aboutsummaryrefslogtreecommitdiffstats
path: root/meta
AgeCommit message (Collapse)Author
2017-08-23systemd-machine-units: import last recipe from meta-systemdMartin Jansa
* this recipe is intentionally empty, but useful for BSP layers to provide machine specific systemd services in this MACHINE_ARCH package. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23systemd: add dependency on initscripts-sushell for selinuxJackie Huang
sushell is required by systemd service debug-shell when selinux is enabled. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23initscripts: split sushell into sub packageJackie Huang
* sushell is required by systemd service debug-shell when selinux is enabled, but it doesn't make sense to make systemd depend on initscripts, so split sushell into sub package initscripts-sushell. * The bash dependency has been removed by: ''' 4917e36a77bd6821b45db52caa43939d344d92f6 initscripts: Fix regression for requiring /bin/bash ''' so remove bash from RDEPENDS when selinux is enabled. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23linux-firmware: package ibt-firmwareMaciej Pijanowski
ibt-firmware was not packaged separately and was part of big linux-firmware package. Packaging allows to install it separately, according to requirements. Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23linux-firmware: package iwlfifi-3160-[10-17] firmwareMaciej Pijanowski
Package iwlwifi-3160-[10-17] firmware from iwlwifi-misc to seperate packages, so it is possible to install only required firmare package. Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23valgrind: improvements for run-ptestJackie Huang
* Add statistic summary for run-ptest * Ensure the script can be run anywhere Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23pkgconf: add recipeMaxin B. John
pkgconf is a better replacement for pkg-config. Fedora 26 replaces the system pkg-config implementation with pkgconf because it "provides better support for handling .pc files and a stable library ABI/API for integrating into applications." and is actively maintained, unlike pkg-config. pkgconf aims to offer many improvements over pkg-config such as faster/more efficient dependency resolver which "allows for the user to more conservatively link their binaries -- which may be helpful in some environments, such as when prelink(1) is being used. pkgconf also aims to provide a more complete implementation of pkg-config. The features most likely to benefit the Yocto Project build system are the faster/more efficient dependency resolution and linker flag optimisation. Move pkgconf recipe to oe-core from meta-pkgconf: https://github.com/kergoth/meta-kergoth-wip/tree/master/meta-pkgconf Links: 1. http://pkgconf.org 2. https://fedoraproject.org/wiki/Changes/pkgconf_as_system_pkg-config_implementation 3. https://bugzilla.yoctoproject.org/show_bug.cgi?id=11308 Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23meta: move some text from oe-setup-builddir to conf-notes.txtMing Liu
This allows the end users to be able to override the entire notes showing on the shell console. For instance, Our company uses a external conf-notes.txt, and we run bitbake with some extra variables, looks like: F=xxx D=xxx M=xxx bitbake <target>, so we want to show exactly these texts on the shell console, that's why we need this change. Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23build-appliance-image: include proxy on pip3 installationLeonardo Sandoval
Otherwise, we get timeouts, leading to errors: pip._vendor.requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='pypi.python.org', port=443): Max retries exceeded with url: /pypi/pip/json (Caused by ConnectTimeoutError(<pip._vendor.requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7ff741bb3ef0>, 'Connection to pypi.python.org timed out. (connect timeout=5)')) WARNING: TOPDIR/tmp/work/qemux86-poky-linux/build-appliance-image/15.0.0-r0/temp/run.do_populate_poky_src.185123:1 exit 1 from 'pip3 install --user -I -U -v -r TOPDIR/tmp/work/qemux86-poky-linux/build-appliance-image/15.0.0-r0/rootfs/home/builder/poky/bitbake/toaster-requirements.txt' DEBUG: Python function do_image finished Complete log at [1] [1] http://errors.yoctoproject.org/Errors/Build/43393/ Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23oe/path.py: copyhardlinktree: don't overwrite existing symlinksIoan-Adrian Ratiu
