Age | Commit message (Collapse) | Author |
|
It was discovered that the patch for CVE-2014-0191 for libxml2 is
incomplete. It is still possible to have libxml2 incorrectly perform
entity substituton even when the application using libxml2 explicitly
disables the feature. This can allow a remote denial-of-service attack on
systems with libxml2 prior to 2.9.2.
References:
http://www.openwall.com/lists/oss-security/2014/10/17/7
https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. add /bin to PATH of start-statd, otherwise systemctl can not be found.
2. drop error when systemd fails to start statd.service; since if it failed,
rpc.statd will be called directly.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add SRCREV_FORMAT to provide a composite version number
for get_srcrev() in fetch2 code.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
In trying to eliminate AUTOINC+ from revision strings,
we accidently truncated the strings to almost guarantee
information from SRCREV_FORMAT, when supplied, would be
lost. So, we now only delete any AUTOINC+'s from the string.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add mips64 support in the libaio.h
- add macro PADDED/PADDEDptr/PADDEDul in the mips64 for structure iocb
to be matched userland with kernel
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
WARNING: QA Issue: systemd rdepends on libidn, but it isn't a build dependency? [build-deps]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
An issue was found where when yocto is installed to a hard disk
from a live USB key, no matter what boot order was selected in
the BIOS menu, the grub menu of the USB key would always show
up. The issue was narrowed down to the way grub configuration
file gets embedded into the standalone bootx64.efi image.
The commit prepends ($cmdpath) to the search path for grub.cfg,
thus making sure the UEFI environment itself sets this to the
correct device path. This in-turn lets the grub.cfg of the boot
device to be loaded.
Signed-off-by: Arindam Nath <arindam.nath@amd.com>
Reviewed-by: Drew Moseley <drew_moseley@mentor.com>
Tested-by: Ravikiran Polepalli <Ravikiran_Polepalli@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
reflected in licenses.conf.
The previous version could crash on dead links in the rootfs, or if the manifest directory did not
exist. The generated files were also not compliant with the SPDX specification, for example file
entries did not always start with the FileName tag, time stamps were incorrectly formatted etc.
Stability issues are addressed by added checks, originally written by Johan Thelin
<johan.thelin@pelagicore.com>, who never upstreamed them. I've also added an option for getting full
SPDX output from FOSSology, i.e. not only for all files, but for the package as well, including
license references. License refs are required in order to process the output by SPDXTools. For that
reason, this option defaults to true.
Signed-off-by: Tobias Olausson <tobias.olausson@pelagicore.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
${INCOMPATIBLE_LICENSE}
The db 6.0.30's LICENSE is 'AGPL-3.0', and db 5.3.28 LICENSE is
'Sleepycat'
While building rpm image with "AGPL-3.0" in ${INCOMPATIBLE_LICENSE},
db 6.0.30 and db-native 5.3.28 were built, the different versions
caused the rpm doesn't work on target.
...
root@qemux86-64:~# rpm -qa
|rpmdb: BDB2531 Unacceptable log file /var/lib/rpm/./log/log.0000000001:
unsupported log version 21
|rpmdb: BDB2527 Invalid log file: log.0000000001: Invalid argument
|rpmdb: BDB0061 PANIC: Invalid argument
|==> rpmdbe_event_notify(0x623f40, PANIC(0), 0x7fffee0fbc0c) app_private
(nil)
|rpmdb: BDB1546 unable to join the environment
|error: db_init:tmp/work/core2-64-poky-linux/rpm/5.4.14-r0/rpm-5.4.14/
rpmdb/db3.c:1144: dbenv->open(-30973): BDB0087 DB_RUNRECOVERY: Fatal
error, run database recovery
...
[YOCTO #6858]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When building upower from meta-oe, the following QA error occurred:
ERROR: QA Issue: package upower contains bad RPATH
It appears to have been caused by one of the cases fix-final-rpath.patch
is meant to address but missed. So this change fixes the additional case
that was causing upower to have the QA error.
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This fixes the following error when building liburcu:
"Your gcc version produces clobbered frame accesses"
OE-Core is using a patched GCC 4.8.2 which is able to compile liburcu
properly.
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Calling strncpy with NULL second argument, even when the size is 0,
is undefined behavior, which leads to GCC to drop the check old
variable with NULL in following code.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=6743
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The do_rootfs takes a very long time when build host has mounted many NFS
devices. syscall lstat() was being called on every filesystem mounted on the
build host during building.
The reason for the lstat() is that rpm is verifying that enough free disk space
is available to do the install. However, since the install is into the target
rootfs it should not matter how much free space there is in the host mounts.
Add checking for "rpm-ignoresize", by it, smart can make whether RPM skip
checking for diskspace when install a rpm package.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
systemd avoids using nss lookups for the root user, so
naturally it assumes that root's home directory is /root.
