The entry is same as for python-numpy and prevents build failures
when extra security flags are in use (e.g. in poky-lsb).
(From OE-Core rev: 4a95989848df62b34e3115c7e81d4f005de74119)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch avoids unzip fails to compile with compiler flags which elevate common string formatting issues into an error (-Wformat -Wformat-security -Werror=format-security).
[YOCTO #9551]
(From OE-Core rev: 2dd1c02fbc7492002df9030f50710e242369e8b2)
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is only one version of python 2.x provided, so no need
to set a preferred version.
PYTHON_BASEVERSION is now set explicitly in python-dir.bbclass and
python3-dir.bbclass, so fix up a few recipes that relied on it being
set in default-versions.inc without inheriting python-dir.
(From OE-Core rev: e0c75841078bf65905c1c9aa2946241b2474a7e2)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove this file as it has been deprecated in the previous release.
New entries should be added to recipes itself.
(From OE-Core rev: a3075bf29f0fa80489e3dd2ade65cc3a3b3d0332)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since we have a new version of glibc, upgrade to a new version of
the uninative tarball to ensure we work on recent distributions.
(From OE-Core rev: 15476fae90efe7765159b342916e536a2f6e8fc1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This avoids makedevs failure to compile with compiler flags
which elevate common string formatting issues into an error
(-Wformat -Wformat-security -Werror=format-security).
[YOCTO #9549]
(From OE-Core rev: f6b0dd13ac90bb431bb51e0cbf1681a4d9fbea14)
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch avoids zip recipe fails to compile with compiler
flags which elevate common string formatting issues into an
error (-Wformat -Wformat-security -Werror=format-security).
[YOCTO #9552]
(From OE-Core rev: f63a36360b7e138d2a63c84b5b1a8287ffe3d2ae)
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch avoids stat fails to compile with compiler flags which
elevate common string formatting issues into an error (-Wformat
-Wformat-security -Werror=format-security).
[YOCTO #9550]
(From OE-Core rev: f03c1f41933e9997a01a8b1dcdf9fb18579de1d1)
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Now we have patches that solves the security formatting issues into
those packages.
(From OE-Core rev: 901cfa5a217f78464f8b81a990039fe60810650f)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add "-Wformat -Wformat-security -Werror=format-security" to the default
SECURITY_CFLAGS to catch potential security vulnerabilities due to the
misuse of various string formatting functions.
These flags are widely used in distributions such as Fedora and Ubuntu,
however we have 15 recipes in OE-Core which fail to build with these
flags included and thus the flags are removed for:
- busybox
- console-tools
- cmake
- expect
- gcc
- gettext
- kexec-tools
- leafpad
- libuser
- ltp
- makedevs
- oh-puzzles
- stat
- unzip
- zip
[YOCTO #9488]
(From OE-Core rev: f335f8e744fb312b3eb599c331d08a9a6e5a8ff8)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Although the oe-core openssl recipe is currently the only provider of
openssl, make the preference for using it explicit in anticipation of
a libressl recipe being added to meta-oe.
(From OE-Core rev: 34be80665f1edf96ccaa8f0c612464f0704ec564)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Get rid of the very confusing PREFERRED_PROVIDER_bluez4 using the
new/better PREFERRED_RPROVIDER syntax.
[YOCTO #5044]
(From OE-Core rev: e5c43dc7f1e17f360b5dc762045ccf7895d18843)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The libassuan recipe is now buildable in distros which blacklist
GPL-3.0 without needing to be explicitly whitelisted (since it
provides at least one non GPLv3 package).
(From OE-Core rev: 259b0f163922ce12e24dd6670cf28d987b37b676)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
base.bbclass sets 'check_license' to False (and therefore skips
license checking completely) for native, nativesdk, etc recipes
(ie anything which could potentially be classed as "host tools"),
so supporting a dedicated whitelist of GPLv3 host tools is not
necessary.
(From OE-Core rev: 8fc8b60005e7641861324c8541fb45058e7aab8e)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With the modern license handling code, gnutls and libtasn1 are both
buildable in distros which blacklist GPL-3.0 without needing to be
explicitly whitelisted (since they both provide at least one non
GPLv3 package).
(From OE-Core rev: 0a42e49bdcbc2f1f63b9d3fda9d4bc0f87a8eb01)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are various concerns about md5 so use sha256 instead.