Before GNU tar 1.24, only the archive creation command had the '-h' argument to preserve and follow symlinks. After >= 1.24 via commit 14efeb9f956e38d7be (tar: --dereference consistency) the capability to preserve symlinks was also added to the archive extraction command. -h is default at archive creation but is not default at extraction, meaning that it will replace symlinks with directories even if the original filesystem directory tree and archive contains them. Add -h to the copyhardlinktree extraction step so the build can support symlinks in variables like ${DEPLOY_DIR_IPK/RPM/DEB}. Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23kernel.bbclass: external toolchain fixJuro Bystricky
Refactor get_cc_option so it is simpler and also does not fail when using external toolchain. Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23python2.7: improve reproducibilityJuro Bystricky
The compiled .pyc files contain time stamp corresponding to the compile time. This prevents binary reproducibility. This patch allows to achieve binary reproducibility by overriding the build time stamp by the value exported via SOURCE_DATE_EPOCH. Patch by Bernhard M. Wiedemann, backported from https://github.com/python/cpython/pull/296 [YOCTO#11241] Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23linux-yocto/4.10: CVE & misc fixesBruce Ashfield
Updating the 4.10 SRCREVs to import the following changes: 65370fa249e2 drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() 530ec12a0cb0 ACPICA: Namespace: fix operand cache leak b1098b5bbded char: lp: fix possible integer overflow in lp_setup() 56ee0c7811e5 dccp/tcp: do not inherit mc_list from parent 9f6cbd022bba nfsd: encoders mustn't use unitialized values in error cases 084036ebc243 nfsd: fix undefined behavior in nfsd4_layout_verify 973f780eeaa6 xen-blkback: don't leak stack data via response ring 20c4b5015fea brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() 1dff0f28b490 ipx: call ipxitf_put() in ioctl error path d666a8e60a45 mm: fix new crash in unmapped_area_topdown() 73d059ba1a17 mm: larger stack guard gap, between vmas Which address the following CVEs: CVE-2017-8890 CVE-2017-1000363 CVE-2017-11472 CVE-2017-7346 CVE-2017-1000380 CVE-2017-7541 CVE-2017-10911 Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23kernel-yocto: ensure that only valid BSPs are builtBruce Ashfield
There was a bug in the search routines responsible for locating BSP definitions which returned a valid match if only the ktype matched. This meant that someone looking for "qemux86foo" (which is an invalid definition) would potentially end up building "qemuarm" and be none the wiser (until it didn't boot). With this fix to the tools search routine, and improved return code testing, we will now stop the build and report and error to the user. [YOCTO: #11878] Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23qemu: bump default version to 4.12Bruce Ashfield
Not all the qemu machines carry default kernel specifications. While we could drop these references, we'll bump them to 4.12 to pick up the latest and remove them in future commits. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23libc-headers: update to 4.12Bruce Ashfield
The fall 2017 kernel will have 4.12 as the reference kernel, so we update the libc-headers to match. Build tested against glibc and muslc systems. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23linux-yocto: remove 4.1 recipesBruce Ashfield
We have 4.4 and 4.9 as LTS kernels, the 4.1 variants are no longer needed and are dropped. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23linux-yocto: introduce 4.12 recipesBruce Ashfield
The 4.12 kernel will be the default/reference for the fall 2017 release. These recipes represent the introduction of 4.12.7 + related kernel meta data. Existing functionality has been validated against this new kernel version, and older versions will be removed in separate commits. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23linux-yocto: add usb-net configs by defaultBruce Ashfield
As requested by QA to enable testing of linux-yocto images out of the box, we enable usb-net drivers for the various platforms in all kernel versions. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23linux-yocto/4.1: fix fsl-ls10xx sdhciBruce Ashfield
