[OE-core][dunfell 00/41] Patch review

[OE-core][dunfell 00/41] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments
back by end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1440

The following changes since commit b39bda4cc62db12c0edfbe489d5a7f5988ede6a9:

  build-appliance-image: Update to dunfell head revision (2020-09-23 12:48:03 +0100)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Andrey Zhizhikin (1):
  insane: check for missing update-alternatives inherit

Bruce Ashfield (5):
  kernel-yocto: add KBUILD_DEFCONFIG search location to failure message
  linux-yocto/config: netfilter: Enable nat for ipv4 and ipv6
  linux-yocto/5.4: update to v5.4.64
  linux-yocto/5.4: update to v5.4.65
  lttng-modules: backport writeback.h changes from 2.12.x to fix kernel
    5.4.62+

Chee Yang Lee (4):
  qemu : fix CVE-2020-16092
  bash : inlcude patch 17 & 18
  xserver-xorg: fix CVE-2020-14346/14361/14362
  libx11: fix CVE-2020-14363

Chris Laplante (3):
  cve-update-db-native: be less magical about checking whether the
    cve-check class is enabled
  cve-update-db-native: move -journal checking into do_fetch
  cve-update-db-native: remove unused variable

Christian Eggers (1):
  packagegroup: rrecommend perf also for musl on ARM

De Huo (1):
  bash: fix CVE-2019-18276

Jacob Kroon (1):
  insane: Check for feature check variables not being used

Joshua Watt (4):
  wic: Add --offset argument for partitions
  wic: Fix --extra-space argument handling
  wic: Fix error message when reporting invalid offset
  wic: Add 512 Byte alignment to --offset

Khem Raj (2):
  site: Make sys_siglist default to no
  packagegroups: remove strace and lttng-tools for rv32/musl

Konrad Weihmann (1):
  testexport: rename create_tarball method

Michael Gloff (1):
  sysvinit rc: Use PSPLASH_FIFO_DIR for progress fifo

Norman Stetter (1):
  sstate.bbclass: Check file ownership before doing 'touch -a'

Otavio Salvador (1):
  openssh: Allow enable/disable of rng-tools recommendation on sshd

Randy MacLeod (1):
  curl: Change SRC_URI from http to https

Richard Purdie (10):
  python3-markupsafe: Import from meta-oe/meta-python
  python3-jinja2: Import from meta-oe/meta-python
  buildtools-tarball: Add python3-jinja2
  dropbear/openssh: Lower priority of key generation
  buildtools: Handle generic environment setup injection
  buildtools-tarball: Fix conflicts with oe-selftest and other tooling
  oeqa/qemurunner: Increase serial timeout
  oeqa/selftest/incompatible_lib: Fix append usage
  oeqa/selftest/containerimage: Update to match assumptions in
    configuration
  ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keys

Ross Burton (3):
  alsa-plugins: improve .la removal
  sato-screenshot: improve .la removal
  meta: add/fix invalid Upstream-Status tags

Steve Sakoman (1):
  xinput-calibrator: change SRC_URI to branch with libinput support

 meta/classes/insane.bbclass                   |  21 +-
 meta/classes/kernel-yocto.bbclass             |   2 +-
 meta/classes/sstate.bbclass                   |   2 +-
 meta/classes/testexport.bbclass               |   8 +-
 meta/conf/distro/include/maintainers.inc      |   3 +
 .../lib/oeqa/selftest/cases/containerimage.py |   3 +
 .../oeqa/selftest/cases/incompatible_lic.py   |   2 +-
 meta/lib/oeqa/selftest/cases/wic.py           | 157 +++++--
 meta/lib/oeqa/utils/qemurunner.py             |   2 +-
 .../openssh/openssh/sshdgenkeys.service       |   1 +
 .../openssh/openssh_8.2p1.bb                  |  10 +-
 .../ssh-pregen-hostkeys/dropbear_rsa_host_key | Bin 0 -> 805 bytes
 .../openssh/ssh_host_ecdsa_key                |   9 +
 .../openssh/ssh_host_ecdsa_key.pub            |   1 +
 .../openssh/ssh_host_ed25519_key              |   7 +
 .../openssh/ssh_host_ed25519_key.pub          |   1 +
 .../openssh/ssh_host_rsa_key                  |  38 ++
 .../openssh/ssh_host_rsa_key.pub              |   1 +
 .../ssh-pregen-hostkeys_1.0.bb                |  19 +
 .../dropbear/dropbear/dropbearkey.service     |   1 +
 meta/recipes-core/meta/buildtools-tarball.bb  |  23 +-
 .../recipes-core/meta/cve-update-db-native.bb |  18 +-
 .../packagegroup-core-tools-debug.bb          |   5 +-
 .../packagegroup-core-tools-profile.bb        |   2 +
 meta/recipes-core/sysvinit/sysvinit/rc        |   9 +-
 .../python/python3-jinja2/run-ptest           |   3 +
 .../python/python3-jinja2_2.11.2.bb           |  45 ++
 .../python/python3-markupsafe/run-ptest       |   3 +
 .../python/python3-markupsafe_1.1.1.bb        |  28 ++
 ...ssing-libraries-to-Extension-for-mul.patch |   2 +-
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 ...mu-Do-not-include-file-if-not-exists.patch |   2 +-
 .../qemu/qemu/CVE-2020-16092.patch            |  45 ++
 .../bash/bash/bash-CVE-2019-18276.patch       | 386 ++++++++++++++++++
 meta/recipes-extended/bash/bash_5.0.bb        |   8 +
 .../0004-guard-mallocopt-with-__GLIBC__.patch |   2 +-
 .../xinput-calibrator_git.bb                  |   4 +-
 .../xorg-lib/libx11/CVE-2020-14363.patch      |  36 ++
 .../recipes-graphics/xorg-lib/libx11_1.6.9.bb |   1 +
 .../xserver-xorg/CVE-2020-14346.patch         |  36 ++
 .../xserver-xorg/CVE-2020-14361.patch         |  36 ++
 .../xserver-xorg/CVE-2020-14362.patch         |  70 ++++
 .../xorg-xserver/xserver-xorg_1.20.8.bb       |   3 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 ...ckport-writeback.h-changes-from-2.12.patch | 128 ++++++
 .../lttng/lttng-modules_2.11.2.bb             |   7 +-
 .../alsa/alsa-plugins_1.2.1.bb                |   2 +-
 .../sato-screenshot/sato-screenshot_0.3.bb    |   2 +-
 meta/recipes-support/curl/curl_7.69.1.bb      |   2 +-
 meta/site/common                              |   7 +
 meta/site/common-glibc                        |   3 -
 meta/site/common-musl                         |   5 -
 scripts/lib/wic/ksparser.py                   |  56 ++-
 scripts/lib/wic/partition.py                  |   1 +
 scripts/lib/wic/plugins/imager/direct.py      |  15 +
 57 files changed, 1202 insertions(+), 118 deletions(-)
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
 create mode 100644 meta/recipes-devtools/python/python3-jinja2/run-ptest
 create mode 100644 meta/recipes-devtools/python/python3-jinja2_2.11.2.bb
 create mode 100644 meta/recipes-devtools/python/python3-markupsafe/run-ptest
 create mode 100644 meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch
 create mode 100644 meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch
 create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14363.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14361.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14362.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-lttng-modules-backport-writeback.h-changes-from-2.12.patch

-- 
2.17.1

[OE-core][dunfell 01/41] python3-markupsafe: Import from meta-oe/meta-python

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Needed as a dependency of python3-jinja2. ptest is disabled for OE-Core, at
least for now since it depends on python3-pytest which in turn has may other
dependencies.

Acked-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a6f2727fd309b8b46a7ac1b8d99ae1d77a6ee74c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/distro/include/maintainers.inc      |  1 +
 .../python/python3-markupsafe/run-ptest       |  3 ++
 .../python/python3-markupsafe_1.1.1.bb        | 28 +++++++++++++++++++
 3 files changed, 32 insertions(+)
 create mode 100644 meta/recipes-devtools/python/python3-markupsafe/run-ptest
 create mode 100644 meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb

diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 4570fac454..8da0bd32d0 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -585,6 +585,7 @@ RECIPE_MAINTAINER_pn-python3-iniparse = "Oleksandr Kravchuk <open.source@oleksan
 RECIPE_MAINTAINER_pn-python3-libarchive-c = "Joshua Watt <JPEWhacker@gmail.com>"
 RECIPE_MAINTAINER_pn-python3-magic = "Joshua Watt <JPEWhacker@gmail.com>"
 RECIPE_MAINTAINER_pn-python3-mako = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
+RECIPE_MAINTAINER_pn-python3-markupsafe = "Richard Purdie <richard.purdie@linuxfoundation.org>"
 RECIPE_MAINTAINER_pn-python3-nose = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
 RECIPE_MAINTAINER_pn-python3-numpy = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
 RECIPE_MAINTAINER_pn-python3-pbr = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
diff --git a/meta/recipes-devtools/python/python3-markupsafe/run-ptest b/meta/recipes-devtools/python/python3-markupsafe/run-ptest
new file mode 100644
index 0000000000..5cec711696
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-markupsafe/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+pytest
diff --git a/meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb b/meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb
new file mode 100644
index 0000000000..403a98a43f
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb
@@ -0,0 +1,28 @@
+DESCRIPTION = "Implements a XML/HTML/XHTML Markup safe string for Python"
+HOMEPAGE = "http://github.com/mitsuhiko/markupsafe"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=ffeffa59c90c9c4a033c7574f8f3fb75"
+
+SRC_URI[md5sum] = "43fd756864fe42063068e092e220c57b"
+SRC_URI[sha256sum] = "29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b"
+
+PYPI_PACKAGE = "MarkupSafe"
+inherit pypi setuptools3
+# ptest disabled in OE-Core for now due to missing dependencies
+
+RDEPENDS_${PN} += "${PYTHON_PN}-stringold"
+
+BBCLASSEXTEND = "native nativesdk"
+
+SRC_URI += " \
+	file://run-ptest \
+"
+
+RDEPENDS_${PN}-ptest += " \
+	${PYTHON_PN}-pytest \
+"
+
+do_install_ptest() {
+	install -d ${D}${PTEST_PATH}/tests
+	cp -f ${S}/tests/* ${D}${PTEST_PATH}/tests/
+}
-- 
2.17.1

[OE-core][dunfell 02/41] python3-jinja2: Import from meta-oe/meta-python

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

This is used by some of the results handling code and needed as part of
buildtools tarball on various autobuilder worker for testing.

ptest is disabled for OE-Core, at least for now since it depends on
python3-pytest which in turn has may other dependencies.

Acked-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b5156e95e9e80e3e0f7eea181cd12f85e03a111d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/distro/include/maintainers.inc      |  1 +
 .../python/python3-jinja2/run-ptest           |  3 ++
 .../python/python3-jinja2_2.11.2.bb           | 45 +++++++++++++++++++
 3 files changed, 49 insertions(+)
 create mode 100644 meta/recipes-devtools/python/python3-jinja2/run-ptest
 create mode 100644 meta/recipes-devtools/python/python3-jinja2_2.11.2.bb

diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 8da0bd32d0..9b0a3997c4 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -582,6 +582,7 @@ RECIPE_MAINTAINER_pn-python3-extras = "Oleksandr Kravchuk <open.source@oleksandr
 RECIPE_MAINTAINER_pn-python3-git = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
 RECIPE_MAINTAINER_pn-python3-gitdb = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
 RECIPE_MAINTAINER_pn-python3-iniparse = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
+RECIPE_MAINTAINER_pn-python3-jinja2 = "Richard Purdie <richard.purdie@linuxfoundation.org>"
 RECIPE_MAINTAINER_pn-python3-libarchive-c = "Joshua Watt <JPEWhacker@gmail.com>"
 RECIPE_MAINTAINER_pn-python3-magic = "Joshua Watt <JPEWhacker@gmail.com>"
 RECIPE_MAINTAINER_pn-python3-mako = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
diff --git a/meta/recipes-devtools/python/python3-jinja2/run-ptest b/meta/recipes-devtools/python/python3-jinja2/run-ptest
new file mode 100644
index 0000000000..5cec711696
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-jinja2/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+pytest
diff --git a/meta/recipes-devtools/python/python3-jinja2_2.11.2.bb b/meta/recipes-devtools/python/python3-jinja2_2.11.2.bb
new file mode 100644
index 0000000000..89538d2f27
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-jinja2_2.11.2.bb
@@ -0,0 +1,45 @@
+DESCRIPTION = "Python Jinja2: A small but fast and easy to use stand-alone template engine written in pure python."
+
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462"
+
+SRC_URI[sha256sum] = "89aab215427ef59c34ad58735269eb58b1a5808103067f7bb9d5836c651b3bb0"
+
+PYPI_PACKAGE = "Jinja2"
+
+CLEANBROKEN = "1"
+
+inherit pypi setuptools3
+# ptest disabled in OE-Core for now due to missing dependencies
+
+
+SRC_URI += " \
+	file://run-ptest \
+"
+
+do_install_ptest() {
+    install -d ${D}${PTEST_PATH}/tests
+    cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/
+}
+
+RDEPENDS_${PN}-ptest += " \
+	${PYTHON_PN}-pytest \
+	${PYTHON_PN}-unixadmin \
+"
+
+RDEPENDS_${PN} += " \
+    ${PYTHON_PN}-asyncio \
+    ${PYTHON_PN}-crypt \
+    ${PYTHON_PN}-io \
+    ${PYTHON_PN}-json \
+    ${PYTHON_PN}-markupsafe \
+    ${PYTHON_PN}-math \
+    ${PYTHON_PN}-netclient \
+    ${PYTHON_PN}-numbers\
+    ${PYTHON_PN}-pickle \
+    ${PYTHON_PN}-pprint \
+    ${PYTHON_PN}-shell \
+    ${PYTHON_PN}-threading \
+"
+
+BBCLASSEXTEND = "native nativesdk"
-- 
2.17.1

[OE-core][dunfell 03/41] buildtools-tarball: Add python3-jinja2

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

This is used by various pieces of the result handling code, particularly the
performance testing and we're seeing autobuilder failures that are
easiest resolved using this.

Acked-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dc6d4d438b71365f5c6f54b8482d4f01f1d0dc8e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/buildtools-tarball.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-core/meta/buildtools-tarball.bb b/meta/recipes-core/meta/buildtools-tarball.bb
index edf67ce2ad..77e1fa23cb 100644
--- a/meta/recipes-core/meta/buildtools-tarball.bb
+++ b/meta/recipes-core/meta/buildtools-tarball.bb
@@ -10,6 +10,7 @@ TOOLCHAIN_HOST_TASK ?= "\
     nativesdk-python3-modules \
     nativesdk-python3-misc \
     nativesdk-python3-git \
+    nativesdk-python3-jinja2 \
     nativesdk-python3-testtools \
     nativesdk-python3-subunit \
     nativesdk-ncurses-terminfo-base \
-- 
2.17.1

[OE-core][dunfell 04/41] site: Make sys_siglist default to no

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

glibc 2.32 has deprecated sys_siglist [1]

since no is default for musl as well, therefore elevate it to common
site file for all

[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=b1ccfc061feee9ce616444ded8e1cd5acf9fa97f

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7c19f30849e9a73a7497d8e6c4719a2e57017086)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/site/common       | 7 +++++++
 meta/site/common-glibc | 3 ---
 meta/site/common-musl  | 5 -----
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/meta/site/common b/meta/site/common
index ff552329bd..62907274d7 100644
--- a/meta/site/common
+++ b/meta/site/common
@@ -19,3 +19,10 @@ shadow_cv_passwd_dir=${bindir}
 ac_cv_buggy_getaddrinfo=no
 
 ac_cv_path_SED=${ac_cv_path_SED=sed}
+
+# General
+ac_cv_have_decl_sys_siglist=${ac_cv_have_decl_sys_siglist=no}
+
+# bash
+bash_cv_under_sys_siglist=${bash_cv_under_sys_siglist=no}
+bash_cv_sys_siglist=${bash_cv_sys_siglist=no}
diff --git a/meta/site/common-glibc b/meta/site/common-glibc
index a0680bc44c..0a665658fb 100644
--- a/meta/site/common-glibc
+++ b/meta/site/common-glibc
@@ -1,5 +1,4 @@
 # general
-ac_cv_have_decl_sys_siglist=${ac_cv_have_decl_sys_siglist=yes}
 ac_cv_func_calloc_0_nonnull=${ac_cv_func_calloc_0_nonnull=yes}
 ac_cv_func_realloc_works=${ac_cv_func_realloc_works=yes}
 ac_cv_func_realloc_0_nonnull=${ac_cv_func_realloc_0_nonnull=yes}
@@ -18,8 +17,6 @@ ac_cv_func_getaddrinfo=${ac_cv_func_getaddrinfo=yes}
 ac_cv_func_strtod=${ac_cv_func_strtod=yes}
 
 # bash
-bash_cv_under_sys_siglist=${bash_cv_under_sys_siglist=yes}
-bash_cv_sys_siglist=${bash_cv_sys_siglist=yes}
 bash_cv_getcwd_malloc=${bash_cv_getcwd_malloc=yes}
 
 # clamav
diff --git a/meta/site/common-musl b/meta/site/common-musl
index 4be8d002d6..44a7a1aea9 100644
--- a/meta/site/common-musl
+++ b/meta/site/common-musl
@@ -1,5 +1,4 @@
 # general
-ac_cv_have_decl_sys_siglist=${ac_cv_have_decl_sys_siglist=no}
 ac_cv_func_calloc_0_nonnull=${ac_cv_func_calloc_0_nonnull=yes}
 ac_cv_func_realloc_works=${ac_cv_func_realloc_works=yes}
 ac_cv_func_realloc_0_nonnull=${ac_cv_func_realloc_0_nonnull=yes}
@@ -29,10 +28,6 @@ glib_cv_have_qsort_r=${glib_cv_have_qsort_r=no}
 #dbus-glib
 ac_cv_have_abstract_sockets=${ac_cv_have_abstract_sockets=yes}
 
-# bash
-bash_cv_under_sys_siglist=${bash_cv_under_sys_siglist=no}
-bash_cv_sys_siglist=${bash_cv_sys_siglist=no}
-
 # coreutils
 fu_cv_sys_stat_statfs2_bsize=${fu_cv_sys_stat_statfs2_bsize=yes}
 gl_cv_func_getcwd_abort_bug=${gl_cv_func_getcwd_abort_bug=no}
-- 
2.17.1

[OE-core][dunfell 05/41] qemu : fix CVE-2020-16092

[Steve Sakoman]

From: Chee Yang Lee <chee.yang.lee@intel.com>

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc           |  1 +
 .../qemu/qemu/CVE-2020-16092.patch            | 45 +++++++++++++++++++
 2 files changed, 46 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index e0ea5ad477..7ce89c0023 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -47,6 +47,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
 	   file://CVE-2020-15863.patch \
 	   file://CVE-2020-14364.patch \
 	   file://CVE-2020-14415.patch \
+	   file://CVE-2020-16092.patch \
 	   "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch
new file mode 100644
index 0000000000..5085a28a4f
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch
@@ -0,0 +1,45 @@
+From 035e69b063835a5fd23cacabd63690a3d84532a8 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella <mcascell@redhat.com>
+Date: Sat, 1 Aug 2020 18:42:38 +0200
+Subject: [PATCH] hw/net/net_tx_pkt: fix assertion failure in
+ net_tx_pkt_add_raw_fragment()
+
+An assertion failure issue was found in the code that processes network packets
+while adding data fragments into the packet context. It could be abused by a
+malicious guest to abort the QEMU process on the host. This patch replaces the
+affected assert() with a conditional statement, returning false if the current
+data fragment exceeds max_raw_frags.
+
+Reported-by: Alexander Bulekov <alxndr@bu.edu>
+Reported-by: Ziming Zhang <ezrakiez@gmail.com>
+Reviewed-by: Dmitry Fleytman <dmitry.fleytman@gmail.com>
+Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+
+
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=035e69b063835a5fd23cacabd63690a3d84532a8]
+CVE: CVE-2020-16092
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ hw/net/net_tx_pkt.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
+index 9560e4a..da262ed 100644
+--- a/hw/net/net_tx_pkt.c
++++ b/hw/net/net_tx_pkt.c
+@@ -379,7 +379,10 @@ bool net_tx_pkt_add_raw_fragment(struct NetTxPkt *pkt, hwaddr pa,
+     hwaddr mapped_len = 0;
+     struct iovec *ventry;
+     assert(pkt);
+-    assert(pkt->max_raw_frags > pkt->raw_frags);
++
++    if (pkt->raw_frags >= pkt->max_raw_frags) {
++        return false;
++    }
+ 
+     if (!len) {
+         return true;
+-- 
+1.8.3.1
+
-- 
2.17.1

