| Age | Commit message (Collapse) | Author | Files |
|---|
|
v2 changes:
* update format for commit log
* add Upstream-Status for patch
commit a82651188476841d190c58693f95827d61959b51 upstream
Dkpkg::Source::Patch: Correctly parse C-style diff filenames
We need to strip the surrounding quotes, and unescape any escape
sequence, so that we check the same files that the patch program will
be using, otherwise a malicious package could overpass those checks,
and perform directory traversal attacks on source package unpacking.
Fixes: CVE-2014-0471
Reported-by: Jakub Wilk <jwilk@debian.org>
[drop the text for debian/changelog,because it's not suitable
for the veriosn]
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
v2 changes:
* update format for commit log
* add Upstream-Status for patch
ppm2tiff does not check the return value of the TIFFScanlineSize
function, which allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted PPM image that
triggers an integer overflow, a zero-memory allocation, and a heap-based
buffer overflow.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4564
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
v2 changes:
* update format for commit log
* add Upstream-Status for patch
Multiple directory traversal vulnerabilities in pam_timestamp.c in the
pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to
create aribitrary files or possibly bypass authentication via a .. (dot
dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY
value to the check_tty funtion, which is used by the
format_timestamp_name function.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2583
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* TUI/GUI support was added in 2.6.35 based on libnewt
* since 3.10 slang replaced libnewt completly
* changing TUI_DEFINES is not necessary, because NO_NEWT is
still respected with newer kernels
* add comment about the gui history to the recipe
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It is introduced a bug, since The return of "file ld-linux-x86-64.so.*"
does not include "dynamically linked" in redhat 5.9/6.0(32 bit), and lead
to that ld-linux-x86-64.so.* is not in executable file list.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When toolchain directory is changed to execute mode, some non-executable
files or empty files are sorted. This will lead to the below error:
Extracting SDK...done
Setting it up...Traceback (most recent call last):
File "..._SDK/relocate_sdk.py", line 208, in <module>
arch = get_arch()
File "..._SDK/relocate_sdk.py", line 39, in get_arch
ei_mag0,ei_mag1_3,ei_class = struct.unpack("<B3sB11x", e_ident)
struct.error: unpack requires a string argument of length 16
To call get_arch and parse_elf_header, we should ensure the sorted file
is bigger than 64 byte.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch is used for fixing build errors without dnssd/avahi, we
already have this patch, but isn't added to SRC_URI:
meta/recipes-extended/cups/cups/cups-str4402.patch
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Found this error on CentOS 5.10, other distros may also has this
problem, I think that we can disable the selinux for dbus-native:
bus/selinux.c:327: error: array type has incomplete element type
[YOCTO #6374]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch allows for an optional new layout for ipk feed directories which I've
called a 'hierarchical feed' and is based on how Debian pools package files. It
is disabled by default and is enabled by setting IPK_HIERARCHICAL_FEED to "1".
In the traditional feed layout, package files are placed in <outdir>/<arch>/.
This can lead to several thousand files existing in a single directory which is
often a problem if developers want to upload a package feed to a shared web
hosting provider. For example, in my case, listing files via FTP only shows the
first 2000 files, breaking my scripts which attempt to upload only new and
changed files via FTP.
In the hierarchical feed, package files are written to
<outdir>/<arch>/<pkg_prefix>/<pkg_subdir>, where pkg_prefix is the first letter
of the package file name for non-lib packages or "lib" plus the 4th letter of
the package file name for lib packages (eg, 'l' for less, 'libc' for libc6).
pkg_subdir is the root of the package file name, discarding the version and
architecture parts and the common suffixes '-dbg', '-dev', '-doc', '-staticdev',
'-locale' and '-locale-*' which are listed in meta/conf/bitbake.conf.
This change relies on recent patches to opkg-utils which support hierarchical
package feeds.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
kexec-tools-klibc required kexec-tools.inc file. Put the patch of
kexec-tools into bb file in order to fixing QA warning about files path.
The patch only needed by kexec-tools.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
OpenSSL has license complications and GnuTLS is preferred, so although the
license complications don't impact wget use GnuTLS for consistency.
