[OE-core][kirkstone 00/27] Patch review

[OE-core][kirkstone 00/27] Patch review

[Steve Sakoman]

Please review this set of patches for kirkstone and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3547

The following changes since commit d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:

  lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alexander Kanavin (1):
  webkitgtk: adjust patch status

Davide Gardenal (1):
  create-spdx: fix error when symlink cannot be created

Ferry Toth (2):
  apt: add apt selftest to test signed package feeds
  package_manager: fix missing dependency on gnupg when signing deb
    package feeds

Jon Mason (1):
  qemuarm64: use virtio pci interfaces

Kai Kang (1):
  update_udev_hwdb: fix multilib issue with systemd

Khem Raj (5):
  babeltrace: Disable warnings as errors
  xserver-xorg: Fix build with gcc12
  systemtap: Fix build with gcc-12
  gnupg: Disable FORTIFY_SOURCES on mips
  mdadm: Drop clang specific cflags

Konrad Weihmann (2):
  git: correct license
  ncurses: use COPYING file

Martin Jansa (1):
  systemd-boot: remove outdated EFI_LD comment

Paulo Neves (1):
  selftest/lic_checksum: Add test for filename containing space

Peter Kjellerstedt (2):
  u-boot: Correct the SRC_URI
  u-boot: Inherit pkgconfig

Richard Purdie (1):
  buildtools-tarball: Only add cert envvars if certs are included

Ross Burton (1):
  zlib: upgrade to 1.2.12

wangmy (5):
  linux-firmware: upgrade 20220310 -> 20220411
  libsoup: upgrade 3.0.5 -> 3.0.6
  apt: upgrade 2.4.3 -> 2.4.4
  libusb1: upgrade 1.0.25 -> 1.0.26
  libgit2: upgrade 1.4.2 -> 1.4.3

zhengruoqin (3):
  wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
  git: upgrade 2.35.2 -> 2.35.3
  ruby: upgrade 3.1.1 -> 3.1.2

 meta/classes/create-spdx.bbclass              |  10 +-
 meta/classes/sign_package_feed.bbclass        |   1 +
 meta/conf/machine/qemuarm64.conf              |   8 +-
 meta/lib/oeqa/runtime/cases/apt.py            |  38 +-
 meta/lib/oeqa/selftest/cases/lic_checksum.py  |  18 +
 meta/lib/oeqa/selftest/cases/runtime_test.py  |  38 ++
 meta/recipes-bsp/u-boot/u-boot-common.inc     |   6 +-
 meta/recipes-core/meta/buildtools-tarball.bb  |   6 +-
 meta/recipes-core/ncurses/ncurses.inc         |   2 +-
 .../systemd/systemd-boot_250.4.bb             |   1 -
 meta/recipes-core/systemd/systemd_250.4.bb    |   5 -
 meta/recipes-core/udev/eudev_3.2.10.bb        |   4 -
 ...configure-Pass-LDFLAGS-to-link-tests.patch |  25 +-
 .../zlib/zlib/CVE-2018-25032.patch            | 347 ------------------
 meta/recipes-core/zlib/zlib/cc.patch          |  27 ++
 .../zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb}   |   7 +-
 .../apt/{apt_2.4.3.bb => apt_2.4.4.bb}        |   2 +-
 .../git/{git_2.35.2.bb => git_2.35.3.bb}      |  15 +-
 .../ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb}     |   2 +-
 meta/recipes-extended/mdadm/mdadm_4.2.bb      |   2 -
 .../0001-render-Fix-build-with-gcc-12.patch   |  90 +++++
 .../xorg-xserver/xserver-xorg_21.1.3.bb       |   1 +
 ...20220310.bb => linux-firmware_20220411.bb} |   4 +-
 .../recipes-kernel/lttng/babeltrace2_2.0.4.bb |   2 +-
 ...ility-re-tweak-for-rhel6-use-functio.patch |  49 +++
 .../recipes-kernel/systemtap/systemtap_git.bb |   3 +-
 ....02.18.bb => wireless-regdb_2022.04.08.bb} |   2 +-
 ...spection.cmake-prefix-variables-obta.patch |   5 +-
 meta/recipes-support/gnupg/gnupg_2.3.4.bb     |   3 +
 .../{libgit2_1.4.2.bb => libgit2_1.4.3.bb}    |   2 +-
 .../{libsoup_3.0.5.bb => libsoup_3.0.6.bb}    |   2 +-
 .../{libusb1_1.0.25.bb => libusb1_1.0.26.bb}  |   2 +-
 scripts/postinst-intercepts/update_udev_hwdb  |   5 +-
 33 files changed, 322 insertions(+), 412 deletions(-)
 delete mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
 create mode 100644 meta/recipes-core/zlib/zlib/cc.patch
 rename meta/recipes-core/zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} (83%)
 rename meta/recipes-devtools/apt/{apt_2.4.3.bb => apt_2.4.4.bb} (97%)
 rename meta/recipes-devtools/git/{git_2.35.2.bb => git_2.35.3.bb} (86%)
 rename meta/recipes-devtools/ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} (97%)
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220310.bb => linux-firmware_20220411.bb} (99%)
 create mode 100644 meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.02.18.bb => wireless-regdb_2022.04.08.bb} (94%)
 rename meta/recipes-support/libgit2/{libgit2_1.4.2.bb => libgit2_1.4.3.bb} (91%)
 rename meta/recipes-support/libsoup/{libsoup_3.0.5.bb => libsoup_3.0.6.bb} (94%)
 rename meta/recipes-support/libusb/{libusb1_1.0.25.bb => libusb1_1.0.26.bb} (94%)

-- 
2.25.1

[OE-core][kirkstone 01/27] systemd-boot: remove outdated EFI_LD comment

[Steve Sakoman]

From: Martin Jansa <Martin.Jansa@gmail.com>

* efi-ld meson option was changed in systemd 250:
  https://github.com/systemd/systemd/commit/fe330f02dfebbaa462e0f4590de1049e47da54b9

  the value was changed with the systemd upgrade in:
  https://git.openembedded.org/openembedded-core/commit/?id=e22188e47d2fce2406d9db9c95289b3878eda69f
  but the comment originally from:
  https://git.openembedded.org/openembedded-core/commit/?id=603e50f3db224a0e36a65decb9a98df41b9e22b3
  no longer makes any sense, remove it

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c14dbe3d3c1abf5f95310162288f861bfd312900)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/systemd/systemd-boot_250.4.bb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/meta/recipes-core/systemd/systemd-boot_250.4.bb b/meta/recipes-core/systemd/systemd-boot_250.4.bb
index 23a64bf30d..b67706b731 100644
--- a/meta/recipes-core/systemd/systemd-boot_250.4.bb
+++ b/meta/recipes-core/systemd/systemd-boot_250.4.bb
@@ -19,7 +19,6 @@ objcopy = ${@meson_array('OBJCOPY', d)}
 EOF
 }
 
-# need to use ${HOST_PREFIX} here, otherwise ld.bfd could be used from HOSTTOOLS_NONFATAL
 EFI_LD = "bfd"
 
 EXTRA_OEMESON += "-Defi=true \
-- 
2.25.1

[OE-core][kirkstone 02/27] qemuarm64: use virtio pci interfaces

[Steve Sakoman]

From: Jon Mason <jdmason@kudzu.us>

The virtio PCI devices seemed to be required for this machine for some
versions of qemu (based on errors from running qemu saying that the
devices don't exist).  Changes to the entries here is all that is needed
to get it working.

Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 217deeb43036d1a046d6c5ea2c1ccdb94d3d605a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/machine/qemuarm64.conf | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/conf/machine/qemuarm64.conf b/meta/conf/machine/qemuarm64.conf
index f245152168..ffc51c803f 100644
--- a/meta/conf/machine/qemuarm64.conf
+++ b/meta/conf/machine/qemuarm64.conf
@@ -23,9 +23,9 @@ QB_GRAPHICS = "-device virtio-gpu-pci"
 QB_OPT_APPEND = "-device qemu-xhci -device usb-tablet -device usb-kbd"
 # Virtio Networking support
 QB_TAP_OPT = "-netdev tap,id=net0,ifname=@TAP@,script=no,downscript=no"
-QB_NETWORK_DEVICE = "-device virtio-net-device,netdev=net0,mac=@MAC@"
+QB_NETWORK_DEVICE = "-device virtio-net-pci,netdev=net0,mac=@MAC@"
 # Virtio block device
-QB_ROOTFS_OPT = "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-device,drive=disk0"
+QB_ROOTFS_OPT = "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-pci,drive=disk0"
 # Virtio serial console
-QB_SERIAL_OPT = "-device virtio-serial-device -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
-QB_TCPSERIAL_OPT = "-device virtio-serial-device -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
+QB_SERIAL_OPT = "-device virtio-serial-pci -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
+QB_TCPSERIAL_OPT = "-device virtio-serial-pci -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
-- 
2.25.1

[OE-core][kirkstone 03/27] selftest/lic_checksum: Add test for filename containing space

[Steve Sakoman]

From: Paulo Neves <ptsneves@gmail.com>

A fix is being added to bitbake to correctly handle spaces inside
checksum filenames. Add a test to oe-selftest to ensure this is
tested and doesn't regress in future.

Signed-off-by: Paulo Neves <ptsneves@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 324109f034f069ee3e91a1a705b3449911a448de)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/lic_checksum.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/lic_checksum.py b/meta/lib/oeqa/selftest/cases/lic_checksum.py
index f8681ed755..8f1226e6a5 100644
--- a/meta/lib/oeqa/selftest/cases/lic_checksum.py
+++ b/meta/lib/oeqa/selftest/cases/lic_checksum.py
@@ -4,12 +4,30 @@
 
 import os
 import tempfile
+import urllib
 
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import bitbake
 
 class LicenseTests(OESelftestTestCase):
 
+    def test_checksum_with_space(self):
+        bitbake_cmd = '-c populate_lic emptytest'
+
+        lic_file, lic_path = tempfile.mkstemp(" -afterspace")
+        os.close(lic_file)
+        #self.track_for_cleanup(lic_path)
+
+        self.write_config("INHERIT:remove = \"report-error\"")
+
+        self.write_recipeinc('emptytest', """
+INHIBIT_DEFAULT_DEPS = "1"
+LIC_FILES_CHKSUM = "file://%s;md5=d41d8cd98f00b204e9800998ecf8427e"
+SRC_URI = "file://%s;md5=d41d8cd98f00b204e9800998ecf8427e"
+""" % (urllib.parse.quote(lic_path), urllib.parse.quote(lic_path)))
+        result = bitbake(bitbake_cmd)
+
+
     # Verify that changing a license file that has an absolute path causes
     # the license qa to fail due to a mismatched md5sum.
     def test_nonmatching_checksum(self):
-- 
2.25.1

[OE-core][kirkstone 04/27] buildtools-tarball: Only add cert envvars if certs are included

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Users may or may not include the certificates in buildtools. Only set the
appropriate variables if they're present.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0945a2a5d7c41af22e222a116aafacb4beee54d2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/buildtools-tarball.bb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/meta/buildtools-tarball.bb b/meta/recipes-core/meta/buildtools-tarball.bb
index f9f36e68c4..6b59e4934d 100644
--- a/meta/recipes-core/meta/buildtools-tarball.bb
+++ b/meta/recipes-core/meta/buildtools-tarball.bb
@@ -69,8 +69,10 @@ create_sdk_files:append () {
 	touch $script
 	echo 'export PATH=${SDKPATHNATIVE}${bindir_nativesdk}:${SDKPATHNATIVE}${sbindir_nativesdk}:${SDKPATHNATIVE}${base_bindir_nativesdk}:${SDKPATHNATIVE}${base_sbindir_nativesdk}:$PATH' >> $script
 	echo 'export OECORE_NATIVE_SYSROOT="${SDKPATHNATIVE}"' >> $script
-	echo 'export GIT_SSL_CAINFO="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
-	echo 'export SSL_CERT_FILE="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
+	if [ -e "${SDK_OUTPUT}${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt" ]; then
+		echo 'export GIT_SSL_CAINFO="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
+		echo 'export SSL_CERT_FILE="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
+	fi
 
 	toolchain_create_sdk_version ${SDK_OUTPUT}/${SDKPATH}/version-${SDK_SYS}
 
-- 
2.25.1

[OE-core][kirkstone 05/27] babeltrace: Disable warnings as errors

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

These settings are good for developers/maintainers but for distributions
generally disabling them turns out to be better especially when there is
a knob to do so. This fixes build with gcc-12 which find additional
warnings

    inlined from 'bt_ctf_object_set_parent' at ../../../git/src/ctf-writer/object.h:120:6,
    inlined from 'bt_ctf_trace_common_add_stream_class' at ../../../git/src/ctf-writer/trace.c:1243:3:
../../../git/src/ctf-writer/object.h:141:26: error: null pointer dereference [-Werror=null-dereference]
  141 |                 if (child->parent) {
      |                     ~~~~~^~~~~~~~
../../../git/src/ctf-writer/object.h:141:26: error: null pointer dereference [-Werror=null-dereference]
cc1: all warnings being treated as errors

