| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 64099ca9b89dd74df7b3a6a287b95a5a317cf916)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 7e6276993fa3ce9c87e4d7945f140f381a99a902)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: f50e9fe501ccafd18ed2d8a9e505be503a721846)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: e2f7b7feea061ee584c554b64efd583a70debcac)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: cccc13437d6172e6b0134288aa67972b001e8d28)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: fcd7490afba8e70740a2d4c17f759bf3e330e88a)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
No longer in use in Poky (dropped in Nanbield through
multiple commits)
(From yocto-docs rev: e5d39e85a0db27bfc857fae9649f799179888eee)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 30e41530402a4f9c37f77e89bae7469b68aad901)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 4ef0c24b206d71c348ff657a2ab83ab857539fb6)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 74fc6a70d4636b37fe4eab290ea974e0f1531dbf)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
CC: Frederic Martinsons <frederic.martinsons@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't make do_cve_check depend on do_unpack because that would be a
waste of time 99% of the time. The compromise here is that we can't
scan remote patches for issues, but this isn't a problem so downgrade
the warning to a note.
Also move the check for CVEs in the filename before the local file check
so that even with remote patches, we still check for CVE references in
the name.
(From OE-Core rev: 201f0e1d55ca2fa6ab948a82d94e52c6a77ca7d2)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Occasionally the cve-check tool will warn that it is adding the same
package twice. Knowing what this package is might be the first step
towards understanding where this message comes from.
(From OE-Core rev: 699863be46fab91d5729fce1dc5b795761247f98)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The JSON report generated by the cve-check class is basically a huge
list of packages. This list of packages is, however, unsorted.
To make things easier for people comparing the JSON, or more
specifically for git when archiving the JSON over time in a git
repository, we can sort the list by package name.
(From OE-Core rev: f3d9dd947e678078b57b4b607e231b702c26dd4a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This issue relates to a floating point exception in stress-test, which
is an unlikely security exploit at the best of times, but the test is
not installed so isn't relevant.
(From OE-Core rev: a36d62a06be6cce1a438f8f2178eb60aad6b7267)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
This CVE relates to a bug in the minizip tool, but we don't build that.
(From OE-Core rev: 5b06913e5883c35390c87f6660a0578c73ff4ddd)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CVE is a use-after-free which theoretically can be an exploit
vector, but this UAF only occurs when malloc() fails. As it's
unlikely that the user can orchestrate malloc() failures at just the
place to break on _this_ malloc and not others it is disputed that this
is actually a security issue.
The underlying bug has been fixed, and will be incorporated into the
next release.
(From OE-Core rev: 8c70e7cecb1beb30a5be4ea9bbc89c2f2e11853b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: d401ed0666a3bcb10b013f38e1a528dca62a9c0d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
remove obsolete SERIAL_CONSOLES_CHECK.
(From OE-Core rev: 5ec0371e2837428cb1596b5f40f5653de8b64526)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From meta-yocto rev: 715de050774907dd5596d826929b6588593a91ae)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 8109eeb5b7a4e5b2f50047e049ce0295bdc94856)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
CC: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Mention CVE_STATUS_GROUPS in the development manual
(otherwise only present in the reference manual, but with
no reference to it)
- In the reference manual description of CVE_STATUS,
link back to the development manual, to provide context.
(From yocto-docs rev: cfef5fe41b6c819e783c88829448ae38141650a5)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 3a4d172f0d5668f3c6527bd80d1dad7831e72e89)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 0e1861dcb8819b86aba6a3e024efb8bfe4c300ad)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Plus a minor whitespace fix change
(From yocto-docs rev: 6f7e1b935168464b4682a8687aa6d031a1a9fb73)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reported-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: a2d79ed745df6fe243e6c5e1001d406001c0d3a7)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
CC: Paul Eggleton <bluelightning@bluelightning.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Introduced by
https://git.yoctoproject.org/poky/commit/?id=88abdec715ed0c1f613c9b5132cd45db741d5c65
(From yocto-docs rev: 2e64352653cd7e89a2b08d84d6f7a1e039d4346a)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Introduced by
https://git.yoctoproject.org/poky/commit/?id=66ed174ccdf7a89cb998f503cc6b631e2d1adcc0
(From yocto-docs rev: 4bdd4976667b802895b13541b77191a65335a175)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
CC: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Now that https://bugzilla.yoctoproject.org/show_bug.cgi?id=14481
is closed.