[OE-core][dunfell 06/41] bash : inlcude patch 17 & 18

[Steve Sakoman]

From: Chee Yang Lee <chee.yang.lee@intel.com>

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/bash/bash_5.0.bb | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/meta/recipes-extended/bash/bash_5.0.bb b/meta/recipes-extended/bash/bash_5.0.bb
index 8ff9e6edaf..12d472be57 100644
--- a/meta/recipes-extended/bash/bash_5.0.bb
+++ b/meta/recipes-extended/bash/bash_5.0.bb
@@ -21,6 +21,8 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \
            ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-014;apply=yes;striplevel=0;name=patch014 \
            ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-015;apply=yes;striplevel=0;name=patch015 \
            ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-016;apply=yes;striplevel=0;name=patch016 \
+           ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-017;apply=yes;striplevel=0;name=patch017 \
+           ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-018;apply=yes;striplevel=0;name=patch018 \
            file://execute_cmd.patch \
            file://mkbuiltins_have_stringize.patch \
            file://build-tests.patch \
@@ -65,6 +67,11 @@ SRC_URI[patch015.md5sum] = "c4c6ea23d09a74eaa9385438e48fdf02"
 SRC_URI[patch015.sha256sum] = "a517df2dda93b26d5cbf00effefea93e3a4ccd6652f152f4109170544ebfa05e"
 SRC_URI[patch016.md5sum] = "a682ed6fa2c2e7a7c3ba6bdeada07fb5"
 SRC_URI[patch016.sha256sum] = "ffd1d7a54a99fa7f5b1825e4f7e95d8c8876bc2ca151f150e751d429c650b06d"
+SRC_URI[patch017.md5sum] = "d9dcaa1d8e7a24850449a1aac43a12a9"
+SRC_URI[patch017.sha256sum] = "4cf3b9fafb8a66d411dd5fc9120032533a4012df1dc6ee024c7833373e2ddc31"
+SRC_URI[patch018.md5sum] = "a64d950d5de72ae590455b13e6afefcb"
+SRC_URI[patch018.sha256sum] = "7c314e375a105a6642e8ed44f3808b9def89d15f7492fe2029a21ba9c0de81d3"
+
 
 DEBUG_OPTIMIZATION_append_armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}"
 DEBUG_OPTIMIZATION_append_armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}"
-- 
2.17.1

[OE-core][dunfell 07/41] xserver-xorg: fix CVE-2020-14346/14361/14362

[Steve Sakoman]

From: Chee Yang Lee <chee.yang.lee@intel.com>

fix :
CVE-2020-14346
https://gitlab.freedesktop.org/xorg/xserver/-/commit/c940cc8b6c0a2983c1ec974f1b3f019795dd4cff

CVE-2020-14361
https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787

CVE-2020-14362
https://gitlab.freedesktop.org/xorg/xserver/-/commit/2902b78535ecc6821cc027351818b28a5c7fdbdc

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../xserver-xorg/CVE-2020-14346.patch         | 36 ++++++++++
 .../xserver-xorg/CVE-2020-14361.patch         | 36 ++++++++++
 .../xserver-xorg/CVE-2020-14362.patch         | 70 +++++++++++++++++++
 .../xorg-xserver/xserver-xorg_1.20.8.bb       |  3 +
 4 files changed, 145 insertions(+)
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14361.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14362.patch

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch
new file mode 100644
index 0000000000..4994a21d33
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch
@@ -0,0 +1,36 @@
+From c940cc8b6c0a2983c1ec974f1b3f019795dd4cff Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb <matthieu@herrb.eu>
+Date: Tue, 18 Aug 2020 14:49:04 +0200
+Subject: [PATCH] Fix XIChangeHierarchy() integer underflow
+
+CVE-2020-14346 / ZDI-CAN-11429
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
+
+Upstream-Status: Backport
+[https://gitlab.freedesktop.org/xorg/xserver/-/commit/c940cc8b6c0a2983c1ec974f1b3f019795dd4cff]
+CVE: CVE-2020-14346
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ Xi/xichangehierarchy.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Xi/xichangehierarchy.c b/Xi/xichangehierarchy.c
+index cbdd91258..504defe56 100644
+--- a/Xi/xichangehierarchy.c
++++ b/Xi/xichangehierarchy.c
+@@ -423,7 +423,7 @@ ProcXIChangeHierarchy(ClientPtr client)
+     if (!stuff->num_changes)
+         return rc;
+ 
+-    len = ((size_t)stuff->length << 2) - sizeof(xXIChangeHierarchyReq);
++    len = ((size_t)client->req_len << 2) - sizeof(xXIChangeHierarchyReq);
+ 
+     any = (xXIAnyHierarchyChangeInfo *) &stuff[1];
+     while (stuff->num_changes--) {
+-- 
+2.17.1
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14361.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14361.patch
new file mode 100644
index 0000000000..710cc3873c
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14361.patch
@@ -0,0 +1,36 @@
+From 144849ea27230962227e62a943b399e2ab304787 Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb <matthieu@herrb.eu>
+Date: Tue, 18 Aug 2020 14:52:29 +0200
+Subject: [PATCH] Fix XkbSelectEvents() integer underflow
+
+CVE-2020-14361 ZDI-CAN 11573
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
+
+Upstream-Status: Backport
+[https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787]
+CVE: CVE-2020-14361
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ xkb/xkbSwap.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xkb/xkbSwap.c b/xkb/xkbSwap.c
+index 1c1ed5ff4..50cabb90e 100644
+--- a/xkb/xkbSwap.c
++++ b/xkb/xkbSwap.c
+@@ -76,7 +76,7 @@ SProcXkbSelectEvents(ClientPtr client)
+         register unsigned bit, ndx, maskLeft, dataLeft, size;
+ 
+         from.c8 = (CARD8 *) &stuff[1];
+-        dataLeft = (stuff->length * 4) - SIZEOF(xkbSelectEventsReq);
++        dataLeft = (client->req_len * 4) - SIZEOF(xkbSelectEventsReq);
+         maskLeft = (stuff->affectWhich & (~XkbMapNotifyMask));
+         for (ndx = 0, bit = 1; (maskLeft != 0); ndx++, bit <<= 1) {
+             if (((bit & maskLeft) == 0) || (ndx == XkbMapNotify))
+-- 
+2.17.1
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14362.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14362.patch
new file mode 100644
index 0000000000..2103e9c198
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14362.patch
@@ -0,0 +1,70 @@
+From 2902b78535ecc6821cc027351818b28a5c7fdbdc Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb <matthieu@herrb.eu>
+Date: Tue, 18 Aug 2020 14:55:01 +0200
+Subject: [PATCH] Fix XRecordRegisterClients() Integer underflow
+
+CVE-2020-14362 ZDI-CAN-11574
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
+
+Upstream-Status: Backport
+[https://gitlab.freedesktop.org/xorg/xserver/-/commit/2902b78535ecc6821cc027351818b28a5c7fdbdc]
+CVE: CVE-2020-14362
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ record/record.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/record/record.c b/record/record.c
+index f2d38c877..be154525d 100644
+--- a/record/record.c
++++ b/record/record.c
+@@ -2500,7 +2500,7 @@ SProcRecordQueryVersion(ClientPtr client)
+ }                               /* SProcRecordQueryVersion */
+ 
+ static int _X_COLD
+-SwapCreateRegister(xRecordRegisterClientsReq * stuff)
++SwapCreateRegister(ClientPtr client, xRecordRegisterClientsReq * stuff)
+ {
+     int i;
+     XID *pClientID;
+@@ -2510,13 +2510,13 @@ SwapCreateRegister(xRecordRegisterClientsReq * stuff)
+     swapl(&stuff->nRanges);
+     pClientID = (XID *) &stuff[1];
+     if (stuff->nClients >
+-        stuff->length - bytes_to_int32(sz_xRecordRegisterClientsReq))
++        client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq))
+         return BadLength;
+     for (i = 0; i < stuff->nClients; i++, pClientID++) {
+         swapl(pClientID);
+     }
+     if (stuff->nRanges >
+-        stuff->length - bytes_to_int32(sz_xRecordRegisterClientsReq)
++        client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq)
+         - stuff->nClients)
+         return BadLength;
+     RecordSwapRanges((xRecordRange *) pClientID, stuff->nRanges);
+@@ -2531,7 +2531,7 @@ SProcRecordCreateContext(ClientPtr client)
+ 
+     swaps(&stuff->length);
+     REQUEST_AT_LEAST_SIZE(xRecordCreateContextReq);
+-    if ((status = SwapCreateRegister((void *) stuff)) != Success)
++    if ((status = SwapCreateRegister(client, (void *) stuff)) != Success)
+         return status;
+     return ProcRecordCreateContext(client);
+ }                               /* SProcRecordCreateContext */
+@@ -2544,7 +2544,7 @@ SProcRecordRegisterClients(ClientPtr client)
+ 
+     swaps(&stuff->length);
+     REQUEST_AT_LEAST_SIZE(xRecordRegisterClientsReq);
+-    if ((status = SwapCreateRegister((void *) stuff)) != Success)
++    if ((status = SwapCreateRegister(client, (void *) stuff)) != Success)
+         return status;
+     return ProcRecordRegisterClients(client);
+ }                               /* SProcRecordRegisterClients */
+-- 
+2.17.1
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb
index 5101134538..51d959f86c 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb
@@ -6,6 +6,9 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat
            file://sdksyms-no-build-path.patch \
            file://0001-drmmode_display.c-add-missing-mi.h-include.patch \
            file://CVE-2020-14347.patch \
+           file://CVE-2020-14346.patch \
+           file://CVE-2020-14361.patch \
+           file://CVE-2020-14362.patch \
            "
 SRC_URI[md5sum] = "a770aec600116444a953ff632f51f839"
 SRC_URI[sha256sum] = "d17b646bee4ba0fb7850c1cc55b18e3e8513ed5c02bdf38da7e107f84e2d0146"
-- 
2.17.1

[OE-core][dunfell 08/41] libx11: fix CVE-2020-14363

[Steve Sakoman]

From: Chee Yang Lee <chee.yang.lee@intel.com>

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../xorg-lib/libx11/CVE-2020-14363.patch      | 36 +++++++++++++++++++
 .../recipes-graphics/xorg-lib/libx11_1.6.9.bb |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14363.patch

diff --git a/meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14363.patch b/meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14363.patch
new file mode 100644
index 0000000000..60045e2890
--- /dev/null
+++ b/meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14363.patch
@@ -0,0 +1,36 @@
+From acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb <matthieu@herrb.eu>
+Date: Thu, 13 Aug 2020 18:02:58 +0200
+Subject: [PATCH] Fix an integer overflow in init_om()
+
+CVE-2020-14363
+
+This can lead to a double free later, as reported by Jayden Rivers.
+
+Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
+
+Upstream-Status: Backport
+[https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d]
+CVE: CVE-2020-14363
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ modules/om/generic/omGeneric.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/modules/om/generic/omGeneric.c b/modules/om/generic/omGeneric.c
+index c44acb88..406cec93 100644
+--- a/modules/om/generic/omGeneric.c
++++ b/modules/om/generic/omGeneric.c
+@@ -1908,7 +1908,8 @@ init_om(
+     char **required_list;
+     XOrientation *orientation;
+     char **value, buf[BUFSIZ], *bufptr;
+-    int count = 0, num = 0, length = 0;
++    int count = 0, num = 0;
++    unsigned int length = 0;
+ 
+     _XlcGetResource(lcd, "XLC_FONTSET", "on_demand_loading", &value, &count);
+     if (count > 0 && _XlcCompareISOLatin1(*value, "True") == 0)
+-- 
+GitLab
+
diff --git a/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb b/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb
index 84e0e4457e..ebd2640743 100644
--- a/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb
+++ b/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb
@@ -14,6 +14,7 @@ SRC_URI += "file://Fix-hanging-issue-in-_XReply.patch \
             file://disable_tests.patch \
             file://libx11-whitespace.patch \
             file://CVE-2020-14344.patch \
+            file://CVE-2020-14363.patch \
 "
 
 SRC_URI[md5sum] = "55adbfb6d4370ecac5e70598c4e7eed2"
-- 
2.17.1

[OE-core][dunfell 09/41] cve-update-db-native: be less magical about checking whether the cve-check class is enabled

[Steve Sakoman]

From: Chris Laplante <chris.laplante@agilent.com>

Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cbc717350b21fb417fa6f83621022ac633a26124)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 328f6ab364..2c0e508e32 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -13,8 +13,7 @@ deltask do_install
 deltask do_populate_sysroot
 
 python () {
-    cve_check_db_file = d.getVar("CVE_CHECK_DB_FILE")
-    if not cve_check_db_file:
+    if not bb.data.inherits_class("cve-check", d):
         raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.")
 
     if os.path.exists("%s-journal" % cve_check_db_file ):
-- 
2.17.1

[OE-core][dunfell 10/41] cve-update-db-native: move -journal checking into do_fetch

[Steve Sakoman]

From: Chris Laplante <chris.laplante@agilent.com>

It was always questionable to do this in an anonymous function, but now
with multiconfig it is a critical mistake and leads to more strange
"Exception: sqlite3.OperationalError: disk I/O error" errors.

Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fcbc9d0e8421a3a559db05005ba042337cd5d864)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 2c0e508e32..73da8ae6a2 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -15,12 +15,6 @@ deltask do_populate_sysroot
 python () {
     if not bb.data.inherits_class("cve-check", d):
         raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.")
-
-    if os.path.exists("%s-journal" % cve_check_db_file ):
-        os.remove("%s-journal" % cve_check_db_file)
-
-        if os.path.exists(cve_check_db_file):
-            os.remove(cve_check_db_file)
 }
 
 python do_populate_cve_db() {
@@ -41,6 +35,14 @@ python do_populate_cve_db() {
     db_dir = os.path.dirname(db_file)
     json_tmpfile = os.path.join(db_dir, 'nvd.json.gz')
 
+    if os.path.exists("{0}-journal".format(db_file)):
+        # If a journal is present the last update might have been interrupted. In that case,
+        # just wipe any leftovers and force the DB to be recreated.
+        os.remove("{0}-journal".format(db_file))
+
+        if os.path.exists(db_file):
+            os.remove(db_file)
+
     # Don't refresh the database more than once an hour
     try:
         import time
-- 
2.17.1

[OE-core][dunfell 11/41] cve-update-db-native: remove unused variable

[Steve Sakoman]

From: Chris Laplante <chris.laplante@agilent.com>

Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 790f8a5bfbd1851226fa5fc5b09e79f6396e747d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 73da8ae6a2..0cd3a1c153 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -33,7 +33,6 @@ python do_populate_cve_db() {
 
     db_file = d.getVar("CVE_CHECK_DB_FILE")
     db_dir = os.path.dirname(db_file)
-    json_tmpfile = os.path.join(db_dir, 'nvd.json.gz')
 
     if os.path.exists("{0}-journal".format(db_file)):
         # If a journal is present the last update might have been interrupted. In that case,
-- 
2.17.1

[OE-core][dunfell 12/41] alsa-plugins: improve .la removal

[Steve Sakoman]

From: Ross Burton <ross@burtonini.com>

Don't assume that the .la files are installed, because some libtool
alternatives don't install these.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e92b24368b71e4b178f81097b2a8d141c3b65481)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-multimedia/alsa/alsa-plugins_1.2.1.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-multimedia/alsa/alsa-plugins_1.2.1.bb b/meta/recipes-multimedia/alsa/alsa-plugins_1.2.1.bb
index 9882e12763..61d394b0f0 100644
--- a/meta/recipes-multimedia/alsa/alsa-plugins_1.2.1.bb
+++ b/meta/recipes-multimedia/alsa/alsa-plugins_1.2.1.bb
@@ -52,7 +52,7 @@ FILES_${PN} = ""
 ALLOW_EMPTY_${PN} = "1"
 
 do_install_append() {
-	rm ${D}${libdir}/alsa-lib/*.la
+	rm -f ${D}${libdir}/alsa-lib/*.la
 
 	if [ "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'yes', 'no', d)}" = "yes" ]; then
 		# We use the example as is. Upstream installs the file under
-- 
2.17.1

[OE-core][dunfell 13/41] sato-screenshot: improve .la removal

[Steve Sakoman]

From: Ross Burton <ross@burtonini.com>

Don't assume that the .la files are installed, because some libtool
alternatives don't install these.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e545ae3a7961111ceb4e2a468e9ec53cebfed721)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb b/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb
index f6dac2cf88..2b1f513f1c 100644
--- a/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb
+++ b/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb
@@ -21,7 +21,7 @@ inherit autotools pkgconfig features_check
 FILES_${PN} += "${libdir}/matchbox-panel/*.so"
 
 do_install_append () {
-	rm ${D}${libdir}/matchbox-panel/*.la
+	rm -f ${D}${libdir}/matchbox-panel/*.la
 }
 
 # The matchbox-panel-2 requires x11 in DISTRO_FEATURES
-- 
2.17.1

[OE-core][dunfell 14/41] insane: Check for feature check variables not being used

[Steve Sakoman]

From: Jacob Kroon <jacob.kroon@gmail.com>

Add a package QA check for wether any of the variables used by
features_check.bbclass is set while not inheriting the class itself.

Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c06489d102682504afe33f9fee3facd9628b3f57)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/insane.bbclass | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index 46d386a38b..5b18fadd60 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -28,7 +28,7 @@ WARN_QA ?= "ldflags useless-rpaths rpaths staticdev libdir xorg-driver-abi \
             pn-overrides infodir build-deps src-uri-bad \
             unknown-configure-option symlink-to-sysroot multilib \
             invalid-packageconfig host-user-contaminated uppercase-pn patch-fuzz \
-            mime mime-xdg unlisted-pkg-lics \
+            mime mime-xdg unlisted-pkg-lics unhandled-features-check \
             "
 ERROR_QA ?= "dev-so debug-deps dev-deps debug-files arch pkgconfig la \
             perms dep-cmp pkgvarcheck perm-config perm-line perm-link \
@@ -977,6 +977,16 @@ def package_qa_check_src_uri(pn, d, messages):
         if re.search(r"github\.com/.+/.+/archive/.+", url):
             package_qa_handle_error("src-uri-bad", "%s: SRC_URI uses unstable GitHub archives" % pn, d)
 
+QARECIPETEST[unhandled-features-check] = "package_qa_check_unhandled_features_check"
+def package_qa_check_unhandled_features_check(pn, d, messages):
+    if not bb.data.inherits_class('features_check', d):
+        var_set = False
+        for kind in ['DISTRO', 'MACHINE', 'COMBINED']:
+            for var in ['ANY_OF_' + kind + '_FEATURES', 'REQUIRED_' + kind + '_FEATURES', 'CONFLICT_' + kind + '_FEATURES']:
+                if d.getVar(var) is not None or d.overridedata.get(var) is not None:
+                    var_set = True
+        if var_set:
+            package_qa_handle_error("unhandled-features-check", "%s: recipe doesn't inherit features_check" % pn, d)
 
 # The PACKAGE FUNC to scan each package
 python do_package_qa () {
-- 
2.17.1

[OE-core][dunfell 15/41] insane: check for missing update-alternatives inherit

[Steve Sakoman]

From: Andrey Zhizhikin <andrey.z@gmail.com>

Add a package QA check to test if the recipe sets ALTERNATIVE variable
for any of its packages, and does not inherit update-alternatives class.
This causes the do_rootfs to fail since a proper alternative cannot be
created.

Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 24b5ccc76d5660fac38ac5346666380a0ecce359)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/insane.bbclass | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index 5b18fadd60..601b6b65bf 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -29,6 +29,7 @@ WARN_QA ?= "ldflags useless-rpaths rpaths staticdev libdir xorg-driver-abi \
             unknown-configure-option symlink-to-sysroot multilib \
             invalid-packageconfig host-user-contaminated uppercase-pn patch-fuzz \
             mime mime-xdg unlisted-pkg-lics unhandled-features-check \
+            missing-update-alternatives \
             "
 ERROR_QA ?= "dev-so debug-deps dev-deps debug-files arch pkgconfig la \
             perms dep-cmp pkgvarcheck perm-config perm-line perm-link \
@@ -988,6 +989,14 @@ def package_qa_check_unhandled_features_check(pn, d, messages):
         if var_set:
             package_qa_handle_error("unhandled-features-check", "%s: recipe doesn't inherit features_check" % pn, d)
 
+QARECIPETEST[missing-update-alternatives] = "package_qa_check_missing_update_alternatives"
+def package_qa_check_missing_update_alternatives(pn, d, messages):
+    # Look at all packages and find out if any of those sets ALTERNATIVE variable
+    # without inheriting update-alternatives class
+    for pkg in (d.getVar('PACKAGES') or '').split():
+        if d.getVar('ALTERNATIVE_%s' % pkg) and not bb.data.inherits_class('update-alternatives', d):
+            package_qa_handle_error("missing-update-alternatives", "%s: recipe defines ALTERNATIVE_%s but doesn't inherit update-alternatives. This might fail during do_rootfs later!" % (pn, pkg), d)
+
 # The PACKAGE FUNC to scan each package
 python do_package_qa () {
     import subprocess
-- 
2.17.1

[OE-core][dunfell 16/41] xinput-calibrator: change SRC_URI to branch with libinput support

[Steve Sakoman]

Since "conf: Use xf86-input-libinput by default" [1] there are
reports [2] of xinput-calibrator failing because it expects
xf86-input-evdev and with the above patch xf86-input-libinput
takes precedence.

Fix this issue by using a branch of xinput calibrator which supports
xf86-input-libinput.

[1] https://git.openembedded.org/openembedded-core/commit/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc?id=2d005faff6341a81a2afae28860101ba9db51ae8
[2] https://www.yoctoproject.org/pipermail/yocto/2018-December/043487.html

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d3b2302bcc1594e663183134793cf4aca8f4df41)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../xinput-calibrator/xinput-calibrator_git.bb                | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
index 4f831932e7..d2a16643fe 100644
--- a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
+++ b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
@@ -11,8 +11,8 @@ inherit autotools pkgconfig features_check
 # depends on virtual/libx11
 REQUIRED_DISTRO_FEATURES = "x11"
 
-SRCREV = "03dadf55109bd43d3380f040debe9f82f66f2f35"
-SRC_URI = "git://github.com/tias/xinput_calibrator.git \
+SRCREV = "18ec53f1cada39f905614ebfaffed5c7754ecf46"
+SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput \
            file://30xinput_calibrate.sh \
            file://Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch \
            file://0001-calibrator.hh-Include-string-to-get-std-string.patch \
-- 
2.17.1

[OE-core][dunfell 17/41] dropbear/openssh: Lower priority of key generation

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Where we have images with PAM+systemd, serial login can be extremely
slow. The load generated by key generation does slow down the rest
of the boot process.

Lower the priority level of these systemd services, since we'd
prefer to have the rest of the system boot more effectively.

This doesn't "solve" the slow systemd boot issues but does help.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 087700665284c08ba846e52b6b86276629f5f1cd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service | 1 +
 meta/recipes-core/dropbear/dropbear/dropbearkey.service       | 1 +
 2 files changed, 2 insertions(+)

diff --git a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
index 603c33787f..fd81793d51 100644
--- a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
+++ b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
@@ -6,3 +6,4 @@ RequiresMountsFor=/var /run
 ExecStart=@LIBEXECDIR@/sshd_check_keys
 Type=oneshot
 RemainAfterExit=yes
+Nice=10
diff --git a/meta/recipes-core/dropbear/dropbear/dropbearkey.service b/meta/recipes-core/dropbear/dropbear/dropbearkey.service
index c49053d57c..71a12a6110 100644
--- a/meta/recipes-core/dropbear/dropbear/dropbearkey.service
+++ b/meta/recipes-core/dropbear/dropbear/dropbearkey.service
@@ -11,3 +11,4 @@ Type=oneshot
 ExecStart=@BASE_BINDIR@/mkdir -p ${DROPBEAR_RSAKEY_DIR}
 ExecStart=@SBINDIR@/dropbearkey -t rsa -f ${DROPBEAR_RSAKEY_DIR}/dropbear_rsa_host_key
 RemainAfterExit=yes
+Nice=10
-- 
2.17.1

[OE-core][dunfell 18/41] testexport: rename create_tarball method

[Steve Sakoman]

From: Konrad Weihmann <kweihmann@outlook.com>

as otherwise when using it in combination with archiver.bbclass we would
have 2 methods of the same name but with different signatures
leading to various hard to understand exceptions

Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ce0c1cb2fc67881d2edcbe269ea934917ccfb48a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/testexport.bbclass | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/classes/testexport.bbclass b/meta/classes/testexport.bbclass
index 59cbaefbf9..1b0fb44a4a 100644
--- a/meta/classes/testexport.bbclass
+++ b/meta/classes/testexport.bbclass
@@ -137,7 +137,7 @@ def copy_needed_files(d, tc):
                 shutil.rmtree(os.path.join(subdir, dir))
 
     # Create tar file for common parts of testexport
-    create_tarball(d, "testexport.tar.gz", d.getVar("TEST_EXPORT_DIR"))
+    testexport_create_tarball(d, "testexport.tar.gz", d.getVar("TEST_EXPORT_DIR"))
 
     # Copy packages needed for runtime testing
     package_extraction(d, tc.suites)
@@ -146,7 +146,7 @@ def copy_needed_files(d, tc):
         export_pkg_dir = os.path.join(d.getVar("TEST_EXPORT_DIR"), "packages")
         oe.path.copytree(test_pkg_dir, export_pkg_dir)
         # Create tar file for packages needed by the DUT
-        create_tarball(d, "testexport_packages_%s.tar.gz" % d.getVar("MACHINE"), export_pkg_dir)
+        testexport_create_tarball(d, "testexport_packages_%s.tar.gz" % d.getVar("MACHINE"), export_pkg_dir)
 
     # Copy SDK
     if d.getVar("TEST_EXPORT_SDK_ENABLED") == "1":
@@ -159,11 +159,11 @@ def copy_needed_files(d, tc):
         shutil.copy2(tarball_path, export_sdk_dir)
 
         # Create tar file for the sdk
-        create_tarball(d, "testexport_sdk_%s.tar.gz" % d.getVar("SDK_ARCH"), export_sdk_dir)
+        testexport_create_tarball(d, "testexport_sdk_%s.tar.gz" % d.getVar("SDK_ARCH"), export_sdk_dir)
 
     bb.plain("Exported tests to: %s" % export_path)
 
-def create_tarball(d, tar_name, src_dir):
+def testexport_create_tarball(d, tar_name, src_dir):
 
     import tarfile
 
-- 
2.17.1

[OE-core][dunfell 19/41] packagegroups: remove strace and lttng-tools for rv32/musl

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

These tools are not yet ported to rv32/musl

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cf963ef65d524256c2d00e0588cd3b8b7ef56ff4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../packagegroups/packagegroup-core-tools-debug.bb           | 5 ++++-
 .../packagegroups/packagegroup-core-tools-profile.bb         | 1 +
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb b/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb
index 81fbdf4608..283c1f1a35 100644
--- a/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb
+++ b/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb
@@ -13,9 +13,12 @@ PR = "r3"
 MTRACE = ""
 MTRACE_libc-glibc = "libc-mtrace"
 
+STRACE = "strace"
+STRACE_riscv32_libc-musl = ""
+
 RDEPENDS_${PN} = "\
     gdb \
     gdbserver \
-    strace \
     ${MTRACE} \
+    ${STRACE} \
     "
diff --git a/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb b/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb
index ac180b542a..9fd2569a04 100644
--- a/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb
+++ b/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb
@@ -41,6 +41,7 @@ LTTNGUST_arc = ""
 
 LTTNGTOOLS = "lttng-tools"
 LTTNGTOOLS_arc = ""
+LTTNGTOOLS_riscv32_libc-musl = ""
 
 LTTNGMODULES = "lttng-modules"
 LTTNGMODULES_arc = ""
-- 
2.17.1

[OE-core][dunfell 20/41] curl: Change SRC_URI from http to https

[Steve Sakoman]

From: Randy MacLeod <randy.macleod@windriver.com>

The official links on:
   https://curl.haxx.se/download.html
use https now and we're seeing this warning:
   WARNING: curl-native-7.72.0-r0 do_fetch: Failed to fetch URL http://curl.haxx.se/download/curl-7.72.0.tar.bz2, attempting MIRRORS if available

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0aa24abf6c4d68efa63026d2496b6adc16734d35)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/curl/curl_7.69.1.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb
index dfcd533c80..239852db09 100644
--- a/meta/recipes-support/curl/curl_7.69.1.bb
+++ b/meta/recipes-support/curl/curl_7.69.1.bb
@@ -5,7 +5,7 @@ SECTION = "console/network"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531"
 
-SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
+SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \
            file://0001-replace-krb5-config-with-pkg-config.patch \
            file://CVE-2020-8169.patch \
            file://CVE-2020-8177.patch \
-- 
2.17.1

[OE-core][dunfell 21/41] meta: add/fix invalid Upstream-Status tags

[Steve Sakoman]

From: Ross Burton <ross@burtonini.com>

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 630ce8130598e2bca7231ac28a7cc18b5b942544)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...1-setup.py-pass-missing-libraries-to-Extension-for-mul.patch | 2 +-
 .../qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch | 2 +-
 .../ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch           | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch b/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch
index d38ed61dd7..ea0af02e72 100644
--- a/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch
+++ b/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch
@@ -46,7 +46,7 @@ ValueError: semaphore or lock released too many times
 
 And the semaphore issue also caused multiprocessing.Queue().put() hung.
 
-Upstream-Status: Pensing
+Upstream-Status: Pending
 
 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
 Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
diff --git a/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch b/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch
index eccac0509c..22f97c696e 100644
--- a/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch
+++ b/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch
@@ -6,7 +6,7 @@ Subject: [PATCH] qemu: Do not include file if not exists
 Script configure checks for if_alg.h and check failed but
 if_alg.h still included.
 
-Upstream-status: Submitted [https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg07188.html]
+Upstream-Status: Submitted [https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg07188.html]
 Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com>
 ---
  linux-user/syscall.c | 2 ++
diff --git a/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch b/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch
index 5622a64d43..d77990e0e2 100644
--- a/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch
+++ b/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch
@@ -5,7 +5,7 @@ Subject: [PATCH] guard mallocopt() with __GLIBC__
 
 mallocopt is not available on non glibc implementations
 
-Upstream-Status: Pending
+Upstream-Status: Accepted [967612c454aea66770b64f69287671037fe895b3]
 
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
-- 
2.17.1

[OE-core][dunfell 22/41] buildtools: Handle generic environment setup injection

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Currently buildtools has its own hacked environment setup. We added
capability for generic script fragements but this code was never updated
to use it even if several components it contains needs it.

Remove a hardcoded variable in favour of the generic scripts to
avoid bugs in this area in future. The others should probably be
migrated to environment files in future too but there isn't such
a file for those at present.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb210cee4bd71614dd108027e6d5aa8f8d451b27)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/buildtools-tarball.bb | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/meta/recipes-core/meta/buildtools-tarball.bb b/meta/recipes-core/meta/buildtools-tarball.bb
index 77e1fa23cb..44d658687d 100644
--- a/meta/recipes-core/meta/buildtools-tarball.bb
+++ b/meta/recipes-core/meta/buildtools-tarball.bb
@@ -67,16 +67,19 @@ create_sdk_files_append () {
 	script=${1:-${SDK_OUTPUT}/${SDKPATH}/environment-setup-${SDK_SYS}}
 	touch $script
 	echo 'export PATH=${SDKPATHNATIVE}${bindir_nativesdk}:$PATH' >> $script
-	# In order for the self-extraction script to correctly extract and set up things,
-	# we need a 'OECORE_NATIVE_SYSROOT=xxx' line in environment setup script.
-	# However, buildtools-tarball is inherently a tool set instead of a fully functional SDK,
-	# so instead of exporting the variable, we use a comment here.
-	echo '#OECORE_NATIVE_SYSROOT="${SDKPATHNATIVE}"' >> $script
-	toolchain_create_sdk_version ${SDK_OUTPUT}/${SDKPATH}/version-${SDK_SYS}
-
+	echo 'export OECORE_NATIVE_SYSROOT="${SDKPATHNATIVE}"' >> $script
 	echo 'export GIT_SSL_CAINFO="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
 	echo 'export SSL_CERT_FILE="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
-	echo 'export OPENSSL_CONF="${SDKPATHNATIVE}${sysconfdir}/ssl/openssl.cnf"' >>$script
+
+	toolchain_create_sdk_version ${SDK_OUTPUT}/${SDKPATH}/version-${SDK_SYS}
+
+	cat >> $script <<EOF
+if [ -d "\$OECORE_NATIVE_SYSROOT/environment-setup.d" ]; then
+	for envfile in \$OECORE_NATIVE_SYSROOT/environment-setup.d/*.sh; do
+		. \$envfile
+	done
+fi
+EOF
 
 	mkdir -p ${SDK_OUTPUT}/${SDKPATHNATIVE}${sysconfdir}/
 	echo '${SDKPATHNATIVE}${libdir}
-- 
2.17.1

[OE-core][dunfell 23/41] buildtools-tarball: Fix conflicts with oe-selftest and other tooling

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

OECORE_NATIVE_SYSROOT is used by tools like oe-run-native and hence
we were seeing selftest failures when newer buildtools-tarballs that
use this were run on the autobuilder.

Unset the variable after use to avoid these issues.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ea5128fde10eb9be7fefbbb87ae6181edd2bcdff)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/buildtools-tarball.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-core/meta/buildtools-tarball.bb b/meta/recipes-core/meta/buildtools-tarball.bb
index 44d658687d..434ffdc334 100644
--- a/meta/recipes-core/meta/buildtools-tarball.bb
+++ b/meta/recipes-core/meta/buildtools-tarball.bb
@@ -79,6 +79,9 @@ if [ -d "\$OECORE_NATIVE_SYSROOT/environment-setup.d" ]; then
 		. \$envfile
 	done
 fi
+# We have to unset this else it can confuse oe-selftest and other tools
+# which may also use the overlapping namespace.
+unset OECORE_NATIVE_SYSROOT
 EOF
 
 	mkdir -p ${SDK_OUTPUT}/${SDKPATHNATIVE}${sysconfdir}/
-- 
2.17.1

[OE-core][dunfell 24/41] oeqa/qemurunner: Increase serial timeout

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Increase the serial login timeout from 60 to 120s. This seems like a
long time, however for a qemumips image with systemd+PAM and openssh,
(e.g. core-image-sato-sdk + DISTRO=poky-altcfg), the getty connects
to systemd's pam module which waits on logind and 45s for all this
to happen at the same time as things like ssh key generation happens
is not unknown.

Increase the timeout to match the longer times we know these things
can take in the worst case scenarios since we're tired of intermittent
issues related to the serial login affecting the autobuilder.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d8b4292db741de660f756dfb766210814d587b7a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/utils/qemurunner.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/utils/qemurunner.py b/meta/lib/oeqa/utils/qemurunner.py
index 519aa9aa1e..77ec939ad7 100644
--- a/meta/lib/oeqa/utils/qemurunner.py
+++ b/meta/lib/oeqa/utils/qemurunner.py
@@ -393,7 +393,7 @@ class QemuRunner:
 
         # If we are not able to login the tests can continue
         try:
-            (status, output) = self.run_serial(self.boot_patterns['send_login_user'], raw=True)
+            (status, output) = self.run_serial(self.boot_patterns['send_login_user'], raw=True, timeout=120)
             if re.search(self.boot_patterns['search_login_succeeded'], output):
                 self.logged = True
                 self.logger.debug("Logged as root in serial console")
-- 
2.17.1

[OE-core][dunfell 25/41] oeqa/selftest/incompatible_lib: Fix append usage

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

It's pure luck this has worked so far, add a missing space to the append.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 793e0575b1cebb953276b5f93ff31e48c19779c8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/incompatible_lic.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/cases/incompatible_lic.py b/meta/lib/oeqa/selftest/cases/incompatible_lic.py
index 3eabd79097..2a6382a1a8 100644
--- a/meta/lib/oeqa/selftest/cases/incompatible_lic.py
+++ b/meta/lib/oeqa/selftest/cases/incompatible_lic.py
@@ -85,7 +85,7 @@ class IncompatibleLicenseTests(OESelftestTestCase):
 class IncompatibleLicensePerImageTests(OESelftestTestCase):
     def default_config(self):
         return """
-IMAGE_INSTALL_append = "bash"
+IMAGE_INSTALL_append = " bash"
 INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0"
 """
 
-- 
2.17.1

[OE-core][dunfell 26/41] oeqa/selftest/containerimage: Update to match assumptions in configuration

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Assumptions in the test mean it doesn't work with ssh-pregen-hostkeys.
It also doesn't work with systemd. Update the configuration to make
sure neither of these effect the test.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e2f277657f1db6a0f805ac07d318a3850535d695)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/containerimage.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/containerimage.py b/meta/lib/oeqa/selftest/cases/containerimage.py
index c0998e319e..4ad7f0e654 100644
--- a/meta/lib/oeqa/selftest/cases/containerimage.py
+++ b/meta/lib/oeqa/selftest/cases/containerimage.py
@@ -42,6 +42,9 @@ IMAGE_FSTYPES = "container"
 PACKAGE_CLASSES = "package_ipk"
 IMAGE_FEATURES = ""
 IMAGE_BUILDINFO_FILE = ""
+INIT_MANAGER = "sysvinit"
+IMAGE_INSTALL_remove = "ssh-pregen-hostkeys"
+
 """)
 
         bbvars = get_bb_vars(['bindir', 'sysconfdir', 'localstatedir',
-- 
2.17.1

[OE-core][dunfell 27/41] ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keys

