43.aarch64.html
[3]: https://packages.debian.org/trixie/lttng-tools
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5f34680219
---------------------------
python3: package all of the compression module into python3-compression
Package all of the compression. module into the compression package, as
otherwise some modules such as compression.zstd end up in python3-misc.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 32801348ca
---------------------------
glibc-testsuite: Do not generate SPDX
glibc-testsuite does not run on target or factor into the build supply
chain, since its purpose is run tests in Qemu at build time
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fd6957926f
---------------------------
meta/*-tarball: Fix SDK PACKAGE_ARCH after recent changes
In "sstate: Tweak SDK sstate package architecture", these PACKAGE_ARCH
values should have been updated to match, fix that.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3a9bdbd4c7
---------------------------
runqemu: fix the checking of STAGING_BINDIR_NATIVE
In previous patch[1], the os.path.exists was accidently called twice.
This is incorrect.
[1] https://git.openembedded.org/openembedded-core/commit/?id=972155bbee02dd8061fee9c07a40f8e9034b9a3c
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aeb2a667b9
---------------------------
documentation.conf: Add LICENSE_FLAGS related variables
The LICENSE_FLAGS, LICENSE_FLAGS_ACCEPTED, and LICENSE_FLAGS_DETAILS
documented in [1] are not listed in documentation.conf. This commit adds
them to the documentation.conf file.
[1] https://docs.yoctoproject.org/dev/dev-manual/licenses.html#enabling-commercially-licensed-recipes
Signed-off-by: Ricardo Ungerer <ungerer.ricardo@gmail.com>
Reviewed-by: Mark Jonas <toertel@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b351aadeb6
---------------------------
barebox-tools: upgrade 2026.01.0 -> 2026.03.0
Highlights in v2026.03.0:
- Security fix: signed FIT image vulnerability fixed; users doing
secure boot with signed FIT images should update to this release
- Added Rockchip RK3562 SoC support along with KickPi K3 board
- USB Fastboot now supports booting Linux kernels generically across
architectures (previously limited to ARM32 zImage)
- CI infrastructure gained PowerPC Qemu test coverage
- ARM NXP i.MX8MP: Fixed SoC UID incorrectly reading 64bit instead of
128bit; enable CONFIG_ARCH_IMX8MP_KEEP_COMPATIBLE_SOC_UID if rolled
out devices depend on constant SoC UID
For full release notes, see:
https://lore.kernel.org/barebox/abQ56zuKfzKlZvcr@pengutronix.de/T/#u
Dropped a local patch 0001-barebox-tools-fix-glibc-2.43-openat2-build.patch
as it has been merged now with this release.
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ff1b7becac
---------------------------
libinput: upgrade 1.30.1-> 1.30.2
1. Changelog
https://gitlab.freedesktop.org/libinput/libinput/-/releases/1.30.2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2681601e44
---------------------------
ccache: upgrade 4.12.3 -> 4.13.1
1. Changelog
https://ccache.dev/releasenotes.html#_ccache_4_13_1
2. Checksum of LICENSE.adoc changed as:
2.1 authors.adoc location changed
2.2 third_party fmt version update
2.3 third_party oss nonstd-span removed
3. Remove LIC_FILES_CHKSUM of nonstd-span as it was removed from third_party
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f5054652f8
---------------------------
oeqa/qemurunner: make the error message about invalid rootfs clearer
Printing "Invalid rootfs" when the rootfs image simply doesn't exist can
be misleading to the user. Print a clearer message to help users understand
the issue.
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 915870472e
---------------------------
documentation.conf: Drop obsolete QMAKE vars
The use of these variables ceased already in 2015, since
commit cb89d2b25b4e ("qt4: remove recipes and classes")
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7a45c8ca22
---------------------------
documentation.conf: Drop obsolete INC_PR
The use of the variable ceased already in 2020, since
commit 3fdd772b419b ("recipes: Remove remaining INC_PR variables")
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b1622286fb
---------------------------
python3-sbom-cve-check: Update to release 1.2.0
Update from release 1.1.0 to 1.2.0. The changelog:
https://github.com/bootlin/sbom-cve-check/blob/v1.2.0/CHANGELOG.md#v120
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a06bb82e5e
---------------------------
gdb: Upgrade 16.3 -> 17.1
GDB 17.1 includes the following changes and enhancements:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=gdb-17.1-release
* x86-64 CET shadow stack support
* Debugging Linux programs that use AArch64 Guarded Control Stacks
* GDB record feature now supports rv64gc architectures
* 'info threads' command support for two new options '-stopped' and '-running'
to limit the list of displayed threads.
* On Linux and FreeBSD, the addresses shown by the 'info sharedlibrary' command
are now for the full memory range allocated to the shared library.
* Linux checkpoints now work with multiple inferiors
* Improved linker namespace support
* Warnings and error messages now start with an emoji (warning sign,
or cross mark) if supported by the host charset. Configurable.
* Built-in support for TLS on Linux as backup when libthread_db is not
available. Supported on the x86_64, aarch64, ppc64, s390x, and riscv
architectures, when compiled with GLIBC or MUSL.
* New command "set riscv numeric-register-names" to display risc-v
registers using their numeric names instead of their ABI names.
* The Alpha target now supports target descriptions.
* Python API enhancements
* Support for Python versions older than 3.4 has been removed.
Dropped 0009-Readline-8.3-alpha-release.patch
Added 0009-PR-gdb-33747-gdb-ser-unix-modernize-Linux-custom-bau.patch
Added 0010-GDB-aarch64-linux-Fix-build-failure-on-musl-systems.patch
Co-authored-by: Sundeep Kokkonda <Sundeep.Kokkonda@windriver.com>
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 548c212a11
---------------------------
overlayfs-etc: Add template file dependency
It case a user uses own template file, its changes have to be propagated
to the image.
Fixes [YOCTO #16193]
Cc: Wojciech Niziński <niziak-yoctobug@spox.org>
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e5184a0d20
---------------------------
sanity: condition hash equivalence warnings to when it is in use.
The warnings about the hash equivalence server are only valid when the signature is
being used, and for that we have to check the BB_SIGNATURE_HANDLER variable.
This fix the warning that is displayed when using the basic signature hash, OEBasicHash.
| WARNING:
| You are using a local hash equivalence server but have configured an sstate mirror.
| This will likely mean no sstate will match from the mirror.
| You may wish to disable the hash equivalence use (BB_HASHSERVE),
| or use a hash equivalence server alongside the sstate mirror.
Signed-off-by: Jose Quaresma <jose.quaresma@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 59cd78b2a3
---------------------------
cmake: upgrade 4.2.3 -> 4.3.0
Release notes are available at [0].
License-Update: Year references updated in [1] and [2]
[0]: https://cmake.org/cmake/help/v4.3/release/4.3.html
[1]: https://gitlab.kitware.com/cmake/cmake/-/commit/b08cb30f2efda73796a076cef2b7b4c29e458c27
[2]: https://gitlab.kitware.com/cmake/cmake/-/commit/97ad58a86cf73d85f755939114eb6b32f085d0dd
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 16e9b6f6ae
---------------------------
kernel-yocto-rust: Move rust kernel dependencies to bbclass
Move the rust kernel dpendencies from linux-yocto.inc to
kernel-yocto-rust.bbclass.
This centralizes Rust-specific configuration in the dedicated class,
which is intended to be inherited only when Rust kernel support is
enabled (e.g. via KERNEL_FEATURES).
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b83ff91337
---------------------------
gtk4: Fix a build error in examples/application8
Add a backported patch from master to use underscore instead of
space in a generated filename. This fixes the build error:
| /usr/bin/ld: cannot find examples/application8/exampleapp8.p/meson-generated_.._exampleapp8: No such file or directory
| /usr/bin/ld: cannot find resources.c.o: No such file or directory
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 20d0db2612
---------------------------
libc-package, default-distrovars: Remove unsupported LOCALE_UTF8_ONLY
ptest subpackages for various recipes added RDEPENDS for
locales that do not exist when LOCALE_UTF8_ONLY is set to 1.
This makes it clear that LOCALE_UTF8_ONLY=1 is untested in Yocto
and became unsupported. Remove this distro variable.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7728aa3168
---------------------------
systemd: break circular dependency with libfido2
libfido2 depends on udev, and when the fido2 feature is enabled
in systemd, systemd depends on libfido2. However, systemd really
only needs libfido2's headers at build time. It uses dlopen to
opportunistically enable the features at runtime. Break this
circular dependency by creating a recipe that provides libfido2's
headers and pkgconfig file. That allows systemd to build with
fido2 enabled and allows libfido2 do build as well.
Signed-off-by: Dan McGregor <danmcgr@protonmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: fa10e1b59b
---------------------------
spdx-common: Add documentation for undocumented SPDX variables
Add [doc] strings for eight undocumented SPDX-related BitBake
variables in spdx-common.bbclass.
Variables documented:
- SPDX_INCLUDE_SOURCES
- SPDX_INCLUDE_COMPILED_SOURCES
- SPDX_UUID_NAMESPACE
- SPDX_NAMESPACE_PREFIX
- SPDX_PRETTY
- SPDX_LICENSES
- SPDX_CUSTOM_ANNOTATION_VARS
- SPDX_MULTILIB_SSTATE_ARCHS
This makes variables discoverable via bitbake-getvar and IDE
completion, improving usability for SBOM generation.
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Reviewed-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 9dd9c00389
---------------------------
cve_check: Escape special characters in CPE 2.3 strings
CPE 2.3 formatted string binding (cpe:2.3:...) requires
backslash escaping for special meta-characters per NISTIR 7695.
Characters like '++' and ':' in product names must be escaped.
The CPE 2.3 specification defines two bindings:
- URI binding (cpe:/...) uses percent-encoding
- Formatted string (cpe:2.3:...) uses backslash escaping
Escape the required meta-characters with backslash:
- Backslash (\\) -> \\
- Question mark (?) -> \?
- Asterisk (*) -> \*
- Colon (:) -> \:
- Plus (+) -> \+
All other characters are kept as-is without encoding.
Example CPE identifiers:
- cpe:2.3:*:*:crow:1.0\+x:*:*:*:*:*:*:*
- cpe:2.3:*:*:sdbus-c\+\+:2.2.1:*:*:*:*:*:*:*
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Reviewed-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 952990d3bd
---------------------------
orc: Enable hotdoc to produce doc
Add do_install:append function to fix QA Issue like "File /usr/share/doc/orc/html/assets/js/search/hotdoc_fragments/orctarget.html-enum (unnamed at /work/x86-64-v3-poky-linux/orc/0.4.42/sources/orc-0.4.42/orc/orctarget.h:39:1).fragment in package orc-doc contains reference to TMPDIR [buildpaths]"
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 8ad2360405
---------------------------
oeqa: manual: Add Upstream-Status to abat patch
Running check-layer on the core metadata showed that abat.patch is
missing an Upstream-Status.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: df0947c765
---------------------------
udev-extraconf: detect init manager from pid
Detecting the init manager from /sbin/init does not always work and it
fails when etc-overlayfs is used, because first the
pre-init script is called and init is renamed as init.orig.. Read the
process name with pid = 1 from /proc, and use it to detect the init manager.
Signed-off-by: Stefano Babic <sbabic@nabladev.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a3551d15f6
---------------------------
systemd: fix configure option for dropping sysv support
Add three extra configuration options to make our systemd stop
supporting sysvinit. Without these three options, we'll have in
config.h:
build/config.h:#define HAVE_SYSV_RC_LOCAL 1
build/config.h:#define HAVE_SYSV_COMPAT 1
The HAVE_SYSV_RC_LOCAL makes /etc/rc.local work as the rc-local.service
is still installed. And the HAVE_SYSV_COMPAT means /etc/rcX.d is still
supported.
With this fix, we have:
build/config.h:#define HAVE_SYSV_RC_LOCAL 0
build/config.h:#define HAVE_SYSV_COMPAT 0
Note that these three options need to be dropped when systemd is
upgraded to v260.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: eafb6d797b
---------------------------
packagegroup-core-tools-profile: Avoid dependency on systemtap for loongarch64
Trying to build systemtap for qemuloongarch64 gives the error:
systemtap was skipped: incompatible with host loongarch64-oe-linux (not in COMPATIBLE_HOST)
Drop this dependency from packagegroup-core-tools-profile to avoid the
error.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 10a54e177b
---------------------------
systemd: upgrade 259.3 -> 259.5
Update to latest revision of v259.
Changes: https://github.com/systemd/systemd/compare/v259.3...v259.5
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2d8da77f28
---------------------------
grub: add patch to use medany for riscv64
>From the upstream bug report, filed in 2024:
|GRUB 2.12 does not compile correctly using large model on riscv64 using gcc 14.1.1 (gcc-14.1.1-5.fc40.x86_64).
|
|It is my understanding that the large model should not really be used on riscv64 yet and trying to build GRUB 2.12 with it results in an error:
|
|+ ././grub-mkimage -O riscv64-efi -o grubriscv64.efi.orig -d grub-core --sbat ././sbat.csv -m memdisk.squashfs -p /EFI/fedora all_video boot blscfg btrfs cat configfile cryptodisk echo ext2 f2fs fat font gcry_rijndael gcry_rsa gcry_serpent gcry_sha256 gcry_twofish gcry_whirlpool gfxmenu gfxterm gzio halt hfsplus http increment iso9660 jpeg loadenv loopback linux lvm luks luks2 memdisk mdraid09 mdraid1x minicmd net normal part_apple part_msdos part_gpt password_pbkdf2 pgp png reboot regexp search search_fs_uuid search_fs_file search_label serial sleep squash4 syslinuxcfg test tftp version video xfs zstd efi_netfs efifwsetup efinet lsefi lsefimmap connectefi
|././grub-mkimage: error: relocation 0x2b is not implemented yet.
|
|medany builds successfully and boots on the VisionFive2 and on VMs.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4819698443
---------------------------
wic: filemap: use separate fd for SEEK_HOLE probes
While working on splitting-out wic from oe-core, on my openSUSE Leap
16.0 machine, the moment I split wic out, 2 oe-selftests always failed
with 100% reproducibility:
- wic.ModifyTests.test_wic_cp_ext
- wic.Wic2.test_expand_mbr_image
In both cases the symptom is the same: the filesystem has inode tables
that are completely zeroed out. Both issues are linked together to the
same underlying fault.
FilemapSeek._get_ranges() is a generator. Due to the nature of finding
each hole/data extent one at a time using the lseek() system call,
it calls os.lseek() on a raw file descriptor, then yields, then the
caller, sparse_copy(), calls file.seek() + file.read() on a Python
BufferedReader wrapping that same fd — then the generator resumes and
calls os.lseek() again. This interleaving of raw os.lseek() and buffered
I/O on the same fd is undefined behaviour from Python's perspective.
The BufferedReader tracks its own idea of the fd's position and buffer
contents; os.lseek() changes the position behind its back. This can
corrupt its internal state and cause read() to return stale/zero data.
This code, however, has existed in wic since it was written, so why
was it not noticed before? It turns out this bug was being masked by a
number of implementation details that changed, especially when wic was
split out for oe-core. These changes conspired together to cause the bug
to be triggered.
One of the root causes of this bug is that Python 3.14 increased the
default buffer size from 8KB to 128KB[1]. With 8 KB buffers, read()s
either go through the direct-read path leaving the buffer empty, or
if it fills in 8KB chunks the buffer is fully drained. Either way,
with a small buffer, read()s do a real raw seek. No fast path. No
corruption. With a 128KB buffer, however, a much larger window exists
where BufferedReader.seek() can take the fast-path after the raw file
descriptor has already been repositioned by os.lseek() in the generator.
With the smaller buffer, this window was too narrow to hit in practice.
This is fixed by opening a second file object in FilemapSeek.__init__()
dedicated to SEEK_DATA/SEEK_HOLE probes, leaving the data-reading handle
(self._f_image) untouched.
This explains why the corruption is deterministic and tied to specific
block boundaries, why it only manifests with the split-out version using
Python 3.14 (on systems that are using Python versions less than 3.14 on
the host), and why using a separate file descriptor for reading bypasses
the issue entirely.
This is not an intermittent bug. For a more detailed explanation
including log files, in-depth analysis, and a standalone Python
reproducer, please see the linked bugzilla entry.
Fixes: [YOCTO #16197]
[1] https://github.com/python/cpython/commit/b1b4f9625c5f2a6b2c32bc5ee91c9fef3894b5e6
b1b4f9625c5f ("gh-117151: IO performance improvement, increase io.DEFAULT_BUFFER_SIZE to 128k (GH-118144)")
AI-Generated: codex/claude-opus-4.6 (xhigh)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dd79baf74a
---------------------------
license: Fix sstate hash conflict issues
Currently, SSTATE_PKGARCH is injected into the sstate packages themselves but
the output of do_populate_lic is meant to be architecture invariant.
Instead of putting it into the package, use that part of the path as the
installation location. This makes the sstate packages architecture invariant
and avoids hash mismatch issues.
Since the sstate install path isn't part of the task checksums, we can just
remove all the LICENSE_DEPLOY_PATHCOMPONENT code entirely. It will change the
native/cross locations to SSTATE_PKGARCH but that likely makes more sense anyway.
I suspect this was what I'd originally intended when I added SSTATE_PKGARCH to
the path but things weren't quite done correctly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 531f87111d
---------------------------
layer.conf: Use += to add to the DUMMY_PACKAGE_ARCHS_* variables
This avoids the assumption that the meta layer is the first layer listed
in the BBLAYERS variable.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cd1179544d
---------------------------
layer.conf: Update to wrynose
Prepare for the next release and update to the new wrynose release series.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2dc4d2f8b5
---------------------------
qemurunner: Hide kernel messages on first non-raw run_serial() call
Kernel messages on console can be mixed with run_serial() command output
and might even prevent run_serial() to read the command exit code.
To fix this, on the first non-raw run_serial() call, run "dmesg -n 1"
first to hide the kernel message from the console we use to run
commands. Note that kernel messages are still logged in dmesg buffer.
man dmesg (from util-linux):
> -n, --console-level
> level Set the level at which printing of messages is done to the
> console. The level is a level number or abbreviation of the level name.
> For all supported levels see the --help output.
>
> For example, -n 1 or -n emerg prevents all messages, except emergency (panic)
> messages, from appearing on the console. All levels of messages are still
> written to /proc/kmsg, so syslogd(8) can still be used to control exactly where
> kernel messages appear. When the -n option is used, dmesg will not print or
> clear the kernel ring buffer.
Busybox's dmesg also support the option.
Raw run_serial() calls are used during the login process when it's too
early to run the dmesg command.
Fixes [ YOCTO #16189 ]
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 69af43387e
---------------------------
webkitgtk: remove PACKAGECONFIG soup2
* libsoup-2.4 already removed in commit [1], so remove the soup2
PACKAGECONFIG, which may causes depeneds on libsoup-2.4.
* soup2 will not be supported from 2.52.0.
* webkitgtk build with libsoup3 by default, USE_SOUP2 is OFF by default,
so also remove soup3 option
[1] https://git.openembedded.org/openembedded-core/commit/?id=94ebc5b798aed6eea642c5e2a4df24b386520636
[2] https://webkitgtk.org/2025/10/07/webkitgtk-soup2-deprecation.html
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 61d653562a
---------------------------
gstreamer1.0-plugins-good: remove PACKAGECONFIG soup2
* libsoup-2.4 already removed in commit [1], so remove the soup2
PACKAGECONFIG, which may causes depeneds on libsoup-2.4
* provide soup3 option, enable soup3 will enable soup and soup version
will be auto defected as libsoup3 since we depend on libsoup, disable
soup3 will disable soup.
[1] https://git.openembedded.org/openembedded-core/commit/?id=94ebc5b798aed6eea642c5e2a4df24b386520636
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 56aeb7ff4e
---------------------------
uki.bbclass: make DTB packaging optional
According to the Unified Kernel Image (UKI) specification [1], including
a compiled device tree in the .dtb section of a UKI is optional. However,
the current implementation always packages device trees listed in
KERNEL_DEVICETREE into the UKI by default. This makes uki.bbclass
unsuitable for systems that rely on firmware-provided DTBs and do not
want a DTB embedded in the UKI.
Fix this by introducing a new UKI_DEVICETREE variable to control device
tree packaging. The .dtb section is now populated from UKI_DEVICETREE
instead of KERNEL_DEVICETREE. Users who do not want DTBs included in the
UKI can override UKI_DEVICETREE to an empty value from their recipes.
Update the UKI selftests accordingly, as QEMU does not provide a device
tree to embed.
[1] https://uapi-group.org/specifications/specs/unified_kernel_image/
Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5571775018
---------------------------
python3: Add a new PACKAGECONFIG knob for free threading
One of the main points in the Python 3.14.x release notes was
that free threading is officially supported.
Add PACKAGECONFIG[freethreading] to turn it on with --disable-gil.
GIL is the Global Interpreter Lock, which is kept enabled without
this option.
By default, keep free threading disabled, i.e. GIL enabled.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4caa308304
---------------------------
curl: upgrade 8.18.8 -> 8.19.0
Solves CVE-2026-1965, CVE-2026-3783, CVE-2026-3784 and CVE-2026-3805.
Drop patch included in the release.
Release info [1]:
Changes:
* BUG-BOUNTY.md: we stop the bug-bounty end of Jan 2026
* cmake: add `CURL_BUILD_EVERYTHING` option
* mqtt: initial support for MQTTS
* tool: support fractions for --limit-rate and --max-filesize
* tool_cb_hdr: with -J, use the redirect name as a backup
* vquic: drop support for OpenSSL-QUIC
* windows: add build option to use the native CA store
* windows: bump minimum to Vista (from XP)
(and lot of bugfixes)
[1] https://curl.se/ch/8.19.0.html
License-Update: copyright years refreshed
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6a6377a983
---------------------------
libuv: upgrade 1.52.0 -> 1.52.1
Release info [1]:
Changes since version 1.52.0:
* misc: add simple clang-tidy setup (Jameson Nash)
* unix: check RLIMIT_AS and RLIMIT_DATA in uv_get_constrained_memory
(Jameson Nash)
* win: add fs-fd-hash-inl.h to tarball (tobil4sk)
* unix,win: support NULL loop for sync uv_getaddrinfo (Saúl Ibarra
Corretgé)
* Fix const-correctness warning in linux.c (Quaylyn Rimer)
* build(deps): bump actions/upload-artifact from 6 to 7
(dependabot[bot])
* build(deps): bump actions/download-artifact from 7 to 8
(dependabot[bot])
* unix: fix compilation warnings with GCC 15 (Saúl Ibarra Corretgé)
* test: remove conditionals from `uv_thread_self` usage (Yasser
Nascimento)
* unix: fix discard const (Rudi Heitbaum)
* unix: do not cast to char variables that are const char (Rudi
Heitbaum)
* linux: fix crash if poll callback closes handle before `POLLERR` (Juan
José Arboleda)
[1] https://github.com/libuv/libuv/releases/tag/v1.52.1
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3cfa638aa9
---------------------------
linux-firmware: upgrade 20260221 -> 20260309
Upgrade the firmware package to latest release. Add package
${PN}-lt8713sx for Lontium LT8713SX DP hub, add audioreach
firmware and license for Kaanapali, Lenovo ISH LNLM firmware
was renamed so add those files in ${PN}-ish-lnlm-53c4ffad
package, and modify FILES:${PN} for package ${PN}-ish-lnlm-12128606
to pack firmwares properly.
Signed-off-by: Vivek Puar <vpuar@qti.qualcomm.com>
Cc: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 945d9b9e75
---------------------------
linux: cve-exclusions: Add --always to git-describe
Otherwise https://git.kernel.org/pub/scm/linux/security/vulns.git cannot be
used:
subprocess.CalledProcessError: Command '('git', 'describe', '--tags', 'HEAD')' returned non-zero exit status 128.
Original error from git:
fatal: No names found, cannot describe anything.
The change will at least produce an abbreviated SHA1 hash as {data_version}.
Fixes: 5e66e2b79fae ("linux/generate-cve-exclusions: show the name and version of the data source")
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6145c70a27
---------------------------
mesa: remove trailing whitespace
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fe0490e637
---------------------------
resulttool: Fix UnboundLocalError when missing test results
The junit_tree function failed when either ptest or imagetest results
were missing from testresults.json due to uninitialized variables.
Move variable initialization outside the loop to ensure they
always have default values.
Signed-off-by: Miroslav Cernak <miroslav.cernak@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 817b5c012a
---------------------------
pypi.bbclass: set UPSTREAM_CHECK_PYPI_PACKAGE from PYPI_PACKAGE
This aligns the tarball upstream check regex (set from former variable)
with existing tarball name (set from the latter).
Previously the regex used a 'normalized' value (_ replaced with -)
which wasn't matching the actual tarballs, and required setting both
variables whenever PYPI_PACKAGE default wasn't suitable and had to be
set in the recipe.
I have confirmed that 'devtool check-upgrade-status' doesn't break.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3b476245b3
---------------------------
iptables/libmnl: fix upstream version check
The original locations still exist, but no longer allow
directory listings.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1fc2b952c7
---------------------------
libfyaml: inherit github-releases class
This fixes the upstream version check for the newly added recipe,
as the default SRC_URI-minus-tarball page doesn't contain a list of releases.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e2d2a5b0c
---------------------------
gstreamer1.0-vaapi: remove recipe
gstreamer-vappi has been removed in favour of the va plugin and is no longer
updated going forward.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dcac7775f2
---------------------------
lib/oe/patch: add user and email when patchtool is git
When the PATCHTOOL=git, oe-core creates a git repo for the sources with:
git init
git add .
git commit
The git commit can fails blindly due to misconfigured user when git don't have
the email proper configured. Although the commit command does not fail
because it returns 0, it is not executed and the tree remains with all
files staged so the following git commands can fail and fails in some cases.
This problem has been particularly observed in some obscure and little-used
cases in openembedded-core like patching the linux-firmware which only works
using PATCHTOOL=git because it deals with binary files.
Signed-off-by: Jose Quaresma <jose.quaresma@oss.qualcomm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 89a9a02859
---------------------------
appstream: upgrade from 1.0.6 to 1.1.2
License-Update: Update COPYING with latest from FSF
* Upstream changed the dependency, libyaml changed to libfyaml, refer [1]
* Upstream enable bash-completion by default, but bash-completion is in
ASSUME_PROVIDE, on host without bash-completion, appstream-native will
configure failed, so disable bash-completion for appstream-native
[1] https://github.com/ximion/appstream/commit/2899271049c0c9716eba0ccd62b10cdb9df5746d#diff-35104d8113cb43cdd6cfaa78c780eba89165e17c580d1e6678e5c3dfbd9b23c5
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6e9ebdf5fb
---------------------------
lttng-modules: Upgrade 2.14.3 -> 2.14.4 to fix build issue on kernel 6.18
Add 0001-fix-adjust-range-in-btrfs-probe-for-v6.18.14.patch to
adjust Brtfs probe header for 6.18[1]
Change Log:
2026-02-09 LTTng modules 2.14.4
* fix: Manual conversion to use ->i_state accessors (v6.19)
* fix: btrfs: headers cleanup to remove unnecessary local includes (v6.19)
* Fix: Initialize syscall tables sorted entries
* Cleanup lttng-syscalls.h: Remove extern on function prototypes
* Make init_event_desc_enum_desc_sorted_entries public
* Update .gitreview for stable-2.14
Ref:
[1] https://git.lttng.org/?p=lttng-modules.git;a=commit;h=ca93dc3b05fcb22db5b653858a1b08002496d783
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 512a71ea5d
---------------------------
librsvg: move symlink file for ptest in package librsvg-ptest
In order to make ptest can find needed data, a symlink is created:
/usr/lib64/librsvg/rsvg -> ptest
package this symlink file in package librsvd-ptest, this can avoid
there is a dead link when ptest-pkgs is not installed.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d3d1694035
---------------------------
selftest: uboot: Add sefltest for recent KCONFIG_CONFIG_ROOTDIR fix
Add a check to make sure that KCONFIG_CONFIG_ROOTDIR and
KCONFIG_CONFIG_ENABLE_MENUCONFIG are being set correctly in the
different cases.
A recent commit [1] showed that we were missing a check for the
correctness of these variables.
[1] https://git.openembedded.org/openembedded-core/commit/?id=2548c040ea155c981e41cb0282bcb28c47b3b688
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 16054e30b2
---------------------------
uboot-config: Fix scope of KCONFIG_CONFIG_ROOTDIR check
The current check is in the inner loop of UBOOT_CONFIG, but the check is
attempting to only apply to the case when there is a single entry in
UBOOT_CONFIG. Shift the indention to be outside of the for loop and
only execute once.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a534e79198
---------------------------
shadow: fix build with GCC 10
Fix the build with GCC 10 which otherwise fails due to function parameters
being unnamed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d0671c3dad
---------------------------
rust: enable dynamic LLVM linking by default
Fixes [YOCTO #16058]
Enable dynamic linking with LLVM (link-shared) for all rust variants
(native, nativesdk and target) via a PACKAGECONFIG option, enabled
by default. This prevents segmentation faults when reusing sstate
artifacts built with different host toolchains.
Update multilib library symlinking to include shared libraries and
adjust the rust selftest to install llvm so the dynamically linked
compiler can run correctly.
Suggested-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a967f364c7
---------------------------
scripts/install-buildtools: Update to 5.3.2
Update to the 5.3.2 release of the 5.3 series for buildtools
Signed-off-by: Aleksandar Nikolic <aleksandar.nikolic22@pm.me>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 388cd4770e
---------------------------
ptest-packagelists: Exclude ptests from musl which are known to fail
Since we'd like to start tracking musl ptest regressions, mark the existing known
failures for qemuarm64 and qemux86-64 so we can then start to test without
warnings.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4e06a6df74
---------------------------
sstate/sstatesig: Abstract dummy package architectures into layer.conf settings
Other layers need to be able to add dummy recipes. To do this add
DUMMY_PACKAGE_ARCHS_SDK and DUMMY_PACKAGE_ARCHS_TARGET in layer.conf
which can be used to add these to the right places in the code.
Don't add the variables to task signatures as these only matter in the
context of constructed images and not the recipes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 834efe5eea
---------------------------
sstate: Tweak SDK sstate package architecture
While in this area of the code, it is worth noting that PACKAGE_ARCH + PN are
already designed to capture the needed information that we need in SSTATE_PKGARCH.
We can therefore simplify things by just using the standard fallack for SSTATE_PKGARCH
instead of more complex manipulations.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7e8dae7502
---------------------------
meta/dummy-sdk-package: Improve SDK dummy package handling
Currently, the dummy SDK packages are re-running for different SDKMACHINE values
when they should not. The usage of allarch is broken and not triggering the right
PACKAGE_ARCH value due to the deferred nature of nativesdk. This was probably
broken when we switched to add deferred classes.
To try and make this all more explict and less prone to breakage, switch to calling
oe.utils.make_arch_independent() directly.
Add the 'special' package architecture values to SSTATE_ARCHS so the system cna properly
track them.
Remove the pointless tasks we don't need from the dummy recipes, mark the packagedata
as machine independent and then remove from the conflict list in sstate.bbclass.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ac9fb57879
---------------------------
allarch/lib: Convert core of allarch code into a function
We need to call the functionality in allarch.bbclass from other contexts
and the current conditionals are problematic enough without further changes
confusing things. Move the code to a funtion in oe.utils so we can call
it as needed.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9f59ba9cd6
---------------------------
bitbake.conf: Add SDKMACHINE to BUILDCFG_VARS, drop TARGET_FPU
Tweak the default build header to add SDKMACHINE and drop TARGET_FPU since
that data is more likely to be of use to the general user.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 78e8586cc1
---------------------------
sstate: Drop unneeded SSTATE_MANMACH variable
This variable doesn't appear needed and just confuses the code, remove it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 10dff9f0ed
---------------------------
runtime_test: Add rust-out-of-tree selftest
This new case tests that the rust-out-of-tree-module recipe compiles and
run properly: check that the dmesg output is as expected.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4b7581df74
---------------------------
make-mod-scripts: fix for buildpath issues with rust-out-of-tree compilation
Fixes buildpath issues when compiling rust-out-of-tree recipe.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5fdb94febc
---------------------------
meta-skeleton: Add rust-out-of-tree-module recipe
Basic template for an out-of-tree Linux kernel module written in Rust.
Mainly to test Rust integration into the kernel.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 76fd22f09f
---------------------------
module-rust.bbclass: Prepare out-of-tree rust module compilation
Add support for rust-out-of-tree module compilation:
- Add dependency to rust-native
- Remap ${S} in compiled output to avoid buildpath errors
- Added check to skip rust out-of-ree-module compilation,
if rust kernel support is not enabled
Co-developed-by:Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af8cdc54e3
---------------------------
kernel.bbclass: Copy include/config/auto.conf in STAGING_KERNEL_BUILDDIR
Linux commit aaed5c7739be ("kbuild: slim down package for building
external modules")[0] states that include/config/auto.conf is also a
file needed for out-of-tree build.
This avoids this error when building an out-of-tree Rust kernel module:
| make -C .../tmp/work-shared/qemux86-64/kernel-source M=$PWD
| make[1]: Entering directory '.../tmp/work-shared/qemux86-64/kernel-source'
| make[2]: Entering directory '.../tmp/work/qemux86_64-poky-linux/rust-out-of-tree-module/git/sources/rust-out-of-tree-module-git'
| .../tmp/work-shared/qemux86-64/kernel-source/Makefile:779: .../tmp/work-shared/qemux86-64/kernel-build-artifacts/include/config/auto.conf: No such file or directory
[0]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aaed5c7739be81ebdd6008aedc8befd98c88e67a
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 01ea2b2add
---------------------------
selftest/cases/runtime_test: Add test for Linux Rust sample
This new case tests that the rust_mininal sample inside the kernel source
tree is buildable and works properly: check that the module can be
loaded and that it prints correctly.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a38b7a1be6
---------------------------
kernel-devsrc: copying rust-kernel source to $kerneldir/build
When CONFIG_RUST is enabled, running 'make prepare' in the target & SDK
fails because the Rust kernel infrastructure is incomplete in the staged
kernel sources.
The Rust build system requires a wider set of interdependent sources
during make prepare, including bindgen inputs, C helper sources,
generated headers, and other support files. These are all located under
the kernel rust/ directory.
To ensure make prepare succeeds and to support building Rust-based
kernel modules from the target & SDK, copy the full rust/ directory
(of size 2.5MB) into $kerneldir/build when the rust-kernel distro feature
is enabled.
Additionally, when Rust support is enabled, 'make prepare' generates
.rmeta files (crate metadata in a custom binary format) and shared
objects (.so) that are required for compiling Rust kernel modules.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d80d006ae8
---------------------------
kernel: Disable ccache when kernel rust support is enabled
Currently, a ccache enabled build fails with:
| HOSTRUSTC scripts/generate_rust_target
| HOSTCC scripts/kallsyms
| HOSTCC scripts/sorttable
| HOSTCC scripts/asn1_compiler
| TOUCH include/generated/gcc-plugins.h
| DESCEND objtool
| error: multiple input filenames provided (first two filenames are gcc and
.../tmp/work-shared/qemux86-64/kernel-source/scripts/generate_rust_target.rs)
Linux rust build infrastructure does not currently support ccache (Opened bug[0]).
Quick summary: There are 2 issues: $HOSTCC is not escaped and rustc
expect a path (and not a command)
Disable ccache if KERNEL_RUST_SUPPORT is 'True' for kernel and kernel module builds, including
auxiliary tooling such as make-mod-scripts.
More details in: https://lists.openembedded.org/g/openembedded-core/message/229336
[0]: https://github.com/Rust-for-Linux/linux/issues/1224
Co-developed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Cc: Alban MOIZAN <alban.moizan@smile.fr>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aade2ef38c
---------------------------
make-mod-scripts: split `HOSTCC` flag to align with to linux-yocto
when compiling rust-out-of-tree module recipe 'make-mod-scripts' failing
with the following error:
HOSTRUSTC scripts/generate_rust_target
error: Unrecognized option: 'i'
This issue occurs because CFLAGS are being passed to HOSTRUSTC.
Updated the flags in the make-mod-scripts recipe to align with
the flags used by linux-yocto.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 261df16df3
---------------------------
kernel-yocto-rust: Fix for buildpaths errors when rust is enabled for kernel
Fixes for buildpaths errors after enabling rust for linux-kernel
-Introduced KRUSTFLAGS to pass `--remap-path-prefix` to rustc while
building kernel with rust support.
Co-authored-by: El Mehdi YOUNES <elmehdi.younes@smile.fr>
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6c90097beb
---------------------------
kernel-yocto-rust: enable Rust kernel support via 'make rustavailable'.
This change adds support for Rust-enabled kernel builds by:
-Extending do_kernel_configme dependencies to include rust-native,
clang-native, and bindgen-cli-native.
-Invoking make rustavailable during do_kernel_configme() to prepare the
kernel build environment for Rust.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2912ca3b34
---------------------------
rust: install Rust library sources for 'make rustavailable' support
The `make rustavailable` process (1) expects the Rust standard library source files (e.g., `lib.rs`)
to be present in the `library/` directory under `rustlib/src/rust/`.
This patch ensures the required sources are available by:
- Installing the `library/` directory (of size ~50MB) into `${D}${libdir}/rustlib/src/rust` for
making them available during `make rustavailable` for native, target & sdk.
- packaging `${libdir}/rustlib/src/rust` sepearately with `${PN}-src-lib`.
1) See the kernel tree for Documentation/rust/quick-start.rst in the section: Requirements: Building
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/rust/quick-start.rst#n145
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 16d55fc3bc
---------------------------
linux-yocto: conditionally add clang/rust/bindgen-cli-native to DEPENDS
Conditionally add 'clang-native', 'rust-native' and 'bindgen-cli-native' to 'DEPENDS'
when Kernel Rust Support is enabled.
These tools are required for building Rust-enabled kernels and for
generating Rust FFI bindings via bindgen during the kernel build.
This ensures the additional dependencies are only pulled in when
Rust support is explicitly enabled, avoiding unnecessary native
dependencies for non-Rust kernel builds.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6719ed4a34
---------------------------
kernel-yocto: Enable rust in kernel
Allow enabling Rust support in the kernel by simply adding "rust" to
KERNEL_FEATURES in local.conf or a global configuration file. This maps the
feature name to the appropriate kernel configuration fragment located
at features/kernel-rust/kernel-rust.scc
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3c1a65a576
---------------------------
libgloss: package riscv header files correctly
Signed-off-by: Alejandro Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 971d03b19b
---------------------------
picolibc: Update 1.8.6 -> 1.8.11
Rebased:
- avoid_polluting_cross_directories.patch
Licensing files COPYING.NEWLIB and COPYING.GPL2 were removed upstream,
checksum for COPYING needs update since files included may change with
every release.
Tested to work on qemuarm,aarch64,riscv32 and riscv64 variants
https://dev.azure.com/ahcbb6/baremetal-qemu/_build/results?buildId=21709&view=results
Signed-off-by: Alejandro Hernandez <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6ffad1ec5d
---------------------------
newlib: Upgrade 4.5.0 -> 4.6.0
License changes:
- Adds BSD-2 for m68k-atari-elf target
Tested to work on qemux86,arm,aarch64,riscv32 and riscv64 variants:
https://dev.azure.com/ahcbb6/baremetal-qemu/_build/results?buildId=21709&view=results
Signed-off-by: Alejandro Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3b5c2d8bdb
---------------------------
rust: Drop oeqa-selftest-Increase-timeout-in-process-sigpipe-ru.patch
This patch was originally introduced to address a rare failure on the PPC
target and with the latest version of rustc this issue no longer occurs.
So, this patch can be removed.
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e368dde8af
---------------------------
oeqa/selftest: wic: Add vfat to test_wic_sector_size
Add an empty vfat partition to the 4k sector size test. This ensures that
the -S 4096 option is passed to mkfs.vfat, and the resulting filesystem is
generated.
We also now verify that the requested partitions, and names were created
as expected. Size does not matter, only the partition type and name.
Note, there is a known issue in parted that 4096 fat partitions are not
recognized by fstype, so report themselves as empty in the regular output.
Both wic ls and parted p show an unknown filesytem type. However, the type
of the partition (last field) is set to msftdata, so we can use that
instead.
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c1fb515f2a
---------------------------
yocto-uninative: Update to 5.1 for glibc 2.43
yocto-uninative: Update to 5.1 for glibc 2.43
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 438afb3ded
---------------------------
oeqa/selftest: Introduce OEQA_TESTDISPLAY variable and use for sdl/gtk qemu test
Currently we've been using DISPLAY from the parent environment indiscriminately.
Since we can change many of the tests to use internal VNC, we really need a mechanism
to only use a DISPLAY when the system really needs to and there is no other option.
Somehow we need to differentiate between that and a system with graphics available.
Introduce OEQA_TESTDISPLAY for this purpose, this being used only if there is no other
way to run the test.
There is only one test case I'm aware of that needs this, so this patch updates
that test case.
This variable is not meant as a replacement for all DISLAY usage, it is only
for cases where the test would not otherwise work.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e5d18040b
---------------------------
libarchive: upgrade 3.8.5 -> 3.8.6
Release information [1]:
Libarchive 3.8.6 is a security and bugfix release.
Notable fixes:
* libarchive: fix incompatibility with Nettle 4.x (#2858)
* libarchive: fix NULL pointer dereference in archive_acl_from_text_w() (#2859)
* bsdunzip: fix ISO week year and Gregorian year confusion (#2860)
* 7zip: ix SEGV in check_7zip_header_in_sfx via ELF offset validation (#2864)
* 7zip: fix out-of-bounds access on ELF 64-bit header (#2875)
* RAR5 reader: fix infinite loop in rar5 decompression (#2877)
* RAR5 reader: fix potential memory leak (#2892)
* RAR5: fix SIGSEGV when archive_read_support_format_rar5 is called twice (#2893)
* CAB reader: fix memory leak on repeated calls to archive_read_support_format_cab (#2895)
* mtree reader: Fix file descriptor leak in mtree parser cleanup (CWE-775, #2878)
* various small bugfixes in code and documentation
[1] https://github.com/libarchive/libarchive/releases/tag/v3.8.6
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f791d6c528
---------------------------
glibc: Upgrade to 2.43 release
License-Update: Match to changes [1]
- Changes to the FSF address and sample names
- Rearranged files
- License remains unchanged
Added free_sized, free_aligned_sized, memset_explicit, memalignment, and new time bases (TIME_MONOTONIC, etc.).
Support for the Linux mseal system call to protect memory mappings (sealing).
Added support for the openat2 system call, allowing more granular file opening options.
New, optimized, and correctly rounded functions from the CORE-MATH project (acosh, asinh, atanh, erf, erfc, lgamma, tgamma).
Significant 4x improvements for fused multiply-add (FMA) on AMD Zen 3 by updating ldbl-96 implementation.
Improved remainder, frexp, and frexpl.
Experimental Clang Support: Added support for building with LLVM Clang (version 18+) on AArch64/x86_64 Linux.
New CPU Detection: Enhanced detection for newer CPU architectures.
64-bit atomics for 32bit x86 patch is no longer required since upstrea has dropped this logic in 2.43 release
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=a0ce8b0779e290596e99ca6d96c301684a2d7cfe
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 325c078855
---------------------------
busybox: fix printf ptest failure with glibc 2.43
Following ptests were failing on aarch64 after glibc 2.43 upgrade:
- printf_understands_%s_'"x'_"'y"_"'zTAIL"
- printf_handles_positive_numbers_for_%f
Backport fix from Debian bug #1128825.
References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128825
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 09c9603bb3
---------------------------
glib-2.0: fix gdatetime ptest failure with glibc 2.43
glib/gdatetime.test ptest was failing after glibc 2.43 upgrade.
Backport upstream fix from glib commit 7c837a52.
Upstream: https://gitlab.gnome.org/GNOME/glib/-/issues/3895
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f78863f89d
---------------------------
ltp: workaround openat2 build failure with glibc 2.43
glibc 2.43 added native openat2() support, causing LTP's configure to
set HAVE_OPENAT2=1 and skip its own internal definitions, resulting in
a build failure. Add a patch to undef HAVE_OPENAT2 in lapi/openat2.h
as a workaround until a proper fix is found.
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a217683514
---------------------------
barebox-tools: fix build failure with glibc 2.43
glibc 2.43 introduces linux/openat2.h through the fcntl include chain
(bits/fcntl-linux.h -> linux/openat2.h) which expects __u64 to be
defined before inclusion. Move <fcntl.h> in barebox scripts/include/
linux/types.h to after the typedef definitions to fix the build.
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8340d4be03
---------------------------
libxcrypt: avoid discarded-qualifiers build failure with glibc 2.43
With the glibc 2.43 upgrade, building nativesdk-libxcrypt triggers a
-Wdiscarded-qualifiers warning in crypt-gost-yescrypt.c and
crypt-sm3-yescrypt.c which becomes a build failure due to -Werror.
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0433d2d6a9
---------------------------
gcc-runtime: avoid discarded-qualifiers build failure with glibc 2.43
With the glibc 2.43 upgrade, building gcc-runtime triggers a
-Wdiscarded-qualifiers warning in libgomp/affinity-fmt.c which
becomes a build failure due to -Werror.
Add -Wno-error=discarded-qualifiers to CFLAGS as a workaround until
the upstream const-correctness issue in libgomp is resolved.
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0ed7b56814
---------------------------
gettext: upgrade 0.26 -> 1.0
Release notes:
https://savannah.gnu.org/news/?id=10853
Changelog:
1.0: https://lists.gnu.org/archive/html/info-gnu/2026-01/msg00007.html
- gettext-minimal-native: update Makevars.template source path to new
location under gettext-tools/wizard/po-templates/traditional/
- use-pkgconfig.patch: refresh patch hunks to match updated upstream
context in libxml.m4 and selinux-selinux-h.m4, update selinux
discovery: replace AC_SEARCH_LIBS (getfilecon_raw) with
PKG_CHECK_MODULES for correct sysroot handling
- gettext_1.0.bb: add autotools ptest directory and install
gettext-tools autotools build artifacts for ptest
ptest results:
=======================
All 630 tests passed
(41 tests were not run)
=======================
DURATION: 45
END: /usr/lib/gettext/ptest
2026-03-09T17:58
STOP: ptest-runner
TOTAL: 1 FAIL: 0
With the previous version:
All 626 tests passed
(40 tests were not run)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7e75ec7a66
---------------------------
bitbake.conf: Set PACKAGECONFIG vardepvalue
For PACKAGECONFIG settings in recipes, we care about the end value, we don't
really care how it is constructed. bbappends to recipes can add things to
the default PACKAGECONFIG settings, for example being dependent on a DISTRO_FEATURE
or another variable. If the computed value doesn't change, the task hashes can remain
constant, allowing for better sstate reuse.
To do this, set a vardepvalue of the variable value itself, ignoring how
the actual value is calculated.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 01aa7f30d9
---------------------------
cargo-c: update 0.10.20 -> 0.10.21
Changes are here:
https://github.com/lu-zero/cargo-c/compare/v0.10.20...v0.10.21
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5c995f9754
---------------------------
lua: upgrade from 5.4.8 to 5.5.0
Changes:
https://www.lua.org/manual/5.5/readme.html#changes
PLATS linux-readline is moved, and readline is changed to load
dynamically, refer [1], keep readline as PACKAGECONFIG to allow user to
remove readline dependency.
Lua use dlopen by default, and LUA_READLINELIB is set to libreadline.so,
but libreadline.so is in the dev package, which will make Lua cannot
load libreadline even when libreadline is installed. Make readline as
build dependency and detect the real libreadline name and set LUA_READLINELIB
[1] https://github.com/lua/lua/commit/366c85564874d560b3608349f752e9e490f9002d
[2] https://github.com/lua/lua/blob/master/lua.c#L520
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: afb1765ef3
---------------------------
tcl8: fix tclConfig.sh after UNPACKDIR change
Adapt the sed command that edits TCL_SRC_DIR in tclConfig.sh
This is needed so that tk in meta-oe is capable of reading
the required header file
Remove buildpath from TCL_BUILD_STUB_LIB_PATH in tclConfig.sh
Signed-off-by: Krupal Ka Patel <krkapate@cisco.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf7c79f396
---------------------------
python3-setuptools: drop Windows launcher executables on non-mingw builds
setuptools installs Windows launcher executables (cli*.exe, gui*.exe)
into site-packages. These binaries are only used on Windows platforms
but are packaged for target, native, and nativesdk builds.
Remove the Windows launcher executables when not building for a mingw
(mingw32/mingw64) host to avoid shipping unused Windows binaries.
Signed-off-by: Krupal Ka Patel <krkapate@cisco.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 90d208fbb0
---------------------------
python3-pip: drop unused Windows distlib launcher templates
pip vendors distlib which ships Windows launcher template binaries
(*.exe) under pip/_vendor/distlib. These files are only used on
Windows systems but are installed and packaged for target, native,
and nativesdk builds.
Remove the distlib *.exe templates when not building for a mingw
(mingw32/mingw64) host to avoid shipping unused Windows binaries and
reduce package noise.
Signed-off-by: Krupal Ka Patel <krkapate@cisco.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bd04d43100
---------------------------
gcc-source: Use allarch.bbclass
Converts the recipe to use allarch.bbclass. This is necessary because
SSTATE_PKGARCH is set to "allarch" based on if allarch is inherited or
not. If it is not, SSTATE_PKGARCH has the value "all", which means any
data written out based on it cannot be found (because "all" is not in
SSTATE_ARCHS)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1af7942c53
---------------------------
llvm-project-source: Use allarch.bbclass
Converts the recipe to use allarch.bbclass. This is necessary because
SSTATE_PKGARCH is set to "allarch" based on if allarch is inherited or
not. If it is not, SSTATE_PKGARCH has the value "all", which means any
data written out based on it cannot be found (because "all" is not in
SSTATE_ARCHS)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2c49774f47
---------------------------
selftest/glibc: add docstrings to the selftest classes
Add docstrings to GlibcSelfTest classes and comments to the
glibc-testsuite recipe explaining how this test concept works.
This commit does not change the code itself.
Related [Yocto #16113]
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b4801e63d1
---------------------------
spirv-tools: backport a fix for building with gcc-16
Fixes:
https://errors.yoctoproject.org/Errors/Details/905195/
when building on host with gcc-16
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9eabea38f0
---------------------------
gcc: backport a fix for building with gcc-16
Fixes:
https://errors.yoctoproject.org/Errors/Details/905192/
when building on host with gcc-16
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 97dd558277
---------------------------
m4: upgrade to 1.4.21
https://lists.gnu.org/archive/html/m4-announce/2026-02/msg00000.html
This release is being made mainly to cater to recent glibc changes in
light of the C23 language standard. However, it also includes fixes
for some corner-case bugs in eval and when using the defn macro on
builtins.
Fixes m4-native builds on hosts with glibc-2.43 like:
./stdlib.h:827:20: error: expected identifier or '(' before '_Generic'
./string.h:777:20: error: expected identifier or '(' before '_Generic'
Remove 0001-gettext-h-Avoid-gcc-Wformat-security-warnings-with-d.patch
which is included in gnulib revision used by m4 since:
https://gitweb.git.savannah.gnu.org/gitweb/?p=m4.git;a=commit;h=beee8d26382460010338c37f9dd9f823aa9f4ee8
LIC_FILES_CHKSUM was updated for barem4.m4 and testbarem4.m4 from:
https://gitweb.git.savannah.gnu.org/gitweb/?p=m4.git;a=blobdiff;f=examples/COPYING;h=e623b2b9394cbd1784a4964bbac105050296f33b;hp=7e73a1219b542fa035facc47cdb3dd81132e6373;hb=900a90f624cee4a8c1c02c4d6a61ef1ed26a17d1;hpb=c7b96d682958532c4eb2d5c2d81bb6ac342fd410
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9ec9680cda
---------------------------
libpam: set status for CVE-2024-10041
This CVE was fixed in v1.6.1 (per [1]).
NVD tracks it as version-less CVE for RedHat.
[1] https://security-tracker.debian.org/tracker/CVE-2024-10041
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 48a3df9e66
---------------------------
procps: support ptest when TCLIBC is glibc
* Support ptest for procps TCLIBC is glibc. The configure.ac only match
LINUX as "linux-gnu", we can patch it to make test can run on musl lib
system, but the upstream testsuite should only run on gnu libc host,
some test cases only suitable for glibc, eg: Some of the error messages
for free command on musl system is not the same as glibc system, which
will make test failed. In order to avoid some other unexpected failure,
just support ptest for glibc.
* Bug [1] is filed for musl support, we may can add support for musl
libc later when upstream add the musl support
* procps's testsuite use DejaGnu test framework. The testsuite is
expected to run during build time, this implementation create the same
folder structure as the testsuite expected to make it can work well.
[1] https://gitlab.com/procps-ng/procps/-/issues/420
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2548c040ea
---------------------------
uboot-config: fix KCONFIG_CONFIG_ROOTDIR path
Commit 22e96b3 ("u-boot: Make sure the build dir is unique for each
UBOOT_CONFIG") changed the u-boot build directory name to include the
UBOOT_CONFIG value the build is performed for. Align to the new pattern
also the KCONFIG_CONFIG_ROOTDIR variable, which is used by devtool to
create a config baseline in case the menuconfig task is enabled.
This fixes the following error, which can be seen when building u-boot
under devtool and UBOOT_CONFIG contains a single configuration:
cp: cannot stat '<u-boot-builddir>/<u-boot-defconfig>/.config': No such file or directory
Signed-off-by: Francesco Valla <francesco@valla.it>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 770b36ea0d
---------------------------
cross-canadian.bbclass: merged /usr support
Use ${root_prefix} instead of ${base_prefix} while setting
${target_base_prefix}, otherwise we might loose the root prefix configuration
change in case of 'usrmerge' distro feature is enabled.
Signed-off-by: Peter de Ridder <peter.de.ridder@jotron.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 491de0db64
---------------------------
sanity.bbclass: warn when sstate is outside of build dir, but hash equiv database is inside it
This should help with the long-standing usability problem: when
someone tweaks the configuration to put sstate somewhere else than
the default (so that it can be shared between local builds, or over NFS),
they should also share the hash equivalency database, but no indication
would be given to the user to do so.
This will issue a warning and recommend to start a dedicated hash equivalency
server (if sstate is on NFS), or set BB_HASHSERVE_DB_DIR (if it isn't).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 66aefeca48
---------------------------
grub: fix grub installation error on i386 target
Commit 1a5417f39[1] introduced a grub installation error on i386 target:
grub-mkimage: error: `/usr/lib/grub/i386-pc/kernel.img' is
miscompiled: its start address is 0x9074 instead of 0x9000: ld.gold
bug?.
A series of patches are under review in grub mailing list[2]. Once these
patches are merged, we will backport them to the current version.
Currently, referring to Gentoo[3] and Libreboot[4], revert the following
commits as a workaround:
1a5417f39 configure: Check linker for --image-base support
ac042f3f5 configure: Print a more helpful error if autoconf-archive is
not installed
[1] https://cgit.git.savannah.gnu.org/cgit/grub.git/commit/?id=1a5417f39a0ccefcdd5440f2a67f84d2d2e26960
[2] https://lists.gnu.org/archive/html/grub-devel/2026-02/msg00039.html
[3] https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f5a995ac689a7132651ef6b2b87295c392899427
[4] https://codeberg.org/libreboot/lbmk/src/branch/master/config/grub/nvme/patches/0010-Revert-configure-Check-linker-for-image-base-support.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7eae351b5f
---------------------------
grub: upgrade 2.12 -> 2.14
ChangeLog:
* libgcrypt 1.11.
* LVM LV integrity and cachevol support.
* EROFS support.
* GRUB environment block inside the Btrfs header support.
* NX support for EFI platforms.
* shim loader protocol support.
* BLS and UKI support.
* Argon2 KDF support.
* TPM2 key protector support.
* Appended Signature Secure Boot Support for PowerPC.
* New option to block command line interface.
* Support dates outside of 1901..2038 range.
* zstdio decompression support.
* EFI code improvements and fixes.
* TPM driver fixes.
* Filesystems fixes.
* CVE and Coverity fixes.
* Tests improvements.
* Documentation improvements.
Drop backport patches.
Refresh local patches.
Split grub-bash-completion package by inheriting bash-completion.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3e2bc0f380
---------------------------
qemurunner: Drop nographic option now runqemu falls back to VNC
Since runqemu now falls back to vnc or a none display if DISPLAY isn't set,
we no longer need to pass nographic to the qemu commandline and can allow
runqemu just to handle it.
One challenge with nographic is that it changes more that just the display
setting, it can affect the serial and parallel port mappings so this also
makes settings slightly more consistent accross environments.
Ultimately, this allows us to stop requiring X desktops whilst still having
a way to connect to the display over VNC for debugging.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: df9e9f382e
---------------------------
scripts/runqemu: Allow VNC use as a fallback when there is no DISPLAY set
We would like to be able to fall back on QEMU's internal VNC server when
there is no DISPLAY available. Add code to do this, putting a socket for
VNC alongside the network interface tap lock files.
This won't work if tap networking isn't enabled but in most of our use
cases it will be and it avoids having to invent a new location for the
sockets. If there are needs outside this, that can be addressed in future.
Also move the other "publicvnc" code to be alongside the rest of the graphics
parameters for ease of reading the code. The publicvnc option doesn't
work for this use case as it can't handle multiple concurrent qemu istances.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 57fe3e411f
---------------------------
license_image.bbclass: report all packages with incompatible license
When multiple packages cannot be installed it shows only first one it
finds, because of bb.fatal use. It might require many iterations to find
all packages to avoid.
e.g. with ptest enabled and GPL-3.0-or-later, GPL-3.0-only set as
incompatible licenses you might get list like this for relatively small
image:
ERROR: image-1.0-r0 do_rootfs: Some packages cannot be installed into the image because they have incompatible licenses:
bzip2-ptest (GPL-3.0-or-later)
coreutils (GPL-3.0-or-later)
coreutils-stdbuf (GPL-3.0-or-later)
diffutils (GPL-3.0-or-later)
findutils (GPL-3.0-or-later)
gawk (GPL-3.0-or-later)
gnutls-openssl (GPL-3.0-or-later)
gnutls-ptest (GPL-3.0-or-later)
grep (GPL-3.0-only)
make (GPL-3.0-only)
mpfr (LGPL-3.0-or-later)
python3-dbusmock (GPL-3.0-only)
readline (GPL-3.0-or-later)
sed (GPL-3.0-or-later)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 033256d636
---------------------------
subversion: fix race in parallel builds
In parallel build its possible for objects to be written into directories
that do not exist yet, as mkdir-init and local-all are executed at the
same time.
This fix is ugly, but a proper fix would be quite invasive. Upstream have
been informed of the problem.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 468c9dec67
---------------------------
gnutls: make C99 detection more resiliant
gnutls checks that the compiler supports C99 code by checking that the
standard being used is C99 or C11. This will fail with autoconf 2.73,
which will tell the compiler to use C23 by default.
Change the logic so that the build works with C23 by flipping the logic:
we know that C89 is less than C99, but we don't know the names of future
standards.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af66dec1a0
---------------------------
vim: upgrade 9.2.0 -> 9.2.0110
Solves CVE-2026-28417, CVE-2026-28418, CVE-2026-28419, CVE-2026-28420,
CVE-2026-28421 and CVE-2026-28422.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 19aface8a4
---------------------------
inetutils: patch CVE-2026-28372
Pick patch according to [1] (equivalent to patch from [2]).
[1] https://security-tracker.debian.org/tracker/CVE-2026-28372
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-28372
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4ca85ec961
---------------------------
README: add global note about C locale sorting
Other locale might have different order for the "-" character and lead
to unstable sorting.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9c3782b574
---------------------------
maintainers.inc: add note about C locale sorting
Other locale might have different order for the "-" character and lead
to unstable sorting.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 28552a7b6c
---------------------------
dtc: backport fix for build with glibc-2.43
glibc-2.43 isn't used in OE builds yet, but this fixes dtc-native:
https://errors.yoctoproject.org/Errors/Details/903983/
../sources/dtc-1.7.2/libfdt/fdt_overlay.c: In function ‘overlay_fixup_phandle’:
../sources/dtc-1.7.2/libfdt/fdt_overlay.c:424:21: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
424 | sep = memchr(fixup_str, ':', fixup_len);
| ^
../sources/dtc-1.7.2/libfdt/fdt_overlay.c:434:21: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
434 | sep = memchr(name, ':', fixup_len);
| ^
cc1: all warnings being treated as errors
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b91f6cec2b
---------------------------
gcc: Fix gcc-libitm false positives in regression report
Some of the gcc-libitm test cases include build paths (e.g. [1]) in their results.
When comparing two build outputs, these embedded paths cause resulttool to incorrectly report regressions.
[1] ptestresult.gcc-libitm-user.libitm.c++/dropref.C -B /srv/pokybuild/yocto-worker/qemuarm64-tc/build/build-st-64312/
..../libitm/../libstdc++-v3/src/.libs (test for excess errors): PASS
This leads to a false regression such as:
PASS → No matching test result
Upstream-Status: Backport [https://gcc.gnu.org/cgit/gcc/patch/?id=b129ff0880c6d10e0379b46889d01255ee8d1f82,
https://gcc.gnu.org/cgit/gcc/patch/?id=66ce317036f2eb5aeb96d5e4b9e468799d7566b]
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8c24acf3f4
---------------------------
python3-imagesize: upgrade 1.4.1 -> 2.0.0
Changes:
https://github.com/shibukawa/imagesize_py/compare/1.4.1...2.0.0
https://github.com/shibukawa/imagesize_py/blob/master/README.rst
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f5499e224c
---------------------------
alsa-ucm-conf: Backport the channel fix for lemans and monaco boards
Remove Fixed channel setting for Qualcomm lemans and monaco boards to support
stereo capture.
Signed-off-by: Mohammad Rafi Shaik <mohammad.rafi.shaik@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1ade8bb5e7
---------------------------
alsa-ucm-conf: Remove JackControl from TALOS EVK HiFi config
The EVK board does not support headset or jack detection.
Keeping JackControl entries prevents PipeWire (wpctl) from
exposing sinks and sources correctly.
Remove JackControl from Headphones and Headset devices so
PipeWire can enumerate playback and capture nodes normally.
link: https://github.com/alsa-project/alsa-ucm-conf/pull/704
Signed-off-by: Le Qi <le.qi@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1fc1fac23a
---------------------------
systemd: package lib/nvpcr as part of systemd
systemd 259 includes NvPCRs JSON snippets when tpm2 support is enabled
via packageconfig, so make sure they are also included as part of the
main systemd package.
This fixes the following issue when tpm2 is enabled in systemd:
ERROR: systemd-1_259.1-r0 do_package: QA Issue: systemd: Files/directories
were installed but not shipped in any package:
/usr/lib/nvpcr
/usr/lib/nvpcr/cryptsetup.nvpcr
/usr/lib/nvpcr/hardware.nvpcr
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c18f921cd4
---------------------------
systemd: upgrade 259.1 -> 259.3
Update to latest revision of v259.
Drop patches included in this release.
Changes: https://github.com/systemd/systemd/compare/v259.1...v259.3
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 39f7113d09
---------------------------
systemd: properly package new container files
v259 added more container files which need to ba correctly packaged.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 124a43b74b
---------------------------
go: upgrade 1.26.0 -> 1.26.1
Upgrade to latest 1.26.x release [1]:
$ git --no-pager log --oneline go1.26.0..go1.26.1
e87b10ea2a (tag: go1.26.1) [release-branch.go1.26] go1.26.1
e792d6aa95 [release-branch.go1.26] crypto/x509: fix name constraint checking panic
a761c9ff70 [release-branch.go1.26] crypto/x509: fix full email constraint matching
994692847a [release-branch.go1.26] html/template: properly escape URLs in meta content attributes
65c7d7a9fb [release-branch.go1.26] net/url: reject IPv6 literal not at start of host
e28ac674af [release-branch.go1.26] cmd/go: revert update default go directive in mod or work init
4d1051fdc9 [release-branch.go1.26] cmd: re-vendor x/tools for Go 1.26.1
8cce3ab20c [release-branch.go1.26] os: avoid escape from Root via ReadDir or Readdir
ef041913a8 [release-branch.go1.26] cmd/compile: ensure StructMake/ArrayMake1 of direct interfaces are unwrapped
155c25e249 [release-branch.go1.26] cmd/compile: pointer-shaped types are SSAable even if lots of 0-sized fields
c5723195a6 [release-branch.go1.26] net/smtp: prevent test failures due to expired test certificate
f67a1f4c76 [release-branch.go1.26] cmd/go: fix pkg-config flag sanitization
4659d630da [release-branch.go1.26] cmd/compile: avoid folding 64-bit integers into 32-bit constants
6fb3df88d4 [release-branch.go1.26] go/analysis/passes/modernize: add vendored code
85050c90ee [release-branch.go1.26] cmd/compile: fix mis-compilation for static array initialization
12c0690eeb [release-branch.go1.26] cmd/compile: don't drop same register twice
e8df1a6697 [release-branch.go1.26] reflect: use &zeroVal[0] instead of nil for data field for zero-sized payloads
167ef716ba [release-branch.go1.26] cmd/compile: rewriteFixedLoad: ensure AuxInt is sign-extended
495e6c6b09 [release-branch.go1.26] internal/syscall/windows: correct some enums and syscall signatures
29618c4439 [release-branch.go1.26] cmd/link: don't pass -Wl,-S on illumos
c283d1f762 [release-branch.go1.26] os: support deleting inaccessible files in RemoveAll
Fixes CVE-2026-27137, CVE-2026-27138, CVE-2026-27142, CVE-2026-25679 and
CVE-2026-27139.
Release information: [2]
[1] https://github.com/golang/go/compare/go1.26.0...go1.26.1
[2] https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3ca64560e1
---------------------------
kernel_module.py: add missing license header
This is a fixup for commit 570dd06a703c9346672055d52a2461f2715a515b
module.bbclass: move environment setup to kernel_module.py
Copy also the MIT SPDX license header from the file where this lines
were copied from.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b0ea86d95b
---------------------------
rust: Drop revert-link-std-statically-in-rustc_driver-feature.patch
Starting from Rust 1.82, std is statically linked with rustc_driver.so.
This change affected the runtime dependencies of the rustc_main test
binary, causing tests to fail in QEMU because librustc_driver*.so is
not shipped and cannot be found.
After discussing with upstream, the patch is removed, and the test is
skipped using #[cfg(not(test))]. The rustc_main function does not include
any test code,so this safely restores the feature without impacting tests.
Upstream Discussion:
https://github.com/rust-lang/rust/pull/153409
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a91d977917
---------------------------
cargo-c: Move recipe out of rust directory
cargo-c is an external Cargo extension used to build Rust libraries
with a C-compatible ABI and generate C headers and pkg-config files.
Since it is not part of the standard Rust toolchain, move it from the
rust directory to cargo-c under recipes-devtools for better organization
and maintainability.
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 766657738a
---------------------------
rust: Upgrade 1.93.0 -> 1.94.0
https://blog.rust-lang.org/2026/03/05/Rust-1.94.0/
Rust Changes:
https://github.com/rust-lang/rust/releases/tag/1.94.0
Cargo Changes:
https://doc.rust-lang.org/nightly/cargo/CHANGELOG.html#cargo-194-2026-03-05
Rebased patch:
rust-oe-selftest.patch
Backported patch:
0001-Update-call-llvm-intrinsics-test.patch
To fix riscv64 oe-selftest failure with 1.94.0
Test results:
rust v1.94.0
+-------------+---------+---------+
| Machine | Passed | Skipped |
+-------------+---------+---------+
| qemux86-64 | 21910 | 659 |
| qemux86 | 21657 | 912 |
| qemuarm64 | 21722 | 847 |
| qemuarm | 21638 | 931 |
| qemuriscv64 | 21684 | 885 |
+-------------+---------+---------+
Test results difference (1.94.0 - 1.93.0):
+-------------+--------+---------+
| Machine | Passed | Skipped |
+-------------+--------+---------+
| qemux86-64 | +221 | +13 |
| qemux86 | +218 | +16 |
| qemuarm64 | +227 | +7 |
| qemuarm | +217 | +17 |
| qemuriscv64 | +218 | +16 |
+-------------+--------+---------+
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1389fbe477
---------------------------
texinfo: upgrade texinfo 7.2 -> 7.3
Upgrade to latest revision of 7.3
- Refresh patch 0001-Makefile.am-do-not-build-manpages.patch
- Remove -I ${S}/gnulib/m4 from EXTRA_AUTORECONF since configure.ac
already defines AC_CONFIG_MACRO_DIRS
- Fix QA issue for load_txi_modules (new file in 7.3)
Release Note:[https://lists.gnu.org/archive/html/bug-texinfo/2026-03/msg00007.html]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5814d6f460
---------------------------
libksba: upgrade 1.6.7 -> 1.6.8
ChangeLog:
https://github.com/gpg/libksba/blob/libksba-1.6.8/NEWS
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 34cbb0a1b9
---------------------------
file: upgrade 5.46 -> 5.47
ChangeLog:
https://github.com/file/file/blob/FILE5_47/ChangeLog
Remove backport patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 72b5eded6a
---------------------------
iptables: upgrade 1.8.12 -> 1.8.13
ChangeLog:
https://www.netfilter.org/projects/iptables/files/changes-iptables-1.8.13.txt
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b8b7b5873f
---------------------------
libfyaml: init add
Depended by recipe appstream
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 82eb19752b
---------------------------
iproute2: upgrade 6.18.0 -> 6.19.0
Drop fix-musl.patch as it was merged upstream.
Add missing include for types (linux/types.h).
Changes:
- new dpll command for managing Digital Phase-Locked Loop devices via netlink.
- expanded CAN XL support
- MPTCP improvements
- devlink:
- added support for 64‑bit parameters
- added new SWITCHDEV_INACTIVE eswitch mode
- added burst period configuration for health reporters
- genl:
- supports JSON output
- ifstat, nstat, lnstat:
- converted to use the high-level json_print API for unified JSON output
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a007b71e17
---------------------------
tcl8: prefer tcl's own tzdata
The little thread that was "one of the tcl test cases fails with system
tzdata" has unravelled upstream into a series of problems with the tz
code when the system tzdata is used:
https://core.tcl-lang.org/tcl/tktview/51aa53616067cb63900b17ca1d71f07b094ffa1a
Add a PACKAGECONFIG for the option, and default to using the tcl tzdata
until the issues are resolved upstream.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fb804d9d21
---------------------------
tcl: prefer tcl's own tzdata
The little thread that was "one of the tcl test cases fails with system
tzdata" has unravelled upstream into a series of problems with the tz
code when the system tzdata is used:
https://core.tcl-lang.org/tcl/tktview/51aa53616067cb63900b17ca1d71f07b094ffa1a
Add a PACKAGECONFIG for the option, and default to using the tcl tzdata
until the issues are resolved upstream.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a90c83c0de
---------------------------
tcl8: rewrite ptest (again)
Backport the previous commit's changes for tcl9 to the tc8 recipe:
I discovered that running a single test case with tcltest doesn't let
you know if the test failed or not, so when run-ptest moved away from
using all.tcl[1] we were always marking the tests as passing.
So, revert that commit and use all.tcl as a test runner. This is more
noisy, but importantly will let us know if a test failed.
Remove our un-upstreamable tweaks to the interp tests and instead skip
the test that is known to be fragile, so we don't have to carry a patch
forever.
Don't install another copy of the entire Tcl library for the tests, as
there is no real point. This does then expose a bug in the tests where
clock-59.2 assumes that it is running in a source tree and behaves
differently if the system tzdata is being used. This is being worked on
upstream[2], for now skip this test.
Clean up musl overriding so it's more resiliant.
Exit 1 if a test fails.
[1] oe-core 9c41887f2a ("tcl: improve test execution loop")
[2] https://core.tcl-lang.org/tcl/tktview/51aa53616067cb63900b17ca1d71f07b094ffa1a
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7cbe06574f
---------------------------
tcl: rewrite ptest (again)
I discovered that running a single test case with tcltest doesn't let
you know if the test failed or not, so when run-ptest moved away from
using all.tcl[1] we were always marking the tests as passing.
So, revert that commit and use all.tcl as a test runner. This is more
noisy, but importantly will let us know if a test failed.
Remove our un-upstreamable tweaks to the interp tests and instead skip
the test that is known to be fragile, so we don't have to carry a patch
forever.
Don't install another copy of the entire Tcl library for the tests, as
there is no real point. This does then expose a bug in the tests where
clock-59.2 assumes that it is running in a source tree and behaves
differently if the system tzdata is being used. This is being worked on
upstream[2], for now skip this test.
Clean up musl overriding so it's more resiliant.
Exit 1 if a test fails.
[1] oe-core 9c41887f2a ("tcl: improve test execution loop")
[2] https://core.tcl-lang.org/tcl/tktview/51aa53616067cb63900b17ca1d71f07b094ffa1a
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 29c6e4f173
---------------------------
blueprint-compiler: upgrade 0.19.0 -> 0.20.0
Changelog:
https://gitlab.gnome.org/GNOME/blueprint-compiler/-/releases/v0.20.0
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ab6b2bf7b5
---------------------------
python3-setuptools: upgrade 80.9.0 -> 82.0.0
Remove python3-pkg-resources
History v82.0.0 [1]:
Deprecations and Removals
- pkg_resources has been removed from Setuptools. Most common uses of pkg_resources have
been superseded by the importlib.resources and importlib.metadata projects. Projects
and environments relying on pkg_resources for namespace packages or other behavior
should depend on older versions of setuptools. (#3085)
[1] https://setuptools.pypa.io/en/stable/history.html#v82-0-0
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 44a58e6891
---------------------------
python3-semantic-version: remove python3-pkg-resources from runtime depends
Due to setuptools removes and deprecates pkg_resources in 82.0.0 [1],
python-semanticversion import `pkg_resources` conditionally for Python 3.8- [2],
because we have python 3.14+, then python3-pkg-resources is not necessary
for us, remove it from runtime depends
[1] https://setuptools.pypa.io/en/stable/history.html#v82-0-0
[2] https://github.com/rbarrois/python-semanticversion/commit/306fbe1b2222d218c62c2ddb32d91eeea8957951
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f57b5dfef4
---------------------------
python3-scons: remove python3-pkg-resources from runtime depends
Due to setuptools removes and deprecates pkg_resources in 82.0.0 [1],
SCons nowhere in its code does import `setuptools` or `pkg_resources` [2],
remove python3-pkg-resources from runtime depends
[1] https://setuptools.pypa.io/en/stable/history.html#v82-0-0
[2] https://github.com/SCons/scons/commit/e27b28c6b3ca8c9155bff38891189eb73deab611
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dc5b7f6fb5
---------------------------
meson: remove python3-pkg-resources from runtime depends
Due to setuptools removes and deprecates pkg_resources in 82.0.0 [1]
meson removes setuptools and uses mesondata instead [2], remove
python3-pkg-resources from runtime depends
[1] https://setuptools.pypa.io/en/stable/history.html#v82-0-0
[2] https://github.com/mesonbuild/meson/commit/05ddd6543d4c4fc33b4c64f26291e73f49733f71
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fe4b816bb9
---------------------------
ncurses: upgrade 6.5 -> 6.6
1. License-Update: copyright years updated
2. Fix installed-vs-shipped QA error
...
ERROR: ncurses-6.6-r0 do_package: QA Issue: ncurses: Files/directories were installed but not shipped in any package:
/usr/lib
ncurses: 1 installed and not shipped files. [installed-vs-shipped]
...
Due to commit [1], upstream hardcoded `lib` to create symlink
...
** sym-linked tmp/work/x86-64-v3-oe-linux/ncurses/6.6/image/usr/lib/terminfo for compatibility
...
Apply a local patch to not create symlink terminfo under image/usr/lib,
and clean up symlink remove operation in recipe
3. Delete backport patch
- CVE-2025-6141.patch
4. Announcing ncurses 6.6:
https://lists.gnu.org/archive/html/info-gnu/2025-12/msg00010.html
[1] https://github.com/ThomasDickey/ncurses-snapshots/commit/a60b584d93ab59e1df0bc9661b7
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7da2290a46
---------------------------
autotools: remove deletion of aclocal.m4
We've historically[1] deleted any aclocal.m4 file in the source tree
before autoreconfing on the grounds that it is "too shy" to overwrite
aclocal.m4, so we forcibly delete the aclocal.m4 unless aclocal has been
excluded in autoreconf.
However, this shyness has been removed in autoconf 2.70[2] and autoreconf
will always call aclocal, which will rewrite the file if needed.
So, remove the explicit deletion of aclocal.m4. I've verified that a
build of all recipes in core that use autotools have identical
aclocal.m4 files before and after this change.
[1] This code appears in oe-classic during 2011 but originated in a
BitKeeper commit, so predates our use of git.
[2] autoconf bc7e12e7 ("autoreconf: drop support for old (< 1.8) aclocal versions")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d35a1a1697
---------------------------
readline: improve aclocal.m4 handling
I don't know why I decided to copy aclocal.m4 to acinclude.m4 to avoid
autotools.bbclass deleting the upstream hand-maintained aclocal.m4, but
I did.
A neater fix is to exclude aclocal, which has the side-effect of not
deleting aclocal.m4 in do_configure.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 63fb9adc2a
---------------------------
rxvt-unicode: improve aclocal.m4 handling
I don't know why we copy aclocal.m4 to acinclude.m4 to avoid
autotools.bbclass deleting the upstream hand-maintained aclocal.m4, but
we do.
A neater fix is to exclude aclocal, which has the side-effect of not
deleting aclocal.m4 in do_configure.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: df33303c88
---------------------------
lzop: remove custom aclocal.m4 handling
The aclocal.m4 wrangling is historical, the custom macros are now part
of lzop-1.04/autoconf/local.m4 and the aclocal.m4 in the tarball is in
fact generated with aclocal.
Thus we no longer need to ship an acinclude.m4 or exclude aclocal from
running.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d49b14ad48
---------------------------
gperf: remove autoreconf tweaks
Since gperf 3.3[1] gperf uses aclocal, so we don't need to do anything
special anymore to autoreconf.
[1] gperf e60835d ("build: Use Automake in lib/.")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 81bcecfb7f
---------------------------
vulkan-samples: upgrade to latest revision
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 32e5386561
---------------------------
python3: skip test_only_active_thread test
Skip a test we've seen failing intermittently, since it may be another
occurring due to variable load on the Autobuilder.
Fixes: [YOCTO #16178]
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf67c8024f
---------------------------
shadow: upgrade 4.18.0 -> 4.19.4
Changelog: https://github.com/shadow-maint/shadow/blob/4.19.4/ChangeLog
- useradd.8: fix default group ID (Tim Biermann)
- revert drop of subid_init() (Serge Hallyn)
- Georgian translation (NorwayFun)
- useradd: Avoid taking unneeded space: do not reset non-existent data
in lastlog (David Kalnischkies)
- relax username restrictions (Alexander Kanavin)
- selinux: check MLS enabled before setting serange (genBTC)
- copy_tree: use fchmodat instead of chmod (Samanta Navarro)
- copy_tree: don't block on FIFOs (Samanta Navarro)
- add shell linter (Jan Macku)
- copy_tree: carefully treat permissions (Samanta Navarro)
- lib/commonio: make lock failures more detailed (Luca BRUNO)
- lib: use strzero and memzero where applicable (Christian Göttsche)
- Update Dutch translation (Frans Spiesschaert)
- Don't test for NULL before calling free (Alex Colomar)
- Use libc MAX() and MIN() (Alejandro Colomar)
- chage: Fix regression in print_date (Xiami)
- usermod: report error if homedir does not exist (Iker Pedrosa)
- libmisc: minimum id check for system accounts (Iker Pedrosa)
- fix usermod -rG x y wrongly adding a group (xyz)
- man: add missing space in useradd.8.xml (Iker Pedrosa)
- lastlog: check for localtime() return value (Iker Pedrosa)
- Raise limit for passwd and shadow entry length (Iker Pedrosa)
- Remove adduser-old.c (Alejandro Colomar)
- useradd: Fix buffer overflow when using a prefix (David Michael)
- Don't warn when failed to open /etc/nsswitch.conf (Serge Hallyn
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7780eb8d6c
---------------------------
libunistring: upgrade 1.4.1 -> 1.4.2
- prepare for 1.4.2 release.
- version.sh: Bump version number, date, gnulib version.
- README: Update version.
- NEWS: Update.
- sync with gnulib.
- lib/unistring/cdefs.h: Update from gnulib/m4/gnulib-common.m4.
(_GL_UNNAMED): New macro.
(_UC_UNNAMED): Apply
- new C macro _GL_UNNAMED
- Make the generated <unistring/stdint.h> more usable in C++ mode.
- lib/Makefile.am (unistring/stdint.h): In C++ 11 or newer mode, just use
<cstdint>.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 11f686ee56
---------------------------
iptables: upgrade 1.8.11 -> 1.8.12
Changes:
- fix null dereference parsing bitwise operations.
- refuse to run under file capabilities, ie. getauxval(AT_SECURE).
- fix for all-zero mask on Big Endian in arptables-nft.
- support adding and replacing a rule in the same batch in iptables-nft.
- filter
-A FORWARD -m comment --comment "new rule being replaced"
-R FORWARD 1 -m comment --comment "new replacing rule"
COMMIT
- print -X in xtables-monitor command for base chains.
- remove incorrect libebt_redirect translations.
- translate bare '-m sctp' match to '-p sctp' just like TCP and UDP.
- support for info-request and info-reply icmp types.
- fix interface comparisons in `-C` commands in iptables-nft.
- several fixes for ip[6]tables-translate, the tool to ease migration
to nftables.
- document flush behaviour with --noflush for user-defined chains.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d5faee113d
---------------------------
freetype: upgrade 2.14.1 -> 2.14.2
Changelog: https://gitlab.freedesktop.org/freetype/freetype/-/blob/f4205da14867c5387cd6a329b90ee10a6df6eeff/docs/CHANGES
Changes:
- Several changes related to LCD filtering are implemented to
achieve better performance and encourage sound practices.
Bug fixes:
- A bunch of potential security problems have been found. All users
should update.
- The italic angle in `PS_FontInfo` is now stored as a fixed-point
value in degrees for all Type 1 fonts and their derivatives,
consistent with CFF fonts and common practices. The broken
underline position and thickness values are fixed for CFF fonts.
Miscellaneous:
- The `x` field in the `FT_Span` structure is now unsigned.
- Demo program `ftgrid` got an option `-m` to select a start
character to display.
- Similarly, demo program `ftmulti` got an option `-m` to select a
text string for rendering.
- Option `-d` in the demo program `ttdebug` is now called `-a`,
expecting a comma-separated list of axis values. The user
interface is also slightly improved.
- The `ftinspect` demo program can now be compiled with Qt6, too.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 738e08718e
---------------------------
ca-certificates: upgrade 20250419 -> 20260223
Changelog:
* Update Mozilla certificate authority bundle to version 2.82
The following certificate authorities were added (+):
+ TrustAsia TLS ECC Root CA
+ TrustAsia TLS RSA Root CA
+ SwissSign RSA TLS Root CA 2022 - 1
+ OISTE Server Root ECC G1
+ OISTE Server Root RSA G1
The following certificate authorities were removed (-):
- GlobalSign Root CA
- Entrust.net Premium 2048 Secure Server CA
- Baltimore CyberTrust Root (closes: #1121936)
- Comodo AAA Services root
- XRamp Global CA Root
- Go Daddy Class 2 CA
- Starfield Class 2 CA
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
* Use dh_usrlocal to create /usr/local/share/ca-certificates
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e428396ed5
---------------------------
xorgproto: upgrade 2024.1 -> 2025.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 25c46be770
---------------------------
ttyrun: upgrade 2.40.0 -> 2.41.0
Changes of existing tools:
------------------------------
- chreipl: Make --bootparms work for ECKD re-IPL
- cpacfstats: Add 'unauthorized' state to CPU-MF counters
- cpictl: Detect RHCOS using VARIANT_ID
- hsci: Automatically set appropriate MTU for HSCI
- libutil: Add util_readlink() and util_readlinkat() helpers
- libutil: Add util_startswith() to util_str
- libutil: Add utility parsing functions
- lschp: Add support for structured output (--format)
- lsreipl: Suppress 'clear' output if not supported
- pvimg: Add '--format text' support to 'pvimg info'
- pvimg: Add '--print-schema ' option to 'pvimg info'
- pvimg: Add '--show-secrets' flag to 'pvimg info'
- pvimg: Provide improved JSON output to 'pvimg info --format json'
- pvinfo: Improve User experience on non-SE enabled systems
- zipl/ngdump: Ensure ext4 file system is used on dump partition
- zkey: Add support for integrity protected disks using HMAC keys
Bug Fixes:
-------------
- cpumf/pai: Handle different size of perf_event_attr
- lscss: Fix memory leak
- zipl: Fix dump job on tape devices
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0d086e2040
---------------------------
taglib: upgrade 2.1.1 -> 2.2
Changelog:
=========
* Support for Matroska (MKA, MKV) and WebM files.
* Support for NI STEM in MP4 files.
* New method isDsd() in WavPack Properties.
* Stricter verification of ID3v2 frames.
* Fix setting the last header flag in Ogg FLAC files.
* Fix reading of the last page in Ogg streams.
* Avoid corrupting invalid Ogg FLAC files without Vorbis comment.
* Windows: Support MP4 files with 64-bit atoms.
* Fix use of property keys with non-ASCII characters in C bindings.
* Fix building with Android NDK 29.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 929b0d8f05
---------------------------
spirv-llvm-translator: upgrade 21.1.3 -> 21.1.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cda4c6d779
---------------------------
sbc: upgrade 2.1 -> 2.2
Changelog:
Fix issue when compiling with C23 requirements.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 68e20cba59
---------------------------
rpm-sequoia-crypto-policy: upgrade to latest revision
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 736e79c65e
---------------------------
p11-kit: upgrade 0.26.1 -> 0.26.2
Changelog:
rpc: fix NULL dereference via C_DeriveKey with specific NULL parameters (CVE-2026-2100)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0421e9b203
---------------------------
libxmlb: upgrade 0.3.24 -> 0.3.25
Bugfixes:
- Correctly decompress heavily compressed zstd streams
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 30b4ff40bc
---------------------------
libx11: upgrade 1.8.12 -> 1.8.13
License-Update: Drop vestiges of OS/2 support
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8ac239fa85
---------------------------
libuv: upgrade 1.51.0 -> 1.52.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 68c38c1fa8
---------------------------
libtraceevent: upgrade 1.8.6 -> 1.9.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b6fb8f26a2
---------------------------
libsoup: upgrade 3.6.5 -> 3.6.6
Changelog:
============
* websocket: Fix out-of-bounds read in process_frame
* Check nulls returned by soup_date_time_new_from_http_string()
* Numerous fixes to handling of Range headers
* server: close the connection after responsing a request containing Content-Length and Transfer-Encoding
* Use CRLF as line boundary when parsing chunked enconding data
* websocket: do not accept messages frames after closing due to an error
* Sanitize filename of content disposition header values
* Always validate the headers value when coming from untrusted source
* uri-utils: do host validation when checking if a GUri is valid
* multipart: check length of bytes read soup_filter_input_stream_read_until()
* message-headers: Reject duplicate Host headers
* server: null-check soup_date_time_to_string()
* auth-digest: fix crash in soup_auth_digest_get_protection_space()
* session: fix 'heap-use-after-free' caused by 'finishing' queue item twice
* cookies: Avoid expires attribute if date is invalid
* http1: Set EOF flag once content-length bytes have been read
* date-utils: Add value checks for date/time parsing
* multipart: Fix multiple boundry limits
* Fixed multiple possible memory leaks
* message-headers: Correct merge of ranges
* body-input-stream: Correct chunked trailers end detection
* server-http2: Correctly validate URIs
* multipart: Fix read out of buffer bounds under soup_multipart_new_from_message()
* headers: Ensure Request-Line comprises entire first line
* tests: Fix MSVC build error
* Fix possible deadlock on init from gmodule usage
* Add Cornish translation
* Update Turkish translation
* Update Uighur translation
* Update Romanian translation
* Add Uzbek (Latin) translation
* Add Kazakh translation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 245c93e520
---------------------------
libgpg-error: upgrade 1.58 -> 1.59
License-Update: Copyright year updated to 2026.
Changelog:
=============
* Take care of POSIX semaphore "shared" semantics. This fixes a
problem on NetBSD.
* Fix preparing the environment block on Windows.
* Fix for GPGRT_PROCESS_*_KEEP flags on Windows.
* Update Russian and Swedish translations.
* Introduce autogen.rc variable autogen_use_force.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7d0252348a
---------------------------
libfontenc: upgrade 1.1.8 -> 1.1.9
Changelog:
===========
- gitlab CI: drop the ci-fairy check-mr job
- meson: Add option to build with meson
- configure: Use pkg-config to handle zlib dependency if possible
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 17be05faf5
---------------------------
libcap-ng/libcap-ng-python: Upgrade 0.9 -> 0.9.1
Changelog:
==============
- Deprecate captest
- In cap-audit, if tested app uses file system based capabilities, drop setpcap
- In cap-audit, fully resolve paths before classifying
- In cap-audit, add JSON escaping to output
- In cap-audit, filter pre-exec, startup, and shutdown capability noise
- pscap now has a --tree disply mode
- More code cleanups
- Improve output alignment of various utilities
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cb26060424
---------------------------
less: upgrade 691 -> 692
Changelog:
==========
- Revert HOME key to scroll to beginning of file and END key to scroll to end of file
- Configure tty to leave CR and NL unmodified
- Add commands to lesskey parser (forw-bell-hilite, goto-pos and osc8-jump).
- Add key sequences to lesskey parser (\kE, \kF, \kH, \kI, \kM, and \kS).
- Fix bug using negative value with -z option
- Fix bug handling empty terminfo capabilties
- Fix memory leak in setupterm
- Make lesstest ignore system locale (nl_langinfo)
License-Update: Copyright year updated to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 323707e7d2
---------------------------
hwdata: upgrade 0.403 -> 0.404
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 12b5aa194c
---------------------------
fastfloat: upgrade 8.2.2 -> 8.2.3
Changelog:
=========
- add base check for uint8
- fix issue with s390x.
- optimize uint16 parsing
- optimize fastfloat_strncasecmp
- Bump the github-actions group across 1 directory with 4 updates
- fix early return error in fastfloat_strncasecmp
- Clarify behavior for underflow
- Fix overzealous build-time /permissive- propagating to compile-time (cross-compilation bug)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9031c7a855
---------------------------
enchant2: upgrade 2.8.14 -> 2.8.15
Bugfix:
=========
- removing a word that happens to be at the end of a personal word list
file has not worked since 2.7.0.
- the way that personal word lists are merged with the current
session has been changed so that personal word list words now appear in
suggestions with providers that support adding words to the current session
(Aspell and Hunspell).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2077cbdbb2
---------------------------
ed: upgrade 1.22.4 -> 1.22.5
Changelog:
============
- Use 'sizeof active_list[0]' instead of 'sizeof (line_node **)'.
- A file name ending in slash '/' is now diagnosed as 'Invalid filename'
instead of 'Is a directory'.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b978208c23
---------------------------
diffoscope: upgrade 311 -> 313
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 76a5917034
---------------------------
ccache: upgrade 4.12.2 -> 4.12.3
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: acea8cee91
---------------------------
xauth: upgrade 1.1.4 -> 1.1.5
ChangeLog in 1.1.5:
commit 6fe9365f11181a043f151f2e67f36015c278791d
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Wed Dec 31 11:58:21 2025 -0800
xauth 1.1.5
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
commit 1cb1d8e0284870a03970a0a45d1c8cfe7ec6a696
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun May 18 16:31:05 2025 -0700
man page: fix warnings from `mandoc -T lint` and `groff -rCHECKSTYLE=10`
mandoc: xauth.1:26:13: WARNING: cannot parse date, using it verbatim: TH xauth 1.1.4
mandoc: xauth.1:33:2: WARNING: skipping paragraph macro: PP after SH
mandoc: xauth.1:225:2: WARNING: skipping paragraph macro: sp after PP
mandoc: xauth.1:216:2: WARNING: skipping paragraph macro: PP after SH
mandoc: xauth.1:254:2: WARNING: skipping paragraph macro: PP after SH
an.tmac:xauth.1:96: style: blank line in input
an.tmac:xauth.1:104: style: blank line in input
an.tmac:xauth.1:114: style: blank line in input
an.tmac:xauth.1:122: style: blank line in input
an.tmac:xauth.1:130: style: blank line in input
an.tmac:xauth.1:135: style: blank line in input
an.tmac:xauth.1:142: style: blank line in input
an.tmac:xauth.1:166: style: blank line in input
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/28>
commit 0d43570ad3ca169464daf4304151c9b8d7ab05b8
Author: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Fri Jul 22 14:57:37 2011 -0400
xauth: needs cookie handling warnings in man page [Debian bug #635109]
Reported-by: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635109
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/27>
commit 23735afd04ab561914aa3d5465532be0a6975fef
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun Mar 30 09:07:57 2025 -0700
Improve man page formatting
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/26>
commit 9e238deb87c07ecda45ad86ff1e4a49125839446
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun Mar 23 13:14:50 2025 -0700
Add --help and --version options
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/26>
commit eb8b2ef585dc837558cc3f02f85cb88d2a6de5db
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun Mar 23 11:25:50 2025 -0700
Report unknown argument that caused error before printing usage message
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/26>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 13c61003d5
---------------------------
python3-xmltodict: upgrade 1.0.2 -> 1.0.3
Release notes[1]:
Bug Fixes
- unparse: serialize None text/attrs as empty values (fixes #401) (aa16511)
Documentation
- readme: fix Fedora and Arch package links (fd6a73b)
[1] https://github.com/martinblech/xmltodict/releases/tag/v1.0.3
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 51291b4280
---------------------------
python3-uv-build: upgrade 0.9.28 -> 0.10.4
Released on 2026-02-17[1].
Enhancements
Remove duplicate references to the affected paths when showing uv python errors (#18008)
Skip discovery of workspace members that contain only git-ignored files, including in sub-directories (#18051)
Bug fixes
Don't panic when initialising a package at the filesystem root (e.g. uv init / --name foo) (#17983)
Fix permissions on wheel and sdist files produced by the uv_build build backend (#18020)
Revert locked file change to fix locked files on NFS mounts (#18071)
[1] https://github.com/astral-sh/uv/releases/tag/0.10.4
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1ed91ce336
---------------------------
python3-trove-classifiers: upgrade 2025.12.1.14 -> 2026.1.14.14
Rlease notes[1]:
Update __init__.py to add Cygwin as a classifier (#232)
Add "Environment :: Cygwin (MS Windows)" as a classifier as some modules,
such as mine, work on Windows but only via the Cygwin POSIX layer (www.cygwin.com)
[1] https://github.com/pypa/trove-classifiers/releases/tag/2026.1.14.14
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f18976f29e
---------------------------
python3-testtools: upgrade 2.8.2 -> 2.8.3
What's Changed [1]
- Support binary contents in FileContains matcher by @jelmer in #553
- Be more lenient to stream=None being passed into TestResult classes by @jelmer in #554
- Support async setUp/tearDown validation with Deferreds by @jelmer in #552
- Bump ruff from 0.14.9 to 0.14.10 by @dependabot[bot] in #555
- Add more typing, reduce size of testtools.compat by @jelmer in #556
- Bump ruff from 0.14.10 to 0.14.11 by @dependabot[bot] in #558
- Add more typing by @jelmer in #559
- Finish typing by @jelmer in #561
[1] https://github.com/testing-cabal/testtools/releases/tag/2.8.3
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 236c2886d8
---------------------------
python3-pyproject-metadata: upgrade 0.10.0 -> 0.11.0
Relase note [1]:
This release refactors a lot of the internals to break up conversion and validation.
This should not be noticeable except for better error messages in some cases. We also
now test on some downstream projects; if you are using pyproject-metadata for a backend,
you can suggest adding a downstream test to our noxfile.
Refactoring:
Restructured internals around conversion.
Internal and CI:
Test on some downstream projects.
Remove some PEP 621 terminology
[1] https://github.com/pypa/pyproject-metadata/releases/tag/0.11.0
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fe678e5026
---------------------------
python3-pycparser: upgrade 2.23 -> 3.0
Convert to python_setuptools_build_meta to fix
WARNING: python3-pycparser-3.0-r0 do_check_backend: QA Issue:
inherits setuptools3 but has pyproject.toml with setuptools.build_meta,
use the correct class [pep517-backend]
What's Changed [1]
- Removed dependency on PLY, by rewriting pycparser to use a hand-written lexer
and recursive-descent parser for C. No API changes / functionality changes
intended - the same AST is produced.
- Add support for Python 3.14 and drop EOL 3.8 by @hugovk in #581
- Update _ast_gen.py to be in sync with c_ast.py by @simonlindholm in #582
[1] https://github.com/eliben/pycparser/releases/tag/release_v3.00
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 276d058e05
---------------------------
python3-pip: upgrade 26.0 -> 26.0.1
ChangeLog: 26.0.1 (2026-02-04) [1]
Bug Fixes
Fix --pre not being respected from the command line when a requirement file includes an option e.g. -extra-index-url. (#13788)
[1] https://pip.pypa.io/en/stable/news/#v26-0-1
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 97f6925f97
---------------------------
python3-markdown: upgrade 3.10.1 -> 3.10.2
Release note [1]:
Fixed
- Fix a regression related to comment handling (#1590).
- More reliable fix for </ (#1593).
[1] https://github.com/Python-Markdown/markdown/releases/tag/3.10.2
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ba66d7bacd
---------------------------
python3-hypothesis: upgrade 6.151.4 -> 6.151.9
6.151.9 - 2026-02-16 [1]
- Remove some old unused code.
[1] https://hypothesis.readthedocs.io/en/latest/changelog.html#v6-151-9
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b6d83c4e3f
---------------------------
python3-cryptography{-vectors}: 46.0.4 -> 46.0.5
46.0.5 - 2026-02-10 [1]
- An attacker could create a malicious public key that reveals portions of your
private key when using certain uncommon elliptic curves (binary curves).
This version now includes additional security checks to prevent this attack.
