Age | Commit message (Collapse) | Author |
|
SDPX generation involves looking through BB_TASKDEPDATA for
dependencies, then linking to the generated documents for those
dependencies. These document links use a checksum to validate the
document, which means that if a upstream document changes, all
downstream documents must be regenerated to get the new checksum,
otherwise the compendium of documents produced by the build will have
broken links; therefore all dependent task should be included in the
signature (even from "ABI safe" recipes).
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 5fe543b9ceec971cf0297ff0ae3b0ccc4703cece)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Minor upgrade which includes fix for CVE-2022-29187.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
go.git$ git log --oneline go1.17.10..go1.17.12
1ed3c127da (tag: go1.17.12) [release-branch.go1.17] go1.17.12
cd54600b86 [release-branch.go1.17] encoding/gob: add a depth limit for ignored fields
76f8b7304d [release-branch.go1.17] path/filepath: fix stack exhaustion in Glob
8c1d8c8362 [release-branch.go1.17] io/fs: fix stack exhaustion in Glob
0117dee7dc [release-branch.go1.17] compress/gzip: fix stack exhaustion bug in Reader.Read
ba8788ebce [release-branch.go1.17] go/parser: limit recursion depth
2678d0c957 [release-branch.go1.17] encoding/xml: limit depth of nesting in unmarshal
58facfbe7d [release-branch.go1.17] encoding/xml: use iterative Skip, rather than recursive
ed2f33e1a7 [release-branch.go1.17] net/http: preserve nil values in Header.Clone
d13431c37a [release-branch.go1.17] net/http: don't strip whitespace from Transfer-Encoding headers
ae2dfcc1c8 [release-branch.go1.17] runtime: add race annotations to cbs.lock
fc07039e23 [release-branch.go1.17] runtime: add race annotations to metricsSema
9ef614f5aa [release-branch.go1.17] cmd/compile: allow 128-bit values to be spilled
b1be664d64 [release-branch.go1.17] runtime: store consistent total allocation stats as uint64
77cc1c0def [release-branch.go1.17] cmd/go: pass --no-decorate when listing git tags for a commit
8d2935ab7c [release-branch.go1.17] cmd/dist: test cgo internal linking on darwin-arm64
651a8d81ba [release-branch.go1.17] cmd/dist: skip internal linking tests on arm64
26cdea3acc (tag: go1.17.11) [release-branch.go1.17] go1.17.11
4c69fd51a9 [release-branch.go1.17] path/filepath: do not remove prefix "." when following path contains ":".
909881db03 [release-branch.go1.17] misc/cgo/testsanitizers: buffer the signal channel in TestTSAN/tsan11
03c2e56f68 [release-branch.go1.17] crypto/tls: avoid extra allocations in steady-state Handshake calls
c15a8e2dbb [release-branch.go1.17] crypto/tls: randomly generate ticket_age_add
590b53fac9 [release-branch.go1.17] os/exec: return clear error for missing cmd.Path
2be03d789d [release-branch.go1.17] crypto/rand: properly handle large Read on windows
65701ad2b4 [release-branch.go1.17] misc/cgo/testsanitizers: use buffered channel in tsan12.go
e846f3f2d6 [release-branch.go1.17] runtime: skip TestGdbBacktrace flakes matching a known GDB internal error
a9003376d5 [release-branch.go1.17] cmd/dist: consistently set PWD when executing a command in a different directory
0e7138a102 [release-branch.go1.17] runtime: mark TestGcSys as flaky
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Pulls in several CVE fixes.
Added a patch to avoid timer_create cross compile issue (and submitted upstream).
Also submit the race fix upstream.
We disable timer_create in the native case since some systems have it
and some don't so this makes us consistent.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d0c1de084c7ce030d47a428e4bbfbc4ce2996057)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Yue Tao <yue.tao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Remove 0003-dirmngr-uses-libgpg-error.patch
(upstream addressed the issue).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yue Tao <yue.tao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
==========
[func] Don't try to process DNSSEC-related and ZONEMD records
in catz. [GL #3380]
[func] Add some more dnssec-policy checks to detect weird
policies. [GL #1611]
[test] Add new set of unit test macros and move the unit
tests under single namespace in /tests/. [GL !6243]
[func] Key timing options for 'dnssec-settime' and related
utilities now accept "UNSET" times as printed by
'dnssec-settime -p'. [GL #3361]
[bug] When the fetches-per-server quota was adjusted
because of an authoritative server timing out more
or less frequently, it was incorrectly set to 1
rather than the intended value. This has been
fixed. [GL #3327]
[bug] Only write key files if the dnssec-policy keymgr has
changed the metadata. [GL #3302]
[func] Key timing options for 'dnssec-keygen' and
'dnssec-settime' now accept times as printed by
'dnssec-settime -p'. [GL !2947]
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d5a12d549209f01324d03963db96449ee43452eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
==========
[security]
Fix a crash in DNS-over-HTTPS (DoH) code caused by
premature TLS stream socket object deletion.
