| Age | Commit message (Collapse) | Author |
|---|
|
We don't need a dependency on this variable changing, and having one
causes locked signature warnings during eSDK installation if you have
INITRAMFS_IMAGE_* set (since TOPDIR will always be different between
the eSDK and the environment in which it was built).
Relates to [YOCTO #12102].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
Fix CVE-2017-13672, CVE-2017-13673, CVE-2017-13711, CVE-2017-14167
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13672
https://nvd.nist.gov/vuln/detail/CVE-2017-13673
https://nvd.nist.gov/vuln/detail/CVE-2017-13711
https://nvd.nist.gov/vuln/detail/CVE-2017-14167
Patches from:
CVE-2017-13672:
https://git.qemu.org/?p=qemu.git;a=commit;h=3d90c6254863693a6b13d918d2b8682e08bbc681
CVE-2017-13673:
https://git.qemu.org/?p=qemu.git;a=commit;h=e65294157d4b69393b3f819c99f4f647452b48e3
CVE-2017-13711:
https://git.qemu.org/?p=qemu.git;a=commit;h=1201d308519f1e915866d7583d5136d03cc1d384
CVE-2017-14167:
https://git.qemu.org/?p=qemu.git;a=commit;h=ed4f86e8b6eff8e600c69adee68c7cd34dd2cccb
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove the following patches since they are unused after qemu update to
2.10:
0001-replace-struct-ucontext-with-ucontext_t-type.patch
CVE-2016-9908.patch
CVE-2016-9912.patch
configure-fix-Darwin-target-detection.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The ptest-runner would segfault with -t option:
root@qemux86-64:~# ptest-runner -d /usr/lib test_pkg -t 5
[ 237.234112] ptest-runner[810]: segfault at 0 ip 000000382e638060 sp
00007fff9130f400 error 4 in libc-2.26.so[382e600000+1a7000]
It is safe to bump SRCREV to latest upstream commit to fix this issue
because there is only one commit since the last update:
commit 8a93832dad621535e90aa8e1fb74ae5ba743fc3e
Author: Anders Wallin <wallinux@gmail.com>
Date: Sun May 28 11:47:00 2017 +0200
timeout option missing the argument option ":" to getopt
ptest-runner -t xx gives segfault
Signed-off-by: Anders Wallin <wallinux@gmail.com>
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove build host references from strace-ptest package.
Also removed some unneeded timestaps.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove build host references from gzip-ptest package.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Building poky-tiny for x86-64 seems fine, but when executing qemu
it complains during boot time about not being able to execute init:
[ 5.409730] Failed to execute /init (error -8)
And then it drops to a login prompt (which it should't do on tiny)
This is supposed to be complaining about init's format, it only happens
on x86-64 architectures so perhaps is a 32/64 bit issue, but since
core-image-tiny-initramfs does not actually provide a traditional init,
the script is simply meant to drop to shell, we can workaround the issue
by specifying the kernel to run the init script via busybox's sh,
dropping to shell correctly on x86-64 leaving x86 unaffected.
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If gdb01 testcase runs as background process, gdb can receive SIGTTOU
and then the case gets stuck. Replace stdin with /dev/null to fix this
issue. The patch is backported from upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13726
https://nvd.nist.gov/vuln/detail/CVE-2017-13727
Patches from:
CVE-2017-13726:
https://github.com/vadz/libtiff/commit/f91ca83a21a6a583050e5a5755ce1441b2bf1d7e
CVE-2017-13727:
https://github.com/vadz/libtiff/commit/b6af137bf9ef852f1a48a50a5afb88f9e9da01cc
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It contains cached metadata for a transient repository that is used
only when creating images on the host, and so is of no use on target
images. Dnf will recreate the cache on target when needed.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The core path variables (TMPDIR, DL_DIR, SSTATE_DIR) don't use tilde expansion
but if the user does then the errors are very mysterious, so check on startup.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
We now require Python 3.4, not 2.7.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Enable carbon copy and blind carbon copy recipients for the performance
report emails.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
"Yocto Project Compatible" [1] is a programme which requires you meet
specific criteria including going through an application process - it is
not sufficient simply to run the script we have created here and have it
produce no warnings/errors. To avoid people being confused by the fact
that this script uses the term "compatible" or variations thereof,
substitute usage of that word with "check" instead. The functionality of
the script is unchanged.