This issue only affects binary elliptic curves, which are rarely used in
real-world applications. Credit to XlabAI Team of Tencent Xuanwu Lab and Atuin
Automated Vulnerability Discovery Engine for reporting the issue. CVE-2026-26007
- Support for SECT* binary elliptic curves is deprecated and will be removed in
the next release.
[1] https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst#4605---2026-02-10
Backport 0001-bump-uv_build-to-0.10.0-14271.patch to fix compile failure
...
| ERROR Missing dependencies:
| uv_build<0.10.0,>=0.7.19
| WARNING: exit code 1 from a shell command.
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0ab1016788
---------------------------
gn: upgrade to latest revision
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 66b4a77017
---------------------------
font-alias: upgrade 1.0.5 -> 1.0.6
ChangeLog in 1.0.6
commit ebeee85f070dc12197ad98d1c849786f8e3be124
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sat Feb 7 17:20:58 2026 -0800
font-alias 1.0.6
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
commit 55ceddb52f9e08a277ba634b2b0a03a9be31fb46
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun Jan 11 11:20:41 2026 -0800
gitlab CI: drop the ci-fairy check-mr job
The only thing this checked was the checkbox for allowing maintainers to
edit the MR. Changed permissions checks now fail this job but luckily
the setting it checked has been the default for years anyway so we can
drop it.
https://gitlab.freedesktop.org/freedesktop/ci-templates/-/issues/81
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
commit 184c43dd059f785537c8a48a4a7972c488ac1215
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun Nov 19 09:45:41 2023 -0800
Add a meson build system
Includes CI checks comparing installed files based on those from xorgproto
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bad35a5cae
---------------------------
ell: upgrade 0.81 -> 0.82
ChangeLog ver 0.82:
Fix issue with using -std=c23 compiler setting.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bfd987a19c
---------------------------
connman: upgrade 1.45 -> 2.0
ver 2.0 [1]:
Fix issue with agent request on NoReply D-Bus error.
Add support for DefaultEnabledTechnologies setting.
Remove installation of include headers.
[1] https://kernel.googlesource.com/pub/scm/network/connman/connman/+/refs/tags/2.0%5E%21/
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7cd04ea6e5
---------------------------
btrfs-tools: upgrade 6.17.1 -> 6.19
Release Notes:
https://github.com/kdave/btrfs-progs/releases/tag/v6.19
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7d35b0e792
---------------------------
pseudo: Add fix for glibc 2.43
Update to add a fix for a function definition to work with glibc 2.43.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fc291db504
---------------------------
oeqa/runtime/ptest: Improve timeout values
The ptest runner command has timeouts disabled which has the side effect of limiting
the command logging. This can lead to incomplete logs and makes issues harder to debug
since the log buffer is lost if things crash or are interrupted.
Pass in a timeout value of the ptest timeout + 30 so that debugging is improved.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af2a0a57bc
---------------------------
oeqa/runtime/ptest: Use a timeout with command, remove disabling
A simple 'which' call doesn't need the timeout disabling. This was likely
a copy and paste error and can be removed.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b57105311f
---------------------------
ptest-runner: Upgrade 2.5.0 -> 2.5.1
Pull in buffering fix:
"""
When running slow ptests, we can see an issue where the tests are writing output
but it doesn't make it to the process (e.g. ssh connection) running ptest-runner.
The issue is that the standard buffering for non-interactive terminals is 8kb and
some ptests don't output enough data to trigger a write. This can lead to
the controlling connection timing out.
This change forces the output streams to be line buffered in all cases. Most
ptest output would contain newlines so this should work well. stderr can be
unbuffered by default but making it consistent here seems the best approach.
Testing with this change on slow ptest runs (e.g. qemu emulated) showed much
more consistent data with this change.
"""
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1f87b57c82
---------------------------
ptest-runner: Use git tag in SRC_URI
Also, remove an extra line split.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 869d70d46c
---------------------------
ptest-runner: Upgrade 2.4.5.1 -> 2.5.0
Changelog:
- utils.c: Fix dirname() handling in run_ptests()
- ptest-runner-collect-system-data: add info to logs
- main.c: Set PYTHONUNBUFFERED in the environment
- utils.c: print a message when a timeout occurs
- main.c: Add print_helptext() for detailed help
- main.print_usage: Remove unused argument list of -l
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ac5e0160df
---------------------------
mesa: depend on mesa-tools-native for less expensive libclc dependency
libclc is required for some drivers (asahi, panfrost and intel at the
very least).
libclc brings very expensive per-target dependencies such as llvm and
clang.
However, we can make libclc depend on native tools (mesa-clc and
precomp-compiler via mesa-tools-native) such that this cost exists only
once (for the native build machine) and not for each machine to build.
So this migrates the libclc dependency to make use of the newly
introduced mesa-tools-native to make use of mesa-clc=system and
precomp-compiler=system.
We told the user to have libclc PACKAGECONFIG when selecting opencl
PACKAGECONFIG but its dependencies are now gone since we're using
mesa-tools-native for libclc. Therefore, this also moves the previous
dependencies of libclc PACKAGECONFIG to opencl such that we can still
build rusticl which still requires all dependencies from previous
implementation of libclc (as specified in meson.build[1][2][3][4]).
For some reason, libclc PACKAGECONFIG is still required otherwise
rusticl fails to build with the following (stripped) message:
"""
FAILED: [code=101] src/gallium/frontends/rusticl/rusticl_libc_bindings.rs
/build/tmp/work/cortexa35-poky-linux/mesa/25.3.3/recipe-sysroot-native/usr/bin/bindgen
../sources/mesa-25.3.3/src/gallium/frontends/rusticl/rusticl_libc_bindings.h
--output /build/tmp/work/cortexa35-poky-linux/mesa/25.3.3/build/src/gallium/frontends/rusticl/rusticl_libc_bindings.rs
[...]
-MD -MQ ../sources/mesa-25.3.3/src/gallium/frontends/rusticl/rusticl_libc_bindings.h
-MF src/gallium/frontends/rusticl/rusticl_libc_bindings.h.d
thread 'main' (3601157) panicked at bindgen/lib.rs:616:27:
Unable to find libclang: "couldn't find any valid shared libraries
matching: ['libclang.so', 'libclang-*.so', 'libclang.so.*',
'libclang-*.so.*'], set the `LIBCLANG_PATH` environment variable to a
path where one of these files can be found (invalid: [])"
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
"""
libclang.so is available in the sysroot. Exporting LIBCLANG_PATH with
"${STAGING_LIB_DIR}" in the recipe doesn't do anything.
So for now, we keep telling the user to add libclc PACKAGECONFIG when
opencl is selected (and keep it in mesa.bb when DISTRO_FEATURES has
opencl) and maybe can figure out why we cannot build rusticl without
libclc PACKAGECONFIG later on. I'm also not sure if the
Note that does mean that when selecting opencl, mesa will bring the
expensive dependencies again, but I'm not sure there's anything we can
do about that at the moment.
[1] https://gitlab.freedesktop.org/mesa/mesa/-/blob/mesa-25.3.4/meson.build?ref_type=tags#L838-L839
[2] https://gitlab.freedesktop.org/mesa/mesa/-/blob/mesa-25.3.4/meson.build?ref_type=tags#L850-L852
[3] https://gitlab.freedesktop.org/mesa/mesa/-/blob/mesa-25.3.4/meson.build?ref_type=tags#L1849-L1850
[4] https://gitlab.freedesktop.org/mesa/mesa/-/blob/mesa-25.3.4/meson.build?ref_type=tags#L1855-L1856
Suggested-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 937a0931dd
---------------------------
add mesa-tools native-only recipe
libclc is required for some drivers (asahi, panfrost and intel at the
very least).
libclc brings very expensive dependencies such as llvm (through its
spirv-llvm-translator dependency) and clang.
Building clang and llvm for each target architecture is very expensive,
but mesa allows to depend on prebuilt host binaries (mesa-clc and
precomp-compiler). Those are built by mesa as well, but can be compiled
in mesa-native instead of mesa, making the dependency expensive but only
once regardless of the number of target architectures to build for.
Ideally the mesa-clc and precomp-compiler would only be compiled in
mesa-native if target mesa requires libclc support, however this is not
possible as a target recipe cannot impact or depend on a native recipe's
configuration. We thus have two choices, always build libclc in
mesa-native with its heavy dependencies and impact every build, or force
the user to modify the mesa-native recipe in a custom layer (as a native
recipe cannot use target's OVERRIDES). The latter is unacceptable so the
former seems to be the only option. Another big downside is that
mesa-native currently builds drivers (amd, nouveau, svga) which we may
have absolutely no interest in building, increasing the build time and
possibly dependencies list.
A third choice is to spin-off the native mesa recipe with libclc support
into a new recipe without drivers and only what's necessary to build
mesa-clc and precomp-compiler binaries.
This allows to keep a "clean" mesa-native recipe for whoever needs those
drivers built-in (e.g. for testing, for qemu-native, or whatever else)
and only bring the libclc dependency when required by the target recipe.
This is the native mesa tool recipe from the third choice. The next
commit will make use of it in the mesa recipes.
Suggested-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 12099f39b3
---------------------------
mesa: security bump 26.0.0 -> 26.0.1
See https://docs.mesa3d.org/relnotes/26.0.1.html for the changelog and
sha256sum.
The announcement[1] on the mailing list states this contains an
important security fix.
[1] https://lists.freedesktop.org/archives/mesa-dev/2026-February/226597.html
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ec869f2d30
---------------------------
ruby: refresh patches
* 0003-rdoc-build-reproducible-documentation.patch remove the not needed
lines
* 0001-Don-t-save-the-original-name-and-timestamp.patch use better array
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aed892186f
---------------------------
kernel: remove pkg-config variables for old (<5.15) kernels
The kernel has supported setting an alternative binary for pkg-config
with a variable since 5.19 (in 2022[1]) and we set that to
pkg-config-native, so there is no longer any need to also manually set
the PKG_CONFIG_* variables.
The relevant commit was backported and is present in 5.15.91 onwards,
but is not yet in 5.10.x.
[1] linux d5ea4fece450 ("kbuild: Allow kernel installation packaging to override pkg-config")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Acked-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1d14eed195
---------------------------
qemu: extend PKG_CONFIG_LIBDIR when using the host search path
The qemu recipe does something horrible when building natively and can
also search the build host's search path.
Now that we've moved from PKG_CONFIG_PATH to PKG_CONFIG_LIBDIR, this
code also needs to do the same as otherwise it will find packages on the
build host before the native sysroot.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 52c7dbb1d4
---------------------------
classes/pkgconfig: rationalise variable usage
Our PKG_CONFIG_* variables were a bit of a mess.
First, PKG_CONFIG_DIR is not used by either pkg-config or pkgconf. It's
set to (approximately) ${libdir}/pkgconfig but we also want to search
${datadir}/pkgconfig so it isn't actually useful as an intermediate
variable.
Remove PKG_CONFIG_DIR and replace with the neatest expression for the
value we want: ${STAGING_LIBDIR}/pkgconfig.
Second, PKG_CONFIG_PATH and PKG_CONFIG_LIBDIR shouldn't be set to the
same paths. The semantics of these variables is that PKG_CONFIG_PATH is
searched first, followed by either PKG_CONFIG_LIBDIR or the default paths
compiled into the pkg-config binary.
Currently we set PKG_CONFIG_PATH to (approx.) ${libdir}:${datadir} and
PKG_CONFIG_LIBDIR to ${libdir}, so we search libdir twice.
Also the default paths embedded in the binary will be incorrect as they
point to pkgconfig-native's sysroot, so we absolutely need to set
PKG_CONFIG_LIBDIR.
Instead, set PKG_CONFIG_LIBDIR to ${libdir}:${datadir} so that the
default search path is correct. We can then leave PKG_CONFIG_PATH empty,
if a recipe has specific needs it can set that but normally it is not
needed anymore.
Then bubble these changes out to the few places where the variables are
used directly:
- Kernel/kconfig interaction where 'pkg-config' needs to read the
native files, not target.
- The class classes (native, etc) which redefine the values. However,
as the values are defined in terms of sysroot variables, we can
typically remove assignments from those classes as they are redundant.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af423b499c
---------------------------
classes/pkgconfig: move assignments
Move the pkg-config-specific assignments (PKG_CONFIG_LIBDIR, etc) out of
bitbake.conf and into pkgconfig.bbclass.
Note that the assignments now have to be ?= so that recipes such as
gdb-cross-canadian-* can build. This is because previously the assignment
order of PKG_CONFIG_PATH was:
1) bitbake.conf
2) cross-canadian.bbclass
But with this new layout it is:
1) cross-canadian.bbclass
2) pkgconfig.bbclass
If pkgconfig does a hard assign then it replaces any assignments that
have happened already.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 00a4c1104e
---------------------------
systemd: add back warning for use with musl
Add back a warning linking to the release notes to alert users that
systemd with musl is still experimental and has limitations compared to
glibc.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1475feef95
---------------------------
systemd 259.1: fix udev rootfs by-partuuid link generation
systemd update from 257 to 258 broke genericarm64 machine boot
on Renesas SMARC EVK board. The firmware and kernel drivers
trigger a lot of udev events and the changed event priority handling
meant that rootfs by-partuuid link was not generated inside
initramfs even when all needed kernel drivers were loaded
and correct block devices were detected.
Backported patches from main branch fix the issue. The patches
have been queued to upstream v258 and v259 stable branches.
For details see:
https://github.com/systemd/systemd/issues/40654
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: d87c75c831
---------------------------
systemd: upgrade from 258.1 to 259.1
Changes with v259:
https://github.com/systemd/systemd/releases/tag/v259
The 'iptc' PACKAGECONFIG is dropped, because:
"""
systemd-networkd and systemd-nspawn no longer support creating NAT
rules via iptables/libiptc APIs; only nftables is now supported.
"""
Add 'empower' group for systemd. See commit below:
https://github.com/systemd/systemd/commit/3150c342705f4ac27f2b3299ac0961e7a70e4451
This new version has big change on musl support.
"""
Incomplete support for musl libc is now available by setting the
"libc" meson option to "musl".
...
This support for musl is provided without a promise of continued
support in future releases.
"""
See https://github.com/systemd/systemd/blob/main/NEWS#L562 for more details.
Here are some examples:
- The musl specific '-D_LARGEFILE64_SOURCE' could be dropped because:
https://github.com/systemd/systemd/commit/fb33d20c072f2e7c3d500f00f8c04c99271f34c1
- The 0017-Always-include-netinet-if_ether.h-first.patch and '-D__UAPI_DEF_ETHHDR=0
could be dropped because:
https://github.com/systemd/systemd/commit/8324ef421373c84b5034bf47b84fe42d84b1032f
- The 0015-Avoid-sequence-point-error.patch could be dropped because:
https://github.com/systemd/systemd/commit/ebbc0ea7fd764c870bb8689111138b4f73854d42
With the above musl support, here are the changes for this 259.1 recipe:
- Add '-Dlibc=${TCLIBC}' configure option.
- The musl warning, do_warn_musl, is removed.
- *ALL* musl specific patches are dropped.
Any further fix for musl should be sent to systemd upstream.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 8575c4b23c
---------------------------
linux-yocto/6.18: genericarm64: fix configuration audit warning
Integrating the following commit(s) to linux-yocto/.:
1/1 [
Author: Bruce Ashfield
Email: bruce.ashfield@gmail.com
Subject: genericarm64: drop CONFIG_PINCTRL_SM8350_LPASS_LPI
Date: Tue, 3 Mar 2026 11:48:55 -0500
It has been removed upstream:
commit 112d4978099700bcf5e3a4a7e571cf672188f3bc
Author: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Date: Thu Jan 8 11:07:22 2026 +0100
pinctrl: qcom: sm8350-lpass-lpi: Merge with SC7280 to fix I2S2 and SWR TX pins
commit 1fbe3abb449c5ef2178e1c3e3e8b9a43a7a410ac upstream.
Qualcomm SC7280 and SM8350 SoCs have slightly different LPASS audio
blocks (v9.4.5 and v9.2), however the LPASS LPI pin controllers are
exactly the same. The driver for SM8350 has two issues, which can be
fixed by simply moving over to SC7280 driver which has them correct:
1. "i2s2_data_groups" listed twice GPIO12, but should have both GPIO12
and GPIO13,
2. "swr_tx_data_groups" contained GPIO5 for "swr_tx_data2" function, but
that function is also available on GPIO14, thus listing it twice is
not necessary. OTOH, GPIO5 has also "swr_rx_data1", so selecting
swr_rx_data function should not block the TX one.
Fixes: be9f6d56381d ("pinctrl: qcom: sm8350-lpass-lpi: add SM8350 LPASS TLMM")
Cc: stable@vger.kernel.org
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com>
Reviewed-by: Konrad Dybcio <konrad.dybcio@oss.qualcomm.com>
Signed-off-by: Linus Walleij <linusw@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
And is causing an audit warning, so we drop our assignement
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 05ea604e9f
---------------------------
ruby: Fix reproducibility issue in docs package
Add a patch, submitted upstream to address a timestamp sometimes added to the
docs files.
[RP: Extracted the missing pieces of a v2 patch into a separate commit]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0fdacec2d7
---------------------------
sbom-cve-check: add recipe
Provide sbom-cve-check (native) executable.
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a83eaca5d9
---------------------------
python3-spdx-python-model: add recipe
- Part of the dependency chain for sbom-cve-check
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 41591afd51
---------------------------
python3-hatch-build-scripts: add recipe
- Build dependency of python3-spdx-python-model.
- Part of the dependency chain for sbom-cve-check
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 48622216cb
---------------------------
python3-shacl2code: add recipe
- Build dependency of python3-spdx-python-model.
- Part of the dependency chain for sbom-cve-check
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b787047d7b
---------------------------
maintainers.inc: Sort list in alphabetical order
No modification was realized except sorting the content of the file.
This way this is easier to add an entry; we just have to add a line
into maintainers.inc file, and sort it again.
Signed-off-by: Benjamin Robin <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 763c60ceb9
---------------------------
oe-selftest: devtool: add ide-sdk test for kernel modules
Add a new selftest that validates `devtool ide-sdk --ide=code` output for
a kernel module recipe.
The test verifies:
- generated makefile build/clean configurations
- read-only kernel source mapping
- exported cross-build terminal environment variables
- kernel-specific file exclude patterns
- extension recommendations for makefile/cpptools
- `gnu11` and kernel include paths in c_cpp_properties.json
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf58d7c393
---------------------------
meta-selftest: add test kernel module recipe
Add a minimal out-of-tree kernel module and corresponding recipe under
meta-selftest for devtool ide-sdk test coverage.
This provides a simple module source and Makefile that can be built via
the module class in selftest scenarios.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aaf15d656d
---------------------------
devtool: ide-sdk: support kernel module development
This add very basic support for kernel module development with devtool
ide-sdk. It exports the kernel build environment and sets up
tasks for building and cleaning the module. But it does not yet support
install, deploy, and debug tasks. It looks like possible to offer the
same level of support as for CMake and Meson based projects, but that
requires more work.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 570dd06a70
---------------------------
module.bbclass: move environment setup to kernel_module.py
Refactor: move kernel module environment setup from do_devshell to
kernel_module.py
Extract the kernel module environment variable setup from do_devshell
into oe.kernel_module.kernel_module_os_env(). This enables code reuse
for future features such as devtool ide-sdk.
Note: it would also be possible to e.g. bb.utils.py. But when every such
a widely used utility function gets changed, bitbake needs to recompile
a lot of code. Therefore it's probably better to put it into a
separate file. It also is a very specific function, so oe.kernel_module
seems to be a good place.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 64a9f4ca08
---------------------------
devtool: ide-sdk gate gdbserver warnings on recipe need
Add a `wants_gdbserver` attribute to modified recipes and evaluate it
across the selected set. Only emit warnings about missing `gdbserver`
and missing `image-combined-dbg` when at least one recipe actually
requires remote debugging support.
This avoids noisy, irrelevant warnings in setups that do not use
gdbserver.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e13ba36abe
---------------------------
oe-selftest: devtool: improve test_devtool_ide_sdk_shared_sysroots
In shared-sysroot IDE SDK mode, the C++ CMake example test ran CMake
commands but did not assert that configure/build completed successfully.
This could hide failures and produce false positives.
Capture command output from both steps and assert expected messages:
- configure: "Build files have been written to: <builddir>"
- build: "Built target"
This makes the test explicitly fail when CMake configure or build does not
complete as expected.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 53649a0638
---------------------------
oe-selftest: devtool: add compile step in ide-sdk tests
Add explicit compile step to the ide-sdk test workflow. The current
implementation relies on calling bitbake -c install to perform the
install step, which also triggers a build. But this will change when
bitbake will support task execution without handling dependencies.
To make the tests future-proof, add an explicit compile step after
modifying the source code.
This also improves the test coverage for meson based recipes, as the
compile step is now explicitly tested.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f3aaef3eeb
---------------------------
templates: site.conf.sample: remove CVS proxy instructions
The CVS fetcher was disabled with 5427500e4f23 ("fetch: Drop CVS fetcher
module") in BitBake. Remove the CVS instructions from this file.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5478429e67
---------------------------
libadwaita: upgrade 1.8.2 -> 1.8.4
=============
Version 1.8.4
=============
- AdwDialog
- Fix initial focus in bottom sheet mode
- AdwWrapBox
- Fix ADW_JUSTIFY_SPREAD
- Translation updates
- Indonesian
- Kazakh
- Romanian
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0b95808bfd
---------------------------
gtk4: upgrade 4.20.2 -> 4.20.3
Changelog
https://gitlab.gnome.org/GNOME/gtk/-/blob/4.20.3/NEWS?ref_type=tags
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6078e7422a
---------------------------
systemd: add nologin shell to polkitd user
Signed-off-by: sven.kalmbach <sven.kalmbach@loewensteinmedical.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fb20afa7a2
---------------------------
libcomps: upgrade 0.1.23 -> 0.1.24
The project did not publish release notes, but the list of changes is available
at [0].
[0]: https://github.com/rpm-software-management/libcomps/compare/0.1.23...0.1.24
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 80ff4903ea
---------------------------
improve_kernel_cve_report: validate that cve details field exists
Check if the cve information has the details field to avoid crashing
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9ea6d9209b
---------------------------
improve_kernel_cve_report: update data if CVE exists
This allow to include additional information if one of the
sources is more complete. Updating description with more
up to date information and including summary.
For example:
Before while using cve_check:
{
"id": "CVE-2025-68167",
"status": "Patched",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-68167",
"detail": "fixed-version",
"description": "Fixed from version 6.18"
},
After:
{
"id": "CVE-2025-68167",
"status": "Patched",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-68167",
"detail": "fixed-version",
"description": "Fixed from version 6.18",
"summary": "In the Linux kernel, the following (...)"
},
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b76da2048b
---------------------------
improve_kernel_cve_report: correct description for fixed-version
Remove duplication in the description when fixed-version, to be
consistent with the other status description.
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 682e5beb0c
---------------------------
improve_kernel_cve_report: sort kernel_compiled_files
Sorting the set so the that output is predictable
Signed-off-by: Andrew Fenner <andrew.fenner@est.tech>
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 769f8557f5
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.13)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 2 changes (2 new | 0 updated): - 2 new CVEs: CVE-2026-2969, CVE-2026-2970 - 0 updated CVEs:
Date: Mon, 23 Feb 2026 04:14:58 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 70dd0ddfcf
---------------------------
linux-yocto/6.18: update to v6.18.13
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
25e0b1c206e3d Linux 6.18.13
df337ba02ca53 f2fs: fix incomplete block usage in compact SSA summaries
855c54f1803e3 f2fs: fix to do sanity check on node footer in {read,write}_end_io
cd2fec912a0f0 f2fs: fix to do sanity check on node footer in __write_node_folio()
715a7a72e4736 USB: serial: option: add Telit FN920C04 RNDIS compositions
f611dafe0ffd3 iommu/arm-smmu-qcom: do not register driver in probe()
0415ae51a40e3 f2fs: optimize f2fs_overwrite_io() for f2fs_iomap_begin
fee27b69dde1a f2fs: fix to avoid mapping wrong physical block for swapfile
97e4f479939e5 f2fs: support non-4KB block size without packed_ssa feature
995030be4ce63 f2fs: fix to avoid UAF in f2fs_write_end_io()
d4a594dd952df f2fs: fix out-of-bounds access in sysfs attribute read/write
bd66b4c487d50 f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes
70cf1e96bde07 f2fs: fix to check sysfs filename w/ gc_pin_file_thresh correctly
fb9f7e52273db f2fs: fix to add gc count stat in f2fs_gc_range
1c008ad0f0d1c fbdev: smscufx: properly copy ioctl memory to kernelspace
3e4cbd1d46c24 fbdev: rivafb: fix divide error in nv3_arb()
98d91080517d4 cpuset: Fix missing adaptation for cpuset_is_populated
eaa9fcf57934c LoongArch: Rework KASAN initialization for PTW-enabled systems
9b671f6f432be mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather
0c74d37343b93 arm64: dts: mediatek: mt8183: Add missing endpoint IDs to display graph
6d66464d1a059 gpiolib: acpi: Fix gpio count with string references
fa4938e0d0d64 io_uring/fdinfo: be a bit nicer when looping a lot of SQEs/CQEs
cab928242853a ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put()
00c57e2369386 drm/amd/display: remove assert around dpp_base replacement
8e6f503961709 drm/amd/display: extend delta clamping logic to CM3 LUT helper
f2584f791a103 tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow
7bc40c6f36575 ASoC: cs42l43: Correct handling of 3-pole jack load detection
a8ed5b974a244 platform/x86: panasonic-laptop: Fix sysfs group leak in error path
2ca80dd4bb0e2 ASoC: sof_sdw: Add a quirk for Lenovo laptop using sidecar amps with cs42l43
bb6ff25035da5 platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro
a9584e9e46448 ALSA: hda/realtek: Enable headset mic for Acer Nitro 5
78783e8d588cf ASoC: amd: yc: Add quirk for HP 200 G2a 16
c3b2e922924bf ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9
97528b1622b8f platform/x86: classmate-laptop: Add missing NULL pointer checks
efdb9c8ca3cfb drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used
4b71ad7676564 romfs: check sb_set_blocksize() return value
d2e01e0c5e947 ALSA: hda/realtek - fixed speaker no sound
20bc7062c352f ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel
1bdbcf326474c ALSA: hda/realtek: Add quirk for Inspur S14-G1
b0b2cb84b64a9 gpio: sprd: Change sprd_gpio lock to raw_spin_lock
652667ac1369e ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list
464a50c6b23aa rust: driver: fix broken intra-doc links to example driver types
7d82e965fe0e3 rust: dma: fix broken intra-doc links
68dd6c5ebe799 rust: device: fix broken intra-doc links
31f33b856d232 scsi: qla2xxx: Fix bsg_done() causing double free
2784b1b43af37 Linux 6.18.12
53a76425e0764 Revert "driver core: enforce device_lock for driver_match_device()"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8dc1e294f1
---------------------------
linux-yocto/6.18: genericarm64: feature splits and enablement
Integrating the following commit(s) to linux-yocto/.:
98a36302 cfgs/nfc: create an intel-nfc-vendor specific feature
6350b56a netfilter.cfg: enable NF_CONNTRACK_SNMP
a425fdd0 pmem.cfg: enable DEV_DAX and DEV_DAX_HMEM
70eeaeff genericarm64.scc: enable TRANSPARENT_HUGEPAGE support
d62a1267 security-arm64.cfg: rename CFI_CLANG to CFI
b925ef94 security-arm64.cfg: correctly enable KASAN
1fdb98a4 security-arm64.cfg: add comment for ARM64_BTI_KERNEL
6d8bf6f0 security.cfg: move RANDOMIZE_MEMORY to x86_64
18fcb6dc arm.scc: move ARM_CPUIDLE to arm only
7e1d9b2b numa_x86_64.scc: move x86_64 config from numa.cfg to numa_x86_64.cfg
e93e999e sound.cfg: split SND_SOC_WM8731 to I2C and SPI variants
5a567776 sound_x86.scc: take over x86 configs from sound.scc
1ae7ce94 genericarm64.cfg: enable MTD NAND ECC support
15d48f71 genericarm64.cfg: enable TI MTD NAND support
40a67254 genericarm64-serial.cfg: set SERIAL_8250_CONSOLE to y
5ee6148e qemu-kvm.cfg: remove extra space
9f780417 firmware.cfg: whitespace fixes
bc221187 genericarm64.cfg: fix CONFIG_PM_DEVFREQ_EVENT
aef69bf3 Revert "genericarm64.scc: enable OP-TEE support"
6f597e1a genericarm64.cfg: enable SCSI support for HiSilicon etc
f1f313cf genericarm64.scc: enable RPMB support
a4565911 genericarm64.scc: enable GNSS support
391566e2 gnss.scc: add feature
d40a455d genericarm64.cfg: enable more bus drivers
20e41104 genericarm64.cfg: enable PCI_PASID support
0b2967f5 genericarm64.scc: enable NFC support
2643b37e nfc-vendor.scc: move Intel configs to nfc-vendor-intel.cfg
b1d00b01 genericarm64.scc: enable RFKILL LED, INPUT and GPIO
92610953 rfkill-extra.scc: add fragment for RFKILL LEDs, input and GPIO support
fc7d5f45 bluetooth.cfg: enable BT_LEDS support
f18ec272 genericarm64.scc: enable HSR
79fa2c17 hsr.scc: add feature for High-availability Seamless Redundancy (HSR & PRP)
1313923a genericarm64.scc: enable Time Sensitive Networking
e190eeff intel-x86.scc: enable hibernation with feature
c941f4ee genericarm64.scc: enable hibernation support
ce5c6d9d hibernation.scc: add feature
83620a7d bluetooth-usb.cfg: enable MediaTek and RealTek support
cf6e1261 bluetooth-hw.cfg: enable BT_MTK
ffdd0769 genericarm64.cfg: enable Microchip PHY support
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0b29b97c40
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.11)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 1416 changes (1 new | 1415 updated): - 1 new CVEs: CVE-2026-2563 - 1415 updated CVEs: CVE-2001-0143, CVE-2001-0144, CVE-2001-0145, CVE-2001-0146, CVE-2001-0147, CVE-2001-0148, CVE-2001-0149, CVE-2001-0150, CVE-2001-0151, CVE-2001-0152, CVE-2001-0153, CVE-2001-0154, CVE-2001-0155, CVE-2001-0156, CVE-2001-0157, CVE-2001-0160, CVE-2001-0161, CVE-2001-0162, CVE-2001-0163, CVE-2001-0164, CVE-2001-0165, CVE-2001-0166, CVE-2001-0167, CVE-2001-0168, CVE-2001-0169, CVE-2001-0170, CVE-2001-0171, CVE-2001-0172, CVE-2001-0173, CVE-2001-0174, CVE-2001-0175, CVE-2001-0176, CVE-2001-0177, CVE-2001-0178, CVE-2001-0179, CVE-2001-0180, CVE-2001-0181, CVE-2001-0182, CVE-2001-0183, CVE-2001-0184, CVE-2001-0185, CVE-2001-0186, CVE-2001-0187, CVE-2001-0188, CVE-2001-0189, CVE-2001-0190, CVE-2001-0191, CVE-2001-0192, CVE-2001-0193, CVE-2001-0194, CVE-2001-0195, CVE-2001-0196, CVE-2001-0197, CVE-2001-0198, CVE-2001-0199, CVE-2001-0200, CVE-2001-0201, CVE-2001-0202, CVE-2001-0203, CVE-2001-0204, CVE-2001-0205, CVE-2001-0206, CVE-2001-0207, CVE-2001-0208, CVE-2001-0209, CVE-2001-0210, CVE-2001-0211, CVE-2001-0212, CVE-2001-0213, CVE-2001-0214, CVE-2001-0215, CVE-2001-0216, CVE-2001-0217, CVE-2001-0218, CVE-2001-0219, CVE-2001-0220, CVE-2001-0221, CVE-2001-0222, CVE-2001-0223, CVE-2001-0224, CVE-2001-0225, CVE-2001-0226, CVE-2001-0227, CVE-2001-0228, CVE-2001-0229, CVE-2001-0230, CVE-2001-0231, CVE-2001-0232, CVE-2001-0233, CVE-2001-0234, CVE-2001-0235, CVE-2001-0236, CVE-2001-0237, CVE-2001-0238, CVE-2001-0239, CVE-2001-0240, CVE-2001-0241, CVE-2001-0242, CVE-2001-0243, CVE-2001-0244, CVE-2001-0245, CVE-2001-0246, CVE-2001-0247, CVE-2001-0248, CVE-2001-0249, CVE-2001-0250, CVE-2001-0251, CVE-2001-0252, CVE-2001-0253, CVE-2001-0254, CVE-2001-0255, CVE-2001-0256, CVE-2001-0257, CVE-2001-0258, CVE-2001-0259, CVE-2001-0260, CVE-2001-0261, CVE-2001-0262, CVE-2001-0263, CVE-2001-0264, CVE-2001-0265, CVE-2001-0266, CVE-2001-0267, CVE-2001-0268, CVE-2001-0269, CVE-2001-0270, CVE-2001-0271, CVE-2001-0272, CVE-2001-0273, CVE-2001-0274, CVE-2001-0275, CVE-2001-0276, CVE-2001-0277, CVE-2001-0278, CVE-2001-0279, CVE-2001-0280, CVE-2001-0281, CVE-2001-0282, CVE-2001-0283, CVE-2001-0284, CVE-2001-0285, CVE-2001-0286, CVE-2001-0287, CVE-2001-0288, CVE-2001-0289, CVE-2001-0290, CVE-2001-0291, CVE-2001-0292, CVE-2001-0293, CVE-2001-0294, CVE-2001-0295, CVE-2001-0296, CVE-2001-0297, CVE-2001-0298, CVE-2001-0299, CVE-2001-0300, CVE-2001-0301, CVE-2001-0302, CVE-2001-0303, CVE-2001-0304, CVE-2001-0305, CVE-2001-0306, CVE-2001-0307, CVE-2001-0308, CVE-2001-0309, CVE-2001-0310, CVE-2001-0311, CVE-2001-0312, CVE-2001-0313, CVE-2001-0314, CVE-2001-0315, CVE-2001-0316, CVE-2001-0317, CVE-2001-0318, CVE-2001-0319, CVE-2001-0320, CVE-2001-0321, CVE-2001-0322, CVE-2001-0323, CVE-2001-0324, CVE-2001-0325, CVE-2001-0326, CVE-2001-0327, CVE-2001-0328, CVE-2001-0329, CVE-2001-0330, CVE-2001-0331, CVE-2001-0332, CVE-2001-0333, CVE-2001-0334, CVE-2001-0335, CVE-2001-0336, CVE-2001-0337, CVE-2001-0338, CVE-2001-0339, CVE-2001-0340, CVE-2001-0341, CVE-2001-0344, CVE-2001-0345, CVE-2001-0346, CVE-2001-0347, CVE-2001-0348, CVE-2001-0349, CVE-2001-0350, CVE-2001-0351, CVE-2001-0352, CVE-2001-0353, CVE-2001-0354, CVE-2001-0355, CVE-2001-0357, CVE-2001-0358, CVE-2001-0359, CVE-2001-0360, CVE-2001-0361, CVE-2001-0364, CVE-2001-0365, CVE-2001-0366, CVE-2001-0367, CVE-2001-0368, CVE-2001-0369, CVE-2001-0370, CVE-2001-0371, CVE-2001-0372, CVE-2001-0373, CVE-2001-0374, CVE-2001-0375, CVE-2001-0376, CVE-2001-0377, CVE-2001-0378, CVE-2001-0379, CVE-2001-0380, CVE-2001-0381, CVE-2001-0382, CVE-2001-0383, CVE-2001-0384, CVE-2001-0385, CVE-2001-0386, CVE-2001-0387, CVE-2001-0388, CVE-2001-0389, CVE-2001-0390, CVE-2001-0391, CVE-2001-0392, CVE-2001-0393, CVE-2001-0394, CVE-2001-0395, CVE-2001-0396, CVE-2001-0397, CVE-2001-0398, CVE-2001-0399, CVE-2001-0400, CVE-2001-0401, CVE-2001-0402, CVE-2001-0403, CVE-2001-0404, CVE-2001-0405, CVE-2001-0406, CVE-2001-0407, CVE-2001-0408, CVE-2001-0409, CVE-2001-0410, CVE-2001-0411, CVE-2001-0412, CVE-2001-0413, CVE-2001-0414, CVE-2001-0415, CVE-2001-0416, CVE-2001-0417, CVE-2001-0418, CVE-2001-0419, CVE-2001-0420, CVE-2001-0421, CVE-2001-0422, CVE-2001-0423, CVE-2001-0424, CVE-2001-0425, CVE-2001-0426, CVE-2001-0427, CVE-2001-0428, CVE-2001-0429, CVE-2001-0430, CVE-2001-0431, CVE-2001-0432, CVE-2001-0433, CVE-2001-0434, CVE-2001-0435, CVE-2001-0436, CVE-2001-0437, CVE-2001-0438, CVE-2001-0439, CVE-2001-0440, CVE-2001-0441, CVE-2001-0442, CVE-2001-0443, CVE-2001-0444, CVE-2001-0446, CVE-2001-0447, CVE-2001-0448, CVE-2001-0449, CVE-2001-0450, CVE-2001-0451, CVE-2001-0452, CVE-2001-0453, CVE-2001-0454, CVE-2001-0455, CVE-2001-0456, CVE-2001-0457, CVE-2001-0458, CVE-2001-0459, CVE-2001-0460, CVE-2001-0461, CVE-2001-0462, CVE-2001-0463, CVE-2001-0464, CVE-2001-0465, CVE-2001-0466, CVE-2001-0467, CVE-2001-0468, CVE-2001-0469, CVE-2001-0470, CVE-2001-0471, CVE-2001-0472, CVE-2001-0473, CVE-2001-0474, CVE-2001-0475, CVE-2001-0476, CVE-2001-0477, CVE-2001-0478, CVE-2001-0479, CVE-2001-0480, CVE-2001-0481, CVE-2001-0482, CVE-2001-0483, CVE-2001-0484, CVE-2001-0485, CVE-2001-0486, CVE-2001-0487, CVE-2001-0488, CVE-2001-0489, CVE-2001-0490, CVE-2001-0491, CVE-2001-0492, CVE-2001-0493, CVE-2001-0494, CVE-2001-0495, CVE-2001-0496, CVE-2001-0497, CVE-2001-0498, CVE-2001-0499, CVE-2001-0500, CVE-2001-0501, CVE-2001-0502, CVE-2001-0503, CVE-2001-0504, CVE-2001-0505, CVE-2001-0506, CVE-2001-0507, CVE-2001-0508, CVE-2001-0509, CVE-2001-0513, CVE-2001-0514, CVE-2001-0515, CVE-2001-0516, CVE-2001-0517, CVE-2001-0518, CVE-2001-0519, CVE-2001-0520, CVE-2001-0521, CVE-2001-0522, CVE-2001-0523, CVE-2001-0524, CVE-2001-0525, CVE-2001-0526, CVE-2001-0527, CVE-2001-0528, CVE-2001-0529, CVE-2001-0530, CVE-2001-0533, CVE-2001-0534, CVE-2001-0535, CVE-2001-0537, CVE-2001-0538, CVE-2001-0540, CVE-2001-0541, CVE-2001-0542, CVE-2001-0543, CVE-2001-0544, CVE-2001-0545, CVE-2001-0546, CVE-2001-0547, CVE-2001-0548, CVE-2001-0549, CVE-2001-0550, CVE-2001-0551, CVE-2001-0552, CVE-2001-0553, CVE-2001-0554, CVE-2001-0555, CVE-2001-0556, CVE-2001-0557, CVE-2001-0558, CVE-2001-0559, CVE-2001-0560, CVE-2001-0561, CVE-2001-0562, CVE-2001-0563, CVE-2001-0564, CVE-2001-0565, CVE-2001-0566, CVE-2001-0567, CVE-2001-0568, CVE-2001-0569, CVE-2001-0570, CVE-2001-0571, CVE-2001-0572, CVE-2001-0573, CVE-2001-0574, CVE-2001-0575, CVE-2001-0576, CVE-2001-0577, CVE-2001-0578, CVE-2001-0579, CVE-2001-0580, CVE-2001-0581, CVE-2001-0582, CVE-2001-0583, CVE-2001-0584, CVE-2001-0585, CVE-2001-0586, CVE-2001-0587, CVE-2001-0588, CVE-2001-0589, CVE-2001-0590, CVE-2001-0591, CVE-2001-0592, CVE-2001-0593, CVE-2001-0594, CVE-2001-0595, CVE-2001-0596, CVE-2001-0597, CVE-2001-0598, CVE-2001-0599, CVE-2001-0600, CVE-2001-0601, CVE-2001-0602, CVE-2001-0603, CVE-2001-0604, CVE-2001-0605, CVE-2001-0606, CVE-2001-0607, CVE-2001-0608, CVE-2001-0609, CVE-2001-0610, CVE-2001-0611, CVE-2001-0612, CVE-2001-0613, CVE-2001-0614, CVE-2001-0615, CVE-2001-0616, CVE-2001-0617, CVE-2001-0618, CVE-2001-0619, CVE-2001-0620, CVE-2001-0621, CVE-2001-0622, CVE-2001-0623, CVE-2001-0624, CVE-2001-0625, CVE-2001-0626, CVE-2001-0627, CVE-2001-0628, CVE-2001-0629, CVE-2001-0630, CVE-2001-0631, CVE-2001-0632, CVE-2001-0633, CVE-2001-0634, CVE-2001-0635, CVE-2001-0636, CVE-2001-0641, CVE-2001-0642, CVE-2001-0643, CVE-2001-0644, CVE-2001-0645, CVE-2001-0646, CVE-2001-0647, CVE-2001-0648, CVE-2001-0649, CVE-2001-0650, CVE-2001-0652, CVE-2001-0653, CVE-2001-0654, CVE-2001-0655, CVE-2001-0656, CVE-2001-0657, CVE-2001-0658, CVE-2001-0659, CVE-2001-0660, CVE-2001-0662, CVE-2001-0663, CVE-2001-0664, CVE-2001-0665, CVE-2001-0666, CVE-2001-0667, CVE-2001-0668, CVE-2001-0669, CVE-2001-0670, CVE-2001-0671, CVE-2001-0674, CVE-2001-0675, CVE-2001-0676, CVE-2001-0677, CVE-2001-0678, CVE-2001-0679, CVE-2001-0680, CVE-2001-0681, CVE-2001-0682, CVE-2001-0683, CVE-2001-0684, CVE-2001-0685, CVE-2001-0686, CVE-2001-0687, CVE-2001-0688, CVE-2001-0689, CVE-2001-0690, CVE-2001-0691, CVE-2001-0692, CVE-2001-0693, CVE-2001-0694, CVE-2001-0695, CVE-2001-0696, CVE-2001-0697, CVE-2001-0698, CVE-2001-0699, CVE-2001-0700, CVE-2001-0701, CVE-2001-0702, CVE-2001-0703, CVE-2001-0704, CVE-2001-0705, CVE-2001-0706, CVE-2001-0707, CVE-2001-0708, CVE-2001-0709, CVE-2001-0710, CVE-2001-0711, CVE-2001-0712, CVE-2001-0713, CVE-2001-0714, CVE-2001-0715, CVE-2001-0716, CVE-2001-0717, CVE-2001-0718, CVE-2001-0719, CVE-2001-0720, CVE-2001-0721, CVE-2001-0722, CVE-2001-0723, CVE-2001-0724, CVE-2001-0726, CVE-2001-0727, CVE-2001-0728, CVE-2001-0729, CVE-2001-0730, CVE-2001-0731, CVE-2001-0733, CVE-2001-0734, CVE-2001-0735, CVE-2001-0736, CVE-2001-0737, CVE-2001-0738, CVE-2001-0739, CVE-2001-0740, CVE-2001-0741, CVE-2001-0742, CVE-2001-0743, CVE-2001-0744, CVE-2001-0745, CVE-2001-0746, CVE-2001-0747, CVE-2001-0748, CVE-2001-0749, CVE-2001-0750, CVE-2001-0751, CVE-2001-0752, CVE-2001-0753, CVE-2001-0754, CVE-2001-0755, CVE-2001-0756, CVE-2001-0757, CVE-2001-0758, CVE-2001-0759, CVE-2001-0760, CVE-2001-0761, CVE-2001-0762, CVE-2001-0763, CVE-2001-0764, CVE-2001-0765, CVE-2001-0766, CVE-2001-0767, CVE-2001-0768, CVE-2001-0769, CVE-2001-0770, CVE-2001-0771, CVE-2001-0772, CVE-2001-0773, CVE-2001-0774, CVE-2001-0775, CVE-2001-0776, CVE-2001-0777, CVE-2001-0778, CVE-2001-0779, CVE-2001-0780, CVE-2001-0781, CVE-2001-0782, CVE-2001-0783, CVE-2001-0784, CVE-2001-0785, CVE-2001-0786, CVE-2001-0787, CVE-2001-0788, CVE-2001-0789, CVE-2001-0790, CVE-2001-0791, CVE-2001-0792, CVE-2001-0794, CVE-2001-0795, CVE-2001-0796, CVE-2001-0797, CVE-2001-0798, CVE-2001-0799, CVE-2001-0800, CVE-2001-0801, CVE-2001-0802, CVE-2001-0803, CVE-2001-0804, CVE-2001-0805, CVE-2001-0806, CVE-2001-0807, CVE-2001-0808, CVE-2001-0809, CVE-2001-0810, CVE-2001-0811, CVE-2001-0812, CVE-2001-0813, CVE-2001-0814, CVE-2001-0815, CVE-2001-0816, CVE-2001-0817, CVE-2001-0818, CVE-2001-0819, CVE-2001-0820, CVE-2001-0821, CVE-2001-0822, CVE-2001-0823, CVE-2001-0824, CVE-2001-0825, CVE-2001-0826, CVE-2001-0828, CVE-2001-0829, CVE-2001-0830, CVE-2001-0831, CVE-2001-0832, CVE-2001-0833, CVE-2001-0834, CVE-2001-0835, CVE-2001-0836, CVE-2001-0837, CVE-2001-0838, CVE-2001-0839, CVE-2001-0840, CVE-2001-0841, CVE-2001-0842, CVE-2001-0843, CVE-2001-0844, CVE-2001-0845, CVE-2001-0846, CVE-2001-0847, CVE-2001-0848, CVE-2001-0849, CVE-2001-0850, CVE-2001-0851, CVE-2001-0852, CVE-2001-0853, CVE-2001-0854, CVE-2001-0855, CVE-2001-0856, CVE-2001-0857, CVE-2001-0858, CVE-2001-0859, CVE-2001-0860, CVE-2001-0861, CVE-2001-0862, CVE-2001-0863, CVE-2001-0864, CVE-2001-0865, CVE-2001-0866, CVE-2001-0867, CVE-2001-0868, CVE-2001-0869, CVE-2001-0870, CVE-2001-0871, CVE-2001-0872, CVE-2001-0873, CVE-2001-0874, CVE-2001-0875, CVE-2001-0876, CVE-2001-0877, CVE-2001-0879, CVE-2001-0884, CVE-2001-0886, CVE-2001-0887, CVE-2001-0888, CVE-2001-0889, CVE-2001-0890, CVE-2001-0891, CVE-2001-0892, CVE-2001-0893, CVE-2001-0894, CVE-2001-0895, CVE-2001-0896, CVE-2001-0897, CVE-2001-0898, CVE-2001-0899, CVE-2001-0900, CVE-2001-0901, CVE-2001-0902, CVE-2001-0903, CVE-2001-0904, CVE-2001-0905, CVE-2001-0906, CVE-2001-0907, CVE-2001-0908, CVE-2001-0909, CVE-2001-0910, CVE-2001-0911, CVE-2001-0912, CVE-2001-0913, CVE-2001-0914, CVE-2001-0915, CVE-2001-0916, CVE-2001-0917, CVE-2001-0918, CVE-2001-0919, CVE-2001-0920, CVE-2001-0921, CVE-2001-0922, CVE-2001-0923, CVE-2001-0924, CVE-2001-0925, CVE-2001-0926, CVE-2001-0927, CVE-2001-0928, CVE-2001-0929, CVE-2001-0930, CVE-2001-0931, CVE-2001-0932, CVE-2001-0933, CVE-2001-0934, CVE-2001-0935, CVE-2001-0936, CVE-2001-0937, CVE-2001-0938, CVE-2001-0939, CVE-2001-0940, CVE-2001-0941, CVE-2001-0942, CVE-2001-0943, CVE-2001-0944, CVE-2001-0945, CVE-2001-0946, CVE-2001-0947, CVE-2001-0948, CVE-2001-0949, CVE-2001-0950, CVE-2001-0951, CVE-2001-0952, CVE-2001-0953, CVE-2001-0954, CVE-2001-0955, CVE-2001-0956, CVE-2001-0958, CVE-2001-0959, CVE-2001-0960, CVE-2001-0961, CVE-2001-0962, CVE-2001-0963, CVE-2001-0964, CVE-2001-0965, CVE-2001-0966, CVE-2001-0967, CVE-2001-0968, CVE-2001-0969, CVE-2001-0970, CVE-2001-0971, CVE-2001-0972, CVE-2001-0973, CVE-2001-0974, CVE-2001-0975, CVE-2001-0976, CVE-2001-0977, CVE-2001-0978, CVE-2001-0979, CVE-2001-0980, CVE-2001-0981, CVE-2001-0982, CVE-2001-0983, CVE-2001-0984, CVE-2001-0985, CVE-2001-0986, CVE-2001-0987, CVE-2001-0988, CVE-2001-0989, CVE-2001-0990, CVE-2001-0991, CVE-2001-0992, CVE-2001-0993, CVE-2001-0994, CVE-2001-0995, CVE-2001-0996, CVE-2001-0997, CVE-2001-0998, CVE-2001-0999, CVE-2001-1000, CVE-2001-1002, CVE-2001-1003, CVE-2001-1004, CVE-2001-1005, CVE-2001-1006, CVE-2001-1007, CVE-2001-1008, CVE-2001-1009, CVE-2001-1010, CVE-2001-1011, CVE-2001-1012, CVE-2001-1013, CVE-2001-1014, CVE-2001-1015, CVE-2001-1016, CVE-2001-1017, CVE-2001-1018, CVE-2001-1019, CVE-2001-1020, CVE-2001-1021, CVE-2001-1022, CVE-2001-1023, CVE-2001-1024, CVE-2001-1025, CVE-2001-1026, CVE-2001-1027, CVE-2001-1028, CVE-2001-1029, CVE-2001-1030, CVE-2001-1031, CVE-2001-1032, CVE-2001-1033, CVE-2001-1034, CVE-2001-1035, CVE-2001-1036, CVE-2001-1037, CVE-2001-1038, CVE-2001-1039, CVE-2001-1040, CVE-2001-1041, CVE-2001-1042, CVE-2001-1043, CVE-2001-1044, CVE-2001-1045, CVE-2001-1046, CVE-2001-1047, CVE-2001-1048, CVE-2001-1049, CVE-2001-1050, CVE-2001-1051, CVE-2001-1052, CVE-2001-1053, CVE-2001-1054, CVE-2001-1055, CVE-2001-1056, CVE-2001-1057, CVE-2001-1058, CVE-2001-1059, CVE-2001-1060, CVE-2001-1061, CVE-2001-1062, CVE-2001-1063, CVE-2001-1064, CVE-2001-1065, CVE-2001-1066, CVE-2001-1067, CVE-2001-1068, CVE-2001-1069, CVE-2001-1070, CVE-2001-1071, CVE-2001-1072, CVE-2001-1073, CVE-2001-1074, CVE-2001-1075, CVE-2001-1076, CVE-2001-1077, CVE-2001-1078, CVE-2001-1079, CVE-2001-1080, CVE-2001-1081, CVE-2001-1082, CVE-2001-1083, CVE-2001-1084, CVE-2001-1085, CVE-2001-1086, CVE-2001-1087, CVE-2001-1088, CVE-2001-1089, CVE-2001-1090, CVE-2001-1091, CVE-2001-1092, CVE-2001-1093, CVE-2001-1094, CVE-2001-1095, CVE-2001-1096, CVE-2001-1097, CVE-2001-1098, CVE-2001-1099, CVE-2001-1100, CVE-2001-1101, CVE-2001-1102, CVE-2001-1103, CVE-2001-1104, CVE-2001-1105, CVE-2001-1106, CVE-2001-1107, CVE-2001-1108, CVE-2001-1109, CVE-2001-1110, CVE-2001-1111, CVE-2001-1112, CVE-2001-1113, CVE-2001-1114, CVE-2001-1115, CVE-2001-1116, CVE-2001-1117, CVE-2001-1118, CVE-2001-1119, CVE-2001-1120, CVE-2001-1121, CVE-2001-1122, CVE-2001-1123, CVE-2001-1124, CVE-2001-1125, CVE-2001-1126, CVE-2001-1127, CVE-2001-1128, CVE-2001-1129, CVE-2001-1130, CVE-2001-1131, CVE-2001-1132, CVE-2001-1133, CVE-2001-1134, CVE-2001-1135, CVE-2001-1136, CVE-2001-1137, CVE-2001-1138, CVE-2001-1139, CVE-2001-1140, CVE-2001-1141, CVE-2001-1142, CVE-2001-1143, CVE-2001-1144, CVE-2001-1145, CVE-2001-1146, CVE-2001-1147, CVE-2001-1148, CVE-2001-1149, CVE-2001-1150, CVE-2001-1151, CVE-2001-1152, CVE-2001-1153, CVE-2001-1154, CVE-2001-1155, CVE-2001-1156, CVE-2001-1157, CVE-2001-1158, CVE-2001-1159, CVE-2001-1160, CVE-2001-1161, CVE-2001-1162, CVE-2001-1163, CVE-2001-1164, CVE-2001-1165, CVE-2001-1166, CVE-2001-1167, CVE-2001-1168, CVE-2001-1169, CVE-2001-1170, CVE-2001-1171, CVE-2001-1172, CVE-2001-1173, CVE-2001-1174, CVE-2001-1175, CVE-2001-1176, CVE-2001-1177, CVE-2001-1178, CVE-2001-1179, CVE-2001-1180, CVE-2001-1181, CVE-2001-1182, CVE-2001-1183, CVE-2001-1184, CVE-2001-1185, CVE-2001-1186, CVE-2001-1187, CVE-2001-1188, CVE-2001-1189, CVE-2001-1190, CVE-2001-1191, CVE-2001-1192, CVE-2001-1193, CVE-2001-1194, CVE-2001-1195, CVE-2001-1196, CVE-2001-1197, CVE-2001-1198, CVE-2001-1199, CVE-2001-1200, CVE-2001-1201, CVE-2001-1202, CVE-2001-1203, CVE-2001-1204, CVE-2001-1205, CVE-2001-1206, CVE-2001-1207, CVE-2001-1208, CVE-2001-1209, CVE-2001-1210, CVE-2001-1211, CVE-2001-1212, CVE-2001-1213, CVE-2001-1214, CVE-2001-1215, CVE-2001-1216, CVE-2001-1217, CVE-2001-1218, CVE-2001-1219, CVE-2001-1220, CVE-2001-1221, CVE-2001-1222, CVE-2001-1223, CVE-2001-1224, CVE-2001-1225, CVE-2001-1226, CVE-2001-1227, CVE-2001-1228, CVE-2001-1229, CVE-2001-1230, CVE-2001-1231, CVE-2001-1232, CVE-2001-1233, CVE-2001-1234, CVE-2001-1235, CVE-2001-1236, CVE-2001-1237, CVE-2001-1238, CVE-2001-1239, CVE-2001-1240, CVE-2001-1241, CVE-2001-1242, CVE-2001-1243, CVE-2001-1244, CVE-2001-1245, CVE-2001-1246, CVE-2001-1247, CVE-2001-1248, CVE-2001-1249, CVE-2001-1250, CVE-2001-1251, CVE-2001-1252, CVE-2001-1253, CVE-2001-1254, CVE-2001-1255, CVE-2001-1256, CVE-2001-1257, CVE-2001-1258, CVE-2001-1259, CVE-2001-1260, CVE-2001-1261, CVE-2001-1262, CVE-2001-1263, CVE-2001-1264, CVE-2001-1265, CVE-2001-1266, CVE-2001-1267, CVE-2001-1268, CVE-2001-1269, CVE-2001-1270, CVE-2001-1271, CVE-2001-1272, CVE-2001-1273, CVE-2001-1274, CVE-2001-1275, CVE-2001-1276, CVE-2001-1277, CVE-2001-1278, CVE-2001-1279, CVE-2001-1280, CVE-2001-1281, CVE-2001-1282, CVE-2001-1283, CVE-2001-1284, CVE-2001-1285, CVE-2001-1286, CVE-2001-1287, CVE-2001-1288, CVE-2001-1289, CVE-2001-1290, CVE-2001-1291, CVE-2001-1292, CVE-2001-1293, CVE-2001-1294, CVE-2001-1295, CVE-2001-1296, CVE-2001-1297, CVE-2001-1298, CVE-2001-1299, CVE-2001-1300, CVE-2001-1301, CVE-2001-1302, CVE-2001-1303, CVE-2001-1304, CVE-2001-1305, CVE-2001-1306, CVE-2001-1307, CVE-2001-1308, CVE-2001-1309, CVE-2001-1310, CVE-2001-1311, CVE-2001-1312, CVE-2001-1313, CVE-2001-1314, CVE-2001-1315, CVE-2001-1316, CVE-2001-1317, CVE-2001-1318, CVE-2001-1319, CVE-2001-1320, CVE-2001-1321, CVE-2001-1322, CVE-2001-1323, CVE-2001-1324, CVE-2001-1325, CVE-2001-1326, CVE-2001-1327, CVE-2001-1328, CVE-2001-1329, CVE-2001-1330, CVE-2001-1331, CVE-2001-1332, CVE-2001-1333, CVE-2001-1334, CVE-2001-1335, CVE-2001-1336, CVE-2001-1337, CVE-2001-1338, CVE-2001-1339, CVE-2001-1340, CVE-2001-1341, CVE-2001-1342, CVE-2001-1343, CVE-2001-1344, CVE-2001-1345, CVE-2001-1346, CVE-2001-1347, CVE-2001-1348, CVE-2001-1349, CVE-2001-1350, CVE-2001-1351, CVE-2001-1352, CVE-2001-1353, CVE-2001-1354, CVE-2001-1355, CVE-2001-1356, CVE-2001-1357, CVE-2001-1358, CVE-2001-1359, CVE-2001-1360, CVE-2001-1361, CVE-2001-1362, CVE-2001-1363, CVE-2001-1364, CVE-2001-1365, CVE-2001-1366, CVE-2001-1367, CVE-2001-1368, CVE-2001-1369, CVE-2001-1370, CVE-2001-1371, CVE-2001-1372, CVE-2001-1373, CVE-2001-1374, CVE-2001-1375, CVE-2001-1376, CVE-2001-1377, CVE-2001-1378, CVE-2001-1379, CVE-2001-1380, CVE-2001-1382, CVE-2001-1383, CVE-2001-1384, CVE-2001-1385, CVE-2001-1386, CVE-2001-1387, CVE-2001-1388, CVE-2001-1389, CVE-2001-1390, CVE-2001-1391, CVE-2001-1392, CVE-2001-1393, CVE-2001-1394, CVE-2001-1395, CVE-2001-1396, CVE-2001-1397, CVE-2001-1398, CVE-2001-1399, CVE-2001-1400, CVE-2001-1401, CVE-2001-1402, CVE-2001-1403, CVE-2001-1404, CVE-2001-1405, CVE-2001-1406, CVE-2001-1407, CVE-2001-1408, CVE-2001-1409, CVE-2001-1410, CVE-2001-1411, CVE-2001-1412, CVE-2001-1413, CVE-2001-1414, CVE-2001-1415, CVE-2001-1416, CVE-2001-1417, CVE-2001-1418, CVE-2001-1419, CVE-2001-1420, CVE-2001-1421, CVE-2001-1422, CVE-2001-1423, CVE-2001-1424, CVE-2001-1425, CVE-2001-1426, CVE-2001-1427, CVE-2001-1428, CVE-2001-1429, CVE-2001-1430, CVE-2001-1431, CVE-2001-1432, CVE-2001-1433, CVE-2001-1434, CVE-2001-1435, CVE-2001-1436, CVE-2001-1437, CVE-2001-1438, CVE-2001-1439, CVE-2001-1440, CVE-2001-1441, CVE-2001-1442, CVE-2001-1443, CVE-2001-1444, CVE-2001-1445, CVE-2001-1446, CVE-2001-1447, CVE-2001-1448, CVE-2001-1449, CVE-2001-1450, CVE-2001-1451, CVE-2001-1452, CVE-2001-1453, CVE-2001-1454, CVE-2001-1455, CVE-2001-1456, CVE-2001-1457, CVE-2001-1458, CVE-2001-1459, CVE-2001-1460, CVE-2001-1461, CVE-2001-1462, CVE-2001-1463, CVE-2001-1464, CVE-2001-1465, CVE-2001-1466, CVE-2001-1467, CVE-2001-1468, CVE-2001-1469, CVE-2001-1470, CVE-2001-1471, CVE-2001-1472, CVE-2001-1473, CVE-2001-1474, CVE-2001-1475, CVE-2001-1476, CVE-2001-1477, CVE-2001-1478, CVE-2001-1479, CVE-2001-1480, CVE-2001-1481, CVE-2001-1482, CVE-2001-1483, CVE-2001-1484, CVE-2001-1487, CVE-2001-1488, CVE-2001-1489, CVE-2001-1490, CVE-2001-1491, CVE-2001-1492, CVE-2001-1494, CVE-2001-1495, CVE-2001-1496, CVE-2001-1497, CVE-2001-1498, CVE-2001-1499, CVE-2001-1500, CVE-2001-1501, CVE-2001-1502, CVE-2001-1503, CVE-2001-1504, CVE-2001-1505, CVE-2001-1506, CVE-2001-1507, CVE-2001-1508, CVE-2001-1509, CVE-2001-1510, CVE-2001-1511, CVE-2001-1512, CVE-2001-1513, CVE-2001-1514, CVE-2001-1515, CVE-2001-1516, CVE-2001-1517, CVE-2001-1518, CVE-2001-1519, CVE-2001-1520, CVE-2001-1521, CVE-2001-1522, CVE-2001-1523, CVE-2001-1524, CVE-2001-1525, CVE-2001-1526, CVE-2001-1527, CVE-2001-1528, CVE-2001-1529, CVE-2001-1530, CVE-2001-1531, CVE-2001-1532, CVE-2001-1533, CVE-2001-1534, CVE-2001-1535, CVE-2001-1536, CVE-2001-1537, CVE-2001-1538, CVE-2001-1539, CVE-2001-1540, CVE-2001-1541, CVE-2001-1542, CVE-2001-1543, CVE-2001-1544, CVE-2001-1545, CVE-2001-1546, CVE-2001-1547, CVE-2001-1548, CVE-2001-1549, CVE-2001-1550, CVE-2001-1551, CVE-2001-1552, CVE-2001-1553, CVE-2001-1554, CVE-2001-1555, CVE-2001-1556, CVE-2001-1557, CVE-2001-1558, CVE-2001-1559, CVE-2001-1560, CVE-2001-1561, CVE-2001-1562, CVE-2001-1563, CVE-2001-1564, CVE-2001-1565, CVE-2001-1566, CVE-2001-1567, CVE-2001-1568, CVE-2001-1569, CVE-2001-1570, CVE-2001-1571, CVE-2001-1572, CVE-2001-1573, CVE-2001-1574, CVE-2001-1575, CVE-2001-1576, CVE-2001-1577, CVE-2001-1578, CVE-2001-1579, CVE-2001-1580, CVE-2001-1581, CVE-2001-1582, CVE-2001-1583, CVE-2001-1584, CVE-2001-1585, CVE-2001-1586, CVE-2001-1587, CVE-2001-1588, CVE-2001-1589, CVE-2001-1590, CVE-2001-1591, CVE-2001-1592, CVE-2001-1593, CVE-2001-1594, CVE-2024-8419, CVE-2025-7195
Date: Mon, 16 Feb 2026 15:50:20 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8839696200
---------------------------
linux-yocto/6.18: update to v6.18.11
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
ee4fb138af107 Linux 6.18.11
32f08c3ddd6dd gpio: omap: do not register driver in probe()
116f7bd8160c6 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add
24a253c3aa6d9 PCI: endpoint: Avoid creating sub-groups asynchronously
60b75407c172e drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
ed82e7949f5ca xfs: fix UAF in xchk_btree_check_block_owner
d741534302f71 erofs: fix UAF issue for file-backed mounts w/ directio option
1d6bd6183e723 bus: fsl-mc: fix use-after-free in driver_override_show()
d14e991279831 scsi: qla2xxx: Query FW again before proceeding with login
f04840512438a scsi: qla2xxx: Free sp in error path to fix system crash
c068ebbaf5282 scsi: qla2xxx: Delay module unload while fabric scan in progress
ae49d33bfc08b scsi: qla2xxx: Allow recovery for tape devices
1a9585e4c58d1 scsi: qla2xxx: Validate sp before freeing associated memory
1339455044155 wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon()
46c1d56ad321f hfs: ensure sb->s_fs_info is always cleaned up
4aa45f841413c nilfs2: Fix potential block overflow that cause system hang
52505d7f713bf crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req
e69a7b0a71b65 crypto: virtio - Add spinlock protection with virtqueue notification
2ed27b5a11743 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly
62c89e1992c86 crypto: octeontx - Fix length check to avoid truncation in ucode_load_store
d75207465eed2 crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode
65a0016016e8b ALSA: hda/conexant: Add quirk for HP ZBook Studio G4
be7a9bcee0ca6 Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB
8d76b2488eb3c driver core: enforce device_lock for driver_match_device()
16c8be3d55441 smb: client: let send_done handle a completion without IB_SEND_SIGNALED
6bf260ace7301 smb: client: let smbd_post_send_negotiate_req() use smbd_post_send()
69ce4ae2ab65c smb: client: fix last send credit problem causing disconnects
cca0526ef2344 smb: client: make use of smbdirect_socket.send_io.bcredits
9eff83600edf6 smb: client: use smbdirect_send_batch processing
d059e5fc49755 smb: client: introduce and use smbd_{alloc, free}_send_io()
1f3e8e2c67cbc smb: client: split out smbd_ib_post_send()
8786127068d51 smb: client: port and use the wait_for_credits logic used by server
1fe0f989beb8b smb: client: remove pointless sc->send_io.pending handling in smbd_post_send_iter()
2b08ca3ab6cc5 smb: client: remove pointless sc->recv_io.credits.count rollback
b9ec75aba3c8f smb: client: let smbd_post_send() make use of request->wr
5b69ba9978dd0 smb: client: let recv_done() queue a refill when the peer is low on credits
f664e6e8a8110 smb: client: make use of smbdirect_socket.recv_io.credits.available
24082642654f3 smb: server: let send_done handle a completion without IB_SEND_SIGNALED
85bf0a73831cc smb: server: fix last send credit problem causing disconnects
5ef18a2e66f2f smb: server: make use of smbdirect_socket.send_io.bcredits
cea7afb097b00 smb: server: let recv_done() queue a refill when the peer is low on credits
66c082e3d4651 smb: server: make use of smbdirect_socket.recv_io.credits.available
88cf40f7b5fb4 smb: smbdirect: introduce smbdirect_socket.send_io.bcredits.*
e811e60e1cc79 smb: smbdirect: introduce smbdirect_socket.recv_io.credits.available
cd25e0d809531 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()
e4a8a96a93d08 ksmbd: add chann_lock to protect ksmbd_chann_list xarray
71b5e7c528315 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
c4b9edd559873 smb: client: split cached_fid bitfields to avoid shared-byte RMW races
1658b66fed206 io_uring: allow io-wq workers to exit when unused
f02693a40e407 io_uring/io-wq: add exit-on-idle state
41cec610f6906 Linux 6.18.10
31b593fbece63 riscv: Add intermediate cast to 'unsigned long' in __get_user_asm
ecd164120c248 ALSA: usb-audio: Use the right limit for PCM OOB check
24ad4cfac0b8e ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU.
57bac08056787 spi: tegra114: Preserve SPI mode bits in def_command1_reg
b8eec12aa666c spi: tegra: Fix a memory leak in tegra_slink_probe()
2ac3a105e5149 spi: tegra210-quad: Protect curr_xfer check in IRQ handler
d51554dc05695 spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer
3bc293d5b5650 spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer
2d3c0122e9611 spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one
51013068438ac spi: tegra210-quad: Move curr_xfer read inside spinlock
e1777c400b7a9 spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer
b767cf2d4efc8 regulator: spacemit-p1: Fix n_voltages for BUCK and LDO regulators
3f9b508b3eecc i2c: imx: preserve error state in block data length handler
e71e3fa90a151 gpio: loongson-64bit: Fix incorrect NULL check after devm_kcalloc()
279cb9180510f ASoC: amd: fix memory leak in acp3x pdm dma ops
8434b351cd4ea ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update()
01d2fb15f15c1 firmware: cs_dsp: rate-limit log messages in KUnit builds
abd66845227c5 firmware: cs_dsp: Factor out common debugfs string read
b8ad2d53f706a ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF
f3ed399e9aa6f nvme-pci: handle changing device dma map requirements
3c58f6121863c drm/xe/guc: Fix CFI violation in debugfs access.
8b68a45f9722f netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()
32ddd09d1103e hwmon: (occ) Mark occ_init_attribute() as __printf
8abb71d4a1dce drm/xe/pm: Disable D3Cold for BMG only on specific platforms
7c5db0957a230 drm/xe/query: Fix topology query pointer advance
184a84f03b5e6 drm/mgag200: fix mgag200_bmc_stop_scanout()
2e5edb69e5d0e net: gro: fix outer network offset
589a530ae44d0 net: add proper RCU protection to /proc/net/ptype
9f42cb8fafd6d net: ethernet: adi: adin1110: Check return value of devm_gpiod_get_optional() in adin1110_check_spi()
100f3bf914612 drm/amd/display: fix wrong color value mapping on MCM shaper LUT
0031f8829c7fb wifi: iwlwifi: mvm: pause TCM on fast resume
9b9f52f052f49 wifi: iwlwifi: mld: cancel mlo_scan_start_wk
5a2b4b0e9c003 net: enetc: Convert 16-bit register reads to 32-bit for ENETC v4
566ea5769ec27 net: enetc: Convert 16-bit register writes to 32-bit for ENETC v4
f346253e5fd95 net: enetc: Remove CBDR cacheability AXI settings for ENETC v4
d98745c68023f net: enetc: Remove SI/BDR cacheability AXI settings for ENETC v4
c175b1eaf729e tipc: use kfree_sensitive() for session key material
f3931416cbdd0 net: rss: fix reporting RXH_XFRM_NO_CHANGE as input_xfrm for contexts
2718ae6af7445 linkwatch: use __dev_put() in callers to prevent UAF
64cf3016234ce io_uring/zcrx: fix page array leak
fad7334082cd1 net: don't touch dev->stats in BPF redirect paths
8860ddf0e07be hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify()
1b2efc593dca9 net: usb: r8152: fix resume reset deadlock
cdedcd5aa3f3c macvlan: fix error recovery in macvlan_common_newlink()
c9e4daf62ca07 net: sfp: Fix quirk for Ubiquiti U-Fiber Instant SFP module
8553bf2e09828 i40e: drop udp_tunnel_get_rx_info() call from i40e_open()
07bb882485f89 ice: drop udp_tunnel_get_rx_info() call from ndo_open()
7565d4df66b66 ice: Fix PTP NULL pointer dereference during VSI rebuild
ef72678c9df0e ice: PTP: fix missing timestamps on E825 hardware
6801ef140fc33 ice: fix missing TX timestamps interrupts on E825 devices
1b381a638e185 dpaa2-switch: add bounds check for if_id in IRQ handler
4640fa5ad5e1a net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup
293eaad0d6d6b net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup
d028147ae0640 net: liquidio: Initialize netdev pointer before queue setup
155eb99aff292 dpaa2-switch: prevent ZERO_SIZE_PTR dereference when num_ifs is zero
8a672f177ebe1 net/sched: cls_u32: use skb_header_pointer_careful()
9b186feb75267 net: add skb_header_pointer_careful() helper
f8611a7981cd0 hwmon: (dell-smm) Add Dell G15 5510 to fan control whitelist
9ee608a64e37c smb/client: fix memory leak in smb2_open_file()
faff38ebbfe63 platform/x86/intel/tpmi/plr: Make the file domain<n>/status writeable
9029ccfab2ca9 platform/x86: hp-bioscfg: Skip empty attribute names
6c45a5a7e1e3b platform/x86: intel_telemetry: Fix PSS event register mask
f93ae43780b75 platform/x86: toshiba_haps: Fix memory leaks in add/remove routines
245ff08e261ce Revert "drm/amd/display: pause the workload setting in dm"
98bf5bc8cb8cb tracing: Avoid possible signed 64-bit truncation
6dd87f6afe9e9 ALSA: hda/realtek: ALC269 fixup for Lenovo Yoga Book 9i 13IRU8 audio
3228b2eceb6c3 btrfs: reject new transactions if the fs is fully read-only
b4b065a880997 wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice
ccb3c75d57039 btrfs: sync read disk super and set block size
7a1bec39c014e wifi: mac80211: correctly check if CSA is active
990e40fb1d111 btrfs: fix Wmaybe-uninitialized warning in replay_one_buffer()
3835e49e146a4 scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()
108cbf2b7d295 ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU
1d5f2329ab4df io_uring/rw: free potentially allocated iovec on cache put failure
c65a1a72a41e4 riscv: Use 64-bit variable for output in __get_user_asm
4530f4e4d0e6a scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
8a7ef96e6af91 wifi: cfg80211: Fix bitrate calculation overflow for HE rates
36e88bd40a8c0 spi: intel-pci: Add support for Nova Lake SPI serial flash
7178b36de1850 ALSA: usb-audio: Add delay quirk for MOONDROP Moonriver2 Ti
f08f2d2907675 regmap: maple: free entry on mas_store_gfp() failure
7d4c9c448c2b3 spi: hisi-kunpeng: Fixed the wrong debugfs node name in hisi_spi debugfs initialization
66b73d3f2cfc7 ALSA: hda/tas2781: Add newly-released HP laptop
e6ce61e01c9a2 ASoC: tlv320adcx140: Propagate error codes during probe
3ba3d959c17aa ASoC: amd: yc: Fix microphone on ASUS M6500RE
1c90f930e7b41 nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready()
62932d9ed639a ALSA: usb-audio: Prevent excessive number of frames
e810b290922c5 nvme-fc: release admin tagset if init fails
a883080063f97 ASoC: simple-card-utils: Check device node before overwrite direction
61fa85497c7b7 ASoC: davinci-evm: Fix reference leak in davinci_evm_probe
9f665b3c3d9a1 dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()
921903d73967f ASoC: Intel: sof_sdw: Add new quirks for PTL on Dell with CS42L43
74309a4b0ffc7 wifi: mac80211: collect station statistics earlier when disconnect
da1880c7b6b83 HID: Elecom: Add support for ELECOM M-XT3DRBK (018C)
71434e45bf124 HID: logitech: add HID++ support for Logitech MX Anywhere 3S
b1f8285bc8e35 riscv: trace: fix snapshot deadlock with sbi ecall
151589d15ee87 ring-buffer: Avoid softlockup in ring_buffer_resize() during memory free
cd7ff7fd3e4b7 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset
ecb8653a8fe9d HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101)
1e84a807c98a7 HID: Intel-thc-hid: Intel-thc: Add safety check for reading DMA buffer
2124279f1f8c3 HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report()
6e2108daed94e HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list
645671377158f drm/amd/display: Reduce number of arguments of dcn30's CalculatePrefetchSchedule()
eb5d6dedadd66 netfilter: replace -EEXIST with -EBUSY
ddab2d0f93200 PCI: qcom: Remove ASPM L0s support for MSM8996 SoC
3210077ed2648 ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk
5b9bbe3d7bb90 x86/sev: Disable GCOV on noinstr object
75f1f512b1567 ALSA: hda/realtek: Add quirk for Acer Nitro AN517-55
747b9a7d4c712 HID: playstation: Center initial joystick axes to prevent spurious events
7ae5b35148119 HID: intel-ish-hid: Reset enum_devices_done before enumeration
8b44e75379510 riscv: Sanitize syscall table indexing under speculation
28768bd3abf99 btrfs: fix reservation leak in some error paths when inserting inline extent
a206870513cda HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL
ea5ef771f3c26 HID: intel-ish-hid: Update ishtp bus match to support device ID table
6de3a371a8b9f btrfs: do not free data reservation in fallback from inline due to -ENOSPC
70dd3513ed6ac smb/server: fix refcount leak in parse_durable_handle_context()
c2ed4f71e9288 LoongArch: Enable exception fixup for specific ADE subcode
2bb9c8a77df50 io_uring: use GFP_NOWAIT for overflow CQEs on legacy rings
4665e52bde3b1 smb/server: fix refcount leak in smb2_open()
0107b18cd8ac1 md: suspend array while updating raid_disks via sysfs
9531210f348aa LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED
fdda836fcee6f smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe()
f309b2c7df659 block,bfq: fix aux stat accumulation destination
86acdc1791944 platform/x86: dell-lis3lv02d: Add Latitude 5400
ff6892ea544c4 wifi: iwlwifi: Implement settime64 as stub for MVM/MLD PTP
6b7c60feab3c6 net: usb: sr9700: support devices with virtual driver CD
10d3ff7e5812c wifi: mac80211: don't WARN for connections on invalid channels
689a7980e4788 wifi: wlcore: ensure skb headroom before skb_push
e0bd226804f8e wifi: mac80211: ocb: skip rx_no_sta when interface is not joined
abd219fd48b11 tracing: Fix ftrace event field alignments
116ffca92dc4d binderfs: fix ida_alloc_max() upper bound
e9bcfe865188a binder: fix BR_FROZEN_REPLY error log
a6050dedb6f1c binder: fix UAF in binder_netlink_report()
287221c5e0707 rust_binderfs: fix ida_alloc_max() upper bound
685bb05d307ac rust_binder: add additional alignment checks
598fe3ff32e43 rust_binder: correctly handle FDA objects of length zero
13de38aa3ea7a sched/fair: Have SD_SERIALIZE affect newidle balancing
de7cb4282dafc sched/fair: Skip sched_balance_running cmpxchg when balance is not due
3a15c519d2b0f bus: mhi: host: pci_generic: Add Telit FE990B40 modem support
fa2274bb17a4a treewide: Drop pci_save_state() after pci_restore_state()
71c50e60421bb PCI/ERR: Ensure error recoverability at all times
1a893bd719121 hwmon: (gpio-fan) Allow to stop FANs when CONFIG_PM is disabled
37751b6d0b6b5 hwmon: (gpio-fan) Fix set_rpm() return value
4385b2f284354 KVM: Don't clobber irqfd routing type when deassigning irqfd
7a245ef476ffb KVM: selftests: Add -U_FORTIFY_SOURCE to avoid some unpredictable test failures
a82647e1a9499 net: spacemit: k1-emac: fix jumbo frame support
d5b3a66986697 net: cpsw_new: Execute ndo_set_rx_mode callback in a work queue
488009aa62bb1 net: cpsw: Execute ndo_set_rx_mode callback in a work queue
ef763b480a3de nouveau/gsp: fix suspend/resume regression on r570 firmware
a20887d5239a3 nouveau/gsp: use rpc sequence numbers properly.
9cc8caba82c2b nouveau: add a third state to the fini handler.
5f645222eb30c Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem"
7b6a0f121d502 mm, shmem: prevent infinite loop on truncate race
41a7b9ab855c8 gve: Correct ethtool rx_dropped calculation
11f8311f69e4c gve: Fix stats report corruption on queue count change
e9cdd54797dc2 drm/amd: Set minimum version for set_hw_resource_1 on gfx11 to 0x52
d3081353acaa6 cgroup/dmem: avoid pool UAF
5c38604abbfa5 cgroup/dmem: avoid rcu warning when unregister region
c13816e8fa23d cgroup/dmem: fix NULL pointer dereference when setting max
e258ed369c9e0 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
35e6fd0d5bc30 ARM: 9468/1: fix memset64() on big-endian
46dfdb6f7a79d rbd: check for EOD after exclusive lock is ensured to be held
57b36ffc8881d ceph: fix NULL pointer dereference in ceph_mds_auth_match()
e8af57e090790 mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single
cbc03ce3e6ce7 procfs: avoid fetching build ID while holding VMA lock
eb54ce033b344 pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains
11ca03ce17d7d pmdomain: imx8mp-blk-ctrl: Keep usb phy power domain on for system wakeup
5171a3dddf427 pmdomain: imx: gpcv2: Fix the imx8mm gpu hang due to wrong adb400 reset
72129d55be9ce pmdomain: imx8mp-blk-ctrl: Keep gpc power domain on for system wakeup
d72563e402bab pmdomain: qcom: rpmpd: fix off-by-one error in clamping to the highest state
5727ccf9d19ca ALSA: aloop: Fix racy access at PCM trigger
21816bbc8492f platform/x86: intel_telemetry: Fix swapped arrays in PSS output
b5a02290ee3a4 KVM: x86: Explicitly configure supported XSS from {svm,vmx}_set_cpu_caps()
a94b956bb7272 x86/kfence: fix booting on 32bit non-PAE systems
feb603a69f830 x86/vmware: Fix hypercall clobbers
ab200d71553bd nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fbd55716cc
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.9)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 4 changes (4 new | 0 updated): - 4 new CVEs: CVE-2026-25931, CVE-2026-25934, CVE-2026-25938, CVE-2026-25939 - 0 updated CVEs:
Date: Mon, 9 Feb 2026 22:23:00 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0695c3e2a0
---------------------------
linux-yocto/6.18: update to v6.18.9
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
adb851edb7078 Linux 6.18.9
0d26aa84ff0b7 mptcp: avoid dup SUB_CLOSED events after disconnect
01b0831d71b6d sched_ext: Fix SCX_KICK_WAIT to work reliably
664e78f2d4ec3 sched_ext: Don't kick CPUs running higher classes
edb9fab1b78c6 net/sched: act_ife: convert comma to semicolon
5b22c6cbabc78 Revert "drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit)"
ab21cf885fb2a libbpf: Fix -Wdiscarded-qualifiers under C23
f749b366b8e79 gpiolib: acpi: Fix potential out-of-boundary left shift
84df65fcfbff1 iommu/tegra241-cmdqv: Reset VCMDQ in tegra241_vcmdq_hw_init_user()
078377b07f8e8 drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule()
ac251d17d8af5 drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove
2d9bff2af0adb drm/amdgpu/gfx12: adjust KGQ reset sequence
d9790cf8bbe80 drm/amdgpu/gfx12: fix wptr reset in KGQ init
4867b512bb7f5 drm/amdgpu/gfx11: adjust KGQ reset sequence
018892bd9a0c0 drm/amdgpu/gfx11: fix wptr reset in KGQ init
75ebd42441702 drm/amdgpu/gfx10: fix wptr reset in KGQ init
9a6d87fbe3f51 drm/amdgpu/soc21: fix xclk for APUs
5f841c308c453 drm/amd/pm: fix smu v14 soft clock frequency setting issue
191e22e5d742e drm/amd/pm: fix smu v13 soft clock frequency setting issue
ca68745e820ec drm/imx/tve: fix probe device leak
31203f5680c3d drm/msm/a6xx: fix bogus hwcg register updates
a4ea228271cd4 drm/tyr: depend on `COMMON_CLK` to fix build error
3e845c46dfe5a drm/xe/xelp: Fix Wa_18022495364
ae8831ee0fb2f drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl()
dd222df5b356e scripts: generate_rust_analyzer: Add compiler_builtins -> core dep
8afa6c4d7abfb scripts: generate_rust_analyzer: fix resolution of #[pin_data] macros
2426867644cc7 scripts: generate_rust_analyzer: compile sysroot with correct edition
ce798a0fe6b79 scripts: generate_rust_analyzer: remove sysroot assertion
595718c74f85b scripts: generate_rust_analyzer: Add pin_init_internal deps
5bfa32ff75b50 scripts: generate_rust_analyzer: Add pin_init -> compiler_builtins dep
e82f822ed1472 rust: sync: refcount: always inline functions using build_assert with arguments
4bb727f4b0614 rust: sync: atomic: Provide stub for `rusttest` 32-bit hosts
625605ac8be50 rust: bits: always inline functions using build_assert with arguments
3d48d59235c49 net: fix segmentation of forwarding fraglist GRO
b23bee8cdb7aa mm/shmem, swap: fix race of truncate and swap entry split
40aed8b856580 mm/memory-failure: teach kill_accessing_process to accept hugetlb tail page pfn
b0020cbd26380 mm, swap: restore swap_space attr aviod kernel panic
4f57516293fda mm/memory-failure: fix missing ->mf_stats count in hugetlb poison
c71fae335dfe7 mm/kfence: randomize the freelist on initialization
629666d20c7dc btrfs: do not strictly require dirty metadata threshold for metadata writepages
b91a84299d72a flex_proportions: make fprop_new_period() hardirq safe
131af3df59b24 selftests: mptcp: join: fix local endp not being tracked
e73aab3337833 selftests: mptcp: check subflow errors in close events
8d4ccc10a77f0 selftests: mptcp: check no dup close events after error
35bb480000cd2 mptcp: only reset subflow errors when propagated
33f971476ffc1 mm/kasan: fix KASAN poisoning in vrealloc()
0ac0e2e64b068 gpio: rockchip: Stop calling pinctrl for set_direction
f69cae1bf44ca ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
68207ceefd71c nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference
e4e15a0a4403c efivarfs: fix error propagation in efivar_entry_get()
14ca9fa020829 scsi: qla2xxx: edif: Fix dma_free_coherent() size
5ba425a7bab31 kbuild: rust: clean libpin_init_internal in mrproper
e4c0a92146ddf gpio: pca953x: mask interrupts in irq shutdown
cb69b0a0c0aaf ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO
98e0bc206a321 scsi: be2iscsi: Fix a memory leak in beiscsi_boot_get_sinfo()
91539cf522ed0 ASoC: fsl: imx-card: Do not force slot width to sample width
8b581837295fc rust: kbuild: give `--config-path` to `rustfmt` in `.rsi` target
50c66cb08070c rust: rbtree: fix documentation typo in CursorMut peek_next method
fe9a1a825b4ae riscv: compat: fix COMPAT_UTS_MACHINE definition
b038874e31fc3 firewire: core: fix race condition against transaction list
a28fce0365e1c perf: sched: Fix perf crash with new is_user_task() helper
112d497809970 pinctrl: qcom: sm8350-lpass-lpi: Merge with SC7280 to fix I2S2 and SWR TX pins
e81d1bc4ea791 pinctrl: meson: mark the GPIO controller as sleeping
e0468c4527a22 pinctrl: lpass-lpi: implement .get_direction() for the GPIO driver
b1f41c1f0bbbe writeback: fix 100% CPU usage when dirtytime_expire_interval is 0
36370892e3111 sched/deadline: Fix 'stuck' dl_server
0bbcb7586bc81 sched/deadline: Document dl_server
32887d8e4bc06 drm/xe/nvm: Fix double-free on aux add failure
02dc6cf6409e5 drm/xe/nvm: Manage nvm aux cleanup with devres
2859fa957a936 drm/xe/configfs: Fix is_bound() pci_dev lifetime
64364ccf491c7 dma/pool: distinguish between missing and exhausted atomic pools
d36c4149ea224 bcache: fix I/O accounting leak in detached_dev_do_request
7b72d76a58e6b bcache: use bio cloning for detached device requests
db6e287bd6e80 bcache: fix improper use of bi_end_io
23f9f9c46edd9 of: reserved_mem: Allow reserved_mem framework detect "cma=" kernel param
14e32032c42fe of/reserved_mem: Simplify the logic of fdt_scan_reserved_mem_reg_nodes()
8d9c5ceff4b53 kbuild: Fix permissions of modules.builtin.modinfo
32d8f998bb8d4 kbuild: rpm-pkg: Generate debuginfo package manually
d4dbada7ac6f3 gpio: brcmstb: correct hwirq to bank map
546e62c3fb29a drm/amd/pm: fix race in power state check before mutex lock
7bec90f605cfb gpio: virtuser: fix UAF in configfs release path
c0ce86d92565b gpiolib: acpi: use BIT_ULL() for u64 mask in address space handler
ecb638fb9a5cc ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion
e67828aeb58d9 drm/xe: Skip address copy for sync-only execs
4d7b7abb525b4 ASoC: soc-acpi-intel-ptl-match: fix name_prefix of rt1320-2
a42bdbcada187 scsi: firewire: sbp-target: Fix overflow in sbp_make_tpg()
aabc36857bd39 wifi: mac80211: correctly decode TTLM with default link map
a4f9a19a266e6 wifi: mac80211: apply advertised TTLM from association response
b8d890f8c3223 wifi: mac80211: parse all TTLM entries
cc3f137d36fda net/mlx5e: Skip ESN replay window setup for IPsec crypto offload
19bb3c68e18cf net/mlx5: Fix vhca_id access call trace use before alloc
fc3da1466af5f net/mlx5: Initialize events outside devlink lock
2614734c4bc67 net/mlx5: fs, Fix inverted cap check in tx flow table root disconnect
335031cacd7e8 net: phy: micrel: fix clk warning when removing the driver
92db64d3546f9 net/mlx5e: don't assume psp tx skbs are ipv6 csum handling
f4bb58e14f042 net: bridge: fix static key check
c3369fc5e6120 nfc: nci: Fix race between rfkill and nci_unregister_device().
92e0483402afc net/mlx5e: Account for netdev stats in ndo_get_stats64
fdf8437016f57 net/mlx5e: TC, delete flows only for existing peers
2df2aad9cf2f4 ice: stop counting UDP csum mismatch as rx_errors
36126ddbe9247 ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues
214aed313f7a5 ixgbe: don't initialize aci lock in ixgbe_recovery_probe()
c721ea2ff5672 ixgbe: fix memory leaks in the ixgbe_recovery_probe() path
bd25b092a06a3 bonding: fix use-after-free due to enslave fail after slave array update
61858cbce6ca4 nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame().
fdb99161cbef2 net: spacemit: Check for netif_carrier_ok() in emac_stats_update()
1f1b9523527df mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()
dce375f4afc34 rocker: fix memory leak in rocker_world_port_post_fini()
cdc4deb9e7be2 net/mlx5: Fix return type mismatch in mlx5_esw_vport_vhca_id()
2c0fb0f60bc15 net: wwan: t7xx: fix potential skb->frags overflow in RX path
500c1237c9a13 ipv6: use the right ifindex when replying to icmpv6 from localhost
0b74c6e132737 net: mvpp2: cls: Fix memory leak in mvpp2_ethtool_cls_rule_ins()
590c8179ffb01 sfc: fix deadlock in RSS config read
bd98324e327e4 bonding: annotate data-races around slave->last_rx
d753f3c3f9d7a octeon_ep: Fix memory leak in octep_device_setup()
f14d881f0a5aa net: bcmasp: fix early exit leak with fixed phy
713ba826ae114 can: gs_usb: gs_usb_receive_bulk_callback(): fix error message
23f40dbda938e net/mlx5: Fix memory leak in esw_acl_ingress_lgcy_setup()
3b63185053788 Bluetooth: MGMT: Fix memory leak in set_ssp_complete
03e8c90c62233 Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work
4081d53864dae can: at91_can: Fix memory leak in at91_can_probe()
e80617a5e1c24 btrfs: zlib: fix the folio leak on S390 hardware acceleration
474f851ec5e2e readdir: require opt-in for d_type flags
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d3e757f214
---------------------------
testimage.bbclass: enable PTEST_RUNNER_TIMEOUT variable
QB_MEM works in recipe scope because testimage.bbclass reads it from the
current recipe datastore (d) at test time via the qemuboot.conf mechanism.
PTEST_RUNNER_TIMEOUT was only available through testdata.json (written
during image build via export2json). The testimage task reads td from the
potentially stale testdata.json, and PTEST_RUNNER_TIMEOUT was never
refreshed from the live recipe context.
[YOCTO #16163]
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2110bbc2c3
---------------------------
core-image-ptest: add PTEST_RUNNER_TIMEOUT
In lib/oeqa/runtime/cases/ptest.py, the timeout used to be hardcoded to 450 seconds.
Now that it is a variable, make that a bit more obvious by setting a default value.
Set PTEST_RUNNER_TIMEOUT for python3-cffi to 600 seconds as it is known to come close
to and surpass the 450 second limit under heavy load.
Fixes: [YOCTO #16163]
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 37982f5be4
---------------------------
oeqa/runtime/ptest: Make ptest-runner timeout configurable
Replace the hardcoded 450 second timeout with a configurable
PTEST_RUNNER_TIMEOUT variable, defaulting to 450 seconds.
[YOCTO #16163]
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2535427d8d
---------------------------
kernel-fit-image: support arbitrary loadables
Allow a user to insert additional, arbitrary loadables in a FIT image.
The loadables can be specified through the FIT_LOADABLES variable as
a list, with parameters defined by flags on dedicated FIT_LOADABLE_*
variables; they will be included in all configurations.
Sensible defaults will be used for some parameters (type, compression,
description, arch, os) if the corresponding flag is not set, while
others (load address and entry point) will be omitted in the final FIT
image.
As an example, the following configuration can be specified to add as
loadables a TF-A BL31 firmware and a (compressed) TEE firmware, to be
loaded respectively at 0x204E0000 and 0x96000000:
FIT_LOADABLES = "atf tee"
FIT_LOADABLE_FILENAME[atf] = "bl31.bin"
FIT_LOADABLE_TYPE[atf] = "tfa-bl31"
FIT_LOADABLE_ARCH[atf] = "arm64"
FIT_LOADABLE_OS[atf] = "arm-trusted-firmware"
FIT_LOADABLE_LOADADDRESS[atf] = "0x204E0000"
FIT_LOADABLE_FILENAME[tee] = "tee.bin.gz"
FIT_LOADABLE_COMPRESSSION[tee] = "gzip"
FIT_LOADABLE_TYPE[tee] = "tee"
FIT_LOADABLE_OS[tee] = "tee"
FIT_LOADABLE_LOADADDRESS[tee] = "0x21000000"
Signed-off-by: Francesco Valla <francesco@valla.it>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8536c8b9e9
---------------------------
ffmpeg: set status for CVE-2025-12343
Per [1] is patch for this CVE [2].
This is equivalent of [3] which is included in n8.0.
[1] https://security-tracker.debian.org/tracker/CVE-2025-12343
[2] https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/b8d5f65b9e89d893f27cf00799dbc15fc0ca2f8e
[3] https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/263e819aa45cd3c48bf6887be02b4ec504c02048
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f12af98df8
---------------------------
busybox: Fixes CVE-2025-60876
This addresses CVE-2025-60876[1], which allows malicious URLs to inject
HTTP headers. It has been accepted by Debian[2] and is tracked here [4].
The upstream fix has been submitted [3] and is pending merge.
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-60876
[2] https://bugs.debian.org/1120795
[3] https://lists.busybox.net/pipermail/busybox/2025-November/091840.html
[4] https://security-tracker.debian.org/tracker/CVE-2025-60876
Upstream-Status: Submitted [https://lists.busybox.net/pipermail/busybox/2025-November/0918
40.html]
Signed-off-by: Livin Sunny <livinsunny519@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4b902e7b17
---------------------------
toolchain-scripts-base.bbclass: remove timestamp
This timestamp makes the package meta-environment-qemux86-64 not
reproducible, and it is the time when the package is built, mabybe not
that important, the key info is the meta revision.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1b93479f7b
---------------------------
tcl8: skip more timing-sensitive tests
Skip more tests, as we already do for the tcl9 recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7fbb281cc1
---------------------------
oeqa/selftest/sdk: add test_sdk_runqemu
Add test case to ensure runqemu works in SDK.
Using runqemu from SDK has been supported for many years. Add a
test case to ensure we have no regression.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 972155bbee
---------------------------
runqemu: restore support to run inside SDK
Using runqemu from SDK has been supported for a long time[1].
Below are example steps for using runqemu inside SDK.
1. mkdir destdir
2. cp -r /path/to/build/tmp/deploy/image/qemux86-64 destdir
3. Install SDK to destdir
4. Source SDK
5. runqemu qemux86-64 nographic slirp
Recently the related code path was deleted by accident during
an effort to make codes cleaner and more consistent.
We need to restore support for it.
What actually matters is the STAGING_BINDIR_NATIVE, which we
use to locate the qemu binary. So in case of SDK, we set it
from OECORE_NATIVE_SYSROOT. The STAGING_DIR_NATIVE checking
and setting are meaningless, thus deleting it.
[1] https://git.openembedded.org/openembedded-core/commit/?id=93649edc034f2540ff55dc9b41638797209cfb9c
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1327e46708
---------------------------
gawk: upgrade from 5.3.2 -> 5.4.0
Changes:
https://lists.gnu.org/archive/html/info-gnu/2026-02/msg00011.html
A notable change is:
1. This release now uses Mike Haertel's MinRX regular expression matcher
as the default regexp engine. The old regex and dfa engines are still
available.
The former regex matcher is selectable at run-time by setting the environemnt
variable:
GAWK_GNU_MATCHERS
More details are available here:
https://cgit.git.savannah.gnu.org/cgit/gawk.git/tree/README_d/README.matchers?h=gawk-5.4-stable
Switch the tarball from .gz to .xz to reduce size by ~3MB.
No ptests errors for x86-64 for glibc/musl.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fc144bec42
---------------------------
openssl: Package /etc/ssl/openssl.conf.d in openssl-conf
Since the /etc/ssl/openssl.conf file is packaged in openssl-conf, it
makes sense to also add the new /etc/ssl/openssl.conf.d directory to the
same package.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4e781c6618
---------------------------
oe-init-build-env: Drop VSCode setup
Remove the VSCode setup from oe-init-build-env.
Since poky as a combo-layer repository is no longer available, using the
oe-init-build-env script from openembedded-core is no longer
straightforward. There are too many ways to set up a build environment,
with different directory structures, with containers involved or not,
etc. Each of these setups may have its own way to provide IDE support.