(CVE-2022-1183) [GL #3216]
[bug]
RPZ NSIP and NSDNAME rule processing didn't handle stub
and static-stub zones at or above the query name. This
has now been addressed. [GL #3232]
Fixed a deadlock that could occur if an rndc
connection arrived during the shutdown of network
interfaces. [GL #3272]
Refactor the fctx_done() function to set fctx to
NULL after detaching, so that reference counting
errors will be easier to avoid. [GL #2969]
udp_recv() in dispatch could trigger an INSIST when the
callback's result indicated success but the response
was canceled in the meantime. [GL #3300]
Work around a jemalloc quirk which could trigger an
out-of-memory condition in named over time. [GL #3287]
If there was a pending negative cache DS entry,
validations depending upon it could fail. [GL #3279]
dig returned a 0 exit status on UDP connection failure.
[GL #3235]
Fix an assertion failure when using dig with +nssearch
and +tcp options by starting the next query in the
send_done() callback (like in the UDP mode) instead
of doing that recursively in start_tcp(). Also
ensure that queries interrupted while connecting
are detached properly. [GL #3144]
Don't remove CDS/CDNSKEY DELETE records on zone sign
when using 'auto-dnssec maintain;'. [GL #2931]
[contrib]
Avoid name space collision in dlz modules by prefixing
functions with 'dlz_'. [GL !5778]
dlz: Add FALLTHROUGH and UNREACHABLE macros. [GL #3306]
[func]
Add new named command-line option -C to print built-in
defaults. [GL #1326]
Introduce the concept of broken catalog zones described
in the DNS catalog zones draft version 5 document.
[GL #3224]
Add DNS Extended Errors when stale answers are returned
from cache. [GL #2267]
Implement support for catalog zones change of ownership
(coo) mechanism described in the DNS catalog zones draft
version 5 document. [GL #3223]
Implement support for catalog zones options new syntax
based on catalog zones custom properties with "ext"
suffix described in the DNS catalog zones draft version
5 document. [GL #3222]
Implement reference counting for TLS contexts and
allow reloading of TLS certificates on reconfiguration
without destroying the underlying TCP listener sockets
for TLS-based DNS transports. [GL #3122]
Add support for remote TLS certificates
verification, both to BIND and dig, making it possible
to implement Strict and Mutual TLS authentication,
as described in RFC 9103, Section 9.3. [GL #3163]
[cleanup]
Remove use of exclusive mode in ns_interfacemgr in
favor of rwlocked access to localhost and localnets
members of dns_aclenv_t structure. [GL #3229]
Remove the task exclusive mode use in ns_clientmgr.
[GL #3230]
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2ae8b85c71be2e9e332b1ef0a2d3083b30c63e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Backport patch to fix CVE-2022-1664.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-1354
https://security-tracker.debian.org/tracker/CVE-2022-1354
https://nvd.nist.gov/vuln/detail/CVE-2022-1355
https://security-tracker.debian.org/tracker/CVE-2022-1355
Patches from:
CVE-2022-1354:
https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798
CVE-2022-1355:
https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Fixes stack overflow while handling recurring errors in Lua-stack
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit caad9d5f7184f0fa60fa7770e5d3da3f533647cb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Normally m4-native ends up in the sysroot via the toolchain, but if a
non-standard toolchain is used them m4-native may not be installed.
However Pulseaudio explicitly checks for m4 in the meson.build, so add
it to DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ddf846635783923d43520c9dd6f63ca59ed6e3b8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
To support crate:// fetcher on externalsrc, we need to make pass-through
the URIs in SRC_URI.
Signed-off-by: Chanho Park <chanho61.park@samsung.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Pastrick <ripastri@linux.microsoft.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
To support crate:// fetcher on externalsrc, we need to remove "-z
${EXTERNALSRC} check of bitbake vendoring. It is possible to disable
vendoring by CARGO_DISABLE_BITBAKE_VENDORING = "1" if externalsrc-ed
project does not want to enablt it.
