Previously, if we have 'package-management' and 'read-only-rootfs'
both in IMAGE_FEATRUES, we would meet the following error at system
start-up.
rm: can't remove '/etc/rcS.d/S99run-postinsts': Read-only file system
However, what's really expected is that when there's no postinstall
script at system start-up, the /etc/rcS.d/S99run-postinsts should not
even be there.
Whether or not to remove the init script symlinks to run-postinsts should
not depend on whether we have 'package-management' in IMAGE_FEATURES; rather,
it should only depend on whether we have any postinstall script left to run
at system start-up.
This patch changes the _uninstall_unneeded function based on the logic
stated above.
[YOCTO #6257]
(From OE-Core rev: d51b1ced88958d31a1596e37db871257fe013446)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some classes of recipe disable ptest even though its in DISTRO_FEATURES
(e.g. nativesdk). We shouldn't attempt to build ptest packages when
its disabled. This replaces some DISTRO_FEATURE checks with PTEST_ENABLED
checks instead.
(From OE-Core rev: d1369fe95ac6732e5747873eccd6a1e74359cea4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The do_configure_prepend was duplicated in gcc-4.X.inc and
gcc-configure-common.inc leading to confusion when reading the resulting
do_configure task where the file was processed twice.
The only difference was the removal of the include line for gcc 4.8/4.9.
On mingw were were seeing two issues, firstly that the if statements meant
the values we wanted weren't being set, the second that the include
paths were still wrong as there was no header path set.
To fix the first issue, the #ifdef conditionals were removed, we want
to set these things unconditionally. The second issue is addressed by
setting the NATIVE_SYSTEM_HEADER_DIR variable here (it was already
set in t-oe).
(From OE-Core rev: c19bb1db2eb728899e10a28d10567e9e026ee694)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If image contains dbus and ptest is in DISTRO_FEATURES, dbus-ptest package
is installed, regardless of whether ptest-pkgs is in IMAGE_FEATURES. This
issue will increase size for most small images.
This patch fixes this problem.
[YOCTO #5702]
(From OE-Core rev: 0416583f014138656babdf78a574357ae5ff25bd)
(From OE-Core rev: d865612c7c1aaccb9f4c65224c9e4c888876fe92)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building on XFS filesystems, the resulting rpms can be corrupted
with the same inode number being used for multiple hardlinked files.
There are two fixes, one to stop rpm crashing when accessing a broken
binary rpm, the other to stop generating them in the first places. Full
descriptions in the patch headers.
(From OE-Core rev: 53ce6bacccc0fd97487bdf31ff3b7ee098984652)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fontconfig doesn't need to be passed large file flags through CPPFLAGS because
it's configure script uses AC_SYS_LARGEFILE.
This reverts commit 5a49a24d35.
(From OE-Core rev: 98f9a9fd359c356c9ce6dd0ba16a557b7a07b788)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
http://www.openssl.org/news/secadv_20140605.txt
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a Man-in-the-middle (MITM) attack where the attacker can decrypt and
modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client *and*
server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers
are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users
of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
(Patch borrowed from Fedora.)
(From OE-Core rev: fd1d740437017d3ed75684768d6915041cdb0631)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
http://www.openssl.org/news/secadv_20140605.txt
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code
can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
(Patch borrowed from Fedora.)
(From OE-Core rev: 833920fadd58fe353d27f94f340e3a9f6923afb8)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
(Patch borrowed from Fedora.)
(From OE-Core rev: 5bcb997663a6bd7a4d7395dcdb5e027d7f2bab81)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These dependcies are needed to ensure that thier packages are created
correctly since these classes have runtime dependiences in their packages
but they are not actually created yet at rootfs time.
[YOCTO #6072]
(From OE-Core rev: bba835fed88c3bd5bb5bd58962034aef57c408d8)
(From OE-Core rev: 8c4ea49ba8440871f5a7008c7fa20f93bfb35d78)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The alloca() function allocates space in the stack frame of the caller,
so using alloca(new_size - old_size) would possibly crash the stack,
causing a segment fault error.
This patch fixes the above problem by avoiding using this function in
journal-file.c.
[YOCTO #6201]
(From OE-Core rev: 96b6a2d446d28eabd9a943f5f2b5af12c24a7dbb)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the first command returns an error, it will not cause the image generation
step to fail. Simply split up the statement into multiple lines to avoid
this issue, they no longer need to be one line expressions.
[YOCTO #6391]
(From OE-Core rev: f8125a1e9b6893a12355d55d4df584a8d97f0bff)
(From OE-Core rev: 414f9b4d2dd39845b537ebdc2a4ecafbd9162343)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It seems that 585324fee380109acd9986388f857f413a60b896 is no
longer there in git and it has been rewritten to
ffc3ad4945da69f3caa2b40e4eed715a9a8d9526
Change-Id: I9ffe8bd9bcef0d2dc5e6f6d3a6e4317bada8f4be
(From OE-Core rev: b193c7f251542aa76cb5a4d6dcb71d15b27005eb)
(From OE-Core rev: f2b20b169a462cf4c6e6f341b76add8a0f4d6e3f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch fixes a build warning which is promoted to an error via -Werror.
changes from v1:
* put "Upstream-Status" in patch itself, not in OE patch header
* fix commit wording
(From OE-Core rev: 4b41f4199d77144a629897173cff3d1efcfa85f9)
(From OE-Core rev: 69f9022126d3cd21001f48ec36730982e53a6a48)
Signed-off-by: Trevor Woerner <trevor.woerner@linaro.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If libsdl-native is in ASSUME_PROVIDED, check for it in the sanity tests.