A simple shell script like oe-init-vscode cannot address all these use
cases. Rather than trying to make oe-init-build-env smart enough to
cover all these cases, it is better to delegate the responsibility to
whatever tool or repository is used to set up the build environment.
If no tool such as bitbake-setup is used, it is still possible to use
a variant of the oe-setup-vscode script from a custom layer. One way
which works well is to create a custom oe-init-build-env script in the
custom layer repository which calls the custom oe-setup-vscode script
from the custom layer repository. Example directory structure:
my-project/
├── .vscode # generated by oe-setup-vscode
| # when oe-init-build-env is called
├── layers/
│ └── openembedded-core/
| └── bitbake/
├── scripts/
│ └── oe-setup-vscode
├── build/
│ └── conf
└── oe-init-build-env
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: db0072f298
---------------------------
perl: upgrade from 5.40.2 to 5.42.0
License-Update: Update copies of GPL to match recent FSF changes
Changes: https://perldoc.perl.org/5.42.0/perldelta
Update RDEPENDS for perl-module-extutils-parsexs, refer [1], this should
fix libmodule-build-perl ptest failure:
Failed to load or import from ExtUtils::ParseXS (version 3.57). Please
check that ExtUtils::ParseXS is installed correctly and that the newest
version will be found in your @INC path: Can't locate
ExtUtils/ParseXS/Node.pm in @INC
[1] https://github.com/Perl/perl5/commit/36118f523541d3e74ab495202ca8efbd9c9611b5
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e556787312
---------------------------
binutils: Upgrade to 2.46 release
New Features:
Support for new instructions added to AMD, ARM and RISC-V architectures.
Support for version 3 of the SFrame standard.
The readelf program can now display the contents of Global Offset Tables.
Improved linker tagging support.
Detailed release notes are here [1]
[1] https://lists.gnu.org/archive/html/info-gnu/2026-02/msg00006.html
Dropped patches:
0001-aarch64-constify-BTI-and-GCS-report-functions.patch
Since the fix is already included in binutils 2.46.
CVE patches: CVE-2025-11081,CVE-2025-11082,CVE-2025-11083,
CVE-2025-11839,CVE-2025-11840,CVE-2025-11412,CVE-2025-11413,
CVE-2025-11414,CVE-2025-11494,CVE-2025-11495.
These were dropped because they are already addressed in binutils 2.46.
Drop CVE_STATUS:
binutils 2.46 has needed fixes for CVE-2025-7545 and CVE-2025-7546.
Rebased existing patches with binutils 2.46.
Fixed elfutils-ptest regression for arm64.
Testing Results:
+----------------------+--------+--------+------+
| Result | 2.45.1 | 2.46 | Diff |
+----------------------+--------+--------+------+
| Expected Passes | 318 | 331 | +13 |
| Untested Testcases | 5 | 5 | 0 |
| Unsupported Tests | 8 | 6 | -2 |
+----------------------+--------+--------+------+
Testcases changes:
-------------------------------------------------------------------------------
Testcase-name 2.45.1 2.46
-------------------------------------------------------------------------------
nm --ifunc-chars=-- (global ifunc) - PASS
nm --ifunc-chars=-- (local ifunc) - PASS
copy with unknown section flag - PASS
objcopy tek2bin - PASS
binary symbol (implicit) - PASS
binary symbol (explicit) - PASS
readelf SFrame V2 (x86-64/test-v2-ET_EXEC.sframe) - PASS
objdump SFrame V2 (x86-64/test-v2-ET_EXEC.sframe) - PASS
readelf SFrame V2 (x86-64/test-v2-ET_REL.sframe) - PASS
objdump SFrame V2 (x86-64/test-v2-ET_REL.sframe) - PASS
run objcopy of executable UNSUPPORTED PASS
run stripped executable UNSUPPORTED PASS
run stripped executable with saving a symbol UNSUPPORTED PASS
Copy object attributes v2 data from an object to another - UNSUPPORTED
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 31e06179f8
---------------------------
python3-rdflib: upgrade 7.5.0 -> 7.6.0
License-Update: Copyright year updated to 7.6.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f86c38b131
---------------------------
wireless-regdb: upgrade 2025.10.07 -> 2026.02.04
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3e72ebe9ed
---------------------------
sanity: reject TMPDIR containing redundant slashes
A trailing slash or consecutive slashes anywhere in TMPDIR cause
BitBake variable expansion to embed those redundant slashes into
derived variables such as STAGING_DIR and WORKDIR. The sstate
machinery in sstate_add() normalises its directory arguments via
os.path.normpath(), so manifest entries always contain clean paths.
Functions in staging.bbclass that read the same variables directly
via d.getVar() without normalising then fail to match manifest
entries, silently staging files to wrong locations and causing
do_populate_sysroot to abort.
Although POSIX permits paths with redundant slashes, they break the
string-matching assumptions embedded in the staging machinery, so
treat any TMPDIR that differs from its normalised form as an error.
Signed-off-by: Sam Povilus <sam.povilus@amd.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6f58513646
---------------------------
u-boot: Copy U-Boot script to B when suffix is not scr
With the introduction of the UNPACKDIR variable, commit [1] changed the
expected location of UBOOT_ENV_BINARY to B. This works fine when
UBOOT_ENV_SUFFIX is "scr" but it does not copy the script when it is
not. As documented in [2], it is expected that with any other value of
UBOOT_ENV_SUFFIX the script gets installed verbatim.
This commit fixes that by copying UNPACKDIR/UBOOT_ENV_SRC to
B/UBOOT_ENV_BINARY when UBOOT_ENV_SUFFIX is not "scr", as documented.
[1] https://git.openembedded.org/openembedded-core/commit/?id=62ff94ff40e823065178318133d54e44a3d8a46d
[2] https://docs.yoctoproject.org/ref-manual/variables.html#term-UBOOT_ENV
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 534d6e68a2
---------------------------
libseccomp: add diffutils to ptest RDEPENDS
libseccomp ptest needs diff during test execution,
Add diffutils to the runtime ptest dependency.
Signed-off-by: Nikhil R <nikhil.r@bmwtechworks.in>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 117a513931
---------------------------
python3-certifi: Upgrade 2026.1.4 -> 2026.2.25
Upgrade to release 2026.2.25:
- Updated dependencies
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 93913d177b
---------------------------
python3-maturin: Upgrade 1.11.5 -> 1.12.4
Upgrade to release 1.12.4:
- Upgrade memmap2 version
- fix: platform tag detection for Android targets
- fix: only ignore maturin-generated native libraries on all platforms
- fix: ignore develop artifacts for all binding types during build
- feat: support conditional cargo features based on Python version
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 87b4da38f9
---------------------------
python3-hatchling: Upgrade 1.28.0 -> 1.29.0
Upgrade to release 1.29.0:
- Source Date Epoch no longer fails when set to date before 1980.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 73191cc3b6
---------------------------
python3-wcwidth: Upgrade 0.5.3 -> 0.6.0
Upgrade to release 0.6.0:
- Complete textwrap.wrap() with 6 missing params
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fa7877d258
---------------------------
devtool: standard: Add new patches in correct order when finishing
Make sure that new patches that are added as a result of using devtool
finish are added to the SRC_URI in the same order they were committed.
Previously, the order was a result of the arbitrary order the patch
files were returned by os.walk(), which typically resulted in them being
added to the SRC_URI in the reverse order they were committed.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e40c8ed2a8
---------------------------
lib/oe/patch: Make GitApplyTree.extractPatches() return the patches
The list of patches will be used by _export_patches() in devtool to add
new patches in the correct order.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b4e1c5ccb4
---------------------------
socat: upgrade 1.8.1.0 -> 1.8.1.1
Drop patch:
0001-fix-compile-failed-with-musl.patch
which is merged upstream:
a235f59 Avoid compilation issue in xio-netlink.c with Musl libc
commit log:
4ce8786 Version 1.8.1.1
f13b27d A few minor corrections
d5a2c46 Fixed a few buffer read overruns
b314687 Fixed issue with POSIXMQ in unidirectional context
a235f59 Avoid compilation issue in xio-netlink.c with Musl libc
a7058c9 Fixed strchr with const for new glibc
35d5da1 Fixed timestamps of -v and -x (really)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5e7ca584b3
---------------------------
socat: Remove -fcommon from compiler flags
This is no longer needed with gcc or clang
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 02271ecc3c
---------------------------
nfs-utils: upgrade 2.8.4 -> 2.8.5
Commits (aside from typo fixes):
4e9b31fe Release: 2.8.5
00e2e62b nfsdctl: add support for min-threads parameter
4c275442 systemd: drop Wants=network-online.target for rpc-statd-notify
03b9c540 nfsiostat: normalize the mountpoints passed in from the command line
59e85671 Rename CONFIG_NFSV41 to CONFIG_BLKMAPD and disable by default
3b7de50f nfsdctl: ignore ipv6 listener creation error
0e71be58 locktest: use correct build flags
077b70fe sm-notify: Do not drop privileges if running as non-root user
8600bbb7 gssd: protect kerberos ticket cache access
CONFIG_NFSV41 was renamed to CONFIG_BLKMAPD so update the associated PACKAGEONFIG option.
Drop: 0001-locktest-Makefile.am-Do-not-use-build-flags.patch which as merged in:
0e71be58 locktest: use correct build flags
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7422f51e93
---------------------------
vim: upgrade 9.1.2144 -> 9.2.0
Solves 9.1.2148 (in 9.1.2148), see [1].
Drop patch merged upstream.
Release notes for 9.2, see [2].
Note that almost all changes were already present in our 9.1 updates.
[1] https://github.com/vim/vim/security/advisories/GHSA-9w5c-hwr9-hc68
[2] https://www.vim.org/vim-9.2-released.php
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8417f4a186
---------------------------
meta: fix generation of kernel CONFIG_ in SPDX3
With the current solution, using a separate task
(do_create_kernel_config_spdx) there is a dependency issue. Sometimes
the final rootfs SBOM does not contain the CONFIG_ values.
do_create_kernel_config_spdx is executed after do_create_spdx which
deploys the SPDX file. do_create_kernel_config_spdx calls
oe.sbom30.find_root_obj_in_jsonld to read from the deploy directory,
which is OK, but the do_create_kernel_config_spdx ends up writing to
this deployed file (updating it).
do_create_rootfs_spdx has an explicit dependency to all do_create_spdx
tasks, but there is nothing that prevents executing
do_create_kernel_config_spdx after do_create_rootfs_spdx.
To fix it, instead, now read from the workdir, and write to the
workdir, and do the processing from the do_create_spdx task:
we append to the do_create_spdx task.
Furthermore, update oeqa selftest to execute do_create_spdx instead
of removed function.
Also only execute this task if create-spdx-3.0 was inherited,
previously this code could be executed if create-spdx-2.2 is
inherited.
Fixes: 228a968e7c47 ("kernel.bbclass: Add task to export kernel configuration to SPDX")
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: be8cdcf13a
---------------------------
build-appliance-image: Update to master head revisions
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4a388406ac
---------------------------
bitbake.conf: Set BB_HASHSERVE alongside BB_SIGNATURE_HANDLER
We need to set this alongside the change in the previous commit for
it to work correctly and default to a local only cache.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3c00ad5d3b
---------------------------
build-appliance-image: Update to master head revisions
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5596ea156d
---------------------------
bitbake.conf: Switch BB_SIGNATURE_HANDLER to OEEquivHash by default
Hash Equivalence is an extremely powerful feature for reducing build time.
In simple terms, if something is rebuilt and the output is the same as a
previous build, all sstate build artefacts beyond that point can be reused
instead of being rebuilt.
This can be done with a local hash equivalence database/server which is the
default and even local builds with a local sstate can benefit hugely from it.
There is an assumption that builds are reproducible in order for this to work
optimally.
The downside is that when enabled to pull from a shared sstate cache, you need
to use a common hash equivalence server to match it for things to work well.
OE-Core wasn't enabling hash equivalence by default but this changes it to do
so. This has been extensively tested as the deafault in Poky for a long time.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c0c2339a52
---------------------------
linux-firmware: upgrade 20260110 -> 20260221
Upgrade the firmware package to latest release. Add firmware for TI
TAS2783, Qualcomm Adreno A801, Qualcomm Glymur, Radxa Dragon Q6A CDSP
and several Intel Sensors Hub firmware versions. Also pick up several
ADSP topologies for Qualcomm X Elite and Qualcomm SM8450 based devices.
License-Update: copyright years, new firmware
Co-developed-by: Sairamreddy Bojja <sbojja@qti.qualcomm.com>
Signed-off-by: Sairamreddy Bojja <sbojja@qti.qualcomm.com>
Cc: Vivek Puar <vpuar@qti.qualcomm.com>
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e00d5d6eac
---------------------------
systemd: drop sysvinit PACKAGECONFIG
Systemd sysvinit was removed d9ec9e20 but the packageconfig knob was still here.
Remove the sysvinit knob and fix:
| ERROR: Nothing RPROVIDES 'systemd-compat-units' (but /lmp/build/conf/../../layers/openembedded-core/meta/recipes-core/systemd/systemd_258.1.bb RDEPENDS on or otherwise requires it)
| NOTE: Runtime target 'systemd-compat-units' is unbuildable, removing...
| Missing or unbuildable dependency chain was: ['systemd-compat-units']
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d6fb3e7d39
---------------------------
perlcross: upgrade from 1.6.2 to 1.6.4
https://github.com/arsv/perl-cross/releases/tag/1.6.4
Include support for perl 5.40.3, perl 5.42.0
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5d779a8694
---------------------------
gdk-pixbuf: upgrade from 2.44.4 to 2.44.5
NEWS:
2.44.5
===
- Make the testsuite work with glycin
- glycin: Add support for xpm and xbm
- TRanslation updates
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d5cf97438f
---------------------------
ruby: upgrade from 3.4.7 to 4.0.1
License-Update: Add license BSL-1.0 and Apache-2.0
COPYING - Add Cross-links between Japanese and English pages
LEGAL - Update LEGAL for JSON vendored sources
Refer:
[1] https://github.com/ruby/ruby/commit/e652af18816ffe0b85109b8de0827349bf03f16d
[2] https://github.com/ruby/ruby/commit/d5fbff50c7ff880ae71b8a8ae9aad976c69bea73
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 11abd263d9
---------------------------
procps: upgrade from 4.0.5 to 4.0.6
Remove patch top_large_pid_fix.patch, already in 4.0.6
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 699dbbdf3a
---------------------------
cve-exclusions: set status for 5 CVEs
Reuse work of Debian researchers and set status for fixed CVEs
accordingly.
These are not tracked by kernel itself, so generated exclusions won't
help here.
* https://security-tracker.debian.org/tracker/CVE-2022-38096
* https://security-tracker.debian.org/tracker/CVE-2023-39176
* https://security-tracker.debian.org/tracker/CVE-2023-39179
* https://security-tracker.debian.org/tracker/CVE-2023-39180
* https://security-tracker.debian.org/tracker/CVE-2023-6535
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 77fb0331ec
---------------------------
linux-yocto: apply cve-exclusions also to rt and tiny recipe variants
Version is the same as base kernel, only configuration differs.
There is no reason to not apply the exclusions to all variants.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c2ee574f12
---------------------------
rpm/rootfs.py: ensure exit 1 has a word boundary
Currently, If a package installed by dnf has the word "exit" followed by
"100%" in the log file, the rpm/rootfs.py regex matches a failure thanks to
the "exit 1"00%, such as the following:
[682/932] perl-module-test2-plugin-exit 100% | 0.0 B/s | 8.5 KiB | 00m00s
Add a `\b` to ensure there's a word boundary to prevent the error from happening.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9c840a69b6
---------------------------
lz4: Remove a reference to the rejected CVE-2025-62813
The CVE-2025-62813 is rejected so do not reference it anymore.
So keep the patch but without referencing the CVE identifier.
The CVE database indicates the following reason:
This candidate was withdrawn by its CNA. Further investigation
showed that it was not a security issue.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bf41240132
---------------------------
avahi: Remove a reference to the rejected CVE-2021-36217
CVE-2021-36217 is rejected, and should no longer be referenced.
CVE-2021-36217 is a duplicate of CVE-2021-3502 which is already
referenced in the local-ping.patch.
The CVE database indicates the following reason:
ConsultIDs: CVE-2021-3502. Reason: This candidate is a duplicate of
CVE-2021-3502. Notes: All CVE users should reference CVE-2021-3502
instead of this candidate. All references and descriptions in this
candidate have been removed to prevent accidental usage.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c710879b4c
---------------------------
kernel.bbclass: remove dependency on initramfs when not bundled
Previously, the kernel recipe depended on the initramfs image even when
INITRAMFS_IMAGE_BUNDLE was not enabled. This caused the kernel to be
rebuilt whenever the initramfs image changed, regardless of whether the
kernel actually included the initramfs.
The problematic chain was:
linux:do_deploy ->
linux:do_bundle_initramfs ->
image-initramfs:do_image_complete
The original intent (acc. to the comment) was to ensure the initramfs
image was available for tools like wic. However, apart from bundling the
initramfs in the kernel, there is probably no reason why the kernel
should depend on the initramfs. And it is therefore simply wrong if it
does so anyway. Thus, use cases that may be broken by these change are
based on a bug, not a feature. This needs to be fixed by adding a
dependency on the initramfs in the right place, not in the kernel where
this destroys the kernel's sstate-caching.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b75c21fb95
---------------------------
image_types_wic.bbclass: add depend on initramfs
When the wic image creation requires an initramfs image that is not bundled
with the kernel (INITRAMFS_IMAGE_BUNDLE != "1"), ensure that the initramfs
image is built before attempting to create the wic image by adding an
explicit dependency on do_image_complete.
Previously, this dependency was incorrectly handled by kernel.bbclass.
This change moves the responsibility to image_types_wic.bbclass where
it belongs.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2e1e7c8606
---------------------------
bitbake.conf: Enable opengl ptest multiarch wayland vulkan in DISTRO_FEATURES by default
This change enables the modern graphics stack defaults of opengl, wayland and
vulkan, it enables mutliarch which allows gcc, binutils and gdb to target
multiple file formats and it also enables ptests by default
This means that:
* nodistro builds will match the Yocto Project sstate CDN objects
* we have modern graphics defaults
* users will see ptest issues more clearly and be more likely to test
before sending patches
These DISTRO_FEATURES have been tested and used as defaults in poky for a
long time, this brings them into sync.
Backfill is used so those with their own distro can set the
DISTRO_FEATURES_BACKFILL_CONSIDERED variable to stop the backfill happening
for speccific values.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 70a74fa2bd
---------------------------
reproducible: fix git SOURCE_DATE_EPOCH randomness
Anything that defines multiple git sources should have the largest value
taken when calculating the SOURCE_DATE_EPOCH for a package.
The previous iteration actually introduced some degree of randomness, as
it would stop on the first git repository reported by os.walk, which
does not assure any specific ordering by default.
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 082e3286ec
---------------------------
coreutils: upgrade 9.9 -> 9.10
From https://lists.gnu.org/archive/html/coreutils-announce/2026-02/msg00000.html
Notable changes include:
- Options in man pages link directly into the full web docs
- timeout(1) now kills the command for all terminating signals
- paste(1) is now multi-byte character aware
- cp(1) fixes an unlikely infinite loop introduced in v9.9
- The multi-call binary is 3.2% smaller
Drop the 2 backported patches which are now part of 9.10.
License-Update: copyright years refreshed
For ptests, also install coreutils.texi which is used for a new test that ensures
there is an anchor for each --help option for all of coreutils' programs. See:
https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?h=v9.10&id=77e6b5d8f8d1ebc3125d6585a266a912a1123791
+---------+--------+-------+------+------+
| Version | Libc | TOTAL | PASS | SKIP |
+---------+--------+-------+------+------+
| 9.10 | glibc | 705 | 543 | 162 |
| 9.9 | glibc | 683 | 527 | 156 |
+---------+--------+-------+------+------+
| diff | glibc | 22 | 16 | 6 |
+---------+--------+-------+------+------+
| 9.10 | musl | 703 | 544 | 159 |
| 9.10 | musl | 681 | 529 | 152 |
+---------+--------+-------+------+------+
| diff | musl | 22 | 15 | 7 |
+---------+--------+-------+------+------+
Most of the skipped tests are due to being "very expensive" according to the coreutils developers.
The other skipped tests need strace, gdb, etc or locale dependencies which has not yet been added.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cedeb958df
---------------------------
coreutils: kill and uptime are no longer installed
In coreutils-9.10, as explained in:
6b399ad35 build: kill(1), uptime(1): don't install by default
* build-aux/gen-lists-of-programs.sh: kill and uptime are not installed
by arch, debian, fedora, suse at least, so add to disabled list.
Fixes https://github.com/coreutils/coreutils/issues/132
Note that in oe-core:
kill is provided by busybox, procps and util-linux
uptime is provided by busybox and procps
and in other layers there may be other providers of these commands.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c6f1e38dbd
---------------------------
populate_sdk_base: Make SDK_ZSTD_COMPRESSION_LEVEL overridable
Like the other SDK_*_COMPRESSION_LEVELS users may want to override the
final compression level.
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cb318d20f6
---------------------------
devtool: upgrade: do not add dummy git notes
This has been causing a significant performance regression,
to the point where AUH wasn't able to complete upgrades with
particularly large number of git commits between releases [1].
After discussing with Peter [2], running 'oe-selftest -r devtool' with this change (100% pass),
and also doing an AUH run with it, and reviewing the output I think this is fine to remove:
the case is either very niche or non-existent, and if it appears again, we
should come up with a better fix.
[1] https://autobuilder.yoctoproject.org/valkyrie/#/builders/38/builds/54/steps/15/logs/stdio
[2] https://lists.openembedded.org/g/openembedded-core/message/231281
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4f96eaa098
---------------------------
externalsrc: fix duplicate entries in .git/info/exclude
`readlines()` preserves trailing newlines, so the duplicate check
against the stripped link name never matched. Strip lines before
comparing to prevent repeated entries on each devtool modify run.
Signed-off-by: Aditya Kurdunkar <adityakurdunkar2@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 34bafcf3d8
---------------------------
openssl: add support for config snippet includes
This allows configuration (such as enabling providers) to be done by
adding snippet files to /etc/ssl/openssl.cnf.d instead of modifying a
copy of the full configuration file. As new snippets can be added from
separate recipes, targeted changes can be done in multiple layers.
For example, the pkcs11-provider can be enabled by adding a pkcs11.cnf
containing something like:
[default_sect]
activate = 1
[provider_sect]
pkcs11 = pkcs11_sect
[pkcs11_sect]
pkcs11-module-path = /usr/lib/libckteec.so.0
pkcs11-module-quirks = no-operation-state no-deinit
pkcs11-module-encode-provider-uri-to-pem = true
activate = 1
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf848ae6b6
---------------------------
python3-poetry-core: upgrade 2.2.1 -> 2.3.1
License-Update: file format changed to "ASCII text" from
"ASCII text, with CRLF line terminators" in the lark license
Changelog:
============
- Update list of supported licenses
- Fix an issue where platform_release could not be parsed on Windows Server
[RP: merged commits, tweak whitespace and fix commit message]
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b8e48562ba
---------------------------
alsa-lib: patch CVE-2026-25068
Pick patch mentioned in NVD report.
It also includes CVE ID in commit message.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 97bd9c1324
---------------------------
glib-2.0: upgrade 2.86.3 -> 2.86.4
Fixes CVE-2026-1484, CVE-2026-1485 and CVE-2026-1489.
Release notes [1]:
Overview of changes in GLib 2.86.4, 2026-02-13
* Fix several security vulnerabilities of varying severity (see below
for details)
* Bugs fixed:
* #3858 (closed) glib-compile-resources: Incorrect compiler detection
on Windows when building GTK causes a DoS (L. E. Segovia)
* #3863 (closed) Iterating over a short (preallocated) GVariant
bytestring invalidly refs a NULL GBytes (Christian Hergert)
* #3870 (closed) (CVE-2026-1484) (YWH-PGM9867-168) Integer Overflow ->
Buffer Underflow on Glib through glib/gbase64.c via
g_base64_encode_close() leads to OOB Write (Marco Trevisan)
* #3871 (closed) (CVE-2026-1485) (#YWH-PGM9867-169) Buffer underflow
on Glib through gio/gcontenttype-fdo.c via parse_header() lead to
OOB Read/Write (Marco Trevisan)
* #3872 (closed) (CVE-2026-1489) (#YWH-PGM9867-171) Integer Overflow
on Glib through glib/guniprop.c via output_marks() lead to OOB Write
in glib/gutf8.c:g_unichar_to_utf8() (Marco Trevisan (Treviño))
* !4946 (merged) Update Romanian translation glib-2-86
* !4955 (merged) Backport !4954 (merged) “glib-compile-resources:
Always assume MSVC compiler if VCINSTALLDIR is set” to glib-2-86
* !4961 (merged) Backport !4960 (merged) “glib/gvariant: add failing
test for bytestring and fix it” to glib-2-86
* !4979 (merged) [glib-2-86] gbase64: Use gsize to prevent potential
overflow
* !4981 (merged) [glib-2-86] gio/gcontenttype-fdo: Do not overflow if
header is longer than MAXINT
* !4984 (merged) [glib-2-86] guniprop: Use size_t for output_marks
length
* !5010 (merged) Update Kazakh translation
* Translation updates:
* Kazakh (Baurzhan Muftakhidinov)
* Romanian (Antonio Marin)
[1] https://gitlab.gnome.org/GNOME/glib/-/releases/2.86.4
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 359f09f376
---------------------------
cmake: remove obsolete patches
0001-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal.patch can be
replaced with two variable assignments to seed the results we want.
0002-CMakeLists.txt-disable-USE_NGHTTP2.patch is not needed anymore as
the vendored curl will disable the use of nghttp2 automatically if it
isn't found.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 03be77135d
---------------------------
cmake: add license information for vendored cppdap library
Add missing license information for the vendored cppdap library that we
don't yet have a recipe for.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 91ed3b7db2
---------------------------
cmake: use system libuv
We have a recipe for libuv in oe-core, so use it in the target recipe to
avoid vendoring in more code.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a0abec1fff
---------------------------
libuv: enable nativesdk builds
This avoids the internal copy of libuv that cmake would otherwise include
from the nativesdk-cmake build.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 61ea2e5cb2
---------------------------
cmake: consolidate CMAKE_USE_SYSTEM_LIBRARIES
Move CMAKE_USE_SYSTEM_LIBRARIES=1 to cmake.inc so that all builds use
system libraries unless told otherwise.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9d996cafdc
---------------------------
cmake: clean up variables shared between .bb and .inc
Use EXTRA_OECMAKE in the non-cmake-inheriting cmake-native recipe, so
that the cmake.inc can assign once.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f1f605328c
---------------------------
cmake: remove obsolete variable assignments
Remove obsolete assignments:
- KWSYS_CHAR_IS_SIGNED was removed in 3.5.0[1]
- KWSYS_LFS_WORKS was removed in 3.15.0[2]
[1] cmake ec1398d7ae ("KWSys 2015-12-14 (c1149ef6)")
[2] cmake 11fe7c9063 ("KWSys 2019-02-25 (833b2470)")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d08cf87ae1
---------------------------
pkgconf: add pkg-config-native to the nativesdk package
This was added to the pkg-config recipe but not pkgconf.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 29831832ea
---------------------------
pkgconf: small cleanups
There's no need to --with-pkg-confg-dir as the default is the same and
correct.
Don't append BBCLASSEXTEND, there's no need.
Sync pkg-config-native with the pkg-config recipe so that it sets
the variables in the same way.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 175fcf9fad
---------------------------
distro/defaultsetup: Enable space optimization tweaks
This enables a collection of tweaks which reudce build output size where
the output has been found to be particularly problematic.
This reduces sstate object size as well as on disk build footprint, it
also helps memory usage for linking some of the recipes. This in turn
improves built speed and the smaller sstate objects are faster to compress,
decompress and transfer over the network.
This change has been tested in poky for a long time.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4c2d64c10a
---------------------------
distro/defaultsetup: Enable security flags by default
This defaults to including our security flags which use stack-protector-strong
and D_FORTIFY_SOURCE=2 by default, as aids to improve detection of security issues.
This change has been tested in poky for a long time and allows us to align
our default compilation flags and environment.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 03fc931bfe
---------------------------
distro/defaultsetup: Enable no-static-libs by default
In general, few people use statlic libraries. They are however large and take up a lot
of space on disk as well as taking time to compress/decompress and tranfser in sstate
objects.
This change disables most of them by default for disk space and speed/size performance
benefits.
This change has been tested in poky for a long time.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 722897f96d
---------------------------
defaultsetup: Enable uninative by default
uninative allows reuse of native sstate built on one distro on another. This change
enables it by default, as has been done by default in poky for a long time.
The reason for the change is that this makes the sstate CDN much more useful
to speed up builds if good network access is available. It also standardises
the builds to our usual testing configuration, removing one key difference
which new users sometimes run into.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0b4061c5d5
---------------------------
conf: Switch to systemd by default and simplify init manager selection
This change effectively switches things to use INIT_MANAGER to select the init
system and drops the old compatibility 'none' method. The init manager selection
is now complex enough that requiring users to select it makes sense.
The new default is systemd, which reflects popular opinion. This is known to have
issues in some of our configurations such as musl but is also frequently asked for.
Anyone replacing defaultsetup.conf in their own setup will need to provide
equivalent functionality but that is execpted for any of the settings in there.
This change drops sysvinit from the default distro features backfill, meaning
we no longer need to remove it in systemd setups and places the init managers
on a more equal and equivalent standing.
This is a behaviour change for anyone using nodistro and anyone not already
setting INIT_MANAGER explictly. This does not change the default for distros
which select an init manager already (e.g. poky).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 544222c299
---------------------------
conf/distro: Drop default-versions.inc
This conf file used to be useful when we had multiple versions of recipes
but we no longer do that and the file is empty. Remove it as obsolete and
not needed anymore.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6b483d69e0
---------------------------
binutils: Drop unneeded and problematic vardeps explict value and immediate expansion
This was introduced in 0788cf349fe37ef4a36c626dbc396c97d1ab14d7 as a way of
tracking the EXTRA_OECONF changes. These should be tracked reliably by the
contains() code now so it is assumed this was working around a bug at the time.
I checked the current task hashes and that information is there.
Therefore drop this bit of code as the immediate expansion causes inaccurate
values.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 61aaa2c597
---------------------------
nativesdk/crosssdk: Fix DISTRO_FEATURES_BACKFILL handling
Similar to native, backfilling of items from DISTRO_FEATURES when
combined with DISTRO_FEATURES_FILTER_NATIVESDK was not functioning
correctly.
Ensure the backfill is applied before filtering, then clear the value to
prevent further backfill. This makes the nativesdk and crosssdk cases
match the native code.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 74ba238ff1
---------------------------
rust: Enable dynamic linking with llvm
Fixes [Yocto #16058]
A segmentation fault occurs in rustc (e.g. in
llvm::X86ReadAdvanceTable) when reusing sstate artifacts built with
different host toolchain versions.
Issue sequence:
1. llvm-native is built with a newer toolchain
(e.g. GCC 15/Binutils 2.45).
2. rust-native is later built with an older linker.
(e.g. GCC 12/Binutils 2.40).
3. The older linker statically links parts of llvm-native into
librustc_driver.
4. The resulting binary crashes at runtime inside the statically
linked LLVM code.
The corruption happens at link time when mixing static native objects
produced by different toolchain generations.
Enable dynamic LLVM linking (link-shared = true) for rust-native so rustc
links against libLLVM.so instead of static archives, avoiding host linker
incompatibilities when reusing sstate artifacts.
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Suggested-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4f79b45b7a
---------------------------
ifupdown: correct upstream version check
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b290db3fbf
---------------------------
blktrace: correct SRC_URI
AI scrapers prompted the move:
https://git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/?id=9b24b42ef59d2e8015957db3dd70ffedb7ebcfe8
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1fdcc2fae5
---------------------------
python3-sphinx: backport patch to fix singlehtml URIs
The singlehtml builder creates broken links, as reported on the
yocto-docs list[1].
This issue was also reported upstream[2], and the temporary fix is to
revert commit c93723b80396 ("singlehtml: deprecate the 'fix_refuris'
helper function (#13037)") in sphinx.
Backport the revert commit as a patch in OE-Core.
[1]: https://lore.kernel.org/r/d8d48a98-edb6-4e30-a49b-0a9b52b14216@bytesatwork.ch
[2]: https://github.com/sphinx-doc/sphinx/issues/14221
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c544f12073
---------------------------
busybox: Enable SELinux support if DISTRO_FEATURES contains 'selinux'
If selinux is contained in DISTRO_FEATURES, enable CONFIG_SELINUX which
needs a dependency on libselinux.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 089bdd1b5e
---------------------------
time64.inc: add links to "Y2038 in Yocto" slides and video
I'm not sure if placing conference slides and video links
here is okay, but I believe this is the best starting point
for anyone dealing with the Y2038 problem. It will help and
provide important context and action points for those needing
to support 32 bit products beyond Y2038.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 640e2f9d76
---------------------------
time64.inc: clean up and add upstream tickets where issues remain
Most issues were resolved via upstream version updates that bring in
needed fixes:
glib-2.0 update to 2.78.0 that includes:
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3547
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3550
curl update to 8.3.0 that includes
https://github.com/curl/curl/pull/11610
util-linux update to 2.39 that includes
https://github.com/util-linux/util-linux/pull/2430
https://github.com/util-linux/util-linux/commit/3ab9e699a8d90f55e0447516b7e05a8686180467
https://github.com/util-linux/util-linux/pull/2435
glib-networking update to 2.78.0 that includes
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/241
python3-cryptography update to 42.0.0 which resolves
https://github.com/pyca/cryptography/issues/9370 via
https://github.com/pyca/cryptography/pull/9964
perl update to 5.40.0 which includes
https://github.com/Perl/perl5/pull/21379
python3 update to 3.13.0 which includes
https://github.com/python/cpython/pull/118425
python3 update to 3.13.1 which includes
https://github.com/python/cpython/pull/124972
python3 update to 3.14.0 which includes
https://github.com/python/cpython/pull/119401
https://github.com/python/cpython/pull/125045
https://github.com/python/cpython/pull/107594
https://github.com/python/cpython/pull/125104
tcl update to 9.0.0 which includes
https://github.com/tcltk/tcl/commit/4ca61724c554f02d90a0655da81372bfbb34f70d
(tcl8 recipe has a simple backport of this)
dbus update to 1.16.0 which includes
https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/444
https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/289
openssh update to 10.0p1 which includes
https://github.com/openssh/openssh-portable/pull/425
https://bugzilla.mindrot.org/show_bug.cgi?id=3684
https://marc.info/?l=openbsd-bugs&m=172561736524815&w=2
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-October/041621.html
(all reporting the same issue)
gcc update to 15.1 which includes
https://github.com/llvm/llvm-project/pull/99699
via https://github.com/gcc-mirror/gcc/commit/fa321004f3f6288d3ee2eefa6b02177131882dca
and allows dropping special flags and exceptions for gcc-sanitizers.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4b7284b6f6
---------------------------
lttng-tools: install .expect test files with a wildcard
Otherwise, there will be failures on 32 bit hosts. Note
that the needed files are erroneously absent from upstream
release tarballs:
https://bugs.lttng.org/issues/1436
but once that is resolved, this commit will be effective.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d7103e9f49
---------------------------
lttng-tools: add missing python3-multiprocessing dependency to ptests
This restores the not-running tests, and everything is again able
to run (and pass).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 27817cda4b
---------------------------
lttng-tools: ensure that ptest errors are not suppressed
At some recent point lttng-tools ptests have quietly regressed,
and most of them aren't executed anymore. Errors are printed
on the console, but aren't reported as exit code from run-ptest.
The reason is that exitcode was set to what sed returned, not make.
The original reason for piping through sed was to unify /tmp/tmp.xxxx outputs
for easier results comparison, but (after fixing the tests) I don't
see such lines anymore, and in any case ensuring such regressions
are caught is more important.
With this fix, run-ptest and testimage starts to fail as it should.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a2c6bf5822
---------------------------
checklayer: fix get_depgraph() hang when command fails
The get_depgraph() function hangs indefinitely when a layer causes
command failures (e.g. meta-virtualization) because:
1. bb.command.CommandFailed was not included in the event mask passed
to set_event_mask(), so the failure event was silently dropped and
the while True loop never received a terminating event.
2. There was no timeout handling for the case where wait_event()
repeatedly returns None, leaving no escape from the loop.
Add CommandFailed to the event mask so failure events are properly
received and handled. Also add a timeout counter that raises
RuntimeError after 300 consecutive seconds of no events, preventing
an infinite hang.
Fixes [YOCTO #16170]
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b63c3507f0
---------------------------
iproute2: update link to homepage
The old link redirects here now.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 69f903dcff
---------------------------
native: Replace e.data with d
e.data was deprecated a while ago, replace the remaining references with
d, they are the same thing.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 18ac84e488
---------------------------
native: Use dynamic filtering for PROVIDES
Currently, PROVIDES is one of the few variables left which isn't handled by
filter code dynamically. This lead to bugs if for example you have a
PACKAGECONFIG value which references DISTRO_FEATURES, and DISTRO_FEATURES
is being set in the the native case late by backfill. The early expansion
of the value means it can use an incorrect DISTRO_FEATURES value leading to
confusing errors.
Convert the code to use a filter in common with the other code in the class.
This does lead to some behaviour differences outside OE-Core in meta-oe for
example where the PROVIDES of gd-native changed:
"gd-native gd-native-tools"
to
"gd-native gd-tools-native"
where the change is a clear improvement in correctness.
This fixes issues when DISTRO_FEATURES has backfill options in place in
the native case.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d386113c07
---------------------------
native: Fix DISTRO_FEATURES backfill handling in native case
Currently, features listed in DISTRO_FEATURES_FILTER_NATIVE are not supported
for DISTRO_FEATURES_BACKFILL as the two variables interact badly. We now have
need to add some features to backfill which are in the filter_native case.
This patch fixes the handling by appuing the backfill, then zeroing the variable
once they are applied. This leads to them being correctly filtered.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 432b81d150
---------------------------
xinput: allow native build
This is required to build x11 support for libsdl3-native
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e9a35f32b9
---------------------------
pseudo: Update to include a fix for systems with kernel <5.6
$ git log --oneline --no-decorate 9ab513512d8b5180a430ae4fa738cb531154cdef..43cbd8fb4914328094ccdb4bb827d74b1bac2046
43cbd8f ports/linux: define __NR_openat2 if missing
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 32e9be1675
---------------------------
python3: upgrade 3.14.2 -> 3.14.3
>From release notes [1]:
Security
* gh-144125: BytesGenerator will now refuse to serialize (write)
headers that are unsafely folded or delimited; see
verify_generated_headers. (Contributed by Bas Bloemsaat and Petr
Viktorin in gh-121650).
* gh-143935: Fixed a bug in the folding of comments when flattening an
email message using a modern email policy. Comments consisting of a
very long sequence of non-foldable characters could trigger a forced
line wrap that omitted the required leading space on the continuation
line, causing the remainder of the comment to be interpreted as a new
header field. This enabled header injection with carefully crafted
inputs.
* gh-143925: Reject control characters in data: URL media types.
* gh-143919: Reject control characters in http.cookies.Morsel fields
and values.
* gh-143916: Reject C0 control characters within wsgiref.headers.Headers
fields, values, and parameters.
[1] https://docs.python.org/3/whatsnew/changelog.html#python-3-14-3-final
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bc0075350e
---------------------------
libpng: upgrade 1.6.54 -> 1.6.55
Release notes [1]:
* Fixed CVE-2026-25646 (high severity):
Heap buffer overflow in `png_set_quantize`.
(Reported and fixed by Joshua Inscoe.)
* Resolved an oss-fuzz build issue involving nalloc.
(Contributed by Philippe Antoine.)
[1] https://github.com/pnggroup/libpng/blob/v1.6.55/ANNOUNCE
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f159f285ae
---------------------------
rpm-sequoia: upgrade 1.10.0 -> 1.10.1
Contains two commits pertaining to signature handling:
- 1ede9cdd
Return NotTrusted for signatures that don't conform to the policy.
- 20087fe6
Return NotTrusted for signatures that use unsupported algorithms
Also, commit 06c3a76f updates Cargo.lock
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af35753610
---------------------------
zlib: upgrade 1.3.1 -> 1.3.2
Delete patch included in this version.
Remove CVE_STATUS for CVE resolved in this release.
Release information: [1]
More details on homepage: [2]
Audit details: [3]
Version 1.3.2 has these key updates from 1.3.1:
* Address findings of the 7ASecurity audit of zlib.
* Check for negative lengths in crc32_combine functions.
* Copy only the initialized window contents in inflateCopy.
* Prevent the use of insecure functions without an explicit request.
* Add compressBound_z and deflateBound_z functions for large values.
* Use atomics to build inflate fixed tables once.
* Add --undefined option to ./configure for UBSan checker.
* Copy only the initialized deflate state in deflateCopy.
* Zero inflate state on allocation.
* Add compress_z and uncompress_z functions.
* Complete rewrite of cmake support.
* Remove untgz from contrib.
* Vectorize the CRC-32 calculation on the s390x.
* Remove vstudio projects in lieu of cmake-generated projects.
* Add zipAlreadyThere() to minizip zip.c to help avoid duplicates.
* Add deflateUsed() function to get the used bits in the last byte.
* Fix bug in inflatePrime() for 16-bit ints.
* Add a "G" option to force gzip, disabling transparency in gzread().
* Return all available uncompressed data on error in gzread.c.
* Support non-blocking devices in the gz* routines.
[1] https://github.com/madler/zlib/releases/tag/v1.3.2
[2] https://zlib.net/
[3] https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 755e805801
---------------------------
dpkg: 1.22.21 -> 1.23.5
Refresh patches:
- 0001-build.c-ignore-return-of-1-from-tar-cf.patch
- 0001-script.c-avoid-use-of-chroot.patch
- 0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch
- 0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch
- 0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch
- arch_pm.patch
- remove-tar-no-timestamp.patch
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d9ec9e20ee
---------------------------
systemd: Stop supporting sysvinit compatibility
Systemd has worked with sysvinit compatibility but upstream plans to remove
this and hence we will no longer be able to support it. We need to remove this
before the LTS since the support will certainly not be there for the lifetime
of the LTS.
This patch disables that usage mode and removes some of the compatibility logic.
There is more that can be removed, this is meant just to signal to people it is
no longer supported and start that process. Further cleanup can be made over time
in later commits.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 41ddc84609
---------------------------
oeqa/selftest/overlayfs: Improve systemd test configuration
We need to ensure that sysvinit and systemd are not enabled together. Tweak
the tests to use INIT_MANAGER to correctly achieve this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 332c94b91a
---------------------------
oeqa/selftest/bbclasses: Drop systemd+sysvinit test
This configuration is no longer possible with recent systemd changes, drop
the test.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1acd1998bb
---------------------------
python3-cryptography: Disable legacy-openssl by default
Disable legacy-openssl support by default to match the openssl recipe.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a150c3580f
---------------------------
openssl: Add legacy packageconfig option
Add packageconfig option to enable legacy support (disabled by default).
The legacy module includes deprecated and unmaintained OpenSSL
components. Drops openssl-oss-module-legacy from a runtime depends to a
runtime recommends for ptest.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d5501e7720
---------------------------
openssl: Disable TLS 1.0/1.1 by default
TLS 1.0 and TLS 1.1 have been deprecated by the IETF since 2021.
Disables support by default in packageconfig, requiring users to
explicitly opt-in for these deprecated protocols.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fd3b1efb6f
---------------------------
python3: Backport TLS test fix
Backports fix for Python3 that allows TLS 1.2 to be the minimum version.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 51da1742bf
---------------------------
bluez5: upgrade 5.85 -> 5.86
Changelog:
- Fix issue with number of retries on authentication failures.
- Fix issue with G.722 @ 16 kHz codec ID value reported by transport.
- Add support for Telephony interface.
- Add support for Ranging profile.
- Add support for GMAP service.
- Add support for TMAP service.
Full changelog:
https://github.com/bluez/bluez/compare/5.85...5.86
Changes relevant for the build:
- mcaptest tool has been removed
- sap and health profiles have been removed from the code base
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 49f8a79a70
---------------------------
gnutls: upgrade 3.8.11 -> 3.8.12
Release information: [1]
Solves CVE-2025-14831 and CVE-2026-1584.
Remove patch included in this release.
Add workaround for cross-compilation bug in release tarball.
[1] https://lists.gnutls.org/pipermail/gnutls-help/2026-February/004914.html
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 72819b9e60
---------------------------
go: upgrade 1.25.7 -> 1.26.0
Release Announcement: [1]
Release notes: [2]
Refreshed all patches and dropped patch merged upstream.
[1] https://groups.google.com/g/golang-announce/c/uVOCkuwbiD8
[2] https://go.dev/doc/go1.26
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4003a5084d
---------------------------
own-mirrors: Drop obsolete fetcher mapping
These fetchers are being dropped from bitbake. Clean up the PREMIRRORS to
match.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dea5ac6b62
---------------------------
sanity: Update to account for removed fetchers
Some fetch types were dropped in bitbake, update the sanity tests to match.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c6e63cf96c
---------------------------
lib/oe/recipeutils: Drop obsolete FETCHCMD
These fetcher variables are being removed, drop the references.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2c233165d4
---------------------------
oeqa/selftest/buildoptions: Drop pointless/obsolete mirror entries
We've never had any of these sources on this mirror and support for
several is about to be removed in the fetchers anyway. Drop the
obsolete entries.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 755d1d1593
---------------------------
mirrors: Drop obsolete/inappropriate OE/YP mirror entries
These fetchers aren't used by code that would end up on these mirrors and are about
to be removed anyway in some cases. Drop the pointless/obsolete entries.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f50a2005dd
---------------------------
libksba: add ptest support
Add ptest support to enable automated testing of libksba
using ptest-runner.
The implementation builds and installs test executables from
the tests/ directory along with the required test data files
from the samples/ directory.
Test results on qemux86-64:
PASS: cert-basic
PASS: t-cms-parser
PASS: t-crl-parser
PASS: t-der-builder
PASS: t-dnparser
PASS: t-ocsp
PASS: t-oid
PASS: t-reader
All 8 tests pass.
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 739583da02
---------------------------
libxkbfile: upgrade 1.1.3 -> 1.2.0
Changelog:
- libxkbfile is used by the X servers and utilities to parse the XKB
configuration data files.
- This release adds a new XkbRF_FreeVarDefs() API, and brings over many
fixes from the other copies of XKB code in the various X.Org repos.
- Since no complaints were received about the added meson build system
in the 1.1.3 release (February 2024), the autoconf build system has been
removed in this release.
Ref: [https://lists.x.org/archives/xorg-announce/2026-January/003662.html]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 394604b257
---------------------------
oe-selftest: devtool: add test for gdb pretty-printing
This extends the existing devtool IDE SDK tests to verify that gdb
pretty-printing is working correctly.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c187d9231c
---------------------------
python3-packaging: be more specific when skipping tests on musl
We don't need to skip all of test_tags.py, just the two test cases that
use manylinux.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 796ce40e3e
---------------------------
oeqa/selftest/devtool: add devtool modify testcase for nested gitsm
Add a selftest that exercises devtool modify against git repositories
that contain nested git repositories with submodules.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c63fa18db3
---------------------------
devtool: avoid recursion into nested git repos with submodules
Prevent devtool from recursing into nested git repositories with
submodules to avoid double git submodule add operation.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4f6192f316
---------------------------
cve-update-nvd2-native: Use maximum CVSS score from all sources
The CVE check system was incorrectly reporting lower CVSS scores when
multiple scoring sources were available in the NVD database. This
occurred because the code only extracted the first element from the
metrics arrays, which could be a "Secondary" source with a lower score
rather than the "Primary" source or the highest available vendor score.
According to the CVSS v4.0 User Guide, "In situations where multiple
CVSS-B scores are applicable but only one is provided, the highest
CVSS-B score must be utilized." This follows the "reasonable worst-case"
principle established by the CVSS SIG.
This fix iterates through all available sources (v2, v3.0, v3.1, and
v4.0) and selects the maximum CVSS score to ensure the highest severity
is reported.
Fixes [YOCTO #15931]
References:
- https://www.first.org/cvss/v4.0/user-guide
- https://www.first.org/cvss/v3.1/user-guide
- https://www.first.org/cvss/v2/minutes/cvss-meeting-minutes-06202006.pdf
Signed-off-by: Het Patel <hetpat@cisco.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cb536737be
---------------------------
wic/engine: error on old host debugfs for standalone directory copy
When wic is used in standalone mode, it relies on host tools such as
debugfs. For directory host->image copies into ext* partitions, wic
uses scripted debugfs "-f" input with multiple mkdir/write commands.
Older host debugfs versions (< 1.46.5) may behave unreliably in this
mode and can silently miss files. This does not affect builds using
debugfs from OE where the version is known to be sufficiently new.
Add a debugfs version check and emit an error when an older host
debugfs is detected. The error is shown once per run and halts execution.
Changes in v2:
- adjust the last working debugfs version to 1.46.5
Changes in v3:
- switch debugfs check from warning to error
Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6b720a30f3
---------------------------
iso-codes: upgrade from 4.19.0 to 4.20.1
Changes:
https://salsa.debian.org/iso-codes-team/iso-codes/-/blob/main/CHANGELOG.md
License-Update: update license to LGPL-2.1-or-later.
The build system is switched from autotools to meson. Note that
meson is now the only supported build system for iso-codes.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0e36687d2d
---------------------------
libsolv: ptest: remove conditional checks
Simplify run-ptest and do_install_ptest by removing conditional
checks. If upstream renames or relocates test files, the build should
fail explicitly rather than silently skipping tests, ensuring the
recipe is updated appropriately.
Changes:
- Use testcases/* glob to automatically discover all test suites
- Remove file existence checks from run-ptest
- Remove file existence checks from do_install_ptest
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2623ba16b1
---------------------------
vim: fix race when installing the Swedish tutorial
A mkdir might not happen, resulting in an install failure.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7ba65231a9
---------------------------
icu: upgrade from 78.1 to 78.2
icu 78.2 changes:
https://github.com/unicode-org/icu/releases/tag/release-78.2
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ccc585f94c
---------------------------
libcxx: remove no-atomics from PACKAGECONFIG
In commit [1], upstream has dropped _LIBCXXABI_HAS_ATOMIC_BUILTINS,
clean up no-atomics from PACKAGECONFIG otherwise build for qemuarmv5
failed
$ echo "MACHINE = 'qemuarmv5'" >> conf/local.conf
$ bitbake libcxx
...
| tmp/work/armv5e-oe-linux-gnueabi/libcxx/21.1.8/recipe-sysroot-native/usr/bin/arm-oe-linux-gnueabi/
arm-oe-linux-gnueabi-ld: cannot find -latomic: No such file or directory
| arm-oe-linux-gnueabi-clang++: error: linker command failed with exit code 1 (use -v to see invocation)
...
[1] https://github.com/llvm/llvm-project/commit/f8b1cc36578608f2f840d7ea8b0aa9b28fdaa492
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6092b9a321
---------------------------
python3-numpy: upgrade 2.3.5 -> 2.4.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9d61764f7e
---------------------------
piglit: use 'shape' in place of 'newshape' on numpy>=2.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5b5d425f2d
---------------------------
libx11-compose-data: upgrade 1.8.4 -> 1.8.12
- upgrade libx11-compose-data to 1.8.12 as it is part of libx11, and
libx11 already upgrade to 1.8.12
- refresh the patch 0001-Drop-x11-dependencies.patch
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6913708b34
---------------------------
lttng-platforms.inc: set LTTNGMODULES with ?=
Set LTTNGMODULES with ?= in lttng-platforms.inc, then it could be set in
.conf files to override it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 188b469953
---------------------------
gnupg: 2.5.14 -> 2.5.17
Release-info: https://dev.gnupg.org/T7996
Compare commits updates:
$ git clone https://github.com/gpg/gnupg.git
$ git log --oneline gnupg-2.5.14..gnupg-2.5.17
17b514596 (tag: gnupg-2.5.17) Release 2.5.17
f2f89dc82 po: msgmerge
11b7e4139 gpg: Fix possible NULL-deref with overlong signature packets.
93fa34d9a tpm: Fix possible buffer overflow in PKDECRYPT
c3e387427 po: Update Swedish translation
eba28eeaa agent: Add accelerator keys for "Wrong" and "Correct".
2438271ab agent: Fix stack buffer overflow when using gpgsm and KEM
c7770b0a7 gpgsm: Make multiple search patterns work with keyboxd.
71570012e gpg: Remove a dead statement.
0bcd9be9a gpg: New export-option "keep-expired-subkeys"
0e37a6779 doc: Improve the "Programmatic use of GnuPG" section.
5f4ad39b1 doc: Rename an internal function to clarity the purpose.
8d4fc7667 dirmngr: Help detection of bad keyserver configurations.
d97e52cc7 scd:openpgp: register vendor 4d52
916982b8c Post release updates
7d38a23b8 (tag: gnupg-2.5.16) Release 2.5.16
a9da315fb Revert "misc: Validate the value on the use of strtol."
26c422e5b Post release updates
7ee523ac2 (tag: gnupg-2.5.15) Release 2.5.15
947ea3c41 gpg: Deprecate the option --not-dash-escaped.
abe9bddaa gpg: Fix for a recently claimed harmless keyboxd change.
4ec86dca3 po: msgmerge
691fa4ecb po: Update German translation
81bb94975 keyboxd: Fix database schema migration.
267f6db56 doc: Document default symmetric algo as AES-256
5d0ba97c8 Prepare NEWS
1b3bb7dde po: Enable Georgian translation.
6c1d13ac6 gpg: Implement skip function for keyboxd to fix a validation bug.
01eaa386e keybox: Fix the not yet used uid and pk keyblock index return values.
c7472b1b9 po: Update Georgian Translation.
4350fc192 Avoid the function name thread_init.
674aa5424 dirmngr: Add a compatibility flag for use with newer Libksba versions.
32a3e5f83 common:dotlock: Escalate a warning message up to INFO from DEBUG.
aab29b128 kbx:sqlite: Don't call dotlock_release.
d4e40e2a8 common:dotlock: Comment fixes.
68dcfec91 common:dotlock:w32: Minor fixes for Windows.
e4f20ba10 commond:dotlock: Remove support of use with glib.
493276a20 po: Update Portuguese translation
216a695ce agent: Use SHADOW_INFO to silence warnings.
57affc4e9 common,agent,dirmngr,kbx:w32: Synchronous spawning daemon process.
cad79e542 agent,common,dirmngr,tests: Silence warnings of a compiler.
bcd87ea2b misc: Validate the value on the use of strtol.
ce44fde23 Post release updates
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 78156f9ea2
---------------------------
vim: Upgrade 9.1.2128 -> 9.1.2144
Upgrade from 9.1.2128 to 9.1.2144 to include the fix for
CVE-2026-25749 [1] [2].
[1] https://github.com/vim/vim/security/advisories/GHSA-5w93-4g67-mm43
[2] https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9c39e478fa
---------------------------
strace: upgrade from 6.18-> 6.19
Release notes:
https://github.com/strace/strace/releases/tag/v6.19
License-Update: copyright years refreshed
Ptest results for qemux86-64/kvm:
+------------+--------+---------+-------+
| Version | Passed | Ignored | Total |
+------------+--------+---------+-------+
| 6.18 glibc | 1,127 | 332 | 1,459 |
| 6.19 glibc | 1,129 | 332 | 1,461 |
| 6.19 musl | 1,123 | 338 | 1,461 |
+------------+--------+---------+-------+
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f3e9d1326b
---------------------------
libconfig: add ptest support
Add ptest support to enable automated testing of libconfig
using ptest-runner.
The implementation uses libtool --mode=install to properly
install test binaries, avoiding issues with libtool wrapper
scripts. Tests are built via 'make check TESTS=' to compile
without running during the build phase.
The test suite includes 16 tests covering parsing, formatting,
binary/hex values, escaped strings, and various edge cases.
All tests pass successfully on qemux86-64 :
START: ptest-runner
BEGIN: /usr/lib/libconfig/ptest
[TEST] ParsingAndFormatting
parsing testdata/input_0.cfg
parsing testdata/input_1.cfg
parsing testdata/input_2.cfg
parsing testdata/input_3.cfg
parsing testdata/input_4.cfg
parsing testdata/input_5.cfg
parsing testdata/input_6.cfg
parsing testdata/input_7.cfg
[ OK ] ParsingAndFormatting
[TEST] ParseInvalidFiles
[ OK ] ParseInvalidFiles
[TEST] ParseInvalidStrings
[ OK ] ParseInvalidStrings
[TEST] BigInt1
[ OK ] BigInt1
[TEST] BigInt2
[ OK ] BigInt2
[TEST] BigInt3
[ OK ] BigInt3
[TEST] BigInt4
[ OK ] BigInt4
[TEST] BigInt5
[ OK ] BigInt5
[TEST] BigInt6
[ OK ] BigInt6
[TEST] BigInt7
[ OK ] BigInt7
[TEST] RemoveSetting
[ OK ] RemoveSetting
[TEST] EscapedStrings
[ OK ] EscapedStrings
[TEST] OverrideSetting
[ OK ] OverrideSetting
[TEST] SettingLookups
[ OK ] SettingLookups
[TEST] ReadStream
[ OK ] ReadStream
[TEST] BinaryAndHex
some auto big hex: 4294967296
some auto big bin: 8589934591
negativehex: -1430532899
[ OK ] BinaryAndHex
16 tests; 16 passed, 0 failed
PASS: libconfig_tests
DURATION: 0
END: /usr/lib/libconfig/ptest
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1010abf3e3
---------------------------
libassuan: add ptest support
Add ptest support to enable automated testing of libassuan
using ptest-runner.
The implementation installs test programs (version, pipeconnect,
fdpassing) and the shell script test (fdpassing-socket.sh).
All 4 tests pass on qemux86-64:
START: ptest-runner
BEGIN: /usr/lib/libassuan/ptest
PASS: version
Received data `Your lucky number is 3552664958674928. Watch for it everywhere.'
PASS: pipeconnect
PASS: fdpassing
PASS: fdpassing-socket.sh
END: /usr/lib/libassuan/ptest
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6e0bf90e31
---------------------------
libarchive: add ptest support
Add ptest support to enable automated testing of libarchive
using ptest-runner.
The implementation builds and installs five test suites:
libarchive_test, bsdtar_test, bsdcpio_test, bsdcat_test, and
bsdunzip_test, along with their test data files.
Test executables for bsdtar, bsdcpio, bsdcat, and bsdunzip are
provided via symlinks to the installed binaries.
All tests on qemux86-64 pass:
libarchive_test: 689 tests
bsdtar_test: 76 tests
bsdcpio_test: 49 tests
bsdcat_test: 18 tests
bsdunzip_test: 8 tests
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b0bec96403
---------------------------
oe-setup-build: TEMPLATECONF were not applied correctly
Since a recent change to support dash, cmd_base is a set of several
commands, separated by newlines.
TEMPLATECONF was only effective for the first command in that set,
which is not where it's needed.
Putting it on its own line will ensure that it's present for
everything in cmd_base.
Signed-off-by: Logan Gallois <logan.gallois@hexagon.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 68d2d38483
---------------------------
classes/pkgconfig: move variable exports to the class
All recipes that use pkg-config should be inheriting the class so this
is a no-op change for those, and for recipes that do not use pkg-config
will no longer need to rebuild if these variables are changed.
Any recipes that use pkg-config but do not inherit the class will fail
to build, and this is intentional: those recipes should inherit the class.
This commit is simply the move of the exports, the values do not change.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7ecbb214fa
---------------------------
python3-numpy: backport a Meson patch to fix pkg-config lookups
When Meson uses pkg-config to introspect the Python install it resets
PKG_CONFIG_PATH and PKG_CONFIG_LIBDIR to the location that the running
python3 says is the library directory. However, when it writes to
PKG_CONFIG_LIBDIR it uses the _target_ library directory without
prefixing this with the sysroot, which breaks the build if _LIBDIR is
the primary search path.
This has been fixed in Meson since 1.10.0[1] but numpy has a vendored
fork of Meson that is currently at 1.9.2, so backport the specific fix
to solve this problem.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d4bb6a4e45
---------------------------
perf: inherit the pkgconfig class
Perf uses pkg-config, so should inherit the class.
Also remove the sedding of PKG_CONFIG, we pass it in as an argument to
make via EXTRA_OEMAKE so the sed is redundant.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bc06157db7
---------------------------
pkgconfig: inherit the pkgconfig class
Building target pkgconfig needs pkgconfig-native because pkgconfig uses
pkgconfig to find libglib. Inherit the pkgconfig class so that the
pkgconfig recipe does not need to know the details of how pkgconfig is
integrated.
Native builds use an internal copy of glib to avoid the circular
dependency, and the self-dependency on pkgconfig-native is automatically
pruned.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fff91e1774
---------------------------
mesa: upgrade 25.3.5 -> 26.0.0
See https://docs.mesa3d.org/relnotes/26.0.0.html for the changelog and
sha256sum.
This removes:
- 0001-ethosu-drop-file-names-from-the-generated-file.patch, as it is
merged in commit cdb6468c53ef ("ethosu: drop file names from the
generated file"),
- 0001-gfxstream-don-t-dump-genvk.py-args-to-generated-file.patch, as it
is merged in commit 4315c28739dc ("gfxstream: don't dump genvk.py args
to generated files"),
- 0002-rocket-drop-file-names-from-the-generated-file.patch, as it is
merged in commit 7a3bfd1f7913 ("rocket: drop file names from the
generated file"),
0001-freedreno-don-t-encode-build-path-into-binaries.patch is updated to
latest version in the merge request. Unfortunately, the do_patch task
with the patch file directly downloaded from the merge request fails to
apply it due to patch-fuzz. Instead, I downloaded the file locally and
applied it with git-am and use git-format-patch to generate one that
do_patch doesn't complain about.
Since commit b72d347d1c3b ("meson: crocus and intel_hasvk now require
clc"), both crocus and intel_hasvk require clc, so let's make this
dependency explicit by requiring libclc PACKAGECONFIG to enable those
drivers.
KosmicKrisp is a new driver but my understanding is it's for MacOS only
and we're not generated that OS, so skip adding a PACKAGECONFIG for it.
r600 now doesn't require LLVM anymore since commit ebf14544102e ("r600:
remove LLVM dependency") but for some reason we never added the
dependency so no need to remove something that isn't there.
There's a new option vulkan-manifest-per-architecture (default true)
which controls whether the target machine architecture must be part of
the Vulkan ICD filenames. The meson feature description states:
If false, all architectures share a single JSON manifest for example
lvp_icd.json, referencing the library by its basename. (Recommended for
Unix OS distros installing into /usr.)
Considering we install the Vulkan ICDs into /usr/share, let's make this
false by default. Also, we're only building for one architecture so this
probably doesn't change much except renaming.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 089400399e
---------------------------
mesa: fix missing llvm dependency for i915
i915 requires llvm at least explicitly since commit b8b38d38b1c1
("meson: reinstate LLVM requirement for r300 and enforce it for i915
too") in mesa (available since 25.3.0).
By default, Intel machines are built with gallium-llvm (see the various
PACKAGECONFIG:append: in mesa.bb), so the dependencies would be met.
It seems like Intel Arc discrete GPU may be supported by i915, so I'm
assuming it could be possible to have a non-Intel machine have the need
for the i915 driver.
In any case, this is highlighting the actual dependencies so let's add
gallium-llvm as a dependency for i915, as it should.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6dc0d1f3a8
---------------------------
mesa: upgrade 25.3.4 -> 25.3.5
Upgrade mesa to the latest stable release.
See https://docs.mesa3d.org/relnotes/25.3.4.html for release notes and
sha256sum.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2c20c05b32
---------------------------
pseudo: Update to include an openat2 fix
We're seeing occasional autobuilder failures with tar issues related to openat2.
It appears there are definitions missing on debian 11 and opensuse 15.5 systems
which mean the openat2 syscall intercept isn't compiled in. This then triggers
on systems using the openat2 syscall, such as alma9 where it is used in a tar
CVE fix.
This updates to include the fix from upstream pseudo (along with a compile warning
fix).
This was tested by taking sstate for pseudo-native from a debian 11 system and using
it in a build of "bitbake nativesdk-git -c install" on a alma9 system where that task
failed. After this fix, it completes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3a8f0075d5
---------------------------
populate_sdk_ext: Ensure BB_BASHSERBVE_DB_DIR is handled correctly
The new BB_BASHSERBVE_DB_DIR variable needs to be filtered when creating eSDK
local.conf files since we use tricks with the hashserve DB in the eSDK to
create a local cache file as part of eSDK creation.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a69e2baba8
---------------------------
devtool: ide-sdk: Support GDB pretty-printing for C++ STL types
GDB requires Python scripts provided by GCC to properly display C++ STL
types. This commit adds support for configuring GDB to use these
pretty-printers in the ide-sdk, covering both the ide_none and ide_code
plugins.
The implementation locates the GCC Python helper scripts in the sysroot
and injects the necessary commands into the GDB initialization files and
IDE debug configurations. This ensures that when debugging C++
applications, STL containers and other complex types are displayed in a
readable format.
Without this:
(gdb) print numbers
$1 = {<std::_Vector_base<int, std::allocator<int> >> = {
_M_impl = {<std::allocator<int>> = {<std::__new_allocator<int>> =
{<No data fields>}, <No data fields>}, <std::_Vector_base<int,
std::allocator<int> >::_Vector_impl_data> =
{_M_start = 0x55555556c370, _M_finish = 0x55555556c37c,
_M_end_of_storage = 0x55555556c37c}, <No data fields>}},
<No data fields>}
With this:
(gdb) print numbers
$1 = std::vector of length 3, capacity 3 = {1, 2, 3}
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e4e8ff14ab
---------------------------
cpp-example: Add std::vector example
Add a standard container (std::vector) to the C++ example program to
demonstrate the debugger's capability to inspect and traverse STL
containers during a debugging session. This requires enabling GDB's
pretty-printing feature, which depends on Python scripts shipped with
the compiler.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4019d572ec
---------------------------
devtool: ide-sdk: evaluate DEBUG_PREFIX_MAP
Improve the reverse mapping for searching the source files for remote
debugging by taking the details from DEBUG_PREFIX_MAP into account when
generating GDB's debug-file-directory mappings. This allows settings
such as DEBUG_PREFIX_MAP = "" for modified recipes to be used to avoid
any path remapping.
Background:
For packaged debug-symbols, the references to the source code need to be
relocated to paths which are valid on the target system. By default,
devtool ide-sdk tries to keep the relocated paths and configures the
debugger to reverse map them back to the original source paths. The goal
is to provide a debug setup which is a close as possible to a regular
build.
Usually this works well, but there are situations where the reverse
mapping is not unambiguous. For example the default DEBUG_PREFIX_MAP
DEBUG_PREFIX_MAP ?= "\
-ffile-prefix-map=${S}=${TARGET_DBGSRC_DIR} \
-ffile-prefix-map=${B}=${TARGET_DBGSRC_DIR} \
adds two different source paths (${S} and ${B}) to the same target path
(${TARGET_DBGSRC_DIR}). If both source paths contain files with the same
name, the debugger cannot determine which source file to use. For this
example it is usually sufficient to only map ${S} to the target path.
The source files in ${B} are probably a few generated files which are
not that interesting for debugging. But depending on the project, the
files in ${B} might also be relevant for debugging.
Also add a hint to the generated local.conf snippet to use
DEBUG_PREFIX_MAP = "" if the user wants to optimize the build for
debugging.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 413ed3c3ec
---------------------------
oe-selftest: devtool ide-sdk cover vscode remote debugging
This adds more test coverage for devtool ide-sdk, with VSCode. The cmake
test case has now a full remote debugging test on Qemu. The test checks
the generated launch.json and tasks.json files, starts gdbserver and
connects to it. The test verifies breakpoints, variables and source file
listing.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3b6d435fba
---------------------------
devtool: ide-sdk: vscode replace scripts
Write the ssh command to start gdbserver on target directly into the
tasks.json. This avoids the need to create one more script file on the
host. It also simplifies manual modifications of VSCode's standard
tasks.json which is much more handy than modifying multiple proprietary
scripts used to launch gdbserver.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4dc41802c9
---------------------------
devtool: ide-sdk: make install_and_deploy script pass target arg
Previously, the target was hardcoded in the install_and_deploy script,
limiting flexibility. This change allows passing the target as a
command-line argument, enabling IDEs to configure the target dynamically
rather than only at IDE configuration generation time.
This is a first step towards making the target configurable from the IDE.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6dc10f282b
---------------------------
devtool: ide-sdk: move code to ide_none
Move code which is used by the ide_none plugin from the base class
to the ide_none plugin. This is just a refactoring, no functional
change.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1191710876
---------------------------
devtool: ide-sdk: add gdbserver attach mode support
Enhance remote debugging configuration to support multiple modes
per executable binary. This adds support for gdbserver's attach
mode as an additional debug configuration.
When the binary is detected to run as a systemd service or SysV
init script, an attach debug configuration is generated alongside
the regular configuration that starts the process via gdbserver.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3fafab6eef
---------------------------
oe-selftest: devtool: check example services are running
When running the devtool ide-sdk test with qemu, verify that the example
services are actually running on the target by using pgrep to check for
the example executable names.
Also verify that the configuration files in /etc are owned by the proper
user and group, both before and after the install_and_deploy scripts
have run. This is also a check that the install_and_deploy scripts
are working correctly with pseudo.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b5ea7f3dc0
---------------------------
cpp-example: run as a service
Extend the C++ example to run as systemd/SysV services
This change adds service capability to the existing C++ example without
modifying its original behavior. The example can now run either as:
- One-shot executables (existing behavior)
- Long-running services via systemd or SysV init
The service runs as an unprivileged user/group, demonstrating security
best practices for service development. This introduces additional
complexity to the build process, particularly around proper pseudo usage
in development builds. The implementation includes:
- Service configuration files (systemd .service and SysV init script)
- Dedicated user/group creation with appropriate permissions
- JSON configuration file for runtime customization, owned by the
service user
- Command-line --endless flag to enable service mode
- Full support for both CMake and Meson build systems
This enhancement enables testing debugger configurations that attach to
running processes, expanding the examples' utility for development tools.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fe88b61e79
---------------------------
oe-selftest: devtool: DevtoolIdeSdkTests debug logging
Add optional debug logging to all runCmd calls in DevtoolIdeSdkTests
to improve debugging capabilities when tests fail. The logging is only
enabled when the test logger is set to DEBUG level.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6ab7e9e8e5
---------------------------
devtool: ide-sdk find bitbake-setup init-build-env
With poky the oe-init-build-env script from the top level directory of
the layer with the higher priority is used to setup the build
environment.
This does no longer work with bitbake-setup. The directory layout
changed and the script is now called init-build-env. Skip the old
implementation if $TOPDIR/init-build-env exists and use it instead.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cafee0adc1
---------------------------
curl: Backport a patch to make curl work when aws support is disabled
This avoids the following error when using curl from curl-native:
$ oe-run-native curl-native curl https://www.example.com
Getting sysroot...
curl: (48) An unknown option was passed in to libcurl
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 85327e3a6f
---------------------------
busybox: adapt busybox-udhcpd init script to new start-stop-daemon path
Commit 9998d91f982cd323fa5da20edda8b1828bd4fb5d moved start-stop-daemon
from /sbin to /usr/sbin.
Adapt busybox-udhcpd to this change.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5ec4156330
---------------------------
avahi: patch CVE-2025-68471
Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9f2ed8adc3
---------------------------
avahi: patch CVE-2025-68468
Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 183d0ee54f
---------------------------
avahi: patch CVE-2026-24401
Details https://nvd.nist.gov/vuln/detail/CVE-2026-24401
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 84eff5afcf
---------------------------
mtd-utils: fix ubifs packaging
This change moves fsck.ubifs and mount.ubifs to correct package.
Noticed when lzo was installed to ubi-less image additionally when
upgrading from scarthgap to master as being dependency of fsck.ubifs.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6f3aab6bfa
---------------------------
selftest: Test installation of recipes with complex packaging
When recipes have complex and dynamic packaging, it's easy to
accidentally end up with one or more packages that build but can't be
installed. We've seen this recently with linux-firmware [1].
Skimming through the recipes that set PACKAGESPLITFUNCS or
PACKAGES_DYNAMIC or are otherwise known offenders, I've also picked out
gstreamer1.0-plugins-*, kernel-modules, perl and python3 as recipes
where it would be easy to end up with similar issues in the future.
[1]: https://lore.kernel.org/openembedded-core/20260123163305.880111-1-dmitry.baryshkov@oss.qualcomm.com/
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 933394adcb
---------------------------
spdx30_tasks: Exclude 'doc' when exporting PACKAGECONFIG to SPDX
Currently when generating an SBOM, all packages have the 'doc' feature
indicated as disabled. This is in fact *not* a feature that was
declared in the recipe, but instead the documentation of the
PACKAGECONFIG variable.
But to be safe, if somehow a feature is named 'doc' and enabled, do
not exclude it when exporting PACKAGECONFIG features to SPDX.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 99792ab6ba
---------------------------
libevent: merge inherit statements
Merge the separate inherit statements into a single one for
improved readability and consistency with OE style.
No functional change intended.
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a5e18714ae
---------------------------
classes/buildhistory: Do not sign buildhistory commits
This change adds the --no-gpg-sign option to prevent buildhistory
commits from failing due to GPG signing issues. Depending on the setup,
buildhistory may fail to create a commit if the user has the
commit.gpgsign option enabled.
For example, if the user creates a signing key that requires a password,
the commit won't be created and will fail with the following error:
/
|error: Enter passphrase: Load key "/home/<user>/.ssh/id_ed25519":
|incorrect passphrase supplied to decrypt private key?
|fatal: failed to write commit object
\
The bitbake command won't fail, but buildhistory won't have a commit.
Also, the commit may silently fail when building inside a container due
to missing packages or issues with accessing the GPG agent.
This is similar to [1], and signing the buildhistory commit
should be avoided to prevent such issues.
1 - https://git.openembedded.org/openembedded-core/commit/?id=7595a0a63a933af9dd9d1e458dc34a4ba80d9eae
Signed-off-by: Fabio Berton <fabio.berton@ctw.bmwgroup.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a4fe869de5
---------------------------
cmake: upgrade 4.2.2 -> 4.2.3
Release notes are available at [0].
[0]: https://cmake.org/cmake/help/v4.2/release/4.2.html#id3
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a70dccd7d6
---------------------------
libgcrypt: upgrade 1.11.2 -> 1.12.0
License-Update: Remove occurrences of old FSF postal address[1]
ChangeLog:
https://github.com/gpg/libgcrypt/blob/libgcrypt-1.12.0/NEWS
[1] https://github.com/gpg/libgcrypt/commit/67b8da4ef62734927e061327efa9a6f48616d114
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 65ff15ea4e
---------------------------
vulkan-volk: upgrade 1.4.335.0 -> 1.4.341.0
License-Update: copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 171a79d4c1
---------------------------
vulkan-validation-layers: upgrade 1.4.335.0 -> 1.4.341.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aefab32037
---------------------------
vulkan-utility-libraries: upgrade 1.4.335.0 -> 1.4.341.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 71f058f7d0
---------------------------
vulkan-tools: upgrade 1.4.335.0 -> 1.4.341.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5465f5dc27
---------------------------
vulkan-loader: upgrade 1.4.335.0 -> 1.4.341.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2e7c96364e
---------------------------
vulkan-headers: upgrade 1.4.335.0 -> 1.4.341.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8cc203fc04
---------------------------
glslang: upgrade 1.4.335.0 -> 1.4.341.0
Changelog:
===========
- Allow gl_FragDepth identifier to be redeclared
- Replace 'GL_TASK(MESH)_SHADER_NV' with 'GL_TASK(MESH)_SHADER_EXT'
- Scalarize swizzled MeshEXT stores
- Support GL_EXT_long_vector
- Add missing preamble #define for GL_EXT_nontemporal_keyword
- Support GL_NV_push_constant_bank
- Support GL_EXT_descriptor_heap
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b996eda229
---------------------------
spirv-tools: upgrade 1.4.335.0 -> 1.4.341.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: af5c7b2aeb
---------------------------
spirv-headers: upgrade 1.4.335.0 -> 1.4.341.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4b59992e6f
---------------------------
shaderc: upgrade 2025.5 -> 2026.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 479ccd3f12
---------------------------
repo: upgrade 2.61 -> 2.61.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 58aa839f55
---------------------------
python3-uv-build: upgrade 0.9.26 -> 0.9.28
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 33c94ff331
---------------------------
python3-psutil: upgrade 7.2.1 -> 7.2.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3d8af1eeef
---------------------------
python3-pip: upgrade 25.3 -> 26.0
License-Update: Copyright year updted to 2025
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5246bf5432
---------------------------
python3-pdm-backend: upgrade 2.4.6 -> 2.4.7
Changelog:
===========
- Allow user to override wheel with multiple plat tags
- Switch dev-dependencies to dependency-groups
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7611c316c2
---------------------------
python3-pathspec: upgrade 1.0.3 -> 1.0.4
Changelog:
Using re2 fails if pyre2 is also installed.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c36eaad635
---------------------------
python3-hypothesis: upgrade 6.150.3 -> 6.151.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e1ee683c28
---------------------------
python3-dbusmock: upgrade 0.37.2 -> 0.38.1
Changelog:
=============
- polkitd: Add RegisterAuthenticationAgentWithOptions
- logind: Add SetWallMessage
- README: Update outdated and broken examples, move to addCleanup()
- Move all license comments to SPDX-License-Identifier
- tests: Skip test_readme_examples if README.md is not present
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2e78b6667b
---------------------------
python3-cryptography: upgrade 46.0.3 -> 46.0.4
Changelog:
============
- Dropped support for win_arm64 wheels.
- Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 333fb4a737
---------------------------
python3-babel: upgrade 2.17.0 -> 2.18.0
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d6912006c5
---------------------------
libxxf86vm: upgrade 1.1.6 -> 1.1.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fd426f14e3
---------------------------
libxvmc: upgrade 1.0.14 -> 1.0.15
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 38ee00584b
---------------------------
libxrandr: upgrade 1.5.4 -> 1.5.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 767f686226
---------------------------
libxpm: upgrade 3.5.17 -> 3.5.18
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b235ea79e6
---------------------------
libxmu: upgrade 1.2.1 -> 1.3.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ea050910cb
---------------------------
libxinerama: upgrade 1.1.5 -> 1.1.6
License-Update: 2025 added to Copyright and "All rights reserved." removed.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a1094e22a2
---------------------------
libxext: upgrade 1.3.6 -> 1.3.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6857e5e190
---------------------------
libxdamage: upgrade 1.1.6 -> 1.1.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bedbd5b94a
---------------------------
libxcomposite: upgrade 0.4.6 -> 0.4.7
License-Update: "All rights reserved." removed.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 45573da807
---------------------------
liburcu: upgrade 0.15.5 -> 0.15.6
Changelog:
===========
* urcu-mb: Add missing TSAN annotation to _urcu_mb_read_lock_update
* lfstack: Coding style cleanup
* urcu-qsbr: Use CMM_SEQ_CST_FENCE for _urcu_qsbr_thread_online
* urcu-mb: Use CMM_SEQ_CST_FENCE for _urcu_mb_read_lock_update
* urcu-qsbr: Use CMM_SEQ_CST_FENCE for quiescent state update and offline
* urcu-mb: Use CMM_SEQ_CST_FENCE for _urcu_mb_read_unlock_update_and_wakeup
* Fix: Only include linux/time_types.h when __NR_futex_time64 is defined
* Use __NR_futex_time64 in futex syscall wrapper
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: de328ceaa2
---------------------------
git: upgrade 2.52.0 -> 2.53.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c52411a496
---------------------------
gi-docgen: upgrade 2025.5 -> 2026.1
Changelog:
===========
- Parse method-inline for records, unions and interfaces
- Use dot's `svg_inline` output format
- Fix Red Hat Display italic font-face
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f836e0d9a6
---------------------------
dos2unix: upgrade 7.5.3 -> 7.5.4
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 121dcc0c65
---------------------------
diffoscope: upgrade 306 -> 311
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1218499d02
---------------------------
aspell: upgrade 0.60.8.1 -> 0.60.8.2
0001-modules-speller-default-vector_hash-t.hpp-fix-gcc-15.patch
removed since it's included in 0.60.8.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7a5237b7ae
---------------------------
go: upgrade 1.25.6 -> 1.25.7
Upgrade to latest 1.25.x release [1]:
$ git --no-pager log --oneline go1.25.6..go1.25.7
eaf3bc799a (tag: go1.25.7) [release-branch.go1.25] go1.25.7
c7d189e65c [release-branch.go1.25] crypto/tls: document resumption behavior across Configs
4512014530 [release-branch.go1.25] crypto/tls: revalidate whole chain on resumption on Windows and macOS
d5987bff8a [release-branch.go1.25] crypto/tls: check verifiedChains roots when resuming sessions
c2d04c0994 [release-branch.go1.25] crypto/tls: add verifiedChains expiration checking during resumption
6b1110a40f [release-branch.go1.25] Revert "crypto/tls: don't copy auto-rotated session ticket keys in Config.Clone"
0765a9d624 [release-branch.go1.25] crypto/x509: fix single label excluded name constraints handling
b19100991a [release-branch.go1.25] cmd/go: remove user-content from doc strings in cgo ASTs.
738bc3a33c [release-branch.go1.25] cmd/compile: during regalloc, fixedreg values are always available
Fixes CVE-2025-61732 and CVE-2025-68121.
Release information: [2]
[1] https://github.com/golang/go/compare/go1.25.6...go1.25.7
[2] https://groups.google.com/g/golang-announce/c/K09ubi9FQFk
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1e73d0826b
---------------------------
ltp: upgrade 20250930 -> 20260130
ChangeLog:
https://github.com/linux-test-project/ltp/releases/tag/20260130
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 34ffdfee81
---------------------------
mesa: remove libxml2-native dependency
Native libxml2 is only needed for xmllint which in turn is only needed
when build-tests meson option is enabled, which defaults to disabled and
isn't enabled by the recipe.
We may need to revisit this if we add ptest support in mesa I assume.
Let's remove it from the DEPENDS for now.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e2010da0f1
---------------------------
mesa: make zlib dependency a PACKAGECONFIG
zlib is a mesa meson feature which can be disabled so let's make it a
PACKAGECONFIG.
The motivation actually isn't about disabling it (though we now could as
it's only required for a few things) but rather that this dependency is
a non-native one.
The issue is when a native-only (-native recipe name suffix + inherit
native) recipe includes mesa.inc, it'll include the DEPENDS as well but
will then depend on a non-native recipe because BitBake doesn't add a
suffix to dependencies listed in DEPENDS for native-only recipes like it
does for recipes with BBCLASSEXTEND = native. This is a way to
circumvent the issue by making the dependency a PACKAGECONFIG dependency
such that the listed DEPENDS (third parameter) will be properly modified
by BitBake to have the native variant of the recipe pulled in. See[1]
for more info on why this is needed.
This is in preparation for the addition of a mesa-tools-native
native-only package which will include mesa.inc.
[1] https://lore.kernel.org/openembedded-core/07cd1d3c-4d67-4e60-b3d3-75953784f70f@cherry.de/
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 833aa072f7
---------------------------
mesa: make expat dependency a PACKAGECONFIG
expat is a mesa meson feature which can be disabled so let's make it a
PACKAGECONFIG.
The motivation actually isn't about disabling it (though we now could as
it's only required for a few things) but rather that this dependency is
a non-native one.
The issue is when a native-only (-native recipe name suffix + inherit
native) recipe includes mesa.inc, it'll include the DEPENDS as well but
will then depend on a non-native recipe because BitBake doesn't add a
suffix to dependencies listed in DEPENDS for native-only recipes like it
does for recipes with BBCLASSEXTEND = native. This is a way to
circumvent the issue by making the dependency a PACKAGECONFIG dependency
such that the listed DEPENDS (third parameter) will be properly modified
by BitBake to have the native variant of the recipe pulled in. See[1]
for more info on why this is needed.
Now that expat is a PACKAGECONFIG and that if it's not there expat isn't
autodetected anymore by meson, having xmlconfig PACKAGECONFIG add expat
as a DEPENDS (third parameter) is likely not enough anymore due to expat
feature being explicitly disabled if expat is not in PACKAGECONFIG.
Therefore, remove the third parameter for xmlconfig and add a comment
telling the user there's a PACKAGECONFIG dependency here. Note that
since this commit adds the expat PACKAGECONFIG to all recipes including
mesa.inc, no change in behavior is expected.
This is in preparation for the addition of a mesa-tools-native
native-only package which will include mesa.inc.
[1] https://lore.kernel.org/openembedded-core/07cd1d3c-4d67-4e60-b3d3-75953784f70f@cherry.de/
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5104df54df
---------------------------
mesa: update patch status
This patch was actually merged in main branch, so let's update the patch
status to reflect that.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 01a17de690
---------------------------
mesa: upgrade 25.3.3 -> 25.3.4
Upgrade mesa to the latest stable release.
See https://docs.mesa3d.org/relnotes/25.3.4.html for release notes and
sha256sum.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aae793a17e
---------------------------
jquery: remove recipe
Now that the reproducible selftest doesn't use this recipe, it is no
longer used by any recipes that I can find.
There is an alternative jquery recipe in meta-oe that is slightly
different and has packaging consistent with with javascript recipes in
the same layer.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d3ee5497b1
---------------------------
oeqa/selftests/reproducible: use the jQuery CDN instead of jquery-native
Instead of building jquery-native and then copying the file into the
expected place in the build tree, simply tell diffoscope to load jQuery
from their CDN.
In the slim chance that the diffoscope report is viewed offline, the
only regression is that sections cannot be collapsed.
The advantage to this approach is that we no longer need to maintain a
jquery-native recipe simply for the reproducible selftests.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 399ef1c3a9
---------------------------
oeqa/selftest/reproducible: clean up formatting in a long command line
No code changes, just formatting.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bd89d1c018
---------------------------
hosttools: force a --no-rosegment option if host ld supports it
Please see https://bugzilla.yoctoproject.org/show_bug.cgi?id=16087
for the tricky, unpleasant details.
The summary of the issue:
>From Fedora 42 onwards, the --rosegment argument is passed to the
linker by default when building native binaries. This triggers
re-arrangement of sections by patchelf, resulting in binaries which
are loaded incorrectly by older kernel versions. These "contaminated"
native binaries end up in sstate and cause build failures when they
are used on older distros such as AlmaLinux 8 & 9 or Rocky Linux 8 &
9.
[YOCTO #16087]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: adfb5c26f7
---------------------------
scripts/install-buildtools: Update to 5.3.1
Update to the 5.3.1 release of the 5.3 series for buildtools
Signed-off-by: Aleksandar Nikolic <aleksandar.nikolic22@pm.me>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0e18934744
---------------------------
harfbuzz: upgrade 12.3.1 -> 12.3.2
Changelog:
https://github.com/harfbuzz/harfbuzz/releases/tag/12.3.2
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 78de34a957
---------------------------
utfcpp: upgrade 4.0.8 -> 4.0.9
A minor release: removing static asserts for C++98/03 builds
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f5d2ecb6df
---------------------------
mpg123: upgrade 1.33.3 -> 1.33.4
Changelog:
mpg123: In terminal control, ignore 7-bit escape sequences to avoid spurious actions, e.g. when hitting cursor keys.
ports/cmake: Avoid possibly conflicting use of SIZEOF_OFF_T CMake variable when embedding mpg123 with other projects using cmake and different off_t semantics.
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 61faf2f4f6
---------------------------
openssh: replace hardcoded paths by standard paths
Use common definitions from bitbake.conf instead of hardcoded values for
OPENSSH_HOST_KEY_DIR and OPENSSH_HOST_KEY_DIR_READONLY_CONFIG.
Fixes: addd80ddfd89 ("openssh: add variable for key path")
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 69ee8fd5c8
---------------------------
python3-wcwidth: upgrade 0.3.1 -> 0.5.3
Changelog:
https://github.com/jquast/wcwidth/releases/tag/0.5.3
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f77062528d
---------------------------
python3-cffi: Make test_parsing more resilient to changes in pycparser
Add patch 0001-Make-test_parsing-more-resilient-to-changes-in.patch to fix ptest error when python3-pycparser updated to 3.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ee1a997f0f
---------------------------
rust: Upgrade 1.92.0 -> 1.93.0
https://blog.rust-lang.org/2026/01/22/Rust-1.93.0/
Rust changes: https://github.com/rust-lang/rust/releases/tag/1.93.0
Cargo changes: https://doc.rust-lang.org/nightly/cargo/CHANGELOG.html#cargo-193-2026-01-22
* rust-oe-selftest.patch updated for 1.93:
Renamed UI test directive from add-core-stubs to add-minicore as in
https://github.com/rust-lang/rust/commit/3796f7de57f5d4cf4325d1f13aeb07fdaa57983b
* OE-selftests:
- Exclude src/tools/remote-test-client from test suite.
This unit test modifies the TEST_DEVICE_ADDR environment variable,
which breaks the OE test harness that uses the same variable for
QEMU remote testing. Filed a bug with upstream:
https://github.com/rust-lang/rust/issues/151823
- Enable +v8a feature for cortexa57.
Rust 1.93.0 added a regression test (PR #149549) to verify that the
ARMv8-A system register ttbr0_el2 is recognized in inline assembly.
This addresses issue #97724 where LLVM wasn't recognizing ttbr0_el2
as a valid register. Upstream Rust enables +v8a by default for all
AArch64 targets (PR #105026), but Yocto's custom target specification
doesn't inherit this. Adding +v8a ensures LLVM recognizes ARMv8-A
system registers, fixing the test failure.
Related upstream links:
- PR #149549: https://github.com/rust-lang/rust/pull/149549
- Issue #97724: https://github.com/rust-lang/rust/issues/97724
- PR #105026: https://github.com/rust-lang/rust/pull/105026
Test results:
rust v1.93.0
+-------------+--------+---------+
| Machine | Passed | Skipped |
+-------------+--------+---------+
| qemux86-64 | 21,689 | 646 |
| qemux86 | 21,439 | 896 |
| qemuarm64 | 21,495 | 840 |
| qemuarm | 21,421 | 914 |
| qemuriscv64 | 21,466 | 869 |
+-------------+--------+---------+
Test results difference (1.93.0 - 1.92.0):
+-------------+--------+---------+
| Machine | Passed | Skipped |
+-------------+--------+---------+
| qemux86-64 | +205 | +33 |
| qemux86 | +205 | +33 |
| qemuarm64 | +206 | +32 |
| qemuarm | +205 | +33 |
| qemuriscv64 | +205 | +33 |
+-------------+--------+---------+
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9b55e191fb
---------------------------
lttng-tools: Upgrade 2.14.0 -> 2.14.1
Remove 0001-gen-ust-events-constructor-change-rpath-to-libdir-li.patch
as the logic is included in 2.14.1 [1].
Remove 0001-eventfd.cpp-Remove-the-scope-resolution-operator.patch as
the logic is included in 2.14.1 [2].
Remove 0001-liblttng-ctl-drop-index-allocator-symbols-from-versi.patch
as the logic is included in 2.14.1 [3].
util_event_generator.sh is renamed to util_event_generator.py [4] and
the .py install logic in included as below.
find "${B}/tests/$d" -maxdepth 1 -type f -name "*.py" \
-exec install -t "${D}${PTEST_PATH}/tests/$d" {} +
# ./run-ptest
[snip]
PASS: test_ust_data 8 - Validate UST event
PASS: test_ust_data 9 - Create UST context
PASS: test_ust_data 10 - Validate UST context
PASS: test_ust_data 11 - Validate string length
PASS: test_ust_data 12 - Create UST exclusion
PASS: test_ust_data 13 - Create UST event with identical exclusion names fails
PASS: test_ust_data 14 - Create UST exclusion
PASS: test_ust_data 15 - Create UST event with different exclusion names
PASS: test_ust_data 16 - Validate UST event and exclusion
============================================================================
Testsuite summary for lttng-tools 2.14.1
============================================================================
# TOTAL: 1089
# PASS: 1089
# SKIP: 0
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
[1] https://github.com/lttng/lttng-tools/commit/409ea456e181a769fc7e4b0a44823be0bdc8b9ce
[2] https://github.com/lttng/lttng-tools/commit/e58aac43fc498e48eb0bfb871dd5b50e54a5e93e
[3] https://github.com/lttng/lttng-tools/commit/e7eaad663489f8a12568f8ca84429b6ed64dc8c5
[4] https://github.com/lttng/lttng-tools/commit/7126bceecea9ed5d981863400ee7c4ba13042871
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 61d337c966
---------------------------
oeqa/logparser: ignore comments in the test log
Whilst the log format is normally pretty simple:
PASS: foo
SKIP: bar
It's entirely possible for there to be an explanatory comment:
SKIP: bar # only runs under Windows
We currently use the entire string after the test state as the test
name, which includes the comment. This can lead to long test names, for
example:
test_dtype.py:TestStructuredObjectRefcounting.test_structured_object_
create_delete[ones-1-<subarray>]_#_SKIP_Python_3.12_has_immortal_
refcounts,_this_test_will_no_longer_work._See_gh-23986
Whilst these test names are very long it isn't normally a problem, but
some packages have non-deterministic skip messages:
test_ufunc.py:TestUfunc.test_identityless_reduction_huge_array_#_
SKIP_6.442450944_GB_memory_required,_but_3.366531072_GB_available
This leads to churn in the test reports.
The comment isn't needed, so strip it out when computing the test name.
Note that this will result in a number of tests disappearing in the test
reports, with an identical number of new tests appearing.
[1] https://www.gnu.org/software/automake/manual/automake.html#Scripts_002dbased-Testsuites-1
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d7c8cacaa9
---------------------------
python3-unittest-automake-output: upgrade to 0.4
Notable changes:
pytest: handle skipping without custom message
tests: update test output based on latest pytest
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1e6b810f60
---------------------------
gawk: trim native build configuration
When we build gawk-native it is only for use in builds where the host
gawk output isn't reproducible across versions[1]. As such it doesn't
need support for readline or mprf, and by removing those from gawk-native
we can get building gawk-native sooner.
[1] oe-core c5bbf0a60b ("gawk: use native gawk when building glibc and grub")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d7d9044a8d
---------------------------
Revert "mdadm: upgrade 4.4 -> 4.5"
This reverts commit 15de700d5f3d42a3b897301a92c3ffb86c5b42a7.
Unfortunately the update is causing reproducibility issues:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/37/builds/3317
https://valkyrie.yocto.io/pub/repro-fail/oe-reproducible-20260209-a0dgcw5d/packages/diff-html/
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7d24dc005f
---------------------------
python3-packaging: upgrade 25.0 -> 26.0
Skip the testcase test_pylock.py as this depends on tomli_w, which isn't
currently part of core.
Upstream changelog:
Features:
* PEP 751: support pylock
* PEP 794: import name metadata
* Support for writing metadata to a file
* Support __replace__ on Version
* Support positional pattern matching for Version and SpecifierSet
Behavior adaptations:
* PEP 440 handling of prereleases for Specifier.contains,
SpecifierSet.contains, and SpecifierSet.filter
* Handle PEP 440 edge case in SpecifierSet.filter
* Adjust arbitrary equality intersection preservation in SpecifierSet
* Return False instead of raising for .contains with invalid version
* Support arbitrary equality on arbitrary strings for Specifier and
SpecifierSet's filter and contains method.
