summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* devtool: expand SRC_URI when guessing recipe update modejansa/thudMartin Jansa2021-02-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * I have recipes which use variable inside SRC_URI, e.g.: ROS_BRANCH ?= "branch=release/melodic/swri_nodelet" SRC_URI = "git://github.com/swri-robotics-gbp/marti_common-release;${ROS_BRANCH};protocol=https" and devtool modify works fine, but devtool finish fails with: $ devtool finish --force-patch-refresh swri-nodelet meta-ros/meta-ros1-melodic/ ... Traceback (most recent call last): File "/OE/openembedded-core/scripts/devtool", line 334, in <module> ret = main() File "/OE/openembedded-core/scripts/devtool", line 321, in main ret = args.func(args, config, basepath, workspace) File "/OE/openembedded-core/scripts/lib/devtool/standard.py", line 2082, in finish updated, appendfile, removed = _update_recipe(args.recipename, workspace, rd, args.mode, appendlayerdir, wildcard_version=True, no_remove=False, no_report_remove=removing_original, initial_rev=args.initial_rev, dry_run_outdir=dry_run_outdir, no_overrides=args.no_overrides, force_patch_refresh=args.force_patch_refresh) File "/OE/openembedded-core/scripts/lib/devtool/standard.py", line 1737, in _update_recipe mode = _guess_recipe_update_mode(srctree, rd) File "/OE/openembedded-core/scripts/lib/devtool/standard.py", line 1721, in _guess_recipe_update_mode params = bb.fetch.decodeurl(uri)[5] File "/OE/bitbake/lib/bb/fetch2/__init__.py", line 390, in decodeurl raise MalformedUrl(url, "The URL: '%s' is invalid: parameter %s does not specify a value (missing '=')" % (url, s)) bb.fetch2.MalformedUrl: The URL: 'git://github.com/swri-robotics-gbp/marti_common-release;${ROS_BRANCH};protocol=https' is invalid: parameter ${ROS_BRANCH} does not specify a value (missing '=') let it expand the SRC_URI before trying to decode it. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3535cfdbf3d77f550b804276f957acf859da484f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* Revert "lib/oe/patch: fix handling of patches with no header"Martin Jansa2021-02-041-6/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * This reverts commit d9971f5dc8eb7de551fd6f5e058fd24770ef5d78. * With the missing Subject line fixed in GitApplyTree.prepareCommit() we should be able to revert, the fix which was trying to help it by parsing GitApplyTree.patch_line_prefix ("%% original patch:") also from Subject line, now GitApplyTree.patch_line_prefix should always end on separate line which is then skipped when copying the lines to resulting patch, see original commit message from Paul: lib/oe/patch: fix handling of patches with no header If a patch applied by a recipe has no header and we turn the recipe's source into a git tree (when PATCHTOOL = "git" or when using devtool extract / modify / upgrade), the commit message ends up consisting only of the original filename marker ("%% original patch: filename.patch"). When we come to do turn the commits back into a set of patches in extractPatches(), this first line ends up in the "Subject: " part of the file, but we were ignoring it because the line didn't start with the marker text. The end result was we weren't able to get the original patch name. Strip off any "Subject [PATCH x/y]" part before looking for the marker text to fix. This caused "devtool modify openssl" followed by "devtool update-recipe openssl" (without any changes in-between) to remove version-script.patch because that patch has no header and we weren't able to determine the original filename. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* lib/oe/patch: GitApplyTree: save 1 echo in commit-msg hookMartin Jansa2021-02-041-2/+1
