| Age | Commit message (Collapse) | Author | Files |
|---|
|
CVE-2017-13728, CVE-2017-13731
There is an illegal address access in the function dump_uses() in progs/dump_entry.c
in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_safe_strcat function in
strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
There is an illegal address access in the function _nc_read_entry_source()
in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_save_str function in
alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in
ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an illegal address access in the function postprocess_termcap()
in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13734
https://nvd.nist.gov/vuln/detail/CVE-2017-13732
https://nvd.nist.gov/vuln/detail/CVE-2017-13731
https://nvd.nist.gov/vuln/detail/CVE-2017-13730
https://nvd.nist.gov/vuln/detail/CVE-2017-13729
https://nvd.nist.gov/vuln/detail/CVE-2017-13728
Upstream patch:
https://anonscm.debian.org/cgit/collab-maint/ncurses.git/commit/?id=129aac80802d997b86ab0663836b7fdafb8e3926
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Allow to search header files and libs from native sysroots.
For example, an expanded BUILD_CFLAGS includes:
'-isystem/builddir/to/linux-yocto/recipe-sysroot-native/usr/include'
And an expanded BUILD_LDFLAGS includes:
'-L/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib
-Wl,-rpath-link,/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib
-Wl,-rpath,/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib'
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When selected multiple subimages a similar error could happend:
Variable do_image_cpio[subimages] value changed \
from 'cpio.gz.u-boot cpio.gz' to 'cpio.gz cpio.gz.u-boot'
To avoid this, 'ctypes' should be sorted at 'gen_conversion_cmds'.
This garantee that 'CONVERSION_CMD_xxx' are always written in tha same
order and consequently 'do_image_cpio' have the same hash.
Signed-off-by: Gerson Fernando Budke <nandojve@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It was noticed that do_image_qa is useless when rm_work is enabled as the rootfs
directory is deleted before image_qa is called.
This indicates that image_qa is incorrectly scheduled as it failing should mean
images don't get generated, so move it between do_rootfs and do_image.
Also, add a little bit more documentation to the comments.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- The environment tools target has change to envtools;
- The HOSTCC variable must be used to set CC for cross;
- Drop ARCH variable as it is set on config;
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Different squashfs versions have IMAGE_TYPE with hyphen (eg squashfs-lz4).
Tasks on the other hand have names with underscore (eg do_image_squashfs_lz4).
Signed-off-by: Tomasz Meresiński <tomasz.meresinski@comarch.pl>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The Github-generated tarballs can and do change over time, so point at the
archived tarball website that the maintainer hosts.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
A regression was introduced by me in commit 767335c9:
[ cross-canadian.bbclass: override TARGET_* flags ]
it causes BUILDSDK_C/CXXFLAGS being exported in environment-setup
script built from meta-environment recipe, which is wrong, restore to
TARGET_C/CXXFLAGS.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
By setting systemd-serialgetty to rdepend on systemd, we are making
configuration files have runtime dependency on the main utility that
uses those configuration files. Applied with the same logic, we should
make any package that provides service files under /etc/init.d/ to have
runtime dependency on sysvinit. And this is not right.
So we should remove systemd from RDEPENDS of systemd-serialgetty.
Besides, as we have changed systemd to have systemd-serialgetty in its
RDEPENDS by default, we should avoid circular dependency issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Set NO_RECOMMENDATIONS to "1", build and start a systemd image, and we
could not get serial getty spawned, thus causing the user not able to
login via serial port.
E.g.
MACHINE=qemux86-64 bitbake core-image-minimal
runqemu qemux86-64 nographic
And we cannot login onto the system.
Move util-linux-agetty and systemd-serialgetty (determined by PACKAGECONFIG)
from RRECOMMENDS to RDEPENDS to fix the above problem.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
To help users find the work and log directories (especially within the
eSDK) we create symlinks to these from the source tree. However during
do_buildclean we call "make clean", and some project Makefiles which
delete something like "*/*/lib" which will match files underneath the
oe-workdir symlink and fail. do_buildclean is called from do_clean which
is in turn called by devtool reset by default, and thus devtool reset is
blocked. An example of a recipe where this is visible is the openssl-qat
recipe in meta-intel.