This warns the user if they've said its being provided but it isn't and
prevents silent build issues.
(From OE-Core rev: d9d7b0515fcf47c4cf7533a12915ea92298ce834)
(From OE-Core rev: b26e4596d56db4120a81a07268fd174e14240e2b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
configure.ac references the m4 directory so things like gtkdocize
will try and place m4 files there. We need to ensure the directory
exists or the builds can fail.
(From OE-Core rev: 0ced649c055dd25c500d0fd34e4ea94504d98580)
(From OE-Core rev: ce4cc1e8b48fb368fa96f63ee43a35d6ed142b21)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes a compatibility issue between v86d
and SeaBIOS VGA BIOS where the leal instruction
is not decoded properly. Read the
http://thread.gmane.org/gmane.comp.emulators.qemu/271806
thread for more details.
Patch taken from upstream.
(From OE-Core rev: 3e890dd00ed27cc30800caefa85827cb16da5a3a)
(From OE-Core rev: 730206ccbcbe7f75a5946b64fba82a794cd9da5a)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sulogin is provided by both busybox in /sbin/sulogin and util-linux provides one
in /usr/sbin/sulogin, so move util-linux's to sbin and setup ALTERNATIVE_LINK.
[YOCTO #6384]
(From OE-Core rev: a827ca74d27b916df8d40ec8155bc0340f8a0487)
(From OE-Core rev: 92f0657a89087a4a388030fdb04aaad80aca918d)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
On systems with /bin and /usr/bin merged the gzip recipe may find grep
in /usr/bin, while OE puts it in /bin. Force the recipe to find grep in
the correct place.
(From OE-Core rev: 8ae714bb59c67433ded1efe6a8750e0e9c126dab)
(From OE-Core rev: 26e46f935cc98845225c41d954b34b3312a4c37d)
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If file_filter is set, git format-patch takes account but git rev-list
does not. So revlist is going to get with wrong revisions. And last_revision
will be updated with wrong revision. The next time that user run
combo-layer it complain about applying patches.
So ensure that 'git rev-list' are using file_filter as 'git format-patch'.
(From OE-Core rev: c22e40900d8e33c2c884e714c11ddb771b86923f)
(From OE-Core rev: 7ad5b4dece1d8fba6f1b6b530830384e6c8fb74f)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The update-rc.d treated priority numbers begin with '0' as octal
numbers. This led to problems of update-rc.d being unable to handle
priorities like '08' or '09' correctly.
This patch fixes the above problem.
[YOCTO #6376]
(From OE-Core rev: 675fd834b9ed696cd87809830d57d3da083580d3)
(From OE-Core rev: b59efa053d1396efd3d5a9c7f88fb5088b063686)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backported patch for CVE-2014-3466.
This patch is for daisy.
(From OE-Core rev: ca2773b19db4881abe5244c373d94ff05cd2684f)
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
(From OE-Core rev: ca220681f1ba0fedeab68e96df58f36c4fbc7473)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
(From OE-Core rev: bf6fcfa17d73171623a4d27089c32031705c2591)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The FILESEXTRAPATH was not getting used correctly since our distro
OVERRIDE is for poky-tiny, not poky, so just remove it, also we are
not using a version directory so ensure we get correct BPN (Base Package
Name).
[YOCTO #6353]
(From meta-yocto rev: 34b3fde299faa47cf6330cefa46b0e54ddcbbc42)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently the SDL configuration option for qemu floats. This is confusing to new users
and makes the build non-determinstic. This patch adds a PACKAGECONFIG option, defaulting
to off and adds documentation to local.conf.sample leaving it on by default since this
is the configuration our quick start assumes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Patches explain the issue in detail but this is exposed
with gcc 4.9 in binutils 2.24
(From OE-Core rev: fc5c467b680fc5aef4b0f689e6988e17a9322ae0)
(From OE-Core rev: 4dfb8847ebf8aab90ad8888933468e2899c96998)
(From OE-Core rev: af347d3298e15552d502d5b2ce497bbda9705bc7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before
2.1.4 does not properly calculate line sizes, which allows remote
attackers to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact via crafted Microsoft RLE video
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2099
(From OE-Core rev: 3e27099f9aad1eb48412b07a18dcea398c18245b)
(From OE-Core rev: 5898f20bb2f38a91b2dd1b4cc4798fd960331a14)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood
Studios VQA Video file, which triggers an out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865
(From OE-Core rev: 4a93fc0a63cedbebfdc9577e2f1deb3598fb5851)
(From OE-Core rev: 62854105de72f09dcffa08dbdc975e8f306a4a39)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
