Updating the 3.10 meta SRCREV to include the valleyisland IO .scc and
configuration files.
(From OE-Core rev: 5adccadee00ac4408d3b3d4e6a0b7ee7c84cba97)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Importing the following two meta data changes for EFI configuration:
284e9589436a meta: efi.cfg/efi-ext.cfg: add EFIVAR_FS to default efi fragment
0a8c4971e2d9 meta: update efi config fragment to include EFI_STUB by default
(From OE-Core rev: ec6ff275ba44ec183c00910f47e5b8916e58ab14)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating the meta SRCREV with the latest configuration updates.
(From OE-Core rev: 8e98af96a4b2b725724cd97276168c03e95aa99d)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Importing the following configuration changes to support the latest intel
common BSPs:
6e0e756d5137 intel-common: Remove GMA500 support
226c3b7a2b82 intel-core*: Add baytrail soc support
25df7acf2cc4 baytrail: Add feature/soc/baytrail
8715856ab617 meta: input: add CONFIG_INPUT dependency
(From OE-Core rev: 88d2bb9c5959a9b1e744bb517c26a322cd537023)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When RM_OLD_IMAGE = "1", we delete old images but we didn't check they
actually exist...
[YOCTO #6029]
(From OE-Core rev: 8910d3cc94899ab4d509e681b438ae96218fa777)
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The package_write task was previously removed. Remove a remaining superfluous
reference to it.
(From OE-Core rev: 76bbf9e8f07f3e6f20c890dd4c82c72641e2ca88)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Now populate_sdk_base has the appropriate flags, we can drop these from the individual
classes.
(From OE-Core rev: 388bfe2dc168d31ba3c5c85684f3c96d2ae13800)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
nativesdk packages were created only for the first backend listed in
PACKAGE_CLASSES. Hence, if one had it set to "package_rpm package_ipk"
and did a 'bitbake -c populate_sdk core-image-something', the nativesdk
packages were created only for rpm.
This is particularily bad for adt-installer which is based on opkg
repos.
Credits go to richard.purdie@linuxfoundation.org who suggested me this
fix.
[YOCTO #5900]
(From OE-Core rev: 85c3238ee713bc27e99a2e393e3bf8438ed4d91f)
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit adds a new _cleanup() internal method that will be called at
the end of rootfs creation, so that each backend can delete various
files that were probably generated during rootfs postprocess execution,
etc.
[YOCTO #6049]
(From OE-Core rev: 6151d69875f3f4f097b6e2fdef2a0f3ab391e2fd)
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Do not delete the __db.00* files in the PackageManager class. Leave this
operation up to the client classes. One side effect of this deletion was
the following message appearing in the output of the next rpm command
executed:
rpmdb: BDB1540 configured environment flags incompatible with existing
environment
We might also gain some time here by not deleting/creating those files
very often.
[YOCTO #6049]
(From OE-Core rev: 12e300f0af2a27c15d80298d3fbb27b092c35154)
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE description:
Integer signedness error in the archive_write_zip_data function in
archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running
on 64-bit machines, allows context-dependent attackers to cause a denial of
service (crash) via unspecified vectors, which triggers an improper conversion
between unsigned and signed types, leading to a buffer overflow.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0211
(From OE-Core rev: 355a8086637b859a469e1f2dc717b4ccec00b970)
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Jeff Polk <jeff.polk@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lib/autotest/general.m4: added "--am-fmt | -A" command line parameter
for testsuite script to enable "RESULT: testname" output format; to be
used by yocto ptest packages directly or with autoconf TESTSUITEFLAGS.
(From OE-Core rev: 9d288e5afd6696cc519574470c7d47ca55403d27)
Signed-off-by: Radu Patriu <radu.patriu@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ocf-linux only provides header file and no kernel module is built. We
can't use ocf-linux without its implementation. And linux-yocto uses an
alternative project cryptodev-linux, so we remove ocf-linux and use
cryptodev-linux instead.
(From OE-Core rev: 45f1659f49edbceed0b75c0319880151161fdc8e)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ocf-linux only provides header files but no implementation in kernel.
And Yocto kernel linux-yocto use cryptodev-linux to implement
/dev/crypto interface. So replace dependency ocf-linux with
cryptodev-linux for openssl.
(From OE-Core rev: b36b15cddbe52e6770b96e06af2959cea0e2436f)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yocto kernel linux-yocto uses cryptodev-linux to use device /dev/crypto.
So add cryptodev-linux which is one alternative of ocf-linux and then
remove ocf-linux later.