In order to fix this, delete the symlinks at the start of do_buildclean
since we shouldn't need them at that point anyway, and thus make clean
won't be able to trip over them.
Fixes [YOCTO #11036].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
To improve binary reproducibility, only the
relevent part of the Makefile in bzip2-ptest
package that run-ptest needs are copied to
the destination directory.
bzip2-ptest requires Makefile. The original
Makefile contains references to build host.
By copying only the relevent part,
we avoid those references making their way
into the target system
Used Makefile.am as the source to extract
the revelent part instead of Makefile as
it is easier to parse than Makefile.
A redundant command in do_install_ptest()
that repeat the copying of Makefile that
was already copied by Makefile's install-ptest
step is removed because it now interfers with
the creation of the new Makefile by
make's install-ptest.
[YOCTO #11596]
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Having only this utility is useful for tiny initramfs'es which don't
need the whole util-linux package (and neither the busybox binary
which is much bigger than switch_root) to do operations like decrypt
a rootfs & switch to it in the init file.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This avoids the following error when the systemd DISTRO_FEATURE is
enabled, but the systemd PACKAGECONFIG is not:
ERROR: bluez5-5.46-r0 do_package: SYSTEMD_SERVICE_bluez5 value
bluetooth.service does not exist
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Unbreak serial console when driver name contains spaces (PXA serial).
Fix commit ac0e954
"start_getty: Over added SERIAL_CONSOLE cause error in userspace log"
Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
image file
core-image-tiny-initramfs was used to generate a wic image, which was conceptually wrong
since initrafms recipes should only generate the boot artifacts that can later be used
by another recipe to generate an image using the tool of their choice.
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
QEMU version 2.11 will remove the pixman submodule. This means users are
always required to supply pixman from the system if building softmmu
support in QEMU.
Without specifying a pixman configure option QEMU will default to using
the system pixman if it is avaliable. In which case let's remove the
config option as it is no longer supported in recent commits and is not
required in older builds as the configure system defaults are already
using system pixman.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This adds the meta-go-toolchain. It enables the generation of a Go
toolchain allowing for cross compiling for target architecture.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The go build tool creates working directories under
$TMPDIR for all of its processing. Create a directory
under ${WORKDIR} for this and point TMPDIR at it during
compilation, so that systems that have a relatively
small /tmp filesystems can still compile larger Go
packages.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Add patch for go's make script to allow for
build system != host system
* Add dependencies on the appropriate crosssdk recipes,
and use the crosssdk C compiler and linker
* Remove bashism in the wrapper script
* Restrict installation to only the tool binaries
to address some packaging errors
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Switch to using an external linker for nativesdk
go, go-runtime, and go package builds, which works
more reliably when building 32-bit SDKs.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* The _FOR_TARGET variables need to include SDKNATIVEPATH
* Install tools (cmd) only, and for the build host
* Remove unnecessary FILES setting
Corrects some errors when the build host architecture
is different from the SDKMACHINE's.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
Also update the ASSUME_PROVIDED in bitbake.conf to contain gawk-native
as the dependency is passed in via HOSTTOOLS for native builds.
This allows for recipes to depend on gawk-native, and have the
dependency met if not already provided by the host tools.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
There were two identical code blocks for writing the
postinst-useradd-${PN} scripts. This combines them into one.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Whenever SDKMACHINE is set to mingw32, sdkmingw32 override is defined
everywhere. This meant that value of LDGOLD was different also for
binutils and binutils-cross depending whether SDKMACHINE was set or not.
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If buildstats are available (for a certain measurement), show recipe
version changes between the two builds that are being compared. The
information shown includes new and dropped recipes as well as changes in
recipe version, revision or epoch.
[YOCTO #11382]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
More refactoring of buildstats-diff script. Move recipe version
comparison functionality to scripts/lib/buildstats.py. This patch also
compasses some wording changes, i.e. changing 'package' to 'recipe'.
[YOCTO #11382]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Utilize buildstats, if available, and show a summary of the resource
usage of bitbake tasks in the html report. The details provided are:
- total number of tasks
- top 5 resource-hungry tasks (cputime)
- top 5 increase in resource usage (cputime)
- top 5 decrease in resource usage (cputime)
[YOCTO #11381]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
