Instead of creating empty /etc/machine-id file using touch, write
text "uninitialized" into it. Systemd requires "uninitialized" in
the /etc/machine-id file to trigger systemd-firstboot .
(From OE-Core rev: 263c852269027b1bd311e116021ac49d9001e1b0)
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove some obsolete CVE ignores now that releases have been made, CPEs
updated, or upgrades done:
CVE-2020-10029 is marked as fixed in 2.32.
CVE-2021-27645 is marked as fixed in 2.34.
CVE-2022-39046 is marked as fixed in 2.37.
(From OE-Core rev: a383d0e726011007419dd102cd6484733d80d9f6)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This CVE has been fixed in the 2.37 release branch (07b9521fc6) and
we're now using a SHA that incorporates that commit, so manually mark it
as ignored.
(From OE-Core rev: b143e355ef362dac89f8b125904d2e47c74e597e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Provide a mechanism to allow users to choose whether the /tmp directory
is on persistent storage (non-volatile) or a RAM-based tmpfs (volatile).
The default is volatile.
Works for both sysvinit-based and systemd-based systems.
(From OE-Core rev: 8b76c0637eaeaf5bd5e696680cd74b7a642f4157)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
>From NEWS for v250:
* Device nodes for the Software Guard eXtension enclaves (sgx_vepc) are
now also owned by the system group "sgx".
>From NEWS for v248:
* Intel SGX enclave device nodes (which expose a security feature of
newer Intel CPUs) will now be owned by a new system group "sgx".
Fixes following journal error entry during startup:
/lib/udev/rules.d/50-udev-default.rules:43 Unknown group 'sgx', ignoring
This is seen already on kirkstone.
(From OE-Core rev: bab455cd9b1b82e778f8523a767eb281edf6689e)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This brings in following changes
* 7d756e1c (upstream/master, origin/master) dns: prefer monotonic clock for timeouts
* 07616721 fix return value of wcs{,n}cmp for extreme wchar_t values
* 35fdfe62 math: fix undefined shift in logf
* 7e13e5ae inet_pton: fix uninitialized memory use for IPv4-mapped IPv6 addresses
* 7e6da7ac hsearch: fix null pointer arithmetic UB
* f79b973d increase sendmsg internal buffer to support SCM_MAX_FD
* 0ab97350 mq_notify: block all (application) signals in the worker thread
* 711673ee mq_notify: join worker thread before returning in error path
* 8c0c9c69 mq_notify: rework to fix use-after-close/double-close bugs
* fde6891e mq_notify: use semaphore instead of barrier to sync args consumption
* c3cd04fa fix pthread_detach inadvertently acting as cancellation point in race case
* 115149c0 powerpc-sf longjmp clobbering of val argument
* 5763f003 riscv64: add vfork
* 269d1938 fix wrong sigaction syscall ABI on mips*, or1k, microblaze, riscv64
* ea3b40a3 fix integer overflow in WIFSTOPPED macro
* f897461d fix debugger tracking of shared libraries on mips with PIE main program
* a4b0a665 expose memmem under baseline POSIX feature profile
* 9532ae13 use libc-internal malloc for pthread_atfork
* 7d358599 prevent invalid reads of nl_arg in printf_core
* c5f4b2df elf.h: add ELFCOMPRESS_ZSTD
* 159d1f6c semaphores: fix missed wakes from ABA bug in waiter count logic
(From OE-Core rev: 7379412a2ce7fe24943c858755f058dc2a15a081)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd-oomd.service has:
User=systemd-oom
So we need to create a static user for it, if its packageconfig
is enabled.
(From OE-Core rev: 1586edc919326cdbb412feafb9cde2cb15e419cb)
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The xattr DISTRO_FEATURE is required otherwise a bitbake build will fail due
to a failure with the 'cp' utility:
Subprocess output:
cp: cannot preserve extended attributes, cp is built without xattr support
ERROR: Logfile of failure stored in: /home/builder/poky/build/tmp/work/qemux86_64-poky-linux/packagegroup-base/1.0-r83/temp/log.do_populate_lic.1001
ERROR: Task (/home/builder/poky/meta/recipes-core/packagegroups/packagegroup-base.bb:do_populate_lic) failed with exit code '1'
(From OE-Core rev: 7e1b2598fedfdc7c9a79c5c94273218f2eedcba9)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Allow the user to specify a QB_MEM value of their choosing, otherwise set it
to a default value.
