Source: https://github.com/qemu/qemu
MR: 119830
Type: Security Fix
Disposition: Backport from 418ade7849
ChangeID: 41d6646e06319e629da574b9b2e8a3a197a73441
Description:
CVE-2022-35414 qemu: can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash.
(From OE-Core rev: 5f236e744b5b528bdf8d95c9580c273f63c04452)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a dummy shared object therefore reduce dependencies further by
not requiring the C startup files, we wont use this shared library for
anything useful anyway
(From OE-Core rev: 2bc86c029fb82ae572f6a89407ccfe332972568c)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An intermittent failure occurs in libical-native do_compile:
| Traceback (most recent call last):
| File "/.../build/tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/python3.10/shutil.py", line 813, in move
| os.rename(src, real_dst)
| OSError: [Errno 18] Invalid cross-device link: '/tmp/g-ir-scanner-cache-adxo_2bq' -> '/home/bamboo/.cache/g-ir-scanner/bab9a83d2cd93e62ed005a2c1d4f89ae75c67251'
|
| During handling of the above exception, another exception occurred:
|
| Traceback (most recent call last):
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/pkgconfig/../../../usr/bin/g-ir-scanner", line 99, in <module>
| sys.exit(scanner_main(sys.argv))
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/scannermain.py", line 590, in scanner_main
| transformer = create_transformer(namespace, options)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/scannermain.py", line 409, in create_transformer
| transformer.register_include(include_obj)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/transformer.py", line 140, in register_include
| self._parse_include(filename)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/transformer.py", line 230, in _parse_include
| self._parse_include(dep_filename)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/transformer.py", line 225, in _parse_include
| self._cachestore.store(filename, parser)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/gobject-introspection/giscanner/cachestore.py", line 153, in store
| shutil.move(tmp_filename, store_filename)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/python3.10/shutil.py", line 833, in move
| copy_function(src, real_dst)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/python3.10/shutil.py", line 435, in copy2
| copystat(src, dst, follow_symlinks=follow_symlinks)
| File "/.../tmp/work/x86_64-linux/libical-native/3.0.14-r0/recipe-sysroot-native/usr/lib/python3.10/shutil.py", line 374, in copystat
| lookup("utime")(dst, ns=(st.st_atime_ns, st.st_mtime_ns),
| FileNotFoundError: [Errno 2] No such file or directory
A similar issue is described in a fix for gobject-introspection-native.
d3c48ff7d1
The problem was fixed there by setting the environment variable
GI_SCANNER_DISABLE_CACHE to disable the use of $HOME/.cache.
Extend the fix to users of gobject-instropection by promoting the fix
to the bbclass.
(From OE-Core rev: bb1dc2bbfe268e73008dc37d6b1f83a861b48915)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 35d5f707f6bb2ce5e9ab908e66e1ea9eeac754b1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is to ensure host-user-contaminated.txt would be removed before
do_rootfs runs, since ${S} is in cleandirs of do_rootfs, otherwise, a
host-user-contaminated.txt file that generated from previous builds
could be used which is wrong.
(From OE-Core rev: 96215d6d45d2cae59c9e36e6a77bbbada410b259)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 54a3fd63e684d070fad962be97e549f3af7ac111)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
SDPX generation involves looking through BB_TASKDEPDATA for
dependencies, then linking to the generated documents for those
dependencies. These document links use a checksum to validate the
document, which means that if a upstream document changes, all
downstream documents must be regenerated to get the new checksum,
otherwise the compendium of documents produced by the build will have
broken links; therefore all dependent task should be included in the
signature (even from "ABI safe" recipes).
(From OE-Core rev: 7549429fc93218dee33b216010b2c36a9f814091)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 5fe543b9ceec971cf0297ff0ae3b0ccc4703cece)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Pulls in several CVE fixes.
Added a patch to avoid timer_create cross compile issue (and submitted upstream).
Also submit the race fix upstream.
We disable timer_create in the native case since some systems have it
and some don't so this makes us consistent.
