This allows us to handle distros which contain glibc 2.28 such as
Ubuntu 18.10.
(From OE-Core rev: 5c7d9abcd611d23d4340f9a0aee2564f72158a0b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Weston needs to be configured to load the fbdev driver when run on a QEMU system.
Other MACHINEs may want to also provider their own configuration as well..
Adding a new RRECOMMEND configuration package will allow this, but avoid
installing empty packages/files in the majority case where it is not needed.
Add maintainer entry as well.
(From OE-Core rev: 0f43ea8510ae6148a49eb25accac407b6b301b43)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This ensures that we default to latest go recipes
1.9 is not supported anymore
(From OE-Core rev: d48c8148eae41e613448d78c26516538244cd9c9)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Create a new systemd-conf recipe to contain the specific system/machine
configuration items. This new package is now machine specific.
Without doing this trying to create a single system with multiple BSPs,
one of which was qemu based, would result in the systemd -and- everything that
dependend upon systemd to have their hash changed. The hash changing means
lots of rebuilds, but worse if it's a package based system each different
machine ends with a new PR value and a newly generated package.
(From OE-Core rev: d3395418758ed414eee3e95e13d2d8bc5dca88cc)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since openssh support oepnssl 1.1.x, there is no reason
to keep libressl.
(From OE-Core rev: 30121a78555574f49b321566fcab172417bdf3e3)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Nothing in oe-core is using yasm now that gstreamer-libav and ffmpeg are using
nasm, so remove it from oe-core.
(From OE-Core rev: b7f3f7ecfdf26129c5df2d3ee14e73c4633ea5a3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Without a libc the gcc-runtime provider of compilerlibs does not
compile. As such avoid the default dependence on the
virtual/${TARGET_PREFIX}compilerlibs provider.
(From OE-Core rev: 61eead0cdd1f44d8c850f8e4c7389ef444bcd591)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With GCCPIE being enabled by default with security_flags.inc the
compiler will by default attempt to compile and link programs as PIE.
The targets that use newlib and baremetal in general do not support PIE
or are otherwise unable to use it due to how embedded targets are
compiled and executed. As such it makes sense to disable PIE by default
for these libc's in order to prevent build failures.
For baremetal tclibc there are no libc features or implementation as
such there is no implementation for the strong stack protector by
default.
(From OE-Core rev: dfe434b793c156a87b5ead5cb85fe60d920d69d3)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The busybox-syslog rrecomends is proving tricky as it gets pulled in early and
there are conflicts between its use of update-alternatives and busybox needing
to provide those things.
We already have recipes using BAD_RRECOMMENDS to remove this dependency, it probably
makes sense to spell it out explicitly and allow it to be overridden more easily.
This patch does this, dropping the now unneeded BAD_RRECOMMENDS. It preserves
the dependency as a recommendation for now, further cleanup may allow simplication
of that.
This unbreaks certain build failures on the autobuilder, more as a workaround but
is a change we probably want to make anyway.
(From OE-Core rev: 544ade2d78f1375d9e93d6bf5842d857ddaf3530)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Asus EEEPc hardware is well obsolete, upstream repo is now gone.
(From OE-Core rev: 2ac9d94a4d9b88d56ac6af1dd4d7f3d383439a12)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previously this was done with the generic autotools support, but CMake doesn't
have a standard option so set it explicitly.
(From OE-Core rev: 47bd456c1be169fc86788edf0173847b9b0d255b)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
I believe the time has come to do this: openssl 1.0 upstream support stops at the end
of 2019, and we do not want a situation where a supported YP release contains an
unsupported version of a critical security component.
Openssl 1.0 can still be utilized by depending on 'openssl10' recipe.
(From OE-Core rev: 876466145f2da93757ba3f92177d0f959f5fe975)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are var-SECURITY_PIE_CFLAGS, var-lcl_maybe_fortify and
var-SECURITY_STRINGFORMAT which are helpful for OVERRIDES.
Also add var-SECURITY_STACK_PROTECTOR, and drop hardcoded `_remove'
overrides. Such as `4ca946c security_flags: use -fstack-protector-strong',
it s/-fstack-protector-all/-fstack-protector-strong/, only tweak
var-SECURITY_STACK_PROTECTOR is sufficient.
The fix does not have any side affect on SECURITY_CFLAGS of glibc/
glibc-initial/gcc-runtime, these three directly assigned with "".
...
SECURITY_CFLAGS_pn-glibc = ""
SECURITY_CFLAGS_pn-glibc-initial = ""
SECURITY_CFLAGS_pn-gcc-runtime = ""
...
