To try and help with the inermittent rcu stalls and boot issues with qemu
add some kernel commandline options commonly used with qemu instances which
were suggested may help.
(From OE-Core rev: d75cb16ecb3a55fd7631bf7720663e4b196421ee)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Move from 1996 to 2009 by swapping machine 'pc' for 'q35'.
Also move to a CPU which is SMP capable and doesn't have tsc bugs. IvyBridge
matches what we're using on the autobuilder.
The intent here is to try and improve on some of the intermittent autobuilder
issues we're seeing. I'm told that nobody else runs with config this old
and it could well be contributing to our issues. Having reliable testing
is key to the project and justifies updating this IMO.
(From OE-Core rev: 6d9f25782bd585e89c5aaf7046266c848f1e581b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Only qemux86* and qemuarm* support SMP with our current configurations so
rework qemu SMP enabling to account for that and only use it on the architectures
where it works.
(From OE-Core rev: ee371325ce651cc113e43bdeb5d8986d5b84a3f4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Each of the cores is mapped to a thread on the host, this
should speed up things inside qemu which can take advantage of that.
(From OE-Core rev: 56f98d12a79585a4d4c459160f39403e05b620a5)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* DWARF-5 is now used by default with gcc-11, causing
11.1.0/ld: internal error in format_file_lineno, at ../../gold/dwarf_reader.cc:2278
collect2: error: ld returned 1 exit status
in various projects (runc-opencontainers, libhybris, collada-dom)
* https://gcc.gnu.org/gcc-11/changes.html
For targets that produce DWARF debugging information GCC now defaults to DWARF version 5
(with the exception of VxWorks and Darwin/Mac OS X which default to version 2 and
AIX which defaults to version 4). This can produce up to 25% more compact debug
information compared to earlier versions.
To take full advantage of DWARF version 5 GCC needs to be build against binutils version 2.35.2 or higher.
When GCC is build against earlier versions of binutils GCC will still emit DWARF version 5 for
most debuginfo data, but will generate version 4 debug line tables (even when explicitly given -gdwarf-5).
The following debug information consumers can process DWARF version 5:
GDB 8.0, or higher
valgrind 3.17.0
elfutils 0.172, or higher (for use with systemtap, dwarves/pahole, perf and libabigail)
dwz 0.14
Programs embedding libbacktrace are urged to upgrade to the version shipping with GCC 11.
To make GCC 11 generate an older DWARF version use -g together with -gdwarf-2, -gdwarf-3 or -gdwarf-4.
(From OE-Core rev: d07d4d739ae17787017f771dd2068fda0e836722)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An XML parser (either libxml2, or expat) is only needed by libarchive to
read/write XAR archives. However, these also need OpenSSL enabled which
by default it is not, so XAR files were disabled and libxml2 was a build
dependency for no reason.
As XAR archives are mainly used on macOS, we can remove libxml2.
(From OE-Core rev: 363f1ee30b0e6d222943aaed8dce37a4a441a86d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue only affects Debian and SUSE.
(From OE-Core rev: 72522fa1a5f3b9b2855043fe6b421886d641385f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is included in the release we have, it was the reason for the last rpm
point release.
(From OE-Core rev: 117feb358c81b6b852dee24268eac0a1a47c1701)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bumping the SRCREV to pickup the following for the kern-tools:
commit 6dd85ff178cd76851e2184b13e545f5a88d1be30 [kconfig: change
"modules" from sub-option to first-level attribute] broke parsing
in 5.13+ trees.
We add the new location to the parser so we can support both
types of module specifications.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Without this, the kernel configuration audit for 5.13+ errors
immediately.
The older "option modules" parsing has been left in the code, so that
older kernels continue to work as well.
(From OE-Core rev: ba39e42681e7e3c6fe82686a42a9ee4b519003f9)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building in longer paths, the ovmf build changes in many ways. This adds a
patch addressing various causes of problems. Full details are in the patch header.
(From OE-Core rev: 9113a5815f3c682ef99fd777e35e892b2e08237f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lto tends to break reproducibility and makes ovmf near impossible to debug
reproducibility issues in. Disable it and supress the warnings that then
generates from Werror.
(From OE-Core rev: 627b6ed763eca90192203932784872b60a65fcaa)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Minutiae including grammar fixes, increased brevity and adding a
proper link to another SDK manual section.
(From yocto-docs rev: 21d6c6fcbae938c256da6e72d6ac8d2ca72d5bc0)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <foss@0leil.net>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
configure is not able to decode, right options to compiler, it needs to
be set according to default tune manually. Fixes build issue on mips
e.g.
