RDK-56341 : Migrate glib-2.0 to 2.74.6 version and glib-networking to 2.74.0 version#348
RDK-56341 : Migrate glib-2.0 to 2.74.6 version and glib-networking to 2.74.0 version#348KTirumalaSrihari wants to merge 6 commits intodevelopfrom
Conversation
… 2.74.0 version Signed-off-by: skondu363 <Srihariraghava_konduritirumala@comcast.com>
There was a problem hiding this comment.
Pull request overview
Updates the Yocto/OpenEmbedded recipes to move the platform to glib 2.74.6 and glib-networking 2.74.0 to address the CVEs called out in the PR description.
Changes:
- Add new
glib-2.02.74.6 recipe/inc (plus supporting patches and meson cross files). - Add new
glib-networking2.74.0 recipe (plus ptest runner script and a ptest-stability patch). - Restructure existing
*.bbappendfiles so version-specific patches/RPROVIDES are applied appropriately across 2.72.x vs 2.7x.
Reviewed changes
Copilot reviewed 28 out of 28 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| recipes-core/glib-networking/glib-networking_2.72.%.bbappend | Reduces 2.72.x-specific append to only carry the PKCS#12 patch. |
| recipes-core/glib-networking/glib-networking_2.7%.bbappend | New 2.7x append reintroducing the patch set + glib-openssl provides/rprovides. |
| recipes-core/glib-networking-2.74/glib-networking_2.74.0.bb | New glib-networking 2.74.0 recipe with meson/ptest integration. |
| recipes-core/glib-networking-2.74/glib-networking/run-ptest | Adds ptest runner for glib-networking 2.74.0. |
| recipes-core/glib-networking-2.74/glib-networking/eagain.patch | Adds a retry-on-EAGAIN test tweak for ptest stability. |
| recipes-core/glib-2.0_2.74.6/glib_2.74.6.inc | New shared include for glib 2.74.6 build/package/ptest behavior. |
| recipes-core/glib-2.0_2.74.6/glib-2.0_2.74.6.bb | New glib 2.74.6 recipe pulling tarball + OE patches and cross-file auto-discovery. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/run-ptest | Adds ptest runner for glib 2.74.6. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/relocate-modules.patch | Patch to relocate GIO module dir for native builds. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/meson.cross.d/common | Adds shared meson cross properties. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/meson.cross.d/common-glibc | Adds glibc-specific meson cross properties. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/meson.cross.d/common-linux | Adds linux-specific meson cross properties/binary env. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/meson.cross.d/common-mingw | Adds mingw-specific meson cross properties. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/meson.cross.d/common-musl | Adds musl-specific meson cross properties. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/cpp-null.patch | Backport: define NULL as nullptr in C++11+. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/cpp-null2.patch | Backport: ensure NULL is casted to pointer type where needed. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0010-Do-not-hardcode-python-path-into-various-tools.patch | OE-specific patch to avoid hardcoded python path. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-meson-Run-atomics-test-on-clang-as-well.patch | Patch to expand atomics test logic for clang. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch | OE-specific test disablement for cross builds. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-gio-tests-g-file-info-don-t-assume-million-in-one-ev.patch | Backport to stabilize time-based gio tests. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-gio-tests-meson.build-do-not-use-can_run_host_binari.patch | Patch to avoid meson can_run_host_binaries issues in cross builds. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-Set-host_machine-correctly-when-building-with-mingw3.patch | OE-specific mingw host_system handling. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-Remove-the-warning-about-deprecated-paths-in-schemas.patch | OE-specific patch to silence deprecated schema path warnings. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-Install-gio-querymodules-as-libexec_PROGRAM.patch | Patch to install gio-querymodules under libexec. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-Fix-DATADIRNAME-on-uclibc-Linux.patch | Patch for DATADIRNAME handling on musl/uclibc. |
| recipes-core/glib-2.0_2.74.6/glib-2.0-2.74.6/0001-Do-not-write-bindir-into-pkg-config-files.patch | Patch to avoid target bindir paths in pkg-config variables. |
| recipes-core/glib-2.0/glib-2.0_2.72%.bbappend | New 2.72.x-specific append for patches and libelf runtime dependency. |
| recipes-core/glib-2.0/glib-2.0_2.7%.bbappend | Narrows 2.7x append to only the RDKTV DNS-resolution patch. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
RDKOSS-797 : Add idlemetrics header support in 5.16 linux-libc heade…
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 28 out of 28 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| FILESEXTRAPATHS:prepend := "${THISDIR}/glib-2.0:" | ||
|
|
||
| SRC_URI += " \ | ||
| file://0001-glib-gmessages-UTC_glib2_72.patch \ |
There was a problem hiding this comment.
The 0001-glib-gmessages-UTC_glib2_72.patch is missing for 2.74.6 version, Is that expected ?
This patch is being applied for 2.74.6 version in RDKV stable2 build.
There was a problem hiding this comment.
Verified with an element stable2 build and confirmed that the patch is required. Hence adding the patch back into the bbappend. Tried tracking down the purpose why the developer Sadaf removed the patch back then but added the patch since it is required, thank you.
|
|
||
| PROVIDES += "glib-openssl" | ||
| RPROVIDES:${PN} += "glib-openssl" | ||
| SRC_URI += " file://0001-Add-support-for-PKCS-12-encrypted-files.patch" |
There was a problem hiding this comment.
don't we need the "0001-Add-support-for-PKCS-12-encrypted-files.patch" ?
There was a problem hiding this comment.
compared the patches being applied in stable2 Element build and a vendor build. This patch is not being applied in stable2 Element build.
Glib-networking stable2 element build -
file://eagain.patch/
file://relax_read_error_handling.patch/
file://force_tls1_2.patch/
file://0001-xre-14265-request-client-cert-support.patch/
file://handle_zero_return_as_closed_connection.patch/
glib-networking vendor build check-
file://eagain.patch
file://relax_read_error_handling.patch
file://force_tls1_2.patch
file://0001-XRE-14265-request-client-cert-support.patch
file://handle_ZERO_RETURN_as_closed_connection.patch
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 29 out of 29 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Reason for change: Upgrade glib-2.0 and glib-networking version to mitigate CVE-2023-29499 and CVE-2023-32636 vulnerabilities
Test Procedure: Build and verify if the component is building in required version and dependencies are building fine
Risks:None