summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFiles
2017-12-10qemu: use upstream swtpm supportPatrick Ohly18
Upstream finally accepted and merged a different approach for connecting QEMU to swtpm: instead of a custom cuse-tpm device, a normal chardev connects to swtpm, and that chardev then is used by the TPM device. For now we have to backport those patches, but the next major QEMU update will have them. However, the chardev-connect-socket-to-a-spawned-command.patch is something that OE will have to carry permanently. It simplifies starting and stopping swtpm when invoking QEMU through runqemu without having to teach that script about the additional process. Upstream rejected the patch because they want to keep the complexity of starting additional processes out of QEMU. A recent enough swtpm is needed. The one currently used by meta-security fails to communicate properly with QEMU, leading to this failure: qemu-system-x86_64: -tpmdev emulator,id=tpm0,chardev=chrtpm0: tpm-emulator: Failed to send CMD_SET_DATAFD: Input/output error qemu-system-x86_64: -tpmdev emulator,id=tpm0,chardev=chrtpm0: tpm-emulator: Could not cleanly shutdown the TPM: Invalid argument With a recent enough swtpm, one can create a TPM device like this: - bitbake swtpm-native - create a TPM instance and initialize it with: $ mkdir -p my-machine/myvtpm0 $ tmp*/work/*/swtpm-wrappers-native/*/swtpm_setup_oe.sh --tpm-state my-machine/myvtpm0 --createek Starting vTPM manufacturing as root:root @ Wed 06 Dec 2017 10:03:14 AM CET TPM is listening on TCP port 34613. Successfully created EK. Successfully authored TPM state. Ending vTPM manufacturing @ Wed 06 Dec 2017 10:03:14 AM CET - runqemu "qemuparams=-chardev 'socket,id=chrtpm0,cmd=exec swtpm_oe.sh socket --terminate --ctrl type=unixio,,clientfd=0 --tpmstate dir=... --log level=10,,file=.../swtpm.log --tpm2' -tpmdev emulator,id=tpm0,chardev=chrtpm0 -device tpm-tis,tpmdev=tpm0" ... Beware that the double commas are intentional. They are needed to embed commas in the "cmd" value. swtpm_oe.sh is from swtpm-wrappers-native. In the example it is invoked without the full path for the sake of brevity. In practice, one has to use the full path (tmp*/work/*/swtpm-wrappers-native/*/swtpm_oe.sh). With the TPM2-preview version of swtpm, the same works for TPM2 by adding the --tpm2 parameter when invoking swtpm_setup_oe.sh and swtpm_oe.sh. Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-10sstate.bbclass: Add progress bars when removing from the sysrootsPeter Kjellerstedt1
If there are many recipes that should be cleaned out from the sysroots, it can actually take some time. This adds a progress bar to give a visual clue that the clean up is actually progressing. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-10uninative.bbclass: Fix broken symlink issueMark Hatle1
If two builds are sharing the same DL_DIR, and the uninative file is local to a layer. When the first build gets to uninative it creates the link local to itself, and subsequent users can use the same link. However if that first build then is deleted from the disk, the symlink is no longer valid (broken). We need to update the system to detect this case, and use the model implemented by the bitbke fetch2 code. Look for a broken link, remove it, then try to create the link and ignore an exception if it already exists (since we just unlinked any bad one). Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-10minicom: recommend lrzszRoss Burton1
minicom calls out to lrzsz to peform X/Y/ZMODEM transfers, so add a recommends. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-10oe-selftest: devtool: fix test for changes in lzo recipePaul Eggleton4
acinclude.m4 is about to be removed from the lzo recipe which breaks test_devtool_update_recipe_local_files_2. Create a synthetic recipe in meta-selftest with some local files and use that instead. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10Revert "eudev: sync rules with systemd"Ross Burton4
This is breaking input in qemu (and maybe more). This reverts commit 915b99bb8faa29ce3d35c0d6a1e96fa9bcc5c6f1. [ YOCTO #12403 ] Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10classes/sanity: check we don't have an ancient GNU patchRoss Burton1
We depend on the host GNU patch, but patch < 2.7 can't handle git-style patches. This results in patches that fail to apply, or worse apply incorrectly. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10sanity: getstatusoutput returns an int, not a stringRoss Burton1
