| Age | Commit message (Collapse) | Author | Files |
|---|
|
The svn_repos_trace_node_locations function in Apache Subversion before
1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used,
allows remote authenticated users to obtain sensitive path information
by reading the history of a node that has been moved from a hidden path.
Patch is from:
http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before
1.8.14, when using Apache httpd 2.4.x, does not properly restrict
anonymous access, which allows remote anonymous users to read hidden
files via the path name.
Patch is from:
http://subversion.apache.org/security/CVE-2015-3184-advisory.txt
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Instead of sourcing /etc/profile to get $PATH including /usr/sbin, just assign
to PATH in the ssh invocation.
The remote /etc/profile may not actually be manipulating PATH as we expect, and
there may be other commands which can interfere with the tests (such as resize
emitting a series of control characters on connection).
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Instead of duplicating the same code over and over, split it out to a separate
function.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Enable code coverage through the library 'python coverage'. In case the environment
variable COVERAGE_PROCESS_START is present (one of the requisites for measuring
sub-processes; the second one is including some coverage statements into the
python sitecustomize.py file) it will be taken into account, otherwise it is
exported with value '.coveragerc'. The latter value is a configuration file
(also automatically created) with some default settings. Once tests are
executed, a coverage report is shown on the log and the coverage output data is stored
with name '.coverage.<args>' where '<args>' is the name of the unit tests executed
or 'all_tests' when running with --run-all-tests. This output data can be latter used
for better reporting using the same tool (coverage).
As briefly indicate before, measuring sub-process implies setting the env variable
COVERAGE_PROCESS_START (done automatically by the oe-selftest code with this patch if
not already set) and creating a sitecustomize.py as explained on [1].
If either one of these is missing, complete coverage will be incomplete.
Current measurements for 'oe-selftest --run-all-tests' indicate that current coverage
is around 42 % taking into account BBLAYERS, bitbake and scripts folders. More details
on [2], indicating the coverage per file/module.
This tasks has been done together with Humberto Ibarra <humberto.ibarra.lopez@linux.intel.com>
[YOCTO #8679]
[1] http://coverage.readthedocs.org/en/latest/subprocess.html
[2] https://bugzilla.yoctoproject.org/attachment.cgi?id=2854
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When booting weston-core-image with latest wayland/weston/libinput
mouse/touchpad would not work on qemux86, this fixes the issue
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This should have been register_commands rather than register_command;
I used register_commands in devtool so lets change this here to be
consistent with that. (Since this is extensible through layers though we
need to remain compatible with the old name, so fall back to that if the
new function name isn't there.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add a recipetool subcommand "setvar" to set a variable in a file. This
uses our existing logic such that it doesn't matter if the variable is
already set in the recipe, if it's set in the recipe or some inc file,
and if the variable is not currently set that the line setting the
variable gets inserted in the right place in the file.
Implements [YOCTO #7676].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Use bb.utils.edit_metadata() to replace some of the logic in this
function; this avoids us effectively having two implementations of the
same thing. In the process fix the following issues:
* Insert values before any leading comments for the next variable
instead of after them
* Insert overridden variables (e.g. RDEPENDS_${PN}) in the correct place
* Properly handle replacing varflag settings (e.g. SRC_URI[md5sum])
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Make some minor clarifications to help text
* Drop ArgumentDefaultsHelpFormatter and just put the defaults in the
text itself where needed (because otherwise you get defaults shown for
store_true options which is somewhat confusing).
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Enable access to the configuration object in register_commands() so that
we can read configuration values there; this allows us to show the
task that will be run in the command line help for the build subcommand.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Use a bbappend file to set PARALLEL_MAKE instead of a postfile; this
is a bit neater and only affects the specified recipe.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Ensure that the user specifies just the name portion instead of a file
name with extension. (We can't just look for . since there are recipe
names such as "glib-2.0" that legitimately contain .).
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This is just belt-and-braces but we ought to use try..finally in this
kind of situation, so just do it.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Print the SUMMARY value for each matched item assuming it's not the
default.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This function is no longer required to be defined for a plugin, so drop
it where it's a no-op.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Rather than reconstructing the output path for packages, use the proper
variable.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
For subcommands that don't actually involve the workspace, don't
auto-create the workspace.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
For patches that we have to extract the header information by hand (i.e.
will not apply with "git am"), make the following improvements:
* If we can't extract author/date/subject, then try to do so from the
commit that added the patch in git (assuming the metadata is tracked
by git)
* Take only first Signed-off-by line instead of last
* Accept any case for "Signed-off-by" in case author has typed it by
hand
* Improve conditional - we can skip the other cases if one matches
Implements [YOCTO #7624].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If you're upgrading a git recipe to a revision on a release branch
that's different to the branch for the current revision, then you'll
need to update the branch parameter in SRC_URI, so add a --srcbranch/-B
command-line parameter to let you do that easily. It handles both when
the branch is stated verbatim in the recipe, and when a reference to
another variable is used (a common convention is to use a SRCBRANCH
variable for this, though the code doesn't care what variable is used
if any).