mmc: sdhci: fix two compile errors | CC drivers/mmc/host/sdhci.o | drivers/mmc/host/sdhci.c: In function 'sdhci_execute_tuning': | drivers/mmc/host/sdhci.c:1990:4: error: implicit | declaration of function 'sdhci_do_reset' | [-Werror=implicit-function-declaration] | sdhci_do_reset(host, SDHCI_RESET_CMD); | ^ | drivers/mmc/host/sdhci.c:2006:7: error: 'struct | mmc_command' has no member named 'busy_timeout' | cmd.busy_timeout = 50; | ^ In function sdhci_execute_tuning, replace sdhci_do_reset with sdhci_reset, replace busy_timeout with cmd_timeout_ms. Commit a629a90ba0 adds eMMC DDR mode support for t2080qds and modified some data structures and function name. Later commit a2080cc280 just backport upstream commit 61e53bd004 without aligning the current source tree thus cause these build errors. Fix them. Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23kernel-yocto: configuration updates: x86 featuresBruce Ashfield
Integrating the following kernel configuration changes: f7fbd4185e5 features/qat: additional configurations, CONFIG_CRYPTO_RSA and CONFIG_CRYPTO_DH 50c62581d283 features/netfilter: additional configurations d67e4ed89556 features/x2apic: add X2APIC feature 7889b28c5300 features/vfio: add VFIO feature dc4ec998757e features/numa: Add NUMA feature c88c18de4ca8 features/mtd: add MTD feature 9035571d32ee features/iommu: add IOMMU feature 6f3b16136f55 features/intel-txt: add intel-txt feature 4936a5f508f0 common-pc-wifi: Enable SDIO for BroadCom BRCMFMAC Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23ghostscript: CVE-2017-9727, -9835, -11714Joe Slater
CVE-2017-9727: make bounds check in gx_ttfReader__Read more robust CVE-2017-9835: bounds check the array allocations methods CVE-2017-11714: prevent trying to reloc a freed object Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23ghostscript: fix several CVEs by adding bounds checkingJoe Slater
CVE-2017-9611 CVE-2017-9612 CVE-2017-9739 CVE-2017-9726 Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23grub2: fix build on gcc where _FORTIFY_SOURCE is definedMartin Jansa
* e.g. with gentoo gcc-7.1 they define _FORTIFY_SOURCE by default with: https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/src/patchsets/gcc/7.1.0/gentoo/10_all_default-fortify-source.patch?view=markup which results in following error while building grub-efi-native: ./config-util.h:1504:48: error: this use of "defined" may not be portable [-Werror=expansion-to-defined] || (defined _FORTIFY_SOURCE && 0 < _FORTIFY_SOURCE \ ^~~~~~~~~~~~~~~ this part comes from gnulib and it's used only for Apple and BSD, so we can ignore it, but we cannot add -Wno-error=expansion-to-defined because this warning was introduced only in gcc-7 and older gcc will fail with: cc1: error: -Werror=expansion-to-defined: no option -Wexpansion-to-defined use #pragma to work around this Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23tiff: Security fixesYi Zhao
Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335 References: https://nvd.nist.gov/vuln/detail/CVE-2017-9147 https://nvd.nist.gov/vuln/detail/CVE-2017-9936 https://nvd.nist.gov/vuln/detail/CVE-2017-10668 https://nvd.nist.gov/vuln/detail/CVE-2017-11335 Patches from: CVE-2017-9147: https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06 CVE-2017-9936: https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a CVE-2017-10688: https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1 CVE-2017-11355: https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23machine-sdk: oldest kernel for x86/x86_64 is 3.2.0 nowRuslan Bilovol
With glibc upgrade to 2.26 release (commit d6a0bc57fa07 "glibc: Upgrade to 2.26 final release") it's not possible to build x86/x86_64 SDK for kernels lower than 3.2.0 (see glibc commit 139ace95756a "Require Linux kernel 3.2 or later on x86 / x86_64.") Thus drop SDK_OLDEST_KERNEL overrides from machine-specific conf files, so default version 3.2.0 from conf/bitbake.conf will be picked up. Signed-off-by: Ruslan Bilovol <rbilovol@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23libcheck: fix file-rdeps QA issueMartin Jansa
* Fixes: ERROR: nativesdk-libcheck-0.10.0-r0 do_package_qa: QA Issue: /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/checkmk contained in package nativesdk-libcheck requires /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/gawk, but no providers found in RDEPENDS_nativesdk-libcheck? [file-rdeps] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23squashfs: fix build with glibc-2.26Martin Jansa
