| Age | Commit message (Collapse) | Author | Files |
|---|
|
The Eclipse plugin uses cmake from the SDK and currently has issues
because cmake is not installed as a host tool. This patch adds cmake as
a host tool for the sdk/esdk.
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Split long recipe description into multiple lines.
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Rich Felker (11):
fix ld-behavior-dependent crash in ppc64 ldso startup
rework ldso handling of global symbol table for consistency
reorder addend handling before symbol lookup in relocation code
emulate lazy relocation as deferrable relocation
fix free of uninitialized buffer pointer on error in regexec
in static dl_iterate_phdr, fix use of possibly-uninitialized aux data
fix possible fd leak, unrestored cancellation state on dns socket fail
fix wide scanf's use of a compound literal past its lifetime
fix one-byte overflow in legacy getpass function
avoid loading of multiple libc versions via explicit pathname
remove unused refcnt field for shared libraries
Szabolcs Nagy (1):
treat STB_WEAK and STB_GNU_UNIQUE like STB_GLOBAL in find_sym
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To fix:
file /usr/share/man/man1/eject.1 conflicts between attempted installs
of util-linux-doc-2.29.1-r0.core2_64 and eject-doc-2.1.5-r1.core2_64
and
file /usr/share/man/man1/logger.1 conflicts between attempted installs
of util-linux-doc-2.29.1-r0.core2_64 and inetutils-doc-1.9.4-r0.core2_64
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
config-dirent-symbols.patch was removed from SRC_URI as "already
applied in upstream" in 983a4986947.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
"pod2man" went missing from BA, but it is required.
This patch fixes the Toaster error:
<...>
ERROR: These tools appear to be unavailable in PATH, please install
them in order to proceed:
pod2man
<...>
[YOCTO#11144]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove any symlinks before creating new ones to avoid potential build
errors such as:
FileExistsError: [Errno 17] File exists: '../../usr/src/kernel' -> ... '
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Do not rely on pip3 being installed on the host.
Use pip3-native instead.
[YOCTO#10909]
[YOCTO#11022]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The logic is scattered all over the place, but amounts to
"install, unless the rootfs is read only". Let's express that directly.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
This is causing a problem in multilib where base-files and lib64/32-base-files
clash because they may have different dates. Also, if the package is coming
from sstate it has an incorrect date anyway.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Otherwise it will cause conflicts in mutlilib setting, as it
varies from one machine to another.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previously the GIO tests would be built or not depending on whether the host had
a dbus-daemon binary available. Fix this by seeding the AC_CHECK_PROGS check
with the right value, and adding a RDEPENDS for dbus-daemon on the target.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
IPv6 routes need the device argument for link-local routes, or they
cannot be used at all. E.g. "gateway fe80::def" seems to be used in
some places, but kernel refuses to insert the route unless device
name is explicitly specified in the route addition.
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Bring the dropbear init script into sync with the systemd service
file (dropbearkey.service supports RSA host keys only) and with
recent versions of openssh which deprecate DSA host keys.
https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Licence updated by removing its first line which was containing
copyright notice including year, which could change quite often.
Additional empty line was deleted, too.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The largefile distro feature has been enabled by default in oe-core
for a long time and, more recently, also in poky-tiny. Building
without the largefile distro feature receives little or no testing.
Many packages now enable LFS without exposing a configure option, so
there should be very little expectation that disabling the distro
feature will result in a distro which globally disables LFS.
Respecting the distro feature adds a maintenance over-head and may be
the source of configurations oddities (e.g. dbus-native currently
builds with LFS disabled for no clear reason - fixed by this commit).
Ignore the largefile distro feature more widely, as a first step
towards deprecating and eventually removing it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These are recipes where the upstream has moved to GPLv3 and these old
versions are the last ones under the GPLv2 license.
There are several reasons for making this move. There is a different
quality of service with these recipes in that they don't get security
fixes and upstream no longer care about them, in fact they're actively
hostile against people using old versions. The recipes tend to need a
different kind of maintenance to work with changes in the wider ecosystem
and there needs to be isolation between changes made in the v3 versions
and those in the v2 versions.
