Age | Commit message (Collapse) | Author |
|
Instead, first check if we need to do anything at all during first boot,
and if so, either postpone to first boot via pkg_postinst_ontarget()
when running on host, or run the necessary setup code when running on target.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
rfkill moved locations, update accordingly
refactored avoid_parallel_tests.patch
includes security fix:
CVE-2018-7738 (score: 7.2)
affects: < 2.32-rc1
see changelog for other bugfixes:
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.32/v2.32-ChangeLog
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When gcrypt support is present in PACKAGECONFIG, build fails due to the bug
reported in [1]. Since this is already solved upstream, this commit backports
the corresponding patch.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893602
Signed-off-by: Andrea Galbusera <gizero@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The expected modern behavior for dealing with adding ld.so.conf entries
is to add a file to /etc/ld.so.conf.d/. In order to do this, ld.so.conf
needs to explicitly include that /etc/ld.so.conf.d/*.conf. Make it so.
Cc: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Libssp is only needed on non-glibc/non-musl systems
Add rpcsvc-proto for rpcgen since its not part of glibc
anymore
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
use libnsl2 and rpcsvc-proto packages
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Changes are here
https://git.musl-libc.org/cgit/musl/log/?qt=range&q=618b18c78e33acfe54a4434e91aa57b8e171df89..941bd884cc0221d051840ce6d21650339e711863
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
libssp-nonshared is required on musl since
it does not implement the gcc runtime piece of
libssp, which actually it a gcc optimization to
reach to __stack_chk_fail
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
libssp-nonshared is a minimal gcc runtime piece which is needed
on non-glibc systems which do implement libssp APIs in libc
Use PIE flags to compile libssp_nonshared.a so it works with
security flags on as well
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The old repo is gone.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove upstreamed ptest-paths.patch
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If some other per value option was present than 'skip' or 'nick' then
a KeyError would occur. Ignoring such options matches the behaviour of
the old, Perl-based glib-mkenums.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When building SDK via populate_sdk for qemuarm64 with multilib
enabled, we would have conflict about bits/floatn.h at populate_sdk
time.
file /usr/include/bits/floatn.h conflicts between attempted ins
talls of libc6-dev-2.27-r0.aarch64 and lib32-libc6-dev-2.27-r0.armv7vehf_vfp
Apply oe_multilib_header on this header file to fix the problem.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Changes are here
https://git.musl-libc.org/cgit/musl/log/?qt=range&q=55df09bfccbfe21fc9dd7d8f94550c0ff25ace04..618b18c78e33acfe54a4434e91aa57b8e171df89
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- update dropbear to version 2018.76
- refresh and drop obsolete patches
- add option to use localoptions.h header file
- do not use harden stuff, which leads to QA warning
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Rebase 0001, 0002
2. Fix [already-stripped] QA Issue
Since the following commit add, it strip executables which
are installed by default.
...
commit 087eaf92c621098927f3f98e3652411de48f8b6b
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jan 21 08:01:41 2018 +0100
Import upstream patch 20180120
20180120
+ build-fix in picsmap.c for stdint.h existence.
+ add --disable-stripping option to configure scripts.
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
mingw build was broken by the commit:
"glib-2.0/glib.inc: apply MLPREFIX renaming to all package classes"
When building for mingw, we encounter build errors such as:
mv: cannot stat '<builddir>/<...>/usr/libexec/gio-querymodules': No such file or directory
The mingw file that exists is "gio-querymodules.exe" instead of "gio-qeurymodules".
The fix is to append the names of executables by an OS specific EXEEXT.
[YOCTO #12679]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We have a problem when for example, a glibc 2.27 based system builds some
library like libpopt-native and puts it into sstate then it is reused
on a pre glibc-2.27 system to build something which depends on popt like
rpm-native. This results in an error like:
recipe-sysroot-native/usr/lib/libpopt.so: undefined reference to `glob@GLIBC_2.27'
In the past we've had this problem with new symbols like getrandom and
getentropy, here its with a more complex symbol where there is an old
version and a newer version.
We've looked into various options, basically we cannot link against our
uninative libc/ld.so since we don't have the right headers or compiler
link libraries. The compiler doesn't allow you to switch in a new set
either, even if we did want to ship them. Shipping a complete compiler,
dev headers and libs also isn't an option.