* Only try to parse as Version on certain marker keys, return False on
unequal ordered comparisons
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9ab59c7cf3
---------------------------
linux-yocto/6.18: update to v6.18.8
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
d905362ff5b86 Linux 6.18.8
5b0caf3913e72 mm/vma: enforce VMA fork limit on unfaulted,faulted mremap merge too
a4d9dbfc1bab1 mm/vma: fix anon_vma UAF on mremap() faulted, unfaulted merge
9966c8cc987e3 irqchip/renesas-rzv2h: Prevent TINT spurious interrupt during resume
79966baabcfe9 arm64: dts: qcom: talos: Correct UFS clocks ordering
25be3c170ff8e iio: core: add separate lockdep class for info_exist_lock
2dabc85131c84 iio: core: Replace lockdep_set_class() + mutex_init() by combined call
c5dbad55ce02a mm/hugetlb: fix two comments related to huge_pmd_unshare()
918ba220debc4 mm: fix some typos in mm module
908795c02dbc7 Bluetooth: btintel_pcie: Support for S4 (Hibernate)
ab140fc931083 gpio: cdev: Fix resource leaks on errors in gpiolib_cdev_register()
16414341b0dd5 gpio: cdev: Fix resource leaks on errors in lineinfo_changed_notify()
919f27eb24b0e gpio: cdev: Correct return code on memory allocation failure
e7200b0a4b2a5 drm/xe: fix WQ_MEM_RECLAIM passed as max_active to alloc_workqueue()
85d4652f9cdcf drm/xe: Adjust page count tracepoints in shrinker
569ed6a73e927 drm/bridge: synopsys: dw-dp: fix error paths of dw_dp_bind
ce2cca8e27d16 drm/amdgpu: remove frame cntl for gfx v12
07e9373739c63 can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak
d374d715e338d can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak
3b1a593eab941 can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak
a9503ae43256e can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak
68c62b3e53901 can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak
aac95b3dd1c26 net: txgbe: remove the redundant data return in SW-FW mailbox
69b5b028fc130 net: sfp: add potron quirk to the H-COM SPP425H-GAB4 SFP+ Stick
326470b33c28a net: fec: account for VLAN header in frame length calculations
03faa61eb4b9c irqchip/gic-v3-its: Avoid truncating memory addresses
cdb3f95a94f9f perf/x86/intel: Do not enable BTS for guests
f8cf1368e0a54 rxrpc: Fix data-race warning and potential load/store tearing
8a957e6d3d262 rust: irq: always inline functions using build_assert with arguments
ad60902a98181 rust: io: always inline functions using build_assert with arguments
8776dfa846d5c pmdomain:rockchip: Fix init genpd as GENPD_STATE_ON before regulator ready
fd675de6bddf7 pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu
bbcca5a60c88a platform/x86: hp-bioscfg: Fix automatic module loading
9f5fa78d9980f netrom: fix double-free in nr_route_frame()
92e4f11e29b98 uacce: ensure safe queue release with state management
ba29b59d124e7 uacce: implement mremap in uacce_vm_ops to return -EPERM
82821a681d5dc uacce: fix isolate sysfs check condition
bd2393ed77125 uacce: fix cdev handling in the cleanup path
242cbb3df97af s390/boot/vmlinux.lds.S: Ensure bzImage ends with SecureBoot trailer
ea1b2081d594b s390/ap: Fix wrong APQN fill calculation
f1cb33a82818d mei: trace: treat reg parameter as string
f9b059bda4276 intel_th: fix device leak on output open()
3b90d099efa2b tracing: Fix crash on synthetic stacktrace field usage
6602bb4d1338e slimbus: core: fix device reference leak on report present
5f13c946ca449 slimbus: core: fix runtime PM imbalance on report present
b8a2639341951 octeontx2: Fix otx2_dma_map_page() error return code
d1943bc9dc950 ksmbd: smbd: fix dma_unmap_sg() nents
6e32070d29d1a arm64: Set __nocfi on swsusp_arch_resume()
7b5a52cf252a0 arm64/fpsimd: signal: Fix restoration of SVE context
70f7f54566afc arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA
4f39984176e7e arm64/fpsimd: ptrace: Fix SVE writes on !SME systems
31efbcff90884 wifi: rsi: Fix memory corruption due to not set vif driver data size
0adefb6396d7b wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize()
4846b32be324f wifi: ath12k: fix dma_free_coherent() pointer
07f363f305793 wifi: ath10k: fix dma_free_coherent() pointer
448a2071a8438 drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit)
41ec698854781 iommu/io-pgtable-arm: fix size_t signedness bug in unmap path
36be050f21dea mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode
6c4555bfd4383 mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function
dc1a5dd80af1e ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()
31a3eba5c265a ALSA: scarlett2: Fix buffer overflow in config retrieval
29f43e8ec7bf0 ALSA: hda/realtek: Add quirk for Samsung 730QED to fix headphone
873e2360d247e ALSA: ctxfi: Fix potential OOB access in audio mixer handling
59e54709f9a97 iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl
db16e7c52032c iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source
de8755ae2912d iio: chemical: scd4x: fix reported channel endianness
d06a4f6c2b186 iio: adc: pac1934: Fix clamped value in pac1934_reg_snapshot
b6ffc2de37253 iio: adc: exynos_adc: fix OF populate on driver rebind
d890234a91570 iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver
348356c91909f iio: adc: ad9467: fix ad9434 vref mask
ad25bb51203d0 iio: accel: iis328dq: fix gain values
fa322c8bb2ea4 iio: accel: adxl380: fix handling of unavailable "INT1" interrupt
1b68efce6dd48 migrate: correct lock ordering for hugetlb file folios
1093e0a96d168 of: platform: Use default match table for /firmware
7685286dd7a5e of: fix reference count leak in of_alias_scan()
67270881c8cf2 panic: only warn about deprecated panic_print on write access
78822628165f3 leds: led-class: Only Add LED to leds_list when it is fully ready
c9aeb168e88d2 keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal
4040b84ec04a6 x86: make page fault handling disable interrupts properly
e343973fab43c Octeontx2-af: Add proper checks for fwdata
236a657422a56 dpll: Prevent duplicate registrations
6c75fed550800 net/sched: act_ife: avoid possible NULL deref
3b796b1ecfd3b hinic3: Fix netif_queue_set_napi queue_index input parameter error
84ef86aa71204 vsock/virtio: cap TX credit to local buffer size
0aa25bbfd5ea5 vsock/test: fix seqpacket message bounds test
ec0f1b3da8061 vsock/virtio: fix potential underflow in virtio_transport_get_credit()
095ec3482a7d3 net: openvswitch: fix data race in ovs_vport_get_upcall_stats
e22381c1299f7 octeontx2-af: Fix error handling
b658306ce3835 net: pcs: pcs-mtk-lynxi: report in-band capability for 2500Base-X
cccf79f688de9 net: dsa: fix off-by-one in maximum bridge ID determination
05f8f55899289 net: bcmasp: Fix network filter wake for asp-3.0
de97735a40a14 bonding: provide a net pointer to __skb_flow_dissect()
cb32707497d48 selftests: net: amt: wait longer for connection before sending packets
31410a01a86bc be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list
f47c6e5a532cc drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors
fbc8d1a39da9f drm/nouveau: add missing DCB connector types
8fd181dada6ea drm/amdgpu: fix type for wptr in ring backup
c6ec1f665f8f7 drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2)
c85aac064f5c2 drm/amd/pm: Don't clear SI SMC table when setting power limit
91243b926ae96 drm/amd/pm: Fix si_dpm mmCG_THERMAL_INT setting
79a074be9b57e sched/fair: Fix pelt clock sync when entering idle
23c0e4bd93d0b perf: Fix refcount warning on event->mmap_count increment
9d88a79e9018c selftests/ublk: fix garbage output in foreground mode
e2f4eac26f018 selftests/ublk: fix error handling for starting device
814e8643b453d selftests/ublk: fix IO thread idle check
26bf09b6320b8 ublk: fix ublksrv pid handling for pid namespaces
437553d649647 drm/xe: Update wedged.mode only after successful reset policy change
7c49c91121194 drm/xe/pm: Add scope-based cleanup helper for runtime PM
e59924c266a45 drm/xe/migrate: fix job lock assert
9bba27c222e0e drm/xe/uapi: disallow bind queue sharing
54c19e7eb2636 clocksource: Reduce watchdog readout delay limit to prevent false positives
0db865321e63d Octeontx2-pf: Update xdp features
00a39a148d2fb usbnet: limit max_mtu based on device's hard_mtu
e3c1040252e59 ipv6: annotate data-race in ndisc_router_discovery()
7ac345a93af31 mISDN: annotate data-race around dev->work
d7beeb64be5ca net: hns3: fix the HCLGE_FD_AD_NXT_KEY error setting issue
bb90d1799073d net: hns3: fix wrong GENMASK() for HCLGE_FD_AD_COUNTER_NUM_M
5e5dae04ef971 be2net: fix data race in be_get_new_eqd
7539ae6c67a75 idpf: Fix data race in idpf_net_dim
b29f51399626b net: hns3: fix data race in hns3_fetch_stats
1f24dfd556401 net: phy: intel-xway: fix OF node refcount leakage
2ea06ebaa4abd idpf: read lower clock bits inside the time sandwich
87c1dacca197c ice: fix devlink reload call trace
a3d99e2fbf014 ice: add missing ice_deinit_hw() in devlink reinit path
ec0bfc3ed7e7f ice: Fix persistent failure in ice_get_rxfh
68462ecc40ea8 netdevsim: fix a race issue related to the operation on bpf_bound_progs list
9eb4e2396cd7f vsock/test: Do not filter kallsyms by symbol type
902fd1026ca42 drm/imagination: Wait for FW trace update command completion
eb98125fa2b33 drm/mediatek: dpi: Find next bridge during probe
fccaa85ffb73c drm/xe: Disable timestamp WA on VFs
aa29fe8c1d86b drm/xe/vm: fix xe_vm_validation_exec() kernel-doc
bc0812416e089 drm/xe/xe_late_bind_fw: fix enum xe_late_bind_fw_id kernel-doc
a807e4f4f63a5 iommu/amd: Fix error path in amd_iommu_probe_device()
06657690854fa ntb: transport: Fix uninitialized mutex
ecb2c8732680c ALSA: usb: Increase volume range that triggers a warning
aa14451fa5d5f scsi: qla2xxx: Sanitize payload size to prevent member overflow
219f009ebfd1e scsi: core: Wake up the error handler when final completions race against each other
1a0072bd1f1e5 platform/x86/amd: Fix memory leak in wbrf_record()
5f1f79cb90f5e platform/mellanox: Fix SN5640/SN5610 LED platform data
e150008568a5d riscv: suspend: Fix stimecmp update hazard on RV32
c4b55a4c600fa riscv: clocksource: Fix stimecmp update hazard on RV32
82fb54efe7e0f kconfig: fix static linking of nconf
c2d2cf710dc3e regmap: Fix race condition in hwspinlock irqsave routine
f6d6b3f172df1 spi: spi-sprd-adi: Fix double free in probe error path
5d7c7e1fb3ec2 interconnect: debugfs: initialize src_node and dst_node to empty strings
bcb9803aa1db7 iio: adc: ad7606: Fix incorrect type for error return variable
489b88567f24d iio: adc: ad7280a: handle spi_setup() errors in probe()
81ed6e42d6e55 iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection
bdf0bf73006ea io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop
8f7c9dbeaa0be timekeeping: Adjust the leap state for the correct auxiliary timekeeper
2fc23eaea11a7 mm: restore per-memcg proactive reclaim with !CONFIG_NUMA
f723037e2bfe3 mm/rmap: fix two comments related to huge_pmd_unshare()
69c4e241ff135 mm/hugetlb: fix hugetlb_pmd_shared()
193922a23d729 platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro
800b2767905d6 platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names
83eae3692c353 drm, drm/xe: Fix xe userptr in the absence of CONFIG_DEVICE_PRIVATE
3f4ed5e2b8f11 fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in wait_sb_inodes()
ec56b9f1c1b9b comedi: Fix getting range information for subdevices 16 to 255
3fe8abec037f5 x86/kfence: avoid writing L1TF-vulnerable PTEs
930114425065f rxrpc: Fix recvmsg() unconditional requeue
f60ba4a97ae3f slab: fix kmalloc_nolock() context check for PREEMPT_RT
37a63671df78f arm64: dts: rockchip: Configure MCLK for analog sound on NanoPi M5
df546b3311582 arm64: dts: rockchip: Fix headphones widget name on NanoPi M5
7eb3e77873605 arm64: dts: rockchip: fix unit-address for RK3588 NPU's core1 and core2's IOMMU
3569a00f66a87 arm64: dts: rockchip: Fix voltage threshold for volume keys for Pinephone Pro
18d2d227ccd77 arm64: dts: rockchip: remove dangerous max-link-speed from helios64
c8039a60c31dc arm64: dts: rockchip: remove redundant max-link-speed from nanopi-r4s
808d8755fc6e6 ARM: dts: microchip: sama7d65: fix size-cells property for i2c3
5f403d64af721 ARM: dts: microchip: sama7d65: fix the ranges property for flx9
cd3c1f823e213 i2c: spacemit: drop IRQF_ONESHOT flag from IRQ request
24c441f0e24da scsi: xen: scsiback: Fix potential memory leak in scsiback_remove()
a5e4d969392ce scsi: storvsc: Process unsupported MODE_SENSE_10
bfe76b0f9f3e9 Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA
2c61ca3c5bed6 Input: i8042 - add quirks for MECHREVO Wujie 15X Pro
5d5b227c92721 Revert "nfc/nci: Add the inconsistency check between the input data length and count"
3f5ef08f302cc w1: fix redundant counter decrement in w1_attach_slave_device()
e6b2609af21b5 w1: therm: Fix off-by-one buffer overflow in alarms_store
169164fe51b27 comedi: dmm32at: serialize use of paged registers
2501c49306238 serial: Fix not set tty->port race condition
0b7383aceaad1 serial: 8250_pci: Fix broken RS485 for F81504/508/512
f4748bfa3d3e2 wifi: mac80211: don't perform DA check on S1G beacon
9532ff0d0e90f crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec
77f1afd0bb4d5 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag
16ed73c1282d3 net/sched: Enforce that teql can only be used as root qdisc
ed80f605edd6c octeontx2: cn10k: fix RX flowid TCAM mask handling
6a81e2db09691 ipvlan: Make the addrs_lock be per port
32d417497b79e l2tp: avoid one data-race in l2tp_tunnel_del_work()
a635ae2a9fdb8 pwm: max7360: Populate missing .sizeof_wfhw in max7360_pwm_ops
4230e8cd2f1b4 pwm: Ensure ioctl() returns a negative errno on error
0f6e1ff56cd27 veth: fix data race in veth_get_ethtool_stats
9b75dff8446ec fou: Don't allow 0 for FOU_ATTR_IPPROTO.
18da5acb3c03d tools: ynl: Specify --no-line-number in ynl-regen.sh.
5437a279804ce gue: Fix skb memleak with inner IP protocol 0.
392b28d404b74 amd-xgbe: avoid misleading per-packet error log
0c4adb1f391a7 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT
c3edc14da81a8 can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error
4f727c422b7fc net: freescale: ucc_geth: Return early when TBI PHY can't be found
5ebc24f9dbe4f selftests: net: fib-onlink-tests: Convert to use namespaces by default
d4ce79e6dce2a l2tp: Fix memleak in l2tp_udp_encap_recv().
43dee6f7ef1d2 bonding: limit BOND_MODE_8023AD to Ethernet devices
b9f0896f8e229 net: usb: dm9601: remove broken SR9700 support
63ef9b300bd09 vsock/virtio: Coalesce only linear skb
88037973c8ef6 igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue
41d7a27c47b8a igc: fix race condition in TX timestamp read for register 0
a38d2c624639c igc: Restore default Qbv schedule when changing channels
695c909d1815b ice: Fix incorrect timeout ice_release_res()
753171a695b93 ice: Avoid detrimental cleanup for bond during interface stop
0bc8d94bf6694 ice: initialize ring_stats->syncp
c35a0cb145f2c wifi: ath12k: Fix wrong P2P device link id issue
06ac2aa13f701 wifi: ath12k: fix dead lock while flushing management frames
c8e5f49667f5f wifi: ath12k: Fix scan state stuck in ABORTING after cancel_remain_on_channel
1aa6698924595 wifi: ath12k: cancel scan only on active scan vdev
887032ba3ff23 ata: libata: Print features also for ATAPI devices
d5529d36e7646 ata: libata: Add DIPM and HIPM to ata_dev_print_features() early return
93f484d63f873 ata: libata: Add cpr_log to ata_dev_print_features() early return
7fe7e7858b32d ata: libata-sata: Improve link_power_management_supported sysfs attribute
05db73211387f ata: libata: Call ata_dev_config_lpm() for ATAPI devices
62ced8e065787 ata: ahci: Do not read the per port area for unimplemented ports
a57459614aa69 wifi: ath12k: don't force radio frequency check in freq_to_idx()
d395afac28adb pmdomain: qcom: rpmhpd: Add MXC to SC8280XP
0f56c3f23ed56 dt-bindings: power: qcom,rpmpd: Add SC8280XP_MXC_AO
4818f28cd9023 btrfs: fix missing fields in superblock backup with BLOCK_GROUP_TREE
6abad2eb9a1bd Drivers: hv: Always do Hyper-V panic notification in hv_kmsg_dump()
4f6884288e4b7 perf parse-events: Fix evsel allocation failure
83eeeb8c1acb7 arm64: dts: rockchip: Fix wrong register range of rk3576 gpu
2d73b3ed28be1 arm64: dts: qcom: sm8650: Fix compile warnings in USB controller node
0e5ad343afa30 arm64: dts: qcom: sm8550: Fix compile warnings in USB controller node
27357b61522f7 arm64: dts: qcom: sc8280xp: Add missing VDD_MXC links
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fc75960c7f
---------------------------
linux-yocto/6.18: beaglebone black: boot and graphics fixes
Integrating the following commit(s) to linux-yocto/6.18:
1/2 [
Author: Kevin Hao
Email: haokexin@gmail.com
Subject: net: cpsw_new: Execute ndo_set_rx_mode callback in a work queue
Date: Wed, 4 Feb 2026 14:27:57 +0800
commit c0b5dc73a38f954e780f93a549b8fe225235c07a from net
Commit 1767bb2d47b7 ("ipv6: mcast: Don't hold RTNL for
IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP.") removed the RTNL lock for
IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP operations. However, this
change triggered the following call trace on my BeagleBone Black board:
WARNING: net/8021q/vlan_core.c:236 at vlan_for_each+0x120/0x124, CPU#0: rpcbind/496
RTNL: assertion failed at net/8021q/vlan_core.c (236)
Modules linked in:
CPU: 0 UID: 997 PID: 496 Comm: rpcbind Not tainted 6.19.0-rc6-next-20260122-yocto-standard+ #8 PREEMPT
Hardware name: Generic AM33XX (Flattened Device Tree)
Call trace:
unwind_backtrace from show_stack+0x28/0x2c
show_stack from dump_stack_lvl+0x30/0x38
dump_stack_lvl from __warn+0xb8/0x11c
__warn from warn_slowpath_fmt+0x130/0x194
warn_slowpath_fmt from vlan_for_each+0x120/0x124
vlan_for_each from cpsw_add_mc_addr+0x54/0xd8
cpsw_add_mc_addr from __hw_addr_ref_sync_dev+0xc4/0xec
__hw_addr_ref_sync_dev from __dev_mc_add+0x78/0x88
__dev_mc_add from igmp6_group_added+0x84/0xec
igmp6_group_added from __ipv6_dev_mc_inc+0x1fc/0x2f0
__ipv6_dev_mc_inc from __ipv6_sock_mc_join+0x124/0x1b4
__ipv6_sock_mc_join from do_ipv6_setsockopt+0x84c/0x1168
do_ipv6_setsockopt from ipv6_setsockopt+0x88/0xc8
ipv6_setsockopt from do_sock_setsockopt+0xe8/0x19c
do_sock_setsockopt from __sys_setsockopt+0x84/0xac
__sys_setsockopt from ret_fast_syscall+0x0/0x5
This trace occurs because vlan_for_each() is called within
cpsw_ndo_set_rx_mode(), which expects the RTNL lock to be held.
Since modifying vlan_for_each() to operate without the RTNL lock is not
straightforward, and because ndo_set_rx_mode() is invoked both with and
without the RTNL lock across different code paths, simply adding
rtnl_lock() in cpsw_ndo_set_rx_mode() is not a viable solution.
To resolve this issue, we opt to execute the actual processing within
a work queue, following the approach used by the icssg-prueth driver.
Fixes: 1767bb2d47b7 ("ipv6: mcast: Don't hold RTNL for IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP.")
Signed-off-by: Kevin Hao <haokexin@gmail.com>
Cc: stable@vger.kernel.org
Link: https://patch.msgid.link/20260203-bbb-v5-1-ea0ea217a85c@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
2/2 [
Author: Kevin Hao
Email: haokexin@gmail.com
Subject: drm/tilcdc: Set preferred depth
Date: Wed, 4 Feb 2026 14:27:58 +0800
The commit c91acda3a380 ("drm/gem: Check for valid formats") adds a
check for valid pixel formats on drm_gem_fb_create(), but this breaks
the X server on the beaglebone black board.
We have set 'DefaultDepth' to 16 in our xorg.conf. In the X modesetting
driver, the drmmode_get_default_bpp() is used to guess the default
depth/bpp. First it tries to get them via DRM_CAP_DUMB_PREFERRED_DEPTH
ioctl, and if it fail, then try to create a FB with 'depth = 24' and
'bpp = 32' to check whether this depth/dpp is a valid combo. Before the
kernel commit c91acda3a380, the FB always can be created successfully.
This will avoid the bpp to be set to 24 forcibly. But after kernel
commit c91acda3a380, the FB will not be created successfully due to the
check of the valid pixel format. Then the bpp is set to 24, but the
'depth = 16' and 'bpp = 24' combo is not a valid pixel format.
Fix this issue by explicitly setting the preferred_depth in this driver.
With this change, the modesetting driver would choose the correct
depth/bpp combo based on our setting in xorg.conf.
Fixes: c91acda3a380 ("drm/gem: Check for valid formats")
Cc: stable@vger.kernel.org
Signed-off-by: Kevin Hao <haokexin@gmail.com>
Link: https://lore.kernel.org/r/20240317033918.535716-1-haokexin@gmail.com/
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 32d4a63598
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.8)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 1 changes (1 new | 0 updated): - 1 new CVEs: CVE-2026-1896 - 0 updated CVEs:
Date: Wed, 4 Feb 2026 23:41:08 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 89986802b3
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.7)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 10 changes (10 new | 0 updated): - 10 new CVEs: CVE-2025-11065, CVE-2025-11687, CVE-2025-14459, CVE-2025-14525, CVE-2025-14969, CVE-2025-9520, CVE-2025-9521, CVE-2025-9522, CVE-2026-0810, CVE-2026-1190 - 0 updated CVEs:
Date: Mon, 26 Jan 2026 19:39:25 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4a5d0919ef
---------------------------
linux-yocto/6.18: update to v6.18.7
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
5dfbc5357c34b Linux 6.18.7
d6a25e6ee3ec3 iommu/sva: include mmu_notifier.h header
2d1bf4a7b8ed8 Revert "functionfs: fix the open/removal races"
3098f8f7c7b06 mm/page_alloc: prevent pcp corruption with SMP=n
baea24956aea9 mm/page_alloc: batch page freeing in decay_pcp_high
2a72a8ddf1888 mm/page_alloc/vmstat: simplify refresh_cpu_vm_stats change detection
9ac63333d6007 btrfs: fix deadlock in wait_current_trans() due to ignored transaction type
7e58addb8e053 HID: intel-ish-hid: Fix -Wcast-function-type-strict in devm_ishtp_alloc_workqueue()
3d72fadb764c4 HID: intel-ish-hid: Use dedicated unbound workqueues to prevent resume blocking
9f0a7ab700f86 iommu/sva: invalidate stale IOTLB entries for kernel address space
b3039c526f3e1 mm: introduce deferred freeing for kernel page tables
a1593c90896ba x86/mm: use pagetable_free()
c32806bf45b62 mm: introduce pure page table freeing function
b63c129bc3adb x86/mm: use 'ptdesc' when freeing PMD pages
83ce8bf84846a mm: actually mark kernel page table pages
1ca0f9e97f315 mm: add a ptdesc flag to mark kernel page tables
b3bbbf9da38c2 dmaengine: ti: k3-udma: fix device leak on udma lookup
30352277d8e09 dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation
61e8970b0de16 dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation
f45b1d8bf9d0a dmaengine: stm32: dmamux: fix OF node leak on route allocation failure
3ef52d31cce8b dmaengine: stm32: dmamux: fix device leak on route allocation
8dd65e98ce209 dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all()
926d1666420c2 dmaengine: sh: rz-dmac: fix device leak on probe failure
55a67ba5ac4ce dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
9249462c55d56 dmaengine: lpc32xx-dmamux: fix device leak on route allocation
1e47d80f6720f dmaengine: lpc18xx-dmamux: fix device leak on route allocation
a7226fd61def7 dmaengine: idxd: fix device leaks on compat bind and unbind
dd5d96722a967 dmaengine: fsl-edma: Fix clk leak on alloc_chan_resources failure
eabe40f8a53c2 dmaengine: dw: dmamux: fix OF node leak on route allocation failure
9b3cff9f4007a dmaengine: cv1800b-dmamux: fix device leak on route allocation
2ed1a9de1f2d7 dmaengine: bcm-sba-raid: fix device leak on probe
f3c23b7e94134 dmaengine: at_hdmac: fix device leak on of_dma_xlate()
3706be7cbcd5f dmaengine: apple-admac: Add "apple,t8103-admac" compatible
fc53a66227af0 LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy()
5defcc2f9c22e LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy()
e94ec9661c582 LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy()
a227c3c98f092 LoongArch: dts: loongson-2k2000: Add default interrupt controller address cells
8a692ca14f4ca LoongArch: dts: loongson-2k1000: Fix i2c-gpio node names
dea25e8f6b744 LoongArch: dts: loongson-2k1000: Add default interrupt controller address cells
aa866e4a13080 LoongArch: dts: loongson-2k0500: Add default interrupt controller address cells
621fcd0aec180 drm/vmwgfx: Fix an error return check in vmw_compat_shader_add()
cf60e6b1bf0c3 drm/sysfb: Remove duplicate declarations
9c676c7a054bc drm/panel: simple: restore connector_type fallback
f7940d3ec1dc6 drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel
d4373630fd331 drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare
a92ef24071f39 drm/amdkfd: fix a memory leak in device_queue_manager_init()
0080a3f3fd917 drm/amdgpu: make sure userqs are enabled in userq IOCTLs
531b1b83cfa0b drm/amdgpu: Fix gfx9 update PTE mtype flag
b705daaf5f8c4 drm/amd: Clean up kfd node on surprise disconnect
568c29c7c7c83 drm/amd/display: Initialise backlight level values from hw
26ed15a42b743 drm/amd/display: Bump the HDMI clock to 340MHz
c1cc55ea5e956 LoongArch: dts: Describe PCI sideband IRQ through interrupt-extended
5b14ce4975a02 LoongArch: Fix PMU counter allocation for mixed-type event groups
78b4eb99751eb mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure
9dc11b365e4eb mm/damon/sysfs: cleanup intervals subdirs on attrs dir setup failure
725d4fdaa01bd mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure
253b8f56667ff mm/damon/sysfs-scheme: cleanup quotas subdirs on scheme dir setup failure
23b061f421eef mm/damon/core: remove call_control in inactive contexts
0e8838c91e24f mm/page_alloc: make percpu_pagelist_high_fraction reads lock-free
2ff7e1d125f79 mm/zswap: fix error pointer free in zswap_cpu_comp_prepare()
2a0db14ff1bc7 mm: numa,memblock: include <asm/numa.h> for 'numa_nodes_parsed'
b5cb343f0c3d0 mm: kmsan: fix poisoning of high-order non-compound pages
17f95d348589b nvme: fix PCIe subsystem reset controller state transition
43d8f1f001072 x86/resctrl: Fix memory bandwidth counter width for Hygon
1144298c10089 x86/resctrl: Add missing resctrl initialization for Hygon
0b4c0fbbe00b7 i2c: riic: Move suspend handling to NOIRQ phase
bd4e97674582a tcpm: allow looking for role_sw device in the main node
51afd139fac44 EDAC/i3200: Fix a resource leak in i3200_probe1()
3981650922417 EDAC/x38: Fix a resource leak in x38_probe1()
d53b8e05be46a hrtimer: Fix softirq base check in update_needs_ipi()
06e26287f2e34 ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref
d1b24a57662b6 ext4: fix ext4_tune_sb_params padding
5caac66da5ba8 ASoC: codecs: wsa881x: fix unnecessary initialisation
2de213de61031 nvme-pci: disable secondary temp for Wodposit WPBSNM8
a045dab08049e USB: serial: ftdi_sio: add support for PICAXE AXE027 cable
37bbcfa2bac9b USB: serial: option: add Telit LE910 MBIM composition
525779e2df9e5 USB: OHCI/UHCI: Add soft dependencies on ehci_platform
6e4663c6ec273 usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor
5468051245c23 usb: dwc3: Check for USB4 IP_NAME
01120b22c57c5 usb: gadget: uvc: fix req_payload_size calculation
aee473246134b usb: gadget: uvc: fix interval_duration calculation
34f6634dba87e xhci: sideband: don't dereference freed ring when removing sideband endpoint
11c82acb4876c usb: host: xhci-tegra: Use platform_get_irq_optional() for wake IRQs
69d1c05268a86 phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7
b74edae2a0c7a phy: fsl-imx8mq-usb: fix typec orientation switch when built as module
e26755512623f phy: rockchip: inno-usb2: fix disconnection in gadget mode
33194f81b6867 phy: freescale: imx8m-pcie: assert phy reset during power on
efe92ee7a111f phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe()
8b125923f4ea5 phy: ti: gmii-sel: fix regmap leak on probe failure
d51f1db5a5f8c phy: rockchip: inno-usb2: fix communication disruption in gadget mode
5a08dc1d8de3f x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers
568aeb3476c77 lib/buildid: use __kernel_read() for sleepable context
ccc578d2e1540 virtio-net: don't schedule delayed refill worker
ccd18d250ad8f xfs: Fix the return value of xfs_rtcopy_summary()
bca07e57e4729 xfs: set max_agbno to allow sparse alloc of last full inode chunk
9aef476717994 ftrace: Do not over-allocate ftrace memory
ab09a7816c746 tools/testing/selftests: fix gup_longterm for unknown fs
3a1c3cd770f48 tools/testing/selftests: add forked (un)/faulted VMA merge tests
6ca76572c6049 tools/testing/selftests: add tests for !tgt, src mremap() merges
6121b7564c725 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts
d922e7c5bb642 can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit.
9f669a38ca708 can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak
f1718da051282 null_blk: fix kmemleak by releasing references to fault configfs items
ded801af28a99 ALSA: hda/realtek: Add quirk for HP Pavilion x360 to enable mute LED
819268882628f ALSA: hda/tas2781: Skip UEFI calibration on ASUS ROG Xbox Ally X
670cd1c2384ac ALSA: pcm: Improve the fix for race of buffer access at PCM OSS layer
522a38f455bff selftests: kvm: try getting XFD and XSAVE state out of sync
580581bd4af55 selftests: kvm: replace numbered sync points with actions
2674004ddc1fb scsi: core: Fix error handler encryption support
3667af036eead selftests/bpf: Fix selftest verif_scale_strobemeta failure with llvm22
f57953023f736 HID: usbhid: paper over wrong bNumDescriptor field
0754d5caac719 sched: Deadline has dynamic priority
f32d9e475a41f sched/deadline: Avoid double update_rq_clock()
cf40c73ab25bc i2c: imx-lpi2c: change to PIO mode in system-wide suspend/resume progress
11ae04ebbe6e5 i2c: qcom-geni: make sure I2C hub controllers can't use SE DMA
612cbe1aebb32 soundwire: bus: fix off-by-one when allocating slave IDs
829b00481734d dmaengine: omap-dma: fix dma_pool resource leak in error paths
d91cee31906a8 selftests/landlock: Properly close a file descriptor
cdcaec67c55ef phy: broadcom: ns-usb3: Fix Wvoid-pointer-to-enum-cast warning (again)
f73f911a4cdf0 landlock: Fix wrong type usage
a45001796aa00 selftests/landlock: Remove invalid unix socket bind()
c589bc6433667 selftests/landlock: Fix TCP bind(AF_UNSPEC) test case
75ef8c94d4303 landlock: Fix TCP handling of short AF_UNSPEC addresses
15dfbe9079987 phy: ti: da8xx-usb: Handle devm_pm_runtime_enable() errors
7c27eaf183563 phy: stm32-usphyc: Fix off by one in probe()
4ac15caa27ff8 phy: qcom-qusb2: Fix NULL pointer dereference on early suspend
d279f7e17b6d4 phy: fsl-imx8mq-usb: Clear the PCS_TX_SWING_FULL field before using it
f93c703368921 dmaengine: xilinx_dma: Fix uninitialized addr_width when "xlnx,addrwidth" property is missing
be655c3736b35 dmaengine: tegra-adma: Fix use-after-free
5e7ad329d259c dmaengine: xilinx: xdma: Fix regmap max_register
974f241095aaf dmaengine: mmp_pdma: fix DMA mask handling
94413a84067c3 NFS: Fix size read races in truncate, fallocate and copy offload
8bc6d92b9a3ed drivers/dax: add some missing kerneldoc comment fields for struct dev_dax
aec20f3aa684b mips: fix HIGHMEM initialization
2a582a2ca8dae mm, kfence: describe @slab parameter in __kfence_obj_info()
cf85a91aa82ea textsearch: describe @list member in ts_ops search
cf6d059b53728 mm: describe @flags parameter in memalloc_flags_save()
e1a30e1ab33fc drm/amdgpu/userq: Fix fence reference leak on queue teardown v2
3d05c5e101521 drm/amdkfd: No need to suspend whole MES to evict process
226d5d24c7ce1 drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2
e17e32903684e drm/amd/display: Show link name in PSR status message
a1aedf4053af7 drm/amdgpu: fix drm panic null pointer when driver not support atomic
7481e7b9d7366 ASoC: tlv320adcx140: fix word length
53bd838ed5950 ASoC: tlv320adcx140: fix null pointer
07d6d21b85137 ASoC: sdw_utils: cs42l43: Enable Headphone pin for LINEOUT jack type
e9d8f11652fa0 net/sched: sch_qfq: do not free existing class in qfq_change_class()
a3a4296d8b5b1 selftests: drv-net: fix RPS mask handling for high CPU numbers
8b6dcb565e419 ipv6: Fix use-after-free in inet6_addr_del().
722de94521614 dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()
11dd9a9ef4dc4 net: hv_netvsc: reject RSS hash key programming without RX indirection table
78ee2958b096c ALSA: hda/cirrus_scodec_test: Fix test suite name
aaa969ffe3b4d ALSA: hda/cirrus_scodec_test: Fix incorrect setup of gpiochip
e1a4a4795c5a1 net: airoha: Fix typo in airoha_ppe_setup_tc_block_cb definition
d441696397088 net: phy: motorcomm: fix duplex setting error for phy leds
aa4c066229b05 net: octeon_ep_vf: fix free_irq dev_id mismatch in IRQ rollback
1b3ed6c512cfd cxl/hdm: Fix potential infinite loop in __cxl_dpa_reserve()
6cb008f1bb23e btrfs: fix memory leaks in create_space_info() error paths
fcae8e1b9acd8 net/mlx5e: Restore destroying state bit after profile cleanup
66a25f6b7c0bf net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv
a3d4f87d41f51 net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv
e05b8084a20f6 net/mlx5e: Fix crash on profile change rollback failure
f39ab11f118b2 vsock/test: add a final full barrier after run all tests
554201ed0a8f4 ipv4: ip_gre: make ipgre_header() robust
d6072557b90e0 block: zero non-PI portion of auto integrity buffer
6dbead9c76771 macvlan: fix possible UAF in macvlan_forward_source()
da6d0370eb74e net: update netdev_lock_{type,name}
b9f915340f25c ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv()
17071fb5cb9c2 net: bridge: annotate data-races around fdb->{updated,used}
368251745679e Bluetooth: hci_sync: enable PA Sync Lost event
39f83f1077231 btrfs: send: check for inline extents in range_is_hole_in_parent()
65241e3ddda60 btrfs: release path before iget_failed() in btrfs_read_locked_inode()
48f6cec8aa56b cxl/port: Fix target list setup for multiple decoders sharing the same dport
374b095e265fa nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec
6c5124a609890 can: etas_es58x: allow partial RX URB allocation to succeed
5584aa64e8062 ipv4: ip_tunnel: spread netdev_lockdep_set_classes()
754cfada1bbcb PM: EM: Fix incorrect description of the cost field in struct em_perf_state
9a88b6c3c8695 drm/rockchip: vop2: Only wait for changed layer cfg done when there is pending cfgdone bits
47244c00bc545 drm/rockchip: vop2: Add delay between poll registers
d6ea0b7394a44 NFS/localio: Deal with page bases that are > PAGE_SIZE
0674f22eef471 drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions
a91bdd21d5efb drm/vmwgfx: Fix KMS with 3D on HW version 10
282061a7f9f30 drm/bridge: dw-hdmi-qp: Fix spurious IRQ on resume
51926204465e7 pnfs/blocklayout: Fix memory leak in bl_parse_scsi()
ed5d3f2f6885e pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node()
19b4d9ab5e778 NFS: Fix a deadlock involving nfs_release_folio()
d6c75aa9d6070 pNFS: Fix a deadlock when returning a delegation during open()
b7f9587f317d9 xfrm: set ipv4 no_pmtu_disc flag only on output sa when direction is set
df1fae862639f xfrm: Fix inner mode lookup in tunnel mode GSO segmentation
704cced8eda44 io_uring: move local task_work in exit cancel loop
ae48108c2310f virtio_net: Fix misalignment bug in struct virtnet_info
a255ec07f91d4 drm/gud: fix NULL fb and crtc dereferences on USB disconnect
67dfd9e8567cc ASoC: codecs: wsa883x: fix unnecessary initialisation
afd7591a4ca92 ASoC: codecs: wsa884x: fix codec initialisation
6711f723018cc rust: bitops: fix missing _find_* functions on 32-bit ARM
eea6f395ca502 x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1
c6a38672067b9 Revert "gfs2: Fix use of bio_chain"
a685f246ad790 nvme-apple: add "apple,t8103-nvme-ans2" as compatible
a2542fe353a40 efi/cper: Fix cper_bits_to_str buffer handling and return value
58796d352d746 firmware: imx: scu-irq: Set mu_resource_id before get handle
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 88c6cb0e98
---------------------------
linux-yocto/6.16: drop reference recipes
We are going to release the LTS with only 6.18 as the versioned
reference kernel. 6.16 is EOL upstream so won't be updated in
the future.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8107ecdeea
---------------------------
linux-yocto/6.12: drop reference recipes
We are going to release the LTS with only 6.18 as the versioned
reference kernel. 6.12 will continue to be updated and used in
previous release branches.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f66a754a17
---------------------------
linux-yocto/6.12: update CVE exclusions (6.12.67)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 4 changes (0 new | 4 updated): - 0 new CVEs: - 4 updated CVEs: CVE-2025-71178, CVE-2026-0925, CVE-2026-24435, CVE-2026-24439
Date: Mon, 26 Jan 2026 19:55:24 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 54ca79961e
---------------------------
linux-yocto/6.12: update to v6.12.67
Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:
abf529abd660d Linux 6.12.67
7c734ad868cea mm/fake-numa: handle cases with no SRAT info
df63d31e9ae02 mm/page_alloc: prevent pcp corruption with SMP=n
22056349e8ec9 mm/page_alloc: batch page freeing in decay_pcp_high
48273ed85fa0a mm/page_alloc/vmstat: simplify refresh_cpu_vm_stats change detection
ce358252a943c dmaengine: fsl-edma: Fix clk leak on alloc_chan_resources failure
027d42b97e6eb phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe()
10f07114483d6 phy: phy-rockchip-inno-usb2: Use dev_err_probe() in the probe path
c5b13f0b10faa mm: numa,memblock: include <asm/numa.h> for 'numa_nodes_parsed'
a76f5cafcca47 mm/fake-numa: allow later numa node hotplug
d1beb4dd8b8d4 mm: kmsan: fix poisoning of high-order non-compound pages
2d402c6cc966e selftests/bpf: Test invalid narrower ctx load
058a0da4f6d91 bpf: Reject narrower access to pointer ctx fields
16236b0b4a08f mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure
b831557a0d20d mm/damon/sysfs-scheme: cleanup quotas subdirs on scheme dir setup failure
5ee8005f72c4b xfs: set max_agbno to allow sparse alloc of last full inode chunk
8b0bb145d3bc2 btrfs: fix deadlock in wait_current_trans() due to ignored transaction type
68f7f10156fca HID: intel-ish-hid: Fix -Wcast-function-type-strict in devm_ishtp_alloc_workqueue()
e79b03d386341 HID: intel-ish-hid: Use dedicated unbound workqueues to prevent resume blocking
23133e0470d28 dmaengine: ti: k3-udma: fix device leak on udma lookup
f810132e82558 dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation
e50b9bf91d1f3 dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation
f45cafe3b6bfb dmaengine: stm32: dmamux: fix OF node leak on route allocation failure
2fb10259d4efb dmaengine: stm32: dmamux: fix device leak on route allocation
9969db4816aed dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all()
01b1d781394fc dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
618a8229911ea dmaengine: lpc32xx-dmamux: fix device leak on route allocation
992eb8055a6e5 dmaengine: lpc18xx-dmamux: fix device leak on route allocation
0c97ff108f825 dmaengine: idxd: fix device leaks on compat bind and unbind
8f7a391211381 dmaengine: dw: dmamux: fix OF node leak on route allocation failure
db6f1d6d31711 dmaengine: bcm-sba-raid: fix device leak on probe
6a86cf2c09e14 dmaengine: at_hdmac: fix device leak on of_dma_xlate()
aca18ac3332b0 dmaengine: apple-admac: Add "apple,t8103-admac" compatible
5319234215729 LoongArch: dts: loongson-2k2000: Add default interrupt controller address cells
4df476a33687b LoongArch: dts: loongson-2k1000: Fix i2c-gpio node names
9cce27181e9ad LoongArch: dts: loongson-2k1000: Add default interrupt controller address cells
94b010200a3c9 LoongArch: dts: loongson-2k0500: Add default interrupt controller address cells
ef4af7597fd8b drm/vmwgfx: Fix an error return check in vmw_compat_shader_add()
04218cd68d150 drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel
6a4e619c4209e drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare
819c417a30aa7 drm/amdkfd: fix a memory leak in device_queue_manager_init()
8140ac7c55e75 drm/amd: Clean up kfd node on surprise disconnect
ae5b1d291c814 drm/amd/display: Bump the HDMI clock to 340MHz
df7a49b328928 LoongArch: Fix PMU counter allocation for mixed-type event groups
5651c0c391c00 mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure
654fa76032eee mm/page_alloc: make percpu_pagelist_high_fraction reads lock-free
550c228cb0e83 mm/zswap: fix error pointer free in zswap_cpu_comp_prepare()
a705886ac8ef2 nvme: fix PCIe subsystem reset controller state transition
05cea40d333bd x86/resctrl: Fix memory bandwidth counter width for Hygon
56377881cd94d x86/resctrl: Add missing resctrl initialization for Hygon
469f8fe4c87e4 i2c: riic: Move suspend handling to NOIRQ phase
eaff85ada8526 tcpm: allow looking for role_sw device in the main node
df643bfe1d808 EDAC/i3200: Fix a resource leak in i3200_probe1()
4433ddc3700ce EDAC/x38: Fix a resource leak in x38_probe1()
0e66a004a3632 hrtimer: Fix softirq base check in update_needs_ipi()
8e8542c539927 ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref
60f7e00894350 ASoC: codecs: wsa881x: fix unnecessary initialisation
2617495ba77ba nvme-pci: disable secondary temp for Wodposit WPBSNM8
7f78a77c3e16a USB: serial: ftdi_sio: add support for PICAXE AXE027 cable
fe9175e9127f4 USB: serial: option: add Telit LE910 MBIM composition
5400370f29b68 USB: OHCI/UHCI: Add soft dependencies on ehci_platform
17b7ddee0eb40 usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor
f07f660d52cf7 usb: dwc3: Check for USB4 IP_NAME
40a753a906787 phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7
28ec201d87454 phy: rockchip: inno-usb2: fix disconnection in gadget mode
24d759976a4a7 phy: freescale: imx8m-pcie: assert phy reset during power on
66fcfceee2549 phy: ti: gmii-sel: fix regmap leak on probe failure
9659ba4217de2 phy: rockchip: inno-usb2: fix communication disruption in gadget mode
bba9e08d189e4 x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers
b11dfb7708f21 lib/buildid: use __kernel_read() for sleepable context
87c3ced649fef xfs: Fix the return value of xfs_rtcopy_summary()
cb2a610867bc3 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts
ca99392876e4e can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit.
08624b7206ddb can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak
d59ba448ccd59 null_blk: fix kmemleak by releasing references to fault configfs items
e3073d119c0bb ALSA: pcm: Improve the fix for race of buffer access at PCM OSS layer
bfa97e3cc0692 scsi: core: Fix error handler encryption support
42ba3197a5d2b io_uring: move local task_work in exit cancel loop
7934cb03dc233 drm/amd/display: mark static functions noinline_for_stack
f394aa2e4217e ASoC: codecs: wsa883x: fix unnecessary initialisation
bdced577da71b bridge: mcast: Fix use-after-free during router port configuration
bb719f86be14b HID: usbhid: paper over wrong bNumDescriptor field
36c627d3a2ba6 i2c: qcom-geni: make sure I2C hub controllers can't use SE DMA
4b93712e96be1 dmaengine: omap-dma: fix dma_pool resource leak in error paths
69566a1b88d91 selftests/landlock: Properly close a file descriptor
0a7f3d4c9d5d4 phy: broadcom: ns-usb3: Fix Wvoid-pointer-to-enum-cast warning (again)
64bf182dfb429 selftests/landlock: Remove invalid unix socket bind()
68495f89a19b6 selftests/landlock: Fix TCP bind(AF_UNSPEC) test case
fe2401c5d8215 phy: ti: da8xx-usb: Handle devm_pm_runtime_enable() errors
b91c9f6bfb04e phy: stm32-usphyc: Fix off by one in probe()
d50a9b7fd0729 phy: qcom-qusb2: Fix NULL pointer dereference on early suspend
742de96d936ee phy: drop probe registration printks
00dc370dfba94 phy: phy-snps-eusb2: refactor constructs names
2b36202354f7f phy: fsl-imx8mq-usb: Clear the PCS_TX_SWING_FULL field before using it
99dccb81cba85 dmaengine: xilinx_dma: Fix uninitialized addr_width when "xlnx,addrwidth" property is missing
cb2c9c4bb1322 dmaengine: tegra-adma: Fix use-after-free
606ea969e7829 dmaengine: xilinx: xdma: Fix regmap max_register
a1bf8ea50cbc4 mm, kfence: describe @slab parameter in __kfence_obj_info()
d11475ea5c2a5 textsearch: describe @list member in ts_ops search
7a01b91ad6327 mm: describe @flags parameter in memalloc_flags_save()
efb769dd9e479 drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2
e35a9085b4808 ASoC: tlv320adcx140: fix word length
61757f5191daa ASoC: tlv320adcx140: fix null pointer
fa4744e659e14 ASoC: sdw_utils: cs42l43: Enable Headphone pin for LINEOUT jack type
362e269bb03f7 net/sched: sch_qfq: do not free existing class in qfq_change_class()
1e9d2b422fb68 selftests: drv-net: fix RPS mask handling for high CPU numbers
2684610a9c9c5 ipv6: Fix use-after-free in inet6_addr_del().
4cd55c609e85a net: hv_netvsc: reject RSS hash key programming without RX indirection table
29a3c30b911f0 ALSA: hda/cirrus_scodec_test: Fix incorrect setup of gpiochip
aa05a8371ae4a net: octeon_ep_vf: fix free_irq dev_id mismatch in IRQ rollback
bb4fa4c0b54aa btrfs: fix memory leaks in create_space_info() error paths
190d5a7c4fe42 btrfs: introduce btrfs_space_info sub-group
d046ff8e554e4 btrfs: factor out check_removing_space_info() from btrfs_free_block_groups()
3351d4825185b btrfs: factor out init_space_info() from create_space_info()
32e93a14170a2 net/mlx5e: Restore destroying state bit after profile cleanup
a7625bacaa8c8 net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv
dcb2ad755a16c net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv
dad52950b409d net/mlx5e: Fix crash on profile change rollback failure
b7e11383ef3cf vsock/test: add a final full barrier after run all tests
aa57bfea4674e ipv4: ip_gre: make ipgre_header() robust
8518712a2ca95 macvlan: fix possible UAF in macvlan_forward_source()
dfd1f962f2773 net: update netdev_lock_{type,name}
df5ffde966931 ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv()
6dabb5b89ccec net: bridge: annotate data-races around fdb->{updated,used}
db00636643e66 btrfs: send: check for inline extents in range_is_hole_in_parent()
3def524315071 nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec
ba45e3d6b02c9 can: etas_es58x: allow partial RX URB allocation to succeed
c6dc745bba80e PM: EM: Fix incorrect description of the cost field in struct em_perf_state
b0c5a56de1951 drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions
0e036606b29fb pnfs/blocklayout: Fix memory leak in bl_parse_scsi()
86da7efd12295 pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node()
49d352bc263fe NFS: Fix a deadlock involving nfs_release_folio()
a316fd9d3065b pNFS: Fix a deadlock when returning a delegation during open()
a2a3c7bf2c0cd xfrm: set ipv4 no_pmtu_disc flag only on output sa when direction is set
f93a187c255f5 xfrm: Fix inner mode lookup in tunnel mode GSO segmentation
cce714dffcc6e ASoC: codecs: wsa884x: fix codec initialisation
f577508cc8a0a x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1
d6bb04690b5be Revert "gfs2: Fix use of bio_chain"
81dcb27e9b596 efi/cper: Fix cper_bits_to_str buffer handling and return value
1f819393de23f firmware: imx: scu-irq: Set mu_resource_id before get handle
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 96548d97cb
---------------------------
python3-cryptography: Add legacy-openssl packageconfig
Fixes [YOCTO #15416]
The OpenSSL legacy provider supplies algorithms that are either used
infrequently or have been deemed insecure by modern standards. The
Python3 cryptography module can optionally support this provider via the
openssl-ossl-module-legacy package.
Currently, the cryptography module builds with legacy provider support
enabled by default, regardless of whether the legacy modules are
actually included in the system. This patch makes that dependency
explicit by introducing a legacy-openssl packageconfig option that:
* Ensures runtime dependency on openssl-ossl-module-legacy when enabled
* Allows users to disable legacy algorithm support via build configuration
* Aligns python3-cryptography's defaults with OpenSSL's current defaults
The packageconfig option defaults to enabled for consistency with
OpenSSL's current configuration and to avoid breaking existing
deployments. A future security improvement will disable legacy modules
by default in OpenSSL, at which point this packageconfig can also
default to disabled.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 92352e209d
---------------------------
alsa-utils: fix packaging of alsabat
If bat is in PACKAGECONFIG two additional binaries are created which
by the dynamic package split creates two additional packages.
However due to explicitely adding the file alsabat-test.sh to the
alsabat package the alsa-utils-alsabat-test package now is empty
and not created.
Complete commit 4c6d5f96990d ("alsa-utils: fix packaging") which fixed
the same issue for all other affected packages.
Fixes: 26a28ee79350 ("alsa-utils: dynamically split the packages instead of doing it manually")
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f8525224cb
---------------------------
create-spdx-2.2.bbclass: Add CVE_CHECK_IGNORE to fixed CVEs
The list of CVEs fixed by patches goes to the field *sourceInfo* in the
SBOM. But this list does not contain the CVEs marked for ignoring with the
Bitbake variable *CVE_CHECK_IGNORE*. Many recipes (e.g. openssh, glibc,
python) contain such entries and these are missing in the SBOM. Therefore,
add them to the list.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 090821f68f
---------------------------
systemd: properly package new container files
Since last systemd upgrade these files are packaged in systemd package
and thus systemd-container is unconditionally installed in all images as
dependency of systemd package.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f757ae4dad
---------------------------
license_image: extend to SDK coverage
Extend the license_image.bbclass to create package and license
manifests for the SDK host and target sysroots and copy common
licenses to the sdk.
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f5432d1c45
---------------------------
libsolv: add ptest support
Add ptest support to enable automated testing of libsolv
using ptest-runner.
The implementation uses upstream's test infrastructure:
testsolv binary, runtestcases.sh script, and testcase data.
The test suite runs 28 test categories covering solver
functionality, package dependencies, and repository handling.
All 28 upstream tests pass successfully on qemux86-64:
START: ptest-runner
BEGIN: /usr/lib/libsolv/ptest
conflict.t ....................................... Passed
forcebest.t ...................................... Passed
PASS: allowuninstall
job.t ............................................ Passed
learnt.t ......................................... Passed
recommends.t ..................................... Passed
requires.t ....................................... Passed
strongrecommends.t ............................... Passed
update.t ......................................... Passed
yumobs.t ......................................... Passed
PASS: alternative
ptf.t ............................................ Passed
retracted.t ...................................... Passed
PASS: blacklist
choice1.t ........................................ Passed
choice1b.t ....................................... Passed
choice2.t ........................................ Passed
choice2b.t ....................................... Passed
choice3.t ........................................ Passed
choice3b.t ....................................... Passed
choice4.t ........................................ Passed
choice5.t ........................................ Passed
choice6.t ........................................ Passed
choice7.t ........................................ Passed
PASS: choicerules
default.t ........................................ Passed
enhanced.t ....................................... Passed
oldversion.t ..................................... Passed
suggested.t ...................................... Passed
versioned.t ...................................... Passed
versioned2.t ..................................... Passed
PASS: choose
cleandeps_dup.t .................................. Passed
cleandeps_in.t ................................... Passed
cleandeps_up.t ................................... Passed
cleandeps_up3.t .................................. Passed
mistake.t ........................................ Passed
PASS: cleandeps
and.t ............................................ Passed
andor.t .......................................... Passed
if.t ............................................. Passed
ifelse.t ......................................... Passed
ifelse_rec.t ..................................... Passed
or.t ............................................. Passed
orand.t .......................................... Passed
PASS: cplxdeps
dup_allowuninstall.t ............................. Passed
dup_multiversion1.t .............................. Passed
dup_multiversion2.t .............................. Passed
dup_multiversion3.t .............................. Passed
dup_noarchchange.t ............................... Passed
dup_orphan1.t .................................... Passed
dup_orphan2.t .................................... Passed
dup_orphan3.t .................................... Passed
PASS: distupgrade
caret.t .......................................... Passed
testevr.t ........................................ Passed
PASS: evrcmp
excludefromweak-obsoletes.t ...................... Passed
excludefromweak.t ................................ Passed
PASS: excludefromweak
recommends.t ..................................... Passed
recommends2.t .................................... Passed
requires.t ....................................... Passed
single.t ......................................... Passed
supplements.t .................................... Passed
PASS: favor
best.t ........................................... Passed
installed.t ...................................... Passed
new1.t ........................................... Passed
new2.t ........................................... Passed
normal.t ......................................... Passed
PASS: focus
forcebest_dup.t .................................. Passed
forcebest_in.t ................................... Passed
forcebest_up.t ................................... Passed
PASS: forcebest
best.t ........................................... Passed
dup.t ............................................ Passed
PASS: lock
infarch_install_best.t ........................... Passed
lockstep_install.t ............................... Passed
lockstep_update.t ................................ Passed
PASS: lockstep
multiversion.t ................................... Passed
update.t ......................................... Passed
update2.t ........................................ Passed
PASS: multiversion
namespaceprovides.t .............................. Passed
PASS: namespace
pubg1.t .......................................... Passed
pubg2.t .......................................... Passed
PASS: proof
recommended_conflicts.t .......................... Passed
recommended_multirepo.t .......................... Passed
recommended_oldversion.t ......................... Passed
recommended_targeted.t ........................... Passed
recommended_version.t ............................ Passed
suggested_conflicts.t ............................ Passed
suggested_multirepo.t ............................ Passed
suggested_oldversion.t ........................... Passed
suggested_targeted.t ............................. Passed
suggested_version.t .............................. Passed
PASS: recommendations
assert.t ......................................... Passed
mm-test.t ........................................ Passed
reuse.t .......................................... Passed
PASS: sat
disable: unknown package 'E-1-1.src@available'
disable: unknown package 'F-1-1.src@available'
selection_canon_rpm.t ............................ Passed
selection_filelist.t ............................. Passed
selection_matchdeps.t ............................ Passed
selection_matchsolvable.t ........................ Passed
selection_name.t ................................. Passed
selection_provides.t ............................. Passed
PASS: selection
strictrepoprio.t ................................. Passed
PASS: strictrepoprio
break.t .......................................... Passed
disfavored.t ..................................... Passed
strongr.t ........................................ Passed
PASS: strongrecommends
targeted_color.t ................................. Passed
targeted_dup.t ................................... Passed
targeted_up.t .................................... Passed
PASS: targeted
nested.t ......................................... Passed
str2dep.t ........................................ Passed
PASS: testcase
supplements_implicitobsoleteusescolors.t ......... Passed
PASS: weakdeps
dup.t ............................................ Passed
dup2.t ........................................... Passed
forcebest_in.t ................................... Passed
forcebest_up.t ................................... Passed
PASS: whatprovideswithdisabled
split.t .......................................... Passed
split2.t ......................................... Passed
PASS: yumobs
DURATION: 7
END: /usr/lib/libsolv/ptest
STOP: ptest-runner
Note: runtestcases.sh requires bash as it uses bash-specific features.
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cc90f8c3b9
---------------------------
lto.inc: introduce LTO_DEFAULT variable to support per-package overrides with Clang
Currently, LTO variable is set with a toolchain-clang override directly.
This causes priority issues where package-specific overrides (e.g., LTO:pn-perl = "")
are ignored when the Clang toolchain is active, making it difficult to disable LTO
for specific failing recipes.
This patch refactors the logic by introducing an intermediate `LTO_DEFAULT` variable.
- `LTO_DEFAULT` handles the toolchain-specific flags (GCC vs Clang).
- `LTO` is assigned `LTO_DEFAULT` as a default value.
This structure allows `LTO` to be cleanly overridden by recipe-specific overrides
(like `pn-${PN}`) regardless of the active toolchain.
Added a toolchain-gcc override for alsa-lib because -flto-partition=none is not
supported by Clang.
Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f223bd675a
---------------------------
uki.bbclass: fix building of UKI images with multiple initramfs fstypes
If INITRAMFS_FSTYPES contains more than one entry, ukify build command
will fail as INITRD_ARCHIVE will contain extra strings. Use only the
first initramfs type, letting the user to specify other fstypes in
INITRAMFS_FSTYPES.
The INITRD_ARCHIVE variable is removed and merged into the code to
resolve the issue as we don't need a separate variable.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 72d1f9ec6f
---------------------------
u-boot: relocate SRC_URI_RISCV into recipe
In a custom u-boot recipe that requires u-boot-common.inc, the config
fragments end up in SRC_URI. However, the custom recipe's FILESPATH does
not contain the path to oe-core's u-boot directory (as expected), which
leads to the error below:
ERROR: .../build/../meta-custom/recipes-bsp/u-boot/u-boot-custom_2025.10.bb:
Unable to get checksum for u-boot-custom SRC_URI entry u-boot-riscv-isa_clear.cfg: file could not be found
The following paths were searched:
(...)
Move SRC_URI_RISCV - along with the appends - out of the common
definitions.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e1526079d2
---------------------------
wic: extra-partition: introduce variable matching sourceparams
The current extra_partition plugin uses predictable variable names (the
configuration must predict the image partition label or uuid). This has two
inconveniences:
- an extra partition that has a specific label (or uuid) is doomed with the
associated variable. The partition cannot be configured unless the label
(or uuid) is changed.
- two partitions with same label from distincts .wks cannot have different
content.
This allows the new suffix _name_%s to be appended to
IMAGE_EXTRA_PARTITION_FILES. This variable will be preferred whenever the
.wks specifies a name in the --sourceparams option.
For example:
an image may define:
IMAGE_EXTRA_PARTITION_FILES_name_foo = "bar.conf"
and the .wks line have line:
part --source extra_partition --sourceparams "name=foo"
Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Reviewed-by: Pierre-Loup GOSSE <pierre-loup.gosse@smile.fr>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fba82acf55
---------------------------
oeqa/selftest: wic: improve extra-partition plugin tests
Increase the number of inputs to check several files can be copied. Change
the partition type to GPT in order to avoid logical partitions.
Test various file systems and check the wic image partitions match.
Simplify 'wic ls' commands (remove pipes) and use '-n' to specify wic-tools
sysroot and avoid host contamination.
Also dedent the code just after the wic image is built to close the .wks
temporary file when its goal is achieved.
Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bb21c6a429
---------------------------
spdx30_tasks: Add concluded license support with SPDX_CONCLUDED_LICENSE
Add hasConcludedLicense relationship to SBOM packages with support for
manual license conclusion override via SPDX_CONCLUDED_LICENSE variable.
The concluded license represents the license determination after manual
or external license analysis. This should be set manually in recipes or
layers when:
1. Manual license review identifies differences from the declared LICENSE
2. External license scanning tools detect additional license information
3. Legal review concludes a different license applies
The hasConcludedLicense relationship is ONLY added to the SBOM when
SPDX_CONCLUDED_LICENSE is explicitly set. When unset or empty, no
concluded license is included in the SBOM, correctly indicating that
no license analysis was performed (per SPDX semantics).
When differences from the declared LICENSE are found, users should:
1. Preferably: Correct the LICENSE field in the recipe and contribute
the fix upstream to OpenEmbedded
2. Alternatively: Set SPDX_CONCLUDED_LICENSE locally in your layer when
upstream contribution is not immediately possible or when the license
conclusion is environment-specific
The implementation checks both package-specific overrides
(SPDX_CONCLUDED_LICENSE:${PN}) and the global variable, allowing
per-package license conclusions when needed.
The concluded license expression is automatically de-duplicated by
add_license_expression() to avoid redundant license objects in the SBOM.
The variable is initialized in spdx-common.bbclass with comprehensive
documentation explaining its purpose, usage guidelines, and examples.
Example usage in recipe or layer:
SPDX_CONCLUDED_LICENSE = "MIT & Apache-2.0"
SPDX_CONCLUDED_LICENSE:${PN} = "MIT & Apache-2.0"
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com>
Reviewed-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c48e7308c1
---------------------------
cargo-update-recipe-crates: Properly close target file after writing
In do_update_crates(), properly close the target_file after writing to
it using the "with" statement.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1ef39b3fa7
---------------------------
cargo-update-recipe-crates: Don't fail for partially empty Cargo.lock
Do not fail if only some Cargo.lock files are empty. Only fail, if there
are absolutely no dependencies found in any Cargo.lock.
This fixes the following error message, which would occur with "bitbake
-c update_crates python3-orjson":
ERROR: python3-orjson-3.10.17-r0 do_update_crates: Execution of '.../python3-orjson/3.10.17/temp/run.do_update_crates.70693' failed with exit code 1
ERROR: Logfile of failure stored in: .../python3-orjson/3.10.17/temp/log.do_update_crates.70693
Log data follows:
| DEBUG: Executing python function extend_recipe_sysroot
| NOTE: Direct dependencies are ['.../sources/oe-core/../oe-core/meta/recipes-devtools/quilt/quilt-native_0.69.bb:do_populate_sysroot', 'virtual:native:.../sources/oe-core/../oe-core/meta/recipes-devtools/patch/patch_2.8.bb:do_populate_sysroot', 'virtual:native:.../sources/oe-core/../oe-core/meta/recipes-devtools/python/python3_3.13.9.bb:do_populate_sysroot']
| NOTE: Installed into sysroot: []
| NOTE: Skipping as already exists in sysroot: ['gettext-minimal-native', 'cmake-native', 'libtool-native', 'quilt-native', 'texinfo-dummy-native', 'openssl-native', 'expat-native', 'ncurses-native', 'util-linux-libuuid-native', 'zlib-native', 'libedit-native', 'make-native', 'patch-native', 'perl-native', 'python3-native', 'bzip2-native', 'xz-native', 'zstd-native', 'attr-native', 'gdbm-native', 'libffi-native', 'sqlite3-native']
| DEBUG: Python function extend_recipe_sysroot finished
| DEBUG: Executing shell function do_update_crates
| Traceback (most recent call last):
| File "<stdin>", line 41, in <module>
| File "<stdin>", line 12, in get_crates
| ValueError: Unable to find any candidate crates that use crates.io
|
| The above exception was the direct cause of the following exception:
|
| Traceback (most recent call last):
| File "<stdin>", line 43, in <module>
| ValueError: Cannot parse '.../python3-orjson/3.10.17/sources/orjson-3.10.17/include/cargo/simdutf8-0.1.5/Cargo.lock'
| WARNING: exit code 1 from a shell command.
ERROR: Task (.../sources/oe-core/../meta-openembedded/meta-python/recipes-devtools/python/python3-orjson_3.10.17.bb:do_update_crates) failed with exit code '1'
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6ce19709f7
---------------------------
oe/utils: filter license packages
The packages_filter_out_system() function is used in PACKAGESPLITFUNCS
to filter out "system" packages (-dbg, -dev). The filtered packages
should include license packages (-lic) as well, when they are generated
with LICENSE_CREATE_PACKAGE = "1", otherwise the license packages will
get pulled into images unintentionally.
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dedc9e3fd5
---------------------------
ffmpeg: ignore 10 CVEs
First group of CVEs got a bogus cpe update listing all tags since v7.0.
All CVEs were fixed in v7.0 except CVE-2025-22921 fixed in v8.0.
Second group has date CPE (2025-01-13) instead of version (v8.0).
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 327546cc0f
---------------------------
libsndfile1: patch CVE-2025-56226
Pick patches from both PRs linked in issue mentioned in NVD report.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cf63518d20
---------------------------
vim: upgrade 9.1.1683 -> 9.1.2128
Removes CVE-2025-66476 from CVE metrics.
It's fixed in 9.1.1947, but only affects Vim for Windows.
Rebased patches and resolved conflicts.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 31fc221d23
---------------------------
python3-wheel: upgrade 0.46.1 -> 0.46.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5f34357b6e
---------------------------
qemu: fix regression for ppc64
The qemu upstream commit, fcac98d0 (linux-user: Remove ELF_HWCAP2),
accidently introduced a regression. It used get_elf_hwcap where
get_elf_hwcap2 should be used.
With recent qemu upgrade in Yocto (10.1.3 -> 10.2.0), qemuppc64 build
is basically broken. There are a lot of do_configure failures with error
message like below:
Fatal glibc error: CPU lacks ISA 3.00 support (POWER9 or later required)
Backport a patch to fix this issue.
Note that although the problem was only revealed for qemuppc64, some arm
and arm64 machines will also likely get the same issue, as in qemu source
we have:
linux-user/aarch64/target_elf.h:#define HAVE_ELF_HWCAP2 1
linux-user/arm/target_elf.h:#define HAVE_ELF_HWCAP2 1
linux-user/ppc/target_elf.h:#define HAVE_ELF_HWCAP2 1
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 15de700d5f
---------------------------
mdadm: upgrade 4.4 -> 4.5
Changelog:
https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/tree/CHANGELOG.md?h=mdadm-4.5
Replaced 0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch
with 0001-raid6check.c-restripe.c-Use-64-bit-off_t-across-both.patch as
partial changes from first patch are part of the upstream version[1].
Dropped patches that are part of upstream version
- xmalloc.patch [2]
- 0001-Makefile-install-mdcheck.patch [3]
Also refreshed other patches.
[1] https://github.com/md-raid-utilities/mdadm/commit/787cc1b60130b8031be59e49d54463c58cd8cf74
[2] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/raid6check.c?h=mdadm-4.5&id=e0df6c4c984d564e9e40913727e916a6cd8f466e
[3] https://github.com/md-raid-utilities/mdadm/commit/934d81184880d2231b0d7b3836b12358516ea35c
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6c89f2bcd5
---------------------------
libxml2: add follow-up patch for CVE-2026-0992
References:
* https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019
* https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/377
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 471368d01b
---------------------------
inetutils: patch CVE-2026-24061
Pick patches per [1].
[1] https://security-tracker.debian.org/tracker/CVE-2026-24061
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7109e5d85a
---------------------------
meta/files/layers.schema.json: use URI shortcut for some remotes
Among the three sources, only two have a single remote. So we can replace
their entire structure 'remote' -> 'origin' -> 'uri' with a shorter one
(property 'uri' only).
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 55761539e0
---------------------------
oe-setup-layers: support inline URI
Most of the time, when we describe a remote, the layer data (also used by
the script bitbake-setup) looks like this:
"bitbake": {
"git-remote": {
"remotes": {
"origin": {
"uri": "https://git.openembedded.org/bitbake"
}
},
...
}
}
i.e. an URI with the common name 'origin'. Alternatively, we could simplify this, by
using a shorter structure with the property 'uri' only:
"bitbake": {
"git-remote": {
"uri": "https://git.openembedded.org/bitbake
",
...
}
}
These properties can be used together.
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bad92fd26c
---------------------------
Revert "libconfig: add ptest support"
This reverts commit 4c31a7b410fc9c14815c6853431c7bd56c0e173c.
It is cauding package_qa and reproducibility issues:
ERROR: lib32-libconfig-1.8.2-r0 do_package_qa: QA Issue: File /usr/lib/libconfig/ptest/tests/libconfig_tests in package lib32-libconfig-ptest contains reference to TMPDIR [buildpaths]
ERROR: lib32-libconfig-1.8.2-r0 do_package_qa: QA Issue: /usr/lib/libconfig/ptest/tests/libconfig_tests contained in package lib32-libconfig-ptest requires /bin/bash, but no providers found in RDEPENDS:lib32-libconfig-ptest? [file-rdeps]
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3165
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 45803eac7e
---------------------------
expat: upgrade 2.7.3 -> 2.7.4
Changelog [1]:
Security fixes:
#1131 CVE-2026-24515 -- Function XML_ExternalEntityParserCreate
failed to copy the encoding handler data passed to
XML_SetUnknownEncodingHandler from the parent to the new
subparser. This can cause a NULL dereference (CWE-476) from
external entities that declare use of an unknown encoding.
The expected impact is denial of service. It takes use of
both functions XML_ExternalEntityParserCreate and
XML_SetUnknownEncodingHandler for an application to be
vulnerable.
#1075 CVE-2026-25210 -- Add missing check for integer overflow
related to buffer size determination in function doContent
Bug fixes:
#1073 lib: Fix missing undoing of group size expansion in doProlog
failure cases
#1107 xmlwf: Fix a memory leak
#1104 WASI: Fix format specifiers for 32bit WASI SDK
Other changes:
#1105 lib: Fix strict aliasing
#1106 lib: Leverage feature "flexible array member" of C99
#1051 lib: Swap (size_t)(-1) for C99 equivalent SIZE_MAX
#1109 lib|xmlwf: Return NULL instead of 0 for pointers
#1068 lib|Windows: Clean up use of macro _MSC_EXTENSIONS with MSVC
#1112 lib: Remove unused import
#1110 xmlwf: Warn about XXE in --help output (and man page)
#1102 #1103 WASI: Stop using getpid
... and additional docs/autotools/cmake/infrastructure changes
[1] https://github.com/libexpat/libexpat/blob/R_2_7_4/expat/Changes
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4c31a7b410
---------------------------
libconfig: add ptest support
Add ptest support to enable automated testing of libconfig
using ptest-runner.
The implementation uses libtool --mode=install to properly
install test binaries, avoiding issues with libtool wrapper
scripts. Tests are built via 'make check TESTS=' to compile
without running during the build phase.
The test suite includes 16 tests covering parsing, formatting,
binary/hex values, escaped strings, and various edge cases.
All tests pass successfully on qemux86-64 :
START: ptest-runner
BEGIN: /usr/lib/libconfig/ptest
[TEST] ParsingAndFormatting
parsing testdata/input_0.cfg
parsing testdata/input_1.cfg
parsing testdata/input_2.cfg
parsing testdata/input_3.cfg
parsing testdata/input_4.cfg
parsing testdata/input_5.cfg
parsing testdata/input_6.cfg
parsing testdata/input_7.cfg
[ OK ] ParsingAndFormatting
[TEST] ParseInvalidFiles
[ OK ] ParseInvalidFiles
[TEST] ParseInvalidStrings
[ OK ] ParseInvalidStrings
[TEST] BigInt1
[ OK ] BigInt1
[TEST] BigInt2
[ OK ] BigInt2
[TEST] BigInt3
[ OK ] BigInt3
[TEST] BigInt4
[ OK ] BigInt4
[TEST] BigInt5
[ OK ] BigInt5
[TEST] BigInt6
[ OK ] BigInt6
[TEST] BigInt7
[ OK ] BigInt7
[TEST] RemoveSetting
[ OK ] RemoveSetting
[TEST] EscapedStrings
[ OK ] EscapedStrings
[TEST] OverrideSetting
[ OK ] OverrideSetting
[TEST] SettingLookups
[ OK ] SettingLookups
[TEST] ReadStream
[ OK ] ReadStream
[TEST] BinaryAndHex
some auto big hex: 4294967296
some auto big bin: 8589934591
negativehex: -1430532899
[ OK ] BinaryAndHex
16 tests; 16 passed, 0 failed
PASS: libconfig_tests
DURATION: 0
END: /usr/lib/libconfig/ptest
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5114cae0a5
---------------------------
lttng-modules: Fix CONFIG_TRACEPOINTS patch
The check for CONFIG_TRACEPOINTS is guarded by a check for
CONFIG_LOCALVERSION. But what happens if your .config has
CONFIG_LOCALVERSION="" ? Then the check never runs and you try and
build the module even though CONFIG_TRACEPOINTS is missing.
Update the guard to check for either CONFIG_LOCALVERSION or
CONFIG_LOCALVERSION_AUTO.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 60c62c4de3
---------------------------
uboot: Deprecate legacy UBOOT_CONFIG flow
Mark the legacy flow for settings the UBOOT_CONFIG options in a comma
separated list. This code will still work through wrynose, but will be
removed once wrynose is released.
Add warnings to point people in the right direction for fixing their
configs:
WARNING: Legacy use of UBOOT_CONFIG[foo] = "foo_config,foo_image,foo_binary" is deprecated. Please move to using UBOOT_CONFIG_* variables:
WARNING: UBOOT_CONFIG[foo] = "foo_config"
WARNING: UBOOT_CONFIG_IMAGE_FSTYPES[foo] = "foo_image"
WARNING: UBOOT_CONFIG_BINARY[foo] = "foo_binary"
WARNING: Legacy use of UBOOT_CONFIG[bar] = "bar_config,bar_image" is deprecated. Please move to using UBOOT_CONFIG_* variables:
WARNING: UBOOT_CONFIG[bar] = "bar_config"
WARNING: UBOOT_CONFIG_IMAGE_FSTYPES[bar] = "bar_image"
WARNING: Legacy use of UBOOT_CONFIG[bing] = "bing_config,,bing_binary" is deprecated. Please move to using UBOOT_CONFIG_* variables:
WARNING: UBOOT_CONFIG[bing] = "bing_config"
WARNING: UBOOT_CONFIG_BINARY[bing] = "bing_binary"
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5116d9822a
---------------------------
cargo-c: update 0.10.19 -> 0.10.20
Changes are here:
https://github.com/lu-zero/cargo-c/compare/v0.10.19..v0.10.20
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bb01604a11
---------------------------
epiphany: upgrade 48.5 -> 49.2
ChangeLog:
https://gitlab.gnome.org/GNOME/epiphany/-/blob/49.2/NEWS
Add a dependency on blueprint-compiler-native.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4212392ca7
---------------------------
blueprint-compiler: add recipe
Blueprint-compiler is a markup language and compiler for GTK 4 user
interfaces.
Move it from meta-openembedded to openembedded-core as it is required by
epiphany 49.2.
The original author Liu Yiding, is willing to continue maintaining the
recipe. Add him as maintainer for this.
CC: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 66ee166039
---------------------------
openssl: upgrade 3.5.4 -> 3.5.5
Resolved patch conflicts.
Release information [1]:
OpenSSL 3.5.5 is a security patch release. The most severe CVE fixed in this release is High.
This release incorporates the following bug fixes and mitigations:
* Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification. (CVE-2025-11187)
* Fixed Stack buffer overflow in CMS AuthEnvelopedData parsing. (CVE-2025-15467)
* Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID. (CVE-2025-15468)
* Fixed openssl dgst one-shot codepath silently truncates inputs >16 MiB. (CVE-2025-15469)
* Fixed TLS 1.3 CompressedCertificate excessive memory allocation. (CVE-2025-66199)
* Fixed Heap out-of-bounds write in BIO_f_linebuffer on short writes. (CVE-2025-68160)
* Fixed Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. (CVE-2025-69418)
* Fixed Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion. (CVE-2025-69419)
* Fixed Missing ASN1_TYPE validation in TS_RESP_verify_response() function. (CVE-2025-69420)
* Fixed NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex() function. (CVE-2025-69421)
* Fixed Missing ASN1_TYPE validation in PKCS#12 parsing. (CVE-2026-22795)
* Fixed ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function. (CVE-2026-22796)
[1] https://github.com/openssl/openssl/blob/openssl-3.5/NEWS.md#major-changes-between-openssl-354-and-openssl-355-27-jan-2026
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 330160efaa
---------------------------
avahi: Backport fix CVE-2025-68276
Include the patch linked in the NVD report: https://github.com/avahi/avahi/pull/806/commits/0c013e2e819be3bda74cecf48b5f64956cf8a760
Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dbb0a89fff
---------------------------
python3-wcwidth: Upgrade 0.2.14 -> 0.3.1
Upgrade to release 0.3.1:
Add benchmarking using codspeed.io
improve width() performance
>From release 0.3.0:
- Migrate from setup.py + setuptools to pyproject.toml + hatchling
- Small improvements to update-tables.py and wcwidth-browser.py
- New: iter_graphemes()
- New: width() terminal-aware string measurement
- New: ljust(), rjust(), center() justify text
- New: wrap()
- improve wcswidth() performance ~30%
- New ambigous_width=1 argument
- New strip_sequences() and cut() functions
- Width 0 for Default_Ignorable_Code_Point characters
- Bugfix for Prepended_Concatenation_Mark characters
Fixes:
WARNING: python3-wcwidth-0.3.1-r0 do_check_backend: QA Issue:
inherits setuptools3 but has pyproject.toml with hatchling.build,
use the correct class [pep517-backend]
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d59abb5639
---------------------------
glibc: mark CVE-2025-15281, CVE-2026-0861 and CVE-2026-0915 as patched
These were fixed with last hash update and start to appearing in CVE
reports.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ebf9dd05e9
---------------------------
glibc: stable 2.42 branch updates
$ git log --oneline 453e6b8dbab935257eb0802b0c97bca6b67ba30e..912d89a766847649a3857985a3b5e6065c51bfd4
912d89a766 (HEAD, origin/release/2.42/master) Switch currency symbol for the bg_BG locale to euro
cbf39c26b2 posix: Reset wordexp_t fields with WRDE_REUSE (CVE-2025-15281 / BZ 33814)
Testing Results:
+--------------+--------+--------+------+
| Result | Before | After | Diff |
+--------------+--------+--------+------+
| PASS | 6814 | 6818 | +4 |
| XPASS | 4 | 4 | 0 |
| FAIL | 139 | 136 | -3 |
| XFAIL | 16 | 16 | 0 |
| UNSUPPORTED | 164 | 164 | 0 |
+--------------+--------+--------+------+
Changes in failed testcases:
malloc/tst-malloc-fork-deadlock-malloc-check FAIL PASS
malloc/tst-malloc_info FAIL PASS
malloc/tst-malloc_info-malloc-largetcache FAIL PASS
nptl/tst-getpid3 FAIL PASS
posix/tst-wait3 PASS FAIL
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 31eb31c598
---------------------------
apt: Set gid to nogroup
Without --no-user-group, it tries to assign "_apt" gid which ends up
with an error as shown below when using static gid values and "_apt" is
not defined in USERADD_GID_TABLES.
| apt was skipped: Recipe apt, package apt: normal groupname "_apt" does not have a static ID defined.
Conventionally "_apt" does not have its own gid but rather uses
"nogroup". For that reason '_apt' gid is also removed from
meta-selftest/files/static-group.
Signed-off-by: Jaeyoon Jung <jaeyoon.jung@lge.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e73f150955
---------------------------
build-sysroots: Add sysroot tasks to default build and remove warning
Add both do_build_native_sysroot and do_build_target_sysroot to the
do_build dependency chain, allowing "bitbake build-sysroots" to populate
both sysroots automatically.
This is now safe to do since the previous commit added lockfiles to
serialize these tasks, preventing the race condition where they could
interfere with each other when run concurrently.
Remove the do_build_warn task which instructed users to call the tasks
explicitly, as this is no longer necessary. The warning was not clear.
For somebody who knwos about the race condition, it was obvious that
they should call the tasks explicitly, but for all other users this
was just confusing.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: acc8416744
---------------------------
build-sysroots: Serialize native and target sysroot population
Calling (what devtool ide-sdk --mode shared does internally):
bitbake meta-ide-support:do_build cmake-example:do_populate_sysroot
bitbake build-sysroots:do_build_target_sysroot \
build-sysroots:do_build_native_sysroot
can fail with errors like:
Exception: subprocess.CalledProcessError:
Command '.../tmp/sysroots/qemux86-64/usr/bin/postinst-base-passwd'
returned non-zero exit status 1.
Subprocess output:
.../tmp/sysroots/x86_64/usr/sbin/useradd
Running groupadd commands...
NOTE: cmake-example: Performing groupadd with
[--root ../tmp/sysroots/qemux86-64 --system cmake-example]
awk: error while loading shared libraries: libtinfo.so.5: cannot open
shared object file: No such file or directory
ERROR: cmake-example: groupadd command did not succeed.
The root cause is a race condition between do_build_target_sysroot and
do_build_native_sysroot. When run in parallel, do_build_target_sysroot
executes postinstall scripts (e.g., useradd) that invoke awk, while
do_build_native_sysroot is concurrently installing gawk-native into the
shared native sysroot (which is in PATH for do_build_target_sysroot).
Since sstate artifact installation is not atomic, awk binaries can be
installed before their dependent libraries. If do_build_target_sysroot
picks up the newly installed but incomplete awk, it fails with missing
library errors.
The situation is created by a mix of:
- gawk-native in ASSUME_PROVIDED (use host awk)
- glibc depending on gawk-replacement-native (builds gawk-native)
- Both tasks populating the same shared native sysroot directory
Fix this by adding a lockfile to both tasks, ensuring they cannot run
concurrently and avoiding the race condition where partially installed
native tools are accessed. While lockfiles are generally avoided in
BitBake due to performance concerns, this is acceptable here since these
tasks are not on a critical performance path.
[YOCTO #16135]
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c77f0b29b1
---------------------------
devtool: deploy: Reset PATH after strip_execs
We need to modify os.environ so that strip_execs() finds the correct
binaries to run. We shouldn't leave this modification in place for the
rest of the program execution though.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1551136333
---------------------------
devtool: deploy: Run pseudo with correct PATH
When running FAKEROOTCMD (i.e. pseudo), we need to use the same PATH as
we would use if we were running inside bitbake instead of the host
environment's PATH. This ensures that we don't pick up any host
executables that may have problems with pseudo (such as the uutils
implementations of common system utilities used in Ubuntu 25.10).
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 58b9f90779
---------------------------
report-error.bbclass: replace 'codecs.open()' with 'open()'
With newer Python versions, codecs.open() is deprecated:
https://docs.python.org/3/library/codecs.html#codecs.open
Replace it with the preferred call to open().
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: fe38fc0df1
---------------------------
package_deb.bbclass: replace 'codecs.open()' with 'open()'
With newer Python versions, codecs.open() is deprecated:
https://docs.python.org/3/library/codecs.html#codecs.open
Replace it with the preferred call to open().
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 9316834803
---------------------------
busybox: fix a incomplete condition check
When deleting syslog sysvinit related config files, also check if
'systemd' is being enabled, after the change, it behaves same with the
check logic in rm_sysvinit_initddir.
${sysconfdir}/syslog.conf is also a sysvinit related config file, also
delete it.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 555e0b2498
---------------------------
python3-yamllint: upgrade 1.37.1 -> 1.38.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 6df5012420
---------------------------
python3-uv-build: upgrade 0.9.18 -> 0.9.26
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: d34026c907
---------------------------
python3-sphinx-rtd-theme: upgrade 3.0.2 -> 3.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 98ec7f4f64
---------------------------
python3-pyparsing: upgrade 3.3.1 -> 3.3.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 4e486d307d
---------------------------
python3-pyasn1: upgrade 0.6.1 -> 0.6.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 84f975614e
---------------------------
python3-pdm: upgrade 2.26.4 -> 2.26.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: d1724b0cd2
---------------------------
python3-meson-python: upgrade 0.18.0 -> 0.19.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 3a4be7b677
---------------------------
python3-markdown: upgrade 3.10 -> 3.10.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: cd42d1cacd
---------------------------
python3-hypothesis: upgrade 6.149.0 -> 6.150.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 3b75735924
---------------------------
p11-kit: upgrade 0.25.10 -> 0.26.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 2cc882d636
---------------------------
meson: upgrade 1.10.0 -> 1.10.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: ca5ee30e5c
---------------------------
harfbuzz: upgrade 12.3.0 -> 12.3.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: d39f2ebcb6
---------------------------
bind: upgrade 9.20.17 -> 9.20.18
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 3aeb82742b
---------------------------
stress-ng: update 0.19.06 -> 0.20.00
Changelog:
https://github.com/ColinIanKing/stress-ng/releases/tag/V0.20.00
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: c4fdea8c7b
---------------------------
glew: update 2.2.0 -> 2.3.1
Dropped patches which are part of upstream version
- 0001-Fix-build-race-in-Makefile.patch [1]
- no-strip.patch [2]
[1] https://github.com/nigels-com/glew/commit/767e0316450911f1158bd4f7fd8dcd066bae5c55
[2] https://github.com/nigels-com/glew/commit/d7693eea09ac76c67f5f3aa538bb911ce2291e2c
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 29097b18ca
---------------------------
rgb: update 1.1.0 -> 1.1.1
License-Update: updated md5 hash because of commit[1]
[1] https://gitlab.freedesktop.org/xorg/app/rgb/-/commit/fb06ee0b71ec15d63b6ee4797f954187ec014a37
The license change is removing the "All rights reserved" string from the
copyright, no license change.
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 7ac04f4746
---------------------------
cmake: upgrade 4.2.1 -> 4.2.2
Changelog:
https://cmake.org/cmake/help/v4.2/release/4.2.html#id2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: c41462ef8a
---------------------------
libxml2: patch CVE-2026-0989
Pick patch from [1] linked from [2].
[1] https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374
[2] https://gitlab.gnome.org/GNOME/libxml2/-/issues/998
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: addd80ddfd
---------------------------
openssh: add variable for key path
This patch adds a variable for the key directory path. This is especially
useful when working with a read-only file system where you want to
specify the location e.g. on a r/w partition. To be consistent, the
change was also done for the read write path.
For changing the path simply create a bbappend and override the
variable.
Signed-off-by: Patrick Vogelaar <patrick.vogelaar.dev@mailbox.org>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 0316decd30
---------------------------
glib-2.0: patch CVE-2026-0988
Pick relevant commit from [2] linked from [1].
[1] https://gitlab.gnome.org/GNOME/glib/-/issues/3851
[2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4944
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 067b935773
---------------------------
linux-firmware: correct wil6210 dependency
The LICENSE.QualcommAtheros_ath10k is already packages as
linux-firmware-ath10k-license package, making OE skip
linux-firmware-qualcommatheros-ath10k-license (because it's now empty)
and thus making linux-firmware-wil6210 uninstallable.
Drop the duplicate licence package and use linux-firmware-ath10k-license
instead.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: b80b52cd07
---------------------------
qemurunner.py: replace 'codecs.open()' with 'open()'
With newer Python versions, codecs.open() is deprecated, leading to the
following warning:
|Stderr:
|/srv/pokybuild/tgamblin-qemux86/openembedded-core/meta/lib/oeqa/utils/qemurunner.py:133: DeprecationWarning: codecs.open() is deprecated. Use open() instead.
| with codecs.open(self.logfile + extension, "ab") as f:
Note that if we try to be explicit and make the 'errors' keyword
'strict' (as the codecs.open() call defaulted to), we see other
warnings:
|ValueError: binary mode doesn't take an errors argument
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: f4b2eb3c29
---------------------------
python3-pygobject: fix compile error with old GCC
If the build is done with GCC 10 (eg a native build on Debian 11) then
the build fails:
gi/pygi-resulttuple.c:337:1: error: label at end of compound statement
Backport a patch from upstream to add a missing semicolon.
[ YOCTO #16147 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 9b956f6b5a
---------------------------
python3-pyelftools: add python3-logging to RDEPENDS
python3-logging is needed as a runtime dependency of python3-pyelftools
else the readelf.py script run into the following error :
```
Traceback (most recent call last):
File "/usr/bin/readelf.py", line 31, in <module>
from elftools.elf.elffile import ELFFile
File "/usr/lib/python3.12/site-packages/elftools/elf/elffile.py", line 29, in <module>
from ..dwarf.dwarfinfo import DWARFInfo, DebugSectionDescriptor, DwarfConfig
File "/usr/lib/python3.12/site-packages/elftools/dwarf/dwarfinfo.py", line 17, in <module>
from .structs import DWARFStructs
File "/usr/lib/python3.12/site-packages/elftools/dwarf/structs.py", line 10, in <module>
from logging.config import valid_ident
ModuleNotFoundError: No module named 'logging'
```
Signed-off-by: Theo GAIGE <tgaige.opensource@witekio.com>
Reviewed-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---------------------------
Commit: 4c0a41389b
---------------------------
libmd: add ptest for 'libmd'
Adapt the compile 'test' phony target from Makefile and deploy as
ptest for libmd.
It takes less than 30seconds for ptest completion
Signed-off-by: Naman Jain <namanj1@kpit.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 1797741aad
---------------------------
bitbake.conf: remove DEBUG_PREFIX_MAP from TARGET_LDFLAGS
Now that the previous bug affecting binary reproducibility has been
addressed [1], we can revert this patch. This will resolve issues with
cgo applications becoming unreprodcible.
Currently go considers link arguments to be sacred, meaning any change
should produce a different binary output. They ensure this by baking
link arguments into the intermediary output, changing the content ID of
that step. As such, the marco prefixes inadvertently end up adding build
paths to the output binary instead of removing them if they are passed
as link arguments to cgo applications.
These paths are later stripped out again, but at this point the content
ID of the dependency has changed and thus the build ID of the end
application will be affected by the cascade of hash changes. See the
upstream bug for more information [2].
This reverts commit fddaecc88979967d0e00e2fafdbaaabec030da9f.
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101473
[2] https://github.com/golang/go/issues/77218
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f0d8ff0bfb
---------------------------
linux-yocto-dev: update to 6.19
Bumping the -dev kernel to 6.19. Boot and tests have been run
on all major architectures.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f7a4e8c8a2
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.6)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 14 changes (0 new | 14 updated): - 0 new CVEs: - 14 updated CVEs: CVE-2024-23147, CVE-2024-23148, CVE-2024-23156, CVE-2024-23157, CVE-2024-37000, CVE-2024-37006, CVE-2025-13335, CVE-2025-63896, CVE-2025-9452, CVE-2025-9456, CVE-2025-9457, CVE-2025-9458, CVE-2026-1225, CVE-2026-1332
Date: Thu, 22 Jan 2026 14:20:53 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 048edccc6c
---------------------------
linux-yocto/6.18: update to v6.18.6
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
b6fe42bc55af Linux 6.18.6
69695f5331d4 spi: cadence-quadspi: Prevent lost complete() call during indirect read
81531bdea972 scsi: sg: Fix occasional bogus elapsed time that exceeds timeout
90f5dd44d9bf ASoC: fsl_sai: Add missing registers to cache default
b3f89f6582e0 ALSA: hda/realtek: enable woofer speakers on Medion NM14LNL
65f6ae1fdf22 ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025
003994f3b014 ALSA: usb-audio: Update for native DSD support quirks
530ec35c211e block: validate pi_offset integrity limit
79dd3f1d9dd3 can: j1939: make j1939_session_activate() fail if device is no longer registered
9fd86747daa6 drm/amdkfd: Fix improper NULL termination of queue restore SMI event string
6fcfcf792ce8 spi: mt65xx: Use IRQF_ONESHOT with threaded IRQ
6db8e186c977 drm/amd/display: Fix DP no audio issue
6a2049b7391b accel/amdxdna: Block running under a hypervisor
a70fd483c4b9 ata: libata-core: Disable LPM on ST2000DM008-2FR102
09d6074995c1 netfilter: nf_tables: avoid chain re-validation if possible
9e2fcfc32467 powercap: fix sscanf() error return value handling
d33cc39e9f7e powercap: fix race condition in register_control_type()
cbbf6c1fe62b net: sfp: extend Potron XGSPON quirk to cover additional EEPROM variant
737be05a7657 bpf: Fix reference count leak in bpf_prog_test_run_xdp()
31e37f44b606 bpf, test_run: Subtract size of xdp_frame from allowed metadata size
7ea26e6dcabc gpio: mpsse: fix reference leak in gpio_mpsse_probe() error paths
7882637ea5cc gpio: mpsse: add quirk support
472d900c8bca gpio: mpsse: ensure worker is torn down
4374a1cac13e btrfs: fix beyond-EOF write handling
9cb1a586c78a btrfs: use variable for end offset in extent_writepage_io()
3b7ca18f3509 btrfs: truncate ordered extent when skipping writeback past i_size
ebdc99345399 erofs: fix file-backed mounts no longer working on EROFS partitions
c65f0bafc98f erofs: don't bother with s_stack_depth increasing for now
234409e0db77 irqchip/gic-v5: Fix gicv5_its_map_event() ITTE read endianness
72e28774e964 ublk: fix use-after-free in ublk_partition_scan_work
949647e7771a arp: do not assume dev_hard_header() does not change skb->head
d93ba83fc3f5 net: enetc: fix build warning when PAGE_SIZE is greater than 128K
ce6eef731aba net: usb: pegasus: fix memory leak in update_eth_regs_async()
51ffd447bc37 net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset
1251bbdb8f5b wifi: mac80211_hwsim: fix typo in frequency notification
72f93dc6d1a6 net: airoha: Fix schedule while atomic in airoha_ppe_deinit()
9e17d06663f3 HID: quirks: work around VID/PID conflict for appledisplay
fb08fec72131 sparc/PCI: Correct 64-bit non-pref -> pref BAR resources
397691633112 trace: ftrace_dump_on_oops[] is not exported, make it static
6c0d642e8c58 block: don't merge bios with different app_tags
086e2928c1da net: netdevsim: fix inconsistent carrier state after link/unlink
334bbbbf4c80 selftests: drv-net: Bring back tool() to driver __init__s
67550a1130b6 net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy
06dc322dcb20 net: sfp: return the number of written bytes for smbus single byte access
0c63d5683eae udp: call skb_orphan() before skb_attempt_defer_free()
2d6cde9953f9 Revert "dsa: mv88e6xxx: make serdes SGMII/Fiber tx amplitude configurable"
0ad6d6e50e9d idpf: fix aux device unplugging when rdma is not supported by vport
258e7c55f939 idpf: cap maximum Rx buffer size
bfeb4dfc8050 idpf: Fix error handling in idpf_vport_open()
ab92fa4dd81b idpf: Fix RSS LUT NULL ptr issue after soft reset
9abe73eff87d idpf: Fix RSS LUT configuration on down interfaces
b29a5a7dd1f4 idpf: Fix RSS LUT NULL pointer crash on early ethtool operations
fe33b4252e4b idpf: fix issue with ethtool -n command display
1aedff70a5e9 idpf: fix memory leak of flow steer list on rmmod
a514c374edcd idpf: fix error handling in the init_task on load
23391db8a00c idpf: fix memory leak in idpf_vc_core_deinit()
ec602a2a4071 idpf: fix memory leak in idpf_vport_rel()
ac122f5fb050 idpf: detach and close netdevs while handling a reset
a9f5b61591d3 idpf: convert vport state to bitmap
14c4fea11536 idpf: keep the netdev when a reset fails
309a4c2fa676 PCI/VGA: Don't assume the only VGA device on a system is `boot_vga`
c114a32a2e70 net: fix memory leak in skb_segment_list for GRO packets
177c71d2709f riscv: pgtable: Cleanup useless VA_USER_XXX definitions
5bfaf4fa3dc2 riscv: cpufeature: Fix Zk bundled extension missing Zknh
8a6b410e3d0f net: airoha: Fix npu rx DMA definitions
6d1b61b8e1e4 btrfs: fix NULL pointer dereference in do_abort_log_replay()
07effd536ddc btrfs: only enforce free space tree if v1 cache is required for bs < ps cases
92a559085114 btrfs: release path before initializing extent tree in btrfs_read_locked_inode()
0185dc4b5b0e vsock: Make accept()ed sockets use custom setsockopt()
543f8537b470 drm/amd/pm: force send pcie parmater on navi1x
a1c0a4ccbe6d drm/amd/pm: fix wrong pcie parameter on navi1x
deee9dfb111a perf: Ensure swevent hrtimer is properly destroyed
088ca99dbb03 inet: frags: drop fraglist conntrack references
a5e2d902f64c virtio_net: fix device mismatch in devm_kzalloc/devm_kfree
e3c738138975 bnxt_en: Fix potential data corruption with HW GRO/LRO
8181c79757cc net: wwan: iosm: Fix memory leak in ipc_mux_deinit()
f2c4bcfa193e net/ena: fix missing lock when update devlink params
b46675e1c593 net/mlx5e: Dealloc forgotten PSP RX modify header
d35ab9fb5794 net/mlx5e: Don't print error message due to invalid module
cba6cc0f4654 net/mlx5e: Don't gate FEC histograms on ppcnt_statistical_group
658496325824 net/mlx5: Lag, multipath, give priority for routes with smaller network prefix
8bdc624bf33d netdev: preserve NETIF_F_ALL_FOR_ALL across TSO updates
e00b169eaac5 net: sock: fix hardened usercopy panic in sock_recv_errqueue
fe71b71f0fe0 net: phy: mxl-86110: Add power management and soft reset support
1511ba2d6846 inet: ping: Fix icmp out counting
f490af47bbee net: mscc: ocelot: Fix crash when adding interface under a lag
b53fca69f455 bridge: fix C-VLAN preservation in 802.1ad vlan_tunnel egress
326a4b7e61d0 net: marvell: prestera: fix NULL dereference on devlink_alloc() failure
8bdafdf49000 netfilter: nf_conncount: update last_gc only when GC has been performed
7f066cba650c netfilter: nf_tables: fix memory leak in nf_tables_newrule()
58dac9b28a57 gpio: pca953x: handle short interrupt pulses on PCAL devices
fb674c8f1a5d gpiolib: fix race condition for gdev->srcu
aaa24eeb63ad gpiolib: rename GPIO chip printk macros
97531f8e50d9 gpiolib: remove unnecessary 'out of memory' messages
75bfb05067d6 netfilter: nft_synproxy: avoid possible data-race on update operation
704c0258f0d7 netfilter: nft_set_pipapo: fix range overlap detection
499c0db5862f arm64: dts: mba8mx: Fix Ethernet PHY IRQ support
646d415f9860 arm64: dts: imx8qm-ss-dma: correct the dma channels of lpuart
4977cac699a4 arm64: dts: imx8mp: Fix LAN8740Ai PHY reference clock on DH electronics i.MX8M Plus DHCOM
5b5ef7049ebe arm64: dts: freescale: tx8p-ml81: fix eqos nvmem-cells
f267ced2bcb0 arm64: dts: freescale: moduline-display: fix compatible
2c3f04f1f70c ARM: dts: imx6q-ba16: fix RTC interrupt level
88244021003b arm64: dts: add off-on-delay-us for usdhc2 regulator
c200328fd57f arm64: dts: imx8qm-mek: correct the light sensor interrupt type to low level
42b66f4557a2 crypto: qat - fix duplicate restarting msg during AER error
7fd534abaa39 pinctrl: mediatek: mt8189: restore previous register base name array order
5b5482c0e5ee netfs: Fix early read unlock of page with EOF in middle
b95a6e3b0d5d HID: Intel-thc-hid: Intel-thc: Fix wrong register reading
a5eeebb994bf HID: Intel-thc-hid: Intel-thc: fix dma_unmap_sg() nents value
737f341080f4 gpio: it87: balance superio enter/exit calls in error path
43c2e3670334 gpu: nova-core: select RUST_FW_LOADER_ABSTRACTIONS
93900292af11 arm64: dts: ti: k3-am62-lp-sk-nand: Rename pinctrls to fix schema warnings
c5ebc38066ce arm64: dts: ti: k3-am642-phyboard-electra-x27-gpio1-spi1-uart3: Fix schema warnings
0d4087c74869 arm64: dts: ti: k3-am642-phyboard-electra-peb-c-010: Fix icssg-prueth schema warning
f09b0f705bd7 of: unittest: Fix memory leak in unittest_data_add()
c8385851a543 btrfs: fix use-after-free warning in btrfs_get_or_create_delayed_node()
99e057f3d3ef btrfs: fix NULL dereference on root when tracing inode eviction
1ee62906cbd9 btrfs: qgroup: update all parent qgroups when doing quick inherit
7d59377ada9f btrfs: fix qgroup_snapshot_quick_inherit() squota bug
5f0fd06d7571 scsi: Revert "scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed"
f1e2d448ccc1 scsi: ufs: core: Fix EH failure after W-LUN resume error
3a96f7f2677a scsi: ipr: Enable/disable IRQD_NO_BALANCING during reset
382028023669 scsi: mpi3mr: Prevent duplicate SAS/SATA device entries in channel 1
aba03b371632 smb/client: fix NT_STATUS_NO_DATA_DETECTED value
d4959a7900af smb/client: fix NT_STATUS_DEVICE_DOOR_OPEN value
e2c146263966 smb/client: fix NT_STATUS_UNABLE_TO_FREE_VM value
f1ae589310e1 drm/amd/display: shrink struct members
93ee5471731b ALSA: hda/realtek: Add support for ASUS UM3406GA
ab775cc784f6 NFS: Fix up the automount fs_context to use the correct cred
8e73e0ee4530 ASoC: rockchip: Fix Wvoid-pointer-to-enum-cast warning (again)
d82f6d1d43b3 NFSv4: ensure the open stateid seqid doesn't go backwards
6930c0229fb3 dm-snapshot: fix 'scheduling while atomic' on real-time kernels
232948cf600f dm-verity: disable recursive forward error correction
fea0f86e4613 alpha: don't reference obsolete termio struct for TC* constants
9f53cfb9f4c2 ARM: 9461/1: Disable HIGHPTE on PREEMPT_RT kernels
8ad9e930fb91 csky: fix csky_cmpxchg_fixup not working
c88717b10792 ALSA: hda: intel-dsp-config: Prefer legacy driver as fallback
a1d420370a24 ublk: reorder tag_set initialization before queue allocation
5647d42c47b5 libceph: make calc_target() set t->paused, not just clear it
10b7c7281036 libceph: reset sparse-read state in osd_fault()
9e0101e57534 libceph: return the handler error from mon_handle_auth_done()
f21c3fdb9683 libceph: make free_choose_arg_map() resilient to partial allocation
6348d70af847 libceph: replace overzealous BUG_ON in osdmap_apply_incremental()
2d653bb63d59 libceph: prevent potential out-of-bounds reads in handle_auth_done()
b97be67dc06e wifi: mac80211: restore non-chanctx injection behaviour
e3c35177103e wifi: avoid kernel-infoleak from struct iw_point
5c12a13522f4 Revert "drm/mediatek: dsi: Fix DSI host and panel bridge pre-enable order"
b7a883b0135d PM: hibernate: Fix crash when freeing invalid crypto compressor
ea7a54393d50 pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping
391adca8e213 PCI: meson: Report that link is up while in ASPM L0s and L1 states
2b9c15286a17 io_uring/io-wq: fix incorrect io_wq_for_each_worker() termination logic
3aa67687d558 gpio: rockchip: mark the GPIO controller as sleeping
b88191562d92 drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[]
227997d16a53 drm/tidss: Fix enable/disable order
124b9d19e1d5 drm/pl111: Fix error handling in pl111_amba_probe
8a8bf7ed8230 drm/atomic-helper: Export and namespace some functions
1f50931f79dc drm/amdgpu: Fix query for VPE block_type and ip_count
b023b3f236e8 drm/amd/display: Apply e4479aecf658 to dml
1d8b1ac985c9 arm64: dts: imx95: correct I3C2 pclk to IMX95_CLK_BUSWAKEUP
00d880c469b7 ALSA: hda/tas2781: properly initialize speaker_id for TAS2563
cb73d37ac18b ALSA: ac97: fix a double free in snd_ac97_controller_register()
c12df0f5ca41 Revert "drm/atomic-helper: Re-order bridge chain pre-enable and post-disable"
0ce45b2426f9 nouveau: don't attempt fwsec on sb on newer platforms.