| | | | | | | | | | | | | | * also remove the extra blank lines which is often added to patches when refreshed with devtool (GitApplyTree.patch_line_prefix lines are ignored when refreshing .patch files, but newly added blank lines aren't - the leading blank line wasneeded for patches with just the subject line (to prevent the GitApplyTree.patch_line_prefix line ending appended to the commit summary), but we can add it in prepareCommit instead Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* lib/oe/patch: prevent applying patches without any subjectMartin Jansa2021-02-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * this was discovered with $ devtool finish --force-patch-refresh where it was removing some patches and replacing them with patch in filename called "patch:" e.g. this .patch file: https://github.com/OSSystems/meta-browser/blob/311067d2d8a50cee5c836892606444f63f2bb3ab/dynamic-layers/rust-layer/recipes-browser/firefox/firefox/fixes/fix-camera-permission-dialg-doesnot-close.patch confuses devtool which results to create new .patch file called "patch:" $ devtool finish --force-patch-refresh firefox meta-browser NOTE: Starting bitbake server... WARNING: Host distribution "ubuntu-20.04" has not been validated with this version of the build system; you may possibly experience unexpected failures. It is recommended that you use a tested distribution. Loading cache: 100% |###################################################################################################################################################################################################################################| Time: 0:00:00 Loaded 2480 entries from dependency cache. Parsing recipes: 100% |#################################################################################################################################################################################################################################| Time: 0:00:00 Parsing of 1718 .bb files complete (1717 cached, 1 parsed). 2480 targets, 68 skipped, 0 masked, 0 errors. Summary: There was 1 WARNING message shown. INFO: Updating patch 0001-Bug-1554949-Fix-WebRTC-build-failure-with-newer-linu.patch ... INFO: Updating patch pre-generated-old-configure.patch INFO: Adding new patch patch: INFO: Updating recipe firefox_68.0esr.bb INFO: Removing file /OE/build/test-oe-build-time/poky/meta-browser/dynamic-layers/rust-layer/recipes-browser/firefox/firefox/fixes/fix-camera-permission-dialg-doesnot-close.patch INFO: Cleaning sysroot for recipe firefox... INFO: Leaving source tree /OE/build/test-oe-build-time/poky/build/workspace/sources/firefox as-is; if you no longer need it then please delete it manually this looked like incorrect parsing of the git format-patch files exported from workspace/sources (the git format-patch version of fix-camera-permission-dialg-doesnot-close.patch starts like this: $ head 0008-original-patch-fix-camera-permission-dialg-doesnot-c.patch From 37dfa11961b48024bedcfb9336f49107c9535638 Mon Sep 17 00:00:00 2001 From: Takuro Ashie <ashie@clear-code.com> Date: Mon, 20 Aug 2018 10:16:20 +0900 Subject: [PATCH 08/34] %% original patch: fix-camera-permission-dialg-doesnot-close.patch so first I've modified GitApplyTree.extractPatches() to be able to parse the original patch name correctly even in this case where subject is wrapped, but then it still wasn't right, because we ended with correctly named .patch file, but all we could use for Subject line was the name of the original .patch file (instead of the Subject from metadata commit which introduced this .patch files as some other .patch files get when refreshed with devtool. In the end the issue happens even sooner in GitApplyTree.prepareCommit() where it correctly found the Subject from metadata commit, but then didn't apply it when there weren't any other outlines from patch headers. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* buildhistory: show time spent writting buildhistoryMartin Jansa2020-09-161-0/+4
