do_configure() will no longer convert references to
/usr/include into /path/to/recipes-sysroot/usr/include
for the file "Porting/Glossary".
[YOCTO #11243]
(From OE-Core rev: cb2dfe5627df2ff235b37622260484841f39af17)
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed all instances of -fdebug-prefix-map in LTCFLAGS
declaration because they contain references to host system
and are not needed.
/absolute/path/to/host/dd was replaced with 'dd' in
lt_truncate_bin declaration.
Please take note that the location of regex is important
for DEBUG_PREFIX_MAP. Removal of DEBUG_PREFIX_MAP has to be
done before other regex command modify its option value.
Both are modified because they affect binary reproducibility.
[YOCTO #11656]
(From OE-Core rev: 04db02138e363898e040e33557f1296e8a43c3fd)
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Disable build for muslx32.X32 isn't supported by valgrind at this
moment.
(From OE-Core rev: a945141062ac3d0736558be428f60af405b53a94)
Signed-off-by: sweeaun <swee.aun.khor@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In images built with pam in DISTRO_FEATURES, we end up with dangling symlinks
if su is not packaged into image
$ ls /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -l
lrwxrwxrwx 1 kraj users 2 Aug 9 07:56 /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -> su
This causes image do_rootfs to fail
| sed: can't read /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/s
u-l: No such file or directory
| WARNING: /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/temp/run.ssh_allow_empty_
password.19238:1 exit 2 from 'sed -i 's/nullok_secure/nullok/' /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi
/core-image-minimal/1.0-r0/rootfs/etc/pam.d/*'
Therefore we need to filter out dangling symlinks before sed'ing
things out
(From OE-Core rev: b92105e5a085c8cd3c650579644922ed97163e73)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport the patch to fix CVE-2017-8363:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (heap-based buffer
over-read and application crash) via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8363
(From OE-Core rev: 9cc9956c5ed09f9016cb23bd763652e5ab55f3cd)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport the patch to fix CVE-2017-8362:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (invalid read and
application crash) via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8362
(From OE-Core rev: 0c8da3f6f85962196f2ad54fffd839239f5c2274)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport the patch to fix two CVEs:
CVE-2017-8361:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted audio file.
CVE-2017-8365:
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote
attackers to cause a denial of service (buffer over-read and application
crash) via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8361https://nvd.nist.gov/vuln/detail/CVE-2017-8365
(From OE-Core rev: d92877ade8fd4dd9b548c6b664bf4357a1f9428a)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport 3 patches to fix CVE-2017-10971:
In the X.Org X server before 2017-06-19, a user authenticated to an X
Session could crash or execute code in the context of the X Server by
exploiting a stack overflow in the endianness conversion of X Events.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-10971
(From OE-Core rev: 20428f660f2c046c63bbf63c4e4af95dac9f2b3d)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
testdata and testdata_link may point to the same file, in particular
when IMAGE_LINK_NAME and IMAGE_NAME are equal.
Check if this is the case before creating a symlink that points to
itself and makes the next build fail.
(From OE-Core rev: b516394f9e7858062aa7b042aa4a1bdef9d3a941)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When IMAGE_NAME and IMAGE_LINK_NAME are equal, do_write_qemuboot_conf will
create a symlink that links to itself.
Check if this is the case before creating the link.
(From OE-Core rev: f46652e77f467861dc68c3a8e54f27d08659222d)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When buildsystem with layer structure is going to be copied, only the last
meta-XXX layer is taken.
For example, during ext_sdk bblayers creating:
layers/oe/meta \
layers/oe/meta-oe \
layers/oe/meta-networking \
layers/oe/meta-webserver \
...
It restructured meta-oe, meta-networking,... contents into meta-oe.
Recipes from meta-oe will be on the same level like meta-networking,
meta-webserver, ... .
It should take the whole meta path instead of the last one.
layers/oe/meta \
layers/oe/meta-oe/meta-oe \
layers/oe/meta-oe/meta-networking \
layers/oe/meta-oe/meta-webserver \
...
Now the directory structure is the same like during build creation.
(From OE-Core rev: 5a59a6997f41e606d088e3e86812de56f72f543b)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Besides providing the NATIVELSBSTRING, include distro info when creating
the (json) error report. This information provides better info than the
standard 'universal*' string for uninative builds.
[YOCTO #11824]
(From OE-Core rev: fdfbfc954a3e0ad79dc2bed9828f9f5dc40d506f)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit d58b1d196 moved from chunk to serial signing, but neither of both approaches
allowed the user to select the chunks size. This patch allows the user to select
a chunk size through RPM_GPG_SIGN_CHUNK defaulting to BB_NUMBER_THREADS, considered
a good default. Indirectly, this change reduces the number of processes spawn
to number-of-packages/RPM_GPG_SIGN_CHUNK.