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Host keys are getting bigger and taking an ever increasing amount of time
to generate. Whilst we do need to test that works, we don't need to test
it in every image. Add a recipe which can be added to images with
pre-generated keys, allowing us to speed up tests on the autobuilder
where it makes sense to.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c6c7d16437cbd5ccbee1b99a2154c33fdbac9299)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/distro/include/maintainers.inc      |   1 +
 .../ssh-pregen-hostkeys/dropbear_rsa_host_key | Bin 0 -> 805 bytes
 .../openssh/ssh_host_ecdsa_key                |   9 +++++
 .../openssh/ssh_host_ecdsa_key.pub            |   1 +
 .../openssh/ssh_host_ed25519_key              |   7 ++++
 .../openssh/ssh_host_ed25519_key.pub          |   1 +
 .../openssh/ssh_host_rsa_key                  |  38 ++++++++++++++++++
 .../openssh/ssh_host_rsa_key.pub              |   1 +
 .../ssh-pregen-hostkeys_1.0.bb                |  19 +++++++++
 9 files changed, 77 insertions(+)
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub
 create mode 100644 meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb

diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 9b0a3997c4..ff962a3be9 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -642,6 +642,7 @@ RECIPE_MAINTAINER_pn-speex = "Tanu Kaskinen <tanuk@iki.fi>"
 RECIPE_MAINTAINER_pn-speexdsp = "Tanu Kaskinen <tanuk@iki.fi>"
 RECIPE_MAINTAINER_pn-sqlite3 = "Anuj Mittal <anuj.mittal@intel.com>"
 RECIPE_MAINTAINER_pn-squashfs-tools = "Robert Yang <liezhi.yang@windriver.com>"
+RECIPE_MAINTAINER_pn-ssh-pregen-hostkeys = "Richard Purdie <richard.purdie@linuxfoundation.org>"
 RECIPE_MAINTAINER_pn-startup-notification = "Alexander Kanavin <alex.kanavin@gmail.com>"
 RECIPE_MAINTAINER_pn-strace = "Robert Yang <liezhi.yang@windriver.com>"
 RECIPE_MAINTAINER_pn-stress-ng = "Anuj Mittal <anuj.mittal@intel.com>"
diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key
new file mode 100644
index 0000000000000000000000000000000000000000..30443c94388530f82308f41517839c8932026eec
GIT binary patch
literal 805
zcmV+=1KRum000Mbb7(Dcb724g00RL40RR920RW_9o<Q`&RLY?p;cQBYl_0xM7ker@
z#>e=VPY-g{TMU)xikgot*E3d4mq}vnGGMFK&?`3lQuzp%&bLmM?!~`G;T{U;4Y_oX
ztW&5pYa=!AY~l?MU+0l28E$@8(~zi5Bd|IC1+@_wEtWbRYFyfC@g&!whp05e8cXIs
zAO2$|o3V1#D_vFi`9{vpf^~zgpZ#hwyW(^VKuj<OzgVE^XFF~}ce5HLEhMA_A#DjB
zr|?tGWY(1vcP3@X_D<(~^_D`?%NDne77p}AN|!y909XYC`_sATu*WrQf(gmixEp2-
z>$8a#0)WG<q}MUu|8+c0X4jT;_QU9xX=4BY0RR*iF07uNPP`KH&1{G<hh4xnn%0dY
zP#Ae@xR_Z!^$9gP{n3QwBhy^nPrHKA9b%3xtLoGy16TJlVr!|nt%cHREwUHDBZ)#&
zIuv0};sB&0b(1XUZ=R#^gKw)AJ->viB+c<qch4BVT!3pT)F^ZFH1vHt`w`Y0@D@##
z@@ZGZ%D<}4p}ve0)Xwh;edfrl=)p&V9UGh~&x8Yu)sWosd`Y;+BqJ~l)2TH)09_+3
zZ4`?ekchIl<e1h>_qjZCYr4Lp0K;iIPX5{`t64nTmV(|FuFJ&BZ$BAyJg?pxXg<a)
zbV^FhSAdt5<k_}IRCaywz#yJWqIS6&l<@!n0D%Ccn(fVgheZMOMklNB@_0x97I^c(
z)g%(nv9r;~j;->7$f}g_o>)88b=v%Es_PL7V(*H}r1F5#*9l3)Gfn<ql<Ti$LHrEj
zS-L{YkFoPvZ(fHzZ3tgU=!A>JlT_mL2YLkdI4|&EdH&9vMig5l?U-%Rc`5EN%eoyF
zuVc{w004mi|Ec<oe#A0Q9VqAgVm(o9sLt1ZfurNgFvIvhY0&q8+JQroO#OAF8r-iY
zN-Z{|f9K{)ifw^eNk}eKb<KvqcQ0#>dX6Z%1|5s(MS`eaRn9_0H4of0ISncPXCoP&
jnu6P-g&8cZCSpI?z=;2?Sr97OqIjGUAl>AZv%QM*=5vR&

literal 0
HcmV?d00001

diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key
new file mode 100644
index 0000000000..86c2104ec8
--- /dev/null
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key
@@ -0,0 +1,9 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
+1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRJR6iZxr/NTqQN9NOwV+WPtu42r2eF
+rJ0xsnlqw5bpmfz6aDR8RQvVHUZjRGQfR/RXPbQ5x+bjjdm176TuXNhHAAAAqAoE27MKBN
+uzAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA30
+07BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2E
+cAAAAgLiHv/IWhxwosz9BiNILOOPlXaueL5hVTBKUJkpOi48sAAAANcm9vdEBxZW11bWlw
+cwECAw==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub
new file mode 100644
index 0000000000..a358aeb88a
--- /dev/null
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA3007BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2Ec= root@qemupregen
diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key
new file mode 100644
index 0000000000..00ed9adae2
--- /dev/null
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbwAAAJChFtV0oRbV
+dAAAAAtzc2gtZWQyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbw
+AAAEA8UiUsygsTbP0HkDi5leXpQaVXihDyCHeitkBCItJGhcdIVMBsnc5N3WvUTwbkmV4K
+awkSlAeZ1Ma0xxirBZtvAAAADXJvb3RAcWVtdW1pcHM=
+-----END OPENSSH PRIVATE KEY-----
diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub
new file mode 100644
index 0000000000..cc0e2f43ed
--- /dev/null
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdIVMBsnc5N3WvUTwbkmV4KawkSlAeZ1Ma0xxirBZtv root@qemupregen
diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key
new file mode 100644
index 0000000000..a8e4406ba3
--- /dev/null
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key
@@ -0,0 +1,38 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAYEA2Q6dzF1xziCQCFq+e+Fv6w0607gNlyKnkhuoRq8G7/HEqXU2eEtC
+i3AMUrAP8k7s9kP5vI5CyfSgFuC9MxDV2YL2bsmvRxBSKgg6KbNxkoTaFBqyqHopuWQca8
+KRahvzt5dh9fsmeqamIwgMWKTSwtDHcsbyt84nmO2Z2ZrNXobgueMIj+HiJVgmWn86FQFL
+EoONAA+qb4SciPsxvmTlaQ/DMAh3llVo/IMLD9oyAyAI2kbHNnZttlYv5TmY7ICd3yCW8z
+PXrxNcEF3Qs1d68gVJxLjLKTlYGzJW2J+RwY+1DJZ0w4lozeQiZXTXVtzcJB0tm2DcvQMz
+kqyARmncSUwcPbEClEW6Y2xQnLeSHjexzlCCndiUbBTeG5iRl4OL6DN40iI9Lw2VROtj2Y
+59n9PCfaoUs08dsgJLaNrDbRHrCRLSdZJ6OQFiC/nAx/t4e4+wdUgNOqLyJqomdNdaLXPq
+tzr9ssrcY5j1DmmwKtzfTI5VM9LRQo+REIiUCNTFAAAFiFh232tYdt9rAAAAB3NzaC1yc2
+EAAAGBANkOncxdcc4gkAhavnvhb+sNOtO4DZcip5IbqEavBu/xxKl1NnhLQotwDFKwD/JO
+7PZD+byOQsn0oBbgvTMQ1dmC9m7Jr0cQUioIOimzcZKE2hQasqh6KblkHGvCkWob87eXYf
+X7JnqmpiMIDFik0sLQx3LG8rfOJ5jtmdmazV6G4LnjCI/h4iVYJlp/OhUBSxKDjQAPqm+E
+nIj7Mb5k5WkPwzAId5ZVaPyDCw/aMgMgCNpGxzZ2bbZWL+U5mOyAnd8glvMz168TXBBd0L
+NXevIFScS4yyk5WBsyVtifkcGPtQyWdMOJaM3kImV011bc3CQdLZtg3L0DM5KsgEZp3ElM
+HD2xApRFumNsUJy3kh43sc5Qgp3YlGwU3huYkZeDi+gzeNIiPS8NlUTrY9mOfZ/Twn2qFL
+NPHbICS2jaw20R6wkS0nWSejkBYgv5wMf7eHuPsHVIDTqi8iaqJnTXWi1z6rc6/bLK3GOY
+9Q5psCrc30yOVTPS0UKPkRCIlAjUxQAAAAMBAAEAAAGAGIj+bUtiwdoMbeVUAszIydkE/U
+mgv6S7LFjT/KlsL1M017LYJWDcdMaFnhMouksRngSxBg9OnWV5cxyURmFwytVy5bMGjRHb
+N8UWTgBqphU+UWdzKngkn0AhtkyYA1aFhgsml5d8EgEkZnFSc/KtoDfZU7AJX519/FtfOK
+m27Shx3pE7Nohh97avHyuidR1gTwdvuMIMke57g0BhrxPYmredaKCMZAHjjCeD6JbRcGj+
+ly3I9u8MF8BGSbLpBlLDUFCwP8G5CdmMua8bPJYhPSRqMLQhclI7hc6FaYk+gZV9B74Iv/
+SAxcCwI97dNbE0IAsbbWoUdoKGpAYQ5gOdhu5ioqZwKWjNjB3Xx48mq8xtmIR9HEnYzEnk
+b/tDWNRWrGkvNK7vpLvnbsSSKBqOAbMzmQdJxogTgjE5doSmu2/krIMR6KUcUox2ZrR8Ot
+JM6bXyNFBviiXmYvw/SZTDrVJu8BPMu5EMS5pBl8jPFBGI/ePk4qg7lWAJeQ89ThtBAAAA
+wQDEU4HjomWwJsn9UWdoodXTV5aPY9B1OPkmYnRPtsjSAcXgtBzUXMEOsmXODOK3aQjsE0
+jQKpWDAUcUf6KKZKRehxUN4MlwujCG9czn65S6B8BsP1YUfZQjpNyub8vDBfeKzlxKBEEM
+lb4iBT+LEGkihK13H5CbqRg1GDAThZzwrV4pj3S40zgyHhn8JjK4x4djEY6NwkWH8E2DgD
+8vYG/FKh5E/VIZtCgtAHa4QNAgGB4VMRn1VpSJzxjCxb1wancAAADBAPT7F34WYEI3Vc52
+p1U5rPa6dZtg5QM14V0+KtMlb3frd0/F+JVj4t6COQ8J9pkOuD0YjOYJuFXIWAAYIjCdWt
+cbTi/sSERawOWxrgSwJo2vjt5izrBQtr3N8tiB6KDGa5sdgJl5XzJ0SsdStfBbyhcJO4RV
+p9lc+X8OsUfFsClmyIs45vlxBRH06DP6/zmYCAmqvlrfZJKqlpKAEWDDObRy/3+mSNhZ0J
+BdmncASiASRlPPIoIHznyA1COUn6+TnwAAAMEA4tH89Dez2JauyPVeCyHAC680vrBKjmMx
+WYdpq2Xzd/LNl2L9oc0IEZzerLTuaCh6qsbbk2wWj1nrYXvefz/xUtDR427tvRXckcsWhP
+2HYohdYBkwTpp9QuscIV76GdwbTImuNEzvABH1hpTG6DSzqeyf/EVmSq07nptJIs5lpU49
+tW2aWraSvswHR9xfts1U79w9f4BNDy1rTmfuLERTRNF/T9CIFsk9tArLUNT64mhHtoEs8F
+9AyGuq6v49bN0bAAAADXJvb3RAcWVtdW1pcHMBAgMEBQ==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub
new file mode 100644
index 0000000000..9eb8c3838f
--- /dev/null
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZDp3MXXHOIJAIWr574W/rDTrTuA2XIqeSG6hGrwbv8cSpdTZ4S0KLcAxSsA/yTuz2Q/m8jkLJ9KAW4L0zENXZgvZuya9HEFIqCDops3GShNoUGrKoeim5ZBxrwpFqG/O3l2H1+yZ6pqYjCAxYpNLC0MdyxvK3zieY7ZnZms1ehuC54wiP4eIlWCZafzoVAUsSg40AD6pvhJyI+zG+ZOVpD8MwCHeWVWj8gwsP2jIDIAjaRsc2dm22Vi/lOZjsgJ3fIJbzM9evE1wQXdCzV3ryBUnEuMspOVgbMlbYn5HBj7UMlnTDiWjN5CJldNdW3NwkHS2bYNy9AzOSrIBGadxJTBw9sQKURbpjbFCct5IeN7HOUIKd2JRsFN4bmJGXg4voM3jSIj0vDZVE62PZjn2f08J9qhSzTx2yAkto2sNtEesJEtJ1kno5AWIL+cDH+3h7j7B1SA06ovImqiZ011otc+q3Ov2yytxjmPUOabAq3N9MjlUz0tFCj5EQiJQI1MU= root@qemupregen
diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
new file mode 100644
index 0000000000..ddd10e6eeb
--- /dev/null
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
@@ -0,0 +1,19 @@
+SUMMARY = "Pre generated host keys mainly for speeding up our qemu tests"
+
+SRC_URI = "file://dropbear_rsa_host_key \
+           file://openssh"
+
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+do_install () {
+	install -d ${D}${sysconfdir}/dropbear
+	install ${WORKDIR}/dropbear_rsa_host_key -m 0600 ${D}${sysconfdir}/dropbear/
+
+	install -d ${D}${sysconfdir}/ssh
+	install ${WORKDIR}/openssh/* ${D}${sysconfdir}/ssh/
+	chmod 0600 ${D}${sysconfdir}/ssh/*
+	chmod 0644 ${D}${sysconfdir}/ssh/*.pub
+}
\ No newline at end of file
-- 
2.17.1

[OE-core][dunfell 28/41] bash: fix CVE-2019-18276

[Steve Sakoman]

From: De Huo <De.Huo@windriver.com>

An issue was discovered in disable_priv_mode in shell.c in GNU Bash
through 5.0 patch 11. By default, if Bash is run with its effective UID
not equal to its real UID, it will drop privileges by setting its
effective UID to its real UID. However, it does so incorrectly. On Linux
and other systems that support "saved UID" functionality, the saved UID
is not dropped. An attacker with command execution in the shell can use
"enable -f" for runtime loading of a new builtin, which can be a shared
object that calls setuid() and therefore regains privileges. However,
binaries running with an effective UID of 0 are unaffected.

Get the patch from [1] to fix the issue.

[1] https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=951bdaa

Signed-off-by: De Huo <De.Huo@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6f01acae9c279e0a580f46d1ba4c015caa3f8c2c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../bash/bash/bash-CVE-2019-18276.patch       | 386 ++++++++++++++++++
 meta/recipes-extended/bash/bash_5.0.bb        |   1 +
 2 files changed, 387 insertions(+)
 create mode 100644 meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch

diff --git a/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch b/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch
new file mode 100644
index 0000000000..7b2073201e
--- /dev/null
+++ b/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch
@@ -0,0 +1,386 @@
+From 951bdaad7a18cc0dc1036bba86b18b90874d39ff Mon Sep 17 00:00:00 2001
+From: Chet Ramey <chet.ramey@case.edu>
+Date: Mon, 1 Jul 2019 09:03:53 -0400
+Subject: [PATCH] commit bash-20190628 snapshot
+
+An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11.
+By default, if Bash is run with its effective UID not equal to its real UID,
+it will drop privileges by setting its effective UID to its real UID.
+However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality,
+the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for
+runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore
+regains privileges. However, binaries running with an effective UID of 0 are unaffected.
+
+Get the patch from [1] to fix the issue.
+
+Upstream-Status: Inappropriate [the upstream thinks it doesn't increase the credibility of CVEs in general]
+CVE: CVE-2019-18276
+
+[1] https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=951bdaa
+
+Signed-off-by: De Huo <De.Huo@windriver.com>
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ MANIFEST          |  2 ++
+ bashline.c        | 50 +-------------------------------------------------
+ builtins/help.def |  2 +-
+ config.h.in       | 10 +++++++++-
+ configure.ac      |  1 +
+ doc/bash.1        |  3 ++-
+ doc/bashref.texi  |  3 ++-
+ lib/glob/glob.c   |  5 ++++-
+ pathexp.c         | 16 ++++++++++++++--
+ shell.c           |  8 ++++++++
+ tests/glob.tests  |  2 ++
+ tests/glob6.sub   | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ tests/glob7.sub   | 11 +++++++++++
+ 14 files changed, 122 insertions(+), 56 deletions(-)
+ create mode 100644 tests/glob6.sub
+ create mode 100644 tests/glob7.sub
+
+diff --git a/MANIFEST b/MANIFEST
+index 03de221..f9ccad7 100644
+--- a/MANIFEST
++++ b/MANIFEST
+@@ -1037,6 +1037,8 @@ tests/extglob3.tests	f
+ tests/extglob3.right	f
+ tests/extglob4.sub	f
+ tests/extglob5.sub	f
++tests/glob6.sub		f
++tests/glob7.sub		f
+ tests/func.tests	f
+ tests/func.right	f
+ tests/func1.sub		f
+diff --git a/bashline.c b/bashline.c
+index 824ea9d..d86b47d 100644
+--- a/bashline.c
++++ b/bashline.c
+@@ -3718,55 +3718,7 @@ static int
+ completion_glob_pattern (string)
+      char *string;
+ {
+-  register int c;
+-  char *send;
+-  int open;
+-
+-  DECLARE_MBSTATE;
+-
+-  open = 0;
+-  send = string + strlen (string);
+-
+-  while (c = *string++)
+-    {
+-      switch (c)
+-	{
+-	case '?':
+-	case '*':
+-	  return (1);
+-
+-	case '[':
+-	  open++;
+-	  continue;
+-
+-	case ']':
+-	  if (open)
+-	    return (1);
+-	  continue;
+-
+-	case '+':
+-	case '@':
+-	case '!':
+-	  if (*string == '(')	/*)*/
+-	    return (1);
+-	  continue;
+-
+-	case '\\':
+-	  if (*string++ == 0)
+-	    return (0);	 	  
+-	}
+-
+-      /* Advance one fewer byte than an entire multibyte character to
+-	 account for the auto-increment in the loop above. */
+-#ifdef HANDLE_MULTIBYTE
+-      string--;
+-      ADVANCE_CHAR_P (string, send - string);
+-      string++;
+-#else
+-      ADVANCE_CHAR_P (string, send - string);
+-#endif
+-    }
+-  return (0);
++  return (glob_pattern_p (string) == 1);
+ }
+ 
+ static char *globtext;
+diff --git a/builtins/help.def b/builtins/help.def
+index 006c4b5..92f9b38 100644
+--- a/builtins/help.def
++++ b/builtins/help.def
+@@ -128,7 +128,7 @@ help_builtin (list)
+ 
+   /* We should consider making `help bash' do something. */
+ 
+-  if (glob_pattern_p (list->word->word))
++  if (glob_pattern_p (list->word->word) == 1)
+     {
+       printf ("%s", ngettext ("Shell commands matching keyword `", "Shell commands matching keywords `", (list->next ? 2 : 1)));
+       print_word_list (list, ", ");
+diff --git a/config.h.in b/config.h.in
+index 8554aec..ad4b1e8 100644
+--- a/config.h.in
++++ b/config.h.in
+@@ -1,6 +1,6 @@
+ /* config.h -- Configuration file for bash. */
+ 
+-/* Copyright (C) 1987-2009,2011-2012 Free Software Foundation, Inc.
++/* Copyright (C) 1987-2009,2011-2012,2013-2019 Free Software Foundation, Inc.
+ 
+    This file is part of GNU Bash, the Bourne Again SHell.
+ 
+@@ -807,6 +807,14 @@
+ #undef HAVE_SETREGID
+ #undef HAVE_DECL_SETREGID
+ 
++/* Define if you have the setregid function.  */
++#undef HAVE_SETRESGID
++#undef HAVE_DECL_SETRESGID
++
++/* Define if you have the setresuid function.  */
++#undef HAVE_SETRESUID
++#undef HAVE_DECL_SETRESUID
++
+ /* Define if you have the setvbuf function.  */
+ #undef HAVE_SETVBUF
+ 
+diff --git a/configure.ac b/configure.ac
+index 52b4cdb..549adef 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -810,6 +810,7 @@ AC_CHECK_DECLS([confstr])
+ AC_CHECK_DECLS([printf])
+ AC_CHECK_DECLS([sbrk])
+ AC_CHECK_DECLS([setregid])
++AC_CHECK_DECLS[(setresuid, setresgid])
+ AC_CHECK_DECLS([strcpy])
+ AC_CHECK_DECLS([strsignal])
+ 
+diff --git a/doc/bash.1 b/doc/bash.1
+index e6cd08d..9e58a0b 100644
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -4681,7 +4681,8 @@ above).
+ .PD
+ .SH "SIMPLE COMMAND EXPANSION"
+ When a simple command is executed, the shell performs the following
+-expansions, assignments, and redirections, from left to right.
++expansions, assignments, and redirections, from left to right, in
++the following order.
+ .IP 1.
+ The words that the parser has marked as variable assignments (those
+ preceding the command name) and redirections are saved for later
+diff --git a/doc/bashref.texi b/doc/bashref.texi
+index d33cd57..3065126 100644
+--- a/doc/bashref.texi
++++ b/doc/bashref.texi
+@@ -2964,7 +2964,8 @@ is not specified.  If the file does not exist, it is created.
+ @cindex command expansion
+ 
+ When a simple command is executed, the shell performs the following
+-expansions, assignments, and redirections, from left to right.
++expansions, assignments, and redirections, from left to right, in
++the following order.
+ 
+ @enumerate
+ @item
+diff --git a/lib/glob/glob.c b/lib/glob/glob.c
+index 398253b..2eaa33e 100644
+--- a/lib/glob/glob.c
++++ b/lib/glob/glob.c
+@@ -607,6 +607,7 @@ glob_vector (pat, dir, flags)
+   register unsigned int i;
+   int mflags;		/* Flags passed to strmatch (). */
+   int pflags;		/* flags passed to sh_makepath () */
++  int hasglob;		/* return value from glob_pattern_p */
+   int nalloca;
+   struct globval *firstmalloc, *tmplink;
+   char *convfn;
+@@ -648,10 +649,12 @@ glob_vector (pat, dir, flags)
+   patlen = (pat && *pat) ? strlen (pat) : 0;
+ 
+   /* If the filename pattern (PAT) does not contain any globbing characters,
++     or contains a pattern with only backslash escapes (hasglob == 2),
+      we can dispense with reading the directory, and just see if there is
+      a filename `DIR/PAT'.  If there is, and we can access it, just make the
+      vector to return and bail immediately. */
+-  if (skip == 0 && glob_pattern_p (pat) == 0)
++  hasglob = 0;
++  if (skip == 0 && (hasglob = glob_pattern_p (pat)) == 0 || hasglob == 2)
+     {
+       int dirlen;
+       struct stat finfo;
+diff --git a/pathexp.c b/pathexp.c
+index c1bf2d8..e6c5392 100644
+--- a/pathexp.c
++++ b/pathexp.c
+@@ -58,7 +58,10 @@ int extended_glob = EXTGLOB_DEFAULT;
+ /* Control enabling special handling of `**' */
+ int glob_star = 0;
+ 
+-/* Return nonzero if STRING has any unquoted special globbing chars in it.  */
++/* Return nonzero if STRING has any unquoted special globbing chars in it.
++   This is supposed to be called when pathname expansion is performed, so
++   it implements the rules in Posix 2.13.3, specifically that an unquoted
++   slash cannot appear in a bracket expression. */
+ int
+ unquoted_glob_pattern_p (string)
+      register char *string;
+@@ -85,10 +88,14 @@ unquoted_glob_pattern_p (string)
+ 	  continue;
+ 
+ 	case ']':
+-	  if (open)
++	  if (open)		/* XXX - if --open == 0? */
+ 	    return (1);
+ 	  continue;
+ 
++	case '/':
++	  if (open)
++	    open = 0;
++
+ 	case '+':
+ 	case '@':
+ 	case '!':
+@@ -106,6 +113,11 @@ unquoted_glob_pattern_p (string)
+ 	      string++;
+ 	      continue;
+ 	    }
++	  else if (open && *string == '/')
++	    {
++	      string++;		/* quoted slashes in bracket expressions are ok */
++	      continue;
++	    }
+ 	  else if (*string == 0)
+ 	    return (0);
+ 	 	  
+diff --git a/shell.c b/shell.c
+index a2b2a55..6adabc8 100644
+--- a/shell.c
++++ b/shell.c
+@@ -1293,7 +1293,11 @@ disable_priv_mode ()
+ {
+   int e;
+ 
++#if HAVE_DECL_SETRESUID
++  if (setresuid (current_user.uid, current_user.uid, current_user.uid) < 0)
++#else
+   if (setuid (current_user.uid) < 0)
++#endif
+     {
+       e = errno;
+       sys_error (_("cannot set uid to %d: effective uid %d"), current_user.uid, current_user.euid);
+@@ -1302,7 +1306,11 @@ disable_priv_mode ()
+ 	exit (e);
+ #endif
+     }
++#if HAVE_DECL_SETRESGID
++  if (setresgid (current_user.gid, current_user.gid, current_user.gid) < 0)
++#else
+   if (setgid (current_user.gid) < 0)
++#endif
+     sys_error (_("cannot set gid to %d: effective gid %d"), current_user.gid, current_user.egid);
+ 
+   current_user.euid = current_user.uid;
+diff --git a/tests/glob.tests b/tests/glob.tests
+index 01913bb..fb012f7 100644
+--- a/tests/glob.tests
++++ b/tests/glob.tests
+@@ -12,6 +12,8 @@ ${THIS_SH} ./glob1.sub
+ ${THIS_SH} ./glob2.sub
+ ${THIS_SH} ./glob3.sub
+ ${THIS_SH} ./glob4.sub
++${THIS_SH} ./glob6.sub
++${THIS_SH} ./glob7.sub
+ 
+ MYDIR=$PWD	# save where we are
+ 
+diff --git a/tests/glob6.sub b/tests/glob6.sub
+new file mode 100644
+index 0000000..b099811
+--- /dev/null
++++ b/tests/glob6.sub
+@@ -0,0 +1,54 @@
++# tests of the backslash-in-glob-patterns discussion on the austin-group ML
++
++: ${TMPDIR:=/var/tmp}
++
++ORIG=$PWD
++GLOBDIR=$TMPDIR/bash-glob-$$
++mkdir $GLOBDIR && cd $GLOBDIR
++
++# does the pattern matcher allow backslashes as escape characters and remove
++# them as part of matching?
++touch abcdefg
++pat='ab\cd*'
++printf '<%s>\n' $pat
++pat='\.'
++printf '<%s>\n' $pat
++rm abcdefg
++
++# how about when escaping pattern characters?
++touch '*abc.c'
++a='\**.c'
++printf '%s\n' $a
++rm -f '*abc.c'
++
++# how about when making the distinction between readable and searchable path
++# components?
++mkdir -m a=x searchable
++mkdir -m a=r readable
++
++p='searchable/\.'
++printf "%s\n" $p
++
++p='searchable/\./.'
++printf "%s\n" $p
++
++p='readable/\.'
++printf "%s\n" $p
++
++p='readable/\./.'
++printf "%s\n" $p
++
++printf "%s\n" 'searchable/\.'
++printf "%s\n" 'readable/\.'
++
++echo */.
++
++p='*/\.'
++echo $p
++
++echo */'.'
++
++rmdir searchable readable
++
++cd $ORIG
++rmdir $GLOBDIR
+diff --git a/tests/glob7.sub b/tests/glob7.sub
+new file mode 100644
+index 0000000..0212b8e
+--- /dev/null
++++ b/tests/glob7.sub
+@@ -0,0 +1,11 @@
++# according to Posix 2.13.3, a slash in a bracket expression renders that
++# bracket expression invalid
++shopt -s nullglob
++
++echo 1: [qwe/qwe]
++echo 2: [qwe/
++echo 3: [qwe/]
++
++echo 4: [qwe\/qwe]
++echo 5: [qwe\/
++echo 6: [qwe\/]
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/bash/bash_5.0.bb b/meta/recipes-extended/bash/bash_5.0.bb
index 12d472be57..257a03bd8b 100644
--- a/meta/recipes-extended/bash/bash_5.0.bb
+++ b/meta/recipes-extended/bash/bash_5.0.bb
@@ -30,6 +30,7 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \
            file://run-ptest \
            file://run-bash-ptests \
            file://fix-run-builtins.patch \
+           file://bash-CVE-2019-18276.patch \
            "
 
 SRC_URI[tarball.md5sum] = "2b44b47b905be16f45709648f671820b"
-- 
2.17.1

[OE-core][dunfell 29/41] packagegroup: rrecommend perf also for musl on ARM

[Steve Sakoman]

From: Christian Eggers <ceggers@arri.de>

The perf recipe builds fine for musl on ARM.

Fixes: d758a4445a ("packagegroup: Disable packages not available on musl")
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7a905f66d3a6d9018b18c1a8021c1cb8bf7d12ac)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../packagegroups/packagegroup-core-tools-profile.bb             | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb b/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb
index 9fd2569a04..994e27c0a3 100644
--- a/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb
+++ b/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb
@@ -28,6 +28,7 @@ PROFILETOOLS = "\
     "
 PERF = "perf"
 PERF_libc-musl = ""
+PERF_libc-musl_arm = "perf"
 
 # systemtap needs elfutils which is not fully buildable on some arches/libcs
 SYSTEMTAP = "systemtap"
-- 
2.17.1

[OE-core][dunfell 30/41] sysvinit rc: Use PSPLASH_FIFO_DIR for progress fifo

[Steve Sakoman]

From: Michael Gloff <mgloff@emacinc.com>

psplash expects the fifo to be in /run or specified
by PSPLASH_FIFO_DIR. This patch allows psplash to
quit normally. Also, fix the work around of using
echo directly into the fifo and use psplash-write.

Signed-off-by: Michael Gloff <mgloff@emacinc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2b48bbd0a8de17df74d1fae12b5e4eb3c2c0fb90)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/sysvinit/sysvinit/rc | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-core/sysvinit/sysvinit/rc b/meta/recipes-core/sysvinit/sysvinit/rc
index 7ca41ae1ae..fd1fdd26ba 100755
--- a/meta/recipes-core/sysvinit/sysvinit/rc
+++ b/meta/recipes-core/sysvinit/sysvinit/rc
@@ -26,11 +26,8 @@ startup_progress() {
         progress=$progress_size
     fi
     #echo "PROGRESS is $progress $runlevel $first_step + ($step of $num_steps) $step_change $progress_size"
-    #if type psplash-write >/dev/null 2>&1; then
-    #    TMPDIR=/mnt/.psplash psplash-write "PROGRESS $progress" || true
-    #fi
-    if [ -e /mnt/.psplash/psplash_fifo ]; then
-        echo "PROGRESS $progress" > /mnt/.psplash/psplash_fifo
+    if type psplash-write >/dev/null 2>&1; then
+        PSPLASH_FIFO_DIR=/mnt/.psplash psplash-write "PROGRESS $progress" || true
     fi
 }
 
@@ -176,7 +173,7 @@ startup() {
 #Uncomment to cause psplash to exit manually, otherwise it exits when it sees a VC switch
 if [ "x$runlevel" != "xS" ] && [ ! -x /etc/rc${runlevel}.d/S??xserver-nodm ]; then
     if type psplash-write >/dev/null 2>&1; then
-        TMPDIR=/mnt/.psplash psplash-write "QUIT" || true
+        PSPLASH_FIFO_DIR=/mnt/.psplash psplash-write "QUIT" || true
     	umount -l /mnt/.psplash
     fi
 fi
-- 
2.17.1

[OE-core][dunfell 31/41] openssh: Allow enable/disable of rng-tools recommendation on sshd

[Steve Sakoman]

From: Otavio Salvador <otavio.salvador@gmail.com>

We are adding a new PACKAGECONFIG option ('rng-tools') to control if we
wish the openssh-sshd to RRECOMMENDS the 'rng-tools' package. We are
enabling it by default so there is no behavior change.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fe99349c1bd72b69d22ab0dc52b8825d3157b8e7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
index d879efc201..17138c0ad8 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
@@ -43,12 +43,15 @@ SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket"
 
 inherit autotools-brokensep ptest
 
-PACKAGECONFIG ??= ""
+PACKAGECONFIG ??= "rng-tools"
 PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5"
 PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns"
 PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
 PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat"
 
+# Add RRECOMMENDS to rng-tools for sshd package
+PACKAGECONFIG[rng-tools] = ""
+
 EXTRA_AUTORECONF += "--exclude=aclocal"
 
 # login path is hardcoded in sshd
@@ -150,7 +153,10 @@ FILES_${PN}-keygen = "${bindir}/ssh-keygen"
 
 RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen"
 RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}"
-RRECOMMENDS_${PN}-sshd_append_class-target = " rng-tools"
+RRECOMMENDS_${PN}-sshd_append_class-target = "\
+    ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \
+"
+
 # gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies
 RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils"
 
-- 
2.17.1

[OE-core][dunfell 32/41] sstate.bbclass: Check file ownership before doing 'touch -a'

[Steve Sakoman]

From: Norman Stetter <norman.stetter@garz-fricke.com>

In contrast to 'touching' a file without parameters 'touch -a' can only be
performed by the file owner. In case of a shared sstate-cache served
locally (e.g. over NFS),  where the user running bitbake is not the
owner of sstate-cache files, even if he has write access on group level,
the sstate_unpack_package task will fail.
Checking if the file is owned by the user before attempting to run
'touch -a' on it solves this.

Signed-off-by: Norman Stetter <norman.stetter@garz-fricke.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f1554e8bd40c640fd58daac18ecf7b458e754109)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/sstate.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index 375196ef21..66a96a7603 100644
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -847,7 +847,7 @@ python sstate_report_unihash() {
 sstate_unpack_package () {
 	tar -xvzf ${SSTATE_PKG}
 	# update .siginfo atime on local/NFS mirror
-	[ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo
+	[ -O ${SSTATE_PKG}.siginfo ] && [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo
 	# Use "! -w ||" to return true for read only files
 	[ ! -w ${SSTATE_PKG} ] || touch --no-dereference ${SSTATE_PKG}
 	[ ! -w ${SSTATE_PKG}.sig ] || [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig
-- 
2.17.1

[OE-core][dunfell 33/41] kernel-yocto: add KBUILD_DEFCONFIG search location to failure message

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

It was pointed out that since the check for the existence of
KBUILD_DEFCONFIG knows where it is looking, that should be part of
the error/log message.

We only look in one location for the defconfigs, so add where we
checked to the message.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1d4d80be41d273abd1fb6416976603d924457973)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/kernel-yocto.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/kernel-yocto.bbclass b/meta/classes/kernel-yocto.bbclass
index cc8bcb909a..ec5fb7b1de 100644
--- a/meta/classes/kernel-yocto.bbclass
+++ b/meta/classes/kernel-yocto.bbclass
@@ -148,7 +148,7 @@ do_kernel_metadata() {
 			fi
 			in_tree_defconfig="${WORKDIR}/defconfig"
 		else
-			bbfatal "A KBUILD_DEFCONFIG '${KBUILD_DEFCONFIG}' was specified, but not present in the source tree"
+			bbfatal "A KBUILD_DEFCONFIG '${KBUILD_DEFCONFIG}' was specified, but not present in the source tree (${S}/arch/${ARCH}/configs/)"
 		fi
 	fi
 
-- 
2.17.1

[OE-core][dunfell 34/41] linux-yocto/config: netfilter: Enable nat for ipv4 and ipv6

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s):

    80452c7c245 netfilter: Enable nat for ipv4 and ipv6

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
(cherry picked from commit 788623ab2913e760da9405de1c3a2633140122eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index a0324f0304..12c3daab0f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "e65e9ff22c5c42c9ae57a4cce45fbf91a7e7ae3b"
-SRCREV_meta ?= "7ed307f65171d331a784ceecb6f56b9f8ecadb10"
+SRCREV_meta ?= "647f4fd91cc47567a7d88f21a6ad7d230d354469"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index f835a45870..bc3a1e50e0 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "f30ce7653a038eb05ef0503d0d15c7c6ec33cdc5"
 SRCREV_machine ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_meta ?= "7ed307f65171d331a784ceecb6f56b9f8ecadb10"
+SRCREV_meta ?= "647f4fd91cc47567a7d88f21a6ad7d230d354469"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 070486c8aa..f20aa6c618 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
 SRCREV_machine_qemux86-64 ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
 SRCREV_machine_qemumips64 ?= "4fe8438e9dea8d0a00f82003277f36785aac9e3d"
 SRCREV_machine ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_meta ?= "7ed307f65171d331a784ceecb6f56b9f8ecadb10"
+SRCREV_meta ?= "647f4fd91cc47567a7d88f21a6ad7d230d354469"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.17.1