(From OE-Core rev: a88603cb2ffd4f995e16349a389902eb884252e5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remake and make can't be installed at the same time as they're both installing
a header file with the same name.
(From OE-Core rev: e8747ff4c2b5830c5fa76f4c6b872da4a7d6a586)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These 14 packages are failing aross all architectures
on musl targets.
(From OE-Core rev: e93f5f7c15cd46a38f2e6b1b1d96cd81880f030a)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When musl is in use, GLib binaries crash on assertion failures under qemu
(From OE-Core rev: f69b36c2c8b77e6d991dce8fdc63887f32526d31)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python-pygtk hasn't been updated in several years, is incompatible
with the current version of pygobject, and is generally obsolete as
all modern python gtk apps use introspection directly.
(From OE-Core rev: 14f62d1663b7a9082b8026cd5d22eea66ad75174)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
RPM interally has support to build and work with the stack protector.
This is disabled by default in the RPM package, and the proper settings
should be specified in the security_flags. Using the default setting of
stack-protector-strong causes linking problems due to issues with libtool
selecting the wrong GCC objections to link against.
Falling back to the RPM values of stack-protector will permit linking to
work properly, and some level of protection.
(From OE-Core rev: 98b5f1ef188965f0116ebbe00be746dceb96936e)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
uninative has some specific setup requirements. Rather than have everyone
doing this themselves, do this centrally and allow people to opt into it
based on some Yocto Project builds of the uninative tarballs.
(From OE-Core rev: 34cf2f6be0c9b7c222d770b6af8f59addaf407b6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
udev has started to fail on new kernels (4.4), due to being deprecated in favor
of systemd's udev implementation. To maintain a sysvinit alternative we also
need to provide an alternative to udev. Eudev is a fork of systemds udev,
this new eudev recipe provides upstream udev 220 funcitonality.
- Removes patches that dont apply anymore
- ToDo: eudev-ptest?
[YOCTO #8998]
(From OE-Core rev: a22797f7c37a865420837b5c29b270f73ee4c6ce)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The extensible SDK replaces adt-installer so this can be removed now,
all future effort in this direction will be placed onto that.
This includes a layer version change so the autobuilder knows when to
stop building adt-installer.
[YOCTO #6404]
(From OE-Core rev: c413164c03bdce38f41e63ad2a27dc6108521b9a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop kconfig and options-group support
Forward port cross-localedef support
Assume ssp support in libc when building gcc-initial
(From OE-Core rev: 9c3d461c4d54d684b38ec4c038a1c3c2fb9923f0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
waf.bbclass disables no-static-libs for all waf recipes, so we don't need to
have it explicitly disabled here now.
(From OE-Core rev: 6eb64cdd5296c42a46f3485bca403814eec55b2c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We need to disable static flags for libcap-native as well.
(From OE-Core rev: b1fa25a238d118f433759102b13896094394ceeb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
cmake doesn't have a standard for disabling static libraries so libical needs an
explicit statement.
(From OE-Core rev: 1a14bc0cc7f1a56833cca7baf12ed5a979854a7b)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libtool decides to
filter out -fstack-protector-strong on its own and its documented here
https://www.gnu.org/software/libtool/manual/html_node/Stripped-link-flags.html
this causes linking errors when linking libbfd.so since objects (.o) are
compiled using -fstack-protector-strong so they are expecting to link
with libssp but the option goes missing in linker flags.
With this patch the security flags are hoisted upto CC itself and
libtool thankfully does not touch CC.
Adding to CC also means that we can now remove it from LDFLAGS since
when gcc driver is used to do linking then we have LD = CC and this
option makes to linker cmdline
Since CC is used without CFLAGS in configure tests, some tests fail
complaining that -Olevel is not used while using _FORTIFY_SOURCE
therefore added SELECTED_OPTIMIZATION to TARGET_CC_ARCH as well
(From OE-Core rev: 9349f28531619a4ff15c382dacc460d61e3ec7af)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Static libraries are old technology. We've left them around since in
previous tests, they only added around 5% to the overall build time.
With new and interesting uses of OE, they're becoming more problematic.
For example, sstate becomes much larger with static libs enabled which
increases the size of eSDK and increases the time taken for sstate
operations. Since the static libs contain all the debugging symbols,
they're also pretty huge.
This patch adds a common include file which allows the user or distro
to disable the static libraries in the majority of cases.