On the other hand if we follow the ld man page, it does say:
"""
The reasons for allowing undefined symbol references in shared libraries
specified at link time are that:
- A shared library specified at link time may not be the same as the one
that is available at load time, so the symbol might actually be
resolvable at load time.
"""
which is exactly this case. By the time the binary runs, it will use
our uninative loader and libc and the symbol will be available.
Therefore we basically have a choice, we get weird intermittent bugs,
we drop uninative entirely, or we pass this option.
If we pass the option, we can drop the other workarounds too.
(From OE-Core rev: 75a62ede393bf6b4972390ef5290d50add19341a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
initramfs-framework is more modular and expandable. This change was
proposed in commit 28fc6ba761ed4a47efa7c43e7f7dff5e2fe72b5e
"core-image-minimal-initramfs: use initramfs-framework by default" but
reverted due to the selftests runqemu.RunqemuTests.test_boot_machine_iso
and runqemu.RunqemuTests.test_boot_deploy_hddimg failing. Since then,
the kinks have been worked out, and missing functionality that had been
missed (non-EFI installation module) has been added.
Since the PACKAGE_INSTALL variable was getting so long with all these
individual modules getting added, I also introduced a new
INITRAMFS_SCRIPTS variable to the core-image-minimal-initramfs recipe.
This variable makes the recipe look much cleaner, and also allows easier
replacement or additions to the scripts.
Fixes [YOCTO #10987].
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This is not a problem right now but if we
were to use -fstack-protector-all this can
cause build errors
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Modern systemtap builds fine for MIPS and aarch64, so don't exclude it from this
packagegroup.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* add it to allow older distributions e.g. Ubuntu 14.04 with gcc 4.8
to build this, otherwise it fails with:
../git/gen-des-tables.c: In function 'write_table_u8':
../git/gen-des-tables.c:307:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (size_t i = 0; i < m; i++)
^
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
flag
Without this change, there will be two sstate index files in
tmp/sstate-control for any machine that contains a dash in the
name.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fedora28[1] has decided to go ahead and use libxcrypt to replace libcrypt from glibc
despite the change not having merged into glibc upstream yet. This breaks the use of
uninative in OE on fedora28 since binaries there are now using new symbols only found
in libxcrypt. libxcrypt is meant to be backwards compatible with libcrypt but not the
reverse.
Since this will impact OE in the next release cycle, this changes nativesdk only
to use this new model and adds libxcrypt to work in that case. This allows us to
build a uninative which is compatible with fedora28 and previous other OSes.
In order to work, recipes will now need to depend on virtual/crypt where they use
libcrypt since its now a separate library and we can't depend on it from glibc to
preseve backwards compatibility since glibc needs to build first. For now, only the
problematic nativesdk recipes have been fixed up. For target use, the default
provider remains glibc for now. Assuming this change is merged into upstream glibc,
we will need to roll this change out for the target but we will do this in the next
release cycle when we can better deal with the resulting bugs.
[1] https://fedoraproject.org/wiki/Changes/Replace_glibc_libcrypt_with_libxcrypt
Original patch from Charles-Antoine Couret <charles-antoine.couret@essensium.com>,
tweaked by RP to add virtual provides, SkipRecipe for libxcrypt and other minor
tweaks.
Signed-off-by: Charles-Antoine Couret <charles-antoine.couret@essensium.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
aarch64 has been supported since GCC 5.1, sparc has been supported
since 4.9, and S390 since 7.1.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Now that we have postinst intercept execution working for SDK generation,
adding MLPREFIX again makes sense in all cases, as the intercepts do require
that it is there.
This reverts commit 4ffb728df4bdf21daef31d89cfa5771eaf0d90f8.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Its use required a script from an external repo which hasn't been updated
in 4 years, the recipe itself is out of date (doesn't install all
intercepts), and there is no oe-selftest or documentation for this.
If anyone still wants this, please do it in a separate layer.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix typo in sulogin-path setting. It should be ${base_sbindir} instead of
just {base_sbindir}.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
With multi kernel support in the installer we can exceed this limit.
Calculate a sane size by checking the size of the original boot
partition minus some objects we know won't be installed, plus some extra
space for users.
In addition, in the common case where only one small kernel is present
to be installed, we actually get a smaller boot partition with less
wasted space.
Also add VIRTUAL-RUNTIME_base-utils to RDEPENDS where these scripts are
used, as they're needed for the du command.
[YOCTO #12583].
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Prevent bison from generating #line comments containing build
host paths references.
