Allow the ptest packages to be disabled even if ptest is enabled in
DISTRO_FEATURES.

Signed-off-by: Alex Kiernan <alex.kiernan@...>
---
meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb b/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb
index 2cccf93bd5fb..3e6e5d567d03 100644
--- a/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb
+++ b/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb
@@ -19,7 +19,8 @@ PACKAGECONFIG[cxx] = "--enable-bindings-cxx,--disable-bindings-cxx"
PACKAGECONFIG[python3] = "--enable-bindings-python,--disable-bindings-python,python3"

# Enable cxx bindings by default.
-PACKAGECONFIG ?= "cxx"
+PACKAGECONFIG ?= "cxx \
+ ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}"

# Always build tools - they don't have any additional
# requirements over the library.
@@ -56,8 +57,6 @@ RRECOMMENDS:${PN}-ptest += " \
"
RDEPENDS:${PN}-ptest += "bats python3-packaging"

-PACKAGECONFIG:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'tests', '', d)}"
-
do_install_ptest() {
install -d ${D}${PTEST_PATH}/tests

--
2.35.1

Add patch to fix CVE-2021-3750

Patch are refresh based on our code base.

Signed-off-by: Virendra Thakur <virendra.thakur@...>
---
meta/recipes-devtools/qemu/qemu.inc | 3 +
.../qemu/qemu/CVE-2021-3750-1.patch | 59 +++++++
.../qemu/qemu/CVE-2021-3750-2.patch | 65 ++++++++
.../qemu/qemu/CVE-2021-3750-3.patch | 156 ++++++++++++++++++
4 files changed, 283 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-3.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index e3534f13fe..46f1b79604 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -36,6 +36,9 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2021-4206.patch \
file://CVE-2021-4207.patch \
file://CVE-2022-35414.patch \
+ file://CVE-2021-3750-1.patch \
+ file://CVE-2021-3750-2.patch \
+ file://CVE-2021-3750-3.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"

diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-1.patch
new file mode 100644
index 0000000000..db908874b6
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-1.patch
@@ -0,0 +1,59 @@
+From b9d383ab797f54ae5fa8746117770709921dc529 Mon Sep 17 00:00:00 2001
+From: =?utf8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@...>
+Date: Wed, 15 Dec 2021 19:24:19 +0100
+Subject: [PATCH] hw/intc/arm_gicv3: Check for !MEMTX_OK instead of MEMTX_ERROR
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+Quoting Peter Maydell:
+
+ "These MEMTX_* aren't from the memory transaction
+ API functions; they're just being used by gicd_readl() and
+ friends as a way to indicate a success/failure so that the
+ actual MemoryRegionOps read/write fns like gicv3_dist_read()
+ can log a guest error."
+
+We are going to introduce more MemTxResult bits, so it is
+safer to check for !MEMTX_OK rather than MEMTX_ERROR.
+
+Reviewed-by: Peter Xu <peterx@...>
+Reviewed-by: David Hildenbrand <david@...>
+Reviewed-by: Peter Maydell <peter.maydell@...>
+Reviewed-by: Stefan Hajnoczi <stefanha@...>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@...>
+Signed-off-by: Peter Maydell <peter.maydell@...>
+Signed-off-by: Virendra Thakur <virendra.thakur@...>
+
+CVE: CVE-2021-3750
+
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=b9d383ab797f54ae5fa8746117770709921dc529]
+---
+ hw/intc/arm_gicv3_redist.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/hw/intc/arm_gicv3_redist.c b/hw/intc/arm_gicv3_redist.c
+index c8ff3ec..99b11ca 100644
+--- a/hw/intc/arm_gicv3_redist.c
++++ b/hw/intc/arm_gicv3_redist.c
+@@ -462,7 +462,7 @@ MemTxResult gicv3_redist_read(void *opaque, hwaddr offset, uint64_t *data,
+ break;
+ }
+
+- if (r == MEMTX_ERROR) {
++ if (r != MEMTX_OK) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "%s: invalid guest read at offset " TARGET_FMT_plx
+ " size %u\n", __func__, offset, size);
+@@ -521,7 +521,7 @@ MemTxResult gicv3_redist_write(void *opaque, hwaddr offset, uint64_t data,
+ break;
+ }
+
+- if (r == MEMTX_ERROR) {
++ if (r != MEMTX_OK) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "%s: invalid guest write at offset " TARGET_FMT_plx
+ " size %u\n", __func__, offset, size);
+--
+1.8.3.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-2.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-2.patch
new file mode 100644
index 0000000000..1ce32089a8
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-2.patch
@@ -0,0 +1,65 @@
+From 58e74682baf4e1ad26b064d8c02e5bc99c75c5d9 Mon Sep 17 00:00:00 2001
+From: =?utf8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@...>
+Date: Wed, 15 Dec 2021 19:24:20 +0100
+Subject: [PATCH] softmmu/physmem: Simplify flatview_write and
+ address_space_access_valid
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+Remove unuseful local 'result' variables.
+
+Reviewed-by: Peter Xu <peterx@...>
+Reviewed-by: David Hildenbrand <david@...>
+Reviewed-by: Alexander Bulekov <alxndr@...>
+Reviewed-by: Stefan Hajnoczi <stefanha@...>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@...>
+Message-Id: <20211215182421.418374-3-philmd@...>
+Signed-off-by: Thomas Huth <thuth@...>
+Signed-off-by: Virendra Thakur <virendra.thakur@...>
+
+CVE: CVE-2021-3750
+
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=58e74682baf4e1ad26b064d8c02e5bc99c75c5d9]
+---
+ softmmu/physmem.c | 11 +++--------
+ 1 file changed, 3 insertions(+), 8 deletions(-)
+
+diff --git a/softmmu/physmem.c b/softmmu/physmem.c
+index 43ae70f..3d968ca 100644
+--- a/softmmu/physmem.c
++++ b/softmmu/physmem.c
+@@ -2826,14 +2826,11 @@ static MemTxResult flatview_write(FlatVi
+ hwaddr l;
+ hwaddr addr1;
+ MemoryRegion *mr;
+- MemTxResult result = MEMTX_OK;
+
+ l = len;
+ mr = flatview_translate(fv, addr, &addr1, &l, true, attrs);
+- result = flatview_write_continue(fv, addr, attrs, buf, len,
+- addr1, l, mr);
+-
+- return result;
++ return flatview_write_continue(fv, addr, attrs, buf, len,
++ addr1, l, mr);
+ }
+
+ /* Called within RCU critical section. */
+@@ -3130,12 +3127,10 @@ bool address_space_access_valid(AddressS
+ MemTxAttrs attrs)
+ {
+ FlatView *fv;
+- bool result;
+
+ RCU_READ_LOCK_GUARD();
+ fv = address_space_to_flatview(as);
+- result = flatview_access_valid(fv, addr, len, is_write, attrs);
+- return result;
++ return flatview_access_valid(fv, addr, len, is_write, attrs);
+ }
+
+ static hwaddr
+--
+1.8.3.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-3.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-3.patch
new file mode 100644
index 0000000000..703646365f
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750-3.patch
@@ -0,0 +1,156 @@
+From 3ab6fdc91b72e156da22848f0003ff4225690ced Mon Sep 17 00:00:00 2001
+From: =?utf8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@...>
+Date: Wed, 15 Dec 2021 19:24:21 +0100
+Subject: [PATCH] softmmu/physmem: Introduce MemTxAttrs::memory field and
+ MEMTX_ACCESS_ERROR
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+Add the 'memory' bit to the memory attributes to restrict bus
+controller accesses to memories.
+
+Introduce flatview_access_allowed() to check bus permission
+before running any bus transaction.
+
+Have read/write accessors return MEMTX_ACCESS_ERROR if an access is
+restricted.
+
+There is no change for the default case where 'memory' is not set.
+
+Signed-off-by: Philippe Mathieu-Daudé <philmd@...>
+Message-Id: <20211215182421.418374-4-philmd@...>
+Reviewed-by: Richard Henderson <richard.henderson@...>
+Reviewed-by: Stefan Hajnoczi <stefanha@...>
+[thuth: Replaced MEMTX_BUS_ERROR with MEMTX_ACCESS_ERROR, remove "inline"]
+Signed-off-by: Thomas Huth <thuth@...>
+Signed-off-by: Virendra Thakur <virendra.thakur@...>
+
+CVE: CVE-2021-3750
+
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=3ab6fdc91b72e156da22848f0003ff4225690ced]
+---
+ include/exec/memattrs.h | 9 +++++++++
+ softmmu/physmem.c | 44 ++++++++++++++++++++++++++++++++++++++++++--
+ 2 files changed, 51 insertions(+), 2 deletions(-)
+
+diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
+index 95f2d20..9fb98bc 100644
+--- a/include/exec/memattrs.h
++++ b/include/exec/memattrs.h
+@@ -35,6 +35,14 @@ typedef struct MemTxAttrs {
+ unsigned int secure:1;
+ /* Memory access is usermode (unprivileged) */
+ unsigned int user:1;
++ /*
++ * Bus interconnect and peripherals can access anything (memories,
++ * devices) by default. By setting the 'memory' bit, bus transaction
++ * are restricted to "normal" memories (per the AMBA documentation)
++ * versus devices. Access to devices will be logged and rejected
++ * (see MEMTX_ACCESS_ERROR).
++ */
++ unsigned int memory:1;
+ /* Requester ID (for MSI for example) */
+ unsigned int requester_id:16;
+ /* Invert endianness for this page */
+@@ -66,6 +74,7 @@ typedef struct MemTxAttrs {
+ #define MEMTX_OK 0
+ #define MEMTX_ERROR (1U << 0) /* device returned an error */
+ #define MEMTX_DECODE_ERROR (1U << 1) /* nothing at that address */
++#define MEMTX_ACCESS_ERROR (1U << 2) /* access denied */
+ typedef uint32_t MemTxResult;
+
+ #endif
+diff --git a/softmmu/physmem.c b/softmmu/physmem.c
+index 3d968ca..4e1b27a 100644
+--- a/softmmu/physmem.c
++++ b/softmmu/physmem.c
+@@ -41,6 +41,7 @@
+ #include "qemu/config-file.h"
+ #include "qemu/error-report.h"
+ #include "qemu/qemu-print.h"
++#include "qemu/log.h"
+ #include "exec/memory.h"
+ #include "exec/ioport.h"
+ #include "sysemu/dma.h"
+@@ -2759,6 +2760,33 @@ static bool prepare_mmio_access(MemoryRe
+ return release_lock;
+ }
+
++/**
++ * flatview_access_allowed
++ * @mr: #MemoryRegion to be accessed
++ * @attrs: memory transaction attributes
++ * @addr: address within that memory region
++ * @len: the number of bytes to access
++ *
++ * Check if a memory transaction is allowed.
++ *
++ * Returns: true if transaction is allowed, false if denied.
++ */
++static bool flatview_access_allowed(MemoryRegion *mr, MemTxAttrs attrs,
++ hwaddr addr, hwaddr len)
++{
++ if (likely(!attrs.memory)) {
++ return true;
++ }
++ if (memory_region_is_ram(mr)) {
++ return true;
++ }
++ qemu_log_mask(LOG_GUEST_ERROR,
++ "Invalid access to non-RAM device at "
++ "addr 0x%" HWADDR_PRIX ", size %" HWADDR_PRIu ", "
++ "region '%s'\n", addr, len, memory_region_name(mr));
++ return false;
++}
++
+ /* Called within RCU critical section. */
+ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
+ MemTxAttrs attrs,
+@@ -2773,7 +2801,10 @@ static MemTxResult flatview_write_contin
+ const uint8_t *buf = ptr;
+
+ for (;;) {
+- if (!memory_access_is_direct(mr, true)) {
++ if (!flatview_access_allowed(mr, attrs, addr1, l)) {
++ result |= MEMTX_ACCESS_ERROR;
++ /* Keep going. */
++ } else if (!memory_access_is_direct(mr, true)) {
+ release_lock |= prepare_mmio_access(mr);
+ l = memory_access_size(mr, l, addr1);
+ /* XXX: could force current_cpu to NULL to avoid
+@@ -2818,6 +2849,9 @@ static MemTxResult flatview_write(FlatVi
+
+ l = len;
+ mr = flatview_translate(fv, addr, &addr1, &l, true, attrs);
++ if (!flatview_access_allowed(mr, attrs, addr, len)) {
++ return MEMTX_ACCESS_ERROR;
++ }
+ return flatview_write_continue(fv, addr, attrs, buf, len,
+ addr1, l, mr);
+ }
+@@ -2836,7 +2870,10 @@ MemTxResult flatview_read_continue(FlatV
+
+ fuzz_dma_read_cb(addr, len, mr);
+ for (;;) {
+- if (!memory_access_is_direct(mr, false)) {
++ if (!flatview_access_allowed(mr, attrs, addr1, l)) {
++ result |= MEMTX_ACCESS_ERROR;
++ /* Keep going. */
++ } else if (!memory_access_is_direct(mr, false)) {
+ /* I/O case */
+ release_lock |= prepare_mmio_access(mr);
+ l = memory_access_size(mr, l, addr1);
+@@ -2879,6 +2916,9 @@ static MemTxResult flatview_read(FlatVie
+
+ l = len;
+ mr = flatview_translate(fv, addr, &addr1, &l, false, attrs);
++ if (!flatview_access_allowed(mr, attrs, addr, len)) {
++ return MEMTX_ACCESS_ERROR;
++ }
+ return flatview_read_continue(fv, addr, attrs, buf, len,
+ addr1, l, mr);
+ }
+--
+1.8.3.1
+
--
2.17.1

