Backport patches to fix CVE-2015-4103, CVE-2015-4104, CVE-2015-4105 and
CVE-2015-4106. These patches are from debian, but they are originally
from:
http://git.qemu.org/?p=qemu.git;a=shortlog;h=c25bbf1
(From OE-Core master rev: 496b3ffba6755bb76709c88cf81399c9d23f830a)
(From OE-Core rev: 29746e78ca000f4464c8e0a1da55c77e02c651e4)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Refresh the following patches to apply cleanly to our qemu-2.2.0:
07-xen-pt-split-out-calculation-of-throughable-mask-CVE-2015-4106.patch
10-xen-pt-add-a-few-PCI-config-space-field-descriptions-CVE-2015-4106.patch
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Opkg's configure script doesn't use the value from --sysconfdir to determine
the location of the conf file, it uses the value from --with-opkgetcdir
(From OE-Core rev: d32f7f86b5d2b48222bdaada2697cd5e23cfe1c9)
(From OE-Core rev: dcda6e1e7b95f13dc4a9bb136e6a31c46c76ea9e)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Default behavior of opkg was to use ${OPKGLIBDIR}/opkg/lists;
but in our recipe we modify it to ${OPKGLIBDIR}/opkg/${OPKGLIBDIR}/opkg/,
when appending package-management to IMAGE_FEATURES these lists are
populated during build time (using the default directory),
but since our config was different these populated lists were never used at runtime,
this patch solves this inconsistency by using default behavior for both build time and runtime.
[YOCTO #6966]
(From OE-Core rev: a71b29ffc514892ca394fc8de275294b910586f0)
(From OE-Core rev: f49fc4fc5c5f150dad9807d92239ada885bca5fd)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bootchartd needs the command lsb_release and pidof to run, pidof maybe
provided by sysvinit or procpus;
To native bootchart2, only pybootchartgui is used, and which is not needed
both pidof and lsb_release
(From OE-Core rev: d0d641bf8cbf96d7c30dfcbdf2572d2709b56858)
(From OE-Core rev: a8f64210776ee2399d25c6249b4deb715938c4f9)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
They managed to 'break' tar. Again. Sorry, they fixed a regression
which broke dpkg-deb.
The addition of:
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=163e96a0e619a900eab6de827c7c5749ecc9d3f2
("Bugfix: entries read from the -T file did not get proper matching_flag.")
means that the no-recursion option gets lost. This leads to many files getting included
multiple times, along with files which shouldn't be there.
The commit message is horrendous. The patch actually makes the option positional
(as documnted since 2003) and therefore doesn't affect the input from the -T option.
Moving the --no-reursion option to earlier in the command avoids the bug.
The bug was not present in tar 1.28 however it has been backported in at least
Fedora 22 and heading into Fedora 21.
Redhat reports of issue:
https://bugzilla.redhat.com/show_bug.cgi?id=1230762 [tar]
https://bugzilla.redhat.com/show_bug.cgi?id=1241508 [dpkg]
Discussion of bug in upstream tar:
http://www.mail-archive.com/bug-tar@gnu.org/msg04799.html
[YOCTO #7988]
(From OE-Core rev: 6be698b7270f73f40d38713ecf13f12aec0ced61)
(From OE-Core rev: 1c916ddebc3009d3817359144b02745c3ecbd5c4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
use static storage class instead of extern for inline functions
and remove duplicate definitions as a result
Change-Id: I72e8c5f19dff656c18f719d1e9e2ca697c9a856f
(From OE-Core rev: 1a9d92b9891c06ede91af05d516a429e1f81777d)
(From OE-Core rev: efada40a7a785446f9c46aa8a7d0e1c7407376e9)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With python enabled, gdb refuses to start without core
python modules:
| Could not find platform independent libraries <prefix>
| Could not find platform dependent libraries <exec_prefix>
| Consider setting $PYTHONHOME to <prefix>[:<exec_prefix>]
| ImportError: No module named site
It also complains if python-codecs is missing.
