Refactor get_cc_option so it is simpler and also does not fail
when using external toolchain.
(From OE-Core rev: d4564ee59df907d1e01a3610ac88a35f9a78c1ce)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The compiled .pyc files contain time stamp corresponding to the compile time.
This prevents binary reproducibility. This patch allows to achieve binary
reproducibility by overriding the build time stamp by the value
exported via SOURCE_DATE_EPOCH.
Patch by Bernhard M. Wiedemann, backported from https://github.com/python/cpython/pull/296
[YOCTO#11241]
(From OE-Core rev: 2a044f1e4f5c63e11e631b31f741c7aabfa6f601)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating the 4.10 SRCREVs to import the following changes:
65370fa249e2 drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()
530ec12a0cb0 ACPICA: Namespace: fix operand cache leak
b1098b5bbded char: lp: fix possible integer overflow in lp_setup()
56ee0c7811e5 dccp/tcp: do not inherit mc_list from parent
9f6cbd022bba nfsd: encoders mustn't use unitialized values in error cases
084036ebc243 nfsd: fix undefined behavior in nfsd4_layout_verify
973f780eeaa6 xen-blkback: don't leak stack data via response ring
20c4b5015fea brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
1dff0f28b490 ipx: call ipxitf_put() in ioctl error path
d666a8e60a45 mm: fix new crash in unmapped_area_topdown()
73d059ba1a17 mm: larger stack guard gap, between vmas
Which address the following CVEs:
CVE-2017-8890
CVE-2017-1000363
CVE-2017-11472
CVE-2017-7346
CVE-2017-1000380
CVE-2017-7541
CVE-2017-10911
(From OE-Core rev: 6cfd520ea050aa449f0ac7ee0b2c647d14d588ad)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There was a bug in the search routines responsible for locating
BSP definitions which returned a valid match if only the ktype
matched.
This meant that someone looking for "qemux86foo" (which is an
invalid definition) would potentially end up building "qemuarm"
and be none the wiser (until it didn't boot).
With this fix to the tools search routine, and improved return
code testing, we will now stop the build and report and error to
the user.
[YOCTO: #11878]
(From OE-Core rev: 44aea7b87307795fe4e089c51d45afccaa2f6525)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Not all the qemu machines carry default kernel specifications.
While we could drop these references, we'll bump them to 4.12
to pick up the latest and remove them in future commits.
(From OE-Core rev: c58df63d88a07d3275e7337f7d284b0a50db82cc)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The fall 2017 kernel will have 4.12 as the reference kernel, so
we update the libc-headers to match.
Build tested against glibc and muslc systems.
(From OE-Core rev: 4b5cce1c691e991c80d255a4900220068ff6f062)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We have 4.4 and 4.9 as LTS kernels, the 4.1 variants are no longer
needed and are dropped.
(From OE-Core rev: 1a25cea311cbebb2af0c1a0b964208281e6026de)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 4.12 kernel will be the default/reference for the fall 2017
release.
These recipes represent the introduction of 4.12.7 + related kernel
meta data. Existing functionality has been validated against this
new kernel version, and older versions will be removed in separate
commits.
(From OE-Core rev: 4e5044bcea68f3bac3596507f0828d3cbe869df1)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As requested by QA to enable testing of linux-yocto images out of the
box, we enable usb-net drivers for the various platforms in all kernel
versions.
(From OE-Core rev: 5322eef31c8b63ead49b2f13312d3356a016ff64)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
mmc: sdhci: fix two compile errors
| CC drivers/mmc/host/sdhci.o
| drivers/mmc/host/sdhci.c: In function 'sdhci_execute_tuning':
| drivers/mmc/host/sdhci.c:1990:4: error: implicit
| declaration of function 'sdhci_do_reset'
| [-Werror=implicit-function-declaration]
| sdhci_do_reset(host, SDHCI_RESET_CMD);
| ^
| drivers/mmc/host/sdhci.c:2006:7: error: 'struct
| mmc_command' has no member named 'busy_timeout'
| cmd.busy_timeout = 50;
| ^
In function sdhci_execute_tuning, replace sdhci_do_reset
with sdhci_reset, replace busy_timeout with cmd_timeout_ms.
Commit a629a90ba0 adds eMMC DDR mode support for t2080qds and
modified some data structures and function name. Later
commit a2080cc280 just backport upstream commit 61e53bd004
without aligning the current source tree thus cause
these build errors. Fix them.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
(From OE-Core rev: 538d2f0857f09ca86026d5771ea7c3fb74c0f857)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2017-9727: make bounds check in gx_ttfReader__Read more robust
CVE-2017-9835: bounds check the array allocations methods
CVE-2017-11714: prevent trying to reloc a freed object
(From OE-Core rev: 2eae91f9fa1cfdd3f0e6111956c8f193fd0db69f)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e.g. with gentoo gcc-7.1 they define _FORTIFY_SOURCE by default with:
https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/src/patchsets/gcc/7.1.0/gentoo/10_all_default-fortify-source.patch?view=markup
which results in following error while building grub-efi-native:
./config-util.h:1504:48: error: this use of "defined" may not be portable [-Werror=expansion-to-defined]
|| (defined _FORTIFY_SOURCE && 0 < _FORTIFY_SOURCE \
^~~~~~~~~~~~~~~
this part comes from gnulib and it's used only for Apple and BSD,
so we can ignore it, but we cannot add -Wno-error=expansion-to-defined
because this warning was introduced only in gcc-7 and older gcc
will fail with:
cc1: error: -Werror=expansion-to-defined: no option -Wexpansion-to-defined
use #pragma to work around this
(From OE-Core rev: f5302b0ad2942f7705d46c33949ebc1c5ddf3f58)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With glibc upgrade to 2.26 release (commit d6a0bc57fa07
"glibc: Upgrade to 2.26 final release") it's not possible
to build x86/x86_64 SDK for kernels lower than 3.2.0
(see glibc commit 139ace95756a "Require Linux kernel 3.2
or later on x86 / x86_64.")