(From OE-Core rev: f7f78e73f1cd15f4233a231364b14438af758628)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We always forget to upgrade it when systemd is upgraded, keeping it
next to systemd will be an easy reminder to upgrade this recipe along
with systemd
Define EFI_CC, so far it has been using detection mechanism which
worked with gcc but falls back to native gcc when using non-gcc compiler
as default system compiler e.g. clang
(From OE-Core rev: e70f843b4fb5ee27d46543165a89d56c2ec5ee2e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
...
|ERROR: lib32-logrotate-3.12.3-r0 do_package: SYSTEMD_SERVICE_lib32-logrotate
value lib32-logrotate.service does not exist
|ERROR: lib32-logrotate-3.12.3-r0 do_package: Function failed:
systemd_populate_packages
...
The systemd sercie file should not be multilib expend.
(From OE-Core rev: e599c3d75a0e57a798ca360eb55d8661de355ec5)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
While multilib, the local m4/python.m4 incorrectly assigned
am_cv_python_pyexecdir and am_cv_python_pythondir which caused
the following error enabled:
...
ERROR: gpgme-1.9.0-r0 do_package: QA Issue: gpgme: Files/directories
were installed but not shipped in any package:
/usr/lib/python3.5/site-packages/gpg-1.9.0-py3.5.egg-info
...
(From OE-Core rev: f5c7e236582028638a26a5855d5e7ba0b55bb8f0)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This file lists the licenses that the OE-Core meta data falls under
but should not be used as a LIC_FILES_CHKSUM, use the MIT license file.
(From OE-Core rev: e12fa3ac08962accb6585e2aa1c486e7852d174d)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libc headers now have a backported patch that fixes this.
(From OE-Core rev: 5dc1700ec6ff15aefb8ca540e5b7d3e89a14945b)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In commit 255caaad:
[ packagefeed-stability.bbclass: change a bb.plain to bb.note ]
I changed a bb.plain to bb.note to get a cleaner console, but there is
still one more bb.plain left which I forgot to change.
(From OE-Core rev: ccb96849e010883cb1cb4d384f017d05eb6bbcee)
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Uprev from 3.19.3 to 3.2.0 for fixing CVE-2017-10989:
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3,
as used in GDAL and other products, mishandles undersized RTree blobs
in a crafted database, leading to a heap-based buffer over-read or
possibly unspecified other impact.
https://nvd.nist.gov/vuln/detail/CVE-2017-10989
* LIC_FILES_CHKSUM updated for below changes:
-** 2001 September 15
+** 2001-09-15
(From OE-Core rev: 95b802bfe74ac6a3f6dc05edb52c87ef90600f40)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rebase patches:
- tic-hang.patch -> 0001
- configure-reproducible.patch -> 0002
Drop fix-cflags-mangle.patch, which accepted by upstream
...
commit 1b74f120ab7be89011408a6ad0f1c748a314bae8
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Feb 26 09:01:34 2017 +0100
Import upstream patch 20170225
20170225
+ fixes for CF_CC_ENV_FLAGS (report by Ross Burton).
...
(From OE-Core rev: a4ad0703e1209fee6cd89bf74088931785c4d8c7)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1. Rebase patches to 4.3.6
- define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch -> 0001
- dhcp-3.0.3-dhclient-dbus.patch -> 0002
- link-with-lcrypto.patch -> 0003
- fixsepbuild.patch -> 0004
- dhclient-script-drop-resolv.conf.dhclient.patch -> 0005
- 0001-site.h-enable-gentle-shutdown.patch -> 0006
- libxml2-configure-argument.patch -> 0007
- tweak-to-support-external-bind.patch -> 0008
- remove-dhclient-script-bash-dependency.patch -> 0009
- build-shared-libs.patch -> 0010
- Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch -> 0011
2. Drop search-for-libxml2.patch
It is overrided by libxml2-configure-argument.patch
3. Rework dhclient-script-drop-resolv.conf.dhclient.patch and
Drop replace-ifconfig-route.patch.
vim client/scripts/linux
...
Script refresh in 2017. The aliasing code was too convoluted and needs
to go away. Migrated DHCPv4 script to ip command from iproute2 suite.
This is based on Debian script with some tweaks. ifconfig is no longer
used. Everything is done using ip tool from ip-route2.
...
(From OE-Core rev: 77878d2e6e8f36afa9a0fde8a6f0f955c84a5e5c)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Need to add ilp32 to known list of abi variants
(From OE-Core rev: 6c5e50d26cbb9172d7264e7a8fed3edf0c0e8414)
Signed-off-by: Vishal Bhoj <vishal.bhoj@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a new file, fs-perms-persistent-log.txt, which treats /var/log
as a directory instead of a link.
Modify package.bbclass to use this file if VOLATILE_LOG_DIR is set to boolean
false value.
[YOCTO #6132]
(From OE-Core rev: 6b22e247bf91f112401cad822cd7fe0b5621ffe0)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Respect VOLATILE_VAR_LOG variable so that if it's set to any valid boolean
false value, we could have persistent /var/log on the final image.
[YOCTO #6132]
(From OE-Core rev: 50914c4a84e0fb6b9bf6bb1864a2d653218753ce)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Respect VOLATILE_LOG_DIR variable. In this way, if the user overrides
this variable to be any valid boolean false value, /var/log on the final
image would reside on persistent storage.
