summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* ref-manual: Updated the SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS variableJoshua Watt2018-05-291-2/+19
| | | | | | | | | | Describes the new wildcard syntax (From yocto-docs rev: 8608810da1c91116415dc568b2a1a929c923c629) Signed-off-by: Joshua Watt <jpewhacker@gmail.com> Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: Updated manual notesScott Rifenbark2018-05-299-126/+240
| | | | | | | | | | | | | I updated the notes to help the user get the version of the docs that they are interested in. Sometimes a search using the web returns really old versions of the manual and the user is clueless about using a manual that is not matching the YP release they are working with. (From yocto-docs rev: d0ef1c7edec0a28ce8a49992b71e6d3c878cdbb4) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: toaster: do not fail on optional 'custom.xml' fileDavid Reyna2018-05-291-1/+4
| | | | | | | | | | | | Explicitly capture and ignore errors when trying to load the optional 'custom.xml' fixture file. [YOCTO #12554] (Bitbake rev: 5b26fc8e332daaed092cdbafea3f0b8e11e5e7ae) Signed-off-by: David Reyna <David.Reyna@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: Toaster: fix shutdown and extra threadsDavid Reyna2018-05-291-2/+2
| | | | | | | | | | | | | Fix typo in shutdown code to kill threads when "kill -0" is not enough. Use the '--noreload' flag for 'runserver' so that there are no extra and unaccounted threads. [YOCTO #12555] (Bitbake rev: 14079cb1fd497799548c677962d89c02a6d2bf92) Signed-off-by: David Reyna <David.Reyna@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to rocko head revisionyocto-2.4.3rocko-18.0.3Richard Purdie2018-05-231-1/+1
| | | | | | (From OE-Core rev: 0d70ca998b3bdc18db6a5644f4ed8797fd0e7ddd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky: Bump version to 2.4.3Richard Purdie2018-05-231-1/+1
| | | | | | (From meta-yocto rev: 52883b21ee64c04db23a6fb3f32b33c39d54b324) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta-yocto-bsp: bump to the latest v4.12 stable kernel for the non-x86 BSPsKevin Hao2018-05-231-6/+6
| | | | | | | | | | | (From meta-yocto rev: 08884dc6ed749da5e7f73c9045a56d2dd53827bb) (From meta-yocto rev: 5de52cf4a74f6d87f7f62f322f8f39f3f4f0a136) Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto: update genericx86* SRCREVs for 4.12Anuj Mittal2018-05-231-4/+4
| | | | | | | | | | | | | Bump to stable kernel release 4.12.21. (From meta-yocto rev: de49fbc8dda014ab26294ff97955d545dd09123c) (From meta-yocto rev: c0fee7423ae9321a2f0d28036abee62bef6360ea) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libnl: fix CVE-2017-0553Andre McCurdy2018-05-232-0/+45
| | | | | | | | | | | | | | | | | | | | | | | An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0553 Backport fix from upstream libnl 3.3.0 release: https://github.com/thom311/libnl/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb http://lists.infradead.org/pipermail/libnl/2017-May/002313.html (From OE-Core rev: f452fbc5d2ffb9c1417079574bed0dfcdc44787a) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: Abstract out termlibKhem Raj2018-05-231-1/+2
| | | | | | | | | | | | | | | | termlib needs to be disabled on some targets e.g. mingw this change paves the way for doing that. Functionally it does not change anything for other platforms (From OE-Core rev: 88f33e1e5ba4f85093f60a296cba3ee1c1341c43) (From OE-Core rev: 82fc84b059367917690336d279cd8cab679d63ed) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: fix deletion of /usr/lib/terminfoKoen Kooi2018-05-231-1/+4
| | | | | | | | | | | | | | Ncurses doesn't honour ${libdir} for terminfo, so try more options to remove it. (From OE-Core rev: 17fd322e925cf492b22c75e296d5fee31e3511db) (From OE-Core rev: 3d07d4a1e8a7324437e2f37ffcafbb032a086008) Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: fix do_install failure when base_libdir has more than one levelKoen Kooi2018-05-231-1/+1