[1] https://www.yoctoproject.org/ecosystem/yocto-project-branding-program
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
CVE-2017-13728, CVE-2017-13731
There is an illegal address access in the function dump_uses() in progs/dump_entry.c
in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_safe_strcat function in
strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
There is an illegal address access in the function _nc_read_entry_source()
in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_save_str function in
alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in
ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an illegal address access in the function postprocess_termcap()
in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13734
https://nvd.nist.gov/vuln/detail/CVE-2017-13732
https://nvd.nist.gov/vuln/detail/CVE-2017-13731
https://nvd.nist.gov/vuln/detail/CVE-2017-13730
https://nvd.nist.gov/vuln/detail/CVE-2017-13729
https://nvd.nist.gov/vuln/detail/CVE-2017-13728
Upstream patch:
https://anonscm.debian.org/cgit/collab-maint/ncurses.git/commit/?id=129aac80802d997b86ab0663836b7fdafb8e3926
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Allow to search header files and libs from native sysroots.
For example, an expanded BUILD_CFLAGS includes:
'-isystem/builddir/to/linux-yocto/recipe-sysroot-native/usr/include'
And an expanded BUILD_LDFLAGS includes:
'-L/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib
-Wl,-rpath-link,/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib
-Wl,-rpath,/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib'
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When selected multiple subimages a similar error could happend:
Variable do_image_cpio[subimages] value changed \
from 'cpio.gz.u-boot cpio.gz' to 'cpio.gz cpio.gz.u-boot'
To avoid this, 'ctypes' should be sorted at 'gen_conversion_cmds'.
This garantee that 'CONVERSION_CMD_xxx' are always written in tha same
order and consequently 'do_image_cpio' have the same hash.
Signed-off-by: Gerson Fernando Budke <nandojve@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It was noticed that do_image_qa is useless when rm_work is enabled as the rootfs
directory is deleted before image_qa is called.
This indicates that image_qa is incorrectly scheduled as it failing should mean
images don't get generated, so move it between do_rootfs and do_image.
Also, add a little bit more documentation to the comments.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- The environment tools target has change to envtools;
- The HOSTCC variable must be used to set CC for cross;
- Drop ARCH variable as it is set on config;
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Different squashfs versions have IMAGE_TYPE with hyphen (eg squashfs-lz4).
Tasks on the other hand have names with underscore (eg do_image_squashfs_lz4).
Signed-off-by: Tomasz Meresiński <tomasz.meresinski@comarch.pl>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The Github-generated tarballs can and do change over time, so point at the
archived tarball website that the maintainer hosts.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
A regression was introduced by me in commit 767335c9:
[ cross-canadian.bbclass: override TARGET_* flags ]
it causes BUILDSDK_C/CXXFLAGS being exported in environment-setup
script built from meta-environment recipe, which is wrong, restore to
TARGET_C/CXXFLAGS.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
By setting systemd-serialgetty to rdepend on systemd, we are making
configuration files have runtime dependency on the main utility that
uses those configuration files. Applied with the same logic, we should
make any package that provides service files under /etc/init.d/ to have
runtime dependency on sysvinit. And this is not right.
So we should remove systemd from RDEPENDS of systemd-serialgetty.
Besides, as we have changed systemd to have systemd-serialgetty in its
RDEPENDS by default, we should avoid circular dependency issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Set NO_RECOMMENDATIONS to "1", build and start a systemd image, and we
could not get serial getty spawned, thus causing the user not able to
login via serial port.
E.g.
MACHINE=qemux86-64 bitbake core-image-minimal
runqemu qemux86-64 nographic
And we cannot login onto the system.