(From OE-Core rev: 6b6c24eccdb0030ecccadefe94c1c5b4387e46d1)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The old implementation was wrong. It was not very generic and it checked
IMAGE_FEATURES while building the recipe, which led to various issues
with the generation of the final script. That is, the run-postinsts
script was generated once, while building the package for the first
time. Hence, any other changes to IMAGE_FEATURES, like removing/adding
'package-management' did not reflect in the final script.
This commit makes run-postinsts script autodetect the backend used for
creating the image, making it generic.
[YOCTO #5666]
[YOCTO #5972]
(From OE-Core rev: 44902f7550e490a9d4d2e2bcdf8c577329b4af75)
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Build Appliance includes a more recent version
of poky, up to commit:
ae938eba92.
Adds bitbake fixes/optimizations;
(From OE-Core rev: f41f1b263438e19e2209876798bbcbbcee646f34)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix the warning:
WARNING: QA Issue: gummiboot: Files/directories were installed but not shipped
/usr/lib
/usr/lib/gummiboot
/usr/lib/gummiboot/gummibootx64.efi
This is because it uses "/usr/lib" in gummibootlibdir, use ${libdir} to
fix it.
(From OE-Core rev: ee587332f2ac9d88d4a300732645b0e2f793ce5f)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The gummiboot depends on gnu-efi which had set:
COMPATIBLE_HOST = "(x86_64.*|i.86.*)-linux"
We also need set this for gummiboot, otherwise there would be build
failures for other non-x86 archs.
(From OE-Core rev: f1b23a32d0c823577cec532e3646c2f78e81ccda)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Its LIBDIR in Makefile is:
LIBDIR = $(PREFIX)/lib
This is incorrect for 64 bit bsp, thus will cause build failures on gummiboot:
ld: cannot open linker script file /path/to/usr/lib64/elf_x86_64_efi.lds: No such file or directory
[YOCTO #6053]
(From OE-Core rev: a18e4bef5f284c5b940007e60c7be28128a94c44)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The test failed when more than 1 error or 1 warning is present.
Also pasting the bitbake output when the test fails.
(From OE-Core rev: abc691026592b406e69f8bf9e4fffe2e6a17fffc)
Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LSB lsb_log_message calls a begin()
function that should be implemented
in /etc/init.d/functions.
The aforementioned script does not
implement the begin() function, as
such there is a small issue related to logging.
This fix implements a local version of
the function, while cleaning up the
troublesome previous implementation.
Fix [YOCTO #5795]
(From OE-Core rev: 365ab9118b6c68aedb2e79129202b385329a8abb)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Replace 'rootfs' with '/dev/root' in read_only_rootfs_hook function
to match the latest change in fstab file from the base-files recipe.
The related commit is as follows.
commit e8bc7a136a
base-files: use /dev/root in /etc/fstab for systemd support
(From OE-Core rev: 31b5aeb5a0b82842e1dd8545bf5d43778d8c218b)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
References to "perl-native" were slipping into the target packages. These
changes ensure those references are cleaned up and that tools using perl
are packaged in the correct perltools package. The same issues affected
the nativesdk-git output so are also applied there.
[YOCTO #5918]
(From OE-Core rev: fd4a6b0cd275931e552cd23233c178e9ec54bdbb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There were two ConfigParsed event handlers in base.bbclass, this merges
them together for small efficiency wins.
(From OE-Core rev: ff919ed132b543f70e9635be7a31f799aafcf8d6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bitbake will now trigger sanity events when it needs the checks to run in all cases
so we can drop the ConfigParsed hook. We now control whether events are generated
or errors are raised from the event itself.
(From OE-Core rev: 97108a5647f9278280c923ef69d2b0b945a26eef)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Its possible for classes listed in INHERIT directives to use things like
the oe.utils functions. If that happens the user sees a traceback since
the modules don't become available until the ConfigParsed event.
This change to use immediate expansion means that the oe modules become available
much sooner and can be used in the core classes, including within base.bbclass.
(From OE-Core rev: a9ecad713f37f2703e99c6b856207abeb6c5ad1f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The native sysroot should not be used as a store for the lists files since
multiple images running at once would conflict over this. Instead redirect
this to WORKDIR. This means some extra directories need to be created.
Also create apt.conf.d to silence some warnings.
(From OE-Core rev: dc4abfc8f99c08e0c1ac9d098ce17838d0eda028)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
a) There were missing parameters to the release and package commands (".")
b) The commands need to be executed as one block since they build upon each other
(From OE-Core rev: a3965b76ed4361455c89c982761263be03e1a8e5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Processing directories twice is both pointless and introduces a race condition.
When building the list, ensure duplicates (like "all" and "noarch") are handled
correctly.
(From OE-Core rev: 4c487543422ae471a01a573bab44e3f6a6d2497a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* The mmc-utils are useful userspace utilities for configuring and
working with MMC devices. These are particularly useful when
working with eMMC devices to do the initial programming of the
device.