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1898d10dd4d4372823e6c8b8c4ed28604e692365)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb b/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb
index 248b84e98d..b48f07ea0d 100644
--- a/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb
+++ b/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb
@@ -19,7 +19,7 @@ S = "${WORKDIR}/git"
 
 inherit autotools pkgconfig ptest python3targetconfig
 
-EXTRA_OECONF = "--disable-debug-info"
+EXTRA_OECONF = "--disable-debug-info --disable-Werror"
 
 PACKAGECONFIG ??= "manpages"
 PACKAGECONFIG[manpages] = ", --disable-man-pages, asciidoc-native xmlto-native"
-- 
2.25.1

[OE-core][kirkstone 06/27] xserver-xorg: Fix build with gcc12

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

backport patch to silence new array-bounds warnings

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 54fa74e6e60472e10f1a11b3daa8ee9f00f0c9d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../0001-render-Fix-build-with-gcc-12.patch   | 90 +++++++++++++++++++
 .../xorg-xserver/xserver-xorg_21.1.3.bb       |  1 +
 2 files changed, 91 insertions(+)
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch
new file mode 100644
index 0000000000..df9332fae7
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch
@@ -0,0 +1,90 @@
+From 12041ad0610f1345d6b9994c32943fd4dd01f65d Mon Sep 17 00:00:00 2001
+From: Olivier Fourdan <ofourdan@redhat.com>
+Date: Thu, 20 Jan 2022 10:20:38 +0100
+Subject: [PATCH] render: Fix build with gcc 12
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The xserver fails to compile with the latest gcc 12:
+
+ render/picture.c: In function ‘CreateSolidPicture’:
+ render/picture.c:874:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds]
+  874 |     pPicture->pSourcePict->type = SourcePictTypeSolidFill;
+      |                          ^~
+ render/picture.c:868:45: note: object of size 16 allocated by ‘malloc’
+  868 |     pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill));
+      |                                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ render/picture.c: In function ‘CreateLinearGradientPicture’:
+ render/picture.c:906:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds]
+  906 |     pPicture->pSourcePict->linear.type = SourcePictTypeLinear;
+      |                          ^~
+ render/picture.c:899:45: note: object of size 32 allocated by ‘malloc’
+  899 |     pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient));
+      |                                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ render/picture.c: In function ‘CreateConicalGradientPicture’:
+ render/picture.c:989:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds]
+  989 |     pPicture->pSourcePict->conical.type = SourcePictTypeConical;
+      |                          ^~
+ render/picture.c:982:45: note: object of size 32 allocated by ‘malloc’
+  982 |     pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient));
+      |                                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ cc1: some warnings being treated as errors
+ ninja: build stopped: subcommand failed.
+
+This is because gcc 12 has become stricter and raises a warning now.
+
+Fix the warning/error by allocating enough memory to store the union
+struct.
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/c6b0dcb82d4db07a2f32c09a8c09c85a5f57248e]
+Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
+Acked-by: Michel Dänzer <mdaenzer@redhat.com>
+Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1256
+---
+ render/picture.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/render/picture.c b/render/picture.c
+index afa0d25..2be4b19 100644
+--- a/render/picture.c
++++ b/render/picture.c
+@@ -865,7 +865,7 @@ CreateSolidPicture(Picture pid, xRenderColor * color, int *error)
+     }
+ 
+     pPicture->id = pid;
+-    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill));
++    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict));
+     if (!pPicture->pSourcePict) {
+         *error = BadAlloc;
+         free(pPicture);
+@@ -896,7 +896,7 @@ CreateLinearGradientPicture(Picture pid, xPointFixed * p1, xPointFixed * p2,
+     }
+ 
+     pPicture->id = pid;
+-    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient));
++    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict));
+     if (!pPicture->pSourcePict) {
+         *error = BadAlloc;
+         free(pPicture);
+@@ -936,7 +936,7 @@ CreateRadialGradientPicture(Picture pid, xPointFixed * inner,
+     }
+ 
+     pPicture->id = pid;
+-    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictRadialGradient));
++    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict));
+     if (!pPicture->pSourcePict) {
+         *error = BadAlloc;
+         free(pPicture);
+@@ -979,7 +979,7 @@ CreateConicalGradientPicture(Picture pid, xPointFixed * center, xFixed angle,
+     }
+ 
+     pPicture->id = pid;
+-    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient));
++    pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict));
+     if (!pPicture->pSourcePict) {
+         *error = BadAlloc;
+         free(pPicture);
+-- 
+2.35.1
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb
index 3e076ecca7..1f53ab5177 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb
@@ -2,6 +2,7 @@ require xserver-xorg.inc
 
 SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \
             file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \
+            file://0001-render-Fix-build-with-gcc-12.patch \
             "
 SRC_URI[sha256sum] = "61d6aad5b6b47a116b960bd7f0cba4ee7e6da95d6bb0b127bde75d7d1acdebe5"
 
-- 
2.25.1

[OE-core][kirkstone 07/27] systemtap: Fix build with gcc-12

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

Backport a patch to fix
| ../git/util.cxx:1766:56: error: 'std::pointer_to_unary_function<_Arg, _Result> std::ptr_fun(_Result (*)(_Arg)) [with _Arg = int; _Result = int]' is deprecated: use 'std::function' instea
d [-Werror=deprecated-declarations]
|  1766 |                        std::not1(std::ptr_fun<int, int>(std::isspace))));
|       |                                  ~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0b360d12203aafd8bf96433d11221a6ed910a11f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...ility-re-tweak-for-rhel6-use-functio.patch | 49 +++++++++++++++++++
 .../recipes-kernel/systemtap/systemtap_git.bb |  3 +-
 2 files changed, 51 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch

diff --git a/meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch b/meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch
new file mode 100644
index 0000000000..f885c44460
--- /dev/null
+++ b/meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch
@@ -0,0 +1,49 @@
+From f199d1982ef8a6c6d5c06c082d057b8793bcc6aa Mon Sep 17 00:00:00 2001
+From: Serhei Makarov <serhei@serhei.io>
+Date: Fri, 21 Jan 2022 18:21:46 -0500
+Subject: [PATCH] gcc12 c++ compatibility re-tweak for rhel6: use function
+ pointer instead of lambdas instead of ptr_fun<>
+
+Saving 2 lines in ltrim/rtrim is probably not a good reason to drop
+compatibility with the RHEL6 system compiler.  Actually declaring a
+named function and passing the function pointer is compatible with
+everything.
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=systemtap.git;a=commit;h=f199d1982ef8a6c6d5c06c082d057b8793bcc6aa]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ util.cxx | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+--- a/util.cxx
++++ b/util.cxx
+@@ -1757,21 +1757,24 @@ flush_to_stream (const string &fname, os
+   return 1; // Failure
+ }
+ 
++int
++not_isspace(unsigned char c)
++{
++  return !std::isspace(c);
++}
++
+ // trim from start (in place)
+ void
+ ltrim(std::string &s)
+ {
+-  s.erase(s.begin(),
+-	  std::find_if(s.begin(), s.end(),
+-		       std::not1(std::ptr_fun<int, int>(std::isspace))));
++  s.erase(s.begin(), std::find_if(s.begin(), s.end(), not_isspace));
+ }
+ 
+ // trim from end (in place)
+ void
+ rtrim(std::string &s)
+ {
+-  s.erase(std::find_if(s.rbegin(), s.rend(),
+-	  std::not1(std::ptr_fun<int, int>(std::isspace))).base(), s.end());
++  s.erase(std::find_if(s.rbegin(), s.rend(), not_isspace).base(), s.end());
+ }
+ 
+ // trim from both ends (in place)
diff --git a/meta/recipes-kernel/systemtap/systemtap_git.bb b/meta/recipes-kernel/systemtap/systemtap_git.bb
index 04f7e03ab5..ce86d5274d 100644
--- a/meta/recipes-kernel/systemtap/systemtap_git.bb
+++ b/meta/recipes-kernel/systemtap/systemtap_git.bb
@@ -7,7 +7,8 @@ HOMEPAGE = "https://sourceware.org/systemtap/"
 require systemtap_git.inc
 
 SRC_URI += "file://0001-improve-reproducibility-for-c-compiling.patch \
-           file://0001-staprun-address-ncurses-6.3-failures.patch \
+            file://0001-staprun-address-ncurses-6.3-failures.patch \
+            file://0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch \
            "
 
 DEPENDS = "elfutils"
-- 
2.25.1

[OE-core][kirkstone 08/27] gnupg: Disable FORTIFY_SOURCES on mips

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

This is a workaround for issue reported with gcc12 [1]

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105234

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8b8259e070c582d0c566535a3559aa712148efc0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/gnupg/gnupg_2.3.4.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-support/gnupg/gnupg_2.3.4.bb b/meta/recipes-support/gnupg/gnupg_2.3.4.bb
index 81361d902c..d27bddb8bd 100644
--- a/meta/recipes-support/gnupg/gnupg_2.3.4.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.3.4.bb
@@ -83,3 +83,6 @@ PACKAGECONFIG[gnutls] = "--enable-gnutls, --disable-gnutls, gnutls"
 PACKAGECONFIG[sqlite3] = "--enable-sqlite, --disable-sqlite, sqlite3"
 
 BBCLASSEXTEND = "native nativesdk"
+
+lcl_maybe_fortify:mipsarch = ""
+
-- 
2.25.1

[OE-core][kirkstone 09/27] mdadm: Drop clang specific cflags

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

This option is no longer needed

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8d7130937ea4e47f0fa4d23c1c8394e3ca3f939b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/mdadm/mdadm_4.2.bb | 2 --
 1 file changed, 2 deletions(-)

diff --git a/meta/recipes-extended/mdadm/mdadm_4.2.bb b/meta/recipes-extended/mdadm/mdadm_4.2.bb
index 1c2fc8c37a..19035caaec 100644
--- a/meta/recipes-extended/mdadm/mdadm_4.2.bb
+++ b/meta/recipes-extended/mdadm/mdadm_4.2.bb
@@ -35,8 +35,6 @@ DEPENDS = "udev"
 SYSTEMD_SERVICE:${PN} = "mdmonitor.service"
 SYSTEMD_AUTO_ENABLE = "disable"
 
-CFLAGS:append:toolchain-clang = " -Wno-error=address-of-packed-member"
-
 # PPC64 and MIPS64 uses long long for u64 in the kernel, but powerpc's asm/types.h
 # prevents 64-bit userland from seeing this definition, instead defaulting
 # to u64 == long in userspace. Define __SANE_USERSPACE_TYPES__ to get
-- 
2.25.1

[OE-core][kirkstone 10/27] apt: add apt selftest to test signed package feeds

[Steve Sakoman]

From: Ferry Toth <ftoth@exalondelft.nl>

Since Gatesgarth apt (1.8.2) has become more strict and doesn’t allow unsigned repositories by default.
Currently when building images this requirement is worked around by using [allow-insecure=yes] and
equivalently when performing selftest.

Patches "gpg-sign: Add parameters to gpg signature function" and "package_manager: sign DEB package feeds"
enable signed DEB package feeds. This patch adds a runtime test for apt derived from the test_testimage_dnf
test. It creates a signed deb package feed, runs a qemu image to install the key and performs some package
management. To be able to install the key the gnupg package is added to the testimage.

Signed-off-by: Ferry Toth <ftoth@exalondelft.nl>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3ec30490d09d6639eea2638cf12a323948f221cc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/runtime/cases/apt.py           | 38 ++++++++++++++++----
 meta/lib/oeqa/selftest/cases/runtime_test.py | 38 ++++++++++++++++++++
 2 files changed, 69 insertions(+), 7 deletions(-)

diff --git a/meta/lib/oeqa/runtime/cases/apt.py b/meta/lib/oeqa/runtime/cases/apt.py
index 53745df93f..574a34f148 100644
--- a/meta/lib/oeqa/runtime/cases/apt.py
+++ b/meta/lib/oeqa/runtime/cases/apt.py
@@ -21,7 +21,7 @@ class AptRepoTest(AptTest):
 
     @classmethod
     def setUpClass(cls):
-        service_repo = os.path.join(cls.tc.td['DEPLOY_DIR_DEB'], 'all')
+        service_repo = os.path.join(cls.tc.td['DEPLOY_DIR_DEB'], '')
         cls.repo_server = HTTPService(service_repo,
                                       '0.0.0.0', port=cls.tc.target.server_port,
                                       logger=cls.tc.logger)
@@ -34,20 +34,44 @@ class AptRepoTest(AptTest):
     def setup_source_config_for_package_install(self):
         apt_get_source_server = 'http://%s:%s/' % (self.tc.target.server_ip, self.repo_server.port)
         apt_get_sourceslist_dir = '/etc/apt/'
-        self.target.run('cd %s; echo deb [ allow-insecure=yes ] %s ./ > sources.list' % (apt_get_sourceslist_dir, apt_get_source_server))
+        self.target.run('cd %s; echo deb [ allow-insecure=yes ] %s/all ./ > sources.list' % (apt_get_sourceslist_dir, apt_get_source_server))
+
+    def setup_source_config_for_package_install_signed(self):
+        apt_get_source_server = 'http:\/\/%s:%s' % (self.tc.target.server_ip, self.repo_server.port)
+        apt_get_sourceslist_dir = '/etc/apt/'
+        self.target.run("cd %s; cp sources.list sources.list.bak; sed -i 's/\[trusted=yes\] http:\/\/bogus_ip:bogus_port/%s/g' sources.list" % (apt_get_sourceslist_dir, apt_get_source_server))
 
     def cleanup_source_config_for_package_install(self):
         apt_get_sourceslist_dir = '/etc/apt/'
         self.target.run('cd %s; rm sources.list' % (apt_get_sourceslist_dir))
 
