microPlatform update 73

Posted on Aug 10, 2020

7 min read

Linux microPlatform

Highlights

  • Aktualizr-Lite updated to the latest Aktualizr 2020.7 release
  • Support for pre-loading container images as part of the LmP image
  • Linux-lmp updated to the 5.4.54 stable release
  • Linux-lmp-dev for mx8mm updated to the 5.4.51 stable release
  • Wireguard Module updated to the 20200712 snapshot
  • SPL and OP-TEE support now available for the imx6ullevk target
  • Python3 updated to the 3.8.5 release

Layer Updates

Meta LMP

  • base: aktualizr-lite: bump to 1b50571, ak 2020.7+fio
  • base: docker-ce: Systemd service to pre-load container images
  • base: fioconfig: bump to 5553f08
  • base: kernel-lmp-fitimage: add support for FIT_LOADABLES
  • base: linux-lmp: bump kernel to 5.4.54
  • base: linux-lmp-dev-mfgtool: add lzop-native to depends
  • base: lmp-device-register: bump rev to 633b11b
  • base: optee-os: bump to 70035ca3
  • base: optee-sks: bump to e098eeb7
  • base: softhsm: add release 2.6.1
  • base: u-boot-fio: bump revision to 954fb028
  • base: wireguard-module: upgrade 20200506 -> 20200712
  • bsp: base-files: imx6ullevk: add fstab
  • bsp: linux-lmp-dev-mfgtool: add defconfig for imx6ullevk
  • bsp: lmp-machine-custom: imx6ullevk: update build settings
  • bsp: lmp-machine-custom: mx6ull: enable sota ubootenv
  • bsp: lmp-machine-custom: mx8mm: bump kernel to 5.4.51
  • bsp: mfgtool-files: add support for imx6ullevk
  • bsp: optee-os: add configuration for imx6ullevk
  • bsp: u-boot-fio: imx6ullevk: fix fw_env size
  • bsp: u-boot-fio: imx6ullevk: update config fragment
  • bsp: u-boot-fio-mfgtool: imx6ullevk: introduce mfgtool config fragment
  • bsp: u-boot-ostree-scr-fit: add support for imx6ullevk
  • bsp: u-boot-ostree-scr-fit: imx6ullevk: save env on init
  • bsp: wic: add sdimage-imx6-spl-fit-sota.wks
  • Revert "base: linux-lmp-dev: add workaround for oe-core e684532"
  • Revert "base: sudo: set with-rundir to /run/sudo"

Meta Freescale

  • linux-fslc: upgrade kernel to v5.4.51 from korg
  • Revert "weston-init: use g2d for i.MX8M Nano SoC"

Meta Intel

  • gmmlib: upgrade 20.1.1 -> 20.2.2
  • intel-compute-runtime: 20.24.17065 -> 20.27.17231
  • intel-graphics-compiler: drop llvm9/clang9 support
  • intel-graphics-compiler: upgrade 1.0.4154 -> 1.0.4241
  • intel-media-driver: upgrade 20.1.1 -> 20.2.0
  • intel-mediasdk: upgrade 20.1.1 -> 20.2.0
  • ixgbe: upgrade 5.7.1 -> 5.8.1
  • ixgbevf: upgrade 4.7.1 -> 4.8.1
  • layer.conf: drop zeus compatibility
  • llvm-project-source: apply llvm-patches for llvm10 as well
  • llvm-project-source: drop llvm9 support
  • opencl-clang: drop llvm9/clang9 support

