| Age | Commit message (Collapse) | Author | Files |
|---|
|
They used to fail with PIE enabled, but no longer do.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Uninative 1.2 didn't contain the nativesdk locale fix we really needed
to release and update to uninative 1.3 which does contain that fix
and also uses glibc 2.24 final release.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
gcc and libunwind race and when libunwind wins
results are build fails for gcc as described
this is only seen on musl/arm since on musl
/usr/include is search before gcc fixed headers
and unwind.h is in fixed headers. So it works
ok on glibc but not on musl due to reversed search
order.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This new uninative version includes fixes to use the host locales.
[ YOCTO #9994 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Nothing in oe-core uses this, so it's been moved to meta-oe.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
uclibc is showing its age now and upstarts like musl are approximately the same
size but with far more features and active maintainers. Remove uclibc from
oe-core and use endorse musl as the lighter alternative to full-fat glibc.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Removed:
change-char-type-to-signed-char-in-macros.patch
sprintf-bug-concerning-8-bit-characters.patch
They are already in the source.
* Updated:
fix-check-pcre.patch
fix-check-pcre.patch
slang-fix-the-iconv-existence-checking.patch
* Use SECURITY_NO_PIE_CFLAGS for SECURITY_CFLAGS, it can't be built with
"-pie -fpie":
tmp/sysroots/qemux86-64/usr/lib64/../lib64/Scrt1.o: In function `_start':
/usr/src/debug/glibc/2.24-r0/git/csu/../sysdeps/x86_64/start.S:104: undefined reference to `main'
/tmp/ccMFTA8A.o: In function `smg_char_at':
/usr/src/debug/slang/2.3.0-r0/slang-2.3.0/modules/slsmg-module.c:134: undefined reference to `SLsmg_char_at'
/tmp/ccMFTA8A.o: In function `smg_resume_smg':
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
xsettings-client is not meant to be a shared library and the only
user in oe-core (libmatchbox) now has an in-tree copy.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
remove directfb related references from distro_alias.inc as part of
moving directfb from oe-core
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
exception list
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
These recipes no longer seem to need full exclusion from security hardening.
The rest (glibc, gcc-runtime, valgrind, grub, grub-efi, uclibc) still do.
[YOCTO #9489]
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
oprofileui doesn't work anymore with not-so-recent changes to the oprofile
command line interface, and perf is becoming the expected profiling solution so
any future profiling tools should be using that instead.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop the do_install musl append since the charset file is no longer installed.
Refresh the patch.
Also update the PREFERRED_VERSION.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The entry is same as for python-numpy and prevents build failures
when extra security flags are in use (e.g. in poky-lsb).
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch avoids unzip fails to compile with compiler flags which elevate common string formatting issues into an error (-Wformat -Wformat-security -Werror=format-security).
[YOCTO #9551]
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is only one version of python 2.x provided, so no need
to set a preferred version.
PYTHON_BASEVERSION is now set explicitly in python-dir.bbclass and
python3-dir.bbclass, so fix up a few recipes that relied on it being
set in default-versions.inc without inheriting python-dir.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
gcc 6.1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove this file as it has been deprecated in the previous release.
New entries should be added to recipes itself.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since we have a new version of glibc, upgrade to a new version of
the uninative tarball to ensure we work on recent distributions.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This avoids makedevs failure to compile with compiler flags
which elevate common string formatting issues into an error
(-Wformat -Wformat-security -Werror=format-security).
[YOCTO #9549]
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch avoids zip recipe fails to compile with compiler
flags which elevate common string formatting issues into an
error (-Wformat -Wformat-security -Werror=format-security).
[YOCTO #9552]
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch avoids stat fails to compile with compiler flags which
elevate common string formatting issues into an error (-Wformat
-Wformat-security -Werror=format-security).
[YOCTO #9550]
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
glibc 2.24, gdb 7.11
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Now we have patches that solves the security formatting issues into
those packages.
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add "-Wformat -Wformat-security -Werror=format-security" to the default
SECURITY_CFLAGS to catch potential security vulnerabilities due to the
misuse of various string formatting functions.
