| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Includes fixes for CVE-2022-3099 and CVE-2022-3134.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d042923262130b6b96f703b5cd4184f659caeb92)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3163134b0f58c58aaabe4e957c30109e63b2d60f)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
==========
* [build] meson: fix typo in variable name
* [build] autoconf: report if building with zstd
* [build] meson -Dlua_version=... to specify lua ver
* [core] avoid CCRandomGenerateBytes on MacOS <10.12 (fixes #3140)
* [core] use diff var name w/ CCRandomGenerateBytes (fixes #3141)
* [core] parse conf cmds with SHELL or /bin/sh
* [core] fix HMAC with openssl 3.0
* [mod_webdav] no COPYFILE_CLONE_FORCE on OSX <10.12 (fixes #3142)
* [mod_deflate] fix to return 304 with If-None-Match (fixes #3143)
* [core] Illumos epoll incompatible w/ lighttpd impl
* [core] feature flag to allow Range w/ HTTP/1.0
* [mod_mbedtls] set usekeysize for mbedtls 3.2.0+
* [mod_deflate] collect mmap code
* [mod_deflate] prototype using libdeflate w/ mmap
* [mod_deflate] --with-libdeflate to use libdeflate
* [mod_deflate] mark input bytes const
* [core] sys-setjmp.[ch]
* [mod_magnet] check lighty.result.content b4 setjmp
* [core] include guard consistency in sys-time.h
* [core] network_write_file_chunk_remap separate fn
* [multiple] use new sys_setjmp_eval3() interface
* [multiple] pedantic chunk.c checks for 0-len chunk
* [multiple] shared code for struct chunk and mmap
* [mod_deflate] use pread if available
* [mod_deflate] improve loop compressing file chunk
* [core] prep server_tag at startup for h2 resp hdr
* [mod_magnet] defer req_env init unless needed
* [mod_magnet] reset after error attaching content
* [mod_magnet] lua_tointegerx() avoids raising error
* [mod_mbedtls] use newer mbedtls 3.2.0+ interfaces
* [mod_magnet] adjust hot path for more inlining
* [mod_magnet] collect chk for magnet lua_State init
* [mod_magnet] use type returned from lua_getfield()
* [core] chunk_file_pread() to wrap pread()
* [core] disable keep-alive if forcing HTTP/1.0 resp
* [mod_magnet] use lua_getextraspace() to store r
* [core] fall back to getauxval(AT_RANDOM), if avail
* [mod_magnet] keep message handler on stack
* [doc] update external links
* [mod_magnet] pass lighty table index, defer pops
* [mod_magnet] clear and reuse script-env table
* [mod_magnet] clear stack when reloading script
* [mod_magnet] use lua_isnoneornil() in interfaces
* [mod_magnet] fix lighty.c.cookie_tokens()
* [mod_magnet] fix lighty.c.urldec_query()
* [mod_magnet] remove duplicated NULL checks
* [mod_magnet] adjust magnet_lighty_result_get()
* [mod_magnet] magnet_tmpbuf_acquire(),release()
* [mod_magnet] lighty.c.quotedenc(),dec() funcs
* [mod_magnet] fix header,content legacy table clear
* [mod_cgi] cgi.local-redir request_reset thru fnptr
* [core] isolate plugins_*() funcs to main server
* [mod_wolfssl] wolfssl v5.0.0 defines DH_set0_pqg()
* [mod_auth] save letter-case diff in require config
* [mod_magnet] magnet_push_quoted_string shared code
* [mod_magnet] lighty.c.header_tokens convenience fn
* [core] fill in un.sun_path after accept() (fixes #3147)
* [mod_extforward] adjust trust check for HTTP/2
* [mod_proxy] adjust handling of legacy X-* headers
* [core] permit env w/ blank value (fix regression)
* [TLS] consistent debug.log-ssl-noise config type
* [mod_magnet] allow removal of req_env elt via nil
* [core] compiler workarounds for very old gcc,glibc
* [mod_mbedtls] use newer mbedtls 3.2.0+ interfaces
* [mod_ssi] check http_chunk_transfer_cqlen for err
* [core] chunkqueue_steal() handle unexpected 0 len
* [core] discard DATA from REFUSED_STREAM at h2 init
* [multiple] WebSockets over HTTP/2 (fixes #3151)
* [multiple] immed connect to backend for streaming
* [core] ensure socket ready before checking connect
* [core] reduce trace on Upgrade backend connection
* [core] adjust when TCP_CORK used on TLS connection
* [mod_cgi] disable input optim if might Upgrade