[YOCTO #12625]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If ${libdir} is a subdirectory of ${prefix}/lib, e.g. /usr/lib/aarch64-linux, the cleanup logic will delete libc.so.
This bit of code was added in 2012 (git show b744f4cc) to remove /usr/lib/locale, this commit makes it remove that directory recursively and afterwards remove /usr/lib, erroring out if it's non-empty.
Tested with a plain (/usr/lib), a 64-bit (/usr/lib64) and a multiarch (/usr/lib/aarch64-linux) build. I strongly suspect this whole bit of cleanup isn't needed anymore, but my testing is too limited to be certain.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Debian anonscm service in Alioth is shutdown and thus
fetching ncurses sources fails.
https://wiki.debian.org/Alioth
"Alioth is broken, and there is nobody around to fix it. Don't ask the remaining people who give it life support to implement fixes and changes. It is being replaced by a cocktail of ?GitLab (see Salsa), read-only repos and keep-alive mechanisms. See below for more information."
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Here is full list of fixes
https://sourceware.org/git/?p=glibc.git;a=shortlog;h=df3ff4e49d4ee3cbbdaeb0b1cb5dc2344c08be98;hp=23158b08a0908f381459f273a984c6fd328363cb
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Use ext4 filesystem instead of ext3 when using the live image to install
on target. wic defaults to ext4 as well.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This was the default behavior with autotools, but is not with meson.
Otherwise, udev package will pull in the rest of systemd even
that is not desired.
[YOCTO #12618]
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When systemd was upgraded from 234 to 237, the PACKAGECONFIG item
'resolved' is changed to 'resolve', this is because meson_options.txt
uses the word 'resolve' instead of 'resolved'.
However, this causes trouble for users. Backward compatibility is obviously
more important, because we might have bbappend files in other layers
using this PACKAGECONFIG item.
So change the name back to 'resolved'.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
termlib needs to be disabled on some targets e.g. mingw
this change paves the way for doing that. Functionally
it does not change anything for other platforms
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport a fix that is needed for systemd to build with latest glibc
and kernel being old.
see
https://github.com/systemd/systemd/issues/8099
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Upgrade systemd-boot to 237.
As systemd has dropped autotools support, fix configure and compile
failures related to meson.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
Remove the 'fstack-protector' and 'fstack-protector-strong' flags
as a workaround to fix the following error when building for qemux86
and qemuppc with musl.
undefined reference to `__stack_chk_fail_local'
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
Upgrade systemd to 237.
Note that this version has dropped autotools support.
The following patches are rebased:
0004-Use-getenv-when-secure-versions-are-not-available.patch
0005-binfmt-Don-t-install-dependency-links-at-install-tim.patch
0007-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch
0015-Revert-udev-remove-userspace-firmware-loading-suppor.patch
0018-check-for-uchar.h-in-configure.patch
0019-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch
0001-add-fallback-parse_printf_format-implementation.patch
0002-src-basic-missing.h-check-for-missing-strndupa.patch
0007-check-for-missing-canonicalize_file_name.patch
0008-Do-not-enable-nss-tests.patch
0010-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch
0011-nss-mymachines-Build-conditionally-when-HAVE_MYHOSTN.patch
The following backported patches are dropped:
0001-core-evaluate-presets-after-generators-have-run-6526.patch
0001-main-skip-many-initialization-steps-when-running-in-.patch
0001-meson-update-header-file-to-detect-memfd_create.patch
0003-fileio-include-sys-mman.h.patch
The following patch is dropped as autotools support is dropped:
0002-configure.ac-Check-if-memfd_create-is-already-define.patch
The following patches are newly added to fix problems:
0027-remove-nobody-user-group-checking.patch
0028-add-missing-FTW_-macros-for-musl.patch
0030-fix-missing-of-__register_atfork-for-non-glibc-build.patch
0031-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch
Other changes are mostly autotools/meson related.
This new version has dropped ptest support, as there's no easy
way to do this in the framework of meson.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
Exclude x.y.90* pre-release versions in particular.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Ncurses doesn't honour ${libdir} for terminfo, so try more options to remove it.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Other sections of the .inc already use mkdir -p, so use it here as well.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove build host references from additional files.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Replace the occurences of BUILD_REPRODUCIBLE_BINARIES with expanded
values ${BUILD_REPRODUCIBLE_BINARIES} so the variable does not need to be
exported.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|