(From OE-Core rev: 646adb4d90030970f6e2136f65b51b3c8b0c9d5c)
(From OE-Core rev: c1c2c9c7f20b289928c94beb7adfe03f03c4b64e)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch is needed for certain cpus and has been accepted into upstream
(From OE-Core rev: 3371b42a4ac5becb063157f1b258918601211ebf)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
see https://gcc.gnu.org/gcc-5/porting_to.html
we need to stop the preprocessor from generating the #line directives
or we run into issues like
| checking for apr_int64_t Python/C API format string...
| configure: error: failed to recognize APR_INT64_T_FMT on this platform
| Configure failed. The contents of all config.log files follows to aid
debugging
| ERROR: oe_runconf failed
Rightly subversion should be fixed but lets leave that to subversion
folks
Change-Id: I02a89798ff949f79967ab0a73adcddaa4218662d
(From OE-Core rev: 7793b1c425077ed6ed11a9bc2a8b1b96612b1c96)
(From OE-Core rev: a240d28492f05c22198dd4b20c11c0d510f0c897)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When cross compiling for arm targets ctypes compilation fails because
it uses _sysconfigdata from the HOST, this patches makes it use the
one from TARGET fixing compilation of this module
[YOCTO #7873]
(From OE-Core rev: a676ee838aae1ac05fa6542d1b0791d61ff9f05f)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Jonas Göransson <jonas.goransson@qmatic.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The print statement should capture the output and send it to the script
processing engine, and not display it directly to the screen.
Note, this is only a bug if 'lua' support has been enabled in the RPM
recipe's PACKAGECONFIG.
This patch is from: http://rpm5.org/cvs/patchset?cn=17671
(From OE-Core rev: 6bc0e8207d0e7b1d6f2eac8ed1b75a3fd9fab87b)
(From OE-Core rev: 7d4230b7eb7aa09087a6267dd6e686f713ac6f72)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Building both 32-bit and 64-bit binaries in valgrind at a time would
lead to following QA issue as below,
(snip)
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/vgpreload_exp-sgcheck-x86-linux.so
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/getoff-x86-linux
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/vgpreload_core-x86-linux.so
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/vgpreload_memcheck-x86-linux.so
-- CUT --
hence perform only one type of build 32-bit or 64-bit, but not both.
(From OE-Core rev: 53afa26655d0b5f75ef2dd6bccef76281a14655c)
(From OE-Core rev: cc79ca38c6f8af4f47fb1e466a836bc8764cd938)
Signed-off-by: Krishnanjanappa, Jagadeesh <jagadeesh.krishnanjanappa@caviumnetworks.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cherry pick upstream commit to fix -Werror=logical-not-parentheses error
when building with native gcc5.
(From OE-Core rev: b3bd0dba3139a3e79bfcebe137248c7bdcadf04d)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Yocto #7453]
Corrects the original commit for the patch that removed ARM ptest CFLAGS
settings. Since the flags could be set by a user, the flags should
be kept in place during compilation. By keeping the original up-stream
CFLAGS for the tests, then additional tests successfully compile
for all tested ARM tunings.
However, there were still two tests listed below that did not compile
for any beaglebone tuning that is valid for valgrind. With the updated
patch, the set of excluded ARM ptests and their respective build
failures are:
intdiv - fails for all beaglebone tunings with 2 errors:
{standard input}:(40 or 41): Error: selected processor does not
support Thumb mode `udiv r3,r9,r10'
{standard input}:(72 or 73): Error: selected processor does not
support Thumb mode `sdiv r3,r9,r10'
vcvt_fixed_float_VFP - fails for all beaglebone tunings in one of
two ways:
with neon tuning (-mfpu=neon) fails with Internal Compiler Error
without neon tuning fails with 3 errors:
{standard input}:33: Error: selected FPU does not support
instruction -- `vcvt.f32.s32 s15,s15,#1'
{standard input}:58: Error: selected FPU does not support
instruction -- `vcvt.f32.s32 s15,s15,#32'
{standard input}:136: Error: selected FPU does not support
instruction -- `vcvt.f32.u32 s15,s15,#1'
After applying this commit, the valgrind ARM ptests compile without
errors for tunings:
armv7[t][hf][b][-neon] cortexa8[t][hf][-neon]
where the tuning [option] was successfully compiled, both with
and without the 'option', and in combination with all other options.
