Use the initramfs-framework for initialization by default due to
the modularity and expansibility.
[YOCTO #10987]
(From OE-Core rev: 28fc6ba761ed4a47efa7c43e7f7dff5e2fe72b5e)
Signed-off-by: Ng, Wei Tee <wei.tee.ng@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Utilized the existing init-install-efi.sh script and renamed it to
install-efi.sh to manage the installation process of images in
initramfs-framework model. This script will be executed when
"install" option is being chosen in the grub menu and install
the image on the target platform. A new install-efi module is
being added in the recipe to handle the installation process
using initramfs-framework.
[YOCTO #10989]
(From OE-Core rev: 41b34441c22143cbabace3d794ead05801afb7a0)
Signed-off-by: Ng, Wei Tee <wei.tee.ng@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
setup-live module is a new module being introduced to integrate the
functionality of init-live.sh into new scriptlet named setup-live in
order to support the live boot image. The udev-extraconf rdepends is
being added to perform automounting. It gets to run before the rootfs
and finish module.
The setup-live scriplet include the changes for:
- Create a conditional loop for the bootparam_root variable. If it is
not set, then it will boot from ROOT_IMAGE. Else, it will boot normally
which is not from removable media.
- Gives a standard path to the original boot disk mount which can be
used to. While /media/sda is a good guess, it isn't always right, nor
is it a good assumption that only one boot disk is in the system.
- The current rootfs module has no support for rootfs images, currently
it only support for rootfs partitions for wic image. Therefore, there
is a need to assign the rootfs image for live image.
[YOCTO #11701]
(From OE-Core rev: 4d3300e85a8e65207a415b9cf84c9fa1f71b0406)
Signed-off-by: Ng, Wei Tee <wei.tee.ng@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Added e2fsprogs-native to the list of dependencies for wic-tools
as all fs-related utilities have to be in this list.
(From OE-Core rev: d0ebcf62109d6a131e02cd4c0f04bba203ed6579)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wic will attempt to use pseudo from the wic-tools sysroot to run, but it
was only sure to be in there if do_install had executed - which is not
the case if it had been restored from sstate, in which case it failed
horribly as seen when running the wic.Wic.test_fs_types and
test_mkfs_extraopts tests on the Yocto Project autobuilder recently. Add
an explicit dependency on pseudo-native to ensure it's always there.
(From OE-Core rev: ada7408a55ec58e4aa1b094462f8a681e60be613)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The image consists only of the EFI system partition, therefore
we can avoid depending on the default wic tools.
(From OE-Core rev: f147b2502ae53d63a884a46e994ae18e12ec4ef6)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bootmisc.sh is responsible for setting the system date to a sane
default. Currently, it is the last script to be run from the rcS
runlevel.
Problem is that the files created before appear to have been created
on 1/1/1970. Most notably, /var/log/dmesg created in dmesg.sh cannot be
properly rotated with logrotate which does not consider it a valid date
and stops processing.
There is no blocker on moving this script right before populating
volatiles because it just requires the local and virtual filesystems to
be mounted to work.
(From OE-Core rev: a0f6508847a28a78cb0a1e9613b6e5cc3047d995)
Signed-off-by: David Vincent <freesilicon@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Append " -fno-tree-switch-conversion -fno-tree-tail-merge" to
FULL_OPTIMIZATION to workaround login problem on qemumips64. Otherwise,
user cannot login onto the target even username and password are
provided.
(From OE-Core rev: 35403ba3707c3c8dd94bcc557eef6f7c66696bc5)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.
Backport a patch from upstream to mitigate this by refusing to start units such
as this.
(From OE-Core rev: 549cb941c5b19909fb00f2bef9c04172ca1c162d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using "su - myuser" to change from root to a non-privileged user,
"mesg n" from the default .profile fails with "mesg: error: tty device
is not owned by group `tty' or "mesg: cannot open /dev/ttyS0:
Permission denied", depending on whether mesg comes from busybox or
util-linux.
This does not happen during a normal login because permissions on
/dev/tty* get changed while doing that, something that isn't possible
with plain "su -".
As the error can't be avoided and failures of mesg probably aren't
particularly important, now error messages get dumped to /dev/null.
[YOCTO #11127]
(From OE-Core rev: 4511a524f906c97db7c7674ad34e7bc8630649e3)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
"su -" == "su --login" was broken because it uses /etc/pam.d/su-l and
lacking that, falls back to /etc/pam.d/other which denies the
operation. The fix is to symlink "su-l" to the normal "su" pam config
file.