{standard input}: Assembler messages:
| {standard input}:2162: Error: opcode not supported on this processor: mips32r2 (mips32r2) `dmult $22,$22'
| {standard input}:2164: Error: opcode not supported on this processor: mips32r2 (mips32r2) `dsrl $5,$5,32'
| make: *** [/mnt/b/yoe/master/build/tmp/work/mips32r2-yoe-linux/ffmpeg/4.4-r0/ffmpeg-4.4/ffbuild/common.mak:67: libavcodec/aptxenc.o] Error 1
(From OE-Core rev: b254db634fc888ae75e843c8a9108e71ffff3f77)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop mips64_cpu_detection.patch as upstream
has changed the code in a way that's difficult
to rebase. I have confirmed that builds on qemumip64 still
work, and the patch does not say clearly what was the
way to reproduce the failure it's aiming to address.
(From OE-Core rev: 7db3aed539044bed1c7d3cf7b91f55caed974fe2)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some fix upstream addresses the issue, it isn't clear which change this was. Our
current version doesn't have issues with the test image though so we can exclude.
(From OE-Core rev: 3874da694ae1d9de06dd003bd80705205e2b033b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These CVEs are fixed with kernel changes and don't affect the bluez recipe.
(From OE-Core rev: 658902477840ea34d414083c4c79616bf5e999a2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE is in the jpeg sources included with ghostscript. We use our own
external jpeg library so this doesn't affect us.
(From OE-Core rev: 8556d6a6722f21af5e6f97589bec3cbd31da206c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We use the SUSE mirror of xinetd. The CVE fix was added to the main repo
after the latest release but is included in the version from the SUSE repo.
(From OE-Core rev: 6f587d1e1fdf8141d240160d57c9a05ff97ea510)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue applies to use of cpio in SUSE/OBS, doesn't apply to us.
(From OE-Core rev: 915b38c54a7932744a9f56713d1c6bd00a789331)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch mentioned as the fix for the CVE is applied to the 6.0 source
code. Zip versioning makes CPE entry changes hard.
(From OE-Core rev: 8917e5ae2bb44d017fc0155f16632c5decadb0bd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE only applies to some distributed RHEL binaries so irrelavent to us.
(From OE-Core rev: 5d8b3ddf91050f6745a99a8abb1c3b03c35247af)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore
so the issue doesn't affect us.
(From OE-Core rev: 30106ae676124ba3c0e496a4f19c919c8418b59b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Refresh patch and adjust version directory for new version numbering
scheme. Add new dependency on libarchive.
(From OE-Core rev: 02bce05698d905771250ab12b48d8b0e19d218cb)
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop configure() tweaks, none of them are needed anymore, and particularly
the ncurses tweak was changing the build in a way that is not clear
(and no one remembers why it was there in the first place).
Adjust LDFLAGS as somehow -pthread isn't there --> link failures.
(From OE-Core rev: c4982ddd71ac652f9d3b879bf31bb087500fb611)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This reverts commit 4118415d4b.
This was found to be unnecessary, and broke upstream version checks.
(From OE-Core rev: cee436d1eb94663f3604c80b6ad87292f6901498)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We want to pass ${DEBUG_PREFIX_MAP} to gcc commands and also pass in
--debug-prefix-map to nasm (we carry a patch to nasm for this). The
tools definitions are built by ovmf-native so we need to pass this in
at target build time when we know the right values.
By using determininistc file paths in the ovmf build, it removes the
opportunitity for gcc/ld to change the output binaries due to path
lengths overflowing section sizes and causing small changes in the
binary output.
This also means that if builds have reproducibility issues in future, it
becomes much easier to compare intermediate build artefacts.
(From OE-Core rev: 51f51310d6d5cced2b55bf27dbb9a5717740a206)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We don't build/use the OPIE PAM module, exclude the CVE from this recipe.
(From OE-Core rev: 3670be602f2ace24dc49e196407efec577164050)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These CVEs apply to the way logrotate was installed on Gentoo, Debian
and SUSE, exclude from cve-check as they don't apply to OE.
(From OE-Core rev: 23643016f3b8794db772e333ff0b8f598571b628)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE is non-specific and depends on the users of jquery, doesn't
make sense to have this flagged against jquery as there is nothing we can
do about it.
(From OE-Core rev: 1f82843584f6d2843c5bbd2fe5dcbc654a0fbcfb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The issues were investigated and found not to be an issue therefore
exclude from checks.
(From OE-Core rev: ee6ee9bd489c126b99d15c1011560df2f840a6e9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE applies to the built-in VNC server but we don't enable this by default.
(From OE-Core rev: d62b9974a5f3a0f462434ce2763c28a4b4bbcfc6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE applies to virglrender before 0.6.0 which we don't have.
(From OE-Core rev: 9b5355375d028577de0b98e05992de6a088cb972)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