Move util-linux-agetty and systemd-serialgetty (determined by PACKAGECONFIG)
from RRECOMMENDS to RDEPENDS to fix the above problem.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
To help users find the work and log directories (especially within the
eSDK) we create symlinks to these from the source tree. However during
do_buildclean we call "make clean", and some project Makefiles which
delete something like "*/*/lib" which will match files underneath the
oe-workdir symlink and fail. do_buildclean is called from do_clean which
is in turn called by devtool reset by default, and thus devtool reset is
blocked. An example of a recipe where this is visible is the openssl-qat
recipe in meta-intel.
In order to fix this, delete the symlinks at the start of do_buildclean
since we shouldn't need them at that point anyway, and thus make clean
won't be able to trip over them.
Fixes [YOCTO #11036].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
To improve binary reproducibility, only the
relevent part of the Makefile in bzip2-ptest
package that run-ptest needs are copied to
the destination directory.
bzip2-ptest requires Makefile. The original
Makefile contains references to build host.
By copying only the relevent part,
we avoid those references making their way
into the target system
Used Makefile.am as the source to extract
the revelent part instead of Makefile as
it is easier to parse than Makefile.
A redundant command in do_install_ptest()
that repeat the copying of Makefile that
was already copied by Makefile's install-ptest
step is removed because it now interfers with
the creation of the new Makefile by
make's install-ptest.
[YOCTO #11596]
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Having only this utility is useful for tiny initramfs'es which don't
need the whole util-linux package (and neither the busybox binary
which is much bigger than switch_root) to do operations like decrypt
a rootfs & switch to it in the init file.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This avoids the following error when the systemd DISTRO_FEATURE is
enabled, but the systemd PACKAGECONFIG is not:
ERROR: bluez5-5.46-r0 do_package: SYSTEMD_SERVICE_bluez5 value
bluetooth.service does not exist
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Unbreak serial console when driver name contains spaces (PXA serial).
Fix commit ac0e954
"start_getty: Over added SERIAL_CONSOLE cause error in userspace log"
Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
image file
core-image-tiny-initramfs was used to generate a wic image, which was conceptually wrong
since initrafms recipes should only generate the boot artifacts that can later be used
by another recipe to generate an image using the tool of their choice.
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
QEMU version 2.11 will remove the pixman submodule. This means users are
always required to supply pixman from the system if building softmmu
support in QEMU.
Without specifying a pixman configure option QEMU will default to using
the system pixman if it is avaliable. In which case let's remove the
config option as it is no longer supported in recent commits and is not
required in older builds as the configure system defaults are already
using system pixman.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This adds the meta-go-toolchain. It enables the generation of a Go
toolchain allowing for cross compiling for target architecture.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The go build tool creates working directories under
$TMPDIR for all of its processing. Create a directory
under ${WORKDIR} for this and point TMPDIR at it during
compilation, so that systems that have a relatively
small /tmp filesystems can still compile larger Go
packages.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Add patch for go's make script to allow for
build system != host system
* Add dependencies on the appropriate crosssdk recipes,
and use the crosssdk C compiler and linker
* Remove bashism in the wrapper script
* Restrict installation to only the tool binaries
to address some packaging errors
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Switch to using an external linker for nativesdk
go, go-runtime, and go package builds, which works
more reliably when building 32-bit SDKs.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* The _FOR_TARGET variables need to include SDKNATIVEPATH
* Install tools (cmd) only, and for the build host
* Remove unnecessary FILES setting
Corrects some errors when the build host architecture
is different from the SDKMACHINE's.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
Paul Eggleton
Yi Zhao
Juro Bystricky
Alejandro Hernandez
Huang Qiyu
Alexander Kanavin
Ross Burton
Joshua Lock
Ovidiu Panait
Wenzong Fan
Gerson Fernando Budke
Otavio Salvador
Khem Raj
Tomasz Meresiński
Ming Liu
Chen Qi
Ooi Cinly
Ioan-Adrian Ratiu
Peter Kjellerstedt
Andrea Adami
Alistair Francis
Matt Madison