[YOCTO #6132]
(From OE-Core rev: fc19114ca409fc3178ae5cbb44db875b12eeedfc)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The default value is "yes" which results in the /var/log being a link
pointing to /var/volatile/log which is on tmpfs.
Setting valid boolean false value ('no', 'n', 'false', 'f', '0') would make
/var/log to be a directory on persistent storage.
[YOCTO #6132]
(From OE-Core rev: 016bafce52f74462dc8f21a1c1b43ba2e6e59442)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch to fix CVE-2017-12424.
In shadow before 4.5, the newusers tool could be made to manipulate
internal data structures in ways unintended by the authors.
Reference link: https://nvd.nist.gov/vuln/detail/CVE-2017-12424
CVE: CVE-2017-12424
(From OE-Core rev: 896495d4d2a9751e6e013a3498293b2443d7d809)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade nss from 3.30.2 to latest stable version 3.31.1.
* remove 0001-Fix-warnings-found-with-gcc7.patch which is not needed now
(From OE-Core rev: 86838f1c06002a62ded12a9a66d1eb82093c85a9)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed following patch as the parallel make issue was fixed upstream:
* fix-parallel-make.patch
(From OE-Core rev: 76c9ba6b3f7c0aecb00b7d9c0a1aace3f80d8b48)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
OE-core commit 800753069f667cd1664d70b3779150c467e3b3fe remove
RPROVIDES list to get runtime dependences from manifest file.
python3-misc is added in python3 recipe, we need to add
native runtime to use python3-misc with native recipes.
(From OE-Core rev: 31fd20811f6d11e7ed6ac84caf776ac46cd6fb6f)
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
mkelfimage uses different flags to compile as freestanding binary
it does not pour CFLAGS into them during configure as a result
-fno-stack-protector was never used. Which failed to build with
compilers configured to build with ssp by default. It worked with
gcc since we do not configure our toolchain to default to ssp
Fixes errors e.g.
| objdir/linux-i386/convert_params.o: In function `convert_params':
| linux-i386/convert_params.c:(.text+0x9f4): undefined reference to `__stack_chk_fail'
| objdir/linux-i386/convert_params.o: In function `compute_checksum':
| linux-i386/convert_params.c:(.text+0xa71): undefined reference to `__stack_chk_fail'
| objdir/linux-i386/convert_params.o: In function `printf':
| linux-i386/convert_params.c:(.text+0xcc7): undefined reference to `__stack_chk_fail'
| make: *** [linux-i386/Makefile:24: objdir/linux-i386/convert] Error 1
(From OE-Core rev: f6ed82482838e34202721be8f40ca1cc340c325e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When rpmdeps files a perl script, it attempts to determine what it provides
and what it requires. Often the requires are incorrect, within the context
of Wind River Linux. This results in an error that DNF is unable to install
a package due to one or more unresolved dependencies.
In RPM5 we had disabled this behavior, the alternative is to require that all
perl scripts be 'complete', in that they only require things they absolutely
need and that OE provides. If we ever enforce that, this commit can be
reverted. Until they fall back to prior behavior (which also matches ipkg
and deb style packages.)
(From OE-Core rev: 99376f602c997fec96dbb28ddbe3fa5f68fde2c3)
(From OE-Core rev: 586875cea5769fea7d17bae2677eab72e4fc7e31)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
During the transition to dnf and rpm4, the functionality to
automatically make RPM determine dependencies was lost.
Before the transition, an OE specific tool called rpmdeps-oecore had
been added to the rpm suit. It was based on the rpmdeps tool that is
part of rpm. For each file specified on its command line, it would
output the provides and requires that RPM could determine.
During the transition to rpm4, rpmdeps-oecore was replaced with the
standard rpmdeps. However, what no one noticed was that unless rpmdeps
is given options, e.g., -P or -R, to tell it what it should output, it
will not output anything. Thus, it would do all the work to determine
the requirements, but would keep silent about it. And since no output
from rpmdeps is expected unless there are requirements, there were no
warnings indicating that everything was not working as expected.
Porting the old rpmdeps-oecore to work with rpm4 is not really
possible since it relied on being able to access internals of RPM that
are no longer available. However, it turned out that rpmdeps had a
debug option, --rpmfcdebug, that would output exactly the information
that we need, albeit in a different format and to stderr. To make this
usable, rpmdeps has now received a new option, --alldeps, which sends
the information we need to stdout.
(From OE-Core rev: 958501b3d9201aaabb81ec644c6049e0c9b737e7)
(From OE-Core rev: bf017930036f19b3d6df8e5b50d9979ee7045c5c)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since LTP includes a set of test cases, we need to skip file dependency
generation, as there will be dependencies that can not be satisfied. In this
case a csh and ksh dependency come from two tests.
The alternative would be to depend on csh/ksh (a bad idea as they're not
available in oe-core) or remove the tests (but this eliminates the tests if
someone DOES have csh/ksh in their configurations.)
(From OE-Core rev: 8c4dcdfa9d5a37acb6f492b1cf0e40a403e5fbe9)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
