| Age | Commit message (Collapse) | Author | Files |
|---|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
CVE: CVE-2015-8778
Improve check against integer wraparound in hcreate_r [BZ #18240]
This is an integer overflow in hcreate and hcreate_r which can result in
an out-of-bound memory access. This could lead to application crashes
or, potentially, arbitrary code execution.
Upstream-Status: Backport [2.23]
(cherry-picked from commit bae7c7c7, 4bd228c8)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
|
|
CVE-2015-7547: getaddrinfo() stack-based buffer overflow
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add patch from commit 96b1b5c127e9e0e637aaf7948cf3330a94a5cd57 to cross-localedef-native
to avoid broken images built with ENABLE_BINARY_LOCALE_GENERATION set to 1:
$ sh -c "export LANG=de_DE; ls -la"
sh: loadlocale.c:130: _nl_intern_locale_data: Assertion `cnt < (sizeof (_nl_value_type_LC_COLLATE) / sizeof (_nl_value_type_LC_COLLATE[0]))' failed.
Aborted
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
WARNING: QA Issue: glibc-locale: /glibc-binary-localedata-sd-in/usr/lib/locale/sd_IN/LC_CTYPE is owned by uid 1000, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
fix type
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
it was found that out-of-range time values passed to the strftime function may
cause it to crash, leading to a denial of service, or potentially disclosure
information.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
A stack overflow vulnerability was found in nan* functions that could cause
applications which process long strings with the nan function to crash or,
potentially, execute arbitrary code.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
A stack overflow vulnerability in the catopen function was found, causing
applications which pass long strings to the catopen function to crash or,
potentially execute arbitrary code.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or
libc6) before 2.23 allows local users to bypass a pointer-guarding protection
mechanism via a zero value of the LD_POINTER_GUARD environment variable.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
A bug in glibc 2.22's ld.so interface for the prelink support causes
the displayed values to be incorrect. The included path fixes this
issue.
Clear ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA for prelink
prelink runs ld.so with the environment variable LD_TRACE_PRELINKING
set to dump the relocation type class from _dl_debug_bindings. prelink
has the following relocation type classes:
where ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA has a conflict with
RTYPE_CLASS_TLS.
Since prelink doesn't use ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA, we
should clear the ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA bit when the
DL_DEBUG_PRELINK bit is set.
(From OE-Core master rev: 12c86bdcc60c54e587a896b0dceb8bb6cc9ff7e3)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Also Fix LSB NG cases:
* /tset/ANSI.os/locale/setlocale/T.setlocale 1 2 4 5 15
* /tset/ANSI.os/string/strcoll_X/T.strcoll_X 1
* /tset/LI18NUX2K.L1/base/wcscoll/T.wcscoll 1
* /tset/LI18NUX2K.L1/utils/localedef/T.localedef 7
* /tset/LI18NUX2K.L1/utils/sort/T.sort 1 3 17 19 33 35
* /tset/LI18NUX2K.L1/utils/comm/T.comm 1 2
* /tset/LI18NUX2K.L1/utils/ls-fh/T.ls-fh 2
This patch is backported from
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6c84109cfa26f35c3dfed3acb97d347361bd5849
(From OE-Core master rev: e88fe8f4c0ea70fb271d3a11e1a3bfcac4c92626)
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
The fix consist of allowing 64bit atomic ops for x86.
This should be safe for i586 and newer CPUs.
It also makes the synchronization more efficient.
[YOCTO #8140]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The 'BRANCH' variable name has no explicit relation with the
SRC_URI. Using 'SRCBRANCH' makes it more obvious and easier to
identify.
This patch makes the use consistent across the metadata.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Switching MACHINE was causing nativesdk-glibc to rebuild. This was
from the use of OVERRIDES in one of the functions. Exclude OVERRIDES
from the checksum to avoid this.
[patch to oe-selftest to ensure this doesn't regress follows]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The nscd init script uses #! /bin/bash but only really uses one bashism
(translated strings), so remove them and switch the shell to #! /bin/sh.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fix a variety of problems such as typos, bad punctuations, or incorrect
Upstream-Status values.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
provide the nfs-client IMAGE_FEATURES, to ease a user to only
install nfs client related files to image
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
install nscd related configuration file, startup files, and package them,
make nscd easy to startup
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There might be unexpected errors when use host's rpcgen.
[YOCTO #8181]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* INSANE_SKIP_${PN}_append_aarch64 is causing following warning in some
setups:
WARNING: Variable key INSANE_SKIP_${PN} () replaces original key INSANE_SKIP_glibc ().
* in worst case this will be applied also for glibc-initial package
which is using the same glibc-package.inc, but glibc-initial doesn't
create any packages so we should be fine
* someone building for aarch64 should confirm verify that this
INSANE_SKIP is still needed and cannot be fixed properly it was
introduced in:
commit aeb6f53dd607ceb0d2265a05c27f751109c73752
Author: Mark Hatle <mark.hatle@windriver.com>
Date: Thu Dec 18 16:51:13 2014 +0800
glibc-package: aarch64 enable symlink for ABI compliance
aarch64 requires the ld.so to be present in /lib, even if the rest
of the libraries are installed into an alternative directory.