There are probably better ways to handle a "non-GPLv3" system but right
now having these in OE-Core makes them look like a first class citizen
when I believe they have potential for a variety of undesireable issues.
Moving them into a separate layer makes their different needs clearer, it
also makes it clear how many of these there are. Some are probably not
needed (e.g. mc), I also wonder whether some are useful (e.g. gmp)
since most things that use them are GPLv3 only already. Someone could
now more clearly see how to streamline the list of recipes here.
I'm proposing we mmove to this separate layer for 2.3 with its future
maintinership and testing to be determined in 2.4 and beyond.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bring in some needed chnages for arm
Bobby Bingham (1):
s390x: implement dlsym
Rich Felker (2):
fix build regression in arm atomics asm with new binutils
allow page size to vary on arm
Szabolcs Nagy (1):
fix lsearch and lfind to pass key as first arg to the compar callback
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Avoid trying to call ldconfig at run-time in distros which don't
provide ldconfig on the target.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
USE_LDCONFIG could previously be set to 0 by distros which do not
require ldconfig or ld.so.conf on the target. Since more and more
recipes may need to respect that option, replace the ad-hoc variable
with a distro feature.
Distros which previously set:
USE_LDCONFIG = "0"
Should now instead use:
DISTRO_FEATURES_BACKFILL_CONSIDERED_append = " ldconfig"
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
do_locked_sigs() uses ${D} to hold a file as input to the sstate staging code.
Generally this isn't a problem as it happens after packaging, but sometimes (if
the recipe is rebuild, perhaps) do_package() will see the file inside ${D} and
fail because there is an uninstalled file.
Solve this by using a directory under ${WORKDIR} so it can't be packaged.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Delete the 'charset.alias' file during the do_install task if it exists.
This file is not shipped in any packages and on the targets that it is
generated (musl and mingw32) it is undesired.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When renaming the 'gio-querymodules' binary to prefix with the current
MLPREFIX, only do this for target packages where the MLPREFIX makes
sense. This skips renaming for nativesdk targets which have MLPREFIX set
to 'nativesdk-'.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Tiny bug fix release.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
configfs is another kernel virtual file system that should be mounted
if configured, so if it's configured into the kernel, mount it. It is
used to configure e.g. USB gadget mode and devicetree overlays.
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The VfrCompile tool has a hard-coded maximum length for path names
which turned out to be too small by around 20 characters in the
Yocto autobuilder setup. Increasing the maximum by a factor of 4
is relatively easy and makes the problem less likely.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
This patch was added to meta-luv for kernel testing purposes and
probably is not relevant for OE-core.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
When booting a qemu virtual machine with ovmf.secboot, it comes up
with no keys installed and thus Secure Boot disabled. To lock down
the machine like a typical PC, one has to enroll the same keys
that PC vendors normally install, i.e. the ones from Microsoft.
This can be done manually (see
https://wiki.ubuntu.com/SecurityTeam/SecureBoot and
https://github.com/tianocore-docs/Docs/raw/master/White_Papers/A_Tour_Beyond_BIOS_into_UEFI_Secure_Boot_White_Paper.pdf) or automatically with the EnrollDefaultKeys.efi helper
from the Fedora ovmf rpm.
To use this with qemu:
$ bitbake ovmf-shell-image
...
$ runqemu serial nographic qemux86 ovmf-shell-image wic ovmf.secboot
...
UEFI Interactive Shell v2.1
EDK II
UEFI v2.60 (EDK II, 0x00010000)
Mapping table
FS0: Alias(s):HD2b:;BLK4:
PciRoot(0x0)/Pci(0x5,0x0)/HD(1,GPT,06AEF759-3982-4AF6-B517-70BA6304FC1C,0x800,0x566C)
BLK0: Alias(s):
PciRoot(0x0)/Pci(0x1,0x0)/Floppy(0x0)
BLK1: Alias(s):
PciRoot(0x0)/Pci(0x1,0x0)/Floppy(0x1)
BLK2: Alias(s):
PciRoot(0x0)/Pci(0x1,0x1)/Ata(0x0)
BLK3: Alias(s):
PciRoot(0x0)/Pci(0x5,0x0)
Press ESC in 1 seconds to skip startup.nsh or any other key to continue.