Meta OpenEmbedded

  • ace: Upgrade to 6.5.10
  • babeld: upgrade 1.9.1 -> 1.9.2
  • freeradius: fix the existed certificate error
  • glmark2: don't build full OpenGL backends by default
  • graphene: upgrade 1.10.0 -> 1.10.2
  • lvm2: reproducible binaries
  • memcached: Upgrade to 1.6.6
  • netkit-telnetd: Fix buffer overflow in netoprintf
  • net-snmp, openjpeg: add proper CVE tags to patches
  • network-manager-applet: Add missing dependency on libgudev
  • networkmanager: Fix udev dependency
  • networkmanager: Package nmcli separately
  • nss: upgrade 3.51.1 -> 3.54
  • python3-bitarray: Upgrade 1.2.2 -> 1.4.1
  • python3-bitstruct: Added recipe
  • python3-cantools: Added recipe
  • python3-cbor2: Upgrade 5.1.0 -> 5.1.1
  • python3-coverage: Upgrade 5.1 -> 5.2
  • python3-dateparser: Added recipe
  • python3-diskcache: Added recipe
  • python3-ecdsa: add package
  • python3-gmpy2: add new package
  • python3-gnupg: add new package
  • python3-isort: Upgrade 4.3.21 -> 5.1.4
  • python3-mock: Upgrade 4.0.1 -> 4.0.2
  • python3-netaddr: Upgrade 0.7.20 -> 0.8.0
  • python3-obd: Add missing setuptools RDEPENDS
  • python3-packaging: add -native version
  • python3-pint: add setuptools and packaging to RDEPENDS
  • python3-psutil: Upgrade 5.7.0 -> 5.7.2
  • python3-pychromecast: Upgrade 7.1.1 -> 7.1.2
  • python3-pymysql: Upgrade 0.9.3 -> 0.10.0
  • python3-qrcode: add package
  • python3-requests-file: Enable ptest
  • python3-rsa: add new package
  • python3-semver: Enable ptest
  • python3-simplejson: Upgrade 3.17.0 -> 3.17.2
  • python3-smpplib: Enable ptest
  • python3-soupsieve: Enable ptest
  • python3-stevedore: Upgrade 2.0.1 -> 3.2.0
  • python3-typeguard: Enable ptest
  • python3-xlsxwriter: add recipe for v 1.2.9
  • radvd: add /etc/radvd.conf
  • recipes-graphics: add Khronos OpenGL ES and Vulkan CTS recipes
  • Remmina: Upgrade to 1.4.7
  • samba: Fix conflicts with nss.h from glibc
  • toybox-inittab: unpack to S
  • wireguard-module: upgrade 1.0.20200401 -> 1.0.20200712
  • wireguard-tools: upgrade 1.0.20200319 -> 1.0.20200513
  • xfce4-time-out-plugin: upgrade 1.1.0 -> 1.1.1
  • xfce4-whiskermenu-plugin: upgrade 2.4.4 -> 2.4.5

Meta RISC-V

  • Add a CONTRIBUTORS file
  • README.md: Minor fix to using wayland image for HiFive Unleashed board

Meta Security

  • add gitlab framework and qemu machine
  • bastille: Deleted redundant inherit to fix error when enable multilib.
  • cryptsetup-tpm-incubator: RPROVIDES cryptsetup and cryptsetup-dev
  • drop ci-build: it is hiding errors
  • ibmswtpm2: upgrade 1563 -> 1628
  • kas: add ima, tpm and tpm2 build configs
  • layer.conf: add dynamic-layer for strongswan
  • lynis: update to 3.0.0
  • meta-integrity: add dynamic-layer for strongswan
  • packagegroup-core-security: remove clamav for riscv
  • packagegroup-security-tpm2: Depend on preferred provider for cryptsetup
  • packagegroup-security-tpm: add more packages for building
  • python3-oauth2client: add recipe
  • python3-privacyidea: adding initial support for mfa
  • security images: Move to recipe-core
  • security packagegroups: move to recipes-core
  • strongswan: Add bbappends for ima changes
  • strongswan: add bbappends for tpm changes

Meta Updater

  • Update garage-push invocation for new cli

Meta Virtualization

  • conmon: uprev 2.0.11 > 2.0.18
  • qemu: Remove duplicated xen PACKAGECONFIG
  • xen, arm32: filter out unwanted tune flags from CPP as per CC
  • xen: drop vars that duplicate hvc console from the r-pi4 config
  • xen-tools: packaging for new files in Xen 4.14
  • xen, xen-tools: add recipes for Xen 4.14