(From OE-Core rev: 2fb0edcb47a14e47780d545f60885b36e71fca71)
(From OE-Core rev: 132886498816f6407416196fd5ccf8d1b8c589ab)
Signed-off-by: Dave Lerner <dave.lerner@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixed when build on armv7a_vfp_neon:
Python-3.3.3/Modules/_struct.o: relocation R_ARM_MOVW_ABS_NC against `a local symbol' can not be used when making a shared object; recompile with -fPIC
All the archs should use -fPIC when build shared object for linux.
(From OE-Core rev: 60c1f76f65060cbea458b06f9719a2536f50474e)
(From OE-Core rev: d9c3d3036da6f36d1f494987aa854d0c76968a27)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* install populate-extfs.sh from contrib, be aware that in order
to use it you need to set DEBUGFS shell variable, otherwise it will
try to use debugfs from relative path which is almost always
incorrect:
CONTRIB_DIR=$(dirname $(readlink -f $0))
DEBUGFS="$CONTRIB_DIR/../debugfs/debugfs"
(From OE-Core rev: 525b7b587a00466e4322450c171d920b47201e56)
(From OE-Core rev: 32e847f6988eb488dad23badf1cabae92ef803df)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Directory traversal vulnerability in the read_long_names function in
libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers
to write to arbitrary files to the root directory via a / (slash) in a
crafted archive, as demonstrated using the ar program.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9447
(From OE-Core rev: 4a65944b89a76f18c8ff6e148f17508882d387cf)
(From OE-Core rev: 5eda84a62201461b9c69498ec35585d2c8142dec)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch fixes a warning seen with gcc 4.8 (especially on ubuntu 13.10)
(From OE-Core rev: c577a52b252ccbad9a8dde79c6a4a4f23376d9d8)
(From OE-Core rev: 1878cadb02aa01a58f6985d2b7a9268df4f381a6)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is aready in the source.
(From OE-Core rev: 99f9df3add049ec18dbcd604646a67dc59b3db16)
(From OE-Core rev: 6c1b44872d9cd09ad46fd9d2cc3555f9cd3a55e6)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed:
- unbreak-assumptions.diff
This patch changs the dir to /non-existant-dir, the source code has
changed the dir to /deadir, so it is not needed any more.
- trycompile.diff
There is no try_compile or try_run in numpy/core/setup.py any more, so
assumed that it is not needed.
(From OE-Core rev: 56aac948ca9686d79a2c56f4f034f8de445ff37b)
(From OE-Core rev: 7f0d86dd43a10a981aa2ad8acde66fe345fe4096)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink
attack on a file in the synchronization path.
Backport Complain-if-an-inc-recursive-path-is-not-right-for-i.patch to fix it
(From OE-Core master rev: f280b4f28231ea5a416266ae022d6e4c4ea91117)
(From OE-Core rev: a42af2e434c01c04af36d6ed7a7a5480a7a255a5)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream added aarch64 support but forgot to update 'make dist' leading to missing files in the tarball.
(From OE-Core master rev: a40309f284805e8cda024f7299a676cfdf8f97a5)
(From OE-Core rev: fd11110b7d63fce6a1f7a26f123ae7a8ddee3175)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The original uclibc-support.patch is not compatible with elfutils-0.161.
It should be corrected through adjusting context.
So regenerate a new patch for elfutils-0.161, rename the patch for
elfutils-0.148, and put them into respective directories.
