diff mbox series

[bug#76692] Update arm-trusted-firmware to 2.12.1

Message ID	87y0xn5enj.fsf@wireframe
State	New
Headers	Subject: [bug#76692] Update arm-trusted-firmware to 2.12.1 Resent-From: Vagrant Cascadian <vagrant@debian.org> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org> Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 02 Mar 2025 21:04:02 +0000 Resent-Message-ID: <handler.76692.B.174094941326071@debbugs.gnu.org> Resent-Sender: help-debbugs@gnu.org Cc: Efraim Flashner <efraim@flashner.co.il> From: Vagrant Cascadian <vagrant@debian.org> Date: Sun, 02 Mar 2025 13:03:12 -0800 Message-ID: <87y0xn5enj.fsf@wireframe> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: none client-ip=173.255.214.101; envelope-from=vagrant@debian.org; helo=cascadia.aikidev.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches
Series	[bug#76692] Update arm-trusted-firmware to 2.12.1 \| [bug#76692] Update arm-trusted-firmware to 2.12.1

Commit Message

Vagrant Cascadian March 2, 2025, 9:03 p.m. UTC

  The attached patch updates arm-trusted-firmware to 2.12.1, fixing a few
CVE issues.

All the various u-boot dependents still appear to build:

/gnu/store/641kcdl61xjsqn6001gmfqq8cx7j0pw3-u-boot-rock64-rk3328-2024.10
/gnu/store/2lh91is66sa964nk4860f47f7bp58mfk-u-boot-orangepi-r1-plus-lts-rk3328-2024.10
/gnu/store/f9vghparyywn7w9m3nxdlg8mpbwp1xgf-u-boot-firefly-rk3399-2024.10
/gnu/store/8cd32i44gxbkig4z359l1d527wkzsqra-u-boot-pinebook-pro-rk3399-2024.10
/gnu/store/j12i6bs7a4w1k7ssa4g2nfkmymv9pir4-u-boot-puma-rk3399-2024.10
/gnu/store/a7s96k9k62aa36l733vdazgq7dvdjzas-u-boot-rockpro64-rk3399-2024.10
/gnu/store/4mlmfxzy2kb6ilzm4k6hhr870i7m5f4y-u-boot-pinebook-2024.10
/gnu/store/6d0476i6zkj1nsn78jyfclqpw5b5sgv7-u-boot-pine64-lts-2024.10
/gnu/store/5csl9vwkn195qf37y4q8c8yq3x59mw11-u-boot-pine64-plus-2024.10

I have not done any boot testing.

live well,
  vagrant

Comments

Vagrant Cascadian March 4, 2025, 6:40 p.m. UTC | #1

On 2025-03-02, Vagrant Cascadian wrote:
> The attached patch updates arm-trusted-firmware to 2.12.1, fixing a few
> CVE issues.
>
> All the various u-boot dependents still appear to build:
>
> /gnu/store/641kcdl61xjsqn6001gmfqq8cx7j0pw3-u-boot-rock64-rk3328-2024.10
> /gnu/store/2lh91is66sa964nk4860f47f7bp58mfk-u-boot-orangepi-r1-plus-lts-rk3328-2024.10
> /gnu/store/f9vghparyywn7w9m3nxdlg8mpbwp1xgf-u-boot-firefly-rk3399-2024.10
> /gnu/store/8cd32i44gxbkig4z359l1d527wkzsqra-u-boot-pinebook-pro-rk3399-2024.10
> /gnu/store/j12i6bs7a4w1k7ssa4g2nfkmymv9pir4-u-boot-puma-rk3399-2024.10
> /gnu/store/a7s96k9k62aa36l733vdazgq7dvdjzas-u-boot-rockpro64-rk3399-2024.10
> /gnu/store/4mlmfxzy2kb6ilzm4k6hhr870i7m5f4y-u-boot-pinebook-2024.10
> /gnu/store/6d0476i6zkj1nsn78jyfclqpw5b5sgv7-u-boot-pine64-lts-2024.10
> /gnu/store/5csl9vwkn195qf37y4q8c8yq3x59mw11-u-boot-pine64-plus-2024.10
>
> I have not done any boot testing.

Finally got my rockpro64 up and running guix again, and boot-tested it,
so that is at least one platform!

live well,
  vagrant

Vagrant Cascadian March 9, 2025, 9:56 p.m. UTC | #2

On 2025-03-04, Vagrant Cascadian wrote:
> On 2025-03-02, Vagrant Cascadian wrote:
>> The attached patch updates arm-trusted-firmware to 2.12.1, fixing a few
>> CVE issues.
>>
>> All the various u-boot dependents still appear to build:
...
> Finally got my rockpro64 up and running guix again, and boot-tested it,
> so that is at least one platform!

Pushed as:

  3aed6ee07bd0d22cd6cf897eada7ea3b95f6adf5 gnu: arm-trusted-firmware: Update to 2.12.1.

live well,
  vagrant

diff mbox series

Patch

From 17912f437b041fb790e29e07c7bfc2f543f7bb2c Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@debian.org>
Date: Sun, 2 Mar 2025 11:55:42 -0800
Subject: [PATCH] gnu: arm-trusted-firmware: Update to 2.12.1.

* gnu/packages/firmware.scm (make-arm-trusted-firmware): Update to 2.12.1.
---
 gnu/packages/firmware.scm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/gnu/packages/firmware.scm b/gnu/packages/firmware.scm
index 2e78936d83..06c0664d31 100644
--- a/gnu/packages/firmware.scm
+++ b/gnu/packages/firmware.scm
@@ -1107,17 +1107,17 @@  (define (native-build?)
         (string=? (%current-system) (gnu-triplet->nix-system triplet))))
   (package
     (name (downstream-package-name "arm-trusted-firmware-" platform))
-    (version "2.12")
+    (version "2.12.1")
     (source
      (origin
        (method git-fetch)
        (uri (git-reference
               (url (string-append "https://git.trustedfirmware.org"
                                   "/TF-A/trusted-firmware-a.git/"))
-              (commit (string-append "v" version))))
+              (commit (string-append "lts-v" version))))
        (file-name (git-file-name "arm-trusted-firmware" version))
        (sha256
-        (base32 "18rzhygvq0afcylirq9yis3kaa1nli14k2jrm64ih85gz4nhl99w"))
+        (base32 "1vngwbjghgsh5i02zq66nmbxxr2d4p93rirsvh5jrhbcdn0v5xf8"))
        (patches (search-patches "8mq-enable-imx_hab_handler.patch"
                                 "8mq-move-stack-to-ocram_s.patch"))
        (modules '((guix build utils)))

base-commit: 6315f3ff4d3d0cf1bd89b92bdb9a139aee404ca2
-- 
2.39.5