(From yocto-docs rev: de23d389f3fe7c2e18325cf29361d90b9bb19ead)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the initial version of the section on vulnerability reports,
operations of the Security Team with a
transcription of https://wiki.yoctoproject.org/wiki/Security_private_reporting
(From yocto-docs rev: 2b86ac95c557f1e57176cceff428eb63e56c6328)
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-resolved is a distro feature added in poky commit
6f30e3586eb1b8e853cf23dd039f258d0dc0bc6b
(From yocto-docs rev: 2adb9c0a37f7bdbb293e78d71c872ca3bd9c06c4)
Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 1fc5046100f27126711df0513d1ad87a9a54f55a)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Add a SECURITY.md file with hints for security researchers and other
parties who might report potential security vulnerabilities.
(Bitbake rev: 936fcec41efacc4ce988c81882a9ae6403702bea)
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 65b62118da6f355e56c489c6be08ba9ea94b9f04)
Signed-off-by: Talel BELHAJSALEM <bhstalel@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 6f7bd97a6d3d6d8cfd149a7e07df35da4141e650)
Signed-off-by: Talel BELHAJSALEM <bhstalel@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 8aa25e2a668d35bab2f79457248abcde92dc92aa)
Signed-off-by: Talel BELHAJSALEM <bhstalel@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove a reference to a web resource which is clearly marked as obsolete.
Replace the unnecessarily verbose note by just links to the mentioned tools.
[YOCTO #15233]
(From yocto-docs rev: 3f979f5d2446d57d75f0c4ad2199510d533880e8)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Recommended instead of the Yocto Project mirror, because expected
to be faster. Make sure you only set one such mirror.
(From yocto-docs rev: 5a2d09501ab807a0f61c10533f3bd81894f6f20e)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
CC: richard.purdie@linuxfoundation.org
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: d90106ff2d905e457659acdb65a91ce5dcfdd05e)
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Make it clear that patchtest only supports openembedded-core for now
- Add a short list of instructions for installing Python module
dependencies on the host
- Add a step to add meta-selftest with bitbake layers so that all tests
can run
(From yocto-docs rev: bcd58d68e72226be1930593f5f7fb37de15b7913)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 236cd04d62bdf653aae9b41d32d9f87848a34339)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
As discussed before with Richard Purdie, the code supports this but the documentation does not.
Developers in general will not notice this or focus on it because they do not mess with the
layer.conf template file, but in my opinion I think more details can help.
(From yocto-docs rev: 15fc103d4ddd14698c8e75cc654ac157ca1ad740)
Signed-off-by: Talel BELHAJSALEM <bhstalel@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
COMPATIBLE_MACHINE is used to forbid the use of a recipe or its packages
for a specific set of machines.
In some cases, it may make more sense to have the logic inverted and
have the recipe always forbidden except for hand-picked machines. Such
could be the case for pieces of software that only support some
architectures. In that scenario, it is sometimes a bit easier on the eye
and for maintenance to use the OVERRIDES mechanism but for that, a
default should be set.
COMPATIBLE_MACHINE:aarch64 = "^(aarch64)$"
COMPATIBLE_MACHINE:mips64 = "^(mips64)$"
wouldn't do much because if COMPATIBLE_MACHINE isn't set, the recipe is
assumed compatible and therefore, if no default is provided we enter
that case.
Hence, we need to add
COMPATIBLE_MACHINE = "^$"
as default so that it only matches the empty string, which isn't
possible for MACHINEOVERRIDES.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 52196d39bc85de267daffb0074eb59786751f57d)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Various aesthetic cleanups of section 1 of that manual, including:
* replace 'HOWTO' with manual
* add more examples of sdk-related images
* font fixes
(From yocto-docs rev: 608e93e13a8316a8d40e0675d4335084efa3736a)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PACKAGECONFIG's first and second flag value will be added to PACKAGECONFIG_CONFARGS
and then it will be added to the appropriate variable (EXTRA_OECMAKE, or ...)
So we need to only mention PACKAGECONFIG_CONFARGS and it will lead to other variables.
I added a custom example that can help understanding very well PACKAGECONFIG.
(From yocto-docs rev: 7f26b0c0a08d6be9810128369265b0c494e7191b)
Signed-off-by: Talel BELHAJSALEM <bhstalel@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Add missing parenthesis, and another example of a compressed patch filename.
(From yocto-docs rev: d44ccb5ed4292b0371651f38b9a0e3083f60ae87)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 0f8fe127eb9ae2f56b280a7634ea7ab9a270f382)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
The EdgeRouter machine is no longer supported.
https://git.yoctoproject.org/poky/commit/?id=0c64d0e4317e3749f7f7ed9ecd5d08bbb0cedc9e
(From yocto-docs rev: e600522f2d2514bdd888c91043b9c59563ee7a6d)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Improve text formatting
- Stop mentioning all possible values
- Update examples
- Correct descriptions
(From yocto-docs rev: f7437c2efa1014dc46481993b5e87d52dcf42b05)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: b9791285e5df4fa124230d2da4dcabb67088e23b)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 0d195d66e434ddedd33bf8db89643fa5ab192e29)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|