In OE that's not the case, and it can lead to long delays when
shutting down due to user shutdown unit failures.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2
allows remote attackers to have an unspecified impact via crafted H.264
data, related to an SPS and slice mismatch and an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0869
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to
cause a denial of service (crash) via vectors related to alternating bit
depths in H.264 data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4358
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When build fs with mtools-3.9.9, has file /usr/bin/lz in rootfs,
it is the symlink to uz:
root@qemu3:~# /usr/bin/lz
-sh: /usr/bin/lz: No such file or directory
$root@qemu3:~# ls -l /usr/bin/lz
lrwxrwxrwx 1 root root 2 Jul 18 18:07 /usr/bin/lz -> uz
root@qemu3:~# uz
-sh: uz: command not found
But the uz isn't actually exist, so the result is that lz is a
broken symlink.
The root cause is that uz hasn't been installed when install-scripts.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
|
|
If build gnupg 1.4.7 after libusb-compat, it shows warning:
WARNING: QA Issue: gnupg rdepends on libusb-compat, but it isn't a build dependency? [build-deps]
Add package config libusb to fix it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3
allows local users to create or overwrite arbitrary files via a symlink
attack on a /var/tmp/rltrace.[PID] file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2524
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
|
|
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x
and possibly other products, allows local users to obtain private RSA
keys via a cache side-channel attack involving the L3 cache, aka
Flush+Reload.
Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in
git://git.gnupg.org/libgcrypt.git
Signed-off-by: Yong Zhang <yong.zhang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
|
|
Commit e9672387 split one long line into a multi-line string, but in
the process white space between words was lost. This results in badly
formatted output when this message is printed.
Signed-off-by: Peter Urbanec <openembedded-devel@urbanec.net>
|
|
For some recipes that inhrient cmake, the ${B} may be removed by
cmake_do_configure() while sstate_hardcode_path() running, this
causes build errors:
Exception: OSError: [Errno 2] No such file or directory: \
'/path/to/build'
The function sstate_hardcode_path() called command:
$SSTATE_SCAN_CMD which extended as "find ${SSTATE_BUILDDIR} ..."
So the proper function dirs could be ${SSTATE_BUILDDIR}.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
"file" command in exported SDK doesn't work:
...
$ file sysroots/
file: could not find any valid magic files!
...
In oe-core commit 68d548cbae729eaea8ce1403dc95ff63c4a7375c,
it added wrapper to file-native. Do the same thing for
nativesdk-file.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Tell systemd just to kill the sshd process when the ssh connection drops
instead of the entire cgroup for sshd, so that any screen sessions (and
more to the point, processes within them) do not get killed.
(This is what the Fedora sshd service file does, and what we're already
doing in the dropbear service file).
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If DISTRO_FEATURES contains "largefile", force the size of off_t to 8 as
a workaround for having ac_cv_sizeof_off_t=4 on 32-bit systems. In
future we will likely drop the value from the site file, but for now
this is a slightly safer fix.
Fixes [YOCTO #6813].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes gcc bug 6144, which in my case exhibited itself as a kernel
module that failed to load. This was because static platform_data
structures were being corrupted with the optimiser being set to any
value other than -O0.
Originally-submitted-by: Peter Urbanec <openembedded-devel@urbanec.net>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Trying to upgrade busybox removing symlinks but update-alternatives
need these links (sed, cut, tail, etc) in order to work.
Adding test to avoid this scripts on upgrade fix the problem, same
solution are found in package_rpm class.
[YOCTO #6768]
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without these changes mesa_git.bb can't be enabled as the
PREFERRED_VERSION due to build breakage.
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
dictionary
shlib2 code puts the information about path where a provider
will be found. e.g.
{'/usr/lib/llvm3.3': ('libllvm3.3-llvm-3.3', '3.3')}
This is obtained from new shlib2 pkgdata from
llvm3.3/3.3-r0/pkgdata/shlibs2/libllvm3.3-llvm-3.3.list
However when we search for NEEDED libraries we ignore the
key above which is the path where the provider library is installed
and instead just seach in libdir and base_libdir and hence
libraries which are not in above standard search paths gets
ignored even if they appear in DT_NEEDED sections
and a note is emitted
NOTE: Couldn't find shared library provider for libLLVM-3.3.so, used by
files: ....
IMO this note should actually become an error since if we do
not have all DT_NEEDED libraries in image the system is dysfunctional.
This patch extracts this libpath from key and add it to seach paths
when looing for a provider of a shared library
[YOCTO #6798]
Change-Id: Ie5f08632e37ba8d3439c8aaae33bc68b8996792f
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed ncurses.do_configure:
configure: WARNING: did not find library /path/to/tmp/sysroots/qemuarm/usr/lib/pkgconfig
And then anyone requires ncurses.pc will fail.
