| Age | Commit message (Collapse) | Author |
|---|
|
* Add a patch to allow the use of debconf to be disabled.
* Replace 0007-Disable-generation-of-the-documentation.patch with a new
patch to disable the generation of the documentation using a
configuration option.
* Replace 0006-Disable-shell-for-default-users.patch with a sed
expression that uses a variable, NOLOGIN, to specify what command to
use for users that are not expected to login. This allows to use some
other command than "nologin", e.g., "false". Also, by using
${base_sbindir}, it adheres to usrmerge being configured.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The `fspassno` parameter allows to overwrite the value of the last
column (`fs_passno`) in the /etc/fstab of the target root file system.
This allows to have periodic file system checks.
Signed-off-by: Claudius Heine <ch@denx.de>
Signed-off-by: Vijai Kumar K <Vijaikumar_Kanagarajan@mentor.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Using += unintentionally removes all other entries from DISTRO_FEATURES
if DISTRO_FEATURES was set by ?= such as by poky.conf. This reduces
sstate reusage on the autobuilder. Fix this to speed up builds.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We've seen failures on the autobuilder in oe-selftest where things which should
be in the sysroot aren't. The exact steps to reproduce the exact failure are
elusive and probably hash equivalance dependency but this set of steps does
reproduce corruption which is probably of the same origin:
Add DISTRO_FEATURES += "systemd"
bitbake dbus
Remove DISTRO_FEATURES += "systemd"
bitbake dbus
bitbake dbus -c clean
bitbake dbus -c configure
Add DISTRO_FEATURES += "systemd"
bitbake quilt-native
bitbake dbus -c populate_sysroot
Remove DISTRO_FEATURES += "systemd"
bitbake dbus -c compile
Where dbus will now fail as the compiler was no longer in the sysroot.
This works by clearing x11 and other values out of DISTRO_FEATURES so the x11
dependencies are removed from the sysroot. The configure stamp remains valid so
when the original configuration is restored, it becomes valid again but a load
of the sysroot disappeared and build failures result.
Fix this by removing stamps when we remove things from the sysroot.
Depends on a change to bitbake build.py to add the clean_stamp API.
[YOCTO #14790]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This minor version include fixes for several CVEs
CVE: CVE-2022-1292
CVE: CVE-2022-1343
CVE: CVE-2022-1434
CVE: CVE-2022-1473
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some distributions shipping gcc12 end up with stringop-overflow warnings
e.g.
/usr/include/bits/unistd.h:74:10: error: ‘__pread_alias’ specified size between 9223372036854775813 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=]
74 | return __glibc_fortify (pread, __nbytes, sizeof (char),
| ^~~~~~~~~~~~~~~
Until fixed, lets not treat this warning as hard error
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Host distros have started deploying gcc12 as well e.g. archlinux
this build failure shows up which has been fixed upstream
In function ‘GetAlignmentFromFile’,
inlined from ‘main’ at GenFfs.c:816:20:
GenFfs.c:545:5: error: pointer ‘InFileHandle’ used after ‘fclose’ [-Werror=use-after-free]
545 | Error(NULL, 0, 4001, "Resource", "memory cannot be allocated of %s", InFileHandle);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes bash using its own broken getcwd() during cross compiling
The configure script assumes that your getcwd() function is broken.
Which then makes bash use it's own getcwd() implementation, which
doesn't work if the path to the current directory
contains bind mounts in its paths. This shows up as:
Fixes errors on musl images like
shell-init: error retrieving current directory: getcwd: cannot access parent directories: Bad file descriptor
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When a recipe DEPENDS on multiple other npm based recipes,
the symlink will create a conflict.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some node module archives in npmjs.org contain wrong permissions.
I found a case with package.json in the archive being r-xr-xr-x
for which open(..., "w") fails. Modify the manifest file permissions
to add the write bit for the owner.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix a minor typo and replace "partion" with "partition".
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If there is a defconfig set by KBUILD_DEFCONFIG and something that looks
like a defconfig in SRC_URI, the SRC_URI is dropped. This happens even
if the entry in SRC_URI is called my_defconfig_frag.cfg.
