| Age | Commit message (Collapse) | Author |
|---|
|
The sysctl.conf file for procps is very outdated:
https://git.openembedded.org/openembedded-core/commit/?id=8a9b9a323f4363e27138077e3e3dce8139a36708
(circa 2014)
The origin of this file is hard to determine and due to it's age
is causing a routing issue when both wifi and ethernet are enabled.
This manifested during an update from thud -> warrior due to the
following:
- upstream change in NetworkManager during 1.16 cycle removes the
dynamic setting of rp_filter sysctl when more than one interface
is enabled:
https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=b1082aa9a711deb96652e5b2fcaefcf399d127b8
- open-embedded updated to NetworkManager 1.16 in March 2019:
https://git.openembedded.org/meta-openembedded/commit/meta-networking/recipes-connectivity/networkmanager?id=5509328af9e4fab267251456f4d6e7bd51df779a
- setting in legacy sysctl.conf sets rp_filter to 1 which blocks
packets with different inbound and outbound addresses.
Documentation of rp_filter setting from kernel.org:
rp_filter - INTEGER
0 - No source validation.
1 - Strict mode as defined in RFC3704 Strict Reverse Path
Each incoming packet is tested against the FIB and if the interface
is not the best reverse path the packet check will fail.
By default failed packets are discarded.
2 - Loose mode as defined in RFC3704 Loose Reverse Path
Each incoming packet's source address is also tested against the FIB
and if the source address is not reachable via any interface
the packet check will fail.
This patch updates the sysctl.conf file to current which doesn't set
the rp_filter mode explicity (2 is the default).
NOTE: The kernel/pid_max=10000 setting has been commented out as this
may not be desired by default.
Signed-off-by: Michael Scott <mike@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The third field in the /etc/shadow file (sp_lstchg) contains the date of
the last password change expressed as the number of days since Jan 1,
1970.
Backport the upstream changes to honour SOURCE_DATE_EPOCH for build
reproducibility.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently a development version is being used.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
acpidump is both provided by acpica and pmtools, so use
update-alternatives to fix conflicts:
...
|Error: Transaction check error:
| file /usr/bin/acpidump conflicts between attempted installs of
pmtools-20130209+git0+3ebe0e54c5-r0.i586 and acpica-20190405-r0.i586
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
native clashing
The rmt in cpio-native and tar-native is clashing, since
tar-native has set var-NATIVE_PACKAGE_PATH_SUFFIX, we move rmt
to sbindir, and add suffix NATIVE_PACKAGE_PATH_SUFFIX to sbindir
could avoid the clashing.
And in Ubuntu, rmt is in sbindir
$ which rmt
/usr/sbin/rmt
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Werror spews more warnings with gcc9, like other distros (
debian/fedora) disable Warnings as errors
Fixes
super-intel.c:696:9: error: taking address of packed member of 'struct imsm_super' may result in an unaligned pointer value [-Werror=address-of-packed-member]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
zlib is just a library so there's no point in it being part of a 'full
commandline experience' packagegroup.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed patch has been upstreammed.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop yy_scan_string patch, this only affects builds with flex 2.6.2. We
currently have 2.6.0 and when we upgrade it will be to at least 2.6.3, which
fixes the regression.
Drop manipulate_fds_instead-of-FILE.patch, the original problem was fix upstream
in May 2015[1] so the 20170303 upgrade should have dropped this patch instead of
rebasing.
Call the upstream install target with variables set appropriately, instead of
hand-coding an install.
[1] https://github.com/acpica/acpica/commit/ecb91f4c3a151cbb280ee445166e7c6f4dc441a5
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport a patch from upstream to fix the following error.
"setrlimit03.c:54: FAIL: call succeeded unexpectedly"
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CUPS 2.2.11 is a bug fix release that addresses issues in the scheduler,
IPP Everywhere support, CUPS library, and USB printer support.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License checksum from quota.c was removed since according to the
project, copyrighted code in question has been replaced with own
implementation (see @bcbc0d08e5cd).
Removed patches were upstreamed.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update HOMEPAGE and SRC_URI.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To enable security flash, get the build error. To fix this,
0003-extensions-format-security-fixes-in-libipt_icmp.patch is required.
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
- Feature: don't report UFO on kernels v4.14 and above
- Fix: zero initialize coalesce struct
- Feature: dsa: add pretty dump
- Feature: dsa: mv88e6xxx: add pretty dump
- Feature: dsa: mv88e6xxx: add pretty dump for 88E6185
- Feature: dsa: mv88e6xxx: add pretty dump for 88E6161
- Feature: dsa: mv88e6xxx: add pretty dump for 88E6352
- Feature: dsa: mv88e6xxx: add pretty dump for 88E6390
- Feature: dsa: mv88e6xxx: add pretty dump for others
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
-Upgrade from libtirpc_1.0.3.bb to libtirpc_1.1.4.bb.