Also add a recommendation on ca-certificates so that https: URLs work.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Compilation with zlib is fixed in DirectFB 1.7.1.
Upstream commit:
commit 40779160de4d57bad973af9674df51ad281fdb8f
Author: Denis Oliver Kropp <dok@directfb.org>
Date: Tue Sep 18 21:10:25 2012 +0200
Core: Include zlib.h where it was missing.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes [YOCTO #6440]
When cross compiling gawk, it is possible to see this fail:
make[4]: Entering directory '/mnt/home/paul/poky/build/tmp/work/corei7-64-poky-
linux/gawk/4.1.1-r0/build/extension'
for i in filefuncs.la fnmatch.la fork.la inplace.la ordchr.la readdir.la readfi
le.la revoutput.la revtwoway.la rwarray.la testext.la time.la ; do \
rm -f /usr/lib/gawk/$i ; \
done
rm: cannot remove '/usr/lib/gawk/filefuncs.la': Permission denied
rm: cannot remove '/usr/lib/gawk/fnmatch.la': Permission denied
rm: cannot remove '/usr/lib/gawk/fork.la': Permission denied
rm: cannot remove '/usr/lib/gawk/inplace.la': Permission denied
rm: cannot remove '/usr/lib/gawk/ordchr.la': Permission denied
rm: cannot remove '/usr/lib/gawk/readdir.la': Permission denied
rm: cannot remove '/usr/lib/gawk/readfile.la': Permission denied
rm: cannot remove '/usr/lib/gawk/revoutput.la': Permission denied
rm: cannot remove '/usr/lib/gawk/revtwoway.la': Permission denied
rm: cannot remove '/usr/lib/gawk/rwarray.la': Permission denied
rm: cannot remove '/usr/lib/gawk/testext.la': Permission denied
rm: cannot remove '/usr/lib/gawk/time.la': Permission denied
Makefile:1235: recipe for target 'install-data-hook' failed
The problem only manifests itself on hosts where the above files
are already present; for if they are absent then the rm -f does
not fail with -EPERM.
Before looking in mainline gawk for a fix, I fixed it myself.
Then in comparing with mainline gawk, I found their fix was
not 100% complete. So here we get a backport of the mainline
gawk commit, plus the delta as a commit that I've sent to the
gawk mailing list.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In the do_unpack_and_patch task of archiver, the changed 'WORKDIR' also
casued 'B' changed, create dir 'B' for the possibly requiring of the
tasks which executed in do_unpack_and_patch task.
Such as cut-ecgl's do_patch required 'B' existed:
...
| cp: target 'tmp/work/x86_64-wrs-linux/cut-ecgl/1.0-r0/archiver-work
/cut-ecgl-1.0' is not a directory
...
| ERROR: Function failed: do_patch (log file is located at tmp/work/
x86_64-wrs-linux/cut-ecgl/1.0-r0/temp/do_unpack_and_patch/
log.do_unpack_and_patch.11886)
...
The 'B' dir is implicitly created at the task executing time while the
task tag 'dirs' is not assigned. In the above cut-ecgl example, the 'B'
was created at the wrl_buildlink executing time which is the prefuncs of
task do_unpack. So the following do_patch could use 'B' correctly. But
wrl_buildlink is unnecessary and not invoked in the do_unpack_and_patch
task.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The SYSLINUX_TIMEOUT ?= "1" means 0.1 second which is too short, set to
1 second as mage-live.bbclass and boot-directdisk.bbclass does.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The older kernel's linux/if_link.h doesn't have IFLA_VLAN_PROTOCOL, we need
check whether it has been defined or not.
The maintainer said that he would fix it:
http://thread.gmane.org/gmane.comp.sysutils.systemd.devel/18200
Also we need redefine IFLA_MAX from 34 to 35 when define IFLA_CARRIER,
otherwise there would be error:
| src/libsystemd/sd-rtnl/rtnl-types.c:233:9: error: array index in initializer exceeds array bounds
| [IFLA_CARRIER] = { .type = NLA_U8 },
[YOCTO #6380]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- P2P enhancements/fixes;
- Interworking/Hotspot 2.0 enhancements;
- Internal TLS implementation enhancements/fixes;
- D-Bus interface extensions/fixes;
- various bug fixes.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bug fix release
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The gengtype patch we apply to gcc aims to ensure that the build and host
config headers don't get confused. We're seeing build failures where
both headers have been included, likely due to a race over the configuration
files.