See: https://sourceware.org/glibc/wiki/ABIList
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
glibc has recently turned on Werror globally which is good but then not
all option combos are well tested so there still remains cleanup needed
when not using -O2, so lets just disable Werror in such cases, until
fixed upstream
Change-Id: I2d491c360a15b0752c97ff77ee0faaeede6e8d2a
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
libmvec is new library in glibc 2.22 and currently turned on by default
on x86_64. this helps in packaging it properly when its generated
Fixes warning like
WARNING: QA Issue: nativesdk-glibc: Files/directories were installed but
not shipped in any package:
/usr/local/oecore-x86_64/sysroots/x86_64-angstromsdk-linux/lib/libmvec-2.21.90.so
Please set FILES such that these items are packaged. Alternatively if
they are unneeded, avoid installing them or delete them within
do_install. [installed-vs-shipped]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- git'ify the OE patches
- add_resource_h_to_wait_h.patch - dropped, we do not support that old
perf anymore
- mips-rld-map-check.patch - Dropped because binutils is fixed for it
see https://sourceware.org/ml/binutils/2011-12/msg00112.html
- initgroups_keys.patch - Folded into
0026-eglibc-Forward-port-eglibc-options-groups-support.patch
Change-Id: Ib8e731b212f52b8ff12e2180babbc19970fb1ef1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Overriding TUNE_CCARGS this way breaks MULTILIB setup for MIPS. This
override disables multilib handling of tunes for TUNE_CCARGS, thus
enforcing glibc's TUNE_CCARGS to the TUNE_CCARGS of main DEFAULTTUNE.
Glibc perfectly build without this override for both simple and multilib
cases.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The current warning is:
WARNING: glibc: unable to generate header for spray.x
Which is easier to debug than:
WARNING: unable to generate header for spray.x
And remove the file before generate it again to fix the warning when
recompile:
file `bootparam_prot.h' already exists and may be overwritten
WARNING: unable to generate header for bootparam_prot.x
file `nlm_prot.h' already exists and may be overwritten
WARNING: unable to generate header for nlm_prot.x
[snip]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
There is no ac_cv_path_KSH in configure, can't find it
in config.log after remove, either.
(From OE-Core rev: 6b58670d8b8f2d1c1a7d5043652f48a364a0df5d)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is no "{ (exit 1); exit 1; }; }" in configure any more, and also
remove chmod since sed command is removed.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ldconfig-native was grepped from an old version of glibc, and its output
lacks neccessary 64bit flag in entries.
Due to this defect, ctypes.util.find_library() python function fails to
detect any library due to the old file format that ldconfig-native
creates. This fix sets architecture-dependent 64bit flags for 64-bit ELF.
Since the host's elf.h may not have definition for new AArch64 machine
type, a work-around is added to correctly flag 64-bit ARM libraries.
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add functionality to strip binaries/libraries going into the sysroot. Whilst
this does fractionally slow down the build, it also significantly reduces the
size of the sstate cache files.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
we still need nativesdk or native recipes for libc to come
from glibc, but only be ignored for target recipes types
Change-Id: Ibaf8114f2aef63f1eadf493b264e78cd928535a0
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
An appropriate --enable-nscd or --disable-nscd option is added to
EXTRA_OECONF based on the 'libc-inet-anl' DISTRO_FEATURES check.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport from upstream glibc:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=132a1328eccd20621b77f7810eebbeec0a1af187
Note that the fix is only required when glibc is built for i686/multiarch,
so is not applicable in the default oe-core x86 configuration (which builds
glibc for i586 and therefore does not include SSE2 optimised memcpy etc).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Some test programs written in c++ are still included in spite of
"libc-cxx-tests" being omitted from DISTRO_FEATURES_LIBC.
All .cc programs are compiled with g++.
g++ automatically specifies linking against the C++ library.
This patch conditionally excludes the following tests as well:
bug-atexit3-lib.cc
tst-cancel24.cc
tst-cancel24-static.cc
tst-unique3lib.cc
tst-unique3lib2.cc
tst-unique4lib.cc
tst-unique3.cc
tst-unique4.cc
Tested with DISTRO_FEATURES_LIBC_remove = " libc-cxx-tests"
[YOCTO #7003]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport Arjun Shankar's patch for CVE-2015-1781:
A buffer overflow flaw was found in the way glibc's gethostbyname_r() and
other related functions computed the size of a buffer when passed a
misaligned buffer as input. An attacker able to make an application call
any of these functions with a misaligned buffer could use this flaw to
crash the application or, potentially, execute arbitrary code with the
permissions of the user running the application.