+    def cleanup_source_config_for_package_install_signed(self):
+        apt_get_sourceslist_dir = '/etc/apt/'
+        self.target.run('cd %s; mv sources.list.bak sources.list' % (apt_get_sourceslist_dir))
+
+    def setup_key(self):
+        # the key is found on the target /etc/pki/packagefeed-gpg/
+        # named PACKAGEFEED-GPG-KEY-poky-branch
+        self.target.run('cd %s; apt-key add P*' % ('/etc/pki/packagefeed-gpg'))
+
     @skipIfNotFeature('package-management',
                       'Test requires package-management to be in IMAGE_FEATURES')
     @skipIfNotDataVar('IMAGE_PKGTYPE', 'deb',
                       'DEB is not the primary package manager')
     @OEHasPackage(['apt'])
     def test_apt_install_from_repo(self):
-        self.setup_source_config_for_package_install()
-        self.pkg('update')
-        self.pkg('remove --yes run-postinsts-dev')
-        self.pkg('install --yes --allow-unauthenticated run-postinsts-dev')
-        self.cleanup_source_config_for_package_install()
+        if not self.tc.td.get('PACKAGE_FEED_GPG_NAME'):
+            self.setup_source_config_for_package_install()
+            self.pkg('update')
+            self.pkg('remove --yes run-postinsts-dev')
+            self.pkg('install --yes --allow-unauthenticated run-postinsts-dev')
+            self.cleanup_source_config_for_package_install()
+        else:
+            # when we are here a key has been set to sign the package feed and
+            # public key and gnupg installed on the image by test_testimage_apt
+            self.setup_source_config_for_package_install_signed()
+            self.setup_key()
+            self.pkg('update')
+            self.pkg('install --yes run-postinsts-dev')
+            self.pkg('remove --yes run-postinsts-dev')
+            self.cleanup_source_config_for_package_install_signed()
diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index 2ad89490fc..3ece617cb0 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -162,6 +162,44 @@ class TestImage(OESelftestTestCase):
         bitbake('core-image-full-cmdline socat')
         bitbake('-c testimage core-image-full-cmdline')
 
+    def test_testimage_apt(self):
+        """
+        Summary: Check package feeds functionality for apt
+        Expected: 1. Check that remote package feeds can be accessed
+        Product: oe-core
+        Author: Ferry Toth <fntoth@gmail.com>
+        """
+        if get_bb_var('DISTRO') == 'poky-tiny':
+            self.skipTest('core-image-full-cmdline not buildable for poky-tiny')
+
+        features = 'INHERIT += "testimage"\n'
+        features += 'TEST_SUITES = "ping ssh apt.AptRepoTest.test_apt_install_from_repo"\n'
+        # We don't yet know what the server ip and port will be - they will be patched
+        # in at the start of the on-image test
+        features += 'PACKAGE_FEED_URIS = "http://bogus_ip:bogus_port"\n'
+        features += 'EXTRA_IMAGE_FEATURES += "package-management"\n'
+        features += 'PACKAGE_CLASSES = "package_deb"\n'
+        # We need  gnupg on the target to install keys
+        features += 'IMAGE_INSTALL:append:pn-core-image-full-cmdline = " gnupg"\n'
+
+        bitbake('gnupg-native -c addto_recipe_sysroot')
+
+        # Enable package feed signing
+        self.gpg_home = tempfile.mkdtemp(prefix="oeqa-feed-sign-")
+        self.track_for_cleanup(self.gpg_home)
+        signing_key_dir = os.path.join(self.testlayer_path, 'files', 'signing')
+        runCmd('gpgconf --list-dirs --homedir %s; gpg -v --batch --homedir %s --import %s' % (self.gpg_home, self.gpg_home, os.path.join(signing_key_dir, 'key.secret')), native_sysroot=get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native"), shell=True)
+        features += 'INHERIT += "sign_package_feed"\n'
+        features += 'PACKAGE_FEED_GPG_NAME = "testuser"\n'
+        features += 'PACKAGE_FEED_GPG_PASSPHRASE_FILE = "%s"\n' % os.path.join(signing_key_dir, 'key.passphrase')
+        features += 'GPG_PATH = "%s"\n' % self.gpg_home
+        features += 'PSEUDO_IGNORE_PATHS .= ",%s"\n' % self.gpg_home
+        self.write_config(features)
+
+        # Build core-image-sato and testimage
+        bitbake('core-image-full-cmdline socat')
+        bitbake('-c testimage core-image-full-cmdline')
+
     def test_testimage_virgl_gtk_sdl(self):
         """
         Summary: Check host-assisted accelerate OpenGL functionality in qemu with gtk and SDL frontends
-- 
2.25.1

[OE-core][kirkstone 11/27] package_manager: fix missing dependency on gnupg when signing deb package feeds

[Steve Sakoman]

From: Ferry Toth <ftoth@exalondelft.nl>

When signing the deb package feed gpg tools are a soft requirement. If gnupg-native
is not declared a dependancy the version from hosttools is used. Unfortunately the
gpg-agent version from Ubuntu 16.04 on the autobuilders is incompatible with the package_index task
and fails during oe-selftest. Fix by making gnupg-native a dependency.

Fixes: 0b4231b5 "package_manager: sign DEB package feeds"
Reported-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Suggested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ferry Toth <ftoth@exalondelft.nl>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c063b658e30a24be9214abc23cd2a16c0260e93e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/sign_package_feed.bbclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/classes/sign_package_feed.bbclass b/meta/classes/sign_package_feed.bbclass
index 16bcd147aa..f1504c2225 100644
--- a/meta/classes/sign_package_feed.bbclass
+++ b/meta/classes/sign_package_feed.bbclass
@@ -27,6 +27,7 @@ inherit sanity
 PACKAGE_FEED_SIGN = '1'
 PACKAGE_FEED_GPG_BACKEND ?= 'local'
 PACKAGE_FEED_GPG_SIGNATURE_TYPE ?= 'ASC'
+PACKAGEINDEXDEPS += "gnupg-native:do_populate_sysroot"
 
 # Make feed signing key to be present in rootfs
 FEATURE_PACKAGES_package-management:append = " signing-keys-packagefeed"
-- 
2.25.1

[OE-core][kirkstone 12/27] git: correct license

[Steve Sakoman]

From: Konrad Weihmann <kweihmann@outlook.com>

by default git pulls in several code fragments not being licensed
under just GPL-2.0-only.

obstack and poll are licensed under GPL-2.0-or-later
reftable being BSD-3-Clause
sha1dc and inet_ntop being MIT
netmalloc being Bosst-1.0 aka BSL-1.0
regex being LGPL-2.1-or-later

Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5184e651651ed949d198882a10f406cef5939b7b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/git/git_2.35.2.bb | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-devtools/git/git_2.35.2.bb b/meta/recipes-devtools/git/git_2.35.2.bb
index 9812549221..fe137d94af 100644
--- a/meta/recipes-devtools/git/git_2.35.2.bb
+++ b/meta/recipes-devtools/git/git_2.35.2.bb
@@ -2,7 +2,7 @@ SUMMARY = "Distributed version control system"
 HOMEPAGE = "http://git-scm.com"
 DESCRIPTION = "Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency."
 SECTION = "console/utils"
-LICENSE = "GPL-2.0-only"
+LICENSE = "GPL-2.0-only & GPL-2.0-or-later & BSD-3-Clause & MIT & BSL-1.0 & LGPL-2.1-or-later"
 DEPENDS = "openssl zlib"
 
 PROVIDES:append:class-native = " git-replacement-native"
@@ -14,7 +14,16 @@ SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
 
 S = "${WORKDIR}/git-${PV}"
 
-LIC_FILES_CHKSUM = "file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1"
+LIC_FILES_CHKSUM = "\
+	file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1 \
+	file://reftable/LICENSE;md5=1a6424cafc4c9c88c689848e165af33b \
+	file://sha1dc/LICENSE.txt;md5=9bbe4c990a9e98ea4b98ef5d3bcb8a7a \
+	file://compat/nedmalloc/License.txt;md5=e4224ccaecb14d942c71d31bef20d78c \
+	file://compat/inet_ntop.c;md5=76593c6f74e8ced5b24520175688d59b;endline=16 \
+	file://compat/obstack.h;md5=08ad25fee5428cd879ceef451ce3a22e;endline=18 \
+	file://compat/poll/poll.h;md5=9fc00170a53b8e3e52157c91ac688dd1;endline=19 \
+	file://compat/regex/regex.h;md5=30cc8af0e6f0f8a25acec6d8783bb763;beginline=4;endline=22 \
+"
 
 CVE_PRODUCT = "git-scm:git"
 
-- 
2.25.1

[OE-core][kirkstone 13/27] ncurses: use COPYING file

[Steve Sakoman]

From: Konrad Weihmann <kweihmann@outlook.com>

which has the same info as the in-file header used in before

Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8618589c10f85b7a92de01d93180751a804837ea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/ncurses/ncurses.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/ncurses/ncurses.inc b/meta/recipes-core/ncurses/ncurses.inc
index a0ecd8a80b..7a7c7dd227 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -2,7 +2,7 @@ SUMMARY = "The New Curses library"
 DESCRIPTION = "SVr4 and XSI-Curses compatible curses library and terminfo tools including tic, infocmp, captoinfo. Supports color, multiple highlights, forms-drawing characters, and automatic recognition of keypad and function-key sequences. Extensions include resizable windows and mouse support on both xterm and Linux console using the gpm library."
 HOMEPAGE = "http://www.gnu.org/software/ncurses/ncurses.html"
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://ncurses/base/version.c;beginline=1;endline=27;md5=5526f2f3a29edc95538b368a4771edda"
+LIC_FILES_CHKSUM = "file://COPYING;md5=9529289636145d1bf093c96af067695a;endline=27"
 SECTION = "libs"
 DEPENDS = "ncurses-native"
 DEPENDS:class-native = ""
-- 
2.25.1

[OE-core][kirkstone 14/27] webkitgtk: adjust patch status

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e43558d5357aadf08521e7fb6170ad0bfd69f3f3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...indGObjectIntrospection.cmake-prefix-variables-obta.patch | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-sato/webkit/webkitgtk/0001-FindGObjectIntrospection.cmake-prefix-variables-obta.patch b/meta/recipes-sato/webkit/webkitgtk/0001-FindGObjectIntrospection.cmake-prefix-variables-obta.patch
index bccf74d9c9..2379924cc9 100644
--- a/meta/recipes-sato/webkit/webkitgtk/0001-FindGObjectIntrospection.cmake-prefix-variables-obta.patch
+++ b/meta/recipes-sato/webkit/webkitgtk/0001-FindGObjectIntrospection.cmake-prefix-variables-obta.patch
@@ -4,7 +4,10 @@ Date: Tue, 27 Oct 2015 16:02:19 +0200
 Subject: [PATCH] FindGObjectIntrospection.cmake: prefix variables obtained
  from pkg-config with PKG_CONFIG_SYSROOT_DIR
 
-Upstream-Status: Submitted [https://bugs.webkit.org/show_bug.cgi?id=232933]
+See discussion at https://bugs.webkit.org/show_bug.cgi?id=232933 for
+reasons why this is not approproiate for upstream submission.
+
+Upstream-Status: Inappropriate [oe-core specific]
 Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
 
 ---
-- 
2.25.1

[OE-core][kirkstone 15/27] create-spdx: fix error when symlink cannot be created

[Steve Sakoman]

From: Davide Gardenal <davidegarde2000@gmail.com>

If IMAGE_NAME and IMAGE_LINK_NAME are the same an
exception is raised in image_combine_spdx because
it cannot create a symlink with the same exact
path of the original file. In that case there is
no point in creating a link in the first place.