* [mod_cgi] immed start CGI if Upgrade
* [mod_wolfssl] wolfssl v5.0.0 adds ASN1_TIME_diff()
* [mod_openssl] libressl v3.5.0 adds ASN1_TIME_diff
* [TLS] warn if leaf cert read is inactive/expired
* [core] stricter conformance w/ upcoming HTTP/2 rev
* [build] -D_DEFAULT_SOURCE consistency in builds
* [mod_extforward] support addtl IPv6 syntax w/ "[]"
* [core] build fix for cygwin and lmingw
* [core] short-circuit earlier parsing h2 trailers
* [core] reformat h2.h for cleaner enum additions
* [core] consolidate trace for log-state-handling
* [core] request_config bitmasks for smaller struct
* [core] prefix (=^), suffix (=$) config conditions (fixes #3153)
* [core] tighten config parsing loop
* [core] convert simple config cond regex to pre/sfx
* [tests] able to run tests when built w/o pcre
* [core] allow redirect,rewrite ext subst w/o pcre
* [mod_sockproxy] reset http vers, avoid rare crash (fixes #3152)
* [core] HTTP/2 PRIORITY_UPDATE frame (experimental)
* [core] send HTTP/2 SETTINGS_NO_RFC7540_PRIORITIES
* [core] stricter check of HTTP/2 GOAWAY frame size
* [mod_mbedtls] use newer mbedtls 3.2.0+ interfaces
* [mod_webdav] opt for partial PUT via copy/rename
* [core] quiet compiler warning
* [multiple] recognize HTTP QUERY method
* [multiple] limit scope of socket config options
* [core] fix config typo reading large int from str
* [core] h2 prio sort urgency, incr, then stream id
* [core] send Priority resp hdr w/ .css, .js re-prio
* [multiple] reset http vers, avoid rare crash (fixes #3152)
* [core] delay response to http auth invalid creds
* [core] connection_state_machine_h2 only if con->h2
* [core] default server.max-keep-alive-requests 1000
* [mod_magnet] set script env in func first upvalue
* [mod_magnet] rewrite lighty.r as table of userdata
* [mod_status] con->h2 instead of r->http_version
* [mod_setenv] cleanup user-provided hdr sloppiness
* [core] remove func decls duplicated in plugin.h
* [mod_status] fix counting of HTTP/2 bytes written
* [mod_magnet] no local server port on unix domain
* [mod_extforward] unix domain socket pedantic chks
* [core] sketch support for abstract sockets
* [mod_magnet] magnet_plugin_stats_table() fn
* [mod_magnet] magnet_script_setup_global_state() fn
* [mod_magnet] lighty.server.* table w/ new function
* [mod_accesslog] do not double-count hdr len in %I
* [mod_magnet] reduce magnet_env_get_id() scanning
* [mod_magnet] tighten magnet_env_get_buffer_by_id()
* [mod_status] reusable code for r->state strings
* [core] reusable code for r->state strings
* [mod_magnet] expose r->state to lua scripts
* [mod_magnet] tighten magnet_env_set()
* [mod_magnet] lighty.r.req_item[] accessors
* [mod_magnet] expose r->keep_alive to lua scripts
* [mod_magnet] lighty.c.hrtime high-resolution time
* [mod_magnet] lighty.r.resp_body.get
* [mod_magnet] deprecate r.req_attr["response.*]
* [mod_magnet] separate funcs for uri_path_raw
* [mod_magnet] lighty.c.stat high precision time
* [mod_magnet] format multiline err traceback
* [mod_magnet] adjust p->conf.stage checks
* [mod_magnet] further isolate legacy API result tbl
* [core] buffer_append_char() convenience func
* [mod_accesslog] accesslog.escaping = "json"
* [multiple] use buffer_append_char()
* [mod_accesslog] remove begin/end tags from %{}t
* [core] fix configparser_simplify_regex() comment
* [multiple] simplify bytes_in/bytes_out accounting
* [mod_accesslog] reorder fields in switch()
* [core] remove unused srv->con_* counters
* [mod_magnet] read-only access to r->server_name
* [core] buffer_append_bs_escaped()
* [core] buffer_append_string_c_escaped ASCII optim
* [mod_magnet] backspace-escape encode/decode
* [mod_status] display HTTP/2 control stream w/ reqs
* [multiple] use preferred syntax for Content-Type
* [doc] regenerate doc/config/conf.d/mime.conf
* [multiple] rename status_counter -> plugin_stats
* [core] feature-flag server.metrics-high-precision
* [mod_magnet] quiet coverity false positive
* [mod_wolfssl] compile fix for OpenWRT