Thus drop SDK_OLDEST_KERNEL overrides from machine-specific
conf files, so default version 3.2.0 from conf/bitbake.conf
will be picked up.
(From OE-Core rev: 0724896f7a2092abf2f3bafa9fac96c5210d39a5)
Signed-off-by: Ruslan Bilovol <rbilovol@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Fixes:
ERROR: nativesdk-libcheck-0.10.0-r0 do_package_qa: QA Issue: /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/checkmk contained in package nativesdk-libcheck requires /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/gawk, but no providers found in RDEPENDS_nativesdk-libcheck? [file-rdeps]
(From OE-Core rev: 71c29b53f1a44430306eeda96dc43cf7d002afe5)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add new patches for enable builds on hosts that has GCC version
minor than 5 because doesn't support std::array and std::put_time,
those patches could be removed after get rid of Debian8 and Centos7
support.
- gcc_4.x_Revert-avoid-changing-the-global-LC_TIME-for-Release.patch
- gcc_4.x_Revert-use-de-localed-std-put_time-instead-rolling-o.patch
- gcc_4.x_apt-pkg-contrib-strutl.cc-Include-array-header.patch
The LIC_FILES_CHKSUM changed because the license file now has
style changes in the text remains GPLv2+.
The patch Revert-always-run-dpkg-configure-a-at-the-end-of-our
was updated because now the precision fields use floating
point numbers.
(From OE-Core rev: da99ae14c3a5719b317ff71b8f778a7c987f6158)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Patches rebased due to don't apply, no major changes,
- 0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch
- arch_pm.patch
- noman.patch
Patches related to move ostable/triplettable insida data/ostable and
data/tupletable instead also needs to comply the new format of the
tables for arch detection.
- 0006-add-musleabi-to-known-target-tripets.patch
- add_armeb_triplet_entry.patch
And finally a patch to avoid usage --clamp-mtime in tar needs to be
modified because the dpkg-deb internal API changed.
- 0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch
(From OE-Core rev: dc1ae641435999095e8759812b096fec1f28c90d)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Updated update-gawk-paths.patch.
- Updated Makefile-ptest.patch
- Removed 0008-replace-struct-ucontext-with-ucontext_t.patch which is already in
the source.
- The LIC_FILES_CHKSUM is changed because the years have been updated,
the contents are the same.
(From OE-Core rev: 111e4a8642160c8441e447da32a4ef52995bbe99)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed the following 2 patches which are already in the source:
- 0001-e2fsck-exit-with-exit-status-0-if-no-errors-were-fix.patch
- e2fsprogs-1.43-sysmacros.patch
(From OE-Core rev: ce0efa2e38611428aff6d39d52ce29f8a6571813)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hard depending on the kernel makes it impossible to install kernel
modules without getting the kernel image installed too. This is
inconvenient in e.g. initramdisks, where the kernel is loaded from
outside the initramdisk.
Making the kernel modules rrecommend kernel-image-<version> instead of
rdepending on it, makes it possible to install kernel modules without
the kernel image by setting "kernel-image" in BAD_RECOMMENDATIONS.
(From OE-Core rev: 5dd7ddb66a6846d9bb59dc7833e8318992d0e645)
Signed-off-by: Martin Hundebøll <mnhu@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
dnsproxy: Fix crash on malformed DNS response
If the response query string is malformed, we might access memory
pass the end of "name" variable in parse_response().
[YOCTO #11959]
(From OE-Core rev: fb3e30e45eea2042fdb0b667cbc2c79ae3f5a1a9)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Don't hardcode the package name, it could be gdk-pixbuf or
lib32-gdk-pixbuf.
(From OE-Core rev: 92a299a550b5b9c68c0285fdeb3d4c9defa0dede)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The eSDK installation requires the meta-skeleton layer.
The build system might use the meta-skeleton recipes as layout
to create custom recipes. An example is the recipetool script
that uses the meta-skeleton kernel recipe when creating a custom
kernel recipe.
[YOCTO #11102]
(From OE-Core rev: 5c9ef0734d23909b5694ed43cdbb205c2ba9ca95)
Signed-off-by: Juan M Cruz Alcaraz <juan.m.cruz.alcaraz@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Our grub and syslinux bootloaders both define root=/dev/ram0 for live
images by default. Kernel docs show that root=/dev/ram0 is just a
sentinel value for the kernel to mount the initrd as root, which then
mounts and switches to the real root. This is exactly what our scripts
do, so just check for root=/dev/ram0 as well.