https://sourceware.org/bugzilla/show_bug.cgi?id=18287
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Reviewed-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
On x32 builds, sysd-syscalls appears malformed since the make-target-directory
appears on the wrong line. This causes races during the build process where you can
see failures like:
Assembler messages:
Fatal error: can't create [...]glibc/2.21-r0/build-x86_64-poky-linux-gnux32/time/gettimeofday.os: No such file or directory
Assembler messages:
Fatal error: can't create [...]glibc/2.21-r0/build-x86_64-poky-linux-gnux32/time/time.os: No such file or directory
The issue is that the carriage return is being escaped when it should
not be. The change to sysd-syscalls with this change:
before:
"""
$(foreach p,$(sysd-rules-targets),$(objpfx)$(patsubst %,$p,time).os): \
$(..)sysdeps/unix/make-syscalls.sh $(make-target-directory)
(echo '#include <dl-vdso.h>';
"""
after:
"""
$(foreach p,$(sysd-rules-targets),$(objpfx)$(patsubst %,$p,time).os): \
$(..)sysdeps/unix/make-syscalls.sh
$(make-target-directory)
(echo '#include <dl-vdso.h>';
"""
which ensures the target directory is correctly created. Only x32 uses the vdso
code which contains the bug which is why the error only really appears on x32.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Make skipping expression simpler to check for given libc
Make sure glibc specific items are covered with right override
Change-Id: I8b4a0b7cbfe38ffdc9320f798038c79c7220552b
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed a typo:
name-target-directory -> make-target-directory
There is no name-target-directory, it should be make-target-directory,
this fixed the error:
/bin/bash: /path/to/elf/runtime-linker.T: No such file or directory
Makefile:361: recipe for target '/path/to/elf/runtime-linker.st' failed
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Glibc test suite contains several c++ files. They are built
with g++ -nostdinc. In this case the location of c++ include files
needs to be specified explicitly, or the programs may fail to build.
The header locations are assumed to be:
sysroot/usr/include/c++/<version>
sysroot/usr/include/c++/<version>/<machine>
The new code parses "configparms" to get the actual CXX and sysroot
used for the glibc test suite, then it queries CXX to determine
CXX <version> and CXX <machine>. With the known values for <version>
and <machine> the code composes a new value for c++-sysincludes
and appends "configparms" with that value.
[YOCTO #7081]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Addresses a stall (by prompt) condition of the run.do_configure at when
executed directly from the workdir, like when using the devshell.
[YOCTO 7369]
Signed-off-by: Benjamin Esquivel <benjamin.esquivel@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
manifest creation
Add licenses point to COMMON_LICENSE_DIR because glibc-collateral.inc is
a recipe that don't provide tarball/repo with LICENSE files.
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
|
|
The AC_EGREP_CPP macro is looking for a 'yes' string that is likely
to be found in the path where the file is stored. This false positive
match causes variables to be mistakenly set.
The fix is to use a more elaborated string instead.
This has to be done at the configure and the configure.ac files, because
a reconfigure does not happen in the regular build flow.
[YOCTO #6614]
Signed-off-by: Benjamin Esquivel <benjamin.esquivel@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The condition should be uclibc 'or' musl then we know its not glibc
right now it checks with 'and' operator, that condition will never be
true
Change-Id: Ifc48e81fd0b3c18d8e1ef76a18c216dc6acda092
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The check is supposed to be for -Os, but it's actually testing -O0.
Signed-off-by: Peter Urbanec <openembedded-devel@urbanec.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When we modify to use -Os
-Werror doesnt go well with it, glibc needs to be
cleaned up for that but until then lets disable -Werror
when using -Os
Also updates the options group patch to work better with -Os.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We now can support musl along with uclibc and glibc
earlier when only alternative was uclibc this check was fine
but now we need to consider non-glibc vs glibc case instead of
uclibc vs glibc
Change-Id: Id794ce193c6557b5435002a8f9b6eb608738b696
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* this means that recipes with ARM_INSTRUCTION_SET explicitly changed
to arm will be built in feed without thumb suffix, the same does apply
for workdir, e.g. after "bitbake glib-2.0" you can see:
tmp-glibc/work/armv5e-oe-linux-gnueabi:
glib-2.0 glibc glibc-initial
tmp-glibc/work/armv5te-oe-linux-gnueabi:
acl db gdk-pixbuf kmod ....
and
tmp-glibc/deploy/ipk:
all armv5e armv5te qemuarm
* feed config should be ok, because all default DEFAULTTUNEs always
include "arm" variants of all supported PACKAGE_ARCHs
* for more details see
http://lists.openembedded.org/pipermail/openembedded-core/2014-April/091960.html
the toolchain path issues were resolved in 1.8
* add ARM_INSTRUCTION_SET = "arm" to glibc-collateral.inc and comment in
glibc.inc to fix glibc-locale and glibc-scripts build
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Drop CVE backports and ppc/fpu detection patch which is not needed anymore
Forward port eglibc option groups patch
Default to using glibc 2.21
Additional patches needed to appease -Werror option
Change-Id: I1873097cec8387ea9e8186a255122938fc28c976
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