[OE-core][dunfell 35/41] linux-yocto/5.4: update to v5.4.64

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    6ffabce36fc8 Linux 5.4.64
    beaf13ed8e97 net: usb: Fix uninit-was-stored issue in asix_read_phy_addr()
    58c3e86d42d2 cfg80211: regulatory: reject invalid hints
    08eeec445297 mm/khugepaged.c: fix khugepaged's request size in collapse_file
    af7786b20c71 mm/hugetlb: fix a race between hugetlb sysctl handlers
    f2cd86225c89 checkpatch: fix the usage of capture group ( ... )
    59ac5bfa82bc sdhci: tegra: Add missing TMCLK for data timeout
    e915b3b63dfd perf record: Correct the help info of option "--no-bpf-event"
    894a6f0be372 vfio/pci: Fix SR-IOV VF handling with MMIO blocking
    f4fa8d937edf mm: madvise: fix vma user-after-free
    87fb7b0c5266 mm: slub: fix conversion of freelist_corrupted()
    291144f1114d dm thin metadata: Fix use-after-free in dm_bm_set_read_only
    cfe85a4a8552 dm thin metadata: Avoid returning cmd->bm wild pointer on error
    392a6afcbf19 dm cache metadata: Avoid returning cmd->bm wild pointer on error
    9dd74db0bfd1 dm crypt: Initialize crypto wait structures
    e6ddb1d45c51 dm integrity: fix error reporting in bitmap mode after creation
    b30f628beec9 dm mpath: fix racey management of PG initialization
    226fb99eb59d dm writecache: handle DAX to partitions on persistent memory correctly
    6fb192c06a14 drm/amd/pm: avoid false alarm due to confusing softwareshutdowntemp setting
    f84804af09c7 dmaengine: dw-edma: Fix scatter-gather address calculation
    9f4ab0172e6c blk-iocost: ioc_pd_free() shouldn't assume irq disabled
    f7880745e91b libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks
    5f5f27228195 block: ensure bdi->io_pages is always initialized
    84c041c12442 block: allow for_each_bvec to support zero len bvec
    b6e4827c04b0 affs: fix basic permission bits to actually work
    2d89e44dc932 media: rc: uevent sysfs file races with rc_unregister_device()
    5925179bbc64 media: rc: do not access device via sysfs after rc_unregister_device()
    3d77c12f3040 mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based controllers
    ed48704c36a8 mmc: cqhci: Add cqhci_deactivate()
    a69047c01eb4 mmc: dt-bindings: Add resets/reset-names for Mediatek MMC bindings
    5876ee035ba6 mmc: mediatek: add optional module reset property
    2816ccd07145 arm64: dts: mt7622: add reset node for mmc device
    d074d9d52fe0 ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen
    7de2f56ef51a ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A
    a253fe35666d ALSA; firewire-tascam: exclude Tascam FE-8 from detection
    982505615063 ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO
    cebaed033037 ALSA: firewire-digi00x: exclude Avid Adrenaline from detection
    4fa06a43bf9f ALSA: hda/hdmi: always check pin power status in i915 pin fixup
    2ebb83a259a8 ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
    79124b1b912c ALSA: usb-audio: Add implicit feedback quirk for UR22C
    a3b94af5117b ALSA: ca0106: fix error code handling
    156dd7c73a9b Revert "ALSA: hda: Add support for Loongson 7A1000 controller"
    62db427bf8ca Revert "net: dsa: microchip: set the correct number of ports"
    4254a4f7988c btrfs: fix potential deadlock in the search ioctl
    de53545e8d4c net: core: use listified Rx for GRO_NORMAL in napi_gro_receive()
    df0c47585cea btrfs: tree-checker: fix the error message for transid error
    650275310f3b btrfs: set the lockdep class for log tree extent buffers
    7e0ffb0d9d9f btrfs: set the correct lockdep class for new nodes
    c37cc199da2b btrfs: allocate scrub workqueues outside of locks
    eb29635ba68a btrfs: drop path before adding new uuid tree entry
    20b591fd00c0 ARC: perf: don't bail setup if pct irq missing in device-tree
    ce690fa1d5d0 xfs: don't update mtime on COW faults
    12cd8fccc9ed ext2: don't update mtime on COW faults
    cc6c4d81d6ad tracing/kprobes, x86/ptrace: Fix regs argument order for i386
    036a857bb57d iommu/vt-d: Handle 36bit addressing for x86-32
    8f747b0149c5 vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
    b0f5096b281a vfio-pci: Fault mmaps to enable vma tracking
    270c35d0723a vfio/type1: Support faulting PFNMAP vmas
    5629bb21ce20 include/linux/log2.h: add missing () around n in roundup_pow_of_two()
    bc846b58fe5c net/packet: fix overflow in tpacket_rcv
    e3d109c3484e iommu/amd: Restore IRTE.RemapEn bit after programming IRTE
    7ce6bc1b549e thermal: qcom-spmi-temp-alarm: Don't suppress negative temp
    f5b3bd38ae91 thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
    0c21f1bcafc1 iommu/vt-d: Serialize IOMMU GCMD register modifications
    920d9ffcd481 x86, fakenuma: Fix invalid starting node ID
    1a7e03867a37 tg3: Fix soft lockup when tg3_reset_task() fails.
    b0c40f8a7a0e perf jevents: Fix suspicious code in fixregex()
    6c4ad5444a26 xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files
    58591dd6afda MIPS: add missing MSACSR and upper MSA initialization
    612e2b7ec962 net: gemini: Fix another missing clk_disable_unprepare() in probe
    88405cf0f2bd fix regression in "epoll: Keep a reference on files added to the check list"
    901d22c6b6dc net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
    8e2660c834e3 perf tools: Correct SNOOPX field offset
    37f0a08a3a83 cxgb4: fix thermal zone device registration
    50d284778427 nvme: fix controller instance leak
    f4b830c61b5b nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()'
    9ff9f74ed462 netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS
    498575898ec4 net: dsa: mt7530: fix advertising unsupported 1000baseT_Half
    c4a427b71cd7 selftests/bpf: Fix massive output from test_maps
    e0a1bebc332d media: cedrus: Add missing v4l2_ctrl_request_hdl_put()
    3fe12f4be001 media: vicodec: add missing v4l2_ctrl_request_hdl_put()
    f28f3cffff27 bnxt: don't enable NAPI until rings are ready
    da7a1676d6c1 xfs: fix boundary test in xfs_attr_shortform_verify
    8227199ceafd bnxt_en: fix HWRM error when querying VF temperature
    927a7629bedd bnxt_en: Fix possible crash in bnxt_fw_reset_task().
    70699d3cc77c bnxt_en: Fix PCI AER error recovery flow
    87547923b6c6 bnxt_en: Check for zero dir entries in NVRAM.
    e7cbba4db7da bnxt_en: Don't query FW when netif_running() is false.
    c11510bb8898 net: ethernet: ti: cpsw: fix clean up of vlan mc entries for host port
    0bd92cdc04e6 gtp: add GTPA_LINK info to msg sent to userspace
    24249fab08c6 dmaengine: pl330: Fix burst length if burst size is smaller than bus width
    719f92de3fff net: arc_emac: Fix memleak in arc_mdio_probe
    268fe5a4c040 ravb: Fixed to be able to unload modules
    8123fa897e65 net: systemport: Fix memleak in bcm_sysport_probe
    a49c0aebf9c4 net: hns: Fix memleak in hns_nic_dev_probe
    210b889fd8ef netfilter: nf_tables: fix destination register zeroing
    576fbd4902fb netfilter: nf_tables: incorrect enum nft_list_attributes definition
    929d07feb94f netfilter: nf_tables: add NFTA_SET_USERDATA if not null
    fb1e97674aa8 mmc: sdhci-acpi: Fix HS400 tuning for AMDI0040
    da8e3e507d2f MIPS: BMIPS: Also call bmips_cpu_setup() for secondary cores
    c5e9e36fc2f8 MIPS: mm: BMIPS5000 has inclusive physical caches
    5f7798f05311 rxrpc: Make rxrpc_kernel_get_srtt() indicate validity
    43cf7e7dfa7b rxrpc: Keep the ACK serial in a var in rxrpc_input_ack()
    242a7ab0ac52 dmaengine: at_hdmac: check return value of of_find_device_by_node() in at_dma_xlate()
    2f2786bb9d40 batman-adv: bla: use netif_rx_ni when not in interrupt context
    fd8b3ef644a4 batman-adv: Fix own OGM check in aggregated OGMs
    2344f2f186fd batman-adv: Avoid uninitialized chaddr when handling DHCP
    89cb604c4226 dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
    1a89606baf31 fsldma: fix very broken 32-bit ppc ioread64 functionality
    6eb88c42dcc9 xen/xenbus: Fix granting of vmalloc'd memory
    0878655a9880 drm/amd/display: Fix memleak in amdgpu_dm_mode_config_init
    b014f2846e6f drm/amd/display: Retry AUX write when fail occurs
    9947928e619a drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object to 0 in amdgpu_dm_update_backlight_caps
    79d31527dfc3 drm/amd/display: Reject overlay plane configurations in multi-display scenarios
    29bade8e2fc9 s390: don't trace preemption in percpu macros
    c756635246e9 nbd: restore default timeout when setting it to zero
    c1e333e7b8da cpuidle: Fixup IRQ state
    ad3a4efc8c56 drm/omap: fix incorrect lock state
    0a8dcad24424 ceph: don't allow setlease on cephfs
    755fd63ae163 drm/msm/a6xx: fix gmu start on newer firmware
    7a55cf8a20c7 habanalabs: check correct vmalloc return code
    c9436de020a4 habanalabs: validate FW file size
    dddd5003c707 drm/msm: enable vblank during atomic commits
    2c9bc7d9600c nvmet: Disable keep-alive timer when kato is cleared to 0h
    e94a3d76305b hwmon: (applesmc) check status earlier.
    19583b280801 drm/msm: add shutdown support for display platform_driver
    8bc25dea70fe tty: serial: qcom_geni_serial: Drop __init from qcom_geni_console_setup
    28ffe70a2e33 drm/msm/dpu: Fix scale params in plane validation
    b2fc347e2126 HID: quirks: Always poll three more Lenovo PixArt mice
    e32f4fa1b24d Linux 5.4.63
    5153710a5ecc scsi: target: tcmu: Optimize use of flush_dcache_page
    bb9949fdfddd scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range
    6d2e274f60fc sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186
    0176db2f2ad5 sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210
    eda97e9d90db arm64: tegra: Add missing timeout clock to Tegra210 SDMMC
    5cd8c5979e72 arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes
    ef8b5f333780 arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes
    9d806d68bf97 dt-bindings: mmc: tegra: Add tmclk for Tegra210 and later
    d2ac42e61ecd KVM: arm64: Set HCR_EL2.PTW to prevent AT taking synchronous exception
    ffad02f9e3ea KVM: arm64: Survive synchronous exceptions caused by AT instructions
    1744237ca047 KVM: arm64: Add kvm_extable for vaxorcism code
    538caddbe635 drm/etnaviv: fix TS cache flushing on GPUs with BLT engine
    80743b4bde09 drm/sched: Fix passing zero to 'PTR_ERR' warning v2
    6cadd1e2d8c5 perf record/stat: Explicitly call out event modifiers in the documentation
    4bae1afed432 HID: core: Sanitize event code and type when mapping input
    667514df10a0 HID: core: Correctly handle ReportSize being zero
    933cf1c2c075 Linux 5.4.62
    54ee77961e79 io_uring: Fix NULL pointer dereference in io_sq_wq_submit_work()
    44cf62d388fb ALSA: usb-audio: Update documentation comment for MS2109 quirk
    851d0813ab80 HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
    c98b6ebd9b55 kbuild: fix broken builds because of GZIP,BZIP2,LZOP variables
    37432a83faab kbuild: add variables for compression tools
    47a41f65afb6 kheaders: explain why include/config/autoconf.h is excluded from md5sum
    7caddaa9f88b kheaders: remove the last bashism to allow sh to run it
    18f48708c3f5 kheaders: optimize header copy for in-tree builds
    a1d0c6e2f334 kheaders: optimize md5sum calculation for in-tree builds
    eb914bae6e17 kheaders: remove unneeded 'cat' command piped to 'head' / 'tail'
    376810e5e9e1 fbmem: pull fbcon_update_vcs() out of fb_set_var()
    6a862aa31ec3 usb: dwc3: gadget: Handle ZLP for sg requests
    7c8b5685662b usb: dwc3: gadget: Fix handling ZLP
    4bc5d90a7dce usb: dwc3: gadget: Don't setup more than requested
    f8e4c5297fcd drm/i915: Fix cmd parser desc matching with masks
    73992639ec78 usb: storage: Add unusual_uas entry for Sony PSZ drives
    2add73c8c00d USB: cdc-acm: rework notification_buffer resizing
    e2e02f260496 USB: gadget: u_f: Unbreak offset calculation in VLAs
    4f529c4d1e43 USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb()
    f47ab852bea3 USB: gadget: u_f: add overflow checks to VLA macros
    2534d3dec376 usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe()
    de24343880a6 USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge
    ca29a2a53953 USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D
    20b3564c6748 USB: quirks: Add no-lpm quirk for another Raydium touchscreen
    b32ec919ee37 usb: uas: Add quirk for PNY Pro Elite
    ad0bc424fc0a USB: yurex: Fix bad gfp argument
    3623dab2959e drm/amd/pm: correct the thermal alert temperature limit settings
    85ca6f199c77 drm/amd/pm: correct Vega20 swctf limit setting
    9afabefd42fc drm/amd/pm: correct Vega12 swctf limit setting
    60cffee2d951 drm/amd/pm: correct Vega10 swctf limit setting
    2809cf7f6eba drm/amd/powerplay: Fix hardmins not being sent to SMU for RV
    20700b352d10 drm/amdgpu/gfx10: refine mgcg setting
    8fc7a66619e1 drm/amdgpu: Fix buffer overflow in INFO ioctl
    1adf8c19f974 x86/hotplug: Silence APIC only after all interrupts are migrated
    47c8387a963e irqchip/stm32-exti: Avoid losing interrupts due to clearing pending bits by mistake
    927aa9a10f12 genirq/matrix: Deal with the sillyness of for_each_cpu() on UP
    70957a10e1db crypto: af_alg - Work around empty control messages without MSG_MORE
    aca10ab0568a device property: Fix the secondary firmware node handling in set_primary_fwnode()
    df2a6a4a9d68 powerpc/perf: Fix crashes with generic_compat_pmu & BHRB
    b260fb2a02b5 PM: sleep: core: Fix the handling of pending runtime resume requests
    7ded78a8c89e arm64: vdso32: make vdso32 install conditional
    3b7087e07730 xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed
    02166fea639f xhci: Do warm-reset when both CAS and XDEV_RESUME are set
    3ac8545b29ae usb: host: xhci: fix ep context print mismatch in debugfs
    4d3e2a3a0c64 XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information.
    6623c19042b6 writeback: Fix sync livelock due to b_dirty_time processing
    cb0c74450072 writeback: Avoid skipping inode writeback
    8eab2b531fd3 writeback: Protect inode->i_io_list with inode->i_lock
    2e76a3a1667c serial: 8250: change lock order in serial8250_do_startup()
    f53ebc7c2922 serial: 8250_exar: Fix number of ports for Commtech PCIe cards
    fbb55ec82dd6 serial: stm32: avoid kernel warning on absence of optional IRQ
    64a05aadf936 serial: pl011: Don't leak amba_ports entry on driver register error
    0806b49bba20 serial: pl011: Fix oops on -EPROBE_DEFER
    daae6b962a13 serial: samsung: Removes the IRQ not found warning
    7c57237d74a0 vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
    adb76f3f7732 vt: defer kfree() of vc_screenbuf in vc_do_resize()
    db1bb352cc08 USB: lvtest: return proper error code in probe
    96e41fc29e8a fbcon: prevent user font height or width change from causing potential out-of-bounds access
    cd1d270e3e4f btrfs: detect nocow for swap after snapshot delete
    eb576fc43a43 btrfs: fix space cache memory leak after transaction abort
    1d08edc70154 btrfs: check the right error variable in btrfs_del_dir_entries_in_log
    8a3509486f08 btrfs: reset compression level for lzo on remount
    b1a83ee0cbbf blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART
    c2035d1e55aa HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands
    db4542b6617b block: loop: set discard granularity and alignment for block device backed loop
    f09dbec9c0c6 block: fix get_max_io_size()
    2f4b202eb1b1 arm64: Allow booting of late CPUs affected by erratum 1418040
    82b05f0838aa arm64: Move handling of erratum 1418040 into C code
    7d44b707aaff powerpc/perf: Fix soft lockups due to missed interrupt accounting
    9c0305c0cfa2 net: gianfar: Add of_node_put() before goto statement
    c656534e5c45 macvlan: validate setting of multiple remote source MAC addresses
    19f669a3609c Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
    48765b780ace scsi: qla2xxx: Fix null pointer access during disconnect from subsystem
    36a139cf4146 scsi: qla2xxx: Check if FW supports MQ before enabling
    88274626d110 scsi: qla2xxx: Fix login timeout
    37528b3ee9e1 scsi: ufs: Clean up completed request without interrupt notification
    a39ba0fdcdfd scsi: ufs: Improve interrupt handling for shared interrupts
    d895b0be701c scsi: ufs: Fix possible infinite loop in ufshcd_hold
    1778bebd06b4 scsi: fcoe: Fix I/O path allocation
    a8d26145e112 selftests: disable rp_filter for icmp_redirect.sh
    957066143e6c ASoC: wm8994: Avoid attempts to read unreadable registers
    1d63737b0777 s390/cio: add cond_resched() in the slow_eval_known_fn() loop
    2a8c6149a49a ALSA: hda/realtek: Add model alc298-samsung-headphone
    021a98a87864 can: j1939: transport: j1939_xtp_rx_dat_one(): compare own packets to detect corruptions
    3803312a3c55 netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency
    35238963c972 drm/amd/display: Switch to immediate mode for updating infopackets
    b92b415fa7b7 drm/amd/powerplay: correct UVD/VCE PG state on custom pptable uploading
    73a0e6280a32 drm/amd/powerplay: correct Vega20 cached smu feature state
    d2da80e0a3e7 spi: stm32: always perform registers configuration prior to transfer
    2844685c661a spi: stm32: fix stm32_spi_prepare_mbr in case of odd clk_rate
    a6daa863d15e spi: stm32: fix fifo threshold level in case of short transfer
    3c15a3c4b155 spi: stm32h7: fix race condition at end of transfer
    a08e95e83e6f fs: prevent BUG_ON in submit_bh_wbc()
    28a56c26a00d ext4: correctly restore system zone info when remount fails
    8e63c86f6580 ext4: handle error of ext4_setup_system_zone() on remount
    e579635669da ext4: handle option set by mount flags correctly
    3a53d012bd26 jbd2: abort journal if free a async write error metadata buffer
    1b36d4fa4b66 ext4: handle read only external journal device
    2e7312ddaf62 ext4: don't BUG on inconsistent journal feature
    40827caf954c jbd2: make sure jh have b_transaction set in refile/unfile_buffer
    e4351ad44d7e spi: stm32: clear only asserted irq flags on interrupt
    d63728afe947 usb: gadget: f_tcm: Fix some resource leaks in some error paths
    262f5fbad941 i2c: rcar: in slave mode, clear NACK earlier
    883ed72723ef i2c: core: Don't fail PRP0001 enumeration when no ID table exist
    2fc8fa50ebee null_blk: fix passing of REQ_FUA flag in null_handle_rq
    88994acafd96 nvme: multipath: round-robin: fix single non-optimized path case
    97f30414a2e0 nvme-fc: Fix wrong return value in __nvme_fc_init_request()
    05c608f630b9 blkcg: fix memleak for iolatency
    872a2b3182ee blk-mq: insert request not through ->queue_rq into sw/scheduler queue
    9054d5844092 hwmon: (nct7904) Correct divide by 0
    1475314530bb bfq: fix blkio cgroup leakage v4
    2295664518c3 block: Fix page_is_mergeable() for compound pages
    3e9eb1e893ba drm/msm/adreno: fix updating ring fence
    effd3b89f7e5 block: virtio_blk: fix handling single range discard request
    cc3a73f245cb block: respect queue limit of max discard segment
    8f409e764c4b media: gpio-ir-tx: improve precision of transmitted signal due to scheduling
    6ba04701b801 ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1)
    5861e84d7145 cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode
    1b7b2d45b31e PCI: qcom: Add missing reset for ipq806x
    ea552383a9d5 PCI: qcom: Change duplicate PCI reset to phy reset
    29ecf28be997 PCI: qcom: Add missing ipq806x clocks in PCIe driver
    6d11320bed41 EDAC/{i7core,sb,pnd2,skx}: Fix error event severity
    87cc96bb11b9 EDAC: skx_common: get rid of unused type var
    3bf42b2e8d67 EDAC: sb_edac: get rid of unused vars
    75aaa8fa7672 mm/vunmap: add cond_resched() in vunmap_pmd_range
    a2038eb833a5 drm/amd/display: Fix dmesg warning from setting abm level
    8522b1bec88e drm/amd/display: Add additional config guards for DCN
    992e51ff0e4b drm/amd/display: Trigger modesets on MST DSC connectors
    b730fb14434f drm/ingenic: Fix incorrect assumption about plane->index
    8dc47d858fea gpu/drm: ingenic: Use the plane's src_[x,y] to configure DMA length
    302b9e189962 cma: don't quit at first error when activating reserved areas
    aed14b1b5c0e mm/cma.c: switch to bitmap_zalloc() for cma bitmap allocation
    965d3d5ce355 mm: fix kthread_use_mm() vs TLB invalidate
    72574434da87 mm/shuffle: don't move pages between zones and don't read garbage memmaps
    483b956a16a0 btrfs: only commit delayed items at fsync if we are logging a directory
    3eddcc71fe8a btrfs: only commit the delayed inode when doing a full fsync
    d5f5b15d3ea4 btrfs: factor out inode items copy loop from btrfs_log_inode()
    a0cfda9cb3a1 s390/numa: set node distance to LOCAL_DISTANCE
    67f8b390b15e drm/xen-front: Fix misused IS_ERR_OR_NULL checks
    02611bcaafe5 drm/xen: fix passing zero to 'PTR_ERR' warning
    fe376f1b12d2 PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent
    b7cca731b486 PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails
    a0f69c6f5e0b PM / devfreq: rk3399_dmc: Add missing of_node_put()
    961bfe1277ae usb: cdns3: gadget: always zeroed TRB buffer when enable endpoint
    2c0000f409ec sched/uclamp: Fix a deadlock when enabling uclamp static key
    88435320ebc1 sched/uclamp: Protect uclamp fast path code with static key
    93709d8ade00 Revert "ath10k: fix DMA related firmware crashes on multiple devices"
    da56eb03ea94 arm64: Fix __cpu_logical_map undefined issue
    12a9bec2bd4e efi: provide empty efi_enter_virtual_mode implementation
    b2defeb19bff brcmfmac: Set timeout value when configuring power save
    7aac56d8b0ee USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
    e77f71c6341a powerpc/spufs: add CONFIG_COREDUMP dependency
    653ae33b030b KVM: arm64: Fix symbol dependency in __hyp_call_panic_nvhe
    a84a6eb935ba media: davinci: vpif_capture: fix potential double free
    6b0010ed7140 hugetlbfs: prevent filesystem stacking of hugetlbfs
    c67c6e1f54aa EDAC/ie31200: Fallback if host bridge device is already initialized
    41191f8c57a1 scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del()
    a002274db527 ceph: do not access the kiocb after aio requests
    01540d5e7c1b ceph: fix potential mdsc use-after-free crash
    9da791b5410e scsi: iscsi: Do not put host in iscsi_set_flashnode_param()
    050292f138a3 btrfs: make btrfs_qgroup_check_reserved_leak take btrfs_inode
    1f52b85f6c79 btrfs: file: reserve qgroup space after the hole punch range is locked
    7d6689df48de locking/lockdep: Fix overflow in presentation of average lock-time
    2adf6ec63db2 drm/nouveau: Fix reference count leak in nouveau_connector_detect
    19e81f6325a9 drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
    d23d52e38cc9 drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
    45e30390f50f f2fs: fix use-after-free issue
    4cba87943046 HID: quirks: add NOGET quirk for Logitech GROUP
    6734eeb6c2f0 cec-api: prevent leaking memory through hole in structure
    bd4593030332 ALSA: hda: Add support for Loongson 7A1000 controller
    f4107f633a29 mips/vdso: Fix resource leaks in genvdso.c
    71e7e02c0590 rtlwifi: rtl8192cu: Prevent leaking urb
    3a84491364e1 ARM: dts: ls1021a: output PPS signal on FIPER2
    4410fd0c378e PCI: Fix pci_create_slot() reference count leak
    201838142c52 omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
    22d859fe1bdc f2fs: fix error path in do_recover_data()
    110c5a5a6854 selftests/powerpc: Purge extra count_pmc() calls of ebb selftests
    0450a50c914e scsi: target: Fix xcopy sess release leak
    774cc7c882f8 xfs: Don't allow logging of XFS_ISTALE inodes
    40b450375c80 scsi: lpfc: Fix shost refcount mismatch when deleting vport
    815060a8ec2a drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
    8290f9d4695f drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config
    3753eff4c69a drm/amd/display: fix ref count leak in amdgpu_drm_ioctl
    c911da7b6673 drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms
    40d0bf2b6e99 drm/radeon: fix multiple reference count leak
    9c88b27ac444 drm/amdkfd: Fix reference count leaks.
    1174ed705dda iommu/iova: Don't BUG on invalid PFNs
    f0a066af0f37 mfd: intel-lpss: Add Intel Tiger Lake PCH-H PCI IDs
    d98ea48810e6 scsi: target: tcmu: Fix crash on ARM during cmd completion
    ab2d90e58ae1 blktrace: ensure our debugfs dir exists
    fc93c091de22 media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq()
    1dc0ed18219a powerpc/xive: Ignore kmemleak false positives
    88eb00cb39ce arm64: dts: qcom: msm8916: Pull down PDM GPIOs during sleep
    d8cc881483d8 mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs
    fd5908860a17 ASoC: tegra: Fix reference count leaks.
    7d60cd2a6e08 ASoC: img-parallel-out: Fix a reference count leak
    8150a0e3d796 ASoC: img: Fix a reference count leak in img_i2s_in_set_fmt
    a53f67368c98 ALSA: hda/hdmi: Use force connectivity quirk on another HP desktop
    348da2f8566b ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged
    bcf40820b4fd ALSA: pci: delete repeated words in comments
    b45944e2b39e ALSA: hda/hdmi: Add quirk to force connectivity
    266d21a57093 ipvlan: fix device features
    e1334c4f4aec net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow
    97a74349cf82 net: ena: Make missed_tx stat incremental
    6c2e795f95cd tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
    d429362b3de4 net/smc: Prevent kernel-infoleak in __smc_diag_dump()
    4d2fe0addc38 net: sctp: Fix negotiation of the number of data streams.
    4ef63e365466 net: qrtr: fix usage of idr in port assignment to socket
    4ae9ebf9e8ea net: nexthop: don't allow empty NHA_GROUP
    6ed89176755c net: Fix potential wrong skb->protocol in skb_vlan_untag()
    b5e34120b06a gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
    730443f4c48a binfmt_flat: revert "binfmt_flat: don't offset the data start"
    669fc3b38ce2 powerpc/64s: Don't init FSCR_DSCR in __init_FSCR()