Refactor image_combine_spdx to avoid code duplication

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 88f76bba705007a7fcda506c79f743060d8f2e52)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/create-spdx.bbclass | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass
index 137db81a5b..47a8764bf0 100644
--- a/meta/classes/create-spdx.bbclass
+++ b/meta/classes/create-spdx.bbclass
@@ -835,16 +835,14 @@ python image_combine_spdx() {
 
     combine_spdx(d, image_name, imgdeploydir, img_spdxid, packages)
 
-    if image_link_name:
-        image_spdx_path = imgdeploydir / (image_name + ".spdx.json")
-        image_spdx_link = imgdeploydir / (image_link_name + ".spdx.json")
-        image_spdx_link.symlink_to(os.path.relpath(image_spdx_path, image_spdx_link.parent))
-
     def make_image_link(target_path, suffix):
         if image_link_name:
             link = imgdeploydir / (image_link_name + suffix)
-            link.symlink_to(os.path.relpath(target_path, link.parent))
+            if link != target_path:
+                link.symlink_to(os.path.relpath(target_path, link.parent))
 
+    image_spdx_path = imgdeploydir / (image_name + ".spdx.json")
+    make_image_link(image_spdx_path, ".spdx.json")
     spdx_tar_path = imgdeploydir / (image_name + ".spdx.tar.zst")
     make_image_link(spdx_tar_path, ".spdx.tar.zst")
     spdx_index_path = imgdeploydir / (image_name + ".spdx.index.json")
-- 
2.25.1

[OE-core][kirkstone 16/27] u-boot: Correct the SRC_URI

[Steve Sakoman]

From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>

This avoids a redirect.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 879bc5098943cf6977c32555ac31cb21be7b46ae)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-bsp/u-boot/u-boot-common.inc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/recipes-bsp/u-boot/u-boot-common.inc b/meta/recipes-bsp/u-boot/u-boot-common.inc
index 8e78ea4a75..488b923737 100644
--- a/meta/recipes-bsp/u-boot/u-boot-common.inc
+++ b/meta/recipes-bsp/u-boot/u-boot-common.inc
@@ -14,8 +14,7 @@ PE = "1"
 # repo during parse
 SRCREV = "d637294e264adfeb29f390dfc393106fd4d41b17"
 
-SRC_URI = "git://git.denx.de/u-boot.git;branch=master \
-          "
+SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master"
 
 S = "${WORKDIR}/git"
 B = "${WORKDIR}/build"
-- 
2.25.1

[OE-core][kirkstone 17/27] u-boot: Inherit pkgconfig

[Steve Sakoman]

From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>

pkg-config is used by the Makefiles, and thus pkgconfig needs to be
inherited.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6148ac9bc5d3e0d0ffdbbd6695acd96ca1836b78)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-bsp/u-boot/u-boot-common.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-bsp/u-boot/u-boot-common.inc b/meta/recipes-bsp/u-boot/u-boot-common.inc
index 488b923737..d366f10398 100644
--- a/meta/recipes-bsp/u-boot/u-boot-common.inc
+++ b/meta/recipes-bsp/u-boot/u-boot-common.inc
@@ -18,4 +18,7 @@ SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master"
 
 S = "${WORKDIR}/git"
 B = "${WORKDIR}/build"
+
+inherit pkgconfig
+
 do_configure[cleandirs] = "${B}"
-- 
2.25.1

[OE-core][kirkstone 18/27] update_udev_hwdb: fix multilib issue with systemd

[Steve Sakoman]

From: Kai Kang <kai.kang@windriver.com>

It duplicates udevadm in systemd recipe to make it could run
update_udev_hwdb with multilib enabled. Since systemd last update,
it deploys a shared library libsystemd-shared-250.so in /lib/systemd/.
The library will be overwritten when multilib enabled. Then if both
udev-hwdb and lib32-udev-hwdb are installed, it fails to run the
multilib version postinstall intercept update_udev_hwdb:

| /path/to/build/tmp-glibc/work/intel_x86_64-wrs-linux/wrlinux-image-small/1.0-r1/rootfs/usr/libexec/lib32-udevadm:
    error while loading shared libraries: libsystemd-shared-250.so: wrong ELF class: ELFCLASS64

`udevadm hwdb --update` just concatenates .hwdb files in dirs
/etc/udev/hwdb.d and /lib/udev/hwdb.d. The output file hwdb.bin is
identical with the one created by lib32-udevadm. So do NOT duplicate
lib32-udevadm in systemd and eudev. And update intercept script
update_udev_hwdb that re-run udevadm with same arch qemuwrapper if run
${binprefix}qemuwrapper failed.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3dba872a42c2be7d0865a30118984ab013850292)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/systemd/systemd_250.4.bb   | 5 -----
 meta/recipes-core/udev/eudev_3.2.10.bb       | 4 ----
 scripts/postinst-intercepts/update_udev_hwdb | 5 ++++-
 3 files changed, 4 insertions(+), 10 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd_250.4.bb b/meta/recipes-core/systemd/systemd_250.4.bb
index 2b346113b5..15e2185dff 100644
--- a/meta/recipes-core/systemd/systemd_250.4.bb
+++ b/meta/recipes-core/systemd/systemd_250.4.bb
@@ -337,10 +337,6 @@ do_install() {
 	# create link for existing udev rules
 	ln -s ${base_bindir}/udevadm ${D}${base_sbindir}/udevadm
 
-	# duplicate udevadm for postinst script
-	install -d ${D}${libexecdir}
-	ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm
-
 	# install default policy for presets
 	# https://www.freedesktop.org/wiki/Software/systemd/Preset/#howto
 	install -Dm 0644 ${WORKDIR}/99-default.preset ${D}${systemd_unitdir}/system-preset/99-default.preset
@@ -718,7 +714,6 @@ FILES:udev += "${base_sbindir}/udevd \
                ${base_bindir}/systemd-hwdb \
                ${base_bindir}/udevadm \
                ${base_sbindir}/udevadm \
-               ${libexecdir}/${MLPREFIX}udevadm \
                ${datadir}/bash-completion/completions/udevadm \
                ${systemd_system_unitdir}/systemd-hwdb-update.service \
               "
diff --git a/meta/recipes-core/udev/eudev_3.2.10.bb b/meta/recipes-core/udev/eudev_3.2.10.bb
index dec16be046..ccc66ae131 100644
--- a/meta/recipes-core/udev/eudev_3.2.10.bb
+++ b/meta/recipes-core/udev/eudev_3.2.10.bb
@@ -51,10 +51,6 @@ do_install:append() {
 
 	# hid2hci has moved to bluez4. removed in udev as of version 169
 	rm -f ${D}${base_libdir}/udev/hid2hci
-
-	# duplicate udevadm for postinst script
-	install -d ${D}${libexecdir}
-	ln ${D}${bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm
 }
 
 do_install:prepend:class-target () {
diff --git a/scripts/postinst-intercepts/update_udev_hwdb b/scripts/postinst-intercepts/update_udev_hwdb
index 8076b8ae6f..8b3f5de791 100644
--- a/scripts/postinst-intercepts/update_udev_hwdb
+++ b/scripts/postinst-intercepts/update_udev_hwdb
@@ -9,14 +9,17 @@ case "${PREFERRED_PROVIDER_udev}" in
 	systemd)
 		UDEV_EXTRA_ARGS="--usr"
 		UDEVLIBDIR="${rootlibexecdir}"
+		UDEVADM="${base_bindir}/udevadm"
 		;;
 
 	*)
 		UDEV_EXTRA_ARGS=""
 		UDEVLIBDIR="${sysconfdir}"
+		UDEVADM="${bindir}/udevadm"
 		;;
 esac
 
 rm -f $D${UDEVLIBDIR}/udev/hwdb.bin
-PSEUDO_UNLOAD=1 ${binprefix}qemuwrapper -L $D $D${libexecdir}/${binprefix}udevadm hwdb --update --root $D ${UDEV_EXTRA_ARGS}
+PSEUDO_UNLOAD=1 ${binprefix}qemuwrapper -L $D $D${UDEVADM} hwdb --update --root $D ${UDEV_EXTRA_ARGS} ||
+	PSEUDO_UNLOAD=1 qemuwrapper -L $D $D${UDEVADM} hwdb --update --root $D ${UDEV_EXTRA_ARGS}
 chown root:root $D${UDEVLIBDIR}/udev/hwdb.bin
-- 
2.25.1

[OE-core][kirkstone 19/27] linux-firmware: upgrade 20220310 -> 20220411

[Steve Sakoman]

From: wangmy <wangmy@fujitsu.com>

License-Update:
    Version of driver files updated
    Added files for some drivers

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 01684df3a51be476081ee21eb54c24fef00acb3f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...{linux-firmware_20220310.bb => linux-firmware_20220411.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220310.bb => linux-firmware_20220411.bb} (99%)

diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20220411.bb
similarity index 99%
rename from meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb
rename to meta/recipes-kernel/linux-firmware/linux-firmware_20220411.bb
index fa0f906db0..c7d9e1126e 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20220411.bb
@@ -132,7 +132,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
                     file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \
                     file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \
                     file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \
-                    file://WHENCE;md5=45a9c4a92d152e9495db81e1192f2bdc \
+                    file://WHENCE;md5=4cf67d71a21887c682c3989a4318745e \
                     "
 
 # These are not common licenses, set NO_GENERIC_LICENSE for them
@@ -205,7 +205,7 @@ PE = "1"
 
 SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "5938ee717b2023b48f6bfcf344b40ddc947e3e22c0bc36d4c3418f90fea68182"
+SRC_URI[sha256sum] = "020b11f6412f4956f5a6f98de7d41867d2b30ea0ce81b1e2d206ec9840363849"
 
 inherit allarch
 
-- 
2.25.1

[OE-core][kirkstone 20/27] wireless-regdb: upgrade 2022.02.18 -> 2022.04.08

[Steve Sakoman]

From: zhengruoqin <zhengrq.fnst@fujitsu.com>

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c6ea7450a919f2b571746e7af350c1362e41f8e1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...ireless-regdb_2022.02.18.bb => wireless-regdb_2022.04.08.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.02.18.bb => wireless-regdb_2022.04.08.bb} (94%)

diff --git a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.04.08.bb
similarity index 94%
rename from meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb
rename to meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.04.08.bb
index 801a6f0584..cd42039680 100644
--- a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb
+++ b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.04.08.bb
@@ -5,7 +5,7 @@ LICENSE = "ISC"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c"
 
 SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz"
-SRC_URI[sha256sum] = "8828c25a4ee25020044004f57374bb9deac852809fad70f8d3d01770bf9ac97f"
+SRC_URI[sha256sum] = "884ba2e3c1e8b98762b6dc25ff60b5ec75c8d33a39e019b3ed4aa615491460d3"
 
 inherit bin_package allarch
 
-- 
2.25.1

[OE-core][kirkstone 21/27] zlib: upgrade to 1.2.12

[Steve Sakoman]

From: Ross Burton <ross@burtonini.com>

First upstream release since 2017!
- Fix a deflate bug when using the Z_FIXED strategy that can result in out-of-bound accesses.
- Fix a deflate bug when the window is full in deflate_stored().
- Speed up CRC-32 computations by a factor of 1.5 to 3.
- Use the hardware CRC-32 instruction on ARMv8 processors.
- Speed up crc32_combine() with powers of x tables.
- Add crc32_combine_gen() and crc32_combine_op() for fast combines.

Drop CVE-2018-25032 as this is in the .12 release.

Rebase 0001-configure-Pass-LDFLAGS-to-link-tests.patch to apply cleanly.

Backport cc.patch to fix compilation with our CC.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4055d9fc81661d375c1721ffd502536c1ba74e02)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...configure-Pass-LDFLAGS-to-link-tests.patch |  25 +-
 .../zlib/zlib/CVE-2018-25032.patch            | 347 ------------------
 meta/recipes-core/zlib/zlib/cc.patch          |  27 ++
 .../zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb}   |   7 +-
 4 files changed, 43 insertions(+), 363 deletions(-)
 delete mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
 create mode 100644 meta/recipes-core/zlib/zlib/cc.patch
 rename meta/recipes-core/zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} (83%)

diff --git a/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch b/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch
index 91a1b4a09a..e6cc915ba5 100644
--- a/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch
+++ b/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch
@@ -1,4 +1,7 @@
-From 001971eef84485562f912d8edd4fc7688acfad91 Mon Sep 17 00:00:00 2001
+Upstream-Status: Submitted [https://github.com/madler/zlib/pull/599]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From f15584918a7fbbe3cc794ad59100e5e8153ea9f6 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Tue, 8 Mar 2022 22:38:47 -0800
 Subject: [PATCH] configure: Pass LDFLAGS to link tests
@@ -9,18 +12,16 @@ using LDFLAGS on compiler commandline along with CFLAGS to ensure the
 tests perform correctly. Without this some tests may fail resulting in
 wrong confgure result, ending in miscompiling the package
 
