configfs is another kernel virtual file system that should be mounted
if configured, so if it's configured into the kernel, mount it. It is
used to configure e.g. USB gadget mode and devicetree overlays.
(From OE-Core rev: 4f52130475d026c32f0380d301f56f6fa3df7ac9)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
TARGET_SYS is defined in terms of TARGET_ARCH, so it's not valid
until after TUNE_ARCH has been set by the machine config. The
original order of includes resulted in an attempt to include
non-existent files such as:
conf/target/INVALID-oe-linux.conf
(From OE-Core rev: b33e644da0d8b6edb97257b16430b545c289883a)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently selftest doesn't use sstates because some tests
clean sstate cache; using sstates would give a performance
boost instead of building everything from scratch.
With this sstates are not corrupted using different methods
depending on tests:
devtool: These tests needed to delete the cache so SSTATE_DIR
as SSTATE_MIRRORS and set a temporal SSTATE_DIR.
sstatetests: This module already used a temporal SSTATE_DIR, so
just set up the SSTATE_MIRRORS.
Rest: Removed cleansstate, some of them required to force a
certain task, others were just removed or changed for another
task.
[YOCTO #10929]
(From OE-Core rev: 62c61087a10cc3b26fbff32c9e2efd1704a39724)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a new %_gpg_sign_cmd_extra_args macro that allows customizing the
gpg options used when signing rpm packages. This is needed to be able to
sign packages with gpg 2.1 which requires "--pinentry-mode loopback" to
allow non-interactive signing.
[YOCTO #11054]
(From OE-Core rev: 373a7146d596d27376a003014df0d06f3df5348d)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Split the file list into chunks in order to avoid
"OSError: [Errno 7] Argument list too long"
This would happend when a package has huge amount of subpackages, e.g.
glibc-locale.
[YOCTO #11069]
(From OE-Core rev: 874f5016fd4dc76bc867b68470297fe59e78a9e6)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The update contains a small number of bug fixes. Removed one
upstreamed patch.
gst-player does not have releases: this is the current git master.
(From OE-Core rev: 72889d45c610c4895c6a2f439439755ef4853fab)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This includes a number of small fixes and some new PCI IDs, no
major changes.
For background, xf86-video-intel does not get releases so
we have to follow git.
(From OE-Core rev: 7dd5a74df4b19c30456f4e7e844856c5e9cbaa7f)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mostly bug fix releases.
Generating the thumbnailer metadata now requires running yet another
tool at build time. This is broken for cross-compiling, add a
work-around.
Add gdk-pixbuf-native to DEPENDS to make the above workaround possible:
We already build gdk-pixbuf-native anyway so this is not a huge deal.
(From OE-Core rev: 645e14bb39d10a50648daaf7a015f2d75bf357db)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Very small bug fix release.
Use --disable-umockdev: Testing is great but a single regression test
isn't really worth a new build dependency (that isn't in oe-core yet).
(From OE-Core rev: 942946a18ec2e644a297e45787a3947f3229a783)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The license checksum for doc/LICENSE is changed. It's a small change.
'2015' is changed to '2017'. Nothing else is changed. So the licenses
remain the same.
(From OE-Core rev: a14b935461d231429b6dc3bd0fdc34142b48fe86)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* The license cheksum is changed becuase a new line is added:
Copyright (C) 2001-2017 The strace developers.
* Remove use-asm-sgidefs.h.patch, it doesn't check sgidefs.h any more, it was
use for building on mips, I checked it built well.
* Update Makefile-ptest.patch and disable-git-version-gen.patch.
(From OE-Core rev: 204e0e9916f6acfa02d7a49bf5e33678abb0578d)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a patch to don't use --clamp-time when call tar because
isn't supported in tar hosts versions. See
0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch
patch for details.
Rebased patch:
- 0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch
(From OE-Core rev: 4c23b8ce417551f2ee252426158fea272b8a9dfd)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade config.sh to match new version.
Removed CVE patches already in upstream:
- perl-fix-CVE-2016-1238.patch
- perl-fix-CVE-2016-6185.patch
Update customized.dat patch to match new hashes.
(From OE-Core rev: f3f1614b87aa5c55653fe8f3247fb094baf98087)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This reverts commit 3632abd01abb8dfff230e18f828af705da488f97.
Multiple people have expressed issues with flex-2.6.2; personally I had
problems compiling libsepol from meta-selinux (for libselinux). I tried
upgrading to flex-2.6.3, but that caused binutils-cross_2.27 to fail.