64a0d47e0c32 riscv: boot: Always make Image from vmlinux, not vmlinux.unstripped
5b7f91acffd2 tracing: Add recursion protection in kernel stack trace recording
425886b1f830 counter: interrupt-cnt: Drop IRQF_NO_THREAD flag
844f521604bd counter: 104-quad-8: Fix incorrect return value in IRQ handler
a0b28dd06a9a lib/crypto: aes: Fix missing MMU protection for AES S-box
30a98c97f787 rust_binder: remove spin_lock() in rust_shrink_free_page()
86e49948b0e6 mei: me: add nova lake point S DID
d52af58dd463 btrfs: always detect conflicting inodes when logging inode refs
0174d5466cae bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup
e86c4ee5a029 arm64: Fix cleared E0POE bit after cpu_suspend()/resume()
ffa2be496ef6 net: do not write to msg_get_inq in callee
d82796a57cc0 net: 3com: 3c59x: fix possible null dereference in vortex_probe1()
4ae815bfcfad atm: Fix dma_free_coherent() size
0f7fb819d63f NFSD: Remove NFSERR_EAGAIN
db78fa4b9f1f NFSD: net ref data still needs to be freed even if net hasn't startup
e06c9f6c0f55 nfsd: check that server is running in unlock_filesystem
099a880ef541 nfsd: use correct loop termination in nfsd4_revoke_states()
53f07d095e7e nfsd: provide locking for v4_end_grace
a339b0168251 NFSD: Fix permission check for read access to executable-only files
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4e194c6741
---------------------------
linux-yocto/6.12: update CVE exclusions (6.12.66)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 10 changes (5 new | 5 updated): - 5 new CVEs: CVE-2026-22278, CVE-2026-23761, CVE-2026-23762, CVE-2026-23763, CVE-2026-23764 - 5 updated CVEs: CVE-2021-47746, CVE-2021-47748, CVE-2025-64097, CVE-2025-69821, CVE-2026-1328
Date: Thu, 22 Jan 2026 16:23:30 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e38a672c14
---------------------------
linux-yocto/6.12: update to v6.12.66
Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:
f6044d1fd846 Linux 6.12.66
9e3f8fa53348 bpf: test_run: Fix ctx leak in bpf_prog_test_run_xdp error path
f8b406198778 ALSA: hda: intel-dsp-config: Prefer legacy driver as fallback
47e676ce4d68 tpm2-sessions: Fix out of range indexing in name_size
42440155fe27 spi: cadence-quadspi: Prevent lost complete() call during indirect read
3762535fbbc0 scsi: sg: Fix occasional bogus elapsed time that exceeds timeout
0810c8e94d6b ASoC: fsl_sai: Add missing registers to cache default
1d2a10913089 ALSA: hda/realtek: enable woofer speakers on Medion NM14LNL
8072299bf13f ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025
44ed8fae346f ALSA: usb-audio: Update for native DSD support quirks
ba6f0d1832ee can: j1939: make j1939_session_activate() fail if device is no longer registered
47206d70d1fb drm/amdkfd: Fix improper NULL termination of queue restore SMI event string
1c06d85c3d51 spi: mt65xx: Use IRQF_ONESHOT with threaded IRQ
f609041424d5 drm/amd/display: Fix DP no audio issue
9f6cf07687be ata: libata-core: Disable LPM on ST2000DM008-2FR102
14fa3d1927f1 netfilter: nf_tables: avoid chain re-validation if possible
feb28b6827ec powercap: fix sscanf() error return value handling
3835d59f6999 powercap: fix race condition in register_control_type()
7b60aed82db1 net: sfp: extend Potron XGSPON quirk to cover additional EEPROM variant
fb9ef40cccdb bpf: Fix reference count leak in bpf_prog_test_run_xdp()
6447e697cfa8 bpf, test_run: Subtract size of xdp_frame from allowed metadata size
6611a73b2991 bpf: Support specifying linear xdp packet data size for BPF_PROG_TEST_RUN
0eb6e9d3b724 bpf: Make variables in bpf_prog_test_run_xdp less confusing
202c5b915e22 bpf: Fix an issue in bpf_prog_test_run_xdp when page size greater than 4K
5c647749bce3 btrfs: fix beyond-EOF write handling
afbb57899612 btrfs: use variable for end offset in extent_writepage_io()
a915072e5ac3 btrfs: truncate ordered extent when skipping writeback past i_size
7216d78ca34f btrfs: remove btrfs_fs_info::sectors_per_page
ced5459df05a btrfs: add extra error messages for delalloc range related errors
fb4fa3f9012b btrfs: subpage: dump the involved bitmap when ASSERT() failed
9ed14c3b787b btrfs: fix error handling of submit_uncompressed_range()
fcc04c92cbb5 ALSA: ac97: fix a double free in snd_ac97_controller_register()
71138011dc01 ALSA: ac97bus: Use guard() for mutex locks
7388ba6e5ccd erofs: fix file-backed mounts no longer working on EROFS partitions
d47b03775d55 erofs: don't bother with s_stack_depth increasing for now
dd6ccec088ad arp: do not assume dev_hard_header() does not change skb->head
de77d2cd178a net: enetc: fix build warning when PAGE_SIZE is greater than 128K
471dfb97599e net: usb: pegasus: fix memory leak in update_eth_regs_async()
43497313d0da net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset
3d67e8c22685 HID: quirks: work around VID/PID conflict for appledisplay
4969d6fa61af net: netdevsim: fix inconsistent carrier state after link/unlink
d916df47a031 idpf: cap maximum Rx buffer size
a4212d6732e3 idpf: fix memory leak in idpf_vport_rel()
be3d31276199 idpf: keep the netdev when a reset fails
3264881431e3 net: fix memory leak in skb_segment_list for GRO packets
92ff65c660eb riscv: pgtable: Cleanup useless VA_USER_XXX definitions
1eeaaeceafcf btrfs: only enforce free space tree if v1 cache is required for bs < ps cases
6762937a8b45 vsock: Make accept()ed sockets use custom setsockopt()
f1029391e604 bnxt_en: Fix potential data corruption with HW GRO/LRO
57f1dd8fa966 net: wwan: iosm: Fix memory leak in ipc_mux_deinit()
9e0f54294fae net/mlx5e: Don't print error message due to invalid module
b71d08b96864 netdev: preserve NETIF_F_ALL_FOR_ALL across TSO updates
005671c60fcf net: sock: fix hardened usercopy panic in sock_recv_errqueue
50f65526b33d inet: ping: Fix icmp out counting
03fb1708b7d1 net: mscc: ocelot: Fix crash when adding interface under a lag
269c9283ff7f bridge: fix C-VLAN preservation in 802.1ad vlan_tunnel egress
3950054c9512 net: marvell: prestera: fix NULL dereference on devlink_alloc() failure
26a82dce2bee netfilter: nf_conncount: update last_gc only when GC has been performed
e1a436981ac9 netfilter: nf_tables: fix memory leak in nf_tables_newrule()
cdafa52ad39b gpio: pca953x: handle short interrupt pulses on PCAL devices
d4f333a0155d gpio: pca953x: Add support for level-triggered interrupts
dd42e23b6d9e netfilter: nft_synproxy: avoid possible data-race on update operation
16b4508e8717 netfilter: nft_set_pipapo: fix range overlap detection
b397bb9c34ac arm64: dts: mba8mx: Fix Ethernet PHY IRQ support
97fdde3189b6 arm64: dts: imx8qm-ss-dma: correct the dma channels of lpuart
35b38dd6a792 arm64: dts: imx8mp: Fix LAN8740Ai PHY reference clock on DH electronics i.MX8M Plus DHCOM
88d60cff3000 ARM: dts: imx6q-ba16: fix RTC interrupt level
3e458210ee2c arm64: dts: add off-on-delay-us for usdhc2 regulator
06b1dfa40090 crypto: qat - fix duplicate restarting msg during AER error
8f6afb166402 arm64: dts: ti: k3-am62-lp-sk-nand: Rename pinctrls to fix schema warnings
75e2bc2985f4 drm/amd/display: Apply e4479aecf658 to dml
163df8d79a0d drm/amd/display: Respect user's CONFIG_FRAME_WARN more for dml files
582ba48e4a4c btrfs: fix NULL dereference on root when tracing inode eviction
ec3695dd0acd btrfs: tracepoints: use btrfs_root_id() to get the id of a root
53df7a4c3a56 btrfs: qgroup: update all parent qgroups when doing quick inherit
b9b19fecad7d btrfs: fix qgroup_snapshot_quick_inherit() squota bug
dedec6e6b421 scsi: Revert "scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed"
496ca70a15f4 scsi: ufs: core: Fix EH failure after W-LUN resume error
f373695d62e0 scsi: ipr: Enable/disable IRQD_NO_BALANCING during reset
261233f765d2 smb/client: fix NT_STATUS_NO_DATA_DETECTED value
596d1b968660 smb/client: fix NT_STATUS_DEVICE_DOOR_OPEN value
b1dd68601676 smb/client: fix NT_STATUS_UNABLE_TO_FREE_VM value
e83af97d5c39 drm/amd/display: shrink struct members
a8559efcd576 NFS: Fix up the automount fs_context to use the correct cred
71029266093b ASoC: rockchip: Fix Wvoid-pointer-to-enum-cast warning (again)
e1df03e293a0 NFSv4: ensure the open stateid seqid doesn't go backwards
6a1099604b0c dm-snapshot: fix 'scheduling while atomic' on real-time kernels
f002df3a3305 alpha: don't reference obsolete termio struct for TC* constants
1b645cd729ef ARM: 9461/1: Disable HIGHPTE on PREEMPT_RT kernels
7010683101b5 csky: fix csky_cmpxchg_fixup not working
32dc49f49ea0 drm/xe: Ensure GT is in C0 during resumes
e724d0261b7c drm/xe: make xe_gt_idle_disable_c6() handle the forcewake internally
f09cd209359a tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().
6f468f6ff233 libceph: make calc_target() set t->paused, not just clear it
e94075e950a6 libceph: reset sparse-read state in osd_fault()
d2c4a5f69966 libceph: return the handler error from mon_handle_auth_done()
c4c2152a858c libceph: make free_choose_arg_map() resilient to partial allocation
6c6cec3db3b4 libceph: replace overzealous BUG_ON in osdmap_apply_incremental()
2802ef3380fa libceph: prevent potential out-of-bounds reads in handle_auth_done()
f94f95b81736 wifi: mac80211: restore non-chanctx injection behaviour
024f71a57d56 wifi: avoid kernel-infoleak from struct iw_point
fcb7500bfa24 pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping
321e17ff3142 gpio: rockchip: mark the GPIO controller as sleeping
7500ab83bad2 drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[]
bc96db7051cc drm/pl111: Fix error handling in pl111_amba_probe
90b4b130a20d drm/amdgpu: Fix query for VPE block_type and ip_count
49a66829dd36 counter: interrupt-cnt: Drop IRQF_NO_THREAD flag
c61440f1e741 counter: 104-quad-8: Fix incorrect return value in IRQ handler
196e8fd7424b lib/crypto: aes: Fix missing MMU protection for AES S-box
97130283b83f mei: me: add nova lake point S DID
0c2413c69129 btrfs: always detect conflicting inodes when logging inode refs
8b402146e3a8 arm64: Fix cleared E0POE bit after cpu_suspend()/resume()
2f05f7737e16 net: 3com: 3c59x: fix possible null dereference in vortex_probe1()
1320d94a4df1 atm: Fix dma_free_coherent() size
3f5d7f3865c6 NFSD: Remove NFSERR_EAGAIN
8c1cf63ed465 NFSD: net ref data still needs to be freed even if net hasn't startup
d95499900fe5 nfsd: check that server is running in unlock_filesystem
03c68f94fad1 nfsd: use correct loop termination in nfsd4_revoke_states()
ba4811c8b433 nfsd: provide locking for v4_end_grace
6b7ad17f4dd5 NFSD: Fix permission check for read access to executable-only files
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b6490ff2da
---------------------------
linux-yocto/6.12: update CVE exclusions (6.12.65)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 10 changes (7 new | 3 updated): - 7 new CVEs: CVE-2025-61937, CVE-2025-61943, CVE-2025-64691, CVE-2025-64729, CVE-2025-64769, CVE-2025-65117, CVE-2025-65118 - 3 updated CVEs: CVE-2025-7195, CVE-2025-9903, CVE-2025-9904
Date: Fri, 16 Jan 2026 00:42:12 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f2d250a607
---------------------------
linux-yocto/6.12: update to v6.12.65
Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:
39cb076c7dc7 Linux 6.12.65
b00d41629d81 Revert "iommu/amd: Skip enabling command/event buffers for kdump"
69f542a54578 pwm: stm32: Always program polarity
828b59fdf8ef virtio_console: fix order of fields cols and rows
1b9c118fe318 sched/fair: Proportional newidle balance
c6ae271bc5fd sched/fair: Small cleanup to update_newidle_cost()
52aa889c6f57 sched/fair: Small cleanup to sched_balance_newidle()
4888e1dcc341 net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.
b03136582acb cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes
c4d18e9540bf drm/amdgpu: Forward VMID reservation errors
585dbb5cdbb8 net: phy: mediatek: fix nvmem cell reference leak in mt798x_phy_calibration
7b240a8935d5 wifi: mac80211: Discard Beacon frames to non-broadcast address
1c7c3a9314d8 mptcp: ensure context reset on disconnect()
58a32633d124 mm: consider non-anon swap cache folios in folio_expected_ref_count()
11f66b84fa7e mm: simplify folio_expected_ref_count()
914769048818 mm/page_alloc: change all pageblocks migrate type on coalescing
79f80a7a4784 mptcp: fallback earlier on simult connection
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d5cfa342d0
---------------------------
barebox/barebox-tools: upgrade 2025.12.0 -> 2026.01.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0331b8b93d
---------------------------
gpgme: ensure manpage generation is deterministic
In a similar way to the previous commits with pod2man, gpgme will not
generate manpages on a clean build but will on rebuilds due to
do_package -> rpm-native -> ... -> libgpg-error-native, where the
libgpg-error-native recipe provides the yat2m tool.
To ensure that we generate manpages deterministicly, depend on this
recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9317356fe2
---------------------------
wget: ensure manpage generation is deterministic
Add pod2man-native to DEPENDS to ensure that pod2man is always available
and manpage generation is deterministic.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9b8a8285c7
---------------------------
wget: merge .bb/.inc
There's just a single recipe file that uses the .inc, so merge them.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 255f0bcc16
---------------------------
ffmpeg: ensure manpage generation is deterministic
Add pod2man-native to DEPENDS to ensure that pod2man is always available
and manpage generation is deterministic.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1d1e55d200
---------------------------
perl: provide pod2man
Many recipes uses pod2man to generate manpages from an almost
human-readable source format, which is part of the perl recipe.
This means that we have recipes that don't install manpages, or more
accurately don't install manpages if built from clean but _do_ if they
are a rebuild (because do_package -> rpm-native -> perl-native means the
sysroot now has pod2man in).
The obvious fix here is to DEPEND on perl-native but that an often look
like a redundant dependency that can be removed as removing it doesn't
cause problems (I'm fairly confident I'm responsible for patches like
this).
So, add a PROVIDES of pod2man to perl, so that recipes can DEPEND on
pod2man-native and this dependency is both obvious as to it's purpose
and easily removed if the manpages change source format.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 65683a5ffd
---------------------------
glibc: stable 2.42 branch updates
git log --oneline e34453cd6a8c592c325756ff3c7ac0afd3975cb4..453e6b8dbab935257eb0802b0c97bca6b67ba30e
453e6b8dba (HEAD, origin/release/2.42/master) resolv: Fix NSS DNS backend for getnetbyaddr (CVE-2026-0915)
b0ec8fb689 memalign: reinstate alignment overflow check (CVE-2026-0861)
f122d0b4d1 nptl: Optimize trylock for high cache contention workloads (BZ #33704)
a1d3294a5b support: Exit on consistency check failure in resolv_response_add_name
8dfb84ad4e support: Fix FILE * leak in check_for_unshare_hints in test-container
2a0873aa81 sprof: fix -Wformat warnings on 32-bit hosts
efdf4c0c87 sprof: check pread size and offset for overflow
b11411fe2e posix: Fix invalid flags test for p{write,read}v2
8aaf4b732d ppc64le: Power 10 rawmemchr clobbers v20 (bug #33091)
2dbf973fe0 ppc64le: Restore optimized strncmp for power10
6b2957cfe8 ppc64le: Restore optimized strcmp for power10
828b8d23f3 AArch64: Fix and improve SVE pow(f) special cases
710d7a2e83 AArch64: fix SVE tanpi(f) [BZ #33642]
0c9430ed97 AArch64: Fix instability in AdvSIMD sinh
ec041b1f53 AArch64: Fix instability in AdvSIMD tan
97297120ce AArch64: Optimise SVE scalar callbacks
17c3eab387 aarch64: fix includes in SME tests
de1fe81f47 aarch64: fix cfi directives around __libc_arm_za_disable
bf499c2a49 x86: fix wmemset ifunc stray '!' (bug 33542)
71874f167a aarch64: tests for SME
256030b984 aarch64: clear ZA state of SME before clone and clone3 syscalls
6de12fc9ad aarch64: define macro for calling __libc_arm_za_disable
ab8c1b5d62 x86: Detect Intel Nova Lake Processor
bf48b17a28 x86: Detect Intel Wildcat Lake Processor
18fd689cdc nptl: Fix MADV_GUARD_INSTALL logic for thread without guard page (BZ 33356)
46b4e37c9e nss: Group merge does not react to ERANGE during merge (bug 33361)
1166170d95 libio: Define AT_RENAME_* with the same tokens as Linux
Testing Results:
+--------------+--------+--------+------+
| Result | Before | After | Diff |
+--------------+--------+--------+------+
| PASS | 6890 | 6890 | 0 |
| XPASS | 4 | 4 | 0 |
| FAIL | 123 | 123 | 0 |
| XFAIL | 16 | 16 | 0 |
| UNSUPPORTED | 104 | 104 | 0 |
+--------------+--------+--------+------+
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3bece75685
---------------------------
less: upgrade 685 -> 691
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fc27232232
---------------------------
alsa-ucm-conf: upgrade 1.2.15.2 -> 1.2.15.3
Changelog: https://www.alsa-project.org/wiki/Changes_v1.2.15.2_v1.2.15.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
[AG: add changelog in commit message]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e6f1467997
---------------------------
alsa-lib: upgrade 1.2.15.2 -> 1.2.15.3
Changelog: https://www.alsa-project.org/wiki/Changes_v1.2.15.2_v1.2.15.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
[AG: add changelog in commit message]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 253da2e6fc
---------------------------
lto.inc: add clang specific LTO configuration
This commit adds support for Clang-specific LTO options.
1. -fuse-linker-plugin is not supported by Clang.
2. -ffat-lto-objects is used to ensure that object files (.o) are generated as ELF
even when LTO is applied. During the dwarfsrcfiles process, if LTO is used
with the Clang toolchain, static library object files are skipped if they are
LLVM bitcode instead of ELF. Therefore, it is recommended to add this to
LTOEXTRA if necessary.
3. Adding 'thin-lto' to DISTRO_FEATURES enables -flto=thin.
Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b4b1538395
---------------------------
libxml2: Fix CVE-2026-0992
Backport a patch [1] to fix CVE-2026-0992.
[1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/f75abfcaa419a740a3191e56c60400f3ff18988d
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 20d68d0d96
---------------------------
libxml2: Fix CVE-2026-0990
Backport a patch [1] to fix CVE-2026-0990.
[1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/1961208e958ca22f80a0b4e4c9d71cfa050aa982
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8394729be2
---------------------------
oeqa/runtime: Update tests for maturin
* The output from maturin has changed in newer releases.
* Bump guessing-game version to 0.3.0
* Update to abi3 Python3 >= 3.9 support.
NOTE: The "maturin develop" step builds around 45 crates
and needs enough RAM to run. You will also probably want
the performance of KVM. For QEMU/testimage, you will
want the following in local.conf (or a similar .conf file):
QEMU_USE_KVM = 'True'
QB_MEM = '-m 2048'
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9a560f9010
---------------------------
lib/oeqa/files/maturin: update guessing_game
Update to include changes in upstream Maturin Tutorial [1]
and for newer Rust and Python.
Cargo.toml:
* version: 0.1.0 -> 0.3.0 (to align with [2])
* edition: 2021 -> 2024
* Dependencies:
- rand: 0.8.5 -> 0.9.0
- pyo3: 0.21.2 -> 0.27.2
- abi3-py38 -> abi3-py39 (Python 3.8 reached EOL in October 2024)
pyproject.toml:
* restrict maturin to >=1.7 to ensure PyO3 27.0+ and python 3.13+ support
src/lib.rs:
* rand 0.9 API change: rand::thread_rng() was removed. Use rand::rng() or
the convenience function rand::random_range().
* PyO3 0.27 has breaking API changes from 0.21. The #[pymodule] function
signature changed from fn module_name(py: Python, m: &PyModule) to
fn module_name(m: &Bound<'_, PyModule>).
With help from Claude.ai
[1] https://www.maturin.rs/tutorial.html
[2] https://github.com/moto-timo/guessing-game/releases/tag/v0.3.0
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e0ab523422
---------------------------
python3-maturin: upgrade 1.10.2 -> 1.11.5
Release Notes:
https://github.com/PyO3/maturin/blob/main/Changelog.md#1115
* 1.11.5
- Allow combining --compatibility pypi with other --compatibility values (#2928)
* 1.11.4
- Support armv6l and armv7l in pypi compatibility (#2926)
- Improve the reliability of maturin's own CI
* 1.11.3
- Fix manylinux2014 compliance check (#2922)
* 1.11.2
- Fix failed release
* 1.11.1
- Fix compiled artifacts being excluded by source path matching (#2910)
- Better error reporting for missing interpreters (#2918)
- Ignore unreadable excluded directories (#2916)
* 1.11.0 - Yanked
- Note: This release was yanked to a regression: #2909
- Refactor ModuleWriter to be easier to implement and use
- Add Android cross compilation support, fix wheel tags for Android
- Update generate-ci to macos-15-intel and add windows arm support
- Deprecate 'upload' and 'publish' CLI commands
Comparing changes:
https://github.com/PyO3/maturin/compare/v1.10.2...v1.11.5
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7b1aa0caea
---------------------------
gcc: fix patch format
This is the only gcc patch which doesn't work with git am:
```
git am gcc-15.2.0-r0/sources/*.patch
...
Applying: Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
fatal: empty ident name (for <>) not allowed
```
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a13e299cd4
---------------------------
time64/pipewire: Use consistent TIME defines
Pipewire crashes when other dependent libraries are built with the
different TIME and FILE_OFFSET defines.
Related bug report:
https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/5055
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Barnabás Pőcze <pobrn@protonmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6c31c2a731
---------------------------
build-appliance-image: Update to master head revisions
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 831fcbebf3
---------------------------
flac: fix compile failed on musl
While not including security_flags.inc
$ echo "TCLIBC = 'musl'" >> conf/local.conf
$ echo "MACHINE = 'qemux86'" >> conf/local.conf
$ bitbake flac
...
| libtool: link: (cd .libs/libFLAC++-static.lax/libFLAC-static.a && i686-oe-linux-musl-gcc-arx
"/buildarea5/hjia/oe-core/build/tmp/work/core2-32-oe-linux-musl/flac/1.5.0/build/src/libFLAC++/
../libFLAC/.libs/libFLAC-static.a")
| build/tmp/work/core2-32-oe-linux-musl/flac/1.5.0/recipe-sysroot-native/usr/bin/
i686-oe-linux-musl/../../libexec/i686-oe-linux-musl/gcc/i686-oe-linux-musl/15.2.0/ld:
.libs/metadata.o: in function `FLAC::Metadata::VorbisCo
mment::set_comment(unsigned int, FLAC::Metadata::VorbisComment::Entry const&)':
| /usr/src/debug/flac/1.5.0/src/libFLAC++/metadata.cpp:913:(.text+0x2032): undefined reference to `__stack_chk_fail_local'
...
Refer [1], make gcc pass -lssp_nonshared to the linker whether
including security_flags.inc or not
[1] https://www.openwall.com/lists/musl/2018/09/11/2
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a0ab3d1c4f
---------------------------
initramfs-framework: add handover of PID 1's arguments
Although many PID 1 programs parse /proc/cmdline, let's follow the standard
convention and forward the command-line arguments received from the kernel to
the next PID 1 program.
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ec14816cc5
---------------------------
gstreamer1.0-plugins-good: Add Qt6 QML plugin support
GStreamer 1.26 supports both Qt5 and Qt6 QML video sink plugins.
Add PACKAGECONFIG[qt6] to enable the Qt6 plugin alongside the
existing Qt5 support.
The Qt5 plugin builds ext/qt/ directory, while Qt6 builds ext/qt6/.
Both can coexist and are controlled by separate meson options
(-Dqt5 and -Dqt6).
Signed-off-by: Telukula Jeevan Kumar Sahu <j-sahu@ti.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 273ddefaf3
---------------------------
yocto-check-layer: Add docstring to test_readme method
Signed-off-by: Ricardo Ungerer <ungerer.ricardo@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2ef78bb6ed
---------------------------
yocto-check-layer: Fix README email check
So far the test_readme have been use of re.match to find an email
address in the README file. This only matches if the email address
is at the start of the file. This commit changes this to re.search to
find email addresses anywhere in the README file.
Signed-off-by: Ricardo Ungerer <ungerer.ricardo@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9fe883ce4c
---------------------------
yocto-check-layer: Add messages in test_readme assertions
Assertions in test_readme does not provide context message when they
fail. Which leads to errors like:
File "/media/workspace/yocto_master/openembedded-core/scripts/lib/checklayer/cases/common.py", line 41, in test_readme
self.assertTrue(email_regex.match(data))
AssertionError: None is not true
This patch adds context messages to the assertions to help identify the
issue when they fail.
Signed-off-by: Ricardo Ungerer <ungerer.ricardo@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 587e5d5aad
---------------------------
systemd: do not let do_fetch depend on PACKAGECONFIG
It's unnecessary to make SRC_URI contains something like:
${@bb.utils.contains('PACKAGECONFIG', 'xxx', 'file://xxx', '', d)}
This does not give us any benefit and it makes do_fetch depend
on PACKAGECONFIG, which means changing of PACKAGECONFIG will result
in rerunn of do_fetch.
Besides, the related codes in do_install already does the necessary
checks.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2581dad215
---------------------------
default-providers: remove ltp entry
We have a default provider for ltp on the basis that there is an
alternative in meta-oe called ltp-ddt, but this was removed in 2017[1].
[1] meta-oe ec9e5ed062 ("recipes: remove blacklisted recipes")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9c18cb1d4d
---------------------------
libpng: upgrade 1.6.53 -> 1.6.54
Handles CVE-2026-22695 and CVE-2026-22801.
License-Update: copyright years refreshed
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d3e4f89552
---------------------------
go: upgrade 1.25.5 -> 1.25.6
Upgrade to latest 1.25.x release [1]:
$ git --no-pager log --oneline go1.25.5..go1.25.6
69801b25b9 (tag: go1.25.6) [release-branch.go1.25] go1.25.6
9d497df196 [release-branch.go1.25] archive/zip: reduce CPU usage in index construction
afa9b66ac0 [release-branch.go1.25] net/url: add urlmaxqueryparams GODEBUG to limit the number of query parameters
2526187481 [release-branch.go1.25] cmd/go/internal/work: sanitize flags before invoking 'pkg-config'
082365aa55 [release-branch.go1.25] cmd/go: update VCS commands to use safer flag/argument syntax
4be38528a6 [release-branch.go1.25] crypto/tls: don't copy auto-rotated session ticket keys in Config.Clone
525dd85363 [release-branch.go1.25] crypto/tls: reject trailing messages after client/server hello
ddcf27fc8c [release-branch.go1.25] Revert "errors: optimize errors.Join for single unwrappable errors"
14f50f6e3e [release-branch.go1.25] cmd/compile: handle propagating an out-of-range jump table index
4e531b2f14 [release-branch.go1.25] runtime: mark getfp as nosplit
6f07a57145 [release-branch.go1.25] runtime/race: set missing argument frame for ppc64x atomic And/Or wrappers
ea603eea37 [release-branch.go1.25] os: allow direntries to have zero inodes on Linux
93f5d1c27e [release-branch.go1.25] os,internal/poll: don't call IsNonblock for consoles and Stdin
d5bfdcbc47 [release-branch.go1.25] crypto/tls: use inner hello for earlyData when using QUIC and ECH
Fixes CVE-2025-61728, CVE-2025-61726, CVE-2025-68121, CVE-2025-61731,
CVE-2025-68119 and CVE-2025-61730.
Release information: [2]
[1] https://github.com/golang/go/compare/go1.25.5...go1.25.6
[2] https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5e6030f970
---------------------------
mesa: upgrade 25.3.1 -> 25.3.3
Upgrade Mesa to the latest stable release, picking up several fixes
(mostly anv, radv and pan/panvk/panfrost drivers).
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3b05f58586
---------------------------
mesa: drop VDPAU remnants
Mesa 25.3.x dropped support for VDPAU. Commit 88e26a937549 ("mesa:
upgrade 25.2.5 -> 25.3.1") has dropped most of VDPAU-related items,
but it didn't drop mesa-vdpau-drivers package (nor did it drop VDPAU
bits from mesa-dev). Drop those remnants.
Fixes: 88e26a937549 ("mesa: upgrade 25.2.5 -> 25.3.1")
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 39fe1758ff
---------------------------
qemu: 10.1.3 -> 10.2.0
Upgrade qemu from 10.1.3 to 10.2.0:
* remove backported 0012 patch
* update context for patches 0002 and 0010
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 55f82653de
---------------------------
lsb.py: strip ' from os-release file
In gentoo the file looks like this:
NAME='Gentoo'
ID='gentoo'
PRETTY_NAME='Gentoo Linux'
VERSION='2.18'
VERSION_ID='2.18'
HOME_URL='https://www.gentoo.org/'
SUPPORT_URL='https://www.gentoo.org/support/'
BUG_REPORT_URL='https://bugs.gentoo.org/'
ANSI_COLOR='1;32'
' were added with:
https://github.com/gentoo/gentoo/commit/2f590e35c9d3d13d5673163527120b2de97fdc80
before that the os-release file looked like this:
NAME=Gentoo
ID=gentoo
PRETTY_NAME="Gentoo Linux"
ANSI_COLOR="1;32"
HOME_URL="https://www.gentoo.org/"
SUPPORT_URL="https://www.gentoo.org/support/"
BUG_REPORT_URL="https://bugs.gentoo.org/"
VERSION_ID="2.18"
The ' is stripped from the ID later in distro_identifier with:
# Filter out any non-alphanumerics and convert to lowercase
distro_id = re.sub(r'\W', '', distro_id).lower()
but not from version which results in a weird NATIVELSBSTRING like:
NATIVELSBSTRING = "gentoo-'2.18'"
And similarly the directory name in sstate-cache:
oe-core $ ls -d sstate-cache/gentoo-*
"sstate-cache/gentoo-'2.18'" sstate-cache/gentoo-2.18
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 81c469a0e9
---------------------------
harfbuzz: Upgrade 12.2.0 -> 12.3.0
CVE: CVE-2026-22693
Signed-off-by: Yasir Al-Latifi <yasira@axis.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c9d501388f
---------------------------
oe-selftest: runqemu: use zst rootfs for test
Use .tar.zst as rootfs IMAGE_FSTYPES in the runqemu selftest to make the
test quicker and more relevant to current usage.
Simplify changing the IMAGE_FSTYPES for the test.
Improve the test speed by using get_bb_vars to get multiple bb vars at
once.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3a6172fbb6
---------------------------
runqemu: support .tar.zst, .tar,xz, .tar rootfs archives
Split the tar types into a separate list and use it where needed.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 804a238c8a
---------------------------
createrepo-c: upgrade 1.2.1 -> 1.2.2
Full list of changes in this release is available at [0].
[0]: https://github.com/rpm-software-management/createrepo_c/releases/tag/1.2.2
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8a59c0c601
---------------------------
gn: upgrade to latest revision
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5fa86d75b8
---------------------------
re2c: upgrade 4.3.1 -> 4.4
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0d0ec25e1c
---------------------------
opensbi: bump to 1.8.1
This intermediate release has following fixes:
- Typo fix in comments of sbi_hartindex_to_hartid()
- Fix hart protection abstraction for platforms without PMP
Allow the platform to boot without PMP, but it is still necessary to
enable PMP on QEMU; otherwise, there will be nothing to protect the
M-mode firmware (OpenSBI) from lower privilege modes.
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Tested-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4c6d5f9699
---------------------------
alsa-utils: fix packaging
In the previous refactoring of this package[1] I forgot to add provides
when merging some packages, which meant that installation of alsa-utils
wouldn't succeed:
- nothing provides alsa-utils-aplaymidi needed by alsa-utils-1.2.15.1-r0.cortexa57 from oe-repo
- nothing provides alsa-utils-aplaymidi2 needed by alsa-utils-1.2.15.1-r0.cortexa57 from oe-repo
- nothing provides alsa-utils-arecordmidi needed by alsa-utils-1.2.15.1-r0.cortexa57 from oe-repo
- nothing provides alsa-utils-arecordmidi2 needed by alsa-utils-1.2.15.1-r0.cortexa57 from oe-repo
- nothing provides alsa-utils-axfer needed by alsa-utils-1.2.15.1-r0.cortexa57 from oe-repo
This is because the auto-splitting generates a package for each of the
binaries, but there are explicit FILES that take priority which result
in the binaries being in another package. However, the dependencies
still exist. We could filter the package list after the split, but it is
easier to add RPROVIDES for arecord and a*midi to the relevant packages,
so that the dependencies are satisfied.
Also axfer is a separate tool, so put that in its own package instead of
merging with aplay.
Finally, add a PR, as it appears that dynamically-generated packaging
isn't enough to change the hash, and the wrong packages were being pulled
from sstate.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Tested-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b0592c51b6
---------------------------
zlib: ignore CVE-2026-22184
This is CVE for example tool contrib/untgz.
This is not compiled in Yocto zlib recipe.
This CVE has controversial CVSS3 score of 9.8.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0baab9204f
---------------------------
fontconfig: backport a patch to fix a build race
There's a build race where some objects don't explicitly depend on the
generated header ftalias.h being created:
In file included from ../sources/fontconfig-2.17.1/src/fcpat.c:23:
../sources/fontconfig-2.17.1/src/fcint.h:129:12: fatal error: fcalias.h: No such file or directory
129 | # include "fcalias.h"
Backport a patch from upstream to add the missing dependencies.
[ YOCTO #16134 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0acce89f26
---------------------------
fontconfig: remove obsolete workaround
We don't need to delete two stale files from the source tree anymore, as
they are no longer shipped in the tarballs[1].
[1] fontconfig 31269e35 ("Do not ship fcobjshash.h")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 20f2ea3756
---------------------------
coreutils: Backport fix for lseek_copy loop
We've seen intermittent failures on the autobuilder related to creating
hddimg images after updating to coreutils 9.9. The error message seen
is:
install: cannot lseek '.../core-image-minimal/1.0/sources/core-image-minimal-1.0/hddimg/rootfs.img': Invalid argument
This corresponds to an invalid argument passed to lseek() in the
create_hole() function in src/copy-file-data.c in coreutils. This in
turn is being given bad arguments due to incorrect handling of loop
variables in lseek_copy().
The upstream bug report [1] refers to an infinite loop, which isn't
quite what we're seeing, but the cause is likely the same. So, we're
applying the upstream fixes.
[1]: https://github.com/coreutils/coreutils/issues/159
[YOCTO #16120]
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9382dee2a5
---------------------------
python3: skip flaky test_default_timeout test
We have been observing intermittent issues with this test on the Autobuilder:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=15885
This is probably due to the Autobuilder being heavily loaded at the time
of the test.
The logs on the ticket above do not allow us to know which of the two
"test_default_timeout" tests is failing, so disable both with
self.skipTest().
Excerpt from `ptest-runner python3`:
test_default_timeout (test.test_multiprocessing_fork.test_manager.WithManagerTestBarrier.test_default_timeout)
SKIP: Test the barrier's default timeout 'skip flaky timeout test'
[YOCTO #15885]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 524f4bbb11
---------------------------
pseudo: Update to 1.9.3 release
Pulls in the following changes:
Makefile.in: Bump version to 1.9.3
configure: Minor code quality changes
pseudo: code quality scan - resolved various potential issues
makewrappers: improve error handling and robustness
Update COPYRIGHT files
ports/linux/pseudo_wrappers.c: Call the wrappers where possible
ports/linux/pseudo_wrappers.c: Workaround compile error on Debian 11
ports/linux/pseudo_wrappers.c: Reorder the syscall operations
ports/unix/guts/realpath.c: Fix indents
pseudo_util.c: Skip realpath like expansion for /proc on Linux
test/test-proc-pipe.sh: Add test case for proc pipes
ports/unix/guts/realpath.c: realpath fails if the resolved path doesn't exist
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 22c3ebacd3
---------------------------
dpkg: Fix ADMINDIR
dpkg has a hard coded path (from build time) for the ADMINDIR, for some
reason the "set_root" function was using this hard coded value instead
of the value from apt.conf or the environment.
Follow the example of db_dir.c and use the environment if set.
Adjust the matching oe package_manager functions to set the ADMINDIR,
even though the apt.conf sets --admindir. Note it's unclear if the
--admindir value that is set is reasonable or not.
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
[AG: add Upstream-Status - Submitted to patch]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c6e2bfc538
---------------------------
selftest: uboot: Add selftests for new UBOOT_CONFIG flow
This adds seven new selftests to verify the functionality of the
overhauled UBOOT_CONFIG flow.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e96d3dede
---------------------------
u-boot: Add support for UBOOT_CONFIG_FRAGMENTS and UBOOT_FRAGMENTS
There are config fragments that live in the u-boot source tree.
UBOOT_FRAGMENTS will globally add a set of fragments to the configure.
UBOOT_CONFIG_FRAGMENTS makes use of the overhauled config flow to add
support for specifying alternative fragments for each variation build.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cd9e730448
---------------------------
u-boot: Overhaul UBOOT_CONFIG flow
The existing flow for setting UBOOT_CONFIG options is a little
confusing. The comma separated list is difficult to remember which
slot is used for which option, and the order of the options cannot
be changed just added on to.
This commit overhauls the UBOOT_CONFIG flow while maintaining the
backwards compatibility with the existing settings. Rather than use a
comma separated list, a new set of placeholder variables have been
defined where the same config flags can be used to specify all of the
needed changes:
UBOOT_CONFIG = "foo bar"
UBOOT_CONFIG[foo] = "config1,fstype1,binary1"
UBOOT_CONFIG[bar] = "config2,fstype2,binary2"
becomes:
UBOOT_CONFIG = "foo bar"
UBOOT_CONFIG[foo] = "config1"
UBOOT_CONFIG[bar] = "config2"
UBOOT_CONFIG_IMAGE_FSTYPES[foo] = "fstype1"
UBOOT_CONFIG_IMAGE_FSTYPES[bar] = "fstype2"
UBOOT_CONFIG_BINARY[foo] = "binary1"
UBOOT_CONFIG_BINARY[bar] = "binary2"
The previous addition of makeopts has been removed and replaced with:
UBOOT_CONFIG_MAKE_OPTS[config] = "opts"
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a7386d071d
---------------------------
qemurunner: Improve qmp module detection.
Instead of using logfile to detect where qmp is located we can pass sysroot_native directly to the qemurunner so it can find the qmp module itself.
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b013d62d10
---------------------------
buildhistory: fix handling of RDEPENDS style strings
RDEPENDS style strings are regex searched for entries matching
the usual, allowed package names (plus possible version flags).
RPROVIDES however, is also allowed to contain actual file paths
like '/bin/sh', which get broken by the current implementation.
Use bb.utils to handle RDEPENDS style stings.
Signed-off-by: Adam Blank <adam.blank.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6de3d2602f
---------------------------
oeqa/selftest/wic: test recursive dir copy on ext partitions
Extend the wic selftests to cover recursive directory copying
into ext partitions.
Previously, copying a directory into an ext partition could
appear to succeed, but attempting to access the directory
contents would fail with:
-l: Ext2 inode is not a directory
This was fixed in commit 4fc3b42774 ("wic/engine: fix copying
directories into wic image with ext* partition").
This test now verifies that directories copied with "wic cp"
into an ext4 partition:
- are created with correct inode types
- can be listed recursively with "wic ls"
- preserve files and subdirectories
- can be copied back out of the image without data loss
A simple directory structure is used in this test:
wic-test-cp-ext-dir/
├── topfile.txt
└── subdir/
└── subfile.txt
Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1ed38aff5f
---------------------------
wic/engine: fix copying directories into wic image with ext* partition
wic uses debugfs to write on ext* partitions, but debugfs can only
write to the current working directory and it cannot copy complete
directory trees. Running 'wic ls' on a copied directory show this:
-l: Ext2 inode is not a directory
Fix this by creating a command list for debugfs (-f parameter) when
recursive parsing the host directory in order to create a similar
directory structure (mkdir) and copy files (write) on each level
into the destination directory from the wic's ext* partition.
Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 23b94797cb
---------------------------
libinput: expand PACKAGECONFIG
The 1.30 release added support for Lua plugins, so add a
disabled-by-default PACKAGECONFIG for the Lua plugin support.
Move mtdev from being always on to an enabled-by-default PACKAGECONFIG.
Merge the udevdir evaluation directly into EXTRA_OEMESON, there's no
need for it to be a separate variable.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 650bb45251
---------------------------
runqemu-extract-sdk: support tar.zst format
Building `core-image-minimal-dev` with Poky Whinlatter, the rootfs
tarball is compressed with zstd by default, meaning this script won't
work out of the box with it.
Signed-off-by: Alex Bradbury <asb@igalia.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 32dfd18209
---------------------------
libpcre2: Limit the undefined-version to non-native variants
Native variant maybe built with GNU linker which does not recognize.
Fixes build on ubuntu 22.04
/home/kraj200/yoe/build/tmp/hosttools/ld: unrecognized option '--undefined-version'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4dc01e0162
---------------------------
systemd-compat-units: generate masks at build time
Originally, this recipe masked the units at rootfs-time by looking to see
if the init script to be masked existed, and masking it if so.
That however suffers from a race condition where the postinst script may
be executed before the package that provides a script has been installed
so this was changed to be an on-target postinst[1], so we know that all
of the packages have been installed.
However, this now means that you can't have an image that install this
package _and_ is read-only, because we have an on-target postinst to
execute.
There's also another problem that with on-target package management, it
would be possible to install a package that should be masked after the
postinst has been executed, so the mask won't exist.
Taking a step back, a systemd unit mask is just a symlink to /dev/null
with the right name in the right path. So instead of masking in a post-
install script, we can generate all the masks at build-time.
This change reduces this package to just a number of symlinks, with no
post-install scripts.
[ YOCTO #16109 ]
[1] oe-core e88f22da19 ("systemd-compat-units: execute postinst on target")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a5fd6d700d
---------------------------
python3: add new files to compression
As of Python 3.14, there is a new top-level compression module that
contains the gzip and tarfile modules from previous versions, along with
a new _common module. However, for compatibility reasons the project is
also leaving a copy of the gzip and tarfile modules in the original
positions (to be handled in a future deprecation cycle).
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9dfe1e7722
---------------------------
python3: add _ast_unparse to core
Without this, we will see import errors for modules that use
annotationlib like so:
|../../python3.14/annotationlib.py:487: in __repr__\n'
| return ast.unparse(self.__ast_node__)\n'
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n'
|../../python3.14/ast.py:622: in unparse\n'
| from _ast_unparse import Unparser as _Unparser\n'
|E ModuleNotFoundError: No module named '_ast_unparse'\n"
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 01982411b5
---------------------------
python3: add _py_warnings, annotationlib to core
Without adding these, there will be numerous packages that will have to
add python3-misc to their RDEPENDS just to dispel some warnings, like:
|root@qemux86-64:~# python3
|Python 3.14.2 (main, Dec 5 2025, 16:49:16) [GCC 15.2.0] on linux
|Type "help", "copyright", "credits" or "license" for more information.
|warning: can't use pyrepl: No module named 'annotationlib'
and errors like:
|>>> import logging
|Traceback (most recent call last):
| File "<stdin-1>", line 1, in <module>
| File "/usr/lib/python3.14/logging/__init__.py", line 26, in <module>
| import sys, os, time, io, re, traceback, warnings, weakref, collections.abc
| File "/usr/lib/python3.14/traceback.py", line 8, in <module>
| import warnings
| File "/usr/lib/python3.14/warnings.py", line 15, in <module>
| from _py_warnings import (
|ModuleNotFoundError: No module named '_py_warnings'
Add them to python3-core rather than requiring another split.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 43fcf226c7
---------------------------
python3: upgrade 3.14.0 -> 3.14.2
Changelog: https://docs.python.org/3/whatsnew/changelog.html#python-3-14-2-final
Builds OK:
|BUILDALL-QEMU LOG FOR python3
|START TIME: 2025-12-12_14:47:51
|HOSTNAME: megalith
|HOST OS: Fedora Linux 43 (Server Edition)
|HOST KERNEL: 6.17.10-300.fc43.x86_64
|===============
|BUILD RESULTS:
|[glibc]
|PASS: qemuarm
|PASS: qemuarm64
|PASS: qemuarmv5
|PASS: qemuloongarch64
|PASS: qemumips
|PASS: qemumips64
|PASS: qemuppc
|PASS: qemuppc64
|PASS: qemuriscv32
|PASS: qemuriscv64
|PASS: qemux86-64
|PASS: qemux86
|[musl]
|PASS: qemuarm
|PASS: qemuarm64
|PASS: qemuarmv5
|FAIL: qemuloongarch64
|PASS: qemumips
|PASS: qemumips64
|PASS: qemuppc
|PASS: qemuppc64
|PASS: qemuriscv32
|PASS: qemuriscv64
|PASS: qemux86-64
|PASS: qemux86
|===============
|PASSED: 23
|FAILED: 1
Reproducibility OK:
|2025-12-12 14:18:33,082 - oe-selftest - INFO - Adding: "include selftest.inc" in /home/tgamblin/workspace/yocto/openembedded-core/build-st/conf/local.conf
|2025-12-12 14:18:33,082 - oe-selftest - INFO - Adding: "include bblayers.inc" in bblayers.conf
|2025-12-12 14:18:33,083 - oe-selftest - INFO - test_reproducible_builds (reproducible.ReproducibleTests.test_reproducible_builds)
|2025-12-12 14:19:11,420 - oe-selftest - INFO - Building reproducibleA (sstate allowed)...
|2025-12-12 14:23:50,788 - oe-selftest - INFO - Building reproducibleB-extended (sstate NOT allowed)...
|2025-12-12 14:45:12,673 - oe-selftest - INFO - Checking deb packages for differences...
|2025-12-12 14:45:13,888 - oe-selftest - INFO - Reproducibility summary for deb: same=2261 different=0 different_excluded=0 missing=0 total=2261
|unused_exclusions=[]
|2025-12-12 14:45:13,888 - oe-selftest - INFO - Checking ipk packages for differences...
|2025-12-12 14:45:15,874 - oe-selftest - INFO - Reproducibility summary for ipk: same=2261 different=0 different_excluded=0 missing=0 total=2261
|unused_exclusions=[]
|2025-12-12 14:45:15,875 - oe-selftest - INFO - Checking rpm packages for differences...
|2025-12-12 14:45:17,945 - oe-selftest - INFO - Reproducibility summary for rpm: same=2261 different=0 different_excluded=0 missing=0 total=2261
|unused_exclusions=[]
|2025-12-12 14:45:17,946 - oe-selftest - INFO - ... ok
|2025-12-12 14:46:22,556 - oe-selftest - INFO - ----------------------------------------------------------------------
|2025-12-12 14:46:22,556 - oe-selftest - INFO - Ran 1 test in 1670.130s
|2025-12-12 14:46:22,556 - oe-selftest - INFO - OK
|2025-12-12 14:46:25,595 - oe-selftest - INFO - RESULTS:
|2025-12-12 14:46:25,595 - oe-selftest - INFO - RESULTS - reproducible.ReproducibleTests.test_reproducible_builds: PASSED (1604.86s)
|2025-12-12 14:46:27,441 - oe-selftest - INFO - SUMMARY:
|2025-12-12 14:46:27,441 - oe-selftest - INFO - oe-selftest () - Ran 1 test in 1670.130s
|2025-12-12 14:46:27,441 - oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=1, skipped=0, failures=0, errors=0)
ptests look OK:
|== Tests result: SUCCESS ==
|
|28 tests skipped:
| test.test_asyncio.test_windows_events
| test.test_asyncio.test_windows_utils test.test_gdb.test_backtrace
| test.test_gdb.test_cfunction test.test_gdb.test_cfunction_full
| test.test_gdb.test_misc test.test_gdb.test_pretty_print
| test_android test_apple test_asdl_parser test_clinic test_devpoll
| test_free_threading test_generated_cases test_idle test_kqueue
| test_launcher test_msvcrt test_startfile test_tcl test_tkinter
| test_ttk test_ttk_textonly test_turtle test_winapi
| test_winconsoleio test_winreg test_wmi
|
|8 tests skipped (resource denied):
| test_curses test_peg_generator test_smtpnet test_socketserver
| test_urllib2net test_urllibnet test_winsound test_zipfile64
|
|455 tests OK.
|
|Total duration: 3 min 45 sec
|Total tests: run=46,462 skipped=2,384
|Total test files: run=483/491 skipped=28 resource_denied=8
|Result: SUCCESS
|DURATION: 225
|END: /usr/lib/python3/ptest
|2025-12-12T19:14
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0df84b2549
---------------------------
python_pep517: add --prefix to nativepython3 call
With Python 3.14, the default assumptions about install path in
python_pep517 no longer seem to apply, and as a result we see QA errors
during Python package builds like:
|ERROR: python3-unittest-automake-output-0.3-r0 do_package: QA Issue: python3-unittest-automake-output: Files/directories were installed but not shipped in any package:
| /home
| /home/tgamblin
| /home/tgamblin/workspace
| /home/tgamblin/workspace/yocto
| /home/tgamblin/workspace/yocto/openembedded-core
| /home/tgamblin/workspace/yocto/openembedded-core/build
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao-0.3.dist-info
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/__init__.py
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/pytest.py
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/unittest
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/__pycache__
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/unittest/__init__.py
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/unittest/__main__.py
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/unittest/__pycache__
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/unittest/__pycache__/__init__.cpython-314.pyc
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/unittest/__pycache__/__main__.cpython-314.pyc
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/__pycache__/__init__.cpython-314.pyc
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao/__pycache__/pytest.cpython-314.pyc
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao-0.3.dist-info/entry_points.txt
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao-0.3.dist-info/WHEEL
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao-0.3.dist-info/METADATA
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao-0.3.dist-info/licenses
| /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/python3-unittest-automake-output/0.3/recipe-sysroot-native/usr/lib/python3.14/site-packages/putao-0.3.dist-info/licenses/LICENSE
|Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
|python3-unittest-automake-output: 34 installed and not shipped files. [installed-vs-shipped]
We need to add the --prefix flag to the nativepython3 call so that it
avoids using the native Python's sysconfig prefix.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bbef3eb5e4
---------------------------
python3targetconfig: export _PYTHON_PROJECT_BASE
See: https://github.com/python/cpython/commit/2950bc50af8f
As of 3.14.0, Python's sysconfig module looks for _PYTHON_PROJECT_BASE
to be set when cross-compiling, or otherwise it'll find and use the
native interpreter's paths when calling get_path() and filling out
_CONFIG_VARS. Set _PYTHON_PROJECT_BASE to "${B}" in
python3targetconfig's setup_target_config() to help avoid issues with
incorrect paths in rpm and other recipes that depend on this class.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 56318067ab
---------------------------
python3: upgrade 3.13.11 -> 3.14.0
Changelog: https://docs.python.org/3.14/whatsnew/changelog.html#python-3-14-0-final
- Recipe changes:
- Remove '0001-Generate-data-for-OpenSSL-3.4-and-add-it-to-multissl.patch'
as this fix was submitted upstream and is included in 3.14.0.
- Modify three existing patches to apply on 3.14.0:
- 0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
- 0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
- 0001-test_active_children-skip-problematic-test.patch
- Add three new ptest skip patches:
- 0001-test_cmd-skip-bang-completion-test.patch - editline issues
with tab completion off of bangs (!).
- 0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch -
change in curses dependency in PyREPL leads to issues with a test
that expects the ICH1 terminal capability.
- 0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch -
OE builds customize prefixes and compiler flags in a way that the
test doesn't expect.
- Add zstd to the DEPENDS since Python3 now provides support for the
Zstandard compression standard.
- In py_package_preprocess(), handle reproducibility issues with the
_sysconfig_vars*.json files that the build generates by stripping
paths from them.
Modify python3-manifest.json to reflect the removal/replacement of
stringold with a new string module directory.
Also update python3-dir Python version to 3.14.
Reproducibility looks OK:
|2025-12-03 17:23:39,179 - oe-selftest - INFO - Reproducibility summary for deb: same=2261 different=0 different_excluded=0 missing=0 total=2261
|unused_exclusions=[]
|2025-12-03 17:23:39,179 - oe-selftest - INFO - Checking ipk packages for differences...
|2025-12-03 17:23:41,631 - oe-selftest - INFO - Reproducibility summary for ipk: same=2261 different=0 different_excluded=0 missing=0 total=2261
|unused_exclusions=[]
|2025-12-03 17:23:41,631 - oe-selftest - INFO - Checking rpm packages for differences...
|2025-12-03 17:23:43,952 - oe-selftest - INFO - Reproducibility summary for rpm: same=2261 different=0 different_excluded=0 missing=0 total=2261
|unused_exclusions=[]
|2025-12-03 17:23:43,952 - oe-selftest - INFO - ... ok
|2025-12-03 17:24:32,829 - oe-selftest - INFO - ----------------------------------------------------------------------
|2025-12-03 17:24:32,830 - oe-selftest - INFO - Ran 1 test in 1616.811s
|2025-12-03 17:24:32,830 - oe-selftest - INFO - OK
|2025-12-03 17:24:36,170 - oe-selftest - INFO - RESULTS:
|2025-12-03 17:24:36,170 - oe-selftest - INFO - RESULTS - reproducible.ReproducibleTests.test_reproducible_builds: PASSED (1567.51s)
|2025-12-03 17:24:38,017 - oe-selftest - INFO - SUMMARY:
|2025-12-03 17:24:38,017 - oe-selftest - INFO - oe-selftest () - Ran 1 test in 1616.811s
|2025-12-03 17:24:38,018 - oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=1, skipped=0, failures=0, errors=0)
ptests look OK (with new skips):
|== Tests result: SUCCESS ==
|
|28 tests skipped:
| test.test_asyncio.test_windows_events
| test.test_asyncio.test_windows_utils test.test_gdb.test_backtrace
| test.test_gdb.test_cfunction test.test_gdb.test_cfunction_full
| test.test_gdb.test_misc test.test_gdb.test_pretty_print
| test_android test_apple test_asdl_parser test_clinic test_devpoll
| test_free_threading test_generated_cases test_idle test_kqueue
| test_launcher test_msvcrt test_startfile test_tcl test_tkinter
| test_ttk test_ttk_textonly test_turtle test_winapi
| test_winconsoleio test_winreg test_wmi
|
|8 tests skipped (resource denied):
| test_curses test_peg_generator test_smtpnet test_socketserver
| test_urllib2net test_urllibnet test_winsound test_zipfile64
|
|455 tests OK.
|
|Total duration: 3 min 5 sec
|Total tests: run=46,110 skipped=2,364
|Total test files: run=483/491 skipped=28 resource_denied=8
|Result: SUCCESS
|DURATION: 186
|END: /usr/lib/python3/ptest
|2025-12-04T00:20
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
buildall-qemu result:
BUILDALL-QEMU LOG FOR python3
START TIME: 2025-12-03_10:08:36
HOSTNAME: megalith
HOST OS: Fedora Linux 43 (Server Edition)
HOST KERNEL: 6.17.8-300.fc43.x86_64
===============
BUILD RESULTS:
[glibc]
PASS: qemuarm
PASS: qemuarm64
PASS: qemuarmv5
PASS: qemuloongarch64
PASS: qemumips
PASS: qemumips64
PASS: qemuppc
PASS: qemuppc64
PASS: qemuriscv32
PASS: qemuriscv64
PASS: qemux86-64
PASS: qemux86
[musl]
PASS: qemuarm
PASS: qemuarm64
PASS: qemuarmv5
FAIL: qemuloongarch64
PASS: qemumips
PASS: qemumips64
PASS: qemuppc
PASS: qemuppc64
PASS: qemuriscv32
PASS: qemuriscv64
PASS: qemux86-64
PASS: qemux86
===============
PASSED: 23
FAILED: 1
License-Update: Update copyright example in body
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bb4e0f4ae3
---------------------------
orc: upgrade 0.4.41 -> 0.4.42
1.Changelog
- Initial 64-bit RISC-V support (Maksymilian Knust, Filip Wasil)
- Add 64-bit LoongArch support (Jin Bo, Hecai Yuan)
- Implement release and reuse of temporary registers for some targets (Jorge Zapata)
- x86: Implement EVEX encoding and an opcode validation system (Jorge Zapata)
- x86: Opcode refactor, improved constant handling and various other fixes (Jorge Zapata)
- x86: add missing rounding operands for AVX and SSE (L. E. Segovia)
- x86: Implement 64-bit single move constant load (L. E. Segovia)
- includes: stop exporting the private compiler and OrcTarget definitions (Jorge Zapata)
- Use hotdoc instead of gtk-doc to generate the documentation (Jorge Zapata)
- ORC_DEBUG_FATAL environment variable allows abort on log messages of a certain level (Carlos Falgueras García)
- Error message improvements and NEON backend clean-ups (Alexander Slobodeniuk)
- Fix a few valgrind issues (Doug Nazar)
- Build: enable tools such as orcc and orc-bugreport by default (Nirbheek Chauhan)
- Various build fixes (L. E. Segovia, Sebastian Dröge)
2.Documentation are no longer built with gtk_doc, it was replaced by hotdoc.
https://gitlab.freedesktop.org/gstreamer/orc/-/commit/0ad1f5884c654b614cf1ddd114a7ec9140311a3a
This means documentation will no longer be built in the recipe or packaged in
the output packages.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 80d567b560
---------------------------
webkitgtk: upgrade 2.50.0 -> 2.50.4
Refresh patches
- 0001-CMake-Add-a-variable-to-control-macro-__PAS_ALWAYS_I.patch
- 0001-FindGObjectIntrospection.cmake-prefix-variables-obta.patch
- 0001-Fix-build-errors-on-RISCV-https-bugs.webkit.org-show.patch
- fix-ftbfs-riscv64.patch
- reproducibility.patch
- sys_futex.patch
- t6-not-declared.patch
Drop backport fix-musl-compilation.patch which already exists
in 2.50.4
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
- Fix compile failure on qemux86 [1] to
drop fix_op_instanceof_handler_for_32-bit_C-loop_build.patch,
which conflicts with upstream solution [2]
- Fix compile failure on qemuriscv64
...
Source/ThirdParty/skia/modules/skcms/src/Transform_inl.h:810:71: error: cannot tail-call: tail call production failed
810 | DECLARE_STAGE(name, arg, [[clang::musttail]] return (*list.fn)(list, ctx, src, dst, \
| ~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~
811 | r, g, b, a, i))
| ~~~~~~~~~~~~~~
...
[1] https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/2907
[2] https://github.com/WebKit/WebKit/commit/fcaa289f6015595a638eb96b9f728eaaa7b13ab8
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9dd521737c
---------------------------
libcap-ng: upgrade 0.8.5 -> 0.9
1. Changelog
https://github.com/stevegrubb/libcap-ng/releases/tag/v0.9
2. Drop file://0001-Fix-python-path-when-invoking-py-compile-54.patch as it was merged upstream.
3. Add pkgconfig to solve following configure error:
../sources/libcap-ng-0.9/configure: line 14862: syntax error near unexpected token `LIBBPF,libbpf,'
../sources/libcap-ng-0.9/configure: line 14862: `PKG_CHECK_MODULES(LIBBPF,libbpf,'
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 719713495e
---------------------------
seatd: upgrade 0.9.1 -> 0.9.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a04e457111
---------------------------
repo: upgrade 2.60.1 -> 2.61
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7216e43410
---------------------------
python3-websockets: upgrade 15.0.1 -> 16.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 70824a1757
---------------------------
python3-urllib3: upgrade 2.6.2 -> 2.6.3
Changelog:
==========
- Fixed a high-severity security issue where decompression-bomb safeguards of
the streaming API were bypassed when HTTP redirects were followed.
- Started treating Retry-After times greater than 6 hours as 6 hours by
default.
- Fixed urllib3.connection.VerifiedHTTPSConnection on Emscripten.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 794c97ac16
---------------------------
python3-pdm: upgrade 2.26.2 -> 2.26.4
Changelog:
===========
- Make sure cursor closing for fixing PyPy different gc mode also add PyPy in CI.
- Fix a bug that old HTTP cache directories cause PDM to crash when trying to clear them.
- Port to hishel 1.0.0.
- Update .gitignore file in the default template.
- Correct the sysconfig variables for Python standalone build installations.
- Ignore packages.vcs.requested-revision if it's None when formatting pylock.toml.
- Fix test failures with uv test cases using non-venv Python interpreters.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8f40d6de4f
---------------------------
python3-pathspec: upgrade 0.12.1 -> 1.0.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5abcf2f258
---------------------------
python3-jsonschema: upgrade 4.25.1 -> 4.26.0
Changelog:
Decrease import time by delaying importing of urllib.request
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6b4748800c
---------------------------
python3-build: upgrade 1.3.0 -> 1.4.0
Changelog:
===========
- Add --quiet flag
- Add option to dump PEP 517 metadata with --metadata
- Support UV environment variable
- Remove a workaround for 3.14b1
- In 3.14 final release, color defaults to True already
- Pass sp-repo-review
- In pytest configuration, log_level is better than log_cli_level
- Split up typing and mypy
- Use types-colorama
- In docs, first argument for _has_dependency is a name
- Fix test failure when flit-core is installed
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 03b4b9a729
---------------------------
libtasn1: upgrade 4.20.0 -> 4.21.0
Changelog:
=============
- Undocumented asn1Decoding --debug flag removed
- Code coverage for src/ went from 35% to 82%
- Fix of ASN.1 typo in manual
- NEWS renamed to NEWS.md and uses markdown syntax.
- Update gnulib files and various build/maintenance fixes.
- Fix for vulnerability CVE-2025-13151 Stack-based buffer overflow
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d24cb054b1
---------------------------
libnotify: upgrade 0.8.7 -> 0.8.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 32c566a7fa
---------------------------
ifupdown: upgrade 0.8.44 -> 0.8.45
License-Update: Fix 'old-fsf-address-in-copyright-file' lintian warning
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2b3d184990
---------------------------
hwdata: upgrade 0.402 -> 0.403
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5e0cba155e
---------------------------
alsa-utils: upgrade 1.2.15.1 -> 1.2.15.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fbc408fa26
---------------------------
alsa-ucm-conf: upgrade 1.2.15.1 -> 1.2.15.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ee269c3a23
---------------------------
alsa-lib: upgrade 1.2.15.1 -> 1.2.15.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 5a36c58f73
---------------------------
linux-yocto/6.18: arm: fix defconfig configuration audit warning
Integrating the following commit(s) to linux-yocto/6.18:
1/1 [
Author: Mikko Rapeli
Email: mikko.rapeli@linaro.org
Subject: arm64: defconfig: remove SLIM_QCOM_CTRL
Date: Tue, 23 Dec 2025 16:06:45 +0200
It has been removed by commit
7cbba32a2d62 ("slimbus: qcom: remove unused qcom controller driver")
Fixes: 7cbba32a2d62 ("slimbus: qcom: remove unused qcom controller driver")
Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 621db0e343
---------------------------
linux-yocto/6.12: update CVE exclusions (6.12.64)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 21 changes (3 new | 18 updated): - 3 new CVEs: CVE-2026-22200, CVE-2026-22784, CVE-2026-22785 - 18 updated CVEs: CVE-2025-12379, CVE-2025-13393, CVE-2025-63314, CVE-2025-66689, CVE-2025-68276, CVE-2025-68468, CVE-2025-68471, CVE-2025-68472, CVE-2025-68622, CVE-2025-68656, CVE-2025-68657, CVE-2025-69169, CVE-2025-8110, CVE-2026-0674, CVE-2026-0676, CVE-2026-0822, CVE-2026-21858, CVE-2026-22251
Date: Mon, 12 Jan 2026 18:46:34 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: dbba15426a
---------------------------
linux-yocto/6.12: update to v6.12.64
Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:
1a4a7249e794 Linux 6.12.64
c8cdc025a6d2 block: fix NULL pointer dereference in blk_zone_reset_all_bio_endio()
51297686e00f iomap: allocate s_dio_done_wq for async reads as well
b1671989173d mm/damon/tests/vaddr-kunit: handle alloc failures on damon_do_test_apply_three_regions()
7ca5ed830df4 mm/damon/tests/core-kunit: handle alloc failres in damon_test_new_filter()
d13c133704a6 mm/damon/tests/core-kunit: handle alloc failures on damon_test_split_regions_of()
ce19b1716361 vfio/pci: Disable qword access to the PCI ROM bar
527a73d111a6 media: amphion: Remove vpu_vb_is_codecconfig
915775d03710 media: amphion: Make some vpu_v4l2 functions static
ce6f2d63edcd media: amphion: Add a frame flush mode for decoder
b92c19675f63 media: mediatek: vcodec: Use spinlock for context list protection lock
a219c54a15c4 powerpc/pseries/cmm: adjust BALLOON_MIGRATE when migrating pages
1d71d509b413 mm/balloon_compaction: convert balloon_page_delete() to balloon_page_finalize()
451b0ed48e1f mm/balloon_compaction: we cannot have isolated pages in the balloon list
38aa6ca6285f PCI: brcmstb: Fix disabling L0s capability
b4e2b74f6978 PCI: brcmstb: Set MLW based on "num-lanes" DT property if present
8d185636a629 PCI: brcmstb: Reuse pcie_cfg_data structure
ebdbe19336f2 ASoC: renesas: rz-ssi: Fix rz_ssi_priv::hw_params_cache::sample_width
985131a81ef6 ASoC: qcom: sdw: fix memory leak for sdw_stream_runtime
28b2ec0662a8 soundwire: stream: extend sdw_alloc_stream() to take 'type' parameter
2cd2003f7b36 block: handle zone management operations completions
1fe39f503041 ASoC: renesas: rz-ssi: Fix channel swap issue in full duplex mode
f5b7f49bd237 gve: defer interrupt enabling until NAPI registration
d579cc549298 hrtimers: Make hrtimer_update_function() less expensive
6b60113d7702 idpf: remove obsolete stashing code
a7a7bff258e1 idpf: stop Tx if there are insufficient buffer resources
e3e11c9db165 idpf: replace flow scheduling buffer ring with buffer pool
702c417b5719 idpf: simplify and fix splitq Tx packet rollback error path
2d799d58d402 idpf: improve when to set RE bit logic
e8f9e3ec17a2 idpf: add support for Tx refillqs in flow scheduling mode
b82cc442aa53 idpf: trigger SW interrupt when exiting wb_on_itr mode
f2a43c70e517 idpf: add support for SW triggered interrupts
d7d4c3884c99 wifi: mt76: mt7925: add handler to hif suspend/resume event
cce9746046c9 wifi: mt76: mt7925: fix CLC command timeout when suspend/resume
08c5a901fdf0 wifi: mt76: mt7925: fix the unfinished command of regd_notifier before suspend
620f9d7bcf77 media: i2c: imx219: Fix 1920x1080 mode to use 1:1 pixel aspect ratio
adcef72bc9bc x86/microcode/AMD: Select which microcode patch to load
6be62c78aed5 tty: fix tty_port_tty_*hangup() kernel-doc
70390c48d6eb serial: core: Fix serial device initialization
d1944bab8e0c usbnet: Fix using smp_processor_id() in preemptible code warnings
5d1be493d111 net: use dst_dev_rcu() in sk_setup_caps()
8e8d6bf68633 ipv6: adopt dst_dev() helper
1e28e7701b10 net: ipv6: ioam6: use consistent dst names
8355eea2a2e9 drm/panthor: Flush shmem writes before mapping buffers CPU-uncached
31ff67982c5f md/raid10: wait barrier before returning discard request with REQ_NOWAIT
4ab2cd906e4e netfilter: nft_ct: add seqadj extension for natted connections
f21e4cc4a6ba gpiolib: acpi: Add quirk for Dell Precision 7780
8b822b35ac6e gpiolib: acpi: Add quirk for ASUS ProArt PX13
c1af28f23ab2 gpiolib: acpi: Add a quirk for Acer Nitro V15
b2023685b2de gpiolib: acpi: Move quirks to a separate file
134d014bc64f gpiolib: acpi: Add acpi_gpio_need_run_edge_events_on_boot() getter
7d76825dcd8a gpiolib: acpi: Handle deferred list via new API
c53dffad8607 gpiolib: acpi: Switch to use enum in acpi_gpio_in_ignore_list()
d01cdf642524 f2fs: fix to propagate error from f2fs_enable_checkpoint()
341f6a26bfa9 f2fs: dump more information for f2fs_{enable,disable}_checkpoint()
621dc9eb90a5 f2fs: add timeout in f2fs_enable_checkpoint()
cccd92ec7e34 f2fs: clear SBI_POR_DOING before initing inmem curseg
fdca9bfd6206 serial: xilinx_uartps: fix rs485 delay_rts_after_send
589ec2d37e38 serial: xilinx_uartps: Use helper function hrtimer_update_function()
12493e7e888d hrtimers: Introduce hrtimer_update_function()
f548c5ebe656 drm/displayid: add quirk to ignore DisplayID checksum errors
d4dd6694d102 sched_ext: Fix missing post-enqueue handling in move_local_task_to_local_dsq()
44273abc2fea sched_ext: Factor out local_dsq_post_enq() from dispatch_enqueue()
a3b7eb67225c tpm2-sessions: Fix tpm2_read_public range checks
aa85f48dfc55 block: freeze queue when updating zone resources
65484682b1b0 ARM: dts: microchip: sama7g5: fix uart fifo size to 32
5f140b525180 svcrdma: bound check rq_pages index in inline path
6673d1d818f0 mm/ksm: fix exec/fork inheritance support for prctl
984dc07404e2 mptcp: pm: ignore unknown endpoint flags
2494b4d8a1ba serial: core: Restore sysfs fwnode information
1060180f3619 serial: core: fix OF node leak
0bf1a02494c7 f2fs: fix to avoid updating compression context during writeback
5796c5382101 f2fs: drop inode from the donation list when the last file is closed
1eb0b130196b f2fs: use global inline_xattr_slab instead of per-sb slab cache
baf1a27e5664 f2fs: fix to detect recoverable inode during dryrun of find_fsync_dnodes()
e750e2f2a2dd xhci: dbgtty: fix device unregister: fixup
2299e3ba1247 tty: introduce and use tty_port_tty_vhangup() helper
686e3762980f jbd2: fix the inconsistency between checksum and data in memory for journal sb
e61f636cc310 sched_ext: Fix incorrect sched_class settings for per-cpu migration tasks
5b9cc2bbde85 erofs: fix unexpected EIO under memory pressure
bddd95054e33 sched/eevdf: Fix min_vruntime vs avg_vruntime
c8d4f4c2528b btrfs: don't rewrite ret from inode_permission
a94048d99318 gfs2: fix freeze error handling
7578200fa923 lib/crypto: riscv/chacha: Avoid s0/fp register
8a8c1e06c838 drm/imagination: Disallow exporting of PM/FW protected objects
64e39e3806bf drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb
24d55ac8e31d drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer
471baae774a3 drm/msm/dpu: Add missing NULL pointer check for pingpong interface
700cd81dc5af drm/xe: Drop preempt-fences when destroying imported dma-bufs.
dd3278ebfc04 drm/xe: Use usleep_range for accurate long-running workload timeslicing
d420cea5199a drm/xe: Adjust long-running workload timeslices to reasonable values
641797734d07 drm/xe/oa: Disallow 0 OA property values
4f26159adc9c drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table
106af2a55b85 drm/mgag200: Fix big-endian support
5a81095d3e1b drm/ttm: Avoid NULL pointer deref for evicted BOs
a742fa0aa216 drm/i915: Fix format string truncation warning
f9465376fe19 drm/amdkfd: Trap handler support for expert scheduling mode
b5971d0cc503 drm/amdkfd: bump minimum vgpr size for gfx1151
df130b75e955 drm/amdkfd: Export the cwsr_size and ctl_stack_size to userspace
3eb34432ea94 drm/mediatek: Fix probe device leaks
49ec28aaa334 drm/mediatek: Fix probe memory leak
bd5ce36c4181 drm/mediatek: Fix probe resource leaks
27e44ca6465e drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse()
c6d30b65b7a4 drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl()
5c831abdf742 drm/edid: add DRM_EDID_IDENT_INIT() to initialize struct drm_edid_ident
0a82fb3f5827 drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg()
6417428ce5da drm/buddy: Separate clear and dirty free block trees
1b339b19eec2 drm/buddy: Optimize free block management with RB tree
e317afd8db9e drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers
5fc5506edfe0 drm/amdgpu/gmc11: add amdgpu_vm_handle_fault() handling
2ba843759a3a drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma
c0cd4bfb729b drm/amdgpu/gmc12: add amdgpu_vm_handle_fault() handling
f9a4ec64a626 Revert "drm/amd: Skip power ungate during suspend for VPE"
f5c055c28415 net: macb: Relocate mog_init_rings() callback from macb_mac_link_up() to macb_open()
8fc4632fb508 net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write
96634d108a17 net: usb: sr9700: fix incorrect command used to write single register
cb0255265fa0 nfsd: Drop the client reference in client_states_open()
0d666db731e9 LoongArch: BPF: Sign extend kfunc call arguments
fcaafcc27ba5 LoongArch: BPF: Zero-extend bpf_tail_call() index
bb92a3af3ce5 LoongArch: Refactor register restoration in ftrace_common_return
73feae0c71bd fjes: Add missing iounmap in fjes_hw_init()
26c8bebc2f25 e1000: fix OOB in e1000_tbi_should_accept()
5cb34bb5fd72 RDMA/cm: Fix leaking the multicast GID table reference
acadd4097d25 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly
c9d0f5a18bd7 samples/ftrace: Adjust LoongArch register restore order in direct calls
2197c4c6bda5 tools/mm/page_owner_sort: fix timestamp comparison for stable sorting
802934da00a8 x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo
7fbea59f737e mm/page_owner: fix memory leak in page_owner_stack_fops->release()
36cdde5c28c9 idr: fix idr_alloc() returning an ID out of range
181bb6766762 lockd: fix vfs_test_lock() calls
365178de51ac kasan: unpoison vms[area] addresses with a common tag
c00ca876e073 kasan: refactor pcpu kasan vmalloc unpoison
69676792c23f mm/kasan: fix incorrect unpoisoning in vrealloc for KASAN
3d2c0eb67819 compiler_types.h: add "auto" as a macro for "__auto_type"
a4a4599b9164 pmdomain: imx: Fix reference count leak in imx_gpc_probe()
365cd49669a6 mm/damon/tests/core-kunit: handle alloc failure on damon_test_set_attrs()
ffec0aa4750f mm/damon/tests/core-kunit: handle alloc failures in damon_test_ops_registration()
e74033baf900 mm/damon/tests/core-kunit: handle alloc failures in damon_test_update_monitoring_result()
b4993197d6cb mm/damon/tests/core-kunit: handle alloc failures in damon_test_set_regions()
360077a2aa33 mm/damon/tests/core-kunit: handle alloc failures on damon_test_merge_two()
62d66eb0ce63 mm/damon/tests/core-kunit: handle alloc failures on dasmon_test_merge_regions_of()
4ec993020fb5 mm/damon/tests/core-kunit: handle memory alloc failure from damon_test_aggregate()
9d6f085d5ec1 mm/damon/tests/core-kunit: handle memory failure from damon_test_target()
19b20ac8b4c5 mm/damon/tests/core-kunit: handle allocation failures in damon_test_regions()
24d20b65e36f mm/damon/tests/core-kunit: handle alloc failures on damon_test_split_at()
de18eec7420f mm/damon/tests/vaddr-kunit: handle alloc failures on damon_test_split_evenly_succ()
5574c977b5cb mm/damon/tests/vaddr-kunit: handle alloc failures in damon_test_split_evenly_fail()
8a2944f5a54f mm/damon/tests/sysfs-kunit: handle alloc failures on damon_sysfs_test_add_targets()
f4d24ea32f49 LoongArch: Use unsigned long for _end and _text
6d5ec5a2b2b9 LoongArch: Use __pmd()/__pte() for swap entry conversions
caffc71aad48 LoongArch: Fix build errors for CONFIG_RANDSTRUCT
c26d621b3ebb LoongArch: Correct the calculation logic of thread_count
553e8f9e1845 LoongArch: Add new PCI ID for pci_fixup_vgadev()
1dcb2f27efb2 media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init()
59f8c23f2bc2 media: i2c: adv7842: Remove redundant cancel_delayed_work in probe
4f58e5cddcb5 media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe
b7ef6b263cf9 media: amphion: Cancel message work before releasing the VPU core
6d0e77882c4c media: vpif_display: fix section mismatch
51fe47b112d2 media: vpif_capture: fix section mismatch
29aaec521e54 media: videobuf2: Fix device reference leak in vb2_dc_alloc error path
3d0ec859e009 media: verisilicon: Protect G2 HEVC decoder against invalid DPB index
3680da86c180 media: TDA1997x: Remove redundant cancel_delayed_work in probe
d2f8e900e676 media: samsung: exynos4-is: fix potential ABBA deadlock on init
2844c564a065 media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled
db4d27e6bbbf media: platform: mtk-mdp3: fix device leaks at probe
634a5a133ac2 media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread()
44aedcb25125 media: cec: Fix debugfs leak on bus_register() failure
a135dfe84a58 fbdev: tcx.c fix mem_map to correct smem_start offset
b58f85225be0 fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing
77c8170a62f8 fbdev: gbefb: fix to use physical address instead of dma address
1e1104eb8aa2 dm-bufio: align write boundary on physical block size
857876418308 dm-ebs: Mark full buffer dirty even on partial write
e914da9be061 firmware: stratix10-svc: Add mutex in stratix10 memory management
60dde0960e3e media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()
bfa153eae8da powerpc/pseries/cmm: call balloon_devinfo_init() also without CONFIG_BALLOON_COMPACTION
92686ff2e857 perf/x86/amd/uncore: Fix the return value of amd_uncore_df_event_init() on error
2aa65e353fb5 parisc: entry: set W bit for !compat tasks in syscall_restore_rfi()
5e38e72dbcdc parisc: entry.S: fix space adjustment on interruption for 64-bit userspace
dced78b91861 mtd: spi-nor: winbond: Add support for W25H02NWxxAM chips
bce08eb15115 mtd: spi-nor: winbond: Add support for W25H01NWxxAM chips
ea3ccb6ed0e8 mtd: spi-nor: winbond: Add support for W25H512NWxxAM chips
528bad89e963 mtd: spi-nor: winbond: Add support for W25Q02NWxxIM chips
dc99e18fe52f mtd: spi-nor: winbond: Add support for W25Q01NWxxIM chips
80c502df26c4 mtd: spi-nor: winbond: Add support for W25Q01NWxxIQ chips
846ceb1a9446 mtd: mtdpart: ignore error -ENOENT from parsers on subpartitions
add7da91ccf4 media: verisilicon: Fix CPU stalls on G2 bus error
db7ab3323846 media: rc: st_rc: Fix reset control resource leak
8dda29c9950b mfd: max77620: Fix potential IRQ chip conflict when probing two devices
9b9e152a87ca mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup
eb1f3a6ab3ef clk: samsung: exynos-clkout: Assign .num before accessing .hws
777a1ddeb915 block: Clear BLK_ZONE_WPLUG_PLUGGED when aborting plugged BIOs
407f9bd00585 leds: leds-lp50xx: Enable chip before any communication
5c02ebdf24ee leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs
5b0ceb3ee343 leds: leds-lp50xx: Allow LED 0 to be added to module bank
ffdec4686eae leds: leds-cros_ec: Skip LEDs without color components
895123c309a3 powerpc/64s/slb: Fix SLB multihit issue during SLB preload
acba48ba51bc powerpc, mm: Fix mprotect on book3s 32-bit
3968852076ed arm64: dts: ti: k3-j721e-sk: Fix pinmux for pin Y1 used by power regulator
40fa3b520171 PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths
47d1f7e78592 fgraph: Check ftrace_pids_enabled on registration for early filtering
cad08168f139 fgraph: Initialize ftrace_ops->private for function graph ops
f1d629bda89d HID: logitech-dj: Remove duplicate error logging
c2c3f1a3fd74 iommu: disable SVA when CONFIG_X86 is set
9f620cf7496f iommu/tegra: fix device leak on probe_device()
2deb48f25b91 iommu/sun50i: fix device leak on of_xlate()
5b696fd46ffe iommu/qcom: fix device leak on of_xlate()
f1a8835964f4 iommu/omap: fix device leaks on probe_device()
df5b0080583e iommu/mediatek: fix device leak on of_xlate()
9d90e4e8986b iommu/mediatek-v1: fix device leaks on probe()
11cd45ac86fb iommu/mediatek-v1: fix device leak on probe_device()
4287295758f4 iommu/ipmmu-vmsa: fix device leak on of_xlate()
480f40ba50f1 iommu/exynos: fix device leak on of_xlate()
c2e050e7872c iommu/apple-dart: fix device leak on of_xlate()
1970ddf9f70d iommu/amd: Propagate the error code returned by __modify_irte_ga() in modify_irte_ga()
168d50e1d82b iommu/amd: Fix pci_segment memleak in alloc_pci_segment()
cfcd57cc9e5c ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment.
0eb81013e47d ASoC: qcom: q6adm: the the copp device only during last instance
cc1a9a33a90b ASoC: qcom: q6asm-dai: perform correct state check before closing
488643e5605d ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr
60ffd2bc1997 ASoC: codecs: lpass-tx-macro: fix SM6115 support
bae74771fc5d ASoC: stm32: sai: fix OF node leak on probe
27cae2a7fe06 ASoC: stm32: sai: fix clk prepare imbalance on probe failure
c908cde32dc2 ASoC: stm32: sai: fix device leak on probe
c69790a51b52 ASoC: codecs: wcd939x: fix regmap leak on probe failure
b56476d8e9d1 ntfs: Do not overwrite uptodate pages
b6f446e12e69 selftests/ftrace: traceonoff_triggers: strip off names
9eb1ee1f2acb blk-mq: skip CPU offline notify on unmapped hctx
29abf51fdf77 RDMA/bnxt_re: fix dma_free_coherent() pointer
ff552378e80d RDMA/rtrs: Fix clt_path::max_pages_per_mr calculation
676907004256 ksmbd: Fix memory leak in get_file_all_info()
20597b7229ae md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()
d9118a67547f md: Fix static checker warning in analyze_sbs
8f2f65ee99f7 RDMA/bnxt_re: Fix to use correct page size for PDE table
e7f29946157a RDMA/bnxt_re: Fix IB_SEND_IP_CSUM handling in post_send
20436f2742a9 RDMA/core: always drop device refcount in ib_del_sub_device_and_put()
116a7a351dce RDMA/bnxt_re: Fix incorrect BAR check in bnxt_qplib_map_creq_db()
33834f51220e RDMA/core: Fix logic error in ib_get_gids_from_rdma_hdr()
580edee9f39d RDMA/efa: Remove possible negative shift
bf197c7c79ef RDMA/irdma: avoid invalid read in irdma_net_event
1dc33ad08673 ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
b409ba9e1e63 net: rose: fix invalid array index in rose_kill_by_device()
ee4183501ea5 ipv4: Fix reference count leak when using error routes with nexthop objects
bf3709738d8a ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
45ee0462b883 net: stmmac: fix the crash issue for zero copy XDP_TX action
aa743b0d9844 octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"
db4c26adf711 platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
a09b30ddd4ae vfio/pds: Fix memory leak in pds_vfio_dirty_enable()
18b6574d4c64 net: bridge: Describe @tunnel_hash member in net_bridge_vlan_group struct
98a12c2547a4 net: usb: asix: validate PHY address before use
2c39c0b6de01 kbuild: fix compilation of dtb specified on command-line without make rule
b37927e834bb net: dsa: b53: skip multicast entries for fdb_dump()
5934f280ac57 firewire: nosy: Fix dma_free_coherent() size
00fe09364caf genalloc.h: fix htmldocs warning
36561b86cb25 smc91x: fix broken irq-context in PREEMPT_RT
68f66d67d8d5 selftests: net: fix "buffer overflow detected" for tap.c
6492ad6439ff net: usb: rtl8150: fix memory leak on usb_submit_urb() failure
9842946cdab6 amd-xgbe: reset retries and mode on RX adapt failures
8f25951a891f net: dsa: fix missing put_device() in dsa_tree_find_first_conduit()
107d245f84cb team: fix check for port enabled in team_queue_override_port_prio_changed()
d95544ee2bd6 platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic
b1718c819ffa platform/x86: msi-laptop: add missing sysfs_remove_group()
70984f8717ef platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names
5fe210533e34 ip6_gre: make ip6gre_header() robust
5116f61ab118 net: openvswitch: Avoid needlessly taking the RTNL on vport destroy
72bc82bd1cdb net: mdio: aspeed: add dummy read to avoid read-after-write issue
1e54c19eaf84 Bluetooth: btusb: revert use of devm_kzalloc in btusb
ccbb96434d88 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt
655fdbcbbf00 idpf: reduce mbx_task schedule delay to 300us
f36de3045d00 iavf: fix off-by-one issues in iavf_config_rss_reg()
550664e83989 i40e: validate ring_len parameter against hardware-specific values
9fe48a3c9ddd i40e: fix scheduling in set_rx_mode
d12d193fe1e4 wifi: mac80211: do not use old MBSSID elements
0c67efb56d04 wifi: cfg80211: sme: store capped length in __cfg80211_connect_result()
9765d6eb8298 wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()
1f8ae2e99a9d wifi: rtw88: limit indirect IO under powered off for RTL8822CS
fbba8b00bbe4 fuse: fix readahead reclaim deadlock
1ef70a0b104a iommu/mediatek: fix use-after-free on probe deferral
34cd26b1d86d x86/msi: Make irq_retrigger() functional for posted MSI
94f03afbb771 ARM: dts: microchip: sama5d2: fix spi flexcom fifo size to 32
96221a072d5d hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU
a9fb6e8835a2 hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
5596f3eb41b4 hwmon: (max6697) fix regmap leak on probe failure
2aa6eb6666af hwmon: (max16065) Use local variable to avoid TOCTOU
a5f4cfd2f2df interconnect: qcom: sdx75: Drop QPIC interconnect and BCM nodes
36f3cc056dd8 i2c: amd-mp2: fix reference leak in MP2 PCI device
85d7acd41381 platform/x86: intel: chtwc_int33fe: don't dereference swnode args
fcab5c2672f8 rpmsg: glink: fix rpmsg device leak
5c8f2499c5e1 soc: amlogic: canvas: fix device leak on lookup
eb0df8cf030e soc: apple: mailbox: fix device leak on lookup
90e176b3e791 soc: qcom: ocmem: fix device leak on lookup
b38487a29e12 soc: qcom: pbs: fix device leak on lookup
caf1e989f56e soc: samsung: exynos-pmu: fix device leak on regmap lookup
8b497efd6bf2 tracing: Fix fixed array of synthetic event
f65555032246 virtio: vdpa: Fix reference count leak in octep_sriov_enable()
24a58ffc444c amba: tegra-ahb: Fix device leak on SMMU enable
f0cab88ff870 crypto: caam - Add check for kcalloc() in test_len()
5a4b65523608 crypto: af_alg - zero initialize memory allocated via sock_kmalloc
4398797b3aa1 dt-bindings: PCI: qcom,pcie-sm8550: Add missing required power-domains and resets
2c29bc88f221 dt-bindings: PCI: qcom,pcie-sm8450: Add missing required power-domains and resets
e48e50bec7b6 dt-bindings: PCI: qcom,pcie-sm8350: Add missing required power-domains and resets
bf6738307d15 dt-bindings: PCI: qcom,pcie-sm8250: Add missing required power-domains and resets
c83b7222e193 dt-bindings: PCI: qcom,pcie-sm8150: Add missing required power-domains and resets
51e075834cc4 dt-bindings: PCI: qcom,pcie-sc8280xp: Add missing required power-domains and resets
3e911a40ac5d dt-bindings: PCI: qcom,pcie-sc7280: Add missing required power-domains and resets
b71781f41cff arm64: Revamp HCR_EL2.E2H RES1 detection
84e5006115cb KVM: arm64: Initialize SCTLR_EL1 in __kvm_hyp_init_cpu()
cdd6fb56e93f KVM: arm64: Initialize HCR_EL2.E2H early
debfbc047196 sched/rt: Fix race in push_rt_task
9433ba79c2ec hsr: hold rcu and dev lock for hsr_get_port_ndev
f8bb150f228f pinctrl: renesas: rzg2l: Fix ISEL restore on resume
3139828f6b75 ALSA: wavefront: Clear substream pointers on close
04520b4422fd ALSA: wavefront: Use guard() for spin locks
e6ba921b1779 ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi()
05a609c1e5ed drm/displayid: pass iter to drm_find_displayid_extension()
0f38ce08dde9 drm/amd/display: Fix scratch registers offsets for DCN351
29ff286cd520 drm/amd/display: Fix scratch registers offsets for DCN35
9e7d3b8542d1 drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state()
90706235f14d Revert "drm/amd/display: Fix pbn to kbps Conversion"
4ce784e8d223 io_uring: fix min_wait wakeups for SQPOLL
c1669c03bfbc io_uring/poll: correctly handle io_poll_add() return value on update
a39b53ee7fa5 gpio: regmap: Fix memleak in error path in gpio_regmap_register()
b56975f46341 s390/ipl: Clear SBP flag when bootprog is set
d478f50727c3 btrfs: don't log conflicting inode if it's a dir moved in the current transaction
f0c0a681ffb7 powerpc/kexec: Enable SMT before waking offline CPUs
a2c6f25ab98b SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf
e8623e9c451e svcrdma: use rc_pageoff for memcpy byte offset
adef4a2ff334 svcrdma: return 0 on success from svc_rdma_copy_inline_range
0dacf9ce7954 nfsd: Mark variable __maybe_unused to avoid W=1 build break
bf4e671c6515 NFSD: NFSv4 file creation neglects setting ACL
fcb8d118e149 NFSD: Clear SECLABEL in the suppattr_exclcreat bitmap
7b82a1d6ae86 net/handshake: restore destructor on submit failure
82f7416bcbd9 fsnotify: do not generate ACCESS/MODIFY events on child for special files
0b7cc0a99035 net: phy: marvell-88q2xxx: Fix clamped value in mv88q2xxx_hwmon_write
d60624e909f2 r8169: fix RTL8117 Wake-on-Lan in DASH mode
46cd9c3b67a1 PM: runtime: Do not clear needs_force_resume with enabled runtime PM
3437c775bf20 tracing: Do not register unsupported perf events
1e2d3aa19c79 xfs: fix a UAF problem in xattr repair
561e0756f1bf xfs: fix stupid compiler warning
3a07cb7636cd xfs: fix a memory leak in xfs_buf_item_init()
35ddb0b62400 KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested VM-Exits
de39f5a4be13 KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN)
3eaa520d282b KVM: nVMX: Immediately refresh APICv controls as needed on nested VM-Exit
4dac2f321e05 KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN
5d018c1eac35 KVM: nSVM: Propagate SVM_EXIT_CR0_SEL_WRITE correctly for LMSW emulation
70487dfde0cc KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN
254d7963badd KVM: nSVM: Avoid incorrect injection of SVM_EXIT_CR0_SEL_WRITE
e746e5194705 KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer
5707aaba681d KVM: x86: Explicitly set new periodic hrtimer expiration in apic_timer_fn()
90d3e9c62a45 KVM: x86: WARN if hrtimer callback for periodic APIC timer fires with period=0
359188420175 powerpc: Add reloc_offset() to font bitmap pointer used for bootx_printf()
5d0d8c292531 libceph: make decode_pool() more resilient against corrupted osdmaps
60560d13ff36 parisc: Do not reprogram affinitiy on ASP chip
9ef28943471a scs: fix a wrong parameter in __scs_magic
4701493ba376 platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver
244e4e60e375 KVM: x86: Don't clear async #PF queue when CR0.PG is disabled (e.g. on #SMI)
e24aedae7165 ocfs2: fix kernel BUG in ocfs2_find_victim_chain
a69c7fd603bf media: vidtv: initialize local pointers upon transfer of memory ownership
89dbbe6ff323 KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot
030b9cdcb542 tools/testing/nvdimm: Use per-DIMM device handle
473550e71565 f2fs: fix return value of f2fs_recover_fsync_data()
baf461563a8d f2fs: fix uninitialized one_time_gc in victim_sel_policy
19d7ac99e101 f2fs: fix age extent cache insertion skip on counter overflow
c89845fae250 f2fs: invalidate dentry cache on failed whiteout creation
4f244c64efe6 f2fs: fix to avoid updating zero-sized extent in extent cache
6c3bab5c6261 f2fs: fix to avoid potential deadlock
3b15d5f12935 f2fs: ensure node page reads complete before f2fs_put_super() finishes
0229d07a7220 scsi: ufs: core: Add ufshcd_update_evt_hist() for UFS suspend error
7ae98a3cf428 scsi: mpi3mr: Read missing IOCFacts flag for reply queue full overflow
0d36db68fdb8 scsi: target: Reset t_task_cdb pointer in error case
d0835714042d NFSD: use correct reservation type in nfsd4_scsi_fence_client
a41dc180b6e1 scsi: aic94xx: fix use-after-free in device removal path
b10ebbfd59a5 scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
2abf4525593b cpufreq: nforce2: fix reference count leak in nforce2
6e606c2673e9 cpuidle: governors: teo: Drop misguided target residency check
7bcbac8dd76a serial: sh-sci: Check that the DMA cookie is valid
0618fbaf4222 mei: gsc: add dependency on Xe driver
ef66e2074130 intel_th: Fix error handling in intel_th_output_open
74883565c621 char: applicom: fix NULL pointer dereference in ac_ioctl
8313323e3e96 usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc()
d8d17ff57924 usb: dwc3: keep susphy enabled during exit to avoid controller faults
50d0d2239d4b usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe
6bcbffda814e usb: gadget: lpc32xx_udc: fix clock imbalance in error path
5d3df03f7054 usb: phy: isp1301: fix non-OF device reference imbalance
69f9a0701abc usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal
8bd518ea03b8 USB: lpc32xx_udc: Fix error handling in probe
5a338aa9dab3 usb: typec: altmodes/displayport: Drop the device reference in dp_altmode_probe()
c062deb480f5 usb: ohci-nxp: fix device leak on probe failure
2a38605427f2 phy: broadcom: bcm63xx-usbh: fix section mismatches
759456cef254 media: pvrusb2: Fix incorrect variable used in trace message
fe3e129ab498 media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
bbf91bd694fe usb: usb-storage: Maintain minimal modifications to the bcdDevice range.