-Delete libtirpc/libtirpc-1.0.4-rc1.patch beacuse this patch has been
adopted in the high version.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch tried to address a gcc problem when -Og is used, but it did
cause regressions on normal compiles when using clang e.g. the real
problem is to fix the compiler until then disable the warning in
DEBUG_FLAGS
This reverts commit 630281663893cdcfa9c4323b717b415d87d5510f.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It was discovered that the ghostscript /invalidaccess checks fail under
certain conditions. An attacker could possibly exploit this to bypass
the -dSAFER protection and, for example, execute arbitrary shell commands
via a specially crafted PostScript document.
It was found that the superexec operator was available in the internal
dictionary in ghostscript before 9.27. A specially crafted PostScript
file could use this flaw in order to, for example, have access to the
file system outside of the constrains imposed by -dSAFER.
It was found that the forceput operator could be extracted from the
DefineResource method in ghostscript before 9.27. A specially crafted
PostScript file could use this flaw in order to, for example, have
access to the file system outside of the constrains imposed by -dSAFER.
References:
https://nvd.nist.gov/vuln/detail/CVE-2019-6116
https://www.openwall.com/lists/oss-security/2019/01/23/5
https://nvd.nist.gov/vuln/detail/CVE-2019-3835
https://nvd.nist.gov/vuln/detail/CVE-2019-3838
Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f1309
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=779664d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e8acf6d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2055917
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d683d1e
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ed9fcd9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a82601e
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Now that docbook-xml and docbook-xsl are writing catalog files, tell
xmllint/xsltproc where the catalog is.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libxml-native by default uses a XML catalogue at /etc/xml/catalog, instead of
the one in the sysroot. Until this is fixed (#13260) override the XML catalogue
manually in the recipe to point explicitly at the docbook-xml and docbook-xsl
catalogues.
This fixes either complete build failures (where the host doesn't have
docbook-xml installed) or slow builds (where the host doesn't have docbook-xsl
installed).
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
tzdata is converted to an empty meta package which pulls in all
subpackages. The subpackages are defined in a TZ_PACKAGES variable so
that we don't have to repeat ourselves.
The timezones and conffiles which were in the tzdata package are moved
to a new 'tzdata-core' package.
Signed-off-by: Paul Barker <paul@betafive.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport a patch from upstream to use GNUInstallDirs instead of hand-coded path
logic, so we have proper control over where files end up.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
lzip is pretty niche: people are typically either sticking with that they know
(gzip, bzip) or using xz. Data point: only one recipe in oe-core is shipped as
a .lz file.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's a sort-of-official port of asciidoc to Python 3. Whilst the official
replacement is asciidoctor which is rewritten in Ruby, this is a fairly trivial
swap and removes Python 2 from core-image-sato builds entirely.
Moving forward we should evaluate asciidoctor, but that can wait.
Change the RDEPENDS so that python3 is only a dependency for target and
nativesdk builds, for native this can use the host python3.
Remove redundant DESTDIR export that isn't needed.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The previous SRC_URI seems to be gone, and sysklogd hasn't received
any updates there for a long time.
The new location says:
Origin & References
This is the continuation of the original sysklogd by Martin Schulze.
Now maintained by Joachim Nilsson. Please file bug reports, or send
pull requests for bug fixes and proposed extensions at GitHub.
and generally seems credible: http://troglobit.com/
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
blktool-gnulib-makedev.patch is actually doing the same
thing as 0004-fix-ftbfs-glibc-2.28.patch, so we end up
including the same file twice.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This update adds a patch from Debian to match the latest version there.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The 2019a release of the tz code and data is available. It reflects the following changes, which were either circulated on the tz mailing list or are relatively minor technical or administrative changes:
Briefly:
Palestine "springs forward" on 2019-03-30 instead of 2019-03-23.
Metlakatla "fell back" to rejoin Alaska Time on 2019-01-20 at 02:00.
Changes to past and future timestamps
Palestine will not start DST until 2019-03-30, instead of 2019-03-23 as
previously predicted. Adjust our prediction by guessing that spring
transitions will be between 24 and 30 March, which matches recent practice
since 2016. (Thanks to Even Scharning and Tim Parenti.)
Metlakatla ended its observance of Pacific standard time,
rejoining Alaska Time, on 2019-01-20 at 02:00. (Thanks to Ryan
Stanley and Tim Parenti.)
Changes to past timestamps
Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25).
(Thanks to Alois Treindl and Isaac Starkman.)
Changes to time zone abbreviations
Etc/UCT is now a backward-compatibility link to Etc/UTC, instead
of being a separate zone that generates the abbreviation "UCT",
which nowadays is typically a typo. (Problem reported by Isiah
Meadows.)
Changes to code
zic now has an -r option to limit the time range of output data.
For example, 'zic -r @1000000000' limits the output data to
timestamps starting 1000000000 seconds after the Epoch.
This helps shrink output size and can be useful for applications
not needing the full timestamp history, such as TZDIST truncation;
see Internet RFC 8536 section 5.1. (Inspired by a feature request
from Christopher Wong, helped along by bug reports from Wong and
from Tim Parenti.)