(From OE-Core rev: 2f8c20ab6750bd900b28e6468493cbd010144050)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a /lib64 -> /lib symlink in case the build appliance is 64-bit.
Building rust-native requires cargo to be run. The native cargo is linked to
look for /lib64/ld-linux-x86-64.so.2 and can't be run without it. The build
produces the following error, even though that file does exist:
FileNotFoundError: [Errno 2] No such file or directory: '/home/builder/poky/build/tmp/work/x86_64-linux/rust-native/1.66.1-r0/rust-snapshot/bin/cargo'
Trying to run this binary on its own gives:
qemux86-64:~/poky/build$ tmp/work/x86_64-linux/rust-native/1.66.1-r0/rust-snapshot/bin/cargo
-sh: tmp/work/x86_64-linux/rust-native/1.66.1-r0/rust-snapshot/bin/cargo: cannot execute: required file not found
(From OE-Core rev: a62b32907cb059b4512032f15571705540f1c147)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Choose a nicer terminal for the build appliance so that build warnings and
errors show up in colour instead of:
$<50>Setscene tasks: 2844 of 2844
$<50>WARNING: mesa-2_22.3.3-r0 do_fetch: Failed to fetch URL https://mesa.freedesktop.org/archive/mesa-22.3.3.tar.xz, attempting MIRRORS if available
$<50>WARNING: glslang-native-1_1.3.236.0-r0 do_fetch: Failed to fetch URL git://github.com/KhronosGroup/glslang.git;protocol=https;branch=master, attempting MIRRORS if available
(From OE-Core rev: ab0e748c5652a86d6c535c1f0979aa7d3d367d6e)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add missing tools necessary on the host for a build.
(From OE-Core rev: 15ba0ced2e8d4c2f9d6889b9b84c5525bc451e3f)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Several of the lists of packages are alphabetized, but the alphabetization
was lost in a couple areas.
(From OE-Core rev: 4965a14dd51242d4d5ecc4b5f288d0c42bafae18)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libcgroup uses fts_* functions, but these are not implemented in musl so
we depend on the fts recipe and force a link to libfts.
However since 3.0.0 libcgroup will automatically look for fts_open in
both libc and libfts[1], so this can be simplified to just a conditional
DEPENDS.
[1] 27ba904355
(From OE-Core rev: 59be1d5a7e78c6fe6bf01e523439f91871be9718)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The original patch was actually allowing .debug modules
though which was in-correct. This change blocks the
parsing of .debug modules (which is correct). As noted in
[YOCTO #15022] this should address the empty modules.dep
when using the BusyBox depmod.
(From OE-Core rev: 339c3c3abe8d405cfe7b3f34db9b3547bcaaf878)
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
No longer package go-runtime-staticdev into sdk packagegroup,
as go-runtime 1.20 doesn't build the static bits anymore
(possibly can be enabled via build config, if proven necessary).
(From OE-Core rev: e8ab9d303a6fca3806097f1fd360efe8f8ae0c1d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is a redundant change in
0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch that
causes wordsize.h to be different in arm and aarch64. This causes the
build error when enable multilib:
Error: Transaction test error:
file /usr/include/bits/wordsize.h conflicts between attempted installs of lib32-libc6-dev-2.37-r0.armv7vet2hf_vfp and libc6-dev-2.37-r0.cortexa57
(From OE-Core rev: 303bb3b735da434eb135ee857c2c49c55da61918)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
pstore is used to collect crash logs in the journal after a crash. As it
needs a correctly configured kernel, it's not always enabled. Add a
PACKAGECONFIG to enable it when needed.
(From OE-Core rev: 350d8677c4f7b6ff7604bff6b2f4ab7f1b9ec422)
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Do not apply patch conditionally, there is no need for that,
and conditional patches are problematic with upgrades and devtool.