Signed-off-by: Chanho Park <chanho61.park@samsung.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Pastrick <ripastri@linux.microsoft.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We can't support vgem on RHEL derived distros so disable this test for
all almalinux hosts rather than specific versions.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e921f3c1b917072e4c5a110c7dfeeadd2e571bde)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This fixes reproducibility issues with multilibs were a different recipe
specific sysroot is used which was leaking into debug symbols in libraries.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f442edf51e256bd315bd8e4ac4d9fa12b8e9e092)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If gold is enabled as the default linker, it errors trying to link
to our dummy library empty file and this turns off things which should
be present in libstdc++.
For example, _GLIBCXX_HAVE_S_ISREG isn't defined and HAVE_S_ISREG in
libstdc++-v3/config.h isn't set properly.
Instead of just creating an empty file, create an empty elf binary
instead which addresses the issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2070bcd10aa3a05c96c8501c6a8c1e129fb1d440)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add a test that verifies that devtool modify + devtool finish do the
right thing on a recipe that fetches from git and sets S to point to
a subdirectory of the source tree. We have a few examples among the core
recipes, dos2unix is a convenient one so let's use that. (The test first
verifies that that is still true in case the recipe is changed in
future.)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a84d9ed14173b0bf467ea78dff4f0f7bae0bc082)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If devtool finish needs to create a patch and have it applied to the
sources for a recipe where S points to a subdirectory of the sources,
then the patch needs to be applied at the root of the repo i.e. we need
to add a patchdir= parameter to the SRC_URI entry.
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad3736d9ca14cac14a7da22c1cfdeda219665e6f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If PATCHTOOL = "git", SRC_URI fetches from a git repo and S points to
a subdirectory of the checked out sources, then we were erroneously
initialising the subdirectory as its own git repo. Check if the returned
top-level repo directory is a subdirectory of WORKDIR and do not
run initialise the source directory if that is the case.
(This was a regression introduced with OE-Core revision
6184b56a7a0fc6f5d19fdfb81e7453667f7da940, however we didn't have a test
that verified the behaviour.)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9cca53a2bcbf6809615ce5626c86c6ee481a7a76)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This makes the bin_package.bbclass work properly with the native class.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad330b6d4b6e2ba051b5c6c437e07a183831f757)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If (perhaps foolishly) at your configuration level you have e.g.
SRC_URI_append_pn-recipename = " file://patchname.patch"
and then run devtool modify on a different recipe, an error occurs:
INFO: SRC_URI contains some conditional appends/prepends - will create branches to represent these
...
ERROR: [Errno 2] No such file or directory: '/path/to/downloads/patchname.patch'
pn- overrides would not constitute an alternative configuration that we
should handle in this context, so just ignore them to avoid the issue.
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3f2a812ade42ece0bb59b2d303125a91b29936dd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Building external kernel modules like lttng-modules was showing build paths
inside the debug symbols for the modules and breaking build reproducibility.
Fix this by adding in the mapping needed to map the kernel build directory
to something more approriate on target.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b56dc9009ba93174de6bf4c01e17808ef249dc5c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
* add GPL license because of alsa-state-init file
* gpl link points to gpl3, but at time of adding this file was actually
pointing to gpl2, so should correspond to SPDX GPL-2.0-or-later
* remove date as the file was already changed several times since then
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ca73ff0d9930d545ce8cb8a62e259c0b43310f99)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We already exclude Makefile, makefile, and makefile.old from copy of the
perl source tree that is used by perl-ptest, but Makefile.old is not
being excluded. In a rebuild of perl with an existing source tree these
files now exist but have build paths in. As they're backup files, they
can just be excluded from the packages.
Use range globs to clean up the expressions, and exclude Makefile.old.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 30a99affca7930f7fe0ddeb016b6183240b5f13c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
When api-documentation is enabled, we see a hardcoded build path to xsltproc in
the target python configuration file. We curate PATH carefully so we don't
need the path there, tweak configure to remove it and solve the issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f7924a85de548f9403d561b15c1f2c33d9912393)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Fixes
ERROR: QA Issue: : /work/x86_64-linux/libmodule-build-perl-native/0.4231-r0/sysroot-destdir/work/x86_64-linux/libmodule-build-perl-native/0.4231-r0/recipe-sysroot-native/usr/bin/config_data maximum shebang size exceeded, the maximum size is 128. [shebang-size]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 54ecb2d3f2523293383103cbe590ebdd037ee483)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The on target wrapper contains paths from the host build. Remove them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 10980ae59f18679413f2d3fd428a9386e4d6fc3a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The .pc we install ourselves for lua has hardcoded /lib assumptions in it
which means in a multilib environment, full build paths end up in users
like rpm's configuration.