(From OE-Core rev: 8b42e405fc630537398116a1429a9bc7cb2152ab)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d0c1de084c7ce030d47a428e4bbfbc4ce2996057)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
[func] Don't try to process DNSSEC-related and ZONEMD records
in catz. [GL #3380]
[func] Add some more dnssec-policy checks to detect weird
policies. [GL #1611]
[test] Add new set of unit test macros and move the unit
tests under single namespace in /tests/. [GL !6243]
[func] Key timing options for 'dnssec-settime' and related
utilities now accept "UNSET" times as printed by
'dnssec-settime -p'. [GL #3361]
[bug] When the fetches-per-server quota was adjusted
because of an authoritative server timing out more
or less frequently, it was incorrectly set to 1
rather than the intended value. This has been
fixed. [GL #3327]
[bug] Only write key files if the dnssec-policy keymgr has
changed the metadata. [GL #3302]
[func] Key timing options for 'dnssec-keygen' and
'dnssec-settime' now accept times as printed by
'dnssec-settime -p'. [GL !2947]
(From OE-Core rev: 5bfb44bff5d296b8fd447acb7bdb29b544bd1c20)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d5a12d549209f01324d03963db96449ee43452eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
[security]
Fix a crash in DNS-over-HTTPS (DoH) code caused by
premature TLS stream socket object deletion.
(CVE-2022-1183) [GL #3216]
[bug]
RPZ NSIP and NSDNAME rule processing didn't handle stub
and static-stub zones at or above the query name. This
has now been addressed. [GL #3232]
Fixed a deadlock that could occur if an rndc
connection arrived during the shutdown of network
interfaces. [GL #3272]
Refactor the fctx_done() function to set fctx to
NULL after detaching, so that reference counting
errors will be easier to avoid. [GL #2969]
udp_recv() in dispatch could trigger an INSIST when the
callback's result indicated success but the response
was canceled in the meantime. [GL #3300]
Work around a jemalloc quirk which could trigger an
out-of-memory condition in named over time. [GL #3287]
If there was a pending negative cache DS entry,
validations depending upon it could fail. [GL #3279]
dig returned a 0 exit status on UDP connection failure.
[GL #3235]
Fix an assertion failure when using dig with +nssearch
and +tcp options by starting the next query in the
send_done() callback (like in the UDP mode) instead
of doing that recursively in start_tcp(). Also
ensure that queries interrupted while connecting
are detached properly. [GL #3144]
Don't remove CDS/CDNSKEY DELETE records on zone sign
when using 'auto-dnssec maintain;'. [GL #2931]
[contrib]
Avoid name space collision in dlz modules by prefixing
functions with 'dlz_'. [GL !5778]
dlz: Add FALLTHROUGH and UNREACHABLE macros. [GL #3306]
[func]
Add new named command-line option -C to print built-in
defaults. [GL #1326]
Introduce the concept of broken catalog zones described
in the DNS catalog zones draft version 5 document.
[GL #3224]
Add DNS Extended Errors when stale answers are returned
from cache. [GL #2267]
Implement support for catalog zones change of ownership
(coo) mechanism described in the DNS catalog zones draft
version 5 document. [GL #3223]
Implement support for catalog zones options new syntax
based on catalog zones custom properties with "ext"
suffix described in the DNS catalog zones draft version
5 document. [GL #3222]
Implement reference counting for TLS contexts and
allow reloading of TLS certificates on reconfiguration
without destroying the underlying TCP listener sockets
for TLS-based DNS transports. [GL #3122]
Add support for remote TLS certificates
verification, both to BIND and dig, making it possible
to implement Strict and Mutual TLS authentication,
as described in RFC 9103, Section 9.3. [GL #3163]
[cleanup]
Remove use of exclusive mode in ns_interfacemgr in
favor of rwlocked access to localhost and localnets
members of dns_aclenv_t structure. [GL #3229]
Remove the task exclusive mode use in ns_clientmgr.
[GL #3230]
(From OE-Core rev: 1bbedc1c6f9b1d431a7d72b9e8e2871d0fe988f5)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2ae8b85c71be2e9e332b1ef0a2d3083b30c63e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Normally m4-native ends up in the sysroot via the toolchain, but if a
non-standard toolchain is used them m4-native may not be installed.
However Pulseaudio explicitly checks for m4 in the meson.build, so add
it to DEPENDS.
(From OE-Core rev: f1c2e21a28f8ad5dc6ff7b0db877aa22e01a9e00)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ddf846635783923d43520c9dd6f63ca59ed6e3b8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
To support crate:// fetcher on externalsrc, we need to remove "-z
${EXTERNALSRC} check of bitbake vendoring. It is possible to disable
vendoring by CARGO_DISABLE_BITBAKE_VENDORING = "1" if externalsrc-ed
project does not want to enablt it.
(From OE-Core rev: 9b2f7eb0e2108392a849dff663767f1f32552241)
Signed-off-by: Chanho Park <chanho61.park@samsung.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Pastrick <ripastri@linux.microsoft.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We can't support vgem on RHEL derived distros so disable this test for
all almalinux hosts rather than specific versions.
