Release notes for 5.3 (whinlatter)
New Features / Enhancements in 5.3
Linux kernel XXX, gcc 15, glibc XXX, LLVM XXX, and over XXX other recipe upgrades.
Minimum Python version required on the host: XXX.
BitBake changes:
codeparser
: Add function decorators forvardeps
Adds
bb.parse.vardeps
andbb.parse.excludevardeps
function decorators that can be used to explicitly add or exclude variables from a Python function parsed by BitBake.Move
vardepexclude
flag entries alongside functions for maintainability.Fetcher:
Check for
git-lfs
existence before using it.Add support for
.debs
files containing uncompressed data tarballs.az
: Add sanity check to check that AZ_SAS starts with?
to mark the start of the query parameters.git
: Add the tag to shallow clone tarball name.
knotty
: pass failed task logs through the log infrastructure (usebb.plain()
instead ofprint()
)Add support for automatically promoting class inherits to deferred inherits by listing them in the BB_DEFER_BBCLASSES variable.
“Built-in” fragments support is now added to the addfragments directive. This is the fourth parameter to this directive, and should be the name of the variable that contains definitions of built-in fragments. Refer to the documentation of addfragments to learn how to define new built-in fragments.
Listing these built-in fragments can be done with bitbake-config-build list-fragments, which could list:
Available built-in fragments: machine/... Sets MACHINE = ... distro/... Sets DISTRO = ...
In the above example, this means that the MACHINE of DISTRO can be overridden with:
OE_FRAGMENTS += "machine/qemuarm64 distro/poky-bleeding"
This would set MACHINE to
qemuarm64
and the DISTRO topoky-bleeding
.The
tag-
parameter in URLs can now be specified alongside therev=
parameter and SRCREV variable, and will ensure that the specified tag matches the specified revision.It is strongly encouraged to include the
tag=
parameter to the SRC_URI definition when possible.tinfoil
: add await_for
decorator to wrap a function that makes an asynchronous tinfoil call wait for event to say that the call has been successful, or an error has occurred.New
bb.utils.to_filemode()
helper function which is a helper to take a variable’s content containing a filemode and convert it to the proper Python representation of the number.cooker
: Use a shared counter for processing parser jobs. This allows the parser processes to run independently of needing to be feed by the parent process, and load balances them much better.cooker/process/utils
: Add a-P
(--profile
) option to BitBake to specify what to profile. Can be “main”, “idle” or “parsing”. Split the reports in separate files.
Toolchain changes:
The Clang/LLVM toolchain can now be used as part of the build.
The PREFERRED_TOOLCHAIN_TARGET, PREFERRED_TOOLCHAIN_NATIVE and PREFERRED_TOOLCHAIN_SDK variables can be used to customize the selected toolchain globally.
There are two supported toolchains: “gcc” and “clang”. See the documentation of PREFERRED_TOOLCHAIN_TARGET for more details.
The toolchain is also customizable on a per-recipe basis, using the TOOLCHAIN and TOOLCHAIN_NATIVE variables.
Multiple recipes were pinned to use the GCC/Binutils toolchain as they do not support being built with Clang/LLVM yet. In these recipes the TOOLCHAIN variable is set to “gcc”.
Global configuration changes:
bitbake.conf/pseudo
: Switch from exclusion list to inclusion list by swapping PSEUDO_IGNORE_PATHS for PSEUDO_INCLUDE_PATHS which should be easier and more explicit to maintain.bitbake.conf
: Droplz4
from HOSTTOOLS, as it is not required anymore, and thelz4-native
package is used instead.conf/fragments
: add a fragment for the CDN sstate-cache mirror.default-distrovars
: set an empty default for LICENSE_PATH.The default definition of UNPACKDIR is no longer
sources-unpack
butsources
.
New variables:
The
VIRTUAL-RUNTIME_dbus
variable, to allow changing the runtime implementation of D-Bus. See VIRTUAL-RUNTIME.The
VIRTUAL-RUNTIME_libsdl2
variable, to allow changing the runtime implementation of libsdl2. See VIRTUAL-RUNTIME.The SPDX_PACKAGE_URL variable can be used in recipes to set the output
software_packageUrl
field in their associated SPDX 3.0 output (default value: empty string).The KMETA_CONFIG_FEATURES variable can be used to control kernel-yocto configuration features. For now only
prefer-modules
is supported for this variable.The TESTSDK_SUITES variable can be used to control the list of tests run for the testsdk class.
The UBOOT_FIT_CONF_FIRMWARE can be used to specify a
firmware
entry in the configuration node of a FIT image.The SPDX_INCLUDE_COMPILED_SOURCES option allows the same as SPDX_INCLUDE_SOURCES but including only the sources used to compile the host tools and the target packages.