This code is an error path so nobody noticed that oe.utils.getstatusoutput() is just a wrapper around subprocess.getstatusoutput() which returns an (int, string) pair not (string, string). Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10meta: fix malformed/missing Upstream-Status tagsRoss Burton3
Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10classes/patch: when PATCHTOOL = "git" double-check the repositoryPaul Eggleton1
If a bug is present or the user has set PATCHTOOL = "git" on a source tree that isn't git, if we try to perform git operations (such as committing or changing branches) when extracting source, then we might in fact be running those operations on the metadata repository if the build directory is underneath, say, poky or OE-Core, and that could make a mess. Check if the source tree is a git repository and refuse to continue if it isn't. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10classes/patch: remove unused variablePaul Eggleton1
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10acpica: drop NATIVE_INSTALL_WORKS and fix RCONFLICTSPaul Eggleton1
* NATIVE_INSTALL_WORKS hasn't been used in a very long time, so there's no need to be setting it here. * RCONFLIGHTS was clearly a typo. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10rpm: upstream version is now knownAlexander Kanavin1
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10busybox: CVE-2017-16544Zhixiong Chi2
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. Backport the patch from: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8 https://nvd.nist.gov/vuln/detail/CVE-2017-16544 Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10initramfs-module-install: Remove allarch and FILESEXTRAPATHSMartin Jansa2
* files is already included in default FILESPATH * it cannot inherit allarch as it RDEPENDS on bunch of TUNE_PKGARCH packages * use the same COMPATIBLE_HOST restrictions as grub has to prevent ERRORs in bitbake world ERROR: Nothing RPROVIDES 'grub' (but oe-core/meta/recipes-core/initrdscripts/initramfs-module-install_1.0.bb RDEPENDS on or otherwise requires it) grub was skipped: incompatible with host arm-oe-linux-gnueabi (not in COMPATIBLE_HOST) grub was skipped: incompatible with host arm-oe-linux-gnueabi (not in COMPATIBLE_HOST) NOTE: Runtime target 'grub' is unbuildable, removing... Missing or unbuildable dependency chain was: ['grub'] ERROR: Required build target 'meta-world-pkgdata' has no buildable providers. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10utils: qemurunner.py: cleanup grammar and ensure consistencyMark Asselstine1
Minor grammar correction along with making the term 'login banner' consistent throughout to make searching logs easier. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10utils: qemurunner.py: Log both 'failed to reach login banner" reasonsMark Asselstine1
The current logging always assumes the boot timeout has expired yet there is a second reason we might have ended up in a position where no login banner was found, that being a socket disconnect. Add logging for the disconnect case and make the timeout expiration conditional on the timeout being exhausted. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10utils: qemurunner.py: Add wall clock to 'timeout' loggingMark Asselstine1
When debugging issues when timeouts are involved it is always best to have wall clock times included. This helps give confidence that the timeout is in fact run down at the right rate and that no unexpected events were the true cause of a premature running down of the timeout. Having these times in old logs also helps when debugging issues as we have a historic record as to what is a 'typical' time to complete an action. In addition to adding the wall clock times the time to 'login' is now printed making it consistent with the time to 'qemu pid'. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10grub: Move grub-editenv packaging to grub2.incOtavio Salvador2
The editenv utility must be available on grub and grub-efi so we better have it inside the grub2.inc file to avoid the duplication of metadata. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10grub-efi: Add loadenv and test as default built-inOtavio Salvador1
To allow scripting and environment changes, the loadenv and test must be enabled. This adds those to the default set. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10grub-efi: Rework GRUB_BUILTIN variable as it is too longOtavio Salvador1
As we will add new values here, it is better to split it in multiple lines. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10wayland-protocols: update to 1.12Denys Dmytriyenko1
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10initramfs-framework: Add exec moduleOtavio Salvador2
