Fixes build with GCC-15 which is defaulting to C23
For scarthgap also add it in BUILD_CFLAGS.
(From OE-Core rev: 874701c4fd96134e18f73eba4bd5c8b513ad251b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Upstream consider the behaviour described in this CVE as intentional,
and provide an option to stop it.
(From OE-Core rev: 0f2cd2bbaddba3b8c80d71db274bbcd941d0e60e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6c99147037ba8ca424ee42520183bd2bd55c7056)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
==========
* Fix operation of --no-absolute-filenames --make-directories
* Restore access and modification times of symlinks in copy-in
and copy-pass modes.
0001-configure-Include-needed-header-for-major-minor-macr.patch
revmoed since it's included in 2.15
(From OE-Core rev: c4fb7512a5b1c13234e3733cba1c4bf246c77861)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otherwise, PACKAGE_WRITE_DEPS would contain non-multilib variants
of dependencies even when building multilib items, resulting in
sysroots being populated with entirely wrong versions of them.
This hasn't been noticed until now through sheer (bad) luck, I think,
except in the cpio recipe, but the previous commit shows that the issues
did occur, quietly. Every other recipe in oe-core and meta-oe does not
prepend the multilib prefix.
(From OE-Core rev: 234965cb88ccfa9c3a357928f7155b119044e8fc)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unlike DEPENDS/RDEPENDS the PACKAGE_WRITE_DEPS dependency isn't automatically
extended with MLPREFIX, causing lib32-cpio to depend on 64bit ptest-runner (and
all its deps)
* append it only for class-target to avoid nativesdk-cpio depending
on target ptest-runner (before this patch) and depending on non-existent
nativesdk-ptest-runner with this patch (as nativesdk.bbclass sets MLPREFIX to
"nativesdk-")
stdio: WARNING: Nothing PROVIDES 'nativesdk-ptest-runner'. Close matches:
stdio: WARNING: Nothing RPROVIDES 'nativesdk-cpio' (but virtual:nativesdk:/home/pokybuild/yocto-worker/a-full/build/meta/recipes-extended/cpio/cpio_2.14.bb RDEPENDS on or otherwise requires it)
stdio: WARNING: Nothing RPROVIDES 'nativesdk-cpio-dev' (but virtual:nativesdk:/home/pokybuild/yocto-worker/a-full/build/meta/recipes-extended/cpio/cpio_2.14.bb RDEPENDS on or otherwise requires it)
(From OE-Core rev: c74697e194fe07cb4a2fee45142ae626996fd294)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Specifically this includes the commit "Fix appending to archives bigger
than 2G".
Drop all submitted patches.
Apply a patch from git to fix the build with clang.
[ YOCTO #11674 ]
(From OE-Core rev: 84619c2eb2574d808d52d1862ad3b5e099e4dbf7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Running these tests under root user on musl works ok but it emits
additional diagnostic
cpio: dir: Cannot change ownership to uid 0, gid 0: Not supported
Ideally its better to run this test suite under non-root user which
is often how these are run. Moreover, tests work on musl as well.
(From OE-Core rev: 22d19266269c28f596f031fcba8f2831c6465880)
(From OE-Core rev: 587e007d9febfe92fef434dea984d31642bb23a1)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Due to signedness, the checksum is not computed when filesize is bigger
a 2GB. Pick a fix for this problem from CPIO ML, where the fix has been
posted for 5 years. Since CPIO upstream is effectively unresponsive and
any and all attempts to communicate with the maintainer and get the fix
applied upstream failed, add the fix here instead.
(From OE-Core rev: bfff138af4bdd356ac66571e6ad91c1a5599b935)
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix following ptest failure:
/usr/lib64/cpio/ptest/run-ptest: line 7: cd: /usr/lib/cpio/ptest/tests/: No such file or directory
(From OE-Core rev: 1809329c336cb509349bd39f13cc78acd8efe0cd)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add ptest function for oss 'cpio'.
Tis test takes less than 1 second with kvm enabled, so it is a fast test.
autotest files would contain TMPDIR, they are removed from script files
atconfig and atlocal.
(From OE-Core rev: 9661e76aa1ea89b3dcc24a4d69fa7e6161873d7f)
Signed-off-by: yanxk <yanxk.fnst@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue applies to use of cpio in SUSE/OBS, doesn't apply to us.
(From OE-Core rev: 915b38c54a7932744a9f56713d1c6bd00a789331)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since commit [24b80d211f nativesdk.bbclass: set sbindir to bindir]
applied, sbindir = bindir in nativesdk, then routine `rmt' is
installed to bindir which break `rmdir ${D}${bindir}/' failed with
`Directory not empty'
Don't rmdir if sbindir != bindir
(From OE-Core rev: 6cf92e4d80e6dc85853392865a2ba6eca8bbfdb0)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It helps our stats tracking to use Backport consitently, it mreans the same
thing as Accepted in pretty much all cases.
(From OE-Core rev: 3e923d86012c981cb332083b87353fdbc0a2b83a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gcc 10 introduced "-fno-common" as default. Therefore backport the
according cpio patch to fix this issue.
(From OE-Core rev: ca6e5511b59b585de793ff6424c7c6ccfcd8e61e)
Signed-off-by: Richard Leitner <richard.leitner@skidata.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The rmt in cpio-native and tar-native is clashing, since
tar-native has set var-NATIVE_PACKAGE_PATH_SUFFIX, we move rmt
to sbindir, and add suffix NATIVE_PACKAGE_PATH_SUFFIX to sbindir
could avoid the clashing.
