The recipe was called -native but didn't inherit native.
(From OE-Core rev: f0d822fad2a163d1ee32ed3b4c0359245140e19b)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Also avoids maintaining a different set of patches for both.
(From OE-Core rev: b3b1c00cc46b33ddbf7e008267032220e1e298af)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Include the fix by Mark Adler which has also been adopted by Debian.
(From OE-Core rev: 4df4de2ac8bc0e80446e1ad0ce67eb244e2d2a32)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop the following patches since the issues have been fixed upstream:
0001-file01.sh-Fix-in-was-not-recognized.patch
0001-lapi-Define-TST_ABI-32-64-to-detect-target-type.patch
0001-syscalls-setrlimit03.c-read-proc-sys-fs-nr_open-for-.patch
0007-fix-__WORDSIZE-undeclared-when-building-with-musl.patch
0009-fix-redefinition-of-struct-msgbuf-error-building-wit.patch
0021-Define-_GNU_SOURCE-for-MREMAP_MAYMOVE-definition.patch
0023-ptrace-Use-int-instead-of-enum-__ptrace_request.patch
0024-rt_sigaction-rt_sigprocmark-Define-_GNU_SOURCE.patch
0026-crash01-Define-_GNU_SOURCE.patch
0028-rt_sigaction.h-Use-sighandler_t-instead-of-__sighand.patch
0034-periodic_output.patch
0039-commands-ar01-Fix-for-test-in-deterministic-mode.patch
define-sigrtmin-and-sigrtmax-for-musl.patch
setregid01-security-string-formatting.patch
Refresh the following patches:
0004-build-Add-option-to-select-libc-implementation.patch
0005-kernel-controllers-Link-with-libfts-explicitly-on-mu.patch
0008-Check-if-__GLIBC_PREREQ-is-defined-before-using-it.patch
0018-guard-mallocopt-with-__GLIBC__.patch
0020-getdents-define-getdents-getdents64-only-for-glibc.patch
0035-fix-test_proc_kill-hang.patch
0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch
0001-open_posix_testsuite-mmap24-2-Relax-condition-a-bit.patch
0001-shmctl01-don-t-use-hardcoded-index-0-for-SHM_STAT-te.patch
0001-diotest4-Let-kernel-pick-an-address-when-calling-mma.patch
0001-getrlimit03-adjust-a-bit-of-code-to-compatiable-with.patch
Add patch:
0006-rt_tgsigqueueinfo-disable-test-on-musl.patch
(From OE-Core rev: eb59546c83f4c217de6272a8d3b2fa65e3c84e7f)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
djb2 hash algorithm was found to do collisions, so the database was
sometime missing data. Remove this hash mechanism, clear and populate
elements from scratch in PRODUCTS table if the current year needs an
update.
(From OE-Core rev: 78de2cb39d74b030cd4ec811bf6f9a6daa003d19)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE_CHECK_WHITELIST does not contain version anymore, as it was not
used. This variable should be set per recipe.
(From OE-Core rev: 7069302a4ccbb5b72e1902f284cf078516fd7294)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The master branch's current tip commit as of this writing is [1], see the
squashfs-tool's repo at [0].
Because of commits [2]-[4] which are included in the master branch three
corresponding patches are dropped as they are not needed anymore. The single
remaining patch was rebased on top of [1] to apply cleanly.
Commits [5] & [6] introduced interesting features, namely zstd support and
reproducibility of created SquashFS images. They are reflected in two new
PACKAGECONFIG options now, but only the latter ("reproducible") is appended to
the default options as OE-core does not contain a recipe to build zstd at the
moment (a working zstd recipe can be found e.g. in meta-rauc, see [7]).
[0] https://github.com/plougher/squashfs-tools.git
[1] f95864afe883 ("unsquashfs-4: Add more sanity checks + fix CVE-2015-4645/6")
[2] 46bdc1726e5a ("mksquashfs: Make a load of functions static")
[3] b0ca8a5c98ff ("pseudo.c: add explicit <sys/stat.h> include")
[4] f95864afe883 ("unsquashfs-4: Add more sanity checks + fix CVE-2015-4645/6")
[5] 6113361316d5 ("squashfs-tools: Add zstd support")
[6] e0d74d07bb35 ("Add configuration and Mksquashfs build options for
reproducible builds")
[7] https://layers.openembedded.org/layerindex/recipe/79049/
(From OE-Core rev: 92f34fbe321040db3dc0431dd464747324058e2e)
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Differentiate it from openssl gem for Ruby.
(From OE-Core rev: 2ec481b19d6c9c20ce6573de77ae89e576d6b8cb)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-Upgrade from libpciaccess_0.14.bb to libpciaccess_0.16.bb.
-libpciaccess/0004-Don-t-include-sys-io.h-on-arm.patch
Removed since this is included in 0.16.
(From OE-Core rev: c2140b42c8516100c55c381d98e0f281b562d2db)
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-Upgrade from libice_1.0.9.bb to libice_1.0.10.bb.
-libice/CVE-2017-2626.patch
Removed since this is included in 1.0.10.
(From OE-Core rev: d3581b5d5562604ba31fc2b10873b3b0c9bf75fc)
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Introduce a new variable INIT_MANAGER and create 4 init-manager-*.inc
files to configure init manager settings. Available values of
INIT_MANAGER are sysvinit, systemd, mdev-busybox and a default of none.
'none' provides backwards compatibility.
The settings of various VIRTUAL-RUNTIME variables are moved into these
files from the packagegroups.