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.

base is always inherited so remove this code which will soon cause an error.

Signed-off-by: Richard Purdie <richard.purdie@...>
---
meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb b/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb
index b58a36c44..0590ce008 100644
--- a/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb
+++ b/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb
@@ -15,7 +15,7 @@ SRC_URI = "git://github.com/LMDB/lmdb.git;nobranch=1;protocol=https \

SRCREV = "8ad7be2510414b9506ec9f9e24f24d04d9b04a1a"

-inherit base ptest
+inherit ptest

S = "${WORKDIR}/git/libraries/liblmdb"

--
2.34.1

Upgrade summary:
----------------
- drop 0002-configure-fix-a-cc-check-issue.patch, as it was replaced with
upstream commit https://github.com/net-snmp/net-snmp/commit/dbb49acfa2af
- drop 0001-snmpd-always-exit-after-displaying-usage.patch backport
- rebase net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch manually
- refresh patches with devtool to get rid of fuzz

Changelog:
----------
*5.9.3*:
security:
- These two CVEs can be exploited by a user with read-only credentials:
- CVE-2022-24805 A buffer overflow in the handling of the INDEX of
NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
- CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
can cause a NULL pointer dereference.
- These CVEs can be exploited by a user with read-write credentials:
- CVE-2022-24806 Improper Input Validation when SETing malformed
OIDs in master agent and subagent simultaneously
- CVE-2022-24807 A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
out-of-bounds memory access.
- CVE-2022-24808 A malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
- CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
can cause a NULL pointer dereference.
- To avoid these flaws, use strong SNMPv3 credentials and do not share them.
If you must use SNMPv1 or SNMPv2c, use a complex community string
and enhance the protection by restricting access to a given IP address
range.
- Thanks are due to Yu Zhang of VARAS@IIE and Nanyu Zhong of VARAS@IIE for
reporting the following CVEs that have been fixed in this release, and
to Arista Networks for providing fixes.

Windows:
- WinExtDLL: Fix multiple compiler warnings
- WinExtDLL: Make long strings occupy a single line Make it easier to
look up error messages in the source code by making long strings
occupy a single source code line.
- WinExtDLL: Restore MIB-II support Make winExtDLL work on 64-bit
Windows systems") caused snmpd to skip MIB-II on 64-bit systems.

IF-MIB: Update ifTable entries even if the interface name has changed
At least on Linux a network interface index may be reused for a
network interface with a different name. Hence this patch that
enables replacing network interface information even if the network
interface name has changed.

unspecified:
- Moved transport code into a separate subdirectory in snmplib
- Snmplib: remove inline versions of container funcs".

misc:
- snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is
expanded in ${datarootdir} so datarootdir must be set before
@datadir@ is used.

*5.9.2*:
skipped due to a last minute library versioning found bug -- use 5.9.3 instead

Signed-off-by: Ovidiu Panait <ovidiu.panait@...>
---
...ath.m4-keep-consistent-between-32bit.patch | 11 ++--
.../0001-config_os_headers-Error-Fix.patch | 4 +-
...1-get_pid_from_inode-Include-limit.h.patch | 6 +-
...d-always-exit-after-displaying-usage.patch | 55 -------------------
....c-Don-t-check-for-return-from-EVP_M.patch | 4 +-
.../0002-configure-fix-a-cc-check-issue.patch | 28 ----------
...004-configure-fix-incorrect-variable.patch | 6 +-
.../net-snmp/fix-libtool-finish.patch | 6 +-
....7.2-fix-engineBoots-value-on-SIGHUP.patch | 26 ++++-----
...add-knob-whether-nlist.h-are-checked.patch | 4 +-
.../net-snmp-fix-for-disable-des.patch | 4 +-
...ting-add-the-output-format-for-ptest.patch | 2 +-
.../reproducibility-have-printcap.patch | 4 +-
.../{net-snmp_5.9.1.bb => net-snmp_5.9.3.bb} | 4 +-
14 files changed, 38 insertions(+), 126 deletions(-)
delete mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch
delete mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch
rename meta-networking/recipes-protocols/net-snmp/{net-snmp_5.9.1.bb => net-snmp_5.9.3.bb} (98%)

diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch
index 4cd729044..0eeddf752 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch
@@ -1,7 +1,8 @@
-From 6f8ea2e841ad45eed193310b599d3f3b410ae91d Mon Sep 17 00:00:00 2001
+From 98c62e24fdd05d7e8bd8149840bad8eb0feb3fb1 Mon Sep 17 00:00:00 2001
From: Mingli Yu <mingli.yu@...>
Date: Fri, 29 Jan 2021 08:49:15 +0000
-Subject: [PATCH] ac_add_search_path.m4: keep consistent between 32bit and 64bit
+Subject: [PATCH] ac_add_search_path.m4: keep consistent between 32bit and
+ 64bit

With configure option "--with-openssl=${STAGING_EXECPREFIXDIR}", it behaves
differently between 32bit and 64bit system as the openssl lib resides under
@@ -15,12 +16,13 @@ So add the patch to fix the gap between 32bit and 64bit system.
Upstream-Status: Inappropriate [configuration specific]

Signed-off-by: Mingli Yu <mingli.yu@...>
+
---
m4/ac_add_search_path.m4 | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/m4/ac_add_search_path.m4 b/m4/ac_add_search_path.m4
-index 8e0a819..961f587 100644
+index 8e0a819..e9585bc 100644
--- a/m4/ac_add_search_path.m4
+++ b/m4/ac_add_search_path.m4
@@ -3,8 +3,8 @@ dnl Add a search path to the LIBS and CPPFLAGS variables
@@ -34,6 +36,3 @@ index 8e0a819..961f587 100644
fi
if test -d $1/include; then
CPPFLAGS="-I$1/include $CPPFLAGS"
---
-2.29.2
-
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch
index 05a47f61c..f8a52a63f 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch
@@ -1,4 +1,4 @@
-From 69d4c517c07f55c505090e48d96ace8cd599fb26 Mon Sep 17 00:00:00 2001
+From e86d5fd52f19b85da0b7cce660c6e65ec4c0f9bb Mon Sep 17 00:00:00 2001
From: Li xin <lixin.fnst@...>
Date: Fri, 21 Aug 2015 18:23:13 +0900
Subject: [PATCH] config_os_headers: Error Fix
@@ -19,7 +19,7 @@ Signed-off-by: Li Xin <lixin.fnst@...>
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure.d/config_os_headers b/configure.d/config_os_headers
-index f07d512..2363b42 100644
+index 01c3376..6edd85f 100644
--- a/configure.d/config_os_headers
+++ b/configure.d/config_os_headers
@@ -395,8 +395,8 @@ then
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch
index 22e591556..a7881a871 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch
@@ -1,4 +1,4 @@
-From 2bf1bbe1d428ed06d57aa76b03e394b72ff2216d Mon Sep 17 00:00:00 2001
+From 8097734b27fd146f358a4edd0d1a0d28309bd9a4 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@...>
Date: Fri, 22 Jul 2016 18:34:39 +0000
Subject: [PATCH] get_pid_from_inode: Include limit.h
@@ -14,7 +14,7 @@ Signed-off-by: Khem Raj <raj.khem@...>
1 file changed, 1 insertion(+)