-Upstream-Status: Submitted [https://github.com/madler/zlib/pull/599]
-
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
  configure | 12 ++++++------
  1 file changed, 6 insertions(+), 6 deletions(-)
 
 diff --git a/configure b/configure
-index e974d1f..69dfa3f 100755
+index 52ff4a0..d04ee59 100755
 --- a/configure
 +++ b/configure
-@@ -410,7 +410,7 @@ if test $shared -eq 1; then
+@@ -427,7 +427,7 @@ if test $shared -eq 1; then
    echo Checking for shared library support... | tee -a configure.log
    # we must test in two steps (cc then ld), required at least on SunOS 4.x
    if try $CC -w -c $SFLAGS $test.c &&
@@ -29,7 +30,7 @@ index e974d1f..69dfa3f 100755
      echo Building shared library $SHAREDLIBV with $CC. | tee -a configure.log
    elif test -z "$old_cc" -a -z "$old_cflags"; then
      echo No shared library support. | tee -a configure.log
-@@ -492,7 +492,7 @@ int main(void) {
+@@ -503,7 +503,7 @@ int main(void) {
  }
  EOF
    fi
@@ -37,8 +38,8 @@ index e974d1f..69dfa3f 100755
 +  if try $CC $CFLAGS $LDFLAGS -o $test $test.c; then
      sizet=`./$test`
      echo "Checking for a pointer-size integer type..." $sizet"." | tee -a configure.log
-   else
-@@ -530,7 +530,7 @@ int main(void) {
+     CFLAGS="${CFLAGS} -DNO_SIZE_T=${sizet}"
+@@ -537,7 +537,7 @@ int main(void) {
    return 0;
  }
  EOF
@@ -47,7 +48,7 @@ index e974d1f..69dfa3f 100755
      echo "Checking for fseeko... Yes." | tee -a configure.log
    else
      CFLAGS="${CFLAGS} -DNO_FSEEKO"
-@@ -547,7 +547,7 @@ cat > $test.c <<EOF
+@@ -554,7 +554,7 @@ cat > $test.c <<EOF
  #include <errno.h>
  int main() { return strlen(strerror(errno)); }
  EOF
@@ -56,7 +57,7 @@ index e974d1f..69dfa3f 100755
    echo "Checking for strerror... Yes." | tee -a configure.log
  else
    CFLAGS="${CFLAGS} -DNO_STRERROR"
-@@ -654,7 +654,7 @@ int main()
+@@ -661,7 +661,7 @@ int main()
    return (mytest("Hello%d\n", 1));
  }
  EOF
@@ -65,7 +66,7 @@ index e974d1f..69dfa3f 100755
      echo "Checking for vsnprintf() in stdio.h... Yes." | tee -a configure.log
  
      echo >> configure.log
-@@ -744,7 +744,7 @@ int main()
+@@ -751,7 +751,7 @@ int main()
  }
  EOF
  
@@ -75,5 +76,5 @@ index e974d1f..69dfa3f 100755
  
      echo >> configure.log
 -- 
-2.35.1
+2.25.1
 
diff --git a/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
deleted file mode 100644
index 5cb6183641..0000000000
--- a/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
+++ /dev/null
@@ -1,347 +0,0 @@
-CVE: CVE-2018-25032
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 5c44459c3b28a9bd3283aaceab7c615f8020c531 Mon Sep 17 00:00:00 2001
-From: Mark Adler <madler@alumni.caltech.edu>
-Date: Tue, 17 Apr 2018 22:09:22 -0700
-Subject: [PATCH] Fix a bug that can crash deflate on some input when using
- Z_FIXED.
-
-This bug was reported by Danilo Ramos of Eideticom, Inc. It has
-lain in wait 13 years before being found! The bug was introduced
-in zlib 1.2.2.2, with the addition of the Z_FIXED option. That
-option forces the use of fixed Huffman codes. For rare inputs with
-a large number of distant matches, the pending buffer into which
-the compressed data is written can overwrite the distance symbol
-table which it overlays. That results in corrupted output due to
-invalid distances, and can result in out-of-bound accesses,
-crashing the application.
-
-The fix here combines the distance buffer and literal/length
-buffers into a single symbol buffer. Now three bytes of pending
-buffer space are opened up for each literal or length/distance
-pair consumed, instead of the previous two bytes. This assures
-that the pending buffer cannot overwrite the symbol table, since
-the maximum fixed code compressed length/distance is 31 bits, and
-since there are four bytes of pending space for every three bytes
-of symbol space.
----
- deflate.c | 74 ++++++++++++++++++++++++++++++++++++++++---------------
- deflate.h | 25 +++++++++----------
- trees.c   | 50 +++++++++++--------------------------
- 3 files changed, 79 insertions(+), 70 deletions(-)
-
-diff --git a/deflate.c b/deflate.c
-index 425babc00..19cba873a 100644
---- a/deflate.c
-+++ b/deflate.c
-@@ -255,11 +255,6 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
-     int wrap = 1;
-     static const char my_version[] = ZLIB_VERSION;
- 
--    ushf *overlay;
--    /* We overlay pending_buf and d_buf+l_buf. This works since the average
--     * output size for (length,distance) codes is <= 24 bits.
--     */
--
-     if (version == Z_NULL || version[0] != my_version[0] ||
-         stream_size != sizeof(z_stream)) {
-         return Z_VERSION_ERROR;
-@@ -329,9 +324,47 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
- 
-     s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
- 
--    overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
--    s->pending_buf = (uchf *) overlay;
--    s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
-+    /* We overlay pending_buf and sym_buf. This works since the average size
-+     * for length/distance pairs over any compressed block is assured to be 31
-+     * bits or less.
-+     *
-+     * Analysis: The longest fixed codes are a length code of 8 bits plus 5
-+     * extra bits, for lengths 131 to 257. The longest fixed distance codes are
-+     * 5 bits plus 13 extra bits, for distances 16385 to 32768. The longest
-+     * possible fixed-codes length/distance pair is then 31 bits total.
-+     *
-+     * sym_buf starts one-fourth of the way into pending_buf. So there are
-+     * three bytes in sym_buf for every four bytes in pending_buf. Each symbol
-+     * in sym_buf is three bytes -- two for the distance and one for the
-+     * literal/length. As each symbol is consumed, the pointer to the next
-+     * sym_buf value to read moves forward three bytes. From that symbol, up to
-+     * 31 bits are written to pending_buf. The closest the written pending_buf
-+     * bits gets to the next sym_buf symbol to read is just before the last
-+     * code is written. At that time, 31*(n-2) bits have been written, just
-+     * after 24*(n-2) bits have been consumed from sym_buf. sym_buf starts at
-+     * 8*n bits into pending_buf. (Note that the symbol buffer fills when n-1
-+     * symbols are written.) The closest the writing gets to what is unread is
-+     * then n+14 bits. Here n is lit_bufsize, which is 16384 by default, and
-+     * can range from 128 to 32768.
-+     *
-+     * Therefore, at a minimum, there are 142 bits of space between what is
-+     * written and what is read in the overlain buffers, so the symbols cannot
-+     * be overwritten by the compressed data. That space is actually 139 bits,
-+     * due to the three-bit fixed-code block header.
-+     *
-+     * That covers the case where either Z_FIXED is specified, forcing fixed
-+     * codes, or when the use of fixed codes is chosen, because that choice
-+     * results in a smaller compressed block than dynamic codes. That latter
-+     * condition then assures that the above analysis also covers all dynamic
-+     * blocks. A dynamic-code block will only be chosen to be emitted if it has
-+     * fewer bits than a fixed-code block would for the same set of symbols.
-+     * Therefore its average symbol length is assured to be less than 31. So
-+     * the compressed data for a dynamic block also cannot overwrite the
-+     * symbols from which it is being constructed.
-+     */
-+
-+    s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4);
-+    s->pending_buf_size = (ulg)s->lit_bufsize * 4;
- 
-     if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
-         s->pending_buf == Z_NULL) {
-@@ -340,8 +373,12 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
-         deflateEnd (strm);
-         return Z_MEM_ERROR;
-     }
--    s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
--    s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
-+    s->sym_buf = s->pending_buf + s->lit_bufsize;
-+    s->sym_end = (s->lit_bufsize - 1) * 3;
-+    /* We avoid equality with lit_bufsize*3 because of wraparound at 64K
-+     * on 16 bit machines and because stored blocks are restricted to
-+     * 64K-1 bytes.
-+     */
- 
-     s->level = level;
-     s->strategy = strategy;
-@@ -552,7 +589,7 @@ int ZEXPORT deflatePrime (strm, bits, value)
- 
-     if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
-     s = strm->state;
--    if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3))
-+    if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
-         return Z_BUF_ERROR;
-     do {
-         put = Buf_size - s->bi_valid;
-@@ -1113,7 +1150,6 @@ int ZEXPORT deflateCopy (dest, source)
- #else
-     deflate_state *ds;
-     deflate_state *ss;
--    ushf *overlay;
- 
- 
-     if (deflateStateCheck(source) || dest == Z_NULL) {
-@@ -1133,8 +1169,7 @@ int ZEXPORT deflateCopy (dest, source)
-     ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
-     ds->prev   = (Posf *)  ZALLOC(dest, ds->w_size, sizeof(Pos));
-     ds->head   = (Posf *)  ZALLOC(dest, ds->hash_size, sizeof(Pos));
--    overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
--    ds->pending_buf = (uchf *) overlay;
-+    ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4);
- 
-     if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
-         ds->pending_buf == Z_NULL) {
-@@ -1148,8 +1183,7 @@ int ZEXPORT deflateCopy (dest, source)
-     zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
- 
-     ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
--    ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
--    ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
-+    ds->sym_buf = ds->pending_buf + ds->lit_bufsize;
- 
-     ds->l_desc.dyn_tree = ds->dyn_ltree;
-     ds->d_desc.dyn_tree = ds->dyn_dtree;
-@@ -1925,7 +1959,7 @@ local block_state deflate_fast(s, flush)
-         FLUSH_BLOCK(s, 1);
-         return finish_done;
-     }
--    if (s->last_lit)
-+    if (s->sym_next)
-         FLUSH_BLOCK(s, 0);
-     return block_done;
- }
-@@ -2056,7 +2090,7 @@ local block_state deflate_slow(s, flush)
-         FLUSH_BLOCK(s, 1);
-         return finish_done;
-     }
--    if (s->last_lit)
-+    if (s->sym_next)
-         FLUSH_BLOCK(s, 0);
-     return block_done;
- }
-@@ -2131,7 +2165,7 @@ local block_state deflate_rle(s, flush)
-         FLUSH_BLOCK(s, 1);
-         return finish_done;
-     }
--    if (s->last_lit)
-+    if (s->sym_next)
-         FLUSH_BLOCK(s, 0);
-     return block_done;
- }
-@@ -2170,7 +2204,7 @@ local block_state deflate_huff(s, flush)
-         FLUSH_BLOCK(s, 1);
-         return finish_done;
-     }
--    if (s->last_lit)
-+    if (s->sym_next)
-         FLUSH_BLOCK(s, 0);
-     return block_done;
- }
-diff --git a/deflate.h b/deflate.h
-index 23ecdd312..d4cf1a98b 100644
---- a/deflate.h
-+++ b/deflate.h
-@@ -217,7 +217,7 @@ typedef struct internal_state {
-     /* Depth of each subtree used as tie breaker for trees of equal frequency
-      */
- 
--    uchf *l_buf;          /* buffer for literals or lengths */
-+    uchf *sym_buf;        /* buffer for distances and literals/lengths */
- 
-     uInt  lit_bufsize;
-     /* Size of match buffer for literals/lengths.  There are 4 reasons for
-@@ -239,13 +239,8 @@ typedef struct internal_state {
-      *   - I can't count above 4
-      */
- 
--    uInt last_lit;      /* running index in l_buf */
--
--    ushf *d_buf;
--    /* Buffer for distances. To simplify the code, d_buf and l_buf have
--     * the same number of elements. To use different lengths, an extra flag
--     * array would be necessary.
--     */
-+    uInt sym_next;      /* running index in sym_buf */
-+    uInt sym_end;       /* symbol table full when sym_next reaches this */
- 
-     ulg opt_len;        /* bit length of current block with optimal trees */
-     ulg static_len;     /* bit length of current block with static trees */
-@@ -325,20 +320,22 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
- 
- # define _tr_tally_lit(s, c, flush) \
-   { uch cc = (c); \
--    s->d_buf[s->last_lit] = 0; \
--    s->l_buf[s->last_lit++] = cc; \
-+    s->sym_buf[s->sym_next++] = 0; \
-+    s->sym_buf[s->sym_next++] = 0; \
-+    s->sym_buf[s->sym_next++] = cc; \
-     s->dyn_ltree[cc].Freq++; \
--    flush = (s->last_lit == s->lit_bufsize-1); \
-+    flush = (s->sym_next == s->sym_end); \
-    }
- # define _tr_tally_dist(s, distance, length, flush) \
-   { uch len = (uch)(length); \
-     ush dist = (ush)(distance); \
--    s->d_buf[s->last_lit] = dist; \
--    s->l_buf[s->last_lit++] = len; \
-+    s->sym_buf[s->sym_next++] = dist; \
-+    s->sym_buf[s->sym_next++] = dist >> 8; \
-+    s->sym_buf[s->sym_next++] = len; \
-     dist--; \
-     s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
-     s->dyn_dtree[d_code(dist)].Freq++; \
--    flush = (s->last_lit == s->lit_bufsize-1); \
-+    flush = (s->sym_next == s->sym_end); \
-   }
- #else
- # define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
-diff --git a/trees.c b/trees.c
-index 4f4a65011..decaeb7c3 100644
---- a/trees.c
-+++ b/trees.c
-@@ -416,7 +416,7 @@ local void init_block(s)
- 
-     s->dyn_ltree[END_BLOCK].Freq = 1;
-     s->opt_len = s->static_len = 0L;
--    s->last_lit = s->matches = 0;
-+    s->sym_next = s->matches = 0;
- }
- 
- #define SMALLEST 1
-@@ -948,7 +948,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
- 
-         Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
-                 opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
--                s->last_lit));
-+                s->sym_next / 3));
- 
-         if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
- 
-@@ -1017,8 +1017,9 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
-     unsigned dist;  /* distance of matched string */
-     unsigned lc;    /* match length-MIN_MATCH or unmatched char (if dist==0) */
- {
--    s->d_buf[s->last_lit] = (ush)dist;
--    s->l_buf[s->last_lit++] = (uch)lc;
-+    s->sym_buf[s->sym_next++] = dist;
-+    s->sym_buf[s->sym_next++] = dist >> 8;
-+    s->sym_buf[s->sym_next++] = lc;
-     if (dist == 0) {
-         /* lc is the unmatched char */
-         s->dyn_ltree[lc].Freq++;
-@@ -1033,30 +1034,7 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
-         s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
-         s->dyn_dtree[d_code(dist)].Freq++;
-     }
--
--#ifdef TRUNCATE_BLOCK
--    /* Try to guess if it is profitable to stop the current block here */
--    if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
--        /* Compute an upper bound for the compressed length */
--        ulg out_length = (ulg)s->last_lit*8L;
--        ulg in_length = (ulg)((long)s->strstart - s->block_start);
--        int dcode;
--        for (dcode = 0; dcode < D_CODES; dcode++) {
--            out_length += (ulg)s->dyn_dtree[dcode].Freq *
--                (5L+extra_dbits[dcode]);
--        }
--        out_length >>= 3;
--        Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
--               s->last_lit, in_length, out_length,
--               100L - out_length*100L/in_length));
--        if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
--    }
--#endif
--    return (s->last_lit == s->lit_bufsize-1);
--    /* We avoid equality with lit_bufsize because of wraparound at 64K
--     * on 16 bit machines and because stored blocks are restricted to
--     * 64K-1 bytes.
--     */
-+    return (s->sym_next == s->sym_end);
- }
- 
- /* ===========================================================================
-@@ -1069,13 +1047,14 @@ local void compress_block(s, ltree, dtree)
- {
-     unsigned dist;      /* distance of matched string */
-     int lc;             /* match length or unmatched char (if dist == 0) */
--    unsigned lx = 0;    /* running index in l_buf */
-+    unsigned sx = 0;    /* running index in sym_buf */
-     unsigned code;      /* the code to send */
-     int extra;          /* number of extra bits to send */
- 
--    if (s->last_lit != 0) do {
--        dist = s->d_buf[lx];
--        lc = s->l_buf[lx++];
-+    if (s->sym_next != 0) do {
-+        dist = s->sym_buf[sx++] & 0xff;
-+        dist += (unsigned)(s->sym_buf[sx++] & 0xff) << 8;
-+        lc = s->sym_buf[sx++];
-         if (dist == 0) {
-             send_code(s, lc, ltree); /* send a literal byte */
-             Tracecv(isgraph(lc), (stderr," '%c' ", lc));
-@@ -1100,11 +1079,10 @@ local void compress_block(s, ltree, dtree)
-             }
-         } /* literal or match pair ? */
- 
--        /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
--        Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
--               "pendingBuf overflow");
-+        /* Check that the overlay between pending_buf and sym_buf is ok: */
-+        Assert(s->pending < s->lit_bufsize + sx, "pendingBuf overflow");
- 
--    } while (lx < s->last_lit);
-+    } while (sx < s->sym_next);
- 
-     send_code(s, END_BLOCK, ltree);
- }
diff --git a/meta/recipes-core/zlib/zlib/cc.patch b/meta/recipes-core/zlib/zlib/cc.patch
new file mode 100644
index 0000000000..8fb974ded4
--- /dev/null
+++ b/meta/recipes-core/zlib/zlib/cc.patch
@@ -0,0 +1,27 @@
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 05796d3d8d5546cf1b4dfe2cd72ab746afae505d Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Mon, 28 Mar 2022 18:34:10 -0700
+Subject: [PATCH] Fix configure issue that discarded provided CC definition.
+
+---
+ configure | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/configure b/configure
+index 52ff4a04e..3fa3e8618 100755
+--- a/configure
++++ b/configure
+@@ -174,7 +174,10 @@ if test -z "$CC"; then
+   else
+     cc=${CROSS_PREFIX}cc
+   fi
++else
++  cc=${CC}
+ fi
++
+ cflags=${CFLAGS-"-O3"}
+ # to force the asm version use: CFLAGS="-O3 -DASMV" ./configure
+ case "$cc" in
diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.12.bb
similarity index 83%
rename from meta/recipes-core/zlib/zlib_1.2.11.bb
rename to meta/recipes-core/zlib/zlib_1.2.12.bb
index f8bcc0abcf..95e873584b 100644
--- a/meta/recipes-core/zlib/zlib_1.2.11.bb
+++ b/meta/recipes-core/zlib/zlib_1.2.12.bb
@@ -6,16 +6,15 @@ SECTION = "libs"
 LICENSE = "Zlib"
 LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef63bc555f7aa6c0"
 
-SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \
+SRC_URI = "https://zlib.net/${BP}.tar.xz \
+           file://cc.patch \
            file://ldflags-tests.patch \
            file://0001-configure-Pass-LDFLAGS-to-link-tests.patch \
-           file://CVE-2018-25032.patch \
            file://run-ptest \
            "
 UPSTREAM_CHECK_URI = "http://zlib.net/"
 
-SRC_URI[md5sum] = "85adef240c5f370b308da8c938951a68"
-SRC_URI[sha256sum] = "4ff941449631ace0d4d203e3483be9dbc9da454084111f97ea0a2114e19bf066"
+SRC_URI[sha256sum] = "7db46b8d7726232a621befaab4a1c870f00a90805511c0e0090441dac57def18"
 
 CFLAGS += "-D_REENTRANT"
 
-- 
2.25.1

[OE-core][kirkstone 22/27] libsoup: upgrade 3.0.5 -> 3.0.6

[Steve Sakoman]

From: wangmy <wangmy@fujitsu.com>

Changelog:
=========
* Misc HTTP/2 fixes
* Add PUT/POST support to examples/get
* Add `--user-agent` option to examples/get
* Misc meson improvements
* Fix build with Visual Studio

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0ee1c748af7520f50275b8dfb32f41de7f5e14c7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libsoup/{libsoup_3.0.5.bb => libsoup_3.0.6.bb}              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-support/libsoup/{libsoup_3.0.5.bb => libsoup_3.0.6.bb} (94%)

diff --git a/meta/recipes-support/libsoup/libsoup_3.0.5.bb b/meta/recipes-support/libsoup/libsoup_3.0.6.bb
similarity index 94%
rename from meta/recipes-support/libsoup/libsoup_3.0.5.bb
rename to meta/recipes-support/libsoup/libsoup_3.0.6.bb
index d2535c91a2..17825ae6a4 100644
--- a/meta/recipes-support/libsoup/libsoup_3.0.5.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.0.6.bb
@@ -12,7 +12,7 @@ DEPENDS = "glib-2.0 glib-2.0-native libxml2 sqlite3 libpsl nghttp2"
 SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}"
 
 SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz"
-SRC_URI[sha256sum] = "f5d143db6830b3825edc2a1c4449d639273b0bfa017a4970871962d9bca22145"
+SRC_URI[sha256sum] = "b45d59f840b9acf9bb45fd45854e3ef672f57e3ab957401c3ad8d7502ac23da6"
 
 PROVIDES = "libsoup-3.0"
 CVE_PRODUCT = "libsoup"
-- 
2.25.1

[OE-core][kirkstone 23/27] apt: upgrade 2.4.3 -> 2.4.4

[Steve Sakoman]

From: wangmy <wangmy@fujitsu.com>

apt (2.4.4)

  * Recognize Static-Built-Using and order it below Built-Using
    (Closes: #1008759)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c63741294c6322e6657f485034e434aab9fe2d8d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/apt/{apt_2.4.3.bb => apt_2.4.4.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/apt/{apt_2.4.3.bb => apt_2.4.4.bb} (97%)

diff --git a/meta/recipes-devtools/apt/apt_2.4.3.bb b/meta/recipes-devtools/apt/apt_2.4.4.bb
similarity index 97%
rename from meta/recipes-devtools/apt/apt_2.4.3.bb
rename to meta/recipes-devtools/apt/apt_2.4.4.bb
index 27e455747f..9faf1e7ea9 100644
--- a/meta/recipes-devtools/apt/apt_2.4.3.bb
+++ b/meta/recipes-devtools/apt/apt_2.4.4.bb
@@ -25,7 +25,7 @@ SRC_URI:append:class-nativesdk = " \
            file://0001-Revert-always-run-dpkg-configure-a-at-the-end-of-our.patch \
            "
 
-SRC_URI[sha256sum] = "5a7215ca924302da0b2205862cd2d651326eea222a589184ec6ce663885729f7"
+SRC_URI[sha256sum] = "d6d83d122ddd7cc83b2c2f839a55940c13ab93e5cf6024a010d6a6b4110dcf0e"
 LIC_FILES_CHKSUM = "file://COPYING.GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263"
 
 # the package is taken from snapshots.debian.org; that source is static and goes stale
-- 
2.25.1

[OE-core][kirkstone 24/27] libusb1: upgrade 1.0.25 -> 1.0.26

[Steve Sakoman]

From: wangmy <wangmy@fujitsu.com>

Changelog:
==========
* Fix regression with transfer free's after closing device
* Fix regression with destroyed context if API is misused
* Workaround for applications using missing default context
* Fix hotplog enumeration regression
* Fix Windows isochronous transfer regression since 1.0.24
* Fix macOS exit crash in some multi-context cases
* Build fixes for various platforms and configurations
* Fix Windows HID multi-interface product string retrieval
* Update isochronous OUT packet actual lengths on Windows
* Add interface bound checking for broken devices
* Add umockdev tests on Linux

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7353489980600af07d0771654da6a8a3b0df7572)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libusb/{libusb1_1.0.25.bb => libusb1_1.0.26.bb}             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-support/libusb/{libusb1_1.0.25.bb => libusb1_1.0.26.bb} (94%)

diff --git a/meta/recipes-support/libusb/libusb1_1.0.25.bb b/meta/recipes-support/libusb/libusb1_1.0.26.bb
similarity index 94%
rename from meta/recipes-support/libusb/libusb1_1.0.25.bb
rename to meta/recipes-support/libusb/libusb1_1.0.26.bb
index 64cc19e47d..fd63e7adc2 100644
--- a/meta/recipes-support/libusb/libusb1_1.0.25.bb
+++ b/meta/recipes-support/libusb/libusb1_1.0.26.bb
@@ -16,7 +16,7 @@ SRC_URI = "https://github.com/libusb/libusb/releases/download/v${PV}/libusb-${PV
 
 UPSTREAM_CHECK_URI = "https://github.com/libusb/libusb/releases"
 
-SRC_URI[sha256sum] = "8a28ef197a797ebac2702f095e81975e2b02b2eeff2774fa909c78a74ef50849"
+SRC_URI[sha256sum] = "12ce7a61fc9854d1d2a1ffe095f7b5fac19ddba095c259e6067a46500381b5a5"
 
 S = "${WORKDIR}/libusb-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 25/27] libgit2: upgrade 1.4.2 -> 1.4.3

[Steve Sakoman]

From: wangmy <wangmy@fujitsu.com>

Changelog:
=========
Validate repository directory ownership (v1.4)
midx: Fix an undefined behavior (left-shift signed overflow)
fetch: support OID refspec without dst
Fix crash when regenerating a patch with unquoted spaces in filename

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bef09c61ee32df214fb8cf6000e0314ff3a38156)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libgit2/{libgit2_1.4.2.bb => libgit2_1.4.3.bb}              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-support/libgit2/{libgit2_1.4.2.bb => libgit2_1.4.3.bb} (91%)

diff --git a/meta/recipes-support/libgit2/libgit2_1.4.2.bb b/meta/recipes-support/libgit2/libgit2_1.4.3.bb
similarity index 91%
rename from meta/recipes-support/libgit2/libgit2_1.4.2.bb
rename to meta/recipes-support/libgit2/libgit2_1.4.3.bb
index 88bf5a8520..7e27b5b018 100644
--- a/meta/recipes-support/libgit2/libgit2_1.4.2.bb
+++ b/meta/recipes-support/libgit2/libgit2_1.4.3.bb
@@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=e5a9227de4cb6afb5d35ed7b0fdf480d"
 DEPENDS = "curl openssl zlib libssh2 libgcrypt libpcre2"
 
 SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.4;protocol=https"
-SRCREV = "182d0d1ee933de46bf0b5a6ec269bafa77aba9a2"
+SRCREV = "465bbf88ea939a965fbcbade72870c61f815e457"
 
 S = "${WORKDIR}/git"
 
-- 
2.25.1

[OE-core][kirkstone 26/27] git: upgrade 2.35.2 -> 2.35.3

[Steve Sakoman]

From: zhengruoqin <zhengrq.fnst@fujitsu.com>

Bug fix release:

0f85c4a30b setup: opt-out of check with safe.directory=*
bb50ec3cc3 setup: fix safe.directory key not being checked
e47363e5a8 t0033: add tests for safe.directory

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 457b5d4dad3e6fa77e80bed66666c36caa452380)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/git/{git_2.35.2.bb => git_2.35.3.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/git/{git_2.35.2.bb => git_2.35.3.bb} (98%)

diff --git a/meta/recipes-devtools/git/git_2.35.2.bb b/meta/recipes-devtools/git/git_2.35.3.bb
similarity index 98%
rename from meta/recipes-devtools/git/git_2.35.2.bb
rename to meta/recipes-devtools/git/git_2.35.3.bb
index fe137d94af..68981d4fde 100644
--- a/meta/recipes-devtools/git/git_2.35.2.bb
+++ b/meta/recipes-devtools/git/git_2.35.3.bb
@@ -165,4 +165,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \
                  "
 EXTRA_OEMAKE += "NO_GETTEXT=1"
 
-SRC_URI[tarball.sha256sum] = "0decc02a47e792f522df3183c38a61ad8fbb38927502ca6781467a6599a888cb"
+SRC_URI[tarball.sha256sum] = "cad708072d5c0b390c71651f5edb44143f00b357766973470bf9adebc0944c03"
-- 
2.25.1

[OE-core][kirkstone 27/27] ruby: upgrade 3.1.1 -> 3.1.2

[Steve Sakoman]

From: zhengruoqin <zhengrq.fnst@fujitsu.com>

Ruby 3.1.2 has been released.