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
(cherry picked from commit 4090a909ade3ac38bb14b978776daffc152f64d0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 12c3daab0f..97cb7d934f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "e65e9ff22c5c42c9ae57a4cce45fbf91a7e7ae3b"
-SRCREV_meta ?= "647f4fd91cc47567a7d88f21a6ad7d230d354469"
+SRCREV_machine ?= "b170a5953260ea7d7bdfcf223fb92d138eb7db67"
+SRCREV_meta ?= "34b6e8caf82c411655d33e0eeff6700a8de1f6fc"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.61"
+LINUX_VERSION ?= "5.4.64"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index bc3a1e50e0..7d836593c9 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.61"
+LINUX_VERSION ?= "5.4.64"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "f30ce7653a038eb05ef0503d0d15c7c6ec33cdc5"
-SRCREV_machine ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_meta ?= "647f4fd91cc47567a7d88f21a6ad7d230d354469"
+SRCREV_machine_qemuarm ?= "3bd01ef1ebb9b2a9bbae3c35eb9d640cd1ab9da7"
+SRCREV_machine ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
+SRCREV_meta ?= "34b6e8caf82c411655d33e0eeff6700a8de1f6fc"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index f20aa6c618..f59126ce7f 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "487ecd38aaa59c22302930e8a9697c62c9d85fe5"
-SRCREV_machine_qemuarm64 ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_machine_qemumips ?= "ad1d747e7343bc9851bff62c4279060094c6eb59"
-SRCREV_machine_qemuppc ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_machine_qemuriscv64 ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_machine_qemux86 ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_machine_qemux86-64 ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_machine_qemumips64 ?= "4fe8438e9dea8d0a00f82003277f36785aac9e3d"
-SRCREV_machine ?= "00809fdaf65b24fcd0347f3d3e489e2890f7ed44"
-SRCREV_meta ?= "647f4fd91cc47567a7d88f21a6ad7d230d354469"
+SRCREV_machine_qemuarm ?= "33ab5549b39d7bbfc067f13527bfa817250c69a3"
+SRCREV_machine_qemuarm64 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
+SRCREV_machine_qemumips ?= "7954ad760bd317039a9ad44300a8bf1a34107fc8"
+SRCREV_machine_qemuppc ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
+SRCREV_machine_qemuriscv64 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
+SRCREV_machine_qemux86 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
+SRCREV_machine_qemux86-64 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
+SRCREV_machine_qemumips64 ?= "91fb319534f5206619aa04556dbf32d49afa1080"
+SRCREV_machine ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
+SRCREV_meta ?= "34b6e8caf82c411655d33e0eeff6700a8de1f6fc"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.61"
+LINUX_VERSION ?= "5.4.64"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.17.1

[OE-core][dunfell 36/41] linux-yocto/5.4: update to v5.4.65

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    6c3d34dea2fc Linux 5.4.65
    ddb279d64b72 net: disable netpoll on fresh napis
    09c45065257b tipc: fix shutdown() of connectionless socket
    b95eb482c288 taprio: Fix using wrong queues in gate mask
    20f8c874789a sctp: not disable bh in the whole sctp_get_port_local()
    8b61bb0b2d57 net: usb: dm9601: Add USB ID of Keenetic Plus DSL
    346fefa82325 netlabel: fix problems with mapping removal
    3f73dbf94f8f ipv6: Fix sysctl max for fib_multipath_hash_policy
    263e463358d3 ipv4: Silence suspicious RCU usage warning

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
(cherry picked from commit e2cb6e8b433614a8512739ea5583914d9ef978fc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 97cb7d934f..73876bb99e 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "b170a5953260ea7d7bdfcf223fb92d138eb7db67"
-SRCREV_meta ?= "34b6e8caf82c411655d33e0eeff6700a8de1f6fc"
+SRCREV_machine ?= "1d9e25c4f35155580cef313ff2a76de545124a1d"
+SRCREV_meta ?= "0d860e075788a92601dff3eb9b615ee41e465040"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.64"
+LINUX_VERSION ?= "5.4.65"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 7d836593c9..853fc93694 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.64"
+LINUX_VERSION ?= "5.4.65"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "3bd01ef1ebb9b2a9bbae3c35eb9d640cd1ab9da7"
-SRCREV_machine ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
-SRCREV_meta ?= "34b6e8caf82c411655d33e0eeff6700a8de1f6fc"
+SRCREV_machine_qemuarm ?= "bb77791bc00cfa70211dd238d312b4db950c0808"
+SRCREV_machine ?= "406008bf3232dfc9e63b6e7bf745ca883c45041e"
+SRCREV_meta ?= "0d860e075788a92601dff3eb9b615ee41e465040"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index f59126ce7f..88a582dd4e 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "33ab5549b39d7bbfc067f13527bfa817250c69a3"
-SRCREV_machine_qemuarm64 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
-SRCREV_machine_qemumips ?= "7954ad760bd317039a9ad44300a8bf1a34107fc8"
-SRCREV_machine_qemuppc ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
-SRCREV_machine_qemuriscv64 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
-SRCREV_machine_qemux86 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
-SRCREV_machine_qemux86-64 ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
-SRCREV_machine_qemumips64 ?= "91fb319534f5206619aa04556dbf32d49afa1080"
-SRCREV_machine ?= "86d9bf1c575ada30e515b9337a0ba3fe07986091"
-SRCREV_meta ?= "34b6e8caf82c411655d33e0eeff6700a8de1f6fc"
+SRCREV_machine_qemuarm ?= "894e63d3256613faa39931a6ae505cfd196df067"
+SRCREV_machine_qemuarm64 ?= "406008bf3232dfc9e63b6e7bf745ca883c45041e"
+SRCREV_machine_qemumips ?= "aa13fdb2c5f8c4e4e432bfee6df9c8f76ec8ac70"
+SRCREV_machine_qemuppc ?= "406008bf3232dfc9e63b6e7bf745ca883c45041e"
+SRCREV_machine_qemuriscv64 ?= "406008bf3232dfc9e63b6e7bf745ca883c45041e"
+SRCREV_machine_qemux86 ?= "406008bf3232dfc9e63b6e7bf745ca883c45041e"
+SRCREV_machine_qemux86-64 ?= "406008bf3232dfc9e63b6e7bf745ca883c45041e"
+SRCREV_machine_qemumips64 ?= "4fb21d604fc54db63221ea28ab90622c29d74202"
+SRCREV_machine ?= "406008bf3232dfc9e63b6e7bf745ca883c45041e"
+SRCREV_meta ?= "0d860e075788a92601dff3eb9b615ee41e465040"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.64"
+LINUX_VERSION ?= "5.4.65"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.17.1

[OE-core][dunfell 37/41] lttng-modules: backport writeback.h changes from 2.12.x to fix kernel 5.4.62+

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Backporting the kernel version changes for writeback.h to fix
compilation against kernel stable versions 5.4.62+

This is a combination of upstream commits:

 87b2aff [fix: writeback: Fix sync livelock due to b_dirty_time processing (v5.9)]
 b74b25f [fix: version ranges for ext4_discard_preallocations and writeback_queue_io

Upstream-status: Backport

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...ckport-writeback.h-changes-from-2.12.patch | 128 ++++++++++++++++++
 .../lttng/lttng-modules_2.11.2.bb             |   7 +-
 2 files changed, 132 insertions(+), 3 deletions(-)
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-lttng-modules-backport-writeback.h-changes-from-2.12.patch

diff --git a/meta/recipes-kernel/lttng/lttng-modules/0001-lttng-modules-backport-writeback.h-changes-from-2.12.patch b/meta/recipes-kernel/lttng/lttng-modules/0001-lttng-modules-backport-writeback.h-changes-from-2.12.patch
new file mode 100644
index 0000000000..25b0a57bc6
--- /dev/null
+++ b/meta/recipes-kernel/lttng/lttng-modules/0001-lttng-modules-backport-writeback.h-changes-from-2.12.patch
@@ -0,0 +1,128 @@
+From 66d0869cf54ed79a33345f537dce2f7840e279f0 Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@gmail.com>
+Date: Tue, 29 Sep 2020 10:28:20 -0400
+Subject: [PATCH] lttng-modules: backport writeback.h changes from 2.12.x to
+ fix kernel 5.4.62+
+
+Backporting the kernel version changes for writeback.h to fix
+compilation against kernel stable versions 5.4.62+
+
+This is a combination of upstream commits:
+
+ 87b2aff [fix: writeback: Fix sync livelock due to b_dirty_time processing (v5.9)]
+ b74b25f [fix: version ranges for ext4_discard_preallocations and writeback_queue_io
+
+Upstream-status: Backport
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
+---
+ .../events/lttng-module/writeback.h           | 48 +++++++++++++------
+ 1 file changed, 33 insertions(+), 15 deletions(-)
+
+diff --git a/instrumentation/events/lttng-module/writeback.h b/instrumentation/events/lttng-module/writeback.h
+index 3327a0f..8d2250e 100644
+--- a/instrumentation/events/lttng-module/writeback.h
++++ b/instrumentation/events/lttng-module/writeback.h
+@@ -372,34 +372,55 @@ LTTNG_TRACEPOINT_EVENT_WBC_INSTANCE(wbc_balance_dirty_wait, writeback_wbc_balanc
+ #endif
+ LTTNG_TRACEPOINT_EVENT_WBC_INSTANCE(wbc_writepage, writeback_wbc_writepage)
+ 
+-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,1,0))
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5,9,0) || \
++	LTTNG_KERNEL_RANGE(5,8,6, 5,9,0) || \
++	LTTNG_KERNEL_RANGE(5,4,62, 5,5,0) || \
++	LTTNG_KERNEL_RANGE(4,19,143, 4,20,0) || \
++	LTTNG_KERNEL_RANGE(4,14,196, 4,15,0) || \
++	LTTNG_KERNEL_RANGE(4,9,235, 4,10,0) || \
++	LTTNG_KERNEL_RANGE(4,4,235, 4,5,0) || \
++	LTTNG_UBUNTU_KERNEL_RANGE(4,15,18,119, 4,16,0,0))
++LTTNG_TRACEPOINT_EVENT(writeback_queue_io,
++	TP_PROTO(struct bdi_writeback *wb,
++		 struct wb_writeback_work *work,
++		 unsigned long dirtied_before,
++		 int moved),
++	TP_ARGS(wb, work, dirtied_before, moved),
++	TP_FIELDS(
++		ctf_array_text(char, name, dev_name(wb->bdi->dev), 32)
++		ctf_integer(unsigned long, older, dirtied_before)
++		ctf_integer(int, moved, moved)
++	)
++)
++#elif (LINUX_VERSION_CODE >= KERNEL_VERSION(3,2,0))
+ LTTNG_TRACEPOINT_EVENT(writeback_queue_io,
+ 	TP_PROTO(struct bdi_writeback *wb,
+-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,2,0))
+ 		 struct wb_writeback_work *work,
+-#else
+-		 unsigned long *older_than_this,
+-#endif
+ 		 int moved),
+-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,2,0))
+ 	TP_ARGS(wb, work, moved),
+-#else
++	TP_FIELDS(
++		ctf_array_text(char, name, dev_name(wb->bdi->dev), 32)
++		ctf_integer(int, moved, moved)
++	)
++)
++#elif (LINUX_VERSION_CODE >= KERNEL_VERSION(3,1,0))
++LTTNG_TRACEPOINT_EVENT(writeback_queue_io,
++	TP_PROTO(struct bdi_writeback *wb,
++		 unsigned long *older_than_this,
++		 int moved),
+ 	TP_ARGS(wb, older_than_this, moved),
+-#endif
+ 	TP_FIELDS(
+ 		ctf_array_text(char, name, dev_name(wb->bdi->dev), 32)
+-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,2,0))
+-#else
+ 		ctf_integer(unsigned long, older,
+ 			older_than_this ? *older_than_this : 0)
+ 		ctf_integer(long, age,
+ 			older_than_this ?
+ 				(jiffies - *older_than_this) * 1000 / HZ
+ 				: -1)
+-#endif
+ 		ctf_integer(int, moved, moved)
+ 	)
+ )
++#endif
+ 
+ #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4,14,0))
+ LTTNG_TRACEPOINT_EVENT_MAP(global_dirty_state,
+@@ -425,7 +446,7 @@ LTTNG_TRACEPOINT_EVENT_MAP(global_dirty_state,
+ 		ctf_integer(unsigned long, dirty_limit, global_dirty_limit)
+ 	)
+ )
+-#else
++#elif (LINUX_VERSION_CODE >= KERNEL_VERSION(3,1,0))
+ LTTNG_TRACEPOINT_EVENT_MAP(global_dirty_state,
+ 
+ 	writeback_global_dirty_state,
+@@ -450,7 +471,6 @@ LTTNG_TRACEPOINT_EVENT_MAP(global_dirty_state,
+ 	)
+ )
+ #endif
+-#endif
+ 
+ #if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,2,0))
+ 
+@@ -661,7 +681,6 @@ LTTNG_TRACEPOINT_EVENT(writeback_sb_inodes_requeue,
+ )
+ #endif
+ 
+-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,37))
+ LTTNG_TRACEPOINT_EVENT_CLASS(writeback_congest_waited_template,
+ 
+ 	TP_PROTO(unsigned int usec_timeout, unsigned int usec_delayed),
+@@ -687,7 +706,6 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(writeback_congest_waited_template, writeback_wai
+ 
+ 	TP_ARGS(usec_timeout, usec_delayed)
+ )
+-#endif
+ 
+ #if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,1,0))
+ LTTNG_TRACEPOINT_EVENT_CLASS(writeback_single_inode_template,
+-- 
+2.25.1
+
diff --git a/meta/recipes-kernel/lttng/lttng-modules_2.11.2.bb b/meta/recipes-kernel/lttng/lttng-modules_2.11.2.bb
index 6fff096a37..8e56a3c10a 100644
--- a/meta/recipes-kernel/lttng/lttng-modules_2.11.2.bb
+++ b/meta/recipes-kernel/lttng/lttng-modules_2.11.2.bb
@@ -11,6 +11,7 @@ COMPATIBLE_HOST = '(x86_64|i.86|powerpc|aarch64|mips|nios2|arm|riscv).*-linux'
 SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \
            file://Makefile-Do-not-fail-if-CONFIG_TRACEPOINTS-is-not-en.patch \
            file://BUILD_RUNTIME_BUG_ON-vs-gcc7.patch \
+           file://0001-lttng-modules-backport-writeback.h-changes-from-2.12.patch \
            "
 
 SRC_URI[md5sum] = "2e3bc8cfb264fa13f374618b46f170e7"
@@ -33,11 +34,11 @@ python do_package_prepend() {
 BBCLASSEXTEND = "devupstream:target"
 LIC_FILES_CHKSUM_class-devupstream = "file://LICENSE;md5=3f882d431dc0f32f1f44c0707aa41128"
 DEFAULT_PREFERENCE_class-devupstream = "-1"
-SRC_URI_class-devupstream = "git://git.lttng.org/lttng-modules;branch=stable-2.11 \
+SRC_URI_class-devupstream = "git://git.lttng.org/lttng-modules;branch=stable-2.12 \
            file://Makefile-Do-not-fail-if-CONFIG_TRACEPOINTS-is-not-en.patch \
            file://BUILD_RUNTIME_BUG_ON-vs-gcc7.patch \
            "
-SRCREV_class-devupstream = "17c413953603f063f2a9d6c3788bec914ce6f955"
-PV_class-devupstream = "2.11.2+git${SRCPV}"
+SRCREV_class-devupstream = "01a12501e0b0395b60c7e392cb7dded51ae572ca"
+PV_class-devupstream = "2.12.2+git${SRCPV}"
 S_class-devupstream = "${WORKDIR}/git"
 SRCREV_FORMAT ?= "lttng_git"
-- 
2.17.1

[OE-core][dunfell 38/41] wic: Add --offset argument for partitions

[Steve Sakoman]

From: Joshua Watt <JPEWhacker@gmail.com>

Add support for an --offset argument when defining a partition. Many
SoCs require that boot partitions be located at specific offsets. Prior
to this argument, most WKS files were using the --align attribute to
specify the location of these fixed partitions but this is not ideal
because in the event that the partition couldn't be placed in the
specified location, wic would move it to the next sector with that
alignment, often preventing the device from booting. Unlike the --align
argument, wic will fail if a partition cannot be placed at the exact
offset specified with --offset.