(From OE-Core rev: 689e5c83cabe07dd60fdb3856c102c99fc3cbd7d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- update to next (un)stable version 1.36.0
- refresh defconfig
- disable new applets (tree, tsort, seedrng)
- use hw-accel for sha1/256 sums when available
- remove and refresh already merged patches
(From OE-Core rev: 2e9989a8f8b5b93476e551475df010add32aac31)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Rebased fix-rs6000-crt0.patch
- Patch fix_makefile_include_arm_h.patch is no longer required, the newlib
header dependency has been fixed upstream at 26f9cfd7
- LICENSE checksum change due to:
- Adding SPDX identifier
- Deleted Phoenix Systems from License and updated each licenses
numbers accordingly.
- Add a dummy limits.h header, to make the improved preprocessor
checks happy during configure.
- Add a patch for libgloss to maintain current behavior of TCLIBC=newlib
by making libgloss DEPEND on newlib and use its installed headers.
- Switch to git fetcher to simplify fetching the sources and avoid future
issues due to the way newlib release snapshots were being published.
(From OE-Core rev: 1c9cbb27dfe37ca4574c4285fb03ce394dee5ed1)
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandro@enedino.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The bug this was intended to find has been resolved, so we don't need
this extra noise in the logs.
This reverts commit bd1edfa3d5.
(From OE-Core rev: 54ae53ef3e4ad51fc9a01155588b62f29c994742)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The buildtools-tarball includes a native sysroot with .pc files, and
in the case of buildtools-extended-tarball a pkg-config binary too.
If we're using the host pkg-config then it doesn't know to search in the
native sysroot. If we're using our pkg-config then it searches in the
build-time prefix and not the actual SDK installation location.
Neither of these are correct, so set PKG_CONFIG_LIBDIR to search:
- The native sysroot
- The host pkg-config's default search path, if present
- Falling back to /usr/lib/pkgconfig, if not
In an ideal world this would be handled by the generic toolchain script,
but that is slightly more involved.
[ YOCTO #15007 ]
(From OE-Core rev: 8f768a3f4c7ff477e994d60800e5a1b83891615a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If multiple compression libraries are enabled, the format to use for
compression is chosen implicitly, so if you want to compress with e.g.
lz4 you cannot enable zstd, so you cannot read zstd-compressed journal
files. This PACKAGECONFIGs allow to enable all compression formats for
reading, but to choose a specific one for writing.
(From OE-Core rev: bec1e2628e7accf2eff07193ae5ea14eb443ae37)
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We get random SSL failures when fetching the CVE database, and it's
notable that the NVD server is behind a DNS round-robin or geographically
diverse servers.
On a hunch that there is one misconfigured server, dump the IP that we
connected to.
(From OE-Core rev: 91f46d431dc8f40e8c6475c800bb61cb08b82b0a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
init-ifupdown provides an /etc/network/interfaces, which disables
interface management with networkmanager for example. If a network
manager (such as networkmanager) is provided, there may not be a need
for network related init scripts provided by init-ifupdown, so let's
make it a recommendation so it can be easily removed in image recipes
via the NO_RECOMMENDATIONS/BAD_RECOMMENDATIONS mechanism.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From OE-Core rev: 719d1b74bfa85af47e0478ee57fb7855988e44ae)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We ship libpthread with uninative. when uninative is active we're seeing
failures like:
libgcc_s.so.1 must be installed for pthread_cancel to work
Aborted
which is since we don't have a libgcc that matches libpthread. Add libgcc
to avoid these errors.
(From OE-Core rev: a134a7186b2266378bc0b08c134e169a943eedde)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
To avoid working with undeterministic config files, remove all the
temporary files to start from scratch.
(From OE-Core rev: 74cd440c4e3df0ed3b81cf5c60a3f92e0dd3fe6c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When compiling busybox a second time (e.g. with `compile -f`), busybox
can use an altered autoconf.h file for compiling, which can ultimately
produces different and unwanted binaries.