* [mod_webdav] If-None-Match: * on non-existent
* [mod_magnet] r.req_body .collect .get .set .add
* [mod_cgi] fix detection of failing error handler (fixes #3157)
* [core] "url-invalid-utf8-reject" normalization opt
* [mod_magnet] skip req body collect warn if modsec3
* [build] update descriptions to remove old lua ver
* [core] use current dir if context->basedir blank
* [multiple] application/javascript text/javascript
* [core] reset internal flags after graceful restart
* [TLS] inherit ssl.engine from global scope
* [core] avoid server.use-ipv6 warning after SIGUSR1
* [mod_webdav] alt handling PROPFIND on collection
* [mod_mbedtls] fix crt chain construction logic
* [core] h2 SETTINGS_INITIAL_WINDOW_SIZE 64k (fixes #3089)
* [core] increase session window size to 256k
* [core] h2: avoid sending small WINDOW_UPDATE frames
* [core] h2: avoid sending tiny DATA frames
* [core] update cached tables with Priority header
* [tests] test stubs for http_header.c and http_kv.c
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 47188fa0dc19f160085554360c81bd9f363837d5)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
systemd defines a default set of fallback DNS servers in
https://github.com/systemd/systemd/blob/v251/meson_options.txt#L328-L330
By adding a PACKAGECONFIG knob providing a convenient way to opt out,
and then adding that value to systemd's PACKAGECONFIG, the output from
runtime 'resolvectl status' command no longer contains the following
line:
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 8.8.8.8#dns.google 1.0.0.1#cloudflare-dns.com 8.8.4.4#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2001:4860:4860::8888#dns.google 2606:4700:4700::1001#cloudflare-dns.com 2001:4860:4860::8844#dns.google
(From OE-Core rev: 2b300d6b9ec6288a99d9dacb24a86949caf99e55)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Commit 8089cefed8e83c0348037768c292058f1bcbbbe5 ("systemd: Add
PACKAGECONFIG for sysvinit") decoupled enabling of systemd's sysvinit
handling behavior behind a distinct PACKAGECONFIG feature.
This new option affects among other things the installing of
tmpfiles.d/legacy.conf, which is responsible for creating /run/lock
directory, which is pointed to by /var/lock symlink provided by
base-files package.
In case the option is not enabled, then base-files provided /var/lock
is a dangling symlink on resulting rootfs, causing problems with
certain Linux userspace components that rely on existence of writable
/var/lock directory. As an example:
# fw_printenv
Error opening lock file /var/lock/fw_printenv.lock
Since Filesystem Hierarchy Standard Version 3.0 states in
https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s09.html that
Lock files should be stored within the /var/lock directory structure.
Ensure the /run/lock directory is always created, so that lock files
can be stored under /var/lock also when 'sysvinit' handling is
disabled.
(From OE-Core rev: 85e5ee2c35cf5778c3aefda45f526e8f6a511131)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
In order to be able to debug issues on the host that have an impact on the
guest, it is useful to get the uptime of the host while starting so we can
match with the events in dmesg. Also include the uptime when cleaning up.
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2d96499823f7de6e16a461426491e015ba63c1ec)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Updates the log message printed when login banner is seen in QEMU to
report the UNIX Epoch time in addition to the human readable time. This
makes it much easier and accurate to correlate logs with the guest, in
particular with the guest journalctl which prints log timestamps in
human readable format and the oeqa SSH debug logging which prints the
UNIX Epoch.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 275b6f3c8d0eeafa3902c48a49655491a89c47bc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
When 73fa855f6af5ef9c3 was introduced, the "cleandirs" variable flag
started applying to functions exported using EXPORT_FUNCTIONS.