Changes in V2:
* Fixed a small typo that prevented test_fixed_size_error from passing

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 467f84e12b96bc977d57575023517dd6f8ef7f29)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/wic.py      | 118 ++++++++++++++++++-----
 scripts/lib/wic/ksparser.py              |  46 +++++----
 scripts/lib/wic/partition.py             |   1 +
 scripts/lib/wic/plugins/imager/direct.py |  15 +++
 4 files changed, 135 insertions(+), 45 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py
index 626a217e69..6d4068a527 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -639,41 +639,50 @@ class Wic2(WicTestCase):
             tempf.write("part " \
                      "--source rootfs --ondisk hda --align 4 --fixed-size %d "
                      "--fstype=ext4\n" % size)
-        wksname = os.path.splitext(os.path.basename(wkspath))[0]
 
-        return wkspath, wksname
+        return wkspath
 
-    def test_fixed_size(self):
-        """
-        Test creation of a simple image with partition size controlled through
-        --fixed-size flag
-        """
-        wkspath, wksname = Wic2._make_fixed_size_wks(200)
+    def _get_wic_partitions(self, wkspath, native_sysroot=None, ignore_status=False):
+        p = runCmd("wic create %s -e core-image-minimal -o %s" % (wkspath, self.resultdir),
+                   ignore_status=ignore_status)
+
+        if p.status:
+            return (p, None)
+
+        wksname = os.path.splitext(os.path.basename(wkspath))[0]
 
-        runCmd("wic create %s -e core-image-minimal -o %s" \
-                                   % (wkspath, self.resultdir))
-        os.remove(wkspath)
         wicout = glob(self.resultdir + "%s-*direct" % wksname)
-        self.assertEqual(1, len(wicout))
+
+        if not wicout:
+            return (p, None)
 
         wicimg = wicout[0]
 
-        native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "wic-tools")
+        if not native_sysroot:
+            native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "wic-tools")
 
         # verify partition size with wic
-        res = runCmd("parted -m %s unit mib p 2>/dev/null" % wicimg,
+        res = runCmd("parted -m %s unit kib p 2>/dev/null" % wicimg,
                      native_sysroot=native_sysroot)
 
         # parse parted output which looks like this:
         # BYT;\n
         # /var/tmp/wic/build/tmpfwvjjkf_-201611101222-hda.direct:200MiB:file:512:512:msdos::;\n
         # 1:0.00MiB:200MiB:200MiB:ext4::;\n
-        partlns = res.output.splitlines()[2:]
+        return (p, res.output.splitlines()[2:])
 
-        self.assertEqual(1, len(partlns),
-                         msg="Partition list '%s'" % res.output)
-        self.assertEqual("1:0.00MiB:200MiB:200MiB:ext4::;", partlns[0],
-                         msg="Partition list '%s'" % res.output)
+    def test_fixed_size(self):
+        """
+        Test creation of a simple image with partition size controlled through
+        --fixed-size flag
+        """
+        wkspath = Wic2._make_fixed_size_wks(200)
+        _, partlns = self._get_wic_partitions(wkspath)
+        os.remove(wkspath)
+
+        self.assertEqual(partlns, [
+                        "1:4.00kiB:204804kiB:204800kiB:ext4::;",
+                        ])
 
     def test_fixed_size_error(self):
         """
@@ -681,13 +690,72 @@ class Wic2(WicTestCase):
         --fixed-size flag. The size of partition is intentionally set to 1MiB
         in order to trigger an error in wic.
         """
-        wkspath, wksname = Wic2._make_fixed_size_wks(1)
-
-        self.assertEqual(1, runCmd("wic create %s -e core-image-minimal -o %s" \
-                                   % (wkspath, self.resultdir), ignore_status=True).status)
+        wkspath = Wic2._make_fixed_size_wks(1)
+        p, _ = self._get_wic_partitions(wkspath, ignore_status=True)
         os.remove(wkspath)
-        wicout = glob(self.resultdir + "%s-*direct" % wksname)
-        self.assertEqual(0, len(wicout))
+
+        self.assertNotEqual(p.status, 0, "wic exited successfully when an error was expected:\n%s" % p.output)
+
+    def test_offset(self):
+        native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "wic-tools")
+
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            # Test that partitions are placed at the correct offsets, default KB
+            tempf.write("bootloader --ptable gpt\n" \
+                        "part /    --source rootfs --ondisk hda --offset 32     --fixed-size 100M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 102432 --fixed-size 100M --fstype=ext4\n")
+            tempf.flush()
+
+            _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
+            self.assertEqual(partlns, [
+                "1:32.0kiB:102432kiB:102400kiB:ext4:primary:;",
+                "2:102432kiB:204832kiB:102400kiB:ext4:primary:;",
+                ])
+
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            # Test that partitions are placed at the correct offsets, same with explicit KB
+            tempf.write("bootloader --ptable gpt\n" \
+                        "part /    --source rootfs --ondisk hda --offset 32K     --fixed-size 100M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 102432K --fixed-size 100M --fstype=ext4\n")
+            tempf.flush()
+
+            _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
+            self.assertEqual(partlns, [
+                "1:32.0kiB:102432kiB:102400kiB:ext4:primary:;",
+                "2:102432kiB:204832kiB:102400kiB:ext4:primary:;",
+                ])
+
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            # Test that partitions are placed at the correct offsets using MB
+            tempf.write("bootloader --ptable gpt\n" \
+                        "part /    --source rootfs --ondisk hda --offset 32K  --fixed-size 100M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 101M --fixed-size 100M --fstype=ext4\n")
+            tempf.flush()
+
+            _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
+            self.assertEqual(partlns, [
+                "1:32.0kiB:102432kiB:102400kiB:ext4:primary:;",
+                "2:103424kiB:205824kiB:102400kiB:ext4:primary:;",
+                ])
+
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            # Test that image creation fails if the partitions would overlap
+            tempf.write("bootloader --ptable gpt\n" \
+                        "part /    --source rootfs --ondisk hda --offset 32     --fixed-size 100M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 102431 --fixed-size 100M --fstype=ext4\n")
+            tempf.flush()
+
+            p, _ = self._get_wic_partitions(tempf.name, ignore_status=True)
+            self.assertNotEqual(p.status, 0, "wic exited successfully when an error was expected:\n%s" % p.output)
+
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            # Test that partitions are not allowed to overlap with the booloader
+            tempf.write("bootloader --ptable gpt\n" \
+                        "part /    --source rootfs --ondisk hda --offset 8 --fixed-size 100M --fstype=ext4\n")
+            tempf.flush()
+
+            p, _ = self._get_wic_partitions(tempf.name, ignore_status=True)
+            self.assertNotEqual(p.status, 0, "wic exited successfully when an error was expected:\n%s" % p.output)
 
     @only_for_arch(['i586', 'i686', 'x86_64'])
     def test_rawcopy_plugin_qemu(self):
diff --git a/scripts/lib/wic/ksparser.py b/scripts/lib/wic/ksparser.py
index 650b976223..f32315c631 100644
--- a/scripts/lib/wic/ksparser.py
+++ b/scripts/lib/wic/ksparser.py
@@ -51,26 +51,31 @@ class KickStartParser(ArgumentParser):
     def error(self, message):
         raise ArgumentError(None, message)
 
-def sizetype(arg):
-    """
-    Custom type for ArgumentParser
-    Converts size string in <num>[K|k|M|G] format into the integer value
-    """
-    if arg.isdigit():
-        return int(arg) * 1024
+def sizetype(default):
+    def f(arg):
+        """
+        Custom type for ArgumentParser
+        Converts size string in <num>[K|k|M|G] format into the integer value
+        """
+        try:
+            suffix = default
+            size = int(arg)
+        except ValueError:
+            try:
+                suffix = arg[-1:]
+                size = int(arg[:-1])
+            except ValueError:
+                raise ArgumentTypeError("Invalid size: %r" % arg)
+
+        if suffix == "k" or suffix == "K":
+            return size
+        if suffix == "M":
+            return size * 1024
+        if suffix == "G":
+            return size * 1024 * 1024
 
-    if not arg[:-1].isdigit():
         raise ArgumentTypeError("Invalid size: %r" % arg)
-
-    size = int(arg[:-1])
-    if arg.endswith("k") or arg.endswith("K"):
-        return size
-    if arg.endswith("M"):
-        return size * 1024
-    if arg.endswith("G"):
-        return size * 1024 * 1024
-
-    raise ArgumentTypeError("Invalid size: %r" % arg)
+    return f
 
 def overheadtype(arg):
     """
@@ -136,6 +141,7 @@ class KickStart():
         part.add_argument('mountpoint', nargs='?')
         part.add_argument('--active', action='store_true')
         part.add_argument('--align', type=int)
+        part.add_argument('--offset', type=sizetype("K"))
         part.add_argument('--exclude-path', nargs='+')
         part.add_argument('--include-path', nargs='+')
         part.add_argument("--extra-space", type=sizetype)
@@ -160,8 +166,8 @@ class KickStart():
         # --error, but since nesting mutually exclusive groups does not work,
         # ----extra-space/--overhead-factor are handled later
         sizeexcl = part.add_mutually_exclusive_group()
-        sizeexcl.add_argument('--size', type=sizetype, default=0)
-        sizeexcl.add_argument('--fixed-size', type=sizetype, default=0)
+        sizeexcl.add_argument('--size', type=sizetype("M"), default=0)
+        sizeexcl.add_argument('--fixed-size', type=sizetype("M"), default=0)
 
         part.add_argument('--source')
         part.add_argument('--sourceparams')
diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index 2d95f78439..3490b4e75d 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -39,6 +39,7 @@ class Partition():
         self.mountpoint = args.mountpoint
         self.no_table = args.no_table
         self.num = None
+        self.offset = args.offset
         self.overhead_factor = args.overhead_factor
         self.part_name = args.part_name
         self.part_type = args.part_type
diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py
index 2d06c242b6..1f65a7afe5 100644
--- a/scripts/lib/wic/plugins/imager/direct.py
+++ b/scripts/lib/wic/plugins/imager/direct.py
@@ -428,6 +428,21 @@ class PartitionedImage():
                     # increase the offset so we actually start the partition on right alignment
                     self.offset += align_sectors
 
+            if part.offset is not None:
+                offset = (part.offset * 1024) // self.sector_size
+
+                if offset * self.sector_size != part.offset * 1024:
+                    raise WicError("Could not place %s%s at offset %dK with sector size %d" % (part.disk, self.numpart, part.offset, self.sector_size))
+
+                delta = offset - self.offset
+                if delta < 0:
+                    raise WicError("Could not place %s%s at offset %dK: next free sector is %d (delta: %d)" % (part.disk, self.numpart, part.offset, offset, delta))
+
+                logger.debug("Skipping %d sectors to place %s%s at offset %dK",
+                             delta, part.disk, self.numpart, part.offset)
+
+                self.offset = offset
+
             part.start = self.offset
             self.offset += part.size_sec
 
-- 
2.17.1

[OE-core][dunfell 39/41] wic: Fix --extra-space argument handling

[Steve Sakoman]

From: Joshua Watt <JPEWhacker@gmail.com>

467f84e12b ("wic: Add --offset argument for partitions") broke the
--extra-space argument handling in wic. Fix the option and add a unit
test for the argument.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87722a92c18f94917c8f70afc8cd0763462a5c25)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/wic.py | 15 +++++++++++++++
 scripts/lib/wic/ksparser.py         |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py
index 6d4068a527..a166d3f614 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -757,6 +757,21 @@ class Wic2(WicTestCase):
             p, _ = self._get_wic_partitions(tempf.name, ignore_status=True)
             self.assertNotEqual(p.status, 0, "wic exited successfully when an error was expected:\n%s" % p.output)
 
+    def test_extra_space(self):
+        native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "wic-tools")
+
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            tempf.write("bootloader --ptable gpt\n" \
+                        "part /     --source rootfs --ondisk hda --extra-space 200M --fstype=ext4\n")
+            tempf.flush()
+
+            _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
+            self.assertEqual(len(partlns), 1)
+            size = partlns[0].split(':')[3]
+            self.assertRegex(size, r'^[0-9]+kiB$')
+            size = int(size[:-3])
+            self.assertGreaterEqual(size, 204800)
+
     @only_for_arch(['i586', 'i686', 'x86_64'])
     def test_rawcopy_plugin_qemu(self):
         """Test rawcopy plugin in qemu"""
diff --git a/scripts/lib/wic/ksparser.py b/scripts/lib/wic/ksparser.py
index f32315c631..ac6f427564 100644
--- a/scripts/lib/wic/ksparser.py
+++ b/scripts/lib/wic/ksparser.py
@@ -144,7 +144,7 @@ class KickStart():
         part.add_argument('--offset', type=sizetype("K"))
         part.add_argument('--exclude-path', nargs='+')
         part.add_argument('--include-path', nargs='+')
-        part.add_argument("--extra-space", type=sizetype)
+        part.add_argument("--extra-space", type=sizetype("M"))
         part.add_argument('--fsoptions', dest='fsopts')
         part.add_argument('--fstype', default='vfat',
                           choices=('ext2', 'ext3', 'ext4', 'btrfs',
-- 
2.17.1

[OE-core][dunfell 40/41] wic: Fix error message when reporting invalid offset

[Steve Sakoman]

From: Joshua Watt <JPEWhacker@gmail.com>

The error message was reporting the calculated offset instead of the
current offset, which made it confusing.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2be775cfe1b49ce3889b5dc326e2b67a9667f18a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 scripts/lib/wic/plugins/imager/direct.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py
index 1f65a7afe5..2f01999405 100644
--- a/scripts/lib/wic/plugins/imager/direct.py
+++ b/scripts/lib/wic/plugins/imager/direct.py
@@ -436,7 +436,7 @@ class PartitionedImage():
 
                 delta = offset - self.offset
                 if delta < 0:
-                    raise WicError("Could not place %s%s at offset %dK: next free sector is %d (delta: %d)" % (part.disk, self.numpart, part.offset, offset, delta))
+                    raise WicError("Could not place %s%s at offset %dK: next free sector is %d (delta: %d)" % (part.disk, self.numpart, part.offset, self.offset, delta))
 
                 logger.debug("Skipping %d sectors to place %s%s at offset %dK",
                              delta, part.disk, self.numpart, part.offset)
-- 
2.17.1

[OE-core][dunfell 41/41] wic: Add 512 Byte alignment to --offset

[Steve Sakoman]

From: Joshua Watt <JPEWhacker@gmail.com>

Allows the --offset argument to use the "s" or "S" suffix to specify
that it is reporting the number of 512 byte sectors.

This is required for some SoCs where the mask ROM looks for an item at a
sector that isn't aligned to a 1KB boundary.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 938595d1dc4abaf5f7f3a7900add3f0492b805d0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/wic.py      | 24 ++++++++++++++++++++++++
 scripts/lib/wic/ksparser.py              | 20 ++++++++++++++------
 scripts/lib/wic/plugins/imager/direct.py |  8 ++++----
 3 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py
index a166d3f614..13b6a0cc72 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -738,6 +738,30 @@ class Wic2(WicTestCase):
                 "2:103424kiB:205824kiB:102400kiB:ext4:primary:;",
                 ])
 
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            # Test that partitions can be placed on a 512 byte sector boundary
+            tempf.write("bootloader --ptable gpt\n" \
+                        "part /    --source rootfs --ondisk hda --offset 65s --fixed-size 99M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 102432 --fixed-size 100M --fstype=ext4\n")
+            tempf.flush()
+
+            _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
+            self.assertEqual(partlns, [
+                "1:32.5kiB:101408kiB:101376kiB:ext4:primary:;",
+                "2:102432kiB:204832kiB:102400kiB:ext4:primary:;",
+                ])
+
+        with NamedTemporaryFile("w", suffix=".wks") as tempf:
+            # Test that a partition can be placed immediately after a MSDOS partition table
+            tempf.write("bootloader --ptable msdos\n" \
+                        "part /    --source rootfs --ondisk hda --offset 1s --fixed-size 100M --fstype=ext4\n")
+            tempf.flush()
+
+            _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
+            self.assertEqual(partlns, [
+                "1:0.50kiB:102400kiB:102400kiB:ext4::;",
+                ])
+
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that image creation fails if the partitions would overlap
             tempf.write("bootloader --ptable gpt\n" \
diff --git a/scripts/lib/wic/ksparser.py b/scripts/lib/wic/ksparser.py
index ac6f427564..76cc55b848 100644
--- a/scripts/lib/wic/ksparser.py
+++ b/scripts/lib/wic/ksparser.py
@@ -51,11 +51,11 @@ class KickStartParser(ArgumentParser):
     def error(self, message):
         raise ArgumentError(None, message)
 
-def sizetype(default):
+def sizetype(default, size_in_bytes=False):
     def f(arg):
         """
         Custom type for ArgumentParser
-        Converts size string in <num>[K|k|M|G] format into the integer value
+        Converts size string in <num>[S|s|K|k|M|G] format into the integer value
         """
         try:
             suffix = default
@@ -67,12 +67,20 @@ def sizetype(default):
             except ValueError:
                 raise ArgumentTypeError("Invalid size: %r" % arg)
 
+
+        if size_in_bytes:
+            if suffix == 's' or suffix == 'S':
+                return size * 512
+            mult = 1024
+        else:
+            mult = 1
+
         if suffix == "k" or suffix == "K":
-            return size
+            return size * mult
         if suffix == "M":
-            return size * 1024
+            return size * mult * 1024
         if suffix == "G":
-            return size * 1024 * 1024
+            return size * mult * 1024 * 1024
 
         raise ArgumentTypeError("Invalid size: %r" % arg)
     return f
@@ -141,7 +149,7 @@ class KickStart():
         part.add_argument('mountpoint', nargs='?')
         part.add_argument('--active', action='store_true')
         part.add_argument('--align', type=int)
-        part.add_argument('--offset', type=sizetype("K"))
+        part.add_argument('--offset', type=sizetype("K", True))
         part.add_argument('--exclude-path', nargs='+')
         part.add_argument('--include-path', nargs='+')
         part.add_argument("--extra-space", type=sizetype("M"))
diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py
index 2f01999405..55db826e93 100644
--- a/scripts/lib/wic/plugins/imager/direct.py
+++ b/scripts/lib/wic/plugins/imager/direct.py
@@ -429,14 +429,14 @@ class PartitionedImage():
                     self.offset += align_sectors
 
             if part.offset is not None:
-                offset = (part.offset * 1024) // self.sector_size
+                offset = part.offset // self.sector_size
 
-                if offset * self.sector_size != part.offset * 1024:
-                    raise WicError("Could not place %s%s at offset %dK with sector size %d" % (part.disk, self.numpart, part.offset, self.sector_size))
+                if offset * self.sector_size != part.offset:
+                    raise WicError("Could not place %s%s at offset %d with sector size %d" % (part.disk, self.numpart, part.offset, self.sector_size))
 
                 delta = offset - self.offset
                 if delta < 0:
-                    raise WicError("Could not place %s%s at offset %dK: next free sector is %d (delta: %d)" % (part.disk, self.numpart, part.offset, self.offset, delta))
+                    raise WicError("Could not place %s%s at offset %d: next free sector is %d (delta: %d)" % (part.disk, self.numpart, part.offset, self.offset, delta))
 
                 logger.debug("Skipping %d sectors to place %s%s at offset %dK",
                              delta, part.disk, self.numpart, part.offset)
-- 
2.17.1