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If we're upgrading a recipe that fetches from git, and we've simply
fetched a tarball of the repo instead of directly from the upstream repo
(this can happen if you have PREMIRRORS set up as in poky with a core recipe,
e.g. kernelshark) then we won't have any new revisions, and the checkout
will fail with "fatal: reference is not a tree: <hash>". To avoid this,
do a "git fetch" before checking out the new revision.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If we're upgrading a git recipe the recipe file usually won't need
renaming; for some unknown reason we were throwing an error here which
isn't correct.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This code was clearly never tested. Fix the following issues:
* Actually set SRCREV if it's been specified
* Enable history tracking and reparse so that we handle if variables are
set in an inc file next to the recipe
* Use a more accurate check for PV being in the recipe which will work
if it's in an inc file next to the recipe
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If you did a "devtool add" followed by "devtool upgrade" and then did
a "devtool reset" on the recipe you upgraded, the first recipe would
also be deleted from the workspace - this was because we were
erroneously adding the entire "recipes" subdirectory and its contents to
be tracked for removal on reset. Remove the unnecessary call to
os.path.dirname() that caused this.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The external source of kernel has been patched during the
construction of git repository. Include the do_patch task in the
SRCTREECOVEREDTASKS.
Signed-off-by: Tzu-Jung Lee <roylee17@currantlabs.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If multiple images are being built simultaneously against the same
sysroot then the call to os.makedirs in Image._write_wic_env can fail
with:
File: '.../meta/lib/oe/image.py', lineno: 341, function: _write_wic_env
0337: """
0338: stdir = self.d.getVar('STAGING_DIR_TARGET', True)
0339: outdir = os.path.join(stdir, 'imgdata')
0340: if not os.path.exists(outdir):
*** 0341: os.makedirs(outdir)
0342: basename = self.d.getVar('IMAGE_BASENAME', True)
0343: with open(os.path.join(outdir, basename) + '.env', 'w') as envf:
0344: for var in self.d.getVar('WICVARS', True).split():
0345: value = self.d.getVar(var, True)
File: '/usr/lib/python2.7/os.py', lineno: 157, function: makedirs
0153: if e.errno != errno.EEXIST:
0154: raise
0155: if tail == curdir: # xxx/newdir/. exists if xxx/newdir exists
0156: return
*** 0157: mkdir(name, mode)
0158:
0159:def removedirs(name):
0160: """removedirs(path)
0161:
Exception: OSError: [Errno 17] File exists: '.../tmp-glibc/sysroots/cheetah/imgdata'
Using bb.utils.mkdirhier() protects against this.
There's also little point in checking to see if the directory already
exists - we might as well just try and create it regardless.
Once the directory has been created, there's no race on the actual file
since the filename contains IMAGE_BASENAME.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
the default
* without this the do_rootfs task doesn't respect OPKGLIBDIR and
info, status are created in different directory than opkg on
target expects
* people who modify OPKGLIBDIR need to make sure that opkg.conf included
in opkg package also sets info_dir and status_file options
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Creating a file for every image containing a few variables isn't
necessary if wic is not being used, so don't write the file if WICVARS
is empty.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Dariusz Pelowski <dariusz.pelowski@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fixes [YOCTO #8698] -- https://bugzilla.yoctoproject.org/show_bug.cgi?id=8698
If prior to running the toolchain installation script a toolchain
environment script is sourced then the toolchain installation will
fail. This because the environment is now set for the sourced toolchain
and doesn't suit the installation. In particular PATH points to the
toolchain executables.
The fix makes the script recursively call itself a second time with a
clean environment.
Tested by sourcing a previous successfully installed environment, erasing the
previous installation directory and then reinstalling in the same directory.
Signed-off-by: George Nita <george.nita@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If you put an $ character in the path, SDK installation fails during the
preparation stage, so add this to the disallowed characters.
Fixes [YOCTO #8625].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
In some situations you might end-up with an empty ODIR (pull-xx/). The
most common reason is that you have applied your patches on 'master'
branch (or you are by mistake standing on the 'master' branch),
this will result in the default behavior that 'git format-patch'
will try to diff master..master.
Solve this by aborting the script with a proper error code and message
if ODIR is empty after the 'git format-patch' call (that is expected
to generate the cover-letter and patches).
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Print some status when running
* When incorrect number of arguments specified, print usage text
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Wic runs some tools through pseudo, which makes exec_native_cmd
to fail and throw cryptic error message when tool is not baked:
For example:
Error: exec_cmd: 'export
PSEUDO_PREFIX=/media/ssd/poky-build/tmp/sysroots/x86_64-linux/usr;export
PSEUDO_LOCALSTATEDIR=/media/ssd/poky-build/tmp/work/qemux86-poky-linux/
...