Changes to documentation
Mention Internet RFC 8536 (February 2019), which documents TZif.
tz-link.html now cites tzdata-meta
<https://tzdata-meta.timtimeonline.com/>.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Test case:
* open xfce4-terminal
* run 'echo | less'
* press arrow up/down few times
* exit less with 'q'
=> From now on all mouse(wheel) buttons create strange inputs on terminal
Release note says [1]: "Sometimes the terminal was left in mouse-reporting mode
after exiting less."
http://www.greenwoodsoftware.com/less/index.html
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Convert existing EXTRA_OECONF and DEPENDS to PACKAGECONFIG, fill out
remaining PACKAGECONFIG options. When building without libpsl we pass in
--without-libpsl, which we didn't previously, but all this actually ends
up doing is silencing a warning from the configure script, the code
still uses an internal implemention when using this option.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
when compile with DEBUG_OPTIMIZATION(-Og), compile failed with below
error, fix by add -Wno-error:
[snip]
| Incremental.c: In function 'Incremental_container':
| Incremental.c:1593:3: error: 'mdfd' may be used uninitialized in this function [-Werror=maybe-uninitialized]
| close(mdfd);
| ^~~~~~~~~~~
[snip]
super-intel.c: In function 'apply_takeover_update':
| super-intel.c:9615:15: error: '%d' directive writing between 1 and 11 bytes into a region of size 7 [-Werror=format-overflow=]
| " MISSING_%d", du->index);
| ^~
...
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Install mdmon@.service to make Intel VROC work well.
mdmon@.service called from udev is used to update Intel VROC metadata,
with it the VROC raid is operational to read or write under user space.
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The 0001-useradd-copy-extended-attributes-of-home.patch (oe-core commit:
eed66e85af5ca6bbdd80cc3d5cf8453e8d8880bc) introduced a runtime failure
when enable SELinux.
When enable SELinux, The directory /home/user will get the extended
attributes of /etc/skel. However, the SELinux lable for /etc/skel is
etc_t which is also copied to /home/user. It will cause the user can not
write their home directory because the SELinux lable for /home/user
should be user_home_dir_t.
See discussion: http://lists.openembedded.org/pipermail/openembedded-core/2018-January/146039.html
The solution at the moment is to drop this patch.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
while compiled with -Werror=maybe-uninitialized/-Werror=format-overflow=,
it failed
[snip]
| Incremental.c: In function 'Incremental_container':
| Incremental.c:1593:3: error: 'mdfd' may be used uninitialized in this function [-Werror=maybe-uninitialized]
| close(mdfd);
| ^~~~~~~~~~~
[snip]
super-intel.c: In function 'apply_takeover_update':
| super-intel.c:9615:15: error: '%d' directive writing between 1 and 11 bytes into a region of size 7 [-Werror=format-overflow=]
| " MISSING_%d", du->index);
| ^~
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To allow the kernel-dev image to test systemtap, we add the userspace
and required image configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This packagegroup is intended to provide all of the functionality found
in other VIRTUAL-RUNTIME_base-utils providers through full packages
rather than an all-on-one package. Document how to make use of this
in local.conf.sample.extended. Introduce VIRTUAL-RUNTIME-vim and
default this to vim-tiny to allow for a differently features vim to be
used instead.
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Or alternatively GPL, the same as the top-level Linux-PAM COPYING.
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix the following CVEs by backporting patches from upstream:
- CVE-2019-1000019
- CVE-2019-1000020
- CVE-2018-1000877
- CVE-2018-1000878
- CVE-2018-1000879
- CVE-2018-1000880
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
After eglibc was merged into glibc, Kconfig support was also dropped so
these libc features therefore are not effective anymore and can be
removed
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes:
Error: Transaction check error:
file /usr/share/man/man8/rmt.8 conflicts between attempted installs of
cpio-doc-2.12-r0.core2_64 and tar-doc-1.31-r0.core2_64
Prior to commit 348a96a5b401 [tar: upgrade to 1.31] the copies of
rmt.8 found in the tar(-doc) and cpio(-doc) packages were the same and
thus no conflict was seen. After the upgrade there were small changes
in the manpage header which results in the conflict quoted above. The
applications themselves make use of the 'update-alternatives'
mechanism to allow a user to select which version of 'rmt' to use but
since the man pages are essentially the same we disambiguate the
source of the man pages and make them both available should both
cpio-doc and tar-doc are both installed. And as such we avoid the
conflict.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A revamp of the syscalls/setregid tests made to use a new
library [LTP:7a1b4427] required a conversion to test messages.
This test in particular did not include a formatted string,
but a just a string element:
testcases/kernel/syscalls/setregid/setregid01.c
This patch allows LTP to be built with -Wformat,
-Wformat-security, and -Werror=format-security.
Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Michael Scott
Alex Kiernan
Adrian Bunk
Oleksandr Kravchuk
Hongxu Jia
Chen Qi
Khem Raj
Ross Burton
Alexander Kanavin
He Zhe
Kai Kang
Changhyeok Bae
Zang Ruochen
Ovidiu Panait
Paul Barker
Armin Kuster
Andreas Müller
Changqing Li
Liwei Song
Yi Zhao
Bruce Ashfield
Tom Rini
Douglas Royds
Mark Asselstine
Daniel Díaz