0ca9fb4335e7 mptcp: avoid deadlock on fallback while reinjecting
9cc0ba7934a9 mptcp: schedule rtx timer only after pushing data
e1f1ce0442a4 selftests: mptcp: pm: ensure unknown flags are ignored
1f65b924c5f2 media: v4l2-mem2mem: Fix outdated documentation
bd1aff606099 jbd2: use a weaker annotation in journal handling
22ea3cb34dc9 jbd2: use a per-journal lock_class_key for jbd2_trans_commit_key
4f6f4e5a3328 ext4: align max orphan file size with e2fsprogs limit
419812d8e675 ext4: fix incorrect group number assertion in mb_check_buddy
9a424b99d561 ext4: clear i_state_flags when alloc inode
5b154e901fda ext4: xattr: fix null pointer deref in ext4_raw_inode()
db9ee13fab02 ext4: fix string copying in parse_apply_sb_mount_options()
b69492161c05 tpm: Cap the number of PCR banks
4d1c44cd9823 ktest.pl: Fix uninitialized var in config-bisect.pl
5c7265d31501 fs/ntfs3: fix mount failure for sparse runs in run_unpack()
f6dd017bde25 kallsyms: Fix wrong "big" kernel symbol type read from procfs
6458658807c3 floppy: fix for PAGE_SIZE != 4KB
0a65cac1d86e block: rate-limit capacity change info log
e768e889561e wifi: mt76: Fix DTS power-limits on little endian systems
bfe512fb5b68 s390/dasd: Fix gendisk parent after copy pair swap
129b3bc14901 lib/crypto: x86/blake2s: Fix 32-bit arg treated as 64-bit
af225540e7d6 perf: arm_cspmu: fix error handling in arm_cspmu_impl_unregister()
b679e1985dcb mmc: sdhci-msm: Avoid early clock doubling during HS400 transition
d0564ab15dda x86/mce: Do not clear bank's poll bit in mce_poll_banks on AMD SMCA systems
e232269d5115 io_uring: fix filename leak in __io_openat_prep()
9b015f2918b9 KEYS: trusted: Fix a memory leak in tpm2_load_cmd
5679cc90bb54 cifs: Fix memory and information leak in smb3_reconfigure()
4f23082b371a vhost/vsock: improve RCU read sections around vhost_vsock_get()
af8b6fb41064 block: rnbd-clt: Fix signedness bug in init_dev()
ee374ebb5e8e scsi: scsi_debug: Fix atomic write enable module param description
e3e33ac2eb69 MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits
aaa642f20ad7 platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks
142b2e74186f nvme-fabrics: add ENOKEY to no retry criteria for authentication failures
855a444013cf nvme-fc: don't hold rport lock when putting ctrl
3b4c4f26e87c i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware
939b6c52f46c clk: qcom: dispcc-sm7150: Fix dispcc_mdss_pclk0_clk_src
6b4f044d9cd8 libperf cpumap: Fix perf_cpu_map__max for an empty/NULL map
3f7a5d52a4ea serial: sprd: Return -EPROBE_DEFER when uart clock is not ready
56664ab5ca28 usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive.
5f839f9c8037 usb: xhci: limit run_graceperiod for only usb 3.0 devices
f421105c99e8 iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains
3042a57a8e8b usb: typec: ucsi: Handle incorrect num_connectors capability
015200bb776f usbip: Fix locking bug in RT-enabled kernels
28442546f2d2 exfat: zero out post-EOF page cache on file extension
df3ca04116db exfat: fix remount failure in different process environments
d8218e3f39a7 reset: fix BIT macro reference
f7b6370d0fbe via_wdt: fix critical boot hang due to unnamed resource allocation
edadf1d7f919 fuse: Invalidate the page cache after FOPEN_DIRECT_IO write
b4f4212436ba fuse: Always flush the page cache before FOPEN_DIRECT_IO write
45100a1a9b31 scsi: qla2xxx: Use reinit_completion on mbx_intr_comp
3354e116ccc1 scsi: qla2xxx: Fix initiator mode with qlini_mode=exclusive
c203c1ea9467 scsi: qla2xxx: Fix lost interrupts with qlini_mode=disabled
a5b26e4a08a9 powerpc/addnote: Fix overflow on 32-bit builds
83127df037ca clk: mvebu: cp110 add CLK_IGNORE_UNUSED to pcie_x10, pcie_x11 & pcie_x4
8869c4962570 scsi: smartpqi: Add support for Hurray Data new controller PCI device
89d33906cb93 ti-sysc: allow OMAP2 and OMAP4 timers to be reserved on AM33xx
c379ec2361ad firmware: imx: scu-irq: Init workqueue before request mbox channel
b7200a265d14 scsi: ufs: host: mediatek: Fix shutdown/suspend race condition
2ab207530ce3 ipmi: Fix __scan_channels() failing to rescan channels
8f4156b242f8 ipmi: Fix the race between __scan_channels() and deliver_response()
7ced0c07791f nfsd: fix memory leak in nfsd_create_serv error paths
43c1b514422e nfsd: rename nfsd_serv_ prefixed methods and variables with nfsd_net_
6abdb63db720 nfsd: update percpu_ref to manage references on nfsd_net
47c4976513f1 ASoC: ak4458: remove the reset operation in probe and remove
a8ad320efb66 ALSA: usb-mixer: us16x08: validate meter packet indices
6874a88306a5 ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path
3837413ab3f4 ALSA: vxpocket: Fix resource leak in vxpocket_probe error path
14e5a8878d4f x86/fpu: Fix FPU state core dump truncation on CPUs with no extended xfeatures
1742974c24a9 net/hsr: fix NULL pointer dereference in prp_get_untagged_frame()
276bbd6061c6 dt-bindings: mmc: sdhci-of-aspeed: Switch ref to sdhci-common.yaml
52a3f9051d4a mmc: sdhci-of-arasan: Increase CD stable timeout to 2 seconds
fd750d686674 mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig
743cebcbd1b2 spi: fsl-cpm: Check length parity before switching to 16 bit mode
ed781eaa9e04 ACPI: CPPC: Fix missing PCC check for guaranteed_perf
a11f596653f8 ACPI: PCC: Fix race condition by removing static qualifier
d844aeba5945 soc/tegra: fuse: Do not register SoC device on ACPI boot
ed2c2c84a2b4 can: gs_usb: gs_can_open(): fix error handling
507b7333ac1a xfs: don't leak a locked dquot when xfs_dquot_attach_buf fails
24709064ee47 Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table
ed8c61b89be0 Input: alps - fix use-after-free bugs caused by dev3_register_work
3a7cd1397c20 Input: lkkbd - disable pending work before freeing device
84e4d3543168 Input: ti_am335x_tsc - fix off-by-one error in wire_order validation
04e9249d31f5 HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen
d26af6d14da4 ksmbd: fix buffer validation by including null terminator size in EA length
02e06785e85b ksmbd: Fix refcount leak when invalid session is found on session lookup
a6f4cfa37838 ksmbd: skip lock-range check on equal size to avoid size==0 underflow
e5718a35eb03 hwmon: (ltc4282): Fix reset_history file permissions
b963636331fb drm/xe/oa: Limit num_syncs to prevent oversized allocations
e281d1fd6903 drm/xe: Limit num_syncs to prevent oversized allocations
24be3b815554 block: rnbd-clt: Fix leaked ID in init_dev()
2ae324db9f49 spi: cadence-quadspi: Fix clock disable on probe failure path
0849560e52c5 arm64: kdump: Fix elfcorehdr overlap caused by reserved memory processing reorder
ec599026acb6 x86/xen: Fix sparse warning in enlighten_pv.c
d30f46717fa5 x86/xen: Move Xen upcall handler
ea55a61d7275 drm/panel: sony-td4353-jdi: Enable prepare_prev_first
1ed476f3836e MIPS: Fix a reference leak bug in ip22_check_gio()
ca29fc28fb44 drm/xe: Restore engine registers before restarting schedulers after GT reset
d0326fd9dfc1 drm/me/gsc: mei interrupt top half should be in irq disabled context
94f9c07b5675 hwmon: (tmp401) fix overflow caused by default conversion rate value
68d62e5bebbd hwmon: (ibmpex) fix use-after-free in high/low store
415d1638c742 hwmon: (dell-smm) Limit fan multiplier to avoid overflow
95cca255a7a5 net: hns3: add VLAN id validation before using
96a1b2988119 net: hns3: using the num_tqps to check whether tqp_index is out of range when vf get ring info from mbx
429f946a7af3 net: hns3: using the num_tqps in the vf driver to apply for resources
08c37829c01f net: enetc: do not transmit redirected XDP frames when the link is down
e1641177e7fb net/handshake: duplicate handshake cancellations leak socket
0e40549e321d net/mlx5: Serialize firmware reset with devlink
c3f606107a34 net/mlx5: fw_tracer, Handle escaped percent properly
45bd283b1d69 net/mlx5: fw_tracer, Validate format string parameters
4f929a9db234 net/mlx5: Drain firmware reset in shutdown callback
dc7325cc50e6 net/mlx5: fw reset, clear reset requested on drain_fw_reset
7bea09f60f2a ethtool: Avoid overflowing userspace buffer on stats query
e6c122cffcbb iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED
b627f7703f07 iommufd/selftest: Make it clearer to gcc that the access is not out of bounds
724f6df514f7 iommufd/selftest: Update hw_info coverage for an input data_type
ec519fbf6dd8 iommufd/selftest: Add coverage for reporting max_pasid_log2 via IOMMU_HW_INFO
a085b36b7a71 selftests: netfilter: packetdrill: avoid failure on HZ=100 kernel
20594fe15722 netfilter: nf_tables: remove redundant chain validation on register store
2503f11fbf88 netfilter: nf_nat: remove bogus direction check
2d6fd8a8dd92 nfc: pn533: Fix error code in pn533_acr122_poweron_rdr()
cca2ed931b73 net/sched: ets: Remove drr class from the active list if it changes to strict
4ec29714aa4e caif: fix integer underflow in cffrml_receive()
25ab24df31f7 ipvs: fix ipv4 null-ptr-deref in route error path
0b88be7211d2 netfilter: nf_conncount: fix leaked ct in error paths
70e23c094de5 broadcom: b44: prevent uninitialized value usage
2ecfc4433acd net: openvswitch: fix middle attribute validation in push_nsh() action
4b83902a1e67 bnxt_en: Fix XDP_TX path
216afc198484 mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats
ed8141b206bd mlxsw: spectrum_router: Fix neighbour use-after-free
3c8828fc9bf5 mlxsw: spectrum_router: Fix possible neighbour reference count leak
c98eeb05d7d9 ipvlan: Ignore PACKET_LOOPBACK in handle_mode_l2()
06bfb66a7c8b net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
8d1ccba4b171 netrom: Fix memory leak in nr_sendmsg()
278b8a9cd448 net: fec: ERR007885 Workaround for XDP TX path
9e2e02ca7b2c gfs2: Fix use of bio_chain
edc2512e8d26 Bluetooth: btusb: Add new VID/PID 0x0489/0xE12F for RTL8852BE-VT
381a6fdfb3b9 Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE
a087c7cb86a7 Bluetooth: btusb: MT7920: Add VID/PID 0489/e135
ee3a1e7882e5 Bluetooth: btusb: MT7922: Add VID/PID 0489/e170
b87b6c1d8b9e Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV
ccc787810415 ksmbd: vfs: fix race on m_flags in vfs_cache
21a3d01fc6db ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
2770b46167b6 smb/server: fix return value of smb2_ioctl()
ab24e7802dcf gfs2: Fix "gfs2: Switch to wait_event in gfs2_quotad"
122fdb8d3d86 gfs2: fix remote evict for read-only filesystems
986908a28730 btrfs: scrub: always update btrfs_scrub_progress::last_physical
5dadd27e80c4 wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet
f423753269a0 wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC load
1ec6f2e3d5e4 wifi: cfg80211: use cfg80211_leave() in iftype change
ca6bf76ae4dc wifi: cfg80211: stop radar detection in cfg80211_leave()
f4001ba4a8ca wifi: rtl8xxxu: Fix HT40 channel config for RTL8192CU, RTL8723AU
fcd6855b70e6 fs/ntfs3: check for shutdown in fsync
87027decfe73 hfsplus: fix volume corruption issue for generic/073
edfb2e602b5b hfsplus: Verify inode mode when loading from disk
457f795e7abd hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create
187d06bcdf31 hfsplus: fix volume corruption issue for generic/070
4fff9a625da9 ntfs: set dummy blocksize to read boot_block when mounting
eeb154b999fe kbuild: Use objtree for module signing key path
4fa631188267 fs/ntfs3: Support timestamps prior to epoch
5da872dc712e livepatch: Match old_sympos 0 and 1 in klp_find_func()
93735b3a72f0 cpuidle: menu: Use residency threshold in polling state override decisions
7488bf981808 cpufreq: s5pv210: fix refcount leak
84a8b8f53bbb ACPI: fan: Workaround for 64-bit firmware bug
0055505fa66e cpufreq: dt-platdev: Add JH7110S SOC to the allowlist
59e60f6d3aac ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only
0d8bb0812692 ACPICA: Avoid walking the Namespace if start_node is NULL
73a52f7fd913 x86/ptrace: Always inline trivial accessors
81343616e712 sched/fair: Revert max_newidle_lb_cost bump
dbc61834b041 sched/deadline: only set free_cpus for online runqueues
e1028fb38b32 perf/x86/amd: Check event before enable to avoid GPF
c186564c96dc scripts/faddr2line: Fix "Argument list too long" error
7d107be58b5c iomap: account for unaligned end offsets when truncating read range
12053695c8ef iomap: adjust read range correctly for non-block-aligned positions
4b0fe71fb396 shmem: fix recovery on rename failures
e065fc63ecc1 btrfs: fix memory leak of fs_devices in degraded seed device path
26eb399edcbd bpf, arm64: Do not audit capability check in do_jit()
c3446d541616 btrfs: fix a potential path leak in print_data_reloc_error()
a8f13833135b btrfs: do not skip logging new dentries when logging a new name
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 16364e1271
---------------------------
linux-yocto/6.18: drm: xlnx: zynqmp_kms: set preferred_depth to 16 bpp
Integrating the following commit(s) to linux-yocto/6.18:
c66fba07b7dd drm: xlnx: zynqmp_kms: set preferred_depth to 16 bpp
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bfd3b56b2e
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.5)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 6 changes (2 new | 4 updated): - 2 new CVEs: CVE-2025-46068, CVE-2025-46070 - 4 updated CVEs: CVE-2025-46066, CVE-2025-46067, CVE-2025-71063, CVE-2026-0851
Date: Mon, 12 Jan 2026 16:41:36 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a72f100783
---------------------------
linux-yocto/6.18: update to v6.18.5
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
dc554c8fb361 Linux 6.18.5
7a28d65e4beb nfs/localio: fix regression due to out-of-order __put_cred
98a26893fad4 sched/fair: Proportional newidle balance
d4ffb9ce8e65 sched/fair: Small cleanup to update_newidle_cost()
c7ca7e0ff6f0 sched/fair: Small cleanup to sched_balance_newidle()
f1a77dfc3b04 mptcp: ensure context reset on disconnect()
3aa9aac0e8b7 Linux 6.18.4
2d48340ccc9d Revert "gpio: swnode: don't use the swnode's name as the key for GPIO lookup"
1ba137c89ff0 mm/damon/tests/core-kunit: handle alloc failures on damon_test_split_regions_of()
a9040eac434b vfio/pci: Disable qword access to the PCI ROM bar
e7a7d7e629c2 LoongArch: BPF: Enhance the bpf_arch_text_poke() function
845306163962 powercap: intel_rapl: Add support for Nova Lake processors
77aa0f5223ff powercap: intel_rapl: Add support for Wildcat Lake platform
142dbd7ed190 block: fix NULL pointer dereference in blk_zone_reset_all_bio_endio()
28a6c420f0e7 erofs: fix unexpected EIO under memory pressure
e8469ef3d480 drm/imagination: Disallow exporting of PM/FW protected objects
5487edb7b8ed drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb
c79ee71f4598 drm/pagemap, drm/xe: Ensure that the devmem allocation is idle before use
548f139d3c17 drm/xe/svm: Fix a debug printout
63f23aa2fbb8 drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer
3165fcd7a1cb drm/msm: add PERFCTR_CNTL to ifpc_reglist
35ea3282136a drm/msm/dpu: Add missing NULL pointer check for pingpong interface
8d9df6d3fa49 drm/xe: Drop preempt-fences when destroying imported dma-bufs.
e85d0e02121d drm/xe: Use usleep_range for accurate long-running workload timeslicing
a7229c1ebeed drm/xe: Adjust long-running workload timeslices to reasonable values
3570a24eb05e drm/xe/eustall: Disallow 0 EU stall property values
f19cb78876f9 drm/xe/oa: Disallow 0 OA property values
a965d4869eef drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table
7b2e6ca71681 drm: Fix object leak in DRM_IOCTL_GEM_CHANGE_HANDLE
635c8d6e72f6 drm/mgag200: Fix big-endian support
b94182b3d722 drm/ttm: Avoid NULL pointer deref for evicted BOs
71be8825e83c drm/tilcdc: Fix removal actions in case of failed probe
5457bdfab729 drm/i915: Fix format string truncation warning
eb1494204d71 drm/amdkfd: Trap handler support for expert scheduling mode
7f26af7bf9b7 drm/amdkfd: bump minimum vgpr size for gfx1151
7445db6a7d5a drm/amdkfd: Export the cwsr_size and ctl_stack_size to userspace
7e56e90b988c drm/nouveau/gsp: Allocate fwsec-sb at boot
07bcf0498047 drm/bridge: ti-sn65dsi83: ignore PLL_UNLOCK errors
ec648d8c2db7 drm/rockchip: vop2: Use OVL_LAYER_SEL configuration instead of use win_mask calculate used layers
355d4d4ffaf8 drm/amd: Fix unbind/rebind for VCN 4.0.5
fa6cd9230444 drm/mediatek: ovl_adaptor: Fix probe device leaks
b3e922278622 drm/mediatek: mtk_hdmi: Fix probe device leaks
8f059592969d drm/mediatek: Fix probe device leaks
e048e15c97e8 drm/mediatek: Fix probe memory leak
54291161eeaa drm/mediatek: Fix probe resource leaks
4fcb7f89479b drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse()
78bc88fda96c drm/rockchip: Set VOP for the DRM DMA device
7cdb9a9da935 drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl()
e2e980f09133 drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg()
391f53db1445 drm/buddy: Separate clear and dirty free block trees
e983164f179e drm/buddy: Optimize free block management with RB tree
2c9ba2fbcd97 drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers
b89cd47c4c92 drm/amdgpu/gmc11: add amdgpu_vm_handle_fault() handling
16a3106cff4a drm/amdgpu/sdma6: Update SDMA 6.0.3 FW version to include UMQ protected-fence fix
431b9cd09363 drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma
0b48f98f092b drm/amdgpu: Forward VMID reservation errors
8b74d0d7f6a5 drm/amdgpu/gmc12: add amdgpu_vm_handle_fault() handling
60da8c352cdc Revert "drm/amd: Skip power ungate during suspend for VPE"
3dad9330f71f platform/x86: alienware-wmi-wmax: Add support for Alienware 16X Aurora
7ba7c591ce05 platform/x86: alienware-wmi-wmax: Add AWCC support for Alienware x16
d1cb71222a27 platform/x86: alienware-wmi-wmax: Add support for new Area-51 laptops
ace965a38625 platform/x86: samsung-galaxybook: Fix problematic pointer cast
64b6cd5f7b5a net: macb: Relocate mog_init_rings() callback from macb_mac_link_up() to macb_open()
f3a8a7c1aa27 net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write
2431c1e4765a net: phy: mediatek: fix nvmem cell reference leak in mt798x_phy_calibration
c9a8cd3ac85c net: usb: sr9700: fix incorrect command used to write single register
a78ee50545ee nfsd: Drop the client reference in client_states_open()
1285073c878a nfsd: use ATTR_DELEG in nfsd4_finalize_deleg_timestamps()
c07dc84ed67c nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg()
a6493ebd6dd5 LoongArch: BPF: Adjust the jump offset of tail calls
85fdef3dcc10 LoongArch: BPF: Enable trampoline-based tracing for module functions
8b3c00c06018 LoongArch: BPF: Save return address register ra to t0 before trampoline
321993a874f5 LoongArch: BPF: Sign extend kfunc call arguments
2617bbdead63 LoongArch: BPF: Zero-extend bpf_tail_call() index
35bb95c80ddd LoongArch: Refactor register restoration in ftrace_common_return
48f927768092 gve: defer interrupt enabling until NAPI registration
726fca79cb55 fjes: Add missing iounmap in fjes_hw_init()
b282b2a9eed8 erspan: Initialize options_len before referencing options.
ee7c125fb3e8 e1000: fix OOB in e1000_tbi_should_accept()
a21704df4024 wifi: mac80211: Discard Beacon frames to non-broadcast address
de5eb6b65e9f wifi: iwlwifi: Fix firmware version handling
3ba6d01c4b3c RDMA/cm: Fix leaking the multicast GID table reference
0b948afc1ded RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly
3b8caba93267 rust: maple_tree: rcu_read_lock() in destructor to silence lockdep
7d7010f5f0ee samples/ftrace: Adjust LoongArch register restore order in direct calls
6f9af862a859 selftests/mm: fix thread state check in uffd-unit-tests
4df537e2478d tools/mm/page_owner_sort: fix timestamp comparison for stable sorting
54e9bd5025a0 x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo
4bae7111bf29 mm: consider non-anon swap cache folios in folio_expected_ref_count()
05a8edf607be mm/page_owner: fix memory leak in page_owner_stack_fops->release()
a794d65b1321 mm/page_alloc: change all pageblocks migrate type on coalescing
fcbe159c9060 idr: fix idr_alloc() returning an ID out of range
7da6f40d2662 lockd: fix vfs_test_lock() calls
a843e4155c83 kernel/kexec: fix IMA when allocation happens in CMA area
282ac3cf9bc7 kernel/kexec: change the prototype of kimage_map_segment()
d16a38f3d908 kasan: unpoison vms[area] addresses with a common tag
9548f154f79c kasan: refactor pcpu kasan vmalloc unpoison
234ede2960d5 mm/kasan: fix incorrect unpoisoning in vrealloc for KASAN
25f1ae942c09 mptcp: fallback earlier on simult connection
6cce897a37dc compiler_types.h: add "auto" as a macro for "__auto_type"
089e50f29eee af_unix: don't post cmsg for SO_INQ unless explicitly asked for
87f09d9245f1 pmdomain: imx: Fix reference count leak in imx_gpc_probe()
744e1bdd1471 pmdomain: mtk-pm-domains: Fix spinlock recursion fix in probe
11ccb3476ead mm/damon/tests/core-kunit: handle alloc failure on damos_test_commit_filter()
792515de4e9d mm/damon/tests/core-kunit: handle alloc failure on damon_test_set_attrs()
4b0389369065 mm/damon/tests/core-kunit: handle alloc failures in damon_test_ops_registration()
3987bd5706c9 mm/damon/tests/core-kunit: handle alloc failures on damos_test_filter_out()
7d0299ff8883 mm/damon/tests/core-kunit: handle alloc failures on damon_test_set_filters_default_reject()
1e88ea252355 mm/damon/tests/core-kunit: handle alloc failures in damon_test_update_monitoring_result()
8ce6a884fd4b mm/damon/tests/core-kunit: handle alloc failures in damon_test_set_regions()
65807e05960b mm/damon/tests/core-kunit: handle alloc failures on damon_test_merge_two()
753c12ff6d25 mm/damon/tests/core-kunit: handle alloc failures on dasmon_test_merge_regions_of()
8ac54bafd439 mm/damon/tests/core-kunit: handle memory alloc failure from damon_test_aggregate()
63669f6b729f mm/damon/tests/core-kunit: handle memory failure from damon_test_target()
d0870d0fe613 mm/damon/tests/core-kunit: handle allocation failures in damon_test_regions()
ead9dd2174e9 mm/damon/tests/core-kunit: handle alloc failures on damon_test_split_at()
9c46f119b70d mm/damon/tests/core-kunit: handle alloc failres in damon_test_new_filter()
b55a42c605af mm/damon/tests/core-kunit: fix memory leak in damon_test_set_filters_default_reject()
6e0090114d66 mm/damon/tests/vaddr-kunit: handle alloc failures on damon_test_split_evenly_succ()
89532a71288c mm/damon/tests/vaddr-kunit: handle alloc failures in damon_test_split_evenly_fail()
6fd615cb0440 mm/damon/tests/vaddr-kunit: handle alloc failures on damon_do_test_apply_three_regions()
33cf4171196d mm/damon/tests/sysfs-kunit: handle alloc failures on damon_sysfs_test_add_targets()
ef17c7e2acda LoongArch: Use unsigned long for _end and _text
f92ac4ad6c86 LoongArch: Use __pmd()/__pte() for swap entry conversions
73a0059dcf26 LoongArch: Fix build errors for CONFIG_RANDSTRUCT
1f8330dcdc60 LoongArch: Fix arch_dup_task_struct() for CONFIG_RANDSTRUCT
a6021c133ed8 LoongArch: Correct the calculation logic of thread_count
eea343099fac LoongArch: Add new PCI ID for pci_fixup_vgadev()
f736a3f4787b media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init()
3e858938b0e6 media: mediatek: vcodec: Use spinlock for context list protection lock
378deae752a2 media: i2c: imx219: Fix 1920x1080 mode to use 1:1 pixel aspect ratio
2e9b9a658d42 media: i2c: adv7842: Remove redundant cancel_delayed_work in probe
4d3c49fea279 media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe
4d08b38a9828 media: amphion: Cancel message work before releasing the VPU core
b9b29dae5962 media: amphion: Remove vpu_vb_is_codecconfig
6132c3e55926 media: vpif_display: fix section mismatch
5d25f923bdb4 media: vpif_capture: fix section mismatch
19f7dfa0c1d2 media: videobuf2: Fix device reference leak in vb2_dc_alloc error path
3cbf9ef5ce84 media: verisilicon: Protect G2 HEVC decoder against invalid DPB index
49446f8e73e2 media: TDA1997x: Remove redundant cancel_delayed_work in probe
f65ef4b8415e media: samsung: exynos4-is: fix potential ABBA deadlock on init
ca31135ad666 media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled
31ba1a4d7a5d media: platform: mtk-mdp3: fix device leaks at probe
a003505a5c8c media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread()
7cd1d942b87e media: iris: Refine internal buffer reconfiguration logic for resolution change
d786859abab3 media: cec: Fix debugfs leak on bus_register() failure
4357fa7bc03c fbdev: tcx.c fix mem_map to correct smem_start offset
1470cccf067e fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing
f21b17cb5ed5 fbdev: gbefb: fix to use physical address instead of dma address
527f5ea4ced1 dm pcache: fix segment info indexing
87f7a7e2ed57 dm pcache: fix cache info indexing
c7d8c1018aa6 dm-bufio: align write boundary on physical block size
e36fd1a4c2ec dm-ebs: Mark full buffer dirty even on partial write
69a5f0fa6e55 firmware: stratix10-svc: Add mutex in stratix10 memory management
b693d48a6ed0 media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()
8fb48de871a5 powerpc/pseries/cmm: call balloon_devinfo_init() also without CONFIG_BALLOON_COMPACTION
40a2a25aff5c powerpc/pseries/cmm: adjust BALLOON_MIGRATE when migrating pages
8a241df8cf6d power: supply: max77705: Fix potential IRQ chip conflict when probing two devices
c540db17e4af perf/x86/amd/uncore: Fix the return value of amd_uncore_df_event_init() on error
b635895918d8 PCI: meson: Fix parsing the DBI register region
96ce6629d470 PCI: brcmstb: Fix disabling L0s capability
a66cd0e5e034 parisc: entry: set W bit for !compat tasks in syscall_restore_rfi()
1d0cebc41d83 parisc: entry.S: fix space adjustment on interruption for 64-bit userspace
116f511839e1 nvmet: pci-epf: move DMA initialization to EPC init callback
7d94efe68518 NFSD: Make FILE_SYNC WRITEs comply with spec
71f630e36754 mtd: spi-nor: winbond: Add support for W25H02NWxxAM chips
7708a5031a40 mtd: spi-nor: winbond: Add support for W25H01NWxxAM chips
c54fec6b0cb9 mtd: spi-nor: winbond: Add support for W25H512NWxxAM chips
ac1a8b2244dd mtd: spi-nor: winbond: Add support for W25Q02NWxxIM chips
609b73efab92 mtd: spi-nor: winbond: Add support for W25Q01NWxxIM chips
0066afc04fd9 mtd: spi-nor: winbond: Add support for W25Q01NWxxIQ chips
69a585efbf9c mtd: mtdpart: ignore error -ENOENT from parsers on subpartitions
65b96ed954b4 arm64: dts: qcom: sm6350: Fix wrong order of freq-table-hz for UFS
29dc88cc131d arm64: dts: st: Add memory-region-names property for stm32mp257f-ev1
0b963a6b6137 arm64: dts: ti: k3-am62d2-evm: Fix PMIC padconfig
51615b85109b arm64: dts: ti: k3-am62d2-evm: Fix regulator properties
e768a9d22d38 media: verisilicon: Fix CPU stalls on G2 bus error
e9918c6a0044 media: rc: st_rc: Fix reset control resource leak
10eecb592afc mfd: max77620: Fix potential IRQ chip conflict when probing two devices
e4077fcb1479 mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup
deb4bc9fc8d0 clk: qcom: Fix dependencies of QCS_{DISP,GPU,VIDEO}CC_615
8f41129c4b5b clk: qcom: Fix SM_VIDEOCC_6350 dependencies
34322b533390 clk: qcom: mmcc-sdm660: Add missing MDSS reset
a317f63255eb clk: samsung: exynos-clkout: Assign .num before accessing .hws
1c678ce2f56b block: Clear BLK_ZONE_WPLUG_PLUGGED when aborting plugged BIOs
4d29edea4921 leds: leds-lp50xx: Enable chip before any communication
c99352597531 leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs
dcd4efe48178 leds: leds-lp50xx: Allow LED 0 to be added to module bank
67bfbc5a558c leds: leds-cros_ec: Skip LEDs without color components
2c3edc2b7aa3 mm, swap: do not perform synchronous discard during allocation
4ae1e46d8a29 powerpc/64s/slb: Fix SLB multihit issue during SLB preload
96bdd7ba179f powerpc, mm: Fix mprotect on book3s 32-bit
f1765578621f arm64: dts: ti: k3-j721e-sk: Fix pinmux for pin Y1 used by power regulator
382895a28851 PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths
1a793f06aa69 fgraph: Check ftrace_pids_enabled on registration for early filtering
c0a565f133f3 fgraph: Initialize ftrace_ops->private for function graph ops
7c8b636d3ce7 hisi_acc_vfio_pci: Add .match_token_uuid callback in hisi_acc_vfio_pci_migrn_ops
36b5f6b52ca7 HID: logitech-dj: Remove duplicate error logging
1e9cf600da98 hwmon: (dell-smm) Fix off-by-one error in dell_smm_is_visible()
c341dee80b5d iommu: disable SVA when CONFIG_X86 is set
b16243e7164c iommu/tegra: fix device leak on probe_device()
bd2f551f575c iommu/sun50i: fix device leak on of_xlate()
6b8390fcef61 iommu/qcom: fix device leak on of_xlate()
d496519ccd7e iommu/omap: fix device leaks on probe_device()
c2a13167991f iommu/mediatek: fix device leak on of_xlate()
fa3cb4012fb2 iommu/mediatek-v1: fix device leaks on probe()
574635a02526 iommu/mediatek-v1: fix device leak on probe_device()
ba202227f98d iommu/ipmmu-vmsa: fix device leak on of_xlate()
b35eeae8a566 iommu/exynos: fix device leak on of_xlate()
9bb0b50a759e iommu/apple-dart: fix device leak on of_xlate()
67c5f84f9b1c iommu/amd: Propagate the error code returned by __modify_irte_ga() in modify_irte_ga()
47bed96dc7d5 iommu/amd: Fix pci_segment memleak in alloc_pci_segment()
00ed0cc57232 ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment.
372796af87d3 ASoC: qcom: q6adm: the the copp device only during last instance
cd5691807ba6 ASoC: qcom: q6asm-dai: perform correct state check before closing
c5c85ef27db6 ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr
150352153ac9 ASoC: codecs: Fix error handling in pm4125 audio codec driver
fb7d608aa7c4 ASoC: cs35l41: Always return 0 when a subsystem ID is found
b79b8613c0c4 ASoC: qcom: sdw: fix memory leak for sdw_stream_runtime
a619ebcf3e97 ASoC: codecs: lpass-tx-macro: fix SM6115 support
341902036870 ASoC: codecs: pm4125: Remove irq_chip on component unbind
28bcaff809cb ASoC: codecs: pm4125: Fix potential conflict when probing two devices
15424b48e226 ASoC: codecs: wcd937x: Fix error handling in wcd937x codec driver
21d87fde367a ASoC: renesas: rz-ssi: Fix rz_ssi_priv::hw_params_cache::sample_width
4d2ae0495c75 ASoC: renesas: rz-ssi: Fix channel swap issue in full duplex mode
3752afcc6d80 ASoC: stm32: sai: fix OF node leak on probe
88636450c4ad ASoC: stm32: sai: fix clk prepare imbalance on probe failure
88baed15284e ASoC: stm32: sai: fix device leak on probe
042169940f6a ASoC: codecs: wcd939x: fix regmap leak on probe failure
791bc3890d6f ntfs: Do not overwrite uptodate pages
7c87afd13484 block: handle zone management operations completions
caf7a6e95854 selftests/ftrace: traceonoff_triggers: strip off names
7d8a5b44b9f2 blk-mq: skip CPU offline notify on unmapped hctx
4f6e92b7c2a7 RDMA/bnxt_re: fix dma_free_coherent() pointer
e4ee11c00d23 RDMA/rtrs: Fix clt_path::max_pages_per_mr calculation
cf49ffdf57b6 IB/rxe: Fix missing umem_odp->umem_mutex unlock on error path
d026f47db686 ksmbd: Fix memory leak in get_file_all_info()
d260dff568ad drm/xe/guc: READ/WRITE_ONCE g2h_fence->done
63dfbcd59b4b ublk: scan partition in async way
92f024b8d47a ublk: implement NUMA-aware memory allocation
e5abb6af905d md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()
b53635e0e42b md: Fix static checker warning in analyze_sbs
e0321917c03b RDMA/bnxt_re: Fix to use correct page size for PDE table
e6d8d31d6e87 kunit: Enforce task execution in {soft,hard}irq contexts
369a161c4872 RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()
ac4567773ce5 RDMA/bnxt_re: Fix IB_SEND_IP_CSUM handling in post_send
08e98ad766b1 drm/gem-shmem: Fix the MODULE_LICENSE() string
fe8d45608042 RDMA/core: always drop device refcount in ib_del_sub_device_and_put()
b20d6455f537 RDMA/bnxt_re: Fix incorrect BAR check in bnxt_qplib_map_creq_db()
868197d9f85b RDMA/core: Fix logic error in ib_get_gids_from_rdma_hdr()
277f1f4a80b4 RDMA/efa: Remove possible negative shift
d9b9affd103f RDMA/irdma: avoid invalid read in irdma_net_event
94dda131004e RDMA/mana_ib: check cqe length for kernel CQs
20710399c9b5 RDMA/irdma: Fix irdma_alloc_ucontext_resp padding
263255a62cea RDMA/ucma: Fix rdma_ucm_query_ib_service_resp struct padding
787515ccb229 ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
92d900aac3a5 net: rose: fix invalid array index in rose_kill_by_device()
ffd335167d7e net: fib: restore ECMP balance from loopback
e3fc381320d0 ipv4: Fix reference count leak when using error routes with nexthop objects
73744ad5696d ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
5e5988736a95 net: stmmac: fix the crash issue for zero copy XDP_TX action
442848e457f5 octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"
7f18ebf8c455 platform/x86/intel/pmt/discovery: use valid device pointer in dev_err_probe
79cab730dbaa platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
fe9339b33e2b vfio/pds: Fix memory leak in pds_vfio_dirty_enable()
4904161220d4 tools/sched_ext: fix scx_show_state.py for scx_root change
6081ef09c54e net: bridge: Describe @tunnel_hash member in net_bridge_vlan_group struct
bf8a0f3b787c net: usb: asix: validate PHY address before use
93a880f73b88 net: mdio: rtl9300: use scoped for loops
937c7172d1e3 mcb: Add missing modpost build support
0c1df928f0b8 kbuild: fix compilation of dtb specified on command-line without make rule
6ddf3ae19574 net: dsa: b53: skip multicast entries for fdb_dump()
3b3ddded9c86 bng_en: update module description
f7d95f9ee070 firewire: nosy: Fix dma_free_coherent() size
3411103f6b3e genalloc.h: fix htmldocs warning
b6018d5c1a8f smc91x: fix broken irq-context in PREEMPT_RT
277b256f579a platform/x86/intel/pmt: Fix kobject memory leak on init failure
66299520bb6e net: wangxun: move PHYLINK dependency
9b91553a30a6 selftests: net: fix "buffer overflow detected" for tap.c
151403e90384 net: usb: rtl8150: fix memory leak on usb_submit_urb() failure
e4e5c21a9cd5 selftests: drv-net: psp: fix test names in ipver_test_builder()
018071d06c3b selftests: drv-net: psp: fix templated test names in psp_ip_ver_test_builder()
6602403b2fa1 amd-xgbe: reset retries and mode on RX adapt failures
ddbb72c338d9 net: dsa: fix missing put_device() in dsa_tree_find_first_conduit()
0e766b77ba50 net: dsa: properly keep track of conduit reference
0b4fa7ac1306 net: airoha: Move net_devs registration in a dedicated routine
b71187648ef2 team: fix check for port enabled in team_queue_override_port_prio_changed()
4defca287bae platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic
8f2ba8ac9ca5 platform/x86: msi-laptop: add missing sysfs_remove_group()
f1c7923932bb platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names
26cca984de64 powerpc/tools: drop `-o pipefail` in gcc check scripts
91a2b25be07c ip6_gre: make ip6gre_header() robust
f31557fb1b35 net: openvswitch: Avoid needlessly taking the RTNL on vport destroy
05359659c110 net: mdio: aspeed: add dummy read to avoid read-after-write issue
fdf7c640fb8a Bluetooth: btusb: revert use of devm_kzalloc in btusb
d084061f3360 Bluetooth: MGMT: report BIS capability flags in supported settings
5476f7f8a311 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt
5d8b9d38a767 cpuset: fix warning when disabling remote partition
5a7ba7e66b54 idpf: reduce mbx_task schedule delay to 300us
85230d7ab57e idpf: fix LAN memory regions command on some NVMs
3095228e1320 iavf: fix off-by-one issues in iavf_config_rss_reg()
5e703706b6ea i40e: validate ring_len parameter against hardware-specific values
db54feefa859 i40e: fix scheduling in set_rx_mode
f9cb8a49f7a5 sched_ext: fix uninitialized ret on alloc_percpu() failure
182a2786d248 wifi: mac80211: do not use old MBSSID elements
7ea38152a289 wifi: cfg80211: sme: store capped length in __cfg80211_connect_result()
90a15ff32464 wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()
e5c129a05531 wifi: rtw88: limit indirect IO under powered off for RTL8822CS
7f1f50c2055b drm/amdgpu: don't attach the tlb fence for SI
99204fdc989c drm/displayid: add quirk to ignore DisplayID checksum errors
61c0901cbd72 drm/edid: add DRM_EDID_IDENT_INIT() to initialize struct drm_edid_ident
2af2abbcbf85 KVM: s390: Fix gmap_helper_zap_one_page() again
2a30b3c9eae1 mm/huge_memory: merge uniform_split_supported() and non_uniform_split_supported()
aeabe44c5019 sched_ext: Fix incorrect sched_class settings for per-cpu migration tasks
b29d5e3a5625 sched/eevdf: Fix min_vruntime vs avg_vruntime
fc83284e7527 sched/core: Add comment explaining force-idle vruntime snapshots
d75aa97c90da x86/microcode/AMD: Select which microcode patch to load
5a7ba9b599fc drm: nova: depend on CONFIG_64BIT
0522222f2ac2 sched/proxy: Yield the donor task
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 983cb2171e
---------------------------
scripts/oe-git-archive: Ensure new push parameter is specified
Fixes a regresion in "oeqa/gitarchive: Fix git push URL parameter" due to a missing parameter.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ed2a345982
---------------------------
libyaml: add ptest support
Add ptest support for libyaml to enable running the test suite
on target devices. This includes:
- test-version: Verifies library version information
- test-reader: Tests YAML reading functionality
All 2 upstream tests pass successfully:
START: ptest-runner
BEGIN: /usr/lib/libyaml/ptest
checking utf-8 sequences...
a simple test:
+ (no error)
an empty line:
+ (no error)
u-0 is a control character:
+ (reader error: control characters are not allowed: #0 at 0)
u-80 is a control character:
+ (reader error: control characters are not allowed: #80 at 0)
u-800 is valid:
+ (no error)
u-10000 is valid:
+ (no error)
5 bytes sequences are not allowed:
+ (reader error: invalid leading UTF-8 octet: #F8 at 0)
6 bytes sequences are not allowed:
+ (reader error: invalid leading UTF-8 octet: #FC at 0)
u-7f is a control character:
+ (reader error: control characters are not allowed: #7F at 0)
u-7FF is valid:
+ (no error)
u-FFFF is a control character:
+ (reader error: control characters are not allowed: #FFFF at 0)
u-1FFFFF is too large:
+ (reader error: invalid Unicode character: #1FFFFF at 0)
u-3FFFFFF is 5 bytes:
+ (reader error: invalid leading UTF-8 octet: #FB at 0)
u-7FFFFFFF is 6 bytes:
+ (reader error: invalid leading UTF-8 octet: #FD at 0)
u-D7FF:
+ (no error)
u-E000:
+ (no error)
u-FFFD:
+ (no error)
u-10FFFF:
+ (no error)
u-110000:
+ (reader error: invalid Unicode character: #110000 at 0)
first continuation byte:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
last continuation byte:
+ (reader error: invalid leading UTF-8 octet: #BF at 0)
2 continuation bytes:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
3 continuation bytes:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
4 continuation bytes:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
5 continuation bytes:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
6 continuation bytes:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
7 continuation bytes:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
sequence of all 64 possible continuation bytes:
+ (reader error: invalid leading UTF-8 octet: #80 at 0)
+ (reader error: invalid leading UTF-8 octet: #81 at 0)
+ (reader error: invalid leading UTF-8 octet: #82 at 0)
+ (reader error: invalid leading UTF-8 octet: #83 at 0)
+ (reader error: invalid leading UTF-8 octet: #84 at 0)
+ (reader error: invalid leading UTF-8 octet: #85 at 0)
+ (reader error: invalid leading UTF-8 octet: #86 at 0)
+ (reader error: invalid leading UTF-8 octet: #87 at 0)
+ (reader error: invalid leading UTF-8 octet: #88 at 0)
+ (reader error: invalid leading UTF-8 octet: #89 at 0)
+ (reader error: invalid leading UTF-8 octet: #8A at 0)
+ (reader error: invalid leading UTF-8 octet: #8B at 0)
+ (reader error: invalid leading UTF-8 octet: #8C at 0)
+ (reader error: invalid leading UTF-8 octet: #8D at 0)
+ (reader error: invalid leading UTF-8 octet: #8E at 0)
+ (reader error: invalid leading UTF-8 octet: #8F at 0)
+ (reader error: invalid leading UTF-8 octet: #90 at 0)
+ (reader error: invalid leading UTF-8 octet: #91 at 0)
+ (reader error: invalid leading UTF-8 octet: #92 at 0)
+ (reader error: invalid leading UTF-8 octet: #93 at 0)
+ (reader error: invalid leading UTF-8 octet: #94 at 0)
+ (reader error: invalid leading UTF-8 octet: #95 at 0)
+ (reader error: invalid leading UTF-8 octet: #96 at 0)
+ (reader error: invalid leading UTF-8 octet: #97 at 0)
+ (reader error: invalid leading UTF-8 octet: #98 at 0)
+ (reader error: invalid leading UTF-8 octet: #99 at 0)
+ (reader error: invalid leading UTF-8 octet: #9A at 0)
+ (reader error: invalid leading UTF-8 octet: #9B at 0)
+ (reader error: invalid leading UTF-8 octet: #9C at 0)
+ (reader error: invalid leading UTF-8 octet: #9D at 0)
+ (reader error: invalid leading UTF-8 octet: #9E at 0)
+ (reader error: invalid leading UTF-8 octet: #9F at 0)
+ (reader error: invalid leading UTF-8 octet: #A0 at 0)
+ (reader error: invalid leading UTF-8 octet: #A1 at 0)
+ (reader error: invalid leading UTF-8 octet: #A2 at 0)
+ (reader error: invalid leading UTF-8 octet: #A3 at 0)
+ (reader error: invalid leading UTF-8 octet: #A4 at 0)
+ (reader error: invalid leading UTF-8 octet: #A5 at 0)
+ (reader error: invalid leading UTF-8 octet: #A6 at 0)
+ (reader error: invalid leading UTF-8 octet: #A7 at 0)
+ (reader error: invalid leading UTF-8 octet: #A8 at 0)
+ (reader error: invalid leading UTF-8 octet: #A9 at 0)
+ (reader error: invalid leading UTF-8 octet: #AA at 0)
+ (reader error: invalid leading UTF-8 octet: #AB at 0)
+ (reader error: invalid leading UTF-8 octet: #AC at 0)
+ (reader error: invalid leading UTF-8 octet: #AD at 0)
+ (reader error: invalid leading UTF-8 octet: #AE at 0)
+ (reader error: invalid leading UTF-8 octet: #AF at 0)
+ (reader error: invalid leading UTF-8 octet: #B0 at 0)
+ (reader error: invalid leading UTF-8 octet: #B1 at 0)
+ (reader error: invalid leading UTF-8 octet: #B2 at 0)
+ (reader error: invalid leading UTF-8 octet: #B3 at 0)
+ (reader error: invalid leading UTF-8 octet: #B4 at 0)
+ (reader error: invalid leading UTF-8 octet: #B5 at 0)
+ (reader error: invalid leading UTF-8 octet: #B6 at 0)
+ (reader error: invalid leading UTF-8 octet: #B7 at 0)
+ (reader error: invalid leading UTF-8 octet: #B8 at 0)
+ (reader error: invalid leading UTF-8 octet: #B9 at 0)
+ (reader error: invalid leading UTF-8 octet: #BA at 0)
+ (reader error: invalid leading UTF-8 octet: #BB at 0)
+ (reader error: invalid leading UTF-8 octet: #BC at 0)
+ (reader error: invalid leading UTF-8 octet: #BD at 0)
+ (reader error: invalid leading UTF-8 octet: #BE at 0)
+ (reader error: invalid leading UTF-8 octet: #BF at 0)
32 first bytes of 2-byte sequences {0xc0-0xdf}:
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
+ (reader error: invalid trailing UTF-8 octet: #20 at 1)
16 first bytes of 3-byte sequences {0xe0-0xef}:
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
8 first bytes of 4-byte sequences {0xf0-0xf7}:
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
4 first bytes of 5-byte sequences {0xf8-0xfb}:
+ (reader error: invalid leading UTF-8 octet: #F8 at 0)
+ (reader error: invalid leading UTF-8 octet: #F9 at 0)
+ (reader error: invalid leading UTF-8 octet: #FA at 0)
+ (reader error: invalid leading UTF-8 octet: #FB at 0)
2 first bytes of 6-byte sequences {0xfc-0xfd}:
+ (reader error: invalid leading UTF-8 octet: #FC at 0)
+ (reader error: invalid leading UTF-8 octet: #FD at 0)
sequences with last byte missing {u-0}:
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: invalid leading UTF-8 octet: #F8 at 0)
+ (reader error: invalid leading UTF-8 octet: #FC at 0)
sequences with last byte missing {u-...FF}:
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: incomplete UTF-8 octet sequence at 0)
+ (reader error: invalid leading UTF-8 octet: #FB at 0)
+ (reader error: invalid leading UTF-8 octet: #FD at 0)
impossible bytes:
+ (reader error: invalid leading UTF-8 octet: #FE at 0)
+ (reader error: invalid leading UTF-8 octet: #FF at 0)
+ (reader error: invalid leading UTF-8 octet: #FE at 0)
overlong sequences {u-2f}:
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid leading UTF-8 octet: #F8 at 0)
+ (reader error: invalid leading UTF-8 octet: #FC at 0)
maximum overlong sequences:
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid leading UTF-8 octet: #F8 at 0)
+ (reader error: invalid leading UTF-8 octet: #FC at 0)
overlong representation of the NUL character:
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid length of a UTF-8 sequence at 0)
+ (reader error: invalid leading UTF-8 octet: #F8 at 0)
+ (reader error: invalid leading UTF-8 octet: #FC at 0)
single UTF-16 surrogates:
+ (reader error: invalid Unicode character: #D800 at 0)
+ (reader error: invalid Unicode character: #DB7F at 0)
+ (reader error: invalid Unicode character: #DB80 at 0)
+ (reader error: invalid Unicode character: #DBFF at 0)
+ (reader error: invalid Unicode character: #DC00 at 0)
+ (reader error: invalid Unicode character: #DF80 at 0)
+ (reader error: invalid Unicode character: #DFFF at 0)
paired UTF-16 surrogates:
+ (reader error: invalid Unicode character: #D800 at 0)
+ (reader error: invalid Unicode character: #D800 at 0)
+ (reader error: invalid Unicode character: #DB7F at 0)
+ (reader error: invalid Unicode character: #DB7F at 0)
+ (reader error: invalid Unicode character: #DB80 at 0)
+ (reader error: invalid Unicode character: #DB80 at 0)
+ (reader error: invalid Unicode character: #DBFF at 0)
+ (reader error: invalid Unicode character: #DBFF at 0)
other illegal code positions:
+ (reader error: control characters are not allowed: #FFFE at 0)
+ (reader error: control characters are not allowed: #FFFF at 0)
checking utf-8 sequences: 0 fail(s)
checking boms...
no bom (utf-8): +
bom (utf-8): +
bom (utf-16-le): +
bom (utf-16-be): +
checking boms: 0 fail(s)
checking a long utf8 sequence...
checking a long utf8 sequence: 0 fail(s)
checking a long utf16 sequence...
checking a long utf16 sequence: 0 fail(s)
PASS: test-reader
sizeof(token) = 80
sizeof(event) = 104
sizeof(parser) = 480
PASS: test-version
DURATION: 0
END: /usr/lib/libyaml/ptest
STOP: ptest-runner
Signed-off-by: Pratik Farkase <pratik.farkase@est.tech>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c78f5ae4a5
---------------------------
create-pull-request: Keep commit hash to be pulled in cover email
The cover email mangling in create-pull-request was cutting off the
actual commit hash to be pulled, making it difficult to verify that the
changes a maintainer merges exactly match those intended by the pull
request author.
The extra lines we want to include are, for example from a recent
whinlatter stable branch PR:
for you to fetch changes up to 6c4c6d39ea3202d756acc13f8ce81b114a468541:
cups: upgrade from 2.4.14 to 2.4.15 (2025-12-29 09:49:31 -0800)
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fea3c445a9
---------------------------
testimage: Print last lines of kernel log on test fail
Testimage test fails are often a consequence of issues inside of the
virtual machine, such as the OOM killer firing. Showing the last kernel
log lines on the main log output should help to debug these fails.
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: da4ac27c53
---------------------------
oe-selftest: improved junit test
Verify junit with improved image status and error
Signed-off-by: Miroslav Cernak <miroslav.cernak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: afcb98ec8a
---------------------------
resulttool: junit: improve ptest status handling and log
While using resulttool's JUnit export, several issues surfaced
and are addressed here:
- Avoid KeyError when ptest results are missing by guarding access to
ptest_summary e.g., KeyError: 'bzip2'
- Report actual failures as FAILED instead of SKIPPED and list the failing
testcase names (e.g., DataSQLite-testrunner, Foundation-testrunner).
- Include testcase names in failure output rather than only the ptest name,
improving first-read diagnosability.
- Make multiline failure details readable: put full traces in JUnit output;
for attribute-only messages that cannot contain newlines, collapse “\n” to
spaces to avoid “ ” artifacts in GitLab.
This produces a more accurate and readable JUnit report, prevents crashes
when ptestresult.* lacks entries, and makes CI output actionable on first read.
Signed-off-by: Miroslav Cernak <miroslav.cernak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1b231aeabf
---------------------------
oe-selftest: add resulttool junit test
Verify imagetests, and ptest with inlined as well as ptests with
attached log files work as expected.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Miroslav Cernak <miroslav.cernak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2abe2d701c
---------------------------
resulttool: junit support ptests
Support image tests and ptest. Therefore some additional hirarchies get
introduced to the junit.xml file. Ptest log files can be written to a
file per ptest and referred from junit.xml as ATTACHMENT or the log
message can be inline in the system-out element. The following is an
example generated with --attach-log-files parameter.
<testsuites errors="0" failures="0" skipped="0" tests="2" time="298.51">
<testsuite name="runtime_image_machine_20240919100051">
<testsuite name="Image Tests" errors="0" failures="0" skipped="0" tests="1"
time="297.51">
<testcase name="df.DfTest.test_df" classname="testimage" time="1.35" />
</testsuite>
<testsuite name="Package Tests" errors="0" failures="0" skipped="0" tests="1"
time="2">
<testcase name="foo" classname="ptest" time="2"
<system-out>[[ATTACHMENT|ptest-logs/foo.log]]</system-out>
</testsuite>
</testsuite>
</testsuites>
This works at least with GitLab's junit parser.
With GitLab inline system-out tags are not (yet?) fully supported by
GitLab. The details are discussed here:
https://gitlab.com/gitlab-org/gitlab/-/issues/440341
Support ptests
- Handle ptestresult.sections
A log file per ptest is generated.
This allows to make the detailed ptest log available via file
attribute of the junit's testcase class.
- Skip ptestresults items.
- Rendering all ptestresult sections quickly leads to overloaded test
reports with almost no information (only test status per test).
Handling the ptestresult.sections instead looks more useful
especially for larger test pipelines.
- This fixes a crash because they do not have a duration atribute.
Improve the command line parser. Calling just resulttool junit from a
bitbake environment finds the testresults.json in $BUILDDIR and writes
the corresponding junit.xml into the same directory.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Miroslav Cernak <miroslav.cernak@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1d70a77b7f
---------------------------
oeqa/runtime/cases/ptest.py: use to_boolean for PTEST_EXPECT_FAILURE
When PTEST_EXPECT_FAILURE is set to "0", "False" or unset, the expected
behavior is that ptest should succeed. So we need to use to_boolean.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7d869c9c5a
---------------------------
oeqa/gitarchive: Push tag before copying log files
Resulttool creates a git tag in the yocto-testresults git and then
copies log files to a newly created folder on the NFS share, whose name
is controlled by the name of this git tag. As tags are unique, the
folder name is also unique, preventing any clash between different
builds.
Today, the tag is pushed from the calling script, so after the folder is
copied. This can lead to some issues if for any reason the tag is not
pushed. This might also lead to some race condition. Allow to push the
tag before coying data, in order to prevent these issues, and add a
warning if the calling script choose to not push the tag but still copy
the log files on the NFS share.
Fixes [YOCTO #15696]
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 024f08629f
---------------------------
oeqa/gitarchive: Fix git push URL parameter
The gitarchive() function takes a `push` parameter than can be either a
boolean or a string. But this parameter is then passed to
expand_tag_strings(), which clearly expect it to be a string if it is
defined. Split this in two arguments: a `push` boolean value and a
`push_remote` optional string.
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 08c3877f4d
---------------------------
kea: remove keactrl from package
The keactrl script is used to run Kea from installation directory and is
primarily intended for developers[1][2]. It should not be shipped to kea
package. Remove it before packaging. A related patch is also removed.
[1] https://gitlab.isc.org/isc-projects/kea/-/blob/master/src/bin/keactrl/keactrl.in?ref_type=heads#L10
[2] https://kea.readthedocs.io/en/latest/arm/keactrl.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 7f9d9297a8
---------------------------
kea: replace keactrl with kea daemons in initscripts
The keactrl script is used to run Kea from installation directory and is
primarily intended for developers[1][2]. The initscripts should call kea
daemon directly, rather than through the keactrl script.
Also add a volatile file to create runtime and state directories.
[1] https://gitlab.isc.org/isc-projects/kea/-/blob/master/src/bin/keactrl/keactrl.in?ref_type=heads#L10
[2] https://kea.readthedocs.io/en/latest/arm/keactrl.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d7c2df65f0
---------------------------
kea: fix creating runtime directory in service files
Create runtime and state directories using RuntimeDirectory and
StateDirectory in systemd service files, rather than creating them via
ExecStartPre. This is a standard approach for systemd[1]. When the
server starts, systemd will automatically create these directories.
Also, add more configuration files to CONFFILES.
[1] https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#RuntimeDirectory=
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 184bb4e114
---------------------------
sqlite3: upgrade 3.51.1 -> 3.51.2
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e85e2b427
---------------------------
opensbi: bump to 1.8
This release has:
- Safe and reverse list iteration
- Stack protector support
- Allocate heap housekeeping nodes dynamically
- IPI device ratings
- Andes QiLai SoC support
- SpacemiT K1 SoC support
- ESWIN Computing EIC7700 SoC support
- Moved Ariane and Openpiton to generic platform
- SiFive CLINT v2 support
- Simple FDT based cache library
- SiFive PL2 cache controller driver
- SiFive Extensible Cache (EC) driver
- SiFive TMC0 based HSM driver
- SiFive SMC0 based system suspend driver
- MPXY RPMI mailbox driver for voltage service group
- MPXY RPMI mailbox driver for device power service group
- MPXY RPMI mailbox driver for performance service group
- HART protection abstraction
Overall, this release has various domain related improvements and
also adds multiple platform support.
Additionally, enable PMP support on QEMU using rva23s64, as PMP is
disabled by default, which causes the hart isolation configuration
to fail [1].
[1] https://lists.nongnu.org/archive/html/qemu-riscv/2026-01/msg00048.html
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c137d3637b
---------------------------
docbook-xml-dtd4: fix the fetching failure
Updating SRC_URI, the old archive url is deprecated.
Signed-off-by: Khai Dang <khai.dang@lge.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 602e28b481
---------------------------
patch.bbclass: Show full path when a patch fails to apply
If a patch fails to apply, it helps to know the full path to it. This is
especially true if multiple versions of the patch exists, e.g., due to
overrides via bbappends.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1411281de2
---------------------------
python3-hatchling: remove redundant logic
There's no need to remove the self-dependency as bitbake does that, and
the assignment of PYTHONPATH is no longer needed as pypa-build does the
right thing when invoking the in-tree hatchling.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ff207034f5
---------------------------
devtool: package: Drop unnecessary import
The package module in devtool never actually used subprocess.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 82c9d870df
---------------------------
oeqa-runtime: avoid crash in run_network_serialdebug for missing netstat
If netstat is not installed on the host, the function fails.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b3c0e588d3
---------------------------
oeqa-runtime: fix run_network_serialdebug
This is a global function and thus does not have self object.
Executing it leads to "NameError: name 'self' is not defined".
Change it to take parent object which contains all data which is needed
to execute it.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 874b2d301d
---------------------------
spdx: Add yocto PURLs
Adds code to add PURLs to packages based on the PURL specification for
Yocto packages [1].
The SPDX_PACKAGE_URL variable is renamed SPDX_PACKAGE_URLS to make it
clear that it can now be a list of PURLs. SPDX_PACKAGE_URL is retained,
but marked as deprecated.
[1]: https://github.com/package-url/purl-spec/blob/main/types-doc/yocto-definition.md
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e8ea34a3e8
---------------------------
grub: fix CVE-2025-54770 CVE-2025-61661 CVE-2025-61662 CVE-2025-61663 CVE-2025-61664
References:
https://nvd.nist.gov/vuln/detail/CVE-2025-54770
https://nvd.nist.gov/vuln/detail/CVE-2025-61661
https://nvd.nist.gov/vuln/detail/CVE-2025-61662
https://nvd.nist.gov/vuln/detail/CVE-2025-61663
https://nvd.nist.gov/vuln/detail/CVE-2025-61664
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 86941c74cc
---------------------------
linux-firmware: sort Qualcomm QCA firmware entries
Move entries for Qualcomm QCA2066 firmware to the first place, keeping
all QCA firmware entries sorted
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 16c9fc1288
---------------------------
linux-firmware: upgrade 20251125 -> 20260110
Add Qualcomm GPU firmware, Qualcomm QCC2072 firmware, Renesas R-Car PCIe
PHY firmware and Airoha AN8811hb PHY firmware. License for Qualcomm
X1E80100 Audio DSP firmware has changed from LICENSE.qcom to
LICENSE.qcom-2.
License-Update: copyright years, new firmware
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b6573405a7
---------------------------
kbd: use zlib to decompress files
Upstream used zlib to decompress files [1], add PACKAGECONFIG
zlib to avoid host contamination.
Backport a patch from upstream [2] to fix compile failure while
zlib is used
[1] https://git.kernel.org/pub/scm/linux/kernel/git/legion/kbd.git/commit/?id=7fdd8debe37ae52812b77d82e08713bd62c607f4
[2] https://github.com/legionus/kbd/commit/2f9a4e56c2ef245fbe840677aad9d5932e17f50d
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: beb0a16ac4
---------------------------
icu: split at '.' instead of '-' for major version
With version 78.1, icu adopted '.' as separator between major and minor
version. With the upgrade commit, ICU_MAJOR_VER wasn't updated and still
tried to split versions with '-' instead of '.'. Fix by using '.' as
separator.
The error was missed with poky, because PACKAGECONFIG does not contain
make-icudata. See
do_make_icudata:class-target () {
${@bb.utils.contains('PACKAGECONFIG', 'make-icudata', '', 'exit 0', d)}
[...]
install -Dm644 ${S}/data/out/icudt${ICU_MAJOR_VER}l.dat ${S}/data/in/icudt${ICU_MAJOR_VER}l.dat
}
for which the install -Dm644 [...] command above would fail when
PACKAGECONFIG contains make-icudata.
Fixes: 479d48503dd2 ("upgrade 77-1 -> 78.1")
Signed-off-by: Yannic Moog <y.moog@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 436ce9eb94
---------------------------
maintainers.inc: update e-mail address for hwdata and libdisplay-info
Signed-off-by: Hiago De Franco <hfranco@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e0133f6409
---------------------------
pulseaudio: depend on alsa-utils-alsa-info as that is the new package name
alsa-utils-scripts no longer exists, depend on alsa-utils-alsa-info
instead.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9823a7b4f8
---------------------------
alsa-utils: reorder recipe
Move SRC_URI and inherits up to be more like the idiomatic order.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 26a28ee793
---------------------------
alsa-utils: dynamically split the packages instead of doing it manually
Instead of hard-coding a long list of packages and the FILES, we can
use do_split_packages to do the bulk of the work for us.
Leave the SUMMARY (and add some which were missing) and the FILES that
are needed to catch extra files for each package.
This removes the alsa-utils-scripts package which only existed to isolate
the bash depedencies, and instead adds separate -alsaconf and -alsa-info
packages for each of the scripts.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9e36cebca8
---------------------------
alsa-utils: clean up udev PACKAGECONFIG
The default value for the udev rules location is looked up using
pkg-config, so there's no need to make this line very long by doing it
again.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 63d268f6f8
---------------------------
alsa-utils: no need to install scripts manually
These were manually installed when they were part of a separate
alsa-utils-scripts recipe, but now that recipe no longer exists they
will be installed by automake.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 71b09aac70
---------------------------
alsa-utils: build more manpages with rst2man
alsa-utils uses both xmlto and rst2man (from docutils) to build manpages,
but we were only enabling xmlto. Enable/disable both xmlto and rst2man
depending on whether manpages are being requested.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e162234fc7
---------------------------
gdbm: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: cd8651b032
---------------------------
xz: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 95a71d9291
---------------------------
parted: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e59c7aea49
---------------------------
libpng: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 704cdf573b
---------------------------
popt: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e631b784b7
---------------------------
numactl: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ddca815ff0
---------------------------
lzo: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 73023f7e49
---------------------------
libpcre: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Also use install instead of cp to install more files.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1dc0e5e240
---------------------------
libevent: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 675e8c7301
---------------------------
gnutls: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 141d4b8c00
---------------------------
libusb1: use libtool to install test binaries
If libtool builds a binary it's best to use libtool to install it, as
otherwise you might install a wrapper script or need to make assumptions
about where libtool has put the real binary (as this isn't always .libs)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: ddb4c4a0cd
---------------------------
libarchive: upgrade 3.8.4 -> 3.8.5
Fixes regression of fix for CVE-2025-60753
Release notes [1]:
Libarchive 3.8.5 is a bugfix release.
Notable bugxies:
* bsdtar: fix regression from 3.8.4 zero-length pattern issue bugfix (#2809)
* various small bugfixes in code and documentation
[1] https://github.com/libarchive/libarchive/releases/tag/v3.8.5
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b2498921a7
---------------------------
python3-sphinx: change RDEPENDS
Change RDEPENDS from python3-roman-numerals-py to python3-roman-numerals as upstream name has changed.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: faff756e82
---------------------------
python3-roman-numerals-py: upgrade 3.1.0 -> 4.1.0
1. Upstream has renamed roman_numerals-py to roman_numerals
https://pypi.org/project/roman-numerals-py/4.1.0/
2. Changelog
https://github.com/AA-Turner/roman-numerals/blob/master/CHANGES.rst
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 606dadfa99
---------------------------
curl: Update to 8.18.0
Addresses six CVEs from 8.17.0:
* CVE-2025-13034
* CVE-2025-14017
* CVE-2025-14524
* CVE-2025-14819
* CVE-2025-15079
* CVE-2025-15224
https://curl.se/ch/8.18.0.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 569a36c432
---------------------------
python3-uritools: upgrade 5.0.0 -> 6.0.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a314290fb7
---------------------------
python3-testtools: upgrade 2.8.1 -> 2.8.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: f8fdf8452f
---------------------------
python3-sphinx: upgrade 9.0.4 -> 9.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 26b1a09b60
---------------------------
python3-ruamel-yaml: upgrade 0.18.17 -> 0.19.1
License-Update: Copyright year updated to 2026.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0b0f8bc3e9
---------------------------
python3-pyparsing: upgrade 3.2.5 -> 3.3.1
License-Update: Added copyright line to LICENSE file
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a9db8f4916
---------------------------
python3-psutil: upgrade 7.1.3 -> 7.2.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b1d80a23fd
---------------------------
python3-hypothesis: upgrade 6.148.7 -> 6.149.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4f3c5e9beb
---------------------------
python3-docutils: upgrade 0.22.3 -> 0.22.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 518e081476
---------------------------
python3-cython: upgrade 3.2.3 -> 3.2.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3f8b52902a
---------------------------
python3-certifi: upgrade 2025.11.12 -> 2026.1.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e59d74e6dd
---------------------------
fastfloat: upgrade 8.1.0 -> 8.2.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 36cd4712d5
---------------------------
ed: upgrade 1.22.3 -> 1.22.4
License-Update: Copyright year updated to 2026
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2b2e8da897
---------------------------
barebox/barebox-tools: upgrade 2025.11.0 -> 2025.12.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a7f24b82ea
---------------------------
at-spi2-core: upgrade 2.58.2 -> 2.58.3
Changelog:
Fix atk_get_major_version etc not linking on C++.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 91d49a31e2
---------------------------
u-boot: upgrade 2025.10 -> 2026.01
Upgrade to U-Boot 2026.01.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1f2e8e2cd0
---------------------------
librsvg: upgrade 2.61.0 -> 2.61.3
Add a patch that addresses a reproducibility issue with ptests.
Further tweaks to ptest installation so that the tests can find
the needed data.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 437da2e939
---------------------------
igt-gpu-tools: upgrade 2.1 -> 2.3
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b7a698d81b
---------------------------
util-linux: Disable flaky script/options-size test
The test case for the --output-limit / -o option to `script` is flaky
due to the way the output limit is handled. Depending on how buffer
boundaries line up, the command may output different numbers of
characters, but the test case expects the output to always be identical.
This has been raised upstream [1], as there are multiple options for
fixing this - we can change the behaviour of script, or we can relax the
test case. Changing the behaviour of script may impact users so we don't
want to rush ahead and do that.
For now, we're going to disable the test case.
[1]: https://msgid.link/978c83bdf7596879458f39f1789da016150a72d4.camel@pbarker.dev
Fixes [YOCTO #15188]
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d73739a561
---------------------------
libxml2: backport -timeout flag for testlimits
[YOCTO #15912]
A commit was recently merged upstream to make the testlimits test's
timeout configurable. This test fails intermittently on the AB under
heavy load (particularly on qemuriscv64), so backport the change and
adjust the timeout from two seconds to five.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d17afaf34d
---------------------------
tcl: skip all socket tests
We've had more intermittent failures in the socket tests, most likely
due to overly-tight timing requirements that we cannot achieve.
We should continue to talk with upstream about relaxing the timing
windows, but for now skip all socket tests (socket, socket_inet,
socket_inet6)
[ YOCTO #15495 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9c41887f2a
---------------------------
tcl: improve test execution loop
There's no need to run tests/all.tcl if we're going to immediately tell
it to run just one test file. Instead just run the test file directly.
This reduces a lot of noise from the log output.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 483005f752
---------------------------
rust-target-config.bbclass: apply signature exclusions only to native/nativesdk
Applying these exclusions to target builds and expecting that rebuilds
happen when they should relies on incidental
mechanisms like paths or other variables using the excluded ones.
Rather than think of possible scenarions where it works, and where
it doesn't, let's not exclude the variables from target builds, so
task signature calculation can be relied on.
[YOCTO #16132]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 9993e62f35
---------------------------
rust-target-config.bbclass: add RUST_TARGET_ABI to sstate signature exclusions
This was overlooked in
https://lists.openembedded.org/g/openembedded-core/message/218953
and caused non-reusable sstate for rust-native when
the target is one of risc-v machines.
[YOCTO #16132]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 757adcba7e
---------------------------
libnl: skip a flaky route_1 ptest
[YOCTO #16118]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8acdbefd0a
---------------------------
pseudo: Update to pull in 'makewrappers: Fix EFAULT implementation'
The pseudo update was causing hangs in builds, pull in the fix.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0c3c20b9f2
---------------------------
Reapply "glibc: Enable NFS local file locking for glibc tests"
This reverts commit 0ed4776533145c901611d7f4f942490e33481335.
The change was not causing the glibc test hangs.
---------------------------
Commit: e51d5e19cb
---------------------------
unfs3: Fix race issue causing a glibc test hang
When running glibc tests under user mode NFS, tst-syslog was causing a hang. The
hang was traced to unfsd exitting with a buffer overflow being detected.
This was traced down to mksocket() where we'd see:
socket path '/media/build/poky/build/build-st-2118464/tmp/work/x86-64-v3-poky-linux/glibc-testsuite/2.42+git/build-x86_64-poky-linux/testroot.root/dev/log' is too long at 141 vs 108
There is a length check in mknod_args() but obj may not be setup at this point by
cat_name() since the functions can be executed out of order according to C.
To avoid this, make the order explict. This means the length is checked and we
avoid the buffer overflow. This will likely cause the glibc test to fail however
it won't hang, which is a win.
[YOCTO #16113]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4a407d65dd
---------------------------
linux-yocto/6.18: mtd: use refcount to prevent corruption
Integrating the following commit(s) to linux-yocto/6.18:
1/1 [
Author: Liwei Song
Email: liwei.song@windriver.com
Subject: Revert "mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition"
Date: Wed, 24 Dec 2025 15:32:34 +0800
This reverts commit 957b188b585a4f1f9f3a39198b06a6fd62d6827d.
The issue that this patch is trying to resolve has been fixed by
upstream commit 19bfa9ebebb5 ("mtd: use refcount to prevent corruption")
so this local patch can be reverted, if not, it will cause an unbalanced
refcnt issue when open/close mtd device.
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 3fbe5ee171
---------------------------
linux-yocto/6.18: update CVE exclusions (6.18.3)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 7 changes (4 new | 3 updated): - 4 new CVEs: CVE-2025-59156, CVE-2025-59157, CVE-2025-59158, CVE-2025-59955 - 3 updated CVEs: CVE-2025-39497, CVE-2025-7195, CVE-2025-9900
Date: Mon, 5 Jan 2026 17:48:14 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 176e56b3d2
---------------------------
linux-yocto/6.18: update to v6.18.3
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
a607c8f74434 Linux 6.18.3
b79938863f43 fuse: missing copy_finish in fuse-over-io-uring argument copies
e0d6de83a4cc fuse: fix readahead reclaim deadlock
a6d1f1ace16d fuse: fix io-uring list corruption for terminated non-committed requests
f6c08d3aa441 iommu/mediatek: fix use-after-free on probe deferral
bf58ef1c4cd3 block: freeze queue when updating zone resources
ce909de4416e ARM: dts: microchip: sama7g5: fix uart fifo size to 32
699d66165f6c ARM: dts: microchip: sama7d65: fix uart fifo size to 32
c2423add6242 ARM: dts: microchip: sama5d2: fix spi flexcom fifo size to 32
4fc2f8fbfdd4 hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU
c8cf0c2bdccc hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
ffd46e7f2b87 hwmon: (max6697) fix regmap leak on probe failure
ef901d211dcc hwmon: (max16065) Use local variable to avoid TOCTOU
5b804b8f1e0d io_uring/rsrc: fix lost entries after cloned range
c95e4c4caf9a interconnect: qcom: sdx75: Drop QPIC interconnect and BCM nodes
5fa6c144d3fb i2c: amd-mp2: fix reference leak in MP2 PCI device
fb5b47ad5387 lib/crypto: riscv: Depend on RISCV_EFFICIENT_VECTOR_UNALIGNED_ACCESS
19d61f032c7e platform/x86: intel: chtwc_int33fe: don't dereference swnode args
17be376bb250 pwm: rzg2l-gpt: Allow checking period_tick cache value only if sibling channel is enabled
f80e4e91b010 rpmsg: glink: fix rpmsg device leak
88b71cd0aa39 rtla/timerlat_bpf: Stop tracing on user latency
81bf2780ba43 soc: amlogic: canvas: fix device leak on lookup
25073a05068e soc: apple: mailbox: fix device leak on lookup
b28fd17adfb2 soc: qcom: ocmem: fix device leak on lookup
951515391b8f soc: qcom: pbs: fix device leak on lookup
b2d6246ef36f soc: samsung: exynos-pmu: fix device leak on regmap lookup
3ce2b4aec8cd tracing: Fix fixed array of synthetic event
479af0d9c6ba vfio: Fix ksize arg while copying user struct in vfio_df_ioctl_bind_iommufd()
8716a841d1da virtio: vdpa: Fix reference count leak in octep_sriov_enable()
3846f8f781cc zloop: make the write pointer of full zones invalid
35eb1ec73f57 zloop: fail zone append operations that are targeting full zones
1d18fb5c71f6 amba: tegra-ahb: Fix device leak on SMMU enable
70cf3d6fe71a crypto: arm64/ghash - Fix incorrect output from ghash-neon
b674e3522b67 crypto: caam - Add check for kcalloc() in test_len()
51a5ab36084f crypto: af_alg - zero initialize memory allocated via sock_kmalloc
c549b9e0b877 dt-bindings: PCI: qcom,pcie-sm8550: Add missing required power-domains and resets
1bff3e35ed44 dt-bindings: PCI: qcom,pcie-sm8450: Add missing required power-domains and resets
d06674a1ca79 dt-bindings: PCI: qcom,pcie-sm8350: Add missing required power-domains and resets
4eee447b5bd4 dt-bindings: PCI: qcom,pcie-sm8250: Add missing required power-domains and resets
f3510ba5e265 dt-bindings: PCI: qcom,pcie-sm8150: Add missing required power-domains and resets
c3823d1243d3 dt-bindings: PCI: qcom,pcie-sc8280xp: Add missing required power-domains and resets
37f52c4554f3 dt-bindings: PCI: qcom,pcie-sc7280: Add missing required power-domains and resets
149b97dc3295 drm/displayid: pass iter to drm_find_displayid_extension()
f9e805fa1fe8 drm/amd/display: Fix scratch registers offsets for DCN351
7d5df9dd6343 drm/amd/display: Fix scratch registers offsets for DCN35
ede98c3943cd drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state()
9837f8d57a54 Revert "drm/amd/display: Fix pbn to kbps Conversion"
acb3a68f2170 gpio: loongson: Switch 2K2000/3000 GPIO to BYTE_CTRL_MODE
5f8dc9f0327e gpiolib: acpi: Add quirk for Dell Precision 7780
efdcbc1b1035 gpio: regmap: Fix memleak in error path in gpio_regmap_register()
0f5940176ad6 s390/ipl: Clear SBP flag when bootprog is set
5fcdaa29e599 cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated
a35788ddf8df btrfs: don't log conflicting inode if it's a dir moved in the current transaction
0d5c9e901ad4 powerpc/kexec: Enable SMT before waking offline CPUs
1c8bb965e9b0 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf
2a77c8dd49bc svcrdma: use rc_pageoff for memcpy byte offset
4846a4c6acb9 svcrdma: return 0 on success from svc_rdma_copy_inline_range
433bb1344ef6 nfsd: Mark variable __maybe_unused to avoid W=1 build break
da1ccfc4c452 svcrdma: bound check rq_pages index in inline path
7d17693eb79d ASoC: SOF: ipc4-topology: Convert FLOAT to S32 during blob selection
42ed4c781019 NFSD: Clear TIME_DELEG in the suppattr_exclcreat bitmap
506059202510 ALSA: hda/realtek: Add Asus quirk for TAS amplifiers
134436e66019 ASoC: SOF: ipc4-topology: Prefer 32-bit DMIC blobs for 8-bit formats as well
214b39648006 NFSD: NFSv4 file creation neglects setting ACL
b8db16f97d08 NFSD: Clear SECLABEL in the suppattr_exclcreat bitmap
b225325be7b2 net/handshake: restore destructor on submit failure
7a93edb23bcf fsnotify: do not generate ACCESS/MODIFY events on child for special files
7b9ea7aa24bd net: phy: marvell-88q2xxx: Fix clamped value in mv88q2xxx_hwmon_write
779fa2a063d4 r8169: fix RTL8117 Wake-on-Lan in DASH mode
681fd588733c lib/crypto: riscv: Add poly1305-core.S to .gitignore
5bb88024409e arm64/gcs: Flush the GCS locking state on exec
7992a8c94689 PM: runtime: Do not clear needs_force_resume with enabled runtime PM
6df47e5bb9b6 tracing: Do not register unsupported perf events
cec87632c34a xfs: validate that zoned RT devices are zone aligned
d29ed9ff972a xfs: fix a UAF problem in xattr repair
92f6a7b6cfda xfs: fix the zoned RT growfs check for zone alignment
0f3b87c66d89 xfs: fix stupid compiler warning
55c28a875425 xfs: fix a memory leak in xfs_buf_item_init()
0c01fa83c09b KVM: selftests: Add missing "break" in rseq_test's param parsing
caf68b6da389 KVM: x86: Apply runtime updates to current CPUID during KVM_SET_CPUID{,2}
aedf23821663 KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested VM-Exits
acffd1cee688 KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN)
6617e02cf8df KVM: nVMX: Immediately refresh APICv controls as needed on nested VM-Exit
3fe48378e53f KVM: TDX: Explicitly set user-return MSRs that *may* be clobbered by the TDX-Module
da28922a8c60 KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN
2c3719a04b04 KVM: Fix last_boosted_vcpu index assignment bug
691ff7e13f0d KVM: nSVM: Propagate SVM_EXIT_CR0_SEL_WRITE correctly for LMSW emulation
2853896ef465 KVM: selftests: Forcefully override ARCH from x86_64 to x86
201b4a7ebbe0 KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN
c1f8d4d41ed3 KVM: nSVM: Avoid incorrect injection of SVM_EXIT_CR0_SEL_WRITE
e23f46f1a971 KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer
a16ccbffb144 KVM: x86: Explicitly set new periodic hrtimer expiration in apic_timer_fn()
16fa73b11a94 KVM: x86: WARN if hrtimer callback for periodic APIC timer fires with period=0
b3b320a900a5 powerpc: Add reloc_offset() to font bitmap pointer used for bootx_printf()
2acb8517429a libceph: make decode_pool() more resilient against corrupted osdmaps
37a691ed7942 lib/crypto: riscv/chacha: Avoid s0/fp register
3383f16f7870 dm-pcache: advance slot index before writing slot
c8f810e20f4b parisc: Do not reprogram affinitiy on ASP chip
a19fb3611e4c scs: fix a wrong parameter in __scs_magic
f8b136296722 media: iris: Add sanity check for stop streaming
24a2062257bb platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver
f73b74dafa3c KVM: x86: Don't clear async #PF queue when CR0.PG is disabled (e.g. on #SMI)
7acc0390e0dd ocfs2: fix kernel BUG in ocfs2_find_victim_chain
30f4d4e5224a media: vidtv: initialize local pointers upon transfer of memory ownership
65d4e5af2a2e mm/slub: reset KASAN tag in defer_free() before accessing freed memory
cb51bef465d8 KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot
dd6e519ba91e pinctrl: renesas: rzg2l: Fix ISEL restore on resume
a1223a72c419 tools/testing/nvdimm: Use per-DIMM device handle
4560db9678a2 f2fs: fix return value of f2fs_recover_fsync_data()
51659b91898f f2fs: fix to not account invalid blocks in get_left_section_blocks()
2efb6b9c5bd2 f2fs: fix to detect recoverable inode during dryrun of find_fsync_dnodes()
57e36f84f2b5 f2fs: fix uninitialized one_time_gc in victim_sel_policy
b355d300f51b f2fs: fix age extent cache insertion skip on counter overflow
e6d828eae00e f2fs: use global inline_xattr_slab instead of per-sb slab cache
0dde30753c1e f2fs: invalidate dentry cache on failed whiteout creation
bac23833220a f2fs: fix to avoid updating zero-sized extent in extent cache
40409e089b41 f2fs: fix to propagate error from f2fs_enable_checkpoint()
86a85a7b622e f2fs: fix to avoid potential deadlock
0df713a9c082 f2fs: fix to avoid updating compression context during writeback
0b36fae23621 f2fs: ensure node page reads complete before f2fs_put_super() finishes
3fb2db6f50ea scsi: ufs: core: Add ufshcd_update_evt_hist() for UFS suspend error
a0d4e9e24474 scsi: mpi3mr: Read missing IOCFacts flag for reply queue full overflow
8edbb9e371af scsi: target: Reset t_task_cdb pointer in error case
8c5ce5fafe9c NFSD: use correct reservation type in nfsd4_scsi_fence_client
751c19635c2b scsi: aic94xx: fix use-after-free in device removal path
1c728951bc76 scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
8f92817b6f10 cpufreq: nforce2: fix reference count leak in nforce2
87f11fea5acb cpuidle: governors: teo: Drop misguided target residency check
17157612e40d serial: sh-sci: Check that the DMA cookie is valid
190dc4b74800 serial: xilinx_uartps: fix rs485 delay_rts_after_send
320578703ebe serial: core: Fix serial device initialization
c255a5164c58 serial: core: Restore sysfs fwnode information
864deb6cf1c0 mei: gsc: add dependency on Xe driver
670c2d09ac57 mei: Fix error handling in mei_register
4157f7bba629 intel_th: Fix error handling in intel_th_output_open
1f53652922cd dt-bindings: slimbus: fix warning from example
f83e3e9f8918 char: applicom: fix NULL pointer dereference in ac_ioctl
687ccc341f63 xhci: dbgtty: fix device unregister: fixup
fd00f88ef36b usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc()
1f069425f4f0 usb: dwc3: keep susphy enabled during exit to avoid controller faults
5a45d75da3b7 usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe
9f4bc5c30402 usb: gadget: lpc32xx_udc: fix clock imbalance in error path
7501ecfe3e52 usb: phy: isp1301: fix non-OF device reference imbalance
2e7c47e2eb3c usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal
cefaad839a38 USB: lpc32xx_udc: Fix error handling in probe
d377fe40ff5a usb: typec: altmodes/displayport: Drop the device reference in dp_altmode_probe()
8422cdf91db1 usb: typec: ucsi: huawei-gaokin: add DRM dependency
a9cd9a4846ef usb: ohci-nxp: fix device leak on probe failure
987c0ddfe8bb phy: broadcom: bcm63xx-usbh: fix section mismatches
b07bfaf62d07 media: pvrusb2: Fix incorrect variable used in trace message
ac92151ff249 media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
207d2d90ad87 usb: usb-storage: Maintain minimal modifications to the bcdDevice range.
50f47c02be41 mptcp: avoid deadlock on fallback while reinjecting
77ea2657b470 mptcp: schedule rtx timer only after pushing data
ea0129061d61 selftests: mptcp: pm: ensure unknown flags are ignored
ec4358c72491 mptcp: pm: ignore unknown endpoint flags
344789964c6c mm/slab: introduce kvfree_rcu_barrier_on_cache() for cache destruction
2766fae7c4c6 dma-mapping: Fix DMA_BIT_MASK() macro being broken
d519d23a6b1c crash: let architecture decide crash memory export to iomem_resource
20eda7c74b69 tpm2-sessions: Fix tpm2_read_public range checks
04a3aa6e8c5f tpm2-sessions: Fix out of range indexing in name_size
cebbf5d16bb2 mm/huge_memory: add pmd folio to ds_queue in do_huge_zero_wp_pmd()
d710b4a2c713 media: v4l2-mem2mem: Fix outdated documentation
2c636fb02af2 mm/ksm: fix exec/fork inheritance support for prctl
3997b3147c7b block: Remove queue freezing from several sysfs store callbacks
f0dba761b282 jbd2: use a weaker annotation in journal handling
4a9e50d881f5 jbd2: use a per-journal lock_class_key for jbd2_trans_commit_key
b59fa6011480 ext4: align max orphan file size with e2fsprogs limit
e70d561d9d83 ext4: fix incorrect group number assertion in mb_check_buddy
8cde2072825b ext4: clear i_state_flags when alloc inode
ce5f54c065a4 ext4: xattr: fix null pointer deref in ext4_raw_inode()
ecb7e5603b57 ext4: check if mount_opts is NUL-terminated in ext4_ioctl_set_tune_sb()
5bbacbbf1ca4 ext4: fix string copying in parse_apply_sb_mount_options()
8626a78ce7dd printk: Avoid irq_work for printk_deferred() on suspend
be8ba672cc5a printk: Allow printk_trigger_flush() to flush all types
b107196729ff fs: PM: Fix reverse check in filesystems_freeze_callback()
858344bc9210 tpm: Cap the number of PCR banks
2b78da4cc75d ktest.pl: Fix uninitialized var in config-bisect.pl
b3b036bac7c9 fs/ntfs3: fix mount failure for sparse runs in run_unpack()
419b1ea754c9 kallsyms: Fix wrong "big" kernel symbol type read from procfs
17900c56e263 crypto: scatterwalk - Fix memcpy_sglist() to always succeed
3312f03e9948 floppy: fix for PAGE_SIZE != 4KB
cbaae7bb64d4 jbd2: fix the inconsistency between checksum and data in memory for journal sb
8dd553771afe block: rate-limit capacity change info log
3715bb43ccd3 gfs2: fix freeze error handling
98d65b62ddf8 btrfs: don't rewrite ret from inode_permission
498e286941b9 wifi: mt76: Fix DTS power-limits on little endian systems
aceaa18f791a s390/dasd: Fix gendisk parent after copy pair swap
3b95fdb75d74 lib/crypto: x86/blake2s: Fix 32-bit arg treated as 64-bit
0eeaa2ba3b43 perf: arm_cspmu: fix error handling in arm_cspmu_impl_unregister()
bacecf370e0c efi: Add missing static initializer for efi_mm::cpus_allowed_lock
265fad7d9c42 phy: exynos5-usbdrd: fix clock prepare imbalance
344057b2605d dt-bindings: clock: mmcc-sdm660: Add missing MDSS reset
9285d0483063 mmc: sdhci-msm: Avoid early clock doubling during HS400 transition
4bb9164e8f21 x86/mce: Do not clear bank's poll bit in mce_poll_banks on AMD SMCA systems
2ad1e2faebbd sched_ext: Fix missing post-enqueue handling in move_local_task_to_local_dsq()
5ddd444484be sched_ext: Fix bypass depth leak on scx_enable() failure
ff67270a177f sched_ext: Fix the memleak for sch->helper objects
514d605ab6ce sched_ext: Factor out local_dsq_post_enq() from dispatch_enqueue()
3192204aa77f printk: Avoid scheduling irq_work on suspend
7fbfb85b05bc io_uring: fix filename leak in __io_openat_prep()
dcb0d8bf1771 io_uring: fix min_wait wakeups for SQPOLL
13a8f7b88c2d io_uring/poll: correctly handle io_poll_add() return value on update
3dfe2e1531c8 clk: keystone: syscon-clk: fix regmap leak on probe failure
9e7c63c69f57 KEYS: trusted: Fix a memory leak in tpm2_load_cmd
c30ed32690b2 rust: io: add typedef for phys_addr_t
52df55b21ede rust: io: move ResourceSize to top-level io module
0bf59179bdef rust: io: define ResourceSize as resource_size_t
93b3274587e8 samples: rust: fix endianness issue in rust_driver_pci
48298e1ba378 rust: dma: add helpers for architectures without CONFIG_HAS_DMA
bee1f36801db rust_binder: avoid mem::take on delivered_deaths
505e8c7f6ca1 rust/drm/gem: Fix missing header in `Object` rustdoc
bb82aaee1690 cifs: Fix memory and information leak in smb3_reconfigure()
f8b19571b1db vhost/vsock: improve RCU read sections around vhost_vsock_get()
74dd8b66f9d2 block: rnbd-clt: Fix signedness bug in init_dev()
13456b4f1033 ublk: clean up user copy references on ublk server exit
2c46497eb148 drm/msm/a6xx: move preempt_prepare_postamble after error check
19648135e904 drm/msm: adreno: fix deferencing ifpc_reglist when not declared
e64d5d45ffa8 scsi: scsi_debug: Fix atomic write enable module param description
7f39b9d0e86e MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits
6455d25857f2 platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks
c3cd1d514eb0 hwmon: (emc2305) fix double put in emc2305_probe_childs_from_dt
6c95c2e00996 nvme-fabrics: add ENOKEY to no retry criteria for authentication failures
76bced5efbf4 hwmon: (emc2305) fix device node refcount leak in error path
4f7d90c7184a nvme-fc: don't hold rport lock when putting ctrl
3b96dc29e385 platform/x86: wmi-gamezone: Add Legion Go 2 Quirks
ef7653481a05 i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware
7b8581442457 clk: qcom: dispcc-sm7150: Fix dispcc_mdss_pclk0_clk_src
9a9a9b88a8d8 libperf cpumap: Fix perf_cpu_map__max for an empty/NULL map
ad9f0f01373c serial: sprd: Return -EPROBE_DEFER when uart clock is not ready
e63d2173887c usb: xhci: Don't unchain link TRBs on quirky HCs
e375aa7f5a1e usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive.