This release includes security fixes.

CVE-2022-28738: Double free in Regexp compilation
CVE-2022-28739: Buffer overrun in String-to-Float conversion

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1306c732a39070e12306b0b7a393e2a482c8b326)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} (97%)

diff --git a/meta/recipes-devtools/ruby/ruby_3.1.1.bb b/meta/recipes-devtools/ruby/ruby_3.1.2.bb
similarity index 97%
rename from meta/recipes-devtools/ruby/ruby_3.1.1.bb
rename to meta/recipes-devtools/ruby/ruby_3.1.2.bb
index d8fddfa520..38ba46731b 100644
--- a/meta/recipes-devtools/ruby/ruby_3.1.1.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.1.2.bb
@@ -14,7 +14,7 @@ SRC_URI += " \
            file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \
            "
 
-SRC_URI[sha256sum] = "fe6e4782de97443978ddba8ba4be38d222aa24dc3e3f02a6a8e7701c0eeb619d"
+SRC_URI[sha256sum] = "61843112389f02b735428b53bb64cf988ad9fb81858b8248e22e57336f24a83e"
 
 PACKAGECONFIG ??= ""
 PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
-- 
2.25.1

Re: [OE-core][kirkstone 21/27] zlib: upgrade to 1.2.12

[Steve Sakoman]

On Wed, Apr 20, 2022 at 4:09 AM Steve Sakoman via
lists.openembedded.org <steve=sakoman.com@lists.openembedded.org>
wrote:
>
> From: Ross Burton <ross@burtonini.com>

Richard indicated on irc that this upgrade probably shouldn't be taken
for kirkstone, so I'll drop it from this series.