See: https://www.kernel.org/doc/html/v4.11/admin-guide/initrd.html#operation
This fixes the issue where the new initramfs-framework scripts would not
boot live images that use grub or syslinux bootloaders.
(From OE-Core rev: a30f8f60017d566d845ee5d3a8cfc338017211b0)
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip
the switch at the start of next development cycle.
Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is
not compatible with 1.1 should use that in its DEPENDS, as the 1.0
recipe will later be renamed back to openssl10. This does not always work:
http://lists.openembedded.org/pipermail/openembedded-core/2017-August/140957.html
but for many recipes it does.
(From OE-Core rev: 5585103c195104e85ed7ac1455bef91b2e88a04d)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The behavior before this change was to check USER_CLASSES and adjust
the install script to return either exit 0 (don't do anything) or
exit 1 (run on first boot). This enabled a user to include the prelink
package without enablign the image-prelink bbclass and get a first boot
prelink.
Checking USER_CLASSES is not desired, as an image should be able to simply
inherit the image-prelink and get the same type of behavior. Modifying
the recipe based on the inclusion of a class is a bad idea as it makes
this style work more difficult. So we move to a more defined strategy
based on exist uses. (That we know of...)
If we ae doing a cross install, we want to avoid prelinking.
Prelinking during a cross install should be handled by the image-prelink
bbclass. If the user desires this to run on the target at first boot
they will need to create a custom boot script.
[YOCTO #11169]
(From OE-Core rev: e31c9d32072b9cf62c0e9e55b4d421849d3d489b)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Replace the deprecated '-usbdevice' option with '-device usb-xx' option.
This would fix runqemu boot error like below.
'-usbdevice' is deprecated, please use '-device usb-...' instead
(From OE-Core rev: 2f1f3480d344f8521e01f456d2dcd6c4e989ec59)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport two patches to fix the following error when booting qemu.
Failed to unlock byte 100
(From OE-Core rev: 91eee8b08cd52f49bb1c8f8c680607b3f3a52d24)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value
(From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The release version was actually working correctly; it only makes
the warning work properly.
(From OE-Core rev: e7986a5493ccd222b82c2388ea8c3bb7004b48dd)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CURL_FORMAT_OFF_T does not seem to exist anymore, use
CURL_FORMAT_CURL_OFF_T instead. This works with old and new curl.
(From OE-Core rev: 5548f9c87c6a10cda2baf6f198762380e55f6ae2)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Optional installation of khrplatform.h was implemented upstream by a slightly
different approach -> 0001-mapi-Only-install-khrplatform.h-with-EGL-or-GLES.patch
can be removed.
(From OE-Core rev: 4473c9e846826bfb4f48cec9c6c7b1cad6666bb3)
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* without this package installed any WebKitGTK+ based browser
will fail to correctly open html files (and other files)
from disk (file:// URIs). It will open them as plain txt files.
(From OE-Core rev: b708cb53b46d9d82a7853bcd0f25ef6bc417bd10)
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
do_configure() will no longer convert references to
/usr/include into /path/to/recipes-sysroot/usr/include
for the file "Porting/Glossary".
[YOCTO #11243]
(From OE-Core rev: cb2dfe5627df2ff235b37622260484841f39af17)
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed all instances of -fdebug-prefix-map in LTCFLAGS
declaration because they contain references to host system
and are not needed.
/absolute/path/to/host/dd was replaced with 'dd' in
lt_truncate_bin declaration.
Please take note that the location of regex is important
for DEBUG_PREFIX_MAP. Removal of DEBUG_PREFIX_MAP has to be
done before other regex command modify its option value.
Both are modified because they affect binary reproducibility.
[YOCTO #11656]
(From OE-Core rev: 04db02138e363898e040e33557f1296e8a43c3fd)
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Disable build for muslx32.X32 isn't supported by valgrind at this
moment.
(From OE-Core rev: a945141062ac3d0736558be428f60af405b53a94)
Signed-off-by: sweeaun <swee.aun.khor@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In images built with pam in DISTRO_FEATURES, we end up with dangling symlinks
if su is not packaged into image
$ ls /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -l
lrwxrwxrwx 1 kraj users 2 Aug 9 07:56 /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -> su
This causes image do_rootfs to fail
| sed: can't read /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/s
u-l: No such file or directory
| WARNING: /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/temp/run.ssh_allow_empty_
password.19238:1 exit 2 from 'sed -i 's/nullok_secure/nullok/' /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi
/core-image-minimal/1.0-r0/rootfs/etc/pam.d/*'
Therefore we need to filter out dangling symlinks before sed'ing
things out
(From OE-Core rev: b92105e5a085c8cd3c650579644922ed97163e73)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport the patch to fix CVE-2017-8363:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (heap-based buffer
over-read and application crash) via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8363
(From OE-Core rev: 9cc9956c5ed09f9016cb23bd763652e5ab55f3cd)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