There are some libs where we do need the static lib, a good example
being pseudo-native which uses sqlite3-native static libs. These are
left enabled by the include file, as are recipes where --disable-static
doesn't work, or isn't supported. This list can likely be reduced over
time as individual corner cases are addressed.
Maintaining this list in a common location is more desireable than
everyone doing it themselves. Poky will switch to using this, OE-Core
will need to discuss that as its default.
(From OE-Core rev: 773c9e18071d71454473dd81aff911104a2e9bc6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It causes a catch-22 situation where we build libssp in gcc-runtime but also
pass -fstack-protector flags which require libssp
(From OE-Core rev: 61ef8212cc6880f502f1e05e2683d232ea782ae4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As otherwise the security flags can leak into target builds. This can result in
flags that the host compiler doesn't support, causing build failures.
(From OE-Core rev: ff2c8af73046f55aa733ce8289b6236c88300290)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sysroots/x86_64-linux/usr/libexec/x86_64-poky-linux/gcc/x86_64-poky-linux/5.3.0/ld:
syslinux.o: relocation R_X86_64_32 against `.rodata.str1.1' can not be used
when making a shared object; recompile with -fPIC
(From OE-Core rev: b87a9c82663446fa8c002e144de57127e8902b54)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This recipe is very old, unmaintained, not used at all in OE-Core, and not
useful in a world that has moved to GTK+ 3 (even if Sato is slow at catching
up).
(From OE-Core rev: d9ecac4828cb316230c3681670e7bf6d197e3a30)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python hard-codes the encoding of many locales; for instance, en_US is
always assumed to be ISO-8859-1, regardless of the actual encoding of
the en_US locale on the system. cf
https://hg.python.org/cpython/file/7841e9b614eb/Lib/locale.py#l1049,
getdefaultlocale(), etc. This code appears to date back to python 2.0.
The source of this hard-coding is Xorg's locale.alias but is ultimately
justified by glibc's SUPPORTED.
This causes problems on OE, because any locale lacking an explicit
encoding suffix (e.g. en_US) is UTF-8. It has been this way from the
beginning (svn r1). That is not a bug, per se -- no specification
prohibits this AFAIK. But it seems to be at odds with virtually every
other glibc-based distribution in existence. To avoid needlessly
aggravating hidden bugs that nobody else might hit, it makes sense to
disable this behavior such that locales are named precisely as specified
by SUPPORTED.
I suppose that reasonable minds may disagree on whether or not the
current behavior is prudent; at the very least, this is likely to break
IMAGE_LINGUAS settings. So let's create a new distro variable
LOCALE_UTF8_IS_DEFAULT to allow either behavior. Set it to 0 and all
your locales get named exactly like they are in SUPPORTED. Leave it at 1
to preserve current OE locale naming conventions.
(From OE-Core rev: fcde0c43f7b57ec6f8201226ad98e6e46708d288)
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The curl configure script contains sanity checks for unexpected
options being passed via CFLAGS, LDFLAGS, etc. environment variables.
These sanity checks catch -Dxxx options in CFLAGS, which clashes with
OE's approach of using CFLAGS to pass -D_FORTIFY_SOURCE (curl's
configure script suggests, quite correctly, that -Dxxx options should
be passed via CPPFLAGS instead).
These sanity checks previously generated fatal errors, but have been
downgraded to warnings since curl v7.32. Therefore the workaround of
avoiding -D_FORTIFY_SOURCE for curl is obsolete and can be removed.
5d3cbde72e
(From OE-Core rev: d0dfd7bf9b2d6fb269f4d9b62263fd7ccc805fde)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Similar to the libc-for-gcc preferred provider, we also need a libc-initial
version. Layers such as meta-mingw need the ability to override these
values in order to generate an SDK that works on non Linux environments.
(From OE-Core rev: ea4b19ad2e4d259c41c9e09ecb70bc8043509a4f)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The PPC inferior patch was dropped since an equivalent fix was merged
upstream.
(From OE-Core rev: 564c56207edd9a7dcef3ea966580e11a1548115c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Together with the move to meta-oe, all references to x11vnc should be
removed from oe-core. There are three of these: a distro alias, a
packagegroup rdepends and a runtime test.
(From OE-Core rev: cfd1e4bcd66a9a542007115647cadb8480330fab)
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