diff --git a/agent/mibgroup/util_funcs/get_pid_from_inode.c b/agent/mibgroup/util_funcs/get_pid_from_inode.c
-index aee907d..7abaec2 100644
+index 5788e1d..ea380a6 100644
--- a/agent/mibgroup/util_funcs/get_pid_from_inode.c
+++ b/agent/mibgroup/util_funcs/get_pid_from_inode.c
@@ -6,6 +6,7 @@
@@ -23,5 +23,5 @@ index aee907d..7abaec2 100644
#include <ctype.h>
+#include <limits.h>
#include <stdio.h>
- #if HAVE_STDLIB_H
+ #ifdef HAVE_STDLIB_H
#include <stdlib.h>
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch
deleted file mode 100644
index 4fc9e54b4..000000000
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 94ca941e06bef157bf0e13251f8ca1471daa9393 Mon Sep 17 00:00:00 2001
-From: Kaarle Ritvanen <kaarle.ritvanen@...>
-Date: Fri, 27 Aug 2021 14:21:45 +0300
-Subject: [PATCH] snmpd: always exit after displaying usage
-
-Currently, viewing the help text with -h results in snmpd being started
-in the background, whereas this does not happen with --help. Similarly,
-when an error is detected in command line syntax, the help text is
-displayed but sometimes snmpd gets started anyway, depending on the
-execution path.
-
-This patch makes snmpd consistently terminate whenever the usage
-function gets called. It also removes the goto statements no longer
-needed.
-
-Upstream-Status: Backport
-[https://github.com/net-snmp/net-snmp/commit/94ca941e06bef157bf0e13251f8ca1471daa9393]
-
-Signed-off-by: Yi Zhao <yi.zhao@...>
----
- agent/snmpd.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/agent/snmpd.c b/agent/snmpd.c
-index f5aab0af8..90de12d99 100644
---- a/agent/snmpd.c
-+++ b/agent/snmpd.c
-@@ -289,6 +289,8 @@ usage(char *prog)
- " -S d|i|0-7\t\tuse -Ls <facility> instead\n"
- "\n"
- );
-+ SOCK_CLEANUP;
-+ exit(1);
- }
-
- static void
-@@ -494,7 +496,6 @@ main(int argc, char *argv[])
- case '-':
- if (strcasecmp(optarg, "help") == 0) {
- usage(argv[0]);
-- goto out;
- }
- if (strcasecmp(optarg, "version") == 0) {
- version();
-@@ -783,7 +784,6 @@ main(int argc, char *argv[])
- fprintf(stderr, "%s: Illegal argument -X:"
- "AgentX support not compiled in.\n", argv[0]);
- usage(argv[0]);
-- goto out;
- #endif
- break;
-
---
-2.25.1
-
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch
index 42352a6b0..af6334f72 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch
@@ -1,4 +1,4 @@
-From f3ff99736b8cccbba77349b0d10a3cee366a4c87 Mon Sep 17 00:00:00 2001
+From f4e1acd4f509dd26cf88da872bd5adcf884f4a5f Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@...>
Date: Fri, 18 Sep 2015 00:28:45 -0400
Subject: [PATCH] snmplib/keytools.c: Don't check for return from
@@ -17,7 +17,7 @@ Signed-off-by: Ovidiu Panait <ovidiu.panait@...>
1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/snmplib/keytools.c b/snmplib/keytools.c
-index 129a7c0..2fc1efc 100644
+index 14a452a..fb1694b 100644
--- a/snmplib/keytools.c
+++ b/snmplib/keytools.c
@@ -183,10 +183,7 @@ generate_Ku(const oid * hashtype, u_int hashtype_len,
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch
deleted file mode 100644
index c973bde72..000000000
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 0a02ac779c51a2b4af3b58cb96967bf3eff80367 Mon Sep 17 00:00:00 2001
-From: Wenlin Kang <wenlin.kang@...>
-Date: Wed, 24 May 2017 16:45:34 +0800
-Subject: [PATCH] configure: fix a cc check issue.
-
-When has "." in cc value, the expression
-$myperl -V:cc | $myperl -n -e 'print if (s/^\s*cc=.([-=\w\s\/]+).;\s*/$1/);'
-can't get corretly the cc's value.
-
-Signed-off-by: Wenlin Kang <wenlin.kang@...>
-
----
- configure.d/config_project_perl_python | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure.d/config_project_perl_python b/configure.d/config_project_perl_python
-index 475c843..22d2ad3 100644
---- a/configure.d/config_project_perl_python
-+++ b/configure.d/config_project_perl_python
-@@ -87,7 +87,7 @@ if test "x$install_perl" != "xno" ; then
- if test "x$enable_perl_cc_checks" != "xno" ; then
- AC_MSG_CHECKING([for Perl cc])
- changequote(, )
-- PERLCC=`$myperl -V:cc | $myperl -n -e 'print if (s/^\s*cc=.([-=\w\s\/]+).;\s*/$1/);'`
-+ PERLCC=`$myperl -V:cc | $myperl -n -e 'print if (s/^\s*cc=.([-=\.\w\s\/]+).;\s*/$1/);'`
- changequote([, ])
- if test "x$PERLCC" != "x" ; then
- AC_MSG_RESULT([$PERLCC])
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch
index bfddc63dd..6e224188a 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch
@@ -1,4 +1,4 @@
-From 011bdcd07f2a289d0cfc1b411c03c0cc7c42dad1 Mon Sep 17 00:00:00 2001
+From 6d655ba677563ac9d62d4d8eee59fdb39d486c02 Mon Sep 17 00:00:00 2001
From: Wenlin Kang <wenlin.kang@...>
Date: Wed, 24 May 2017 17:10:20 +0800
Subject: [PATCH] configure: fix incorrect variable
@@ -14,10 +14,10 @@ Signed-off-by: Wenlin Kang <wenlin.kang@...>
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile.in b/Makefile.in
-index 912f6b2..a53d1b2 100644
+index f1cbbf5..1545be3 100644
--- a/Makefile.in
+++ b/Makefile.in
-@@ -174,7 +174,7 @@ OTHERCLEANTODOS=perlclean @PYTHONCLEANTARGS@ cleanfeatures perlcleanfeatures pyt
+@@ -173,7 +173,7 @@ OTHERCLEANTODOS=perlclean @PYTHONCLEANTARGS@ cleanfeatures perlcleanfeatures pyt
#
# override LD_RUN_PATH to avoid dependencies on the build directory
perlmodules: perlmakefiles subdirs
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch
index 26dd014ce..409c1e03c 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch
@@ -1,4 +1,4 @@
-From 27444fbf8323679ea0551a3bd5f04c365143d8c0 Mon Sep 17 00:00:00 2001
+From ab1d77c52e84746e75506a2870783806bc77f396 Mon Sep 17 00:00:00 2001
From: "Roy.Li" <rongqing.li@...>
Date: Fri, 16 Jan 2015 14:14:01 +0800
Subject: [PATCH] net-snmp: fix "libtool --finish"
@@ -20,11 +20,11 @@ Signed-off-by: Roy.Li <rongqing.li@...>
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile.top b/Makefile.top
-index 6315401..fc0ee06 100644
+index a962c54..1ba5607 100644
--- a/Makefile.top
+++ b/Makefile.top
@@ -89,7 +89,7 @@ LIBREVISION = 0
- LIB_LD_CMD = $(LIBTOOL) --mode=link $(LINKCC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) -o
+ LIB_LD_CMD = $(LIBTOOL) --mode=link $(LINKCC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) @LD_NO_UNDEFINED@ -o
LIB_EXTENSION = la
LIB_VERSION =
-LIB_LDCONFIG_CMD = $(LIBTOOL) --mode=finish $(INSTALL_PREFIX)$(libdir)
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch
index 022eb958f..35e93d636 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch
@@ -1,4 +1,4 @@
-From 1e3178835217ba89aa355e2b6b88e490f17be16d Mon Sep 17 00:00:00 2001
+From 5ad4eab43c1ea63ff343bba64d576440e8783e75 Mon Sep 17 00:00:00 2001
From: Zheng Ruoqin <zhengrq.fnst@...>
Date: Wed, 9 Jun 2021 15:47:30 +0900
Subject: [PATCH] net snmp: fix engineBoots value on SIGHUP
@@ -7,6 +7,7 @@ Upstream-Status: Pending

Signed-off-by: Marian Florea <marian.florea@...>
Signed-off-by: Li Zhou <li.zhou@...>
+Signed-off-by: Ovidiu Panait <ovidiu.panait@...>

---
agent/snmpd.c | 1 +
@@ -14,19 +15,19 @@ Signed-off-by: Li Zhou <li.zhou@...>
2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/agent/snmpd.c b/agent/snmpd.c
-index 1af439f..355b510 100644
+index 90de12d..1ccc4db 100644
--- a/agent/snmpd.c
+++ b/agent/snmpd.c
-@@ -1208,6 +1208,7 @@ receive(void)
- snmp_log(LOG_INFO, "NET-SNMP version %s restarted\n",
- netsnmp_get_version());
- update_config();
-+ snmp_store(app_name);
- send_easy_trap(SNMP_TRAP_ENTERPRISESPECIFIC, 3);
- #if HAVE_SIGPROCMASK
- ret = sigprocmask(SIG_UNBLOCK, &set, NULL);
+@@ -1169,6 +1169,7 @@ snmpd_reconfig(void)
+ snmp_log(LOG_INFO, "NET-SNMP version %s restarted\n",
+ netsnmp_get_version());
+ update_config();
++ snmp_store(app_name);
+ send_easy_trap(SNMP_TRAP_ENTERPRISESPECIFIC, 3);
+ #ifdef HAVE_SIGPROCMASK
+ ret = sigprocmask(SIG_UNBLOCK, &set, NULL);
diff --git a/snmplib/snmpv3.c b/snmplib/snmpv3.c
-index 29c2a0f..ada961c 100644
+index 7b1746b..4a17e0d 100644
--- a/snmplib/snmpv3.c
+++ b/snmplib/snmpv3.c
@@ -1059,9 +1059,9 @@ init_snmpv3_post_config(int majorid, int minorid, void *serverarg,
@@ -41,6 +42,3 @@ index 29c2a0f..ada961c 100644
engineBoots = 1;
}

---
-2.25.1
-
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch
index f1ebe2bb6..c5a453abe 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch
@@ -1,4 +1,4 @@
-From e507dcf8b29c55011f85d88bf05400d4717e4074 Mon Sep 17 00:00:00 2001
+From ad65b106d3cb3c6e595381be1c45a73c1ef6eb5e Mon Sep 17 00:00:00 2001
From: Chong Lu <Chong.Lu@...>
Date: Thu, 28 May 2020 09:46:34 -0500
Subject: [PATCH] net-snmp: add knob whether nlist.h are checked
@@ -15,7 +15,7 @@ Signed-off-by: Chong Lu <Chong.Lu@...>
1 file changed, 2 insertions(+)

diff --git a/configure.d/config_os_headers b/configure.d/config_os_headers
-index 76ef58a..f07d512 100644
+index b9c8c31..01c3376 100644
--- a/configure.d/config_os_headers
+++ b/configure.d/config_os_headers
@@ -37,6 +37,7 @@ AC_CHECK_HEADERS([getopt.h pthread.h regex.h ] dnl
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch
index 2941a3609..c382c02d8 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch
@@ -1,4 +1,4 @@
-From 3ca4335ec1d6b7b384c134fc85d7a9e513c68376 Mon Sep 17 00:00:00 2001
+From b1b9980853b1083f0c8b9f628f8b4c3a484d4f91 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@...>
Date: Thu, 22 Jun 2017 10:25:08 +0800
Subject: [PATCH] net-snmp: fix for --disable-des
@@ -15,7 +15,7 @@ Signed-off-by: Jackie Huang <jackie.huang@...>
1 file changed, 2 insertions(+)

diff --git a/snmplib/scapi.c b/snmplib/scapi.c
-index 00c9174..c6875e1 100644
+index 54fdd5c..0f7e931 100644
--- a/snmplib/scapi.c
+++ b/snmplib/scapi.c
@@ -85,7 +85,9 @@ netsnmp_feature_child_of(usm_scapi, usm_support);
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch
index 807983f61..09ca532a7 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch
@@ -1,4 +1,4 @@
-From 972df16e9599dffddf5d714a4cbf43008c771122 Mon Sep 17 00:00:00 2001
+From 36a5656db7ea75dd15f35a6c1728937c6e2b901c Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@...>
Date: Wed, 14 Jan 2015 15:10:06 +0800
Subject: [PATCH] testing: add the output format for ptest
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch
index bf1e7bedf..c0b51c51e 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch
@@ -1,4 +1,4 @@
-From 84e362fe97f50fbad69f083bc2d8fe18f83eb2f7 Mon Sep 17 00:00:00 2001
+From b923cd38e2503b86aedf66b767fd7f51c9f25645 Mon Sep 17 00:00:00 2001
From: "douglas.royds" <douglas.royds@...>
Date: Wed, 21 Nov 2018 13:52:18 +1300
Subject: [PATCH] net-snmp: Reproducibility: Don't check build host for
@@ -13,7 +13,7 @@ set in the environment to "yes" or "no" as appropriate for the target platform.
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure.d/config_os_misc4 b/configure.d/config_os_misc4
-index 6f23c8e..8cea75a 100644
+index b6864d9..07ca922 100644
--- a/configure.d/config_os_misc4
+++ b/configure.d/config_os_misc4
@@ -99,9 +99,9 @@ if test x$LPSTAT_PATH != x; then
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb
similarity index 98%
rename from meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
rename to meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb
index 30c0ce74c..7af514756 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb
@@ -21,15 +21,13 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
file://0001-config_os_headers-Error-Fix.patch \
file://0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch \
file://0001-get_pid_from_inode-Include-limit.h.patch \
- file://0002-configure-fix-a-cc-check-issue.patch \
file://0004-configure-fix-incorrect-variable.patch \
file://net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch \
file://net-snmp-fix-for-disable-des.patch \
file://reproducibility-have-printcap.patch \
file://0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch \
- file://0001-snmpd-always-exit-after-displaying-usage.patch \
"
-SRC_URI[sha256sum] = "eb7fd4a44de6cddbffd9a92a85ad1309e5c1054fb9d5a7dd93079c8953f48c3f"
+SRC_URI[sha256sum] = "2097f29b7e1bf3f1300b4bae52fa2308d0bb8d5d3998dbe02f9462a413a2ef0a"

UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/net-snmp/files/net-snmp/"
UPSTREAM_CHECK_REGEX = "/net-snmp/(?P<pver>\d+(\.\d+)+)/"
--
2.37.1

From: Bruce Ashfield <bruce.ashfield@...>

When fixing the build against 5.19, we added a copy of stdarg.h out of
the kernel source. That of course works fine if the kernel-source has
already been staged, but is an error otherwise.

We add the explicit dependency to the export_source task, to make sure
that the source files are present. We already have a DEPENDS on virutal/kernel
in the recipe, so we just tweak when the source will be in place.

Signed-off-by: Bruce Ashfield <bruce.ashfield@...>
---
.../recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.36.bb | 1 +
1 file changed, 1 insertion(+)

diff --git a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.36.bb b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.36.bb
index 06dc8a4c8..7eb497ab1 100644
--- a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.36.bb
+++ b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.36.bb
@@ -29,6 +29,7 @@ EXTRA_OEMAKE += "KERN_DIR='${WORKDIR}/${KERNEL_VERSION}/build' KBUILD_VERBOSE=1"
MAKE_TARGETS = "all"

addtask export_sources after do_patch before do_configure
+do_export_sources[depends] += "virtual/kernel:do_shared_workdir"

do_export_sources() {
mkdir -p "${S}"
--
2.25.1

From: Khem Raj <raj.khem@...>

audit errors out due to swig munging it does with kernel headers

| audit_wrap.c: In function '_wrap_audit_rule_data_buf_set':
| audit_wrap.c:4701:17: error: cast specifies array type
| 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
| | ^
| audit_wrap.c:4701:15: error: invalid use of flexible array member
| 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
| | ^
| audit_wrap.c:4703:15: error: invalid use of flexible array member
| 4703 | arg1->buf = 0;
| | ^

These errors are due to VLAIS from kernel headers, so we copy
linux/audit.h and make the needed change in local audit.h and make
needed arrangements in build to use it when building audit package

Signed-off-by: Khem Raj <raj.khem@...>
Cc: Bruce Ashfield <bruce.ashfield@...>
(cherry picked from commit ee3c680c300237c49a3c70610aa5794185c4adac)
Signed-off-by: Armin Kuster <akuster808@...>
---
.../audit/Fixed-swig-host-contamination-issue.patch | 13 +++----------
.../audit/{audit_3.0.7.bb => audit_3.0.8.bb} | 7 ++++++-
2 files changed, 9 insertions(+), 11 deletions(-)
rename meta-oe/recipes-security/audit/{audit_3.0.7.bb => audit_3.0.8.bb} (93%)

diff --git a/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch b/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
index 740bcb5a7f..b023c80ae4 100644
--- a/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
+++ b/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
@@ -18,11 +18,9 @@ Signed-off-by: Yi Zhao <yi.zhao@...>
bindings/swig/src/auditswig.i | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)

-diff --git a/bindings/swig/python3/Makefile.am b/bindings/swig/python3/Makefile.am
-index dd9d934..61b486d 100644
--- a/bindings/swig/python3/Makefile.am
+++ b/bindings/swig/python3/Makefile.am
-@@ -22,6 +22,7 @@
+@@ -23,6 +23,7 @@
CONFIG_CLEAN_FILES = *.loT *.rej *.orig
AM_CFLAGS = -fPIC -DPIC -fno-strict-aliasing $(PYTHON3_CFLAGS)
AM_CPPFLAGS = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
@@ -30,7 +28,7 @@ index dd9d934..61b486d 100644
LIBS = $(top_builddir)/lib/libaudit.la
SWIG_FLAGS = -python -py3 -modern
SWIG_INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
-@@ -36,7 +37,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudi
+@@ -37,7 +38,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/li
_audit_la_LIBADD = ${top_builddir}/lib/libaudit.la
nodist__audit_la_SOURCES = audit_wrap.c
audit.py audit_wrap.c: ${srcdir}/../src/auditswig.i
@@ -39,8 +37,6 @@ index dd9d934..61b486d 100644

CLEANFILES = audit.py* audit_wrap.c *~

-diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
-index 21aafca..dd0f62c 100644
--- a/bindings/swig/src/auditswig.i
+++ b/bindings/swig/src/auditswig.i
@@ -39,7 +39,7 @@ signed
@@ -48,10 +44,7 @@ index 21aafca..dd0f62c 100644
typedef unsigned __u32;
typedef unsigned uid_t;
-%include "/usr/include/linux/audit.h"
-+%include "linux/audit.h"
++%include "../lib/audit.h"
#define __extension__ /*nothing*/
%include <stdint.i>
%include "../lib/libaudit.h"
---
-2.17.1
-
diff --git a/meta-oe/recipes-security/audit/audit_3.0.7.bb b/meta-oe/recipes-security/audit/audit_3.0.8.bb
similarity index 93%
rename from meta-oe/recipes-security/audit/audit_3.0.7.bb
rename to meta-oe/recipes-security/audit/audit_3.0.8.bb
index d77aec2964..3dbfc9e604 100644
--- a/meta-oe/recipes-security/audit/audit_3.0.7.bb
+++ b/meta-oe/recipes-security/audit/audit_3.0.8.bb
@@ -15,7 +15,7 @@ SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;proto
"

S = "${WORKDIR}/git"
-SRCREV = "f60b2d8f55c74be798a7f5bcbd6c587987f2578a"
+SRCREV = "54a62e78792fe583267cf80da717ee480b8f42bc"

inherit autotools python3native update-rc.d systemd

@@ -71,6 +71,11 @@ FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"

CONFFILES:auditd = "${sysconfdir}/audit/audit.rules"

+do_configure:prepend() {
+ sed -e 's|buf\[];|buf[0];|g' ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h
+ sed -i -e 's|#include <linux/audit.h>|#include "audit.h"|g' ${S}/lib/libaudit.h
+}
+
do_install:append() {
rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la
--
2.25.1

From: Lei Maohui <leimaohui@...>

Don't print configure message.

Signed-off-by: Lei Maohui <leimaohui@...>
Signed-off-by: Khem Raj <raj.khem@...>
(cherry picked from commit abe35f5953af99da4bf6b8d023ee4516ec4710fa)
Signed-off-by: Armin Kuster <akuster808@...>
---
meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb | 1 +
1 file changed, 1 insertion(+)

diff --git a/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb b/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb
index 7ec6ae15f6..947ca75388 100644
--- a/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb
+++ b/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb
@@ -49,6 +49,7 @@ do_configure:prepend() {

do_compile:prepend() {
sed -i 's/(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am/(MAKE) $(AM_MAKEFLAGS) install-exec-am/g' ${S}/keygen/Makefile.in
+ echo "" > ${B}/xrdp_configure_options.h
}

do_install:append() {
--
2.25.1

From: Mingli Yu <mingli.yu@...>

Fixes:
WARNING: nspr-4.29-r0 do_package_qa: QA Issue: File /usr/bin/nspr-config in package nspr-dev contains reference to TMPDIR [buildpaths]

Signed-off-by: Mingli Yu <mingli.yu@...>
---
...ig-nspr-config.in-don-t-pass-LDFLAGS.patch | 30 +++++++++++++++++++
meta-oe/recipes-support/nspr/nspr_4.29.bb | 1 +
2 files changed, 31 insertions(+)
create mode 100644 meta-oe/recipes-support/nspr/nspr/0001-config-nspr-config.in-don-t-pass-LDFLAGS.patch

diff --git a/meta-oe/recipes-support/nspr/nspr/0001-config-nspr-config.in-don-t-pass-LDFLAGS.patch b/meta-oe/recipes-support/nspr/nspr/0001-config-nspr-config.in-don-t-pass-LDFLAGS.patch
new file mode 100644
index 000000000..6ebc9c4ae
--- /dev/null
+++ b/meta-oe/recipes-support/nspr/nspr/0001-config-nspr-config.in-don-t-pass-LDFLAGS.patch
@@ -0,0 +1,30 @@
+From 13e9d66c24d1dce5179805ae5e1bf940409b4914 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@...>
+Date: Wed, 10 Aug 2022 15:21:07 +0800
+Subject: [PATCH] config/nspr-config.in: don't pass LDFLAGS
+
+Don't pass LDFLAGS to avoid exposing the build env info.
+
+Upstream-Status: Inappropriate [oe specific]
+
+Signed-off-by: Mingli Yu <mingli.yu@...>
+---
+ config/nspr-config.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/nspr-config.in b/config/nspr-config.in
+index 2cb62a0..2bec715 100755
+--- a/config/nspr-config.in
++++ b/config/nspr-config.in
+@@ -136,7 +136,7 @@ if test "$echo_libs" = "yes"; then
+ if test -n "$lib_nspr"; then
+ libdirs="$libdirs -lnspr${major_version}"
+ fi
+- os_ldflags="@LDFLAGS@"
++ os_ldflags="LDFLAGS"
+ for i in $os_ldflags ; do
+ if echo $i | grep \^-L >/dev/null; then
+ libdirs="$libdirs $i"
+--
+2.25.1
+
diff --git a/meta-oe/recipes-support/nspr/nspr_4.29.bb b/meta-oe/recipes-support/nspr/nspr_4.29.bb
index b60de08d2..92c5234c3 100644
--- a/meta-oe/recipes-support/nspr/nspr_4.29.bb
+++ b/meta-oe/recipes-support/nspr/nspr_4.29.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/nspr/releases/v${PV}/src/nspr-${PV}.tar.gz
file://0002-Add-nios2-support.patch \
file://0001-md-Fix-build-with-musl.patch \
file://Makefile.in-remove-_BUILD_STRING-and-_BUILD_TIME.patch \
+ file://0001-config-nspr-config.in-don-t-pass-LDFLAGS.patch \
file://nspr.pc.in \
"