6dc09b9b211b usb: xhci: limit run_graceperiod for only usb 3.0 devices
41374236a556 iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains
132fe187e0d9 usb: typec: ucsi: Handle incorrect num_connectors capability
1681cf6da695 usbip: Fix locking bug in RT-enabled kernels
967ac825b4f6 exfat: zero out post-EOF page cache on file extension
ff3e06e80c9e exfat: fix remount failure in different process environments
f04d53f6e3ff reset: fix BIT macro reference
b49c766856fb functionfs: fix the open/removal races
c6a2dd4f2e4e via_wdt: fix critical boot hang due to unnamed resource allocation
ea0c31c52143 fuse: Invalidate the page cache after FOPEN_DIRECT_IO write
b88dd8517ec8 fuse: Always flush the page cache before FOPEN_DIRECT_IO write
05f9aa19fdc1 scsi: qla2xxx: Use reinit_completion on mbx_intr_comp
6407b63db802 scsi: qla2xxx: Fix initiator mode with qlini_mode=exclusive
45185214175c scsi: qla2xxx: Fix lost interrupts with qlini_mode=disabled
095704d7f334 powerpc/addnote: Fix overflow on 32-bit builds
d45fcd38c692 clk: mvebu: cp110 add CLK_IGNORE_UNUSED to pcie_x10, pcie_x11 & pcie_x4
5f9a7a00a2be scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI
4ca4c0b6c34f scsi: smartpqi: Add support for Hurray Data new controller PCI device
15108657bce0 ti-sysc: allow OMAP2 and OMAP4 timers to be reserved on AM33xx
dbbf6d471306 um: init cpu_tasks[] earlier
64b989a051b0 firmware: imx: scu-irq: Init workqueue before request mbox channel
9f2ff08737c4 scsi: ufs: host: mediatek: Fix shutdown/suspend race condition
eb8d9fb6280d ipmi: Fix __scan_channels() failing to rescan channels
235ae3fc9e9c ipmi: Fix the race between __scan_channels() and deliver_response()
8a9c52cbaf96 ASoC: ops: fix snd_soc_get_volsw for sx controls
aa0449550e1e ASoC: SDCA: support Q7.8 volume format
523c21a04c17 nfsd: fix memory leak in nfsd_create_serv error paths
74fd0ae1a7de ASoC: ak4458: remove the reset operation in probe and remove
eaa95228b8a5 ALSA: usb-mixer: us16x08: validate meter packet indices
499057a7cc6b ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path
042e9e86d8e1 ALSA: vxpocket: Fix resource leak in vxpocket_probe error path
2068cf6f8276 ASoC: fsl_sai: Constrain sample rates from audio PLLs only in master mode
425672fdb7b6 x86/mm/tlb/trace: Export the TLB_REMOTE_WRONG_CPU enum in <trace/events/tlb.h>
82b6dfc0aa60 x86/fpu: Fix FPU state core dump truncation on CPUs with no extended xfeatures
f01e9f891c37 x86/msi: Make irq_retrigger() functional for posted MSI
34c0e95524d6 x86/bug: Fix old GCC compile fails
6220d38a08f8 net/hsr: fix NULL pointer dereference in prp_get_untagged_frame()
e1be561f6b14 dt-bindings: mmc: sdhci-of-aspeed: Switch ref to sdhci-common.yaml
2ebf2e631d53 mmc: sdhci-of-arasan: Increase CD stable timeout to 2 seconds
87e74671ddbc mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig
be0b613198e6 spi: fsl-cpm: Check length parity before switching to 16 bit mode
7e086c97dd2b ACPI: CPPC: Fix missing PCC check for guaranteed_perf
4cb75cd4eeb4 ACPI: PCC: Fix race condition by removing static qualifier
76033cf8c2e4 platform/x86: intel_pmc_ipc: fix ACPI buffer memory leak
4a4193d9c6dd soc/tegra: fuse: Do not register SoC device on ACPI boot
bb958a1320b5 can: gs_usb: gs_can_open(): fix error handling
da852f46c76e xfs: don't leak a locked dquot when xfs_dquot_attach_buf fails
8722085fd23b Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table
a9c115e017b2 Input: alps - fix use-after-free bugs caused by dev3_register_work
cffc4e29b1e2 Input: lkkbd - disable pending work before freeing device
40e3042de43f Input: ti_am335x_tsc - fix off-by-one error in wire_order validation
9d9eab0eb2bf Input: xpad - add support for CRKD Guitars
cae029e0575d Input: apple_z2 - fix reading incorrect reports after exiting sleep
14b1a6009e48 HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen
6dc8cf6e7998 ksmbd: fix buffer validation by including null terminator size in EA length
8cabcb4dd3dc ksmbd: Fix refcount leak when invalid session is found on session lookup
571204e4758a ksmbd: skip lock-range check on equal size to avoid size==0 underflow
3041d93301ca hwmon: (ltc4282): Fix reset_history file permissions
0821f3ad2d6e arm64: dts: mediatek: Apply mt8395-radxa DT overlay at build time
66dce411c7e9 amd/iommu: Preserve domain ids inside the kdump kernel
1e5b2d2138f6 drm/xe/oa: Always set OAG_OAGLBCTXCTRL_COUNTER_RESUME
338849090ee6 drm/xe/oa: Limit num_syncs to prevent oversized allocations
1d200017f55f drm/xe: Limit num_syncs to prevent oversized allocations
cfc473f29eb5 block: rnbd-clt: Fix leaked ID in init_dev()
0460e09a6142 ublk: fix deadlock when reading partition table
474cf21e0c0e ublk: refactor auto buffer register in ublk_dispatch_req()
5907d423400e ublk: add `union ublk_io_buf` with improved naming
0f6f3cf11bfe ublk: add parameter `struct io_uring_cmd *` to ublk_prep_auto_buf_reg()
a4315e409ab0 io_uring: fix nr_segs calculation in io_import_kbuf
0ab22a1796e0 spi: cadence-quadspi: Fix clock disable on probe failure path
dac58c012c47 drm/amdgpu: fix a job->pasid access race in gpu recovery
f51cc7aeb3d0 arm64: kdump: Fix elfcorehdr overlap caused by reserved memory processing reorder
0901f5fe2a01 x86/xen: Fix sparse warning in enlighten_pv.c
09fe52c728e0 drm/panel: sony-td4353-jdi: Enable prepare_prev_first
548e158dbf57 MIPS: Fix a reference leak bug in ip22_check_gio()
63cc97bd85e3 drm/xe: Restore engine registers before restarting schedulers after GT reset
4c8a881044e1 drm/xe: Increase TDF timeout
f72c9ecd4b25 drm/me/gsc: mei interrupt top half should be in irq disabled context
754b10c067f0 drm/xe: fix drm_gpusvm_init() arguments
3a3612dc7055 drm/xe: Apply Wa_14020316580 in xe_gt_idle_enable_pg()
f6ec2d5c21b1 drm/xe: Fix freq kobject leak on sysfs_create_files failure
ea62d22f5772 hwmon: (tmp401) fix overflow caused by default conversion rate value
5aa213920166 hwmon: (ibmpex) fix use-after-free in high/low store
e52b375b7dae hwmon: (dell-smm) Limit fan multiplier to avoid overflow
5e4481ef397e spi: mpfs: Fix an error handling path in mpfs_spi_probe()
c062e2785bbe spi: microchip: rename driver file and internal identifiers
f55201fb3bec block: fix race between wbt_enable_default and IO submission
ef8178f81002 block: use {alloc|free}_sched data methods
93869ded0ccc block: introduce alloc_sched_data and free_sched_data elevator methods
aa81ed74af25 block: move elevator tags into struct elevator_resources
22f98de8fa78 block: unify elevator tags and type xarrays into struct elv_change_ctx
322d0132d8b5 selftests: ublk: fix overflow in ublk_queue_auto_zc_fallback()
9c0dc1d40b69 drm/tests: Handle EDEADLK in set_up_atomic_state()
5ffc53a58a75 drm/tests: Handle EDEADLK in drm_test_check_valid_clones()
c35d4fba2e0b drm/tests: hdmi: Handle drm_kunit_helper_enable_crtc_connector() returning EDEADLK
91a51d01be5c net: hns3: add VLAN id validation before using
f02f283ebfaf net: hns3: using the num_tqps to check whether tqp_index is out of range when vf get ring info from mbx
62f28d79a618 net: hns3: using the num_tqps in the vf driver to apply for resources
918aafade36d net: enetc: do not transmit redirected XDP frames when the link is down
3c330f1dee3c net/handshake: duplicate handshake cancellations leak socket
4af9c2cd9a84 net/mlx5e: Don't include PSP in the hard MTU calculations
52f7785dad93 net/mlx5e: Trigger neighbor resolution for unresolved destinations
2d2e05d3c2af net/mlx5e: Use ip6_dst_lookup instead of ipv6_dst_lookup_flow for MAC init
a935b5993b9e net/mlx5: Serialize firmware reset with devlink
d173741ab4cb net/mlx5: fw_tracer, Handle escaped percent properly
8c35c2448086 net/mlx5: fw_tracer, Validate format string parameters
2d2d97d8a644 net/mlx5: Drain firmware reset in shutdown callback
5af49c5c3bdb net/mlx5: fw reset, clear reset requested on drain_fw_reset
4066b5b54629 ethtool: Avoid overflowing userspace buffer on stats query
730a125ec467 can: j1939: make j1939_sk_bind() fail if device is no longer registered
b166b8e0a381 iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED
9bec0d706487 iommufd/selftest: Make it clearer to gcc that the access is not out of bounds
365417a77d38 selftests: netfilter: packetdrill: avoid failure on HZ=100 kernel
95b2dac3aaee netfilter: nf_tables: remove redundant chain validation on register store
79ea9102e66b netfilter: nf_nat: remove bogus direction check
c59137e1314d nfc: pn533: Fix error code in pn533_acr122_poweron_rdr()
43d9a530c8c0 net/sched: ets: Remove drr class from the active list if it changes to strict
21fdcc00656a caif: fix integer underflow in cffrml_receive()
82abf247e013 selftests: netfilter: prefer xfail in case race wasn't triggered
689a627d1478 ipvs: fix ipv4 null-ptr-deref in route error path
4bd2b89f4028 netfilter: nf_conncount: fix leaked ct in error paths
c70df25214ac inet: frags: flush pending skbs in fqdir_pre_exit()
58e7108971fa inet: frags: add inet_frag_queue_flush()
1b5c3b8826d4 inet: frags: avoid theoretical race in ip_frag_reinit()
9ed53331e418 selftests: net: tfo: Fix build warning
aa3f345dbac2 selftests: net: Fix build warnings
008fd87cd708 selftest: af_unix: Support compilers without flex-array-member-not-at-end support
1d18e7155f64 broadcom: b44: prevent uninitialized value usage
698f389552ab net: ti: icssg-prueth: add PTP_1588_CLOCK_OPTIONAL dependency
c999153bfb2d net: openvswitch: fix middle attribute validation in push_nsh() action
f17e0c120848 bnxt_en: Fix XDP_TX path
4049a6ace209 mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats
675c5aeadf64 mlxsw: spectrum_router: Fix neighbour use-after-free
fcb9e2e5cf04 mlxsw: spectrum_router: Fix possible neighbour reference count leak
d2495f529d60 net/mlx5: Fix double unregister of HCA_PORTS component
7aa2085ca72b ipvlan: Ignore PACKET_LOOPBACK in handle_mode_l2()
90206ede6318 net: phy: RTL8211FVD: Restore disabling of PHY-mode EEE
e3859271c72c net: phy: realtek: create rtl8211f_config_phy_eee() helper
c6a23498f795 net: phy: realtek: eliminate priv->phycr1 variable
ce370d988122 net: phy: realtek: allow CLKOUT to be disabled on RTL8211F(D)(I)-VD-CG
d064d95c74d3 net: phy: realtek: eliminate has_phycr2 variable
7ec73f0e1600 net: phy: realtek: eliminate priv->phycr2 variable
e12c912f92cc net/mlx5e: Avoid unregistering PSP twice
f4a16bb7f8b5 net/mlx5: make enable_mpesw idempotent
45466141da3c net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
51f5fbc1681b netrom: Fix memory leak in nr_sendmsg()
ef4943d8c55c net: fec: ERR007885 Workaround for XDP TX path
6938e2fb4b4b gfs2: Fix use of bio_chain
e84d2d5f3680 Bluetooth: btusb: Add new VID/PID 0x0489/0xE12F for RTL8852BE-VT
81b702a5486c Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE
a35109f796db Bluetooth: btusb: add new custom firmwares
a8c7343e2a04 Bluetooth: btusb: MT7920: Add VID/PID 0489/e135
c5f173e20fdd Bluetooth: btusb: MT7922: Add VID/PID 0489/e170
112a000505b8 Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV
ee63729760f5 ksmbd: vfs: fix race on m_flags in vfs_cache
063cbbc6f595 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
d8c5009bf41d smb/server: fix return value of smb2_ioctl()
32c3960b4212 gfs2: Fix "gfs2: Switch to wait_event in gfs2_quotad"
a2046f5916c2 gfs2: fix remote evict for read-only filesystems
66e2f3c1aefe hfsplus: fix volume corruption issue for generic/101
306d8449af7c btrfs: scrub: always update btrfs_scrub_progress::last_physical
f5323b43019d wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet
9c6f9b2a80ed wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC load
0283fac52b42 wifi: cfg80211: use cfg80211_leave() in iftype change
c3ab9657866f wifi: cfg80211: stop radar detection in cfg80211_leave()
40257a2ef1bc wifi: rtl8xxxu: Fix HT40 channel config for RTL8192CU, RTL8723AU
d5fb4e2c9bb0 fs/ntfs3: check for shutdown in fsync
282214ddf847 hfsplus: fix volume corruption issue for generic/073
91f114bffa36 hfsplus: Verify inode mode when loading from disk
5882e7c8cdbb hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create
772e0a8809f1 hfsplus: fix volume corruption issue for generic/070
b3c151fe8f54 ntfs: set dummy blocksize to read boot_block when mounting
f44e3d622d74 kbuild: Use objtree for module signing key path
5859a556db4b fs/ntfs3: Support timestamps prior to epoch
1c553c454f54 crypto: ccp - Add support for PCI device 0x115A
c9266cafb277 livepatch: Match old_sympos 0 and 1 in klp_find_func()
ab665eb99971 scripts: kdoc_parser.py: warn about Python version only once
3ef4a51315a9 x86/microcode: Mark early_parse_cmdline() as __init
63859f6da00d cpuidle: menu: Use residency threshold in polling state override decisions
e486de4c945d cpufreq: s5pv210: fix refcount leak
f916f071e41c ACPI: fan: Workaround for 64-bit firmware bug
3d9ecabe2953 cpufreq: dt-platdev: Add JH7110S SOC to the allowlist
29014a19d417 ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only
f91dad0a3b38 ACPICA: Avoid walking the Namespace if start_node is NULL
bb4c2f559e57 x86/ptrace: Always inline trivial accessors
aab3236ff1da sched/fair: Revert max_newidle_lb_cost bump
3ed049fbfb4d sched/deadline: only set free_cpus for online runqueues
43c2e5c2acaa perf/x86/amd: Check event before enable to avoid GPF
ec73412f61d3 scripts/faddr2line: Fix "Argument list too long" error
bfa4924cbc52 iomap: account for unaligned end offsets when truncating read range
142194fb21af iomap: adjust read range correctly for non-block-aligned positions
4642686699a4 shmem: fix recovery on rename failures
6fd59082b626 btrfs: fix changeset leak on mmap write after failure to reserve metadata
6564f76a9efe btrfs: fix memory leak of fs_devices in degraded seed device path
d0e177e176e7 bpf: Fix verifier assumptions of bpf_d_path's output buffer
b7a2957ace3d bpf: Fix truncated dmabuf iterator reads
75fffc9fef36 bpf, arm64: Do not audit capability check in do_jit()
f79a80c7fc06 btrfs: fix a potential path leak in print_data_reloc_error()
815abd170966 btrfs: do not skip logging new dentries when logging a new name
78d82960b939 Linux 6.18.2
1823e08f76c6 ALSA: wavefront: Fix integer overflow in sample size validation
590bd2a7acba ALSA: wavefront: Clear substream pointers on close
343fa9800cf9 ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi()
3646c928bb77 ALSA: hda/tas2781: fix speaker id retrieval for multiple probes
acacb5b7109a ALSA: hda/realtek: Add match for ASUS Xbox Ally projects
1e1b3207a53e ALSA: dice: fix buffer overflow in detect_stream_formats()
d6d0caff738f usb: dwc3: dwc3_power_off_all_roothub_ports: Use ioremap_np when required
a880ef71a1c8 usb: typec: ucsi: fix use-after-free caused by uec->work
6507f1810d3c usb: phy: Initialize struct usb_phy list_head
a902fc01813a usb: typec: ucsi: fix probe failure in gaokun_ucsi_probe()
93193a1a0077 usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt
1f2f0ff3cacb efi/cper: align ARM CPER type with UEFI 2.9A/2.10 specs
742082e59fcc efi/cper: Adjust infopfx size to accept an extra space
a980fec3d5eb efi/cper: Add a new helper function to print bitmasks
67d5a5e20259 perf/x86/intel: Fix NULL event dereference crash in handle_pmi_common()
f2091f479f5b ocfs2: fix memory leak in ocfs2_merge_rec_left()
d0fab03390ae cpu: Make atomic hotplug callbacks run with interrupts disabled on UP
efd65e2e2fd9 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
da07fa873059 perf/core: Fix missing read event generation on task exit
35287d31e083 scsi: ufs: core: Fix an error handler crash
9e434426cc23 scsi: imm: Fix use-after-free bug caused by unfinished delayed work
ea98ced74f50 dm log-writes: Add missing set_freezable() for freezable kthread
992710902de4 dm-raid: fix possible NULL dereference with undefined raid type
f80cf70de912 ASoC: amd: acp: update tdm channels for specific DAI
ef0cd7b69492 block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock
97ee36e58a8c drm/i915/fbdev: Hold runtime PM ref during fbdev BO creation
cabc9d26c06f drm/{i915, xe}/fbdev: deduplicate struct drm_mode_fb_cmd2 init
6f36ae55d245 drm/{i915, xe}/fbdev: pass struct drm_device to intel_fbdev_fb_alloc()
bc600ef08326 drm/i915/fbdev: make intel_framebuffer_create() error return handling explicit
c287d34592cc drm/xe/fbdev: use the same 64-byte stride alignment as i915
fb074e5c4f3e ARM: 9464/1: fix input-only operand modification in load_unaligned_zeropad()
8f9e51cf2a2a ALSA: firewire-motu: add bounds check in put_user loop for DSP events
d48f75972d39 regulator: spacemit: Align input supply name with the DT binding
4a7915a26d19 rtc: max31335: Fix ignored return value in set_alarm
f67ae28e9ac3 rtc: gamecube: Check the return value of ioremap()
0c1239fb5c42 drm/amdkfd: Use huge page size to check split svm range alignment
4058530b4294 ALSA: uapi: Fix typo in asound.h comment
d8fae0475d95 dma/pool: eliminate alloc_pages warning in atomic_pool_expand
bfef208916d7 i2c: spacemit: fix detect issue
581a9f4c1cd8 docs: hwmon: fix link to g762 devicetree binding
f81f7e1344c4 gpio: tb10x: fix OF_GPIO dependency
829adc469a18 nfs/localio: remove 61 byte hole from needless ____cacheline_aligned
1959d1265e24 nfs/localio: remove alignment size checking in nfs_is_local_dio_possible
5dfdc0ba0544 cifs: Fix handling of a beyond-EOF DIO/unbuffered read over SMB2
c61af12157ef cifs: Fix handling of a beyond-EOF DIO/unbuffered read over SMB1
ec8ccaa4d33e drm/nouveau: fix circular dep oops from vendored i2c encoder
731e1beb10c4 drm/nouveau: refactor deprecated strcpy
cdda0d06f865 ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
8fee481ee6c0 regulator: fixed: Rely on the core freeing the enable GPIO
bc6761c02255 drm/plane: Fix IS_ERR() vs NULL check in drm_plane_create_hotspot_properties()
0e777da54152 io_uring/kbuf: use READ_ONCE() for userspace-mapped memory
6a960b58df61 nvme-auth: use kvfree() for memory allocated with kvcalloc()
7193407bc445 block: fix memory leak in __blkdev_issue_zero_pages
2864db01b3e5 block: fix comment for op_is_zone_mgmt() to include RESET_ALL
0accacccba19 drm/panel: novatek-nt35560: avoid on-stack device structure
7b9187711394 blk-mq: Abort suspend when wakeup events are pending
6acd144fa8b1 f2fs: revert summary entry count from 2048 to 512 in 16kb block support
9a3192f81819 ASoC: ak5558: Disable regulator when error happens
a15353ac167f ASoC: ak4458: Disable regulator when error happens
a52d027b4d6b ASoC: amd: acp: Audio is not resuming after s0ix
488ef9dd5c09 ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure()
2606e7e090fe platform/x86: asus-wmi: use brightness_set_blocking() for kbd led
c3430e94a0a2 fs/nls: Fix inconsistency between utf8_to_utf32() and utf32_to_utf8()
6d335d8a26bf NFS: Fix inheritance of the block sizes when automounting
df9b003a2eca NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags
c30cb13edcbf Revert "nfs: ignore SB_RDONLY when mounting nfs"
10d58baf7d0e Revert "nfs: clear SB_RDONLY before getting superblock"
699e32e42faf Revert "nfs: ignore SB_RDONLY when remounting nfs"
c646ebff3fa5 drm/panthor: Prevent potential UAF in group creation
38694f9aae00 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
a7d914e1f9b4 NFS: Initialise verifiers for visible dentries in _nfs4_open_and_get_state
97b93a595be0 NFS: Initialise verifiers for visible dentries in nfs_atomic_open()
32b7ba23b4df NFS: Initialise verifiers for visible dentries in readdir and lookup
4836f912acc7 fs/nls: Fix utf16 to utf8 conversion
f0f456c327f5 NFS: Avoid changing nlink when file removes and attribute updates race
530f1ba28793 kbuild: install-extmod-build: Properly fix CC expansion when ccache is used
2e1c79299036 rtc: amlogic-a4: fix double free caused by devm
b18d3c3ce852 f2fs: maintain one time GC mode is enabled during whole zoned GC cycle
52eb1c76c0dc platform/x86:intel/pmc: Update Arrow Lake telemetry GUID
41a59772b500 sched/core: Fix psi_dequeue() for Proxy Execution
8061d3b7bb91 sched/fair: Fix unfairness caused by stalled tg_load_avg_contrib when the last task migrates out
fe9a3154bb5b 9p: fix cache/debug options printing in v9fs_show_options
15a6572117f0 fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe()
850f134a4c81 perf stat: Allow no events to open if this is a "--null" run
b9ceff1ca3ef pinctrl: single: Fix incorrect type for error return variable
654841dd211b perf hist: In init, ensure mem_info is put on error paths
badf751a785d perf kvm: Fix debug assertion
501a16c1ddb2 perf tools: Fix split kallsyms DSO counting
30f874b8a92f perf tools: Mark split kallsyms DSOs as loaded
88fc3dd6e631 exfat: fix divide-by-zero in exfat_allocate_bitmap
d009ff8959d2 exfat: fix refcount leak in exfat_find
bd4da8f59dbb perf jitdump: Add sym/str-tables to build-ID generation
3ed6c458530a net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop
1ce413fd4d04 net: dsa: xrs700x: reject unsupported HSR configurations
4a7f375f625d net: hsr: create an API to get hsr port type
b07e2f191d88 net: dsa: b53: fix BCM5325/65 ARL entry VIDs
0d0116335eba net: dsa: b53: fix BCM5325/65 ARL entry multicast port masks
8e881dfd5255 net: dsa: b53: add support for bcm63xx ARL entry format
e5a6a2475901 net: dsa: b53: fix CPU port unicast ARL entries for BCM5325/65
e23860a4bf1e net: dsa: b53: use same ARL search result offset for BCM5325/65
c15c2c2b72ac net: dsa: b53: add support for 5389/5397/5398 ARL entry format
4e8f43e63878 net: dsa: b53: move ARL entry functions into ops struct
e0c63c85e007 net: dsa: b53: split reading search entry into their own functions
f3affeb3c7d0 net: dsa: b53: provide accessors for accessing ARL_SRCH_CTL
5e86ebfb4306 net: dsa: b53: move writing ARL entries into their own functions
ed2f26bf281b net: dsa: b53: move reading ARL entries into their own function
397fdaf790ce net: dsa: b53: b53_arl_read{,25}(): use the entry for comparision
6f2311c6cb9f net: dsa: b53: fix extracting VID from entry for BCM5325/65
c25b00402080 net: dsa: b53: fix VLAN_ID_IDX write size for BCM5325/65
210226ce6ca6 um: Disable KASAN_INLINE when STATIC_LINK is selected
0a1254e59754 smb: client: relax WARN_ON_ONCE(SMBDIRECT_SOCKET_*) checks in recv_done() and smbd_conn_upcall()
7c4f55905cfb smb: server: relax WARN_ON_ONCE(SMBDIRECT_SOCKET_*) checks in recv_done() and smb_direct_cm_handler()
7d077222555e smb: smbdirect: introduce SMBDIRECT_CHECK_STATUS_{WARN,DISCONNECT}()
c9ae2463c529 smb: smbdirect: introduce SMBDIRECT_DEBUG_ERR_PTR() helper
36c6c788173e clk: keystone: fix compile testing
61e684ef4c2b md/raid5: fix IO hang when array is broken with IO inflight
de4a27113099 remoteproc: qcom_q6v5_wcss: fix parsing of qcom,halt-regs
14980281ebff rqspinlock: Use trylock fallback when per-CPU rqnode is busy
43b6c312b8ff rqspinlock: Enclose lock/unlock within lock entry acquisitions
03ee076352cf mtd: lpddr_cmds: fix signed shifts in lpddr_cmds
760bc6ceda8e net: netpoll: initialize work queue before error checks
4cc8dd1aafac selftests: bonding: add delay before each xvlan_over_bond connectivity check
f61d6d4e1508 net: phy: aquantia: check for NVMEM deferral
cadb28f8b3fd landlock: Fix handling of disconnected directories
addbb8ddb443 vfio/pci: Use RCU for error/request triggers to avoid circular locking
3e2fc1e57a53 arm64/pageattr: Propagate return value from __change_memory_common
81841da1f30f spi: ch341: fix out-of-bounds memory access in ch341_transfer_one
44309fda9c60 mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors
3a11d8ae00c9 net: stmmac: fix rx limit check in stmmac_rx_zc()
4ac26aafdc8c net: vxlan: prevent NULL deref in vxlan_xmit_one
6d080f810ffd iavf: Implement settime64 with -EOPNOTSUPP
77ea3d8ac3d3 netfilter: nft_connlimit: update the count if add was skipped
f6904ed15ed1 netfilter: nf_conncount: rework API to use sk_buff directly
87a453f31c63 netfilter: flowtable: check for maximum number of encapsulations in bridge vlan
3c0493f81dfa Reinstate "resource: avoid unnecessary lookups in find_next_iomem_res()"
f2888bfb9003 arm64: dts: mediatek: mt8195: Fix address range for JPEG decoder core 1
64099b5c0aeb regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
ed3cc640b4f1 ARM: dts: samsung: exynos4412-midas: turn off SDIO WLAN chip during system suspend
b4eb208dee57 ARM: dts: samsung: exynos4210-trats: turn off SDIO WLAN chip during system suspend
ad3e7ec8e21e ARM: dts: samsung: exynos4210-i9100: turn off SDIO WLAN chip during system suspend
104a6ed7a4c0 ARM: dts: samsung: universal_c210: turn off SDIO WLAN chip during system suspend
1f11f4e8b7f7 soc: samsung: exynos-pmu: Fix structure initialization
749c2b72a2ba spi: airoha-snfi: en7523: workaround flash damaging if UART_TXD was short to GND
a2f79598c6c1 ASoC: Intel: catpt: Fix error path in hw_params()
9223cdb994d9 virtio: clean up features qword/dword terms
ce46f6a8d624 vdpa/pds: use %pe for ERR_PTR() in event handler registration
09853ba0977f vhost: Fix kthread worker cgroup failure handling
ba8a48b7be20 vdpa/mlx5: Fix incorrect error code reporting in query_virtqueues
d94497989a9c virtio: fix map ops comment
99ae54bbb475 virtio: fix virtqueue_set_affinity() docs
5fdd8443c0a4 virtio: standardize Returns documentation style
ed4dade6223d virtio: fix grammar in virtio_map_ops docs
6c5dfc6f33de virtio: fix grammar in virtio_queue_info docs
e3e6c543e695 virtio: fix whitespace in virtio_config_ops
201ca193b492 virtio: fix typo in virtio_device_ready() comment
a8d39a172781 virtio: fix kernel-doc for mapping/free_coherent functions
3c30975c9aba virtio_vdpa: fix misleading return in void function
1b70f280c39e of: Skip devicetree kunit tests when RISCV+ACPI doesn't populate root node
2a3f91ef20ec selftests/net: packetdrill: pass send_omit_free to MSG_ZEROCOPY tests
a537ffa7f44b ext4: improve integrity checking in __mb_check_buddy by enhancing order-0 validation
f0022551745d bpf: Fix exclusive map memory leak
c1b149b698e2 selftests/landlock: Fix makefile header list
4e2a8fb1ce6c ublk: prevent invalid access with DEBUG
7639d3983166 ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4
17fc4443ee12 hwmon: sy7636a: Fix regulator_enable resource leak on error path
627a55ec0039 drm/amdkfd: assign AID to uuid in topology for SPX mode
843bdaf0bfdd drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1()
2f4f72e580b5 misc: rp1: Fix an error handling path in rp1_probe()
e901d77f8994 fs: lift the FMODE_NOCMTIME check into file_update_time_flags
eda80f733fbd fs: refactor file timestamp update logic
2f62a4e39588 greybus: gb-beagleplay: Fix timeout handling in bootloader functions
c9083b2fce6b firmware_loader: make RUST_FW_LOADER_ABSTRACTIONS select FW_LOADER
ee0fa63171ba ASoC: fsl_xcvr: clear the channel status control memory
49e7347f4644 gfs2: Prevent recursive memory reclaim
79bc3bdf36bc ASoC: nau8325: add missing build config
1123b37d8947 ASoC: codecs: nau8325: Silence uninitialized variables warnings
4876a36bc639 ASoC: nau8325: use simple i2c probe function
110337fa5f06 clocksource/drivers/nxp-stm: Prevent driver unbind
755927ae1769 clocksource/drivers/nxp-stm: Fix section mismatches
7da0b7f66a20 clocksource/drivers/nxp-pit: Prevent driver unbind
364752785f7d clocksource/drivers/arm_arch_timer_mmio: Prevent driver unbind
9876d55a0445 clocksource/drivers/stm: Fix double deregistration on probe failure
cbc8d54c7313 clocksource/drivers/ralink: Fix resource leaks in init error path
0a3d0e948663 drm/panthor: Avoid adding of kernel BOs to extobj list
46cd9849e520 arm64: dts: amlogic: meson-g12b: Fix L2 cache reference for S922X CPUs
73573f7e5284 RDMA/irdma: Fix SRQ shadow area address initialization
63f755a2ef55 RDMA/irdma: Remove doorbell elision logic
951870eee2dc RDMA/irdma: Do not set IBK_LOCAL_DMA_LKEY for GEN3+
aac0552d66c2 RDMA/irdma: Do not directly rely on IB_PD_UNSAFE_GLOBAL_RKEY
4b71f69c4914 RDMA/irdma: Add missing mutex destroy
b0258b9ecbc0 RDMA/irdma: Fix SIGBUS in AEQ destroy
e0331f477c19 RDMA/irdma: Add a missing kfree of struct irdma_pci_f for GEN2
4b8abcc87373 RDMA/irdma: Fix data race in irdma_free_pble
118894098d4e RDMA/irdma: Fix data race in irdma_sc_ccq_arm
cefb67ea27f9 iommu/arm-smmu-qcom: Enable use of all SMR groups when running bare-metal
57c6cea2073c backlight: lp855x: Fix lp855x.h kernel-doc warnings
08c9dc6b0f2c backlight: led-bl: Add devlink to supplier LEDs
ad26a7ef0488 wifi: ieee80211: correct FILS status codes
c67775cf0da2 iomap: allocate s_dio_done_wq for async reads as well
74c0c1af04ee iomap: always run error completions in user context
f8a794ea740d um: Don't rename vmap to kernel_vmap
60ac9e5820b9 drm/nouveau: restrict the flush page to a 32-bit address
644ddd0d96d1 PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition
f5190da518be btrfs: fix leaf leak in an error path in btrfs_del_items()
d65f49f772cf btrfs: make sure extent and csum paths are always released in scrub_raid56_parity_stripe()
742b90eaf394 btrfs: fix racy bitfield write in btrfs_clear_space_info_full()
364685c4c2d9 btrfs: fix double free of qgroup record after failure to add delayed ref head
3b796d3f16c1 selftests/bpf: Allow selftests to build with older xxd
489a8f559faf bpftool: Allow bpftool to build with openssl < 3
3d12cc5d13f6 iommu/arm-smmu-v3: Fix error check in arm_smmu_alloc_cd_tables
56296da5e6bf staging: fbtft: core: fix potential memory leak in fbtft_probe_common()
1bdf06f25a49 firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc
4d42aba0ee49 mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
f4c57afff3b0 wifi: mt76: mt7996: Add missing locking in mt7996_mac_sta_rc_work()
abdedd46dc58 wifi: mt76: mt7996: skip ieee80211_iter_keys() on scanning link remove
c319967690d4 wifi: mt76: mt7996: skip deflink accounting for offchannel links
70656b45467c wifi: mt76: Move mt76_abort_scan out of mt76_reset_device()
46f0648e261c wifi: mt76: mt7996: grab mt76 mutex in mt7996_mac_sta_event()
b4b789d24319 wifi: mt76: mt7996: fix EMI rings for RRO
1a4b481a21ae wifi: mt76: mt7996: fix using wrong phy to start in mt7996_mac_restart()
7d6cd8f51ad8 wifi: mt76: mt7996: fix MLO set key and group key issues
9a43ed9ab800 wifi: mt76: mt7996: fix MLD group index assignment
e5c42efeb162 wifi: mt76: mt7996: set link_valid field when initializing wcid
d64e6f27260e wifi: mt76: mt7996: fix teardown command for an MLD peer
ee94375d06b5 wifi: mt76: mt7996: fix several fields in mt7996_mcu_bss_basic_tlv()
95bb36f8d6b3 wifi: mt76: mt7996: fix implicit beamforming support for mt7992
74bb080717a3 wifi: mt76: mt7996: fix max nss value when getting rx chainmask
2cde732373a7 Revert "wifi: mt76: mt792x: improve monitor interface handling"
d2d11298dfc3 wifi: mt76: mt7996: Remove useless check in mt7996_msdu_page_get_from_cache()
d582d0e988d6 wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks
cbeca0b7ea20 wifi: mt76: mt7996: Remove unnecessary link_id checks in mt7996_tx
b8f34c1c5c4f wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx()
791520a8e54e ASoC: tas2781: correct the wrong period
23ca40088490 ASoC: tas2781: Correct the wrong chip ID for reset variable check
fd9c3a1c963f crypto: ahash - Zero positive err value in ahash_update_finish
aa9dc3d80dd5 crypto: ahash - Fix crypto_ahash_import with partial block data
ce649d74650a RDMA/bnxt_re: Pass correct flag for dma mr creation
32fdf021f6c9 RDMA/bnxt_re: Fix the inline size for GenP7 devices
620472e6b303 erofs: limit the level of fs stacking for file-backed mounts
46198ad00429 erofs: correct FSDAX detection
1fa7e6e78bd6 RISC-V: KVM: Fix guest page fault within HLV* instructions
469b0b8ce088 PM / devfreq: hisi: Fix potential UAF in OPP handling
2873d804b4f3 crypto: ccree - Correctly handle return of sg_nents_for_len
9b3f71cf02e0 crypto: starfive - Correctly handle return of sg_nents_for_len
a6c22c91b628 bpf: properly verify tail call behavior
982ef82af998 selftests/bpf: Update test_tag to use sha256
a8cf555fd773 selftests/bpf: Improve reliability of test_perf_branches_no_hw()
833e49fa2dd4 selftests/bpf: skip test_perf_branches_hw() on unsupported platforms
93787117dcf1 regulator: pca9450: Fix error code in probe()
442f55d47d58 usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE
dda165e3be9d usb: dwc2: fix hang during suspend if set as peripheral
cc0d2b85447c usb: dwc2: fix hang during shutdown if set as peripheral
3681b60224e8 usb: chaoskey: fix locking for O_NONBLOCK
32952c4f4d1b ima: Handle error code returned by ima_filter_rule_match()
97ee9b4f32c8 rtla: Fix -a overriding -t argument
93409bddc50b rtla/tests: Fix osnoise test calling timerlat
89f6fb920e2c rtla/tests: Extend action tests to 5s
22b5096abc98 RAS: Report all ARM processor CPER information to userspace
5ebf0fe7eaef wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()
ee5b0b28c993 clk: spacemit: Set clk_hw_onecell_data::num before using flex array
04c79e05e13c cpuset: Treat cpusets in attaching as populated
872b3ffc5107 net: phy: adin1100: Fix software power-down ready condition
59bea0e26b8c selftests/bpf: Use ASSERT_STRNEQ to factor in long slab cache names
340a73d8b664 ASoC: SDCA: Fix missing dash in HIDE DisCo property
fd6835c98ea6 phy: rockchip: samsung-hdptx: Prevent Inter-Pair Skew from exceeding the limits
348c9b3d47a6 phy: rockchip: samsung-hdptx: Reduce ROPLL loop bandwidth
26efe0db47e5 phy: rockchip: samsung-hdptx: Fix reported clock rate in high bpc mode
a614c316a8c2 phy: freescale: Initialize priv->lock
b36ba24f7d6d phy: rockchip: naneng-combphy: Fix PCIe L1ss support RK3562
c6dda44381ed phy: rockchip: naneng-combphy: Fix PCIe L1ss support RK3528
97525d3a7f8b phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe()
ae5f4c7397d0 leds: rgb: leds-qcom-lpg: Don't enable TRILED when configuring PWM
0d8e2c04a2ec of/fdt: Fix incorrect use of dt_root_addr_cells in early_init_dt_check_kho()
38c8c945c2c2 of/fdt: Fix the len check in early_init_dt_check_for_usable_mem_range()
f326efdcab7f of/fdt: Fix the len check in early_init_dt_check_for_elfcorehdr()
7045d5970e16 of/fdt: Consolidate duplicate code into helper functions
d0482ca91d76 mfd: mt6358-irq: Fix missing irq_domain_remove() in error path
f620f2a12012 mfd: mt6397-irq: Fix missing irq_domain_remove() in error path
f75dc8cb4117 tools/rtla: Fix --on-threshold always triggering
efdb8e298907 tools/rtla: Fix unassigned nr_cpus
a6fb8785b179 wifi: mac80211: fix CMAC functions not handling errors
055e892aac14 iommu/vt-d: Fix unused invalidation hint in qi_desc_iotlb
3cf1f2364849 iommu/vt-d: Set INTEL_IOMMU_FLOPPY_WA depend on BLK_DEV_FD
6fccca4dbebc net: phy: realtek: create rtl8211f_config_rgmii_delay()
5fa1c8226b45 scsi: qla2xxx: Fix improper freeing of purex item
638779b17521 scsi: ufs: rockchip: Reset controller on PRE_CHANGE of hce enable notify
f4b45dc5eeb3 pwm: bcm2835: Make sure the channel is enabled after pwm_request()
1ade1edef373 perf arm_spe: Fix memset subclass in operation
3e5b25da0b41 ipv6: clear RA flags when adding a static route
77d179867bcc spi: sophgo: Fix incorrect use of bus width value macros
d8995c4d86ac drm/msm/a6xx: Improve MX rail fallback in RPMH vote init
e24720c82338 drm/msm/a6xx: Fix the gemnoc workaround
45ca97e4ec9b drm/msm/a6xx: Flush LRZ cache before PT switch
295ba29e49f6 drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue
4a3a5c2e93c7 fs/ntfs3: Prevent memory leaks in add sub record
169361f0e0bc fs/ntfs3: out1 also needs to put mi
11e221124be0 net: stmmac: Fix VLAN 0 deletion in vlan_del_hw_rx_fltr()
6b405443b6ab powerpc/64s/ptdump: Fix kernel_hash_pagetable dump for ISA v3.00 HPTE format
1fcbf18558c5 powerpc/64s/hash: Restrict stress_hpt_struct memblock region to within RMA limit
2579c356ccd3 bpf: Fix invalid prog->stats access when update_effective_progs fails
26815698b6fb net: stmmac: dwmac-sophgo: Add phy interface filter
d2b57ba17164 net: phy: Add helper for fixing RGMII PHY mode based on internal mac delay
c9d1c4152e6d wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()
9ea941e8bba6 PCI: stm32: Fix EP page_size alignment
0e82816b6896 PCI: stm32: Fix LTSSM EP race with start link
7b1e3cb2070e drm/msm/a2xx: stop over-complaining about the legacy firmware
966fcbb8c803 drm/msm: fix missing NULL check after kcalloc in crashstate_get_bos()
0bc9149da210 drm/msm: Fix NULL pointer dereference in crashstate_get_vm_logs()
d36f07b8e590 block/blk-throttle: Fix throttle slice time for SSDs
e5e0f94996f0 arm64: dts: imx95-tqma9596sa: reduce maximum FlexSPI frequency to 66MHz
8f1db86ea95c arm64: dts: imx95-tqma9596sa: fix TPM5 pinctrl node name
f677cd77319b NFSD/blocklayout: Fix minlength check in proc_layoutget
bc2b1bbc0329 tracefs: fix a leak in eventfs_create_events_dir()
30db8309b703 fuse_ctl_add_conn(): fix nlink breakage in case of early failure
e1cc8886b628 iio: core: Clean up device correctly on iio_device_alloc() failure
97d817c11450 iio: core: add missing mutex_destroy in iio_dev_release()
4d9bebb2e9b6 watchdog: starfive: Fix resource leak in probe error path
e2b25922e566 watchdog: wdat_wdt: Fix ACPI table leak in probe function
ab3e7a78d83a mshv: Fix create memory region overlap check
380805973808 mshv: Fix deposit memory in MSHV_ROOT_HVCALL
942268e2726a bpf: Check skb->transport_header is set in bpf_skb_check_mtu
59bad3c98cad selftests/bpf: Fix failure paths in send_signal test
7547576c6209 bpf: Handle return value of ftrace_set_filter_ip in register_fentry
4a9b0581757a bpf: Prevent nesting overflow in bpf_try_get_buffers
6394fc65d7bc kbuild: don't enable CC_CAN_LINK if the dummy program generates warnings
07cfb9c3f6d0 PCI: Prevent resource tree corruption when BAR resize fails
020ecb16e578 soc/tegra: fuse: speedo-tegra210: Update speedo IDs
9c58e23af951 ps3disk: use memcpy_{from,to}_bvec index
7102ea1e816a drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype
41ba9d25d965 arm64: dts: qcom: qrb2210-rb1: Fix UART3 wakeup IRQ storm
036bae52e5c1 pwm: Use %u to printf unsigned int pwm_chip::npwm and pwm_chip::id
a2fb63bc252a pwm: Simplify printf to emit chip->npwm in $debugfs/pwm
13dcd6308cb8 s390/fpu: Fix false-positive kmsan report in fpu_vstl()
94a9c0c42cce crypto: iaa - Fix incorrect return value in save_iaa_wq()
42a2a70a12e4 arm64: dts: rockchip: Add eeprom vcc-supply for Radxa ROCK 3C
63d98a936f0f arm64: dts: rockchip: Add eeprom vcc-supply for Radxa ROCK 5A
3eeb44415063 arm64: dts: rockchip: Move the EEPROM to correct I2C bus on Radxa ROCK 5A
ee6dda36b499 soc: renesas: rz-sysc: Populate readable_reg/writeable_reg in regmap config
58f2087a7ccd soc: renesas: r9a09g056-sys: Populate max_register
59a8b59c5a49 PCI: keystone: Exit ks_pcie_probe() for invalid mode
4a03d69cece1 bpf: Free special fields when update [lru_,]percpu_hash maps
2f13baf62bbd accel/amdxdna: Fix deadlock between context destroy and job timeout
677b91705b35 accel/amdxdna: Clear mailbox interrupt register during channel creation
8e2121a40c39 arm64/mm: Allow __create_pgd_mapping() to propagate pgtable_alloc() errors
659dd9c8cd59 leds: netxbig: Fix GPIO descriptor leak in error paths
54a7e8311274 scsi: sim710: Fix resource leak by adding missing ioport_unmap() calls
5c1fb3fd05da scsi: qla2xxx: Clear cmds after chip reset
b47b1e1889c8 ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint()
d7ea2b4d0b70 ocfs2: use correct endian in ocfs2_dinode_has_extents
e5c52c320577 ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent()
e0a7eab9165a lib/vsprintf: Check pointer before dereferencing in time_and_date()
8cacdb0f0bca clk: renesas: r9a06g032: Fix memory leak in error path
0dcbf7d6e901 clk: renesas: r9a09g077: Propagate rate changes to parent clocks
4dd34a24b68e drm/tidss: Move OLDI mode validation to OLDI bridge mode_valid hook
b1d4bb43691c drm/tidss: Remove max_pclk_khz and min_pclk_khz from tidss display features
b2abcb89865b perf tools: Fix missing feature check for inherit + SAMPLE_READ
e485e76864b6 coresight: etm4x: Properly control filter in CPU idle with FEAT_TRF
2daa7706a000 coresight: etm4x: Add context synchronization before enabling trace
352faa1d6387 coresight: etm4x: Correct polling IDLE bit
9698a89977fb coresight: etm3x: Always set tracer's device mode on target CPU
e45178e98848 coresight: etm4x: Always set tracer's device mode on target CPU
4305e94270fa coresight: Change device mode to atomic type
192e8ce302f1 fs/ntfs3: Initialize allocated memory before use
4717e7860649 io_uring/zcrx: call netdev_queue_get_dma_dev() under instance lock
de11c3e5908b net: export netdev_get_by_index_lock()
c9e805f6a35d nbd: defer config unlock in nbd_genl_connect
51b823d7723f wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper()
48a7d427eb65 macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse
74e9f302f31f powerpc/32: Fix unpaired stwcx. on interrupt exit
f834bd9fb83e powerpc/kdump: Fix size calculation for hot-removed memory ranges
990016bd5d02 cpufreq/amd-pstate: Call cppc_set_auto_sel() only for online CPUs
9d37fe37dfa0 md: init bioset in mddev_init
a66e5f556bd7 md: delete md_redundancy_group when array is becoming inactive
cd2898f0fd8e scsi: ufs: core: fix incorrect buffer duplication in ufshcd_read_string_desc()
ee8b0b284ccf drm/panthor: Fix potential memleak of vma structure
ab5e8ebeee1c ntfs3: init run lock for extend inode
d0c9effd82f2 coresight: tmc: add the handle of the event to the path
131097fe8b7d ARM: dts: stm32: stm32mp157c-phycore: Fix STMPE811 touchscreen node properties
8ccdf3a6cde1 RDMA/rtrs: server: Fix error handling in get_or_create_srv
83f23bf28e1b dt-bindings: PCI: amlogic: Fix the register name of the DBI region
986d67f2d72a iio: imu: bmi270: fix dev_err_probe error msg
e463548fd80e staging: most: remove broken i2c driver
1a5c5a2f88e8 scsi: smartpqi: Fix device resources accessed after device removal
f7c6c26a9977 scsi: stex: Fix reboot_notifier leak in probe error path
742012f6bf29 nbd: defer config put in recv_work
f0fae1debeb9 md: avoid repeated calls to del_gendisk
f98b191f7812 md: fix rcu protection in md_wakeup_thread
59392f424f84 md: delete mddev kobj before deleting gendisk kobj
10be1301ae69 regulator: core: disable supply if enabling main regulator fails
16d8e53a8f78 perf/x86/intel: Correct large PEBS flag check
6b089028bff1 perf/x86: Fix NULL event access and potential PEBS record loss
e2a1f510e599 io_uring: use WRITE_ONCE for user shared memory
b9422f46d9c5 arm64: dts: rockchip: Fix USB Type-C host mode for Radxa ROCK 5B+/5T
40a1e0142096 hfs: fix potential use after free in hfs_correct_next_unused_CNID()
ba2726d43d3b accel/amdxdna: Fix dma_fence leak when job is canceled
c94c069c0b12 ext4: correct the checking of quota files before moving extents
c7ca777c5879 wifi: ath12k: Fix timeout error during beacon stats retrieval
9922a95abfc1 mfd: da9055: Fix missing regmap_del_irq_chip() in error path
87cc6fe79c3e wifi: rtw89: usb: fix leak in rtw89_usb_write_port()
bcf44fe565bf wifi: rtw89: usb: use common error path for skbs in rtw89_usb_rx_handler()
9253f39bcf9a locktorture: Fix memory leak in param_set_cpumask()
a89d6e83f0e8 efi/libstub: Fix page table access in 5-level to 4-level paging transition
ac3cd83b02c7 x86/boot: Fix page table access in 5-level to 4-level paging transition
cda077a19f5c coresight: ETR: Fix ETR buffer use-after-free issue
414c982faffa arm64: tegra: Add pinctrl definitions for pcie-ep nodes
040ce00735c1 entry,unwind/deferred: Fix unwind_reset_info() placement
a1b7235ba438 ARM: dts: omap3: n900: Correct obsolete TWL4030 power compatible
ecd2c6686f49 ARM: dts: omap3: beagle-xm: Correct obsolete TWL4030 power compatible
97f035128363 ARM: dts: am335x-netcom-plus-2xx: add missing GPIO labels
29e886ee371b ARM: dts: am33xx: Add missing serial console speed
b454e6282cbf libbpf: Fix parsing of multi-split BTF
01bbf25c7672 spi: tegra210-quad: Fix timeout handling
83143f9df885 cleanup: fix scoped_class()
0ec4aaf5f3f5 iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show
e31c902d7854 ns: initialize ns_list_node for initial namespaces
ad804f43873a ns: add NS_COMMON_INIT()
6a6f1e983edc firmware: ti_sci: Set IO Isolation only if the firmware is capable
0612704b6f6d drm/panthor: Fix UAF on kernel BO VA nodes
05bfa79dec11 drm/panthor: Fix race with suspend during unplug
6c1da9ae2c12 drm/panthor: Fix UAF race between device unplug and FW event processing
1ec19ea88284 drm/panthor: Fix group_free_queue() for partially initialized queues
1292bd488a81 drm/panthor: Handle errors returned by drm_sched_entity_init()
1254303ef82c fs/9p: Don't open remote file with APPEND mode when writeback cache is used
8d11a6c811a5 scsi: target: Fix LUN/device R/W and total command stats
e4a462b4e996 scsi: target: Do not write NUL characters into ASCII configfs output
fb8f2b55a101 power: supply: apm_power: only unset own apm_get_power_status
69675b2d6041 power: supply: qcom_battmgr: support disabling charge control
2614ebcf2bca power: supply: qcom_battmgr: clamp charge control thresholds
eade8ea73b91 power: supply: wm831x: Check wm831x_set_bits() return value
a77929363637 power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges()
52d3f2076122 power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges()
1cea1ca5e8d4 power: supply: max17040: Check iio_read_channel_processed() return code
97ec116a7e57 power: supply: cw2015: Check devm_delayed_work_autocancel() return code
8c473255e5ee power: supply: rt5033_charger: Fix device node reference leaks
d4b3a4c2aa7b timers/migration: Fix imbalanced NUMA trees
cc25b81fe0ea timers/migration: Remove locking on group connection
e21665bac15c timers/migration: Convert "while" loops to use "for"
d7eaed82c21e clk: qcom: tcsrcc-glymur: Update register offsets for clock refs
d733e1e6ed71 perf record: skip synthesize event when open evsel failed
8d88ab9f2088 perf lock contention: Load kernel map before lookup
76103ac4b4b9 drm/imagination: Fix reference to devm_platform_get_and_ioremap_resource()
d41ba8c6f667 cgroup: add cgroup namespace to tree after owner is set
e620258d7d5e arm64: dts: renesas: sparrow-hawk: Fix full-size DP connector node name and labels
18fe7b456f99 interconnect: debugfs: Fix incorrect error handling for NULL path
14700e6b28f3 accel/amdxdna: Fix incorrect command state for timed out job
30f32fa4d233 arm64: dts: qcom: msm8996: add interconnect paths to USB2 controller
3fcb47f405e9 interconnect: qcom: msm8996: add missing link to SLAVE_USB_HS
e442e820e953 wifi: ath12k: unassign arvif on scan vdev create failure
41b623129175 wifi: ath12k: enforce vdev limit in ath12k_mac_vdev_create()
4f93750fa588 wifi: ath12k: fix error handling in creating hardware group
36faecac7a2c wifi: ath12k: fix reusing m3 memory
d0bb3db7b295 wifi: ath12k: fix potential memory leak in ath12k_wow_arp_ns_offload()
cbd5021199db random: use offstack cpumask when necessary
8ddff9989f06 i3c: master: svc: Prevent incomplete IBI transaction
c704ccb558ee i3c: fix refcount inconsistency in i3c_master_register
670b96964730 arm64: dts: ti: k3-j784s4: Fix I2C pinmux pull configuration
ae7a542dbab5 pidfs: add missing BUILD_BUG_ON() assert on struct pidfd_info
eab1b59664ee pidfs: add missing PIDFD_INFO_SIZE_VER1
d71333ffdd37 accel/ivpu: Fix race condition when unbinding BOs
48efc0303ac9 drm: nova: select NOVA_CORE
3dc8f5c1956b pinctrl: stm32: fix hwspinlock resource leak in probe function
921eed200c8f soc: qcom: smem: fix hwspinlock resource leak in probe error paths
4e45bd3f95fa clk: qcom: gcc-qcs615: Update the SDCC clock to use shared_floor_ops
aa857ba3ef52 tools/nolibc/dirent: avoid errno in readdir_r
35eb1ae22c79 tools/nolibc/stdio: let perror work when NOLIBC_IGNORE_ERRNO is set
22da82674af6 accel/ivpu: Remove skip of dma unmap for imported buffers
d53bfb48f6d0 x86/dumpstack: Prevent KASAN false positive warnings in __show_regs()
390a08dd68e6 drm/rcar-du: dsi: Fix missing parameter in RXSETR_...EN macros
5b56a1234223 task_work: Fix NMI race condition
75446d62696c perf/x86/intel/cstate: Remove PC3 support from LunarLake
4669a8db976c bpf: Fix stackmap overflow check in __bpf_get_stackid()
8fc78e468f9e bpf: Refactor stack map trace depth calculation into helper function
8f4e27e87096 mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove
34de3867bdfd mtd: nand: relax ECC parameter validation check
af76d442a543 Revert "mtd: rawnand: marvell: fix layouts"
1564c04afa92 wifi: iwlwifi: mld: add null check for kzalloc() in iwl_mld_send_proto_offload()
3e3cb7625176 drm/amdgpu/userq: fix SDMA and compute validation
77ac34b838e2 drm/amdgpu: add userq object va track helpers
ee3ff9742a44 ARM: dts: renesas: r9a06g032-rzn1d400-db: Drop invalid #cells properties
479a71edb7b3 ARM: dts: renesas: gose: Remove superfluous port property
bc4c14a3863c RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
a10b6eb5c5e5 arm64: dts: qcom: qcm2290: Fix camss register prop ordering
7a26bcbe469c sctp: Defer SCTP_DBG_OBJCNT_DEC() to sctp_destroy_sock().
2cf1278e942b phy: mscc: Fix PTP for VSC8574 and VSC8572
cc12e90519c2 perf hwmon_pmu: Fix uninitialized variable warning
bd55d0019067 arm64: dts: qcom: sm8250-samsung-common: correct reserved pins
21c7d04fa88d arm64: dts: qcom: sdm845-starqltechn: Fix i2c-gpio node name
20d56cf50da2 arm64: dts: qcom: sc8280xp: Fix shifted GPI DMA channels
a2d1270ee7ef arm64: dts: qcom: x1-dell-thena: remove dp data-lanes
e4badd5c24f7 arm64: dts: qcom: x1-dell-thena: Add missing pinctrl for eDP HPD
f8d49ad15f58 arm64: dts: qcom: qcm6490-shift-otter: Add missing reserved-memory
d30ffee3c9f8 arm64: dts: qcom: sm8750-mtp: move PCIe GPIOs to pcieport0 node
436017ec6bee arm64: dts: qcom: sm8650: set ufs as dma coherent
d9360ce07ea1 arm64: dts: qcom: qcm6490-fairphone-fp5: Add supplies to simple-fb node
63f8119b2ca1 arm64: dts: qcom: sdm845-oneplus: Correct gpio used for slider
f4e3cbc96b86 arm64: dts: qcom: sdm845-starqltechn: fix max77705 interrupts
ff24f6314f1c arm64: dts: qcom: sdm845-starqltechn: remove (address|size)-cells
6044e4081959 tools/nolibc: x86: fix section mismatch caused by asm "mem*" functions
b5cc20b665cf arm64: dts: qcom: lemans: Add missing quirk for HS only USB controller
7ecbc8f8b2da arm64: dts: qcom: x1e80100: Add missing quirk for HS only USB controller
ca3630751d7f arm64: dts: qcom: x1e80100: Fix compile warnings for USB HS controller
a705920161fb firmware: imx: scu-irq: fix OF node leak in
01caee81ca7b arm64: dts: ti: k3-am62p: Fix memory ranges for GPU
b8b3bdfb1076 PCI: endpoint: pci-epf-test: Fix sleeping function being called from atomic context
2f902d08e1f3 leds: upboard: Fix module alias
c91eee346089 ice: remove duplicate call to ice_deinit_hw() on error paths
ac4d0d4c469c ice: move ice_deinit_dev() to the end of deinit paths
3cef143aba04 ice: extract ice_init_dev() from ice_init()
8cea2a81db58 ice: move ice_init_pf() out of ice_init_dev()
6a7d04909a95 ice: move udp_tunnel_nic and misc IRQ setup into ice_init_pf()
46d0b034b15d ice: ice_init_pf: destroy mutexes and xarrays on memory alloc failure
0380ea173bf9 ice: move ice_init_interrupt_scheme() prior ice_init_pf()
fa6626905668 ice: move service task start out of ice_init_pf()
62e122809aed accel/amdxdna: Fix uninitialized return value
d0a5b5d56438 wifi: ath12k: restore register window after global reset
04d808a6efb5 tools/power turbostat: Regression fix Uncore MHz printed in hex
0f984f5f8126 s390/ap: Don't leak debug feature files if AP instructions are not available
27c62aeef710 scsi: ufs: core: Move the ufshcd_enable_intr() declaration
1acc6fc225a9 s390/smp: Fix fallback CPU detection
6b1a0da75932 wifi: ath11k: fix peer HE MCS assignment
18d4706956b7 wifi: ath11k: fix VHT MCS assignment
5c75e55e43e8 crypto: hisilicon/qm - restore original qos values
b7090a5c1531 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
599b5f3f4224 soc: qcom: gsbi: fix double disable caused by devm
37b8870d96d4 clk: qcom: camcc-sm7150: Fix PLL config of PLL2
680df1f60e02 clk: qcom: camcc-sm6350: Fix PLL config of PLL2
b2427d5693c3 clk: qcom: gcc-ipq5424: Correct the icc_first_node_id
25dddde65642 clk: qcom: gcc-glymur: Update the halt check flags for pipe clocks
6d9ed274d8da clk: qcom: gcc-sm8750: Add a new frequency for sdcc2 clock
27fa51ddddb3 clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other
69671a253ffe clk: qcom: camcc-sm8550: Specify Titan GDSC power domain as a parent to other
9ff72116e6c8 tty: serial: imx: Only configure the wake register when device is set as wakeup source
78bf5afa25d6 uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe
712102126091 PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2
4b9404cc439d arm64: dts: exynos: gs101: fix sysreg_apm reg property
1321c33a8fc5 arm64: dts: exynos: gs101: fix clock module unit reg sizes
9d231ef85d9a perf annotate: Check return value of evsel__get_arch() properly
7ba92dd7206b arm64: dts: imx95-15x15-evk: add fan-supply property for pwm-fan
a482d0033916 arm64: dts: imx8mp-venice-gw702x: remove off-board sdhc1
7e13775ed0b7 arm64: dts: imx8mp-venice-gw702x: remove off-board uart
152044f4b08d arm64: dts: imx8mm-venice-gw72xx: remove unused sdhc1 pinctrl
a45df9009fa8 arm64: dts: freescale: imx8mp-venice-gw7905-2x: remove duplicate usdhc1 props
fbea4c63b538 bpf: Do not let BPF test infra emit invalid GSO types to stack
204f13654142 block/mq-deadline: Switch back to a single dispatch list
95b122036d7a block/mq-deadline: Introduce dd_start_request()
a43afb170963 PCI: sg2042: Fix a reference count issue in sg2042_pcie_remove()
12b413f5460c crypto: aead - Fix reqsize handling
67c42f3ec0bd perf parse-events: Make X modifier more respectful of groups
b346cdd95f7a firmware: qcom: tzmem: fix qcom_tzmem_policy kernel-doc
d98d38c7f8ca iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member
fdbf4423bb81 arm64: dts: qcom: ipq5424: correct the TF-A reserved memory to 512K
b40a4eb4a054 ntfs3: Fix uninit buffer allocated by __getname()
81ffe9a265df ntfs3: fix uninit memory after failed mi_read in mi_format_new
841b3868a64f crypto: authenc - Correctly pass EINPROGRESS back up to the caller
58c47ba6f329 irqchip: Pass platform device to platform drivers
d2e28c3ed2e2 irqchip: Drop leftover brackets
defdeae61607 irqchip/qcom-irq-combiner: Fix section mismatch
d4caa2df1f08 irqchip/starfive-jh8100: Fix section mismatch
3f1ac747652f irqchip/renesas-rzg2l: Fix section mismatch
60597d44de5f irqchip/imx-mu-msi: Fix section mismatch
99e8c4978410 irqchip/irq-brcmstb-l2: Fix section mismatch
6769909e3ed8 irqchip/irq-bcm7120-l2: Fix section mismatch
2f36222dbc04 irqchip/irq-bcm7038-l1: Fix section mismatch
e74c71452437 irqchip/bcm2712-mip: Fix section mismatch
2f525dea50f2 irqchip/bcm2712-mip: Fix OF node reference imbalance
01f109716638 sched/fair: Forfeit vruntime on yield
ca2a33cee1ef wifi: ath12k: fix TX and RX MCS rate configurations in HE mode
d911fa97dab3 wifi: ath12k: fix VHT MCS assignment
ab0554f51e5f wifi: ath12k: Fix MSDU buffer types handling in RX error path
99fc0689a588 wifi: ath11k: restore register window after global reset
b1497ea24639 wifi: ath10k: move recovery check logic into a new work
72f8a15524f3 gpu: nova-core: gsp: do not unwrap() SGEntry
5248b34df18c gpu: nova-core: gsp: remove useless conversion
27858e788377 perf parse-events: Fix legacy cache events if event is duplicated in a PMU
fe14b92fb97c accel/ivpu: Fix race condition when mapping dmabuf
157d7d16f817 objtool: Fix weak symbol detection
bee781b8c03e objtool: Fix standalone --hacks=jump_label
80b75beb1619 remoteproc: imx_rproc: Fix runtime PM cleanup and improve remove path
4e02cff54ba0 HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync()
ac35eed93429 drm: atmel-hlcdc: fix atmel_xlcdc_plane_setup_scaler()
b1c7a8145137 clk: renesas: cpg-mssr: Read back reset registers to assure values latched
f57b5f2ad106 clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback
1d49bdea86e3 pinctrl: renesas: rzg2l: Fix PMC restore
d07b4af12015 ima: Attach CREDS_CHECK IMA hook to bprm_creds_from_file LSM hook
e558173196b0 pinctrl: qcom: glymur: Fix the gpio and egpio pin functions
0c1e8e2c6e06 pinctrl: qcom: glymur: Drop unnecessary platform data from match table
b5b479a13b90 perf bpf_counter: Fix opening of "any"(-1) CPU events
caceff35c24a USB: Fix descriptor count when handling invalid MBIM extended descriptor
e506f976c914 tools/nolibc: handle NULL wstatus argument to waitpid()
19e359b18ae3 bpf: Fix handling maps with no BTF and non-constant offsets for the bpf_wq
d8edc163ccf5 bpf: Fix sleepable context for async callbacks
20798610f0e2 bpf: Cleanup unused func args in rqspinlock implementation
1f0ca9d3e7c3 drm/vgem-fence: Fix potential deadlock on release
ec6ca941783a accel/ivpu: Fix DCT active percent format
c9ef5ccd8bd9 accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()
94c56e7f63c2 accel/ivpu: Rework bind/unbind of imported buffers
f94792340ecc drm/panel: visionox-rm69299: Don't clear all mode flags
28540b8f226b drm/panel: visionox-rm69299: Fix clock frequency for SHIFT6mq
270f4eb14e0f accel/ivpu: Ensure rpm_runtime_put in case of engine reset/resume fail
3bb9d125972c accel/amdxdna: Call dma_buf_vmap_unlocked() for imported object
359653edd537 accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array()
79197c6007f2 gpu: host1x: Fix race in syncpt alloc/free
cf008f5bd3d5 smack: fix bug: setting task label silently ignores input garbage
60e8d4998941 smack: fix bug: unprivileged task can create labels
70c5be42f691 smack: fix bug: invalid label of unix socket file
f1dbb370eca5 smack: always "instantiate" inode in smack_inode_init_security()
3c4f1ca5bd91 smack: deduplicate xattr setting in smack_inode_init_security()
06025d5e707f smack: deduplicate "does access rule request transmutation"
cf036137162c smack: fix bug: SMACK64TRANSMUTE set on non-directory
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1a98565a4a
---------------------------
linux-yocto/6.18: libpf prepare for new glibc
Integrating the following commit(s) to linux-yocto/6.18:
1/1 [
Author: Mikhail Gavrilov
Email: mikhail.v.gavrilov@gmail.com
Subject: libbpf: Fix -Wdiscarded-qualifiers under C23
Date: Sat, 6 Dec 2025 14:28:25 +0500
glibc ≥ 2.42 (GCC 15) defaults to -std=gnu23, which promotes
-Wdiscarded-qualifiers to an error.
In C23, strstr() and strchr() return "const char *".
Change variable types to const char * where the pointers are never
modified (res, sym_sfx, next_path).
Suggested-by: Florian Weimer <fweimer@redhat.com>
Suggested-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Mikhail Gavrilov <mikhail.v.gavrilov@gmail.com>
Link: https://lore.kernel.org/r/20251206092825.1471385-1-mikhail.v.gavrilov@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bdecbf350c
---------------------------
linux-yocto/6.12: update CVE exclusions (6.12.63)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 10 changes (9 new | 1 updated): - 9 new CVEs: CVE-2025-68687, CVE-2025-68688, CVE-2025-68689, CVE-2025-68690, CVE-2025-68691, CVE-2025-68692, CVE-2025-68693, CVE-2025-68694, CVE-2025-68695 - 1 updated CVEs: CVE-2025-7195
Date: Wed, 24 Dec 2025 04:07:32 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: bc8a080729
---------------------------
linux-yocto/6.12: update to v6.12.63
Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:
567bd8cbc2fe6 Linux 6.12.63
6e611d9cf0723 ASoC: codecs: nau8325: Silence uninitialized variables warnings
5588b7c86efff ALSA: wavefront: Fix integer overflow in sample size validation
c0a1fe1902ad2 ALSA: dice: fix buffer overflow in detect_stream_formats()
8404a1b1f5f16 usb: dwc3: dwc3_power_off_all_roothub_ports: Use ioremap_np when required
6c36af8083503 usb: phy: Initialize struct usb_phy list_head
6f31b2ca1e483 usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt
4b89397807eb0 tcp_metrics: use dst_dev_net_rcu()
90c47a1a526c2 net: dst: introduce dst->dev_rcu
8401fe8638491 net: lan743x: Allocate rings outside ZONE_DMA
429bf3f04c24a LoongArch: Add machine_kexec_mask_interrupts() implementation
a4b7a958c908a ocfs2: fix memory leak in ocfs2_merge_rec_left()
3873afcb57614 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
31ab2aad7a7b7 scsi: imm: Fix use-after-free bug caused by unfinished delayed work
4d7944f49b7cc efi/cper: align ARM CPER type with UEFI 2.9A/2.10 specs
448fd9d43a122 efi/cper: Adjust infopfx size to accept an extra space
0294effcc106c efi/cper: Add a new helper function to print bitmasks
c3590c7812000 dm log-writes: Add missing set_freezable() for freezable kthread
138603953aab3 dm-raid: fix possible NULL dereference with undefined raid type
49278ca55ccf0 block: return unsigned int from queue_dma_alignment
3baeec23a82e7 block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock
592c4fe953d7d ARM: 9464/1: fix input-only operand modification in load_unaligned_zeropad()
0d71b3c2ed742 ALSA: firewire-motu: add bounds check in put_user loop for DSP events
5998ad91f8722 rtc: gamecube: Check the return value of ioremap()
c5bb128353e12 drm/amdkfd: Use huge page size to check split svm range alignment
79331b0b4df10 ALSA: uapi: Fix typo in asound.h comment
fb41332a7a8b5 dma/pool: eliminate alloc_pages warning in atomic_pool_expand
b23111ec50d86 docs: hwmon: fix link to g762 devicetree binding
341d5aa3f0592 cifs: Fix handling of a beyond-EOF DIO/unbuffered read over SMB2
7cd9ed8132d38 drm/nouveau: refactor deprecated strcpy
6275fd726d53a ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
d532934cf11ad regulator: fixed: Rely on the core freeing the enable GPIO
3371a55632b84 drm/plane: Fix IS_ERR() vs NULL check in drm_plane_create_hotspot_properties()
19478fd933414 nvme-auth: use kvfree() for memory allocated with kvcalloc()
453e4b0c84d0d block: fix memory leak in __blkdev_issue_zero_pages
b8da217fc9280 block: fix comment for op_is_zone_mgmt() to include RESET_ALL
be83e65542635 blk-mq: Abort suspend when wakeup events are pending
91aa13e108c75 ASoC: ak5558: Disable regulator when error happens
436602fc10f7e ASoC: ak4458: Disable regulator when error happens
7131bff8d2198 ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure()
5c51a11c1aee0 platform/x86: asus-wmi: use brightness_set_blocking() for kbd led
76b7524ece4a5 fs/nls: Fix inconsistency between utf8_to_utf32() and utf32_to_utf8()
a3dbaa09db4f5 NFS: Fix inheritance of the block sizes when automounting
d867a77a939a1 Expand the type of nfs_fattr->valid
612cc98698d66 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags
2704453bd1fbb Revert "nfs: ignore SB_RDONLY when mounting nfs"
1caf1aa241f7f Revert "nfs: clear SB_RDONLY before getting superblock"
acd4088a25800 Revert "nfs: ignore SB_RDONLY when remounting nfs"
59947dff0fb7c NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
fa561b29b7a85 NFS: Initialise verifiers for visible dentries in _nfs4_open_and_get_state
ef97a2a5c1d56 nfs/vfs: discard d_exact_alias()
af4c780b9f1fd NFS: Initialise verifiers for visible dentries in nfs_atomic_open()
85d84f6c98fcb NFS: Initialise verifiers for visible dentries in readdir and lookup
0aba4b43a27bf fs/nls: Fix utf16 to utf8 conversion
ef7a9c2fae325 NFS: Avoid changing nlink when file removes and attribute updates race
dfa39de442ecd f2fs: maintain one time GC mode is enabled during whole zoned GC cycle
3573b62002723 f2fs: add gc_boost_gc_greedy sysfs node
4236c017c4cec f2fs: add gc_boost_gc_multiple sysfs node
4c5181b9e1a99 f2fs: introduce reserved_pin_section sysfs entry
d4a4abba45849 f2fs: sysfs: add encoding_flags entry
7cc6b80df66f6 f2fs: add carve_out sysfs node
65e42a7084d1a f2fs: fix to avoid running out of free segments
9933e05f508e0 f2fs: add a sysfs entry to reclaim POSIX_FADV_NOREUSE pages
58ecedab080c4 f2fs: keep POSIX_FADV_NOREUSE ranges
3e50b6e2b118d platform/x86:intel/pmc: Update Arrow Lake telemetry GUID
cee20212a7b09 sched/fair: Fix unfairness caused by stalled tg_load_avg_contrib when the last task migrates out
b15affae51ed9 9p: fix cache/debug options printing in v9fs_show_options
d4b20e53b67cc fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe()
15a6847f28085 pinctrl: single: Fix incorrect type for error return variable
495f3e9155716 perf hist: In init, ensure mem_info is put on error paths
e8097bd44a52d perf tools: Fix split kallsyms DSO counting
d6cbe9b36f368 perf tools: Mark split kallsyms DSOs as loaded
0b6216f9b3d1c net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop
2c011aea3d28b net: dsa: xrs700x: reject unsupported HSR configurations
dccbe4fab76f1 net: hsr: create an API to get hsr port type
ef964411c8ca7 net: hsr: Create and export hsr_get_port_ndev()
57364f7d6d921 net: hsr: remove synchronize_rcu() from hsr_add_port()
f906362c605bc net: hsr: remove one synchronize_rcu() from hsr_del_port()
b61d747c0a749 clk: keystone: fix compile testing
fa73dbe02e052 md/raid5: fix IO hang when array is broken with IO inflight
a553e969dc9c4 remoteproc: qcom_q6v5_wcss: fix parsing of qcom,halt-regs
6e1acbe563ddd mtd: lpddr_cmds: fix signed shifts in lpddr_cmds
bd8bb75d859a1 selftests: bonding: add delay before each xvlan_over_bond connectivity check
0b6795286e7a1 selftests: bonding: add ipvlan over bond testing
b7e669dce505a net: phy: aquantia: check for NVMEM deferral
45d7cf5174e4b vfio/pci: Use RCU for error/request triggers to avoid circular locking
cad6c0fd6f3c0 spi: ch341: fix out-of-bounds memory access in ch341_transfer_one
f6f13e468b725 mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors
7c3ba62a4d29f net: stmmac: fix rx limit check in stmmac_rx_zc()
b29ddccf36946 netfilter: nft_connlimit: update the count if add was skipped
3558faee8aace netfilter: nf_conncount: rework API to use sk_buff directly
9f953b045886c netfilter: flowtable: check for maximum number of encapsulations in bridge vlan
c80fa09cba1f5 Reinstate "resource: avoid unnecessary lookups in find_next_iomem_res()"
d050ffbf22212 resource: introduce is_type_match() helper and use it
9a15982a2c099 resource: replace open coded resource_intersection()
a9864d42ebcdd regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
2d2fd5b65b1ed ARM: dts: samsung: exynos4412-midas: turn off SDIO WLAN chip during system suspend
bac13d9609b50 ARM: dts: samsung: exynos4210-trats: turn off SDIO WLAN chip during system suspend
03d6aa9e43d89 ARM: dts: samsung: exynos4210-i9100: turn off SDIO WLAN chip during system suspend
5cc0fd103918c ARM: dts: samsung: universal_c210: turn off SDIO WLAN chip during system suspend
7be6791043574 spi: airoha-snfi: en7523: workaround flash damaging if UART_TXD was short to GND
9ff7ef2efae33 ASoC: Intel: catpt: Fix error path in hw_params()
7bc42097e9729 vdpa/pds: use %pe for ERR_PTR() in event handler registration
0cea55e0272cb vhost: Fix kthread worker cgroup failure handling
30be771c090a8 vdpa/mlx5: Fix incorrect error code reporting in query_virtqueues
807b0fb13a80a virtio: fix virtqueue_set_affinity() docs
6cdca761ef227 virtio: fix grammar in virtio_queue_info docs
bdc76b2c1cf50 virtio: fix whitespace in virtio_config_ops
3a4894736e6b0 virtio: fix typo in virtio_device_ready() comment
5f5cb2c99ae97 virtio_vdpa: fix misleading return in void function
094e8f78c6335 of: Skip devicetree kunit tests when RISCV+ACPI doesn't populate root node
ade5800a8d325 ext4: improve integrity checking in __mb_check_buddy by enhancing order-0 validation
d6d3371611d28 ublk: prevent invalid access with DEBUG
438f9673f3cb1 ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4
0927f7b4dcb9d hwmon: sy7636a: Fix regulator_enable resource leak on error path
332825d72dcb3 drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1()
1b3eb9500fc55 greybus: gb-beagleplay: Fix timeout handling in bootloader functions
80c2106b09d3b firmware_loader: make RUST_FW_LOADER_ABSTRACTIONS select FW_LOADER
6f1a1e7b5a48f ASoC: fsl_xcvr: clear the channel status control memory
edb2b25561862 gfs2: Prevent recursive memory reclaim
ceb8ee5ed4507 ASoC: nau8325: add missing build config
78b923fa3de32 ASoC: nau8325: use simple i2c probe function
c59358338c0b9 drm/panthor: Avoid adding of kernel BOs to extobj list
6567f40a75adb RDMA/irdma: Do not directly rely on IB_PD_UNSAFE_GLOBAL_RKEY
ef043432e4ec1 RDMA/irdma: Fix data race in irdma_free_pble
abd2675d9aac4 RDMA/irdma: Fix data race in irdma_sc_ccq_arm
64144891d882c iommu/arm-smmu-qcom: Enable use of all SMR groups when running bare-metal
45285d357287b backlight: lp855x: Fix lp855x.h kernel-doc warnings
0e63ea4378489 backlight: led-bl: Add devlink to supplier LEDs
452eec7f208f5 wifi: ieee80211: correct FILS status codes
3b5f35085f815 iomap: always run error completions in user context
133900d61dacd iomap: factor out a iomap_dio_done helper
96eab6610cb3a um: Don't rename vmap to kernel_vmap
168592b56cae4 drm/nouveau: restrict the flush page to a 32-bit address
ee1aedaef571f PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition
14dd377ab65f1 btrfs: fix leaf leak in an error path in btrfs_del_items()
1b1284e4f30e8 iommu/arm-smmu-v3: Fix error check in arm_smmu_alloc_cd_tables
e0d1555bb0828 staging: fbtft: core: fix potential memory leak in fbtft_probe_common()
50b878db54c85 firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc
278bfed4529a0 mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
1df9aeb2a4f03 ASoC: tas2781: correct the wrong period
7b5f15a32912f RDMA/bnxt_re: Pass correct flag for dma mr creation
c996c81cecb6c RDMA/bnxt_re: Fix the inline size for GenP7 devices
34447aeedbaea erofs: limit the level of fs stacking for file-backed mounts
349f101d3f967 RISC-V: KVM: Fix guest page fault within HLV* instructions
1e38b525909b4 crypto: ccree - Correctly handle return of sg_nents_for_len
0c3854d65cc44 crypto: starfive - Correctly handle return of sg_nents_for_len
ef5e709c0494f selftests/bpf: Improve reliability of test_perf_branches_no_hw()
510282952d7c6 selftests/bpf: skip test_perf_branches_hw() on unsupported platforms
ef065c4d4a2d8 usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE
f8408e1e54dda usb: dwc2: fix hang during suspend if set as peripheral
23c928493dc5d usb: dwc2: fix hang during shutdown if set as peripheral
cc9b6180a4c44 usb: dwc2: disable platform lowlevel hw resources during shutdown
1358e9fecb89c usb: chaoskey: fix locking for O_NONBLOCK
c2238d487a640 ima: Handle error code returned by ima_filter_rule_match()
2599ad5e33b62 RAS: Report all ARM processor CPER information to userspace
4758770a673c6 wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()
a0e2c571e8504 cpuset: Treat cpusets in attaching as populated
d8b726ee9d937 net: phy: adin1100: Fix software power-down ready condition
42d6ee65cdc89 phy: rockchip: samsung-hdptx: Prevent Inter-Pair Skew from exceeding the limits
3200ec35a050b phy: rockchip: samsung-hdptx: Reduce ROPLL loop bandwidth
9f23c97c45dd1 phy: freescale: Initialize priv->lock
8fee9a8cb58fa phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe()
3c5869f5fd366 leds: rgb: leds-qcom-lpg: Don't enable TRILED when configuring PWM
579a91ff0845e mfd: mt6358-irq: Fix missing irq_domain_remove() in error path
80daa408957ac mfd: mt6397-irq: Fix missing irq_domain_remove() in error path
199aea40b8680 wifi: mac80211: fix CMAC functions not handling errors
903e36c9e952f iommu/vt-d: Fix unused invalidation hint in qi_desc_iotlb
8e9f0a0717ba3 scsi: qla2xxx: Fix improper freeing of purex item
157cf2b51d74f pwm: bcm2835: Make sure the channel is enabled after pwm_request()
96e436a051993 perf arm_spe: Fix memset subclass in operation
c8fe12ed4da96 perf arm-spe: Extend branch operations
03f642caab84b ipv6: clear RA flags when adding a static route
a2339a354d115 drm/msm/a6xx: Improve MX rail fallback in RPMH vote init
ae43fd9d556ea drm/msm/a6xx: Fix the gemnoc workaround
630f2ce9c7cc6 drm/msm/a6xx: Flush LRZ cache before PT switch
4f4f7b5797883 drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue
e5bb424266927 fs/ntfs3: Prevent memory leaks in add sub record
c4af1cd7f22a3 fs/ntfs3: out1 also needs to put mi
8d04afc9da642 powerpc/64s/ptdump: Fix kernel_hash_pagetable dump for ISA v3.00 HPTE format
f6573f4049f78 powerpc/64s/hash: Restrict stress_hpt_struct memblock region to within RMA limit
539137e3038ce bpf: Fix invalid prog->stats access when update_effective_progs fails
ee7db11742b30 wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()
241dcbe651b07 drm/msm/a2xx: stop over-complaining about the legacy firmware
de38f64811973 block/blk-throttle: Fix throttle slice time for SSDs
bbc709db0ca76 NFSD/blocklayout: Fix minlength check in proc_layoutget
3bcb274a192fc tracefs: fix a leak in eventfs_create_events_dir()
362438cfc52d5 watchdog: starfive: Fix resource leak in probe error path
0c1646149f4ed watchdog: wdat_wdt: Fix ACPI table leak in probe function
30ce906557a21 bpf: Check skb->transport_header is set in bpf_skb_check_mtu
ef87c16884126 selftests/bpf: Fix failure paths in send_signal test
027ab4cbe3bd0 bpf: Handle return value of ftrace_set_filter_ip in register_fentry
1dd5d772bcaf8 ps3disk: use memcpy_{from,to}_bvec index
a25a953b6911e drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype
33d9ec273d60b crypto: iaa - Fix incorrect return value in save_iaa_wq()
6816cd35ca5aa arm64: dts: rockchip: Add eeprom vcc-supply for Radxa ROCK 3C
7225af2545d77 arm64: dts: rockchip: Add eeprom vcc-supply for Radxa ROCK 5A
117327d2051ae arm64: dts: rockchip: Move the EEPROM to correct I2C bus on Radxa ROCK 5A
d258d7e5d3c94 PCI: keystone: Exit ks_pcie_probe() for invalid mode
3bf1378747e25 bpf: Free special fields when update [lru_,]percpu_hash maps
345e130c0b28d leds: netxbig: Fix GPIO descriptor leak in error paths
0401a20abbd65 scsi: sim710: Fix resource leak by adding missing ioport_unmap() calls
9b2e70df6dd02 ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint()
e5c2503696ec2 ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent()
c2a0862ad4c36 lib/vsprintf: Check pointer before dereferencing in time_and_date()
aa07a5df8cf17 clk: renesas: r9a06g032: Fix memory leak in error path
38e5e8b4d645e coresight: etm4x: Add context synchronization before enabling trace
11c5672a04d09 coresight: etm4x: Extract the trace unit controlling
bebb32a222280 coresight: etm4x: Correct polling IDLE bit
fef8b751d8d05 coresight: Change device mode to atomic type
c9b99c948b4fb nbd: defer config unlock in nbd_genl_connect
199c3a2725add wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper()
230621ffdb361 macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse
d8a3693c58ae3 powerpc/32: Fix unpaired stwcx. on interrupt exit
d8c573471ec0b powerpc/kdump: Fix size calculation for hot-removed memory ranges
37d511e849139 cpufreq/amd-pstate: Call cppc_set_auto_sel() only for online CPUs
90138ed922e57 scsi: ufs: core: fix incorrect buffer duplication in ufshcd_read_string_desc()
98ae4025dea14 drm/panthor: Fix potential memleak of vma structure
6e17555728bc4 ntfs3: init run lock for extend inode
054e5045f1563 ARM: dts: stm32: stm32mp157c-phycore: Fix STMPE811 touchscreen node properties
2e2b5aba8ad77 RDMA/rtrs: server: Fix error handling in get_or_create_srv
71786f697121d dt-bindings: PCI: amlogic: Fix the register name of the DBI region
eccc02ba17475 scsi: smartpqi: Fix device resources accessed after device removal
8616943e0729a scsi: stex: Fix reboot_notifier leak in probe error path
6b69593f72e1b nbd: defer config put in recv_work
21989cb5034c8 md: fix rcu protection in md_wakeup_thread
b991eda2a7f1b regulator: core: disable supply if enabling main regulator fails
a0f1e48023c8f perf/x86/intel: Correct large PEBS flag check
a7abd40cbfcfd ext4: correct the checking of quota files before moving extents
520de30d8c92b mfd: da9055: Fix missing regmap_del_irq_chip() in error path
22b5b6262958a locktorture: Fix memory leak in param_set_cpumask()
2390e90a5cd2f efi/libstub: Fix page table access in 5-level to 4-level paging transition
b299217115f54 x86/boot: Fix page table access in 5-level to 4-level paging transition
2e1132b0832ea ARM: dts: omap3: n900: Correct obsolete TWL4030 power compatible
99da0f593d0b0 ARM: dts: omap3: beagle-xm: Correct obsolete TWL4030 power compatible
6110aca23ded7 ARM: dts: am335x-netcom-plus-2xx: add missing GPIO labels
627be3c40095e libbpf: Fix parsing of multi-split BTF
551060efb156c spi: tegra210-quad: Fix timeout handling
5a0060ddfc1fc drm/panthor: Fix UAF on kernel BO VA nodes
ae6e58069d846 drm/panthor: Fix race with suspend during unplug
31db188355a49 drm/panthor: Fix UAF race between device unplug and FW event processing
1ed88300c3330 drm/panthor: Fix group_free_queue() for partially initialized queues
82484ee4f02f0 drm/panthor: Handle errors returned by drm_sched_entity_init()
e5b181c4ea852 fs/9p: Don't open remote file with APPEND mode when writeback cache is used
288fa0d792bcc scsi: target: Do not write NUL characters into ASCII configfs output
e8fe1cd91ec88 power: supply: apm_power: only unset own apm_get_power_status
f8897c84d9be6 power: supply: wm831x: Check wm831x_set_bits() return value
1b8769af5dc1c power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges()
e52391c353028 power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges()
076481e5ee775 power: supply: max17040: Check iio_read_channel_processed() return code
748c3b8a68121 power: supply: cw2015: Check devm_delayed_work_autocancel() return code
853e3e566595c power: supply: rt5033_charger: Fix device node reference leaks
3a3dff0a73ba2 perf record: skip synthesize event when open evsel failed
25b5ee3439cfc perf lock contention: Load kernel map before lookup
76a339268d75c drm/imagination: Fix reference to devm_platform_get_and_ioremap_resource()
f674cb00630ab interconnect: debugfs: Fix incorrect error handling for NULL path
b528a34aaf487 arm64: dts: qcom: msm8996: add interconnect paths to USB2 controller
3b946560c90d1 interconnect: qcom: msm8996: add missing link to SLAVE_USB_HS
4351b8664583d wifi: ath12k: fix potential memory leak in ath12k_wow_arp_ns_offload()
b9f9fbc3777a2 i3c: master: svc: Prevent incomplete IBI transaction
d3bacdd55ec93 i3c: fix refcount inconsistency in i3c_master_register
6b860ae7cd95d pinctrl: stm32: fix hwspinlock resource leak in probe function
60d1c1d4d9258 soc: qcom: smem: fix hwspinlock resource leak in probe error paths
5bfe033a1b775 tools/nolibc/stdio: let perror work when NOLIBC_IGNORE_ERRNO is set
d6bec89235d73 x86/dumpstack: Prevent KASAN false positive warnings in __show_regs()
ee96f47123495 task_work: Fix NMI race condition
329f8323d3a55 perf/x86/intel/cstate: Remove PC3 support from LunarLake
d1f424a77b6bd bpf: Fix stackmap overflow check in __bpf_get_stackid()
0c472ae306761 bpf: Refactor stack map trace depth calculation into helper function
d6d416f3b822f perf: Remove get_perf_callchain() init_nr argument
f5a4950ad270c mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove
87e02ae9ad15e mtd: nand: relax ECC parameter validation check
bfbb87096b953 Revert "mtd: rawnand: marvell: fix layouts"
1d79c9aa5397a ARM: dts: renesas: r9a06g032-rzn1d400-db: Drop invalid #cells properties
dfa2bdcf7893a ARM: dts: renesas: gose: Remove superfluous port property
b8f6eeb87a76b RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
283a90add79fa sctp: Defer SCTP_DBG_OBJCNT_DEC() to sctp_destroy_sock().
a720fb15bd06a phy: mscc: Fix PTP for VSC8574 and VSC8572
41d2074ca8689 arm64: dts: qcom: qcm6490-shift-otter: Add missing reserved-memory
11fc271a600a4 arm64: dts: qcom: sm8650: set ufs as dma coherent
3309c64e0ecd6 arm64: dts: qcom: sdm845-oneplus: Correct gpio used for slider
4173401d2fd8b arm64: dts: qcom: x1e80100: Add missing quirk for HS only USB controller
7335bfb012594 arm64: dts: qcom: x1e80100: Fix compile warnings for USB HS controller
17b65e48030ef firmware: imx: scu-irq: fix OF node leak in
d5b0d62a2ee8f arm64: dts: ti: k3-am62p: Fix memory ranges for GPU
d1376bcacc820 s390/ap: Don't leak debug feature files if AP instructions are not available
ecb0b9f92503b s390/smp: Fix fallback CPU detection
097c870b91817 wifi: ath11k: fix peer HE MCS assignment
7ee69f3590714 wifi: ath11k: fix VHT MCS assignment
ecd1ca3bd8bdd crypto: hisilicon/qm - restore original qos values
c73be4f51eed9 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
7e7135c842872 soc: qcom: gsbi: fix double disable caused by devm
3cc3f161201b7 soc: Switch back to struct platform_driver::remove()
23e8fc7c9543a clk: qcom: camcc-sm7150: Fix PLL config of PLL2
01b20bb5313d7 clk: qcom: camcc-sm6350: Fix PLL config of PLL2
d55e7dec3c2f7 clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other
9bfd3a7d31ba7 clk: qcom: camcc-sm8550: Specify Titan GDSC power domain as a parent to other
fa963643a8906 uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe
f93f66ffcb0d5 PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2
0ac1d13b2442c arm64: dts: exynos: gs101: fix sysreg_apm reg property
c8c93fe1c444a perf annotate: Check return value of evsel__get_arch() properly
cc67b6d82b122 arm64: dts: imx8mp-venice-gw702x: remove off-board sdhc1
7c8dc554965f7 arm64: dts: imx8mp-venice-gw702x: remove off-board uart
54235eadb2284 arm64: dts: imx8mm-venice-gw72xx: remove unused sdhc1 pinctrl
ad7356c7ead8b arm64: dts: freescale: imx8mp-venice-gw7905-2x: remove duplicate usdhc1 props
da06fa2308fe5 block/mq-deadline: Switch back to a single dispatch list
53d0a52ccc9cb block/mq-deadline: Introduce dd_start_request()
a38a8be61000e firmware: qcom: tzmem: fix qcom_tzmem_policy kernel-doc
9e745721342cb iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member
fe89feb2bdce1 inet: Avoid ehash lookup race in inet_twsk_hashdance_schedule()
e1480cc48d416 inet: Avoid ehash lookup race in inet_ehash_insert()
6b9cbefb73c35 rculist: Add hlist_nulls_replace_rcu() and hlist_nulls_replace_init_rcu()
d96461c6c6a31 clk: qcom: gcc-x1e80100: Add missing USB4 clocks/resets
6a2af03a6e58f dt-bindings: clock: qcom,x1e80100-gcc: Add missing USB4 clocks/resets
3a877b22edbed dt-bindings: clock: qcom,x1e80100-gcc: Add missing video resets
4b1fd82848fdf ntfs3: Fix uninit buffer allocated by __getname()
7ce8f2028dfcc ntfs3: fix uninit memory after failed mi_read in mi_format_new
752e578549ff1 crypto: authenc - Correctly pass EINPROGRESS back up to the caller
9268a215905af irqchip/qcom-irq-combiner: Fix section mismatch
f761c6e6db3ad irqchip/starfive-jh8100: Fix section mismatch
d604a43972ca2 irqchip/renesas-rzg2l: Fix section mismatch
3054c0fcb4bb0 irqchip/imx-mu-msi: Fix section mismatch
987028716f9dd irqchip/irq-brcmstb-l2: Fix section mismatch
75f13a37fcf5f irqchip/irq-bcm7120-l2: Fix section mismatch
c30d7fa84614f irqchip/irq-bcm7038-l1: Fix section mismatch
d5843e1530d8d sched/fair: Forfeit vruntime on yield
735e232cd9cc9 wifi: ath11k: restore register window after global reset
6d9ff97af0151 wifi: ath10k: move recovery check logic into a new work
78d6455b04bc3 wifi: ath10k: Add missing include of export.h
5b9c7e103728b wifi: ath10k: Avoid vdev delete timeout when firmware is already down
aea8e105743be objtool: Fix weak symbol detection
5be8a348528b7 objtool: Fix standalone --hacks=jump_label
f0581990dbf3a HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync()
fe4b23d94f3ac drm: atmel-hlcdc: fix atmel_xlcdc_plane_setup_scaler()
95f29bada0505 clk: renesas: cpg-mssr: Read back reset registers to assure values latched
c0b15580c17f0 clk: renesas: Pass sub struct of cpg_mssr_priv to cpg_clk_register
efa305a20eb96 clk: renesas: Use str_on_off() helper
26fa515baf084 clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback
d87a89c5a7eba pinctrl: renesas: rzg2l: Fix PMC restore
1f925f9047a4f USB: Fix descriptor count when handling invalid MBIM extended descriptor
338e388c0d80f drm/vgem-fence: Fix potential deadlock on release
470da7a2c29c6 accel/ivpu: Fix DCT active percent format
e4341b780b22f accel/ivpu: Make function parameter names consistent
e7bf47d73cd87 drm/panel: visionox-rm69299: Don't clear all mode flags
a3c1fa8fe761e accel/ivpu: Ensure rpm_runtime_put in case of engine reset/resume fail
b5890eb95ebb3 accel/ivpu: Prevent runtime suspend during context abort work
4e6e07ce0197a gpu: host1x: Fix race in syncpt alloc/free
f0a9ef99fb3c4 smack: fix bug: setting task label silently ignores input garbage
ac9fce2efabad smack: fix bug: unprivileged task can create labels
b68902daf0994 smack: fix bug: invalid label of unix socket file
ad396a05d9851 smack: always "instantiate" inode in smack_inode_init_security()
abf20a13507fe smack: deduplicate xattr setting in smack_inode_init_security()
d684f66dd729e smack: fix bug: SMACK64TRANSMUTE set on non-directory
74a813e575ef5 smack: deduplicate "does access rule request transmutation"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a71b566486
---------------------------
linux-yocto/6.18: genericarm64: remove SLIM_QCOM_CTR
Integrating the following commit(s) to linux-yocto/.:
1/1 [
Author: Mikko Rapeli
Email: mikko.rapeli@linaro.org
Subject: genericarm64.cfg: remove SLIM_QCOM_CTRL
Date: Tue, 23 Dec 2025 15:26:44 +0200
It has been removed from 6.17 kernel in commit
7cbba32a2d62c3c18128c04f88b1901d702bb2bf
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 51f1388dd1
---------------------------
pseudo: Update to pull in openat2 and efault return code changes
Pulls in the following fixes:
* makewrappers: Enable a new efault option
* ports/linux/openat2: Add dummy wrapper
* test-syscall: Add a syscall test
* ports/linux/pseudo_wrappers: Avoid openat2 usage via syscall
which should fix issues with the tar CVE fix on Centos/Alma/Rocky 9 distros
that uses openat2 as well as the efault issue breaking rust based uutils.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 235e6d49e5
---------------------------
libpcap: upgrade 1.10.5 -> 1.10.6
Solves CVE-2025-11961 and CVE-2025-11964.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b26f8fcea9
---------------------------
libxslt: mark CVE-2025-7424 as fixed
NVD DB lists this CVE as version-less (common for Redhat CVEs).
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 4fa9f8b37e
---------------------------
xz: upgrade 5.8.1 -> 5.8.2
License-Update: Update GPLv2 and LGPLv2.1 copies from gnu.org
* https://github.com/tukaani-project/xz/commit/6d287a3ae90e1b990294f3d5264003d81e853c5e
Release Notes:
* https://github.com/tukaani-project/xz/releases/tag/v5.8.2
* liblzma:
- Fix the build on ARM64 on glibc versions older than
2.24 (2016). They don't have HWCAP_CRC32 in <sys/auxv.h>.
- Disable CLMUL CRC code when building for 32-bit x86 with
old MSVC versions. This avoids a compiler bug. The exact
compiler version in which the issue was fixed is unknown,
but VS 2022 17.13 (MSVC 19.43.34808) is known to work, so
CLMUL CRC on 32-bit x86 is disabled with MSVC versions
older than that.
* xz:
- Add a workaround for Red Hat Enterprise Linux 9 kernel bug
which made xz fail with "xz: Failed to enable the sandbox".
It only occurs with xz 5.8.0 and 5.8.1 binaries built for
other distros. For example, running Debian 13 in a container
on RHEL/CentOS 9 would trigger the issue.
The bug was introduced in RHEL 9 kernel 5.14.0-603.el9
(2025-07-30) and fixed in 5.14.0-648.el9 (2025-12-05).
However, as of writing, the fixed kernel isn't available
to RHEL 9 users yet, so including the workaround in this
xz release seems reasonable. The workaround will be removed
when it's no longer needed.
xzdec was also affected by this issue.
- On AIX, don't use fsync() on directories because it fails.
- Fix the build on Emscripten.
- Fix the build on clang-cl on Windows.
- Take resource limits (RLIMIT_DATA, RLIMIT_AS, and RLIMIT_VMEM)
into account when determining the default memory usage limit
for multithreaded mode. This should prevent xz from failing
when a resource limit has been set to a value that is less
than 1/4 of total RAM. Other memory limits can still trigger
the same issue, for example, Linux cgroup v2 memory.max.
* Build systems:
- When symbol versioning is enabled, pass --undefined-version
to the linker if the option is supported. This fixes the
build when using LLVM's lld and some liblzma features have
been disabled at build time.
- ARM64: Fix autodetection of fast unaligned memory access when
using GCC and -mstrict-align is in effect. Previously the
build systems would incorrectly guess that unaligned access
is fast, which would result in much slower binaries than
needed. The fix is a workaround for GCC bug 111555;
autodetection already worked with Clang.
- LoongArch: Autodetect if fast unaligned memory access is
supported. This can improve compression speed by 15 % (but
not decompression speed).
* Translations:
- Update the Spanish translation.
- Add Swedish man page translations.
- Update Italian, Korean, Romanian, Serbian, and Ukrainian
man page translations.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 1e5dff5e01
---------------------------
dropbear: upgrade 2025.88 -> 2025.89
Solves CVE-2025-14282 and CVE-2019-6111.
Release notes:
* https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.89
Drop patch included in this release and refresh other patches.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 2b485d354b
---------------------------
libpcre2: Fix linking with LLD linker
version scripts are at odds with LLD at times and its strict about undefined symbols
even though they will be provided by c startup files.
Fixes
| riscv64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol '_fini' failed: symbol not defined
| riscv64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol '_init' failed: symbol not defined
| riscv64-yoe-linux-clang: error: linker command failed with exit code 1 (use -v to see invocation)
| make[1]: *** [Makefile:1948: libpcre2-32.la] Error 1
| make[1]: Leaving directory '/mnt/b/yoe/master/build/tmp/work/riscv64imafdc-yoe-linux/libpcre2/10.47/build'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 0ae08dc70f
---------------------------
systemd: fix excess systemd -> ukify -> python dependency
The systemd package contains a symlink to ukify binary under the
libdir/systemd. This symlink forces the systemd -> systemd-ukify
dependency, which also pulls in a set of python packages, which might be
undesirable for the small isntallations. Move the symlink to the
systemd-ukify package, removing this dependency and preventing the
excess growth of the rootfs / initramfst.
Fixes: e92427496210 ("systemd: package 'ukify' seperately")
Cc: Koen Kooi <koen.kooi@oss.qualcomm.com>
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Acked-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: aa7576e06a
---------------------------
python3: upgrade 3.13.9 -> 3.13.11
Handles CVE-2025-6075 (in 3.13.10) and CVE-2025-12084 (in 3.13.11).
Release information:
* https://www.python.org/downloads/release/python-31310/
* Python 3.13.10 is the tenth maintenance release of 3.13, containing
around 300 bugfixes, build improvements and documentation changes
since 3.13.9.
* https://www.python.org/downloads/release/python-31311/
* Python 3.13.11 is the eleventh maintenance release of 3.13. This is
an expedited release to fix the following regressions:
* gh-142206: Exceptions in multiprocessing in running programs while
upgrading Python.
* gh-142218: Segmentation faults and assertion failures in
insertdict.
* gh-140797: Crash when using multiple capturing groups in re.Scanner
* And these security fixes:
* gh-142145: Remove quadratic behavior in node ID cache clearing
(CVE-2025-12084)
* gh-119451: Fix a potential denial of service in http.client
* gh-119452: Fix a potential virtual memory allocation denial of
service in http.server
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 08e93850d5
---------------------------
bindgen-cli: extend BBCLASSEXTEND to include nativesdk
To support building Rust bindings in the SDK environment, bindgen needs to
be available for the `nativesdk` class as well.