(From OE-Core rev: 0ed4a6233bdcb25cbdce698504611541420d92d0)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Since poky enable security flags+pie by default, tweak comments
to sync with it.
[poky commit]
491082c poky.conf: Enable security flags+pie by default
29d76b3 poky-lsb: Remove including security_flags.inc
[poky commit]
- Use `?=' to set a default lcl_maybe_fortify, it is helpful for
variable OVERRIDES.
(From OE-Core rev: 38c410bb7d1688cd952da9f19269c2a65a92ab45)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating to the 4.18 headers to match the newest kernel that will
be part of the release.
4.18 brings a requirement on bison-native to the libc-headers, since
it is required as part of the configuration steps.
We also tweak the license md5sum, since the kernel now includes SPDX
headers in the license file and that changes our sum.
(From OE-Core rev: c36a5e21b711cd577a2186a5267d46bb4323acc1)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Import from meta-oe layer
- This is useful for many packages where CR-LF
needs to be adjusted, many recipes depend on it
e.g. meta-multimedia libebml and so on.
- Add myself as maintainer for now
(From OE-Core rev: d8c075d9ac8792726be162da02f2325cbb3aeaaa)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Original approach to add -no-<pie> flags cause link time behavior changes
where packages start to lose the -fPIC -DPIC in compiler cmdline and this
list keeps growing as we build more and more packages,
Instead lets just remove the options we dont need from SECURITY_CFLAGS
this makes it more robust and less intrusive
This also means we do not need to re-add pic options as we started to do
for affected packages
(From OE-Core rev: 1520f5a345fd03d46f33f0efaf76191e96344bec)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes issues related out of range R_PPC_REL24
e.g.
/usr/lib/xorg/modules/input/libinput_drv.so: /usr/lib/libinput.so.10: R_PPC_REL24 relocation at 0x0e8602c4 for symbol `libevdev_has_event_code' out of range
(From OE-Core rev: 48c8d13a9bdcacb64a330074588f7c6bb5cae90d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
PCMCIA is pretty rare these days, so now that the recipe is in meta-oe we can
remove it from oe-core.
(From OE-Core rev: 0f8dcb9c717201c4b1edf4fa55880b432bfb7723)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
virtual/crypt for musl will come from libc itself
(From OE-Core rev: e0ed7d74e61294a986f72a531b23f7e67922de29)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This was packaged originally to perform QA tests on binaries (text relocations
and RPATHs), but we perform those tests at build-time now.
(From OE-Core rev: d1c56454b2d374f96c810f684a15dbefebead067)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The last user of this was the sato theme, removed in 2016.
(From OE-Core rev: 6df1f6cf05e21dad1646803a411e52ff85e33435)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Nothing in oe-core or meta-oe links to this now, so the recipe can finally be
removed.
(From OE-Core rev: be9d9b7d6f5917b63660fe5561078851d4a42a9c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This project is dead (upstream website doesn't respond anymore) and can mostly
be replaced with the uuid.h in util-linux.
(From OE-Core rev: e187e3da4b72bc667c8badfb5f2de01717d5ea09)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This version adds nativesdk-libnss-nis to resolve glibc symbol issues
We need this to avoid symbol mismatch issues for binaries that use this
on newer systems which then won't run on older ones where it isn't present.
(From OE-Core rev: 98c7ab9cf32765d604c35dc69bc7bd90e94fc8f3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As of nfs-utils 2.2.1 libnfsidmap has been integrated and isn't an external
requirement anymore.
Also consolidate nfs-utils patches into a single directory.
(From OE-Core rev: 98e8146553c912e869c174674c53e96d8ff01e57)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These tests are very old and there are better benchmarking systems available
now.
(From OE-Core rev: 516c1d5c2b2875ac103d4b5e8e482f852477dc8f)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cleanup the recipes which had been removed from oe-core.
(From OE-Core rev: 2dfbff215f3567252fdfbd5704e6740a30ad41b4)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Perf is superior in most ways and is preferred.
(From OE-Core rev: bcdaa93dc70411da8876364ae67d0bf2456a3611)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Both busybox and coreutils provide mktemp, and the only difference between those
(and standalone mktemp) is that coreutils supports --suffix.
Also mktemp.org has disappeared, so it's fair to assume that the standalone
mktemp (last released in 2010) is dead.
(From OE-Core rev: 59a825ca1e08a7e47fcbc807606103d463280e6c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We were shipping the Debian fork of the original code, but that has disappeared
now that Alioth is down. The driver didn't provide anything better than the
kernel and xserver's modesetting driver, so remove it.
(From OE-Core rev: 0e0b5e8abff3b0c30676bcfb76c60388ad2cfafe)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