(From OE-Core master rev: 64acb72e7ec63528073d8290137fe74d3382f876)
(From OE-Core rev: d4924543c265ca497d4c419d4571cf1f8ef31d09)
Signed-off-by: Junling Zheng <zhengjunling@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cross-compling dpkg application for armeb fails with below error
during configure task,
(snip)
configure:23141: checking dpkg cpu type
configure:23148: result: armeb
configure:23150: WARNING: armeb not found in cputable
configure:23162: checking dpkg operating system type
configure:23169: result: linux-gnueabi
configure:23171: WARNING: linux-gnueabi not found in ostable
configure:23183: checking dpkg architecture name
configure:23189: error: cannot determine host dpkg architecture
-- CUT --
Add the required combination of "gnueabi-linux-armeb" entry in
triplet list.
(From OE-Core master rev: 63eb33bced1fc1e5451988fc5249ab362fb82615)
(From OE-Core rev: 0c83ca720ccfbef6964ac34fedfefa9006c484c4)
Signed-off-by: Krishnanjanappa, Jagadeesh <jagadeesh.krishnanjanappa@caviumnetworks.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes in python 2.7.9 from 2.7.3 cause issues when building the in
tree libffi for ctypes. These issues primarily affect less common
platforms (e.g. MicroBlaze) that are supported by libffi but the python
overrides for the in tree libffi are not able to detect correctly.
This patch changes the python 2.7.9 recipe to match how the python 3
recipe handles libffi by configuring the build to use the system
libffi. This brings consistency between the libffi used for different
python versions as well as with the system.
(From OE-Core master rev: 4302cc20dbe0f0490a5e7b62baeb632322c40200)
(From OE-Core rev: 9f7b0133b63d315703d0c44e877ae81d4a9a1692)
Signed-off-by: Nathan Rossi <nathan.rossi@xilinx.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix perl runtime issue:
* Can't locate overloading.pm in @INC (you may need to install the
overloading module ...) at /usr/lib64/perl/5.20.0/overload.pm line 83.
(From OE-Core master rev: 3dec9ad1cd6ad1236950b0100f6327df7a0bf7db)
(From OE-Core rev: cecac1d52143e34b6e1142e38a1c874188dd74e9)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hardlink count duing do_package_write_deb can change causing dpkg-deb
failures. We don't care about this error case so avoid it by checking
the tar exit code.
[YOCTO #7529]
(From OE-Core rev: 77e077a57536c764034f06723edd0749dc578626)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In a baremetal build, TARGET_ENDIAN_OPTION isn't set leading to build
failures. Add in ifdefs to avoid this.
(From OE-Core rev: 5325c763a66b252c976ece3a08e5fc916fd6c416)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Comments within the commit describe the issue.
(From OE-Core rev: 2d923d6dfe9431dbc005f8ba39838eb4519c471c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since 3.8.0, valgrind supports MIPS32. MIPS64 was added in 3.9.0.
(From OE-Core rev: 13d2f0c8cd71a636de16ef33c546af7b208115bd)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Linux usually has /dev/ptmx, so set set it to yes.
(From OE-Core rev: f19d5e3ffbb10ddc6220249fb9e978d1c3fc5e45)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Without this patch, x86_64 images would show invalid EDSCA key errors
with sshd from openssh (but not dropbear) during init.
This would cause problems with operation with some distros where EDSCA
keys were mandatory. The issue was present in qemu 2.2.1 and not in
2.3.0-rc0, bisected to this commit which was then backported. This fixes
intermittent failures on the autobuilder. Issue is not present when
using KVM (consistent with a fault in TCG).
(From OE-Core rev: 27fe06cb7d30c79833769b3ebb080a7a8115439d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Parallel make races when linking PGEN affects target's python
compilation as well, adds patch from python-native to modify the
Makefile and avoid parallel make races, also updates upstream status
(From OE-Core rev: 4f0d1015aa3331ae7b376f836d3188b6017abfb1)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Debian, Ubuntu and opkg all have it in bindir.
(From OE-Core rev: 5f6faeb24ba80cdb6c9f62b185e40adc15f0fd6e)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