This new module allow for easy execution of external scripts or applications. It runs anything found in /exec.d directory in order and in case of no scripts to be available, it opens a shell. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10bitbake.conf: set more conservative default for IMAGE_FSTYPES_DEBUGFSAndre McCurdy1
Setting IMAGE_FSTYPES_DEBUGFS to the same value as IMAGE_FSTYPES can lead to creating a large number of DEBUGFS filesystem images, many of which may not make much sense (or may not even be buildable). Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10libbsd: Make it build with GCC 5.0 and olderPeter Kjellerstedt2
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10pciutils: upgrade to 3.5.6Chen Qi1
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10ltp: remove ltp-staticdev packageDengke Du1
The nm01 testcase runtime depends on a static library, and ltp-staticdev package is entirely pointless, so remove it and add the static libraries to ltp main package and skip the "staticdev" checks. Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10musl: prevent errors if do_install is run more than onceAndre McCurdy1
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10quilt: don't patch in an old acinclude.m4, just excude aclocalRoss Burton2
Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10gperf: don't use aclocal.m4/acinclude.m4 danceRoss Burton1
gperf doesn't use aclocal so don't call aclocal. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10gperf: merge inc into bbRoss Burton2
Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10openssh: don't do aclocal/acinclude danceRoss Burton1
Instead, just stop running aclocal. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10pango: update upstream-status on a patchRoss Burton1
2017-12-09recipes-graphics/piglit: Add patch to fix build in some platformsAníbal Limón2
The entry point is not guaranteed to exist, so use the piglit_egl_get_default_display() helper which does the correct thing. Signed-off-by: Aníbal Limón <anibal.limon@linaro.org> Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09wic: support filesystem label for rawcopyMartin Hundebøll1
The '--label' argument should work for '--source rawcopy' as it does for '--source rootfs', so add a method in RawCopyPlugin to update the label on the temporary filesystem images. Signed-off-by: Martin Hundebøll <mnhu@prevas.dk> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09procps: fix two small problemsChen Qi1
1. Fix HOMEPAGE. The old one is obsolete. 2. Remove the setting of CPPFLAGS. It was used to support out-of-tree build. But the problem has been fixed upstream since commit 90cc5460aa0e9ca10a0d7c8c44064fd14789f750 (build-sys: add $(top_srcdir) to include search dir). Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09qemu: fix the makefile for ptestJackie Huang1
It always fail to check the file generated by configure when running ptest on the target since it's cross-compiling, so remove the check from the Makefile for ptest. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09kernel.bbclass: Add cleandirs for do_shared_workdirSaul Wold1
We add the kernel-build-artifacts to the cleandirs list to ensure that there are no remaining artificats in the kernel-build-artifacts directory which is STAGING_KERNEL_BUILDDIR. Without this change multiple System.map files are visiable in the STAGING_KERNEL_BUILDDIR, which could cause problems for some tools. [YOCTO #11880] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09bash: fix build race under muslRoss Burton2
Under musl bash uses its own libintl clone but there are some missing dependencies so it is possible for pathexp.o to be built whilst libintl.h is being written, leading to compile errors. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09lzo: don't do aclocal/acinclude danceRoss Burton2
autoreconf finds autoconf/local.m4 on its own, so there's no need to mess around with a fork of aclocal.m4 as acinclude.m4. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09nettle: remove aclocal/acinclude danceRoss Burton1
Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09site: consolidate ac_cv_func_mmap_fixed_mapped definitionsRoss Burton5
This is the cache variable used by AC_FUNC_MMAP, which is possibly one of the worst autoconf macros to exist. Apart from being a runtime test which silently claims that mmap() is broken when cross-compiling, this is basically to verify that mmap() actually works, because SVR4.0 (released 1988) was broken. Thirty years later, everyone has a working mmap(). common-glibc already has an assignment, so add a corresponding assignment to common-musl and remove it from the machine-specific files. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09bash: disable aclocalRoss Burton1