It seems the gengtype-lex.c file isn't being regenerated when it should
and the unconditional inclusion of bconfig.h is resulting in these issues.
The fix is therefore to remove the file, forcing its regeneration.
[YOCTO #6393]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
KERNEL_MODULE_PROBECONF
The current module_autoload_* and module_conf_* variables are error
both ugly and error prone. They aren't registered in the task checksums
so changes to them aren't reflected in the build. This turns out to
be near impossible to fix with the current variable format in any
sensible way :(.
This patch replace module_autoload with the list of variables in
KERNEL_MODULE_AUTOLOAD which is a much simpler and usable API. An
error is printed if an old style variable is encountered. It should
be simple to convert to this.
module_conf_* are harder to deal with since there is data associated
with it, it isn't simply a flag. We need a list of variables that are set
in order to be able to correctly handle the task checksum so we add
KERNEL_MODULE_PROBECONF for this purpose and error if the user hasn't
added a module to it when they should have.
[YOCTO #5786]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This adds a binconfig-disabled class which can be used by recipes where
a -config file is installed but we wish to disable it and just rely on
the .pc files instead.
Rather than simply deleting it, we make the script "exit 1" so that it
can be found in PATH and raise a build error rather than something
silently falling back to the build system for example.
Rather than randomly finding -config files, this adds in the
specification of a list of binconfig scripts which is more deterministic
and maintainable moving forward.
This patch converts various users in OE-Core to use this, a world build
of OE-Core tests out ok with this change. There will likely be issues in
other layers however, hence this being a RFT.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
One fix, another appears... root-cause to a magic dependency hiding at the
bottom of the Makefile, and add all binaries to it.
[ YOCTO #6416 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For most users this commit will have no effect. But if you come across the idea of giving
different names for paths, you'll get some troubles.
When a recipe inherit native, properly define bindir, sbindir, includedir, sysconfdir, datadir
(using xxxdir_native definitions from meta/conf/bitbake.conf).
For example, edit "${BASE_WORKDIR}/${MULTIMACH_TARGET_SYS}/quilt-native/temp/log.do_configure"
and see what are the arguments given by oe_runconf.
Notice that ${docdir}, ${mandir}, ${infodir}, ${localstatedir} have no associated _native definition.
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The QEMU_OPTIONS variables belong in qemu.bbclass so move them there. The
only users of them inherit qemu.bbclass. There is no point in pushing
these into every recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The correct cpu options are needed in order to correctly run some CPU
types. This information is available in QEMU_OPTIONS, use it. This
avoids architectures like qemuppc failing postinstalls.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently, qemuppc prints warnings about gdk-pixbuf postinstalls
not working due to illegal instructions. This is due to qemu
running with the wrong cpu type. Add an option for ppc7400 so
that qemuppc works correctly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Hardcoded paths to perl don't make sense, use from the environment instead.
[Patch taken from meta-mentor by RP]
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This class summarizes sstate reuse at the end of the build, so you know how
much of your build was done from scratch.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It seems that there are multiple problems with the upstream RUNTIME_PREFIX
mechanism at this time. It doesn't canonicalize argv[0] to an absolute path,
breaking calls via the PATH, for example. In addition, it doesn't seem to
locate template_dir via the runtime prefix even when specified as relative.
Revert this for now to the previous wrapper-based mechanism, but tweaked
slightly to avoid hardcoding the sysroot path into the wrapper (based on the
bits in the rpm recipe).
[YOCTO #6211]
[Pulled from meta-mentor by RP]
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If CONFIG_SYSLOGD is not enabled, then the related service file should
not be installed as it will always fail at system start-up. The error
message is as following.
[FAILED] Failed to start System Logging Service.
The same logic applies to CONFIG_KLOGD.
So we should first check the configuration before we install these
service files.
[YOCTO #5302]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By default ipv6 is auto detected for native builds but disabled when
cross compiling.