--
2.25.1

Pass large enough default for FLB_CORO_STACK_SIZE
Remove unused jemalloc patch

Signed-off-by: Khem Raj <raj.khem@...>
---
.../0001-Use-posix-strerror_r-with-musl.patch | 34 +++++++++++++++++++
...nkio-Link-with-fts-library-with-musl.patch | 28 +++++++++++++++
.../fluentbit/fluentbit/jemalloc.patch | 16 ---------
.../fluentbit/fluentbit_1.9.6.bb | 9 +++--
4 files changed, 69 insertions(+), 18 deletions(-)
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0001-Use-posix-strerror_r-with-musl.patch
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0002-chunkio-Link-with-fts-library-with-musl.patch
delete mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/jemalloc.patch

diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Use-posix-strerror_r-with-musl.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Use-posix-strerror_r-with-musl.patch
new file mode 100644
index 0000000000..8d89e4df35
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Use-posix-strerror_r-with-musl.patch
@@ -0,0 +1,34 @@
+From f645128082117a0152a95b3dccd869a184b7513f Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Wed, 10 Aug 2022 01:23:48 -0700
+Subject: [PATCH 1/2] Use posix strerror_r with musl
+
+Default with glibc is GNU extention of strerror_r
+where as musl uses posix variant, call that out
+
+Upstream-Status: Inappropriate [Need wider porting beyond linux/musl/glibc]
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ src/flb_network.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/flb_network.c b/src/flb_network.c
+index 992eb1d..5d7a337 100644
+--- a/src/flb_network.c
++++ b/src/flb_network.c
+@@ -506,7 +506,12 @@ static int net_connect_async(int fd,
+ }
+
+ /* Connection is broken, not much to do here */
++#ifdef __GLIBC__
+ str = strerror_r(error, so_error_buf, sizeof(so_error_buf));
++#else
++ strerror_r(error, so_error_buf, sizeof(so_error_buf));
++ str = so_error_buf;
++#endif
+ flb_error("[net] TCP connection failed: %s:%i (%s)",
+ u->tcp_host, u->tcp_port, str);
+ return -1;
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0002-chunkio-Link-with-fts-library-with-musl.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0002-chunkio-Link-with-fts-library-with-musl.patch
new file mode 100644
index 0000000000..4ffb20d9ca
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0002-chunkio-Link-with-fts-library-with-musl.patch
@@ -0,0 +1,28 @@
+From 63dbbad5978e5f5b0e7d42614999cb6b4ebcce10 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Wed, 10 Aug 2022 01:27:16 -0700
+Subject: [PATCH 2/2] chunkio: Link with fts library with musl
+
+Fixes
+cio_utils.c:(.text+0x64): undefined reference to `fts_read'
+
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ lib/chunkio/src/CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/chunkio/src/CMakeLists.txt b/lib/chunkio/src/CMakeLists.txt
+index a4fc2d3..4244eb8 100644
+--- a/lib/chunkio/src/CMakeLists.txt
++++ b/lib/chunkio/src/CMakeLists.txt
+@@ -13,6 +13,7 @@ set(src
+ )
+
+ set(libs cio-crc32)
++set(libs ${libs} fts)
+
+ if(${CMAKE_SYSTEM_NAME} MATCHES "Windows")
+ set(src
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/jemalloc.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/jemalloc.patch
deleted file mode 100644
index 67b3397a6f..0000000000
--- a/meta-oe/recipes-extended/fluentbit/fluentbit/jemalloc.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-Add --with-jemalloc-prefix=je_ so it compiles on musl
-
-Signed-off-by: Khem Raj <raj.khem@...>
-Upstream-Status: Pending
-
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -523,7 +523,7 @@ if(FLB_JEMALLOC AND ${CMAKE_SYSTEM_NAME}
- # Link to Jemalloc as an external dependency
- ExternalProject_Add(jemalloc
- SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/lib/jemalloc-5.2.1
-- CONFIGURE_COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/lib/jemalloc-5.2.1/configure ${AUTOCONF_HOST_OPT} --with-lg-quantum=3 --enable-cc-silence --prefix=<INSTALL_DIR>
-+ CONFIGURE_COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/lib/jemalloc-5.2.1/configure ${AUTOCONF_HOST_OPT} --with-jemalloc-prefix=je_ --with-lg-quantum=3 --enable-cc-silence --prefix=<INSTALL_DIR>
- CFLAGS=-std=gnu99\ -Wall\ -pipe\ -g3\ -O3\ -funroll-loops
- BUILD_COMMAND $(MAKE)
- INSTALL_DIR ${CMAKE_CURRENT_BINARY_DIR}/
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb b/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb
index 77fed7fcfb..92f074bc86 100644
--- a/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb
@@ -23,6 +23,10 @@ SRC_URI = "https://releases.fluentbit.io/1.9/source-${PV}.tar.gz;subdir=fluent-b
file://0005-stackdriver-Fix-return-type-mismatch.patch \
file://0006-monkey-Fix-TLS-detection-testcase.patch \
"
+SRC_URI:append:libc-musl = "\
+ file://0001-Use-posix-strerror_r-with-musl.patch \
+ file://0002-chunkio-Link-with-fts-library-with-musl.patch \
+ "
SRC_URI[sha256sum] = "5ef7dd97e10936269fe5f4e5d3ebf16559333066f7d6757ba12464a9d6186570"

S = "${WORKDIR}/fluent-bit-${PV}"
@@ -43,8 +47,6 @@ do_compile:append() {
find ${B} -name '*.c' -or -name '*.h' | xargs sed -i -e 's|${TMPDIR}|/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR}/|g'
}

-FLB_JEMALLOC_OPTIONS_LIST = "--with-jemalloc-prefix=je_ --with-lg-quantum=3"
-
PACKAGECONFIG ?= "yaml"

LTO = ""
@@ -70,6 +72,9 @@ EXTRA_OECMAKE += "${@bb.utils.contains('DISTRO_FEATURES','systemd','-DFLB_SYSTEM
# Enable release builds
EXTRA_OECMAKE += "-DFLB_RELEASE=On"

+# musl needs these options
+EXTRA_OECMAKE:append:libc-musl = ' -DFLB_JEMALLOC_OPTIONS="--with-jemalloc-prefix=je_ --with-lg-quantum=3" -DFLB_CORO_STACK_SIZE=24576'
+
EXTRA_OECMAKE:append:riscv64 = " -DFLB_DEPS='atomic'"
EXTRA_OECMAKE:append:riscv32 = " -DFLB_DEPS='atomic'"

--
2.37.1

Signed-off-by: Khem Raj <raj.khem@...>
---
...ute_malloc__-with-__attribute__-__ma.patch | 34 +++++++++++++++++++
meta-oe/recipes-security/audit/audit_3.0.8.bb | 1 +
2 files changed, 35 insertions(+)
create mode 100644 meta-oe/recipes-security/audit/audit/0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch

diff --git a/meta-oe/recipes-security/audit/audit/0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch b/meta-oe/recipes-security/audit/audit/0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch
new file mode 100644
index 0000000000..c2080e156d
--- /dev/null
+++ b/meta-oe/recipes-security/audit/audit/0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch
@@ -0,0 +1,34 @@
+From 79c8d6a2755c9dfa00a5e86378e89a94eef0504d Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Tue, 9 Aug 2022 23:57:03 -0700
+Subject: [PATCH] Replace __attribute_malloc__ with
+ __attribute__((__malloc__))
+
+__attribute_malloc__ is not available on musl
+
+Fixes
+| ../../git/auparse/auparse.h:54:2: error: expected function body after function declarator
+| __attribute_malloc__ __attr_dealloc (auparse_destroy, 1);
+| ^
+
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ auparse/auparse.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/auparse/auparse.h b/auparse/auparse.h
+index 95cf256d..c7dbe5ff 100644
+--- a/auparse/auparse.h
++++ b/auparse/auparse.h
+@@ -51,7 +51,7 @@ typedef void (*auparse_callback_ptr)(auparse_state_t *au,
+ void auparse_destroy(auparse_state_t *au);
+ void auparse_destroy_ext(auparse_state_t *au, auparse_destroy_what_t what);
+ auparse_state_t *auparse_init(ausource_t source, const void *b)
+- __attribute_malloc__ __attr_dealloc (auparse_destroy, 1);
++ __attribute__((__malloc__)) __attr_dealloc (auparse_destroy, 1);
+ int auparse_new_buffer(auparse_state_t *au, const char *data, size_t data_len)
+ __attr_access ((__read_only__, 2, 3));
+ int auparse_feed(auparse_state_t *au, const char *data, size_t data_len)
+--
+2.37.1
+
diff --git a/meta-oe/recipes-security/audit/audit_3.0.8.bb b/meta-oe/recipes-security/audit/audit_3.0.8.bb
index 3dbfc9e604..28d7d01764 100644
--- a/meta-oe/recipes-security/audit/audit_3.0.8.bb
+++ b/meta-oe/recipes-security/audit/audit_3.0.8.bb
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"

SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;protocol=https \
file://Fixed-swig-host-contamination-issue.patch \
+ file://0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch \
file://auditd \
file://auditd.service \
file://audit-volatile.conf \
--
2.37.1

Fix build using clang-15 which is even stricter then clang-14
These patches are worth upstream too

Signed-off-by: Khem Raj <raj.khem@...>
Cc: Paulo Neves <ptsneves@...>
---
...ine-_GNU_SOURCE-for-memmem-API-check.patch | 28 ++++++++++++
.../0002-mbedtls-Remove-unused-variable.patch | 38 ++++++++++++++++
...documentation-warning-as-error-with-.patch | 30 +++++++++++++
...0003-mbedtls-Do-not-overwrite-CFLAGS.patch | 11 ++++-
...-to-store-return-from-flb_kv_item_cr.patch | 43 +++++++++++++++++++
...stackdriver-Fix-return-type-mismatch.patch | 31 +++++++++++++
...06-monkey-Fix-TLS-detection-testcase.patch | 34 +++++++++++++++
.../fluentbit/fluentbit_1.9.6.bb | 11 ++++-
8 files changed, 223 insertions(+), 3 deletions(-)
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0001-monkey-Define-_GNU_SOURCE-for-memmem-API-check.patch
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0002-mbedtls-Remove-unused-variable.patch
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Disable-documentation-warning-as-error-with-.patch
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0004-Use-correct-type-to-store-return-from-flb_kv_item_cr.patch
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0005-stackdriver-Fix-return-type-mismatch.patch
create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0006-monkey-Fix-TLS-detection-testcase.patch

diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0001-monkey-Define-_GNU_SOURCE-for-memmem-API-check.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-monkey-Define-_GNU_SOURCE-for-memmem-API-check.patch
new file mode 100644
index 0000000000..e70664031b
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-monkey-Define-_GNU_SOURCE-for-memmem-API-check.patch
@@ -0,0 +1,28 @@
+From 0d22024c5defba7007e3e633753790e20209c6f6 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Tue, 9 Aug 2022 09:59:41 -0700
+Subject: [PATCH 1/5] monkey: Define _GNU_SOURCE for memmem API check
+
+This define is necessary to get this API on glibc based systems
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ lib/monkey/mk_core/CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/monkey/mk_core/CMakeLists.txt b/lib/monkey/mk_core/CMakeLists.txt
+index 0e74f8d..739fff3 100644
+--- a/lib/monkey/mk_core/CMakeLists.txt
++++ b/lib/monkey/mk_core/CMakeLists.txt
+@@ -62,6 +62,7 @@ set(src "${src}"
+ )
+
+ check_c_source_compiles("
++ #define _GNU_SOURCE
+ #include <string.h>
+ int main() {
+ char haystack[] = \"1234\";
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0002-mbedtls-Remove-unused-variable.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0002-mbedtls-Remove-unused-variable.patch
new file mode 100644
index 0000000000..d4451bcaef
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0002-mbedtls-Remove-unused-variable.patch
@@ -0,0 +1,38 @@
+From c7b969d1a2a6b61bd179214ee2516b7b6cd55b27 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Tue, 9 Aug 2022 11:21:57 -0700
+Subject: [PATCH 2/5] mbedtls: Remove unused variable
+
+Fixes
+library/bignum.c:1395:29: error: variable 't' set but not used [-Werror,-Wunused-but-set-variable]
+
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ lib/mbedtls-2.28.0/library/bignum.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/lib/mbedtls-2.28.0/library/bignum.c b/lib/mbedtls-2.28.0/library/bignum.c
+index 62e7f76..9c256ae 100644
+--- a/lib/mbedtls-2.28.0/library/bignum.c
++++ b/lib/mbedtls-2.28.0/library/bignum.c
+@@ -1392,7 +1392,7 @@ void mpi_mul_hlp( size_t i,
+ mbedtls_mpi_uint *d,
+ mbedtls_mpi_uint b )
+ {
+- mbedtls_mpi_uint c = 0, t = 0;
++ mbedtls_mpi_uint c = 0;
+
+ #if defined(MULADDC_HUIT)
+ for( ; i >= 8; i -= 8 )
+@@ -1443,8 +1443,6 @@ void mpi_mul_hlp( size_t i,
+ }
+ #endif /* MULADDC_HUIT */
+
+- t++;
+-
+ while( c != 0 )
+ {
+ *d += c; c = ( *d < c ); d++;
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Disable-documentation-warning-as-error-with-.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Disable-documentation-warning-as-error-with-.patch
new file mode 100644
index 0000000000..2d7b4efda7
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Disable-documentation-warning-as-error-with-.patch
@@ -0,0 +1,30 @@
+From 2d12629f768d2459b1fc8a8ca0c38024d84bc195 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Tue, 9 Aug 2022 11:32:12 -0700
+Subject: [PATCH 3/5] mbedtls: Disable documentation warning as error with
+ clang
+
+There are shortcomings with doxygen info which clang-15+ flags, dont
+treat them as errors
+
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ lib/mbedtls-2.28.0/CMakeLists.txt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/mbedtls-2.28.0/CMakeLists.txt b/lib/mbedtls-2.28.0/CMakeLists.txt
+index b33c088..c5f886f 100644
+--- a/lib/mbedtls-2.28.0/CMakeLists.txt
++++ b/lib/mbedtls-2.28.0/CMakeLists.txt
+@@ -212,7 +212,7 @@ if(CMAKE_COMPILER_IS_GNU)
+ endif(CMAKE_COMPILER_IS_GNU)
+
+ if(CMAKE_COMPILER_IS_CLANG)
+- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral")
++ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wno-error=documentation")
+ set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
+ set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
+ set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Do-not-overwrite-CFLAGS.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Do-not-overwrite-CFLAGS.patch
index a7d7dc8897..af31b436db 100644
--- a/meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Do-not-overwrite-CFLAGS.patch
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0003-mbedtls-Do-not-overwrite-CFLAGS.patch
@@ -13,8 +13,6 @@ flags that also overwrite bitbake ones.
lib/mbedtls-2.28.0/CMakeLists.txt | 2 --
1 file changed, 2 deletions(-)

-diff --git a/lib/mbedtls-2.28.0/CMakeLists.txt b/lib/mbedtls-2.28.0/CMakeLists.txt
-index d76bddc..e717846 100644
--- a/lib/mbedtls-2.28.0/CMakeLists.txt
+++ b/lib/mbedtls-2.28.0/CMakeLists.txt
@@ -204,8 +204,6 @@ if(CMAKE_COMPILER_IS_GNU)
@@ -26,3 +24,12 @@ index d76bddc..e717846 100644
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
+@@ -215,8 +213,6 @@ endif(CMAKE_COMPILER_IS_GNU)
+
+ if(CMAKE_COMPILER_IS_CLANG)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral")
+- set(CMAKE_C_FLAGS_RELEASE "-O2")
+- set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
+ set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
+ set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
+ set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0004-Use-correct-type-to-store-return-from-flb_kv_item_cr.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0004-Use-correct-type-to-store-return-from-flb_kv_item_cr.patch
new file mode 100644
index 0000000000..224b8ccf1b
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0004-Use-correct-type-to-store-return-from-flb_kv_item_cr.patch
@@ -0,0 +1,43 @@
+From a797b79483940ed4adcaa5fe2c40dd0487c7c2c7 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Tue, 9 Aug 2022 11:39:08 -0700
+Subject: [PATCH 4/5] Use correct type to store return from flb_kv_item_create
+
+Fix
+error: incompatible pointer to integer conversion assigning to 'int' from 'struct flb_kv *'
+
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ plugins/out_stackdriver/stackdriver_conf.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/plugins/out_stackdriver/stackdriver_conf.c b/plugins/out_stackdriver/stackdriver_conf.c
+index a9a8eb0..e4f969e 100644
+--- a/plugins/out_stackdriver/stackdriver_conf.c
++++ b/plugins/out_stackdriver/stackdriver_conf.c
+@@ -176,12 +176,12 @@ static int read_credentials_file(const char *cred_file, struct flb_stackdriver *
+
+ static int parse_configuration_labels(struct flb_stackdriver *ctx)
+ {
+- int ret;
+ char *p;
+ flb_sds_t key;
+ flb_sds_t val;
+ struct mk_list *head;
+ struct flb_slist_entry *entry;
++ struct flb_kv *ret;
+ msgpack_object_kv *kv = NULL;
+
+ if (ctx->labels) {
+@@ -216,7 +216,7 @@ static int parse_configuration_labels(struct flb_stackdriver *ctx)
+ flb_sds_destroy(key);
+ flb_sds_destroy(val);
+
+- if (ret == -1) {
++ if (!ret) {
+ return -1;
+ }
+ }
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0005-stackdriver-Fix-return-type-mismatch.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0005-stackdriver-Fix-return-type-mismatch.patch
new file mode 100644
index 0000000000..cdbbb6b2c1
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0005-stackdriver-Fix-return-type-mismatch.patch
@@ -0,0 +1,31 @@
+From 27f0bd5a3339612e03112e6b490900a9fabc3337 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Tue, 9 Aug 2022 11:44:25 -0700
+Subject: [PATCH 5/5] stackdriver: Fix return type mismatch
+
+Fix
+error: incompatible integer to pointer conversion returning 'int' from a function with result type 'flb_sds_t' (aka 'char *') [-Wint-conversion]
+ return -1;
+ ^~
+
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ plugins/out_stackdriver/stackdriver.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/out_stackdriver/stackdriver.c b/plugins/out_stackdriver/stackdriver.c
+index ae66bf2..e01755c 100644
+--- a/plugins/out_stackdriver/stackdriver.c
++++ b/plugins/out_stackdriver/stackdriver.c
+@@ -2033,7 +2033,7 @@ static flb_sds_t stackdriver_format(struct flb_stackdriver *ctx,
+ flb_sds_destroy(operation_producer);
+ msgpack_unpacked_destroy(&result);
+ msgpack_sbuffer_destroy(&mp_sbuf);
+- return -1;
++ return NULL;
+ }
+
+ /* Number of parsed labels */
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0006-monkey-Fix-TLS-detection-testcase.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0006-monkey-Fix-TLS-detection-testcase.patch
new file mode 100644
index 0000000000..eef1a56ba7
--- /dev/null
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0006-monkey-Fix-TLS-detection-testcase.patch
@@ -0,0 +1,34 @@
+From f88d9b82e8bd8ae38fba666b5825ffb41769f81a Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Tue, 9 Aug 2022 12:25:22 -0700
+Subject: [PATCH] monkey: Fix TLS detection testcase
+
+Clang15 errors out on compiling the check and disables TLS
+
+Fixes errors like
+
+error: call to undeclared function '__tls_get_addr'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
+ __tls_get_addr(0);
+ ^
+
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ lib/monkey/CMakeLists.txt | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/monkey/CMakeLists.txt b/lib/monkey/CMakeLists.txt
+index 15e62e8..96ac2bd 100644
+--- a/lib/monkey/CMakeLists.txt
++++ b/lib/monkey/CMakeLists.txt
+@@ -178,6 +178,8 @@ endif()
+ # Use old Pthread TLS
+ if(NOT MK_PTHREAD_TLS)
+ check_c_source_compiles("
++ #include <sys/types.h>
++ extern void *__tls_get_addr(size_t *v);
+ __thread int a;
+ int main() {
+ __tls_get_addr(0);
+--
+2.37.1
+
diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb b/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb
index f98d416b24..77fed7fcfb 100644
--- a/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb
+++ b/meta-oe/recipes-extended/fluentbit/fluentbit_1.9.6.bb
@@ -16,12 +16,18 @@ SRC_URI = "https://releases.fluentbit.io/1.9/source-${PV}.tar.gz;subdir=fluent-b
file://0002-flb_info.h.in-Do-not-hardcode-compilation-directorie.patch \
file://0003-mbedtls-Do-not-overwrite-CFLAGS.patch \
file://0004-build-Make-systemd-init-systemd-detection-contingent.patch \
+ file://0001-monkey-Define-_GNU_SOURCE-for-memmem-API-check.patch \
+ file://0002-mbedtls-Remove-unused-variable.patch \
+ file://0003-mbedtls-Disable-documentation-warning-as-error-with-.patch \
+ file://0004-Use-correct-type-to-store-return-from-flb_kv_item_cr.patch \
+ file://0005-stackdriver-Fix-return-type-mismatch.patch \
+ file://0006-monkey-Fix-TLS-detection-testcase.patch \
"
SRC_URI[sha256sum] = "5ef7dd97e10936269fe5f4e5d3ebf16559333066f7d6757ba12464a9d6186570"

S = "${WORKDIR}/fluent-bit-${PV}"

-DEPENDS = "zlib bison-native flex-native openssl"
+DEPENDS = "zlib bison-native flex-native"
DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"

PACKAGECONFIG[yaml] = "-DFLB_CONFIG_YAML=On,-DFLB_CONFIG_YAML=Off,libyaml"
@@ -61,6 +67,9 @@ EXTRA_OECMAKE += "-DFLB_SHARED_LIB=Off"
# Enable systemd iff systemd is in DISTRO_FEATURES
EXTRA_OECMAKE += "${@bb.utils.contains('DISTRO_FEATURES','systemd','-DFLB_SYSTEMD=On','-DFLB_SYSTEMD=Off',d)}"

+# Enable release builds
+EXTRA_OECMAKE += "-DFLB_RELEASE=On"
+
EXTRA_OECMAKE:append:riscv64 = " -DFLB_DEPS='atomic'"
EXTRA_OECMAKE:append:riscv32 = " -DFLB_DEPS='atomic'"