| | | | | | | | * especially when pushing longer history to slow remote git server or when it timeouts during the push, it's useful to see where the time was actually spent Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* icecc.bbclass: stop causing everything to be effectivelly MACHINE_ARCHMartin Jansa2020-09-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * since this change: commit d2fcaeb153fdc3f8d7143ea823139f1537055ff1 Author: Douglas Royds <douglas.royds@taitradio.com> Date: Thu Dec 20 11:59:47 2018 +1300 icecc: Don't generate recipe-sysroot symlinks at recipe-parsing time the set_icecc_env function depends on KERNEL_CC variable even for recipes like linux-libc-headers * KERNEL_CC variable depends on STAGING_KERNEL_DIR: Variable KERNEL_CC value is ${CCACHE}${HOST_PREFIX}gcc ${HOST_CC_KERNEL_ARCH} -fuse-ld=bfd ${DEBUG_PREFIX_MAP} -fdebug-prefix-map=${STAGING_KERNEL_DIR}=${KERNEL_SRC_PATH} List of dependencies for variable KERNEL_CC is {'STAGING_KERNEL_DIR', 'HOST_PREFIX', 'DEBUG_PREFIX_MAP', 'HOST_CC_KERNEL_ARCH', 'KERNEL_SRC_PATH'} which depends on MACHINE: Variable STAGING_KERNEL_DIR value is ${TMPDIR}/work-shared/${MACHINE}/kernel-source List of dependencies for variable STAGING_KERNEL_DIR is {'MACHINE'} * as detected with: openembedded-core/scripts/sstate-diff-machines.sh --tmpdir=tmp-glibc --machines="qemux86 qemux86copy qemuarm" --targets=glibc --analyze ERROR: linux-libc-headers different signature for task do_configure.sigdata between qemux86 and qemux86copy NOTE: Starting bitbake server... basehash changed from 3146f4ffeb002bd69fed7656a4b896365b2e2a00071c69e1afbb672889e754ee to f1a5160e39912e61389b6f9fe68d61146a2be91716ac37e4a32ecf4c09b2b5fa Variable MACHINE value changed from 'qemux86' to 'qemux86copy' $ bitbake-diffsigs /OE/build/oe-core/tmp-glibc/sstate-diff/1556122458/qemux86*/*/linux-libc-headers/*do_configure.sigdata* NOTE: Starting bitbake server... basehash changed from f1a5160e39912e61389b6f9fe68d61146a2be91716ac37e4a32ecf4c09b2b5fa to 3146f4ffeb002bd69fed7656a4b896365b2e2a00071c69e1afbb672889e754ee Variable MACHINE value changed from 'qemux86copy' to 'qemux86' Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* qemux86: Add identical qemux86copy variant for testsMartin Jansa2020-09-161-0/+3
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* metadata-revs: provide more informationTrevor Woerner2020-09-162-1/+22
| | | | | | | | | Provide many more details concerning the repositories that are used in a particular build: the remote information, the layer, the local branch, the remote branch the local branch tracks (if any), and the HEAD commit. Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* buildhistory.bbclass: metadata-revs show repo parentTrevor Woerner2020-09-161-1/+1
| | | | | | | | | | Currently my build shows two "meta" repositories: one from meta-poky and one from openembedded-core. Have the code which prints the repositories into metadata-revs show the parent directories when repositories with multiple sub-layers are used. Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* report-error: Allow to upload reports automaticallyMartin Jansa2020-09-162-3/+128
| | | | | | | * useful when distro wants to collect build statistics from all users/developers without any manual interaction from them Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* qemu: Replace stime() API with clock_settimeKhem Raj2020-09-092-0/+63
| | | | | | | (From OE-Core rev: 2cca75155baec8358939e2aae822e256bed4cfe0) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Adding back wrapper and using OEPYTHON3HOME variable for python3Jaewon Lee2020-09-092-1/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adding back the python wrapper and adding a patch to use OEPYTHON3HOME instead of PYTHONHOME if set, for python3. If we add back the wrapper as is, we would see the following error that we also see in Thud: ImportError: No module named site OpenEmbedded requires 'python' to be python v2 (>= 2.7.3), not python v3. Please upgrade your python v2 This is because python3 would've set PYTHONHOME to use nativesdk python3 libraries but when the oe-buildenv-internal script tries to call python2 for the py_v27_check, there will be no python2 libraries in the PYTHONHOME directory. In other words, bitbake needs host python2 and the env variable set from the wrapper contaminates the env and host python2 won't be able to find its libraries Creating another variable OEPYTHON3HOME and using this in the python3 wrapper to allow for a way to set a different paths for python3 and python2 [YOCTO #13208] (From OE-Core rev: 75d2a85e24ef9a2bf0e218521944523f0ff281e0) Signed-off-by: Jaewon Lee <jaewon.lee@xilinx.com> Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iso-codes: switch upstream branch master -> mainHongxu Jia2020-09-081-1/+1