The externalsrc class is supposed to remove cleandirs in order to
prevent wiping out an external src folder (home directory?), but
doesn't take the previous point into account. The result is that
cleandirs is still in effect.
To fix this, apply the cleandirs manipulation to all variables, not
just predefined ones. This is expensive, but since it executes inside
an `if externalsrc` clause, and EXTERNALSRC is usually only set for
specific single recipes, it won't affect most recipes.
Richard Purdie <richard.purdie@linuxfoundation.org> is the original
author of this patch. I just submitted it under my name for blame
purposes, and also we have been testing it a lot in my company.
This is the original discussion:
https://lists.openembedded.org/g/openembedded-core/topic/91374926
Signed-off-by: Kristian Amlie <kristian.amlie@northern.tech>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 74ad497a55007960a4869905878e3ccbd11e4369)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Theres not a rootfs for baremetal images, hence we should avoid
trying to list rootfs packages for them.
This fixes an issue where some classes (e.g. license_image) rely on
rootfs functionality when included for baremetal images even if its
nonexistent
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandro@enedino.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5a7e13f46083ce3b08aa762238c1e93b7626dda4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If the "trace" PACKAGECONFIG is removed to disable cairo-trace (the
only part of the code licensed as GPL-3.0), we can adapt the licenses
for cairo-dbg and cairo-src so that they do not include
"GPL-3.0-or-later" and thus they can be used also when, e.g., GPL-3.0
is blacklisted in INCOMPATIBLE_LICENSE. Also drop the GPL-3.0 license
text from LIC_FILES_CHKSUM in this case.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4f0ea44c80f297d00349b7d3cf9438145aec8a74)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
When using IMAGE_FEATURE read-only-rootfs ssh host keys are moved to volatile
storage. If the feature overlayfs-etc is used in addition to read-only-rootfs
/etc is writable and the move is not wanted. But in the case also the IMAGE_FEATURE
stateless-rootfs is used the keys will be moved as storage of keys should not
be wanted in a stateless-rootfs.
This change only takes effect in the case IMAGE_FEATURE contains read-only-rootfs.
In adddition the following cases are handled:
IMAGE_FEATURES = "read-only-rootfs" --> ssh keys/config handled as ro root
IMAGE_FEATURES = "read-only-rootfs overlayfs-etc" --> ssh keys/config handled as rw root
IMAGE_FEATURES = "read-only-rootfs stateless-rootfs" --> ssh keys/config handled as ro root
IMAGE_FEATURES = "read-only-rootfs overlayfs-etc stateless-rootfs" --> ssh keys/config handled as ro root
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2ad7aa1f2153955adc044ea4eb11c48086a01d1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Openssh (main) package may be marked for installation via complementary
packages mechanism if sftp-server is installed
and this causes conflict with dropbear [Yocto #14858] [1].
Excluding openssh complementary packages if packagegroup-core-ssh-dropbear
is in PACKAGE_INSTALL fixes this issue.
To install openssh complementary packages in the images with
ssh-server-dropbear they may be added manually into the list because
they will be excluded from the installation even if corresonding class
(dev-pkg or dbg-pkgs) inherited.