The configure.in checks:
[snip]
if test -n "$PKG_CONFIG_LIBDIR" && test -d "$PKG_CONFIG_LIBDIR" ; then
[snip]
Create PKG_CONFIG_LIBDIR in do_configure will fix the problem.
We can reproduce the problem by:
Set SSTATE_DIR=/path/to/sstate-cache
1) In build1, make sure everything is ready in SSTATE_DIR
$ bitbake ncurses
2) In build2, rebuild ncurses only:
$ bitbake ncurses -ccleansstate && bitbake ncurses
Then we will see the warning in log.do_configure.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The s_sin.c patch undoes some code changes in glibc itself, these changes have nothing to
do with the option groups and I suspect crept in as part of the initial conversion. Undoing
this patch also fixes a test failure in test-double and test-idouble.
[YOCTO #6808]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In a similar way to the previous script which adds support for native
environment scripts, this adds support for target environment scripts
too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
bitbake meta-toolchain
ls tmp/deploy/sdk/poky-glibc-x86_64-meta-toolchain-i586-toolchain-1.7.manifest -al
...
|-rw-rw-r-- 1 root root 0 Oct 10 15:05 tmp/deploy/sdk/poky-glibc-x86_64-
meta-toolchain-i586-toolchain-1.7.manifest
...
The manifest is empty, the reason is target's ipk config path is
d.getVar('IPKGCONF_TARGET') rather than d.getVar('IPKGCONF_Target')
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed when rebuild:
make: *** No rule to make target `/path/to/old//sysroots/qemux86-64/usr/lib/dbus-1.0/include/dbus/dbus-arch-deps.h', needed by `dbus/dbus_old.o'. Stop.
The .d files save the path of the dependencies files which may not exist
when rebuild, we can remove them to make the rebuild work.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed when MACHINE = qemux86-64 and libdir = /usr/lib64:
mv: cannot stat `/path/to/image/usr/lib64/perl-native/perl': No such file or directory
The perl-native files are always installed to /usr/lib on both 32/64
bits targets.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Fixed:
MACHINE = "qemux86-64"
VIRTUAL-RUNTIME_init_manager = " systemd "
DISTRO_FEATURES_append = " systemd"
DISTRO_FEATURES_BACKFILL_CONSIDERED += " sysvinit "
require conf/multilib.conf
MULTILIBS = "multilib:lib32"
DEFAULTTUNE_virtclass-multilib-lib32 = "x86"
$ bitbake avahi avahi-ui
ERROR: QA Issue: avahi-ui: Files/directories were installed but not shipped
/lib
/lib/systemd
/lib/systemd/system
/lib/systemd/system/avahi-daemon.socket
/lib/systemd/system/avahi-dnsconfd.service
/lib/systemd/system/avahi-daemon.service [installed-vs-shipped]
ERROR: The recipe avahi-ui is trying to install files into a sharedarea when those files already exist. Those files and their manifestlocation are:
/path/to/sysroots/qemux86-64/lib/systemd/system/avahi-daemon.socket
Matched in manifest-qemux86-64-avahi.populate_sysroot
/path/to/sysroots/qemux86-64/lib/systemd/system/avahi-dnsconfd.service
Matched in manifest-qemux86-64-avahi.populate_sysroot
/path/to/sysroots/qemux86-64/lib/systemd/system/avahi-daemon.service
Matched in manifest-qemux86-64-avahi.populate_sysroot
Please verify which recipe should provide theabove files.
And remove the duplicated line:
rm ${D}${base_libdir} -rf
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Fixed error when systemd is in DISTRO_FEATURES:
ERROR: The recipe systemd is trying to install files into a sharedarea when those files already exist. Those files and their manifestlocation are:
/path/to/sysroots/qemux86/usr/lib/libnss_myhostname.so.2
Matched in manifest-qemux86-nss-myhostname.populate_sysroot
Please verify which recipe should provide theabove files.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Instead of setting 'Restart=always' in the service file, we should
make the service socket activated, just like what Fedora does.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
The too long line would cause "git send-email" report errors:
patch contains a line longer than 998 characters
Though we can use "--no-validate" to force the send.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
The code:
bb.fatal("foo1")
bb.fatal("foo2")
Would make the second one not work, use bb.error for first one to fix
the problem.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The '-l' option which is valid for GNU make (--> limit by load) has a
different meaning in bjam (--> limit maximum execution time) and will
break very likely the build.
Keep only the the '-l' option when passing PARALLEL_MAKE options to
bjam.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
|
|
systemd expects fsck programs to be located in /sbin and fails for
dosfstools with
| Checking was requested for ..., but /sbin/fsck.vfat cannot be used: No such file or directory
Other fsck programs (e.g. ext4) are located in /sbin already so move
vfat programs into this directory too.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
|
|
libffi is generally present as it's also a build dependency on glib-2.0, but
explicitly declare it for determinism.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|