| | | | | | | | | (From OE-Core rev: a6e098e2e5932781b9c1012825bc86bc08382931) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6e16ef0c2e0ec2bbb862231cd84e7650bd5789af) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
* cve-update: handle baseMetricV2 as optionalKonrad Weihmann2020-09-081-4/+9
| | | | | | | | | | | Currently in NVD DB an item popped up, which hasn't set baseMetricV2. Let the parser handle it as an optional item. In case use baseMetricV2 before baseMetricV3 (From OE-Core rev: 77f119baf6f4b85194a9b26d8442ddc7fb3bb97c) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest/signing: Ensure build path relocation is safeRichard Purdie2020-09-081-1/+3
| | | | | | | | | Similarly to 04ee0e8b95cd8ed890374e0007f976684206b630, ensure only full build paths are replaced in the environment to avoid breaking buildtools. (From OE-Core rev: be07d93a4f59d4563f2d064be1997b39f05e9f0e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* maintainers: Add entry for buildtools-extended-tarballRichard Purdie2020-09-081-0/+1
| | | | | | | | | | | (From OE-Core rev: 4281342a04078990bb0a110760ff2dc053eccc93) (From OE-Core rev: 665ef4274e0261bb8351c8d4fd2c8496a2dc27e7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 61d4d3d5a9f27e0fbf1d7ed6db818a779643b8f3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-testtools: Avoid traceback2 module requirementRichard Purdie2020-09-082-0/+25
| | | | | | | | | | | | | | | | | | traceback2 adds traceback for python2. Rather than depend on traceback2, we're python3 only so just use traceback. This caused breakage in oe-selftest -j which uses testtools on the autobuilder using buildtools-tarball. [YOCTO #13652] (From OE-Core rev: ee80a06c107375e3cf0d246ea17c09dda4536dab) (From OE-Core rev: ee82e3c24fe5727ce81e972cadedca431d6086c5) (From OE-Core rev: be4470c9590183b388d9ff176331d0c50984dec8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* attr: Disable parallel make installRichard Purdie2020-09-081-0/+3
| | | | | | | | | | | | do_install fails on newer versions of make with interesting and hard to debug errors. Disablle parallle make install as a workaround. Later verisons of attr in newer releases don't have the issue. (From OE-Core rev: 6043b9a2ea879f8960897b11eb947801508a94da) (From OE-Core rev: f06861bbe402fff3f370687585e43c0270609d00) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Upgrade to 2.9Khem Raj2020-09-081-5/+5
| | | | | | | | | | | This supports glibc upto 2.32 which is now rolling into distributions (From OE-Core rev: 622371678ddb013fc456eaf75def26fc4e142d15) (From OE-Core rev: 4543eeacd65eebe74ff3a44182915a732ba26e47) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: add nativesdk-libxcrypt-devJeremy Puhlman2020-09-081-0/+1
| | | | | | | | | | | | | | | | | virtual/crypt-native is assume provided in bitbake.conf, so buildtools-extended-tarball shoud provide crypt since it doesn't use the host's headers/libraries. [YOCTO #13714] (From OE-Core rev: da948b25d5ef452fb35275d108e18d2a2829f4fb) (From OE-Core rev: bc42406d83310398bc4d4db4244252411eff117d) (From OE-Core rev: 6f6d7278358b042aca3e911aefd0d6128480f32d) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: Update nativesdk locale relocation patchRichard Purdie2020-09-081-0/+33
| | | | | | | | | | | | | | The locale binary reported incorrect locale lists in relocated toolchains as some path references were not relocated by this patch. Fix this missing relocations so the locale binary correctly reports the locales. (From OE-Core rev: f7a6a72880009380ae81bc7fc863921a26811c8c) (From OE-Core rev: e4c4337e642f565e9988a4a2c50a995090d1f49e) (From OE-Core rev: c9e8b7a40b2628331c7cb564aa3f3d9e1822fe36) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: add nativesdk-pythonJeremy Puhlman2020-09-081-0/+1
| | | | | | | | | (From OE-Core rev: 6467eb4461f3cab16cab2ba63154c92fc2adacef) (From OE-Core rev: 848c61a07f691638fa529bbe0f0ff1dfded4a967) Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: export OPENSSL_CONF in environment setupSteve Sakoman2020-09-081-0/+1