| | | | | | | | | | | | | | Other sections of the .inc already use mkdir -p, so use it here as well. (From OE-Core rev: 62434e5021b99391a0c129a40bf943465a19e7ce) (From OE-Core rev: f7538ee974d5bb07be193a3c8e31a05087bcc990) Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: 6.0+20170715 -> 6.0+20171125Hongxu Jia2018-05-232-543/+1
| | | | | | | | | | | | | | | | | | | | - Drop backported CVE fix includes cves: CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 (From OE-Core rev: 382e861b8c89c65b3538c706361767eff78d4a5a) (From OE-Core rev: 6e7b9c78aca121301e9c92ed9cdb65f1a7613ee0) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.py: use single quotes for path passed to file in is_elf()Andre McCurdy2018-05-081-2/+1
| | | | | | | | | | | | | | Align package.py is_elf() with recent changes in package.bbclass isELF(): http://git.openembedded.org/openembedded-core/commit/?id=7877761534b0c2492da6289e9f2269d41b6ed464 (From OE-Core rev: 5fcb57ffd67384b3487d0a1b83a1f13d52a15eb7) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit ab056c7f6065f310be4dd256ceb45f85ff981f69) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.bbclass: Add '-b' option to file call in isELFMark Hatle2018-05-082-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The isELF function works by running: result = file <pathname> if 'ELF' in result By default 'file' will prepend the result with the path name of the file that is being checked. This usually works fine, such as: $ file /home/foo/openembedded-core/meta/classes/package.bbclass /home/foo/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines However, if the path includes 'ELF', ELF will end up in the result, and then the check will return positive. $ file /home/ELF/openembedded-core/meta/classes/package.bbclass /home/ELF/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines This will then result in the isELF coming back true, and possibly causing the checks that use isELF, such as the 'is it already stripped' check, to do the incorrect thing. Adding the '-b' option to file will result in the path being omitted in the result: $ file /home/ELF/openembedded-core/meta/classes/package.bbclass Python script, ASCII text executable, with very long lines (From OE-Core rev: b6d5729a0f0e6f2c8b36d425a18e9e2ed26f5de0) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 5a324e9b2cf6378f8eaa4e394f9cb36d4e2680ac) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.bbclass: use single quotes for path passed to file in isELF()Andre McCurdy2018-05-081-1/+1
| | | | | | | | | | | | | | | | | | | Apparently there are recipes in the wild which generate files with filenames containing '$' characters - which cause errors during packaging. Instead of adding another special case to escape '$' characters when constructing the command passed to oe.utils.getstatusoutput(), switch to using single quotes to quote the path - and therefore make isELF() consistent with the way filenames and paths are quoted by every other caller of oe.utils.getstatusoutput() in oe-core. (From OE-Core rev: 080f0ee910684beb8bc263d5a45d3aa39b6ee647) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 7877761534b0c2492da6289e9f2269d41b6ed464) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "package.bbclass: Add '-b' option to file call in isELF"Andre McCurdy2018-05-082-2/+2
| | | | | | | | | | | | | | | | This reverts commit 46ddc11a8be79515b4ab9f9f7568c3d624ac72fe. The change is good in master but became subtly broken during the backport to rocko. Either the path passed to file should be quoted using double quotes (with any " chars in the path being escaped) or the path should be quoted using single quotes (and then any " chars in the path should NOT be escaped). Escaping " chars and using single quotes will cause problems for filenames containing " chars. (From OE-Core rev: 534a4e6775e5b4030619b20ae1f6a319adadccf5) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Update to 2.4.4Armin Kuster2018-05-071-2/+2