Steve

> First upstream release since 2017!
> - Fix a deflate bug when using the Z_FIXED strategy that can result in out-of-bound accesses.
> - Fix a deflate bug when the window is full in deflate_stored().
> - Speed up CRC-32 computations by a factor of 1.5 to 3.
> - Use the hardware CRC-32 instruction on ARMv8 processors.
> - Speed up crc32_combine() with powers of x tables.
> - Add crc32_combine_gen() and crc32_combine_op() for fast combines.
>
> Drop CVE-2018-25032 as this is in the .12 release.
>
> Rebase 0001-configure-Pass-LDFLAGS-to-link-tests.patch to apply cleanly.
>
> Backport cc.patch to fix compilation with our CC.
>
> Signed-off-by: Ross Burton <ross.burton@arm.com>
> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> (cherry picked from commit 4055d9fc81661d375c1721ffd502536c1ba74e02)
> Signed-off-by: Steve Sakoman <steve@sakoman.com>
> ---
>  ...configure-Pass-LDFLAGS-to-link-tests.patch |  25 +-
>  .../zlib/zlib/CVE-2018-25032.patch            | 347 ------------------
>  meta/recipes-core/zlib/zlib/cc.patch          |  27 ++
>  .../zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb}   |   7 +-
>  4 files changed, 43 insertions(+), 363 deletions(-)
>  delete mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
>  create mode 100644 meta/recipes-core/zlib/zlib/cc.patch
>  rename meta/recipes-core/zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} (83%)
>
> diff --git a/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch b/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch
> index 91a1b4a09a..e6cc915ba5 100644
> --- a/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch
> +++ b/meta/recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch
> @@ -1,4 +1,7 @@
> -From 001971eef84485562f912d8edd4fc7688acfad91 Mon Sep 17 00:00:00 2001
> +Upstream-Status: Submitted [https://github.com/madler/zlib/pull/599]
> +Signed-off-by: Ross Burton <ross.burton@arm.com>
> +
> +From f15584918a7fbbe3cc794ad59100e5e8153ea9f6 Mon Sep 17 00:00:00 2001
>  From: Khem Raj <raj.khem@gmail.com>
>  Date: Tue, 8 Mar 2022 22:38:47 -0800
>  Subject: [PATCH] configure: Pass LDFLAGS to link tests
> @@ -9,18 +12,16 @@ using LDFLAGS on compiler commandline along with CFLAGS to ensure the
>  tests perform correctly. Without this some tests may fail resulting in
>  wrong confgure result, ending in miscompiling the package
>
> -Upstream-Status: Submitted [https://github.com/madler/zlib/pull/599]
> -
>  Signed-off-by: Khem Raj <raj.khem@gmail.com>
>  ---
>   configure | 12 ++++++------
>   1 file changed, 6 insertions(+), 6 deletions(-)
>
>  diff --git a/configure b/configure
> -index e974d1f..69dfa3f 100755
> +index 52ff4a0..d04ee59 100755
>  --- a/configure
>  +++ b/configure
> -@@ -410,7 +410,7 @@ if test $shared -eq 1; then
> +@@ -427,7 +427,7 @@ if test $shared -eq 1; then
>     echo Checking for shared library support... | tee -a configure.log
>     # we must test in two steps (cc then ld), required at least on SunOS 4.x
>     if try $CC -w -c $SFLAGS $test.c &&
> @@ -29,7 +30,7 @@ index e974d1f..69dfa3f 100755
>       echo Building shared library $SHAREDLIBV with $CC. | tee -a configure.log
>     elif test -z "$old_cc" -a -z "$old_cflags"; then
>       echo No shared library support. | tee -a configure.log
> -@@ -492,7 +492,7 @@ int main(void) {
> +@@ -503,7 +503,7 @@ int main(void) {
>   }
>   EOF
>     fi
> @@ -37,8 +38,8 @@ index e974d1f..69dfa3f 100755
>  +  if try $CC $CFLAGS $LDFLAGS -o $test $test.c; then
>       sizet=`./$test`
>       echo "Checking for a pointer-size integer type..." $sizet"." | tee -a configure.log
> -   else
> -@@ -530,7 +530,7 @@ int main(void) {
> +     CFLAGS="${CFLAGS} -DNO_SIZE_T=${sizet}"
> +@@ -537,7 +537,7 @@ int main(void) {
>     return 0;
>   }
>   EOF
> @@ -47,7 +48,7 @@ index e974d1f..69dfa3f 100755
>       echo "Checking for fseeko... Yes." | tee -a configure.log
>     else
>       CFLAGS="${CFLAGS} -DNO_FSEEKO"
> -@@ -547,7 +547,7 @@ cat > $test.c <<EOF
> +@@ -554,7 +554,7 @@ cat > $test.c <<EOF
>   #include <errno.h>
>   int main() { return strlen(strerror(errno)); }
>   EOF
> @@ -56,7 +57,7 @@ index e974d1f..69dfa3f 100755
>     echo "Checking for strerror... Yes." | tee -a configure.log
>   else
>     CFLAGS="${CFLAGS} -DNO_STRERROR"
> -@@ -654,7 +654,7 @@ int main()
> +@@ -661,7 +661,7 @@ int main()
>     return (mytest("Hello%d\n", 1));
>   }
>   EOF
> @@ -65,7 +66,7 @@ index e974d1f..69dfa3f 100755
>       echo "Checking for vsnprintf() in stdio.h... Yes." | tee -a configure.log
>
>       echo >> configure.log
> -@@ -744,7 +744,7 @@ int main()
> +@@ -751,7 +751,7 @@ int main()
>   }
>   EOF
>
> @@ -75,5 +76,5 @@ index e974d1f..69dfa3f 100755
>
>       echo >> configure.log
>  --
> -2.35.1
> +2.25.1
>
> diff --git a/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
> deleted file mode 100644
> index 5cb6183641..0000000000
> --- a/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
> +++ /dev/null
> @@ -1,347 +0,0 @@
> -CVE: CVE-2018-25032
> -Upstream-Status: Backport
> -Signed-off-by: Ross Burton <ross.burton@arm.com>
> -
> -From 5c44459c3b28a9bd3283aaceab7c615f8020c531 Mon Sep 17 00:00:00 2001
> -From: Mark Adler <madler@alumni.caltech.edu>
> -Date: Tue, 17 Apr 2018 22:09:22 -0700
> -Subject: [PATCH] Fix a bug that can crash deflate on some input when using
> - Z_FIXED.
> -
> -This bug was reported by Danilo Ramos of Eideticom, Inc. It has
> -lain in wait 13 years before being found! The bug was introduced
> -in zlib 1.2.2.2, with the addition of the Z_FIXED option. That
> -option forces the use of fixed Huffman codes. For rare inputs with
> -a large number of distant matches, the pending buffer into which
> -the compressed data is written can overwrite the distance symbol
> -table which it overlays. That results in corrupted output due to
> -invalid distances, and can result in out-of-bound accesses,
> -crashing the application.
> -
> -The fix here combines the distance buffer and literal/length
> -buffers into a single symbol buffer. Now three bytes of pending
> -buffer space are opened up for each literal or length/distance
> -pair consumed, instead of the previous two bytes. This assures
> -that the pending buffer cannot overwrite the symbol table, since
> -the maximum fixed code compressed length/distance is 31 bits, and
> -since there are four bytes of pending space for every three bytes
> -of symbol space.
> ----
> - deflate.c | 74 ++++++++++++++++++++++++++++++++++++++++---------------
> - deflate.h | 25 +++++++++----------
> - trees.c   | 50 +++++++++++--------------------------
> - 3 files changed, 79 insertions(+), 70 deletions(-)
> -
> -diff --git a/deflate.c b/deflate.c
> -index 425babc00..19cba873a 100644
> ---- a/deflate.c
> -+++ b/deflate.c
> -@@ -255,11 +255,6 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
> -     int wrap = 1;
> -     static const char my_version[] = ZLIB_VERSION;
> -
> --    ushf *overlay;
> --    /* We overlay pending_buf and d_buf+l_buf. This works since the average
> --     * output size for (length,distance) codes is <= 24 bits.
> --     */
> --
> -     if (version == Z_NULL || version[0] != my_version[0] ||
> -         stream_size != sizeof(z_stream)) {
> -         return Z_VERSION_ERROR;
> -@@ -329,9 +324,47 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
> -
> -     s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
> -
> --    overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
> --    s->pending_buf = (uchf *) overlay;
> --    s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
> -+    /* We overlay pending_buf and sym_buf. This works since the average size
> -+     * for length/distance pairs over any compressed block is assured to be 31
> -+     * bits or less.
> -+     *
> -+     * Analysis: The longest fixed codes are a length code of 8 bits plus 5
> -+     * extra bits, for lengths 131 to 257. The longest fixed distance codes are
> -+     * 5 bits plus 13 extra bits, for distances 16385 to 32768. The longest
> -+     * possible fixed-codes length/distance pair is then 31 bits total.
> -+     *
> -+     * sym_buf starts one-fourth of the way into pending_buf. So there are
> -+     * three bytes in sym_buf for every four bytes in pending_buf. Each symbol
> -+     * in sym_buf is three bytes -- two for the distance and one for the
> -+     * literal/length. As each symbol is consumed, the pointer to the next
> -+     * sym_buf value to read moves forward three bytes. From that symbol, up to
> -+     * 31 bits are written to pending_buf. The closest the written pending_buf
> -+     * bits gets to the next sym_buf symbol to read is just before the last
> -+     * code is written. At that time, 31*(n-2) bits have been written, just
> -+     * after 24*(n-2) bits have been consumed from sym_buf. sym_buf starts at
> -+     * 8*n bits into pending_buf. (Note that the symbol buffer fills when n-1
> -+     * symbols are written.) The closest the writing gets to what is unread is
> -+     * then n+14 bits. Here n is lit_bufsize, which is 16384 by default, and
> -+     * can range from 128 to 32768.
> -+     *
> -+     * Therefore, at a minimum, there are 142 bits of space between what is
> -+     * written and what is read in the overlain buffers, so the symbols cannot
> -+     * be overwritten by the compressed data. That space is actually 139 bits,
> -+     * due to the three-bit fixed-code block header.
> -+     *
> -+     * That covers the case where either Z_FIXED is specified, forcing fixed
> -+     * codes, or when the use of fixed codes is chosen, because that choice
> -+     * results in a smaller compressed block than dynamic codes. That latter
> -+     * condition then assures that the above analysis also covers all dynamic
> -+     * blocks. A dynamic-code block will only be chosen to be emitted if it has
> -+     * fewer bits than a fixed-code block would for the same set of symbols.
> -+     * Therefore its average symbol length is assured to be less than 31. So
> -+     * the compressed data for a dynamic block also cannot overwrite the
> -+     * symbols from which it is being constructed.
> -+     */
> -+
> -+    s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4);
> -+    s->pending_buf_size = (ulg)s->lit_bufsize * 4;
> -
> -     if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
> -         s->pending_buf == Z_NULL) {
> -@@ -340,8 +373,12 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
> -         deflateEnd (strm);
> -         return Z_MEM_ERROR;
> -     }
> --    s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
> --    s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
> -+    s->sym_buf = s->pending_buf + s->lit_bufsize;
> -+    s->sym_end = (s->lit_bufsize - 1) * 3;
> -+    /* We avoid equality with lit_bufsize*3 because of wraparound at 64K
> -+     * on 16 bit machines and because stored blocks are restricted to
> -+     * 64K-1 bytes.
> -+     */
> -
> -     s->level = level;
> -     s->strategy = strategy;
> -@@ -552,7 +589,7 @@ int ZEXPORT deflatePrime (strm, bits, value)
> -
> -     if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
> -     s = strm->state;
> --    if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3))
> -+    if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
> -         return Z_BUF_ERROR;
> -     do {
> -         put = Buf_size - s->bi_valid;
> -@@ -1113,7 +1150,6 @@ int ZEXPORT deflateCopy (dest, source)
> - #else
> -     deflate_state *ds;
> -     deflate_state *ss;
> --    ushf *overlay;
> -
> -
> -     if (deflateStateCheck(source) || dest == Z_NULL) {
> -@@ -1133,8 +1169,7 @@ int ZEXPORT deflateCopy (dest, source)
> -     ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
> -     ds->prev   = (Posf *)  ZALLOC(dest, ds->w_size, sizeof(Pos));
> -     ds->head   = (Posf *)  ZALLOC(dest, ds->hash_size, sizeof(Pos));
> --    overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
> --    ds->pending_buf = (uchf *) overlay;
> -+    ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4);
> -
> -     if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
> -         ds->pending_buf == Z_NULL) {
> -@@ -1148,8 +1183,7 @@ int ZEXPORT deflateCopy (dest, source)
> -     zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
> -
> -     ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
> --    ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
> --    ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
> -+    ds->sym_buf = ds->pending_buf + ds->lit_bufsize;
> -
> -     ds->l_desc.dyn_tree = ds->dyn_ltree;
> -     ds->d_desc.dyn_tree = ds->dyn_dtree;
> -@@ -1925,7 +1959,7 @@ local block_state deflate_fast(s, flush)
> -         FLUSH_BLOCK(s, 1);
> -         return finish_done;
> -     }
> --    if (s->last_lit)
> -+    if (s->sym_next)
> -         FLUSH_BLOCK(s, 0);
> -     return block_done;
> - }
> -@@ -2056,7 +2090,7 @@ local block_state deflate_slow(s, flush)
> -         FLUSH_BLOCK(s, 1);
> -         return finish_done;
> -     }
> --    if (s->last_lit)
> -+    if (s->sym_next)
> -         FLUSH_BLOCK(s, 0);
> -     return block_done;
> - }
> -@@ -2131,7 +2165,7 @@ local block_state deflate_rle(s, flush)
> -         FLUSH_BLOCK(s, 1);
> -         return finish_done;
> -     }
> --    if (s->last_lit)
> -+    if (s->sym_next)
> -         FLUSH_BLOCK(s, 0);
> -     return block_done;
> - }
> -@@ -2170,7 +2204,7 @@ local block_state deflate_huff(s, flush)
> -         FLUSH_BLOCK(s, 1);
> -         return finish_done;
> -     }
> --    if (s->last_lit)
> -+    if (s->sym_next)
> -         FLUSH_BLOCK(s, 0);
> -     return block_done;
> - }
> -diff --git a/deflate.h b/deflate.h
> -index 23ecdd312..d4cf1a98b 100644
> ---- a/deflate.h
> -+++ b/deflate.h
> -@@ -217,7 +217,7 @@ typedef struct internal_state {
> -     /* Depth of each subtree used as tie breaker for trees of equal frequency
> -      */
> -
> --    uchf *l_buf;          /* buffer for literals or lengths */
> -+    uchf *sym_buf;        /* buffer for distances and literals/lengths */
> -
> -     uInt  lit_bufsize;
> -     /* Size of match buffer for literals/lengths.  There are 4 reasons for
> -@@ -239,13 +239,8 @@ typedef struct internal_state {
> -      *   - I can't count above 4
> -      */
> -
> --    uInt last_lit;      /* running index in l_buf */
> --
> --    ushf *d_buf;
> --    /* Buffer for distances. To simplify the code, d_buf and l_buf have
> --     * the same number of elements. To use different lengths, an extra flag
> --     * array would be necessary.
> --     */
> -+    uInt sym_next;      /* running index in sym_buf */
> -+    uInt sym_end;       /* symbol table full when sym_next reaches this */
> -
> -     ulg opt_len;        /* bit length of current block with optimal trees */
> -     ulg static_len;     /* bit length of current block with static trees */
> -@@ -325,20 +320,22 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
> -
> - # define _tr_tally_lit(s, c, flush) \
> -   { uch cc = (c); \
> --    s->d_buf[s->last_lit] = 0; \
> --    s->l_buf[s->last_lit++] = cc; \
> -+    s->sym_buf[s->sym_next++] = 0; \
> -+    s->sym_buf[s->sym_next++] = 0; \
> -+    s->sym_buf[s->sym_next++] = cc; \
> -     s->dyn_ltree[cc].Freq++; \
> --    flush = (s->last_lit == s->lit_bufsize-1); \
> -+    flush = (s->sym_next == s->sym_end); \
> -    }
> - # define _tr_tally_dist(s, distance, length, flush) \
> -   { uch len = (uch)(length); \
> -     ush dist = (ush)(distance); \
> --    s->d_buf[s->last_lit] = dist; \
> --    s->l_buf[s->last_lit++] = len; \
> -+    s->sym_buf[s->sym_next++] = dist; \
> -+    s->sym_buf[s->sym_next++] = dist >> 8; \
> -+    s->sym_buf[s->sym_next++] = len; \
> -     dist--; \
> -     s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
> -     s->dyn_dtree[d_code(dist)].Freq++; \
> --    flush = (s->last_lit == s->lit_bufsize-1); \
> -+    flush = (s->sym_next == s->sym_end); \
> -   }
> - #else
> - # define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
> -diff --git a/trees.c b/trees.c
> -index 4f4a65011..decaeb7c3 100644
> ---- a/trees.c
> -+++ b/trees.c
> -@@ -416,7 +416,7 @@ local void init_block(s)
> -
> -     s->dyn_ltree[END_BLOCK].Freq = 1;
> -     s->opt_len = s->static_len = 0L;
> --    s->last_lit = s->matches = 0;
> -+    s->sym_next = s->matches = 0;
> - }
> -
> - #define SMALLEST 1
> -@@ -948,7 +948,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
> -
> -         Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
> -                 opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
> --                s->last_lit));
> -+                s->sym_next / 3));
> -
> -         if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
> -
> -@@ -1017,8 +1017,9 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
> -     unsigned dist;  /* distance of matched string */
> -     unsigned lc;    /* match length-MIN_MATCH or unmatched char (if dist==0) */
> - {
> --    s->d_buf[s->last_lit] = (ush)dist;
> --    s->l_buf[s->last_lit++] = (uch)lc;
> -+    s->sym_buf[s->sym_next++] = dist;
> -+    s->sym_buf[s->sym_next++] = dist >> 8;
> -+    s->sym_buf[s->sym_next++] = lc;
> -     if (dist == 0) {
> -         /* lc is the unmatched char */
> -         s->dyn_ltree[lc].Freq++;
> -@@ -1033,30 +1034,7 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
> -         s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
> -         s->dyn_dtree[d_code(dist)].Freq++;
> -     }
> --
> --#ifdef TRUNCATE_BLOCK
> --    /* Try to guess if it is profitable to stop the current block here */
> --    if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
> --        /* Compute an upper bound for the compressed length */
> --        ulg out_length = (ulg)s->last_lit*8L;
> --        ulg in_length = (ulg)((long)s->strstart - s->block_start);
> --        int dcode;
> --        for (dcode = 0; dcode < D_CODES; dcode++) {
> --            out_length += (ulg)s->dyn_dtree[dcode].Freq *
> --                (5L+extra_dbits[dcode]);
> --        }
> --        out_length >>= 3;
> --        Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
> --               s->last_lit, in_length, out_length,
> --               100L - out_length*100L/in_length));
> --        if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
> --    }
> --#endif
> --    return (s->last_lit == s->lit_bufsize-1);
> --    /* We avoid equality with lit_bufsize because of wraparound at 64K
> --     * on 16 bit machines and because stored blocks are restricted to
> --     * 64K-1 bytes.
> --     */
> -+    return (s->sym_next == s->sym_end);
> - }
> -
> - /* ===========================================================================
> -@@ -1069,13 +1047,14 @@ local void compress_block(s, ltree, dtree)
> - {
> -     unsigned dist;      /* distance of matched string */
> -     int lc;             /* match length or unmatched char (if dist == 0) */
> --    unsigned lx = 0;    /* running index in l_buf */
> -+    unsigned sx = 0;    /* running index in sym_buf */
> -     unsigned code;      /* the code to send */
> -     int extra;          /* number of extra bits to send */
> -
> --    if (s->last_lit != 0) do {
> --        dist = s->d_buf[lx];
> --        lc = s->l_buf[lx++];
> -+    if (s->sym_next != 0) do {
> -+        dist = s->sym_buf[sx++] & 0xff;
> -+        dist += (unsigned)(s->sym_buf[sx++] & 0xff) << 8;
> -+        lc = s->sym_buf[sx++];
> -         if (dist == 0) {
> -             send_code(s, lc, ltree); /* send a literal byte */
> -             Tracecv(isgraph(lc), (stderr," '%c' ", lc));
> -@@ -1100,11 +1079,10 @@ local void compress_block(s, ltree, dtree)
> -             }
> -         } /* literal or match pair ? */
> -
> --        /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
> --        Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
> --               "pendingBuf overflow");
> -+        /* Check that the overlay between pending_buf and sym_buf is ok: */
> -+        Assert(s->pending < s->lit_bufsize + sx, "pendingBuf overflow");
> -
> --    } while (lx < s->last_lit);
> -+    } while (sx < s->sym_next);
> -
> -     send_code(s, END_BLOCK, ltree);
> - }
> diff --git a/meta/recipes-core/zlib/zlib/cc.patch b/meta/recipes-core/zlib/zlib/cc.patch
> new file mode 100644
> index 0000000000..8fb974ded4
> --- /dev/null
> +++ b/meta/recipes-core/zlib/zlib/cc.patch
> @@ -0,0 +1,27 @@
> +Upstream-Status: Backport
> +Signed-off-by: Ross Burton <ross.burton@arm.com>
> +
> +From 05796d3d8d5546cf1b4dfe2cd72ab746afae505d Mon Sep 17 00:00:00 2001
> +From: Mark Adler <madler@alumni.caltech.edu>
> +Date: Mon, 28 Mar 2022 18:34:10 -0700
> +Subject: [PATCH] Fix configure issue that discarded provided CC definition.
> +
> +---
> + configure | 3 +++
> + 1 file changed, 3 insertions(+)
> +
> +diff --git a/configure b/configure
> +index 52ff4a04e..3fa3e8618 100755
> +--- a/configure
> ++++ b/configure
> +@@ -174,7 +174,10 @@ if test -z "$CC"; then
> +   else
> +     cc=${CROSS_PREFIX}cc
> +   fi
> ++else
> ++  cc=${CC}
> + fi
> ++
> + cflags=${CFLAGS-"-O3"}
> + # to force the asm version use: CFLAGS="-O3 -DASMV" ./configure
> + case "$cc" in
> diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.12.bb
> similarity index 83%
> rename from meta/recipes-core/zlib/zlib_1.2.11.bb
> rename to meta/recipes-core/zlib/zlib_1.2.12.bb
> index f8bcc0abcf..95e873584b 100644
> --- a/meta/recipes-core/zlib/zlib_1.2.11.bb
> +++ b/meta/recipes-core/zlib/zlib_1.2.12.bb
> @@ -6,16 +6,15 @@ SECTION = "libs"
>  LICENSE = "Zlib"
>  LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef63bc555f7aa6c0"
>
> -SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \
> +SRC_URI = "https://zlib.net/${BP}.tar.xz \
> +           file://cc.patch \
>             file://ldflags-tests.patch \
>             file://0001-configure-Pass-LDFLAGS-to-link-tests.patch \
> -           file://CVE-2018-25032.patch \
>             file://run-ptest \
>             "
>  UPSTREAM_CHECK_URI = "http://zlib.net/"
>
> -SRC_URI[md5sum] = "85adef240c5f370b308da8c938951a68"
> -SRC_URI[sha256sum] = "4ff941449631ace0d4d203e3483be9dbc9da454084111f97ea0a2114e19bf066"
> +SRC_URI[sha256sum] = "7db46b8d7726232a621befaab4a1c870f00a90805511c0e0090441dac57def18"
>
>  CFLAGS += "-D_REENTRANT"
>
> --
> 2.25.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164689): https://lists.openembedded.org/g/openembedded-core/message/164689
> Mute This Topic: https://lists.openembedded.org/mt/90584549/3620601
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>