Arguably, this is a bug and the behaviour should be changed, but for now
if we're going to remove entries from SRC_URI we should make it clear
what entry is being removed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since explicit debug package creation via ${KERNEL_PACKAGE_NAME}-dbg has
been added to kernel, it has to cover all PACKAGE_DEBUG_SPLIT_STYLE
options. For ex. when the variable "debug-file-directory" package search
path has to be set explicitly, otherwise it will not find any files.
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As a centos 8 spinoff, it lacks the same vgem kernel module.
(From OE-Core rev: 451605aa40482516c18cd1534feacb796516a785)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Release Announcement [1] and Notes [2]
[1] https://lists.gnu.org/archive/html/info-gnu/2022-05/msg00000.html
[2] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=gdb-12.1-release
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libstd-rs update also updated the vendored libc to 0.2.116, the rv64
musl patches were applied to 0.2.112 and hence needed forward porting
done with this changeset.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Check that open file and user process limits are greater than or equal to what
the autobuilder uses.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Use files from the current release to avoid the depreciated -show-cursor
option.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Whilst not a supported distro, we can exclude this from the warning as it
is debian derived and doesn't have the issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since the commit fe26b2379ecd ("image.bbclass: Depend on
virtual/kernel:do_deploy"), the image.bbclass made building images
depend on virtual/kernel. For some images, including small initramfs,
this is not the case. Allow overriding this dependency in case
developers knows what they are doing.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Create separate packages with firmware files for APQ8096 SoC and for
Adreno 2xx/4xx. Include A330 firmware into the 3xx package.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: additional files
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add some documentation about skipping the QA check related to missing
fstab entries or mount units for base mount points where the overlayfs
is mounted from.
Also add a short paragraph about adding a systemd unit dependency to
services in recipes, so that they are started only after the overlayfs
is mounted and ready.
No functional change.
Signed-off-by: Claudius Heine <ch@denx.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Major gcc release with lot of changes [2]
- Add patch to re-shuffle include of sched.h to fix build on musl
- porting guide to gcc 12 [1]
- Fix version in maintainers entry
[1] https://gcc.gnu.org/gcc-12/porting_to.html
[2] https://gcc.gnu.org/gcc-12/changes.html
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
if a setup is using RPM for packaging and there are multiple
recipes that install to ${nonarch_base_libdir}/firmware by using
install -d ${nonarch_base_libdir}/firmware, it will create installation
clashes on image install, as linux-firmware in before this patch
used mkdir -p, which creates different file mode bits (depending
on the current user's settings).
In a particular example
linux-fimware created /lib/firmware with 0600
while other-firmware-package created it with 0644
making the combination not installable by rpm backend
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As pointed out in
https://lists.openembedded.org/g/openembedded-core/message/165058
https://lists.openembedded.org/g/openembedded-core/message/165216
this patch sets KERNELDEPLOYDEPEND but then uses KERNELDEPMODDEPEND.
Revert the changes since no one seems interested enough to fix it.
If someone wants this then make the variable name readable by
adding underscores where appropriate, for example by calling it
KERNEL_DEPLOY_DEPEND.
This reverts commit dcf9dfa4e6305786cd713aa28deda94a50bd6635.
Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A change in behaviour in make between 4.2.1 and 4.3 on how whitespace
and appends are handled[1] causes changes in lib/libpci.pc and leads
to non-reproducible builds.
Add a dependency on make-native to resovle this as a least invasive
and least worse solution for now.
[1] https://git.savannah.gnu.org/cgit/make.git/commit/?id=b90fabc8d6f34fb37d428dc0fb1b8b1951a9fbed
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Includes a fix for CVE-2022-27404.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are cached reproducibility issues on the autobuilder due to the PRServ
sstate checksum issues, flush the bad data out the system by bumping the
versions.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The recent ptest addition was causing reproducibility tests to fail.
Remove the problematic files as they clearly aren't needed on target
to run the ptests. Hack the Makefile so that it doesn't try to rerun
configure and similar.
Also add a missing dependency on make.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently the signatures for do_packagedata don't reflect whether PRServ
was active or not. This means that if you have mxiing of PRServ usage and
non PRServ usage against the same sstate cache it can rarely become
corrupted with one referencing the other.