This is required as part of making Rust available, where bindgen is a common
dependency for generating Rust FFI bindings from C headers during cross-compilation.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 947bd6ba96
---------------------------
oe-selftest: case.py: remove unused imports
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 998ebfc77d
---------------------------
oeqa: runtime: go: Increase test_go_compile/test_go_module timeout
These tests tend do take a bit of time, and this is probably why they
have been seen failing a few times in the past months. Rising the
timeout from 5 to 10 minutes appears to help.
Fixes [YOCTO #15999]
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 42a90c96b2
---------------------------
ovmf: upgrade 202508 -> 202511
Upstream has dropped support for 32 bit x86:
https://github.com/tianocore/edk2/commit/2a6708a786eb0f0e9b979cd93c5dc12c42e337a1
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: c66f4a1480
---------------------------
package.py: skip dwarfsrcfiles for Clang LTO static libraries
When using Clang toolchain with LTO enabled, static libraries (.a) contain
LLVM bitcode objects instead of ELF objects. dwarfsrcfiles cannot process
these files and fails with "not a valid ELF file" error.
Rather than catching the error message, guard the dwarfsrcfiles call by
checking for the specific conditions: static library (using is_static_lib()
magic check) + clang toolchain + lto in DISTRO_FEATURES. When all conditions
are met, skip the call silently.
Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 623c20ff1e
---------------------------
overlayfs: Remove helper unit
Since systemd v256 workdir and upperdir are automatically created if
they don't exist, so we don't need an additional helper unit anymore.
Ref: https://github.com/systemd/systemd/commit/6c75eff6afd90596d09a33a9275be292db4e3380
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 54a81bcd2c
---------------------------
alsa-ucm-conf: upgrade 1.2.15 -> 1.2.15.1
Upstream changes: various fixes
https://www.alsa-project.org/wiki/Changes_v1.2.15_v1.2.15.1
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 933deb2597
---------------------------
alsa-utils: upgrade 1.2.15 -> 1.2.15.1
Upstream changes: alsactl and aplay fixes
https://www.alsa-project.org/wiki/Changes_v1.2.15_v1.2.15.1
Remove no longer necessary patch:
0001-alsactl-fix-build-when-in-subdirectory.patch
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d7debf0443
---------------------------
alsa-lib: upgrade 1.2.15 -> 1.2.15.1
Upstream changes: various fixes
https://www.alsa-project.org/wiki/Changes_v1.2.15_v1.2.15.1
Remove no longer needed patch:
0001-ucm-use-closefrom-instead-of-close_range.patch
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 8a264cb75a
---------------------------
selftest: devtool: Set PATH when running pseudo
When running pseudo outside of bitbake, we need to use the same PATH as
we would use if we were running inside bitbake instead of the host
environment's PATH.
This is particularly important on Ubuntu 25.10 where 'ls' on this host's
PATH is provided by uutils and we have setup links in HOSTTOOLS_DIR to
ensure that the gnu coreutils implementation is used instead.
Fixes [YOCTO #16099]
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 479d48503d
---------------------------
icu: upgrade 77-1 -> 78.1
Upstream has adopted the . as version separator, so custom recipe logic
can be dropped.
License-Update: additional files under MIT.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a8ddda6033
---------------------------
libtheora: set CVE_PRODUCT
In the NVD database, the product name of libtheora is theora.
This was set to ensure that cve-check works correctly.
Signed-off-by: Ken Kurematsu <k.kurematsu@nskint.co.jp>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: fa4afc31df
---------------------------
oe-selftest: fitimage: support FIT_CONF_MAPPINGS
Add some quick tests for the FIT_CONF_MAPPINGS handling in fitimage.py
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: e30f809a50
---------------------------
kernel-fitimage: Add FIT_CONF_MAPPINGS for flexible DTB configuration
Having a 1-1 mapping between DTB names and configuration nodes names in
FIT images does not always work. Make this a bit more flexible by
allowing users to specify mappings to rename configuration nodes or add
extra configuration nodes for existing DTBs.
The new FIT_CONF_MAPPINGS variable accepts a space-separated list of
mapping commands:
- dtb-conf:DTB_NAME:NEW_NAME
Renames the configuration node for a specific DTB.
- dtb-extra-conf:DTB_NAME:EXTRA_NAME
Creates an additional configuration node for an existing DTB.
Example usage:
FIT_CONF_MAPPINGS = "\
dtb-extra-conf:am335x-bonegreen:bonegreen \
dtb-conf:am335x-boneblack:bbblack"
This generates three configuration nodes from two DTBs:
am335x-bonegreen, bonegreen (extra), and bbblack (renamed).
The implementation validates all mappings and ensures they match
existing DTBs, failing with clear error messages for invalid or unused
mappings.
Also removes leftover debug warning that was printing DTB configuration
details during FIT image generation.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: d925d67061
---------------------------
fitimage: Add FIT_MKIMAGE_EXTRA_OPTS for flexible mkimage arguments
Currently, mkimage options in U-Boot recipes are fixed, which limits
flexibility for platforms that require additional mkimage arguments.
Introduce FIT_MKIMAGE_EXTRA_OPTS to allow passing extra options to
mkimage during image generation.
This is a generic need because different SoCs and boot configurations
often require mkimage flags beyond the defaults.
By exposing this variable, we provide a clean and extensible mechanism
for developers to meet hardware-specific and security requirements
without hardcoding options in recipes.
Example:
UBOOT_MKIMAGE_EXTRA_OPTS = "-B 8 -E"
will result in the mkimage command being invoked as:
`mkimage -B 8 -E -f fit-image.its fitImage`
- `-E` enables external data in FIT images, which is essential for
modular boot setups, secure boot workflows, and reducing image size.
- `-B 8` enforces 8-byte alignment, ensuring compatibility with boot
ROM requirements, improving memory access efficiency, and supporting
predictable offsets for multi-component FIT images.
Signed-off-by: Kavinaya S <kavinaya@qti.qualcomm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-797_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-796_default.lock.xml
judo-auto-test
---------------------------
Commit: 7937d98
---------------------------
CSNMR-5557 Implement Network Diag Enable and Cfg keywords
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-796_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-795_default.lock.xml
judo-security
---------------------------
Commit: 38f53ec
---------------------------
CSNMR-5558: add MFG yubikey 29609883 params files
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-795_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-793_default.lock.xml
judo-cfg-agents
---------------------------
Commit: ff91fea
---------------------------
Bugfix: Capture/print errors when trying to publish
Without this change, the errors are only printed on agent
shutdown/crash.
The exceptions thrown here are not limited to SchemaValidation
errors, as TypeErrors can be thrown due to JSON serialisation
failures, so just capture any/all exceptions.
---------------------------
Commit: 798153e
---------------------------
Bugfix: the list of expected devices in a unit will never change
Could only ever change if the detected device variant changes, and
that will only happen on the agent restarting.
---------------------------
Commit: 1a728e8
---------------------------
system_properties: Add phoenix UHF detection
---------------------------
Commit: a161927
---------------------------
Bugfix: Use device variant provided by env
---------------------------
Commit: 250e532
---------------------------
Bugfix: Ensure subprocess returns strings, not byte-sequences
bytes are not JSON-serialisable, and callers were expecting/assuming
strings anyway.
---------------------------
Commit: d3850bd
---------------------------
Sumo/Kendo variants update from requirements
Placeholders for phoenix and TR300 detection.
---------------------------
Commit: 4233785
---------------------------
SUMO-551: Add porpoise-services recipe to Sumo image
Includes the 'tricat' daemon and CLI app for managing Bluetooth.
---------------------------
Commit: 77baad6
---------------------------
SUMO-551: Define new Sumo Bluetooth packagegroup
---------------------------
Commit: ed69c00
---------------------------
SUMO-551: Add readme's for low-level Bluetooth design details
Record details on how the Bluetooth FW updates and runtime
management are implemented.
---------------------------
Commit: 3ba97ad
---------------------------
SUMO-551: Add driver for PPS signal from GNSS receiver
Passed into 'Porpoise' tricat application for synchronising time
over Bluetooth with remote devices.
---------------------------
Commit: 9b7f9ce
---------------------------
SUMO-551: Customise porpoise-services recipe for Sumo
- Switch all SRCREVs to commit-hashes.
- Fix setting ${S}, upstream/Yocto change.
- Add systemd service to auto-start `tricatd`.
- Modify JSON configuration to work with Sumo HW.
- Requires `.b01` FW files so deploy them in the trident FW recipe.
- Remove Porpoise-specific binaries/dependencies/tools.
---------------------------
Commit: 89ebb9a
---------------------------
SUMO-551: Add porpoise-services recipe
Provides Bluetooth runtime management as part of the Corsica/
Cousteau project/design.
Copied directly from ORCA project:
https://bitbucket.trimble.tools/projects/ORCA/repos/porpoise-meta/browse/recipes-porpoise/porpoise-services/porpoise-services.bb
---------------------------
Commit: bf321d7
---------------------------
Bugfix: Fix ordering of machine overrides for Sumo
Ensure 'sumo' is the most-specific machine type so `:sumo`
overrides take the highest priority.
---------------------------
Commit: d090ab9
---------------------------
SUMO-551: Add Trident production BT FW
---------------------------
Commit: 4f3efa6
---------------------------
SUMO-551: Rename BT compliance FW recipe
In preparation for adding the production/Trident FW.
---------------------------
Commit: ce47ab4
---------------------------
Bugfix: Allow Sumo (and Kendo) devices in system_properties
Prior to this, Sumo devices were being handled as unknown devices
and missing any/all HW components, breaking the webUI.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-793_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-792_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-792_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-791_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-791_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-790_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-790_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-789_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-789_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-788_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-788_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-787_default.lock.xml
---------------------------
Commit: 24dc37d
---------------------------
Update layer compat for wrynose
Upstream has changed the LAYERSERIES_CORENAMES from whinlatter to
wrynose on the master branch.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 2475121
---------------------------
Revert "crun: Fix QA error which is breaking the builds"
This reverts commit 4ce9cb28aa5875e989a0e954d0b6ac78778dcb9d.
No longer needed as issue has been addressed upstream.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-787_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-786_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-786_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-785_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-785_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-784_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-784_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-783_default.lock.xml
judo-cfg-agents
---------------------------
Commit: b14dfc7
---------------------------
CSNMR-5428: Add support for GNSS Reset
GNSS supports the following GNSS reset levels:
* PVT: The PVT Engine (RTK/RTX) is restarted without
restarting tracking or rebooting the GNSS subsystem.
* SV_DATA: Clears stored ephemeris and almanac data and
reboots the GNSS subsystem.
* FULL: Restores the receiver to factory state. This will
clear Ephemeris and Almanac data, clear all logged data,
reformat storage, restore factory settings and reboot the
GNSS subsystem.
For each of the reset levels, the following steps are taken:
1. GNSS Manager Agent stops bd992-handler
2. Perform BD reset
a. bd992-handler reset [serial_port] [reset_level]
b. Where reset_level is PVT, SV_DATA, or FULL
c. Wait for reset to complete
3. GNSS Manager Agent starts bd992-handler
judo-design-docs
---------------------------
Commit: b4b328d
---------------------------
CSNMR-5428: Update GNSS Manager Docs for GNSS Reset
Update GNSS Manager design documentation for GNSS Reset.
judo-radio-utils
---------------------------
Commit: e9f54c3
---------------------------
CSNMR-5628: Remove functional test start and stop scripts
The setup and teardown actions performed by these scripts are now
performed by the MQTT test console.
---------------------------
Commit: 3046c99
---------------------------
CSNMR-5628: Add Phoenix functional test service
This changeset adds a service which runs the Phoenix handler, receiving
data on the frequency used in the functional test and publishing that
data on the port used for observable data output, so that the data
can pass through the firewall and be received by the test
monitor/controller.
---------------------------
Commit: 703f44e
---------------------------
CSNMR-5628: run-phoenix-suhf.py: Allow configuring output address
The firewall allows outgoing traffic on port 12101 for observables data
from the UHF radio. This changeset allows the output address to be
configured for this port so that observable data can be received by the
functional test controller, while retaining the default behaviour of
sending observable data on 0.0.0.0:1234.
---------------------------
Commit: d43e789
---------------------------
CSNMR-5628: Add send-observables systemd service
Making send-observables a systemd service avoids the complexity
of managing the process directly in tests.
---------------------------
Commit: c31c1c9
---------------------------
CSNMR-5628: judo-radio-utils: Update SRCREV
This changeset also adds systemd services for running the secondary
Judo unit's Mikimoto UHF transmitter and the UUT's Phoenix UHF
receiver. These are used during functional testing of the UUT's Phoenix
UHF receiver.
---------------------------
Commit: cbd8df9
---------------------------
CSNMR-5628: gpioset-services: Enable Sumo UHF LNA on boot
---------------------------
Commit: 702f8c4
---------------------------
CSNMR-5428: Update SRCREV
Update SRCREV for judo-cfg-agents
---------------------------
Commit: 4f72db8
---------------------------
CSNMR-5428: Update SRCREV for rust-gnss
Update rust-gnss SRCREV to add GNSS reset support
to 4c0485a14818bd315b6043e059ab6c4340d97642
---------------------------
Commit: 874ba56
---------------------------
CSNMR-5628: python3-mqtt-api: Manage run-phoenix-suhf in functional tests using systemd service
---------------------------
Commit: 4cd307c
---------------------------
CSNMR-5628: python3-mqtt-api: Manage send-observables in functional tests using systemd service
---------------------------
Commit: 72579a7
---------------------------
CSNMR-5628: python3-mqtt-api: Use enable-uhf service to sequence TR49 power in functional tests
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-783_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-782_default.lock.xml
judo-auto-test
---------------------------
Commit: 61d072d
---------------------------
CSNMR-5622 Improve canbus tests and fix failures
- Unskip test for CSNMR-5621: fix root cause of failure. A single
shared buffer holds incoming MQTT messages; each new subscribe
replaced it, so tests sometimes read from the previous subscribe’s
(empty) buffer. Fix by aligning subscribe/listen usage so the
correct buffer is used.
- Improve canbus test flow and robustness.
yocto-docs
---------------------------
Commit: f2811603d
---------------------------
set_versions.py: fix codestyle/formatting issues
Fix issues reported by pycodestyle (long lines, spurious or missing
whitespaces, underindented lines), and add the missing description of
the get_abbrev_hash() function.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 6c8961015
---------------------------
set_versions.py: move the poky_mapping dict where it is used
The poky_mapping dict isn't used until after the replacements dict is
created. Move it's definitions to where it's used. Also fix a codestyle
issue while we're at it (whitespace before ":").
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 98815cee1
---------------------------
set_versions.py: use bitbake mappings from remote releases.json
After [1] we can now use the bitbake version mappings maintained in the
remote releases.json file, allowing to reduce maintenance effort here.
[1]:
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-782_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-781_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-781_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-780_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 1eea9e8
---------------------------
CSNMR-5564: Change firmware_ota_agent to check internet connectivity
This changes the agent to only access the internet for identity
certificates and firmware updates when there is internet connectivity.
The reason for this is the cloud access functions can take a long time
and might interfere with local firmware updates. Once internet is available,
those cloud checks are usually fast and take a few seconds.
In agent.py:
It adds a new class to receive internet diagnostic messages
to notify the manager when internet is available.
The call to device_update_identity_cert() is removed where the environment
is updated. Instead, the manager gets the cert when it needs to check for
firmware so that both operations are controlled by the same logic.
The class SetEnvCfgEvent is instatiated after the FirmwareOtaUpdateManager
so that internal settings do not get overridden with defaults in the manager.
In manager.py
The function setDeviceParams is broken into two parts. It still sets the
environment _device_params for stage or prod. But the cloud_params are
extracted in the new _extract_base_url() after the certificate is downloaded.
Finally, the check_update has two new additions. 1. It tests if the
_internet_connected flag is set. If not it schedules another try for later.
2. It downloads the identity certificate if it is the first try or if the
environment has changed. If that download fails, it schedules another try.
---------------------------
Commit: cee59f6
---------------------------
CSNMR-5564: Fix local firmware update to not check for certificates
This is the main fix for the local updates that were timing out
because the call to update_env() was taking a long time. Now it
does not check for a certificate when stop_cloud_update and
install_update commands are sent.
---------------------------
Commit: 837fdda
---------------------------
CSNMR-5564: Check for firmware update after broker connection
This change moves the initial firmware check to after the agent
is connected to zenoh to enable it to check internet status. It
also has the benefit of making the initial startup faster.
---------------------------
Commit: 41dab7e
---------------------------
CSNMR-4696: recovery: Fix DHCP server race on boot
When booting into recovery mode, there is a race condition with starting
the dhcp server and the mounting of the `/var/lib` path. The `/var/lib`
must be read-write before the DHCP server can be started.
There are multiple services that rely on `/var/lib` being read/write, so
improving the startup service dependencies allows the system to boot up
into recovery and provide DHCP services to connected devices.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 6ac2412
---------------------------
CSNMR-5564: Update SRCREV for judo-cfg-agents
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-780_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-779_default.lock.xml
manifest-judo
---------------------------
Commit: d34f237
---------------------------
SUMO-552 commit message summaries for builds
All of these scripts are designed for stand-alone use. They are **not** part
of the build process (at least not yet).
All of these scripts scrape the git history of all the Judo repositories, to
list commits used for a build. The repositories must already checked out or
updated (using the Android repo tool).
- buildinfo_summaries.py uses the `/etc/os-release` and `etc/buildinfo` from
an live Judo/Timo/Sumo, to get the messages. This script will grab the
necessary files from the DUT, via ssh.
- xml_lock_summaries.py uses a default.lock.xml from the Bamboo artifacts,
to get the messages. The default.lock.xml must be manually downloaded.
- xml_lock_summary_diff.py uses two default.lock.xml from the Bamboo artifacts,
to get the messages for all commits called out by hashes in the two
default.lock.xml files. The default.lock.xml files must be manually
downloaded.
- scripts/bamboo_fw_download.py: download Bamboo firmware artifacts
(.raucb, optional .wic.xz) via REST API and PAT; supports multiple
plan keys (Judo-HS-Prod, RPi, Sumo), label expansion from HTML browse
pages, pre-signed S3 URLs, --force, -v/--verbose.
- scripts/*.md: requirements for the script (purpose,
inputs, core behavior, CLI, constants, dependencies, etc).
Note: All the scripts in this commit were created with AI, which is why the
scripts/*.md files have been included, even though they are not directly used.
yocto-docs
---------------------------
Commit: 5d711350a
---------------------------
ref-manual/system-requirements: add fedora 43 as supported distro
Fedora 43 is now properly tested for Poky[1], so let's add it to the
list of supported distros.
[1] https://git.yoctoproject.org/meta-yocto/commit/?id=4c156ef673f8ff7c967b2b34dd1d366e1b74d41c
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b92cffd3e
---------------------------
ref-manual/system-requirements: update list of EoL distros we still test
Fedora 41 is EoL since end of 2025[1] and Ubuntu 25.04 since mid January
2026[2], so let's add them to the list of distros we're testing but
don't receive updates for.
[1] https://docs.fedoraproject.org/en-US/releases/eol/#_unsupported_fedora_linux_releases
[2] https://documentation.ubuntu.com/project/release-team/list-of-releases/#end-of-life
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 5afd21a88
---------------------------
overview-manual/concepts: list other possible class directories
Classes can be located in three different directories since Langdale
(4.1), so let's update which directories you can find in a distribution
layer.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0d05dedd6
---------------------------
ref-manual: delete claim PACKAGE_EXCLUDE does not support .deb
The current explanation of "PACKAGE_EXCLUDE" claims that this
variable does not support .deb packaging; this is incorrect.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Tested-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 73b3beb99
---------------------------
overview-manual: escape wildcard in inline markup
This change escapes the wildcard in 'recipes-*' to properly italicize
the string
Signed-off-by: Kristiyan Chakarov <kichakarov0@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 5bebe38a8
---------------------------
set_versions.py: build with versions from releases.json
Build using the releases.json file obtained from
https://dashboard.yoctoproject.org/releases.json. If this file is
already downloaded, don't fetch it again.
If we fail fetching the file, use default values (and print a warning).
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-779_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-778_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-778_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-777_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-777_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-776_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-776_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-775_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-775_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-774_default.lock.xml
judo-bd992-fw
---------------------------
Commit: e86f0c1
---------------------------
CSNMR-5600: update BD images for stella
Update BD images for stella to 6.60-0.27
Stella Checksum = 0x3EFE8B8D
---------------------------
Commit: 34694d1
---------------------------
CSNMR-5600: Add GNSS stella firmware update
Update stella firmware GNSS override configuration to 6.60-0.27
---------------------------
Commit: d442f89
---------------------------
CSNMR-5600: update SRCREV
Update SRCREV for bd992-fw-update repo which holds stella 6.60-0.27 image.
---------------------------
Commit: a444478
---------------------------
CSNMR-5600: update Stella firmware from 6.60-0.24 to 6.60-0.27
Install Stella firmware image 6.60-0.27
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-774_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-773_default.lock.xml
manifest-judo
---------------------------
Commit: b4b9ea3
---------------------------
CSNMR-5203: Propagate build errors up to bamboo
We are not properly propagating yocto build errors up to bamboo from the
docker containers. As such, bamboo always thinks the build succeeded and
then tried to run the regression tests when it should not and the tests
fail. This is confussing since it looks like the tests failed, when that
is not actually where the failure was.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-773_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-772_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-772_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-771_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-771_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-770_default.lock.xml
judo-auto-test
---------------------------
Commit: a4c4c31
---------------------------
CSNMR-5621 Skip canbus test
judo-radio-utils
---------------------------
Commit: afc66c6
---------------------------
SUMO-553: Add read-5v-psu-amps.py and run-phoenix-suhf.py helpers
With some minor modifications, these scripts have been copied from
the attachments to SUMO-553.
---------------------------
Commit: ea481c9
---------------------------
SUMO-553: judo-radio-utils: update SRCREV
This changeset also adds the python3-smbus2 dependency to the
judo-radio-utils recipe, as it is required by the read-5v-psu-amps.py
script.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-770_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-769_default.lock.xml
judo-cfg-agents
---------------------------
Commit: a9b04bd
---------------------------
CSNMR-5426: Add soft_reset to system_control_agent
Add soft reset to system_control_agent using systemd stop and start
commands from a soft_reset.sh script. system_control_agent
sends the SUCCESS_COMMAND_EXECUTED event notification on accepted soft_reset
command start.
---------------------------
Commit: bab1362
---------------------------
CSNMR-5426: Update SRCREV soft_reset for system_control
Update SRCREV for soft_reset support in system_control_agent. Add bash
script that needs to run as a separate process to perform a system
control soft_reset. Services being restarted are all cfg-agent agents
except for licensing. Do not restart licensing agent as it needs to
start and be ready before the other agents start.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-769_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-767_default.lock.xml
manifest-judo
---------------------------
Commit: 12b5296
---------------------------
CSNMR-5413: OS snapshot capture after test jobs
Add pull-dut-os-snapshot.py to capture the DUT OS snapshot via MQTT
after each test run. The script subscribes to system_properties for the
device ID, triggers a snapshot, waits for completion, and downloads the
resulting archive to the Bamboo workspace.
Each test wrapper (firmware, radio/GNSS, cell) now calls the snapshot
script inside the TEST_CORE_IMAGE block. The snapshot exit code is
ignored; a required Bamboo artifact enforces that the snapshot was
produced, failing the job at artifact collection if missing.
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-767_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-766_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-766_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-765_default.lock.xml
judo-radio-utils
---------------------------
Commit: a8fcdd0
---------------------------
CSNMR-5538: Fix HaLow subnet
The default HaLow subnet is 192.168.44.0/24, not 192.168.200.0/24.
---------------------------
Commit: 4a096b7
---------------------------
CSNMR-5538: Remove HaLow AP/STA setup scripts
Setting up the HaLow AP and STA can now be done using the MQTT API.
---------------------------
Commit: 7c99eca
---------------------------
CSNMR-5538: Add halow-uhf-rf-path-ctl utility to Sumo image
The halow-uhf-rf-path-ctl utility configures the RF path shared by the
HaLow and UHF radios on Sumo hardware.
---------------------------
Commit: d266da2
---------------------------
CSNMR-5538: Enable load-nrc service on boot
Running the load-nrc service to load the HaLow driver on boot seems
to produce reliable results, and is simpler than running the service
manually.
---------------------------
Commit: 7ae5eac
---------------------------
CSNMR-5538: Configure Sumo HaLow/UHF shared RF path on boot
This changeset adds a service which configures the shared HaLow/UHF
RF path on Sumo when the device boots. This service is a temporary
solution to configuring this part of the hardware, and this commit
should be reverted once the RF path is configured via the MQTT API.
---------------------------
Commit: 67197f2
---------------------------
CSNMR-5538: Add Sumo HaLow/UHF shared RF path config utility
---------------------------
Commit: f210b3b
---------------------------
CSNMR-5538: judo-radio-utils: update SRCREV
This changeset also removes the HaLow AP and STA services used by
the functional test, as HaLow is now configured using the MQTT
API.
---------------------------
Commit: 5d3d493
---------------------------
CSNMR-5538: Minimise restarting of UUT MQTT brokers
This changeset adds code to start-tmux-monitor-controller which avoids
restarting the MQTT brokers on the UUT and secondary unit if the
associated bridge is already configured.
---------------------------
Commit: 7a1a406
---------------------------
CSNMR-5538: Fix HaLow subnet
The default HaLow subnet is 192.168.44.0/24, not 192.168.200.0/24.
---------------------------
Commit: 4d6d4d1
---------------------------
CSNMR-5538: Initialize HaLow in emc-test-monitoring
This changeset reinstates the HaLow initialization in the emc-test-monitoring
script and removes the associated code from start-tmux-monitor-controller.sh.
It also tears down the HaLow AP and STA when the test console is shut down.
mqtt-api
---------------------------
Commit: 55244de
---------------------------
CSNMR-5538: Set up and tear down HaLow interface in controller scripts
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-765_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-764_default.lock.xml
manifest-judo
---------------------------
Commit: 7625499
---------------------------
scripts: Remove judo-build hash server from configuration
The hash server on the judo-build server no longer exists, and
attempting to contact it generates warning messages in the build log.
This change fixes the following warnings in the build output (and
other similar warnings in specific recipes):
WARNING: Error contacting Hash Equivalence Server judo-build.ap.trimblecorp.net:8686: [Errno -2] Name or service not known
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-764_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-763_default.lock.xml
---------------------------
Commit: 98fe292
---------------------------
CSNMR-5588: Update the Judo web UI to version 0.24.10
The recipes are renamed with the new version and the Artifactory
checksums are changed to match the new files.
---------------------------
Commit: f8eab82
---------------------------
Fix judo-web-ui.conf to not cache v0 pages
There can be times when the v0 web UI displays cached versions of files.
This change adds the necessary header to v0 responses to avoid caching.
It may still be necessary to hit Ctrl-F5 to do a hard reload if an older
version was installed that did not have this caching fix.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-763_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-762_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-762_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-761_default.lock.xml
judo-auto-test
---------------------------
Commit: ec85a83
---------------------------
CSNMR-5590 Remove duplicate ping tests
- Multiple ping tests were imlemented in
RF. eth_4we_1, eth_2we_1, eth_2we_2, and
eth_bd992. Remove these tests from Slash
as they are no longer needed there.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-761_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-760_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-760_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-759_default.lock.xml
judo-bd992-fw
---------------------------
Commit: fc7599b
---------------------------
CSNMR-5214: update BD images for stella
Update BD images for stella to 6.60-0.24
Stella Checksum = 0x179D32E4
judo-cfg-agents
---------------------------
Commit: 6a8c581
---------------------------
CSNMR-5214: Add support for Stella firmware update
Check for Stella or BD992 to determine static GNSS
configuration file. Generate GNSS configuration adjusting
the Stella firmware image and firmware checksum on a unit
with Stella.
Add GNSS Mgr check for cfg change.
To avoid unnecessary GNSS restarts, GNSS configuration
does the following:
1. Update and merge GNSS configurations
2. get current GNSS configuration
3. compare merged and current configuration
4. restart GNSS handlers if configuration has changed.
judo-design-docs
---------------------------
Commit: 5b71ecd
---------------------------
CSNMR-5214 Update GNSS Design Documentation
Updated the GNSS Manager design documentation to support
dynamic runtime parameter changes. The system now generates
a unified configuration by merging static base files,
runtime-generated logging settings, and optional manual
overrides using a "last-one-wins" priority hierarchy for
matching keys.
---------------------------
Commit: 150049c
---------------------------
CSNMR-5214: Add GNSS auto stella firmware update
Add GNSS automatic firmware update for stella. If unit has a stella, then
the GNSS Manager will read a stella configuration override file to
generate a GNSS configuration with the stella firmware image file and
firmware checksum. If there is a stella firmware checksum mismatch,
the bd992-handler will automatically update the stella firmware.
---------------------------
Commit: 617f1d8
---------------------------
CSNMR-5214: Add SRCREV for Stella auto fw update
GNSS Manager agent checks for Stella or BD992 to determine generate
GNSS configuration overriding the Stella firmware image and firmware
checksum on a units with Stella.
---------------------------
Commit: 0104484
---------------------------
CSNMR-5214: Add Stella firmware image to Judo OS
Add Stella 6.60_0.24 firmware image to Judo OS
---------------------------
Commit: ef76cd6
---------------------------
CSNMR-5214 Update to latest rust-gnss
Update rust-gnss to SRCREV_rust-gnss = "bd4b506b1a9ced7cbba19c33ff44736dbf1e94dc"
which includes:
bd4b506b1 Add HL_nGPIO_CTL to phoenix-handler
8d433fcc0 Try harder to get fw checksum to avoid unnecessary installs
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-759_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-758_default.lock.xml
judo-auto-test
---------------------------
Commit: 13445d0
---------------------------
CSNMR-5585 Unskip Reboot Initiates License Refresh RF testcase
- CSNMR-5534 was implemented so unskip the reboot.
test. After the reboot completes and the License
Process State reaches complete. There is an
additional check to verify that the source of
the restored license is from the cloud.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-758_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-757_default.lock.xml
judo-api-specs
---------------------------
Commit: 8860f14
---------------------------
CSNMR-5490: add first pass of API conventions docs
Added a note on conventions and link to syntax conventions
doc.
---------------------------
Commit: a936f19
---------------------------
CSNMR-5490: add first pass cfg/event API template
Added first pass template-cfg-event.yml file.
Using this file as a base for new APIs will help keep API
additions in line with the syntax conventions.
---------------------------
Commit: 7e91a20
---------------------------
fixup: remove unused tag from asyncapi.yml
---------------------------
Commit: 6d6fcab
---------------------------
CSNMR-5498: fix statusCode and casing in gnss_reset messages
---------------------------
Commit: 9e25513
---------------------------
CSNMR-5454: program-uhf-fpga: Update FPGA image
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-757_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-756_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-756_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-755_default.lock.xml
judo-api-specs
---------------------------
Commit: 7018613
---------------------------
CSNMR-5567: remove x-channel-name from asyncapi spec
Removed x-channel-name extensions from all asyncapi definitions.
This extension is deprecated and now unused.
judo-cfg-agents
---------------------------
Commit: 77ab641
---------------------------
CSNMR-5572: add MP1087 model support to system properties
Added a duplication of the MP1086 component sets for MP1087.
MP1087 hardware is essentially the same as MP1086, we just need
to accept both models. Potential refactor of variant and suffix
is a later question for Sumo development.
---------------------------
Commit: 6b5b9a9
---------------------------
CSNMR-5567: update SRCREV judo-api-specs
---------------------------
Commit: 404ce47
---------------------------
CSNMR-5572: update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-755_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-754_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-754_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-753_default.lock.xml
judo-api-specs
---------------------------
Commit: fba598f
---------------------------
CSNMR-5302: Add signalBars to the wifi diagnostic spec
In addition to the rssi signal strength, this adds signalBars for
ease of displaying signal strength.
The version is updated to 0.64.0.
judo-auto-test
---------------------------
Commit: 8310ed5
---------------------------
CSNMR-5578 Fix can_bus.robot test
- The CI fails the mp1010_mqtt_api/canbus.robot tests.
Root cause is the enable parameter for the
publish message is set to a RF ${True}/${False} and
not true/false as required by in the payload. The
fix is to set the values correctly
judo-cfg-agents
---------------------------
Commit: dd1c520
---------------------------
CSNMR-4051: Add 80211/Wifi/Halow diagnostics info implementation
Diagnostic code is implemented in the ieee80211_agent to
produce the event_diag_80211_info message. The reason it is
in the agent and not in the diags_agent is to keep this code
close to the agent it monitors. The diagnostic class could
be moved to the diags agent easily if needed.
Messages are published for wifi and halow radios. At the
moment, the halow message is mostly blank unless the halow
radio gets turned on with "sudo modprobe nrc".
This diagnostic code does a lot of command line queries
to gather information with parsing steps.
The unit tests cover all the conditionals so there are a
lot of tests.
---------------------------
Commit: e4af1da
---------------------------
CSNMR-5302: Update SRCREV for judo-api-specs
---------------------------
Commit: a4e402a
---------------------------
CSNMR-4051: Update SRCREV for judo-cfg-agents
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-753_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-752_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-752_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-751_default.lock.xml
judo-rest-api
---------------------------
Commit: 645a0b6
---------------------------
CSNMR-5448: Add file patch REST service
This new patch service runs as a separate process from the Judo-rest-api.
The reason is so it can be started and stopped on its own. Later,
a license check may be done to enable the service.
The new patch service takes a file and attempts to uncompress it. It returns
error messages and logs activity to a file in /cfg/patch/mp_patch_history.log.
Unit tests are added for basic functionality.
judo-web-ui
---------------------------
Commit: 378e08f
---------------------------
Hide the API Debug section with a toggle button on the v0 page
The Judo API Debug section is now hidden because it is rarely used.
It can be shown with a toggle button. It is still useful for testing
communication with the back end.
---------------------------
Commit: a3eb190
---------------------------
CSNMR-5448: Add a File Patch Service section to the v0 web UI
A new section is added to the v0 web UI to allow a patch zip file
to be sent to the device. It shows a panel with patch log file
contents.
A test folder is created with a simple test zip file that can be
used to test the service.
---------------------------
Commit: b195607
---------------------------
CSNMR-5448: Add Judo Patch Service files and update SRCREV
This change brings in a service file named judo-patch.service to start
the judo-patch service. Even though it is part of the judo-rest-api,
the patch service runs independently because later there may be a license
check before the service will start.
The patch service allows .tar.gz patch files to be installed on the device.
The judo-web-ui.conf file modifies lighttpd to send the api call to the
patch service instead of the standard judo-rest-api. It also provides
an alias for the mp_patch_history.log file so that the web UI can load
the log file.
The judo-web-ui and pythong-judo-rest-api SRCREV is updated to get the
corresponding change for the v0 web UI.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-751_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-750_default.lock.xml
judo-auto-test
---------------------------
Commit: 9fa319f
---------------------------
CSNMR-5395 Add CANBus robot test
CSNMR-5395 Version of canbus robot test
CSNMR-5395-CANBus Robot test
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-750_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-749_default.lock.xml
---------------------------
Commit: 05328a1
---------------------------
CSNMR-5514: Update Judo web UI to version 0.24.7
The recipes for the web UI and the recovery web UI are renamed with the
new version and the Artifictory check sums are updated.
---------------------------
Commit: 80fcc22
---------------------------
CSNMR-5537: Initialize Wi-Fi in emc-test-monitoring
This changeset reinstates the Wi-Fi initialization in the emc-test-monitoring
script and removes the associated code from start-tmux-monitor-controller.sh.
It also tears down the Wi-Fi AP and STA when the test console is shut down.
mqtt-api
---------------------------
Commit: 95b7aa1
---------------------------
CSNMR-5537: Add functional test teardown script
This script currently only disables the Wi-Fi interfaces on the UUT and
secondary unit. It will be extended to disabling the HaLow interfaces
on these units as part of CSNMR-5538, and can be used for any other
teardown that may be required in future.
---------------------------
Commit: 7507c7c
---------------------------
CSNMR-5537: Add wait_for_net_interface_state to controller console
This is used to ensure that wireless IP connections (Wi-Fi and HaLow)
are disestablished before exiting the test console following a
test session, by waiting for the interface to go down.
---------------------------
Commit: 3f9ec82
---------------------------
CSNMR-5537: Add wait_for_dhcp_address_in_range to controller console
This is used to ensure that wireless IP connections (Wi-Fi and HaLow)
are established during setup before starting the test session, by
waiting for the access point to issue an IP address to the station
via DHCP.
---------------------------
Commit: 3401cff
---------------------------
CSNMR-5537: Set up secondary unit as Wi-Fi AP in EMC tests
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-749_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-748_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-748_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-746_default.lock.xml
manifest-judo
---------------------------
Commit: 2d54883
---------------------------
New kernel lock on builds to help with ec2 scaling
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-746_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-745_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-745_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-744_default.lock.xml
---------------------------
Commit: 85bb68d
---------------------------
BEDROCK-191: device-id-cert-tools: Set preferred version
Judo should not yet use the latest version of device-id-cert-tools
(`0.1.2+git`), so we need to explicitly select the older version.
Before we switch to the latest version (which we need for IAM support),
more testing of it is needed.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-744_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-743_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-743_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-741_default.lock.xml
---------------------------
Commit: dee7577
---------------------------
BEDROCK-191: certmgmt: Update recipe to support 0.0.8 and 0.1.2
Between 0.0.8 and 0.1.1 of device-id-cert-tools, there was a major
refactoring of the code base to add support for IAM as the future of
profiles and bootstrap.
Instead of just updating the recipe from 0.0.8 to 0.1.2, we need to
continue to support the 0.0.8 code base as Judo should not consume
the refactored code since it has not been tested on devices yet. We
need to integrate the new code base into bedrock first to facilitate
testing on RPI devices.
For now, the default behavior will see builds getting the 0.0.8 code base
unless the following is set in `local.conf` or `user.conf`:
PREFERRED_VERSION_device-id-cert-tools = "0.1.2%"
This will force using the `device-id-cert-tools_git.bb` version of the
recipe. We will be doing that for bedrock builds so that we can test
the new code base on real devices.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 435e3fb
---------------------------
BEDROCK-191: certmgmt: Fix adding hsm-init-yubikey.py
When setting the FILES variable for the device package, need to append
instead of assign in the .bbappend so as not to clobber the value set in
the main recipe. This was causing the files defined in the main recipe
to not be included in the device sub-package.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-741_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-740_default.lock.xml
judo-cfg-agents
---------------------------
Commit: c4357b0
---------------------------
CSNMR-5462: extend cell service stops in MFG API
Added a restart of the ModemManager service just after the
MFG API modem AT command handler takes down a bunch of cell
services. Added celldiags_agent and NetworkManager to the
stop list.
In the last OS release to the CM the first issued modem AT command
was failing 40 % of the time. Stopping celldiags and Network manager
reduced the occurences. Restarting ModemManager after killing
cell services fully resolved the issue. Serial port conflicts and
half finishing ModemManager interactions were likely the cause.
---------------------------
Commit: 70d69a0
---------------------------
CSNMR-5462: update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-740_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-739_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-739_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-738_default.lock.xml
judo-api-specs
---------------------------
Commit: 80a7854
---------------------------
CSNMR-5523: Add minLength and maxLength to ssid field of 80211 spec
The 80211 radios may have a SSID field 0 to 32 octets (bytes), so
this change helps document the allowable size.
---------------------------
Commit: b1788c7
---------------------------
CSNMR-5523: Update SRCREV for judo-api-specs
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-738_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-737_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-737_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-736_default.lock.xml
judo-web-ui
---------------------------
Commit: c9af362
---------------------------
CSNMR-5002: Add v0 web UI dialog for gnss logging configuration
The v0 web page has index.html and judo.js updated and gnss_log.js added
to include a form for gnss logging configuration. It sends a message to
the Judo that will be picked up the the gnss_manager agent. The agent
will pass the information to the bd922-handler to configure the BD GNSS
receiver logging settings.
---------------------------
Commit: 202d645
---------------------------
CSNMR-5002 Move judo-web-ui SRCREV to an include file
Both judo-web-ui and judo-web-ui-recovery rely on the same SRCREV,
so it is now moved to an include file so that it is updated once.
The judo-api-specs SRCREV is also updated.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-736_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-735_default.lock.xml
judo-cfg-agents
---------------------------
Commit: ec6e9cd
---------------------------
CSNMR-5002: Add Logging to GNSS Mgr
Add GNSS Logging support to GNSS Manager Agent to control
BD Logging with "schedule" support of Disabled, Always, and Continuous.
Add runtime generation of GNSS configuration files. The generated GNSS
configuration file (.toml) will be located in '/cfg/sysconfig'. The
generated configuration is a merge of the static base GNSS configuration
files in '/etc/gnss' and the GNSS logging runtime configuration parameters
The static GNSS base files are selected as before from the GNSS machine
type cfg and GNSS lease cfg. The GNSS runtime cfg is generated from the
GNSS logging cfg. The runtime configuration "wins" over the static
GNSS cfg files if there are any commen keys.
---------------------------
Commit: 896d158
---------------------------
CSNMR-5002: Add GNSS Logging support to GNSS Mgr
Add GNSS Logging support to GNSS Manager Agent.
yocto-docs
---------------------------
Commit: d97cfeaa5
---------------------------
tools/containerfiles: fix docker warning
The current Containerfiles produce the following warning with docker:
1 warning found (use docker --debug to expand):
- UndefinedVar: Usage of undefined variable '$PWD' (line 12)
Remove $PWD and set the WORKDIR so that our pip3_docs.sh script finds
the virtual env.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ba351b354
---------------------------
convert SVGs to PDF and PNG using sphinxcontrib.rsvgconverter plugin
The sphinxcontrib.rsvgconverter plugin allows to generate a PDF or PNG
from an SVG.
This is what we already do manually via Make targets but it isn't good
enough.
Sphinx generates a cache upon first parsing and stores it in a doctrees
directory. Sphinx claims that it can be shared between all builders[1].
For glob patterns in image or figure directives, Sphinx will look for
all possible matches in the source tree and store those in a
"candidates" map for each file, along with the associated mimetype. When
building, Sphinx will then look in this map to try to find a match in
the current builder's supported_image_types. If none is found, the build
will fail.
The latexpdf (using the LaTeXBuilder) target does not support SVGs by
default[2]. We used Make to generate PDFs from them before generating
the doc PDF though (see PDFs variable and %.pdf in Makefile) and that
type is supported by default[2].
The epub (via the Epub3Builder) target does support SVGs by default[3]
but we disabled their support in commit ff3876ca4910 ("conf.py: use PNG
first in EPUB output"). We used Make to generate PNGs from them before
generating the doc epub though (see PNGs variable and %.png in Makefile)
and that type is supported (c.f. Epub3Builder.supported_image_types in
our conf.py).
The issue is that this is done transparently from Sphinx. When we
generate the PDFs or PNGs variants of the SVGs, we put them in-tree
directly along their source file. Then, when caching, Sphinx will find
both the source file and the appropriate variant. However, the cache
isn't updated if there are new files in the tree and the source rST
files aren't modified. So, the cache will not have its map updated and
we won't be able to find the new variant when building for a
non-SVG-compatible builder. Take the following scenario:
- start from a clean source file (fresh clone or git clean -ffdx)
- build the html target (which supports SVGs by default[4])
- sphinx will find all the files in the source tree matching the glob
pattern in ".. image:: test.*", in our case only an SVG since the PDFs
and PNGs are only generated for the latexpdf and epub targets
respectively. The cache will only store the path to the SVG file
because it is the only source file that matches the glob,
- attempt to build the epub target (which doesn't support SVGs, only
PNGs)
- Sphinx checks for the file to include for '.. image:: test.*' and
finds an SVG in the cache map and then check the list of supported
image types for the Epub3Builder and find that it doesn't support
that. It cannot find anything satisfying the dependency and thus fails
to build.
This scenario can easily be reproduced by running the `make all` command
since the html builder will be used first, then epub and finally
latexpdf.
The `make publish` target works by chance, because the epub builder is
built first and will cache SVG + PNG for each glob, then the latexpdf
builder is built and supports PNGs so that's fine and then html, which
supports SVG as well.
To fix this issue, we could simply always generate PDFs and PNGs of all
SVGs in the source tree, but this isn't ideal.
Instead, let's use an ImageConverter from a Sphinx plugin. This allows
to map a plugin as being able to generate a file of type Y from a file
of type X. When Sphinx wants to build an image, it'll try to find the
image with the type the current builder supports in the cache. If it
cannot, it's going to try to find an ImageConverter plugin that is able
to convert one of the image types in cache with one of the image types
the current builder supports. Then Sphinx will call this plugin to
generate the file and put it into the build directory (not in the
source!).
This allows to simplify the Makefile as well and is a much cleaner
approach.
The epub target is removed as the catch-all target contains the same
instructions as the epub target we remove in this commit.
sphinxcontrib.rsvgconverter is a plugin from
sphinxcontrib-svg2pdfconverter python module. SVGs to PNGs is only
supported since 2.0.0.
[1] https://www.sphinx-doc.org/en/master/man/sphinx-build.html#cmdoption-sphinx-build-d
[2] https://www.sphinx-doc.org/en/master/usage/builders/index.html#sphinx.builders.latex.LaTeXBuilder.supported_image_types
[3] https://www.sphinx-doc.org/en/master/usage/builders/index.html#sphinx.builders.epub3.Epub3Builder.supported_image_types
[4] https://www.sphinx-doc.org/en/master/usage/builders/index.html#sphinx.builders.html.StandaloneHTMLBuilder
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 4fbae0147
---------------------------
consistently use pip packages for all distros
Until now, Debian and Ubuntu had special instructions for installing
Python packages to build the docs. Specifically, the packages that all
other distros are installing via pip were installed from the package
feed (apt).
In the next commit, a new Python module will be required, which isn't
available in the package feed. We thus have two options, have a pip3
Debian/Ubuntu-specific set of instructions to install this one package,
or migrate packages currently installed through the package manager to
use pip like other distros. To lower maintenance burden and the
possibility of missing to update both "generic" and "Debian/Ubuntu"
variants of pip instructions, the latter was chosen.
Suggested-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 16599c4f6
---------------------------
use a venv for installing packages with pip
In a few commits, we'll migrate Debian/Ubuntu to use pip packages.
However, Debian rejects pip commands outside of virtual environments.
It is generally best practice to use virtual environments with pip, so
let's migrate distros that currently use pip to use virtual environments
as well.
Because BitBake is a Python project and requires a few Python packages
that we currently install with distro package managers, it would be best
to also include system packages via --system-site-packages when creating
the virtual environment such that the user would either be able to build
the docs or run BitBake, from the same venv.
Unfortunately, one of the packages[1] we'll include in an upcoming
commit breaks sphinxcontrib namespace package and thus we cannot have a
mix of sphinxcontrib-namespaced packages in and outside the venv. Let's
create a completely empty venv for now until the offending package is
fixed (see pending merge request[2]).
Let's instruct the user to install the docs venv in a relative directory
(likely the root of the yocto-docs git repo) instead of guessing a safe
location (/tmp may or may not be an actual volatile directory depending
on the distro).
[1] https://github.com/missinglinkelectronics/sphinxcontrib-svg2pdfconverter/
[2] https://github.com/missinglinkelectronics/sphinxcontrib-svg2pdfconverter/pull/34
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 8354f3b5b
---------------------------
Makefile: use python3 -m sphinx instead of sphinx-build
sphinx-build is a "script"[1][2] which is then made available on the
system as a binary, upon installing the sphinx package.
You can have multiple instances of sphinx installed, e.g. system-wide
via the traditional distro package manager or in a venv. In the case of
a venv, if you have sphinx already installed in your host system, source
the venv activate script and then install sphinx via pip inside the
venv, sphinx-build command will still point at the sphinx from the host
system. The work-around is either to run the venv activate script again,
run `hash -r` or `rehash` in your current shell, or call python3 -m
sphinx instead of the Python script.
Let's do the latter as it's the easiest/least-user-facing solution.
This works because python3 interpreter will be the one from the venv,
and it sets the appropriate paths for loading modules (use only packages
from the venv by default, or prefer them if --system-site-packages is
passed).
[1] https://github.com/sphinx-doc/sphinx/blob/v9.1.0/pyproject.toml#L99
[2] https://packaging.python.org/en/latest/guides/writing-pyproject-toml/#creating-executable-scripts
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 8cc5a1302
---------------------------
qemu.rst: parsing of the code-block was not done
Because the '::' at the previous line starts a literal block.
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ff3cfb0ed
---------------------------
ref-manual: add SPDX_INCLUDE_KERNEL_CONFIG and SPDX_INCLUDE_PACKAGECONFIG
Adding documentation for the new variables to export the Linux kernel
configuration and recipe PACKAGECONFIG features into the SPDX document.
Signed-off-by: Kamel Bouhara (Schneider Electric) <kamel.bouhara@bootlin.com>
[AG: fix variable ordering https://lore.kernel.org/r/DGO3PZFM5WDO.3C92IW83D5RXA@bootlin.com]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 6ab93e2eb
---------------------------
dev-manual: delete references to "tar" package format
There is no "tar" packaging format anymore, so delete these
references.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 3f4ed1d41
---------------------------
Makefile: pass -silent to latexmk
This should drastically decrease the number of lines in the
docs build logs, which currently can go up to 1700000 lines on the
Autobuilder[1].
[1]: https://autobuilder.yoctoproject.org/valkyrie/#/builders/34/builds/400/steps/6/logs/stdio
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 538b55418
---------------------------
what-i-wish-id-known.rst: replace figure by the new SVG
We have a new SVG figure for the Yocto Project workflow figure, which
was updated with d2aaf54bee49 ("overview-manual: convert
YP-flow-diagram.png to SVG"). The one in the "What I wish I’d known
about Yocto Project" is the same. Remove the PNG and make a reference to
the new one.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 2817a9077
---------------------------
tools/host_packages_scripts/tlmgr_docs_pdf.sh: install perl
Fix an issue reported by Quentin on IRC:
The LaTeX files are in _build/latex.
Run 'make' in that directory to run these through (pdf)latex
(use `make latexpdf' here to do that automatically).
make[1]: Entering directory '/docs/documentation/_build/latex'
latexmk -pdf -dvi- -ps- 'theyoctoproject.tex'
Can't locate Time/HiRes.pm in @INC (you may need to install the Time::HiRes module) (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /opt/docs-build-tex-tools/tl/bin/x86_64-linux/latexmk line 97.
BEGIN failed--compilation aborted at /opt/docs-build-tex-tools/tl/bin/x86_64-linux/latexmk line 97.
make[1]: *** [Makefile:28: theyoctoproject.pdf] Error 2
make[1]: Leaving directory '/docs/documentation/_build/latex'
make: *** [Makefile:74: latexpdf] Error 2
make: Leaving directory '/docs/documentation'
We require perl for the latexpdf target to complete successfully. Add it
to the tlmgr_docs_pdf.sh script.
Tested-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 3f052ae60
---------------------------
docs-wide: remove Bazaar fetcher references
Remove the Bazaar fetcher references as it was deprecated in [1].
This fixes the following build issue on master:
.../ref-manual/variables.rst:1506: WARNING: term not in glossary: 'bitbake:BZRDIR' [ref.term]
[1]: https://git.openembedded.org/bitbake/commit/?id=8e057d54f09ca0a1fb64c716da6b66f0ce4555b0
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c9f83bb2e
---------------------------
ref-manual/classes.rst: fix broken links to U-Boot documentation
In the chapter describing the "uboot-sign" class
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-735_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-734_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-734_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-733_default.lock.xml
judo-api-specs
---------------------------
Commit: ee6df44
---------------------------
CSNMR-5534: Change name of license_source to source to match spec conventions
---------------------------
Commit: c191789
---------------------------
CSNMR-5534: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-733_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-732_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-732_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-731_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-731_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-730_default.lock.xml
judo-api-specs
---------------------------
Commit: c920c83
---------------------------
CSNMR-5534: Add license source field to license status update
judo-auto-test
---------------------------
Commit: 19916a6
---------------------------
CSNMR-5393 - Implement CAN bus configuration handling keywords
- Add keywords to enable/didable can interface and
get can interface setting using MQTT
judo-cfg-agents
---------------------------
Commit: af5bc45
---------------------------
CSNMR-5534: Add tracked source of refresh request to license process state message
---------------------------
Commit: 1b13fa3
---------------------------
CSNMR-5534: Update SRCREV
---------------------------
Commit: 71f969b
---------------------------
Bugfix: Use correct nrc7394 halow module FW file
The `nrc7394` module fails to initialise with the default FW file,
so install/deploy `nrc7394_cspi_eeprom.bin` and update the driver
to load that file by default.
---------------------------
Commit: 2a0f2d2
---------------------------
CSNMR-5534: Update SRCREV
nrc7394_sw_pkg
---------------------------
Commit: 7068a25
---------------------------
Bugfix: Fix default FW file
The default non-EEPROM FW fails to initialise the Halow module
with the below error (has a HW revision 0f 0x0000).
```
Feb 17 23:14:38 mp1010 kernel: nrc80211 spi3.0: size of bd file is 8464
Feb 17 23:14:38 mp1010 kernel: nrc80211 spi3.0: Major 01 Minor 04 Total len 2100 Num_Data_Groups 0024 Checksum B3FF
Feb 17 23:14:38 mp1010 kernel: nrc80211 spi3.0: target version is not matched(0 : 2)
Feb 17 23:14:38 mp1010 kernel: nrc80211 spi3.0: target version is not matched(0 : 3)
Feb 17 23:14:38 mp1010 kernel: nrc80211 spi3.0: target version is not matched(0 : 1)
Feb 17 23:14:38 mp1010 kernel: nrc80211 spi3.0: target version is not matched(0 : 4)
Feb 17 23:14:38 mp1010 kernel: nrc80211 spi3.0: BD file is invalid! Stop loading FW
```
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-730_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-729_default.lock.xml
yocto-docs
---------------------------
Commit: 7570d210e
---------------------------
_templates/footer.html: show a dynamically created id of the docs
Since we have switched to branch tips for all versions of the active
releases, having the information of which commit id of yocto-docs was
built is useful. Show it in the footer as a link to
git.yoctoproject.org/yocto-docs.
When a tag is built, create a link to the tag instead.
When building on a floating commit, this will create an invalid link,
but this never happens when publishing the documentation, only for local
development.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: 065e70a62
---------------------------
set_versions.py: set a more accurate DISTRO value
The changes from the previous commit make the current value inaccurate
in some situations, especially since this variable is used in some
commands. Take these situations into account and compute a more accurate
value for DISTRO.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: a8749670e
---------------------------
switchers.js: rework the logic and improve it
Rework the generation of the switcher menu, and also fix it. It's not
obvious how this could be split for easier review, as many parts depend on
one another, so this is what this patch changes and fixes:
- The menu only contains branch tips versions of the documentation for
supported releases now - even though the latest tag is displayed in
the menu.
This approach will fix the lack of release notes for the latest
version of an active branch, as release notes are always published
after the yocto-docs repository is tagged.
- Show a commit id when building on a separate commit that is not a
branch tip or not a tag. This should only ever happen when building
locally (not for the published version).
- All stable/LTS versions are displayed in the menu UNLESS the current
version for which we are viewing is part of them, in which case it's
shown last in the menu.
- Rework the logic to show outdated or obsolete versions to conform with
the above changes, but overall it behaves the same:
- granted that Kirkstone is an active release, and 4.0.32 is the
latest tag for this release, the "outdated" banner is displayed if
we browse any version of Kirkstone inferior to 4.0.32.
- browsing any version not part of the active releases (all LTS
versions + the stable branch) will show the "obsolete" banner.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---------------------------
Commit: b0a9cf917
---------------------------
set_versions.py: remove duplicate and unneeded logic
The following commit will make it unneeded to pass the version to the
script directly, as it will be automatically deduced no matter which
branch we're on. We can therefore the ourversion assignment. We still
want the "getlatest" special argument, so read it from sys.argv
directly.
Add a comment mentioning that the order here is important for getlatest
to work.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-729_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-728_default.lock.xml
judo-radio-utils
---------------------------
Commit: 460c5cb
---------------------------
CSNMR-4649 Functional Test Updates for Swift
Modify halow-test-us-*-open.sh to add arguments for not running wpa_supplicant
or hostapd.
Create a systemd service file for managing these services.
---------------------------
Commit: 77281fb
---------------------------
BEDROCK-183: Force setting adminuser password on first login
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: dc50134
---------------------------
BEDROCK-183: openssh: Remove debug-tweaks
Upstream has removed `debug-tweaks` as allowed value of
`IMAGE_FEATURES`.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 7843d41
---------------------------
packagegroup-bedrock-core: Remove openssl-ossl-module-legacy
Upstream has disabled legacy-openssl by default, so the need to pull in
the openssl-ossl-module-legacy-module for the python3-cryptography
package is no longer needed.
The upstream changes were breaking the bedrock builds.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: d25d879
---------------------------
Add systemd-analyze to os images
This enables the ability to analyze the boot sequence and timing on a
device.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 5ae3694
---------------------------
CSNMR-4649: Add openssh-misc package to CI image
This package provides the ssh-agent and ssh-add utilities which allow
setting up SSH connections to the UUT and secondary unit for tests
which are not yet supported by the MQTT API.
---------------------------
Commit: bbf9402
---------------------------
CSNMR-4649: Add Sumo test setup RPi to hostname lookup
---------------------------
Commit: ab82d76
---------------------------
CSNMR-4649: judo-radio-utils: Package systemd service directories
The systemd service directories need to be packaged by this recipe
because they now contain services for starting the HaLow AP and STA
for functional testing.
---------------------------
Commit: 18a12f7
---------------------------
CSNMR-4649: judo-radio-utils: Update SRCREV
---------------------------
Commit: 3532a4b
---------------------------
CSNMR-4649: Bridge UUT and secondary unit MQTT brokers to RPi broker
This change is necessary because the test controller and monitor expect
to receive messages from both units on the RPi broker and send commands
to both units using the same broker.
---------------------------
Commit: 5d463af
---------------------------
CSNMR-4649: Tweak keyfile name in ssh-add helper message
---------------------------
Commit: 0c262ed
---------------------------
CSNMR-4649: python3-mqtt-api: update SRCREV
---------------------------
Commit: 56aef79
---------------------------
CSNMR-4649 Functional Test Updates for Swift
- emc-test-monitoring:
- update IP addresses to match compliance scripts (we will want to revert
the ip address changes long term)
- change the cell ping interval to 3, to cut down on bandwidth usage
- start-tmux-monitor-controller:
- Configure UHF, Halow, and WiFi
- Check for ssh agent to be running, which is recommended for ssh config
of UHF, Halow and WiFi.
- Don't run mqtt-select-device-id.py, if uut_id.env file exists
- tweak the tmux window split ratios
mqtt-api
---------------------------
Commit: 1808b88
---------------------------
CSNMR-4649: mqtt-api-controller.py: Enable functional test service on UUT at startup
---------------------------
Commit: 3e6fdfb
---------------------------
CSNMR-4649: mqtt-select-device-id.py: Allow selecting Sumo device IDs
---------------------------
Commit: 88dde3e
---------------------------
CSNMR-4649: mqtt-api-monitor: Use event_diag_gnss_data for GNSS tests
---------------------------
Commit: 015cdc4
---------------------------
CSNMR-4649: mqtt-api-controller: Allow exiting session without stopping existing requests
---------------------------
Commit: 26d382a
---------------------------
CSNMR-4649: scripts: Add scripts for setting up HaLow and Wi-Fi STAs
---------------------------
Commit: 5e1aeec
---------------------------
CSNMR-4649: scripts: Exit after setting up Wi-Fi/HaLow AP
This change makes the controller shell scripts for setting up Wi-Fi and
HaLow APs exit after the AP is set up.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-728_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-727_default.lock.xml
cfg-mgr
---------------------------
Commit: a16b400
---------------------------
CSNMR-4816: Increase timeout value for entitlement checks due to increased traffic
---------------------------
Commit: 2ba6e90
---------------------------
CSNMR-4816: Add startup check to cache role entitlement
* This enables async updates to the role entitlements and prevents thread blocking caused timeout errors on entitlement checks
---------------------------
Commit: caf2f23
---------------------------
CSNMR-4816: Allow license timeouts to trigger activation and expiration timeouts
---------------------------
Commit: 66d169e
---------------------------
CSNMR-4816: Remove hash check for license flag
* This change makes it easier for users to add opt out flags via serial, as they do not need a specific file to trigger the flag, any file in the expected location will trigger the opt out
judo-auto-test
---------------------------
Commit: 72f9b67
---------------------------
CSNMR-4816 Skip licensing test for CSNMR-5534
- Skipped the licensing->Reboot Initiates License
Refresh test due to tests inablilty to detect
if the license was updated via cloud.
---------------------------
Commit: 3c92cef
---------------------------
CSNMR-4816 Fix test Reboot Initiates License Refresh
- A bug was introduced with CSNMR-4816 updates that
caused a race condition in the test where after
reboot the payload used to validate the entitlements
could be stale and cause a false result. New
keywords where added to the library to wait for
certain conditions are met before doing the
validation
---------------------------
Commit: 848d8b7
---------------------------
CSNMR-4816 Add new keywords
- Added 3 new keywords:
- is_license_process_state
- get_diag_license_process_state
- wait_for_license_process_state
judo-cfg-agents
---------------------------
Commit: 969efb1
---------------------------
CSNMR-4816: Check access token on connect before confirming remote connection
---------------------------
Commit: 9401cae
---------------------------
CSNMR-4816: Fix UHF agent licensing issue
* UHF agent was not checking license validation on startup, which caused the check to not be properly cached
* This caused subsequent misses checking UHF entitlement status
---------------------------
Commit: b88e219
---------------------------
CSNMR-4816: Increase the license forced refresh period for internal testing purposes
---------------------------
Commit: 5f1fd74
---------------------------
CSNMR-4816: Enable stage env by default for licensing
* This is a temporary change to make the early phase of testing easier until the prod lms env is ready for use
* This removes the requirement that users manually set the environment
---------------------------
Commit: 13a689a
---------------------------
CSNMR-4816: Update SRCREV for judo-cfg-agent and cfg-mgr
---------------------------
Commit: c3ca1e7
---------------------------
CSNMR-4816: Fix list formatting in judo-cfg-agent
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-727_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-726_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-726_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-725_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-725_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-724_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-724_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-723_default.lock.xml
judo-auto-test
---------------------------
Commit: 9b10ab0
---------------------------
CSNMR-5515 Remove depricated keywords
- Removed the depricated keywords from
the judo_mqttlibrary
---------------------------
Commit: 03ba649
---------------------------
CSNMR-5515 Fix lint problems in RF tests
- Fixed multiple lint problems in the RF
test suites.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-723_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-722_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-722_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-721_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-721_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-720_default.lock.xml
asyncapi-spec-obj
---------------------------
Commit: 9a969e5
---------------------------
ValidationError: Prevent error generator exhaustion
This changeset fixes a bug which caused some ValidationError exceptions
to be raised containing no validation errors. This happened because the
generator of error messages being passed to the ValidationError
constructor was being exhausted before the exception message could be
created. This change prevents that from happening by storing a list
of validation error messages in the ValidationError instance instead of
the original generator object, allowing the list of messages to be
iterated over multiple times.
---------------------------
Commit: f451e08
---------------------------
.gitignore: ignore build and reports folders
---------------------------
Commit: aab6bc5
---------------------------
Bugfix: Set radio regulator to a fixed voltage
Defining a 'fixed' regulator with differing min and max voltages
is not supported and was preventing the radio and all derived
regulators (Wi-Fi regulators in particular) from being initialized
properly, this does not affect the HW in any way as the regulators
are not SW controlled, just cleaning up a harmless warning.
---------------------------
Commit: 83f4dc9
---------------------------
DeviceTree: remove non-removable property from Wi-Fi
With a GPIO-controlled power supply (`WF_BT_PWR_EN` GPIO) the
Wi-Fi module is effectively removable and removing the
`non-removable` property ensures the kernel will detect and
initialize the Wi-Fi interface whenever it is powered up.
---------------------------
Commit: 4248776
---------------------------
Wifi Silex SDMAC: configurable IO voltages
Ongoing issues are preventing the Wi-Fi module from operating
at 1v8 IO voltages, but there is still a need to be able to test
fixes.
Allow Wi-Fi IO voltages to be configured via the presence of a
`enable_wifi_1v8` file in the boot partition, (i.e
`/boot/enable_wifi_1v8`) that results in an overlay being applied
to the kernel DeviceTree by U-boot.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-720_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-719_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-719_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-718_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-718_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-717_default.lock.xml
judo-auto-test
---------------------------
Commit: b5097e5
---------------------------
CSNMR-5493 Add Install New Licence test cases
- New test case that test the ability to obtain
licenses from the license server if no licenses
are currently applied to the device.
---------------------------
Commit: 4183750
---------------------------
CSNMR-5493 Add Delete All Licenses keyword
- Added a keyword called Delete All Licenses
which publishes a remove_licenses topic to
the Judo device
---------------------------
Commit: 36b40c4
---------------------------
Fixed __init__.py SystemControlLib misspelling
The spelling for SystemContrlLib in __init__.py
did not match the class name trying to import the
library as systemcntl_lib.SystemControlLib
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-717_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-716_default.lock.xml
judo-auto-test
---------------------------
Commit: 5587434
---------------------------
CSNMR-5331 Add GNSS lease keep-alive to test cases
- Added GNSS keep-alive to test cases to keep the
GNSS lease from expiring prematurely before the
HF GSOF check can be completed
---------------------------
Commit: f3a0aa0
---------------------------
BEDROCK-195: hostapd: Fix to avoid invalid long SSIDs
The hostapd daemon will fail to start if the SSID is set to a value
longer than 32 characters. Example failure:
Feb 11 13:47:30 bedrock-f60d58706fb34fc3-x1 hostapd[635]: Line 1: invalid SSID 'bedrock-f60d58706fb34fc3-x1-7c7749'
Feb 11 13:47:30 bedrock-f60d58706fb34fc3-x1 hostapd[635]: 1 errors found in configuration file '/tmp/hostapd.conf'
If the SSID is too long, it will be truncated to 32 characters.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
---------------------------
Commit: 4ce9cb2
---------------------------
crun: Fix QA error which is breaking the builds
Quells the following QA error:
ERROR: crun-v1.24.0+git-r0 do_package_qa: QA Issue: crun: recipe doesn't
inherit features_check [unhandled-features-check]
This needs to be submitted to upstream meta-virtualization.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-716_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-715_default.lock.xml
judo-security
---------------------------
Commit: 4488171
---------------------------
Replace jabil references with mfg and/or manufacturing
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-715_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-714_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-714_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-713_default.lock.xml
manifest-judo
---------------------------
Commit: 4d1783c
---------------------------
SUMO-483: Update notes on enabling compliance feature
---------------------------
Commit: 9474a6b
---------------------------
Bugfix: Store container data in /data partition
Was previously trying to store in the user home, but that only
worked for non-root users as the root users home is now `/root`
and there is no R/W overlay for it.
---------------------------
Commit: 1bab4a6
---------------------------
SUMO-483: Add bluetooth CW recipe when compliance feature present
Convert compliance feature from a MACHINE feature to a DISTRO
feature.
---------------------------
Commit: 8a67899
---------------------------
SUMO-483: Convert ath10k_compliance feature to compliance
the `compliance` feature now enables compliance FW and scripts
for more than just the Wi-Fi module, currently adds support for
running BT in compliance modes too.
---------------------------
Commit: 62ceaaa
---------------------------
Bugfix: Install Wi-Fi certification scripts to root home
Install into where-ever the `ROOT_HOME` variable points rather
than a hard-coded `/home/root` path (as the root home is now
`/root` by default).
---------------------------
Commit: baeef89
---------------------------
SUMO-483: BT compliance tools and script
Leverages work done for ORCA/Porpoise and modifies it to work on
MP10XX devices.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-713_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-712_default.lock.xml
---------------------------
Commit: bc33235
---------------------------
program-uhf-fpga: Remove references to Jenkins
---------------------------
Commit: cf28d45
---------------------------
CSNMR-5436: program-uhf-fpga: Update to latest nightly FPGA build
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-712_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-711_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-711_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-710_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-710_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-709_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-709_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-708_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-708_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-707_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-707_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-706_default.lock.xml
yocto-docs
---------------------------
Commit: 98840d241
---------------------------
migration-guides/migration-5.3.rst: add note on *FLAGS behavior change
Add a note on how existing *FLAGS += assignments can lead to unexpected
behavior in the 5.3 release notes.
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f40dc0b42
---------------------------
set_versions.py: check that we build from the git repository
Check that we are building from a Git clone of yocto-docs, not a bare
directory, which is not supported as we need to tags to be fetched.
Inform the user how to clone the documentation too.
Fixes [YOCTO #15834]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-706_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-705_default.lock.xml
---------------------------
Commit: 5aeace2
---------------------------
CSNMR-5265: Update rust-gnss for Stella and Sumo
Update Judo rust-gnss SRCREV
from: ef2f9dff19cef99d63e19c1a5fbbded18bb46296
to: d9360226a12947b7dd8035f2d9b83ee929a0540a
CSNMR-5265: Add support for timo/sumo/kendo RxIDs
SUMO-493 : Add sumo board ref to pinmux hardware check
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-705_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-704_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-704_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-703_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-703_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-702_default.lock.xml
---------------------------
Commit: 70286cb
---------------------------
CSNMR-5454: suhf-sword: reset FPGA on driver startup
This changeset updates the SRCREV for Scabbard to integrate control
of the FPGA_RESET line into suhf_driver, and adds the libgpiod
dependency to the recipe.
---------------------------
Commit: 0f13d92
---------------------------
CSNMR-5454: Mark FPGA_RESET pin as active high
The FPGA_RESET pin is actually active high, so the 'n' at the start of
the pin name is not correct.
scabbard-judo
---------------------------
Commit: 1b859e3
---------------------------
CSNMR-5454: Toggle FPGA_RESET line on suhf_driver startup
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-702_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-701_default.lock.xml
judo-auto-test
---------------------------
Commit: 38b2413
---------------------------
Skip GNSS UHF radio test cases
- Skipping the test_feed_correction_data_from_uhf_to_gnss
tests are failing Error: AssertionError: GNSS
receiver fix mode is not RTKFixed after 60 seconds.
See CSNMR-4669
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-701_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-700_default.lock.xml
judo-cfg-agents
---------------------------
Commit: 5e5feff
---------------------------
CSNMR-5478: Remove required id field from license xml schema
---------------------------
Commit: 3e1cc76
---------------------------
CSNMR-5478: Update SRCREV
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-700_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-699_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-699_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-698_default.lock.xml
---------------------------
Commit: 24fb9e3
---------------------------
BEDROCK-190: Use nginx instead of lighttpd
The nginx http server supports openssl engines and providers for pkcs#11
storage/access of privates keys for https.
This also introduces a basic bedrock-web-ui package to install static
web pages for the server to host. The web ui package uses a virtual
webserver config dependency to decouple it from a specific web server,
so in theory, end users can select which web server to use via setting
`PREFERRED_RPROVIDER_virtual-webserver-config`.
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
yocto-docs
---------------------------
Commit: 095981c08
---------------------------
migration-guides: add release notes for 4.0.32
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: e95e60ef8
---------------------------
migration-guides: add release notes for 5.3.1
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
[AG: oecore -> openembedded-core https://lore.kernel.org/r/DGAAISXQEM8B.1JQP7X9NMQ5HA@bootlin.com]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 5fd9d1602
---------------------------
document the OPENSSH_HOST_KEY_DIR and OPENSSH_HOST_KEY_DIR_READONLY_CONFIG variable
Added by commit addd80ddfd89 ("openssh: add variable for key path") in OE-Core.
Signed-off-by: Patrick Vogelaar <patrick.vogelaar.dev@mailbox.org>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 749b79b1a
---------------------------
ref-manual/variables.rst: document new FIT image variables
- FIT_MKIMAGE_EXTRA_OPTS: new variable to pass extra mkimage options
- FIT_CONF_MAPPINGS for flexible DTB mappings
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 37667bcc6
---------------------------
brief-yoctoprojectqs/index.rst: remove extra word from text
The sentence in brief-yoctoprojectqs/index.rst contained a duplicated
word ("dependencies it"). This change removes the extra word to improve
clarity for new users following the quick start guide.
Signed-off-by: Mohammad Rahimi <rahimi.mhmmd@gmail.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 411122812
---------------------------
dev-manual/packages.rst: fix example recipe version
The example recipe taken above is hello-world on version 1.0 (because
PV equals "1.0+git". Fix this issue.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 7a0324b6a
---------------------------
dev-manual/packages.rst: rename r0.0 to r0 when PR server is not enabled
When we don't have a PR server enabled, we don't have leading ".0" to
the PKGR variable, as this is added by the PR server.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 09f0430bc
---------------------------
dev-manual/packages.rst: pr server: fix and explain why r0.X increments on SRCREV change
The current example of the SRCREV change triggering a gitX bump is
wrong, as both gitX and r0.X get incremented.
Why this is happening is explained in bug 15729, which I copy here:
> +gitX+ is indeed related to changes in the source code.
>
> r0.X is bumped each time the checksum of the do_package task of the
> simple-hello-world-git recipe changes. This happens here:
> https://git.openembedded.org/openembedded-core/tree/meta/classes-global/package.bbclass?id=235e6d49e5888ad04416219e10b6df91a738661a#n306
>
> This line sets the value of PRAUTO and represents the number X found in
> r0.X. It will in the end make it into EXTENDPRAUTO, which itself makes
> to PKGR == r0.X.
>
> This line calls getPR(version, pkgarch, checksum). Between test case 5
> and 6, only the checksum changes. This checksum is the checksum of the
> do_package task (gotten from get_do_package_hash() above).
>
> Now, let's dump what changed with regards to this task between two
> consecutive runs, using the sigdata file in build/tmp/stamps/:
>
> ```
> [...]
> Variable fetcher_hashes_dummyfunc value changed from '2650ad6714c3f3248abfe9d3daf1196f307ed494' to '4af682a50174f5deb0397847da97d7cdba4ad067'
> ```
>
> The last line shows that the value of fetcher_hashes_dummyfunc changed
> from '2650ad6714c3f3248abfe9d3daf1196f307ed494' to
> '4af682a50174f5deb0397847da97d7cdba4ad067'. Those are the commit hashes
> in the git history of the simple-hello-world-git repository.
>
> Now you can see why this 0.X gets bumped, is because of the SRCREV change.
Fix the example, and detail what gets changed and why.
[YOCTO #15729]
Cc: Robert Berger <pokylinux@reliableembeddedsystems.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d3f9b0a5a
---------------------------
ref-manual: Document updated UBOOT_CONFIG flow
The UBOOT_CONFIG flow was updated in oe-core [1]. Document all of the
new variables and preferred method of specifying the various controls
for each config.
[1] https://git.openembedded.org/openembedded-core/commit/?id=cd9e7304481b24b27df61c03ad73496d18e4d47c
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
[AG: Typo fixes https://lore.kernel.org/r/DG1YKKEBYK3R.1RDFPILOIHIOP@bootlin.com]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-698_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-697_default.lock.xml
judo-api-specs
---------------------------
Commit: f395c2b
---------------------------
CSNMR-5363: Add system time message to the asyncapi spec
A diagnostic system time event is added with the path {groupId}/event/diag/sys/time.
This message uses the base_event_msg properties and the timestamp comes
for free. There are no additional properties. The message will be produced
once per minute.
The version is updated to 0.62.0.
judo-cfg-agents
---------------------------
Commit: ef63e7d
---------------------------
CSNMR-5363: Add system time message emitter to the diags_agent
This change produces the asyncapi message for event_diag_sys_time.
It is a simple message with just a timestamp field and deviceId.
The code publishes an empty dict and the base class adds the
required fields.
A unit test is included.
---------------------------
Commit: 68d26bb
---------------------------
CSNMR-5363: Update SRCREV for judo-api-specs
---------------------------
Commit: 4fc9bfc
---------------------------
CSNMR-5363: Update SRCREV for judo-cfg-agents
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-697_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-696_default.lock.xml
---------------------------
Commit: bc0ece9
---------------------------
CSNMR-5340: Set version of main to 0.27
---------------------------
Commit: ab0f466
---------------------------
SUMO-279: ms9xx-bridge -> rust-gnss refactor
Handle the renamed packages in the packagegroups, and only include
the command-line tools in -devel images.
---------------------------
Commit: d66b514
---------------------------
SUMO-491: GNSS: use internal TCXO
Stella receivers have an upgraded internal TCXO and do not
require the external one (that is being de-popped) to meet our
accuracy requirements.
Can force all devices to use the internal TCXO (including devices
with BD992 receivers) as all MP10XX devices are going to be
upgraded to Stella receivers before release to customers.
Legacy/development devices with BD992 receivers will still
function fine for development purposes, but will suffer
performance issues in extreme conditions (mainly temperature
extremes?).
---------------------------
Commit: 9cfc28e
---------------------------
SUMO-491: Refactor GNSS power management service
Properly sequence GNSS power/reset and bootstrap option GPIOs
on device startup.
Ensure the receiver is powered up before starting the GNSS
'handler' service and ensure restarts of this service propagate
out to the handler service.
---------------------------
Commit: da5089d
---------------------------
SUMO-279: Disable UHF agent on Sumo
Support for configuring Phoenix radio to be added in SUMO-540.
---------------------------
Commit: f6862e6
---------------------------
SUMO-279: ms9xx-handler -> rust-gnss refactor
Renames/replaces the existing `ms9xx-bridge` recipe as that
builds many more binaries than just the MS9xx bridge, including
`phoenix-handler`.
Split artifacts into individual packages so they can be
individually selected/installed.
Remove the unused patch that was fixed in the latest `rust-gnss`
update, see meta-judo-proprietary commit
`a5cc084602f80c72f21a0d97f1efd5d43de0dc31`
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-696_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-695_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-695_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-694_default.lock.xml
judo-auto-test
---------------------------
Commit: d1bcf48
---------------------------
CSNMR-5068: Remove issue from tests/test_wifi.py:test_default_wifi_configuration skip marker
This changeset removes CSNMR-5068 from the list of issues causing
this test to be skipped. Note that CSNMR-5069 has not been completed,
so this test will not run yet.
---------------------------
Commit: ef07358
---------------------------
CSNMR-4238: Remove stray dependence on separate uut_mqtt_id fixture
---------------------------
Commit: d0a908e
---------------------------
CSNMR-4669: Remain in RTKFixed mode for non-zero time
Removing the UHF correction stream from the GNSS receiver as soon as
it reports RTKFixed position mode causes the receiver to get stuck in
that mode even when the correction stream is removed. Having the test
maintain the correction stream to the receiver for 20 seconds after
it enters RTKFixed position mode fixes this behaviour.
---------------------------
Commit: ad16040
---------------------------
CSNMR-4669: Ensure UUT is not in RTKFixed mode before test
If this not done, the UHF radio could be enabled before checking
that the BD992 is not in RTKFixed mode, making the test invalid
(as the BD992 is not switching to RTKFixed mode as a result of
receiving valid correction data).
Ensuring that the UUT is not in RTKFixed mode is more correct than
ensuring that it is in GNSS mode, as the UUT is not guaranteed to
return to GNSS mode when the UHF correction data stream is lost,
depending on how it is configured and which other correction sources
are available.
---------------------------
Commit: 3a62040
---------------------------
CSNMR-4669: Add useful error message to test_feed_correction_data_from_uhf_to_gnss
---------------------------
Commit: 92f95f0
---------------------------
CSNMR-4669: Reinstate skipped test
---------------------------
Commit: c31e770
---------------------------
CSNMR-5324: Reinstate skipped test
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-694_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-693_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-693_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-692_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-692_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-691_default.lock.xml
manifest-judo
---------------------------
Commit: 0a7c2fc
---------------------------
BEDROCK-194 yocto mirrors used in manifest-judo
Signed-off-by: Brady Hill <brady_hill@trimble.com>
yocto-docs
---------------------------
Commit: 3ec23e9fb
---------------------------
what-i-wish-id-known.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b0eed805b
---------------------------
test-manual/understand-autobuilder.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: dfe9140b6
---------------------------
test-manual/reproducible-builds.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 783aa4d14
---------------------------
ref-manual/yocto-project-supported-features.rst: remove obsolete poky repo reference
Poky -> meta-yocto link replacement.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 805b666f0
---------------------------
ref-manual/system-requirements.rst: fix wrong path to install-buildtools
Reported-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ca6a30277
---------------------------
ref-manual/system-requirements.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 66fb4d577
---------------------------
ref-manual/release-process.rst: remove repeated "in the"
Reported-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: e7231e74a
---------------------------
ref-manual/release-process.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: a2e67529c
---------------------------
ref-manual/features.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 173edb82b
---------------------------
ref-manual/faq.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Rework the difference between Poky and OpenEmbedded. Copy the note from
terms.rst regarding the now obsolete Poky repository.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 1923550cd
---------------------------
ref-manual/devtool-reference.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 91605ea5c
---------------------------
dev-manual/vulnerabilities.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete. Mention
that only vulnerabilities in OpenEmbedded-Core are tracked as that's
where the packages are.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0bcfcf8c7
---------------------------
dev-manual/upgrading-recipes.rst: move meta-openembedded to bitbake-builds/layers
It makes more sense as we expect the layout to be that way.
Suggested-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 67ae0525f
---------------------------
dev-manual/upgrading-recipes.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f0c6ba3f4
---------------------------
dev-manual/qemu.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: faf322d8d
---------------------------
dev-manual/python-development-shell.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d2cddd8c5
---------------------------
dev-manual/packages.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 1820232eb
---------------------------
dev-manual/licenses.rst: instruct to use git-archive instead of removing .git
Removing .git directories is destructive. Instruct to use git archive
instead.
Suggested-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: f0b3659e6
---------------------------
dev-manual/licenses.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 6ec9ce47f
---------------------------
dev-manual/init-manager.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 04af92638
---------------------------
dev-manual/custom-template-configuration-directory.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete. Adapt
paths to match to encouraged Source Directory layout.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 421ec4742
---------------------------
dev-manual/custom-distribution.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 6e440c9ae
---------------------------
dev-manual/build-quality.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 6c8d49202
---------------------------
contributor-guide/identify-component.rst: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0cb6e102f
---------------------------
README: replace obsolete substitution variables
Replace obsolete substitution variables by current ones from
poky.yaml.in.
Suggested-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d95db54e4
---------------------------
README: remove obsolete poky repo references
Refresh the document now that the Poky repository is obsolete.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 29bd24aee
---------------------------
test-manual/runtime-testing.rst: remove obsolete poky repo references
Remove reference to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d26aab08b
---------------------------
sdk-manual/intro.rst: remove obsolete poky repo references
Remove the mention of the Poky git repository. Refer to the existing
setup instructions.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d7ce0ad51
---------------------------
sdk-manual/appendix-obtain.rst: remove obsolete poky repo references
Rename the source directory to project, as specified in its new
definition in terms.rst.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 4c0e97afe
---------------------------
ref-manual/variables.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core
in most cases.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 89818234a
---------------------------
ref-manual/tasks.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 83d88fa2c
---------------------------
ref-manual/structure.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core
in most cases.
Add a introductory directory layout at the top that is reflected in the
following section. This document no longer uses Poky as its source
directory, so all paths are explicitly mentioned, to highlight the
separation between core components. This lead to some re-organization of
some sections.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 63d0fc075
---------------------------
ref-manual/images.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 864a7ec1e
---------------------------
ref-manual/classes.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 178d31924
---------------------------
overview-manual/yp-intro.rst: remove obsolete poky repo references
Remove references to the Poky repository. This document had a lot of
reference to it, so a lot was removed. The "Reference Distribution
(Poky)" section was removed as there already was a "Reference Embedded
Distribution (Poky)" below. This section was simplified as now Poky is
just a distro, not a repo. The historical section was also updated to
mention the obsolete Poky repo.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 345003a75
---------------------------
overview-manual/development-environment.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Replace the poky examples for the Git section by yocto-docs.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 91e96f5c0
---------------------------
overview-manual/concepts.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 2a2de4da9
---------------------------
migration-guides/migration-1.4.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: bedbbb69a
---------------------------
kernel-dev/common.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: e8b03ddb0
---------------------------
dev-manual/wic.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: de6d0a16d
---------------------------
dev-manual/wayland.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 71f9a3f78
---------------------------
dev-manual/temporary-source-code.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b184acb48
---------------------------
dev-manual/securing-images.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0dceb6dd9
---------------------------
dev-manual/new-recipe.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 3da2e7bb3
---------------------------
dev-manual/libraries.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ff8595ec8
---------------------------
dev-manual/layers.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 40af24177
---------------------------
dev-manual/layers.rst: re-organize the document
The first section of the layers document shows how to manually create a
layer step-by-step, and references bitbake-layers create-layer at the
end. Change the approach of this section to show how to use the
bitbake-layers create-layer command to create a layer, and then explain
how a layer is organized and configured. This avoids repetition, and we
should encourage users to use pre-built tools when they can do things in
a less error-prone way.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d96a93b1c
---------------------------
dev-manual/external-toolchain.rst: remove obsolete poky repo references
Remove the single poky repository reference in this document, after the
poky repository was obsoleted.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 8a8a4d77e
---------------------------
dev-manual/error-reporting-tool.rst: remove obsolete poky repo references
Remove the single poky repository reference in this document, after the
poky repository was obsoleted.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 27cfed1fc
---------------------------
dev-manual/debugging.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 2c45968fd
---------------------------
dev-manual/building.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core
in most cases.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 472a5c353
---------------------------
contributor-guide/submit-changes.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core
in most cases.
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b47987aba
---------------------------
kernel-dev/advanced.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core
in most cases, and refer to bitbake-setup or the manual setup in the
intro.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 05a506686
---------------------------
bsp-guide/bsp.rst: remove obsolete poky repo references
Remove references to the Poky repository, replace by OpenEmbedded-Core
in most cases, and refer to bitbake-setup or the manual setup in the
intro.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 68586e603
---------------------------
dev-manual/start.rst: remove obsolete poky repo references
The Poky repository has stopped being updated in favor of bitbake-setup
or manual clones of the required repositories. Simplify the document by
making references to these guides as well as removing sections that
are covered in the references documents.
Keep a "Initializing the Build Environment" as this task is common and
referenced in different places in the documentation.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: a7c169229
---------------------------
dev-manual/poky-manual-setup.rst: remove obsolete poky repo references
The commit "dev-manual/start.rst: simplify the document after poky
obsolescence" removed some of the information related to source archives
published on downloads.yoctoproject.org. Mention it in this document as
it makes sense to use those when manually setting up a Poky build.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0b909e6c8
---------------------------
transitioning-to-a-custom-environment.rst: remove obsolete poky repo references
- Use :term: for Poky.
- Mention use of fragments instead of local.conf.
- Remove Yocto < 2.4 reference.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d7d5ddeda
---------------------------
tree-wide: figures: remove title PNGs
We used to have banners at the top of each main section before we
migrated to Sphinx and those aren't used anymore, so let's remove them
from the tree.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: fdc14a205
---------------------------
ref-manual/terms.rst: refresh the OpenEmbedded build system definition
Remove the mention of Poky containing BitBake, just mention BitBake.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: b42c033bf
---------------------------
dev-manual/poky-manual-setup.rst: mention the Source Directory
After switching to the new definition of "Source Directory", i.e. the
base directory for your project (which used to be poky), mention it in
this document on manually setting up the layers for a project. As stated
in terms.rst, use "project" for the directory name.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 9ad8a0aa7
---------------------------
ref-manual/terms.rst: simplify the Source Directory definition
Now that we no longer have Poky around, simplify the Source Directory
definition:
- Make references to existing documents that show how to create this
Source Directory.
- This directory contains sources, the layout in which they are
presented does not matter so much, as it can be different and/or
freeform depending on whether we use bitbake-setup or not.
The definition chooses "bitbake-builds" as the name of the source directory
and is the one that should be used when showing examples in the
documentation.
A typical Source Directory would look like the following:
bitbake-builds/
├── build/
└── layers/
Other parts of the documentation referencing to this as the Poky
repository still have to be updated.
This will also mean that this definition will be used a lot less across
the documentation: in most cases, when the "Source Directory" is
referenced as the Poky repository, it can be replaced by
OpenEmbedded-Core, Bitbake, the documentation, or meta-yocto. We'll keep
this definition around regardless, as it can be useful to denote this
group of directories in a more general sense.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: dd328b79a
---------------------------
ref-manual/terms.rst: refresh the OpenEmbedded-Core definition
After the Poky repository obsolescence, refresh the OpenEmbedded-Core
definition.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 476780d77
---------------------------
ref-manual/terms.rst: refresh the Build Directory definition
After the Poky repository obsolescence, refresh the build directory
definition. Fix the formatting and indenting issues while at it.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 6256a73d7
---------------------------
migration-guides: add release notes for 5.0.15
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 52ec12522
---------------------------
sdk-manual: appendix-obtain: fix default path for eSDK installer script
The eSDK installer script installs in poky_sdk directory but under the
user's home directory so let's make that explicit.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ede411d70
---------------------------
sdk-manual: using: fix SDK filename example
I'm pretty sure we meant to use the DISTRO poky.yaml.in placeholder
which can only be replaced when surrounding by & and ; characters.
Therefore let's fix this oversight.
Also, the example isn't actually pointing at the snapshot, but the
actual release, so let's reword that as well so it matches the example.
I decided to do that instead of adding +snapshot to the filename because
the example in the next section is actually using that same filename so
for consistency it seemed more appropriate.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 41ee642c3
---------------------------
sdk-manual: appendix-obtain: use parsed-literal block for naming convention of the installer scripts
It's easier on the eye to use a parsed-literal block for highlighting
things that must be changed than simply stating the word, so this makes
use of a parsed-literal block instead of a simple inline code-block and
also highlight in italic which words are placeholders.
Also make the explanation below the literal-block use the same
highlighting (italic).
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: ffaea8391
---------------------------
sdk-manual: delete sdk-title PNG
It hasn't been used since the migration to Sphinx so let's remove it.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 39fb14879
---------------------------
sdk-manual: replace sdk-environment PNG with SVG
This replaces the PNG figure with an SVG.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 77b24b4a8
---------------------------
sdk-manual: appendix-obtain: replace eSDK directory structure PNG with a parsed-literal block
This PNG is totally unnecessary and makes accessibility much worse, so
let's simply replace the PNG with a parsed-literal block showing the
same directory layout with the same highlighted placeholders.
While at it, update the layout to match the more recent one (5.0.15) and
have it alphabetically sorted (mixed files and directories).
The placeholders are highlighted the same way inside and outside the
parsed-literal block for consistency.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 0c68497ec
---------------------------
sdk-manual: appendix-obtain: replace directory structure PNG with a parsed-literal block
This PNG is totally unnecessary and makes accessibility much worse, so
let's simply replace the PNG with a parsed-literal block showing the
same directory layout with the same highlighted placeholders.
While at it, update the layout to match the more recent one (5.0.15) and
have it alphabetically sorted (mixed files and directories).
The placeholders are highlighted the same way inside and outside the
parsed-literal block for consistency.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: d682bce63
---------------------------
sdk-manual: appending-customizing: use none lexer for BitBake code blocks
No lexer exists for BitBake right now, so let's simply disable the lexer
entirely by using the "none" lexer.
I'm using "none" instead of "text" to be able to "easily" replace none
code blocks the day a BitBake lexer exists. I "reserve" "text" for
actual text content (e.g. a filename, or the output of a command line
without the command line).
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 10d40604c
---------------------------
sdk-manual: working-projects: properly highlight code code-blocks
There are some blocks containing C code so highlight them as C with the
"c" lexer.
For autotool'ed files, there's no lexer available so "none" will do just
fine.
Finally, there's one Makefile code block so highlight it with the
"makefile" lexer.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 04c883216
---------------------------
sdk-manual: fix improper indent of general form of tarball installer scripts
poky-glibc-host_system-image_type-arch-toolchain-ext-release_version.sh
is in a code-block and thus requires to be indented (it is). Sphinx
knows a block has ended when the indentation of the next line is smaller
than in the block, otherwise it's all in the same block.
The explanation of the replaceable parts in the tarball installer script
filename should be text and not part of the block, so let's do that.
While at it, reformat by putting each replaceable part in a bullet list,
highlight the replaceable part or what it can replaced with as well as
putting the replacement on the same line instead of making it a quote by
having them indented in the bullet list.
Finally, replace the literal block (::) with a parsed-literal block so
we can highlight the placeholders appropriately.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: c6039ce11
---------------------------
sdk-manual: fix incorrect highlight language for console code-blocks
When unspecified in conf.py via the highlight_language variable (and
highlight variable for code-blocks), the lexer used for literal blocks
is "default" which tries to highlight the block as Python code.
These blocks aren't Python but simple command lines prefixed by a
prompt so let's use the "console" lexer to properly highlight.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---------------------------
Commit: 72354c270
---------------------------
sdk-manual: fix incorrect highlight language for text code-blocks
When unspecified in conf.py via the highlight_language variable (and
highlight variable for code-blocks), the lexer used for literal blocks
is "default" which tries to highlight the block as Python code.
These blocks aren't Python but either simply the console output or a
file name (which we should probably just double tick-quote instead), so
let's render those blocks with the "text" lexer.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-691_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-690_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-690_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-689_default.lock.xml
cfg-mgr
---------------------------
Commit: 51b8ab3
---------------------------
CSNMR-4963: Add a timestamp to all outgoing event messages
All agents that rely on the BaseCfgEvent and BaseEventEmitter classes
will now get a timestamp field in the outgoing messages. If the agent
already includes a timestamp field in the payload's top level, then that
will be the one that is kept in the final published message since it is
closer to the actual event.
The asyncapi base_event_msg spec defines the timestamp as optional, so
the transition to adding this timestamp will be seamless. Applications will
work for older versions that don't have a timestamp, and this version will
begin producing it.
Unit tests are updated.
judo-api-specs
---------------------------
Commit: 96f7528
---------------------------
CSNMR-4963: Add timestamp spec for all outgoing event messages
By adding timestamp to the base_event_msg spec, all outgoing event
messages may now have a timestamp with a defined format. It is optional
so that the spec is compatible with older versions of the spec and
code implementations.
A corresponding change is expected to be made in the cfg-mgr base
classes to automatically add a timestamp. Although agents can
optionally add this timestamp to get a slightly more accurate time
for when the event took place.
The timestamp has date-time format (ISO 8601) like produced
by the Python datetime.now().isoformat() function.
judo-cfg-agents
---------------------------
Commit: a4d141a
---------------------------
CSNMR-4963: Update unit tests to handle the new timestamp field
Cfg-mgr now adds a timestamp field to all messages published with
the BaseEventEmitter and BaseCfgEvent classes. The unit tests
failed when comparing expected output with actual output payloads.
This change is to fix the unit tests to drop the timestamp before
doing the comparisons.
---------------------------
Commit: fb0cbb4
---------------------------
CSNMR-4963: Update reference to cfg-mgr
The cfg-mgr libraries are updated and this changes pyproject.toml to
reference the updated hash.
The cfg-mgr base BaseEventEmitter class now adds a timestamp to outgoing
event messages.
---------------------------
Commit: 6dcf9b4
---------------------------
CSNMR-4963: Update SRCREV for judo-api-specs
---------------------------
Commit: fede53b
---------------------------
CSNMR-4963: Update SRCREV for cfg-mgr and judo-cfg-agents
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-689_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-687_default.lock.xml
manifest-judo
---------------------------
Commit: 5fe14e4
---------------------------
Remove sumo logic from bamboo-build
There was previous logic that pinned sumo to only build a
couple images instead of what was passed into the script
arguments. That logic has been removed and it will build
anything passed in as an argument
Signed-off-by: Brady Hill <brady_hill@trimble.com>
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-687_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-686_default.lock.xml
judo-auto-test
---------------------------
Commit: b036731
---------------------------
CSNMR-5479 Increase timeout for SUB Event Diag Sys Resource test
- Fix the intermittent timeout that occurs when
sending 'event/diag/sys/resources' toping and
waiting for a response. The was increased from
30s to 45s
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-686_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-685_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-685_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-684_default.lock.xml
judo-cfg-agents
---------------------------
Commit: caf9ffb
---------------------------
CSNMR-5407: Fix the snapshot tar to keep going on errors
A case was found where the tar.add function could not open a listed
file and cancelled the snapshot. Since we want to get the snapshot
even if a file could not be read, it now continues after logging
a warning with an error message.
Unit tests are updated to test the new exception handler. Some
redundant unit tests are removed.
---------------------------
Commit: a002332
---------------------------
CSNMR-5407: Update SRCREV for judo-cfg-agents
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-684_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-683_default.lock.xml
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-683_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-682_default.lock.xml
judo-auto-test
---------------------------
Commit: 06f9f1d
---------------------------
CSNMR-5434 Refactor judmwttlibrary featurelibs for new keywords
- Refactor all of the feature libs to use the new
refactored single word keywords
---------------------------
Commit: ec26b88
---------------------------
CSNMR-5434 Refactor judomqttlibrary single word keywords
- Refactored single word keywords in mqttcommand.py
and abstract_device_lib.py to be multi-word and
more descriptive of what the keyword actually does.
The keywords affected were connect(), disconnect(),
publish(), and subscribe().
Additionally this resolves issues with linter
warning that Robot Framework keywords are not
to spec.
- Retained origial single work keywords for backward
compatibility and marked as depricated. Then
from these each old keyword calls the new
improved keyword name
- Updated incorrect keyword examples
---------------------------
Commit: 1f786bb
---------------------------
CSNMR-5444 Add repeating pub gnss lease keyword
- Added keywords gnss.resource file which contains
keywords to support GNSS operations
- Added Repeat Publish GNSS Lease keyword. This
keyword basically allows GNSS Lease keep-alive
by sending a gnss lease publish for some
number times with a wait period between each
send.
Commit
summaries (start not end) from
CC-JUDO-BUILDJUDOHSPROD-682_default.lock.xml vs
CC-JUDO-BUILDJUDOHSPROD-681_default.lock.xml
manifest-judo
---------------------------
Commit: cefa5d6
---------------------------
CI: bugfix: artifact Sumo full bundles