| | | | | | | | | | | | | | | | | | | | The dot releases are maint only. 2.4.4 included: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir 2.4.3 includes: CVE-2017-17405: Command injection vulnerability in Net::FTP (From OE-Core rev: 7003a36ef3f686af97798ff6f4bc7b3473f937de) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix typo in gmp PACKAGECONFIG optionAndre McCurdy2018-05-071-1/+1
| | | | | | | | | | | | (From OE-Core rev: 9fb931b69ece7f8a644f9e25600bcbbc9266a761) (From OE-Core rev: 02fe324eb6913b27961e8e30c5510c89733dd011) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: remove spurious db build dependencyRoss Burton2018-05-071-1/+1
| | | | | | | | | | | | | The dbm module uses gdbm by default which is also a build dependency. (From OE-Core rev: 79121ff54420e5cc331552ca5620aed81a36aac9) (From OE-Core rev: f18fe9f116bd6697ded5d93eeccdfea7c3215d7b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.4.2Leonardo Sandoval2018-05-072-90/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | The CVE-2017-14064 patch is already at 2.4.2 as explained on project's commit, so removing from the recipe & repo. commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153 Author: hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> Date: Wed Apr 12 00:21:18 2017 +0000 Merge json-2.0.4. * https://github.com/flori/json/releases/tag/v2.0.4 * https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e (From OE-Core rev: 6e37a88af155d5e5453fb0f44bb11d6f8e406438) (From OE-Core rev: 59fed1c288bc8d5549fffccedcc24ae9f4f32dac) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub/grub-efi: fix conflictHongxu Jia2018-05-073-13/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While installing grub and grub-efi, there are conflict files in ${sysconfdir} ${datadir} ${bindir} ${sbindir}. - Since all of the conflicted files are tools which is common for grub and grub-efi, we split them (except grub-editenv) to grub-common in grub. - The package grub-common runtime depends grub-editenv - The package grub-editenv runtime provides grub-efi-editenv - Remove SYSROOT_DIRS_BLACKLIST - The recipe grub-efi does not generate the duplicated files and use runtime depends grub-common to instead Debian and Fedora do the similar thing. Debian use a common package grub-common for both of pc bios and efi, and use package grub-pc-bin for pc bios, grub-efi-amd64-bin for efi. Both of grub-pc-bin and grub-efi-amd64-bin requires grub-common. https://packages.debian.org/sid/grub-common https://packages.debian.org/jessie/grub-pc-bin https://packages.debian.org/jessie/grub-efi-amd64-bin Fedora use a common package grub2-tools for both of pc bios and efi, and use package grub2 for pc bios, grub2-efi-modules for efi. Both of grub2 and grub2-efi-modules requires grub2-tools. https://www.rpmfind.net/linux/RPM/fedora/devel/rawhide/x86_64/g/grub2-tools-2.02-0.34.fc24.x86_64.html https://www.rpmfind.net/linux/RPM/fedora/devel/rawhide/x86_64/g/grub2-2.02-0.34.fc24.x86_64.html https://www.rpmfind.net/linux/RPM/fedora/devel/rawhide/x86_64/g/grub2-efi-modules-2.02-0.34.fc24.x86_64.html [YOCTO #11639] (From OE-Core rev: 60c360c0561f1ff5ff2135c4557f5992f9485617) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* scripts/test-dependencies.sh: removeMartin Jansa2018-05-071-286/+0
| | | | | | | | | | | | | | | | | | * with RSS used in pyro this script isn't very useful anymore * RSS makes sure that the dependencies are almost always deterministic the only case known to me where dependencies are different based on what was already built in TMPDIR are runtime dependencies resolved by shlibs code in package.bbclass (which is using global pkgdata, not specific to given recipe and its RSS) as described here: https://bugzilla.yoctoproject.org/show_bug.cgi?id=9217#c4 but for this case it's not worth running complete test-dependencies.sh runs (From OE-Core rev: 522005e722ceb1d1447826e6d7a36d43e49d0450) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "waf.bbclass: explicitly pass bindir and libdir if supported"Martin Jansa2018-05-071-16/+1