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23apt: Upgrade to 1.2.24Aníbal Limón
Add new patches for enable builds on hosts that has GCC version minor than 5 because doesn't support std::array and std::put_time, those patches could be removed after get rid of Debian8 and Centos7 support. - gcc_4.x_Revert-avoid-changing-the-global-LC_TIME-for-Release.patch - gcc_4.x_Revert-use-de-localed-std-put_time-instead-rolling-o.patch - gcc_4.x_apt-pkg-contrib-strutl.cc-Include-array-header.patch The LIC_FILES_CHKSUM changed because the license file now has style changes in the text remains GPLv2+. The patch Revert-always-run-dpkg-configure-a-at-the-end-of-our was updated because now the precision fields use floating point numbers. Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23dpkg: Upgrade to 1.18.24Aníbal Limón
Patches rebased due to don't apply, no major changes, - 0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch - arch_pm.patch - noman.patch Patches related to move ostable/triplettable insida data/ostable and data/tupletable instead also needs to comply the new format of the tables for arch detection. - 0006-add-musleabi-to-known-target-tripets.patch - add_armeb_triplet_entry.patch And finally a patch to avoid usage --clamp-mtime in tar needs to be modified because the dpkg-deb internal API changed. - 0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23strace: 4.17 -> 4.18Robert Yang
- Updated update-gawk-paths.patch. - Updated Makefile-ptest.patch - Removed 0008-replace-struct-ucontext-with-ucontext_t.patch which is already in the source. - The LIC_FILES_CHKSUM is changed because the years have been updated, the contents are the same. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23e2fsprogs: 1.43.4 -> 1.43.5Robert Yang
Removed the following 2 patches which are already in the source: - 0001-e2fsck-exit-with-exit-status-0-if-no-errors-were-fix.patch - e2fsprogs-1.43-sysmacros.patch Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23tcl: 8.6.6 -> 0.8.7Robert Yang
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23libbsd: 0.8.5 -> 0.8.6Robert Yang
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23git: 2.13.2 -> 2.13.3Robert Yang
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23kernel-module-split: rrecommend kernel-image instead of rdependMartin Hundebøll
Hard depending on the kernel makes it impossible to install kernel modules without getting the kernel image installed too. This is inconvenient in e.g. initramdisks, where the kernel is loaded from outside the initramdisk. Making the kernel modules rrecommend kernel-image-<version> instead of rdepending on it, makes it possible to install kernel modules without the kernel image by setting "kernel-image" in BAD_RECOMMENDATIONS. Signed-off-by: Martin Hundebøll <mnhu@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23connman: Fix for CVE-2017-12865Sona Sarmadi
dnsproxy: Fix crash on malformed DNS response If the response query string is malformed, we might access memory pass the end of "name" variable in parse_response(). [YOCTO #11959] Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23gnupg: 2.1.20 -> 2.1.23Hongxu Jia
1. COPYING.LIB: Rename to COPYING.LGPL3. https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3419a339d9c4e800bf30e9021e05982d8c1021c1 2. Rebase patches: - pkgconfig.patch -> 0001 - use-pkgconfig-instead-of-npth-config.patch -> 0002 - dirmngr-uses-libgpg-error.patch -> 0003 - autogen.sh-fix-find-version-for-beta-checking.patch -> 0004 3. Fix gpg2 not found ... dnf -vy makecache |Cannot download 'http://192.168.7.1:33541': repomd.xml GPG signature verification error: gpgme_engine_check_version() error: Invalid crypto engine. ... The upstream install gpg by default and no gpg2 ... commit a69464b0b6dac88b360a13d3faf19dd7f2a0e02b Author: Werner Koch <wk@gnupg.org> Date: Sat Aug 5 14:39:32 2017 +0200 gpg: Install gpg by default under the name gpg. ... Add --enable-gpg-is-gpg2 to revert it. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-21gdk-pixbuf: fix ptest RDEPENDS for multilib buildWenzong Fan
Don't hardcode the package name, it could be gdk-pixbuf or lib32-gdk-pixbuf. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-19devtool/copy_buildsystem: adds meta-skeleton layer in the eSDK installation.Juan M Cruz Alcaraz