(From OE-Core rev: b418b969b4d44e347d95c6ed8c86703b977d90a3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e921f3c1b917072e4c5a110c7dfeeadd2e571bde)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes reproducibility issues with multilibs were a different recipe
specific sysroot is used which was leaking into debug symbols in libraries.
(From OE-Core rev: 3bb7abe545be6c92b2bd4f184536b0b0e871aac6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f442edf51e256bd315bd8e4ac4d9fa12b8e9e092)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If gold is enabled as the default linker, it errors trying to link
to our dummy library empty file and this turns off things which should
be present in libstdc++.
For example, _GLIBCXX_HAVE_S_ISREG isn't defined and HAVE_S_ISREG in
libstdc++-v3/config.h isn't set properly.
Instead of just creating an empty file, create an empty elf binary
instead which addresses the issue.
(From OE-Core rev: f842dbc478cb007b5f3e2f016959e2b597a4d0be)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2070bcd10aa3a05c96c8501c6a8c1e129fb1d440)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a test that verifies that devtool modify + devtool finish do the
right thing on a recipe that fetches from git and sets S to point to
a subdirectory of the source tree. We have a few examples among the core
recipes, dos2unix is a convenient one so let's use that. (The test first
verifies that that is still true in case the recipe is changed in
future.)
(From OE-Core rev: a994dbe517246cbc0bf359cd990efd6437e07a56)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a84d9ed14173b0bf467ea78dff4f0f7bae0bc082)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If devtool finish needs to create a patch and have it applied to the
sources for a recipe where S points to a subdirectory of the sources,
then the patch needs to be applied at the root of the repo i.e. we need
to add a patchdir= parameter to the SRC_URI entry.
(From OE-Core rev: 7cf53810b1dc3d14c4838a610b3d53170f552c19)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad3736d9ca14cac14a7da22c1cfdeda219665e6f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If PATCHTOOL = "git", SRC_URI fetches from a git repo and S points to
a subdirectory of the checked out sources, then we were erroneously
initialising the subdirectory as its own git repo. Check if the returned
top-level repo directory is a subdirectory of WORKDIR and do not
run initialise the source directory if that is the case.
(This was a regression introduced with OE-Core revision
6184b56a7a0fc6f5d19fdfb81e7453667f7da940, however we didn't have a test
that verified the behaviour.)
(From OE-Core rev: 577a69137eac6a44869d384b9027fbfdfea5740e)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9cca53a2bcbf6809615ce5626c86c6ee481a7a76)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This makes the bin_package.bbclass work properly with the native class.
(From OE-Core rev: 58029ca7beb6cda1c7a97f2f2cfae64888587cd6)
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad330b6d4b6e2ba051b5c6c437e07a183831f757)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If (perhaps foolishly) at your configuration level you have e.g.
SRC_URI_append_pn-recipename = " file://patchname.patch"
and then run devtool modify on a different recipe, an error occurs:
INFO: SRC_URI contains some conditional appends/prepends - will create branches to represent these
...
ERROR: [Errno 2] No such file or directory: '/path/to/downloads/patchname.patch'
pn- overrides would not constitute an alternative configuration that we
should handle in this context, so just ignore them to avoid the issue.
(From OE-Core rev: 9beb3472624050593fc30d5a00d3d13fec4441df)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3f2a812ade42ece0bb59b2d303125a91b29936dd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Building external kernel modules like lttng-modules was showing build paths
inside the debug symbols for the modules and breaking build reproducibility.
Fix this by adding in the mapping needed to map the kernel build directory
to something more approriate on target.
(From OE-Core rev: 7acc1b9b572789015619e4baea2642197b8b1950)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b56dc9009ba93174de6bf4c01e17808ef249dc5c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* add GPL license because of alsa-state-init file
* gpl link points to gpl3, but at time of adding this file was actually
pointing to gpl2, so should correspond to SPDX GPL-2.0-or-later
* remove date as the file was already changed several times since then
(From OE-Core rev: 7c3d9c5d72f1e832697b51a89e284e0b1e041f38)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ca73ff0d9930d545ce8cb8a62e259c0b43310f99)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We already exclude Makefile, makefile, and makefile.old from copy of the
perl source tree that is used by perl-ptest, but Makefile.old is not
being excluded. In a rebuild of perl with an existing source tree these
files now exist but have build paths in. As they're backup files, they
can just be excluded from the packages.