These flags are widely used in distributions such as Fedora and Ubuntu,
however we have 15 recipes in OE-Core which fail to build with these
flags included and thus the flags are removed for:
- busybox
- console-tools
- cmake
- expect
- gcc
- gettext
- kexec-tools
- leafpad
- libuser
- ltp
- makedevs
- oh-puzzles
- stat
- unzip
- zip
[YOCTO #9488]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Although the oe-core openssl recipe is currently the only provider of
openssl, make the preference for using it explicit in anticipation of
a libressl recipe being added to meta-oe.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Get rid of the very confusing PREFERRED_PROVIDER_bluez4 using the
new/better PREFERRED_RPROVIDER syntax.
[YOCTO #5044]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The libassuan recipe is now buildable in distros which blacklist
GPL-3.0 without needing to be explicitly whitelisted (since it
provides at least one non GPLv3 package).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
base.bbclass sets 'check_license' to False (and therefore skips
license checking completely) for native, nativesdk, etc recipes
(ie anything which could potentially be classed as "host tools"),
so supporting a dedicated whitelist of GPLv3 host tools is not
necessary.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
With the modern license handling code, gnutls and libtasn1 are both
buildable in distros which blacklist GPL-3.0 without needing to be
explicitly whitelisted (since they both provide at least one non
GPLv3 package).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are various concerns about md5 so use sha256 instead.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remake and make can't be installed at the same time as they're both installing
a header file with the same name.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
unrecognised options
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
These 14 packages are failing aross all architectures
on musl targets.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When musl is in use, GLib binaries crash on assertion failures under qemu
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
python-pygtk hasn't been updated in several years, is incompatible
with the current version of pygobject, and is generally obsolete as
all modern python gtk apps use introspection directly.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
RPM interally has support to build and work with the stack protector.
This is disabled by default in the RPM package, and the proper settings
should be specified in the security_flags. Using the default setting of
stack-protector-strong causes linking problems due to issues with libtool
selecting the wrong GCC objections to link against.
Falling back to the RPM values of stack-protector will permit linking to
work properly, and some level of protection.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
uninative has some specific setup requirements. Rather than have everyone
doing this themselves, do this centrally and allow people to opt into it
based on some Yocto Project builds of the uninative tarballs.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
newer kernels
udev has started to fail on new kernels (4.4), due to being deprecated in favor
of systemd's udev implementation. To maintain a sysvinit alternative we also
need to provide an alternative to udev. Eudev is a fork of systemds udev,
this new eudev recipe provides upstream udev 220 funcitonality.
- Removes patches that dont apply anymore
- ToDo: eudev-ptest?
[YOCTO #8998]
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The extensible SDK replaces adt-installer so this can be removed now,
all future effort in this direction will be placed onto that.
This includes a layer version change so the autobuilder knows when to
stop building adt-installer.
[YOCTO #6404]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop kconfig and options-group support
Forward port cross-localedef support
Assume ssp support in libc when building gcc-initial
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
waf.bbclass disables no-static-libs for all waf recipes, so we don't need to
have it explicitly disabled here now.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to disable static flags for libcap-native as well.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
cmake doesn't have a standard for disabling static libraries so libical needs an
explicit statement.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libtool decides to
filter out -fstack-protector-strong on its own and its documented here
https://www.gnu.org/software/libtool/manual/html_node/Stripped-link-flags.html
this causes linking errors when linking libbfd.so since objects (.o) are
compiled using -fstack-protector-strong so they are expecting to link
with libssp but the option goes missing in linker flags.
With this patch the security flags are hoisted upto CC itself and
libtool thankfully does not touch CC.
Adding to CC also means that we can now remove it from LDFLAGS since
when gcc driver is used to do linking then we have LD = CC and this
option makes to linker cmdline
Since CC is used without CFLAGS in configure tests, some tests fail
complaining that -Olevel is not used while using _FORTIFY_SOURCE
therefore added SELECTED_OPTIMIZATION to TARGET_CC_ARCH as well
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