Fix the .pc file to use a correct includedir and libdir to resolve
those reproducibility issues.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 93bee5c74b8d181adf93de4b4101e25d24780603)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cd05e2543bde4175da67781ec6f3eebc143d95d0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If enabled, the buildpaths test hangs in psplash as it tries to open
a fifo and read from it, hanging indefinitely.
Tweak the test to ignore fifo/socket/device files.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2567edb7e0a8c5ca9a88d6940491bf33bfe0eff9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Previous commit c725bdb29b266 broke kernel source handling, this was due
to the code expecting the sources to be in a different directory, this did
not happen when using externalsrc since sources were found in the expected
directories.
Pass work-shared to the check to allow sources to be found in the proper
directory, allowing these to be packaged in the next step.
To test this we grabbed a commit where we knew the buildpaths
QA test should flag a file inside the kernel sources, with the previous
commit the QA warning wasnt flagged since no sources where there, with
this fix the buildpaths QA warning gets flagged properly.
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2714a8ef8c7b3c66d50f27f4f52fe2fe4db39b00)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Since commit d756b346f248df47b0540644adb1d0f17bcc4b6e kernel modules are stripped by the functions 'runstrip' and 'splitdebuginfo'. Signed modules must not be stripped. Function 'runstrip' avoids this by running is_kernel_module_signed. Apply the same check to splitdebuginfo.
(From OE-Core rev: 6859226652339b19cbc7bdfec074fe2016cdee60)
Signed-off-by: Christoph Lauer <christoph.lauer@xtronic.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dc0f0413eabfd50f78d887f73f808d40a314fbd8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
While executing do_package, bitbake checks for a list of
debug source files and uses a pattern to match the ones
to be included in copydebugsources.
Previously when externalsrc was in use either directly or by
using devtool, the source location changed and this pattern
no longer matched, hence debug source files failed to be
included in the corresponding package.
Check when the source directory isnt the default (based on
WORKDIR), and change the pattern used to match debug source
files if that is the case, allowing us to perform do_package
properly.
Workaround debugsource.list containing paths from the host by
moving debug source files away from the host directory
structure to avoid host contamination (this seems to happen
when packages use $TMPDIR/work-shared and externalsrc is
in use).
Test matrix included using:
- devtool to use externalsrc automatically
- externalsrc with a non-devtool based source directory
- No externalsrc at all
Tested the following packages to be working:
- glibc ($TMPDIR/work-shared based)
- libxcrypt ($TMPDIR/work based)
[YOCTO 8015]
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a887bd96fd0a15398e8077ea79df5070971866e4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This adds a backport patch that fixes a problem in subinterpreters related
to the garbagecollector. Without the patch, there are random segfaults in
several Kodi addons that use python3-sqlite3. Presumably there are real world
issues in other programs as well.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Since commit f077befd5f36ad88623aaf6a38b1a837ecb18650:
[ udev-extraconf: let automount base directory configurable ]
the mount base directory was configurable, we need drop 'run-media'
usage as well, change to figure it out from MOUNT_BASE.
Also 'get_label_name' function needs to be called ealier in
automount_systemd before checking '/tmp/.automount-$name', otherwise
they would never match.
(From OE-Core rev: c013b33162546fb5bd4bcc1daac75aa65d0be1a3)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7ed210054b3e253d5a67075bb9d4768d1661bef1)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The '.include' syntax has been dropped from latest systemd releases,
we need drop the systemd-udevd.service here, introduce a postinst
function to add "MountFlags=shared" to systemd-udevd.service.
Also lsblk binary is being called in mount.sh automount_systemd
function, add it to RDEPENDS.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 356520d60b9429c6f62124821e42468ff2b7b1d6)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Failure message is shown in boot logs when trying to
mount lvm as automounter does not handle cases where
lvm is mounted. This simply skips lvm while automounting
to avoid failure message in boot logs.
Signed-off-by: Ansar Rasool <ansar_rasool@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit b1d18072ed9a8b0bca0f20f8e5deefa73ab6acbe)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Automounting does not work cleanly in case systemd as well as
udev rules are being used simultaneously and in most cases
race conditions and unknown behavior can come up.