Use range globs to clean up the expressions, and exclude Makefile.old.
(From OE-Core rev: d6ec3784c530714182a1cf1ac693ca35ef0b4f57)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 30a99affca7930f7fe0ddeb016b6183240b5f13c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When api-documentation is enabled, we see a hardcoded build path to xsltproc in
the target python configuration file. We curate PATH carefully so we don't
need the path there, tweak configure to remove it and solve the issue.
(From OE-Core rev: d3149c9ea98f4d4252ff0822d062c32d94ca75c5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f7924a85de548f9403d561b15c1f2c33d9912393)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The .pc we install ourselves for lua has hardcoded /lib assumptions in it
which means in a multilib environment, full build paths end up in users
like rpm's configuration.
Fix the .pc file to use a correct includedir and libdir to resolve
those reproducibility issues.
(From OE-Core rev: dfe0a723bc76f6f98b8edcaf84563a39a64e2c3c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 93bee5c74b8d181adf93de4b4101e25d24780603)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If enabled, the buildpaths test hangs in psplash as it tries to open
a fifo and read from it, hanging indefinitely.
Tweak the test to ignore fifo/socket/device files.
(From OE-Core rev: 1837c175d997ced1455537bb82fb86286711025c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2567edb7e0a8c5ca9a88d6940491bf33bfe0eff9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previous commit c725bdb29b broke kernel source handling, this was due
to the code expecting the sources to be in a different directory, this did
not happen when using externalsrc since sources were found in the expected
directories.
Pass work-shared to the check to allow sources to be found in the proper
directory, allowing these to be packaged in the next step.
To test this we grabbed a commit where we knew the buildpaths
QA test should flag a file inside the kernel sources, with the previous
commit the QA warning wasnt flagged since no sources where there, with
this fix the buildpaths QA warning gets flagged properly.
(From OE-Core rev: 8efd5e31670235f7c59af2a5ee14646f029f4d18)
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2714a8ef8c7b3c66d50f27f4f52fe2fe4db39b00)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since commit d756b346f2 kernel modules are stripped by the functions 'runstrip' and 'splitdebuginfo'. Signed modules must not be stripped. Function 'runstrip' avoids this by running is_kernel_module_signed. Apply the same check to splitdebuginfo.
(From OE-Core rev: 6859226652339b19cbc7bdfec074fe2016cdee60)
(From OE-Core rev: cefc6ec245ac1ca7a1a47d55aaec793e730a24a5)
Signed-off-by: Christoph Lauer <christoph.lauer@xtronic.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dc0f0413eabfd50f78d887f73f808d40a314fbd8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
While executing do_package, bitbake checks for a list of
debug source files and uses a pattern to match the ones
to be included in copydebugsources.
Previously when externalsrc was in use either directly or by
using devtool, the source location changed and this pattern
no longer matched, hence debug source files failed to be
included in the corresponding package.
Check when the source directory isnt the default (based on
WORKDIR), and change the pattern used to match debug source
files if that is the case, allowing us to perform do_package
properly.
Workaround debugsource.list containing paths from the host by
moving debug source files away from the host directory
structure to avoid host contamination (this seems to happen
when packages use $TMPDIR/work-shared and externalsrc is
in use).
Test matrix included using:
- devtool to use externalsrc automatically
- externalsrc with a non-devtool based source directory
- No externalsrc at all
Tested the following packages to be working:
- glibc ($TMPDIR/work-shared based)
- libxcrypt ($TMPDIR/work based)
[YOCTO 8015]
(From OE-Core rev: 2772b77c0e3d0f6226a2d7c40a59900a6d7c942f)
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a887bd96fd0a15398e8077ea79df5070971866e4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This adds a backport patch that fixes a problem in subinterpreters related
to the garbagecollector. Without the patch, there are random segfaults in
several Kodi addons that use python3-sqlite3. Presumably there are real world
issues in other programs as well.
(From OE-Core rev: 39d57ef7e341a048b94bc5dd9c29d58f57e06f19)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since commit f077befd5f36ad88623aaf6a38b1a837ecb18650:
[ udev-extraconf: let automount base directory configurable ]
the mount base directory was configurable, we need drop 'run-media'
usage as well, change to figure it out from MOUNT_BASE.
Also 'get_label_name' function needs to be called ealier in
automount_systemd before checking '/tmp/.automount-$name', otherwise
they would never match.