--
2.37.1

Fixes https://github.com/openembedded/meta-openembedded/issues/590

Signed-off-by: Khem Raj <raj.khem@...>
---
meta-oe/recipes-support/pcp/pcp_5.3.6.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/pcp/pcp_5.3.6.bb b/meta-oe/recipes-support/pcp/pcp_5.3.6.bb
index 48d536e1d6..0543d77a78 100644
--- a/meta-oe/recipes-support/pcp/pcp_5.3.6.bb
+++ b/meta-oe/recipes-support/pcp/pcp_5.3.6.bb
@@ -34,7 +34,7 @@ USERADD_PACKAGES = "${PN}"
USERADD_PARAM:${PN} = "--system --home ${localstatedir}/lib/pcp --no-create-home \
--user-group pcp"

-USERADD_PACKAGES = "${PN}-testsuite"
+USERADD_PACKAGES += "${PN}-testsuite"
USERADD_PARAM:${PN}-testsuite = "--system --home ${localstatedir}/lib/pcp/testsuite --no-create-home \
--user-group pcpqa"

--
2.37.1

Cryptsetup SSH tokens is the only feature that has a dependency on
libssh. Add a packageconfig to control this dependency.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@...>
---
meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb
index 8f9f663a3..4f8bbf035 100644
--- a/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb
+++ b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb
@@ -14,7 +14,6 @@ DEPENDS = " \
libdevmapper \
popt \
util-linux-libuuid \
- libssh \
"

DEPENDS:append:libc-musl = " argp-standalone"
@@ -39,6 +38,7 @@ PACKAGECONFIG ??= " \
blkid \
luks-adjust-xts-keysize \
openssl \
+ ssh-token \
"
PACKAGECONFIG:append:class-target = " \
udev \
@@ -69,6 +69,7 @@ PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss"
PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel"
PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle"
PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1"
+PACKAGECONFIG[ssh-token] = "--enable-ssh-token,--disable-ssh-token,libssh"

EXTRA_OECONF = "--enable-static"
# Building without largefile is not supported by upstream
@@ -78,6 +79,14 @@ EXTRA_OECONF += "--disable-static-cryptsetup"
# There's no recipe for libargon2 yet
EXTRA_OECONF += "--disable-libargon2"

+do_install:append() {
+ # The /usr/lib/cryptsetup directory is always created, even when ssh-token
+ # is disabled. In that case it is empty and causes a packaging error. Since
+ # there is no reason to distribute the empty directory, the easiest solution
+ # is to remove it if it is empty.
+ rmdir -p --ignore-fail-on-non-empty ${D}${libdir}/${BPN}
+}
+
FILES:${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}"

RDEPENDS:${PN} = " \

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@...>
---
.../recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb | 3 +++
1 file changed, 3 insertions(+)

diff --git a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb
index a5fcb8d72..2a3a4ebd0 100644
--- a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb
+++ b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb
@@ -41,3 +41,6 @@ RDEPENDS:${PN} += " ${@bb.utils.contains('PACKAGECONFIG', 'libuv', '${PN}-evlib-
RDEPENDS:${PN} += " ${@bb.utils.contains('PACKAGECONFIG', 'libev', '${PN}-evlib-ev', '', d)}"

RDEPENDS:${PN}-dev += " ${@bb.utils.contains('PACKAGECONFIG', 'static', '${PN}-staticdev', '', d)}"
+
+# Avoid absolute paths to end up in the sysroot.
+SSTATE_SCAN_FILES += "*.cmake"

Signed-off-by: Matthias Klein <matthias@...>
---
.../libftdi/{libftdi_1.4.bb =3D> libftdi_1.5.bb} | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
rename meta-oe/recipes-support/libftdi/{libftdi_1.4.bb =3D> libftdi_1.5.=
bb} (79%)

diff --git a/meta-oe/recipes-support/libftdi/libftdi_1.4.bb b/meta-oe/rec=
ipes-support/libftdi/libftdi_1.5.bb
similarity index 79%
rename from meta-oe/recipes-support/libftdi/libftdi_1.4.bb
rename to meta-oe/recipes-support/libftdi/libftdi_1.5.bb
index f142cb228..55105c7b2 100644
--- a/meta-oe/recipes-support/libftdi/libftdi_1.4.bb
+++ b/meta-oe/recipes-support/libftdi/libftdi_1.5.bb
@@ -12,8 +12,8 @@ LIC_FILES_CHKSUM=3D "\
DEPENDS =3D "libusb1 python3 swig-native"
=20
SRC_URI =3D "http://www.intra2net.com/en/developer/${BPN}/download/${BPN=
}1-${PV}.tar.bz2"
-SRC_URI[md5sum] =3D "0c09fb2bb19a57c839fa6845c6c780a2"
-SRC_URI[sha256sum] =3D "ec36fb49080f834690c24008328a5ef42d3cf584ef4060f3=
a35aa4681cb31b74"
+SRC_URI[md5sum] =3D "f515d7d69170a9afc8b273e8f1466a80"
+SRC_URI[sha256sum] =3D "7c7091e9c86196148bd41177b4590dccb1510bfe6cea5bf7=
407ff194482eb049"
=20
S =3D "${WORKDIR}/${BPN}1-${PV}"
=20
@@ -22,7 +22,8 @@ inherit cmake binconfig pkgconfig python3native
PACKAGECONFIG ??=3D ""
PACKAGECONFIG[cpp-wrapper] =3D "-DFTDI_BUILD_CPP=3Don -DFTDIPP=3Don,-DFT=
DI_BUILD_CPP=3Doff -DFTDIPP=3Doff,boost"
=20
-EXTRA_OECMAKE =3D "-DLIB_SUFFIX=3D${@d.getVar('baselib').replace('lib', =
'')} \
+EXTRA_OECMAKE =3D "-DSTATICLIBS=3Doff -DEXAMPLES=3Doff -DFTDI_EEPROM=3Do=
ff \
+ -DLIB_SUFFIX=3D${@d.getVar('baselib').replace('lib', ''=
)} \
-DPYTHON_LIBRARY=3D${STAGING_LIBDIR}/lib${PYTHON_DIR}${=
PYTHON_ABI}.so \
-DPYTHON_INCLUDE_DIR=3D${STAGING_INCDIR}/${PYTHON_DIR}$=
{PYTHON_ABI}"
=20
--=20
2.30.2

merged thanks Armin.

The following changes since commit 52cee67833d1975a5bd52e4556c4cd312425a017:

  ntfs-3g-ntfsprogs: upgrade to 2021.8.22 (2022-07-16 12:56:17 -0700)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded dunfell-next

for you to fetch changes up to f22bf6efaae61a8fd9272be64e7d75223c58922e:

  meta-oe: Add leading whitespace for append operator (2022-08-02 06:59:38 -0700)

----------------------------------------------------------------
Armin Kuster (1):
      bigbuckbunny-1080p: update SRC_URI

Chen Qi (1):
      ntfs-3g-ntfsprogs: upgrade to 2022.5.17

Khem Raj (1):
      meta-oe: Add leading whitespace for append operator

 .../ntfs-3g-ntfsprogs/{ntfs-3g-ntfsprogs_2021.8.22.bb => ntfs-3g-ntfsprogs_2022.5.17.bb}  | 3 +--
 meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb | 2 +-
 meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb | 2 +-
 meta-oe/recipes-devtools/grpc/grpc_1.24.3.bb | 2 +-
 meta-oe/recipes-devtools/lua/lua_5.3.6.bb | 2 +-
 meta-oe/recipes-extended/gnuplot/gnuplot_5.2.8.bb | 2 +-
 meta-oe/recipes-extended/libstatgrab/libstatgrab_0.92.bb | 2 +-
 meta-oe/recipes-support/anthy/anthy_9100h.bb | 4 ++--
 8 files changed, 9 insertions(+), 10 deletions(-)
 rename meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/{ntfs-3g-ntfsprogs_2021.8.22.bb => ntfs-3g-ntfsprogs_2022.5.17.bb} (93%)

audit errors out due to swig munging it does with kernel headers

| audit_wrap.c: In function '_wrap_audit_rule_data_buf_set':
| audit_wrap.c:4701:17: error: cast specifies array type
| 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
| | ^
| audit_wrap.c:4701:15: error: invalid use of flexible array member
| 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
| | ^
| audit_wrap.c:4703:15: error: invalid use of flexible array member
| 4703 | arg1->buf = 0;
| | ^

These errors are due to VLAIS from kernel headers, so we copy
linux/audit.h and make the needed change in local audit.h and make
needed arrangements in build to use it when building audit package

Signed-off-by: Khem Raj <raj.khem@...>
Cc: Bruce Ashfield <bruce.ashfield@...>
---
.../audit/Fixed-swig-host-contamination-issue.patch | 13 +++----------
.../audit/{audit_3.0.7.bb => audit_3.0.8.bb} | 7 ++++++-
2 files changed, 9 insertions(+), 11 deletions(-)
rename meta-oe/recipes-security/audit/{audit_3.0.7.bb => audit_3.0.8.bb} (93%)

diff --git a/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch b/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
index 740bcb5a7f..b023c80ae4 100644
--- a/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
+++ b/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
@@ -18,11 +18,9 @@ Signed-off-by: Yi Zhao <yi.zhao@...>
bindings/swig/src/auditswig.i | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)

-diff --git a/bindings/swig/python3/Makefile.am b/bindings/swig/python3/Makefile.am
-index dd9d934..61b486d 100644
--- a/bindings/swig/python3/Makefile.am
+++ b/bindings/swig/python3/Makefile.am
-@@ -22,6 +22,7 @@
+@@ -23,6 +23,7 @@
CONFIG_CLEAN_FILES = *.loT *.rej *.orig
AM_CFLAGS = -fPIC -DPIC -fno-strict-aliasing $(PYTHON3_CFLAGS)
AM_CPPFLAGS = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
@@ -30,7 +28,7 @@ index dd9d934..61b486d 100644
LIBS = $(top_builddir)/lib/libaudit.la
SWIG_FLAGS = -python -py3 -modern
SWIG_INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
-@@ -36,7 +37,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudi
+@@ -37,7 +38,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/li
_audit_la_LIBADD = ${top_builddir}/lib/libaudit.la
nodist__audit_la_SOURCES = audit_wrap.c
audit.py audit_wrap.c: ${srcdir}/../src/auditswig.i
@@ -39,8 +37,6 @@ index dd9d934..61b486d 100644

CLEANFILES = audit.py* audit_wrap.c *~

-diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
-index 21aafca..dd0f62c 100644
--- a/bindings/swig/src/auditswig.i
+++ b/bindings/swig/src/auditswig.i
@@ -39,7 +39,7 @@ signed
@@ -48,10 +44,7 @@ index 21aafca..dd0f62c 100644
typedef unsigned __u32;
typedef unsigned uid_t;
-%include "/usr/include/linux/audit.h"
-+%include "linux/audit.h"
++%include "../lib/audit.h"
#define __extension__ /*nothing*/
%include <stdint.i>
%include "../lib/libaudit.h"
---
-2.17.1
-
diff --git a/meta-oe/recipes-security/audit/audit_3.0.7.bb b/meta-oe/recipes-security/audit/audit_3.0.8.bb
similarity index 93%
rename from meta-oe/recipes-security/audit/audit_3.0.7.bb
rename to meta-oe/recipes-security/audit/audit_3.0.8.bb
index d77aec2964..3dbfc9e604 100644
--- a/meta-oe/recipes-security/audit/audit_3.0.7.bb
+++ b/meta-oe/recipes-security/audit/audit_3.0.8.bb
@@ -15,7 +15,7 @@ SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;proto
"