| | | | | | | | | | | | | | | The autobuilder has been experiencing SSL: CERTIFICATE_VERIFY_FAILED errors during error report uploads when using buildtools due to looking for certs in /opt/poky (From OE-Core rev: 197f1d5d14b8e57295f5a81c03c86abba5328614) (From OE-Core rev: 35c6ab2501672083cf8b974d8b9c3daa3202de36) (From OE-Core rev: 0cb479a5e99289b75e89b2ed5058f33605f15936) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: export OPENSSL_CONF for opensslLiwei Song2020-09-081-0/+1
| | | | | | | | | | | | | export OPENSSL_CONF to aviod SDK openssl can not find openssl.cnf. (From OE-Core rev: 0aaf3dd17dcde959e9c0d62543cb91c9b33551b4) (From OE-Core rev: 63d8569b2c9f66e8123e2672a7f8fb8e7cc1f0b4) (From OE-Core rev: e733a5f3b0e3c3b8a830db5ae99b3fc6b7e56921) Signed-off-by: Liwei Song <liwei.song@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: Add libstc++.aJeremy Puhlman2020-09-081-0/+1
| | | | | | | | | | | | | | | | Builds like native-openjdk, really wants a to link some tools against the static version. Since when using the extended tarball, its the only place to get it, add the library. (From OE-Core rev: 59c4a3fdbbfd5a6aaba7e0a1675dcd5866a7f3a4) (From OE-Core rev: 152709dec03bbac582ca63b65f2efb835e0b33fb) (From OE-Core rev: 5e3664e5f9a0dde07b0f8a56cdce1321456abaa5) Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nativesdk-buildtools-perl-dummy: add dependencies for autoconf and automakeTim Orling2020-09-081-0/+3
| | | | | | | | | | | | | | * For buildtools-extended-tarball, where we are adding all of build-essentials to the nativesdk, we need additional perl modules for autoconf and automake. (From OE-Core rev: f0f766160663407ea7683d31bbf5f011accc9ba2) (From OE-Core rev: e7ade58a7da52ebb40120020dd86dd3ae9b2148e) (From OE-Core rev: ed9d60fb5d471b4ec472088cc9307fd8575b187a) Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: Add locale commandRichard Purdie2020-09-081-0/+1
| | | | | | | | | | | | | The eSDK installation code checks installed locales with the locale command which is from glibc-utils. Add this so that we find the correct locales from the buildtools. (From OE-Core rev: 7d35e4bc6ff94a2d03c48827d7d60a6855c9029d) (From OE-Core rev: d99b6432decec0964ac0e08698abc782c9b114f5) (From OE-Core rev: 3562a6848aa3e866ad8e2d3caed3211971817234) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Install non-alternatives links for nativesdkRichard Purdie2020-09-081-0/+3
| | | | | | | | | | | | | In the SDK we need the plain symlinks and don't use alternative providers. When these are missing the toolchain can work incorrectly so fix this. (From OE-Core rev: 0c06cfaa016d06cc56d80dc1c244a938f3d38a3c) (From OE-Core rev: 0d299c5dc04407d2d54574157f4014f50f2d0468) (From OE-Core rev: aa37b5fe0620122e47f36165f5c7a07d3328dba3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: Add an ld.so.conf for nativesdk-binutilsRichard Purdie2020-09-081-0/+4
| | | | | | | | | | | | | We need to search our own libdirs, then fall back to the system ones as our customised dynamic loader will. Have ld.so.conf reflect that. This ensures that binutils finds libraries here when linking too. (From OE-Core rev: ab729c362684474a8346e5256d636200826feb47) (From OE-Core rev: 8de0aee6befc0541fa40563f63dfe1cc36f064fe) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: add recipe with build-essentialsTim Orling2020-09-081-0/+32
| | | | | | | | | | | | | | | | | | | | | * For some aging distros, such as CentOS 7, the native version of gcc is simply too ancient and is a constant source of headaches for moving forward. * Add an extended version of buildtools-tarball which adds all of build-essential, so that the host is now modernized and capable of compiling the latest versions of components. Fixes [YOCTO #13714] (From OE-Core rev: f0377af2325613b63716b0bb4db1ab253d79f388) (From OE-Core rev: bb4979f0e8367b475cc9a5274933a61bb0eb64b3) (From OE-Core rev: f492e172e133a4b52dbe818d806cab783204e575) Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix relocation of ld.so.conf in nativesdk buildsRichard Purdie2020-09-082-0/+82
