| Age | Commit message (Collapse) | Author | Files |
|---|
|
* some fundamental perf commands can work
without the dependency on perl, python or bash
make them separate packages and RSUGGEST them
* bump PR
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Enable SDL by default for nativesdk as we do with natve, this will
allow qemu with ADT to use graphics no vnc by default.
[YOCTO #6446]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We apply this patch to the python recipe already. Without this patch
the zeroc-ice-native recipe will not build.
See: http://bugs.python.org/issue17547 for more details.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Previously, if we have 'package-management' and 'read-only-rootfs'
both in IMAGE_FEATRUES, we would meet the following error at system
start-up.
rm: can't remove '/etc/rcS.d/S99run-postinsts': Read-only file system
However, what's really expected is that when there's no postinstall
script at system start-up, the /etc/rcS.d/S99run-postinsts should not
even be there.
Whether or not to remove the init script symlinks to run-postinsts should
not depend on whether we have 'package-management' in IMAGE_FEATURES; rather,
it should only depend on whether we have any postinstall script left to run
at system start-up.
This patch changes the _uninstall_unneeded function based on the logic
stated above.
[YOCTO #6257]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some classes of recipe disable ptest even though its in DISTRO_FEATURES
(e.g. nativesdk). We shouldn't attempt to build ptest packages when
its disabled. This replaces some DISTRO_FEATURE checks with PTEST_ENABLED
checks instead.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
The do_configure_prepend was duplicated in gcc-4.X.inc and
gcc-configure-common.inc leading to confusion when reading the resulting
do_configure task where the file was processed twice.
The only difference was the removal of the include line for gcc 4.8/4.9.
On mingw were were seeing two issues, firstly that the if statements meant
the values we wanted weren't being set, the second that the include
paths were still wrong as there was no header path set.
To fix the first issue, the #ifdef conditionals were removed, we want
to set these things unconditionally. The second issue is addressed by
setting the NATIVE_SYSTEM_HEADER_DIR variable here (it was already
set in t-oe).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If image contains dbus and ptest is in DISTRO_FEATURES, dbus-ptest package
is installed, regardless of whether ptest-pkgs is in IMAGE_FEATURES. This
issue will increase size for most small images.
This patch fixes this problem.
[YOCTO #5702]
(From OE-Core rev: 0416583f014138656babdf78a574357ae5ff25bd)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When building on XFS filesystems, the resulting rpms can be corrupted
with the same inode number being used for multiple hardlinked files.
There are two fixes, one to stop rpm crashing when accessing a broken
binary rpm, the other to stop generating them in the first places. Full
descriptions in the patch headers.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fontconfig doesn't need to be passed large file flags through CPPFLAGS because
it's configure script uses AC_SYS_LARGEFILE.
This reverts commit 5a49a24d35794fcf9e3895469a67db992a52305e.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
http://www.openssl.org/news/secadv_20140605.txt
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a
denial of service attack.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
http://www.openssl.org/news/secadv_20140605.txt
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a Man-in-the-middle (MITM) attack where the attacker can decrypt and
modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client *and*
server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers
are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users
of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
http://www.openssl.org/news/secadv_20140605.txt
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code
can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
This replaces the fix for CVE-2014-0198 with one borrowed from Fedora,
which is the same as the patch which was actually applied upstream for
the issue, i.e.:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b107586c0c3447ea22dba8698ebbcd81bb29d48c
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
make openssl-CVE-2010-5298.patch truely work
(From OE-Core rev: eab33442480cc27a5cd00b3f46984fea74b7c0f9)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-connectivity/openssl/openssl_1.0.1g.bb
|
|
These dependcies are needed to ensure that thier packages are created
correctly since these classes have runtime dependiences in their packages
but they are not actually created yet at rootfs time.
[YOCTO #6072]
(From OE-Core rev: bba835fed88c3bd5bb5bd58962034aef57c408d8)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The alloca() function allocates space in the stack frame of the caller,
so using alloca(new_size - old_size) would possibly crash the stack,
causing a segment fault error.
This patch fixes the above problem by avoiding using this function in
journal-file.c.
[YOCTO #6201]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
If the first command returns an error, it will not cause the image generation
step to fail. Simply split up the statement into multiple lines to avoid
this issue, they no longer need to be one line expressions.
[YOCTO #6391]
(From OE-Core rev: f8125a1e9b6893a12355d55d4df584a8d97f0bff)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It seems that 585324fee380109acd9986388f857f413a60b896 is no
longer there in git and it has been rewritten to
ffc3ad4945da69f3caa2b40e4eed715a9a8d9526
Change-Id: I9ffe8bd9bcef0d2dc5e6f6d3a6e4317bada8f4be
(From OE-Core rev: b193c7f251542aa76cb5a4d6dcb71d15b27005eb)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch fixes a build warning which is promoted to an error via -Werror.
changes from v1:
* put "Upstream-Status" in patch itself, not in OE patch header
* fix commit wording
(From OE-Core rev: 4b41f4199d77144a629897173cff3d1efcfa85f9)
Signed-off-by: Trevor Woerner <trevor.woerner@linaro.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If libsdl-native is in ASSUME_PROVIDED, check for it in the sanity tests.