[1]
Error:
Problem: problem with installed package dropbear-2020.81-r0.core2_64
- package dropbear-2020.81-r0.core2_64 conflicts with openssh provided by openssh-8.9p1-r0.core2_64
- package openssh-8.9p1-r0.core2_64 conflicts with dropbear provided by dropbear-2020.81-r0.core2_64
- package openssh-ptest-8.9p1-r0.core2_64 requires openssh, but none of the providers can be installed
- conflicting requests
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages)
Signed-off-by: Pavel Zhukov <pavel@zhukoff.net>
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fa08030b32c2bf77889c23f964892f46e84994a3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
* but it still won't work well on hosts without libxml2, make
sure to use pre-generated testapi.c in do_compile_ptest
* this is reproducible with SOURCE_DATE_EPOCH set to 0 which
e.g. meta-updater still sets by default for DISTROs which
use it :(, see https://github.com/uptane/meta-updater/pull/35
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 178cea1593dc6e9a7eb74842615356d90d79f78f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This replaces the proposed patch with a backport of what got accepted upstream
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f3e92b7cb5833f61ff13a66f03be513d97a69894)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This will fix issues with autoconf tests which fail due to lacking
prototypes
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb477854ba230d8a8370f24880bd421607399e5a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We're currently only passing in a subset of the kernel make flags to
menuconfig. Fix this to be consistent with all the other kernel
operations since these are becomming increasingly reliant on host
compilers and flags and target toolchains as well.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8c616bc090d1834a21073a33209323220c05d2e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
It as been bothering me a bit that we don't set CC and LD consistently
for the kernel make calls and this can lead to interesting bugs as the
kernel increases in complexity. Add them to EXTRA_OEMAKE so they're
always passed in. This makes everything slightly more consistent and
less likely to break in future.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit afe8c318843e4033dcc07e4f10198df241d8e4f6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This code wasn't changing the linux.h on i686. Make the entry match that
for i586 which was correct.
This fixes problems where the wrong dynamic loader path was used by
nativesdk-gcc on i686 SDK targets by ensuring SYSTEMLIBS_DIR is replaced
by %r in the correct header files.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d30eb681f41bf9e921f7f0d42747fff7a4be9229)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Upstream dropped capstone support and this also causing us
reproducibility issues.
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d2496a904a7099ef0de818180820ad7b40843a08)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
==========
* Various improvements and bug fixes:
- vala: Don't unconditionally expect ObjectType of Class [#1341]
- vala: Make try-statement parsing more resilient [#1304]
- vala: Avoid problems with '\' in #line directives on Windows [#1353]
- gidlparser: Set source reference of parameters
* Bindings:
- atspi-2: Fix a few binding errors
- glib-2.0: Use g_abort for GLib.Process.abort() beginning with 2.50 [#1350]
- gtk+-3.0: Correctly unhide BindingSet.by_class to avoid Version attribute
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 29d2f8241312a7f0bda39805d41cd6789d369ce9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
v2.9.8 Correct parameter types to Debug() calls
rules: Drop using register keyword
remove needless use of %defattr per fedora project
add exec perms
translation updates
Use what's in the build environment and use a current autoconf
util/Makefile.am: fix link with lintl
Force grep to treat the input as text when formatting word files
0001-rules-Drop-using-register-keyword.patch
0002-rules-Correct-parameter-types-to-Debug-calls.patch
removed since they're included in 2.9.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7477178a4c60c02c2d1638746148dd3d2941dc28)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
With nodejs 16, the simple 'npm cache add' approach does not work
anymore because its fetcher implementation downloads also meta
information from the registry.
We have to generate these information and add them to the cache.
There is no direct support in 'npm' for task so we have to implement
it manually.
This implementation consists of a openembedded python module (in
oe-core) and a nodejs version specific helper (in oe-meta).
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 019b9c341d539939098962c228c1fd5c99331312)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Helper module to:
- generate meta information from package.json content. This data has
a format as provided by https://registry.npmjs.org
- put this meta information and the corresponding tarball in the
nodejs cache. This uses an external, nodejs version specific helper
script (oe-npm-cache) shipped in oe-meta
To avoid further nodejs version dependencies, future versions of this
module might omit the caching completely and serve meta information
and tarball by an http server.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6cd5886ad05fee704e8a5892bd370c360c8c3b54)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We know the content of 'package.json' from earlier patches; there is
no need to parse the tarball name to extract the version.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f553e528e76f7e3925ed1c0950d96e73aec37da9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We have to read 'package.json' to calculate the name of the tarball.
This content is interesting for later patches.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d67367e389c492ae90f9021066d6a4d5ebcf68e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
'npm pack' is a maintainer tool which tries to execute 'prepare'
and similar scripts. This fails usually in OE because it requires
completely installed 'node_modules'.
Earlier nodejs versions supported an undocumented 'ignore-scripts'
option. This has been removed in nodejs 16.