In case we're running on top of systemd we need to make sure
that systemd-udevd knows that udev is in play as well and
mounting should be done using shared flags. Also as we're
using mount from sources other than systemd-mount in current
scripts this is the most manageable fix to automounting
problems.
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 1e770416b4c9a0468404fb64d55114d93e84763b)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
fdisk from util-linux (2.31.1) and above allows the user to
manipulate an already mounted device. In order to achieve this
functionality it issues a BLKRRPART (block device re-read part)
ioctl and in response the kernel generates remove/change/add
events if the device is not mounted (manually unmounted etc)
which are caught and processed by udev. This causes our auto-mounter
to remount everything because it does not keep track and things
go out of control.
Differentiating between types of remove events such as the one
described above (generated by BLKRRPART) and one where the device
is physically plugged out is only possible using the DEVPATH variable
which is cleaned up only when the device is actually plugged-out.
This fixes the above anomaly by only mounting a device in add event
which is cleaned up properly (tmp cache deleted) in the remove event
or is not present in the tmp cache while making use of the DEVPATH
variable during the remove action.
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 11a5e6c17535438ea1e7a8403ed260c8b3a22bc8)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Doing this will allow to fetch the exact name created by the
auto-mounter during the remove action where depending on the
scenario utilities such as the blkid might not be usable due
to actual device not being present on the system.
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 496b76f8775a620c1d449eb6f62a41656abf2a9b)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This alters the mountpoints such that if a device has a LABEL or
a PARTLABEL, it will be mounted at e.g.:
/run/media/$LABEL-<device-node>
/run/media/$PARTLABEL-<device-node>
/run/media/rootfs-sda2
otherwise the device will be mounted at e.g.:
/run/media/<device-node>
/run/media/sda1
The <device-node> appended with LABEL or PARTLABEL makes sure that
the mountpoint is unique, therefore, avoids overlapping mounts.
Signed-off-by: Arsalan H. Awan <Arsalan_Awan@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit a9a0a0967832445f1bcc65d58f95343d1b562e1b)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Dont hard-code automount base directory to '/run/media', introduce a
variable MOUNT_BASE to let it configurable, like in udisks2 the mount
base is also configurable by setting option: --enable-fhs-media.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f077befd5f36ad88623aaf6a38b1a837ecb18650)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 69e486ddb3059f80ba538e1f59c2ca8a8df0faf9)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Fixup commit for prevous CVE-2022-33068 fix.
Fixes:
| In file included from ../harfbuzz-4.0.1/src/hb-ot-face.cc:39:
4429| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: error: use of bitwise '|' with boolean operands [-Werror,-Wbitwise-instead-of-logical]
4430| if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536)
4431| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4432| ||
4433| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: note: cast one or both operands to int to silence this warning
4434| 1 error generated.
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Backport fixes for:
* CVE-2022-32205 - https://curl.se/docs/CVE-2022-32205.html
* CVE-2022-32206 - https://curl.se/docs/CVE-2022-32206.html
* CVE-2022-32207 - https://curl.se/docs/CVE-2022-32207.html
* CVE-2022-32208 - https://curl.se/docs/CVE-2022-32208.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
kernels with upstream commit 630af16eee495f583db5202c3613d1b191f10694
[perf tools: Use Python devtools for version autodetection rather than
runtime], or -stable backports of that commmit, evade our substitutions
for reproducibility.
We add a second sed expression to ensure that our definition of python
is used, as we have the proper environement setup and don't need the
full path of python, which eventually will be captured by the perf
binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b24e73fb34049061ea03a6f2b6a54cdbee7b406b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Upstream merged a patch to handle the reproducibility issue, switch to
their patch which is functionally equivalent.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit db28cd0e1540e44db963108430205c8c0c817774)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add a patch to avoid writing the full pathname to gperf into source
files which leads to reproducibility issues.
This fixes issues with systemd reproducibility in particular.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dea3c7ee2a413f7dc5f13ec006592084f7fb266c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
In a similar manner to the arm/arm32 reprodicibility fixes,
we can also fix ppc32.
The file .vdso32-offsets.h.cmd has captured paths, but we don't
need it on target or SDKs to regenerate a build enviroment.
We add it to our vdso-offsets list of files to delete and we
no longer have files patckaged with buildpaths.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a142b68b232ff7728f4eb945eea923c64e7ebd5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|