Shell> fs0:EnrollDefaultKeys.efi
info: SetupMode=1 SecureBoot=0 SecureBootEnable=0 CustomMode=0 VendorKeys=1
info: SetupMode=0 SecureBoot=1 SecureBootEnable=1 CustomMode=0 VendorKeys=0
info: success
Shell> reset
Remember that this will modify
deploy/images/qemux86/ovmf.secboot.qcow2, so make a copy and use the
full path of that copy instead of the "ovmf" argument if needed.
The ovmf-shell-image contains an EFI shell, which is what got started
here directly. After enrolling the keys, Secure Boot is active and the
same image cannot be booted anymore, so the BIOS goes through the
normal boot targets (including network boot, which can take a while to
time out), and ends up in the internal EFI shell. Trying to invoke
bootia32.efi (the shell from the image) or EnrollDefaultKeys.efi then
fails:
Shell> bootia32.efi
Command Error Status: Security Violation
The main purpose at the moment is to test that Secure Boot enforcement
really works. If we had a way to sign generated images, that part could
also be tested by booting in a locked down qemu instance.
0007-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch is
from
https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/0007-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch?id=b1781931894bf2057464e634beed68b1e3218c9e
with one line changed to fix
https://bugzilla.redhat.com/show_bug.cgi?id=132502:
"EFI_STATUS Status = EFI_SUCCESS;" in EnrollListOfX509Certs() lacked
the initializer.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
When enabled via PACCKAGECONFIG = "secureboot" (off by default because
of the extra work and license change), the recipe compiles OVMF twice,
once without Secure Boot, once with. This is the same approach as in
https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/edk2.spec
The results are "ovmf.qcow2" and "ovmf.secboot.qcow2" in the
image deploy directory, so
runqemu <machine> <image> ovmf.secboot
will boot with Secure Boot enabled.
ovmf.secboot.code.qcow2 is provided for those who want separate code
and variable flash drives. The normal ovmf.vars.qcow2 can be used with
it.
In contrast to Fedora, no attempt is made to strip potentially patent
encumbered algorithms out of the OpenSSL archive. OVMF does not use
the ones considered problematic for Fedora, so this shouldn't be a
problem.
Fixes: luv-yocto/#38
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
The Fedora srpm [1] seems to have no problems with parallel
compilation, so let's also use that for the target. The native
tools however indeed have dependency problems:
| test_Ecc_CParser (CheckPythonSyntax.Tests) ... gcc -o ../bin/EfiRom -L/fast/build/ostro/x86/tmp-glibc/sysroots/x86_64-linux/usr/lib -L/fast/build/ostro/x86/tmp-glibc/sysroots/x86_64-linux/lib -Wl,-rpath-link,/fast/build/ostro/x86/tmp-glibc/sysroots/x86_64-linux/usr/lib -Wl,-rpath-link,/fast/build/ostro/x86/tmp-glibc/sysroots/x86_64-linux/lib -Wl,-rpath,/fast/build/ostro/x86/tmp-glibc/sysroots/x86_64-linux/usr/lib -Wl,-rpath,/fast/build/ostro/x86/tmp-glibc/sysroots/x86_64-linux/lib -Wl,-O1 EfiRom.o -L../libs -lCommon
| /usr/bin/ld: cannot find -lCommon
| collect2: error: ld returned 1 exit status
ERROR: Task (virtual:native:.../meta/recipes-core/ovmf/ovmf_git.bb:do_compile) failed with exit code '1'
[1] https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/edk2.spec
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
When used with '-drive if=pflash', qemu will store UEFI variables
inside the firmware image file. That is unexpected for a file located in
the sysroot, which should be read-only, while it is normal for image
files in the deploy/images directory. Therefore that directory is a
better place for use with runqemu.
The name was chose so that "runqemu ovmf" can be used as shorthand for
"runqemu <full path>/ovmf.qcow2" by treating "ovmf" as the base name
of the firmware file. "ovmf.secboot.qcow2" is meant to be used for the
Secure Boot enabled firmware.
qcow2 is used because it is needed for "savevm" snapshots of a virtual
machine.