| | | | | | | | | | | | | | | * this doesn't work correctly as discussed in: http://lists.openembedded.org/pipermail/openembedded-commits/2018-January/218460.html * some of the issues were fixed in master since then but not all, so revert it until it's completely resolved This reverts commit eac21f981337bfaddb2d67161a1ff049158041ce. (From OE-Core rev: 74c26c2f63121d92d50b0cca4d3288b8d196b777) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: Security fix CVE-2017-12883Armin Kuster2018-05-032-0/+45
| | | | | | | | | Affects: Perl < 5.24.3-rc1 and 5.26.x before 5.26.1-RC1 (From OE-Core rev: d20917f3ce9ac45fb9562d1cabf7ddc212b1d07a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: add patch to solve libcrypt incompatibilityCharles-Antoine Couret2018-05-033-0/+30
| | | | | | | | | | | | | Add Perl's patch submitted to upstream to be compiled along with glibc with libcrypt split. (From OE-Core rev: 79703d83790a2973fefdb0e12e125b5f17e98cdf) (From OE-Core rev: 53eef48621b19a1b88c042f9ee5eeb84d9746c64) Signed-off-by: Charles-Antoine Couret <charles-antoine.couret@essensium.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rsync: update to 3.1.3Yi Zhao2018-05-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | (From OE-Core rev: ded47001bec3fbbcbcdbe358a32c14ed0322d431) Updating is safer than backporting the CVE fixes. Included CVE: CVE-2017-16548 CVE-2017-15994 CVE-2017-17434 CVE-2017-17434 CVE-2018-5764 plus many bugfixes (From OE-Core rev: 3f244c68defd45d89107ff58a95c8d4462faeaed) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mpfr: Update SRC_URI to use gnuArmin Kuster2018-05-031-1/+1
| | | | | | | | | | | | ERROR: mpfr-native-3.1.5-r0 do_checkuri: Fetcher failure for URL: 'http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz'. URL http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz doesn't work ERROR: mpfr-native-3.1.5-r0 do_checkuri: Function failed: do_checkuri Found gnu has the same copy (From OE-Core rev: ee3de1e4963ae56515be3a56b473f25ace286511) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Set the dynamic linker to use at compile timeRichard Purdie2018-05-031-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Its possible some dynamic runtime library in the dependency chain may come from sstate and link to libraries which need the libc from uninative. If we don't do this and binaries are run at do_install time they would fail to find the symbols from the later libc. Examples: cmake-native do_install: bin/cmake: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.25' not found (required by TOPDIR/tmp/work/x86_64-linux/cmake-native/3.10.3-r0/recipe-sysroot-native/usr/lib/libexpat.so.1) dbus-native do_install: tmp/work/x86_64-linux/dbus-native/1.12.2-r0/build/bus/.libs/lt-dbus-daemon: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.25' not found (required by /home/pokybuild/yocto-autobuilder/yocto-worker/nightly-x32/build/build/tmp/work/x86_64-linux/dbus-native/1.12.2-r0/recipe-sysroot-native/usr/lib/libexpat.so.1) This issue is resolved when the interpreter is changed at sstate unpack time but this isn't soon enough to avoid issues at compile/install time. By specifing which dynamic linker/loader to use at compile time, this race window is removed entirely. (From OE-Core rev: 35867ee035030ab76fc9ccdb0eb1c3f80126301c) (From OE-Core rev: cead3c4925d39f8adc328007d8a8c1b23cc72842) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Add allow-shlib-undefined to BUILD_LDFLAGS and drop other workaroundsRichard Purdie2018-05-036-48/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have a problem when for example, a glibc 2.27 based system builds some library like libpopt-native and puts it into sstate then it is reused on a pre glibc-2.27 system to build something which depends on popt like rpm-native. This results in an error like: recipe-sysroot-native/usr/lib/libpopt.so: undefined reference to `glob@GLIBC_2.27' In the past we've had this problem with new symbols like getrandom and getentropy, here its with a more complex symbol where there is an old version and a newer version. We've looked into various options, basically we cannot link against our uninative libc/ld.so since we don't have the right headers or compiler link libraries. The compiler doesn't allow you to switch in a new set either, even if we did want to ship them. Shipping a complete compiler, dev headers and libs also isn't an option. On the other hand if we follow the ld man page, it does say: """ The reasons for allowing undefined symbol references in shared libraries specified at link time are that: - A shared library specified at link time may not be the same as the one that is available at load time, so the symbol might actually be resolvable at load time. """ which is exactly this case. By the time the binary runs, it will use our uninative loader and libc and the symbol will be available. Therefore we basically have a choice, we get weird intermittent bugs, we drop uninative entirely, or we pass this option. If we pass the option, we can drop the other workarounds too. (From OE-Core rev: 75a62ede393bf6b4972390ef5290d50add19341a) (From OE-Core rev: d18bf7fa8e80d6cfaf3fdbe1ab06eec84b954432) (From OE-Core rev: 4545f5436a5a106154680825ecb1cb60437faa91) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Clean up for Rocko context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: Set and export TZ envvar to UTCRichard Purdie2018-05-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We just ran into an issue where tar failed to build on one server setup but built everywhere else just fine. It was running makeinfo to regenerate some docs files and makeinfo was too old for the host it was running on. There was no dependency on makeinfo-native as it was not meant to be regenerating the docs. It was being regenerated as a date from a timestamp used in the docs was different in Asian timezones than in the other timezones our builds were being tested in. I added an entry to https://wiki.yoctoproject.org/wiki/TipsAndTricks/ about how this was debugged. As such, lets default to setting and exporting TZ to 'UTC' as was already pioneered by the reproducibile builds work. This makes the builds deterministic. [YOCTO #12665] (From OE-Core rev: 2a90ae7a3286724ff9e3615c4dbf56038f703810) (From OE-Core rev: e31f31f81efe4b60938b724bece2a03c7c74a68d) (From OE-Core rev: 2c72aa56e6065100582cb17f281c4c11521712e6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Drop simple.bbclass changes] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Update to version 1.9 (fedora28 compatible)Richard Purdie2018-05-031-3/+3
| | | | | | | | | | | | | | This includes the libxcrypt change which allows uninative to work on fedora28. (From OE-Core rev: 4b27ab6487a54b42a52aa16e98ea4d19fa62b5ae) (From OE-Core rev: 0685eb697f1dfa3b858b6e594cbd8e6070b4fbb8) (From OE-Core rev: 2b462bdc2b9bad40425769ece380e46b52cca095) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.bbclass: Add '-b' option to file call in isELFMark Hatle2018-05-032-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The isELF function works by running: result = file <pathname> if 'ELF' in result By default 'file' will prepend the result with the path name of the file that is being checked. This usually works fine, such as: $ file /home/foo/openembedded-core/meta/classes/package.bbclass /home/foo/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines However, if the path includes 'ELF', ELF will end up in the result, and then the check will return positive. $ file /home/ELF/openembedded-core/meta/classes/package.bbclass /home/ELF/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines This will then result in the isELF coming back true, and possibly causing the checks that use isELF, such as the 'is it already stripped' check, to do the incorrect thing. Adding the '-b' option to file will result in the path being omitted in the result: $ file /home/ELF/openembedded-core/meta/classes/package.bbclass Python script, ASCII text executable, with very long lines (From OE-Core rev: 5a324e9b2cf6378f8eaa4e394f9cb36d4e2680ac) (From OE-Core rev: 46ddc11a8be79515b4ab9f9f7568c3d624ac72fe) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [fixup for Rocko] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2018-1000156Jackie Huang2018-05-033-0/+255
| | | | | | | | | | | | | | | | | | | | | | | * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-1000156 * upstream tracking: https://savannah.gnu.org/bugs/index.php?53566 * Fix arbitrary command execution in ed-style patches: - src/pch.c (do_ed_script): Write ed script to a temporary file instead of piping it to ed: this will cause ed to abort on invalid commands instead of rejecting them and carrying on. - tests/ed-style: New test case. - tests/Makefile.am (TESTS): Add test case. (From OE-Core rev: 6b6ae212837a07aaefd2b675b5b527fbce2a4270) (From OE-Core rev: 413c54e0698589b17976e88fa7ab76e5dbac51aa) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2018-6951Jackie Huang2018-05-032-1/+38
| | | | | | | | | | | | | | | | | | | | * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-6951 * upstream tracking: http://savannah.gnu.org/bugs/?53132 * Fix segfault with mangled rename patch - src/pch.c (intuit_diff_type): Ensure that two filenames are specified for renames and copies (fix the existing check). (From OE-Core rev: cdf74e1c67698b2d44a7460ff7d365d6da7b7b96) (From OE-Core rev: e628af83e8d00ed3e3db318b323a9f5e48d35aae) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch:2.7.5 -> 2.7.6Huang Qiyu2018-05-031-2/+2
| | | | | | | | | | | | | | Upgrade patch from 2.7.5 to 2.7.6. (From OE-Core rev: e5dcd58e5b2ef0b8e2bbe90e9bb1cede4e76bf75) (From OE-Core rev: 6ecaabfff944773a09096a9ce293842c7c00b3a1) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: Security Advisory - CVE-2017-3144Yue Tao2018-05-032-0/+75
| | | | | | | | | | | | | | | | | | | | | | | Fix CVE-2017-3144 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144 https://kb.isc.org/article/AA-01541 Patch from: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=5097bc0559f592683faac1f67bf350e1bddf6ed4 (From OE-Core rev: bcbe9025560dee658c0ead566384e1a8647cebf9) (From OE-Core rev: cf029db42a6bb96203d2d6bb64a62e6eeec9be8d) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gio-module-cache.bbclass: pass in ${libexecdir}Alexander Kanavin2018-05-031-0/+1
| | | | | | | | | | | | | | When it was something else than /usr/libexec (e.g. when installing native SDK packages), things broke down. (From OE-Core rev: d99e819a6cbde6d1116c434ddba4c5f8eca7e6d8) (From OE-Core rev: 1c8c163bfb736518f66276eca5765c493b8cc787) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: add variables to the whitelist so that it does not re-triger ↵Cuero Bugot2018-05-031-0/+3
| | | | | | | | | | | | | | | | | | | | recipe parsing When uninative is activated (poky's default) internal datastore variables are modified (NATIVELSBSTRING and SSTATEPOSTUNPACKFUNCS) to enable uninative support. This is happening after parsing is done at the beginning of the build. On the next bitbake call the recipe would be parsed if the two variables above were not added to the parsing whitelist BB_HASHCONFIG_WHITELIST. The fix is to add these two variables to the recipe parsing whitelist BB_HASHCONFIG_WHITELIST, this is done at recipe parsing time, only when uninative.bbclass is used. (From OE-Core rev: 75bb95ada98ef129d2fa48568f27dddb078c852c) (From OE-Core rev: ca52b8e4f32063234815493746c4059392862af8) Signed-off-by: Cuero Bugot <cbugot@sierrawireless.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager.py: Skip gpgcheck while using dnf on targetManjukumar Matha2018-05-031-1/+1
| | | | | | | | | | | | | | | | | By default, RPM_SIGN_PACKAGES is not defined. Add gpgcheck=0 to oe-remote-repo.repo file, otherwise dnf will complain during install operation on target Note, RPM_SIGN_PACKAGES is set only when you inherit sign_rpm explicitly (From OE-Core rev: 002a71eaa7606828c399972d8fd35e19e7b71929) (From OE-Core rev: 21ca5428fa320aa4c925fe8a1a141c7df863fa84) Signed-off-by: Manjukumar Matha <manjukumar.harthikote-matha@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcre-ptest: skip locale testJuro Bystricky2018-05-031-0/+4
| | | | | | | | | | | | | | | | | | If a fr_FR locale is found, it is automatically tested. The test will fail if the locale is UTF-8, as the test blindly assumes (and expects) a non-UTF fr_FR locale. The remedy is to skip the test. [YOCTO #12215] (From OE-Core rev: 4cedddb83623c79980b354642dfeaf78218ca4b7) (From OE-Core rev: ebb6c4f6a2bb6a6be4b3c4f8b7095bad529c62ea) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update 1.1.0g -> 1.1.0hAlexander Kanavin2018-05-033-143/+4
| | | | | | | | | | | | | | | | | | | | | | Please see this security advisory: https://www.openssl.org/news/secadv/20180327.txt Remove 0001-Remove-test-that-requires-running-as-non-root.patch (issue fixed upstream) Remove 0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch (backport) License-Update: copyright years (From OE-Core rev: 96d5e9c186fb83f1b5d9b38ace0b1222c3c04c54) (From OE-Core rev: a4f7a637d9a2c738f217c67394a98f6081149022) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update 1.0.2n -> 1.0.2oAlexander Kanavin2018-05-0333-3/+3
| | | | | | | | | | | | | | | | | Please see this security advisory: https://www.openssl.org/news/secadv/20180327.txt License-Update: copyright years (From OE-Core rev: 13542282e34c078296c46a98721b31ed9a69a980) (From OE-Core rev: 9460cdd9227edcca425b919d5b9061d1da55528b) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix libdir logic to allow multiarch style pathsKoen Kooi2018-05-032-2/+4
| | | | | | | | | | | | | | The recipes were using 'basename' to turn '/usr/lib' into 'lib', which breaks when libdir is '/usr/lib/tuple', leading to libraries ending up in '/usr/tuple', which isn't in FILES_*. Change the logic to use sed to strip the prefix instead. (From OE-Core rev: e58d5521c7bae8daafdac85754545be176550a02) (From OE-Core rev: 373763d4f6668c3e324edf8d699c8c15d0267278) Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: drop openssl-1.0.2a-x32-asm.patchAlexander Kanavin2018-05-032-47/+0
| | | | | | | | | | | | | | | | | The patch was applied in a completely incorrect spot (due to fuzz), no one noticed or complained. Meanwhile upstream says the issue has been resolved differently: https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest (From OE-Core rev: 325e516b59e677dc8e2c5756589fa8037b3e9392) (From OE-Core rev: d7f682f592538073eefd24bf06c32e8e2e685f05) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: refresh patchesRoss Burton2018-05-032-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. (From OE-Core rev: 7baba7a19c5610a63ccbfd6a2238667772b32118) (From OE-Core rev: 95b5ec1d6d614ebd1ea3a57bbbcef33b08966265) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_rpm: set _builddir to B not SRichard Purdie2018-05-031-1/+1
| | | | | | | | | | | | | | | | | Recipes which use a shared workdir (e.g. gcc-runtine and libgcc) can race over temporary files causing interesting build failures. Using B instead of S avoids this problem. [YOCTO #12605] (From OE-Core rev: d6c13a5ff441f7076eb327c0d0b747bd7603db0f) (From OE-Core rev: 9c72ddb605f1f4fc98fa427e37b5ba8c8758c6cd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.12: intel-socfpga, intel-pmc-core and ish support for ↵Bruce Ashfield2018-05-033-13/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CoffeeLake board Integrating a series of mainline backports to allow better 4.12 support for the coffeelake board: 97e710ef0545 driver: clk: socfpga: remove unused variable 2852089a6b7f x86/cpu: Add Cannonlake to Intel family 1af96090b1f4 ACPI / LPIT: Export lpit_read_residency_count_address() 1e85b644ad5e ACPI / LPIT: Add Low Power Idle Table (LPIT) support 3b931f776349 platform/x86: intel_pmc_core: Special case for Coffeelake 5666379331a9 platform/x86: intel_pmc_core: Add CannonLake PCH support de9e9e9518ee platform/x86: intel_pmc_core: Read base address from LPIT f422abd33358 platform/x86: intel_pmc_core: Remove unused header file ec1ca0048923 platform/x86: intel_pmc_core: Convert to ICPU macro f894e2c0cfff platform/x86: intel_pmc_core: Substitute PCI with CPUID enumeration ce7b50cc047d platform/x86: intel_pmc_core: Refactor debugfs entries c9ca0426c9c8 platform/x86: intel_pmc_core: Fix file permission warnings 17294194d03c platform/x86: intel_pmc_core: Change driver to a module 7f142e82c8f0 platform/x86: intel_pmc_core: Fix kernel doc for pmc_dev d095df17ddf4 platform/x86: intel_pmc_core: Remove unused variable cdfd431ccc3d platform/x86: intel_pmc_core: Remove unused EXPORTED API c54edf864c58 platform/x86: intel_pmc_core: Make the driver PCH family agnostic 5302f0bfbaed HID: intel-ish-hid: Enable Cannon Lake and Coffee Lake laptop/desktop 7e5cc39c3f61 HID: intel-ish-hid: Enable Gemini Lake ish driver b00e0e88689f HID: intel-ish-hid: Enable Cannon Lake ish driver (From OE-Core rev: 0b53601c0e8a87e336dadd6854c19cdb2e1f6b55) (From OE-Core rev: 61e6adc8dfb8aa63628a2e96f9d5f7ab62307c59) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/meta: improve wifi driver granularityBruce Ashfield2018-05-033-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Integrating the following commit for the 4.12+ kernels: Author: Nathan Rossi <nathan@nathanrossi.com> Date: Wed Mar 21 00:10:02 2018 +1000 features/wifi: Add WiFi driver fragments for various vendors/interfaces This change adds WiFi driver configuration fragments. The fragments are split into vendor and interface files to allow for easy selection of drivers for specific interface types (USB, PCI, SDIO) which is useful for BSPs with specific interfaces. The specific vendor/interface config fragments can be included by specific BSPs in its .scc files. However .scc files (wifi-*.scc) are provided to allow enabling interface specific or all interfaces drivers via KERNEL_FEATURES or inclusion via other .scc files. And wifi-common.scc is provided to enable the base config options required for all WiFi drivers, which is done to ensure correct configuration for default no config setups (e.g. linux-yocto-tiny). This patch only enables a limited set of drivers, which is based on what the common-pc-wifi.cfg fragment sets as well as some additional drivers, that primarily appear in USB WiFi devices. Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> This gives us a much better granularity of drivers and a good baseline for future improvements. The 4.12 fragments are also slightly re-organized on top of this commit to avoid patch failures when including the new frags. (From OE-Core rev: c24d6863768a64b2c1632d5202790689a1164694) (From OE-Core rev: 9e1bc0e552d7609428cb71bda7d2b6b726146c21) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Removed upsupported kernels] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.12: add ssl and utils native dependenciesBruce Ashfield2018-05-031-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Via the -stable updates, and other configuration changes the 4.12 kernel has the same dependency on openssl headers as 4.14+. So we add the same DEPENDS line that we already have in newer kernels to avoid the following error: | HOSTCC scripts/sign-file | build/tmp/work-shared/qemux86-64/kernel-source/scripts/sign-file.c:25:30: fatal error: openssl/opensslv.h: No such file or directory | compilation terminated. | scripts/Makefile.host:107: recipe for target 'scripts/sign-file' failed | make[3]: *** [scripts/sign-file] Error 1 | make[3]: *** Waiting for unfinished jobs.... (From OE-Core rev: 80f6840baecb8b161f6443f3dd1af4e70b5e5221) (From OE-Core rev: 8660345a665ef74828036c89257bc23246243c40) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>