(From OE-Core rev: 6ce4010951a291aec72a3e4997cd7c523a22ac87)
Signed-off-by: Chase Maupin <Chase.Maupin@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If we run "bitbake -S base-files" today, and re-run it tomorrow with
nothing changed, we would see that the do_install.sigdata changes
because of:
do_intall -> do_install_basefilesissue -> DISTRO_VERSION -> DATE
We had set:
IMAGE_NAME[vardepsexclude] += "DATETIME"
in meta/conf/bitbake.conf, we can set a similar line in
base-files_3.0.14.bb to fix the problem.
[YOCTO #6032]
(From OE-Core rev: cd06824bda76a9d08a3318e0621e31c0e8c39f74)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The problem is that do_configure.sigdata depends on STAMPS_DIR because:
do_configure -> STAMPCLEAN -> STAMPS_DIR
this will make the sigdata generated by "STAMPS_DIR=/tmp/stps bitbake -S
recipe" doesn't match the ones in our build dir, but it should. We can
add STAMPS_DIR or STAMPCLEAN to BB_HASHBASE_WHITELIST to fix the
problem, but we can't add STAMPS_DIR since once it is in
BB_HASHBASE_WHITELIST, the "STAMPS_DIR=/tmp/stps bitbake -S recipe"
would not run again.
[YOCTO $6031]
(From OE-Core rev: faf3e74d5c488a66fdabd485eb916f555d7353fd)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The qsort_r() was added to glibc in version 2.8, so there is no qsort_r() on
the host like CentOS 5.x, use qsort() to fix it since they are nearly
identical.
(From OE-Core rev: cda5310e32ce05bc54602d4c18ee2d28a53be57f)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The Linux kernel requires that initrd images contain a /init file for
the image to be used as an initrd, even if it is empty. Adding it into
the rootfs directory creates a race, that can upset tar when building
both a .tar and .cpio image file ("tar: .: file changed as we read it").
Additionally, whether or not the tar file will contain the /init file is
also up to the race condition.
To avoid this problem, move the /init addition out from the rootfs
directory, and thus only include it in the .cpio image.
(From OE-Core rev: 706055503f493a5af73240c0983c46dbe31d8fe9)
Signed-off-by: Jonas Eriksson <jonas.eriksson@enea.com>
Signed-off-by: Josep Puigdemont <josep.puigdemont@enea.com>
Cc: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions
with certain patterns that introduce a side channel, which allows physically
proximate attackers to extract RSA keys via a chosen-ciphertext attack and
acoustic cryptanalysis during decryption. NOTE: applications are not typically
expected to protect themselves from acoustic side-channel attacks, since this
is arguably the responsibility of the physical device. Accordingly, issues of
this type would not normally receive a CVE identifier. However, for this
issue, the developer has specified a security policy in which GnuPG should
offer side-channel resistance, and developer-specified security-policy
violations are within the scope of CVE.
(From OE-Core rev: 46b80c80b0e008820b34f4360054e1697df2650d)
Signed-off-by: Yong Zhang <yong.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits
cleared (no usage permitted) as if it has all bits set (all usage permitted),
which might allow remote attackers to bypass intended cryptographic protection
mechanisms by leveraging the subkey.
(From OE-Core rev: 259aebc9dbcaeb1587aaaab849942f55fa321724)
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2
obtains a certain version number from an incorrect data structure, which
allows remote attackers to cause a denial of service (daemon crash) via
crafted traffic from a TLS 1.2 client.
(From OE-Core rev: 3e0ac7357a962e3ef6595d21ec4843b078a764dd)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x
through 1.0.1e does not properly maintain data structures for digest and
encryption contexts, which might allow man-in-the-middle attackers to
trigger the use of a different context by interfering with packet delivery,
related to ssl/d1_both.c and ssl/t1_enc.c.
(From OE-Core rev: 94352e694cd828aa84abd846149712535f48ab0f)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before
1.0.1f allows remote TLS servers to cause a denial of service (NULL
pointer dereference and application crash) via a crafted Next Protocol
Negotiation record in a TLS handshake.
(From OE-Core rev: 35ccce7002188c8270d2fead35f9763b22776877)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We add the PN to the buildstats event data in order to
proper select database task when multiple similar tasks
are executed for the same recipe file.
(From OE-Core rev: 43d717df16312a8f0333aff6b8b037b4b9d51bf3)
Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since yasm has been moved to OE-core, there is no reason for not enabling
yasm by default anymore. It improves performance of gstreamer1.0-libav
considerably.
(From OE-Core rev: ec734f0cccba2659334498235851c93ce8abef2b)
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