| | | | | | | | | | | | | | | | | | | | | We need binutils to look at our ld.so.conf file within the SDK to ensure we search the SDK's libdirs as well as those from the host system. There add a patch which passes in the directory to the code using a define, then add it to a section we relocate in a similar way to the way we relocate the gcc internal paths. This ensures that ld works correctly in our buildtools tarball. Standard sysroot relocation doesn't work since we're not in a sysroot, we want to use both the host system and SDK libs. (From OE-Core rev: f6c1089642934ad93056ef19a0888965486ee030) (From OE-Core rev: 09a2b16ac2bd1e3e415131e46315c851373aa7e0) (From OE-Core rev: d0b7811b0e8654cf83d1b0f8256c7941fc3d9c41) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* runqemu: add lockfile for port used when slirp enabledChangqing Li2020-09-081-37/+91
| | | | | | | | | | | | | | There is race condition when multi qemu starting with slirp, add lockfile for each port to avoid problem like: runqemu - ERROR - Failed to run qemu: qemu-system-x86_64: Could not set up host forwarding rule 'tcp::2323-:23' [YOCTO #13364] (From OE-Core rev: ceb3555a40ba06e58914465376aaf41392c12a7c) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* files/toolchain-shar-extract.sh: Rework PATH cleaningRichard Purdie2020-09-081-8/+3
| | | | | | | | | | | Trying to create a clean PATH breaks cases where we install a buildtools tarball on hosts to provide newer versions of gcc. Rework the fix for #8698 to clean up directories in PATH which don't exist isntead. Do it with python as the shell version was too fraught with corner cases. (From OE-Core rev: 7674b63819aa7ca95ca5ca5477a5cce32e9691eb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_ext: Fix to use python3, not pythonRichard Purdie2020-09-081-1/+1
| | | | | | | | | We should be using python3 here, it was missed in the conversion. Spotted on autobuilder tests failing on systems with python missing. (From OE-Core rev: db07b09196022078346aadd565760240b7da6a71) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_ext: We now require python3, not pythonRichard Purdie2020-09-081-2/+2
| | | | | | | | | | We no longer expect a "python" binary in PATH so update the eSDK's expectations to match. This was the only failure on autobuilder test systems with python missing. (From OE-Core rev: 946ce21b10dcad506edcaadb4e4242c049e4c316) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/testsdk: Use original PATHRichard Purdie2020-09-081-5/+2
| | | | | | | | | | | | | | We want to test the SDK with PATH from the original host, not with our own tools injected via HOSTTOOLS. It even uses some tools which aren't in HOSTTOOLS. This is necessary after changing the SDK to not reset PATH to the system default which is bad for other reasons and brings the testing into sync with that change. (From OE-Core rev: 87c9602fd0dedc7bcf75b822aaf5f6ebfc17737c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest: Ensure buildtools in environment variables isn't replacedRichard Purdie2020-09-081-1/+1
| | | | | | | | | | | This avoids the seeing broken replacements like: oe-selftest-centos/build/build-st-926tools/sysroots/x86_64-pokysdk-linux/etc/ssl/certs/ca-certificates.crt which understandably break builds. (From OE-Core rev: 04ee0e8b95cd8ed890374e0007f976684206b630) (Cherry-picked from f930e2cadb9ee69759720b6c49aeeb6dd43a7edd but adjusted for thud) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative.inc: version 2.8 updates glibc to 2.31Michael Halstead2020-09-081-5/+5
| | | | | | | | Allow sstate use in Tumbleweed and other distros as they update glibc. (From OE-Core rev: ccb374c279b260b1fd3460f6bfd1567240816055) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* utils: fix gcc 10 version detectionCharles-Antoine Couret2020-09-081-1/+1
| | | | | | | | | | | | | | Utils can not detect GCC 10 correctly due to wrong regex. It generates this error "ERROR: Can't get compiler version from gcc --version output" Sub-version numbers should be 1 or more digits instead of 1 only. (From OE-Core rev: 1d6f50a5e58f46f8af6e83c4e288d93a717187ea) Signed-off-by: Charles-Antoine Couret <charles-antoine.couret@mind.be> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 186fe4a3d390a52b87282c3e694ce3251e45ee78) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