This can produce errors like this one:
ERROR: busybox-1.35.0-r0 do_package: Error executing a python function in exec_func_python() autogenerated:
The stack trace of python calls that resulted in this exception/failure was:
File: 'exec_func_python() autogenerated', lineno: 2, function: <module>
0001:
*** 0002:ptest_update_alternatives(d)
0003:
File: '…/poky/meta/classes/ptest.bbclass', lineno: 100, function: ptest_update_alternatives
0096: for alt_name, alt_link, alt_target, _ in alternatives:
0097: # Some alternatives are for man pages,
0098: # check if the alternative is in PATH
0099: if os.path.dirname(alt_link) in bin_paths:
*** 0100: os.symlink(alt_target, os.path.join(ptest_bindir, alt_name))
0101:}
0102:
0103:do_configure_ptest_base[dirs] = "${B}"
0104:do_compile_ptest_base[dirs] = "${B}"
Exception: FileExistsError: [Errno 17] File exists: '/bin/busybox.suid' -> '…/busybox/1.35.0-r0/package/usr/lib/busybox/ptest/bin/login'
This happens because ALTERNATIVE:busybox contains `/bin/login` twice,
initially that's because `/bin/login` is present in both
busybox.links.suid and busybox.links.nosuid. The reason for that is
because of the altered autoconf.h.
Steps to reproduce above error:
<add ptest to distro configs>
bitbake busybox -c clean
bitbake busybox -c package -f
bitbake busybox -c compile -f
bitbake busybox -c package -f
This patch guards against potential bugs by:
- making a backup of .config and autoconf.h that have matching
timestamps.
- make sure do_compile always starts with these files.
- restore .config and autoconf.h at the end of do_compile.
(From OE-Core rev: 6b4a0f063edcfe0a5a4f418842e86ac0c46d9cad)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The database update has been done on the original file. In case of
network connection issues, temporary outage of the NVD server or
a similar situation, the function could exit with incomplete data
in the database. This patch solves the issue by performing the update
on a copy of the database. It replaces the main one only if the whole
update was successful.
See https://bugzilla.yoctoproject.org/show_bug.cgi?id=14929
Reported-by: Alberto Pianon <alberto@pianon.eu>
(From OE-Core rev: 8efe99214d8b005f0ecac690ce5ba17b31758f92)
Signed-off-by: Marta Rybczynska <marta.rybczynska@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Brings following changes
* f47a8cdd ldso: fix invalid early references to extern-linkage libc.page_size
* 377218cb pthread_atfork: fix return value on malloc failure
* 29e43191 fix double-processing of DT_RELR relocations in ldso relocating itself
* b50eb8c3 fix strverscmp comparison of digit sequence with non-digits
* ad5dcd39 fix async thread cancellation stack alignment
* 8f925945 fix return value of gethostby{name[2],addr} with no result but no error
* 63402be2 clean up dns_parse_callback
* 0a7b4323 dns response handling: don't treat too many addresses as an error
* 41603c77 dns response handling: ignore presence of wrong-type RRs
* cf76df0e fix missing synchronization of pthread TSD keys with MT-fork
* 5ff3eea9 fgets: avoid arithmetic overflow when n==INT_MIN is passed
* d8f35e29 fix AS-safety of close when aio is in use and fd map is expanded
* 26c76a90 fix use of uninitialized dummy_fut in aio_suspend
* aebd6a36 fix potential deadlock between multithreaded fork and aio
* d64148a8 fix potential unsynchronized access to killlock state at thread exit
* 36b72cd6 fix potential deadlock in dlerror buffer handling at thread exit
* 833a4691 configure: disable TBAA optimization because most compilers are buggy
* e6e82132 disable MADV_FREE usage in mallocng
* 25e6fee2 remove LFS64 programming interfaces (macro-only) from _GNU_SOURCE
* 246f1c81 remove LFS64 symbol aliases; replace with dynamic linker remapping
* dec8f0a4 dns query core: detect udp truncation at recv time
* 8c408937 getaddrinfo dns lookup: use larger answer buffer to handle long CNAMEs
* 759bf785 arpa/nameser.h: update RR types list
* 51d4669f dns: implement tcp fallback in __res_msend query core
* e2e95176 res_send: use a temp buffer if caller's buffer is under 512 bytes
* c87d75f2 adapt res_msend DNS query core for working with multiple sockets
* 85050ac5 getaddrinfo: add EAI_NODATA error code to distinguish NODATA vs NxDomain
(From OE-Core rev: 3b27f6356a3bf0138da0c3dcd87aa8e4a93ae56b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