This warns the user if they've said its being provided but it isn't and
prevents silent build issues.
(From OE-Core rev: d9d7b0515fcf47c4cf7533a12915ea92298ce834)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
configure.ac references the m4 directory so things like gtkdocize
will try and place m4 files there. We need to ensure the directory
exists or the builds can fail.
(From OE-Core rev: 0ced649c055dd25c500d0fd34e4ea94504d98580)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes a compatibility issue between v86d
and SeaBIOS VGA BIOS where the leal instruction
is not decoded properly. Read the
http://thread.gmane.org/gmane.comp.emulators.qemu/271806
thread for more details.
Patch taken from upstream.
(From OE-Core rev: 3e890dd00ed27cc30800caefa85827cb16da5a3a)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
sulogin is provided by both busybox in /sbin/sulogin and util-linux provides one
in /usr/sbin/sulogin, so move util-linux's to sbin and setup ALTERNATIVE_LINK.
[YOCTO #6384]
(From OE-Core rev: a827ca74d27b916df8d40ec8155bc0340f8a0487)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
On systems with /bin and /usr/bin merged the gzip recipe may find grep
in /usr/bin, while OE puts it in /bin. Force the recipe to find grep in
the correct place.
(From OE-Core rev: 8ae714bb59c67433ded1efe6a8750e0e9c126dab)
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Multilib builds only require one crosssdk toolchain. We therefore shouldn't
be remapping crosssdk names. This resolves build failures looking for
weird multilib crosssdk toolchains.
(From OE-Core rev: aa8b93e2db06866529d20939452f81fb9e18aaab)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If file_filter is set, git format-patch takes account but git rev-list
does not. So revlist is going to get with wrong revisions. And last_revision
will be updated with wrong revision. The next time that user run
combo-layer it complain about applying patches.
So ensure that 'git rev-list' are using file_filter as 'git format-patch'.
(From OE-Core rev: c22e40900d8e33c2c884e714c11ddb771b86923f)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The update-rc.d treated priority numbers begin with '0' as octal
numbers. This led to problems of update-rc.d being unable to handle
priorities like '08' or '09' correctly.
This patch fixes the above problem.
[YOCTO #6376]
(From OE-Core rev: 675fd834b9ed696cd87809830d57d3da083580d3)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 2a36a02c2444551579b8498468debfaff0faa6d8)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-core/eglibc/eglibc_2.19.bb
|
|
Backported patch for CVE-2014-3466.
This patch is for daisy.
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Patches explain the issue in detail but this is exposed
with gcc 4.9 in binutils 2.24
(From OE-Core rev: fc5c467b680fc5aef4b0f689e6988e17a9322ae0)
(From OE-Core rev: 4dfb8847ebf8aab90ad8888933468e2899c96998)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: c54fa061da6195081cd29817a351a36377b58e53)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Depends on cryptodev-linux for providing a header file
(From OE-Core rev: b7587d2ef7642dcc248744ade8f85f815185e78c)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: a3a834cf9f35682655661a7c6ba66c1de3491320)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: e7aace7658fabe41839a3ec1b596bf28c6a4c02e)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via a
crafted (1) width or (2) height dimension that is not a multiple of
sixteen in id RoQ video data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849
(From OE-Core rev: 1a43a8054f51fbd542f3f037dc35f8b501e455bf)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The decode_slice_header function in libavcodec/h264.c in FFmpeg before
1.1 allows remote attackers to have an unspecified impact via crafted
H.264 data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850
(From OE-Core rev: 69f3f0f94f4fd224e5a6b275207adf0539d085c3)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted Apple
Lossless Audio Codec (ALAC) data, related to a large nb_samples value.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856
(From OE-Core rev: 571ccce77859435ff8010785e11627b20d8b31f4)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via crafted MJPEG data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854
(From OE-Core rev: b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted
Electronic Arts Madcow video data, which triggers an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851
(From OE-Core rev: 8c9868d074f5d09022efc9419ee09eb805f68394)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before
1.0.4 allows remote attackers to have an unspecified impact via ATRAC3
data with the joint stereo coding mode set and fewer than two channels.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858
(From OE-Core rev: 0ee8754c973f5eff3ba4d00319a5308888c12b17)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via
crafted RLE data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852
(From OE-Core rev: 37f9371b44bd914fdd64e4c4e4448a2908512203)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to
have an unspecified impact via a crafted block length, which triggers an
out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0845
(From OE-Core rev: cc6e2ee53c49206aa3377c512c3bd1de2e14a7b7)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers
to have an unspecified impact via crafted Huffyuv data, related to an
out-of-bounds write and (1) unchecked return codes from the init_vlc
function and (2) len==0 cases.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0868
(From OE-Core rev: 29dcc2c8e834cf43e415eedefb8fce9667b3aa40)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