With code and variables stored in the same ovmf.qcow2 it is not
possible to update the firmware code without also overwriting the
variables. For users who care about persistent variables, the code and
variables are also provided as separate files, in ovmf.code.qcow2 and
ovmf.vars.qcow2.
The traditional usage of OVMF via the qemu bios parameter ("biosdir"
and/or "biosfilename" in runqemu) is no longer recommended, and
therefore this recipe no longer provides the bios.bin file. Instead,
OVMF is meant to be used as flash drive in qemu. See the "runqemu:
support UEFI with OVMF firmware" patch for details on how to use OVMF
that way.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
Fixes a build issue when nasm was not build already because of
something else.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
This is an unmodified copy of
github.com/01org/luv-yocto/meta-luv/recipes-core/ovmf revision
4be4329.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
Add a patch to fix the CC/CFLAGS mangling that broke builds. [RB]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
configure.ac from dbus uses $PATH to get the location of systemctl.
If it is not found /usr/bin/systemctl is used. It is possible to
override the location by passing SYSTEMCTL=[value] to configure.
The value is used to replace @SYSTEMCTL@ in systemd-user/dbus.socket.in.
dbus.socket sets the environment variable DBUS_SESSION_BUS_ADDRESS
using systemctl.
dbus does not depend on systemd-systemctl-native, so location from
host installation or the default value gets used. Adding
systemd-systemctl to the build would give path from sysroot.
Forcing SYSTEMCTL=${base_bindir}/systemctl for target gives the
correct path there and the environment variable is set after a user
session was opened.
[YOCTO #11002]
Signed-off-by: Andy Kling <andreas.kling@peiker-cee.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fixed when compile with "-Wformat -Wformat-security -Werror=format-security":
| gettext-tools/gnulib-lib/libcroco/cr-statement.c: In function 'cr_statement_dump_charset':
| gettext-tools/gnulib-lib/libcroco/cr-statement.c:2661:17: error: format not a string literal and no format arguments [-Werror=format-security]
| fprintf (a_fp, str) ;
And:
gettext-tools/gnulib-lib/libxml/timsort.h:326:80: warning: format '%lu' expects argument of type 'long unsigned int', but argument 3 has type 'unsigned int' [-Wformat=]
fprintf(stderr, "Error allocating temporary storage for tim sort: need %lu bytes", sizeof(SORT_TYPE) * new_size);
[YOCTO #9544]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Otherwise, the filename is v${PV}.tar.gz which isn't straightforward.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
(From OE-Core rev: b34dc23266e85006b9fdfcc1fdbc0d762f88cace)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
here is shortlog
* d6601f0a avoid unbounded strlen in gettext functions
* dbbb3734 fix use of uninitialized pointer in gettext core
* 01e6bbec fix bindtextdomain logic error deactivating other domains
* 6894f847 fix spurious EINTR errors from multithreaded set*id, etc.
* 1f53e7d0 fix crashes in x32 __tls_get_addr
* 27b3fd68 fix crash from corrupted tls module list after failed dlopen
* 809ff8cf treat base 1 as an error in strtol-family functions
* 786fda87 fix getopt[_long] clobbering of optopt on success
* 150747b4 reduce impact of REG_* namespace pollution in x86[_64] signal.h
(From OE-Core rev: 6f42e7be18e0896aac357ce2aedaa3b32b2ad98e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's no need to cd to the target directory when creating symlinks, so don't.
[ YOCTO #10985 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fix string formatting issue in console-tools. Otherwise, when compiling with
'-Wformat -Wformat-security -Werror=format-security', we would have compilation
error.
[YOCTO #9540]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Now that the datastore works dynamically we don't need the update_data calls
so we can just remove them. They're not actually done anything at all for
a while.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The change to make do_stash_locale an sstate task between do_install and
do_package has some unforeseen problems since the function deletes part of
${D} but may or may not run depending on whether the task is installed from
sstate.
This cleans up the current "pre packaging" function to be more deterministic
and result in the same set of files, whichever code path we end up reaching
that point by. Its not an ideal sitation but it should avoid the race
failures we've seen on some builds.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Putting the locale and script files into the sysroot for use by their
specific recipes used to be a simple way to share the files. With RSS,
we don't want to copy these into many different recipes so put these
files in their own sstate task.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