* linux-yocto/4.14: update to 4.14.154stable/thud-nextArmin Kuster2019-12-103-16/+16
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* glibc: finish incomplete fix for CVE-2016-10739Ross Burton2019-12-101-3/+907
| | | | | | | Somehow the patch for this CVE only included one of the four required patches. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-check: fetch CVE data once at a time instead of in a single callRoss Burton2019-12-101-10/+10
| | | | | | | | | | | | | | | | | | This code used to construct a single SQL statement that fetched the NVD data for every CVE requested. For recipes such as the kernel where there are over 2000 CVEs to report this can hit the variable count limit and the query fails with "sqlite3.OperationalError: too many SQL variables". The default limit is 999 variables, but some distributions such as Debian set the default to 250000. As the NVD table has an index on the ID column, whilst requesting the data CVE-by-CVE is five times slower when working with 2000 CVEs the absolute time different is insignificant: 0.05s verses 0.01s on my machine. (From OE-Core rev: 53d0cc1e9b7190fa66d7ff1c59518f91b0128d99) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-check: neaten get_cve_infoRoss Burton2019-12-101-13/+5
| | | | | | | | | | Remove obsolete Python 2 code, and use convenience methods for neatness. (From OE-Core rev: f19253cc9e70c974a8e21a142086c13d7cde04ff) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-check: rewrite look to fix false negativesRoss Burton2019-12-101-29/+34
| | | | | | | | | | | | | | | | A previous optimisation was premature and resulted in false-negatives in the report. Rewrite the checking algorithm to first get the list of potential CVEs by vendor:product, then iterate through every matching CPE for that CVE to determine if the bounds match or not. By doing this in two stages we can know if we've checked every CPE, instead of accidentally breaking out of the scan too early. (From OE-Core rev: d61aff9e22704ad69df1f7ab0f8784f4e7cc0c69) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-update-db-native: clean up proxy handlingRoss Burton2019-12-101-26/+5
| | | | | | | | | | | urllib handles adding proxy handlers if the proxies are set in the environment, so call bb.utils.export_proxies() to do that and remove the manual setup. (From OE-Core rev: 6b73004668b3b71c9c38814b79fbb58c893ed434) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-update-db-native: add an index on the CVE ID columnRoss Burton2019-12-101-0/+3
| | | | | | | | | | | Create an index on the PRODUCTS table which contains a row for each CPE, drastically increasing the performance of lookups for a specific CVE. (From OE-Core rev: b4048b05b3a00d85c40d09961f846eadcebd812e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-update-db-native: don't hardcode the database nameRoss Burton2019-12-101-2/+2
| | | | | | | | | | | Don't hardcode the database filename, there's a variable for this in cve-check.bbclass. (From OE-Core rev: 0d188a9dc4ae64c64cd661e9d9c3841e86f226ab) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-update-db-native: don't refresh more than once an hourRoss Burton2019-12-101-1/+9
| | | | | | | | | | | | We already fetch the yearly CVE metadata and check that for updates before downloading the full data, but we can speed up CVE checking further by only checking the CVE metadata once an hour. (From OE-Core rev: 50d898fd360c58fe85460517d965f62b7654771a) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-check: we don't actually need to unpack to checkRoss Burton2019-12-101-2/+1
| | | | | | | | | | | The patch scanner works with patch files in the layer, not in the workdir, so it doesn't need to unpack. (From OE-Core rev: 2cba6ada970deb5156e1ba0182f4f372851e3c17) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-check: failure to parse versions should be more visibleRoss Burton2019-12-101-2/+2
| | | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>