And in Ubuntu, rmt is in sbindir
$ which rmt
/usr/sbin/rmt
(From OE-Core rev: e9ac5ac2f4d135734f549d17cce3ebc52132b7d0)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes:
Error: Transaction check error:
file /usr/share/man/man8/rmt.8 conflicts between attempted installs of
cpio-doc-2.12-r0.core2_64 and tar-doc-1.31-r0.core2_64
Prior to commit 348a96a5b401 [tar: upgrade to 1.31] the copies of
rmt.8 found in the tar(-doc) and cpio(-doc) packages were the same and
thus no conflict was seen. After the upgrade there were small changes
in the manpage header which results in the conflict quoted above. The
applications themselves make use of the 'update-alternatives'
mechanism to allow a user to select which version of 'rmt' to use but
since the man pages are essentially the same we disambiguate the
source of the man pages and make them both available should both
cpio-doc and tar-doc are both installed. And as such we avoid the
conflict.
(From OE-Core rev: 692d5b1025450bf1c33fb6aa041603f082e2ba4d)
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The segfault on append was fixed upstream with a different patch, so apply that
instead.
(From OE-Core rev: 24000d1fdba2684202e15371f80bb385722c9d91)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The upstream fix for CVE-2016-2037 introduced a read from uninitialized memory
bug when appending to an existing archive, which is an operation we perform when
building an image.
(From OE-Core rev: 046e3e1fca925febf47b3fdd5d4e9ee2e1fad868)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These are recipes where the upstream has moved to GPLv3 and these old
versions are the last ones under the GPLv2 license.
There are several reasons for making this move. There is a different
quality of service with these recipes in that they don't get security
fixes and upstream no longer care about them, in fact they're actively
hostile against people using old versions. The recipes tend to need a
different kind of maintenance to work with changes in the wider ecosystem
and there needs to be isolation between changes made in the v3 versions
and those in the v2 versions.
There are probably better ways to handle a "non-GPLv3" system but right
now having these in OE-Core makes them look like a first class citizen
when I believe they have potential for a variety of undesireable issues.
Moving them into a separate layer makes their different needs clearer, it
also makes it clear how many of these there are. Some are probably not
needed (e.g. mc), I also wonder whether some are useful (e.g. gmp)
since most things that use them are GPLv3 only already. Someone could
now more clearly see how to streamline the list of recipes here.
I'm proposing we mmove to this separate layer for 2.3 with its future
maintinership and testing to be determined in 2.4 and beyond.
(From OE-Core rev: 19b7e950346fb1dde6505c45236eba6cd9b33b4b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the file is expected to exist, then we should always be using require
so that if it doesn't we get an error rather than some other more
obscure failure later on.
(From OE-Core rev: 603ae6eb487489e65da69c68e532cb767ccc1fc2)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The currnet patches in OE-core doesn't have the "CVE:"
tag, now part of the policy of the patches.
This is patch add this tag to several patches. There might
be patches that I miss; the tag can be added in the future.
(From OE-Core rev: 065ebeb3e15311d0d45385e15bf557b1c95b1669)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop backported patches:
Fix-symlink-bad-length-test-for-64-bit-architectures.patch
fix-memory-overrun.patch
fix-testcase-symlink-bad-lengths.patch
0001-fix-testcase-of-symlink-bad-length.patch
statdef.patch is fixing code that doesn't exist anymore.
The problem handled by remove-gets.patch has been fixed differently.
The CVE-2015-1197 has been ignored by upstream and had to be rebased:
http://lists.gnu.org/archive/html/bug-cpio/2015-09/msg00007.html
(From OE-Core rev: feeaa86eb8b1071d56eb6d7ad7120aa389c736a0)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Don't try to move binaries onto themselves if ${bindir} and
${base_bindir} are the same, as is the case on systems with a
merged /usr directory.
(From OE-Core rev: 29e4d21a7101428ac44e60411883952b041fcbc1)
Signed-off-by: Dominic Sacré <dominic.sacre@gmx.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix a variety of problems such as typos, bad punctuations, or incorrect
Upstream-Status values.
(From OE-Core rev: bd220fe6ce8c3a0805f13a14706d3130ea872604)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is same gnulib fix replicated across needed recipes
Change-Id: I756713407111a726eae98e26c9c1ff64981371c0
(From OE-Core rev: fbe6d2c12aa9f7956bc87efeb68cb64b26b60c7a)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The class itself currently does nothing. The idea is to mark all recipes that
make use of the texinfo utilities. In the future, this class could be used to
suppress the generation/formatting of documentation for performance,
explicitly track dependencies on these utilities, and eliminate Yocto's
current dependency on the host system's texinfo utilities.
(From OE-Core rev: e6fb2f9afe2ba6b676c46d1eb297ca9cc532d405)
Signed-off-by: Max Eliaser <max.eliaser@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
After the recent change of the libexecdir definition, the update-alternatives
for the libexec rmt broke. Fix this by moving rmt from libexec to /sbin. Also
split the rmt app from cpio as it's likely not useful to many users.
(From OE-Core rev: 487d58a98cd9fe4b368f0e7d119f8ff7ac852781)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
WARNING: For recipe cpio, the following files/directories were installed but not shipped in any package:
WARNING: /usr/bin
(From OE-Core rev: da88ac4b30a367641451167868bd8fc48010f646)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
grep-2.5.1a: update upstream status of patches
tar-1.17: update upstream-status of patches
at-3.1.12: update upstream-status for patches
cpio-2.8: update upstream-status for patches
(From OE-Core rev: fbc0fdbbb759b37d97de6f28daf04055531fbe0b)
Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