The UBOOT_VERSION variable holds the package version (PV) and revision (PR) which are part of the installed and deployed filenames. Users can now override UBOOT_VERSION to changes the output filenames.
Kernel-related changes:
linux/generate-cve-exclusions
: use data from CVEProject instead of the archived https://linuxkernelcves.com.kernel-yocto
: allow annotated options to be modified. For example if the following kernel configuration is set:CONFIG_INET_TUNNEL=y # OVERRIDE:$MODULE_OR_Y
And if the KMETA_CONFIG_FEATURES variable contains
prefer-modules
,CONFIG_INET_TUNNEL
will be set tom
instead ofy
.kernel-devsrc
: Replace the extraSystem.map
file with symbolic link.kernel-module-split
: Allow for external configuration files being assigned to the correct kernel module package.When built for the RISC-V architecture, ensure that the minimum required features set by TUNE_FEATURES are set using the features_check class.
linux-yocto
: when built for RISC-V, enable features in KERNEL_FEATURES based on features listed in TUNE_FEATURES.
New core recipes:
python3-pdm
,python3-pdm-backend
andpython3-pdm-build-locked
, which are dependencies ofpython3-webcolors
.python3-pdm
itself depends onpython3-pdm-build-locked
bindgen-cli
: a tool to generate Rust bindings.python3-colorama
: Cross-platform colored terminal text, needed bypytest
as a dependency.libglvnd
: imported from meta-oe which provides a vendor neutral approach to handling OpenGL / OpenGL ES / EGL / GLX libraries.python3-sphinx-argparse
: A sphinx extension that automatically documentsargparse
commands and options. It is part ofbuildtools-docs-tarball
for later use in the Yocto Project documentation.python3-sphinx-copybutton
: A sphinx extension that adds a copy button to code blocks in Sphinx. It is part ofbuildtools-docs-tarball
for later use in the Yocto Project documentation.LLVM/Clang related recipes:
clang
: LLVM based C/C++ compiler.compiler-rt
: LLVM based C/C++ compiler Runtime.libclc
: Implementation of the library requirements of the OpenCL C programming language.libcxx
: new implementation of the C++ standard library, targeting C++11 and abovellvm-tblgen-native
: LLVM TableGen binaries for the build host, often used to build LLVM projects.lldb
: LLDB debugger for LLVM projects.llvm-project-source
: canonical git mirror of the LLVM subversion repository.openmp
: LLVM OpenMP compiler Runtime.
kernel-signing-keys-native
: this recipe is used in the kernel-fit-image class to generate a pair of RSA public/private key. It replaces thedo_generate_rsa_keys
of the kernel-fit-image class.
New DISTRO_FEATURES:
glvnd
, which enables OpenGL Vendor Neutral Dispatch Library support when using recipes such asmesa
.
New core classes:
The new kernel-fit-image class replaces the previous
kernel-fitimage
class. It has been rewritten and improved to fix bug 12912. See the Removed Classes section of the Migration notes for 5.3 (whinlatter) for more details on how to switch to this new class.The new go-mod-update-modules class can be used to maintain Go recipes that use a
BPN-go-mods.inc
andBPN-licenses.inc
and update these files automatically.
Architecture-specific changes:
Rework the RISC-V TUNE_FEATURES to make them based of the RISC-V ISA (Instruction Set Architecture) implementation.
This implements the following base ISAs:
rv32i
,rv64i
rv32e
,rv64i
The following ABIs:
ilp32
,ilp32e
,ilp32f
,ilp32d
lp64
,lp64e
,lp64f
,lp64d
The following ISA extension are also implemented:
M: Integer Multiplication and Division Extension
A: Atomic Memory Extension
F: Single-Precision Floating-Point Extension
D: Double-Precision Floating-Point Extension
C: Compressed Extension
B: Bit Manipulation Extension (implies Zba, Zbb, Zbs)
V: Vector Operations Extension
Zicsr: Control and Status Register Access Extension
Zifencei: Instruction-Fetch Fence Extension
Zba: Address bit manipulation extension
Zbb: Basic bit manipulation extension
Zbc: Carry-less multiplication extension
Zbs: Single-bit manipulation extension
Zicbom: Cache-block management extension
The existing processors tunes are preserved:
riscv64
(rv64gc
)riscv32
(rv32gc
)riscv64nf
(rv64imac_zicsr_zifencei
)riscv32nf
(rv32imac_zicsr_zifencei
)riscv64nc
(rv64imafd_zicsr_zifencei
)
See meta/conf/machine/include/riscv/README for more information.
arch-mips.inc
: Use-EB
/-EL
for denoting Endianness.Enable
riscv32
as supported arch formusl
systems.Powerpc: Use
-maltivec
in compiler flags ifaltivec
is in TUNE_FEATURES.