(From OE-Core rev: c013b33162546fb5bd4bcc1daac75aa65d0be1a3)
(From OE-Core rev: cb37eebf477e9907363b195c3d460b14717c5fea)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7ed210054b3e253d5a67075bb9d4768d1661bef1)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The '.include' syntax has been dropped from latest systemd releases,
we need drop the systemd-udevd.service here, introduce a postinst
function to add "MountFlags=shared" to systemd-udevd.service.
Also lsblk binary is being called in mount.sh automount_systemd
function, add it to RDEPENDS.
(From OE-Core rev: a3c93ec301a34413f91e3edb70c16454ebcdcdf2)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 356520d60b9429c6f62124821e42468ff2b7b1d6)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Failure message is shown in boot logs when trying to
mount lvm as automounter does not handle cases where
lvm is mounted. This simply skips lvm while automounting
to avoid failure message in boot logs.
(From OE-Core rev: 9d90c89bd964bfabb31e64424e7000ac88a2697b)
Signed-off-by: Ansar Rasool <ansar_rasool@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit b1d18072ed9a8b0bca0f20f8e5deefa73ab6acbe)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Automounting does not work cleanly in case systemd as well as
udev rules are being used simultaneously and in most cases
race conditions and unknown behavior can come up.
In case we're running on top of systemd we need to make sure
that systemd-udevd knows that udev is in play as well and
mounting should be done using shared flags. Also as we're
using mount from sources other than systemd-mount in current
scripts this is the most manageable fix to automounting
problems.
(From OE-Core rev: 00ea4314feb51d82f9027bf53ff627541180daca)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 1e770416b4c9a0468404fb64d55114d93e84763b)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
fdisk from util-linux (2.31.1) and above allows the user to
manipulate an already mounted device. In order to achieve this
functionality it issues a BLKRRPART (block device re-read part)
ioctl and in response the kernel generates remove/change/add
events if the device is not mounted (manually unmounted etc)
which are caught and processed by udev. This causes our auto-mounter
to remount everything because it does not keep track and things
go out of control.
Differentiating between types of remove events such as the one
described above (generated by BLKRRPART) and one where the device
is physically plugged out is only possible using the DEVPATH variable
which is cleaned up only when the device is actually plugged-out.
This fixes the above anomaly by only mounting a device in add event
which is cleaned up properly (tmp cache deleted) in the remove event
or is not present in the tmp cache while making use of the DEVPATH
variable during the remove action.
(From OE-Core rev: 35b18c5721cae13eb206631ee1dc0c14d3d52046)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 11a5e6c17535438ea1e7a8403ed260c8b3a22bc8)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Doing this will allow to fetch the exact name created by the
auto-mounter during the remove action where depending on the
scenario utilities such as the blkid might not be usable due
to actual device not being present on the system.
(From OE-Core rev: 55c2de8963cbaffdde4e527b044c3c3e3658924e)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 496b76f8775a620c1d449eb6f62a41656abf2a9b)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This alters the mountpoints such that if a device has a LABEL or
a PARTLABEL, it will be mounted at e.g.:
/run/media/$LABEL-<device-node>
/run/media/$PARTLABEL-<device-node>
/run/media/rootfs-sda2
otherwise the device will be mounted at e.g.:
/run/media/<device-node>
/run/media/sda1
The <device-node> appended with LABEL or PARTLABEL makes sure that
the mountpoint is unique, therefore, avoids overlapping mounts.
(From OE-Core rev: 229e7a911a8b1e0223cfee0bdc2f5fc79cf300fe)
Signed-off-by: Arsalan H. Awan <Arsalan_Awan@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit a9a0a0967832445f1bcc65d58f95343d1b562e1b)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dont hard-code automount base directory to '/run/media', introduce a
variable MOUNT_BASE to let it configurable, like in udisks2 the mount
base is also configurable by setting option: --enable-fhs-media.
(From OE-Core rev: c021f5592c3d920eda1bfc10c099ad1484e9c0ce)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f077befd5f36ad88623aaf6a38b1a837ecb18650)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixup commit for prevous CVE-2022-33068 fix.
Fixes:
| In file included from ../harfbuzz-4.0.1/src/hb-ot-face.cc:39:
4429| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: error: use of bitwise '|' with boolean operands [-Werror,-Wbitwise-instead-of-logical]
4430| if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536)
4431| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4432| ||
4433| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: note: cast one or both operands to int to silence this warning
4434| 1 error generated.
(From OE-Core rev: 7505ac6da37ba00d4dad74a0312ca20fc17e64df)
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