The simplest for now is to downgrade to flex-2.6.0.
(From OE-Core rev: b45776bbdafa6f6afe815714ac329494ad57e644)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
3.16.2 -> 3.17.0
* Approximately 25% better performance from the R-Tree extension.
* Other performance improvements. Uses about 6.5% fewer CPU cycles.
(From OE-Core rev: 2ecc3dc9cb11feb6804ec08d1b7b1470f01aadbe)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixed:
$ rpm -qplv tmp/deploy/rpm/qemuppc/kernel-devsrc-1.0-r0.qemuppc.rpm | grep kernel/source
/usr/src/kernel/source -> /buildarea/lyang1/test_yocto/tmp/work/qemuppc-poky-linux/kernel-devsrc/1.0-r0/image/usr/src/kernel
It is generated by kernel's "make clean _mrproper_scripts", the
kernel-devsrc includeds full sources, this symlink is not needed, and
the path is invalid on target, so remove it.
(From OE-Core rev: 65804d1239e626bbe1a4b5772f2464db21163713)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Usually a recipe only provides one package but when provides more
than one package the LICENSE variable per package (i.e. linux-firmware)
needs to take into account to avoid unnecesary copy of licenses into
packages.
The patch validates if LICENSE exists in package LICENSES in order to
don't copy unneeded licenses.
As result of this patch some packages will not contain licenses there
are not into LICENSE variable.
For example:
acl contains GPLv2+ instead of GPLv2+ and LGPLv2.1+
libacl contains LGPLv2+ instead of GPLv2+ and LGPLv2.1+
This behaviour is declared on the acl recipe as:
SUMMARY = "Utilities for managing POSIX Access Control Lists"
HOMEPAGE = "http://savannah.nongnu.org/projects/acl/"
SECTION = "libs"
LICENSE = "LGPLv2.1+ & GPLv2+"
LICENSE_${PN} = "GPLv2+"
LICENSE_lib${BPN} = "LGPLv2.1+"
[YOCTO #10325]
(From OE-Core rev: 8c8c8edea9c9015e21f47f3d10e6f45446a2823b)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The NO_GENERIC_LICENSE mapping was added [1] to enable copy LICENSES
from upstream source code into recipe licenses, previously that only
common-licenses was processed.
This result on copy twice the NO_GENERIC_LICENSE specified because there
is a mapping between license in LIC_CHKSUM and NO_GENERIC_LICENSE.
In order to avoid double copy one as generic_ and other as LICENSE. keep
track of licenses already copied.
For linux-firmware the result will be only generic_ licenses into
common-licenses.
[YOCTO #10325]
[1] http://lists.openembedded.org/pipermail/openembedded-core/2015-April/104222.html
(From OE-Core rev: 95b9e2cd26c7cae265ff52af90480b75251f00e5)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes [YOCTO #10405]
The section on the SVN Fetcher was missing information on the
"path_spec" option. I added this option and also updated the
examples at the bottom of the section to include that parameter.
Also, made the other two examples consistent.
I also removed the "date" parameter.
Also, updated the "protocol" parameter as well as the "modify"
parameter. For "modify" I removed the reference to "rsh". I
applied a small wording change to the "protocol" parameter.
Finally, I added a new "ssh" parameter.
(Bitbake rev: 3ce6169afa646ef2b847e5fbabfe0191c93928b7)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The package-depends.dot and pn-depends.dot files are inaccurate,
missing out key dependencies such those made via the [depends]
flags. As such they can be misleading to the user.
They mainly exist for historical reasons, coming from a time
before we had task based execution.
This commit removes the two dated file formats and replaces
them with a recipe-depends.dot which is a flattened version
of task-depends.dot.
The old format files are removed if present so that the user
can't get confused about why data might not match between files.
The code is also rewritten to use 'with f: f.write()' syntax as
is more commonly used now. Also update the docs to match the change.
(Bitbake rev: f82537d27f2a5bf9d576aa841593db9ec0985ea8)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We want to update to a version with the bb.utils.filter() function.
(From OE-Core rev: 6db26339522a22c3e3c13287ea0c9daf40c7c15e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It isn't clear that the README_-_DO_NOT_DELETE_FILES_IN_THIS_DIRECTORY.txt
file in the deploy directory warrants the complexity it brings elsewhere.
Let's just remove it entirely.
In particular, if two do_image_complete tasks run in parallel they risk
both trying to put their image into ${DEPLOY_DIR_IMAGE} at the same time.