We could patch 'package.json' and remove the unwanted scripts. But
this might complicate local workflows (applying patches) and installed
packages will contain the modified 'package.json'.
Instead of, package it manually by 'tar czf'. As a sideeffect,
'do_configure' is running much faster now.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 68b480d64ffb6750699cc8fa00d2ac0bc6a2e58a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This allows choosing padding algorithm when building fitImage. It may be pkcs-1.5 or pss.
Signed-off-by: LUIS ENRIQUEZ <luis.enriquez@se.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 29d5336c728b28890bbaadebf0ccff00ad90a64d)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Sometimes an end user might want to choose another kernel type argument
for uboot-mkimage other than "kernel", for instance: "kernel_noload".
Let's introduce a variable UBOOT_MKIMAGE_KERNEL_TYPE to support that,
and it could be used by BSP layers as well.
(From OE-Core rev: e288686e97de1265eeeaf452141e1473867efb1b)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4eb7bbcc2f08b25387a15b7e4a89ef199783c973)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 217b00d378f359689613ca4c0666bb2eed040f69)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Pull in some minor fixes:
pseudo_util: Silence symlink errors and fix resolution bug
ports/linux: Remove build dependency on libattr
Minor build fixes
pseudo_util: Fix resolving relative paths from "/"
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c57d0c57d00cdef622dab3bf783a10d52f8d9ffb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Currently, there's no way for the user's site.conf, local.conf or
similar to set BB_DEFAULT_UMASK, because those files are included by
bitbake.conf prior to the unconditional assignment of
BB_DEFAULT_UMASK. To make that possible, use a weak default assignment
instead. This is also consistent with most other variable assignments
in the lower half of bitbake.conf.
I believe the risk of a regression is very small; it would require
something like somebody having a definition of BB_DEFAULT_UMASK in a
local configuration file, and having been relying on that _not_ taking
effect.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit e3dbded499f0bd1e71abb0650ae98fd9ade94250)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
AC_TRY_RUN macro means the test needs to run to find the result and we
are cross compiling so this will always get wrong results, this results
in miscompiling apache2 on musl because it disables rlimit
(ac_cv_struct_rlimit) wrongly.
All these variables are determined with AC_TRY_RUN checks
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 504eb0ff1cae200ee85ec18ebae564cae9bf9c8c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Alex Stewart assumed maintainership of the yocto project's opkg fork,
and opkg recipes, from Alejandro Del Castilo back in Q1 of 2020.
Update maintainership of the opkg recipes.
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit fd0511080fb5744b4b58df43184fa2561cc37134)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The full path of patch may contain '/meta/' but not in oe-core, skip
patches by checking it starts with oe-core full path or not.
Signed-off-by: Yang Xu <yang.xu@mediatek.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d8a525afdfb5d371e76b09301c8b2741d23d1d10)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE-2021-3520.patch
removed since it's included in 1.9.4
License-Update:
Copyright year updated to 2020
description of 3rd party applications changed
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f95c66050bc69af7769d1868b0118cefb24e5b0d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
License-Update: Adjust/reformat content of LICENSING.txt
=========================================================
"libatomic_ops_gpl.a" changed to "libatomic_ops_gpl.a file"
"sysdeps" changed to "atomic_ops/sysdeps"
"This applies only to test code, sample applications," changed to
"This applies only to the test code"
Changelog:
==========
Add note to README that AO malloc code has same license as AO stack
Adjust/reformat content of LICENSING.txt
Avoid AO_stack_t to cross CPU cache line boundary
Do not assume 'ordered except earlier write' for UWP/arm64
Do not name GCC intrinsics as C11 ones in ChangeLog and configure
Eliminate '-pedantic is not option that controls warnings' GCC-6.3 message
Ensure result of AO_test_and_set is always AO_TS_CLEAR or AO_TS_SET
Fix 'AO_malloc redefinition' MS VC warning caused by attributes mismatch
Fix 'use of undeclared SIG_BLOCK' Clang error if -std=c89 on Cygwin
Fix AO_compare_and_swap_full asm code for clang on sparc
Fix a typo in comment of AO_stack_push_explicit_aux_release
Fix code indentation in main() of test_stack.c
Refine AO_UNIPROCESSOR macro description in configure
Remove outdated comment about unsupported Win64 in atomic_ops_stack.h
Repeat black list check on CAS fail in stack_push_explicit_aux_release
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit a0f177ef7f52bab06d8fff752ba8390defd71ed5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
Fix the build when using Clang's libc++ or the Musl libc.