PSEUDO_PASSWD=/media/ssd/poky-build/tmp/work/qemux86-poky-linux/ ...
PSEUDO_NOSYMLINKEXP=1;/media/ssd/poky-build/tmp/sysroots/ ...
mkfs.ext4 -F -i 8192 /var/tmp/wic/build/rootfs_platform.7.ext4 -L
platform -d
/media/ssd/poky-build/tmp/work/qemux86-poky-linux/core-image-minimal/...
returned '1' instead of 0
Made exec_native_cmd aware of pseudo and properly report
errors when command is not found.
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
In the case where many environment-setup-* files exist, the incorrect
filename might be lastly set in env_setup_script, which leads to
incorrect behaviour for the initialization of native_sysroot.
The scenario I had was that our custom meta-toolchain-*.bb, which
inherits populate_sdk, defined another environment-setup-* file to dump
variable information for qt-creator. The file is named like so in order
for the sdk shell script to pick it up and fix the SDK paths in the
file. Since it (coincidentally) alphabetically comes after ...-core2, it
was last set in env_setup_script and the grep OECORE_NATIVE_SYSROOT
would simply be blank. The apparent symptom was "...relocate_sdk.py:
Argument list too long" since the find command would not be searching in
the right path.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Now that qemurunner doesn't need DISPLAY set, let whether DISPLAY is set be up
to the user.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Not everyone wants to run the tests with a qemu that has a graphical output, so
allow display to be None and pass nographic to runqemu in that case.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Now that the SRC_URI is parsed this can be done without false-positives.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
To avoid false positives such as a SRC_URI for http://foo.xz/foo.zip gaining a
dependnecy on xz-native decode the URI so that precise tests can be done.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The idea behind the implementation of Yocto #8138 was that an
additional class can write additional files in the recipe directories,
for example by hooking into the functions of buildhistory.bbclass or
by implementing its own SSTATEPOSTINSTFUNCS function.
However, when these additional files get created before
buildhistory_emit_pkghistory(), they get removed again by that
function because it contains code which removes everything it does
not know about. The reason for that is that these unknown items
are probably obsolete.
This logic is the reason why the additional "kconfig" file from
buildhistory-extra.bbclass never showed up in the final build history.
To fix this, the hard-coded list of known files in
buildhistory_emit_pkghistory() must be turned into a variable which
derived classes can extend.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This change adds the license_deployed_manifest function
that will create the manifest for the packages deployed
next to the image but not installed in rootfs. Some
examples of these recipes would be the bootloaders, or
the kernel.
This new function was added to ROOTFS_POSTPROCESS_COMMAND
so it will run after every rootfs task.
This change also modify the write_license_files because
the image manifest is different from the root manifest.
[YOCTO #6772]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This function will get the files that were deployed using
the sstate-control manifest file. This will give a better
view of what was deployed next to the image.
[YOCTO #6772]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
|
|
This change introduce a new function to get the dependencies
that were deployed. It uses BB_TASKDEPDATAto get all the
dependencies of the current task, so it is possible to get
different packages depending at what point this function is
called.
[YOCTO #6772]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
|
|
This function gets the dependencies from the classes that
create a boot image, this is required because sometimes
the bootloader dependecy is in these classes. The current
classes covered are bootimg and bootdirectdisk because
these are the only clases that add dependencies.
[YOCTO #6772]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
|
|
This changes moves the writing of the licenses to a
separated function that could be called for other packages.
With these change it will be easier to reuse the writing of
the license for the packages deployed but not installed in
the rootfs.
[YOCTO #6772]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
|
|
Currently there is no way to get the recipe version when
creating the rootfs. It is needed because the manifest
file for the image has to contain this important piece
of information.
This change writes a new file in the license folder for
every recipe. This file is called "recipeinfo" and have
the information used to write the manifest file for the
recipes deployed next to the image.
[YOCTO #6772]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
|
|
We want to support different names for the buildtools tarball. The
name may not always be of the default oe-core format.
For instance, at Wind River we define the built-tools name to be:
${SDK_ARCH}-buildtools-nativesdk-standalone-${DISTRO_VERSION}
because thes standard SDK_NAME has additional information that is not
relevant to the builtools tarball.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add optional check to do_populate_sdk() that verifies SDK sysroots don't
contain dangling or escaping symlinks before attempting to tar an archive.
Such links may fail a `tar -h` operation (-h => follow symlinks) or
archive the build system's files.
Set CHECK_SDK_SYSROOTS = "1" to enable this check.
Use case: The -h option may be set via SDKTAROPTS in some configurations
to create symlink-less SDK archives for Windows file systems.
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The extensible SDK relies upon uninative, and with the way that
uninative works, the build system architecture must be the same as the
SDK architecture or the extensible SDK won't be usable. At some point in
future hopefully we can remove this limitation, but until then it's
disingenuous to allow this to build, so add a check to ensure
SDK_ARCH == BUILD_ARCH and fail if it isn't.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