OpenEmbedded Core

  • arch-armv8-2a.inc: add tune include for armv8.2a
  • asciidoc: upgrade 9.0.0 -> 9.0.1
  • autotools: don't special-case help2man-native for dependencies
  • bash-completion: update to 2.11
  • bind: upgrade 9.11.19 -> 9.11.21
  • btrfs-tools: upgrade 5.6.1 -> 5.7
  • buildhistory: use pid for temporary txt file name
  • busybox: make hwclock compatible with glibc 2.31
  • ccache: Upgrade to 3.7.11
  • checklayer: check layer in BBLAYERS before test
  • classes/cmake: Fix host detection
  • classes/package: Use HOST_OS for runtime dependencies
  • classes/reproducible: Move to library code
  • createrepo-c: upgrade 0.15.11 -> 0.16.0
  • cryptodev-module: Backport a patch to fix build failure with kernel v5.8
  • cve-check.bbclass: always save cve report
  • cve-update: handle baseMetricV2 as optional
  • diffoscope: upgrade 150 -> 151
  • dpkg: upgrade 1.20.0 -> 1.20.5
  • e2fsprogs: fix up check for hardlinks always false if inode > 0xFFFFFFFF
  • epiphany: upgrade 3.36.2 -> 3.36.3
  • expat: Added ptest
  • ffmpeg: upgrade 4.3 -> 4.3.1
  • flex: fix build with autoconf 2.70
  • gcc-10.1: add fix for PR 96130
  • gcc: mitigate the Straight-line Speculation attack
  • gconf: use python3
  • glibc: Secruity fix for CVE-2020-6096
  • glibc: whitelist CVE-2010-10029
  • gnupg: upgrade 2.2.20 -> 2.2.21
  • gtk-immodules-cache.bbclass: fix post install scriptlet error
  • image.bbclass: improve wording when image size exceeds the specified limit
  • init-ifupdown: always make machine-specific
  • initscripts: Fix populate-volatile.sh bug when file/dir exists
  • initscripts: Fix various shellcheck warnings in populate-volatile.sh
  • init-system-helpers: upgrade 1.57 -> 1.58
  • insane: improve arch test messages
  • kernel-devsrc: fix on-target module build for v5.8+
  • kernel-yocto: account for extracted defconfig in elements check
  • kmod: add packageconfig for xz and ssl
  • libdnf: allow reproducible binary builds
  • libevdev:upgrade 1.9.0 -> 1.9.1
  • libevent: upgrade 2.1.11 -> 2.1.12
  • libgcrypt: upgrade 1.8.5 -> 1.8.6
  • libnsl2: upgrade 1.2.0 -> 1.3.0
  • lib/oe/reproducible: Fix error when no git HEAD
  • libuv: upgrade 1.38.0 -> 1.38.1
  • libva-initial: upgrade 2.7.1 -> 2.8.0
  • libva: upgrade 2.7.1 -> 2.8.0
  • libva-utils: upgrade 2.7.1 -> 2.8.0
  • linux-firmware: add ibt-20 package
  • linux-yocto/5.4: update to v5.4.51
  • linux-yocto-rt/5.4: fix mmdrop stress test issues
  • ltp: remove --with-power-management-testsuite from EXTRA_OECONF
  • mesa: enable freedreno Vulkan driver if freedreno is enabled
  • mpfr: upgrade 4.0.2 -> 4.1.0
  • mpg123: upgrade 1.26.1 -> 1.26.3
  • mtd-utils: upgrade 2.1.1 -> 2.1.2
  • musl: Update to latest tip
  • nasm: fix build with autoconf 2.70
  • net-tools: upgrade to latest revision in upstream repo instead of old debian snapshot
  • oeqa/qemurunner: Add priority/nice information for running processes
  • oeqa/utils/qemurunner: Fix missing pid file tracebacks
  • openssl: openssl-bin requires openssl-conf to run
  • perf: add PACKAGECONFIG for CoreSight support
  • perl: Avoid race continually rebuilding miniperl
  • pseudo: Update to add OFC fcntl lock updates
  • pulseaudio: improve the Thumb frame pointer fix
  • python3-cython: upgrade 0.29.20 -> 0.29.21
  • python3-git: upgrade 3.1.3 -> 3.1.7
  • python3-pycryptodome: upgrade 3.9.7 -> 3.9.8
  • python3-pycryptodomex: upgrade 3.9.7 -> 3.9.8
  • python3-setuptools: update to 49.2.0
  • python3: update to 3.8.5
  • qemu: fix CVE-2020-13362
  • qemu: fix CVE-2020-13659
  • qemu: fix CVE-2020-13791
  • qemu: fix CVE-2020-13800
  • qemu: fix for virtfs configuration error in qemu 5.0.0
  • Revert "python3: define a profile directory path"
  • rootfs-post: remove traling blanks from tasks
  • rpcsvc-proto: upgrade 1.4.1 -> 1.4.2
  • rpm: fix nativesdk's default var location
  • site: Make sys_siglist default to no
  • startup-notification: add time_t type mismatch patch from upstream
  • stress-ng: create a symlink for /usr/bin/stress
  • stress-ng: upgrade 0.11.14 -> 0.11.15
  • sudo: set with-rundir to /run/sudo
  • tune-cortexa55.inc: switch to using armv8.2a include file
  • webkitgtk: upgrade 2.28.2 -> 2.28.3
  • wic/bootimg-efi: Add support for IMAGE_BOOT_FILES
  • wic/filemap: Drop the unused block_is_unmapped()
  • wic/filemap: Drop the unused get_unmapped_ranges()
  • wic/filemap: Fall back to standard copy when no way to get the block map

Related posts