0001-Fix-build-failure-due-to-libc-using-libc-functions.patch
removed since it's included in 1.12.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f8d8cc58c9b9c221158414be186bc12aa5d80e91)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
2022-08-18 Userspace RCU 0.13.2
* Revert "Fix: remove type constness in URCU_FORCE_CAST's C++ version"
* Fix: futex.h: include headers outside extern C
* Fix: add missing unused attribute to _rcu_dereference
* Fix: change method used by _rcu_dereference to strip type constness
* Fix: remove type constness in URCU_FORCE_CAST's C++ version
* Move extern "C" down in include/urcu/urcu-bp.h
* fix: ifdef linux specific cpu count compat
* Set git-review branch to stable-0.13
* fix: sysconf(_SC_NPROCESSORS_CONF) can be less than max cpu id
* Fix: revise obsolete command in README.md
* Fix: workqueue: remove unused variable "ret"
* Fix: urcu-qsbr: futex wait: handle spurious futex wakeups
* Fix: urcu: futex wait: handle spurious futex wakeups
* Fix: urcu-wait: futex wait: handle spurious futex wakeups
* Fix: defer_rcu: futex wait: handle spurious futex wakeups
* Fix: call_rcu: futex wait: handle spurious futex wakeups
* Fix: workqueue: futex wait: handle spurious futex wakeups
* Fix: Use %lu rather than %ld to print count
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b9ce9d9ab53baab7ba84187d17b34e48ff9eb16e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
===========
- Clarify libtasn1.map license. Closes: #38.
- Fix ETYPE_OK out of bounds read. Closes: #32.
- Update gnulib files and various maintenance fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b8f2c6ec61ffcc607a35bd5c11f5020c9b676226)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Addresses CVE-2022-2980, CVE-2022-2946 and CVE-2022-2982.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 01c08d47ecfcc7aefacc8280e0055c75b13795b2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We can have multiple processes reading the database at the same time, and
cursors only release their locks when they're garbage collected.
This might be the cause of random sqlite errors on the autobuilder, so
explicitly close the cursors when we're done with them.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 5d2e90e4a58217a943ec21140bc2ecdd4357a98a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The CVE check database needs to have a shared lock acquired on it before
it is accessed. This to prevent cve-update-db-native from deleting the
database file out from underneath it.
[YOCTO #14899]
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 20a9911b73df62a0d0d1884e57085f13ac5016dd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Upstream-Status: Backport
[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797]
Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
https://curl.se/docs/CVE-2022-35252.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
SRC_URI include patch introduced in oe-core commit
fdc82b2314b580c0135c16b7278ebf8786311dec
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This ensures that definitions of functions e.g. getpass() are correctly
sourced from system headers, since it depends on feature test macros
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0d117e5d17c491e1d26aefb4b919410b07fd5347)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
musl does not implement GNU extention of strerror_r but XSI compliant
version, therefore add it via a packageconfig to set right variables
during configure to cache the value.
configure detection logic depends on runtime test which will always be
wrong on cross compiles therefore backport a patch to make it possible
to cache the needed configure variable.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ded3d76a844dd1aef9ac610fbe506bf76285369b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is defined for glibc automatically with _GNU_SOURCE but not for
musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 84375186570af548b49e44e884925f4feaddcc7a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
These headers are needed on musl too.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a53722b962e79e0831c0fba24ef7c1cfda24971a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
Richard Purdie
Alexander Kanavin
wangmy
niko.mauno@vaisala.com
Alexandre Belloni
Joshua Watt
Kristian Amlie
Alejandro Hernandez Samaniego
Peter Kjellerstedt
Peter Bergin
Pavel Zhukov
Martin Jansa
Khem Raj
Enrico Scholz
LUIS ENRIQUEZ
Ming Liu
Ulrich Ölmann
Rasmus Villemoes
Alex Stewart
Yang Xu
Ross Burton
pgowda
Robert Joslyn
Chee Yang Lee