The eSDK installation requires the meta-skeleton layer. The build system might use the meta-skeleton recipes as layout to create custom recipes. An example is the recipetool script that uses the meta-skeleton kernel recipe when creating a custom kernel recipe. [YOCTO #11102] Signed-off-by: Juan M Cruz Alcaraz <juan.m.cruz.alcaraz@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-19initramfs-framework/setup-live: also boot live image if root=/dev/ram0California Sullivan
Our grub and syslinux bootloaders both define root=/dev/ram0 for live images by default. Kernel docs show that root=/dev/ram0 is just a sentinel value for the kernel to mount the initrd as root, which then mounts and switches to the real root. This is exactly what our scripts do, so just check for root=/dev/ram0 as well. See: https://www.kernel.org/doc/html/v4.11/admin-guide/initrd.html#operation This fixes the issue where the new initramfs-framework scripts would not boot live images that use grub or syslinux bootloaders. Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-19openssl10: rename back to openssl and make it the default via PREFERRED_VERSIONAlexander Kanavin
openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip the switch at the start of next development cycle. Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is not compatible with 1.1 should use that in its DEPENDS, as the 1.0 recipe will later be renamed back to openssl10. This does not always work: http://lists.openembedded.org/pipermail/openembedded-core/2017-August/140957.html but for many recipes it does. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-19prelink: Change the behavior to avoid checking USER_CLASSESMark Hatle
The behavior before this change was to check USER_CLASSES and adjust the install script to return either exit 0 (don't do anything) or exit 1 (run on first boot). This enabled a user to include the prelink package without enablign the image-prelink bbclass and get a first boot prelink. Checking USER_CLASSES is not desired, as an image should be able to simply inherit the image-prelink and get the same type of behavior. Modifying the recipe based on the inclusion of a class is a bad idea as it makes this style work more difficult. So we move to a more defined strategy based on exist uses. (That we know of...) If we ae doing a cross install, we want to avoid prelinking. Prelinking during a cross install should be handled by the image-prelink bbclass. If the user desires this to run on the target at first boot they will need to create a custom boot script. [YOCTO #11169] Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-19qemu conf: replace deprecated option with new optionChen Qi
Replace the deprecated '-usbdevice' option with '-device usb-xx' option. This would fix runqemu boot error like below. '-usbdevice' is deprecated, please use '-device usb-...' instead Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-19qemu: backport patches to fix boot failureChen Qi
Backport two patches to fix the following error when booting qemu. Failed to unlock byte 100 Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-19ruby: fix CVE-2017-922{6-9}Joe Slater
CVE-2017-9226 : check too big code point value for single byte CVE-2017-9227 : access to invalid address by reg->dmin value CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class() CVE-2017-9229 : access to invalid address by reg->dmax value Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-18dnf: fix "Unable to detect release version" warningAlexander Kanavin
The release version was actually working correctly; it only makes the warning work properly. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-18cve-check-tool: Fix progress bar patch for curl 7.55Jussi Kukkonen
CURL_FORMAT_OFF_T does not seem to exist anymore, use CURL_FORMAT_CURL_OFF_T instead. This works with old and new curl. Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-18mesa: update to 17.1.6Andreas Müller
Optional installation of khrplatform.h was implemented upstream by a slightly different approach -> 0001-mapi-Only-install-khrplatform.h-with-EGL-or-GLES.patch can be removed. Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-18webkitgtk: Add a recommends on shared-mime-info.Carlos Alberto Lopez Perez
* without this package installed any WebKitGTK+ based browser will fail to correctly open html files (and other files) from disk (file:// URIs). It will open them as plain txt files. Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>