[YOCTO #13031]
[Modifications by RP for backwards compatibility]
(From OE-Core rev: 8d0b4704a526a48cd5e67df61b613424bbbdccde)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With recent changes to runqueue, this fuction is unsafe as setscene tasks can run
at the same time as normal ones and doing things before do_fetch no longer
offers any guarantees.
There is other code which cleans out things from the sysroots as tasks rerun so
we should rely upon that instead.
(From OE-Core rev: 27ce69861edb7e52078b59ebf8fefc9201e9a228)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ensure that the /etc/opkg directory exists before we try to create a
file there.
(From OE-Core rev: 30ff50223cd0b79fd3b8aa393ea1e621282773ac)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Instead of hiding problems in the debug log let's print them as warnings
instead.
(From OE-Core rev: 088f5d97001bd4b573f00cfca93b8d24e814fd64)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix the following warning by just deleting the files:
WARNING: opensbi-0.4-r0 do_package: QA Issue: opensbi: Files/directories were installed but not shipped in any package:
/lib
/lib/libsbiutils.a
/lib/libsbi.a
(From OE-Core rev: ecbf494b26db71076ad74902a75a3205c849d81e)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Error info:
getrlimit03.c:104: FAIL: __NR_prlimit64(0) had rlim_cur =
ffffffffffffffff but __NR_getrlimit(0) had rlim_cur = 7fffffff
According to kernel code: [arch/mips/include/uapi/asm/resource.h]
RLIM_INFINITY is set to 0x7fffffffUL instead of ULONG_MAX on mips32.
/*
* SuS says limits have to be unsigned.
* Which makes a ton more sense anyway,
* but we keep the old value on MIPS32,
* for compatibility:
*/
#ifndef __mips64
# define RLIM_INFINITY 0x7fffffffUL
#endif
Adding conditional statement about mips to fix this.
(From OE-Core rev: 6bb6de711631fb2d339c447c6f88c8e06c17b967)
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are many projects called Flex and they have CVEs, so also set the vendor
to remove these false positives.
(From OE-Core rev: 0598ccdcb31e16f1d1227197591b10ba441fcfe2)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some product names are too vague to be searched without also matching the
vendor, for example Flex could be the parser compiler we ship, or Adobe Flex, or
Apache Flex, or IBM Flex.
If entries in CVE_PRODUCT contain a colon then split it as vendor:product to improve the search.
Also don't use .format() to construct SQL as that can lead to security
issues. Instead, use ? placeholders and lets sqlite3 handle the escaping.
(From OE-Core rev: e6bf90009877d00243417898700d2320fd87b39c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Layers could be located outside from poky but inside the build directory.
This case should be covered in eSDK.
meta-abc
meta-def/meta-ghi
meta-def/poky
meta-def/meta-oe/meta-oe
...
It should take all enabled layers and put them into 'layers' dir during
build-time with respecting new relative path to poky.
layers/meta-abc
layers/meta-ghi
layers/poky
layers/meta-oe/meta-oe
...
(From OE-Core rev: 55ecf6988d3e3c0935cb6324a6ad2c75f1191a1d)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes build failure with core-image-minimal:
Exception: UnboundLocalError: local variable 'to_append' referenced before assignment
(From OE-Core rev: 270ac00cb43d0614dfe1c95f960c76e9e5fa20d4)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
While creating and deleting files with unicode or other
encodings works, it's annoying when ls and other core utils
show questionmarks instead of the unicode characters.
In 2019, it's quite common that users of embedded devices
based on yocto need unicode support. Debugging a box with
unicode encoded file names is a bit annoying when core utils
from busybox don't support them.
The unicode config fragment has the same config as Debian in their
deb and udeb builds of version 1:1.30.1-4.
If developers do not want this or other default yocto features in busybox,
or optimize the configuration for size, then they likely run a completely
custom configuration. Thus I think it's safe to enable unicode support
by default.
(From OE-Core rev: a48438422dbe64095bdb379c20428ba87e2a0e99)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
u-boot.bin with dtb & signature should be placed in ${B} so that
it can be deployed by u-boot as expected. Otherwise, the version
without signature is installed.
(From OE-Core rev: bfc8c964a9760a2c4a1d1902918908a1e7361c17)
Signed-off-by: Jun Nie <jun.nie@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
when INITRAMFS_IMAGE_BUNDLE and INITRAMFS_IMAGE are set, wic should
look for kernel with initramfs image bundled.
Include required variable MACHINE, INITRAMFS_IMAGE_BUNDLE,
INITRAMFS_IMAGE, INITRAMFS_LINK_NAME and KERNEL_IMAGETYPE in WICVARS.
No longer require default value for variable kernel as KERNEL_IMAGETYPE
is not optional variable and included in WICVARS.
image_types_wic to inherit kernel-artifact-names to obtain default
INITRAMFS_LINK_NAME when INITRAMFS_IMAGE_BUNDLE are set.
update wic.Wic2.test_image_env test case to filter optional
variable INITRAMFS_LINK_NAME, INITRAMFS_IMAGE and INITRAMFS_IMAGE_BUNDLE.
(From OE-Core rev: bac984fbb2d5ad5d13ba3275c8a3e878d8753c58)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some distributions for various reasons (like for example mounting a
tmpfs over /var at runtime) can't use /var/lib to store the opkg
metadata, so a different path is required to have a functioning
package manager.
${localstatedir} can't be modified to something other than the
hardcoded value in bitbake.conf because other recipes depending on it
will fail to install.
So the only recourse, which is also the least invasive, is to allow
distros to overwrite the OPKGLIBDIR variable just like they are also
allowed to overwrite OPKGBUILDCMD.
(From OE-Core rev: 81eae383c287ad2e74321345c5eba862d5704cc4)
Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