Both will contain a README_-_DO_NOT_DELETE_FILES_IN_THIS_DIRECTORY.txt
file. In theory this should be safe because "cp -alf" will just cause one
to overwrite the other. Unfortunately, coreutils cp also has a race[1]
which means that if one copy creates the file at just the wrong point the
other will fail with:
cp: cannot create hard link ‘..../tmp-glibc/deploy/images/pantera/README_-_DO_NOT_DELETE_FILES_IN_THIS_D.txt’ to
+‘..../tmp-glibc/work/rage_against-oe-linux-gnueabi/my-own-image/1.0-r0/deploy-my-own-image-complete/README_-_DO_NOT_DELETE_FILES_IN_THIS_DIRECTORY.txt’: File exists
[1] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=25680
(From OE-Core rev: 71e9e88847d7000781642ea6187ebd8f40dfdcfe)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The VfrCompile tool has a hard-coded maximum length for path names
which turned out to be too small by around 20 characters in the
Yocto autobuilder setup. Increasing the maximum by a factor of 4
is relatively easy and makes the problem less likely.
(From OE-Core rev: ea296ab42a7a65055657b950d8248d94f0ac56f1)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch was added to meta-luv for kernel testing purposes and
probably is not relevant for OE-core.
(From OE-Core rev: 240e96e6196c32ddabb0c1aff3ee83458c98a9bd)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When booting a qemu virtual machine with ovmf.secboot, it comes up
with no keys installed and thus Secure Boot disabled. To lock down
the machine like a typical PC, one has to enroll the same keys
that PC vendors normally install, i.e. the ones from Microsoft.
This can be done manually (see
https://wiki.ubuntu.com/SecurityTeam/SecureBoot and
https://github.com/tianocore-docs/Docs/raw/master/White_Papers/A_Tour_Beyond_BIOS_into_UEFI_Secure_Boot_White_Paper.pdf) or automatically with the EnrollDefaultKeys.efi helper
from the Fedora ovmf rpm.
To use this with qemu:
$ bitbake ovmf-shell-image
...
$ runqemu serial nographic qemux86 ovmf-shell-image wic ovmf.secboot
...
UEFI Interactive Shell v2.1
EDK II
UEFI v2.60 (EDK II, 0x00010000)
Mapping table
FS0: Alias(s):HD2b:;BLK4:
PciRoot(0x0)/Pci(0x5,0x0)/HD(1,GPT,06AEF759-3982-4AF6-B517-70BA6304FC1C,0x800,0x566C)
BLK0: Alias(s):
PciRoot(0x0)/Pci(0x1,0x0)/Floppy(0x0)
BLK1: Alias(s):
PciRoot(0x0)/Pci(0x1,0x0)/Floppy(0x1)
BLK2: Alias(s):
PciRoot(0x0)/Pci(0x1,0x1)/Ata(0x0)
BLK3: Alias(s):
PciRoot(0x0)/Pci(0x5,0x0)
Press ESC in 1 seconds to skip startup.nsh or any other key to continue.
Shell> fs0:EnrollDefaultKeys.efi
info: SetupMode=1 SecureBoot=0 SecureBootEnable=0 CustomMode=0 VendorKeys=1
info: SetupMode=0 SecureBoot=1 SecureBootEnable=1 CustomMode=0 VendorKeys=0
info: success
Shell> reset
Remember that this will modify
deploy/images/qemux86/ovmf.secboot.qcow2, so make a copy and use the
full path of that copy instead of the "ovmf" argument if needed.
The ovmf-shell-image contains an EFI shell, which is what got started
here directly. After enrolling the keys, Secure Boot is active and the
same image cannot be booted anymore, so the BIOS goes through the
normal boot targets (including network boot, which can take a while to
time out), and ends up in the internal EFI shell. Trying to invoke
bootia32.efi (the shell from the image) or EnrollDefaultKeys.efi then
fails:
Shell> bootia32.efi
Command Error Status: Security Violation
The main purpose at the moment is to test that Secure Boot enforcement
really works. If we had a way to sign generated images, that part could
also be tested by booting in a locked down qemu instance.
0007-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch is
from
https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/0007-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch?id=b1781931894bf2057464e634beed68b1e3218c9e
with one line changed to fix
https://bugzilla.redhat.com/show_bug.cgi?id=132502:
"EFI_STATUS Status = EFI_SUCCESS;" in EnrollListOfX509Certs() lacked
the initializer.
(From OE-Core rev: 1913ace7d0898b5a23a2dbdc574ab1d8648927c5)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