Because "su" usually comes from "shadow" and has been broken like this
without anyone noticing, it probably is not used much and thus should
be packaged separately so that it can be installed only when really
needed. For backwards compatibility, "util-linux" still pulls it in.
It is a bit strange that DISTRO_FEATURES are getting checked when
deciding whether the packages should be defined. It is not wrong, the
packages will be simply empty and thus probably not created when the
distro feature is on and the package config is off. Perhaps there is a
reason, so this is kept unchanged. The symlink however only gets
created when su.util-linux really gets built.
[YOCTO #11126]
(From OE-Core rev: 1ad32536c2d4a3e55e698d27d827caee788cb0f7)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wic-tools.env was uses only when wic is run from bitbake.
As wic doesn't use wic-tools anymore in this mode there is
no need for this file.
(From OE-Core rev: 47b569553f1211e04ee21ebdece2ee3a509a83be)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bring in following changes
* fix missing volatile qualifier on lock in __get_locale
* remove ineffective compiler assist from printf
* fix undefined behavior in ptrace
* unify the use of FUTEX_PRIVATE
* fix undefined behavior in free
* reapply va_arg hacks removal to wprintf
* remove useless declarations in string.h
* allow specifying argv[0] when invoking a program via ldso command
* fix regression in dlopen promotion from RTLD_LOCAL to RTLD_GLOBAL
* ldso: avoid spurious & possible erroneous work for libs with no deps
* powerpc64: add single-instruction math functions
* fix clang CFLAGS checks and silence unused argument warnings
* s390x: add single-instruction math functions
* fix arm run-time abi string functions
* fix regression in getspnam[_r] error code for insufficient buffer size
* fix omission of microblaze user.h definitions
* fix iconv conversions for iso88592-iso885916
* handle errors from localtime_r in ctime_r
* set errno when getpw*_r, getgr*_r, and getspnam_r fail
* handle localtime errors in ctime
* handle mremap failure in realloc of mmap-serviced allocations
* getdate: correctly specify error number
* catopen: set errno to EOPNOTSUPP
* fix glob failure to match plain "/" to root directory
* use hard-coded sh4a atomic opcodes to avoid linker errors on sh
(From OE-Core rev: 1e109651acd53b8bad5bc2ccdf152d747a91f1ac)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libnsl has been obsoleted in 2.26 and will be removed in future
until them we enable it
(From OE-Core rev: e8047c772f49fe5a4a18d54289d98fb2f98a8176)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Eventually it will be released as 2.26 final
(From OE-Core rev: 5a58883258206893d15990953c8691b05473eecb)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
GCC44_IA32_X64_DLINK_COMMON and GCC49_IA32_X64_DLINK_COMMON
variables add to final linker flags that ovmf build forms
on its own, so trying to inject it from environment will not
work.
Here we add option to disable pie during linking, which should
have been accompanied with correcponding gcc/cflags.
Fixes
| /mnt/a/oe/build/tmp/work/i586-bec-linux/ovmf/git-r0/git/Build/OvmfIa32/RELEASE_GCC5/IA32/OvmfPkg/AcpiTables/AcpiTables/OUTPUT/./Facs.dll: Bad definition for symbol '<unknown>'@0 or unsupported symbol type. For example, absolute and undefined symbols are not supported.
(From OE-Core rev: 85476cdb19d5c383966ba753a71eaeb3622bd6b4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Enable/disable the split-usr support in systemd based on 'usrmerge'
DISTRO_FEATURE.
- Modify rootprefix to point to ${root_prefix}, rather than ${base_prefix}.
- And fixed firmware path to use ${nonarch_base_libdir} instead of hard-coded
'/lib', because when 'usrmege' distro feature enabled this path would be
'/usr/lib'.
(From OE-Core rev: 7ca0415c26d5a8b00716b0a49f069e26fdeac30c)
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Now that epiphany needs a working msgfmt as well, let's do this trick
where it should be.
(From OE-Core rev: 7c0032b81f56fea5bec33aa0e74d6e28873f72a8)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This adds or fixes the Upstream-Status for all remaining patches missing it
in OE-Core.
(From OE-Core rev: 563cab8e823c3fde8ae4785ceaf4d68a5d3e25df)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix a variety of spelling and format mistakes to improve the ease of reading the
tags programatically.
(From OE-Core rev: 6e1aaf80b0d951b48cd25cb7161ec19448295094)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The new flag doesn't work and the change even broke the XML_PARSE_NONET option.
(From OE-Core rev: 8b586f60778579ee2c9adae429128a07e8437553)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix type confusion in xmlValidateOneNamespace
Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types
on namespace declarations make no practical sense anyway.
Fixes bug 780228
CVE: CVE-2017-0663
(From OE-Core rev: a965be7b6a1d730851b4a3bc8fd534b9b2334227)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix NULL pointer deref in xmlDumpElementContent
Can only be triggered in recovery mode.
Fixes bug 758422
CVE: CVE-2017-5969
(From OE-Core rev: 0cae039cbe513b7998e067f4f3958af2ec65ed1a)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix handling of parameter-entity references
There were two bugs where parameter-entity references could lead to an
unexpected change of the input buffer in xmlParseNameComplex and
xmlDictLookup being called with an invalid pointer.
Fixes bug 781205 and bug 781361
CVE: CVE-2017-9049 CVE-2017-9050
(From OE-Core rev: 2300762fef8fc8e3e56fb07fd4076c1deeba0a9b)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.
Fixes bug 781333 and bug 781701
CVE: CVE-2017-9047 CVE-2017-9048
(From OE-Core rev: bb0af023e811907b4e641b39f654ca921ac8794a)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop uuid-test-error-api.patch as it's been fixed upstream differently:
b770b48700
Drop ptest for tailf, as it got deprecated and removed:
70ca1a7772
(From OE-Core rev: 6b69e08cf60abbc40236cc3894b9783d720a6e6d)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some of these are clearly dead, e.g. one binutils patch reverts the effects
of the earlier one.
This also removes the uclibc site files. We now have mechanisms to allow these
to be extended from another layer should someone ever wish to do that.
(From OE-Core rev: e01e7c543a559c8926d72159b5cd55db0c661434)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
uclibc support was removed a while ago and musl works much better. Start to
remove the various overrides and patches related to uclibc which are no longer
needed.
uclibc support in a layer would still be possible. I have strong reasons to
believe nobody is still using uclibc since patches are missing and I doubt
the metadata even parses anymore.
(From OE-Core rev: 653704e9cf325cb494eb23facca19e9f05132ffd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The recent ovmf update broke secureboot because upstream changed the
way how openssl gets compiled into ovmf. It's now integrated directly
into the ovmf build process, without having to patch it first.
In addition, more recent OpenSSL releases are supported. 1.1.0e was
explicitly mentioned in the ovmf commits and because the current
1.1.0f only has minor build enhancements, 1.1.0e is used here.
(From OE-Core rev: 1d9a88f635549e68562de681e297b9270ad02d4e)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enable systemd-resolved and systemd-networkd by default.
Make it co-exist with connman and Fix associated problems
in read-only rootfs.
Fixes [YOCTO #11331]
(From OE-Core rev: d9b6d538e3d81ab0d5e7b7b6adecef555d782217)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix build with gcc7
clang can not compile it therefore mark it gcc only recipe
(From OE-Core rev: 835b705ee92900f0d73cee612ce790fde4b1e2a4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Most of the shell scripts refer to /bin/sh inside the script. When 'usrmege'
feature is enabled, this path would be /usr/bin/sh. Hence, to satisfy build
dependency add '/bin/sh' to it's providers list.
(From OE-Core rev: 1f6c14939c8daa5e09103789c3ff5031cc888d16)
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since we go through the trouble of copying the Python tests, we may as
well actually run them...
This also avoids the following QA issue:
ERROR: libxml2-2.9.4-r0 do_package_qa: QA Issue:
/usr/lib/libxml2/ptest/python/tests/push.py contained in package
libxml2-ptest requires /usr/bin/python, but no providers found in
RDEPENDS_libxml2-ptest? [file-rdeps]
(From OE-Core rev: 65bc9fac6dc6ba5252bf105659724c768d65f9d9)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is needed for avahi-autoipd, which attempts to
create a link-scope route as part of its work.
Without iproute scope support in busybox, the route is
not created due to an error message, and hence we
aren't accessible by, and can't access ourselves,
IP addresses outside the link-local scope
(169.254.0.0/16) unless we also have a proper
non link-local IP address, which somehow defeats the
purpose of zeroconf.
(From OE-Core rev: bd06a1cbe8e97b7f66979b12d4d248092379df4a)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Stephane Ayotte <sayotte@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