S = "${WORKDIR}/git"
-SRCREV = "f60b2d8f55c74be798a7f5bcbd6c587987f2578a"
+SRCREV = "54a62e78792fe583267cf80da717ee480b8f42bc"

inherit autotools python3native update-rc.d systemd

@@ -71,6 +71,11 @@ FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"

CONFFILES:auditd = "${sysconfdir}/audit/audit.rules"

+do_configure:prepend() {
+ sed -e 's|buf\[];|buf[0];|g' ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h
+ sed -i -e 's|#include <linux/audit.h>|#include "audit.h"|g' ${S}/lib/libaudit.h
+}
+
do_install:append() {
rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la
--
2.37.1

From: Bruce Ashfield <bruce.ashfield@...>

Updating to 2.1.5 primarily for kernel 5.19+ support. We refresh
one patch, and pick up the following changes:

Changes
- Remove install of zfs-load-module.service for dracut #13574
- FreeBSD: Silence clang unused-but-set-variable
- Improve sorted scan memory accounting #13537
- Corrected edge case in uncompressed ARC->L2ARC handling #13375
- Remove wrong assertion in log spacemap #13486 #13513
- libzfs: Fail making a dataset handle gracefully #13077
- libzfs: mount: don't leak mnt_param_t if mnt_func fails #12968
- Reject zfs send -RI with nonexistent fromsnap #12574 #12575
- Linux 5.18 compat: META #13527
- autoconf: AC_MSG_CHECKING consistency #13529
- Linux 5.19 compat: asm/fpu/internal.h #13529
- Linux 5.19 compat: zap_flags_t conflict #13515
- Linux 5.19 compat: bdev_start_io_acct() / bdev_end_io_acct() #13515
- Linux 5.19 compat: aops->read_folio() #13515
- Linux 5.19 compat: blkdev_issue_secure_erase() #13515
- Linux 5.19 compat: bdev_max_secure_erase_sectors() #13515
- Linux 5.19 compat: bdev_max_discard_sectors() #13515
- Linux 5.18 compat: bio_alloc() #13515
- Silence unused-but-set-variable warning #13507
- zed: support subject as header in zed_notify_email() #13440
- rpm: Keep debug symbols if configured with '--enable-debuginfo' #13500
- FreeBSD: libspl: Add locking around statfs globals #13484
- Standardize RHEL version check in packages #13501
- Modified ncompress requirement in RPM to exclude RHEL9 #13480 #13490
- zed: Take no action on scrub/resilver checksum errors #13499
- zdb: Fix handling of nul termination in symlink targets #13482
- automake: don't install /e/d/zfs or /e/z/zfs-functions +x #13496
- Multiple dracut module install script cleanups #13010
- Remove absolute paths to udev rules and binaries for dracut #13010
- Make dracut fail if essential files cannot be installed #13010
- Make better use of dracut functions when building initramfs #13010
- Fix compiler warnings about zero-length arrays in inline bitops #13463 #13465
- Add missing AC_MSG_RESULT(no) to configure #13454
- abd_os: remove redundant refcount creation for abd_children #13429
- Fix functions without a prototype #13421
- FreeBSD: use zero_region instead of allocating a dedicated page #13406
- autoconf: Fail when __copy_from_user_inatomic is a non-GPL symbol #13389
- PPC get_user workaround #11958 #12590 #13367
- Adding ZERO_PAGE detection #13199
- autoconf: Pretend CONFIG_MODULES is always on
- kbuild: unify modules(_install) for in-tree and external modules #10832 #13361
- Strengthen Linux kernel capabilities detection #13351
- zvol_wait: Ignore locked zvols #10662
- FreeBSD: Implement hole-punching support #12458
- module: zstd: check we don't leak symbols; regenerate symbol map #12988 #13209
- man: zpool-import.8: -d -or -c #13437
- Reduce dbuf_find() lock contention #13405
- contrib: dracut: remove getargbool polyfill #13291
- Add dracut.zfs.7 #13291
- contrib: dracut: zfs-needshutdown: don't list #13291
- contrib: dracut: zfs-{rollback,snapshot}-bootfs: order after key loading #13291
- contrib: dracut: don't require essentials to be under the same encroot #13291
- contrib: dracut: inline single-use import_pool, move single-use ask_for_password #13291
- contrib: dracut: zfs-lib: remove find_bootfs #13291
- contrib: dracut: zfs-lib: simplify ask_for_password #13291
- contrib; dracut: flatten zfs-load-key, simplify zfs-env-bootfs #13291
- contrib; dracut: centralise root= parsing, actually support root=s #13291
- contrib: dracut: parse-zfs: stop pretending we support FILESYSTEM= #13291
- contrib: dracut: parse-zfs: drop initqueue-finished for i/f #13291
- contrib/dracut: zfs-lib: export_all: replace with inline zpool export -a #13093
- Remove REMAKE_INITRD #12781
- Python 3.10 fixes, part 2 #12045 #12673
- Silence unused-but-set-variable warnings
- module: zfs: freebsd: fix unused, remove argsused #12844
- FreeBSD: remove unused variable
- zvol: remove unused variable #12917
- fm: remove unused variables #12917
- zvol: remove unused variable #12917
- module/zfs: vdev_removal: spa_vdev_remove_thread: remove unused variable #12187
- module/zfs: vdev_indirect: vdev_indirect_repair: remove unused variable #12187
- module/zfs: dbuf: dbuf_read_impl: remove unused variable #12187
- module/zfs: arc: arc_hdr_realloc_crypt: remove unused variables #12187
- libzfs: zfs_send: remove unused variable #12187
- libzutil: zpool_find_config: remove unused variable #12187
- Skip spacemaps reading in case of pool readonly import #9095 #12687
- zfs: holds: dequadratify #13372 #13373
- Linux 5.18 compat: replace __set_page_dirty_nobuffers #13325 #13380
- Fix O_APPEND for Linux 3.15 and older kernels #13370 #13377
- Linux 5.18 compat: kobj_type.default_attrs replaced with default_groups #13357
- FreeBSD: Fix translation from ABD to physical pages.
- Corrected oversight in ZERO_RANGE behavior #13329 #13338
- Document zfs inherit -S's interaction with noninheritable properties #11894 #13335
- Linux 5.17 compat: GENHD_FL_EXT_DEVT / GENHD_FL_NO_PART_SCAN #13294 #13297
- FreeBSD: Return Mach error codes from VOP_(GET|PUT)PAGES #13311
- FreeBSD: Parameterize ZFS_ENTER/ZFS_VERIFY_VP with an error code #13311
- libzfs: import: zpool_clear_label: actually fail if clearing l2arc header fails #13304
- libzfs: sendrecv: always cancel progress thread in zfs_send_one() #11560 #13284
- Linux 5.18 compat: use address_space_operations->readahead #13278
- Linux 5.18 compat: blkg_tryget is moved to private headers #13278
- Linux 5.18 compat: replace genhd.h with blkdev.h includes #13251
- Linux 5.18 compat: 4-argument bio_alloc() #13251
- FreeBSD: Use NDFREE_PNBUF if available #13277
- Export minimal zfs_refcount interfaces #12613
- Default to zfs_dmu_offset_next_sync=1 #12746
- etc/systemd/zfs-mount-generator: serialise, handle keylocation=http[s]:// #12138
- libzfs: diff: stream_bytes: use fputc, %hho formats chars #12829
- zfs, libzfs: diff: accept -h/ZFS_DIFF_NO_MANGLE, disabling path escaping #12829

Signed-off-by: Bruce Ashfield <bruce.ashfield@...>
---
...01-Define-strndupa-if-it-does-not-exist.patch | 16 +++++++---------
.../zfs/{zfs_2.1.4.bb => zfs_2.1.5.bb} | 2 +-
2 files changed, 8 insertions(+), 10 deletions(-)
rename meta-filesystems/recipes-filesystems/zfs/{zfs_2.1.4.bb => zfs_2.1.5.bb} (95%)

diff --git a/meta-filesystems/recipes-filesystems/zfs/zfs/0001-Define-strndupa-if-it-does-not-exist.patch b/meta-filesystems/recipes-filesystems/zfs/zfs/0001-Define-strndupa-if-it-does-not-exist.patch
index 8bb8b9479..80955b3ca 100644
--- a/meta-filesystems/recipes-filesystems/zfs/zfs/0001-Define-strndupa-if-it-does-not-exist.patch
+++ b/meta-filesystems/recipes-filesystems/zfs/zfs/0001-Define-strndupa-if-it-does-not-exist.patch
@@ -1,4 +1,4 @@
-From 54883e714b7fd1e7f4ce47eb1fc09adff35d561e Mon Sep 17 00:00:00 2001
+From cc0cd6f71f6ef96fca2d7b730a3f0f6722fec696 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@...>
Date: Sat, 7 May 2022 12:15:22 -0700
Subject: [PATCH] Define strndupa if it does not exist
@@ -7,17 +7,18 @@ musl e.g. does not supply strndupa, unlike glibc

Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@...>
+
---
etc/systemd/system-generators/zfs-mount-generator.c | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/etc/systemd/system-generators/zfs-mount-generator.c b/etc/systemd/system-generators/zfs-mount-generator.c
-index b806339..592d2f9 100644
+index f4c6c26..255bee4 100644
--- a/etc/systemd/system-generators/zfs-mount-generator.c
+++ b/etc/systemd/system-generators/zfs-mount-generator.c
-@@ -47,6 +47,15 @@
- #define STRCMP ((int(*)(const void *, const void *))&strcmp)
- #define PID_T_CMP ((int(*)(const void *, const void *))&pid_t_cmp)
+@@ -193,6 +193,15 @@ fopenat(int dirfd, const char *pathname, int flags,
+ return (fdopen(fd, stream_mode));
+ }

+#ifndef strndupa
+#define strndupa(s, n) \
@@ -29,8 +30,5 @@ index b806339..592d2f9 100644
+#endif
+
static int
- pid_t_cmp(const pid_t *lhs, const pid_t *rhs)
+ line_worker(char *line, const char *cachefile)
{
---
-2.36.0
-
diff --git a/meta-filesystems/recipes-filesystems/zfs/zfs_2.1.4.bb b/meta-filesystems/recipes-filesystems/zfs/zfs_2.1.5.bb
similarity index 95%
rename from meta-filesystems/recipes-filesystems/zfs/zfs_2.1.4.bb
rename to meta-filesystems/recipes-filesystems/zfs/zfs_2.1.5.bb
index dd676c945..6aa674c79 100644
--- a/meta-filesystems/recipes-filesystems/zfs/zfs_2.1.4.bb
+++ b/meta-filesystems/recipes-filesystems/zfs/zfs_2.1.5.bb
@@ -7,7 +7,7 @@ HOMEPAGE ="https://github.com/openzfs/zfs"
SRC_URI = "https://github.com/openzfs/zfs/releases/download/${BPN}-${PV}/${BPN}-${PV}.tar.gz \
file://0001-Define-strndupa-if-it-does-not-exist.patch \
"
-SRC_URI[sha256sum] = "3b52c0d493f806f638dca87dde809f53861cd318c1ebb0e60daeaa061cf1acf6"
+SRC_URI[sha256sum] = "1913041e5c44ff07ca384346ad8145aeedf77e77cd1cea9ec5d533246691e10c"

# Using both 'module' and 'autotools' classes seems a bit odd, they both
# define a do_compile function.
--
2.25.1