QEMU /
runqemu
changes:Refactor qemu functions into library functions (in lib/oe/qemu.py).
Documentation changes:
Part of BitBake internals are now documented at https://docs.yoctoproject.org/bitbake/bitbake-user-manual/bitbake-user-manual-library-functions.html.
A new Limiting the Host Resources Usage guide was created to help users limit the host resources used by the OpenEmbedded Build System.
Core library changes:
Add license_finder.py, which was extracted from
recipetool
to be shared for multiple users. Improve its functionalities.
Go changes:
Rust changes:
rust-llvm
:Compile LLVM to use dynamic libraries. This reduces the size of
llvm-rust
to about a third.Disable the following feature through configuration (do_configure): libedit, benchmarks.
Wic Image Creator changes:
After a Python upgrade, WIC plugins containing dashes (
-
) for their filenames are no longer supported. One must convert the dashed to underscores (_
) and update users of the plugins accordingly.See the Wic plugins containing dashes should be renamed section of the Yocto Project 5.3 Migration Guide for more information.
wic
: do not ignore IMAGE_ROOTFS_SIZE if the Rootfs is modified.Several improvements in WIC selftests.
bootimg_efi.py
: fail build if no binaries are installed.Add new options to the
wic
ls
,cp
,rm
, andwrite
commands:--image-name
: name of the image to use the artifacts from.--vars
: directory with<image>.env
files that store BitBake variables. This directory is usually found in STAGING_DIR.
SDK-related changes:
Include additional information about Meson setting in the SDK environment setup script (host system, CPU family, etc.).
Testing-related changes:
bitbake/tests/fetch
: Add tests forgitsm
with git-lfs.bitbake/lib/bb/tests/fetch
: add a test case to ensure Git shallow fetch works for tag containing slashes.OEQA:
SDK:
Add a test to sanity check that the generated SDK manifest was parsed correctly and isn’t empty.
Add a test to verify the manifests are generated correctly.
Add helpers to check for and install packages.
Add check that meson has detected the target correctly.
Simplify test specification and discovery:
Introduce the
TESTSDK_CASE_DIRS
variable to specify test directory types, replacing the need to modify thedefault_cases
class member.Discover tests from configured layers using a common discovery pattern (
<LAYER_DIR>/lib/oeqa/<dirname>/cases
) where<dirname>
is specified inTESTSDK_CASE_DIRS
.The “buildtools” directories were renamed to follow the common discovery pattern (
<LAYER_DIR>/lib/oeqa/<dirname>/cases
) for consistency across all SDK configurations.
selftest/reproducible
: Limit memory used bydiffoscope
to avoid triggering OOM kills.Add tests for the devicetree class.
Tests for the kernel-fit-image class have been reworked and improved.
data.py
: addskipIfNotBuildArch
decorator, to skip tests if BUILD_ARCH is not in present in the specified tuple.selftest
: add new test for toolchain switching.utils/command
: add a fast-pathget_bb_var()
that usesbitbake-getvar
instead ofbitbake -e
when there is notpostconfig
argument passed.core/case
: add file exists assertion test case.context.py
: use TEST_SUITES if set.
testexport: capture all tests and data from all layers (instead of the OpenEmbedded-Core (OE-Core) layer only).
Utility script changes:
sstate-cache-management
: add a--dry-run
argumentyocto-check-layer
:Expect success for
test_patches_upstream_status
. This means that patch files must include anUpstream-Status
to pass with this script.yocto-check-layer class:
Refactor to be extended easily.
Add a
check_network_flag
test that checks that no tasks other than do_fetch can access the network.
send-error-report
:Respect URL scheme in server name if it exists.
Drop
--no-ssl
as the server URL specifies it withhttp://
orhttps://
.
buildstats.py
:Extend disk stats support for NVMe and flexible token count.
Add tracking of network I/O per interface.
buildstats-diff
: find last two Buildstats files if none are specified.pybootchartgui
: visualize/proc/net/dev
network stats in graphs.
Packaging changes:
Export
debugsources
in PKGDESTWORK as JSON. The source information used during packaging can be use from other tasks to have more detailed information on the files used during the compilation and improve SPDX accuracy.
LLVM related changes:
Like
gcc-source
, the LLVM project sources are part ofwork-shared
under TMPDIR. The project codebase is large and sharing it offers performance improvements.