Bash hand-maintains their aclocal.m4, so stop autoreconf from invoking aclocal and overwriting it. This means we can remove the kludge to copy aclocal.m4 to acinclude.m4. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09alsa-utils: 1.1.4 -> 1.1.5Tanu Kaskinen3
Changes: http://www.alsa-project.org/main/index.php/Changes_v1.1.4_v1.1.5 Rebased 0001-alsactl-don-t-let-systemd-unit-restore-the-volume-wh.patch. Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09alsa-tools: 1.1.3 -> 1.1.5Tanu Kaskinen4
Changes: http://www.alsa-project.org/main/index.php/Changes_v1.1.4_v1.1.5 Rebased autotools.patch and makefile_no_gtk.patch. Dropped 0001-as10k1-Make-output_tram_line-static-inline.patch with the assumption that it's not needed any more. The patch added a "static" qualifier to a function. According to the commit message, this was done to improve optimization. Upstream removed the "inline" qualifier from that same function, because it caused some trouble with clang. My guess is that the patch author actually ran into the same clang problem as upstream, but came up with a different fix. It doesn't seem like a function whose optimization anyone would really be interested in. Cc: Khem Raj <raj.khem@gmail.com> Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09alsa-plugins: 1.1.4 -> 1.1.5Tanu Kaskinen1
Changes: http://www.alsa-project.org/main/index.php/Changes_v1.1.4_v1.1.5 Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09alsa-lib: 1.1.4.1 -> 1.1.5Tanu Kaskinen3
Changes: http://www.alsa-project.org/main/index.php/Changes_v1.1.4_v1.1.5 Dropped all patches. The poll.h patch is included in the release, and the wordexp patch is not needed any more, because the wordexp function is replaced by an internal reimplementation. It would still be possible to enable the use of wordexp with the --with-wordexp configure option. The option exists, because the internal reimplementation covers only part of what wordexp can do, so not using wordexp can in theory cause regressions. However, it seems that regressions are quite unlikely in practice. Here's some discussion about the topic: http://mailman.alsa-project.org/pipermail/alsa-devel/2017-July/122667.html Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09lame: 3.99.5 -> 3.100Tanu Kaskinen3
Release notes: http://lame.cvs.sourceforge.net/viewvc/lame/lame/doc/html/history.html?revision=1.154 Dropped patches that are included in the release: - lame-3.99.5_fix_for_automake-1.12.x.patch - CVE-2017-13712.patch The CACHED_CONFIGUREVARS thing to disable SSE code on x86 isn't needed anymore. The build system now correctly detects when SSE isn't available. Note for stable branch maintainers: This release includes several fixes for bugs that have a CVE number associated with them. The bugs (or at least most of them) are crashes that seem to be considered "remote DoS" vulnerabilities, probably because it's easy to imagine lame being used with untrusted audio files from remote sources. If you want to backport "all sercurity fixes" to the stable brances, that task seems pretty difficult. The release notes explicitly mention three CVE numbers, but there are more: for example, OE had a fix for CVE-2017-13712, which is not mentioned in the release notes but is fixed in the release. The commit log doesn't keep any track of CVE numbers either. Maybe it would be best to just upgrade lame to 3.100 also in the stable branches. Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09pulseaudio: 10.0 -> 11.1Tanu Kaskinen2
11.0 release notes: https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/11.0/ Additional changes in 11.1: * Fix a crash in filter modules related to flat volumes and volume sharing * Fix a crash when the bluetooth adapter reports weird MTU size * Disable bluetooth MTU autodetection by default * Add mixer handling back for hardware that doesn't have any alsa-lib configuration * Prioritize USB devices over built-in sound cards (11.0 was supposed to have this feature, but the implementation turned out to be incomplete) Dropped backported patch: pulseaudio-discuss-iochannel-don-t-use-variable-length-array-in-union.patch Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-09rootfs-postcommands.bbclass: ensure that rootfs gets mounted roPatrick Ohly1
When read-only-rootfs is active, we need to ensure that the rootfs does not get mounted read/write by the kernel or initramfs. Adding "ro" to the boot parameters achieves that. Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>