This commit adds a PACKAGECONFIG option, unconditionally enabled for
native and nativesdk builds and controlled by the ipv6 DISTRO feature
for target builds.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Otherwise may do_compile error:
test-cgroups.c:43:23:: fatal error: libcgroup.h: No such file or directory
and:
configure: No package 'gstreamer-plugins-base-1.0' found
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Three different recipes provide the stat program, busybox, coreutils and stat.
Ensure that they are installed to the same place and use update-alternative
with the correct priorities to have the correct binary installed.
[YOCTO #6415]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Both busybox and e2fsprogs provide chattr, ensure that they are delivered
to the same location and use update-alternatives to ensure the correct
links are there.
[YOCTO #6407]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This was an issue in the command-line argument parsing. It was the cause of
the bug reported on the OE-core mailing list by Denys Dmytriyenko.
Signed-off-by: Max Eliaser <max.eliaser@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This variable is a left-over from early glibc recipes.
It is not referenced anymore in oe-core, and its functionality
has been replaced with 'GLIBC_GENERATE_LOCALES'.
Also remove the reference to it in local.conf.sample.extended.
Signed-off-by: Jacob Kroon <jacob.kroon@mikrodidakt.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
systemd complains with
| Configuration file /lib/systemd/system/dbus.socket is marked executable. Please remove executable permission bits. Proceeding anyway.
| Configuration file /lib/systemd/system/dbus.service is marked executable. Please remove executable permission bits. Proceeding anyway.
else.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
on rebuilds, dbus-native can detect an already existing dbus-glib and
tries to link some tests against it. As files were unstaged and due
to libtool insanities this fails with:
| /usr/bin/grep: .../sysroots/x86_64-oe-linux/usr/lib/libdbus-1.la: No such file or directory
| sed: can't read .../sysroots/x86_64-oe-linux/usr/lib/libdbus-1.la: No such file or directory
| x86_64-oe-linux-libtool: link: `.../sysroots/x86_64-oe-linux/usr/lib/libdbus-1.la' is not a valid libtool archive
| make[3]: *** [libdbus-testutils.la] Error 1
| make[3]: Leaving directory `.../work/x86_64-oe-linux/dbus-native/1.8.2-r0/build/test'
Make builds predicatable (and working) by disabling usage of dbus-glib
explicitly.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream bluez installs the obex.service file into /usr/lib
regardless of the multilib settings as does the current systemd
recipe. Make sure it gets packaged properly.
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We've seeing occasional debugedit failures in grub during do_package
which in turn are coming from section alignment failures from libelf.
The failures occur when gold is used to link grub instead of ld.bfd.
"readelf -e uhci.module" shows:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[12] .note.GNU-stack PROGBITS 00000000 0010ce 000000 00 0 0 1
in a good build and:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[24] .note.GNU-stack PROGBITS 00000000 009180 000000 00 0 0 0
in a bad build. The problem is the "Al" (alignment) change from 1 to 0.
If its 0, debugedit complains.
As far as I can tell, the alignment of a zero length section is not
an issue and the check in libelf should check the section size and only
give alignment errors if there is some data to align.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
variable is called 'libexecdir', not 'libxecdir'.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
built images
YB: #6254
Adding a new script that will fetch image files from a remote images repository.
These images will then be used for local runtime testing.
Use the '-h' option for more details on usage.
Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
YB: #6254
The QemuTargetControl class does not specify any kernel naming but the runqemu script it uses uses the " KERNEL_IMAGETYPE + MACHINE + '.bin' " naming scheme.
Modifying the other major target controller class, MasterImageHardwareTarget, to use the same kernel naming scheme.
This is usefull also to outside scripts that want to anticipate the kernel file name for all target controllers.
Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
YB: #6254
This module uses os but relies on other modules to import it. Adding 'import os' in order to be self-sustained.
Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
controllers
YB: #6254
Add a new classmethod that can be used by outside scripts to get the extra files needed by the target controllers.
An outside script can predict rootfs, manifest and kernel files needed by a target controller, but sometimes there are other files needed.
Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
YB: #6375
Some test image fstypes require bzip2 decompression.
Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
YB: #6375
Adding support for get_image_fstype() in the MasterImageHardwareTarget and GummibootTarget classes.
Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