SPDX-related changes:
spdx30
: Providesoftware_packageUrl
fieldspdx30_tasks
: Change recipe license to “declared” (instead of “concluded”)create-spdx-2.2
: support to override the version of a package in SPDX 2 through SPDX_PACKAGE_VERSION.
devtool
andrecipetool
changes:Use
lib/oe/license_finder
to extract the license from source code.Calculate source paths relative to UNPACKDIR.
Allow
recipe create
handlers to specify bitbake tasks to run.Go recipes are now generated with help of the new go-mod-update-modules class.
Add a new improve_kernel_cve_report.py script in
scripts/contrib
for post-processing of kernel CVE data.Handle workspaces for multiconfig.
Patchtest-related changes:
Security changes:
openssl
: add FIPS support. This can be enabled through thefips
PACKAGECONFIG.
cve-check changes:
New PACKAGECONFIG options for individual recipes:
ppp
:l2tp
,pptp
dropbear
:x11
(renamed fromenable-x11-forwarding
)gdb
:source-highlight
gstreamer1.0-plugins-bad
:analytics
mtd-utils
:ubihealthd-service
openssl
:fips
qemu
:sdl-image
,pixman
wget
:pcre2
mesa
:asahi
,amd
,svga
,teflon
,nouveau
Systemd related changes:
Enable getty generator by default by adding
serial-getty-generator
to PACKAGECONFIG.
sanity class changes:
insane: Move test for invalid PACKAGECONFIG to do_recipe_qa.
Add
unimplemented-ptest
detection for cargo-based tests, allowing to detect when a cargo package has available tests that could be enable with Ptest.Add a test for recipe naming/class mismatches.
Add a sanity test for “bad” gcc installs on Ubuntu 24.04. The host should install
libstdc++-14-dev
instead oflibgcc-14-dev
to avoid build issues when building native with Clang.
U-boot related changes:
uboot-sign: Add support for setting firmware property in FIT configuration with UBOOT_FIT_CONF_FIRMWARE.
uboot-sign: Add support for signing U-Boot FIT image without an SPL. The SPL_DTB_BINARY variable can be set to an empty string to indicate that no SPL is present.
When built for the RISC-V architecture, read the TUNE_FEATURES variable to automatically set U-boot configuration options (for example
CONFIG_RISCV_ISA_F
).
Miscellaneous changes:
dropbear
: Thedropbearkey.service
can now take extra arguments for key generation, through/etc/default/dropbear
.initscripts
: addlog_success_msg
/log_failure_msg
/log_warning_msg
functions for logging in initscripts.connman
:Mark
iptables
andnftables
feature of PACKAGECONFIG mutually incompatible.Set
dns-backend
automatically tosystemd-resolved
whensystemd-resolved
is part of DISTRO_FEATURES.
uninative
: show errors if installing fails.meson
: Allow user to override setup command options by exportingMESON_SETUP_OPTS
in a recipe.cmake: Enhance to emit a native toolchain CMake file. This is part of improvements allowing to use
clang
in an SDK.Fix the runtime version of several recipes (they now return the effective version instead of a default string like “Unknown”).
module: add
KBUILD_EXTRA_SYMBOLS
to the install command.rpm-sequoia
: add Ptest support.libunwind
: disable installation of tests directory with--disable-tests
, which can be installed with thelibunwind-ptest
package instead.boost
: addprocess
library to the list of built libraries.base-files
: addnsswitch-resolved.conf
, only installed ifsystemd
andsystemd-resolved
is part of DISTRO_FEATURES.nfs-utils
: don’t use signals to shut down the NFS server in the associated initscript, instead userpc.nfsd 0
.readline
: enable HOME, END, INSERT, and DELETE key bindings ininputrc
.Switch to a new sstate-cache CDN (http://sstate.yoctoproject.org).
sstate: Apply a proper umask when fetching from SSTATE_MIRRORS.
kernel-devsrc
: make package version consistent with kernel source (by inheriting kernelsrc).externalsrc: Always ask Git for location of
.git
directory (may be different from the default${S}/.git
).features_check: Add support for required TUNE_FEATURES.
openssh
: limit read access tosshd_config
file (set its filemode to0600
).
Known Issues in 5.3
Recipe License changes in 5.3
The following changes have been made to the LICENSE values set by recipes:
Recipe |
Previous value |
New value |
---|---|---|
|
Previous value |
New value |
Security Fixes in 5.3
The following CVEs have been fixed:
Recipe |
CVE IDs |
---|---|
|
CVE-xxx-xxxx, … |
Recipe Upgrades in 5.3
The following recipes have been upgraded:
Recipe |
Previous version |
New version |
---|---|---|
|
Previous version |
New version |
Contributors to 5.3
Thanks to the following people who contributed to this release: