summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
...
* openssl_1.0: drop curly brackets from shell local variablesAndre McCurdy2018-08-291-2/+2
| | | | | | | | | | | | | | Make clear distinction between local variables and bitbake variables. (From OE-Core rev: d1e441db511faf9c170733c01ded8c56faac9ab6) (From OE-Core rev: cf9f9657eefd65817094f220af92f2791a8cb68e) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl_1.0: minor recipe formatting tweaks etcAndre McCurdy2018-08-291-60/+61
| | | | | | | | | | | | | | | | Drop redundant setting of S to its default value, fix inconsistent indent and re-order variables to align more closely to the OE style-guide. (From OE-Core rev: c36637a0304551bf2736bb15796947d9aaf00076) (From OE-Core rev: 67cde33115798b298f7840cad34d8ef91b3b7fa2) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipeAndre McCurdy2018-08-292-306/+300
| | | | | | | | | | | | | | | | The openssl10.inc include file only has one user, so we can improve maintainability by merging the include file into the recipe which uses it. (From OE-Core rev: f5568740d5ff72090c3ca894ddfdc3078169da25) (From OE-Core rev: 5b4ffcbcdc28aec506a21f5abd76848c1de24011) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl_1.1: minor recipe formatting tweaks etcAndre McCurdy2018-08-291-27/+23
| | | | | | | | | | | | | | Drop redundant setting of S to its default value and re-order variables to align more closely to the OE style-guide. (From OE-Core rev: 4871481e66449dd2b054119b37d0baedb166b72c) (From OE-Core rev: 5da668175ee7c56067c1272e7a701d5c38e94524) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl_1.1: avoid using += with an over-rideAndre McCurdy2018-08-291-2/+2
| | | | | | | | | | | | | | | | | Using += with an over-ride can be a source of confusion so try to avoid the construct in core recipes. The current usage is incorrect and prevents the aarch64 and musl specific config options from being active together. (From OE-Core rev: 2a30a9ecab6465892698f7fc9d14a430d8a26f0c) (From OE-Core rev: 000da57cc858f5432153be849faba3862e4e9ed5) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl-nativesdk: Fix "can't open config file" warningOvidiu Panait2018-08-294-0/+24
| | | | | | | | | | | | | | | | | | | | When SDK is not installed in the default location, openssl will not be able to find the the openssl.cnf config file: "WARNING: can't open config file: XXXX/usr/lib/ssl/openssl.cnf" To fix this, we need to provide the environment variable $OPENSSL_CONF pointing to the correct config file location. (From OE-Core rev: b3f148333515efdb746b78c57d62cfbf3321b21e) (From OE-Core rev: fcea508efedeb36ca31fe8ad0cbc6d194fcfd1f7) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: disable ccache usageRoss Burton2018-08-291-0/+3
| | | | | | | | | | | | | | | | | | | | ccache and openssl don't get on: | make[1]: Entering directory '/home/prj/yocto/build/tmp/work/core2-64-poky-linux/openssl/1.0.2o-r0/openssl-1.0.2o/crypto' | ccache: invalid option -- 'D' Disable the use of ccache in the openssl recipe until someone root-causes this. [ YOCTO #12810 ] (From OE-Core rev: 8f9ceebb197dba10f2d08449de2dd64584de06bb) (From OE-Core rev: e90da34e5667acacd9ad0dd167846a6126fefad2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix upstream version check for 1.0 versionAlexander Kanavin2018-08-291-0/+1
| | | | | | | | | | | | (From OE-Core rev: 50dc3283e39e85912cdbeb9e885dcd22011d4a51) (From OE-Core rev: a1a5b0f814063c1b95024aee763c71b3f069e12b) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* alsa-lib: Cleanup packagingJoshua Watt2018-08-291-7/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | Cleans up the packaging by moving libasound.so.2 back into the alsa-lib package which was previously empty. Previously, it was difficult to create an image that had libasound.so.2, then create an SDK from that image that had the proper development files, because the only way to get libasound.so.2 was to do: IMAGE_INSTALL += "libasound" This however caused a problem because all of the development files that would be desired in the SDK were located in alsa-lib-dev, which wouldn't be included because alsa-lib wasn't included, and it was impossible to include alsa-lib because it was an empty package that was culled. (From OE-Core rev: 6c3438a62d10f155cd6a391bdb2f1939fc4774ec) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 30352f3d84344bff8c06625f9674947417f6e8e1) Change-Id: I2fb065b7e00569ba3a6aac631ac863999455bfb2 Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes: sanity-check LIC_FILES_CHKSUMRoss Burton2018-08-292-3/+5
| | | | | | | | | | | | | | | | | We assume that LIC_FILES_CHKSUM is a file: URI but don't actually verify this, which can lead to problems if you have a URI that resolves to a path of / as Bitbake will then dutifully checksum / recursively. [ YOCTO #12883 ] (From OE-Core rev: e2b8a3d5a10868f9c0dec8d7b9f5f89fdd100fc8) (From OE-Core rev: a5db618986746bf9082c4b3cbdac4e523328432e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libvorbis: CVE-2018-10392Jagadeesh Krishnanjanappa2018-08-292-0/+30
| | | | | | | | | | | | | Sanity check number of channels in setup. Fixes #2335. Link: https://gitlab.xiph.org/xiph/vorbis/issues/2335 (From OE-Core rev: 10569dfa6da1f7f9f021852acf4f936b3aead16a) Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libvorbis: CVE-2017-14160 CVE-2018-10393Jagadeesh Krishnanjanappa2018-08-292-0/+35
| | | | | | | | | | CVE-2017-14160: fix bounds check on very low sample rates. (From OE-Core rev: 0b0409ab6ef27599feeb2fc8a82150305b91f26b) Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bzip2: use Yocto Project mirror for SRC_URIRoss Burton2018-08-291-3/+3
| | | | | | | | | | | | | | | | | | | The bzip.org domain expired and is now a holding site for adverts, so we can't trust a tarball that appears on that site (luckily we have source checksums to detect this). For now, point SRC_URI at the tarball in the Yocto Project source mirror, but set HOMEPAGE and UPSTREAM_CHECK_URI to the sourceware.org/bzip2/ page which apparently will be resurrected as the new canonical home page. (From OE-Core rev: 9e291d9923efc988abe8689c64bafbb29da06339) (From OE-Core rev: 1bd48516cc3f65e860a2d8a8a3c6cee56c8332a1) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: Make bits/wordsize.h multilibbed againDaniel Díaz2018-08-161-1/+1
| | | | | | | | | | | | | | | | | As reported by ChenQi, leaving bits/wordsize.h out of being multilibbed introduced a problem in building the SDK for arm64: Error: Transaction check error: file /usr/include/bits/wordsize.h conflicts between attempted installs of lib32-libc6-dev-2.27-r0.armv7vet2hf_vfp and libc6-dev-2.27-r0.aarch64 This effectively reverts commit a74c77d6. (From OE-Core rev: 90ad502bf8faa233e25cf297c1eeefcb0367aea3) (From OE-Core rev: 056ae940da49b38890c2960651f0fdb5331a5fac) Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to sumo head revisionyocto-2.5.1sumo-19.0.1Richard Purdie2018-08-061-1/+1
| | | | | | (From OE-Core rev: 2a4595f0c45a9c0ecdeb1d92613821321e48a1ae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-10534Armin Kuster2018-08-062-0/+3430
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: d18dfef01fb7d37029e5a612f79201adf7ff5921) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-10535Armin Kuster2018-08-062-0/+62
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 1ff22881249591d64fe61353a4d97ab91dc8efa0) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-10372Armin Kuster2018-08-062-0/+59
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 832316491aab8b90719cefeba2bfd94cef04b80f) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-10373Armin Kuster2018-08-062-0/+46
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 3c83b9be884015e238249c0382299aedf4d81459) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-7568Armin Kuster2018-08-062-0/+86
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 9dee4cec26322604e71ca5db4b17b1088a98971b) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-7569Armin Kuster2018-08-062-0/+120
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: f79f5162088ceb29cf4820d2c3ef2aff263d7967) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-7208Armin Kuster2018-08-062-0/+48
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: a994ef27a997bce0dd18f8e507b8d795b8111aeb) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-7642Armin Kuster2018-08-062-0/+52
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 8c58ec80990a2c6b8b5e0832b3d5fe2c3f4378ff) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-6759Armin Kuster2018-08-062-0/+109
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 8f9b8ee0e7ad6526a3f93a8f0ca8e9fe055fdff6) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-6872Armin Kuster2018-08-062-0/+51
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 9626b58123eb50cb830443b3f514988f5417cc6c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutls: Security fix CVE-2018-7643Armin Kuster2018-08-062-0/+103
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: 70308a1133a3bd0e9d297bd66be4e05722484e7a) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Security fix CVE-2018-8945Armin Kuster2018-08-062-0/+71
| | | | | | | | | Affects <= 2.30 (From OE-Core rev: d128790b8593ee0cccd5e3c935ff28fb27644a8c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/sanity: Clean up getstatusoutput usageJoshua Watt2018-08-061-29/+38
| | | | | | | | | | Replace usage of oe.utils.getstatusoutput() with direct subprocess calls. (From OE-Core rev: 140ecb4af80c44680278f98153353f2900e7fa98) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: add separate packages for all brcm filesMartin Jansa2018-08-041-41/+136
| | | | | | | | | | | | | | | | * no changes in the content of previously existing packages * include some silly commands I've used to "parse" WHENCE file to generate these, some manual changes are still needed, like separating cypress licensed files, removing duplicates when 2 files are included in the same package (bcm4356-pcie is exception because sdio and pcie files have different license). (From OE-Core rev: 27fc32b6c5231b3539940d1e260ab1df3ea4bd14) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: update LICENSE for bcm43* packages according to WHENCE fileMartin Jansa2018-08-041-20/+21
| | | | | | | | | | | | | | | | | | | | | * the license was updated brcm/brcmfmac43430-sdio.bin: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=ec734a30 brcm/brcmfmac43340-sdio.bin: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=5ac5ad5c brcm/brcmfmac43362-sdio.bin: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=be1c535e brcm/brcmfmac4354-sdio.bin: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=a2921812 * this shows that with every upgrade the changes in WHENCE file should checked carefully (From OE-Core rev: 114e54c2459fe4c65e837b6a22c75c9f0d40ffbb) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: add ${PN}-cypress-license handling from meta-raspberrypiMartin Jansa2018-08-041-0/+12
| | | | | | | | | | | | | * this will break meta-raspberrypi once more, by including ${PN}-cypress-license package twice in PACKAGES I've sent fix here: https://github.com/agherzan/meta-raspberrypi/pull/295 (From OE-Core rev: 75caa5dfc79df02b12f1b077ccbd80e4d69c9ead) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python2: Fix build with gcc8Ross Burton2018-08-043-0/+45
| | | | | | | | | | | | | | (From OE-Core rev: 910f68c9c8dc26e12d28ef29e956af63d100f121) (From OE-Core rev: 04c2d53ef48a09747d0577d9ec1ffa548d247615) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Hundebøll <martin@geanix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: fix libxml2 ptest failsChangqing Li2018-08-041-1/+6
| | | | | | | | | | | | | | | | | for core-image-minimal image, missing these two dependency will cause below warning and error: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8) ./test/icu_parse_test.xml generated an error (From OE-Core rev: 848031cf0b89b752c6fedcb63fc6938642a87fd8) (From OE-Core rev: e27b09395c3bd5eb92f0478de03f9738874a7e66) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* u-boot: Fix pylibfdt generationJoshua Watt2018-08-041-0/+3
| | | | | | | | | | | | | | | | | | | | | | u-boot attempts to build a Python library called pylibfdt. By default, u-boot would attempt to use the build host's Python interpreter, which causes numerous problems, not least of which is that it fails if the host doesn't have the Python development package installed (complaining about not being able to find Python.h) Rectify this situation by including the proper build time dependencies for pylibfdt and passing the proper arguments to make. [YOCTO #12867] (From OE-Core rev: 3b0b16300b351878790729d6270cd113bca73eff) (From OE-Core rev: 71c9fc5a9398dc77a4e0f440a7fde346990c0475) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kdump: start kdump.service after basic.targetYongxin Liu2018-08-011-0/+1
| | | | | | | | | | | | | | | | | | If kdump.service is set to run on boot and dump-capture kernel isn't placed in /dev/root, kdump.service will fail to load the kernel, since other partitions are not mounted yet. Starting kdump.service after basic.target guarantees dump-capture kernel can be loaded in this situation. (From OE-Core rev: ac9a54fc617ff5f1eb75fa8500187c5ed3effe46) (From OE-Core rev: d6f922ddc14e0b17af5f1de46ec905de2a21a751) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-7.3: Backport fixes for std::pair high memory usageJoel Stanley2018-08-012-0/+59
| | | | | | | | | | | | | | | | | | C++ applications that contain a specfic use of std::pair with tempates cause the build to require many gigabytes of RAM to build. This is a fix that was applied to the upstream GCC 7 branch. Change-Id: I213f96d1d6332e2dce5765482ff3413f1abd7ff8 (From OE-Core rev: 51a09ba2729a840a9f2f87b68c7f50a3e6ac0d04) (From OE-Core rev: dc6d466edde2ebe26e2ece5601429baabff38bbb) Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-7.3: Fix build on ppc64le hostsJoel Stanley2018-08-012-0/+38
| | | | | | | | | | | | | | | | | | | | When building on ppc64le hosts that have GCC 8 (such as Ubuntu 18.10) the GCC build bootstrap fails. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86162 This is a fix that was applied to the upstream GCC 7 branch. Change-Id: I7796d2a999ec420805dd1c6cf0a1ecba1de5a897 (From OE-Core rev: c17f5e7e954487ad3e97e26c3e0d31443d658d5a) (From OE-Core rev: 7d1ab4088f67f267b0c5a8ce9913feeedc3a7d7d) Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc-locale: Fix host-user-contaminated QA errorsKhem Raj2018-08-011-7/+6
| | | | | | | | | | | | | | | | Fixes ERROR: glibc-locale-2.27-r0 do_package_qa: QA Issue: glibc-locale: /glibc-binary-localedata-hy-am/usr/lib/locale/hy_AM/LC_MEASUREMENT.tmp is owned by uid 3004, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated] (From OE-Core rev: 06d831d12fe2a2366480c79f4c018942937b753a) (From OE-Core rev: 06003fba975adb1c6c374eb31067bf356cc81baa) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* shadow: fix CVE-2017-2616Andrej Valek2018-08-012-0/+65
| | | | | | | | | | | | (From OE-Core rev: 94a1e2794df15f0f2cb62ae030cd81e6c0798b1f) (From OE-Core rev: 8894c70ae5a44974f74434d251def3148818a866) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: security fix CVE-2018-7456Joe Slater2018-08-012-0/+179
| | | | | | | | | | | | | | NULL pointer use as described at nvd.nist.gov/vuln/detail/CVE-2018-7456. (From OE-Core rev: 122da5cec495fc8ddfd880327e7c3ed0dc70e04f) (From OE-Core rev: 0556a6929ea298a3db329b1c1447f01fc65264f9) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: security fix CVE-2018-8905Joe Slater2018-08-012-0/+62
| | | | | | | | | | | | | | Buffer overflow described at nvd.nits.gov/vuln/detail/CVE-2018-8905. (From OE-Core rev: 3f6f2a0619b4e243e6a9e52cee2cdd625ebf6769) (From OE-Core rev: bfa9a8505a143c345ca1038fd5919ac2f6fec722) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Upgrade to version 2.2Richard Purdie2018-08-011-3/+4
| | | | | | | | | | | | | | | This version adds nativesdk-libnss-nis to resolve glibc symbol issues We need this to avoid symbol mismatch issues for binaries that use this on newer systems which then won't run on older ones where it isn't present. (From OE-Core rev: 98c7ab9cf32765d604c35dc69bc7bd90e94fc8f3) (From OE-Core rev: 026408c9d90e6241ce1b3d4cadefc48b7aba1734) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gio-module-cache.bbclass: disable update_gio_module_cache postinst script ↵Martin Jansa2018-07-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | for nativesdk * it fails to execute native binary inside the qemu usermode for target arch as shown e.g. for qemuarm and raspberrypi3 build on x86_64 builder: qemuarm-webos-linux-gnueabi/webos-ndk-basic/1.0.0-1-r3/temp/log.do_populate_sdk: NOTE: > Executing update_gio_module_cache-nativesdk intercept ... WARNING: The postinstall intercept hook 'update_gio_module_cache-nativesdk' failed, details in log.do_populate_sdk qemuarm-webos-linux-gnueabi/webos-ndk-basic/1.0.0-1-r3/sdk/image/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/libexec/nativesdk-gio-querymodules: Invalid ELF image for this architecture qemuarm-webos-linux-gnueabi/my-sdk/1.0.0-1-r3/sdk/image/opt/webos-sdk-x86_64/7.0~s14/sysroots/armv5te-webos-linux-gnueabi/usr/libexec/gio-querymodules: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 3.2.0, BuildID[sha1]=5b7f0c77e8ee9587f4e02eaf1d54a1e230e539bd, stripped qemuarm-webos-linux-gnueabi/my-sdk/1.0.0-1-r3/sdk/image/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/libexec/nativesdk-gio-querymodules: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 3.2.0, BuildID[sha1]=eeded124aa53c7ac997dd6326e5d9b75e8d9c43d, stripped qemuarm-webos-linux-gnueabi/webos-ndk-basic/1.0.0-1-r3/intercept_scripts-ac629c4abfb418548877d2a412f7e552bd21e66f0b645b8875dc56ed9f0df40d/update_gio_module_cache-nativesdk bindir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/bin base_libdir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/lib libexecdir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/libexec libdir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/lib binprefix=nativesdk- set -e PSEUDO_UNLOAD=1 qemuwrapper -L $D -E LD_LIBRARY_PATH=$D${libdir}:$D${base_libdir} \ $D${libexecdir}/${binprefix}gio-querymodules $D${libdir}/gio/modules/ [ ! -e $D${libdir}/gio/modules/giomodule.cache ] || chown root:root $D${libdir}/gio/modules/giomodule.cache raspberrypi3-webos-linux-gnueabi/webos-ndk-basic/1.0.0-1-r3/temp/log.do_populate_sdk: NOTE: > Executing update_gio_module_cache-nativesdk intercept ... WARNING: The postinstall intercept hook 'update_gio_module_cache-nativesdk' failed, details in log.do_populate_sdk raspberrypi3-webos-linux-gnueabi/webos-ndk-basic/1.0.0-1-r3/sdk/image/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/libexec/nativesdk-gio-querymodules: Invalid ELF image for this architecture raspberrypi3-webos-linux-gnueabi/my-sdk/1.0.0-1-r3/sdk/image/opt/webos-sdk-x86_64/7.0~s14/sysroots/cortexa7t2hf-neon-vfpv4-webos-linux-gnueabi/usr/libexec/gio-querymodules: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 3.2.0, BuildID[sha1]=5267f1e542b014522af5ab54443d768ba6b47351, stripped raspberrypi3-webos-linux-gnueabi/my-sdk/1.0.0-1-r3/sdk/image/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/libexec/nativesdk-gio-querymodules: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 3.2.0, BuildID[sha1]=eeded124aa53c7ac997dd6326e5d9b75e8d9c43d, stripped raspberrypi3-webos-linux-gnueabi/webos-ndk-basic/1.0.0-1-r3/intercept_scripts-a4270d1427cca0a9d172dbcd8dc262957c8e081c657e1123cc9ad551d65f22ea/update_gio_module_cache-nativesdk bindir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/bin base_libdir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/lib libexecdir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/libexec libdir=/opt/webos-sdk-x86_64/7.0~s14/sysroots/x86_64-webossdk-linux/usr/lib binprefix=nativesdk- set -e PSEUDO_UNLOAD=1 qemuwrapper -L $D -E LD_LIBRARY_PATH=$D${libdir}:$D${base_libdir} \ $D${libexecdir}/${binprefix}gio-querymodules $D${libdir}/gio/modules/ [ ! -e $D${libdir}/gio/modules/giomodule.cache ] || chown root:root $D${libdir}/gio/modules/giomodule.cache * it isn't needed in master, because nativesdk postinst were fixed by: commit d10fd6ae3fe46290c6e3a5250878966d9f12ca3f Author: Alexander Kanavin <alexander.kanavin@linux.intel.com> Date: Mon Jun 11 16:38:20 2018 +0300 Subject: qemuwrapper-cross: enable multilib and nativesdk variants of the script * which depends on: commit d4f5b8e26acaadffac6df10f9a9d9ebfb3045f5f Author: Alexander Kanavin <alexander.kanavin@linux.intel.com> Date: Mon Jun 11 16:38:17 2018 +0300 Subject: gtk-immodules-cache.bbclass: convert cache creation to postinst_intercept mechanism * backporting just these 2 isn't enough, we would need to backport something else as well, otherwise it fails with: webos-ndk-basic/1.0.0-1-r3/intercept_scripts-a4270d1427cca0a9d172dbcd8dc262957c8e081c657e1123cc9ad551d65f22ea/update_gio_module_cache-nativesdk: nativesdk-qemuwrapper: not found and at this point I would rather safely disable it for nativesdk in sumo instead of backporting bunch more commits to stable branch (From OE-Core rev: 11487d960e8a10ba9f33cffaa631e941b8874fa6) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: Avoid multilibbing on wordsize.hDaniel Díaz2018-07-301-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Once another header #includes <bits/wordsize.h>, there is a potential recursion going on because the multilib_header_wrapper.h #includes <bits/wordsize.h> again! This should not happen because an __arm__ (32-bits) or an __aarch64__ (64-bits) environment guarantees that we will be getting the correct definition, but when building against a different target (like BPF), recursion is what happens. This can be seen, for instance, when building eBPF programs from the kernel with `clang -target bpf', such as the ones located in linux/tools/testing/selftests/bpf/. (From OE-Core rev: a74c77d6168101e88c3a3bce7130f4f52cfab95d) (From OE-Core rev: 7fe620ed0f9bb0404a1929d9c1c47f432f9a6b37) Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org> Signed-off-by: Aníbal Limón <anibal.limon@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* u-boot: Fix build race conditionJoshua Watt2018-07-302-0/+52
| | | | | | | | | | | | | Backports 2f61b13d6acba787b00598d519c85222e993e4ca (included in the 2018.07 release) which fixes a race condition when building. [YOCTO #12705] (From OE-Core rev: 77586b8e1e50234f34b6c469c41819e36cc8a786) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update 7.60.0 -> 7.61.0Andre McCurdy2018-07-301-2/+2
| | | | | | | | | | | | | | https://curl.haxx.se/changes.html#7_61_0 (From OE-Core rev: b26ca91574a88745910d44777bb17ac0616baf3e) (From OE-Core rev: 99ea485195327fcdd63f682a41a4b340a2fd1dda) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: fix wrong exit status offsetRui Wang2018-07-301-1/+1
| | | | | | | | | | | | | | | | | | | In Linux,8 bits of the return code and 8 bits of the number of the killing signal are mixed into a single value on the exit code, so the exit status offset should be 8. But the autoconf checker can not determine it while cross compiling, and then it is set to the default value 0, which will cause generating the wrong exit code if program exit with an error code. (From OE-Core rev: e2dea46607a24620d6d2c250efc9b2e95bfd5ad8) (From OE-Core rev: befc0dcbbd5d0ccc97ffac1ce24247ac4b001137) Signed-off-by: Rui Wang <rui.wang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: use HTTP instead of FTPRoss Burton2018-07-301-1/+1
| | | | | | | | | | | | | HTTP is in general more reliable so use that in the SRC_URI. (From OE-Core rev: 4f3378e0763a94a5daac7169f498177fc6ef4e75) (From OE-Core rev: 195f7a1d1a40c341ca6c84232194a565e9daa9d6) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: security fix CVE-2018-10963Joe Slater2018-07-302-0/+40
| | | | | | | | | | | | | | Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963. (From OE-Core rev: d19a9b41d3b2dcba3b102a8289b7787b4b131e96) (From OE-Core rev: d1327439b800e21a8116f8e33e4fe9d2b6c17198) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* insane: optimise buildpath searchRoss Burton2018-07-301-2/+2
| | | | | | | | | | | | | | | Instead of decoding every file we open as UTF-8 (with many errors as machine code isn't UTF-8), convert the build path to the UTF-8 byte representation and search for that instead. (From OE-Core rev: ffb52d383bfe413cf31fef13663fe9937a146c76) (From OE-Core rev: e0e366731116e62857fa3bdec9e3897aafcc8137) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>