This likely doesn't happen in general but does on the autobuilder as PRServ
is tested. Add in some variables to ensure the binary state of PRServ being
enabled or disabled is tracked (but not the server value). We continue to
assume one PRServ is used per sstate cache.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Includes fixes for CVE-2022-1381, CVE-2022-1420.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Status updated but using the existing patch since it is functionally identical.
Signed-off-by: Aryaman Gupta <aryaman.gupta@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
partitions
This patches makes locating the file database containing the file and
folder usernames and permissions more reliable.
In addition to locating it relative to the partition directory, we also
try to locate it relative to the IMAGE_ROOTFS.
Prior to this patch, the database was not found when using
--rootfs-dir=${IMAGE_ROOTFS}/<x> in the WIC script, leading to erronous file
permissions and ownership.
Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
OpenSSH 9.0 uses sftp by default as the transport for scp, add in
sftp-server so that this works as expected for users, rather than being
left with a confusing "scp: Connection closed" message.
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The CVE product name for PyPI packages is (usually) the same as the PyPI
package name (and not our recipe name), so use that as the default.
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop DEPENDS on libxslt-native which is unused as the tarball includes
the manpages and the build process never invokes the script which
regenerates them (make.sh)
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The upstream has moved from Gentoo to GitHub and is now maintained by a
new collection of cross-distribution contributors.
Drop the revert of the userspace firmware loading removal patch as these
are only required to support kernels older than 3.7, do not apply
cleanly and will never be merged upstream.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The autobuilder sstate was corrupted via incorrect equiavlences caused by
the security fix to git and the poor interaction that had with SCM version
checks under fakeroot/pseudo. Bump the versions to enable a clean slate
to work off.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Turns out this doesn't actually work, as git doesn't respect the environment
when reading the safe.directory configuration variable.
This reverts commit d4a5862ce8db97d26a3c32c4cffea3197c1defec.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is horrible but I'm running out of better ideas. We hit circular reference
issues which we were trying to avoid in the core HOSTTOOLS code. When building
the eSDK, there can be two copies of the script.
Therefore assume git will never be in a directory called scripts. This
fixes eSDK build failures.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The previous minimially invasive git intercept simply isn't enough. For example,
meson used in the igt-gpu-tools recipe hardcodes the path to git in the configure
step so at install time, changing PATH has no effect.
There are lots of interesting things we could do to try and avoid problems but
making the git intercept and dropping fakeroot privs for git global is probably
the least worst solution at this point. It will add slight overhead to git calls
but we don't make many so the overall impact is likely minimal.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We'd like to intercept git calls but we don't want circular references
and HOSTTOOLS currently sets them up. Tweak to avoid them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The fix for CVE-2022-24765 in git[1] breaks any use of git inside
pseudo. Add a simple test case to oe-selftest to verify that at least
basic uses of git work fine under pseudo.
[1] https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop patches:
fix-selinux-flask.patch
(upstream fixed the issue)
e8b56ebd536e82b15542a00c888109471936bfda.patch
(backport)
0001-uname-report-processor-and-hardware-correctly.patch
(upstream explicitly marks the options as non-portable and unreliable[1];
the patch is difficult to rebase, use case for oe unclear)
[1] https://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=v8.24-7-g6d67649
License-Update: copyright years
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This happens when ptest is enabled with clang compiler
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream removed the GPLv3 component to the license here:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=fbb26c3ac514189f50a31f72dde2a02ef7b41f9f
Update our metadata accordingly as there are now no GPLv3 components.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The trace tools are licensed under GPL-3.0-or-later but this wasn't
listed in LIC_FILES_CHKSUM. Fix that.
Ultimately we could disable that license if the trace PACKAGECONFIG is
disabled but I'll leave that to someone else if they're keen.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
do_configure uses the base.bbclass version, which can
call 'make clean', negating the disabling.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Peter Kjellerstedt
Claudius Heine
Richard Purdie
Davide Gardenal
Khem Raj
Zoltán Böszörményi
Leon Anavi
Ross Burton
Andrej Valek
Steve Sakoman
Michael Halstead
Dmitry Baryshkov
Konrad Weihmann
Jacob Kroon
Aryaman Gupta
Felix Moessbauer
Alex Kiernan
Alexander Kanavin